From 5def74736bc9ee80276f28d2535afb4057830fec Mon Sep 17 00:00:00 2001
From: pgijsbertsen <117165507+pgijsbertsen@users.noreply.github.com>
Date: Fri, 24 Oct 2025 23:41:05 +0200
Subject: [PATCH] feat: Initial k8s cluster setup

---
 .../k8s-wheatley/.terraform.lock.hcl          | 47 +++++++++++++
 pve01.wheatley.in/k8s-wheatley/main.tf        | 68 +++++++++++++++++++
 .../k8s-wheatley/modules/controlplane/main.tf | 44 ++++++++++++
 .../modules/controlplane/variables.tf         | 15 ++++
 .../k8s-wheatley/modules/worker/main.tf       | 44 ++++++++++++
 .../k8s-wheatley/modules/worker/variables.tf  | 15 ++++
 6 files changed, 233 insertions(+)
 create mode 100644 pve01.wheatley.in/k8s-wheatley/.terraform.lock.hcl
 create mode 100644 pve01.wheatley.in/k8s-wheatley/main.tf
 create mode 100644 pve01.wheatley.in/k8s-wheatley/modules/controlplane/main.tf
 create mode 100644 pve01.wheatley.in/k8s-wheatley/modules/controlplane/variables.tf
 create mode 100644 pve01.wheatley.in/k8s-wheatley/modules/worker/main.tf
 create mode 100644 pve01.wheatley.in/k8s-wheatley/modules/worker/variables.tf

diff --git a/pve01.wheatley.in/k8s-wheatley/.terraform.lock.hcl b/pve01.wheatley.in/k8s-wheatley/.terraform.lock.hcl
new file mode 100644
index 0000000..bd5e235
--- /dev/null
+++ b/pve01.wheatley.in/k8s-wheatley/.terraform.lock.hcl
@@ -0,0 +1,47 @@
+# This file is maintained automatically by "tofu init".
+# Manual edits may be lost in future updates.
+
+provider "registry.opentofu.org/siderolabs/talos" {
+  version     = "0.9.0"
+  constraints = "0.9.0"
+  hashes = [
+    "h1:50TaymX/KnjXcURmpKsVd7JUyLRrMDNXMHFgqzSe88U=",
+    "zh:0fa82a384b25a58b65523e0ea4768fa1212b1f5cfc0c9379d31162454fedcc9d",
+    "zh:249ab08b810bb96ef7c35354a12622907df7cbda59c83ff314ee85e8b851128d",
+    "zh:4f284c21f0cb4b7012fdb231ebba4803e5c389f7ea380fb5958ebfa6b822d055",
+    "zh:6049f8d06bc92ab1a46d56c2b37799e6a1b7ce3c61905acf8f0c2009942be8ac",
+    "zh:7de5f0a6429c6856ade3c7e59d5041a7fe8e0010aea14a2074e91f8a526283ce",
+    "zh:9760420cf5feec0550556664962bc6f1af45115b9ea5bcbf47aa9bffd3dd4ac2",
+    "zh:9860272a9fbcea65393c478dc579ad2677a44338de24677702ce699a027801aa",
+    "zh:a60311a8bf267b18dcf1c8250f45e371b51c6aef086e037a3f9496602f190187",
+    "zh:b74c119b2a964cae8d17b5b5f14c8eecf44708e3817c1f65ac89b813856aed98",
+    "zh:bc33e14650052c246ac2e6492a0a24755d4e8d27cb7259e3996f07b0537f2c77",
+    "zh:c4bc2c65b3dcef2508c14dbbfc18937c5ede11670c02a644cbc28c83a57de92b",
+    "zh:c98bf4809220568d76ea2db232a88a60c29fd90d4c9e2f8c8a68cf91ceed066a",
+    "zh:de0179ee9c55bf36d3474049ceac3a105ed7bc1fb9c4787d4076c4b15d268b66",
+    "zh:e99e019d950131c2c4259c1cbca1d072cb813bdfdbbbf9359f5901d6b7542a0d",
+    "zh:feb941cc673692c6858f96590f3ca082683a62aa2d2842b9bfffcd327eb840d3",
+  ]
+}
+
+provider "registry.opentofu.org/telmate/proxmox" {
+  version     = "3.0.2-rc05"
+  constraints = ">= 3.0.2-rc05, 3.0.2-rc05"
+  hashes = [
+    "h1:PG5/Mu1UUP6/WIdtytJKZ8NxQJg8OIGygFwJOoPdmZw=",
+    "zh:042d748367f33aaf440698644be4f2a2875f9db31915c1ef84616f176fc6174f",
+    "zh:1488781da1920d60d933c8ce926c34b5e989ffae58e3fbe437973d2b1d2faafc",
+    "zh:283dd6f74627f1d1d75d616b31f8ced3f97fd5277a07c9535e85cfa765d7a321",
+    "zh:378f1c2da21aeea083ac2e632db274a02c7a01e2486a40d3c813d05a21142db3",
+    "zh:38d63d0961f8c32273392caaace30f50cff8ab06e5dda17f67a8827ebffeba98",
+    "zh:52159782df101ec98f20faff81e8f2d9d92cb4ec903314fcddcc57ec16cdaacb",
+    "zh:6ca47b90c66b1d2706cb3cbb05da8b3f90a202c4865010202b2962e2b64d217e",
+    "zh:6e7b85cb2380e4dc0be694dd0e4a24927f7f66df41960eca3cfe907443d4f0b9",
+    "zh:758775f733673ab5c196db6a33648458037746f94d4bef7ce148cb01474efe2d",
+    "zh:7c31a3ca6d52db39da2bdd60be37af71d59d808fc206de50fe661535ea436da3",
+    "zh:af16984350a2f4d77c21f66a479007801e2527543310567c99cd82eb421e249e",
+    "zh:c1f965d3f96cf3f87af2c12ab9d4bde42f8ef660f8dc34ba3cfc9b20435a7269",
+    "zh:c2b9022a31103919a5ffbac6ee8d7feb6c4f5f580c1766f769569c2e8e4ce7f1",
+    "zh:e90162c42f1237323291e3d0de0c62701b3f89350fae18246da06702f41a6123",
+  ]
+}
diff --git a/pve01.wheatley.in/k8s-wheatley/main.tf b/pve01.wheatley.in/k8s-wheatley/main.tf
new file mode 100644
index 0000000..d387f48
--- /dev/null
+++ b/pve01.wheatley.in/k8s-wheatley/main.tf
@@ -0,0 +1,68 @@
+terraform {
+  required_providers {
+    proxmox = {
+      source  = "Telmate/proxmox"
+      version = "3.0.2-rc05"
+    }
+    talos = {
+      source  = "siderolabs/talos"
+      version = "0.9.0"
+    }
+  }
+}
+provider "proxmox" {
+  pm_api_url          = "https://10.167.84.10:8006/api2/json"
+  pm_api_token_id     = ""
+  pm_api_token_secret = ""
+  pm_tls_insecure     = true
+}
+
+locals {
+  talos_version = "1.11.3"
+}
+
+module "controlplanes" {
+  source = "./modules/controlplane"
+
+  controlplanes = {
+    cpu           = 4
+    memory        = 4
+    disk          = "40G"
+    storagepool   = "nvme-fastpool"
+    talos_version = local.talos_version
+    nodes = [
+      {
+        name       = "cp01"
+        ip_address = "10.13.38.20"
+      },
+      {
+        name       = "cp02"
+        ip_address = "10.13.38.21"
+      },
+      {
+        name       = "cp03"
+        ip_address = "10.13.38.22"
+    }]
+  }
+}
+
+module "workers" {
+  source = "./modules/worker"
+
+  workers = {
+    cpu           = 4
+    memory        = 4
+    disk          = "40G"
+    storagepool   = "nvme-fastpool"
+    talos_version = local.talos_version
+    nodes = [
+      {
+        name       = "worker01"
+        ip_address = "10.13.38.30"
+      },
+      {
+        name       = "worker02"
+        ip_address = "10.13.38.31"
+      }]
+  }
+}
diff --git a/pve01.wheatley.in/k8s-wheatley/modules/controlplane/main.tf b/pve01.wheatley.in/k8s-wheatley/modules/controlplane/main.tf
new file mode 100644
index 0000000..c64dd2b
--- /dev/null
+++ b/pve01.wheatley.in/k8s-wheatley/modules/controlplane/main.tf
@@ -0,0 +1,44 @@
+terraform {
+  required_providers {
+    proxmox = {
+      source  = "telmate/proxmox"
+      version = ">= 3.0.2-rc05"
+    }
+  }
+}
+
+resource "proxmox_vm_qemu" "controlplane" {
+  for_each = { for node in var.controlplanes.nodes : node.name => node }
+
+  name        = format("k8s-wheatley-%s", each.value.name)
+  target_node = "pve01"
+  tags        = "k8s-wheatley,controlplane"
+  onboot      = true
+  bios        = "ovmf"
+  boot        = "order=virtio0;net0"
+  clone       = format("talos-%s", var.controlplanes.talos_version)
+  scsihw      = "virtio-scsi-pci"
+
+  disk {
+    size    = var.controlplanes.disk
+    storage = var.controlplanes.storagepool
+    type    = "disk"
+    slot    = "virtio0"
+    format  = "raw"
+  }
+
+  cpu {
+    cores   = var.controlplanes.cpu
+    sockets = 1
+  }
+
+  memory = var.controlplanes.memory * 1024
+
+  network {
+    id     = 0
+    model  = "virtio"
+    bridge = "vmbr1"
+  }
+  ipconfig0 = format("ip=%s/24,gw=10.13.38.1", each.value.ip_address)
+  skip_ipv6 = true
+}
diff --git a/pve01.wheatley.in/k8s-wheatley/modules/controlplane/variables.tf b/pve01.wheatley.in/k8s-wheatley/modules/controlplane/variables.tf
new file mode 100644
index 0000000..4b0fffe
--- /dev/null
+++ b/pve01.wheatley.in/k8s-wheatley/modules/controlplane/variables.tf
@@ -0,0 +1,15 @@
+variable "controlplanes" {
+  description = "Control plane node configuration"
+  type = object({
+    cpu           = number
+    memory        = number
+    disk          = string
+    storagepool   = string
+    talos_version = string
+    nodes = list(object({
+      name       = string
+      ip_address = string
+    }))
+  })
+}
+
diff --git a/pve01.wheatley.in/k8s-wheatley/modules/worker/main.tf b/pve01.wheatley.in/k8s-wheatley/modules/worker/main.tf
new file mode 100644
index 0000000..69928f8
--- /dev/null
+++ b/pve01.wheatley.in/k8s-wheatley/modules/worker/main.tf
@@ -0,0 +1,44 @@
+terraform {
+  required_providers {
+    proxmox = {
+      source  = "telmate/proxmox"
+      version = ">= 3.0.2-rc05"
+    }
+  }
+}
+
+resource "proxmox_vm_qemu" "worker" {
+  for_each = { for node in var.workers.nodes : node.name => node }
+
+  name        = format("k8s-wheatley-%s", each.value.name)
+  target_node = "pve01"
+  tags        = "k8s-wheatley,worker"
+  onboot      = true
+  bios        = "ovmf"
+  boot        = "order=virtio0;net0"
+  clone       = format("talos-%s", var.workers.talos_version)
+  scsihw      = "virtio-scsi-pci"
+
+  disk {
+    size    = var.workers.disk
+    storage = var.workers.storagepool
+    type    = "disk"
+    slot    = "virtio0"
+    format  = "raw"
+  }
+
+  cpu {
+    cores   = var.workers.cpu
+    sockets = 1
+  }
+
+  memory = var.workers.memory * 1024
+
+  network {
+    id     = 0
+    model  = "virtio"
+    bridge = "vmbr1"
+  }
+  ipconfig0 = format("ip=%s/24,gw=10.13.38.1", each.value.ip_address)
+  skip_ipv6 = true
+}
diff --git a/pve01.wheatley.in/k8s-wheatley/modules/worker/variables.tf b/pve01.wheatley.in/k8s-wheatley/modules/worker/variables.tf
new file mode 100644
index 0000000..e08e802
--- /dev/null
+++ b/pve01.wheatley.in/k8s-wheatley/modules/worker/variables.tf
@@ -0,0 +1,15 @@
+variable "workers" {
+  description = "Worker node configuration"
+  type = object({
+    cpu           = number
+    memory        = number
+    disk          = string
+    storagepool   = string
+    talos_version = string
+    nodes = list(object({
+      name       = string
+      ip_address = string
+    }))
+  })
+}
+