Initial
This commit is contained in:
84
README.md
84
README.md
@@ -1,2 +1,86 @@
|
||||
# terraform-lxd
|
||||
Terraform with LXD: Creates a LXD Container, ZFS Pool, Userdata, etc.
|
||||
|
||||
## Provider
|
||||
|
||||
Using the [terraform-provider-lxd](https://registry.terraform.io/providers/terraform-lxd/lxd/latest/docs) to provision a LXD container.
|
||||
|
||||
## Pre-Requisites
|
||||
|
||||
You will require a host with LXD and you will also require to initialize the host and setup remote connections:
|
||||
```bash
|
||||
sudo snap install lxd
|
||||
lxd init --minimal
|
||||
lxc config set core.https_address IP_ADDRESS:8443
|
||||
lxc config set core.trust_password A-SECURE-LXD-PASSWORD
|
||||
sudo ufw allow in on lan to IP_ADDRESS port 8443 proto tcp
|
||||
sudo ufw allow in on wg0 to IP_ADDRESS port 8443 proto tcp
|
||||
```
|
||||
|
||||
## Setup the client machine e.g. a notebook
|
||||
```bash
|
||||
sudo snap install lxd
|
||||
lxc remote add zot IP_ADDRESS
|
||||
lxc remote switch zot
|
||||
lxc remote list
|
||||
lxc list # shows instances running on the server zot
|
||||
lxc shell ubuntu # login as root to the container ubuntu
|
||||
lxc exec ubuntu -- uname -a # run a command inside the container ubuntu
|
||||
```
|
||||
|
||||
## Terraform
|
||||
|
||||
Populate your `lxd_host`, `lxd_password` and other variables in `terraform.tfvars` to fit your environment.
|
||||
|
||||
Then provision a lxd instance and a zfs storage pool with terraform:
|
||||
|
||||
```bash
|
||||
terraform init
|
||||
terraform plan
|
||||
terraform apply
|
||||
|
||||
Outputs:
|
||||
|
||||
ip = "10.0.10.134"
|
||||
```
|
||||
Execute the interactive shell inside the instance
|
||||
|
||||
`lxc shell ubuntu`
|
||||
|
||||
Check if the configuration finished
|
||||
|
||||
`cloud-init status --wait`
|
||||
|
||||
Check the validation status
|
||||
|
||||
`cloud-init schema --system --annotate`
|
||||
|
||||
See the config
|
||||
|
||||
`cloud-init query userdata`
|
||||
|
||||
Delete the container ubuntu using terraform
|
||||
|
||||
`terraform destroy --target lxd_instance.ubuntu`
|
||||
|
||||
## SSH Config
|
||||
|
||||
Then we should be able to ssh as an ldap user e.g. john:
|
||||
|
||||
```bash
|
||||
$ ssh john@ubuntu.lxd
|
||||
Warning: Permanently added 'x.x.x.x' (x) to the list of known hosts.
|
||||
Warning: Permanently added '10.0.10.134' (ED25519) to the list of known hosts.
|
||||
Welcome to Ubuntu 22.04.3 LTS (GNU/Linux 5.4.0-122-generic x86_64)
|
||||
|
||||
john@ubuntu:~$
|
||||
```
|
||||
Or as ubuntu using a private key. The public key is set in the variable `ssh_pub_key` in file `terraform.tfvars`
|
||||
```bash
|
||||
$ ssh -i .ssh/id_ed25519 ubuntu@ubuntu.lxd
|
||||
Welcome to Ubuntu 22.04.3 LTS (GNU/Linux 5.4.0-122-generic x86_64)
|
||||
|
||||
ubuntu@ubuntu:~$
|
||||
```
|
||||
## If groups have changed in the LDAP cache must be invalidated. Flush nscd groups cache
|
||||
`sudo nscd --invalidate=group`
|
||||
Reference in New Issue
Block a user