Merge pull request #377 from etiennedub/incus_cluster

Incus cluster support

Author: cmd-ntrf

docs/README.md

@@ -611,6 +611,10 @@ For more information on these attributes, refer to
 available models per region
 - `gpus`: number of GPUs of the `gpu_type` model to attach to the instance
 
+##### Incus
+
+- `target`: name of the [specific cluster member](https://linuxcontainers.org/incus/docs/main/howto/cluster_manage_instance/#launch-an-instance-on-a-specific-cluster-member) to deploy the instance. **Only use with Incus cluster.** 
+
 #### 4.7.3 Post build modification effect
 
 Modifying any part of the map after the cluster is built will only affect
@@ -1157,6 +1161,22 @@ that will be used to create the instance root disk and the shared filesystems.
 
 **Post build modification effect**: rebuild all instance and filesystems.
 
+### network_type (optional)
+
+**default value**: `"bridge"`
+
+Indicates the type of [Incus network](https://linuxcontainers.org/incus/docs/main/howto/network_create/#network-types).
+For OVN, the host must support the OVN network.
+
+**Possible values**: 'ovn' or 'bridge'
+
+### ovn_uplink_network (optional)
+**default value**: `"UPLINK"`
+
+[Uplink bridge network](https://linuxcontainers.org/incus/docs/main/howto/network_ovn_setup/#set-up-an-incus-cluster-on-ovn) configured with the `ipv4.ovn.ranges` option.
+
+**Only used for OVN network**
+
 ## 6. DNS Configuration
 
 Some functionalities in Magic Castle require the registration of DNS records under the

incus/incus.tf

@@ -17,3 +17,20 @@ variable "shared_filesystems" {
   description = "Name of filesystems that need to be created and mounted in every instance"
   default     = []
 }
+
+variable "ovn_uplink_network" {
+  default     = "UPLINK"
+  type        = string
+  description = "Uplink bridge network used by OVN. `ipv4.ovn.ranges` must be set"
+}
+
+variable "network_type" {
+  description = "Type of network to use (bridge or ovn)"
+  type        = string
+  default     = "bridge"
+
+  validation {
+    condition     = contains(["bridge", "ovn"], var.network_type)
+    error_message = "network_type must be either 'bridge' or 'ovn'."
+  }
+}

incus/infrastructure.tf

@@ -85,6 +85,8 @@ resource "incus_instance" "instances" {
   image   = try(incus_image.image[each.value.image].fingerprint, each.value.image)
   type    = each.value.type
 
+  target = try(each.value.target, null)
+
   config = {
     "cloud-init.user-data" = module.configuration.user_data[each.key]
     "security.privileged"  = var.privileged
@@ -95,8 +97,7 @@ resource "incus_instance" "instances" {
     type = "nic"
 
     properties = {
-      nictype = "bridged"
-      parent  = incus_network.network.name
+      network = incus_network.network.name
     }
   }
 
@@ -141,8 +142,8 @@ resource "incus_instance" "instances" {
 }
 
 locals {
-  inventory = { for x, values in module.design.instances :
-    x => {
+  inventory = { for host, values in module.design.instances :
+    host => {
       prefix  = values.prefix
       tags    = values.tags
       specs   = values.specs

incus/network.tf

@@ -1,8 +1,16 @@
 resource "incus_network" "network" {
   name    = incus_project.project.name
   project = incus_project.project.name
-  config = {
-    "ipv4.nat"     = "true"
-    "ipv6.address" = "none"
-  }
+  type    = var.network_type
+  config = merge(
+    {
+      "ipv6.address" = "none"
+      "ipv4.nat"     = true
+    },
+    var.network_type == "ovn" ? {
+      "network"         = var.ovn_uplink_network
+      "dns.nameservers" = "1.1.1.1,1.0.0.1" # The default DNS server (incus) is inaccessible from OVN network
+    } : {}
+  )
 }
+