Rapid VM Deployment with Cloud Init and Terraform
Sources
- how to create a proxmox ubuntu cloud init image
- how to deploy VMs in proxmox with terraform
- https://www.learnlinux.tv/proxmox-ve-how-to-build-an-ubuntu-22-04-template-updated-method/
Get the OS Image
Use Proxmox GUI to download 20.04 image. Alternatively use 22.04 image.
Add Packages to the Image
Prepare proxmox and install libguestfs-tools:
apt update -y && apt install libguestfs-tools -y
Install qemu-guest-agent into the downloaded image:
root@duo:/# find . -type f -name 'focal-server-*'
find: ‘./var/lib/lxcfs/cgroup’: Input/output error
./var/lib/vz/template/iso/focal-server-cloudimg-amd64.img
root@duo:/# cd var/lib/vz/template/iso/
root@duo:/var/lib/vz/template/iso# ls -la
total 3273424
drwxr-xr-x 2 root root 4096 Sep 27 10:00 .
drwxr-xr-x 5 root root 4096 Dec 4 2020 ..
-rw-r--r-- 1 root root 566951936 Sep 23 16:25 focal-server-cloudimg-amd64.img
-rw-r--r-- 1 root root 2785017856 Dec 4 2020 ubuntu-20.04.1-desktop-amd64.iso
root@duo:/var/lib/vz/template/iso# virt-customize -a focal-server-cloudimg-amd64.img --install qemu-guest-agent
[ 0.0] Examining the guest ...
[ 4.8] Setting a random seed
virt-customize: warning: random seed could not be set for this type of guest
[ 4.8] Setting the machine ID in /etc/machine-id
[ 4.8] Installing packages: qemu-guest-agent
[ 23.5] Finishing off
Create a Proxmox VM
root@duo:/var/lib/vz/template/iso# qm create 9000 --name "ubuntu-2004-cloudinit-template" --memory 2048 --cores 2 --net0 virtio,bridge=vmbr0
root@duo:/var/lib/vz/template/iso# qm importdisk 9000 focal-server-cloudimg-amd64.img local-lvm
importing disk 'focal-server-cloudimg-amd64.img' to VM 9000 ...
Logical volume "vm-9000-disk-0" created.
transferred 0.0 B of 2.2 GiB (0.00%)
...
root@duo:/var/lib/vz/template/iso# qm set 9000 --scsihw virtio-scsi-pci --scsi0 local-lvm:vm-9000-disk-0
update VM 9000: -scsi0 local-lvm:vm-9000-disk-0 -scsihw virtio-scsi-pci
root@duo:/var/lib/vz/template/iso# qm set 9000 --boot c --bootdisk scsi0
update VM 9000: -boot c -bootdisk scsi0
root@duo:/var/lib/vz/template/iso# qm set 9000 --ide2 local-lvm:cloudinit
update VM 9000: -ide2 local-lvm:cloudinit
Logical volume "vm-9000-cloudinit" created.
root@duo:/var/lib/vz/template/iso# qm set 9000 --serial0 socket --vga serial0
update VM 9000: -serial0 socket -vga serial0
root@duo:/var/lib/vz/template/iso# qm set 9000 --agent 1
update VM 9000: -agent 1
Convert the VM into a Template
root@duo:~# qm template 9000
Renamed "vm-9000-disk-0" to "base-9000-disk-0" in volume group "pve"
Logical volume pve/base-9000-disk-0 changed.
WARNING: Combining activation change with other commands is not advised.
