Provide a scalable CoreOS example

Lennart Weller · Lennart Weller · commit d3c735038ac4 · 2019-04-10T09:39:34.000+02:00
- Also includes a container based "QEMU Guest Agent" setup
diff --git a/examples/coreos/README.md b/examples/coreos/README.md
@@ -0,0 +1,33 @@
+# CoreOS multi-machine example setup
+
+### Requirements
+* Linux Kernel ~> 4.14
+* Libvirt ~> 3.0
+* QEMU ~> 2.6
+
+This is a relatively simple scalable example using CoreOS as operating system.
+By modifying the `hosts` variable you can kickstart any number of virtual machines
+with their own ignition configuration
+
+
+### Using the QEMU Guest Agent
+
+In case you don't use the networks provided by libvirt you may run into the issue that you won't be able to receive the IP addresses from the VM you create.
+
+Using the QEMU guest agent allows libvirt to pick up the address by hooking itself into the guest operating system.
+As CoreOS comes without any guest agents we need to supply it from somewhere.
+If the machine has internet access you can edit the `qemu-agent.service` file and remove the `ExecStartPre` line and the docker daemon should download the appropriate container when you activate the service file in the ignition config. If the machine has no access to the internet we need to upload the container from the KVM host.[1]
+```bash
+$ docker pull docker.io/rancher/os-qemuguestagent:v2.8.1-2
+$ docker save docker.io/rancher/os-qemuguestagent:v2.8.1-2 -o /srv/images/qemu-guest-agent.tar
+```
+
+Make sure the relevant blocks are uncommented in the domain definition and the ignition config. The ignition configuration should include the two additional files `docker-images.mount` and `qemu-agent.service`. Note that the`qemu-guest-agent.tar` needs to be local to the KVM host and not the machine running terraform.
+
+
+### Known Bugs
+1. Before Linux 4.14-rc2 the graphics option "autoport" will not work and libvirt will try to create all machines with the same Spice/VNC port
+2. Below libvirt v3 the generated ignition id will change when the number of machines is changed causing a destroy/create for all machines.
+
+
+[1]: Based on the work of [@tommyknows](https://github.com/dmacvicar/terraform-provider-libvirt/issues/364#issuecomment-442164364) and [@remoe](https://github.com/dmacvicar/terraform-provider-libvirt/issues/364#issuecomment-443456552).
diff --git a/examples/coreos/ignition.tf b/examples/coreos/ignition.tf
@@ -0,0 +1,60 @@
+# Terraform ignition configuration 
+# All configuration options are detailed at
+# https://www.terraform.io/docs/providers/ignition/index.html
+
+data "ignition_config" "startup" {
+  users = [
+    "${data.ignition_user.core.id}",
+  ]
+
+  files = [
+    "${element(data.ignition_file.hostname.*.id, count.index)}",
+  ]
+
+  ## Relevant for the QEMU Guest Agent example
+  #systemd = [
+  #  "${data.ignition_systemd_unit.mount-images.id}",
+  #  "${data.ignition_systemd_unit.qemu-agent.id}"
+  #]
+  count = "${var.hosts}"
+}
+
+# Replace the default hostname with our generated one
+data "ignition_file" "hostname" {
+  filesystem = "root"          # default `ROOT` filesystem
+  path       = "/etc/hostname"
+  mode       = 420             # decimal 0644
+
+  content {
+    content = "${format(var.hostname_format, count.index + 1)}"
+  }
+
+  count = "${var.hosts}"
+}
+
+# Example configuration for the basic `core` user
+data "ignition_user" "core" {
+  name = "core"
+
+  #Example password: foobar
+  password_hash = "$5$XMoeOXG6$8WZoUCLhh8L/KYhsJN2pIRb3asZ2Xos3rJla.FA1TI7"
+
+  # Preferably use the ssh key auth instead
+  #ssh_authorized_keys = "${list()}"
+}
+
+## Relevant for the QEMU Guest Agent example
+#data "ignition_systemd_unit" "mount-images" {
+#  name = "mnt-images.mount"
+#  enabled = true
+#  content = "${file("${path.module}/qemu-agent/docker-images.mount")}"
+#}
+
+
+## Relevant for the QEMU Guest Agent example
