Moar refactoring and cleanup

cesnet-mcc/terraform/terraform.tfvars

@@ -5,19 +5,24 @@ net6_name = "public-muni-v6-432"
 site_name = "cesnet-mcc"
 
 # These may need some adjustment for your provider
-master_cpus = 2    # 2 CPUs to match existing flavours
-master_ram  = 4096
-worker_cpus = 4
-worker_ram  = 8192
+master_flavor_name = "standard.medium"
+worker_flavor_name = "standard.large"
+gpu_flavor_name = "a3.32core-240ram-1t4"
 
 # Number of extra workers
 extra_workers = 2
 
+# Number of GPU workers
+gpu_workers = 0
+
 # volumes for docker
 docker_volumes_size = 384
 
 # NFS volume
 nfs_volume_size = 256
 
+# scratch volume
+scratch_volumes_size = 128
+
 # squid volume
 squid_volume_size = 128

cesnet-mcc/terraform/vars.tf

-variable "ip_pool" {
-  type        = string
-  description = "The name of the public IP pool for the servers"
-}
-
-variable "net_name" {
-  type        = string
-  description = "The name of the IPv4 network"
-}
-
-variable "net6_name" {
-  type        = string
-  description = "The name of the IPv6 network"
-}
-
-variable "site_name" {
-  type        = string
-  description = "Site identifier for internal host names"
-}
-
-variable "master_cpus" {
-  type        = number
-  description = "Number of CPUs for the master"
-}
-
-variable "master_ram" {
-  type        = number
-  description = "RAM for the master"
-}
-
-variable "worker_cpus" {
-  type        = number
-  description = "Number of CPUs for the worker"
-}
-
-variable "worker_ram" {
-  type        = number
-  description = "RAM for the worker"
-}
-
-variable "extra_workers" {
-  type        = number
-  description = "Number of extra workers to create"
-}
-
-variable "docker_volumes_size" {
-  type        = number
-  description = "Size of volumes for docker (GB)"
-}
-
-variable "nfs_volume_size" {
-  type        = number
-  description = "Size of volume for NFS server (GB)"
-}
-
-variable "squid_volume_size" {
-  type        = number
-  description = "Size of volume for squid proxy, CVMFS cache (GB)"
-}

cesnet-mcc/terraform/vars.tf

+../../common/terraform/vars.tf
\ No newline at end of file

cesnet-mcc/terraform/vms.tf

@@ -2,11 +2,12 @@ locals {
   nodes = concat([
     openstack_compute_instance_v2.ingress,
     openstack_compute_instance_v2.nfs,
-  ], openstack_compute_instance_v2.worker[*])
+  ], openstack_compute_instance_v2.worker[*], openstack_compute_instance_v2.gpu[*])
   master_ip = replace(openstack_compute_instance_v2.master.network[1].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
   ingress_ip = replace(openstack_compute_instance_v2.ingress.network[1].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
   nfs_ip = replace(openstack_compute_instance_v2.nfs.network[1].fixed_ip_v6, "/\\[(.*)\\]/", "$1")
   worker_ips = [for s in openstack_compute_instance_v2.worker[*].network[1].fixed_ip_v6 : replace(s, "/\\[(.*)\\]/", "$1")]
+  gpu_ips = [for s in openstack_compute_instance_v2.gpu[*].network[1].fixed_ip_v6 : replace(s, "/\\[(.*)\\]/", "$1")]
 }
 
 # Security groups
@@ -87,13 +88,15 @@ data "openstack_images_image_v2" "ubuntu" {
 }
 
 data "openstack_compute_flavor_v2" "master-flavor" {
-  vcpus = var.master_cpus
-  ram   = var.master_ram
+  name = var.master_flavor_name
 }
 
 data "openstack_compute_flavor_v2" "worker-flavor" {
-  vcpus = var.worker_cpus
-  ram   = var.worker_ram
+  name = var.worker_flavor_name
+}
+
+data "openstack_compute_flavor_v2" "gpu-flavor" {
+  name = var.gpu_flavor_name
 }
 
 resource "openstack_compute_instance_v2" "master" {
@@ -158,6 +161,22 @@ resource "openstack_compute_instance_v2" "worker" {
   }
 }
 
