diff --git a/.gitignore b/.gitignore
index 7586b5d..857d3ba 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,6 +1,9 @@
# Local .terraform directories
**/.terraform/*
+# Local .terrafrunt directories
+**/.terragrunt-cache/*
+
.terraform.lock.hcl
# .tfstate files
diff --git a/README.md b/README.md
index af0012d..c65d3a2 100644
--- a/README.md
+++ b/README.md
@@ -5,19 +5,6 @@
- [Docker](#docker)
- [Microsoft Visual Studio Code](#microsoft-visual-studio-code)
- [vscode extensions](#vscode-extensions)
- - [Example: Create a docker container `netdata`](#example-create-a-docker-container-netdata)
- - [Setup your **terraform** environment](#setup-your-terraform-environment)
- - [Let **terraform** create a docker `netdata` container](#let-terraform-create-a-docker-netdata-container)
- - [Check what **terraform** ***would*** do (`terraform plan`)](#check-what-terraform-would-do-terraform-plan)
- - [Create **terraform** resources (`terraform apply`)](#create-terraform-resources-terraform-apply)
- - [Check created resources](#check-created-resources)
- - [Visit `netdata` metrics app](#visit-netdata-metrics-app)
- - [Set custom variables](#set-custom-variables)
- - [Requirements](#requirements-1)
- - [Providers](#providers)
- - [Resources](#resources)
- - [Inputs](#inputs)
- - [Outputs](#outputs)
This repository can be used as a template for developing with `terraform`. This repository sets up a complete terraform development environment including:
@@ -28,6 +15,7 @@ This repository can be used as a template for developing with `terraform`. This
- trivy
- vscode terraform plugins
- pre-commit
+- openstackclient
## Requirements
@@ -42,256 +30,3 @@ Download and install [vscode](https://code.visualstudio.com/)
### vscode extensions
In **vscode**, install extension **[ms-vscode-remote.remote-containers](https://marketplace.visualstudio.com/items?itemName=ms-vscode-remote.remote-containers)**
-
-
-## Example: Create a docker container `netdata`
-
-### Setup your **terraform** environment
-
-1. Start **docker** engine
-2. Clone this repository
-3. Open the local repository in **vscode**
-4. If you want to mount your local workspace directory into the **devcontainer**, modify [.devcontainer.json](./.devcontainer/devcontainer.json) Section `"mounts": [ "source=${localEnv:HOME}${localEnv:USERPROFILE}/workspace,target=/home/vscode/workspace,type=bind,consistency=cached"]` to fit your workspace path.
-5. In the popup at the lower right corner, click on "Reopen in Container"
-6. Initialize **terraform** via `terraform init`
-7. Start infrastructure as code
-
-### Let **terraform** create a docker `netdata` container
-
-#### Check what **terraform** ***would*** do (`terraform plan`)
-
-As soon as you have successfully initialized **terraform** via `terraform init`, you can check what the example **terraform** module would do:
-
-```sh
-terraform plan
-```
-
-You should see something similar like this:
-
- terraform plan output
-
-```go
-Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
-+ create
-
-Terraform will perform the following actions:
-
-# module.docker_netdata.docker_container.netdata will be created
-+ resource "docker_container" "netdata" {
- + attach = false
- + bridge = (known after apply)
- + command = (known after apply)
- + container_logs = (known after apply)
- + container_read_refresh_timeout_milliseconds = 15000
- + entrypoint = (known after apply)
- + env = (sensitive value)
- + exit_code = (known after apply)
- + hostname = "created-by-terraform"
- + id = (known after apply)
- + image = (known after apply)
- + init = (known after apply)
- + ipc_mode = (known after apply)
- + log_driver = (known after apply)
- + logs = false
- + must_run = true
- + name = "netdata"
- + network_data = (known after apply)
- + read_only = false
- + remove_volumes = true
- + restart = "unless-stopped"
- + rm = false
- + runtime = (known after apply)
- + security_opts = [
- + "apparmor:unconfined",
- ]
- + shm_size = (known after apply)
- + start = true
- + stdin_open = false
- + stop_signal = (known after apply)
- + stop_timeout = (known after apply)
- + tty = false
- + wait = false
- + wait_timeout = 60
-
- + capabilities {
- + add = [
- + "SYS_ADMIN",
- + "SYS_PTRACE",
- ]
- + drop = []
- }
-
- + ports {
- + external = 19999
- + internal = 19999
- + ip = "127.0.0.1"
- + protocol = "tcp"
- }
-
- + volumes {
- + container_path = "/etc/netdata"
- + volume_name = "netdataconfig"
- }
- + volumes {
- + container_path = "/host/etc/group"
- + host_path = "/etc/group"
- + read_only = true
- }
- + volumes {
- + container_path = "/host/etc/os-release"
- + host_path = "/etc/os-release"
- + read_only = true
- }
- + volumes {
- + container_path = "/host/etc/passwd"
- + host_path = "/etc/passwd"
- + read_only = true
- }
- + volumes {
- + container_path = "/host/proc"
- + host_path = "/proc"
- + read_only = true
- }
- + volumes {
- + container_path = "/host/sys"
- + host_path = "/sys"
- + read_only = true
- }
- + volumes {
- + container_path = "/var/cache/netdata"
- + volume_name = "netdatacache"
- }
- + volumes {
- + container_path = "/var/lib/netdata"
- + volume_name = "netdatalib"
- }
- + volumes {
- + container_path = "/var/run/docker.sock"
- + host_path = "/var/run/docker.sock"
- + read_only = true
- }
- }
-
-# module.docker_netdata.docker_image.netdata will be created
-+ resource "docker_image" "netdata" {
- + id = (known after apply)
- + image_id = (known after apply)
- + keep_locally = false
- + name = "netdata/netdata:stable"
- + repo_digest = (known after apply)
- }
-
-Plan: 2 to add, 0 to change, 0 to destroy.
