From 090e77792caa4500eedb5fc638f1e37bb693eeb2 Mon Sep 17 00:00:00 2001 From: bohdana_kuzmenko Date: Mon, 8 Jul 2019 14:33:04 +0300 Subject: [PATCH 01/46] Add terraform cli --- .../terraform/bin/terraform-cli.py | 205 ++++++++++++++++++ 1 file changed, 205 insertions(+) create mode 100644 infrastructure-provisioning/terraform/bin/terraform-cli.py diff --git a/infrastructure-provisioning/terraform/bin/terraform-cli.py b/infrastructure-provisioning/terraform/bin/terraform-cli.py new file mode 100644 index 0000000000..9e908f6074 --- /dev/null +++ b/infrastructure-provisioning/terraform/bin/terraform-cli.py @@ -0,0 +1,205 @@ +#!/usr/bin/env python + +import os +import abc +import argparse + + +class AbstractDeployBuilder: + + @property + @abc.abstractmethod + def terraform_location(self): + """ get Terraform location + + Returns: + str: TF script location + """ + raise NotImplementedError + + @property + @abc.abstractmethod + def cli_args(self): + """Get cli arguments + + Returns: + dict: dictionary of client arguments + with name as key and props as value + """ + raise NotImplementedError + + def parse_args(self): + """Get dict of arguments + + Returns: + dict: CLI arguments + """ + parser = argparse.ArgumentParser() + for argument, props in self.cli_args.items(): + parser.add_argument(argument, **props) + return vars(parser.parse_args()) + + def run_tf(self): + """Execute terraform script + + Returns: + None + """ + # location = self.terraform_location + args = self.parse_args() + print(args) + + @abc.abstractmethod + def install(self): + """Post terraform execution + + Returns: + None + """ + raise NotImplementedError + + +class DeployDirector: + + def build(self, builder): + """ Do build action + + Args: + builder: AbstractDeployBuilder + Returns: + None + """ + builder.run_tf() + builder.install() + + def get_status(self): + """ Get execution status + + Returns: + int: Execution error status (0 if success) + """ + return 0 + + +class K8SSourceBuilder(AbstractDeployBuilder): + + @property + def terraform_location(self): + # TODO: get terraform location + return 'terraform location' + + @property + def cli_args(self): + return { + 'service_base_name': { + 'type': str, + 'help': 'Any infrastructure value (should be unique ' + 'if multiple SSN’s have been deployed before).', + 'nargs': '?', + 'default': 'dlab-k8s', + }, + 'vpc_id': { + 'type': str, + 'help': 'ID of AWS VPC if you already have VPC created.', + }, + 'vpc_cidr': { + 'type': str, + 'help': 'CIDR for VPC creation. Conflicts with vpc_id', + 'nargs': '?', + 'default': '172.31.0.0/16', + }, + 'subnet_id': { + 'type': str, + 'help': 'ID of AWS Subnet if you already have subnet created.', + }, + 'subnet_cidr': { + 'type': str, + 'help': 'CIDR for Subnet creation. Conflicts with subnet_id.', + 'nargs': '?', + 'default': '172.31.0.0/24', + }, + 'env_os': { + 'type': str, + 'help': 'OS type. Available options: debian, redhat.', + 'nargs': '?', + 'default': 'debian', + 'choices': ('debian', 'redhat'), + }, + 'ami': { + 'type': str, + 'help': 'ID of EC2 AMI.', + }, + 'key_name': { + 'type': str, + 'help': 'Name of EC2 Key pair.', + }, + 'region': { + 'type': str, + 'help': 'Name of AWS region.', + 'nargs': '?', + 'default': 'us-west-2', + }, + 'zone': { + 'type': str, + 'help': 'Name of AWS zone', + 'nargs': '?', + 'default': 'a', + }, + 'ssn_k8s_masters_count': { + 'type': int, + 'help': 'Count of K8S masters.', + 'nargs': '?', + 'default': 3, + }, + 'ssn_k8s_workers_count': { + 'type': int, + 'help': 'Count of K8S workers', + 'nargs': '?', + 'default': 2, + }, + 'ssn_root_volume_size': { + 'type': int, + 'help': 'Size of root volume in GB.', + 'nargs': '?', + 'default': 30, + }, + 'allowed_cidrs': { + 'type': str, + 'help': 'CIDR to allow acces to SSN K8S cluster.', + 'nargs': '?', + 'default': '0.0.0.0/0', + }, + 'ssn_k8s_masters_shape': { + 'type': str, + 'help': 'Shape for SSN K8S masters.', + 'nargs': '?', + 'default': 't2.medium', + }, + 'ssn_k8s_workers_shape': { + 'type': str, + 'help': 'Shape for SSN K8S workers.', + 'nargs': '?', + 'default': 't2.medium', + }, + 'os_user': { + 'type': str, + 'help': 'Name of DLab service user.', + 'nargs': '?', + 'default': 'dlab-user', + }, + } + + def install(self): + # os.system('ls -l') + print('installation process') + + +def main(): + # TODO switch case depend on TF file name + deploy_director = DeployDirector() + builder = K8SSourceBuilder() + deploy_director.build(builder) + + +if __name__ == "__main__": + main() From 57d8afb61016075150184a8c9b3cc477ddd95fdf Mon Sep 17 00:00:00 2001 From: bohdana_kuzmenko Date: Mon, 8 Jul 2019 17:06:46 +0300 Subject: [PATCH 02/46] Add tf dir and run tf script --- .../terraform/bin/terraform-cli.py | 31 ++++++++++++++----- 1 file changed, 24 insertions(+), 7 deletions(-) diff --git a/infrastructure-provisioning/terraform/bin/terraform-cli.py b/infrastructure-provisioning/terraform/bin/terraform-cli.py index 9e908f6074..7b04e8faf4 100644 --- a/infrastructure-provisioning/terraform/bin/terraform-cli.py +++ b/infrastructure-provisioning/terraform/bin/terraform-cli.py @@ -45,9 +45,22 @@ def run_tf(self): Returns: None """ - # location = self.terraform_location - args = self.parse_args() - print(args) + + terraform_success_init = 'Terraform has been successfully initialized!' + terraform_success_validate = 'Success! The configuration is valid.' + + tf_location = self.terraform_location + cli_args = self.parse_args() + + os.chdir(tf_location) + terraform_init_result = os.popen('terraform init').read() + if terraform_success_init in terraform_init_result: + terraform_validate_result = os.popen('terraform validate').read() + if terraform_success_validate in terraform_validate_result: + args = ['-var {0}={1}'.format(key, value) for key, value + in cli_args.items() if value] + args_str = ' '.join(args) + print('terraform apply {}'.format(args_str)) @abc.abstractmethod def install(self): @@ -85,8 +98,8 @@ class K8SSourceBuilder(AbstractDeployBuilder): @property def terraform_location(self): - # TODO: get terraform location - return 'terraform location' + tf_dir = os.path.abspath(os.path.join(os.getcwd(), os.path.pardir)) + return os.path.join(tf_dir, 'aws/main') @property def cli_args(self): @@ -100,6 +113,7 @@ def cli_args(self): }, 'vpc_id': { 'type': str, + 'nargs': '?', 'help': 'ID of AWS VPC if you already have VPC created.', }, 'vpc_cidr': { @@ -110,6 +124,7 @@ def cli_args(self): }, 'subnet_id': { 'type': str, + 'nargs': '?', 'help': 'ID of AWS Subnet if you already have subnet created.', }, 'subnet_cidr': { @@ -125,13 +140,15 @@ def cli_args(self): 'default': 'debian', 'choices': ('debian', 'redhat'), }, - 'ami': { + 'ami': { # from python 'type': str, 'help': 'ID of EC2 AMI.', + 'nargs': '?', }, - 'key_name': { + 'key_name': { # from python 'type': str, 'help': 'Name of EC2 Key pair.', + 'nargs': '?', }, 'region': { 'type': str, From db72ff2d0446db5db4ea7378b08da87a3996965f Mon Sep 17 00:00:00 2001 From: bohdana_kuzmenko Date: Mon, 8 Jul 2019 18:14:41 +0300 Subject: [PATCH 03/46] Split run_tf method --- .../terraform/bin/terraform-cli.py | 71 +++++++++++++------ 1 file changed, 50 insertions(+), 21 deletions(-) diff --git a/infrastructure-provisioning/terraform/bin/terraform-cli.py b/infrastructure-provisioning/terraform/bin/terraform-cli.py index 7b04e8faf4..8c1cce2c1a 100644 --- a/infrastructure-provisioning/terraform/bin/terraform-cli.py +++ b/infrastructure-provisioning/terraform/bin/terraform-cli.py @@ -28,6 +28,15 @@ def cli_args(self): """ raise NotImplementedError + @abc.abstractmethod + def install(self): + """Post terraform execution + + Returns: + None + """ + raise NotImplementedError + def parse_args(self): """Get dict of arguments @@ -39,37 +48,57 @@ def parse_args(self): parser.add_argument(argument, **props) return vars(parser.parse_args()) - def run_tf(self): - """Execute terraform script + def tf_init(self): + """Initialize terraform Returns: - None + bool: init successful """ - terraform_success_init = 'Terraform has been successfully initialized!' + terraform_init_result = self.console_execute('terraform init') + return terraform_success_init in terraform_init_result + + def tf_validate(self): + """Validate terraform + + Returns: + bool: validation successful + """ terraform_success_validate = 'Success! The configuration is valid.' + terraform_validate_result = self.console_execute('terraform validate') + return terraform_success_validate in terraform_validate_result - tf_location = self.terraform_location - cli_args = self.parse_args() + def tf_apply(self, cli_args): + """Run terraform - os.chdir(tf_location) - terraform_init_result = os.popen('terraform init').read() - if terraform_success_init in terraform_init_result: - terraform_validate_result = os.popen('terraform validate').read() - if terraform_success_validate in terraform_validate_result: - args = ['-var {0}={1}'.format(key, value) for key, value - in cli_args.items() if value] - args_str = ' '.join(args) - print('terraform apply {}'.format(args_str)) + Args: + cli_args: dict of parameters + Returns: + None + """ + args = ['-var {0}={1}'.format(key, value) for key, value + in cli_args.items() if value] + args_str = ' '.join(args) + print('terraform apply {}'.format(args_str)) - @abc.abstractmethod - def install(self): - """Post terraform execution + def run_tf(self): + """Execute terraform script Returns: None """ - raise NotImplementedError + tf_location = self.terraform_location + cli_args = self.parse_args() + + os.chdir(tf_location) + + if self.tf_init() and self.tf_validate(): + self.tf_apply(cli_args) + + + @staticmethod + def console_execute(command): + return os.popen(command).read() class DeployDirector: @@ -94,7 +123,7 @@ def get_status(self): return 0 -class K8SSourceBuilder(AbstractDeployBuilder): +class AWSSourceBuilder(AbstractDeployBuilder): @property