+resource "openstack_compute_instance_v2" "gpu" {
+  count           = var.gpu_workers
+  name            = "k8s-${var.site_name}-gpu-${count.index}"
+  image_id        = data.openstack_images_image_v2.ubuntu.id
+  flavor_id       = data.openstack_compute_flavor_v2.gpu-flavor.id
+  security_groups = ["default", openstack_compute_secgroup_v2.ping.name, openstack_compute_secgroup_v2.ssh.name]
+  user_data       = file("cloud-init.yaml")
+  tags            = ["worker"]
+  network {
+    name = var.net_name
+  }
+  network {
+    name = var.net6_name
+  }
+}
+
 resource "openstack_compute_floatingip_associate_v2" "fip" {
   floating_ip = openstack_networking_floatingip_v2.public_ip.address
   instance_id = openstack_compute_instance_v2.ingress.id
@@ -191,13 +210,13 @@ EOT
 }
 
 resource "openstack_blockstorage_volume_v3" "docker-volume" {
-  count = var.extra_workers + 2
+  count = var.extra_workers + var.gpu_workers + 2
   name  = format("docker-%s", local.nodes[count.index].name)
   size  = var.docker_volumes_size
 }
 
 resource "openstack_compute_volume_attach_v2" "docker-volume-attach" {
-  count       = var.extra_workers + 2
+  count       = var.extra_workers + var.gpu_workers + 2
   instance_id = local.nodes[count.index].id
   volume_id   = openstack_blockstorage_volume_v3.docker-volume[count.index].id
 }
@@ -279,6 +298,10 @@ worker:
   hosts:
     ${join("\n    ", [for s in local.worker_ips: "${s}:"])}
 
+gpu:
+  hosts:
+    ${join("\n    ", [for s in local.gpu_ips : "${s}:"])}
+
 # using public IP of kube_server for ansible delegate_to
 kube_server:
   hosts:
@@ -302,6 +325,6 @@ resource "local_file" "hosts" {
 ${local.master_ip}
 ${local.ingress_ip}
 ${local.nfs_ip}
-${join("\n", local.worker_ips)}
+${join("\n", concat(local.worker_ips, local.gpu_ips))}
 EOT
 }

staging1/terraform/terraform.tfvars

 # These need to be defined for things to work
 ip_pool  = "PSNC-PUB1-EDU"
+net_name = ""
+net6_name = ""
 site_name = "staging"
 
 # These may need some adjustment for your provider
-master_cpus = 4
-master_ram  = 8192
-worker_cpus = 4
-worker_ram  = 8192
+master_flavor_name = "M1-NVME-2vCPU-8R-50D"
+worker_flavor_name = "M1-NVME-2vCPU-8R-50D"
 # XXX: replace this for GPU flavor, once available
 gpu_flavor_name = "M1-NVME-2vCPU-8R-50D"
 

staging1/terraform/vars.tf

-variable "ip_pool" {
-  type        = string
-  description = "The name of the public IP pool for the servers"
-}
-
-variable "site_name" {
-  type        = string
-  description = "Site identifier for internal host names"
-}
-
-variable "gpu_flavor_name" {
-  type = string
-  description = "Name of the GPU flavor"
-}
-
-variable "master_cpus" {
-  type        = number
-  description = "Number of CPUs for the master"
-}
-
-variable "master_ram" {
-  type        = number
-  description = "RAM for the master"
-}
-
-variable "worker_cpus" {
-  type        = number
-  description = "Number of CPUs for the worker"
-}
-
-variable "worker_ram" {
-  type        = number
-  description = "RAM for the worker"
-}
-
-variable "extra_workers" {
-  type        = number
-  description = "Number of extra workers to create"
-}
-
-variable "gpu_workers" {
-  type        = number
-  description = "Number of GPU workers to create"
-}
-
-variable "docker_volumes_size" {
-  type        = number
-  description = "Size of volumes for docker (GB)"
-}
-
-variable "nfs_volume_size" {
-  type        = number
-  description = "Size of volume for NFS server (GB)"
-}
-
-variable "scratch_volumes_size" {
-  type        = number
-  description = "Size of volume for ephemeral volumes (GB)"
-}
-
-variable "squid_volume_size" {
-  type        = number
-  description = "Size of volume for squid proxy, CVMFS cache (GB)"
-}

