Support Openstack servergroups (#5412)

* add support for nova servergroups * Add documentation for openstack nova servergroups * uppdate to TF 0.12.12 format and fix etcd * revert for_each change * fix variables and formatting in main.tf * try to avoid errors * update variable * Update main.tf * Update main.tf * update all other instance resources
2019-12-09 10:15:10 +01:00 · 2019-12-09 10:15:10 +01:00 · 40e35b3fa6
parent b15d41a96a
commit 40e35b3fa6
5 changed files with 141 additions and 1 deletions
--- a/contrib/terraform/openstack/README.md
+++ b/contrib/terraform/openstack/README.md
@ -253,6 +253,7 @@ For your cluster, edit `inventory/$CLUSTER/cluster.tfvars`.
 |`gfs_root_volume_size_in_gb` | Size of the root volume for gluster, 0 to use ephemeral storage |
 |`etcd_root_volume_size_in_gb` | Size of the root volume for etcd nodes, 0 to use ephemeral storage |
 |`bastion_root_volume_size_in_gb` | Size of the root volume for bastions, 0 to use ephemeral storage |
+|`use_server_group` | Create and use openstack nova servergroups, default: false |

 #### Terraform state files

--- a/contrib/terraform/openstack/kubespray.tf
+++ b/contrib/terraform/openstack/kubespray.tf
@ -71,6 +71,7 @@ module "compute" {
  worker_allowed_ports                         = "${var.worker_allowed_ports}"
  wait_for_floatingip                          = "${var.wait_for_floatingip}"
  use_access_ip                                = "${var.use_access_ip}"
+  use_server_groups                            = "${var.use_server_groups}"

  network_id = "${module.network.router_id}"
 }
--- a/contrib/terraform/openstack/modules/compute/main.tf
+++ b/contrib/terraform/openstack/modules/compute/main.tf
@ -95,6 +95,24 @@ resource "openstack_networking_secgroup_rule_v2" "worker" {
  security_group_id = "${openstack_networking_secgroup_v2.worker.id}"
 }

+resource "openstack_compute_servergroup_v2" "k8s_master" {
+  count = "%{ if var.use_server_groups }1%{else}0%{endif}"
+  name = "k8s-master-srvgrp"
+  policies = ["anti-affinity"]
+}
+
+resource "openstack_compute_servergroup_v2" "k8s_node" {
+  count = "%{ if var.use_server_groups }1%{else}0%{endif}"
+  name = "k8s-node-srvgrp"
+  policies = ["anti-affinity"]
+}
+
+resource "openstack_compute_servergroup_v2" "k8s_etcd" {
+  count = "%{ if var.use_server_groups }1%{else}0%{endif}"
+  name = "k8s-etcd-srvgrp"
+  policies = ["anti-affinity"]
+}
+
 resource "openstack_compute_instance_v2" "bastion" {
  name       = "${var.cluster_name}-bastion-${count.index+1}"
  count      = "${var.bastion_root_volume_size_in_gb == 0 ? var.number_of_bastions : 0}"
@ -174,6 +192,13 @@ resource "openstack_compute_instance_v2" "k8s_master" {
    "${openstack_networking_secgroup_v2.k8s.name}",
  ]

+  dynamic "scheduler_hints" {
+    for_each = var.use_server_groups ? [openstack_compute_servergroup_v2.k8s_master[0]] : []
+    content {
+      group = "${openstack_compute_servergroup_v2.k8s_master[0].id}"
+    }
+  }
+
  metadata = {
    ssh_user         = "${var.ssh_user}"
    kubespray_groups = "etcd,kube-master,${var.supplementary_master_groups},k8s-cluster,vault"
@ -211,6 +236,13 @@ resource "openstack_compute_instance_v2" "k8s_master_custom_volume_size" {
    "${openstack_networking_secgroup_v2.k8s.name}",
  ]
  
+  dynamic "scheduler_hints" {
+    for_each = var.use_server_groups ? [openstack_compute_servergroup_v2.k8s_master[0]] : []
+    content {
+      group = "${openstack_compute_servergroup_v2.k8s_master[0].id}"
+    }
+  }
+
  metadata = {
    ssh_user         = "${var.ssh_user}"
    kubespray_groups = "etcd,kube-master,${var.supplementary_master_groups},k8s-cluster,vault"
@ -239,6 +271,13 @@ resource "openstack_compute_instance_v2" "k8s_master_no_etcd" {
    "${openstack_networking_secgroup_v2.k8s.name}",
  ]
  
