terraform { required_providers { libvirt = { source = "dmacvicar/libvirt" version = "0.8.1" } } } provider "libvirt" { uri = "qemu:///system" } variable "vms" { description = "Map of VMs to create" type = map(object({ name = string memory = string vcpu = number })) default = { "vm1" = { name = "kube-master" memory = "2048" vcpu = 2 }, "vm2" = { name = "kube-worker-01" memory = "2048" vcpu = 2 } } } resource "libvirt_volume" "base-kube-qcow2" { name = "base-kube" source = "/home/alex/ISOs/ubuntu-22.04-server-cloudimg-amd64.img" format = "qcow2" } resource "libvirt_volume" "kube-qcow2" { for_each = var.vms name = each.value.name base_volume_id = libvirt_volume.base-kube-qcow2.id size = 25 * 1024 * 1024 * 1024 format = "qcow2" } resource "libvirt_domain" "kube-vm" { for_each = var.vms name = each.value.name memory = each.value.memory vcpu = each.value.vcpu network_interface { network_name = "default" } disk { volume_id = libvirt_volume.kube-qcow2[each.key].id } cloudinit = libvirt_cloudinit_disk.commoninit.id } resource "libvirt_cloudinit_disk" "commoninit" { name = "commoninit.iso" user_data = <<-EOF #cloud-config ssh_pwauth: false disable_root: false chpasswd: list: | root:password expire: false users: - name: ubuntu sudo: ALL=(ALL) NOPASSWD:ALL groups: users, admin home: /home/ubuntu shell: /bin/bash lock_passwd: false ssh-authorized-keys: - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDFJXEiOlfpKVRYpKvD7e3MlCv+8I0wR9Ed6dPzkCH/0sdUya6cS2Cyh69ctw94CZZ35d0ahhbiDphe8Dz4KeWOdP9WcgG+88JhOEQBiz3tqXT4sP9a2jitdyCkLNnqkrcz9WokC/l8M/RbmFrMJxBhnE5xq++5CcOq/CPxIqtgTiCb6w0R+QxAtjB6jrZ8iuDujmeDHtts+TJ9iDDaS+vckkM5g4M8fprP1/CHIM4rQH2kD8LPy8XLUlPgr3hpJq+FH/2k7dxd7yYUdQG/CYr31x2NfYPAArgosmZHVPttjGljkS5IPr1WDBugXBMian5Oi/7iYE1pRo73NJTarFdfvegTz+emZbOId5O50LofZY7eacGD2XOiN995wStXYUlINjHVCARERk2JCCKoiCaR49aGTala6h2RspkumK46kMvUsrhSPhUu19z8phqYnohEKgmJJfpZeRIFAfZzsX47acAW4MzyJhDFPo53PRKn34sqL1SnL0plqfACeKJbhz8= alex@camulodunum runcmd: - swapoff -a - sed -i '/ swap / s/^/#/' /etc/fstab - apt-get update && apt upgrade -y & apt-get install -y apt-transport-https curl - install -m 0755 -d /etc/apt/keyrings - curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc - chmod a+r /etc/apt/keyrings/docker.asc - echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null - apt-get update && apt-get install -y docker-ce docker-ce-cli containerd.io - sed -i 's/disabled_plugins = \["cri"\]/disabled_plugins = []/' /etc/containerd/config.toml - systemctl restart containerd - curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.32/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg - echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.32/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list - apt-get update && apt-get install -y kubelet kubeadm kubectl - curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 - chmod 700 get_helm.sh - ./get_helm.sh EOF network_config = <<-EOF version: 2 ethernets: ens3: dhcp4: true EOF }