Test VM Creation from Template
qm clone 9000 999 --name test-clone-cloud-init
qm set 999 --sshkey ~/.ssh/id_rsa.pub
qm set 999 --ipconfig0 ip=192.168.10.96/24,gw=192.168.10.1
qm start 999
Now login into the newly created VM. First remove known host because SSH key changed:
ssh-keygen -f "~/.ssh/known_hosts" -R 192.168.10.96
Now we can procceed with login:
ssh -i ~/.ssh/id_rsa ubuntu@192.168.10.96
VM Cleanup
qm stop 999 && qm destroy 999
Install Terraform on Proxmox Server
From tutorial:
apt -y install lsb-release software-properties-common
Add the HashiCorp GPG key:
curl -fsSL https://apt.releases.hashicorp.com/gpg | apt-key add -
Add the repository:
apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main"
Install Terraform:
apt update && apt install -y terraform
Use API-keys for Authentication
I created a datacenter user asokolsky with Linux PAM authentication.
Create a new API token new_token_id for asokolsky@pam, priviledge unchecked. Secret: ebf02232-ec86-480c-acdf-4e83fed2c2e6
In the datacenter permission add:
-
user permission - add a role to the newly created user asokolsky: Path=/, User=asokolsky@pam, Role=PVEVMAdmin, Propagate=true
-
user permission - Path=/storage/local-lvm, User=asokolsky@pam, Role=Administrator, Propagate=true
Terraform Basic Info and Provider Installation
oot@duo:~/terraform# pwd
/root/terraform
root@duo:~/terraform# ls -la
total 12
drwxr-xr-x 2 root root 4096 Oct 22 15:10 .
drwx------ 9 root root 4096 Oct 22 14:56 ..
-rw-r--r-- 1 root root 120 Oct 22 14:57 main.tf
-rw-r--r-- 1 root root 0 Oct 22 14:56 vars.tf
root@duo:~/terraform# cat main.tf
terraform {
required_providers {
proxmox = {
source = "telmate/proxmox"
version = "2.7.4"
}
}
}
root@duo:~/terraform# terraform init
Initializing the backend...
Initializing provider plugins...
- Finding telmate/proxmox versions matching "2.7.4"...
- Installing telmate/proxmox v2.7.4...
- Installed telmate/proxmox v2.7.4 (self-signed, key ID A9EBBE091B35AFCE)
Partner and community providers are signed by their developers.
If you'd like to know more about provider signing, you can read about it here:
https://www.terraform.io/docs/cli/plugins/signing.html
Terraform has created a lock file .terraform.lock.hcl to record the provider
selections it made above. Include this file in your version control repository
so that Terraform can guarantee to make the same selections by default when
you run "terraform init" in the future.
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
Terraform Plan
Customize it.
Testing
root@duo:~/terraform# ssh -i ~/.ssh/id_rsa ubuntu@192.168.10.81
Welcome to Ubuntu 20.04.3 LTS (GNU/Linux 5.4.0-89-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
System information as of Fri Oct 22 22:39:40 UTC 2021
System load: 0.0 Processes: 122
Usage of /: 18.2% of 9.52GB Users logged in: 0
Memory usage: 9% IPv4 address for eth0: 192.168.10.81
Swap usage: 0%
0 updates can be applied immediately.
Last login: Fri Oct 22 22:38:00 2021 from 192.168.10.40
ubuntu@test-vm-1:~$ uptime
22:40:30 up 1 min, 1 user, load average: 0.00, 0.00, 0.00
ubuntu@test-vm-1:~$ exit
logout
Connection to 192.168.10.81 closed.
Clean-up
Edit main.tf ans set count to 0. Then:
oot@duo:~/terraform# terraform apply
proxmox_vm_qemu.test_server[0]: Refreshing state... [id=duo/qemu/100]
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following
symbols:
- destroy
Terraform will perform the following actions:
# proxmox_vm_qemu.test_server[0] will be destroyed
- resource "proxmox_vm_qemu" "test_server" {
....
}
Plan: 0 to add, 0 to change, 1 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
proxmox_vm_qemu.test_server[0]: Destroying... [id=duo/qemu/100]
proxmox_vm_qemu.test_server[0]: Destruction complete after 4s
Apply complete! Resources: 0 added, 0 changed, 1 destroyed.
console