naeel/sless-primer
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
feat/stress-tests-and-runtime-fixes
sless-primer/VM/sless.tf

109 lines
3.8 KiB
HCL
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# 2026-03-29 — sless.tf: провайдер sless и sless_job ресурсы для установки ПО на ВМ.
#
# Схема работы:
# 1. terraform apply создаёт FunctionJob CR в k8s
# 2. Провайдер загружает код из source_dir в S3
# 3. Оператор собирает Docker-образ (kaniko) и запускает Job
# 4. Job подключается к ВМ по SSH и устанавливает ПО
# 5. terraform apply завершается: outputs содержат статус каждого шага
#
# Для повторного запуска: увеличь install_run_id в terraform.tfvars → terraform apply
# ---------------------------------------------------------------------------
# Провайдер
# ---------------------------------------------------------------------------
provider "sless" {
endpoint = "https://sless.kube5s.ru"
token = var.api_token # тот же JWT что и в provider "nubes"
nubes_endpoint = "https://deck-api-test.ngcloud.ru/api/v1/index.cfm"
}
# ---------------------------------------------------------------------------
# Общие locals: SSH-параметры для подключения к ВМ
# ---------------------------------------------------------------------------
locals {
# TODO: заменить externalConnect → internalConnect когда DevOps настроят
# сеть между k8s кластером и Nubes vDC (сейчас только внешний IP доступен).
vm_ip = nubes_vc_vm_v3.vm.state_out_flat["externalConnect"]
ssh_env = {
VM_IP = local.vm_ip
SSH_USER = "ubuntu"
# TODO(vault): заменить на чтение из Vault когда сервис заработает; пока тестовый стенд — прямой файл.
SSH_KEY = file("${path.module}/vm_key")
}
}
# ---------------------------------------------------------------------------
# Job 1: базовые пакеты (jq, pip3 и др.)
# ---------------------------------------------------------------------------
resource "sless_job" "install_packages" {
count = var.install_packages ? 1 : 0
name = "vm-install-packages"
runtime = "python3.11"
entrypoint = "handler.install"
source_dir = "${path.module}/functions/install-packages"
memory_mb = 128
env_vars = local.ssh_env
event_json = jsonencode({
packages = var.base_packages
update = true
})
run_id = var.install_run_id
wait_timeout_sec = 600
depends_on = [nubes_vc_vm_v3.vm]
}
# ---------------------------------------------------------------------------
# Job 2: nginx
# ---------------------------------------------------------------------------
resource "sless_job" "install_nginx" {
count = var.install_nginx ? 1 : 0
name = "vm-install-nginx"
runtime = "python3.11"
entrypoint = "handler.install"
source_dir = "${path.module}/functions/install-nginx"
memory_mb = 128
env_vars = local.ssh_env
event_json = jsonencode({})
run_id = var.install_run_id
wait_timeout_sec = 600
depends_on = [nubes_vc_vm_v3.vm, sless_job.install_packages]
}
# ---------------------------------------------------------------------------
# Job 3: Docker CE
# ---------------------------------------------------------------------------
resource "sless_job" "install_docker" {
count = var.install_docker ? 1 : 0
name = "vm-install-docker"
runtime = "python3.11"
entrypoint = "handler.install"
source_dir = "${path.module}/functions/install-docker"
memory_mb = 128
env_vars = local.ssh_env
event_json = jsonencode({
compose = true
})
run_id = var.install_run_id
wait_timeout_sec = 900
depends_on = [nubes_vc_vm_v3.vm, sless_job.install_packages, sless_job.install_nginx]
}
Reference in New Issue View Git Blame Copy Permalink