+#data "ignition_systemd_unit" "qemu-agent" {
+#  name = "qemu-agent.service"
+#  enabled = true
+#  content = "${file("${path.module}/qemu-agent/qemu-agent.service")}"
+#}
+
diff --git a/examples/coreos/main.tf b/examples/coreos/main.tf
@@ -0,0 +1,86 @@
+# -[Provider]--------------------------------------------------------------
+provider "libvirt" {
+  uri = "qemu:///system"
+}
+
+# -[Variables]-------------------------------------------------------------
+variable "hosts" {
+  default = 1
+}
+
+variable "hostname_format" {
+  type    = "string"
+  default = "coreos%02d"
+}
+
+variable "libvirt_provider" {
+  type = "string"
+}
+
+# -[Resources]-------------------------------------------------------------
+resource "libvirt_volume" "coreos-disk" {
+  name             = "${format(var.hostname_format, count.index + 1)}.qcow2"
+  count            = "${var.hosts}"
+  base_volume_name = "coreos_production_qemu"
+  pool             = "default"
+  format           = "qcow2"
+}
+
+# Loading ignition configs in QEMU requires at least QEMU v2.6
+resource "libvirt_ignition" "ignition" {
+  name    = "${format(var.hostname_format, count.index + 1)}-ignition"
+  pool    = "default"
+  count   = "${var.hosts}"
+  content = "${element(data.ignition_config.startup.*.rendered, count.index)}"
+}
+
+# Create the virtual machines
+resource "libvirt_domain" "coreos-machine" {
+  count  = "${var.hosts}"
+  name   = "${format(var.hostname_format, count.index + 1)}"
+  vcpu   = "1"
+  memory = "2048"
+
+  ## Use qemu-agent in conjunction with the container
+  #qemu_agent = true
+  coreos_ignition = "${element(libvirt_ignition.ignition.*.id, count.index)}"
+
+  disk {
+    volume_id = "${element(libvirt_volume.coreos-disk.*.id, count.index)}"
+  }
+
+  graphics {
+    ## Bug in linux up to 4.14-rc2
+    ## https://bugzilla.redhat.com/show_bug.cgi?id=1432684
+    ## No Spice/VNC available if more then one machine is generated at a time
+    ## Comment the address line, uncomment the none line and the console block below
+    #listen_type = "none"
+    listen_type = "address"
+  }
+
+  ## Makes the tty0 available via `virsh console`
+  #console {
+  #  type = "pty"
+  #  target_port = "0"
+  #}
+
+  network_interface {
+    network_name = "default"
+
+    # Requires qemu-agent container if network is not native to libvirt
+    wait_for_lease = true
+  }
+
+  ## mounts filesystem local to the kvm host. used to patch in the
+  ## qemu-guest-agent as docker container
+  #filesystem {
+  #  source = "/srv/images/"
+  #  target = "qemu_docker_images"
+  #  readonly = true
+  #}
+}
+
+# -[Output]-------------------------------------------------------------
+output "ipv4" {
+  value = "${libvirt_domain.coreos-machine.*.network_interface.0.addresses}"
+}
diff --git a/examples/coreos/qemu-agent/docker-images.mount b/examples/coreos/qemu-agent/docker-images.mount
@@ -0,0 +1,9 @@
+[Unit]
+Before=local-fs.target
+[Mount]
+What=qemu_docker_images
+Where=/mnt/images
+Options=ro,trans=virtio,version=9p2000.L
+Type=9p
+[Install]
+WantedBy=local-fs.target
diff --git a/examples/coreos/qemu-agent/qemu-agent.service b/examples/coreos/qemu-agent/qemu-agent.service
@@ -0,0 +1,27 @@
+[Unit]
+Description=QEMU Agent
+After=docker.service
+[Service]
+ExecStartPre=/usr/bin/docker load -i /mnt/images/qemu-guest-agent.tar
+ExecStart=/usr/bin/docker run \
+  --privileged=true \
+  --cap-add=ALL \
+  --net=host \
+  --name=qemu-guest-agent \
+  -e container=1 \
+  -e HOST=/host \
+  -e TERM=xterm \
+  -v /dev/virtio-ports:/dev/virtio-ports \
+  -v /etc/os-release:/etc/os-release:ro \
+  -v /dev:/dev \
+  -v /proc:/hostproc \
+  -v /run/systemd:/run/systemd \
+  -v /var/log/qemu-ga:/var/log/qemu-ga:rw \
+  -v /var/run/docker.sock:/var/run/docker.sock:ro \
+  --entrypoint qemu-ga \
+  rancher/os-qemuguestagent:v2.8.1-2 \
+  -- -v
+Restart=on-failure
+RestartSec=10
+[Install]
+WantedBy=multi-user.target
