Create a basic Managed Kubernetes cluster via Terraform
We recommend creating resources in order. If you create all resources at once, Terraform will account for dependencies between resources that you specified in the configuration file. If dependencies are not specified, resources will be created in parallel, which may lead to errors. For instance, a resource required for creating another resource might not have been created yet.
- Optional: configure providers.
- Create a private network and subnet.
- Create a cloud router connected to the internet.
- Create a basic cluster.
- Create a node group with a network volume.
Configuration files
Example file for configuring providers
terraform {
required_providers {
servercore = {
source = "terraform.servercore.com/servercore/servercore"
version = "~> 6.0"
}
openstack = {
source = "terraform-provider-openstack/openstack"
version = "2.1.0"
}
}
}
provider "servercore" {
domain_name = "123456"
username = "user"
password = "password"
auth_region = "uz-1"
auth_url = "https://cloud.api.servercore.com/identity/v3/"
}
resource "servercore_project_v2" "project_1" {
name = "project"
}
resource "servercore_iam_serviceuser_v1" "serviceuser_1" {
name = "username"
password = "password"
role {
role_name = "member"
scope = "project"
project_id = servercore_project_v2.project_1.id
}
}
provider "openstack" {
auth_url = "https://cloud.api.servercore.com/identity/v3"
domain_name = "123456"
tenant_id = servercore_project_v2.project_1.id
user_name = servercore_iam_serviceuser_v1.serviceuser_1.name
password = servercore_iam_serviceuser_v1.serviceuser_1.password
region = "uz-1"
}
Example file for a basic cluster with nodes of custom configuration
resource "openstack_networking_network_v2" "network_1" {
name = "private-network"
admin_state_up = "true"
}
resource "openstack_networking_subnet_v2" "subnet_1" {
network_id = openstack_networking_network_v2.network_1.id
cidr = "192.168.199.0/24"
}
data "openstack_networking_network_v2" "external_network_1" {
external = true
}
resource "openstack_networking_router_v2" "router_1" {
name = "router"
external_network_id = data.openstack_networking_network_v2.external_network_1.id
}
resource "openstack_networking_router_interface_v2" "router_interface_1" {
router_id = openstack_networking_router_v2.router_1.id
subnet_id = openstack_networking_subnet_v2.subnet_1.id
}
data "servercore_mks_kube_versions_v1" "versions" {
project_id = servercore_project_v2.project_1.id
region = "uz-1"
}
resource "servercore_mks_cluster_v1" "cluster_1" {
name = "basic-cluster"
project_id = servercore_project_v2.project_1.id
region = "uz-1"
kube_version = data.servercore_mks_kube_versions_v1.versions.latest_version
zonal = true
enable_patch_version_auto_upgrade = false
network_id = openstack_networking_network_v2.network_1.id
subnet_id = openstack_networking_subnet_v2.subnet_1.id
maintenance_window_start = "00:00:00"
}
resource "servercore_mks_nodegroup_v1" "nodegroup_1" {
cluster_id = servercore_mks_cluster_v1.cluster_1.id
project_id = servercore_mks_cluster_v1.cluster_1.project_id
region = servercore_mks_cluster_v1.cluster_1.region
availability_zone = "uz-1a"
nodes_count = "2"
cpus = 2
ram_mb = 4096
volume_gb = 32
volume_type = "fast.uz-1a"
install_nvidia_device_plugin = false
labels = {
"label-key0": "label-value0",
"label-key1": "label-value1",
"label-key2": "label-value2",
}
}
Example file for a basic cluster with nodes of fixed configuration (flavors)
resource "openstack_networking_network_v2" "network_1" {
name = "private-network"
admin_state_up = "true"
}
resource "openstack_networking_subnet_v2" "subnet_1" {
network_id = openstack_networking_network_v2.network_1.id
cidr = "192.168.199.0/24"
}
data "openstack_networking_network_v2" "external_network_1" {
external = true
}
resource "openstack_networking_router_v2" "router_1" {
name = "router"
external_network_id = data.openstack_networking_network_v2.external_network_1.id
}
resource "openstack_networking_router_interface_v2" "router_interface_1" {
router_id = openstack_networking_router_v2.router_1.id
subnet_id = openstack_networking_subnet_v2.subnet_1.id
}
data "servercore_mks_kube_versions_v1" "versions" {
project_id = servercore_project_v2.project_1.id
region = "uz-1"
}
resource "servercore_mks_cluster_v1" "cluster_1" {
name = "basic-cluster"
project_id = servercore_project_v2.project_1.id
region = "uz-1"
kube_version = data.servercore_mks_kube_versions_v1.versions.latest_version
zonal = true
enable_patch_version_auto_upgrade = false
network_id = openstack_networking_network_v2.network_1.id
subnet_id = openstack_networking_subnet_v2.subnet_1.id
maintenance_window_start = "00:00:00"
}
resource "servercore_mks_nodegroup_v1" "nodegroup_1" {
cluster_id = servercore_mks_cluster_v1.cluster_1.id
project_id = servercore_mks_cluster_v1.cluster_1.project_id
region = servercore_mks_cluster_v1.cluster_1.region
availability_zone = "uz-1a"
nodes_count = "2"
flavor_id = "1013"
volume_gb = 32
volume_type = "fast.uz-1a"
install_nvidia_device_plugin = false
labels = {
"label-key0": "label-value0",
"label-key1": "label-value1",
"label-key2": "label-value2",
}
}
1. Optional: configure providers
If you have already configured Servercore and OpenStack providers, skip this step.
-
Make sure that in the control panel you have created a service user with the
memberrole in the Account access scope andiam.admin. -
Create a directory to store configuration files and a separate file with the
.tfextension to configure providers. -
Add the Servercore and OpenStack providers to the file for provider configuration:
terraform {required_providers {servercore = {source = "terraform.servercore.com/servercore/servercore"version = "~> 7.1.0"}openstack = {source = "terraform-provider-openstack/openstack"version = "2.1.0"}}}Here
versionis the provider version. The current version of the OpenStack provider can be found in the Terraform Registry and GitHub.For more information about products, services, and features that can be managed using providers, see the Servercore and OpenStack Providers guide.
-
Initialize the Servercore provider:
provider "servercore" {domain_name = "123456"username = "user"password = "password"auth_region = "uz-1"auth_url = "https://cloud.api.servercore.com/identity/v3/"}Where:
domain_name— Servercore account number. You can find it in the control panel in the top-right corner;username— name of the service user with thememberrole in the Account access scope andiam.admin. You can view it in the control panel: in the top menu, click IAM → Service Users section (the section is only available to the Account Owner and a user with theiam.adminrole);password— service user password. You can view it when creating the user or change it to a new one;auth_region— pool for authorization, for example,uz-1. You can create resources in other pools. A list of available pools can be found in the Availability Matrix guide.
-
Create a project:
resource "servercore_project_v2" "project_1" {name = "project"}See a detailed description of the servercore_project_v2 resource.
-
Create a service user to access the project and assign them the
memberrole in the Project access scope:resource "servercore_iam_serviceuser_v1" "serviceuser_1" {name = "username"password = "password"role {role_name = "member"scope = "project"project_id = servercore_project_v2.project_1.id}}Where:
-
username— username; -
password— user password. The password must be at least 20 characters long and include at least:- one uppercase and one lowercase Latin letter (
A-Z,a-z); - one digit (
0-9); - one special character from the ASCII Printable 7-Bit Special Characters list:
!"#$%&'()*+,-./:;<=>?@[]^_{|}~;
- one uppercase and one lowercase Latin letter (
-
project_id— project ID. You can find it in the control panel: in the top menu, click Products and select Cloud Servers → open the projects menu → in the row of the target project, click .
See a detailed description of the servercore_iam_serviceuser_v1 resource.
-
-
Initialize the OpenStack provider:
provider "openstack" {auth_url = "https://cloud.api.servercore.com/identity/v3"domain_name = "123456"tenant_id = servercore_project_v2.project_1.iduser_name = servercore_iam_serviceuser_v1.serviceuser_1.namepassword = servercore_iam_serviceuser_v1.serviceuser_1.passwordregion = "uz-1"}Where:
domain_name— Servercore account number. You can find it in the control panel in the top-right corner;region— pool, for example,uz-1. All resources will be created in this pool. A list of available pools can be found in the Availability Matrix guide.
-
If you are creating resources while configuring providers, add the
depends_onargument for OpenStack resources. For example, for the openstack_networking_network_v2 resource:resource "openstack_networking_network_v2" "network_1" {name = "private-network"admin_state_up = "true"depends_on = [servercore_project_v2.project_1,servercore_iam_serviceuser_v1.serviceuser_1]} -
Open the CLI.
