Merge pull request #84 from khanh-ph/release/4.0.0

Release version 4.0.0

Author: khanh-ph

.github/workflows/draft-a-release.yml

@@ -28,10 +28,23 @@ jobs:
       run: git push origin ${{ env.BRANCH }}
 
     - name: Create a Pull Request
-      uses: thomaseizinger/[email protected]
+      uses: actions/github-script@v6
       env: 
         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
       with:
-        base: master
-        head: ${{ env.BRANCH }}
-        title: Release version ${{ env.VERSION }}
+        script: |
+          const { owner, repo } = context.repo;
+          const version = process.env.VERSION;
+          const title = 'Release version ' + version;
+          const body = 'Created by GitHub Actions';
+          const base = 'master';
+          const head = process.env.BRANCH;
+
+          github.rest.pulls.create({
+            owner,
+            repo,
+            title,
+            body,
+            base,
+            head
+          });

.github/workflows/publish-a-release.yml

@@ -1,4 +1,5 @@
 name: Publish Release to GitHub
+
 on:
   pull_request:
     branches:
@@ -10,31 +11,56 @@ jobs:
   publish-a-release:
     runs-on: ubuntu-latest
     if: github.event.pull_request.merged == true && startsWith(github.event.pull_request.head.ref, 'release/')
-
     steps:
-      - name: Extract version from branch name (for release branches)
-        if: startsWith(github.event.pull_request.head.ref, 'release/')
+      - name: Extract version from branch name
         run: |
-          BRANCH_NAME="${{ github.event.pull_request.head.ref }}"
-          VERSION=${BRANCH_NAME#release/}
-          echo "RELEASE_VERSION=$VERSION" >> $GITHUB_ENV
-
-      - name: Create Release
-        uses: thomaseizinger/[email protected]
-        env:
+          set -x
+          branchName="${{ github.event.pull_request.head.ref }}"
+          version=${branchName#release/}
+          if [[ "$version" =~ ^([0-9]+)\.([0-9]+)\.([0-9]+)(-rc\.([0-9]+))?$ ]]; then
+            echo "TAG=$version" >> $GITHUB_ENV
+          else
+            echo "$version is not a supported semver." >&2
+            exit 1
+          fi 
+      
+      - name: Create Release to GitHub
+        uses: actions/github-script@v6
+        env: 
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:
-          target_commitish: ${{ github.event.pull_request.merge_commit_sha }}
-          tag_name: ${{ env.RELEASE_VERSION }}
-          name: v${{ env.RELEASE_VERSION }}
-          draft: false
-          prerelease: false
+          script: |
+            const { owner, repo } = context.repo;
+            const target_commitish = context.sha;
 
-      - name: Merge master into develop branch (Gitflow)
-        uses: thomaseizinger/[email protected]
-        env:
+            github.rest.repos.createRelease({
+              owner,
+              repo,
+              tag_name: process.env.TAG,
+              target_commitish,
+              name: `v${process.env.TAG}`,
+              generate_release_notes: true,
+              draft: process.env.TAG.includes('-rc'),
+              prerelease: false
+            });
+
+      - name: Create a PR to merge master back into develop branch
+        uses: actions/github-script@v6
+        env: 
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:
-          head: master
-          base: develop
-          title: Merge master into develop branch (Gitflow)
+          script: |
+            const { owner, repo } = context.repo;
+            const title = `Merge master into develop after publishing release ${process.env.TAG}`;
+            const body = 'Created by GitHub Actions';
+            const base = 'develop';
+            const head = 'master';
+
+            github.rest.pulls.create({
+              owner,
+              repo,
+              title,
+              body,
+              base,
+              head
+            });

