Introduce list of detail objects for bare-metal machines

* Define bare-metal `controllers` and `workers` as a complex type
list(object{name=string, mac=string, domain=string}) to allow
clusters with many machines to be defined more cleanly
* Remove `controller_names` list variable
* Remove `controller_macs` list variable
* Remove `controller_domains` list variable
* Remove `worker_names` list variable
* Remove `worker_macs` list variable
* Remove `worker_domains` list variable

bare-metal/fedora-coreos/kubernetes/bootstrap.tf

@@ -4,7 +4,7 @@ module "bootstrap" {
 
   cluster_name                    = var.cluster_name
   api_servers                     = [var.k8s_domain_name]
-  etcd_servers                    = var.controller_domains
+  etcd_servers                    = var.controllers.*.domain
   asset_dir                       = var.asset_dir
   networking                      = var.networking
   network_mtu                     = var.network_mtu

bare-metal/fedora-coreos/kubernetes/groups.tf

@@ -1,22 +1,22 @@
 # Match each controller or worker to a profile
 
 resource "matchbox_group" "controller" {
-  count   = length(var.controller_names)
-  name    = format("%s-%s", var.cluster_name, var.controller_names[count.index])
+  count   = length(var.controllers)
+  name    = format("%s-%s", var.cluster_name, var.controllers.*.name[count.index])
   profile = matchbox_profile.controllers.*.name[count.index]
 
   selector = {
-    mac = var.controller_macs[count.index]
+    mac = var.controllers.*.mac[count.index]
   }
 }
 
 resource "matchbox_group" "worker" {
-  count   = length(var.worker_names)
-  name    = format("%s-%s", var.cluster_name, var.worker_names[count.index])
+  count   = length(var.workers)
+  name    = format("%s-%s", var.cluster_name, var.workers.*.name[count.index])
   profile = matchbox_profile.workers.*.name[count.index]
 
   selector = {
-    mac = var.worker_macs[count.index]
+    mac = var.workers.*.mac[count.index]
   }
 }
 

bare-metal/fedora-coreos/kubernetes/profiles.tf

@@ -29,8 +29,8 @@ locals {
 
 // Fedora CoreOS controller profile
 resource "matchbox_profile" "controllers" {
-  count = length(var.controller_names)
-  name  = format("%s-controller-%s", var.cluster_name, var.controller_names[count.index])
+  count = length(var.controllers)
+  name  = format("%s-controller-%s", var.cluster_name, var.controllers.*.name[count.index])
 
   kernel = local.kernel
   initrd = [
@@ -42,20 +42,20 @@ resource "matchbox_profile" "controllers" {
 }
 
 data "ct_config" "controller-ignitions" {
-  count = length(var.controller_names)
+  count = length(var.controllers)
 
   content = data.template_file.controller-configs.*.rendered[count.index]
   strict  = true
 }
 
 data "template_file" "controller-configs" {
-  count = length(var.controller_names)
+  count = length(var.controllers)
 
   template = file("${path.module}/fcc/controller.yaml")
   vars = {
-    domain_name            = var.controller_domains[count.index]
-    etcd_name              = var.controller_names[count.index]
-    etcd_initial_cluster   = join(",", formatlist("%s=https://%s:2380", var.controller_names, var.controller_domains))
+    domain_name            = var.controllers.*.domain[count.index]
+    etcd_name              = var.controllers.*.name[count.index]
+    etcd_initial_cluster   = join(",", formatlist("%s=https://%s:2380", var.controllers.*.name, var.controllers.*.domain))
     cluster_dns_service_ip = module.bootstrap.cluster_dns_service_ip
     cluster_domain_suffix  = var.cluster_domain_suffix
     ssh_authorized_key     = var.ssh_authorized_key
@@ -64,8 +64,8 @@ data "template_file" "controller-configs" {
 