def terraform_location(self): @@ -214,7 +243,7 @@ def install(self): def main(): # TODO switch case depend on TF file name deploy_director = DeployDirector() - builder = K8SSourceBuilder() + builder = AWSSourceBuilder() deploy_director.build(builder) From 2e8b32298f3cc16d4f6a4614b9521bab886e5831 Mon Sep 17 00:00:00 2001 From: bohdana_kuzmenko Date: Tue, 9 Jul 2019 12:00:08 +0300 Subject: [PATCH 04/46] Create separate class for terraform Update cli parameters initialization --- .../terraform/bin/terraform-cli.py | 272 ++++++++---------- 1 file changed, 125 insertions(+), 147 deletions(-) diff --git a/infrastructure-provisioning/terraform/bin/terraform-cli.py b/infrastructure-provisioning/terraform/bin/terraform-cli.py index 8c1cce2c1a..9f5ecee3d9 100644 --- a/infrastructure-provisioning/terraform/bin/terraform-cli.py +++ b/infrastructure-provisioning/terraform/bin/terraform-cli.py @@ -5,6 +5,54 @@ import argparse +class TerraformProviderError(Exception): + """ + Raises errors while terraform provision + """ + pass + + +class TerraformProvider: + def initialize(self): + """Initialize terraform + + Returns: + bool: init successful + """ + terraform_success_init = 'Terraform has been successfully initialized!' + terraform_init_result = self.console_execute('terraform init') + if terraform_success_init not in terraform_init_result: + raise TerraformProviderError(terraform_init_result) + + def validate(self): + """Validate terraform + + Returns: + bool: validation successful + """ + terraform_success_validate = 'Success! The configuration is valid.' + terraform_validate_result = self.console_execute('terraform validate') + if terraform_success_validate not in terraform_validate_result: + raise TerraformProviderError(terraform_validate_result) + + def apply(self, cli_args): + """Run terraform + + Args: + cli_args: dict of parameters + Returns: + None + """ + args = ['-var {0}={1}'.format(key, value) for key, value + in cli_args.items() if value] + args_str = ' '.join(args) + print('terraform apply {}'.format(args_str)) + + @staticmethod + def console_execute(command): + return os.popen(command).read() + + class AbstractDeployBuilder: @property @@ -29,7 +77,7 @@ def cli_args(self): raise NotImplementedError @abc.abstractmethod - def install(self): + def deploy(self): """Post terraform execution Returns: @@ -44,44 +92,11 @@ def parse_args(self): dict: CLI arguments """ parser = argparse.ArgumentParser() - for argument, props in self.cli_args.items(): - parser.add_argument(argument, **props) + for argument in self.cli_args: + parser.add_argument(argument.get('name'), **argument.get('props')) return vars(parser.parse_args()) - def tf_init(self): - """Initialize terraform - - Returns: - bool: init successful - """ - terraform_success_init = 'Terraform has been successfully initialized!' - terraform_init_result = self.console_execute('terraform init') - return terraform_success_init in terraform_init_result - - def tf_validate(self): - """Validate terraform - - Returns: - bool: validation successful - """ - terraform_success_validate = 'Success! The configuration is valid.' - terraform_validate_result = self.console_execute('terraform validate') - return terraform_success_validate in terraform_validate_result - - def tf_apply(self, cli_args): - """Run terraform - - Args: - cli_args: dict of parameters - Returns: - None - """ - args = ['-var {0}={1}'.format(key, value) for key, value - in cli_args.items() if value] - args_str = ' '.join(args) - print('terraform apply {}'.format(args_str)) - - def run_tf(self): + def provision(self): """Execute terraform script Returns: @@ -89,16 +104,34 @@ def run_tf(self): """ tf_location = self.terraform_location cli_args = self.parse_args() + terraform = TerraformProvider() os.chdir(tf_location) + try: + terraform.initialize() + terraform.validate() + terraform.apply(cli_args) + except TerraformProviderError as error: + print(error) - if self.tf_init() and self.tf_validate(): - self.tf_apply(cli_args) + def build_str_arg_param(self, name, desc, **kwargs): + return self.build_arg_param(str, name, desc, **kwargs) + def build_int_arg_param(self, name, desc, **kwargs): + return self.build_arg_param(int, name, desc, **kwargs) @staticmethod - def console_execute(command): - return os.popen(command).read() + def build_arg_param(arg_type, name, desc, **kwargs): + return { + 'name': name, + 'props': { + 'help': desc, + 'type': arg_type, + 'nargs': kwargs.get('nargs', '?'), + 'default': kwargs.get('default'), + 'choices': kwargs.get('choices'), + } + } class DeployDirector: @@ -111,8 +144,8 @@ def build(self, builder): Returns: None """ - builder.run_tf() - builder.install() + builder.provision() + builder.deploy() def get_status(self): """ Get execution status @@ -132,110 +165,55 @@ def terraform_location(self): @property def cli_args(self): - return { - 'service_base_name': { - 'type': str, - 'help': 'Any infrastructure value (should be unique ' - 'if multiple SSN’s have been deployed before).', - 'nargs': '?', - 'default': 'dlab-k8s', - }, - 'vpc_id': { - 'type': str, - 'nargs': '?', - 'help': 'ID of AWS VPC if you already have VPC created.', - }, - 'vpc_cidr': { - 'type': str, - 'help': 'CIDR for VPC creation. Conflicts with vpc_id', - 'nargs': '?', - 'default': '172.31.0.0/16', - }, - 'subnet_id': { - 'type': str, - 'nargs': '?', - 'help': 'ID of AWS Subnet if you already have subnet created.', - }, - 'subnet_cidr': { - 'type': str, - 'help': 'CIDR for Subnet creation. Conflicts with subnet_id.', - 'nargs': '?', - 'default': '172.31.0.0/24', - }, - 'env_os': { - 'type': str, - 'help': 'OS type. Available options: debian, redhat.', - 'nargs': '?', - 'default': 'debian', - 'choices': ('debian', 'redhat'), - }, - 'ami': { # from python - 'type': str, - 'help': 'ID of EC2 AMI.', - 'nargs': '?', - }, - 'key_name': { # from python - 'type': str, - 'help': 'Name of EC2 Key pair.', - 'nargs': '?', - }, - 'region': { - 'type': str, - 'help': 'Name of AWS region.', - 'nargs': '?', - 'default': 'us-west-2', - }, - 'zone': { - 'type': str, - 'help': 'Name of AWS zone', - 'nargs': '?', - 'default': 'a', - }, - 'ssn_k8s_masters_count': { - 'type': int, - 'help': 'Count of K8S masters.', - 'nargs': '?', - 'default': 3, - }, - 'ssn_k8s_workers_count': { - 'type': int, - 'help': 'Count of K8S workers', - 'nargs': '?', - 'default': 2, - }, - 'ssn_root_volume_size': { - 'type': int, - 'help': 'Size of root volume in GB.', - 'nargs': '?', - 'default': 30, - }, - 'allowed_cidrs': { - 'type': str, - 'help': 'CIDR to allow acces to SSN K8S cluster.', - 'nargs': '?', - 'default': '0.0.0.0/0', - }, - 'ssn_k8s_masters_shape': { - 'type': str, - 'help': 'Shape for SSN K8S masters.', - 'nargs': '?', - 'default': 't2.medium', - }, - 'ssn_k8s_workers_shape': { - 'type': str, - 'help': 'Shape for SSN K8S workers.', - 'nargs': '?', - 'default': 't2.medium', - }, - 'os_user': { - 'type': str, - 'help': 'Name of DLab service user.', - 'nargs': '?', - 'default': 'dlab-user', - }, - } - - def install(self): + return [ + self.build_str_arg_param('service_base_name', + 'Any infrastructure value (should be ' + 'unique if multiple SSN\'s have been ' + 'deployed before).', + default='dlab-k8s'), + self.build_str_arg_param('vpc_id', + 'ID of AWS VPC if you already have VPC ' + 'created.'), + self.build_str_arg_param('vpc_cidr', + 'CIDR for VPC creation. ' + 'Conflicts with vpc_id', + default='172.31.0.0/16'), + self.build_str_arg_param('subnet_id', + 'ID of AWS Subnet if you already have ' + 'subnet created.'), + self.build_str_arg_param('subnet_cidr', + 'CIDR for Subnet creation. Conflicts with ' + 'subnet_id.', + default='172.31.0.0/24'), + self.build_str_arg_param('env_os', + 'OS type.', + default='debian', + choices=('debian', 'redhat')), + self.build_str_arg_param('ami', 'ID of EC2 AMI.'), + self.build_str_arg_param('key_name', 'Name of EC2 Key pair.'), + self.build_str_arg_param('region', 'Name of AWS region.', + default='us-west-2'), + self.build_str_arg_param('zone', 'Name of AWS zone', default='a'), + self.build_str_arg_param('allowed_cidrs', + 'CIDR to allow acces to SSN K8S cluster.', + default='0.0.0.0/0'), + self.build_str_arg_param('ssn_k8s_masters_shape', + 'Shape for SSN K8S masters.', + default='t2.medium'), + self.build_str_arg_param('ssn_k8s_workers_shape', + 'Shape for SSN K8S workers.', + default='t2.medium'), + self.build_str_arg_param('os_user', 'Name of DLab service user.', + default='dlab-user'), + self.build_int_arg_param('ssn_k8s_masters_count', + 'Count of K8S masters.', default=3), + self.build_int_arg_param('ssn_k8s_workers_count', + 'Count of K8S workers', default=2), + self.build_int_arg_param('ssn_root_volume_size', + 'Size of root volume in GB.', default=30), + ] + + def deploy(self): # os.system('ls -l') print('installation process') From ae3df6e341bab376572db4cb0cf19ec3aa2352e8 Mon Sep 17 00:00:00 2001 From: Oleh Martushevskyi Date: Tue, 9 Jul 2019 12:26:10 +0300 Subject: [PATCH 05/46] added parameters to dlab cli --- .../terraform/bin/terraform-cli.py | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) mode change 100644 => 100755 infrastructure-provisioning/terraform/bin/terraform-cli.py diff --git a/infrastructure-provisioning/terraform/bin/terraform-cli.py b/infrastructure-provisioning/terraform/bin/terraform-cli.py old mode 100644 new mode 100755 index 9f5ecee3d9..1d8c794515 --- a/infrastructure-provisioning/terraform/bin/terraform-cli.py +++ b/infrastructure-provisioning/terraform/bin/terraform-cli.py @@ -166,6 +166,12 @@ def terraform_location(self): @property def cli_args(self): return [ + self.build_str_arg_param('access_key_id', + 'AWS Access Key ID.', + nargs=None), + self.build_str_arg_param('secret_access_key', + 'AWS Secret Access Key.', + nargs=None), self.build_str_arg_param('service_base_name', 'Any