Use root user as API is missing some needed permissions

Also tweak the LXC container specs and move the hook script to it's own file
2024-10-21 09:45:23 +02:00 · 2024-10-21 09:45:23 +02:00 · 3ce33a2b7c
commit 3ce33a2b7c
parent a9caeece85
3 changed files with 36 additions and 31 deletions
--- a/init-kube.sh
+++ b/init-kube.sh
@ -0,0 +1,14 @@
+#!/bin/sh
+if [ "$2" = "post-start" ]; then
+    lxc-attach "$1" <<EOF
+export PATH=/sbin:\$PATH
+apk update
+apk upgrade
+openrc -s sshd status 2>&1 | grep 'does not exist' &> /dev/null
+if [ $? -eq 0 ]; then
+    apk add openssh-server
+    openrc -s sshd start
+    rc-update add sshd
+fi
+EOF
+fi
--- a/kubes-lxc.tf
+++ b/kubes-lxc.tf
@ -11,21 +11,13 @@ resource "proxmox_virtual_environment_file" "kube-init" {
  datastore_id = var.datastore_id
  node_name    = var.proxmox_node
  file_mode    = "0755"
-  source_raw {
-    file_name = "kube-init.sh"
-    data      = <<-EOF
-#!/bin/sh
-apk update
-apk upgrade
-apk add openssh-server
-rc-update add sshd
-openrc -s sshd start
-EOF
+  source_file {
+    path = "init-kube.sh"
  }
 }

 resource "proxmox_virtual_environment_container" "kube-masters" {
-  # hook_script_file_id = "${var.datastore_id}:snippets/kube-init.sh"
+  hook_script_file_id = "${var.datastore_id}:snippets/kube-init.sh"
  vm_id     = var.vmid + count.index + 10
  node_name = var.proxmox_node
  count     = var.master_count
@ -33,26 +25,25 @@ resource "proxmox_virtual_environment_container" "kube-masters" {
    proxmox_virtual_environment_download_file.latest_alpine,
    proxmox_virtual_environment_file.kube-init
  ]
+  operating_system {
+    template_file_id = proxmox_virtual_environment_download_file.latest_alpine.id
+    type             = "alpine"
+  }
  initialization {
-    # hostname = data.external.master_kube.result.name
    hostname = "kube-master-${tostring(count.index)}.kubes.42069.no"
+    user_account {
+      password = var.user_password
+      keys     = var.ssh_keys
+    }
    ip_config {
      ipv4 {
        address = "dhcp"
      }
    }
-    user_account {
-      password = var.user_password
-      keys     = var.ssh_keys
-    }
  }
  network_interface {
    name = "eth0"
  }
-  operating_system {
-    template_file_id = proxmox_virtual_environment_download_file.latest_alpine.id
-    type             = "alpine"
-  }
  startup {
    order = "1"
  }
@ -67,26 +58,25 @@ resource "proxmox_virtual_environment_container" "kube-workers" {
    proxmox_virtual_environment_download_file.latest_alpine,
    proxmox_virtual_environment_file.kube-init
  ]
+  operating_system {
+    template_file_id = proxmox_virtual_environment_download_file.latest_alpine.id
+    type             = "alpine"
+  }
  initialization {
-    # hostname = data.external.worker_kube.result.name
    hostname = "kube-worker-${tostring(count.index)}.kubes.42069.no"
+    user_account {
+      password = var.user_password
+      keys     = var.ssh_keys
+    }
    ip_config {
      ipv4 {
        address = "dhcp"
      }
    }
-    user_account {
-      password = var.user_password
-      keys     = var.ssh_keys
-    }
  }
  network_interface {
    name = "eth0"
  }
-  operating_system {
-    template_file_id = proxmox_virtual_environment_download_file.latest_alpine.id
-    type             = "alpine"
-  }
  startup {
    order = "3"
  }
--- a/provider.tf
+++ b/provider.tf
@ -1,7 +1,8 @@
-variable "api_token" {}
+variable "root_pwd" {}
 variable "endpoint" {}
 provider "proxmox" {
-  api_token = var.api_token
  endpoint  = var.endpoint
+  password  = var.root_pwd
+  username  = "root@pam"
  insecure  = true
 }