 // Fedora CoreOS worker profile
 resource "matchbox_profile" "workers" {
-  count = length(var.worker_names)
-  name  = format("%s-worker-%s", var.cluster_name, var.worker_names[count.index])
+  count = length(var.workers)
+  name  = format("%s-worker-%s", var.cluster_name, var.workers.*.name[count.index])
 
   kernel = local.kernel
   initrd = [
@@ -77,18 +77,18 @@ resource "matchbox_profile" "workers" {
 }
 
 data "ct_config" "worker-ignitions" {
-  count = length(var.worker_names)
+  count = length(var.workers)
 
   content = data.template_file.worker-configs.*.rendered[count.index]
   strict  = true
 }
 
 data "template_file" "worker-configs" {
-  count = length(var.worker_names)
+  count = length(var.workers)
 
   template = file("${path.module}/fcc/worker.yaml")
   vars = {
-    domain_name            = var.worker_domains[count.index]
+    domain_name            = var.workers.*.domain[count.index]
     cluster_dns_service_ip = module.bootstrap.cluster_dns_service_ip
     cluster_domain_suffix  = var.cluster_domain_suffix
     ssh_authorized_key     = var.ssh_authorized_key

bare-metal/fedora-coreos/kubernetes/ssh.tf

@@ -1,6 +1,6 @@
 # Secure copy assets to controllers. Activates kubelet.service
 resource "null_resource" "copy-controller-secrets" {
-  count = length(var.controller_names)
+  count = length(var.controllers)
 
   # Without depends_on, remote-exec could start and wait for machines before
   # matchbox groups are written, causing a deadlock.
@@ -12,7 +12,7 @@ resource "null_resource" "copy-controller-secrets" {
 
   connection {
     type    = "ssh"
-    host    = var.controller_domains[count.index]
+    host    = var.controllers.*.domain[count.index]
     user    = "core"
     timeout = "60m"
   }
@@ -85,7 +85,7 @@ resource "null_resource" "copy-controller-secrets" {
 
 # Secure copy kubeconfig to all workers. Activates kubelet.service
 resource "null_resource" "copy-worker-secrets" {
-  count = length(var.worker_names)
+  count = length(var.workers)
 
   # Without depends_on, remote-exec could start and wait for machines before
   # matchbox groups are written, causing a deadlock.
@@ -96,7 +96,7 @@ resource "null_resource" "copy-worker-secrets" {
 
   connection {
     type    = "ssh"
-    host    = var.worker_domains[count.index]
+    host    = var.workers.*.domain[count.index]
     user    = "core"
     timeout = "60m"
   }
@@ -125,7 +125,7 @@ resource "null_resource" "bootstrap" {
 
   connection {
     type    = "ssh"
-    host    = var.controller_domains[0]
+    host    = var.controllers[0].domain
     user    = "core"
     timeout = "15m"
   }

bare-metal/fedora-coreos/kubernetes/variables.tf

@@ -22,36 +22,32 @@ variable "os_version" {
 }
 
 # machines
-# Terraform's crude "type system" does not properly support lists of maps so we do this.
 
-variable "controller_names" {
-  type        = list(string)
-  description = "Ordered list of controller names (e.g. [node1])"
+variable "controllers" {
+  type = list(object({
+    name = string
+    mac = string
+    domain = string
+  }))
+  description = <<EOD
+List of controller machine details (unique name, identifying MAC address, FQDN)
+[{ name = "node1", mac = "52:54:00:a1:9c:ae", domain = "node1.example.com"}]
+EOD
 }
 
-variable "controller_macs" {
-  type        = list(string)
-  description = "Ordered list of controller identifying MAC addresses (e.g. [52:54:00:a1:9c:ae])"
-}
-
-variable "controller_domains" {
-  type        = list(string)
-  description = "Ordered list of controller FQDNs (e.g. [node1.example.com])"
-}
-
-variable "worker_names" {
-  type        = list(string)
-  description = "Ordered list of worker names (e.g. [node2, node3])"
-}
-
-variable "worker_macs" {
-  type        = list(string)
-  description = "Ordered list of worker identifying MAC addresses (e.g. [52:54:00:b2:2f:86, 52:54:00:c3:61:77])"
-}
-
-variable "worker_domains" {
-  type        = list(string)
-  description = "Ordered list of worker FQDNs (e.g. [node2.example.com, node3.example.com])"
+variable "workers" {
+  type = list(object({
+    name = string
+    mac = string
+    domain = string
+  }))
+  description = <<EOD
+List of worker machine details (unique name, identifying MAC address, FQDN)
+[
+  { name = "node2", mac = "52:54:00:b2:2f:86", domain = "node2.example.com"},
+  { name = "node3", mac = "52:54:00:c3:61:77", domain = "node3.example.com"}
+]
+EOD
 }
 
 variable "snippets" {