Move launcher script into terraform

* use null_resource to lauch the deployment
* update documentation

README.md

@@ -39,7 +39,7 @@ For example (check also the other values used in *variables.tf*):
     flavor = "standard.large"  # >4GB memory needed
     EOF
 
-    ./launch.sh
+    terraform apply
 
 # Build cluster
 
@@ -59,16 +59,9 @@ For example (check also the other values used in *variables.tf*):
     EOF
 
     #
-    # 2. add ssh key to ssh agent
-    #
-    # It must be the ssh key used in the *ssh* parameter in *variables.tf* or *\*.auto.tfvars*.
-    #
-    ssh-add
-
-    #
-    # 3. launch the setup script
+    # 2. launch the setup
     #
-    ./launch.sh
+    terraform apply
 
 # Destroy cluster
 
@@ -104,10 +97,10 @@ On the terraform client machine:
     vim *.auto.tfvars
 
     # check the output
-    ./terraform plan
+    terraform plan
 
     # perform the changes
-    ./launch.sh
+    terraform apply
 
     # refresh configuration
     yellowmanager refresh
@@ -141,10 +134,10 @@ On the terraform client machine:
     vim *.auto.tfvars
 
     # check the output
-    ./terraform plan
+    terraform plan
 
     # perform the changes
-    ./launch.sh
+    terraform apply
 
 3) cleanups
 
@@ -165,13 +158,6 @@ The generated password is written on the output and stored in the home directory
 
 # Internals
 
-The *launch.sh* script is doing something like this:
-
-    terraform init
-    terraform apply
-    terraform output -json > config.json
-    ./orchestrate.py
-
-Terraform builds the infrastructure, *orchestrate.py* finishes the missing pieces (waiting for machine existence, proper DNS setup, ...), and then deploys and configures the software. The information about the infrastructure from Terraform is used for the orchestration.
+Terraform builds the infrastructure. In the last step the *orchestrate.py* script is launched, which finishes the missing pieces (waiting for machine existence, proper DNS setup, ...), and then deploys and configures the software. The information about the infrastructure from Terraform is stored to *config.json* file and used for the orchestration.
 
 The orchestration script has multiple steps and dry-run option. See *./orchestrate.py --help*.

deploy.tf

@@ -13,6 +13,35 @@ locals {
 	ord = ["a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z"]
 	keyfile = "ssh-key.${var.domain}.txt"
 	master_fqdn = "${data.template_file.user_data_common[0].vars.host}.${var.domain}"
+	output = {
+		config = {
+			value = {
+				n = var.n,
+				domain = var.domain,
+				image_user = var.image_user,
+				master_hostname = var.master_hostname,
+				node_hostname = var.node_hostname,
+				type = var.type,
+				secrets = {
+					http_signature_secret = random_password.secrets[0].result,
+					kerberos_admin_password = random_password.secrets[1].result,
+					kerberos_master_password = random_password.secrets[2].result,
+				},
+				volumes = var.volumes,
+			}
+		}
+		hosts = {
+			value = {
+				for instance in openstack_compute_instance_v2.server:
+					data.template_file.user_data_common[index(openstack_compute_instance_v2.server[*].id, instance.id)].vars.host => length(instance.network) >= 1 ? instance.network[0].fixed_ip_v4 : null
+			}
+		}
+		public_hosts = {
+			value = {
+				(data.template_file.user_data_common[0].vars.host) = openstack_compute_floatingip_associate_v2.server-fip-1.floating_ip
+			}
+		}
+	}
 }
 
 data "openstack_compute_keypair_v2" "userkey" {
@@ -134,6 +163,12 @@ resource "local_file" "localkey" {
 	sensitive_content = openstack_compute_keypair_v2.localkey.private_key
 }
 
+resource "local_file" "output" {
+	filename = "config.json"
+	file_permission = "0600"
+	sensitive_content = jsonencode(local.output)
+}
+
 resource "openstack_compute_instance_v2" "server" {
 	count = var.n + 1
 	name = format("%s.%s", data.template_file.user_data_common[count.index].vars.host, var.domain)
@@ -185,33 +220,28 @@ resource "random_password" "secrets" {
 	}
 }
 
-output "config" {
-	value = {
-		n = var.n,
-		domain = var.domain,
-		image_user = var.image_user,
-		master_hostname = var.master_hostname,
-		node_hostname = var.node_hostname,
-		type = var.type,
-		secrets = {
-			http_signature_secret = random_password.secrets[0].result,
-			kerberos_admin_password = random_password.secrets[1].result,
-			kerberos_master_password = random_password.secrets[2].result,
-		},
-		volumes = var.volumes,
+resource "null_resource" "deployment" {
+	triggers = {
+		always_run = timestamp()
 	}
-	sensitive = true
-}
-
-output "hosts" {
-	value = {
-		for instance in openstack_compute_instance_v2.server:
-			data.template_file.user_data_common[index(openstack_compute_instance_v2.server[*].id, instance.id)].vars.host => length(instance.network) >= 1 ? instance.network[0].fixed_ip_v4 : null
+	provisioner "local-exec" {
+		command = <<EOF
+eval $(ssh-agent -s)
+trap "kill $SSH_AGENT_PID" INT TERM
+ssh-add ${local_file.localkey.filename}
+
+if [ -z "$NO_DEPLOYMENT" ]; then
+	./orchestrate.py -c ${local_file.output.filename}
+else
+	./orchestrate.py -c ${local_file.output.filename} files ping init wait
+	./orchestrate.py -c ${local_file.output.filename} -n deployment
+fi
+
+kill $SSH_AGENT_PID
+EOF
 	}
 }
 
 output "public_hosts" {
-	value = {
-		(data.template_file.user_data_common[0].vars.host) = openstack_compute_floatingip_associate_v2.server-fip-1.floating_ip
-	}
+	value = local.output.public_hosts.value
 }

launch.sh

-#! /bin/sh -e
-
-TERRAFORM="`PATH=$PATH:. which terraform`"
-
-$TERRAFORM init >/dev/null
-
-$TERRAFORM apply -auto-approve "$@"
-
-touch config.json; chmod 0600 config.json
-$TERRAFORM output -json > config.json
-
-eval $(ssh-agent -s)
-trap "kill $SSH_AGENT_PID" INT TERM
-ssh-add ssh-key.*.txt
-
-if [ -z "$NO_DEPLOYMENT" ]; then
-	./orchestrate.py
-else
-	./orchestrate.py files ping init wait
-	./orchestrate.py -n deployment
-fi
-
-kill $SSH_AGENT_PID