README.md

@@ -70,36 +70,40 @@ The project provides several Terraform variables that allow you to customize the
 | <a name="input_pm_host"></a> [pm\_host](#input\_pm\_host) | The name of Proxmox node where the VM is placed. | `string` | n/a | yes |
 | <a name="input_pm_parallel"></a> [pm\_parallel](#input\_pm\_parallel) | The number of simultaneous Proxmox processes. E.g: creating resources. | `number` | `2` | no |
 | <a name="input_pm_timeout"></a> [pm\_timeout](#input\_pm\_timeout) | Timeout value (seconds) for proxmox API calls. | `number` | `600` | no |
-| <a name="input_env_name"></a> [env\_name](#input\_env\_name) | n/a | `string` | `"test"` | no |
-| <a name="input_internal_net_name"></a> [internal\_net\_name](#input\_internal\_net\_name) | Name of the internal network bridge. | `string` | `"vmbr1"` | no |
-| <a name="input_internal_net_subnet_cidr"></a> [internal\_net\_subnet\_cidr](#input\_internal\_net\_subnet\_cidr) | CIDR of the internal network. For example: 10.0.1.0/24 | `string` | `""` | no |
-| <a name="input_ssh_private_key"></a> [ssh\_private\_key](#input\_ssh\_private\_key) | SSH private key in base64. Used by Terraform client to connect to the VM after provisioning. | `string` | n/a | yes |
-| <a name="input_ssh_public_keys"></a> [ssh\_public\_keys](#input\_ssh\_public\_keys) | SSH public keys in base64. | `string` | n/a | yes |
-| <a name="input_vm_user"></a> [vm\_user](#input\_vm\_user) | n/a | `string` | `"ubuntu"` | no |
-| <a name="input_vm_sockets"></a> [vm\_sockets](#input\_vm\_sockets) | n/a | `number` | `1` | no |
-| <a name="input_vm_max_vcpus"></a> [vm\_max\_vcpus](#input\_vm\_max\_vcpus) | The maximum CPU cores available per CPU socket to allocate to the VM. | `number` | `2` | no |
+| <a name="input_env_name"></a> [env\_name](#input\_env\_name) | The stage of the development lifecycle for the k8s cluster. Example: `prod`, `dev`, `qa`, `stage`, `test` | `string` | `"test"` | no |
+| <a name="input_location"></a> [location](#input\_location) | The city or region where the cluster is provisioned | `string` | `null` | no |
+| <a name="input_cluster_number"></a> [cluster\_number](#input\_cluster\_number) | The instance count for the k8s cluster, to differentiate it from other clusters. Example: `00`, `01` | `string` | `"01"` | no |
+| <a name="input_cluster_domain"></a> [cluster\_domain](#input\_cluster\_domain) | The cluster domain name | `string` | `"local"` | no |
+| <a name="input_internal_net_name"></a> [internal\_net\_name](#input\_internal\_net\_name) | Name of the internal network bridge | `string` | `"vmbr1"` | no |
+| <a name="input_internal_net_subnet_cidr"></a> [internal\_net\_subnet\_cidr](#input\_internal\_net\_subnet\_cidr) | CIDR of the internal network | `string` | `"10.0.1.0/24"` | no |
+| <a name="input_ssh_private_key"></a> [ssh\_private\_key](#input\_ssh\_private\_key) | SSH private key in base64, will be used by Terraform client to connect to the VM after provisioning | `string` | n/a | yes |
+| <a name="input_ssh_public_keys"></a> [ssh\_public\_keys](#input\_ssh\_public\_keys) | SSH public keys in base64 | `string` | n/a | yes |
+| <a name="input_vm_user"></a> [vm\_user](#input\_vm\_user) | The default user for all VMs | `string` | `"ubuntu"` | no |
+| <a name="input_vm_sockets"></a> [vm\_sockets](#input\_vm\_sockets) | Number of the CPU socket to allocate to the VMs | `number` | `1` | no |
+| <a name="input_vm_max_vcpus"></a> [vm\_max\_vcpus](#input\_vm\_max\_vcpus) | The maximum CPU cores available per CPU socket to allocate to the VM | `number` | `2` | no |
 | <a name="input_vm_cpu_type"></a> [vm\_cpu\_type](#input\_vm\_cpu\_type) | The type of CPU to emulate in the Guest | `string` | `"host"` | no |
-| <a name="input_vm_os_disk_storage"></a> [vm\_os\_disk\_storage](#input\_vm\_os\_disk\_storage) | Default storage pool where OS VM disk is placed. | `string` | n/a | yes |