staging1/terraform/vars.tf

+../../common/terraform/vars.tf
\ No newline at end of file

staging1/terraform/vms.tf

@@ -42,7 +42,7 @@ resource "openstack_networking_secgroup_rule_v2" "ping6" {
   ethertype         = "IPv6"
   port_range_min    = 128
   port_range_max    = 0
-  protocol          = "icmp"
+  protocol          = "icmp"  # icmp / ipv6-icmp
   remote_ip_prefix  = "::/0"
   security_group_id = openstack_networking_secgroup_v2.ping.id
 }
@@ -116,13 +116,11 @@ data "openstack_images_image_v2" "ubuntu" {
 }
 
 data "openstack_compute_flavor_v2" "master-flavor" {
-  vcpus = var.master_cpus
-  ram   = var.master_ram
+  name = var.master_flavor_name
 }
 
 data "openstack_compute_flavor_v2" "worker-flavor" {
-  vcpus = var.worker_cpus
-  ram   = var.worker_ram
+  name = var.worker_flavor_name
 }
 
 data "openstack_compute_flavor_v2" "gpu-flavor" {

staging2/terraform/terraform.tfvars

 # These need to be defined for things to work
-ip_pool  = "PSNC-PUB1-EDU"
+ip_pool  = ""
 net_name = "public"
+net6_name = ""
 site_name = "staging2"
 
 # These may need some adjustment for your provider
-master_cpus = 4
-master_ram  = 8192
-worker_cpus = 4
-worker_ram  = 8192
+master_flavor_name = "l2.c4r8.100"
+worker_flavor_name = "l2.c8r16.100"
 # XXX: replace this for GPU flavor, once available
 gpu_flavor_name = "l2.c2r4.100"
 

staging2/terraform/vars.tf

-variable "ip_pool" {
-  type        = string
-  description = "The name of the public IP pool for the servers"
-}
-
-variable "site_name" {
-  type        = string
-  description = "Site identifier for internal host names"
-}
-
-variable "gpu_flavor_name" {
-  type = string
-  description = "Name of the GPU flavor"
-}
-
-variable "master_cpus" {
-  type        = number
-  description = "Number of CPUs for the master"
-}
-
-variable "master_ram" {
-  type        = number
-  description = "RAM for the master"
-}
-
-variable "worker_cpus" {
-  type        = number
-  description = "Number of CPUs for the worker"
-}
-
-variable "worker_ram" {
-  type        = number
-  description = "RAM for the worker"
-}
-
-variable "extra_workers" {
-  type        = number
-  description = "Number of extra workers to create"
-}
-
-variable "gpu_workers" {
-  type        = number
-  description = "Number of GPU workers to create"
-}
-
-variable "docker_volumes_size" {
-  type        = number
-  description = "Size of volumes for docker (GB)"
-}
-
-variable "nfs_volume_size" {
-  type        = number
-  description = "Size of volume for NFS server (GB)"
-}
-
-variable "scratch_volumes_size" {
-  type        = number
-  description = "Size of volume for ephemeral volumes (GB)"
-}
-
-variable "squid_volume_size" {
-  type        = number
-  description = "Size of volume for squid proxy, CVMFS cache (GB)"
-}

staging2/terraform/vars.tf

+../../common/terraform/vars.tf
\ No newline at end of file

staging2/terraform/vms.tf

@@ -107,22 +107,16 @@ resource "openstack_networking_secgroup_rule_v2" "https6" {
   security_group_id = openstack_networking_secgroup_v2.http.id
 }
 
-resource "openstack_networking_floatingip_v2" "public_ip" {
-  pool = var.ip_pool
-}
-
 data "openstack_images_image_v2" "ubuntu" {
   name = "ubuntu-22.04"
 }
 
 data "openstack_compute_flavor_v2" "master-flavor" {
-  vcpus = var.master_cpus
-  ram   = var.master_ram
+  name = var.master_flavor_name
 }
 
 data "openstack_compute_flavor_v2" "worker-flavor" {
-  vcpus = var.worker_cpus
-  ram   = var.worker_ram
+  name = var.worker_flavor_name
 }
 
 data "openstack_compute_flavor_v2" "gpu-flavor" {
@@ -192,8 +186,9 @@ resource "openstack_compute_instance_v2" "gpu" {
 }
 
 resource "openstack_blockstorage_volume_v3" "nfs-volume" {
-  name = "nfs"
-  size = var.nfs_volume_size
+  name        = "nfs"
+  size        = var.nfs_volume_size
+  volume_type = "large"
 }
 
