diff --git a/terraform/.terraform.lock.hcl b/terraform/.terraform.lock.hcl new file mode 100644 index 0000000..60b913a --- /dev/null +++ b/terraform/.terraform.lock.hcl @@ -0,0 +1,16 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/dmacvicar/libvirt" { + version = "0.8.3" + hashes = [ + "h1:Tttxr3E9O75MM+dDmq5sYHQEw29PwtIj+XDj/5drdfE=", + ] +} + +provider "registry.terraform.io/hashicorp/template" { + version = "2.2.0" + hashes = [ + "h1:94qn780bi1qjrbC3uQtjJh3Wkfwd5+tTtJHOb7KTg9w=", + ] +} diff --git a/terraform/configs/cloud-init/client.yaml.tpl b/terraform/configs/cloud-init/client.yaml.tpl index 9c5b005..c06e156 100644 --- a/terraform/configs/cloud-init/client.yaml.tpl +++ b/terraform/configs/cloud-init/client.yaml.tpl @@ -30,16 +30,42 @@ write_files: append: true encoding: b64 content: ${hosts_file} + - path: /etc/networkd-dispatcher/routable.d/10-disable-offloading + owner: root:root + permissions: "0755" + content: | + #!/bin/bash + for IF in $(networkctl list --no-legend | awk '/ routable /{print $2}'); do + /usr/sbin/ethtool -K "$IF" \ + rx off tx off sg off tso off ufo off gso off gro off lro off \ + ntuple off rxhash off rx-gro-hw off || true + done + - path: /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg + permissions: '0644' + content: | + network: {config: disabled} + - path: /etc/netplan/01-static.yaml + owner: root:root + permissions: '0644' + content: | + network: + version: 2 + renderer: networkd + ethernets: + enp1s0: + dhcp4: false + addresses: [${ip}] + gateway4: ${gateway} + nameservers: + addresses: ${nameservers} + +modules: + - tcp_bbr + - sch_netem runcmd: - - | - cat << 'EOF' > /etc/network/if-up.d/disable-offload - #!/bin/bash - ethtool -K enp1s0 rx off tx off sg off tso off ufo off gso off gro off lro off ntuple off rxhash off rx-gro-hw off - EOF - chmod +x /etc/network/if-up.d/disable-offload - - /etc/network/if-up.d/disable-offload - - modprobe tcp_bbr sch_netem + - rm -f /etc/netplan/50-cloud-init.yaml + - netplan generate && netplan apply - | wget https://github.com/stunnel/static-curl/releases/download/8.14.1/curl-linux-x86_64-dev-8.14.1.tar.xz \ diff --git a/terraform/configs/cloud-init/server.yaml.tpl b/terraform/configs/cloud-init/server.yaml.tpl index 2a18234..c397309 100644 --- a/terraform/configs/cloud-init/server.yaml.tpl +++ b/terraform/configs/cloud-init/server.yaml.tpl @@ -30,33 +30,59 @@ packages: write_files: - path: /etc/nginx/nginx.conf owner: root:root - permissions: '0644' + permissions: "0644" encoding: b64 content: ${nginx_conf} - path: /etc/default/tftpd-hpa owner: root:root - permissions: '0644' + permissions: "0644" encoding: b64 content: ${tftpd_conf} - path: /etc/caddy/Caddyfile owner: root:root - permissions: '0644' + permissions: "0644" encoding: b64 content: ${caddy_conf} - path: /etc/hosts append: true encoding: b64 content: ${hosts_file} + - path: /etc/networkd-dispatcher/routable.d/10-disable-offloading + owner: root:root + permissions: "0755" + content: | + #!/bin/bash + for IF in $(networkctl list --no-legend | awk '/ routable /{print $2}'); do + /usr/sbin/ethtool -K "$IF" \ + rx off tx off sg off tso off ufo off gso off gro off lro off \ + ntuple off rxhash off rx-gro-hw off || true + done + - path: /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg + permissions: '0644' + content: | + network: {config: disabled} + - path: /etc/netplan/01-static.yaml + owner: root:root + permissions: '0644' + content: | + network: + version: 2 + renderer: networkd + ethernets: + enp1s0: + dhcp4: false + addresses: [${ip}] + gateway4: ${gateway} + nameservers: + addresses: ${nameservers} + +modules: + - tcp_bbr + - sch_netem runcmd: - - | - cat << 'EOF' > /etc/network/if-up.d/disable-offload - #!