-
Initialize the Terraform configuration in the directory:
terraform init -
Verify that the configuration files are syntactically correct:
terraform validate -
Format the configuration files:
terraform fmt -
Check which resources will be created:
terraform plan -
Apply the changes and create the resources:
terraform apply -
Confirm creation — enter yes and press Enter. The created resources will appear in the control panel.
-
If quotas were insufficient to create the resources, increase the quotas.
2. Create a private network and subnet
resource "openstack_networking_network_v2" "network_1" {
name = "private-network"
admin_state_up = "true"
}
resource "openstack_networking_subnet_v2" "subnet_1" {
name = "private-subnet"
network_id = openstack_networking_network_v2.network_1.id
cidr = "192.168.199.0/24"
dns_nameservers = ["188.93.16.19", "188.93.17.19"]
enable_dhcp = false
}
Where:
cidr— private subnet CIDR, for example192.168.199.0/24;dns_nameservers— DNS servers, for example Servercore DNS188.93.16.19and188.93.17.19.
See the detailed resource description:
3. Create a cloud router connected to the internet
A cloud router connected to the internet performs 1:1 NAT for traffic from a private network to the internet via the router's public IP address.
data "openstack_networking_network_v2" "external_network_1" {
external = true
}
resource "openstack_networking_router_v2" "router_1" {
name = "router"
external_network_id = data.openstack_networking_network_v2.external_network_1.id
}
resource "openstack_networking_router_interface_v2" "router_interface_1" {
router_id = openstack_networking_router_v2.router_1.id
subnet_id = openstack_networking_subnet_v2.subnet_1.id
}
See the detailed resource description:
- openstack_networking_network_v2;
- openstack_networking_router_v2;
- openstack_networking_router_interface_v2.
4. Create a basic cluster
data "servercore_mks_kube_versions_v1" "versions" {
project_id = servercore_project_v2.project_1.id
region = "uz-1"
}
resource "servercore_mks_cluster_v1" "cluster_1" {
name = "basic-cluster"
project_id = servercore_project_v2.project_1.id
region = "uz-1"
kube_version = data.servercore_mks_kube_versions_v1.versions.latest_version
zonal = true
enable_patch_version_auto_upgrade = false
network_id = openstack_networking_network_v2.network_1.id
subnet_id = openstack_networking_subnet_v2.subnet_1.id
maintenance_window_start = "00:00:00"
}
Where:
-
name— cluster name, maximum 32 characters — Latin letters, numbers, and hyphens; -
region— pool, in which the cluster will be created, for example,uz-1. The list of available pools can be viewed in the Availability Matrix.
See the detailed description of the servercore_mks_cluster_v1 resource.
5. Create a node group with a network volume
Fixed configuration
Custom configuration
resource "servercore_mks_nodegroup_v1" "nodegroup_1" {
cluster_id = servercore_mks_cluster_v1.cluster_1.id
project_id = servercore_mks_cluster_v1.cluster_1.project_id
region = servercore_mks_cluster_v1.cluster_1.region
availability_zone = "uz-1a"
nodes_count = "2"
flavor_id = "1013"
volume_gb = 32
volume_type = "fast.uz-1a"
install_nvidia_device_plugin = false
labels = {
"label-key0": "label-value0",
"label-key1": "label-value1",
"label-key2": "label-value2",
}
}
Where:
-
availability_zone— pool segment where the node group will be located, for example,uz-1a; -
nodes_count— number of worker nodes in the node group. The maximum number of nodes is 15; -
flavor_id— flavor ID. Flavors correspond to cloud server configurations and determine the number of vCPU, RAM, and the size of the local disk (optional) of the node. For example,3031— flavor for creating a node with the GPU Line configuration with 4 vCPU, 32 GB RAM. You can view the list of flavors in a specific pool in OpenStack CLI; -
volume_gb— disk size in GB. If the disk size is specified in the configuration you chose in theflavor_idargument, then thevolume_gbargument does not need to be specified. The limits for available values can be found in the Comparing node configurations on a cloud server table; -
volume_type— disk type in the<type>.<pool_segment>format, for example,basic.uz-1a:<type>—basic,universal, orfast;<pool_segment>— pool segment where the network volume will be created, for example,uz-1a;
-
install_nvidia_device_plugin— confirms or cancels the installation of GPU drivers and NVIDIA® Device Plugin:true— for flavors with GPU, confirms the installation of GPU drivers and NVIDIA® Device Plugin;false— for flavors with and without GPU, cancels the installation of GPU drivers and NVIDIA® Device Plugin. You can manually install drivers for GPU node groups.
See the detailed description of the servercore_mks_nodegroup_v1 resource.