-| <a name="input_add_worker_node_data_disk"></a> [add\_worker\_node\_data\_disk](#input\_add\_worker\_node\_data\_disk) | A boolean value that indicates whether to add a data disk to each worker node of the cluster. | `bool` | `false` | no |
-| <a name="input_worker_node_data_disk_storage"></a> [worker\_node\_data\_disk\_storage](#input\_worker\_node\_data\_disk\_storage) | The storage pool where the data disk is placed. | `string` | `""` | no |
-| <a name="input_worker_node_data_disk_size"></a> [worker\_node\_data\_disk\_size](#input\_worker\_node\_data\_disk\_size) | The size of worker node data disk in Gigabyte. | `string` | `10` | no |
-| <a name="input_vm_ubuntu_tmpl_name"></a> [vm\_ubuntu\_tmpl\_name](#input\_vm\_ubuntu\_tmpl\_name) | Name of Cloud-init template Ubuntu VM. | `string` | `"ubuntu-2204"` | no |
-| <a name="input_bastion_ssh_ip"></a> [bastion\_ssh\_ip](#input\_bastion\_ssh\_ip) | IP of the bastion host. It could be either public IP or local network IP of the bastion host. | `string` | `""` | no |
-| <a name="input_bastion_ssh_user"></a> [bastion\_ssh\_user](#input\_bastion\_ssh\_user) | n/a | `string` | `"ubuntu"` | no |
-| <a name="input_bastion_ssh_port"></a> [bastion\_ssh\_port](#input\_bastion\_ssh\_port) | n/a | `number` | `22` | no |
+| <a name="input_vm_os_disk_storage"></a> [vm\_os\_disk\_storage](#input\_vm\_os\_disk\_storage) | Default storage pool where OS VM disk is placed | `string` | n/a | yes |
+| <a name="input_add_worker_node_data_disk"></a> [add\_worker\_node\_data\_disk](#input\_add\_worker\_node\_data\_disk) | A boolean value that indicates whether to add a data disk to each worker node of the cluster | `bool` | `false` | no |
+| <a name="input_worker_node_data_disk_storage"></a> [worker\_node\_data\_disk\_storage](#input\_worker\_node\_data\_disk\_storage) | The storage pool where the data disk is placed | `string` | `""` | no |
+| <a name="input_worker_node_data_disk_size"></a> [worker\_node\_data\_disk\_size](#input\_worker\_node\_data\_disk\_size) | The size of worker node data disk in Gigabyte | `string` | `10` | no |
+| <a name="input_vm_ubuntu_tmpl_name"></a> [vm\_ubuntu\_tmpl\_name](#input\_vm\_ubuntu\_tmpl\_name) | Name of Cloud-init template Ubuntu VM | `string` | `"ubuntu-2204"` | no |
+| <a name="input_bastion_ssh_ip"></a> [bastion\_ssh\_ip](#input\_bastion\_ssh\_ip) | IP of the bastion host, could be either public IP or local network IP of the bastion host | `string` | `""` | no |
+| <a name="input_bastion_ssh_user"></a> [bastion\_ssh\_user](#input\_bastion\_ssh\_user) | The user to authenticate to the bastion host | `string` | `"ubuntu"` | no |
+| <a name="input_bastion_ssh_port"></a> [bastion\_ssh\_port](#input\_bastion\_ssh\_port) | The SSH port number on the bastion host | `number` | `22` | no |
 | <a name="input_create_kubespray_host"></a> [create\_kubespray\_host](#input\_create\_kubespray\_host) | n/a | `bool` | `true` | no |
 | <a name="input_kubespray_image"></a> [kubespray\_image](#input\_kubespray\_image) | n/a | `string` | `"khanhphhub/kubespray:v2.22.0"` | no |
 | <a name="input_kube_version"></a> [kube\_version](#input\_kube\_version) | Kubernetes version | `string` | `"v1.24.6"` | no |
-| <a name="input_kube_network_plugin"></a> [kube\_network\_plugin](#input\_kube\_network\_plugin) | Choose network plugin (cilium, calico, kube-ovn, weave or flannel. Use cni for generic cni plugin) | `string` | `"calico"` | no |
-| <a name="input_enable_nodelocaldns"></a> [enable\_nodelocaldns](#input\_enable\_nodelocaldns) | Enable nodelocal dns cache | `bool` | `false` | no |
-| <a name="input_podsecuritypolicy_enabled"></a> [podsecuritypolicy\_enabled](#input\_podsecuritypolicy\_enabled) | pod security policy (RBAC must be enabled either by having 'RBAC' in authorization\_modes or kubeadm enabled) | `bool` | `false` | no |
