chore: small improvements

2025-12-26 15:41:30 +03:00
5 changed files with 109 additions and 46 deletions
@@ -0,0 +1,16 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/dmacvicar/libvirt" {
+  version = "0.8.3"
+  hashes = [
+    "h1:Tttxr3E9O75MM+dDmq5sYHQEw29PwtIj+XDj/5drdfE=",
+  ]
+}
+
+provider "registry.terraform.io/hashicorp/template" {
+  version = "2.2.0"
+  hashes = [
+    "h1:94qn780bi1qjrbC3uQtjJh3Wkfwd5+tTtJHOb7KTg9w=",
+  ]
+}
@@ -30,16 +30,42 @@ write_files:
    append: true
    encoding: b64
    content: ${hosts_file}
+  - path: /etc/networkd-dispatcher/routable.d/10-disable-offloading
+    owner: root:root
+    permissions: "0755"
+    content: |
+      #!/bin/bash
+      for IF in $(networkctl list --no-legend | awk '/ routable /{print $2}'); do
+        /usr/sbin/ethtool -K "$IF" \
+          rx off tx off sg off tso off ufo off gso off gro off lro off \
+          ntuple off rxhash off rx-gro-hw off || true
+      done
+  - path: /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg
+    permissions: '0644'
+    content: |
+      network: {config: disabled}
+  - path: /etc/netplan/01-static.yaml
+    owner: root:root
+    permissions: '0644'
+    content: |
+      network:
+        version: 2
+        renderer: networkd
+        ethernets:
+          enp1s0:
+            dhcp4: false
+            addresses: [${ip}]
+            gateway4: ${gateway}
+            nameservers:
+              addresses: ${nameservers}
+
+modules:
+  - tcp_bbr
+  - sch_netem

 runcmd:
-  - |
-    cat << 'EOF' > /etc/network/if-up.d/disable-offload
-    #!/bin/bash
-    ethtool -K enp1s0 rx off tx off sg off tso off ufo off gso off gro off lro off ntuple off rxhash off rx-gro-hw off
-    EOF
-    chmod +x /etc/network/if-up.d/disable-offload
-  - /etc/network/if-up.d/disable-offload
-  - modprobe tcp_bbr sch_netem
+  - rm -f /etc/netplan/50-cloud-init.yaml
+  - netplan generate && netplan apply

  - |
    wget https://github.com/stunnel/static-curl/releases/download/8.14.1/curl-linux-x86_64-dev-8.14.1.tar.xz \
@@ -30,33 +30,59 @@ packages:
 write_files:
  - path: /etc/nginx/nginx.conf
    owner: root:root
-    permissions: '0644'
+    permissions: "0644"
    encoding: b64
    content: ${nginx_conf}
  - path: /etc/default/tftpd-hpa
    owner: root:root
-    permissions: '0644'
+    permissions: "0644"
    encoding: b64
    content: ${tftpd_conf}
  - path: /etc/caddy/Caddyfile
    owner: root:root
-    permissions: '0644'
+    permissions: "0644"
    encoding: b64
    content: ${caddy_conf}
  - path: /etc/hosts
    append: true
    encoding: b64
    content: ${hosts_file}
+  - path: /etc/networkd-dispatcher/routable.d/10-disable-offloading
+    owner: root:root
+    permissions: "0755"
+    content: |
+      #!/bin/bash
+      for IF in $(networkctl list --no-legend | awk '/ routable /{print $2}'); do
+        /usr/sbin/ethtool -K "$IF" \
+          rx off tx off sg off tso off ufo off gso off gro off lro off \
+          ntuple off rxhash off rx-gro-hw off || true
+      done
+  - path: /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg
+    permissions: '0644'
+    content: |
+      network: {config: disabled}
+  - path: /etc/netplan/01-static.yaml
+    owner: root:root
+    permissions: '0644'
+    content: |
+      network:
+        version: 2
+        renderer: networkd
+        ethernets:
+          enp1s0:
+            dhcp4: false
+            addresses: [${ip}]
+            gateway4: ${gateway}
+            nameservers:
+              addresses: ${nameservers}
+
+modules:
+  - tcp_bbr
+  - sch_netem

 runcmd:
-  - |
-    cat << 'EOF' > /etc/network/if-up.d/disable-offload
-    #!/bin/bash
-    ethtool -K enp1s0 rx off tx off sg off tso off ufo off gso off gro off lro off ntuple off rxhash off rx-gro-hw off
-    EOF
-    chmod +x /etc/network/if-up.d/disable-offload
-  - /etc/network/if-up.d/disable-offload
-  - modprobe tcp_bbr sch_netem
+  - rm -f /etc/netplan/50-cloud-init.yaml
+  - netplan generate && netplan apply

