Skip to content

Commit 01c73e4

Browse files
committed
OSDOCS#10177: Updates to Terraform files
1 parent 5908018 commit 01c73e4

20 files changed

+837
-642
lines changed

_topic_maps/_topic_map_rosa.yml

Lines changed: 12 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -220,15 +220,21 @@ Topics:
220220
File: rosa-sts-required-aws-service-quotas
221221
- Name: Setting up your environment
222222
File: rosa-sts-setting-up-environment
223-
- Name: Preparing Terraform to install ROSA clusters
224-
File: rosa-understanding-terraform
225223
---
226224
Name: Install ROSA with HCP clusters
227225
Dir: rosa_hcp
228226
Distros: openshift-rosa
229227
Topics:
230228
- Name: Creating ROSA with HCP clusters using the default options
231229
File: rosa-hcp-sts-creating-a-cluster-quickly
230+
- Name: Creating a ROSA cluster using Terraform
231+
Dir: terraform
232+
Distros: openshift-rosa
233+
Topics:
234+
- Name: Creating a default ROSA cluster using Terraform
235+
File: rosa-hcp-creating-a-cluster-quickly-terraform
236+
# - Name: Customizing a ROSA cluster with Terraform
237+
# File: rosa-hcp-creating-a-cluster-with-customizations-terraform
232238
- Name: Creating ROSA with HCP clusters using a custom AWS KMS encryption key
233239
File: rosa-hcp-creating-cluster-with-aws-kms-key
234240
- Name: Creating a private cluster on ROSA with HCP
@@ -248,14 +254,14 @@ Topics:
248254
File: rosa-sts-creating-a-cluster-quickly
249255
- Name: Creating a ROSA cluster with STS using customizations
250256
File: rosa-sts-creating-a-cluster-with-customizations
251-
- Name: Creating a ROSA cluster with STS using Terraform
257+
- Name: Creating a ROSA (classic architecture) cluster using Terraform
252258
Dir: terraform
253259
Distros: openshift-rosa
254260
Topics:
255-
- Name: Creating a default ROSA Classic cluster using Terraform
256-
File: rosa-sts-creating-a-cluster-quickly-terraform
261+
- Name: Creating a default ROSA (classic architecture) cluster using Terraform
262+
File: rosa-classic-creating-a-cluster-quickly-terraform
257263
# - Name: Customizing a ROSA cluster with Terraform
258-
# File: rosa-sts-creating-a-cluster-with-customizations-terraform
264+
# File: rosa-classic-creating-a-cluster-with-customizations-terraform
259265
- Name: Interactive cluster creation mode reference
260266
File: rosa-sts-interactive-mode-reference
261267
- Name: Creating an AWS PrivateLink cluster on ROSA
Lines changed: 279 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,279 @@
1+
// Module included in the following assemblies:
2+
//
3+
// * rosa_install_access_delete_clusters/rosa-classic-creating-a-cluster-quickly-terraform.adoc
4+
//
5+
6+
:_content-type: PROCEDURE
7+
8+
[id="rosa-classic-cluster-terraform-file-creation_{context}"]
9+
= Creating your Terraform files locally
10+
11+
After you set up your link:https://console.redhat.com/openshift/token/rosa[offline {cluster-manager-first} token], you need to create the Terraform files locally to build your cluster. You can create these files by using the following code templates.
12+
13+
.Procedure
14+
15+
. Create the `main.tf` file by running the following command:
16+
+
17+
[source,terminal]
18+
----
19+
$ cat<<-EOF>main.tf
20+
#
21+
# Copyright (c) 2023 Red Hat, Inc.
22+
#
23+
# Licensed under the Apache License, Version 2.0 (the "License");
24+
# you may not use this file except in compliance with the License.
25+
# You may obtain a copy of the License at
26+
#
27+
# http://www.apache.org/licenses/LICENSE-2.0
28+
#
29+
# Unless required by applicable law or agreed to in writing, software
30+
# distributed under the License is distributed on an "AS IS" BASIS,
31+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
32+
# See the License for the specific language governing permissions and
33+
# limitations under the License.
34+
#
35+