/bin/bash - ethtool -K enp1s0 rx off tx off sg off tso off ufo off gso off gro off lro off ntuple off rxhash off rx-gro-hw off - EOF - chmod +x /etc/network/if-up.d/disable-offload - - /etc/network/if-up.d/disable-offload - - modprobe tcp_bbr sch_netem + - rm -f /etc/netplan/50-cloud-init.yaml + - netplan generate && netplan apply - | dd if=/dev/random of=/var/www/1MB.file bs=1024K count=1 diff --git a/terraform/main.tf b/terraform/main.tf index 5ce94ea..99d804e 100644 --- a/terraform/main.tf +++ b/terraform/main.tf @@ -16,9 +16,11 @@ locals { image_filename = "noble-server-cloudimg-amd64.img" # да, можно было и ссылку, но я не хочу, чтобы кто-то качал его - client_ip = "10.6.6.10" - server_ip = "10.6.6.20" + client_ip = "10.6.6.10/24" + server_ip = "10.6.6.20/24" network_cidr = "10.6.6.0/24" + gateway = "10.6.6.1" + nameservers = "1.1.1.1" mtu = 1500 cpu_per_node = 4 @@ -30,7 +32,7 @@ provider "libvirt" { } resource "libvirt_network" "default" { - name = "task5_default" + name = "net_research_default" mode = "nat" addresses = [local.network_cidr] @@ -41,57 +43,53 @@ resource "libvirt_network" "default" { local_only = false forwarders { - address = "1.1.1.1" - } - - hosts { - hostname = "client" - ip = local.client_ip - } - hosts { - hostname = "server" - ip = local.server_ip + address = local.nameservers } } } resource "libvirt_volume" "ubuntu_noble" { - name = "task5_ubuntu_noble" + name = "net_research_ubuntu_noble" source = "${local.image_pool_folder}/${local.image_filename}" } resource "libvirt_volume" "client_image" { - name = "task5_client_image" + name = "net_research_client_image" base_volume_id = libvirt_volume.ubuntu_noble.id } resource "libvirt_volume" "server_image" { - name = "task5_server_image" + name = "net_research_server_image" base_volume_id = libvirt_volume.ubuntu_noble.id } data "template_file" "client_user_data" { template = file("${path.module}/configs/cloud-init/client.yaml.tpl") vars = { - hosts_file = base64encode(file("${path.module}/configs/hosts")) + hosts_file = base64encode(file("${path.module}/configs/hosts")) + ip = local.client_ip + gateway = local.gateway + nameservers = local.nameservers } } data "template_file" "server_user_data" { template = file("${path.module}/configs/cloud-init/server.yaml.tpl") vars = { - nginx_conf = base64encode(file("${path.module}/configs/nginx/nginx.conf")) - tftpd_conf = base64encode(file("${path.module}/configs/tftpd/tftpd-hpa")) - caddy_conf = base64encode(file("${path.module}/configs/caddy/Caddyfile")) - hosts_file = base64encode(file("${path.module}/configs/hosts")) + nginx_conf = base64encode(file("${path.module}/configs/nginx/nginx.conf")) + tftpd_conf = base64encode(file("${path.module}/configs/tftpd/tftpd-hpa")) + caddy_conf = base64encode(file("${path.module}/configs/caddy/Caddyfile")) + hosts_file = base64encode(file("${path.module}/configs/hosts")) + ip = local.server_ip + gateway = local.gateway + nameservers = local.nameservers } } module "client" { source = "./modules/instance" - name = "task5_client" + name = "net_research_client" network_id = libvirt_network.default.id - ip = local.client_ip volume_base_id = libvirt_volume.ubuntu_noble.id user_data = data.template_file.client_user_data.rendered vcpu = local.cpu_per_node @@ -100,9 +98,8 @@ module "client" { module "server" { source = "./modules/instance" - name = "task5_server" + name = "net_research_server" network_id = libvirt_network.default.id - ip = local.server_ip volume_base_id = libvirt_volume.ubuntu_noble.id user_data = data.template_file.server_user_data.rendered vcpu = local.cpu_per_node diff --git a/terraform/modules/instance/main.tf b/terraform/modules/instance/main.tf index b056cfa..8840d6f 100644 --- a/terraform/modules/instance/main.tf +++ b/terraform/modules/instance/main.tf @@ -8,7 +8,6 @@ terraform { variable "name" {} variable "network_id" {} -variable "ip" {} variable "volume_base_id" {} variable "user_data" {} variable "vcpu" {} @@ -36,7 +35,6 @@ resource "libvirt_domain" "this" { network_interface { network_id = var.network_id - addresses = [var.ip] } arch = "x86_64"