Merge pull request #32 from IIG/changes-3.5

resource quota validation changes
IBM · Nov 13, 2020 · 988e5f6 · 988e5f6
2 parents 9b38d2e + eadb654
commit 988e5f6
Show file tree

Hide file tree

Showing 5 changed files with 44 additions and 8 deletions.
diff --git a/aws/README.md b/aws/README.md
@@ -24,7 +24,7 @@ The deployment sets up the following as shown in the diagram.
 
 
 ### Steps to Deploy:
-
+* Before deploying the infrastructure make sure you have `python3` installed in your local system.
 * Create a Route 53 domain.
 * [Download](https://cloud.redhat.com/openshift/install/pull-secret) a pull secret. Create a Red Hat account if you do not have one.
 * [Sign up](https://www.ibm.com/account/reg/us-en/signup?formid=urx-42212) for a Cloud Pak for Data Trial Key if you don't have the API key.
@@ -53,11 +53,6 @@ cat osaws_var.tfvars
 access_key_id = "xxxxxxxxxxxxxxxxxxxxxxx"
 secret_access_key = "xxxxxxxxxxxxxxxxxxxxxxx"
 ```
-* Before deploying the infrastructure, run the script `aws_resource_quota_validation.sh` to verify if there are enough resources available in the used AWS account.
-   See the [AWS Resource Quota Validation documentation](AWS-RESOURCE-QUOTA-VALIDATION.md) for more details.
-```
-./aws_resource_quota_validation.sh
-```
 * Deploy scripts by executing the following command from the `cp4d-deployment-master/aws/aws_infra` directory:
 ```bash
 terraform init

diff --git a/aws/aws_infra/aws_resource_quota_validation.py b/aws/aws_infra/aws_resource_quota_validation.py
@@ -427,6 +427,7 @@ def main():
         print("    Recommendation:")
         print("      - Cleanup resources in that region.")
         print("      - Specify a different region.")
+        sys.exit(1)
     else:
         print("\n  * Validation = 'PASSED'")
         print("    Cluster can be created in that region.")

diff --git a/aws/aws_infra/bootnode.tf b/aws/aws_infra/bootnode.tf
@@ -2,6 +2,10 @@
 resource "aws_key_pair" "keypair" {
   key_name   = var.key_name
   public_key = file(var.public_key_path)
+
+  depends_on = [
+      aws_security_group.openshift-public-ssh,
+  ]
 }
 
 resource "aws_instance" "bootnode" {

diff --git a/aws/aws_infra/ocp-install.tf b/aws/aws_infra/ocp-install.tf
@@ -35,8 +35,6 @@ resource "null_resource" "install_openshift" {
             "mkdir -p /home/${var.admin-username}/.aws",
             "cat > /home/${var.admin-username}/.aws/credentials <<EOL\n${data.template_file.awscreds.rendered}\nEOL",
             "cat > /home/${var.admin-username}/.aws/config <<EOL\n${data.template_file.awsregion.rendered}\nEOL",
-            "./aws_permission_validation.sh ; if [ $? -ne 0 ] ; then echo \"Permission Verification Failed\" ; exit 1 ; fi",
-            "echo file | ./aws_resource_quota_validation.sh ; if [ $? -ne 0 ] ; then echo \"Resource Quota Validation Failed\" ; exit 1 ; fi",
 
             #Create OpenShift Cluster.
             "wget https://${var.s3-bucket}-${var.region}.s3.${var.region}.amazonaws.com/${var.inst_version}/openshift-install",

diff --git a/aws/aws_infra/vpc.tf b/aws/aws_infra/vpc.tf
@@ -4,6 +4,28 @@ provider "aws" {
         access_key = var.access_key_id
         secret_key = var.secret_access_key
 }
+
+resource "null_resource" "permission-resource-validation" {
+    provisioner "local-exec" {
+        command = "mkdir -p $HOME/.aws"
+    }
+    provisioner "local-exec" {
+        command = "cat > $HOME/.aws/credentials <<EOL\n${data.template_file.awscreds.rendered}\nEOL"
+    }
+    provisioner "local-exec" {
+        command = "cat > $HOME/.aws/config <<EOL\n${data.template_file.awsregion.rendered}\nEOL"
+    }
+    provisioner "local-exec" {
+        command = "chmod +x ./*.sh ./*.py"
+    }
+    provisioner "local-exec" {
+        command = "./aws_permission_validation.sh ; if [ $? -ne 0 ] ; then echo \"Permission Verification Failed\" ; exit 1 ; fi"
+    }
+    provisioner "local-exec" {
+        command = "echo file | ./aws_resource_quota_validation.sh ; if [ $? -ne 0 ] ; then echo \"Resource Quota Validation Failed\" ; exit 1 ; fi"
+    }
+}
+
 resource "aws_vpc" "cpdvpc" {
   count                = var.new-or-existing-vpc-subnet == "new" ? 1 : 0
   cidr_block           = var.vpc_cidr
@@ -13,6 +35,10 @@ resource "aws_vpc" "cpdvpc" {
   tags = {
     Name = "ocp-tf-vpc"
   }
+
+  depends_on = [
+      null_resource.permission-resource-validation,
+  ]
 }
 
 locals{
@@ -96,16 +122,28 @@ resource "aws_eip" "eip1" {
   count   = var.new-or-existing-vpc-subnet == "new" ? 1 : 0
   vpc     = true
   associate_with_private_ip = "10.0.5.226"
+
+  depends_on = [
+      aws_vpc.cpdvpc,
+  ]
 }
 resource "aws_eip" "eip2" {
   count   = var.new-or-existing-vpc-subnet == "new" && var.azlist == "multi_zone" ? 1 : 0
   vpc     = true
   associate_with_private_ip = "10.0.16.45"
+
+  depends_on = [
+      aws_vpc.cpdvpc,
+  ]
 }
 resource "aws_eip" "eip3" {
   count   = var.new-or-existing-vpc-subnet == "new" && var.azlist == "multi_zone" ? 1 : 0
   vpc     = true
   associate_with_private_ip = "10.0.44.224"
+
+  depends_on = [
+      aws_vpc.cpdvpc,
+  ]
 }
 resource "aws_nat_gateway" "nat1" {
   count         = var.new-or-existing-vpc-subnet == "new" ? 1 : 0