36+
terraform {
37+
required_providers {
38+
aws = {
39+
source = "hashicorp/aws"
40+
version = ">= 4.20.0"
41+
}
42+
rhcs = {
43+
version = ">= 1.6.2"
44+
source = "terraform-redhat/rhcs"
45+
}
46+
}
47+
}
48+
49+
# Export token using the RHCS_TOKEN environment variable
50+
provider "rhcs" {}
51+
52+
provider "aws" {
53+
region = var.aws_region
54+
ignore_tags {
55+
key_prefixes = ["kubernetes.io/"]
56+
}
57+
default_tags {
58+
tags = var.default_aws_tags
59+
}
60+
}
61+
62+
data "aws_availability_zones" "available" {}
63+
64+
locals {
65+
# The default setting creates 3 availability zones. Set to "false" to create a single availability zones.
66+
region_azs = var.multi_az ? slice([for zone in data.aws_availability_zones.available.names : format("%s", zone)], 0, 3) : slice([for zone in data.aws_availability_zones.available.names : format("%s", zone)], 0, 1)
67+
}
68+
69+
resource "random_string" "random_name" {
70+
length = 6
71+
special = false
72+
upper = false
73+
}
74+
75+
locals {
76+
path = coalesce(var.path, "/")
77+
worker_node_replicas = try(var.worker_node_replicas, var.multi_az ? 3 : 2)
78+
# If cluster_name is not null, use that, otherwise generate a random cluster name
79+
cluster_name = coalesce(var.cluster_name, "rosa-\${random_string.random_name.result}")
80+
}
81+
82+
# The network validator requires an additional 60 seconds to validate Terraform clusters.
83+
resource "time_sleep" "wait_60_seconds" {
84+
count = var.create_vpc ? 1 : 0
85+
depends_on = [module.vpc]
86+
create_duration = "60s"
87+
}
88+
89+
module "rosa-classic" {
90+
source = "terraform-redhat/rosa-classic/rhcs"
91+
version = "1.5.0"
92+
cluster_name = local.cluster_name
93+
openshift_version = var.openshift_version
94+
account_role_prefix = local.cluster_name
95+
operator_role_prefix = local.cluster_name
96+
replicas = local.worker_node_replicas
97+
aws_availability_zones = local.region_azs
98+
create_oidc = true
99+
private = var.private_cluster
100+
aws_private_link = var.private_cluster
101+
aws_subnet_ids = var.create_vpc ? var.private_cluster ? module.vpc[0].private_subnets : concat(module.vpc[0].public_subnets, module.vpc[0].private_subnets) : var.aws_subnet_ids
102+
multi_az = var.multi_az
103+
create_account_roles = true
104+
create_operator_roles = true
105+
106+
depends_on = [time_sleep.wait_60_seconds]
107+
}
108+
EOF
109+
----
110+
111+
. Create the `variables.tf` file by running the following command:
112+
+
113+
[NOTE]
114+
====
115+
Copy and edit this file _before_ running the command to build your cluster.
116+
====
117+
+
118+
[source,terminal]
119+
----
120+
$ cat<<-EOF>variables.tf
121+
#
122+
# Copyright (c) 2023 Red Hat, Inc.
123+
#
124+
# Licensed under the Apache License, Version 2.0 (the "License");
125+
# you may not use this file except in compliance with the License.
126+
# You may obtain a copy of the License at
127+
#
128+
# http://www.apache.org/licenses/LICENSE-2.0
129+
#
130+
# Unless required by applicable law or agreed to in writing, software
131+
# distributed under the License is distributed on an "AS IS" BASIS,
132+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
133+
# See the License for the specific language governing permissions and
134+
# limitations under the License.
135+
#
136+
variable "openshift_version" {
137+
type = string
138+
default = "4.14.20"
139+
description = "Desired version of OpenShift for the cluster, for example '4.14.20'. If version is greater than the currently running version, an upgrade will be scheduled."
140+
}
141+
142+
variable "create_vpc" {
143+
type = bool
144+
description = "If you would like to create a new VPC, set this value to 'true'. If you do not want to create a new VPC, set this value to 'false'."
145+
}
146+
147+
# ROSA Cluster info
148+
variable "cluster_name" {
149+
default = null