infrastructure value (should be ' 'unique if multiple SSN\'s have been ' @@ -189,8 +195,10 @@ def cli_args(self): 'OS type.', default='debian', choices=('debian', 'redhat')), - self.build_str_arg_param('ami', 'ID of EC2 AMI.'), - self.build_str_arg_param('key_name', 'Name of EC2 Key pair.'), + self.build_str_arg_param('ami', 'ID of EC2 AMI.', + nargs=None), + self.build_str_arg_param('key_name', 'Name of EC2 Key pair.', + nargs=None), self.build_str_arg_param('region', 'Name of AWS region.', default='us-west-2'), self.build_str_arg_param('zone', 'Name of AWS zone', default='a'), From e410939c035fccb04579664fc7ba3103953df681 Mon Sep 17 00:00:00 2001 From: Oleh Martushevskyi Date: Tue, 9 Jul 2019 12:48:35 +0300 Subject: [PATCH 06/46] added parameters to dlab cli --- .../terraform/bin/terraform-cli.py | 17 ++++++----------- 1 file changed, 6 insertions(+), 11 deletions(-) diff --git a/infrastructure-provisioning/terraform/bin/terraform-cli.py b/infrastructure-provisioning/terraform/bin/terraform-cli.py index 1d8c794515..9828ac46b0 100755 --- a/infrastructure-provisioning/terraform/bin/terraform-cli.py +++ b/infrastructure-provisioning/terraform/bin/terraform-cli.py @@ -30,7 +30,7 @@ def validate(self): Returns: bool: validation successful """ - terraform_success_validate = 'Success! The configuration is valid.' + terraform_success_validate = 'Success!' terraform_validate_result = self.console_execute('terraform validate') if terraform_success_validate not in terraform_validate_result: raise TerraformProviderError(terraform_validate_result) @@ -167,11 +167,9 @@ def terraform_location(self): def cli_args(self): return [ self.build_str_arg_param('access_key_id', - 'AWS Access Key ID.', - nargs=None), + 'AWS Access Key ID.'), self.build_str_arg_param('secret_access_key', - 'AWS Secret Access Key.', - nargs=None), + 'AWS Secret Access Key.'), self.build_str_arg_param('service_base_name', 'Any infrastructure value (should be ' 'unique if multiple SSN\'s have been ' @@ -193,12 +191,9 @@ def cli_args(self): default='172.31.0.0/24'), self.build_str_arg_param('env_os', 'OS type.', - default='debian', - choices=('debian', 'redhat')), - self.build_str_arg_param('ami', 'ID of EC2 AMI.', - nargs=None), - self.build_str_arg_param('key_name', 'Name of EC2 Key pair.', - nargs=None), + default='debian'), + self.build_str_arg_param('ami', 'ID of EC2 AMI.'), + self.build_str_arg_param('key_name', 'Name of EC2 Key pair.'), self.build_str_arg_param('region', 'Name of AWS region.', default='us-west-2'), self.build_str_arg_param('zone', 'Name of AWS zone', default='a'), From 4c22e9f23b9405ce54ffd71ca35a4bc90e9d5578 Mon Sep 17 00:00:00 2001 From: bohdana_kuzmenko Date: Tue, 9 Jul 2019 13:11:55 +0300 Subject: [PATCH 07/46] Replace positional args with optional --- .../terraform/bin/terraform-cli.py | 44 ++++++++++--------- 1 file changed, 23 insertions(+), 21 deletions(-) mode change 100644 => 100755 infrastructure-provisioning/terraform/bin/terraform-cli.py diff --git a/infrastructure-provisioning/terraform/bin/terraform-cli.py b/infrastructure-provisioning/terraform/bin/terraform-cli.py old mode 100644 new mode 100755 index 9f5ecee3d9..0d8ff89498 --- a/infrastructure-provisioning/terraform/bin/terraform-cli.py +++ b/infrastructure-provisioning/terraform/bin/terraform-cli.py @@ -43,7 +43,7 @@ def apply(self, cli_args): Returns: None """ - args = ['-var {0}={1}'.format(key, value) for key, value + args = ['-var {0}={1}'.format(key.replace('--',''), value) for key, value in cli_args.items() if value] args_str = ' '.join(args) print('terraform apply {}'.format(args_str)) @@ -127,7 +127,6 @@ def build_arg_param(arg_type, name, desc, **kwargs): 'props': { 'help': desc, 'type': arg_type, - 'nargs': kwargs.get('nargs', '?'), 'default': kwargs.get('default'), 'choices': kwargs.get('choices'), } @@ -166,50 +165,53 @@ def terraform_location(self): @property def cli_args(self): return [ - self.build_str_arg_param('service_base_name', + self.build_str_arg_param('--access_key_id', + 'AWS Access Key ID'), + self.build_str_arg_param('--secret_access_key', + 'AWS Secret Access Key'), + self.build_str_arg_param('--service_base_name', 'Any infrastructure value (should be ' 'unique if multiple SSN\'s have been ' 'deployed before).', default='dlab-k8s'), - self.build_str_arg_param('vpc_id', + self.build_str_arg_param('--vpc_id', 'ID of AWS VPC if you already have VPC ' 'created.'), - self.build_str_arg_param('vpc_cidr', + self.build_str_arg_param('--vpc_cidr', 'CIDR for VPC creation. ' 'Conflicts with vpc_id', default='172.31.0.0/16'), - self.build_str_arg_param('subnet_id', + self.build_str_arg_param('--subnet_id', 'ID of AWS Subnet if you already have ' 'subnet created.'), - self.build_str_arg_param('subnet_cidr', + self.build_str_arg_param('--subnet_cidr', 'CIDR for Subnet creation. Conflicts with ' 'subnet_id.', default='172.31.0.0/24'), - self.build_str_arg_param('env_os', + self.build_str_arg_param('--env_os', 'OS type.', - default='debian', - choices=('debian', 'redhat')), - self.build_str_arg_param('ami', 'ID of EC2 AMI.'), - self.build_str_arg_param('key_name', 'Name of EC2 Key pair.'), - self.build_str_arg_param('region', 'Name of AWS region.', + default='debian'), + self.build_str_arg_param('--ami', 'ID of EC2 AMI.'), + self.build_str_arg_param('--key_name', 'Name of EC2 Key pair.'), + self.build_str_arg_param('--region', 'Name of AWS region.', default='us-west-2'), - self.build_str_arg_param('zone', 'Name of AWS zone', default='a'), - self.build_str_arg_param('allowed_cidrs', + self.build_str_arg_param('--zone', 'Name of AWS zone', default='a'), + self.build_str_arg_param('--allowed_cidrs', 'CIDR to allow acces to SSN K8S cluster.', default='0.0.0.0/0'), - self.build_str_arg_param('ssn_k8s_masters_shape', + self.build_str_arg_param('--ssn_k8s_masters_shape', 'Shape for SSN K8S masters.', default='t2.medium'), - self.build_str_arg_param('ssn_k8s_workers_shape', + self.build_str_arg_param('--ssn_k8s_workers_shape', 'Shape for SSN K8S workers.', default='t2.medium'), - self.build_str_arg_param('os_user', 'Name of DLab service user.', + self.build_str_arg_param('--os_user', 'Name of DLab service user.', default='dlab-user'), - self.build_int_arg_param('ssn_k8s_masters_count', + self.build_int_arg_param('--ssn_k8s_masters_count', 'Count of K8S masters.', default=3), - self.build_int_arg_param('ssn_k8s_workers_count', + self.build_int_arg_param('--ssn_k8s_workers_count', 'Count of K8S workers', default=2), - self.build_int_arg_param('ssn_root_volume_size', + self.build_int_arg_param('--ssn_root_volume_size', 'Size of root volume in GB.', default=30), ] From b0714ef39a9af6215553587deee7392b7a37ca85 Mon Sep 17 00:00:00 2001 From: bohdana_kuzmenko Date: Tue, 9 Jul 2019 14:07:40 +0300 Subject: [PATCH 08/46] Update type Add terraform destroy --- .../terraform/bin/terraform-cli.py | 41 +++++++++++++++---- 1 file changed, 34 insertions(+), 7 deletions(-) diff --git a/infrastructure-provisioning/terraform/bin/terraform-cli.py b/infrastructure-provisioning/terraform/bin/terraform-cli.py index 0d8ff89498..79074f0377 100755 --- a/infrastructure-provisioning/terraform/bin/terraform-cli.py +++ b/infrastructure-provisioning/terraform/bin/terraform-cli.py @@ -30,11 +30,17 @@ def validate(self): Returns: bool: validation successful """ - terraform_success_validate = 'Success! The configuration is valid.' + terraform_success_validate = 'Success!' terraform_validate_result = self.console_execute('terraform validate') if terraform_success_validate not in terraform_validate_result: raise TerraformProviderError(terraform_validate_result) + def get_args_string(self, cli_args): + args = ['-var {0}={1}'.format(key, value) for + key, value + in cli_args.items() if value] + return' '.join(args) + def apply(self, cli_args): """Run terraform @@ -43,10 +49,19 @@ def apply(self, cli_args): Returns: None """ - args = ['-var {0}={1}'.format(key.replace('--',''), value) for key, value - in cli_args.items() if value] - args_str = ' '.join(args) - print('terraform apply {}'.format(args_str)) + args_str = self.get_args_string(cli_args) + self.console_execute('terraform apply {}'.format(args_str)) + + def destroy(self, cli_args): + """Run terraform + + Args: + cli_args: dict of parameters + Returns: + None + """ + args_str = self.get_args_string(cli_args) + self.console_execute('terraform destroy {}'.format(args_str)) @staticmethod def console_execute(command): @@ -110,7 +125,12 @@ def provision(self): try: terraform.initialize() terraform.validate() - terraform.apply(cli_args) + + action = cli_args.pop('action') + if action == 'deploy': + terraform.apply(cli_args) + elif action == 'destroy': + terraform.destroy(cli_args) except TerraformProviderError as error: print(error) @@ -120,6 +140,9 @@ def build_str_arg_param(self, name, desc, **kwargs): def build_int_arg_param(self, name, desc, **kwargs): return self.build_arg_param(int, name, desc, **kwargs) + def build_list_arg_param(self, name, desc, **kwargs): + return self.build_arg_param(list, name, desc, **kwargs) + @staticmethod def build_arg_param(arg_type, name, desc, **kwargs): return { @@ -129,6 +152,8 @@ def build_arg_param(arg_type, name, desc, **kwargs): 'type': arg_type, 'default': kwargs.get('default'), 'choices': kwargs.get('choices'), + 'nargs': kwargs.get('nargs'), + 'action': kwargs.get('action'), } } @@ -165,6 +190,8 @@ def terraform_location(self): @property def cli_args(self): return [ + self.build_str_arg_param('--action', 'Action', default='deploy'), + self.build_str_arg_param('--target', 'Target', default='module.ssn-k8s'), self.build_str_arg_param('--access_key_id', 'AWS Access Key ID'), self.build_str_arg_param('--secret_access_key', @@ -198,7 +225,7 @@ def cli_args(self): self.build_str_arg_param('--zone', 'Name of AWS zone', default='a'), self.build_str_arg_param('--allowed_cidrs', 'CIDR to allow acces to SSN K8S cluster.', - default='0.0.0.0/0'), + default=['0.0.0.0/0'], action='append'), self.build_str_arg_param('--ssn_k8s_masters_shape', 'Shape for SSN K8S masters.', default='t2.medium'), From c3eb59c726527847d3297ca0a658edb42a8d5a4f Mon Sep 17 00:00:00 2001 From: bohdana_kuzmenko Date: Tue, 9 Jul 2019 14:13:31 +0300 Subject: [PATCH 09/46] Move target --- infrastructure-provisioning/terraform/bin/terraform-cli.py | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/infrastructure-provisioning/terraform/bin/terraform-cli.py b/infrastructure-provisioning/terraform/bin/terraform-cli.py index 79074f0377..e8e7229425 100755 --- a/infrastructure-provisioning/terraform/bin/terraform-cli.py +++ b/infrastructure-provisioning/terraform/bin/terraform-cli.py @@ -50,7 +50,7 @@ def apply(self, cli_args): None """ args_str = self.get_args_string(cli_args) - self.console_execute('terraform apply {}'.format(args_str)) + self.console_execute('terraform apply -target module.ssn-k8s {}'.format(args_str)) def destroy(self, cli_args): """Run terraform @@ -61,7 +61,7 @@ def destroy(self, cli_args): None """ args_str = self.get_args_string(cli_args) - self.console_execute('terraform destroy {}'.format(args_str)) + self.console_execute('terraform destroy -target module.ssn-k8s {}'.format(args_str)) @staticmethod def console_execute(command): @@ -191,7 +191,6 @@ def terraform_location(self): def cli_args(self): return [ self.build_str_arg_param('--action', 'Action', default='deploy'), - self.build_str_arg_param('--target', 'Target', default='module.ssn-k8s'), self.build_str_arg_param('--access_key_id', 'AWS Access Key ID'), self.build_str_arg_param('--secret_access_key', From 762f3ce1df94b034a8e1ea04c01d6af98eebd113 Mon Sep 17 00:00:00 2001 From: Oleh Martushevskyi Date: Tue, 9 Jul 2019 14:16:57 +0300 Subject: [PATCH 10/46] updated README --- .../terraform/aws/modules/ssn-k8s/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/README.md b/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/README.md index 0ef6731925..d91e5e02a6 100644 --- a/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/README.md +++ b/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/README.md @@ -19,7 +19,7 @@ List of variables which should be provided: | ssn\_k8s\_masters\_count | int | Count of K8S masters. Default: 3 | | ssn\_k8s\_workers\_count | int | Count of K8S workers. Default: 2 | | ssn\_root\_volume\_size | int | Size of root volume in GB. Default: 30 | -| allowed\_cidrs | string | CIDR to allow acces to SSN K8S cluster. Default: 0.0.0.0/0 | +| allowed\_cidrs | list | CIDR to allow acces to SSN K8S cluster. Default: 0.0.0.0/0 | | ssn\_k8s\_masters\_shape | string | Shape for SSN K8S masters. Default: t2.medium | | ssn\_k8s\_workers\_shape | string | Shape for SSN K8S workers. Default: t2.medium | | os\_user | string | Name of DLab service user. Default: dlab-user | \ No newline at end of file From d37551a7d3c7b99a1c808cc21fe0e55d76829891 Mon Sep 17 00:00:00 2001 From: bohdana_kuzmenko Date: Tue, 9 Jul 2019 14:35:33 +0300 Subject: [PATCH 11/46] Add auto-approve Update args string builder --- .../terraform/bin/terraform-cli.py | 21 ++++++++++++------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/infrastructure-provisioning/terraform/bin/terraform-cli.py b/infrastructure-provisioning/terraform/bin/terraform-cli.py index e8e7229425..8a5a8d1e0c 100755 --- a/infrastructure-provisioning/terraform/bin/terraform-cli.py +++ b/infrastructure-provisioning/terraform/bin/terraform-cli.py @@ -36,9 +36,12 @@ def validate(self): raise TerraformProviderError(terraform_validate_result) def get_args_string(self, cli_args): - args = ['-var {0}={1}'.format(key, value) for - key, value - in cli_args.items() if value] + args = [] + for key, value in cli_args.items(): + if type(value) == list: + joined_values = ', '.join(['"{}"'.format(item) for item in value]) + value = '[{}]'.format(joined_values) + args.append("-var '{0}={1}'".format(key, value)) return' '.join(args) def apply(self, cli_args): @@ -50,7 +53,8 @@ def apply(self, cli_args): None """ args_str = self.get_args_string(cli_args) - self.console_execute('terraform apply -target module.ssn-k8s {}'.format(args_str)) + command = 'terraform apply -auto-approve -target module.ssn-k8s {}' + print(command.format(args_str)) def destroy(self, cli_args): """Run terraform @@ -61,7 +65,8 @@ def destroy(self, cli_args): None """ args_str = self.get_args_string(cli_args) - self.console_execute('terraform destroy -target module.ssn-k8s {}'.format(args_str)) + command = 'terraform destroy -auto-approve -target module.ssn-k8s {}' + self.console_execute(command.format(args_str)) @staticmethod def console_execute(command): @@ -123,8 +128,8 @@ def provision(self): os.chdir(tf_location) try: - terraform.initialize() - terraform.validate() + # terraform.initialize() + # terraform.validate() action = cli_args.pop('action') if action == 'deploy': @@ -224,7 +229,7 @@ def cli_args(self): self.build_str_arg_param('--zone', 'Name of AWS zone', default='a'), self.build_str_arg_param('--allowed_cidrs', 'CIDR to allow acces to SSN K8S cluster.', - default=['0.0.0.0/0'], action='append'), + default=["0.0.0.0/0"], action='append'), self.build_str_arg_param('--ssn_k8s_masters_shape', 'Shape for SSN K8S masters.', default='t2.medium'), From 4966dddc01bd5f5cde69f6598cb5c2ab57b4dabe Mon Sep 17 00:00:00 2001 From: bohdana_kuzmenko Date: Tue, 9 Jul 2019 14:41:15 +0300 Subject: [PATCH 12/46] Skip empty values --- infrastructure-provisioning/terraform/bin/terraform-cli.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/infrastructure-provisioning/terraform/bin/terraform-cli.py b/infrastructure-provisioning/terraform/bin/terraform-cli.py index 8a5a8d1e0c..baa233d95a 100755 --- a/infrastructure-provisioning/terraform/bin/terraform-cli.py +++ b/infrastructure-provisioning/terraform/bin/terraform-cli.py @@ -38,6 +38,8 @@ def validate(self): def get_args_string(self, cli_args): args = [] for key, value in cli_args.items(): + if not value: + continue if type(value) == list: joined_values = ', '.join(['"{}"'.format(item) for item in value]) value = '[{}]'.format(joined_values) From 54585ff6ca172a779149678cd578dd8f3caca7cf Mon Sep 17 00:00:00 2001 From: bohdana_kuzmenko Date: Tue, 9 Jul 2019 17:59:23 +0300 Subject: [PATCH 13/46] Add k8s cluster status check Add params builder --- .../terraform/bin/terraform-cli.py | 247 +++++++++++------- 1 file changed, 153 insertions(+), 94 deletions(-) diff --git a/infrastructure-provisioning/terraform/bin/terraform-cli.py b/infrastructure-provisioning/terraform/bin/terraform-cli.py index baa233d95a..7160e8de8e 100755 --- a/infrastructure-provisioning/terraform/bin/terraform-cli.py +++ b/infrastructure-provisioning/terraform/bin/terraform-cli.py @@ -12,15 +12,23 @@ class TerraformProviderError(Exception): pass +class Console: + @staticmethod + def execute(command): + return os.popen(command).read() + + class TerraformProvider: def initialize(self): """Initialize terraform Returns: bool: init successful + Raises: + TerraformProviderError: if initialization was not succeed """ terraform_success_init = 'Terraform has been successfully initialized!' - terraform_init_result = self.console_execute('terraform init') + terraform_init_result = Console.execute('terraform init') if terraform_success_init not in terraform_init_result: raise TerraformProviderError(terraform_init_result) @@ -29,23 +37,15 @@ def validate(self): Returns: bool: validation successful + Raises: + TerraformProviderError: if validation status was not succeed + """ terraform_success_validate = 'Success!' - terraform_validate_result = self.console_execute('terraform validate') + terraform_validate_result = Console.execute('terraform validate') if terraform_success_validate not in terraform_validate_result: raise TerraformProviderError(terraform_validate_result) - def get_args_string(self, cli_args): - args = [] - for key, value in cli_args.items(): - if not value: - continue - if type(value) == list: - joined_values = ', '.join(['"{}"'.format(item) for item in value]) - value = '[{}]'.format(joined_values) - args.append("-var '{0}={1}'".format(key, value)) - return' '.join(args) - def apply(self, cli_args): """Run terraform @@ -56,10 +56,10 @@ def apply(self, cli_args): """ args_str = self.get_args_string(cli_args) command = 'terraform apply -auto-approve -target module.ssn-k8s {}' - print(command.format(args_str)) + Console.execute(command.format(args_str)) def destroy(self, cli_args): - """Run terraform + """Destroy terraform Args: cli_args: dict of parameters @@ -68,11 +68,36 @@ def destroy(self, cli_args): """ args_str = self.get_args_string(cli_args) command = 'terraform destroy -auto-approve -target module.ssn-k8s {}' - self.console_execute(command.format(args_str)) + Console.execute(command.format(args_str)) + + def output(self): + """ + + Returns: + str: terraform output result + + """ + return Console.execute('terraform output') @staticmethod - def console_execute(command): - return os.popen(command).read() + def get_args_string(cli_args): + """Convert dict of cli argument into string + + Args: + cli_args: dict of cli arguments + Returns: + str: string of joined key=values + """ + args = [] + for key, value in cli_args.items(): + if not value: + continue + if type(value) == list: + quoted_list = ['"{}"'.format(item) for item in value] + joined_values = ', '.join(quoted_list) + value = '[{}]'.format(joined_values) + args.append("-var '{0}={1}'".format(key, value)) + return ' '.join(args) class AbstractDeployBuilder: @@ -123,6 +148,8 @@ def provision(self): Returns: None + Raises: + TerraformProviderError: if init or validate fails """ tf_location = self.terraform_location cli_args = self.parse_args() @@ -130,39 +157,51 @@ def provision(self): os.chdir(tf_location) try: - # terraform.initialize() - # terraform.validate() + terraform.initialize() + terraform.validate() action = cli_args.pop('action') if action == 'deploy': terraform.apply(cli_args) elif action == 'destroy': terraform.destroy(cli_args) - except TerraformProviderError as error: - print(error) + except TerraformProviderError as ex: + raise Exception('Error while provisioning {}'.format(ex)) - def build_str_arg_param(self, name, desc, **kwargs): - return self.build_arg_param(str, name, desc, **kwargs) + def get_node_ip(self, output): + """Extract ip - def build_int_arg_param(self, name, desc, **kwargs): - return self.build_arg_param(int, name, desc, **kwargs) + Args: + output: str of terraform output + Returns: + str: extracted ip - def build_list_arg_param(self, name, desc, **kwargs): - return self.build_arg_param(list, name, desc, **kwargs) + """ + # TODO: extract ip address from tf output + return 'ip' - @staticmethod - def build_arg_param(arg_type, name, desc, **kwargs): - return { - 'name': name, - 'props': { - 'help': desc, - 'type': arg_type, - 'default': kwargs.get('default'), - 'choices': kwargs.get('choices'), - 'nargs': kwargs.get('nargs'), - 'action': kwargs.get('action'), - } - } + def check_k8s_cluster_status(self): + """ Check for kubernetes status + + Returns: + None + Raises: + TerraformProviderError: if master or kubeDNS is not running + + """ + terraform = TerraformProvider() + output = terraform.output() + ip = self.get_node_ip(output) + user_name = 'user' + + Console.execute('ssh {}@{}'.format(user_name, ip)) + k8c_info = Console.execute('kubectl cluster-info') + kubernetes_success_status = 'Kubernetes master is running' + kubernetes_dns_success_status = 'KubeDNS is running' + if kubernetes_success_status not in k8c_info: + raise TerraformProviderError('Master issue: {}'.format(k8c_info)) + if kubernetes_dns_success_status not in k8c_info: + raise TerraformProviderError('KubeDNS issue: {}'.format(k8c_info)) class DeployDirector: @@ -175,8 +214,12 @@ def build(self, builder): Returns: None """ - builder.provision() - builder.deploy() + try: + builder.provision() + builder.check_k8s_cluster_status() + builder.deploy() + except Exception as ex: + print(ex) def get_status(self): """ Get execution status @@ -184,9 +227,40 @@ def get_status(self): Returns: int: Execution error status (0 if success) """ + return 0 +class ParamsBuilder: + + def __init__(self): + self.__params = [] + + def add(self, arg_type, name, desc, **kwargs): + parameter = { + 'name': name, + 'props': { + 'help': desc, + 'type': arg_type, + 'default': kwargs.get('default'), + 'choices': kwargs.get('choices'), + 'nargs': kwargs.get('nargs'), + 'action': kwargs.get('action'), + } + } + self.__params.append(parameter) + return self + + def add_str(self, name, desc, **kwargs): + return self.add(str, name, desc, **kwargs) + + def add_int(self, name, desc, **kwargs): + return self.add(int, name, desc, **kwargs) + + def build(self): + return self.__params + + class AWSSourceBuilder(AbstractDeployBuilder): @property @@ -196,57 +270,42 @@ def terraform_location(self): @property def cli_args(self): - return [ - self.build_str_arg_param('--action', 'Action', default='deploy'), - self.build_str_arg_param('--access_key_id', - 'AWS Access Key ID'), - self.build_str_arg_param('--secret_access_key', - 'AWS Secret Access Key'), - self.build_str_arg_param('--service_base_name', - 'Any infrastructure value (should be ' - 'unique if multiple SSN\'s have been ' - 'deployed before).', - default='dlab-k8s'), - self.build_str_arg_param('--vpc_id', - 'ID of AWS VPC if you already have VPC ' - 'created.'), - self.build_str_arg_param('--vpc_cidr', - 'CIDR for VPC creation. ' - 'Conflicts with vpc_id', - default='172.31.0.0/16'), - self.build_str_arg_param('--subnet_id', - 'ID of AWS Subnet if you already have ' - 'subnet created.'), - self.build_str_arg_param('--subnet_cidr', - 'CIDR for Subnet creation. Conflicts with ' - 'subnet_id.', - default='172.31.0.0/24'), - self.build_str_arg_param('--env_os', - 'OS type.', - default='debian'), - self.build_str_arg_param('--ami', 'ID of EC2 AMI.'), - self.build_str_arg_param('--key_name', 'Name of EC2 Key pair.'), - self.build_str_arg_param('--region', 'Name of AWS region.', - default='us-west-2'), - self.build_str_arg_param('--zone', 'Name of AWS zone', default='a'), - self.build_str_arg_param('--allowed_cidrs', - 'CIDR to allow acces to SSN K8S cluster.', - default=["0.0.0.0/0"], action='append'), - self.build_str_arg_param('--ssn_k8s_masters_shape', - 'Shape for SSN K8S masters.', - default='t2.medium'), - self.build_str_arg_param('--ssn_k8s_workers_shape', - 'Shape for SSN K8S workers.', - default='t2.medium'), - self.build_str_arg_param('--os_user', 'Name of DLab service user.', - default='dlab-user'), - self.build_int_arg_param('--ssn_k8s_masters_count', - 'Count of K8S masters.', default=3), - self.build_int_arg_param('--ssn_k8s_workers_count', - 'Count of K8S workers', default=2), - self.build_int_arg_param('--ssn_root_volume_size', - 'Size of root volume in GB.', default=30), - ] + params = ParamsBuilder() + (params + .add_str('--action', 'Action', default='deploy') + .add_str('--access_key_id', 'AWS Access Key ID') + .add_str('--allowed_cidrs', + 'CIDR to allow acces to SSN K8S cluster.', + default=["0.0.0.0/0"], action='append') + .add_str('--ami', 'ID of EC2 AMI.') + .add_str('--env_os', 'OS type.', default='debian') + .add_str('--key_name', 'Name of EC2 Key pair.') + .add_str('--os_user', 'Name of DLab service user.', + default='dlab-user') + .add_str('--region', 'Name of AWS region.', default='us-west-2') + .add_str('--secret_access_key', 'AWS Secret Access Key') + .add_str('--service_base_name', + 'Any infrastructure value (should be unique if ' + 'multiple SSN\'s have been deployed before).', + default='dlab-k8s') + .add_int('--ssn_k8s_masters_count', 'Count of K8S masters.', default=3) + .add_int('--ssn_k8s_workers_count', 'Count of K8S workers', default=2) + .add_str('--ssn_k8s_masters_shape', 'Shape for SSN K8S masters.', + default='t2.medium') + .add_str('--ssn_k8s_workers_shape', 'Shape for SSN K8S workers.', + default='t2.medium') + .add_int('--ssn_root_volume_size', 'Size of root volume in GB.', + default=30) + .add_str('--subnet_cidr', + 'CIDR for Subnet creation. Conflicts with subnet_id.', + default='172.31.0.0/24') + .add_str('--subnet_id', + 'ID of AWS Subnet if you already have subnet created.') + .add_str('--vpc_cidr', 'CIDR for VPC creation. Conflicts with vpc_id', + default='172.31.0.0/16') + .add_str('--vpc_id', 'ID of AWS VPC if you already have VPC created.') + .add_str('--zone', 'Name of AWS zone', default='a')) + return params.build() def deploy(self): # os.system('ls -l') From 6fea408017aacbfd4902bfd474c2c90aba5389e5 Mon Sep 17 00:00:00 2001 From: Oleh Martushevskyi Date: Wed, 10 Jul 2019 11:08:31 +0300 Subject: [PATCH 14/46] added output --- .../terraform/aws/main/main.tf | 4 ++++ .../terraform/aws/main/variables.tf | 1 + .../aws/modules/ssn-k8s/auto_scaling_groups.tf | 16 +++++++++++++++- .../terraform/aws/modules/ssn-k8s/variables.tf | 6 ++++-- 4 files changed, 24 insertions(+), 3 deletions(-) diff --git a/infrastructure-provisioning/terraform/aws/main/main.tf b/infrastructure-provisioning/terraform/aws/main/main.tf index 11eea405b4..4a98e593f4 100644 --- a/infrastructure-provisioning/terraform/aws/main/main.tf +++ b/infrastructure-provisioning/terraform/aws/main/main.tf @@ -140,4 +140,8 @@ module "endpoint" { network_type = var.network_type vpc_cidr = var.vpc_cidr endpoint_volume_size = var.endpoint_volume_size +} + +output "ssn_k8s_masters_ip_addresses" { + value = module.ssn-k8s.ssn_k8s_masters_ip_addresses } \ No newline at end of file diff --git a/infrastructure-provisioning/terraform/aws/main/variables.tf b/infrastructure-provisioning/terraform/aws/main/variables.tf index 0a9cb5466b..8f659c887d 100644 --- a/infrastructure-provisioning/terraform/aws/main/variables.tf +++ b/infrastructure-provisioning/terraform/aws/main/variables.tf @@ -37,6 +37,7 @@ variable "key_name" { default = "BDCC-DSS-POC" } variable "allowed_cidrs" { + type = list default = ["0.0.0.0/0"] } variable "os_user" { diff --git a/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/auto_scaling_groups.tf b/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/auto_scaling_groups.tf index 9877d25bf0..6aa3e427ba 100644 --- a/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/auto_scaling_groups.tf +++ b/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/auto_scaling_groups.tf @@ -114,4 +114,18 @@ resource "aws_autoscaling_group" "ssn_k8s_autoscaling_group_workers" { propagate_at_launch = true } ] -} \ No newline at end of file +} + +data "aws_instances" "ssn_k8s_masters_instances" { + instance_tags = { + Name = aws_autoscaling_group.ssn_k8s_autoscaling_group_masters.name + } + + instance_state_names = ["running"] + depends_on = [aws_autoscaling_group.ssn_k8s_autoscaling_group_masters] +} + +output "ssn_k8s_masters_ip_addresses" { + value = data.aws_instances.ssn_k8s_masters_instances.public_ips + depends_on = [data.aws_instances.ssn_k8s_masters_instances] +} diff --git a/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/variables.tf b/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/variables.tf index cb16348538..7660088d37 100644 --- a/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/variables.tf +++ b/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/variables.tf @@ -45,10 +45,12 @@ variable "ssn_k8s_workers_count" {} variable "ssn_root_volume_size" {} -variable "allowed_cidrs" {} +variable "allowed_cidrs" { + type = list +} variable "ssn_k8s_masters_shape" {} variable "ssn_k8s_workers_shape" {} -variable "os_user" {} \ No newline at end of file +variable "os_user" {} From 65946368a633ff13b6f079ddba3f3b137bfadaff Mon Sep 17 00:00:00 2001 From: bohdana_kuzmenko Date: Wed, 10 Jul 2019 17:49:31 +0300 Subject: [PATCH 15/46] add pkey parameter add paramiko lib for remote terminal update cluster status check --- .../terraform/bin/terraform-cli.py | 112 +++++++++++++----- 1 file changed, 83 insertions(+), 29 deletions(-) diff --git a/infrastructure-provisioning/terraform/bin/terraform-cli.py b/infrastructure-provisioning/terraform/bin/terraform-cli.py index 7160e8de8e..4a94528274 100755 --- a/infrastructure-provisioning/terraform/bin/terraform-cli.py +++ b/infrastructure-provisioning/terraform/bin/terraform-cli.py @@ -1,8 +1,10 @@ #!/usr/bin/env python - +import json import os import abc import argparse +import paramiko +import time class TerraformProviderError(Exception): @@ -14,9 +16,34 @@ class TerraformProviderError(Exception): class Console: @staticmethod - def execute(command): + def exec_command(command): + """ Execute cli command + + Args: + command: str cli command + Returns: + str: command result + """ return os.popen(command).read() + @staticmethod + def remote(ip, user, pkey=None, passwd=None): + """ Get remote console\ + + Args: + ip: str address + user: str username + pkey: str path to pkey + passwd: str password + Returns: + SSHClient: remoter cli + """ + pkey = paramiko.RSAKey.from_private_key_file('path') if pkey else None + ssh = paramiko.SSHClient() + ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) + ssh.connect(ip, username=user, pkey=pkey, password=passwd) + return ssh + class TerraformProvider: def initialize(self): @@ -28,7 +55,7 @@ def initialize(self): TerraformProviderError: if initialization was not succeed """ terraform_success_init = 'Terraform has been successfully initialized!' - terraform_init_result = Console.execute('terraform init') + terraform_init_result = Console.exec_command('terraform init') if terraform_success_init not in terraform_init_result: raise TerraformProviderError(terraform_init_result) @@ -42,7 +69,7 @@ def validate(self): """ terraform_success_validate = 'Success!' - terraform_validate_result = Console.execute('terraform validate') + terraform_validate_result = Console.exec_command('terraform validate') if terraform_success_validate not in terraform_validate_result: raise TerraformProviderError(terraform_validate_result) @@ -68,16 +95,17 @@ def destroy(self, cli_args): """ args_str = self.get_args_string(cli_args) command = 'terraform destroy -auto-approve -target module.ssn-k8s {}' - Console.execute(command.format(args_str)) + Console.exec_command(command.format(args_str)) - def output(self): - """ + def output(self, *args): + """Get terraform output + Args: + *args: list of str parameters Returns: str: terraform output result - """ - return Console.execute('terraform output') + return Console.exec_command('terraform output '.format(' '.join(args))) @staticmethod def get_args_string(cli_args): @@ -138,10 +166,18 @@ def parse_args(self): Returns: dict: CLI arguments """ - parser = argparse.ArgumentParser() + terraform_args_parser = argparse.ArgumentParser() + client_args_parser = argparse.ArgumentParser() for argument in self.cli_args: + parser = (terraform_args_parser + if argument.get('is_terraform_param') + else client_args_parser) parser.add_argument(argument.get('name'), **argument.get('props')) - return vars(parser.parse_args()) + + return { + 'terraform_args': vars(terraform_args_parser.parse_args()), + 'service_args': vars(client_args_parser.parse_args()), + } def provision(self): """Execute terraform script @@ -153,6 +189,8 @@ def provision(self): """ tf_location = self.terraform_location cli_args = self.parse_args() + action = cli_args.get('service_args').get('action') + terraform_args = cli_args.get('terraform_args') terraform = TerraformProvider() os.chdir(tf_location) @@ -160,11 +198,11 @@ def provision(self): terraform.initialize() terraform.validate() - action = cli_args.pop('action') if action == 'deploy': - terraform.apply(cli_args) + terraform.apply(terraform_args) + self.check_k8s_cluster_status() elif action == 'destroy': - terraform.destroy(cli_args) + terraform.destroy(terraform_args) except TerraformProviderError as ex: raise Exception('Error while provisioning {}'.format(ex)) @@ -177,8 +215,7 @@ def get_node_ip(self, output): str: extracted ip """ - # TODO: extract ip address from tf output - return 'ip' + return json.loads(output) def check_k8s_cluster_status(self): """ Check for kubernetes status @@ -190,18 +227,33 @@ def check_k8s_cluster_status(self): """ terraform = TerraformProvider() - output = terraform.output() - ip = self.get_node_ip(output) - user_name = 'user' + output = terraform.output('-json ssn_k8s_masters_ip_addresses') + args = self.parse_args() - Console.execute('ssh {}@{}'.format(user_name, ip)) - k8c_info = Console.execute('kubectl cluster-info') - kubernetes_success_status = 'Kubernetes master is running' - kubernetes_dns_success_status = 'KubeDNS is running' - if kubernetes_success_status not in k8c_info: - raise TerraformProviderError('Master issue: {}'.format(k8c_info)) - if kubernetes_dns_success_status not in k8c_info: - raise TerraformProviderError('KubeDNS issue: {}'.format(k8c_info)) + ip = self.get_node_ip(output) + user_name = args.get('terraform').get('os_user') + pkey_path = args.get('cli').get('pkey') + + console = Console.remote(ip, user_name, pkey=pkey_path) + start_time = time.time() + while True: + stdin, stdout, stderr = console.exec_command('kubectl cluster-info') + outlines = stdout.readlines() + k8c_info_status = ''.join(outlines) + if not k8c_info_status: + if (time.time() - start_time) >= 600: + raise TimeoutError + time.sleep(120) + + kubernetes_success_status = 'Kubernetes master is running' + kubernetes_dns_success_status = 'KubeDNS is running' + if kubernetes_success_status not in k8c_info_status: + raise TerraformProviderError( + 'Master issue: {}'.format(k8c_info_status)) + if kubernetes_dns_success_status not in k8c_info_status: + raise TerraformProviderError( + 'KubeDNS issue: {}'.format(k8c_info_status)) + break class DeployDirector: @@ -216,7 +268,6 @@ def build(self, builder): """ try: builder.provision() - builder.check_k8s_cluster_status() builder.deploy() except Exception as ex: print(ex) @@ -238,6 +289,7 @@ def __init__(self): def add(self, arg_type, name, desc, **kwargs): parameter = { + 'is_terraform_param': kwargs.get('is_terraform_param', True), 'name': name, 'props': { 'help': desc, @@ -272,7 +324,9 @@ def terraform_location(self): def cli_args(self): params = ParamsBuilder() (params - .add_str('--action', 'Action', default='deploy') + .add_str('--pkey', 'path to key', is_terraform_param=False) + .add_str('--action', 'Action', default='deploy', + is_terraform_param=False) .add_str('--access_key_id', 'AWS Access Key ID') .add_str('--allowed_cidrs', 'CIDR to allow acces to SSN K8S cluster.', From 2ce19d3f0a7055beb7c48a2041f915239b9345ff Mon Sep 17 00:00:00 2001 From: Oleh Martushevskyi Date: Thu, 11 Jul 2019 10:43:14 +0300 Subject: [PATCH 16/46] nginx module --- .../terraform/aws/modules/nginx/nginx.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/infrastructure-provisioning/terraform/aws/modules/nginx/nginx.tf b/infrastructure-provisioning/terraform/aws/modules/nginx/nginx.tf index 003b99b53c..26466b84b9 100644 --- a/infrastructure-provisioning/terraform/aws/modules/nginx/nginx.tf +++ b/infrastructure-provisioning/terraform/aws/modules/nginx/nginx.tf @@ -32,12 +32,12 @@ resource "helm_release" "my_mongo" { set { name = "controller.service.nodePorts.http" - value = "${var.mongo_root_pwd}" + value = "${var.nginx_http_port}" } set { name = "controller.service.nodePorts.https" - value = "${var.mongo_db_username}" + value = "${var.nginx_https_port}" } set { From f627cfdae1add2204e73048580f62c393d174349 Mon Sep 17 00:00:00 2001 From: Oleh Martushevskyi Date: Thu, 11 Jul 2019 10:46:33 +0300 Subject: [PATCH 17/46] added module nginx --- infrastructure-provisioning/terraform/aws/main/main.tf | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/infrastructure-provisioning/terraform/aws/main/main.tf b/infrastructure-provisioning/terraform/aws/main/main.tf index 4a98e593f4..350dfa03d9 100644 --- a/infrastructure-provisioning/terraform/aws/main/main.tf +++ b/infrastructure-provisioning/terraform/aws/main/main.tf @@ -142,6 +142,10 @@ module "endpoint" { endpoint_volume_size = var.endpoint_volume_size } +module "nginx" { + source = "../modules/nginx" +} + output "ssn_k8s_masters_ip_addresses" { value = module.ssn-k8s.ssn_k8s_masters_ip_addresses } \ No newline at end of file From 61c8388c3f369b9732b22d767f0fa1567a9e7b79 Mon Sep 17 00:00:00 2001 From: Oleh Martushevskyi Date: Thu, 11 Jul 2019 11:45:50 +0300 Subject: [PATCH 18/46] added module mongo --- infrastructure-provisioning/terraform/aws/main/main.tf | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/infrastructure-provisioning/terraform/aws/main/main.tf b/infrastructure-provisioning/terraform/aws/main/main.tf index 350dfa03d9..2a45d7e266 100644 --- a/infrastructure-provisioning/terraform/aws/main/main.tf +++ b/infrastructure-provisioning/terraform/aws/main/main.tf @@ -146,6 +146,10 @@ module "nginx" { source = "../modules/nginx" } +module "mongo" { + source = "../modules/mongo" +} + output "ssn_k8s_masters_ip_addresses" { value = module.ssn-k8s.ssn_k8s_masters_ip_addresses } \ No newline at end of file From c7910f9eb7b9e40c6b54a99f0a0e506a070b3e78 Mon Sep 17 00:00:00 2001 From: Oleh Martushevskyi Date: Thu, 11 Jul 2019 11:46:38 +0300 Subject: [PATCH 19/46] added default values --- .../terraform/aws/main/variables.tf | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/infrastructure-provisioning/terraform/aws/main/variables.tf b/infrastructure-provisioning/terraform/aws/main/variables.tf index 8f659c887d..111a68f856 100644 --- a/infrastructure-provisioning/terraform/aws/main/variables.tf +++ b/infrastructure-provisioning/terraform/aws/main/variables.tf @@ -20,8 +20,12 @@ # ****************************************************************************** // AWS info -variable "access_key_id" {} -variable "secret_access_key" {} +variable "access_key_id" { + default = "" +} +variable "secret_access_key" { + default = "" +} variable "region" { default = "us-west-2" } From c351311e064f7b97a9be347267831e0ea1cd5799 Mon Sep 17 00:00:00 2001 From: bohdana_kuzmenko Date: Thu, 11 Jul 2019 12:55:14 +0300 Subject: [PATCH 20/46] Add parameters to arg parser --- .../terraform/bin/terraform-cli.py | 23 +++++++++++-------- 1 file changed, 13 insertions(+), 10 deletions(-) diff --git a/infrastructure-provisioning/terraform/bin/terraform-cli.py b/infrastructure-provisioning/terraform/bin/terraform-cli.py index 4a94528274..ca255b8398 100755 --- a/infrastructure-provisioning/terraform/bin/terraform-cli.py +++ b/infrastructure-provisioning/terraform/bin/terraform-cli.py @@ -38,7 +38,7 @@ def remote(ip, user, pkey=None, passwd=None): Returns: SSHClient: remoter cli """ - pkey = paramiko.RSAKey.from_private_key_file('path') if pkey else None + pkey = paramiko.RSAKey.from_private_key_file(pkey) if pkey else None ssh = paramiko.SSHClient() ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) ssh.connect(ip, username=user, pkey=pkey, password=passwd) @@ -83,7 +83,7 @@ def apply(self, cli_args): """ args_str = self.get_args_string(cli_args) command = 'terraform apply -auto-approve -target module.ssn-k8s {}' - Console.execute(command.format(args_str)) + Console.exec_command(command.format(args_str)) def destroy(self, cli_args): """Destroy terraform @@ -175,8 +175,8 @@ def parse_args(self): parser.add_argument(argument.get('name'), **argument.get('props')) return { - 'terraform_args': vars(terraform_args_parser.parse_args()), - 'service_args': vars(client_args_parser.parse_args()), + 'terraform_args': vars(terraform_args_parser.parse_known_args()[0]), + 'service_args': vars(client_args_parser.parse_known_args()[0]), } def provision(self): @@ -298,6 +298,7 @@ def add(self, arg_type, name, desc, **kwargs): 'choices': kwargs.get('choices'), 'nargs': kwargs.get('nargs'), 'action': kwargs.get('action'), + 'required': kwargs.get('required'), } } self.__params.append(parameter) @@ -324,20 +325,22 @@ def terraform_location(self): def cli_args(self): params = ParamsBuilder() (params - .add_str('--pkey', 'path to key', is_terraform_param=False) .add_str('--action', 'Action', default='deploy', is_terraform_param=False) - .add_str('--access_key_id', 'AWS Access Key ID') + .add_str('--access_key_id', 'AWS Access Key ID', required=True) .add_str('--allowed_cidrs', 'CIDR to allow acces to SSN K8S cluster.', default=["0.0.0.0/0"], action='append') - .add_str('--ami', 'ID of EC2 AMI.') - .add_str('--env_os', 'OS type.', default='debian') - .add_str('--key_name', 'Name of EC2 Key pair.') + .add_str('--ami', 'ID of EC2 AMI.', required=True) + .add_str('--env_os', 'OS type.', default='debian', + choices=['debian', 'redhat']) + .add_str('--key_name', 'Name of EC2 Key pair.', required=True) .add_str('--os_user', 'Name of DLab service user.', default='dlab-user') + .add_str('--pkey', 'path to key', + is_terraform_param=False, required=True) .add_str('--region', 'Name of AWS region.', default='us-west-2') - .add_str('--secret_access_key', 'AWS Secret Access Key') + .add_str('--secret_access_key', 'AWS Secret Access Key', required=True) .add_str('--service_base_name', 'Any infrastructure value (should be unique if ' 'multiple SSN\'s have been deployed before).', From 2b72b0cebb7ac88e1290417128c4bdf8d5a7b877 Mon Sep 17 00:00:00 2001 From: Oleh Martushevskyi Date: Thu, 11 Jul 2019 13:58:11 +0300 Subject: [PATCH 21/46] added default values --- .../terraform/aws/modules/mongo/mongo.tf | 5 +++++ .../terraform/bin/terraform-cli.py | 21 ++++++++++++------- 2 files changed, 18 insertions(+), 8 deletions(-) diff --git a/infrastructure-provisioning/terraform/aws/modules/mongo/mongo.tf b/infrastructure-provisioning/terraform/aws/modules/mongo/mongo.tf index 6188f8331f..ead3e8e401 100644 --- a/infrastructure-provisioning/terraform/aws/modules/mongo/mongo.tf +++ b/infrastructure-provisioning/terraform/aws/modules/mongo/mongo.tf @@ -58,4 +58,9 @@ resource "helm_release" "my_mongo" { name = "image.tag" value = "${var.image_tag}" } + set { + # temporary. PV should be implemented + name = "persistence.enabled" + value = "false" + } } diff --git a/infrastructure-provisioning/terraform/bin/terraform-cli.py b/infrastructure-provisioning/terraform/bin/terraform-cli.py index ca255b8398..5be9385cf0 100755 --- a/infrastructure-provisioning/terraform/bin/terraform-cli.py +++ b/infrastructure-provisioning/terraform/bin/terraform-cli.py @@ -27,7 +27,7 @@ def exec_command(command): return os.popen(command).read() @staticmethod - def remote(ip, user, pkey=None, passwd=None): + def remote(ip, user, pkey=None): """ Get remote console\ Args: @@ -38,10 +38,10 @@ def remote(ip, user, pkey=None, passwd=None): Returns: SSHClient: remoter cli """ - pkey = paramiko.RSAKey.from_private_key_file(pkey) if pkey else None + pkey = paramiko.RSAKey.from_private_key_file(pkey) ssh = paramiko.SSHClient() ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) - ssh.connect(ip, username=user, pkey=pkey, password=passwd) + ssh.connect(ip, username=user, pkey=pkey) return ssh @@ -105,7 +105,7 @@ def output(self, *args): Returns: str: terraform output result """ - return Console.exec_command('terraform output '.format(' '.join(args))) + return Console.exec_command('terraform output {}'.format(' '.join(args))) @staticmethod def get_args_string(cli_args): @@ -215,7 +215,11 @@ def get_node_ip(self, output): str: extracted ip """ - return json.loads(output) + + ips = json.loads(output) + if not ips: + raise TerraformProviderError('no ips') + return ips[0] def check_k8s_cluster_status(self): """ Check for kubernetes status @@ -231,13 +235,14 @@ def check_k8s_cluster_status(self): args = self.parse_args() ip = self.get_node_ip(output) - user_name = args.get('terraform').get('os_user') - pkey_path = args.get('cli').get('pkey') + user_name = args.get('terraform_args').get('os_user') + pkey_path = args.get('service_args').get('pkey') console = Console.remote(ip, user_name, pkey=pkey_path) start_time = time.time() while True: - stdin, stdout, stderr = console.exec_command('kubectl cluster-info') + stdin, stdout, stderr = console.exec_command('kubectl cluster-info | ' + 'sed -r "s/\x1B\[([0-9]{1,2}(;[0-9]{1,2})?)?[mGK]//g"') outlines = stdout.readlines() k8c_info_status = ''.join(outlines) if not k8c_info_status: From 10dd77d4160cc2d8ea334b19068095f7d84660c7 Mon Sep 17 00:00:00 2001 From: bohdana_kuzmenko Date: Thu, 11 Jul 2019 15:53:13 +0300 Subject: [PATCH 22/46] Update status check --- infrastructure-provisioning/terraform/bin/terraform-cli.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/infrastructure-provisioning/terraform/bin/terraform-cli.py b/infrastructure-provisioning/terraform/bin/terraform-cli.py index 5be9385cf0..c327e38cdc 100755 --- a/infrastructure-provisioning/terraform/bin/terraform-cli.py +++ b/infrastructure-provisioning/terraform/bin/terraform-cli.py @@ -3,6 +3,8 @@ import os import abc import argparse +import re + import paramiko import time @@ -245,7 +247,7 @@ def check_k8s_cluster_status(self): 'sed -r "s/\x1B\[([0-9]{1,2}(;[0-9]{1,2})?)?[mGK]//g"') outlines = stdout.readlines() k8c_info_status = ''.join(outlines) - if not k8c_info_status: + if re.findall('server .* was refused', k8c_info_status): if (time.time() - start_time) >= 600: raise TimeoutError time.sleep(120) From 6177a490dfd1ddc9986d853f2bddfefa66643463 Mon Sep 17 00:00:00 2001 From: bohdana_kuzmenko Date: Thu, 11 Jul 2019 16:26:07 +0300 Subject: [PATCH 23/46] Update status check --- .../terraform/bin/terraform-cli.py | 21 +++++++++---------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/infrastructure-provisioning/terraform/bin/terraform-cli.py b/infrastructure-provisioning/terraform/bin/terraform-cli.py index c327e38cdc..845ff1c005 100755 --- a/infrastructure-provisioning/terraform/bin/terraform-cli.py +++ b/infrastructure-provisioning/terraform/bin/terraform-cli.py @@ -247,20 +247,19 @@ def check_k8s_cluster_status(self): 'sed -r "s/\x1B\[([0-9]{1,2}(;[0-9]{1,2})?)?[mGK]//g"') outlines = stdout.readlines() k8c_info_status = ''.join(outlines) - if re.findall('server .