Skip to content
Snippets Groups Projects
Commit d0a86ab3 authored by František Dvořák's avatar František Dvořák
Browse files

Move launcher script into terraform

* use null_resource to lauch the deployment
* update documentation
parent 904fa118
No related branches found
No related tags found
No related merge requests found
...@@ -39,7 +39,7 @@ For example (check also the other values used in *variables.tf*): ...@@ -39,7 +39,7 @@ For example (check also the other values used in *variables.tf*):
flavor = "standard.large" # >4GB memory needed flavor = "standard.large" # >4GB memory needed
EOF EOF
./launch.sh terraform apply
# Build cluster # Build cluster
...@@ -59,16 +59,9 @@ For example (check also the other values used in *variables.tf*): ...@@ -59,16 +59,9 @@ For example (check also the other values used in *variables.tf*):
EOF EOF
# #
# 2. add ssh key to ssh agent # 2. launch the setup
#
# It must be the ssh key used in the *ssh* parameter in *variables.tf* or *\*.auto.tfvars*.
#
ssh-add
#
# 3. launch the setup script
# #
./launch.sh terraform apply
# Destroy cluster # Destroy cluster
...@@ -104,10 +97,10 @@ On the terraform client machine: ...@@ -104,10 +97,10 @@ On the terraform client machine:
vim *.auto.tfvars vim *.auto.tfvars
# check the output # check the output
./terraform plan terraform plan
# perform the changes # perform the changes
./launch.sh terraform apply
# refresh configuration # refresh configuration
yellowmanager refresh yellowmanager refresh
...@@ -141,10 +134,10 @@ On the terraform client machine: ...@@ -141,10 +134,10 @@ On the terraform client machine:
vim *.auto.tfvars vim *.auto.tfvars
# check the output # check the output
./terraform plan terraform plan
# perform the changes # perform the changes
./launch.sh terraform apply
3) cleanups 3) cleanups
...@@ -165,13 +158,6 @@ The generated password is written on the output and stored in the home directory ...@@ -165,13 +158,6 @@ The generated password is written on the output and stored in the home directory
# Internals # Internals
The *launch.sh* script is doing something like this: Terraform builds the infrastructure. In the last step the *orchestrate.py* script is launched, which finishes the missing pieces (waiting for machine existence, proper DNS setup, ...), and then deploys and configures the software. The information about the infrastructure from Terraform is stored to *config.json* file and used for the orchestration.
terraform init
terraform apply
terraform output -json > config.json
./orchestrate.py
Terraform builds the infrastructure, *orchestrate.py* finishes the missing pieces (waiting for machine existence, proper DNS setup, ...), and then deploys and configures the software. The information about the infrastructure from Terraform is used for the orchestration.
The orchestration script has multiple steps and dry-run option. See *./orchestrate.py --help*. The orchestration script has multiple steps and dry-run option. See *./orchestrate.py --help*.
...@@ -13,6 +13,35 @@ locals { ...@@ -13,6 +13,35 @@ locals {
ord = ["a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z"] ord = ["a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z"]
keyfile = "ssh-key.${var.domain}.txt" keyfile = "ssh-key.${var.domain}.txt"
master_fqdn = "${data.template_file.user_data_common[0].vars.host}.${var.domain}" master_fqdn = "${data.template_file.user_data_common[0].vars.host}.${var.domain}"
output = {
config = {
value = {
n = var.n,
domain = var.domain,
image_user = var.image_user,
master_hostname = var.master_hostname,
node_hostname = var.node_hostname,
type = var.type,
secrets = {
http_signature_secret = random_password.secrets[0].result,
kerberos_admin_password = random_password.secrets[1].result,
kerberos_master_password = random_password.secrets[2].result,
},
volumes = var.volumes,
}
}
hosts = {
value = {
for instance in openstack_compute_instance_v2.server:
data.template_file.user_data_common[index(openstack_compute_instance_v2.server[*].id, instance.id)].vars.host => length(instance.network) >= 1 ? instance.network[0].fixed_ip_v4 : null
}
}
public_hosts = {
value = {
(data.template_file.user_data_common[0].vars.host) = openstack_compute_floatingip_associate_v2.server-fip-1.floating_ip
}
}
}
} }
data "openstack_compute_keypair_v2" "userkey" { data "openstack_compute_keypair_v2" "userkey" {
...@@ -134,6 +163,12 @@ resource "local_file" "localkey" { ...@@ -134,6 +163,12 @@ resource "local_file" "localkey" {
sensitive_content = openstack_compute_keypair_v2.localkey.private_key sensitive_content = openstack_compute_keypair_v2.localkey.private_key
} }
resource "local_file" "output" {
filename = "config.json"
file_permission = "0600"
sensitive_content = jsonencode(local.output)
}
resource "openstack_compute_instance_v2" "server" { resource "openstack_compute_instance_v2" "server" {
count = var.n + 1 count = var.n + 1
name = format("%s.%s", data.template_file.user_data_common[count.index].vars.host, var.domain) name = format("%s.%s", data.template_file.user_data_common[count.index].vars.host, var.domain)
...@@ -185,33 +220,28 @@ resource "random_password" "secrets" { ...@@ -185,33 +220,28 @@ resource "random_password" "secrets" {
} }
} }
output "config" { resource "null_resource" "deployment" {
value = { triggers = {
n = var.n, always_run = timestamp()
domain = var.domain,
image_user = var.image_user,
master_hostname = var.master_hostname,
node_hostname = var.node_hostname,
type = var.type,
secrets = {
http_signature_secret = random_password.secrets[0].result,
kerberos_admin_password = random_password.secrets[1].result,
kerberos_master_password = random_password.secrets[2].result,
},
volumes = var.volumes,
} }
sensitive = true provisioner "local-exec" {
} command = <<EOF
eval $(ssh-agent -s)
output "hosts" { trap "kill $SSH_AGENT_PID" INT TERM
value = { ssh-add ${local_file.localkey.filename}
for instance in openstack_compute_instance_v2.server:
data.template_file.user_data_common[index(openstack_compute_instance_v2.server[*].id, instance.id)].vars.host => length(instance.network) >= 1 ? instance.network[0].fixed_ip_v4 : null if [ -z "$NO_DEPLOYMENT" ]; then
./orchestrate.py -c ${local_file.output.filename}
else
./orchestrate.py -c ${local_file.output.filename} files ping init wait
./orchestrate.py -c ${local_file.output.filename} -n deployment
fi
kill $SSH_AGENT_PID
EOF
} }
} }
output "public_hosts" { output "public_hosts" {
value = { value = local.output.public_hosts.value
(data.template_file.user_data_common[0].vars.host) = openstack_compute_floatingip_associate_v2.server-fip-1.floating_ip
}
} }
#! /bin/sh -e
TERRAFORM="`PATH=$PATH:. which terraform`"
$TERRAFORM init >/dev/null
$TERRAFORM apply -auto-approve "$@"
touch config.json; chmod 0600 config.json
$TERRAFORM output -json > config.json
eval $(ssh-agent -s)
trap "kill $SSH_AGENT_PID" INT TERM
ssh-add ssh-key.*.txt
if [ -z "$NO_DEPLOYMENT" ]; then
./orchestrate.py
else
./orchestrate.py files ping init wait
./orchestrate.py -n deployment
fi
kill $SSH_AGENT_PID
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment