Channels
extensions
rancher-extensions
supermicro-sixsq
ozt
os
one-point-x
rio
onlinemeetup
v16-v21-migration
events
onlinetraining
training-1220
training-0110
training-0124
k3s-contributor
submariner
storage
k3os
windows
ci-cd
theranchcast
rfed_ara
nederlands
ukranian
danish
training-0131
masterclass
training-0207
training-0214
terraform-controller
epinio
phillydotnet
swarm
rancher-wrangler
deutsch
russian
chinese
mesos
français
japanese
arm
longhorn-dev
terraform-provider-rke
service-mesh
azure
gcp
academy
random
elemental
espanol
lima
harvester-dev
portugues
kubernetes
kim
hypper
kubewarden
opni
logging
neuvector-security
rancher-setup
developer
office-hours
mexico
cabpr
rke
vsphere
longhorn-storage
k3s
k3d
terraform-provider-rancher2
fleet
amazon
harvester
rke2
s3gw
hobbyfarm
rancher-desktop
general
Title
k
kind-air-74358
09/30/2022, 1:10 PMHi,
What is your opinion on the best way to create an infrastructure consisting of a network, some VM’s and RKE2 installed on top?
For the network and VM part I like using Terraform, but one downside is that Terraform is not that great to install and configure software on a VM. So how do you handle this?
I see some different kind of solutions possible;
1. Create a golden image using, for example Packer, and use this image to deploy the OS and RKE2 on the VM. Even possible with something like cloud-init to provision specific configuration for RKE2. Downside is that I have to create a new image for each new RKE2 / OS version I want to use. Resulting in an update of my infrastructure (using Terraform).
2. After creating the VM, using Ansible (or some other procedural configuration management tool) to install and configure RKE2. Updates with Terraform are then probably a bit more tricky as Ansible doesn’t use desired state (so how to figure out which parts Terraform have to update)
3. Same as 2. but instead of using Ansible make use of a declarative tool like SaltStack. Downside on this is, that you have to provide an additional infrastructure for running SaltSack (or run this master-less), and still need to register the VM’s in Salt (or auto-approve / approve via grains?)
What would you suggest? Or am I missing some other options?
v
victorious-kite-35099
09/30/2022, 7:48 PMHave you thought about Rancher + Harvester? This way, you have everything in a declarative way, and you can use Terraform to deploy Kubernetes clusters together with their VMs
k
kind-air-74358
10/03/2022, 6:13 AMYes we did, but unfortunately we currently don’t have access to the physical layer / virtualisation layer
s
sparse-fireman-14239
10/03/2022, 11:26 AMTF for the VMs and then Ansible for the rest seeing as you’re on “baremetal”.
https://github.com/lablabs/ansible-role-rke2
It’s quite common to use both TF and Ansible as they solve two different things, they complement each other very well.
k
kind-air-74358
10/04/2022, 6:11 AMYes, we are running on ‘baremetal’. So I use TF to deploy all the required VM’s, and use now some ssh_resource to deploy install scripts, which in turn installs RKE2. But that’s in my opinion not the way to use TF and install software. So I was Googling a bit around and came across those three possible setups, but didn’t really find a ‘best-practice’