Skip to content
Snippets Groups Projects
Commit d0a86ab3 authored by František Dvořák's avatar František Dvořák
Browse files

Move launcher script into terraform

* use null_resource to lauch the deployment
* update documentation
parent 904fa118
Branches
No related tags found
No related merge requests found
......@@ -39,7 +39,7 @@ For example (check also the other values used in *variables.tf*):
flavor = "standard.large" # >4GB memory needed
EOF
./launch.sh
terraform apply
# Build cluster
......@@ -59,16 +59,9 @@ For example (check also the other values used in *variables.tf*):
EOF
#
# 2. add ssh key to ssh agent
#
# It must be the ssh key used in the *ssh* parameter in *variables.tf* or *\*.auto.tfvars*.
#
ssh-add
#
# 3. launch the setup script
# 2. launch the setup
#
./launch.sh
terraform apply
# Destroy cluster
......@@ -104,10 +97,10 @@ On the terraform client machine:
vim *.auto.tfvars
# check the output
./terraform plan
terraform plan
# perform the changes
./launch.sh
terraform apply
# refresh configuration
yellowmanager refresh
......@@ -141,10 +134,10 @@ On the terraform client machine:
vim *.auto.tfvars
# check the output
./terraform plan
terraform plan
# perform the changes
./launch.sh
terraform apply
3) cleanups
......@@ -165,13 +158,6 @@ The generated password is written on the output and stored in the home directory
# Internals
The *launch.sh* script is doing something like this:
terraform init
terraform apply
terraform output -json > config.json
./orchestrate.py
Terraform builds the infrastructure, *orchestrate.py* finishes the missing pieces (waiting for machine existence, proper DNS setup, ...), and then deploys and configures the software. The information about the infrastructure from Terraform is used for the orchestration.
Terraform builds the infrastructure. In the last step the *orchestrate.py* script is launched, which finishes the missing pieces (waiting for machine existence, proper DNS setup, ...), and then deploys and configures the software. The information about the infrastructure from Terraform is stored to *config.json* file and used for the orchestration.
The orchestration script has multiple steps and dry-run option. See *./orchestrate.py --help*.
......@@ -13,6 +13,35 @@ locals {
ord = ["a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z"]
keyfile = "ssh-key.${var.domain}.txt"
master_fqdn = "${data.template_file.user_data_common[0].vars.host}.${var.domain}"
output = {
config = {
value = {
n = var.n,
domain = var.domain,
image_user = var.image_user,
master_hostname = var.master_hostname,
node_hostname = var.node_hostname,
type = var.type,
secrets = {
http_signature_secret = random_password.secrets[0].result,
kerberos_admin_password = random_password.secrets[1].result,
kerberos_master_password = random_password.secrets[2].result,
},
volumes = var.volumes,
}
}
hosts = {
value = {
for instance in openstack_compute_instance_v2.server:
data.template_file.user_data_common[index(openstack_compute_instance_v2.server[*].id, instance.id)].vars.host => length(instance.network) >= 1 ? instance.network[0].fixed_ip_v4 : null
}
}
public_hosts = {
value = {
(data.template_file.user_data_common[0].vars.host) = openstack_compute_floatingip_associate_v2.server-fip-1.floating_ip
}
}
}
}
data "openstack_compute_keypair_v2" "userkey" {
......@@ -134,6 +163,12 @@ resource "local_file" "localkey" {
sensitive_content = openstack_compute_keypair_v2.localkey.private_key
}
resource "local_file" "output" {
filename = "config.json"
file_permission = "0600"
sensitive_content = jsonencode(local.output)
}
resource "openstack_compute_instance_v2" "server" {
count = var.n + 1
name = format("%s.%s", data.template_file.user_data_common[count.index].vars.host, var.domain)
......@@ -185,33 +220,28 @@ resource "random_password" "secrets" {
}
}
output "config" {
value = {
n = var.n,
domain = var.domain,
image_user = var.image_user,
master_hostname = var.master_hostname,
node_hostname = var.node_hostname,
type = var.type,
secrets = {
http_signature_secret = random_password.secrets[0].result,
kerberos_admin_password = random_password.secrets[1].result,
kerberos_master_password = random_password.secrets[2].result,
},
volumes = var.volumes,
resource "null_resource" "deployment" {
triggers = {
always_run = timestamp()
}
sensitive = true
}
output "hosts" {
value = {
for instance in openstack_compute_instance_v2.server:
data.template_file.user_data_common[index(openstack_compute_instance_v2.server[*].id, instance.id)].vars.host => length(instance.network) >= 1 ? instance.network[0].fixed_ip_v4 : null
provisioner "local-exec" {
command = <<EOF
eval $(ssh-agent -s)
trap "kill $SSH_AGENT_PID" INT TERM
ssh-add ${local_file.localkey.filename}
if [ -z "$NO_DEPLOYMENT" ]; then
./orchestrate.py -c ${local_file.output.filename}
else
./orchestrate.py -c ${local_file.output.filename} files ping init wait
./orchestrate.py -c ${local_file.output.filename} -n deployment
fi
kill $SSH_AGENT_PID
EOF
}
}
output "public_hosts" {
value = {
(data.template_file.user_data_common[0].vars.host) = openstack_compute_floatingip_associate_v2.server-fip-1.floating_ip
}
value = local.output.public_hosts.value
}
#! /bin/sh -e
TERRAFORM="`PATH=$PATH:. which terraform`"
$TERRAFORM init >/dev/null
$TERRAFORM apply -auto-approve "$@"
touch config.json; chmod 0600 config.json
$TERRAFORM output -json > config.json
eval $(ssh-agent -s)
trap "kill $SSH_AGENT_PID" INT TERM
ssh-add ssh-key.*.txt
if [ -z "$NO_DEPLOYMENT" ]; then
./orchestrate.py
else
./orchestrate.py files ping init wait
./orchestrate.py -n deployment
fi
kill $SSH_AGENT_PID
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment