diff --git a/README.md b/README.md
index 677fc898e47a14e19049d7b87fe8e285378d14d8..92fef8f338de900bd96eee347a6eb33e03f05a79 100644
--- a/README.md
+++ b/README.md
@@ -39,7 +39,7 @@ For example (check also the other values used in *variables.tf*):
flavor = "standard.large" # >4GB memory needed
EOF
- ./launch.sh
+ terraform apply
# Build cluster
@@ -59,16 +59,9 @@ For example (check also the other values used in *variables.tf*):
EOF
#
- # 2. add ssh key to ssh agent
- #
- # It must be the ssh key used in the *ssh* parameter in *variables.tf* or *\*.auto.tfvars*.
- #
- ssh-add
-
- #
- # 3. launch the setup script
+ # 2. launch the setup
#
- ./launch.sh
+ terraform apply
# Destroy cluster
@@ -104,10 +97,10 @@ On the terraform client machine:
vim *.auto.tfvars
# check the output
- ./terraform plan
+ terraform plan
# perform the changes
- ./launch.sh
+ terraform apply
# refresh configuration
yellowmanager refresh
@@ -141,10 +134,10 @@ On the terraform client machine:
vim *.auto.tfvars
# check the output
- ./terraform plan
+ terraform plan
# perform the changes
- ./launch.sh
+ terraform apply
3) cleanups
@@ -165,13 +158,6 @@ The generated password is written on the output and stored in the home directory
# Internals
-The *launch.sh* script is doing something like this:
-
- terraform init
- terraform apply
- terraform output -json > config.json
- ./orchestrate.py
-
-Terraform builds the infrastructure, *orchestrate.py* finishes the missing pieces (waiting for machine existence, proper DNS setup, ...), and then deploys and configures the software. The information about the infrastructure from Terraform is used for the orchestration.
+Terraform builds the infrastructure. In the last step the *orchestrate.py* script is launched, which finishes the missing pieces (waiting for machine existence, proper DNS setup, ...), and then deploys and configures the software. The information about the infrastructure from Terraform is stored to *config.json* file and used for the orchestration.
The orchestration script has multiple steps and dry-run option. See *./orchestrate.py --help*.
diff --git a/deploy.tf b/deploy.tf
index 159ab3cd61ee3bfd7c9a3fe039bb8435997e8617..0217754b1af67ad4f4c35662d91811762e73d220 100644
--- a/deploy.tf
+++ b/deploy.tf
@@ -13,6 +13,35 @@ locals {
ord = ["a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z"]
keyfile = "ssh-key.${var.domain}.txt"
master_fqdn = "${data.template_file.user_data_common[0].vars.host}.${var.domain}"
+ output = {
+ config = {
+ value = {
+ n = var.n,
+ domain = var.domain,
+ image_user = var.image_user,
+ master_hostname = var.master_hostname,
+ node_hostname = var.node_hostname,
+ type = var.type,
+ secrets = {
+ http_signature_secret = random_password.secrets[0].result,
+ kerberos_admin_password = random_password.secrets[1].result,
+ kerberos_master_password = random_password.secrets[2].result,
+ },
+ volumes = var.volumes,
+ }
+ }
+ hosts = {
+ value = {
+ for instance in openstack_compute_instance_v2.server:
+ data.template_file.user_data_common[index(openstack_compute_instance_v2.server[*].id, instance.id)].vars.host => length(instance.network) >= 1 ? instance.network[0].fixed_ip_v4 : null
+ }
+ }
+ public_hosts = {
+ value = {
+ (data.template_file.user_data_common[0].vars.host) = openstack_compute_floatingip_associate_v2.server-fip-1.floating_ip
+ }
+ }
+ }
}
data "openstack_compute_keypair_v2" "userkey" {
@@ -129,9 +158,15 @@ resource "openstack_compute_keypair_v2" "localkey" {
}
resource "local_file" "localkey" {
- filename = local.keyfile
+ filename = local.keyfile
+ file_permission = "0600"
+ sensitive_content = openstack_compute_keypair_v2.localkey.private_key
+}
+
+resource "local_file" "output" {
+ filename = "config.json"
file_permission = "0600"
- sensitive_content = openstack_compute_keypair_v2.localkey.private_key
+ sensitive_content = jsonencode(local.output)
}
resource "openstack_compute_instance_v2" "server" {
@@ -185,33 +220,28 @@ resource "random_password" "secrets" {
}
}
-output "config" {
- value = {
- n = var.n,
- domain = var.domain,
- image_user = var.image_user,
- master_hostname = var.master_hostname,
- node_hostname = var.node_hostname,
- type = var.type,
- secrets = {
- http_signature_secret = random_password.secrets[0].result,
- kerberos_admin_password = random_password.secrets[1].result,
- kerberos_master_password = random_password.secrets[2].result,
- },
- volumes = var.volumes,
+resource "null_resource" "deployment" {
+ triggers = {
+ always_run = timestamp()
}
- sensitive = true
-}
-
-output "hosts" {
- value = {
- for instance in openstack_compute_instance_v2.server:
- data.template_file.user_data_common[index(openstack_compute_instance_v2.server[*].id, instance.id)].vars.host => length(instance.network) >= 1 ? instance.network[0].fixed_ip_v4 : null
+ provisioner "local-exec" {
+ command = <<EOF
+eval $(ssh-agent -s)
+trap "kill $SSH_AGENT_PID" INT TERM
+ssh-add ${local_file.localkey.filename}
+
+if [ -z "$NO_DEPLOYMENT" ]; then
+ ./orchestrate.py -c ${local_file.output.filename}
+else
+ ./orchestrate.py -c ${local_file.output.filename} files ping init wait
+ ./orchestrate.py -c ${local_file.output.filename} -n deployment
+fi
+
+kill $SSH_AGENT_PID
+EOF
}
}
output "public_hosts" {
- value = {
- (data.template_file.user_data_common[0].vars.host) = openstack_compute_floatingip_associate_v2.server-fip-1.floating_ip
- }
+ value = local.output.public_hosts.value
}
diff --git a/launch.sh b/launch.sh
deleted file mode 100755
index 5abc3072d76d54988018865fa40eb2b0b34cb7c1..0000000000000000000000000000000000000000
--- a/launch.sh
+++ /dev/null
@@ -1,23 +0,0 @@
-#! /bin/sh -e
-
-TERRAFORM="`PATH=$PATH:. which terraform`"
-
-$TERRAFORM init >/dev/null
-
-$TERRAFORM apply -auto-approve "$@"
-
-touch config.json; chmod 0600 config.json
-$TERRAFORM output -json > config.json
-
-eval $(ssh-agent -s)
-trap "kill $SSH_AGENT_PID" INT TERM
-ssh-add ssh-key.*.txt
-
-if [ -z "$NO_DEPLOYMENT" ]; then
- ./orchestrate.py
-else
- ./orchestrate.py files ping init wait
- ./orchestrate.py -n deployment
-fi
-
-kill $SSH_AGENT_PID