support multiple networks for all nodes w/ inventory output

Author: sjpb

environments/skeleton/{{cookiecutter.environment}}/tofu/compute.tf

@@ -7,24 +7,24 @@ module "compute" {
   nodes = each.value.nodes
   flavor = each.value.flavor
 
+  # always taken from top-level value:
   cluster_name = var.cluster_name
   cluster_domain_suffix = var.cluster_domain_suffix
-  cluster_net_id = data.openstack_networking_network_v2.cluster_net[var.cluster_networks[0].network].id
-  cluster_subnet_id = data.openstack_networking_subnet_v2.cluster_subnet[var.cluster_networks[0].network].id
-
+  key_pair = var.key_pair
+  environment_root = var.environment_root
+  
   # can be set for group, defaults to top-level value:
+  networks = lookup(each.value, "networks", var.cluster_networks)
   image_id = lookup(each.value, "image_id", var.cluster_image_id)
-  #vnic_type = lookup(each.value, "vnic_type", var.vnic_type)
-  #vnic_profile = lookup(each.value, "vnic_profile", var.vnic_profile)
+  vnic_types = lookup(each.value, "vnic_types", var.vnic_types)
+  vnic_profiles = lookup(each.value, "vnic_profiles", var.vnic_profiles)
   volume_backed_instances = lookup(each.value, "volume_backed_instances", var.volume_backed_instances)
   root_volume_size = lookup(each.value, "root_volume_size", var.root_volume_size)
   extra_volumes = lookup(each.value, "extra_volumes", {})
-
   compute_init_enable = lookup(each.value, "compute_init_enable", [])
   ignore_image_changes = lookup(each.value, "ignore_image_changes", false)
 
-  key_pair = var.key_pair
-  environment_root = var.environment_root
+  # computed
   k3s_token = local.k3s_token
   control_address = [for n in openstack_compute_instance_v2.control["control"].network: n.fixed_ip_v4 if n.access_network][0]
   security_group_ids = [for o in data.openstack_networking_secgroup_v2.nonlogin: o.id]

environments/skeleton/{{cookiecutter.environment}}/tofu/control.tf

@@ -55,7 +55,7 @@ resource "openstack_compute_instance_v2" "control" {
     for_each = {for net in var.cluster_networks: net.network => net}
     content {
       port = openstack_networking_port_v2.control[network.key].id
-      access_network = length(var.cluster_networks) == 1 ? true : lookup(each.value, "access_network", false)
+      access_network = length(var.cluster_networks) == 1 ? true : lookup(network.value, "access_network", false)
     }
   }
 

environments/skeleton/{{cookiecutter.environment}}/tofu/inventory.tpl

@@ -9,6 +9,7 @@ control:
         ${ control.name }:
             ansible_host: ${[for n in control.network: n.fixed_ip_v4 if n.access_network][0]}
             instance_id: ${ control.id }
+            networks: ${jsonencode({for n in control.network: n.name => {"fixed_ip_v4": n.fixed_ip_v4, "fixed_ip_v6": n.fixed_ip_v6}})}
 %{ endfor ~}
     vars:
         appliances_state_dir: ${state_dir} # NB needs to be set on group not host otherwise it is ignored in packer build!
@@ -22,6 +23,7 @@ ${cluster_name}_${group_name}:
             ansible_host: ${node.access_ip_v4}
             instance_id: ${ node.id }
             image_id: ${ node.image_id }
+            networks: ${jsonencode({for n in node.network: n.name => {"fixed_ip_v4": n.fixed_ip_v4, "fixed_ip_v6": n.fixed_ip_v6}})}
 %{ endfor ~}
 %{ endfor ~}
 
@@ -39,6 +41,7 @@ ${cluster_name}_${group_name}:
             ansible_host: ${node.access_ip_v4}
             instance_id: ${ node.id }
             image_id: ${ node.image_id }
+            networks: ${jsonencode({for n in node.network: n.name => {"fixed_ip_v4": n.fixed_ip_v4, "fixed_ip_v6": n.fixed_ip_v6}})}
 %{ endfor ~}
 %{ endfor ~}
 

environments/skeleton/{{cookiecutter.environment}}/tofu/login.tf

@@ -9,13 +9,12 @@ module "login" {
 
   cluster_name = var.cluster_name
   cluster_domain_suffix = var.cluster_domain_suffix
-  cluster_net_id = data.openstack_networking_network_v2.cluster_net[var.cluster_networks[0].network].id
-  cluster_subnet_id = data.openstack_networking_subnet_v2.cluster_subnet[var.cluster_networks[0].network].id
-
+  
   # can be set for group, defaults to top-level value:
+  networks = lookup(each.value, "networks", var.cluster_networks)
   image_id = lookup(each.value, "image_id", var.cluster_image_id)
-  #vnic_type = lookup(each.value, "vnic_type", var.vnic_type)
-  #vnic_profile = lookup(each.value, "vnic_profile", var.vnic_profile)
+  vnic_types = lookup(each.value, "vnic_types", var.vnic_types)
+  vnic_profiles = lookup(each.value, "vnic_profiles", var.vnic_profiles)
   volume_backed_instances = lookup(each.value, "volume_backed_instances", var.volume_backed_instances)
   root_volume_size = lookup(each.value, "root_volume_size", var.root_volume_size)
   extra_volumes = lookup(each.value, "extra_volumes", {})

environments/skeleton/{{cookiecutter.environment}}/tofu/node_group/network.tf

@@ -0,0 +1,14 @@
+
+data "openstack_networking_network_v2" "network" {
+
+  for_each = {for net in var.networks: net.network => net}
+
+  name = each.value.network
+}
+
+data "openstack_networking_subnet_v2" "subnet" {
+
+  for_each = {for net in var.networks: net.network => net}
+
+  name = each.value.subnet
+}

environments/skeleton/{{cookiecutter.environment}}/tofu/node_group/nodes.tf

@@ -33,21 +33,23 @@ resource "openstack_compute_volume_attach_v2" "compute" {
 
 resource "openstack_networking_port_v2" "compute" {
 
-  for_each = toset(var.nodes)
+  for_each = {for item in setproduct(var.nodes, var.networks):
+    "${item[0]}-${item[1].network}" => item[1]
+  }
 
   name = "${var.cluster_name}-${each.key}"
-  network_id = var.cluster_net_id
+  network_id = data.openstack_networking_network_v2.network[each.value.network].id
   admin_state_up = "true"
 
   fixed_ip {
-    subnet_id = var.cluster_subnet_id
+    subnet_id = data.openstack_networking_subnet_v2.subnet[each.value.network].id
   }
 
   security_group_ids = var.security_group_ids
 
   binding {
-    vnic_type = var.vnic_type
-    profile = var.vnic_profile
+    vnic_type = lookup(var.vnic_types, each.value.network, "normal")
+    profile = lookup(var.vnic_profiles, each.value.network, "{}")
   }
 }
 
@@ -72,9 +74,12 @@ resource "openstack_compute_instance_v2" "compute_fixed_image" {
     }
   }
 
-  network {
-    port = openstack_networking_port_v2.compute[each.key].id
-    access_network = true
+  dynamic "network" {
+    for_each = {for net in var.networks: net.network => net}
+    content {
+      port = openstack_networking_port_v2.compute["${each.key}-${network.key}"].id
+      access_network = length(var.networks) == 1 ? true : lookup(network.value, "access_network", false)
+    }
   }
 
   metadata = merge(
@@ -120,9 +125,12 @@ resource "openstack_compute_instance_v2" "compute" {
     }
   }
 
-  network {
-    port = openstack_networking_port_v2.compute[each.key].id
-    access_network = true
+  dynamic "network" {
+    for_each = {for net in var.networks: net.network => net}
+    content {
+      port = openstack_networking_port_v2.compute["${each.key}-${network.key}"].id
+      access_network = length(var.networks) == 1 ? true : lookup(network.value, "access_network", false)
+    }
   }
 
   metadata = merge(

environments/skeleton/{{cookiecutter.environment}}/tofu/node_group/variables.tf

@@ -17,14 +17,6 @@ variable "cluster_domain_suffix" {
     default = "invalid"
 }
 
-variable "cluster_net_id" {
-    type = string
-}
-
-variable "cluster_subnet_id" {
-    type = string
-}
-
 variable "key_pair" {
     type = string
     description = "Name of an existing keypair in OpenStack"
@@ -40,16 +32,14 @@ variable "environment_root" {
     description = "Path to environment root, automatically set by activate script"
 }
 
-variable "vnic_type" {
-    type = string
-    description = "VNIC type, see https://registry.terraform.io/providers/terraform-provider-openstack/openstack/latest/docs/resources/networking_port_v2#vnic_type"
-    default = "normal"
+variable "vnic_types" {
+    type = map(string)
+    default = {}
 }
 
-variable "vnic_profile" {
-    type = string
-    description = "VNIC binding profile as json string, see https://registry.terraform.io/providers/terraform-provider-openstack/openstack/latest/docs/resources/networking_port_v2#profile."
-    default = "{}"
+variable "vnic_profiles" {
+    type = map(string)
+    default = {}
 }
 
 variable "volume_backed_instances" {
@@ -99,4 +89,9 @@ variable "ignore_image_changes" {
     type = bool
     description = "Whether to ignore changes to the image_id parameter"
     default = false
-}
+}
+
+variable "networks" {
+    type = list(map(string))
+    default = []
+}