Fix Terraform setup (#276)

This is part of the work I am doing with the Terraform Setup guide: tinkerbell/tinkerbell.org#129
tinkerbell · Sep 7, 2020 · 1aef424 · 1aef424
2 parents c57d19b + da4ea2d
commit 1aef424
Show file tree

Hide file tree

Showing 7 changed files with 183 additions and 40 deletions.
diff --git a/deploy/terraform/hardware_data.tpl b/deploy/terraform/hardware_data.tpl
@@ -0,0 +1,32 @@
+{
+  "id": "${id}",
+  "metadata": {
+    "facility": {
+      "facility_code": "${facility_code}",
+      "plan_slug": "${plan_slug}",
+      "plan_version_slug": ""
+    },
+    "instance": {},
+    "state": ""
+  },
+  "network": {
+    "interfaces": [
+      {
+        "dhcp": {
+          "arch": "x86_64",
+          "ip": {
+            "address": "${address}",
+            "gateway": "192.168.1.1",
+            "netmask": "255.255.255.248"
+          },
+          "mac": "${mac}",
+          "uefi": false
+        },
+        "netboot": {
+          "allow_pxe": true,
+          "allow_workflow": true
+        }
+      }
+    ]
+  }
+}
diff --git a/deploy/terraform/input.tf b/deploy/terraform/input.tf
diff --git a/deploy/terraform/install_package.sh b/deploy/terraform/install_package.sh
@@ -13,9 +13,10 @@ declare -a YUM_LIST=("https://download.docker.com/linux/centos/7/x86_64/stable/P
 	"docker-ce"
 	"docker-ce-cli"
 	"epel-release"
+	"pass"
 	"python3")
 declare -a APT_LIST=("docker"
-	"docker-compose")
+	"docker-compose" "pass")
 
 add_yum_repo() (
 	$YUM_CONFIG_MGR --add-repo https://download.docker.com/linux/centos/docker-ce.repo
@@ -34,7 +35,6 @@ update_apt() (
 restart_docker_service() (
 	service docker restart
 )
-
 install_yum_packages() (
 	$YUM_INSTALL "${YUM_LIST[@]}" -y
 )

diff --git a/deploy/terraform/main.tf b/deploy/terraform/main.tf
@@ -1,63 +1,141 @@
 # Configure the Packet Provider.
+terraform {
+  required_providers {
+    packet = {
+      source  = "packethost/packet"
+      version = "~> 3.0.1"
+    }
+    null = {
+      source = "hashicorp/null"
+    }
+  }
+}
+
 provider "packet" {
   auth_token = var.packet_api_token
-  version    = "~> 2.9"
 }
 
 # Create a new VLAN in datacenter "ewr1"
-resource "packet_vlan" "provisioning-vlan" {
-  description = "provisioning-vlan"
+resource "packet_vlan" "provisioning_vlan" {
+  description = "provisioning_vlan"
   facility    = var.facility
   project_id  = var.project_id
 }
 
 # Create a device and add it to tf_project_1
-resource "packet_device" "tink-provisioner" {
+resource "packet_device" "tink_provisioner" {
   hostname         = "tink-provisioner"
   plan             = var.device_type
   facilities       = [var.facility]
   operating_system = "ubuntu_18_04"
   billing_cycle    = "hourly"
   project_id       = var.project_id
-  network_type     = "hybrid"
-  user_data        = "${file("install_package.sh")}"
+  user_data        = file("install_package.sh")
+}
+
+resource "null_resource" "tink_directory" {
+  connection {
+    type = "ssh"
+    user = var.ssh_user
+    host = packet_device.tink_provisioner.network[0].address
+  }
+
+  provisioner "remote-exec" {
+    inline = [
+      "mkdir -p /root/tink/deploy"
+    ]
+  }
+
+  provisioner "file" {
+    source      = "../../setup.sh"
+    destination = "/root/tink/setup.sh"
+  }
+
+  provisioner "file" {
+    source      = "../../generate-envrc.sh"
+    destination = "/root/tink/generate-envrc.sh"
+  }
+
+  provisioner "file" {
+    source      = "../../deploy"
+    destination = "/root/tink"
+  }
+
+  provisioner "remote-exec" {
+    inline = [
+      "chmod +x /root/tink/*.sh /root/tink/deploy/tls/*.sh"
+    ]
+  }
+}
+
+resource "packet_device_network_type" "tink_provisioner_network_type" {
+  device_id = packet_device.tink_provisioner.id
+  type      = "hybrid"
 }
 
