Providers (Terraform)

Provider Proxmox

Proxmox est l'hyperviseur open-source de référence pour l'infrastructure on-premise. Le provider Terraform bpg/proxmox est le plus complet disponible et permet de provisionner des VMs et des conteneurs LXC depuis du code HCL, avec le même workflow que pour le cloud.

Configuration du provider

terraform {
  required_providers {
    proxmox = {
      source  = "bpg/proxmox"
      version = ">= 0.50.0"
    }
  }
}

provider "proxmox" {
  endpoint  = "https://pve.example.com:8006/"
  username  = "terraform@pve"
  password  = var.proxmox_password
  insecure  = false    # true uniquement avec un certificat auto-signé en lab

  # Alternative : token API (recommandé)
  # api_token = "terraform@pve!terraform=TOKEN"
}

# Créer un utilisateur et un rôle Terraform dans Proxmox
pveum user add terraform@pve
pveum role add TerraformRole -privs "VM.Allocate VM.Clone VM.Config.CDROM VM.Config.CPU VM.Config.Cloudinit VM.Config.Disk VM.Config.HWType VM.Config.Memory VM.Config.Network VM.Config.Options VM.Monitor VM.PowerMgmt Datastore.AllocateSpace SDN.Use"
pveum aclmod / -user terraform@pve -role TerraformRole

# Créer un token API
pveum user token add terraform@pve terraform --privsep=0

Créer une VM depuis un template cloud-init

resource "proxmox_virtual_environment_vm" "web" {
  name      = "web-01"
  node_name = "pve"
  vm_id     = 200

  clone {
    vm_id = 9000    # ID du template Debian 13 cloud-init
    full  = true
  }

  agent {
    enabled = true
  }

  cpu {
    cores = 2
    type  = "x86-64-v2-AES"
  }

  memory {
    dedicated = 2048
  }

  disk {
    datastore_id = "local-lvm"
    size         = 20
    interface    = "scsi0"
    file_format  = "raw"
  }

  network_device {
    bridge  = "vmbr0"
    model   = "virtio"
  }

  initialization {
    ip_config {
      ipv4 {
        address = "192.168.1.100/24"
        gateway = "192.168.1.1"
      }
    }

    user_account {
      username = "debian"
      keys     = [var.ssh_public_key]
    }

    dns {
      servers = ["1.1.1.1", "8.8.8.8"]
      domain  = "example.com"
    }
  }

  tags = ["terraform", "web", var.environment]
}

Conteneur LXC

resource "proxmox_virtual_environment_container" "nginx" {
  node_name    = "pve"
  vm_id        = 300
  description  = "Nginx reverse proxy"
  unprivileged = true

  operating_system {
    template_file_id = "local:vztmpl/debian-13-standard_13.0-1_amd64.tar.zst"
    type             = "debian"
  }

  cpu { cores = 1 }
  memory { dedicated = 512 }

  disk {
    datastore_id = "local-lvm"
    size         = 4
  }

  network_interface {
    name    = "eth0"
    bridge  = "vmbr0"
    address = "192.168.1.200/24"
    gateway = "192.168.1.1"
  }

  initialization {
    hostname = "nginx-01"
    user_account {
      keys = [var.ssh_public_key]
    }
  }
}

Outputs utiles

output "vm_ip" {
  value = proxmox_virtual_environment_vm.web.initialization[0].ip_config[0].ipv4[0].address
}

output "vm_id" {
  value = proxmox_virtual_environment_vm.web.vm_id
}

Introduction (Terraform)

Fondamentaux (Terraform)

Organisation (Terraform)

Production (Terraform)