-| <a name="input_persistent_volumes_enabled"></a> [persistent\_volumes\_enabled](#input\_persistent\_volumes\_enabled) | Add Persistent Volumes Storage Class for corresponding cloud provider (supported: in-tree OpenStack, Cinder CSI, AWS EBS CSI, Azure Disk CSI, GCP Persistent Disk CSI) | `bool` | `false` | no |
-| <a name="input_helm_enabled"></a> [helm\_enabled](#input\_helm\_enabled) | Helm deployment | `bool` | `false` | no |
-| <a name="input_ingress_nginx_enabled"></a> [ingress\_nginx\_enabled](#input\_ingress\_nginx\_enabled) | Nginx ingress controller deployment | `bool` | `false` | no |
-| <a name="input_argocd_enabled"></a> [argocd\_enabled](#input\_argocd\_enabled) | ArgoCD | `bool` | `false` | no |
-| <a name="input_argocd_version"></a> [argocd\_version](#input\_argocd\_version) | ArgoCD version | `string` | `"v2.4.12"` | no |
+| <a name="input_kube_network_plugin"></a> [kube\_network\_plugin](#input\_kube\_network\_plugin) | The network plugin to be installed on your cluster. Example: `cilium`, `calico`, `kube-ovn`, `weave` or `flannel` | `string` | `"calico"` | no |
+| <a name="input_enable_nodelocaldns"></a> [enable\_nodelocaldns](#input\_enable\_nodelocaldns) | A boolean value that indicates whether to enable nodelocal dns cache on your cluster | `bool` | `false` | no |
+| <a name="input_podsecuritypolicy_enabled"></a> [podsecuritypolicy\_enabled](#input\_podsecuritypolicy\_enabled) | A boolean value that indicates whether to enable pod security policy on your cluster (RBAC must be enabled either by having 'RBAC' in authorization\_modes or kubeadm enabled) | `bool` | `false` | no |
+| <a name="input_persistent_volumes_enabled"></a> [persistent\_volumes\_enabled](#input\_persistent\_volumes\_enabled) | A boolean value that indicates whether to add Persistent Volumes Storage Class for corresponding cloud provider (supported: in-tree OpenStack, Cinder CSI, AWS EBS CSI, Azure Disk CSI, GCP Persistent Disk CSI) | `bool` | `false` | no |
+| <a name="input_helm_enabled"></a> [helm\_enabled](#input\_helm\_enabled) | A boolean value that indicates whether to enable Helm on your cluster | `bool` | `false` | no |
+| <a name="input_ingress_nginx_enabled"></a> [ingress\_nginx\_enabled](#input\_ingress\_nginx\_enabled) | A boolean value that indicates whether to enable Nginx ingress on your cluster | `bool` | `false` | no |
+| <a name="input_argocd_enabled"></a> [argocd\_enabled](#input\_argocd\_enabled) | A boolean value that indicates whether to enable ArgoCD on your cluster | `bool` | `false` | no |
+| <a name="input_argocd_version"></a> [argocd\_version](#input\_argocd\_version) | The ArgoCD version to be installed | `string` | `"v2.4.12"` | no |
 | <a name="input_vm_k8s_control_plane"></a> [vm\_k8s\_control\_plane](#input\_vm\_k8s\_control\_plane) | Control Plane VM specification | `object({ node_count = number, vcpus = number, memory = number, disk_size = number })` | <pre>{<br>  "disk_size": 20,<br>  "memory": 1536,<br>  "node_count": 1,<br>  "vcpus": 2<br>}</pre> | no |
 | <a name="input_vm_k8s_worker"></a> [vm\_k8s\_worker](#input\_vm\_k8s\_worker) | Worker VM specification | `object({ node_count = number, vcpus = number, memory = number, disk_size = number })` | <pre>{<br>  "disk_size": 20,<br>  "memory": 2048,<br>  "node_count": 2,<br>  "vcpus": 2<br>}</pre> | no |
+| <a name="input_use_legacy_naming_convention"></a> [use\_legacy\_naming\_convention](#input\_use\_legacy\_naming\_convention) | A boolean value that indicates whether to use legacy naming convention for the VM and cluster name. If your cluster was provisioned using version <= 3.x, set it to `true` | `bool` | `false` | no |
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 
 ## Blog posts