-```
-
-
-
-As you can see, **terraform** would create two resources as mentioned at the end of the output:
-
-```go
-# module.docker_netdata.docker_container.netdata will be created
-(...)
-
-# module.docker_netdata.docker_image.netdata will be created
-(...)
-
-Plan: 2 to add, 0 to change, 0 to destroy.
-```
-
-Don't be afraid and take a look at the detailed resources to get an idea of what happens.
-
-#### Create **terraform** resources (`terraform apply`)
-
-If you agree with the output of `terraform plan`, you can create the resources:
-
-```sh
-terraform apply
-```
-
-You should see something similar to this:
-
-```txt
-(...)
-Plan: 2 to add, 0 to change, 0 to destroy.
-module.docker_netdata.docker_image.netdata: Creating...
-module.docker_netdata.docker_image.netdata: Still creating... [10s elapsed]
-module.docker_netdata.docker_image.netdata: Creation complete after 13s [id=sha256:97829c5803169cfee85770935ccf537012776e091a3e157db3ae9e045e6982a5netdata/netdata:stable]
-module.docker_netdata.docker_container.netdata: Creating...
-module.docker_netdata.docker_container.netdata: Creation complete after 1s [id=6cb2d6ab44ba39d8ee983dc0e1cb8aca485927067be2938d27cf10ff83fe4a24]
-
-Apply complete! Resources: 2 added, 0 changed, 0 destroyed.
-```
-
-#### Check created resources
-
-Now, you should see the created container and volumes:
-
-```sh
-$ docker ps | grep netdata
-6cb2d6ab44ba 97829c580316 "/usr/sbin/run.sh" 2 minutes ago Up 2 minutes (healthy) 127.0.0.1:19999->19999/tcp netdata
-```
-
-```sh
-$ docker volume ls | grep netdata
-local netdatacache
-local netdataconfig
-local netdatalib
-```
-
-#### Visit `netdata` metrics app
-
-As defined in [docker_container.tf](./modules/docker_netdata/docker_container.tf), we have exposed the container to `127.0.0.1:19999`. So open a browser and check your host's metrics: [http://127.0.0.1:19999](http://127.0.0.1:19999)
-
-### Set custom variables
-
-Feel free to add your own variables like `container_netdata_hostname` or your own `netdata_claim_*` variables by copying the `main.tf` to `main_override.tf` and edit the commented out variables.
-Or create a file `terraform.tfvars` and add the variables and your values to that file.