+  dynamic "scheduler_hints" {
+    for_each = var.use_server_groups ? [openstack_compute_servergroup_v2.k8s_master[0]] : []
+    content {
+      group = "${openstack_compute_servergroup_v2.k8s_master[0].id}"
+    }
+  }
+
  metadata = {
    ssh_user         = "${var.ssh_user}"
    kubespray_groups = "kube-master,${var.supplementary_master_groups},k8s-cluster,vault"
@ -276,6 +315,13 @@ resource "openstack_compute_instance_v2" "k8s_master_no_etcd_custom_volume_size"
    "${openstack_networking_secgroup_v2.k8s.name}",
  ]

+  dynamic "scheduler_hints" {
+    for_each = var.use_server_groups ? [openstack_compute_servergroup_v2.k8s_master[0]] : []
+    content {
+      group = "${openstack_compute_servergroup_v2.k8s_master[0].id}"
+    }
+  }
+
  metadata = {
    ssh_user         = "${var.ssh_user}"
    kubespray_groups = "kube-master,${var.supplementary_master_groups},k8s-cluster,vault"
@ -302,6 +348,13 @@ resource "openstack_compute_instance_v2" "etcd" {

  security_groups = ["${openstack_networking_secgroup_v2.k8s.name}"]

+  dynamic "scheduler_hints" {
+    for_each = var.use_server_groups ? [openstack_compute_servergroup_v2.k8s_etcd[0]] : []
+    content {
+      group = "${openstack_compute_servergroup_v2.k8s_etcd[0].id}"
+    }
+  }
+
  metadata = {
    ssh_user         = "${var.ssh_user}"
    kubespray_groups = "etcd,vault,no-floating"
@ -333,6 +386,13 @@ resource "openstack_compute_instance_v2" "etcd_custom_volume_size" {

  security_groups = ["${openstack_networking_secgroup_v2.k8s.name}"]
  
+  dynamic "scheduler_hints" {
+    for_each = var.use_server_groups ? [openstack_compute_servergroup_v2.k8s_etcd[0]] : []
+    content {
+      group = "${openstack_compute_servergroup_v2.k8s_etcd[0].id}"
+    }
+  }
+
  metadata = {
    ssh_user         = "${var.ssh_user}"
    kubespray_groups = "etcd,vault,no-floating"
@ -357,6 +417,13 @@ resource "openstack_compute_instance_v2" "k8s_master_no_floating_ip" {
    "${openstack_networking_secgroup_v2.k8s.name}",
  ]
  
+  dynamic "scheduler_hints" {
+    for_each = var.use_server_groups ? [openstack_compute_servergroup_v2.k8s_master[0]] : []
+    content {
+      group = "${openstack_compute_servergroup_v2.k8s_master[0].id}"
+    }
+  }
+
  metadata = {
    ssh_user         = "${var.ssh_user}"
    kubespray_groups = "etcd,kube-master,${var.supplementary_master_groups},k8s-cluster,vault,no-floating"
@ -390,6 +457,13 @@ resource "openstack_compute_instance_v2" "k8s_master_no_floating_ip_custom_volum
    "${openstack_networking_secgroup_v2.k8s.name}",
  ]
  
+  dynamic "scheduler_hints" {
+    for_each = var.use_server_groups ? [openstack_compute_servergroup_v2.k8s_master[0]] : []
+    content {
+      group = "${openstack_compute_servergroup_v2.k8s_master[0].id}"
+    }
+  }
+
  metadata = {
    ssh_user         = "${var.ssh_user}"
    kubespray_groups = "etcd,kube-master,${var.supplementary_master_groups},k8s-cluster,vault,no-floating"
@ -414,6 +488,13 @@ resource "openstack_compute_instance_v2" "k8s_master_no_floating_ip_no_etcd" {
    "${openstack_networking_secgroup_v2.k8s.name}",
  ]
  
+  dynamic "scheduler_hints" {
+    for_each = var.use_server_groups ? [openstack_compute_servergroup_v2.k8s_master[0]] : []
+    content {
+      group = "${openstack_compute_servergroup_v2.k8s_master[0].id}"
+    }
+  }
+
  metadata = {
    ssh_user         = "${var.ssh_user}"
    kubespray_groups = "kube-master,${var.supplementary_master_groups},k8s-cluster,vault,no-floating"
@ -447,6 +528,13 @@ resource "openstack_compute_instance_v2" "k8s_master_no_floating_ip_no_etcd_cust
    "${openstack_networking_secgroup_v2.k8s.name}",
  ]
  
+  dynamic "scheduler_hints" {
+    for_each = var.use_server_groups ? [openstack_compute_servergroup_v2.k8s_master[0]] : []
+    content {
+      group = "${openstack_compute_servergroup_v2.k8s_master[0].id}"
+    }
+  }
+
  metadata = {
    ssh_user         = "${var.ssh_user}"
    kubespray_groups = "kube-master,${var.supplementary_master_groups},k8s-cluster,vault,no-floating"
@ -471,6 +559,13 @@ resource "openstack_compute_instance_v2" "k8s_node" {
    "${openstack_networking_secgroup_v2.worker.name}",
  ]

+  dynamic "scheduler_hints" {
+    for_each = var.use_server_groups ? [openstack_compute_servergroup_v2.k8s_node[0]] : []
+    content {
+      group = "${openstack_compute_servergroup_v2.k8s_node[0].id}"
+    }
+  }
+
  metadata = {
    ssh_user         = "${var.ssh_user}"
    kubespray_groups = "kube-node,k8s-cluster,${var.supplementary_node_groups}"
@ -508,6 +603,13 @@ resource "openstack_compute_instance_v2" "k8s_node_custom_volume_size" {
    "${openstack_networking_secgroup_v2.worker.name}",
  ]
  
+  dynamic "scheduler_hints" {
+    for_each = var.use_server_groups ? [openstack_compute_servergroup_v2.k8s_node[0]] : []
+    content {
+      group = "${openstack_compute_servergroup_v2.k8s_node[0].id}"
+    }
+  }
+
  metadata = {
    ssh_user         = "${var.ssh_user}"
    kubespray_groups = "kube-node,k8s-cluster,${var.supplementary_node_groups}"
@ -536,6 +638,13 @@ resource "openstack_compute_instance_v2" "k8s_node_no_floating_ip" {
    "${openstack_networking_secgroup_v2.worker.name}",
  ]
  
+  dynamic "scheduler_hints" {
+    for_each = var.use_server_groups ? [openstack_compute_servergroup_v2.k8s_node[0]] : []
+    content {
+      group = "${openstack_compute_servergroup_v2.k8s_node[0].id}"
+    }
+  }
+
  metadata = {
    ssh_user         = "${var.ssh_user}"
    kubespray_groups = "kube-node,k8s-cluster,no-floating,${var.supplementary_node_groups}"
@ -569,6 +678,13 @@ resource "openstack_compute_instance_v2" "k8s_node_no_floating_ip_custom_volume_
    "${openstack_networking_secgroup_v2.worker.name}",
  ]
  
+  dynamic "scheduler_hints" {
+    for_each = var.use_server_groups ? [openstack_compute_servergroup_v2.k8s_node[0]] : []
+    content {
+      group = "${openstack_compute_servergroup_v2.k8s_node[0].id}"
+    }
+  }
+
  metadata = {
    ssh_user         = "${var.ssh_user}"
    kubespray_groups = "kube-node,k8s-cluster,no-floating,${var.supplementary_node_groups}"
@ -659,6 +775,13 @@ resource "openstack_compute_instance_v2" "glusterfs_node_no_floating_ip" {

  security_groups = ["${openstack_networking_secgroup_v2.k8s.name}"]
  
+  dynamic "scheduler_hints" {
+    for_each = var.use_server_groups ? [openstack_compute_servergroup_v2.k8s_node[0]] : []
+    content {
+      group = "${openstack_compute_servergroup_v2.k8s_node[0].id}"
+    }
+  }
+
  metadata = {
    ssh_user         = "${var.ssh_user_gfs}"
    kubespray_groups = "gfs-cluster,network-storage,no-floating"
@ -690,6 +813,13 @@ resource "openstack_compute_instance_v2" "glusterfs_node_no_floating_ip_custom_v

  security_groups = ["${openstack_networking_secgroup_v2.k8s.name}"]
  
+  dynamic "scheduler_hints" {
+    for_each = var.use_server_groups ? [openstack_compute_servergroup_v2.k8s_node[0]] : []
+    content {
+      group = "${openstack_compute_servergroup_v2.k8s_node[0].id}"
+    }
+  }
+
  metadata = {
    ssh_user         = "${var.ssh_user_gfs}"
    kubespray_groups = "gfs-cluster,network-storage,no-floating"
--- a/contrib/terraform/openstack/modules/compute/variables.tf
+++ b/contrib/terraform/openstack/modules/compute/variables.tf
@ -107,3 +107,7 @@ variable "worker_allowed_ports" {
 }

 variable "use_access_ip" {}
+
+variable "use_server_groups" {
+  type = bool
+}
--- a/contrib/terraform/openstack/variables.tf
+++ b/contrib/terraform/openstack/variables.tf
@ -210,3 +210,7 @@ variable "worker_allowed_ports" {
 variable "use_access_ip" {
  default = 1
 }
+
+variable "use_server_groups" {
+  default = false
+}