Patrick de Ruiter
58b600c1d2
Some checks failed
Code Quality & Security Scan / TFLint (push) Successful in 18s
Code Quality & Security Scan / Terraform Destroy (push) Has been skipped
Code Quality & Security Scan / Tfsec Security Scan (push) Successful in 24s
Code Quality & Security Scan / Checkov Security Scan (push) Successful in 38s
Code Quality & Security Scan / Terraform Tests (push) Failing after 1m27s
Code Quality & Security Scan / SonarQube Trigger (push) Has been skipped
Code Quality & Security Scan / Terraform Init (push) Has been skipped
Code Quality & Security Scan / Terraform Apply (push) Has been skipped
- Removed assertions that check resource IDs (not available during plan) - Kept resource_pool_names output test (based on variables) - Added verification for expected resource group keys in output - Fixes: "Unknown condition value" error in verify_outputs test Resource IDs are only known after apply, so they can't be validated during plan phase. The remaining tests verify output structure using variable-based data that is available during plan.
Terraform vSphere Resource Groups Module
This Terraform module manages vSphere resource pools (resource groups) with CPU/memory allocation controls and integrated tagging for organization and management.
Purpose
Creates and manages vSphere resource pools with configurable resource allocation policies, reservations, limits, and shares. Includes automated tagging for environment and resource group classification.
What It Does
- Creates resource pools under vSphere cluster
- Configures CPU reservations, limits, and shares
- Configures memory reservations, limits, and shares
- Creates tag categories for Environment and ResourceGroupType
- Applies tags to resource pools for organization
Usage
module "vsphere_resource_groups" {
source = "./terraform-vsphere-resourcegroups"
datacenter = "DC1"
cluster_name = "Cluster01"
environment = "prod"
role_id = var.vault_role_id
secret_id = var.vault_secret_id
resource_groups = {
kubernetes = {
name = "Kubernetes"
cpu_reservation = 4000
cpu_shares = "high"
memory_reservation = 8192
memory_shares = "high"
}
docker = {
name = "Docker"
cpu_shares = "normal"
memory_shares = "normal"
}
infra = {
name = "Infrastructure"
cpu_shares = "low"
memory_shares = "low"
}
}
}
Key Features
- Resource Allocation: CPU and memory reservations, limits, shares
- Shares Mapping: Automatic conversion of low/normal/high to vSphere values (500/1000/2000)
- Tagging System: Environment and resource group type tags
- Flexible Configuration: Optional parameters with sensible defaults
- Expandable Resources: Allow resources to grow beyond reservations
Default Resource Groups
- Kubernetes: For Kubernetes infrastructure
- Docker: For Docker containers
- Infra: For infrastructure services
Prerequisites
- VMware vSphere with compute cluster
- Vault with vSphere credentials
- Terraform >= 1.6.0 (required for testing framework)
Testing
This module includes comprehensive Terraform tests to ensure code quality and correctness. Tests cover:
- Default resource group creation
- Custom configuration scenarios
- Variable validation and edge cases
- Tag management
- Output generation
Running Tests Locally
# Run all tests
terraform test
# Run tests with verbose output
terraform test -verbose
# Run specific test file
terraform test -filter=tests/resource_groups.tftest.hcl
For detailed testing documentation, see TESTING.md.
CI/CD Integration
Tests are automatically executed in the CI/CD pipeline:
- Code formatting validation (
terraform fmt -check) - Test execution with verbose output
- Test report generation and artifact upload
The test job runs after security scanning and before infrastructure deployment.