 resource "openstack_compute_volume_attach_v2" "nfs-volume-attach" {
@@ -256,8 +251,9 @@ EOT
 }
 
 resource "openstack_blockstorage_volume_v3" "squid-volume" {
-  name = "squid"
-  size = var.squid_volume_size
+  name        = "squid"
+  size        = var.squid_volume_size
+  volume_type = "fast"
 }
 
 resource "openstack_compute_volume_attach_v2" "squid-volume-attach" {

testing/terraform/terraform.tfvars

@@ -5,10 +5,8 @@ net6_name = "public-muni-v6-432"
 site_name = "testing"
 
 # These may need some adjustment for your provider
-master_cpus = 2    # 2 CPUs to match existing flavours
-master_ram  = 4096
-worker_cpus = 4
-worker_ram  = 8192
+master_flavor_name = "standard.medium"
+worker_flavor_name = "standard.large"
 gpu_flavor_name = "a3.32core-240ram-1t4"
 
 # Number of extra workers

testing/terraform/vars.tf

-variable "ip_pool" {
-  type        = string
-  description = "The name of the public IP pool for the servers"
-}
-
-variable "net_name" {
-  type        = string
-  description = "The name of the IPv4 network"
-}
-
-variable "net6_name" {
-  type        = string
-  description = "The name of the IPv6 network"
-}
-
-variable "site_name" {
-  type        = string
-  description = "Site identifier for internal host names"
-}
-
-variable "gpu_flavor_name" {
-  type = string
-  description = "Name of the GPU flavor"
-}
-
-variable "master_cpus" {
-  type        = number
-  description = "Number of CPUs for the master"
-}
-
-variable "master_ram" {
-  type        = number
-  description = "RAM for the master"
-}
-
-variable "worker_cpus" {
-  type        = number
-  description = "Number of CPUs for the worker"
-}
-
-variable "worker_ram" {
-  type        = number
-  description = "RAM for the worker"
-}
-
-variable "extra_workers" {
-  type        = number
-  description = "Number of extra workers to create"
-}
-
-variable "gpu_workers" {
-  type        = number
-  description = "Number of GPU workers to create"
-}
-
-variable "docker_volumes_size" {
-  type        = number
-  description = "Size of volumes for docker (GB)"
-}
-
-variable "nfs_volume_size" {
-  type        = number
-  description = "Size of volume for NFS server (GB)"
-}
-
-variable "scratch_volumes_size" {
-  type        = number
-  description = "Size of volume for ephemeral volumes (GB)"
-}
-
-variable "squid_volume_size" {
-  type        = number
-  description = "Size of volume for squid proxy, CVMFS cache (GB)"
-}

testing/terraform/vars.tf

+../../common/terraform/vars.tf
\ No newline at end of file

testing/terraform/vms.tf

@@ -42,7 +42,7 @@ resource "openstack_networking_secgroup_rule_v2" "ping6" {
   ethertype         = "IPv6"
   port_range_min    = 128
   port_range_max    = 0
-  protocol          = "icmp"
+  protocol          = "icmp"  # icmp / ipv6-icmp
   remote_ip_prefix  = "::/0"
   security_group_id = openstack_networking_secgroup_v2.ping.id
 }
@@ -116,13 +116,11 @@ data "openstack_images_image_v2" "ubuntu" {
 }
 
 data "openstack_compute_flavor_v2" "master-flavor" {
-  vcpus = var.master_cpus
-  ram   = var.master_ram
+  name = var.master_flavor_name
 }
 
 data "openstack_compute_flavor_v2" "worker-flavor" {
-  vcpus = var.worker_cpus
-  ram   = var.worker_ram
+  name = var.worker_flavor_name
 }
 
 data "openstack_compute_flavor_v2" "gpu-flavor" {
@@ -197,7 +195,7 @@ resource "openstack_compute_instance_v2" "gpu" {
   flavor_id       = data.openstack_compute_flavor_v2.gpu-flavor.id
   security_groups = ["default", openstack_networking_secgroup_v2.ping.name, openstack_networking_secgroup_v2.ssh.name]
   user_data       = file("cloud-init.yaml")
-  tags = ["worker"]
+  tags            = ["worker"]
   network {
     name = var.net_name
   }