diff options
| -rw-r--r-- | terraform/azure/scenarios/bootstrap/README.md | 3 | ||||
| -rw-r--r-- | terraform/azure/scenarios/bootstrap/main.tf | 161 | ||||
| -rw-r--r-- | terraform/azure/scenarios/bootstrap/variables.tf | 85 | ||||
| l--------- | terraform/azure/scenarios/bootstrap/versions.tf | 1 | ||||
| -rw-r--r-- | terraform/common/files/add_user.sh | 4 |
5 files changed, 252 insertions, 2 deletions
diff --git a/terraform/azure/scenarios/bootstrap/README.md b/terraform/azure/scenarios/bootstrap/README.md new file mode 100644 index 0000000000..be99206472 --- /dev/null +++ b/terraform/azure/scenarios/bootstrap/README.md @@ -0,0 +1,3 @@ +# Bootstrap + +This directory contains the Terraform code used to instantiate two virtual machines. One that will serve as the workstation and another to act as the target node to be bootstrapped. diff --git a/terraform/azure/scenarios/bootstrap/main.tf b/terraform/azure/scenarios/bootstrap/main.tf new file mode 100644 index 0000000000..b704e7cd7b --- /dev/null +++ b/terraform/azure/scenarios/bootstrap/main.tf @@ -0,0 +1,161 @@ +module "workstation" { + source = "../../modules/arm_instance" + + providers = { + azurerm = azurerm.default + http = http.default + null = null.default + template = template.default + } + + arm_tenant_id = var.arm_tenant_id + arm_subscription_id = var.arm_subscription_id + arm_location = var.arm_location + arm_resource_group_name = var.arm_resource_group_name + arm_department = var.arm_department + arm_contact = var.arm_contact + arm_ssh_key_file = var.arm_ssh_key_file + arm_instance_type = var.arm_instance_type + platform = var.workstation_platform + build_prefix = var.build_prefix + name = "workstation-${var.scenario}" +} + +module "node" { + source = "../../modules/arm_instance" + + for_each = var.node_platforms + + providers = { + azurerm = azurerm.default + http = http.default + null = null.default + template = template.default + } + + arm_tenant_id = var.arm_tenant_id + arm_subscription_id = var.arm_subscription_id + arm_location = var.arm_location + arm_resource_group_name = var.arm_resource_group_name + arm_department = var.arm_department + arm_contact = var.arm_contact + arm_ssh_key_file = var.arm_ssh_key_file + arm_instance_type = var.arm_instance_type + platform = each.value + build_prefix = var.build_prefix + name = "node-${replace(var.workstation_platform, ".", "")}-${var.scenario}" +} + +resource "null_resource" "linux_workstation_config" { + count = length(regexall("^windows.*", var.workstation_platform)) > 0 ? 0 : 1 + + # provide some connection info + connection { + type = "ssh" + user = module.workstation.username + host = module.workstation.public_ipv4_address + } + + # install chef-infra + provisioner "remote-exec" { + inline = [ + "set -evx", + "echo -e '\nBEGIN INSTALL CHEF INFRA\n'", + "curl -vo /tmp/${replace(var.client_version_url, "/^.*\\//", "")} ${var.client_version_url}", + "sudo ${replace(var.client_version_url, "rpm", "") != var.client_version_url ? "rpm -U" : "dpkg -iEG"} /tmp/${replace(var.client_version_url, "/^.*\\//", "")}", + "scp -o 'UserKnownHostsFile=/dev/null' -o 'StrictHostKeyChecking=no' azure@chefserver:janedoe.pem /home/${module.workstation.username}", + "knife configure --server-url 'https://chefserver.${module.workstation.private_ipv4_domain}/organizations/4thcoffee' --user janedoe --key /home/${module.workstation.username}/janedoe.pem --yes", + "knife ssl fetch", + "knife ssl check", + "echo -e '\nEND INSTALL CHEF INFRA\n'", + ] + } +} + +resource "null_resource" "windows_workstation_config" { + count = length(regexall("^windows.*", var.workstation_platform)) > 0 ? 1 : 0 + + # provide some connection info + connection { + type = "winrm" + user = module.workstation.username + password = module.workstation.password + host = module.workstation.public_ipv4_address + } + + # install chef-infra + provisioner "remote-exec" { + inline = [ + "$ErrorActionPreference = 'Stop'", + "Write-Output '\nBEGIN INSTALL CHEF INFRA\n'", + "Write-Output '\nEND INSTALL CHEF INFRA\n'", + ] + } +} + +resource "null_resource" "workstation_test" { + depends_on = [null_resource.linux_workstation_config, null_resource.windows_workstation_config] + + # only test against non-windows nodes + for_each = toset([ + for platform in var.node_platforms : + platform if length(regexall("^windows.*", platform)) == 0 + ]) + + connection { + type = "ssh" + user = module.workstation.username + host = module.workstation.public_ipv4_address + } + + # bootstrap node + provisioner "remote-exec" { + inline = [ + "set -evx", + "echo -e '\nBEGIN BOOTSTRAP NODE\n'", + "CHEF_LICENSE='accept' knife bootstrap ${module.node[each.value].private_ipv4_fqdn} --connection-user ${module.node[each.value].username} --sudo --node-name ${module.node[each.value].hostname} --bootstrap-version ${var.client_version} --yes", + "echo -e '\nEND BOOTSTRAP NODE\n'", + ] + } + + # verify bootstrapped node + provisioner "remote-exec" { + inline = [ + "set -evx", + "echo -e '\nVERIFY BOOTSTRAP NODE\n'", + "knife node show ${module.node[each.value].hostname}", + "knife ssh 'name:${module.node[each.value].hostname}' uptime --ssh-user ${module.node[each.value].username}", + "knife search 'name:${module.node[each.value].hostname}'", + "knife node delete ${module.node[each.value].hostname} --yes", + "knife client delete ${module.node[each.value].hostname} --yes", + "echo -e '\nVERIFY BOOTSTRAP NODE\n'", + ] + } +} + +resource "null_resource" "linux_node_test" { + depends_on = [null_resource.workstation_test] + + # only test against non-windows nodes + for_each = toset([ + for platform in var.node_platforms : + platform if length(regexall("^windows.