Add various terraform and SETUP.md updates

Author: nwthomas

.gitignore

@@ -1,20 +1,14 @@
-# Local .terraform directories
-.terraform/
-
-# .tfstate files
+# Terraform files
 *.tfstate
 *.tfstate.*
-
-# Crash log files
+*.tfvars
+!*.tfvars.example
+.terraform/
+.terraform.lock.hcl
 crash.log
 crash.*.log
-
-# Exclude all .tfvars files, which are likely to contain sensitive data, such as
-# password, private keys, and other secrets. These should not be part of version 
-# control as they are data points which are potentially sensitive and subject 
-# to change depending on the environment.
-*.tfvars
-*.tfvars.json
+*.tfplan
+*.tfplan.*
 
 # Ignore override files as they are usually used to override resources locally and so
 # are not checked in
@@ -29,13 +23,19 @@ override.tf.json
 # Include override files you do wish to add to version control using negated pattern
 # !example_override.tf
 
-# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
-# example: *tfplan*
-
 # Ignore CLI configuration files
 .terraformrc
 terraform.rc
 
-## Miscellaneous
+# IDE files
+.vscode/
+.idea/
+*.swp
+*.swo
+
+# OS files
 .DS_Store
+Thumbs.db
+
+## Miscellaneous
 charts/

SETUP.md

@@ -879,6 +879,12 @@ As it turns out, we're not quite done with our monitoring configuration. K3s doe
 
 To fix this, we need to add Grafana Loki and Alloy.
 
+TODO: Describe setting up Loki and Alloy.
+
+## Adding n8n
+
+TODO: Describe deploying n8n
+
 ## Finishing Up
 
 The last thing that you should do is hop into the ArgoCD dashboard (via whatever IP you set it to for external) and deploy all the root/namespaces/apps there.

terraform/.gitignore

@@ -0,0 +1,21 @@
+# Terraform files
+*.tfstate
+*.tfstate.*
+*.tfvars
+!*.tfvars.example
+.terraform/
+.terraform.lock.hcl
+crash.log
+crash.*.log
+*.tfplan
+*.tfplan.*
+
+# IDE files
+.vscode/
+.idea/
+*.swp
+*.swo
+
+# OS files
+.DS_Store
+Thumbs.db

terraform/main.tf

@@ -0,0 +1,19 @@
+# Main Terraform configuration for Kubernetes infrastructure
+# This file serves as the entry point and can be used to organize resources
+
+# Local values for common configurations
+locals {
+  common_labels = {
+    "app.kubernetes.io/managed-by" = var.managed_by
+    "environment"                  = var.environment
+    "cluster"                      = var.cluster_name
+    "terraform"                    = "true"
+  }
+  
+  # Longhorn parameters that are common across storage classes
+  longhorn_common_params = {
+    "staleReplicaTimeout" = tostring(var.longhorn_stale_replica_timeout)
+    "fromBackup"          = ""
+    "fsType"              = var.longhorn_fs_type
+  }
+}

terraform/namespaces.tf

@@ -2,7 +2,9 @@ resource "kubernetes_namespace" "applications" {
   metadata {
     name = "applications"
     labels = {
-      "app.kubernetes.io/managed-by" = "terraform"
+      "app.kubernetes.io/managed-by" = var.managed_by
+      "environment"                  = var.environment
+      "cluster"                      = var.cluster_name
     }
   }
 }
@@ -11,7 +13,9 @@ resource "kubernetes_namespace" "argocd" {
   metadata {
     name = "argocd"
     labels = {
-      "app.kubernetes.io/managed-by" = "terraform"
+      "app.kubernetes.io/managed-by" = var.managed_by
+      "environment"                  = var.environment
+      "cluster"                      = var.cluster_name
     }
   }
 }
@@ -20,7 +24,9 @@ resource "kubernetes_namespace" "atlantis" {
   metadata {
     name = "atlantis"
     labels = {
-      "app.kubernetes.io/managed-by" = "terraform"
+      "app.kubernetes.io/managed-by" = var.managed_by
+      "environment"                  = var.environment
+      "cluster"                      = var.cluster_name
     }
   }
 }
@@ -29,7 +35,9 @@ resource "kubernetes_namespace" "cert_manager" {
   metadata {
     name = "cert-manager"
     labels = {
-      "app.kubernetes.io/managed-by" = "terraform"
+      "app.kubernetes.io/managed-by" = var.managed_by
+      "environment"                  = var.environment
+      "cluster"                      = var.cluster_name
     }
   }
 }
@@ -38,7 +46,9 @@ resource "kubernetes_namespace" "kube_system" {
   metadata {
     name = "kube-system"
     labels = {
-      "app.kubernetes.io/managed-by" = "terraform"
+      "app.kubernetes.io/managed-by" = var.managed_by
+      "environment"                  = var.environment
+      "cluster"                      = var.cluster_name
     }
   }
 }
@@ -47,16 +57,20 @@ resource "kubernetes_namespace" "logging" {
   metadata {
     name = "logging"
     labels = {
-      "app.kubernetes.io/managed-by" = "terraform"
+      "app.kubernetes.io/managed-by" = var.managed_by
+      "environment"                  = var.environment
+      "cluster"                      = var.cluster_name
     }
   }
 }
 
 resource "kubernetes_namespace" "longhorn_system" {
   metadata {
-    name = "longhorn"
+    name = "longhorn-system"
     labels = {
-      "app.kubernetes.io/managed-by" = "terraform"
+      "app.kubernetes.io/managed-by" = var.managed_by
+      "environment"                  = var.environment
+      "cluster"                      = var.cluster_name
     }
   }
 }
@@ -65,7 +79,9 @@ resource "kubernetes_namespace" "monitoring" {
   metadata {
     name = "monitoring"
     labels = {
-      "app.kubernetes.io/managed-by" = "terraform"
+      "app.kubernetes.io/managed-by" = var.managed_by
+      "environment"                  = var.environment
+      "cluster"                      = var.cluster_name
     }
   }
 }

terraform/outputs.tf

@@ -0,0 +1,32 @@
+output "namespaces" {
+  description = "Created Kubernetes namespaces"
+  value = {
+    applications     = kubernetes_namespace.applications.metadata[0].name
+    argocd          = kubernetes_namespace.argocd.metadata[0].name
+    atlantis        = kubernetes_namespace.atlantis.metadata[0].name
+    cert_manager    = kubernetes_namespace.cert_manager.metadata[0].name
+    kube_system     = kubernetes_namespace.kube_system.metadata[0].name
+    logging         = kubernetes_namespace.logging.metadata[0].name
+    longhorn_system = kubernetes_namespace.longhorn_system.metadata[0].name
+    monitoring      = kubernetes_namespace.monitoring.metadata[0].name
+  }
+}
+
+output "storage_classes" {
+  description = "Created Kubernetes storage classes"
+  value = {
+    longhorn_default         = kubernetes_storage_class.longhorn_default.metadata[0].name
+    longhorn_high_availability = kubernetes_storage_class.longhorn_high_availability.metadata[0].name
+    longhorn_fast           = kubernetes_storage_class.longhorn_fast.metadata[0].name
+    longhorn_retain         = kubernetes_storage_class.longhorn_retain.metadata[0].name
+  }
+}
+
+output "cluster_info" {
+  description = "Cluster information"
+  value = {
+    environment  = var.environment
+    cluster_name = var.cluster_name
+    managed_by   = var.managed_by
+  }
+}

terraform/provider.tf

@@ -1,4 +1,21 @@
+terraform {
+  required_version = ">= 1.0"
+  required_providers {
+    kubernetes = {
+      source  = "hashicorp/kubernetes"
+      version = "~> 2.23"
+    }
+  }
+  
+  # Uncomment and configure backend for remote state management
+  # backend "s3" {
+  #   bucket = "your-terraform-state-bucket"
+  #   key    = "kubernetes/terraform.tfstate"
+  #   region = "us-west-2"
+  # }
+}
+
 provider "kubernetes" {
   # This is the path for K3s, not for full K8s
-  config_path = "/etc/rancher/k3s/k3s.yaml"
+  config_path = var.kubeconfig_path
 }

terraform/storage-classes.tf

@@ -2,7 +2,9 @@ resource "kubernetes_storage_class" "longhorn_default" {
   metadata {
     name = "longhorn"
     labels = {
-      "app.kubernetes.io/managed-by" = "terraform"
+      "app.kubernetes.io/managed-by" = var.managed_by
+      "environment"                  = var.environment
+      "cluster"                      = var.cluster_name
     }
   }
   storage_provisioner    = "driver.longhorn.io"
@@ -11,10 +13,10 @@ resource "kubernetes_storage_class" "longhorn_default" {
   allow_volume_expansion = true
 