kubespray/k8s-cluster.yaml

@@ -157,7 +157,7 @@ kube_encrypt_secret_data: false
 
 # DNS configuration.
 # Kubernetes cluster name, also will be used as DNS domain
-cluster_name: cluster.local
+cluster_name: ${cluster_name}
 # Subdomains of DNS domain to be resolved via /etc/resolv.conf for hostnet pods
 ndots: 2
 # dns_timeout: 2

modules/proxmox_ubuntu_vm/main.tf

@@ -14,7 +14,7 @@ resource "proxmox_vm_qemu" "ubuntu_vm" {
   target_node      = var.pm_host
   clone            = var.vm_ubuntu_tmpl_name
   qemu_os          = "l26"
-  name             = "${var.vm_name_prefix}-${format("%02d", count.index)}"
+  name             = var.use_legacy_naming_convention ? "${var.vm_name_prefix}-${format("%02d", count.index)}" : "${var.vm_name_prefix}-${format("%02d", count.index + 1)}"
   agent            = 1
   onboot           = var.vm_onboot
   os_type          = "cloud-init"

modules/proxmox_ubuntu_vm/variables.tf

@@ -114,6 +114,11 @@ variable "worker_node_data_disk_size" {
   default     = 10
 }
 
+variable "use_legacy_naming_convention" {
+  type    = bool
+  default = false
+}
+
 #
 # Local vars
 # 

scripts/install_kubernetes.sh

@@ -5,8 +5,8 @@ kubespray_data_dir=${kubespray_data_dir}
 # Install Kubernetes
 sudo docker run --rm \
 --mount type=bind,source="$kubespray_data_dir/inventory.ini",dst=/inventory/sample/inventory.ini \
---mount type=bind,source="$kubespray_data_dir/addons.yml",dst=/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml \
---mount type=bind,source="$kubespray_data_dir/k8s-cluster.yml",dst=/inventory/sample/group_vars/k8s_cluster/addons.yml \
+--mount type=bind,source="$kubespray_data_dir/addons.yml",dst=/inventory/sample/group_vars/k8s_cluster/addons.yml \
+--mount type=bind,source="$kubespray_data_dir/k8s-cluster.yml",dst=/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml \
 --mount type=bind,source="$kubespray_data_dir/id_rsa",dst=/root/.ssh/id_rsa \
 $kubespray_image bash -c \
 "ansible-playbook -i /inventory/sample/inventory.ini -u ubuntu -become cluster.yml"

scripts/setup_kubespray.sh

@@ -32,14 +32,28 @@ wait_for_lock_release() {
 
 wait_for_lock_release
 
-# Install Docker
+# Verify if Docker is installed
 if ! command -v docker &> /dev/null; then
     echo "Docker not found. Installing Docker..."
+    
+    # Download Docker installation script
+    if ! curl -fsSL https://get.docker.com -o get-docker.sh; then
+        echo "Error downloading Docker installation script. Exiting." >&2
+        exit 1
+    fi
+
     # Install Docker
-    curl -fsSL https://get.docker.com -o get-docker.sh
-    sudo sh get-docker.sh
-    # Add current user to the docker group
+    if ! sudo sh get-docker.sh; then
+        echo "Error installing Docker. Exiting." >&2
+        exit 1
+    fi
+    
+    # Clean up by removing the Docker installation script
+    rm -f get-docker.sh
+
+    # Add current user to the `docker` group
     sudo usermod -aG docker $USER
+
     echo "Docker installed successfully."
 else
     echo "Docker is already installed."