Staging deployment at SafeSpring + cleanup

* refactoring - symlinks to common/ directory
* inital SafeSpring terraform setup

cesnet-central/extra

+../common/extra
\ No newline at end of file

cesnet-central/playbooks/public_keys

+../../common/playbooks/public_keys
\ No newline at end of file

cesnet-mcc/deploy.sh

@@ -20,6 +20,8 @@ for auth in $FEDCLOUD_DYNAMIC_DNS; do
 	curl -i -X GET -u "$auth" https://nsupdate.fedcloud.eu/nic/update?myip="$ip"
 done
 eval "$shellstate"
+echo "Terraform finished. Continue? (CTRL-C to quit)"
+read -r _
 
 # wait for ping and ssh
 for ip in $(cat terraform/hosts.txt); do
@@ -39,11 +41,12 @@ ansible -m copy -a 'src=terraform/nfs-volume.sh dest=/root/ mode=preserve' nfs
 ansible -m command -a '/root/nfs-volume.sh' nfs
 ansible -m copy -a 'src=terraform/squid-volume.sh dest=/root/ mode=preserve' 'ingress[0]'
 ansible -m command -a '/root/squid-volume.sh' 'ingress[0]'
-ansible -m copy -a 'src=terraform/docker-volume.sh dest=/root/ mode=preserve' 'ingress nfs worker'
-ansible -m command -a '/root/docker-volume.sh' 'ingress nfs worker'
 
 # k8s + notebooks
 ansible-playbook playbooks/k8s.yaml
 # ansible-playbook playbooks/squid.yaml
 # ansible-playbook playbooks/cvmfs.yaml
 while ansible -i ./inventory -m command -a 'kubectl get pods --all-namespaces' master | tail -n +3 | grep -v ' Running '; do sleep 5; done
+# docker runtime directory after Kubernetes deployment (problem with unmounts)
+ansible -m copy -a 'src=terraform/docker-volume.sh dest=/root/ mode=preserve' 'ingress nfs worker gpu'
+ansible -m command -a '/root/docker-volume.sh' 'ingress nfs worker gpu'

cesnet-mcc/extra

-../cesnet-central/extra
+../common/extra
\ No newline at end of file

cesnet-mcc/playbooks/public_keys

-../../cesnet-central/playbooks/public_keys
+../../common/playbooks/public_keys
\ No newline at end of file

cesnet-mcc/terraform/vms.tf

-provider "openstack" {
-}
-
 locals {
   nodes = concat([
     openstack_compute_instance_v2.ingress,
@@ -217,12 +214,15 @@ if ! dumpe2fs -h "$device" >/dev/null 2>&1; then
 	mkfs.ext4 -L DOCKER "$device"
 	grep -q 'LABEL=DOCKER' /etc/fstab || /bin/echo -e "LABEL=DOCKER\t/var/lib/docker/overlay2\text4\tdefaults,x-systemd.before=local-fs.target\t0\t0" | tee -a /etc/fstab
 	mkdir -p /var/lib/docker/overlay2 2>/dev/null || true
-	service docker stop >/dev/null 2>&1 || true
+	systemctl stop docker kubelet >/dev/null 2>&1 || true
 	sleep 10
+	systemctl stop docker kubelet >/dev/null 2>&1 || true
+	umount /var/lib/docker/overlay2 2>&1 || true
 	mount "$device" /mnt
 	mv /var/lib/docker/overlay2/* /mnt >/dev/null 2>&1 || true
 	umount /mnt
 	mount -a
+	systemctl start docker kubelet >/dev/null 2>&1 || true
 fi
 EOT
 }
@@ -251,6 +251,7 @@ mkdir /var/spool/squid 2>/dev/null || true
 mount -a
 EOT
 }
+
 resource "local_file" "inventory" {
   filename        = "inventory.yaml"
   file_permission = "0644"
@@ -276,7 +277,7 @@ nfs:
 
 worker:
   hosts:
-    ${join(":\n    ", local.worker_ips)}:
+    ${join("\n    ", [for s in local.worker_ips: "${s}:"])}
 
 # using public IP of kube_server for ansible delegate_to
 kube_server:

staging/extra

-../cesnet-central/extra
\ No newline at end of file