   parameters = {
-    "numberOfReplicas"    = "3"
-    "staleReplicaTimeout" = "2880"
+    "numberOfReplicas"    = tostring(var.longhorn_replicas)
+    "staleReplicaTimeout" = tostring(var.longhorn_stale_replica_timeout)
     "fromBackup"          = ""
-    "fsType"              = "ext4"
+    "fsType"              = var.longhorn_fs_type
     "dataLocality"        = "disabled"
   }
 }
@@ -23,7 +25,9 @@ resource "kubernetes_storage_class" "longhorn_high_availability" {
   metadata {
     name = "longhorn-ha"
     labels = {
-      "app.kubernetes.io/managed-by" = "terraform"
+      "app.kubernetes.io/managed-by" = var.managed_by
+      "environment"                  = var.environment
+      "cluster"                      = var.cluster_name
     }
   }
   storage_provisioner    = "driver.longhorn.io"
@@ -32,10 +36,10 @@ resource "kubernetes_storage_class" "longhorn_high_availability" {
   allow_volume_expansion = true
 
   parameters = {
-    "numberOfReplicas"    = "6"
-    "staleReplicaTimeout" = "2880"
+    "numberOfReplicas"    = tostring(var.longhorn_ha_replicas)
+    "staleReplicaTimeout" = tostring(var.longhorn_stale_replica_timeout)
     "fromBackup"          = ""
-    "fsType"              = "ext4"
+    "fsType"              = var.longhorn_fs_type
     "dataLocality"        = "best-effort"
   }
 }
@@ -44,7 +48,9 @@ resource "kubernetes_storage_class" "longhorn_fast" {
   metadata {
     name = "longhorn-fast"
     labels = {
-      "app.kubernetes.io/managed-by" = "terraform"
+      "app.kubernetes.io/managed-by" = var.managed_by
+      "environment"                  = var.environment
+      "cluster"                      = var.cluster_name
     }
   }
   storage_provisioner    = "driver.longhorn.io"
@@ -53,10 +59,10 @@ resource "kubernetes_storage_class" "longhorn_fast" {
   allow_volume_expansion = true
 
   parameters = {
-    "numberOfReplicas"    = "2"
-    "staleReplicaTimeout" = "2880"
+    "numberOfReplicas"    = tostring(var.longhorn_fast_replicas)
+    "staleReplicaTimeout" = tostring(var.longhorn_stale_replica_timeout)
     "fromBackup"          = ""
-    "fsType"              = "ext4"
+    "fsType"              = var.longhorn_fs_type
     "dataLocality"        = "strict-local"
   }
 }
@@ -65,7 +71,9 @@ resource "kubernetes_storage_class" "longhorn_retain" {
   metadata {
     name = "longhorn-retain"
     labels = {
-      "app.kubernetes.io/managed-by" = "terraform"
+      "app.kubernetes.io/managed-by" = var.managed_by
+      "environment"                  = var.environment
+      "cluster"                      = var.cluster_name
     }
   }
   storage_provisioner    = "driver.longhorn.io"
@@ -74,10 +82,10 @@ resource "kubernetes_storage_class" "longhorn_retain" {
   allow_volume_expansion = true
 
   parameters = {
-    "numberOfReplicas"    = "3"
-    "staleReplicaTimeout" = "2880"
+    "numberOfReplicas"    = tostring(var.longhorn_replicas)
+    "staleReplicaTimeout" = tostring(var.longhorn_stale_replica_timeout)
     "fromBackup"          = ""
-    "fsType"              = "ext4"
+    "fsType"              = var.longhorn_fs_type
     "dataLocality"        = "disabled"
   }
 }

terraform/terraform.tfvars.example

@@ -0,0 +1,18 @@
+# Copy this file to terraform.tfvars and customize the values
+
+# Kubernetes configuration
+kubeconfig_path = "/etc/rancher/k3s/k3s.yaml"
+
+# Environment and cluster information
+environment  = "dev"
+cluster_name = "k3s-cluster"
+
+# Resource labeling
+managed_by = "terraform"
+
+# Longhorn storage class configuration
+longhorn_replicas              = 3
+longhorn_ha_replicas          = 6
+longhorn_fast_replicas        = 2
+longhorn_stale_replica_timeout = 2880
+longhorn_fs_type              = "ext4"