# CLAUDE.md

This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.

## Overview

This is a Terraform module for managing vSphere resource pools (resource groups). It creates organized resource pools with CPU and memory resource allocation controls, along with proper tagging for management and organization. The module integrates with vSphere for virtualization and Vault for secrets management.

## Commands

### Terraform Operations
- `terraform init` - Initialize the Terraform working directory
- `terraform plan` - Create execution plan showing changes
- `terraform apply` - Apply the planned changes
- `terraform destroy` - Destroy the managed infrastructure
- `terraform validate` - Validate configuration syntax
- `terraform fmt` - Format configuration files
- `terraform test` - Run test suites to validate module functionality
- `terraform test -verbose` - Run tests with detailed output

### Development Workflow
- Always run `terraform validate` and `terraform plan` before applying changes
- Use `terraform.tfvars` file for environment-specific variable values
- Secrets are managed through Vault - never hardcode sensitive values
- Run `terraform test` to execute test suites before committing changes
- Use `terraform fmt` to format code according to Terraform style conventions

## Architecture

### Core Components

**Resource Pool Management:**
- Creates resource pools (`vsphere_resource_pool`) under the compute cluster's default resource pool
- Configurable CPU and memory reservations, limits, expandability, and shares
- Default resource groups: Kubernetes, Docker, and Infra

**Tagging System:**
- Creates tag categories for Environment and ResourceGroupType
- Applies environment and resource group type tags to each resource pool
- Enables proper organization and filtering in vSphere

**Data Sources:**
- Retrieves vSphere credentials from Vault
- Looks up vSphere datacenter information
- References compute cluster "Home" for resource pool parent

### Variable Structure

**Key Variables:**
- `datacenter`: vSphere datacenter name
- `environment`: Environment name (dev, tst, acc, uat, prod, shared, tools)
- `resource_groups`: Map of resource groups with CPU/memory configuration
- `role_id`/`secret_id`: Vault AppRole authentication (sensitive)

**Resource Group Configuration:**
Each resource group supports:
- `name`: Display name for the resource pool
- `cpu_reservation`: Guaranteed CPU in MHz (default: 0)
- `cpu_expandable`: Allow CPU expansion beyond reservation (default: true)
- `cpu_limit`: Maximum CPU in MHz (default: -1, unlimited)
- `cpu_shares`: CPU priority (normal, low, high) (default: normal)
- `memory_reservation`: Guaranteed memory in MB (default: 0)
- `memory_expandable`: Allow memory expansion beyond reservation (default: true)
- `memory_limit`: Maximum memory in MB (default: -1, unlimited)
- `memory_shares`: Memory priority (normal, low, high) (default: normal)

### Resource Dependencies

Resources are created in the following order:
1. Tag categories for Environment and ResourceGroupType
2. Environment and resource group type tags
3. Resource pools with proper tagging

### Backend Configuration

Uses S3-compatible backend (MinIO) for state storage with custom endpoint configuration. State file: `home/vsphere/network/vsphere-resourcegroup-config.tfstate`