-
-
-## Requirements
-
-| Name | Version |
-|------|---------|
-| [docker](#requirement\_docker) | ~> 3.0.0 |
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| [docker](#provider\_docker) | 3.0.2 |
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [docker_container.netdata](https://registry.terraform.io/providers/kreuzwerker/docker/latest/docs/resources/container) | resource |
-| [docker_image.netdata](https://registry.terraform.io/providers/kreuzwerker/docker/latest/docs/resources/image) | resource |
-| [docker_network.netdata](https://registry.terraform.io/providers/kreuzwerker/docker/latest/docs/resources/network) | resource |
-| [docker_volume.netdatacache](https://registry.terraform.io/providers/kreuzwerker/docker/latest/docs/resources/volume) | resource |
-| [docker_volume.netdataconfig](https://registry.terraform.io/providers/kreuzwerker/docker/latest/docs/resources/volume) | resource |
-| [docker_volume.netdatalib](https://registry.terraform.io/providers/kreuzwerker/docker/latest/docs/resources/volume) | resource |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| [container\_netdata\_hostname](#input\_container\_netdata\_hostname) | Hostname to be shown on Netdata Metrics site | `string` | `"created-by-terraform"` | no |
-| [netdata\_claim\_rooms](#input\_netdata\_claim\_rooms) | Room-ID to claim the host to | `string` | `null` | no |
-| [netdata\_claim\_token](#input\_netdata\_claim\_token) | Netdata claim token | `string` | `null` | no |
-| [netdata\_claim\_url](#input\_netdata\_claim\_url) | Netdata URL to claim the host to | `string` | `"https://app.netdata.cloud"` | no |
-| [volume\_docker\_socket\_container](#input\_volume\_docker\_socket\_container) | Container Docker socket path | `string` | `"/var/run/docker.sock"` | no |
-| [volume\_docker\_socket\_local](#input\_volume\_docker\_socket\_local) | Host Docker socket path | `string` | `"/var/run/docker.sock"` | no |
-| [volume\_netdatacache\_id](#input\_volume\_netdatacache\_id) | Docker volume name or id to create/attach to store netdata cache data | `string` | `"netdatacache"` | no |
-| [volume\_netdataconfig\_id](#input\_volume\_netdataconfig\_id) | Docker volume name or id to create/attach to store netdata config data | `string` | `"netdataconfig"` | no |
-| [volume\_netdatalib\_id](#input\_volume\_netdatalib\_id) | Docker volume name or id to create/attach to store netdata lib data | `string` | `"netdatalib"` | no |
-
-## Outputs
-
-| Name | Description |
-|------|-------------|
-| [network\_id\_netdata](#output\_network\_id\_netdata) | Long ID for created docker network 'netdata' |
-| [variable\_netdata\_claim\_token](#output\_variable\_netdata\_claim\_token) | Variable value for 'netdata\_claim\_token' |
-| [volume\_netdatacache\_id](#output\_volume\_netdatacache\_id) | ID for created docker volume 'netdatacache' |
-| [volume\_netdataconfig\_id](#output\_volume\_netdataconfig\_id) | ID for created docker volume 'netdataconfig' |
-| [volume\_netdatalib\_id](#output\_volume\_netdatalib\_id) | ID for created docker volume 'netdatalib' |
-
diff --git a/docker_container.tf b/docker_container.tf
deleted file mode 100644
index a693ab7..0000000
--- a/docker_container.tf
+++ /dev/null
@@ -1,72 +0,0 @@
-resource "docker_container" "netdata" {
- capabilities {
- add = [
- "SYS_PTRACE",
- "SYS_ADMIN"
- ]
- }
- env = [
- # Explaination: https://developer.hashicorp.com/terraform/language/expressions/conditionals
- var.netdata_claim_token != null ? "NETDATA_CLAIM_TOKEN=${tostring(var.netdata_claim_token)}" : "NETDATA_CLAIM_TOKEN=''",
- var.netdata_claim_url != null ? "NETDATA_CLAIM_URL=${tostring(var.netdata_claim_url)}" : "NETDATA_CLAIM_URL=''",
- var.netdata_claim_rooms != null ? "NETDATA_CLAIM_ROOMS=${tostring(var.netdata_claim_rooms)}" : "NETDATA_CLAIM_ROOMS=''"
- ]
- hostname = var.container_netdata_hostname
- image = docker_image.netdata.image_id
- name = "netdata-by-terraform"
- ports {
- ip = "127.0.0.1"
- internal = 19999
- external = 19999
- }
- restart = "unless-stopped"
- security_opts = ["apparmor:unconfined"]
- volumes {
- # volume_name = "netdatacache"
- volume_name = docker_volume.netdatacache.id
- container_path = "/var/cache/netdata"
- }
- volumes {
- # volume_name = "netdataconfig"
- volume_name = docker_volume.netdataconfig.id
- container_path = "/etc/netdata"
- }
- volumes {
- # volume_name = "netdatalib"
- volume_name = docker_volume.netdatalib.id
- container_path = "/var/lib/netdata"
- }
- volumes {
- host_path = "/etc/passwd"
- container_path = "/host/etc/passwd"
- read_only = true
- }
- volumes {
- host_path = "/etc/group"
- container_path = "/host/etc/group"
- read_only = true
- }
- volumes {
- host_path = "/proc"