150+
type = string
151+
description = "The name of the ROSA cluster to create"
152+
}
153+
154+
variable "additional_tags" {
155+
default = {
156+
Terraform = "true"
157+
Environment = "dev"
158+
}
159+
description = "Additional AWS resource tags"
160+
type = map(string)
161+
}
162+
163+
variable "path" {
164+
description = "(Optional) The arn path for the account/operator roles as well as their policies."
165+
type = string
166+
default = null
167+
}
168+
169+
variable "multi_az" {
170+
type = bool
171+
description = "Multi AZ Cluster for High Availability"
172+
default = true
173+
}
174+
175+
variable "worker_node_replicas" {
176+
default = 3
177+
description = "Number of worker nodes to provision. Single zone clusters need at least 2 nodes, multizone clusters need at least 3 nodes"
178+
type = number
179+
}
180+
181+
variable "aws_subnet_ids" {
182+
type = list(any)
183+
description = "A list of either the public or public + private subnet IDs to use for the cluster blocks to use for the cluster"
184+
default = ["subnet-01234567890abcdef", "subnet-01234567890abcdef", "subnet-01234567890abcdef"]
185+
}
186+
187+
variable "private_cluster" {
188+
type = bool
189+
description = "If you want to create a private cluster, set this value to 'true'. If you want a publicly available cluster, set this value to 'false'."
190+
}
191+
192+
#VPC Info
193+
variable "vpc_name" {
194+
type = string
195+
description = "VPC Name"
196+
default = "tf-qs-vpc"
197+
}
198+
199+
variable "vpc_cidr_block" {
200+
type = string
201+
description = "value of the CIDR block to use for the VPC"
202+
default = "10.0.0.0/16"
203+
}
204+
205+
variable "private_subnet_cidrs" {
206+
type = list(any)
207+
description = "The CIDR blocks to use for the private subnets"
208+
default = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
209+
}
210+
211+
variable "public_subnet_cidrs" {
212+
type = list(any)
213+
description = "The CIDR blocks to use for the public subnets"
214+
default = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"]
215+
}
216+
217+
variable "single_nat_gateway" {
218+
type = bool
219+
description = "Single NAT or per NAT for subnet"
220+
default = false
221+
}
222+
223+
#AWS Info
224+
variable "aws_region" {
225+
type = string
226+
default = "us-east-2"
227+
}
228+
229+
variable "default_aws_tags" {
230+
type = map(string)
231+
description = "Default tags for AWS"
232+
default = {}
233+
}
234+
EOF
235+
----
236+
237+
. Create the `vpc.tf` file by running the following command:
238+
+
239+
[source,terminal]
240+
----
241+
$ cat<<-EOF>vpc.tf
242+
#
243+
# Copyright (c) 2023 Red Hat, Inc.
244+
#
245+
# Licensed under the Apache License, Version 2.0 (the "License");
246+
# you may not use this file except in compliance with the License.
247+
# You may obtain a copy of the License at
248+
#
249+
# http://www.apache.org/licenses/LICENSE-2.0
250+
#
251+
# Unless required by applicable law or agreed to in writing, software
252+
# distributed under the License is distributed on an "AS IS" BASIS,
253+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
254+
# See the License for the specific language governing permissions and
255+
# limitations under the License.
256+
#
257+
module "vpc" {
258+
source = "terraform-aws-modules/vpc/aws"
259+
version = "5.1.2"
260+
261+
count = var.create_vpc ? 1 : 0
262+
name = var.vpc_name
263+
cidr = var.vpc_cidr_block
264+
265+
azs = local.region_azs
266+
private_subnets = var.private_subnet_cidrs
267+
public_subnets = var.public_subnet_cidrs
268+
269+
enable_nat_gateway = true
270+
single_nat_gateway = var.single_nat_gateway
271+
enable_dns_hostnames = true
272+
enable_dns_support = true
273+
274+
tags = var.additional_tags
275+
}
276+
EOF
277+
----
278+
+
279+
You are ready to initiate Terraform.

0 commit comments

Comments
 (0)