 # Create a device and add it to tf_project_1
-resource "packet_device" "tink-worker" {
-  hostname         = "tink-worker"
+resource "packet_device" "tink_worker" {
+  count = var.worker_count
+
+  hostname         = "tink-worker-${count.index}"
   plan             = var.device_type
   facilities       = [var.facility]
   operating_system = "custom_ipxe"
   ipxe_script_url  = "https://boot.netboot.xyz"
   always_pxe       = "true"
   billing_cycle    = "hourly"
   project_id       = var.project_id
-  network_type     = "layer2-individual"
+}
+
+resource "packet_device_network_type" "tink_worker_network_type" {
+  count = var.worker_count
+
+  device_id = packet_device.tink_worker[count.index].id
+  type      = "layer2-individual"
 }
 
 # Attach VLAN to provisioner
 resource "packet_port_vlan_attachment" "provisioner" {
-  device_id = packet_device.tink-provisioner.id
-  port_name = "eth1"
-  vlan_vnid = packet_vlan.provisioning-vlan.vxlan
+  depends_on = [packet_device_network_type.tink_provisioner_network_type]
+  device_id  = packet_device.tink_provisioner.id
+  port_name  = "eth1"
+  vlan_vnid  = packet_vlan.provisioning_vlan.vxlan
 }
 
 # Attach VLAN to worker
 resource "packet_port_vlan_attachment" "worker" {
-  device_id = packet_device.tink-worker.id
+  count      = var.worker_count
+  depends_on = [packet_device_network_type.tink_worker_network_type]
+
+  device_id = packet_device.tink_worker[count.index].id
   port_name = "eth0"
-  vlan_vnid = packet_vlan.provisioning-vlan.vxlan
+  vlan_vnid = packet_vlan.provisioning_vlan.vxlan
 }
 
-output "provisioner_dns_name" {
-  value = "${split("-", packet_device.tink-provisioner.id)[0]}.packethost.net"
+data "template_file" "worker_hardware_data" {
+  count    = var.worker_count
+  template = file("${path.module}/hardware_data.tpl")
+  vars = {
+    id            = packet_device.tink_worker[count.index].id
+    facility_code = packet_device.tink_worker[count.index].deployed_facility
+    plan_slug     = packet_device.tink_worker[count.index].plan
+    address       = "192.168.1.${count.index + 5}"
+    mac           = packet_device.tink_worker[count.index].ports[1].mac
+  }
 }
 
-output "provisioner_ip" {
-  value = "${packet_device.tink-provisioner.network[0].address}"
-}
+resource "null_resource" "hardware_data" {
+  count      = var.worker_count
+  depends_on = [null_resource.tink_directory]
+
+  connection {
+    type = "ssh"
+    user = var.ssh_user
+    host = packet_device.tink_provisioner.network[0].address
+  }
 
-output "worker_mac_addr" {
-  value = "${packet_device.tink-worker.ports[1].mac}"
+  provisioner "file" {
+    content     = data.template_file.worker_hardware_data[count.index].rendered
+    destination = "/root/tink/deploy/hardware-data-${count.index}.json"
+  }
 }
diff --git a/deploy/terraform/outputs.tf b/deploy/terraform/outputs.tf
@@ -0,0 +1,15 @@
+output "provisioner_dns_name" {
+  value = "${split("-", packet_device.tink_provisioner.id)[0]}.packethost.net"
+}
+
+output "provisioner_ip" {
+  value = packet_device.tink_provisioner.network[0].address
+}
+
+output "worker_mac_addr" {
+  value = formatlist("%s", packet_device.tink_worker[*].ports[1].mac)
+}
+
+output "worker_sos" {
+  value = formatlist("%s@sos.%s.packet.net", packet_device.tink_worker[*].id, packet_device.tink_worker[*].deployed_facility)
+}
diff --git a/deploy/terraform/variables.tf b/deploy/terraform/variables.tf
@@ -0,0 +1,32 @@
+variable "packet_api_token" {
+  description = "Packet user api token"
+  type        = string
+}
+
+variable "project_id" {
+  description = "Project ID"
+  type        = string
+}
+
+variable "worker_count" {
+  description = "Number of Workers"
+  type        = number
+  default     = 1
+}
+variable "facility" {
+  description = "Packet facility to provision in"
+  type        = string
+  default     = "sjc1"
+}
+
+variable "device_type" {
+  type        = string
+  description = "Type of device to provision"
+  default     = "c3.small.x86"
+}
+
+variable "ssh_user" {
+  description = "Username that will be used to transfer file from your local environment to the provisioner"
+  type        = string
+  default     = "root"
+}
diff --git a/deploy/terraform/versions.tf b/deploy/terraform/versions.tf
@@ -0,0 +1,3 @@
+terraform {
+  required_version = ">= 0.13"
+}