- container_path = "/host/proc"
- read_only = true
- }
- volumes {
- host_path = "/sys"
- container_path = "/host/sys"
- read_only = true
- }
- volumes {
- host_path = "/etc/os-release"
- container_path = "/host/etc/os-release"
- read_only = true
- }
- volumes {
- host_path = var.volume_docker_socket_local
- container_path = var.volume_docker_socket_container
- read_only = true
- }
- networks_advanced {
- name = docker_network.netdata.id
- }
-}
diff --git a/docker_image.tf b/docker_image.tf
deleted file mode 100644
index 30d6822..0000000
--- a/docker_image.tf
+++ /dev/null
@@ -1,4 +0,0 @@
-resource "docker_image" "netdata" {
- name = "netdata/netdata:stable"
- keep_locally = false
-}
diff --git a/docker_network.tf b/docker_network.tf
deleted file mode 100644
index bee7b61..0000000
--- a/docker_network.tf
+++ /dev/null
@@ -1,4 +0,0 @@
-resource "docker_network" "netdata" {
- name = "netdata"
- attachable = true
-}
diff --git a/docker_volume.tf b/docker_volume.tf
deleted file mode 100644
index ec62dea..0000000
--- a/docker_volume.tf
+++ /dev/null
@@ -1,9 +0,0 @@
-resource "docker_volume" "netdatacache" {
- name = "netdatacache"
-}
-resource "docker_volume" "netdataconfig" {
- name = "netdataconfig"
-}
-resource "docker_volume" "netdatalib" {
- name = "netdatalib"
-}
diff --git a/outputs.tf b/outputs.tf
deleted file mode 100644
index d25451b..0000000
--- a/outputs.tf
+++ /dev/null
@@ -1,21 +0,0 @@
-# This file contains all outputs
-output "variable_netdata_claim_token" {
- description = "Variable value for 'netdata_claim_token'"
- value = var.netdata_claim_token
-}
-output "volume_netdatacache_id" {
- description = "ID for created docker volume 'netdatacache'"
- value = docker_volume.netdatacache.id
-}
-output "volume_netdataconfig_id" {
- description = "ID for created docker volume 'netdataconfig'"
- value = docker_volume.netdataconfig.id
-}
-output "volume_netdatalib_id" {
- description = "ID for created docker volume 'netdatalib'"
- value = docker_volume.netdatalib.id
-}
-output "network_id_netdata" {
- description = "Long ID for created docker network 'netdata'"
- value = docker_network.netdata.id
-}
diff --git a/providers.tf b/providers.tf
deleted file mode 100644
index e3726ad..0000000
--- a/providers.tf
+++ /dev/null
@@ -1,2 +0,0 @@
-provider "docker" {
-}
diff --git a/trivy.yaml b/trivy.yaml
index 3c68eab..66d81d5 100644
--- a/trivy.yaml
+++ b/trivy.yaml
@@ -27,6 +27,8 @@ scan:
skip-dirs:
# Default is empty
- .devcontainer
+ - .terraform
+ - .terragrunt-cache
misconfiguration:
scanners:
diff --git a/variables.tf b/variables.tf
deleted file mode 100644
index 15472ce..0000000
--- a/variables.tf
+++ /dev/null
@@ -1,51 +0,0 @@
-##############################
-### Docker container variables
-variable "container_netdata_hostname" {
- description = "Hostname to be shown on Netdata Metrics site"
- type = string
- default = "created-by-terraform"
-}
-variable "netdata_claim_token" {
- description = "Netdata claim token"
- type = string
- default = null
- # sensitive = true
-}
-variable "netdata_claim_url" {
- description = "Netdata URL to claim the host to"
- type = string
- default = "https://app.netdata.cloud"
-}
-variable "netdata_claim_rooms" {
- description = "Room-ID to claim the host to"
- type = string
- default = null
-}
-##############################
-### Docker volume variables
-variable "volume_netdatacache_id" {
- description = "Docker volume name or id to create/attach to store netdata cache data"
- type = string
- default = "netdatacache"
-}
-variable "volume_netdataconfig_id" {
- description = "Docker volume name or id to create/attach to store netdata config data"
- type = string
- default = "netdataconfig"
-}
-variable "volume_netdatalib_id" {
- description = "Docker volume name or id to create/attach to store netdata lib data"
- type = string
- default = "netdatalib"
-}
-### Docker socket variables
-variable "volume_docker_socket_local" {
- description = "Host Docker socket path"
- type = string
- default = "/var/run/docker.sock"
-}
-variable "volume_docker_socket_container" {
- description = "Container Docker socket path"
- type = string
- default = "/var/run/docker.sock"
-}
diff --git a/versions.tf b/versions.tf
deleted file mode 100644
index d2dda01..0000000
--- a/versions.tf
+++ /dev/null
@@ -1,16 +0,0 @@
-# This file contains all provider and their versions
-terraform {
- required_providers {
- docker = {
- source = "kreuzwerker/docker"
- version = "~> 3.0.0"
- # = use exact version (e.g. 4.3.2)
- # > use latest version
- # >= use exact or latest version
- # ~> use latest PATCH version (e.g. 4.3.x)
- # < use lower version
- # <= use exact or lower version
- # combinations are allowed (e.g. >= 4.0.0 < 5.0.0)
- }
- }
-}