  - |
    dd if=/dev/random of=/var/www/1MB.file bs=1024K count=1
@@ -16,9 +16,11 @@ locals {

  image_filename = "noble-server-cloudimg-amd64.img" # да, можно было и ссылку, но я не хочу, чтобы кто-то качал его

-  client_ip    = "10.6.6.10"
-  server_ip    = "10.6.6.20"
+  client_ip    = "10.6.6.10/24"
+  server_ip    = "10.6.6.20/24"
  network_cidr = "10.6.6.0/24"
+  gateway      = "10.6.6.1"
+  nameservers  = "1.1.1.1"
  mtu          = 1500

  cpu_per_node = 4
@@ -30,7 +32,7 @@ provider "libvirt" {
 }

 resource "libvirt_network" "default" {
-  name = "task5_default"
+  name = "net_research_default"

  mode      = "nat"
  addresses = [local.network_cidr]
@@ -41,32 +43,23 @@ resource "libvirt_network" "default" {
    local_only = false

    forwarders {
-      address = "1.1.1.1"
-    }
-
-    hosts {
-      hostname = "client"
-      ip       = local.client_ip
-    }
-    hosts {
-      hostname = "server"
-      ip       = local.server_ip
+      address = local.nameservers
    }
  }
 }

 resource "libvirt_volume" "ubuntu_noble" {
-  name   = "task5_ubuntu_noble"
+  name   = "net_research_ubuntu_noble"
  source = "${local.image_pool_folder}/${local.image_filename}"
 }

 resource "libvirt_volume" "client_image" {
-  name           = "task5_client_image"
+  name           = "net_research_client_image"
  base_volume_id = libvirt_volume.ubuntu_noble.id
 }

 resource "libvirt_volume" "server_image" {
-  name           = "task5_server_image"
+  name           = "net_research_server_image"
  base_volume_id = libvirt_volume.ubuntu_noble.id
 }

@@ -74,6 +67,9 @@ data "template_file" "client_user_data" {
  template = file("${path.module}/configs/cloud-init/client.yaml.tpl")
  vars = {
    hosts_file  = base64encode(file("${path.module}/configs/hosts"))
+    ip          = local.client_ip
+    gateway     = local.gateway
+    nameservers = local.nameservers
  }
 }

@@ -84,14 +80,16 @@ data "template_file" "server_user_data" {
    tftpd_conf  = base64encode(file("${path.module}/configs/tftpd/tftpd-hpa"))
    caddy_conf  = base64encode(file("${path.module}/configs/caddy/Caddyfile"))
    hosts_file  = base64encode(file("${path.module}/configs/hosts"))
+    ip          = local.server_ip
+    gateway     = local.gateway
+    nameservers = local.nameservers
  }
 }

 module "client" {
  source         = "./modules/instance"
-  name           = "task5_client"
+  name           = "net_research_client"
  network_id     = libvirt_network.default.id
-  ip             = local.client_ip
  volume_base_id = libvirt_volume.ubuntu_noble.id
  user_data      = data.template_file.client_user_data.rendered
  vcpu           = local.cpu_per_node
@@ -100,9 +98,8 @@ module "client" {

 module "server" {
  source         = "./modules/instance"
-  name           = "task5_server"
+  name           = "net_research_server"
  network_id     = libvirt_network.default.id
-  ip             = local.server_ip
  volume_base_id = libvirt_volume.ubuntu_noble.id
  user_data      = data.template_file.server_user_data.rendered
  vcpu           = local.cpu_per_node
@@ -8,7 +8,6 @@ terraform {

 variable "name" {}
 variable "network_id" {}
-variable "ip" {}
 variable "volume_base_id" {}
 variable "user_data" {}
 variable "vcpu" {}
@@ -36,7 +35,6 @@ resource "libvirt_domain" "this" {

  network_interface {
    network_id = var.network_id
-    addresses  = [var.ip]
  }

  arch    = "x86_64"