From 04e10712c2b988f2b7ee71979cd74bfe19bcedc8 Mon Sep 17 00:00:00 2001 From: Brian Menges Date: Wed, 10 Aug 2016 12:36:13 -0700 Subject: [PATCH] Breakup of chef map variable - Breakup `chef` map into `chef_backend`, `chef_client`, `chef_mlsa`, `chef_org`, `chef_server`, and `chef_user` variables - Changes to supporting documentation --- CHANGELOG.md | 9 ++++++- README.md | 27 +++++++++++---------- main.tf | 48 ++++++++++++++++++------------------- outputs.tf | 4 ++-- terraform.tfvars.example | 34 +++++++++++++++----------- variables.tf | 52 ++++++++++++++++++++++++++++++---------- 6 files changed, 108 insertions(+), 66 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index a22d1c2..8c10379 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,12 @@ tf_hachef CHANGELOG This file is used to list changes made in each version of the tf_hachef Terraform plan. +v0.2.3 (2016-08-10) +------------------- +- Breakup `chef` map into `chef_backend`, `chef_client`, `chef_mlsa`, +`chef_org`, `chef_server`, and `chef_user` variables +- Changes to supporting documentation + v0.2.2 (2016-08-09) ------------------- - Fix for #7 @@ -17,7 +23,8 @@ v0.2.0 (2016-08-08) ------------------- - Overhaul on code (nearly complete re-write) - Updated syntax for (most) Terraform 0.7.0 constructs -- NOTE: Leaving `template` in place of `data` source due to `count` absence on `data` source +- NOTE: Leaving `template` in place of `data` source due to `count` absence on +`data` source - Removed a number of files v0.1.1 (2016-07-15) diff --git a/README.md b/README.md index 112ad51..2a0fa2f 100644 --- a/README.md +++ b/README.md @@ -114,19 +114,22 @@ to delete the resources. * `certificate`: The uploaded identifier for the SSL certificate to use with AWS ELB * `hostname`: Basename for the hostname. Default: `chefelb` * `tags_desc`: Default tag for ELB. Default: `Created using Terraform` -* `chef`: Chef settings - * `accept_mlsa`: Indicate acceptance of the Chef MLSA. Must update to `true`. Default: `false` - * `client_version`: Chef client version to install. Default: `12.12.15` - * `backend_count`: Count of chef-backend instances to deploy. Default: `4` - * `backend_version`: Chef backend version to install. Default: `1.0.9` - * `frontend_count`: Chef server core instance count. Default: `4` - * `frontend_version`: Chef server core version to install. Default: `12.8.0` - * `org`: Chef organization to create. Default: `chef` - * `org_long`: Chef long organization name. Default: `Chef Organization` +* `chef_backend`: Chef backend settings + * `count`: Count of chef-backend instances to deploy. Default: `4` + * `version`: Chef backend version to install. Default: `1.0.9` +* `chef_client`: Chef client version to install. Default: `12.12.15` +* `chef_mlsa`: Indicate acceptance of the Chef MLSA. Must update to `true`. Default: `false` +* `chef_org`: Chef organization settings + * `short`: Chef organization to create. Default: `chef` + * `long`: Chef long organization name. Default: `Chef Organization` +* `chef_server`: Chef server core settings + * `count`: Chef server core instance count. Default: `4` + * `version`: Chef server core version to install. Default: `12.8.0` +* `chef_user`: Chef initial user settings * `username`: Chef username to create. Default: `chef` - * `user_email`: Chef user e-mail address. Default: `chef@domain.tld` - * `user_firstname`: Chef user first name. Default: `Chef` - * `user_lastname`: Chef user last name. Default: `User` + * `email`: Chef user e-mail address. Default: `chef@domain.tld` + * `first_name`: Chef user first name. Default: `Chef` + * `last_name`: Chef user last name. Default: `User` * `instance`: Map of various AWS instance settings (backend and frontend) * `backend_flavor`: Backend default instance type. Default: `r3.xlarge` * `backend_iops`: Backend root volume IOPs (when using `io1`). Default: `6000` diff --git a/main.tf b/main.tf index 1022400..4fc624b 100644 --- a/main.tf +++ b/main.tf @@ -3,7 +3,7 @@ # resource "null_resource" "chef_mlsa" { provisioner "local-exec" { - command = "bash ${path.module}/files/chef_mlsa.bash ${var.chef["accept_mlsa"]}" + command = "bash ${path.module}/files/chef_mlsa.bash ${var.chef_mlsa}" } } # @@ -216,7 +216,7 @@ resource "null_resource" "chef-prep" { } # Chef provisiong attributes_json and dna.json templating resource "template_file" "be-attributes-json" { - count = "${var.chef["backend_count"]}" + count = "${var.chef_backend["count"]}" template = "${file("${path.module}/files/attributes-json.tpl")}" vars { domain = "${var.domain}" @@ -227,7 +227,7 @@ resource "template_file" "be-attributes-json" { # Provision servers # Backend: chef-backend resource "aws_instance" "chef-backends" { - count = "${var.chef["backend_count"]}" + count = "${var.chef_backend["count"]}" ami = "${lookup(var.ami, "${var.os}-${var.instance["backend_type"]}-${var.provider["region"]}")}" ebs_optimized = "${var.instance["ebs_optimized"]}" instance_type = "${var.instance["backend_flavor"]}" @@ -269,8 +269,8 @@ resource "aws_instance" "chef-backends" { # Install requirements and run chef-solo provisioner "remote-exec" { inline = [ - "curl -L https://omnitruck.chef.io/install.sh | sudo bash -s -- -v ${var.chef["client_version"]}", - "curl -L https://omnitruck.chef.io/install.sh | sudo bash -s -- -P chef-backend -d /tmp -v ${var.chef["backend_version"]}", + "curl -L https://omnitruck.chef.io/install.sh | sudo bash -s -- -v ${var.chef_client}", + "curl -L https://omnitruck.chef.io/install.sh | sudo bash -s -- -P chef-backend -d /tmp -v ${var.chef_backend["version"]}", "sudo chef-solo -j /tmp/dna.json -N ${self.tags.Name} -o 'recipe[system::default]'", "rm -rf /tmp/dna.json", ] @@ -316,7 +316,7 @@ resource "null_resource" "establish_leader" { } # Establish chef-backend cluster followers resource "null_resource" "follow_leader" { - count = "${var.chef["backend_count"] - 1}" + count = "${var.chef_backend["count"] - 1}" depends_on = ["null_resource.establish_leader"] connection { host = "${element(aws_instance.chef-backends.*.public_ip, count.index + 1)}" @@ -348,7 +348,7 @@ resource "null_resource" "follow_leader" { } } resource "aws_route53_record" "chef-backends-private" { - count = "${var.chef["backend_count"]}" + count = "${var.chef_backend["count"]}" zone_id = "${var.r53_zones["internal"]}" name = "${element(aws_instance.chef-backends.*.tags.Name, count.index)}" type = "A" @@ -356,7 +356,7 @@ resource "aws_route53_record" "chef-backends-private" { records = ["${element(aws_instance.chef-backends.*.private_ip, count.index)}"] } resource "aws_route53_record" "chef-backends-public" { - count = "${var.chef["backend_count"]}" + count = "${var.chef_backend["count"]}" zone_id = "${var.r53_zones["external"]}" name = "${element(aws_instance.chef-backends.*.tags.Name, count.index)}" type = "A" @@ -367,7 +367,7 @@ resource "aws_route53_record" "chef-backends-public" { # Frontend: chef-server-core # Chef provisiong attributes_json and dna.json templating resource "template_file" "frontend-attributes-json" { - count = "${var.chef["frontend_count"]}" + count = "${var.chef_server["count"]}" template = "${file("${path.module}/files/frontend-attributes-json.tpl")}" vars { domain = "${var.domain}" @@ -375,7 +375,7 @@ resource "template_file" "frontend-attributes-json" { } } resource "aws_instance" "chef-frontends" { - count = "${var.chef["frontend_count"]}" + count = "${var.chef_server["count"]}" ami = "${lookup(var.ami, "${var.os}-${var.instance["frontend_type"]}-${var.provider["region"]}")}" ebs_optimized = "${var.instance["ebs_optimized"]}" instance_type = "${var.instance["frontend_flavor"]}" @@ -428,15 +428,15 @@ resource "aws_instance" "chef-frontends" { inline = [ "sudo mkdir -p /etc/opscode /var/opt/opscode/nginx/ca/ /var/opt/chef-manage", "sudo touch /var/opt/chef-manage/.license.accepted", - "curl -L https://omnitruck.chef.io/install.sh | sudo bash -s -- -v ${var.chef["client_version"]}", - "curl -L https://omnitruck.chef.io/install.sh | sudo bash -s -- -P chef-server -d /tmp -v ${var.chef["frontend_version"]}", + "curl -L https://omnitruck.chef.io/install.sh | sudo bash -s -- -v ${var.chef_client}", + "curl -L https://omnitruck.chef.io/install.sh | sudo bash -s -- -P chef-server -d /tmp -v ${var.chef_server["version"]}", "sudo chef-solo -j /tmp/dna.json -N ${self.tags.Name} -o 'recipe[system::default]'", "[ $? -eq 0 ] && rm -f /tmp/dna.json", ] } } resource "aws_route53_record" "chef-frontend-private" { - count = "${var.chef["frontend_count"]}" + count = "${var.chef_server["count"]}" zone_id = "${var.r53_zones["internal"]}" name = "${element(aws_instance.chef-frontends.*.tags.Name, count.index)}" type = "A" @@ -444,7 +444,7 @@ resource "aws_route53_record" "chef-frontend-private" { records = ["${element(aws_instance.chef-frontends.*.private_ip, count.index)}"] } resource "aws_route53_record" "chef-frontend-public" { - count = "${var.chef["frontend_count"]}" + count = "${var.chef_server["count"]}" zone_id = "${var.r53_zones["external"]}" name = "${element(aws_instance.chef-frontends.*.tags.Name, count.index)}" type = "A" @@ -453,7 +453,7 @@ resource "aws_route53_record" "chef-frontend-public" { } resource "null_resource" "generate_frontend_cfg" { depends_on = ["null_resource.follow_leader"] - count = "${var.chef["frontend_count"]}" + count = "${var.chef_server["count"]}" connection { host = "${aws_instance.chef-backends.0.public_ip}" user = "${var.ami_user[var.os]}" @@ -522,7 +522,7 @@ resource "null_resource" "first_frontend" { } } resource "null_resource" "other_frontends" { - count = "${var.chef["frontend_count"] - 1}" + count = "${var.chef_server["count"] - 1}" depends_on = ["null_resource.first_frontend"] connection { host = "${element(aws_instance.chef-frontends.*.public_ip, count.index + 1)}" @@ -565,9 +565,9 @@ data "template_file" "knife-rb" { depends_on = ["null_resource.chef-prep"] template = "${file("${path.module}/files/knife-rb.tpl")}" vars { - user = "${var.chef["username"]}" + user = "${var.chef_user["username"]}" fqdn = "${var.elb["hostname"]}.${var.domain}" - org = "${var.chef["org"]}" + org = "${var.chef_org["short"]}" } } # Setting up Chef Server @@ -581,17 +581,17 @@ resource "null_resource" "chef-setup" { # TODO: Maybe create parametertized script to run these commands (wrapping chef-server-ctl) provisioner "remote-exec" { inline = [ - "sudo chef-server-ctl user-create ${var.chef["username"]} ${var.chef["user_firstname"]} ${var.chef["user_lastname"]} ${var.chef["user_email"]} ${base64sha256(aws_instance.chef-frontends.0.id)} -f /tmp/${var.chef["username"]}.pem", - "sudo chef-server-ctl org-create ${var.chef["org"]} '${var.chef["org_long"]}' --association_user ${var.chef["username"]} --filename /tmp/${var.chef["org"]}-validator.pem", - "sudo chown ${var.ami_user[var.os]} /tmp/${var.chef["username"]}.pem /tmp/${var.chef["org"]}-validator.pem", + "sudo chef-server-ctl user-create ${var.chef_user["username"]} ${var.chef_user["first_name"]} ${var.chef_user["last_name"]} ${var.chef_user["email"]} ${base64sha256(aws_instance.chef-frontends.0.id)} -f /tmp/${var.chef_user["username"]}.pem", + "sudo chef-server-ctl org-create ${var.chef_org["short"]} '${var.chef_org["long"]}' --association_user ${var.chef_user["username"]} --filename /tmp/${var.chef_org["short"]}-validator.pem", + "sudo chown ${var.ami_user[var.os]} /tmp/${var.chef_user["username"]}.pem /tmp/${var.chef_org["short"]}-validator.pem", ] } # Copy back files provisioner "local-exec" { command = <<-EOC - rm -f .chef/${var.chef["org"]}-validator.pem .chef/${var.chef["username"]}.pem - scp -r -o stricthostkeychecking=no -i ${var.instance_keys["key_file"]} ${var.ami_user[var.os]}@${aws_instance.chef-frontends.0.public_ip}:/tmp/${var.chef["org"]}-validator.pem .chef/${var.chef["org"]}-validator.pem - scp -r -o stricthostkeychecking=no -i ${var.instance_keys["key_file"]} ${var.ami_user[var.os]}@${aws_instance.chef-frontends.0.public_ip}:/tmp/${var.chef["username"]}.pem .chef/${var.chef["username"]}.pem + rm -f .chef/${var.chef_org["short"]}-validator.pem .chef/${var.chef_user["username"]}.pem + scp -r -o stricthostkeychecking=no -i ${var.instance_keys["key_file"]} ${var.ami_user[var.os]}@${aws_instance.chef-frontends.0.public_ip}:/tmp/${var.chef_org["short"]}-validator.pem .chef/${var.chef_org["short"]}-validator.pem + scp -r -o stricthostkeychecking=no -i ${var.instance_keys["key_file"]} ${var.ami_user[var.os]}@${aws_instance.chef-frontends.0.public_ip}:/tmp/${var.chef_user["username"]}.pem .chef/${var.chef_user["username"]}.pem EOC } } diff --git a/outputs.tf b/outputs.tf index 5e59706..649e193 100644 --- a/outputs.tf +++ b/outputs.tf @@ -1,9 +1,9 @@ # Outputs output "chef_manage_url" { - value = "https://${var.elb["hostname"]}.${var.domain}/organizations/${var.chef["org"]}" + value = "https://${var.elb["hostname"]}.${var.domain}/organizations/${var.chef_org["short"]}" } output "chef_username" { - value = "${var.chef["username"]}" + value = "${var.chef_user["username"]}" } output "chef_user_password" { sensitive = true diff --git a/terraform.tfvars.example b/terraform.tfvars.example index ef0c78a..5757731 100644 --- a/terraform.tfvars.example +++ b/terraform.tfvars.example @@ -89,20 +89,26 @@ ssl_certificate = { # # Chef settings # -chef = { - accept_mlsa = false # UPDATE THIS! - client_version = "12.12.15" - backend_count = 4 - backend_version = "1.0.9" - frontend_count = 4 - frontend_version = "12.8.0" - org = "chef" - org_long = "Chef Organization" - username = "chef" - user_firstname = "Chef" - user_lastnname = "User" - user_email = "chef@domain.tld" -} +#chef_backend = { +# count = 4 +# version = "1.1.12" +#} +#chef_client = "12.12.15" +chef_mlsa = "false" # Must update this to true! +#chef_org = { +# short = "chef" +# long = "Chef Organization" +#} +#chef_server = { +# count = 4 +# version = "12.8.0" +#} +#chef_user = { +# username = "chef" +# first_name = "Chef" +# last_nname = "User" +# email = "chef@domain.tld" +#} # # AWS Route53 settings # diff --git a/variables.tf b/variables.tf index fdf8eb1..2a51339 100644 --- a/variables.tf +++ b/variables.tf @@ -221,24 +221,50 @@ variable "elb" { # # Chef settings # -variable "chef" { +variable "chef_backend" { type = "map" - description = "Various Chef related settings" + description = "Chef backend settings" default = { - accept_mlsa = false - client_version = "12.12.15" - backend_count = 4 - backend_version = "1.0.9" - frontend_count = 4 - frontend_version = "12.8.0" - org = "chef" - org_long = "Chef Organization" + count = 4 + version = "1.1.12" + } +} +variable "chef_server" { + type = "map" + description = "Chef server core settings" + default = { + count = 4 + version = "12.8.0" + } +} +variable "chef_user" { + type = "map" + description = "Chef user creation settings" + default = { + email = "chef@domain.tld" + first_name = "Chef" + last_name = "User" username = "chef" - user_email = "chef@domain.tld" - user_firstname = "Chef" - user_lastname = "User" } } +variable "chef_org" { + type = "map" + description = "Chef organization settings" + default = { + short = "chef" + long = "Chef Organization" + } +} +variable "chef_client" { + type = "string" + description = "Chef client version" + default = "12.12.15" +} +variable "chef_mlsa" { +# type = "string" + description = "Chef MLSA license agreement" + default = false +} # # AWS EC2 instance settings #