*", platform)) == 0 + ]) + + connection { + type = "ssh" + user = module.node[each.value].username + host = module.node[each.value].public_ipv4_address + } + + # verify node commands + provisioner "remote-exec" { + inline = [ + "set -evx", + "echo -e '\nVERIFY NODE COMMANDS\n'", + "echo -n 'OHAI OUTPUT: '", + "ohai | wc -l", + "echo -e '\nVERIFY NODE COMMANDS\n'", + ] + } +} diff --git a/terraform/azure/scenarios/bootstrap/variables.tf b/terraform/azure/scenarios/bootstrap/variables.tf new file mode 100644 index 0000000000..0951cde3cb --- /dev/null +++ b/terraform/azure/scenarios/bootstrap/variables.tf @@ -0,0 +1,85 @@ +######################################################################### +# Azure +######################################################################### +# default tenant is "Chef (getchef.onmicrosoft.com)" +variable "arm_tenant_id" { + type = string + description = "Unique identifier of the Azure tenant used for authentication." + default = "a2b2d6bc-afe1-4696-9c37-f97a7ac416d7" +} + +# default subscription is "Engineering Dev/Test" +variable "arm_subscription_id" { + type = string + description = "Unique identifier of the Azure subscription used for billing." + default = "80b824de-ec53-4116-9868-3deeab10b0cd" +} + +variable "arm_location" { + type = string + description = "Name of the Azure location to create instances in." + default = "westus2" +} + +variable "arm_resource_group_name" { + type = string + description = "Name of the Azure resource group where tests will be run." + default = "" +} + +variable "arm_department" { + type = string + description = "Department that owns the resources should be one of: EngServ, Operations, Eng, Training, Solutions, Sales, BD, Success or Partner" +} + +variable "arm_contact" { + type = string + description = "The primary contact for the resources, this should be the IAM username and must be able to receive email by appending @chef.io to it (this person can explain what/why, might not be the business owner)." +} + +variable "arm_ssh_key_file" { + type = string + description = "File location of the SSH public key used to access the instance." + default = "~/.ssh/id_rsa.pub" +} + +variable "arm_instance_type" { + type = string + description = "Name of the Azure instance type used to determine size of instances." + default = "Standard_D2_v3" +} + +variable "workstation_platform" { + type = string + description = "Operating System used as the workstation to bootstrap instances from." +} + +variable "node_platforms" { + type = set(string) + description = "Operating System used as the node to be bootstrapped." + default = ["ubuntu-16.04", "ubuntu-18.04", "rhel-6", "rhel-7", "rhel-8", "windows-2019", "windows-10"] +} + +variable "build_prefix" { + type = string + description = "Optional build identifier for differentiating scenario runs." + default = "" +} + +######################################################################### +# Chef Infra +######################################################################### +variable "scenario" { + type = string + description = "The name of the scenario being executed." +} + +variable "client_version" { + type = string + description = "The version of chef-infra to install." +} + +variable "client_version_url" { + type = string + description = "The URL to a chef-infra artifact to install on the workstation." +} diff --git a/terraform/azure/scenarios/bootstrap/versions.tf b/terraform/azure/scenarios/bootstrap/versions.tf new file mode 120000 index 0000000000..cbeda73fa3 --- /dev/null +++ b/terraform/azure/scenarios/bootstrap/versions.tf @@ -0,0 +1 @@ +../../common/versions.tf
\ No newline at end of file diff --git a/terraform/common/files/add_user.sh b/terraform/common/files/add_user.sh index 124d439122..311d19dd99 100644 --- a/terraform/common/files/add_user.sh +++ b/terraform/common/files/add_user.sh @@ -4,7 +4,7 @@ set -evx echo -e '\nBEGIN ADD USER + ORGANIZATION\n' -sudo chef-server-ctl user-create janedoe Jane Doe janed@example.com abc123 --filename /tmp/janedoe.pem -sudo chef-server-ctl org-create 4thcoffee 'Fourth Coffee, Inc.' --association_user janedoe --filename /tmp/4thcoffee-validator.pem +sudo chef-server-ctl user-create janedoe Jane Doe janed@example.com abc123 --filename /home/azure/janedoe.pem +sudo chef-server-ctl org-create 4thcoffee 'Fourth Coffee, Inc.' --association_user janedoe --filename /home/azure/4thcoffee-validator.pem echo -e '\nEND ADD USER + ORGANIZATION\n' |