* was refused', k8c_info_status): - if (time.time() - start_time) >= 600: - raise TimeoutError - time.sleep(120) kubernetes_success_status = 'Kubernetes master is running' kubernetes_dns_success_status = 'KubeDNS is running' - if kubernetes_success_status not in k8c_info_status: - raise TerraformProviderError( - 'Master issue: {}'.format(k8c_info_status)) - if kubernetes_dns_success_status not in k8c_info_status: - raise TerraformProviderError( - 'KubeDNS issue: {}'.format(k8c_info_status)) - break + + kubernetes_succeed = kubernetes_success_status in k8c_info_status + kube_dns_succeed = kubernetes_dns_success_status in k8c_info_status + + if kubernetes_succeed and kube_dns_succeed: + break + if (time.time() - start_time) >= 600: + raise TimeoutError + time.sleep(60) + class DeployDirector: From 376bc5a4038b81468a7baba3f0d5fd7cc263fc40 Mon Sep 17 00:00:00 2001 From: Dyoma33 Date: Fri, 12 Jul 2019 13:51:45 +0300 Subject: [PATCH 24/46] [DLAB-813] Created terraform scripts for Keycloak and Mysql --- .../aws/modules/keycloak/ingress.yaml | 14 ++++ .../aws/modules/keycloak/keycloak.tf | 56 +++++++++++++++ .../terraform/aws/modules/keycloak/mysql.tf | 68 +++++++++++++++++++ .../aws/modules/keycloak/variables.tf | 0 4 files changed, 138 insertions(+) create mode 100644 infrastructure-provisioning/terraform/aws/modules/keycloak/ingress.yaml create mode 100644 infrastructure-provisioning/terraform/aws/modules/keycloak/keycloak.tf create mode 100644 infrastructure-provisioning/terraform/aws/modules/keycloak/mysql.tf create mode 100644 infrastructure-provisioning/terraform/aws/modules/keycloak/variables.tf diff --git a/infrastructure-provisioning/terraform/aws/modules/keycloak/ingress.yaml b/infrastructure-provisioning/terraform/aws/modules/keycloak/ingress.yaml new file mode 100644 index 0000000000..b16505836f --- /dev/null +++ b/infrastructure-provisioning/terraform/aws/modules/keycloak/ingress.yaml @@ -0,0 +1,14 @@ +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: ingress-keycloak + #annotations: + # ingress.kubernetes.io/rewrite-target: / +spec: + rules: + - http: + paths: + - path: /keycloak + backend: + serviceName: keycloak + servicePort: 31088 \ No newline at end of file diff --git a/infrastructure-provisioning/terraform/aws/modules/keycloak/keycloak.tf b/infrastructure-provisioning/terraform/aws/modules/keycloak/keycloak.tf new file mode 100644 index 0000000000..ff0807d0c9 --- /dev/null +++ b/infrastructure-provisioning/terraform/aws/modules/keycloak/keycloak.tf @@ -0,0 +1,56 @@ +resource "helm_release" "keycloak" { + name = "keycloak" + chart = "stable/keycloak" + wait = false + + set { + name = "keycloak.username" + value = "dlab-admin" + } + + set { + name = "keycloak.password" + value = "12345o" + } + + set { + name = "keycloak.persistence.dbVendor" + value = "mysql" + } + + set { + name = "keycloak.persistence.dbName" + value = "keycloak" + } + + set { + name = "keycloak.persistence.dbHost" + value = "keycloak-mysql" + } + + set { + name = "keycloak.persistence.dbPort" + value = "3306" + } + + set { + name = "keycloak.persistence.dbUser" + value = "keycloak" + } + + set { + name = "keycloak.persistence.dbPassword" + value = "1234567890o" + } + + set { + name = "keycloak.service.type" + value = "NodePort" + } + + set { + name = "keycloak.service.nodePort" + value = "31088" + } + +} \ No newline at end of file diff --git a/infrastructure-provisioning/terraform/aws/modules/keycloak/mysql.tf b/infrastructure-provisioning/terraform/aws/modules/keycloak/mysql.tf new file mode 100644 index 0000000000..367a4b7258 --- /dev/null +++ b/infrastructure-provisioning/terraform/aws/modules/keycloak/mysql.tf @@ -0,0 +1,68 @@ +resource "helm_release" "keycloak-mysql" { + name = "keycloak-mysql" + chart = "stable/mysql" + wait = false + + set { + name = "mysqlRootPassword" + value = "1234567890o" + } + + set { + name = "mysqlUser" + value = "keycloak" + } + + set { + name = "mysqlPassword" + value = "1234567890o" + } + + set { + name = "mysqlDatabase" + value = "keycloak" + } + + set { + name = "persistence.existingClaim" + value = "${kubernetes_persistent_volume_claim.example.metadata.0.name}" + } +} + + +provider "kubernetes" { + } + +resource "kubernetes_persistent_volume" "example" { + metadata { + name = "mysql-keycloak-pv2" + } + spec { + capacity = { + storage = "8Gi" + } + access_modes = ["ReadWriteMany"] + persistent_volume_source { + host_path { + path = "/home/dlab-user/keycloak-pv2" + } + } + } +} + + +resource "kubernetes_persistent_volume_claim" "example" { + metadata { + name = "mysql-keycloak-pvc2" + } + spec { + access_modes = ["ReadWriteMany"] + resources { + requests = { + storage = "5Gi" + } + } + volume_name = "${kubernetes_persistent_volume.example.metadata.0.name}" + } +} + diff --git a/infrastructure-provisioning/terraform/aws/modules/keycloak/variables.tf b/infrastructure-provisioning/terraform/aws/modules/keycloak/variables.tf new file mode 100644 index 0000000000..e69de29bb2 From cc7d5b05a147bf0c4df94fce5c27003daa016771 Mon Sep 17 00:00:00 2001 From: Dyoma33 Date: Fri, 12 Jul 2019 14:37:47 +0300 Subject: [PATCH 25/46] [DLAB-813] Added Headers to terraform scripts --- .../aws/modules/keycloak/ingress.yaml | 21 +++++++++++++++++++ .../aws/modules/keycloak/keycloak.tf | 21 +++++++++++++++++++ .../terraform/aws/modules/keycloak/mysql.tf | 21 +++++++++++++++++++ .../aws/modules/keycloak/variables.tf | 20 ++++++++++++++++++ 4 files changed, 83 insertions(+) diff --git a/infrastructure-provisioning/terraform/aws/modules/keycloak/ingress.yaml b/infrastructure-provisioning/terraform/aws/modules/keycloak/ingress.yaml index b16505836f..3d6bb35271 100644 --- a/infrastructure-provisioning/terraform/aws/modules/keycloak/ingress.yaml +++ b/infrastructure-provisioning/terraform/aws/modules/keycloak/ingress.yaml @@ -1,3 +1,24 @@ +# ***************************************************************************** +# +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# +# ****************************************************************************** + apiVersion: extensions/v1beta1 kind: Ingress metadata: diff --git a/infrastructure-provisioning/terraform/aws/modules/keycloak/keycloak.tf b/infrastructure-provisioning/terraform/aws/modules/keycloak/keycloak.tf index ff0807d0c9..7b8be2d269 100644 --- a/infrastructure-provisioning/terraform/aws/modules/keycloak/keycloak.tf +++ b/infrastructure-provisioning/terraform/aws/modules/keycloak/keycloak.tf @@ -1,3 +1,24 @@ +# ***************************************************************************** +# +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# +# ****************************************************************************** + resource "helm_release" "keycloak" { name = "keycloak" chart = "stable/keycloak" diff --git a/infrastructure-provisioning/terraform/aws/modules/keycloak/mysql.tf b/infrastructure-provisioning/terraform/aws/modules/keycloak/mysql.tf index 367a4b7258..b0c84a7482 100644 --- a/infrastructure-provisioning/terraform/aws/modules/keycloak/mysql.tf +++ b/infrastructure-provisioning/terraform/aws/modules/keycloak/mysql.tf @@ -1,3 +1,24 @@ +# ***************************************************************************** +# +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# +# ****************************************************************************** + resource "helm_release" "keycloak-mysql" { name = "keycloak-mysql" chart = "stable/mysql" diff --git a/infrastructure-provisioning/terraform/aws/modules/keycloak/variables.tf b/infrastructure-provisioning/terraform/aws/modules/keycloak/variables.tf index e69de29bb2..04cd33e121 100644 --- a/infrastructure-provisioning/terraform/aws/modules/keycloak/variables.tf +++ b/infrastructure-provisioning/terraform/aws/modules/keycloak/variables.tf @@ -0,0 +1,20 @@ +# ***************************************************************************** +# +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# +# ****************************************************************************** \ No newline at end of file From 700e3732120bc536f0feecbe884aa427a34743f9 Mon Sep 17 00:00:00 2001 From: Oleh Martushevskyi Date: Fri, 12 Jul 2019 16:03:55 +0300 Subject: [PATCH 26/46] fixed typo --- .../aws/modules/dlab-ui/dlab-ui-chart/templates/ingress.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/ingress.yaml b/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/ingress.yaml index f9608a23eb..c5e02f4050 100644 --- a/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/ingress.yaml +++ b/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/ingress.yaml @@ -18,7 +18,7 @@ # under the License. # # ****************************************************************************** -{- if .Values.ingress.enabled -}} +{{- if .Values.ingress.enabled -}} {{- $fullName := include "dlab-ui.fullname" . -}} apiVersion: extensions/v1beta1 kind: Ingress From 3537483ece2196629bb47e2dbf1d22f042661ae1 Mon Sep 17 00:00:00 2001 From: Oleh Martushevskyi Date: Mon, 15 Jul 2019 11:34:09 +0300 Subject: [PATCH 27/46] [DLAB-901][DLAB-902]: added creation k8s in multiple subnets; added creation of ALB for K8S --- .../terraform/aws/main/main.tf | 49 ++++++------ .../terraform/aws/main/variables.tf | 13 +++- .../modules/ssn-k8s/auto_scaling_groups.tf | 15 ++-- .../ssn-k8s/files/masters-user-data.sh | 6 +- .../terraform/aws/modules/ssn-k8s/lb.tf | 55 ++++++++++---- .../aws/modules/ssn-k8s/security_groups.tf | 30 +++++--- .../aws/modules/ssn-k8s/variables.tf | 10 ++- .../terraform/aws/modules/ssn-k8s/vpc.tf | 74 ++++++++++++++++--- .../terraform/bin/terraform-cli.py | 18 ++++- 9 files changed, 197 insertions(+), 73 deletions(-) diff --git a/infrastructure-provisioning/terraform/aws/main/main.tf b/infrastructure-provisioning/terraform/aws/main/main.tf index 2a45d7e266..10d3ad3f45 100644 --- a/infrastructure-provisioning/terraform/aws/main/main.tf +++ b/infrastructure-provisioning/terraform/aws/main/main.tf @@ -26,24 +26,27 @@ provider "aws" { } module "ssn-k8s" { - source = "../modules/ssn-k8s" - service_base_name = var.service_base_name - vpc_id = var.vpc_id - vpc_cidr = var.vpc_cidr - subnet_id = var.subnet_id - env_os = var.env_os - ami = var.ami - key_name = var.key_name - region = var.region - zone = var.zone - ssn_k8s_masters_count = var.ssn_k8s_masters_count - ssn_k8s_workers_count = var.ssn_k8s_workers_count - ssn_root_volume_size = var.ssn_root_volume_size - allowed_cidrs = var.allowed_cidrs - subnet_cidr = var.subnet_cidr - ssn_k8s_masters_shape = var.ssn_k8s_masters_shape - ssn_k8s_workers_shape = var.ssn_k8s_workers_shape - os_user = var.os_user + source = "../modules/ssn-k8s" + service_base_name = var.service_base_name + vpc_id = var.vpc_id + vpc_cidr = var.vpc_cidr + subnet_id_a = var.subnet_id_a + subnet_id_b = var.subnet_id_b + env_os = var.env_os + ami = var.ami + key_name = var.key_name + region = var.region + zone = var.zone + ssn_k8s_masters_count = var.ssn_k8s_masters_count + ssn_k8s_workers_count = var.ssn_k8s_workers_count + ssn_root_volume_size = var.ssn_root_volume_size + allowed_cidrs = var.allowed_cidrs + subnet_cidr_a = var.subnet_cidr_a + subnet_cidr_b = var.subnet_cidr_b + subnet_cidr_c = var.subnet_cidr_c + ssn_k8s_masters_shape = var.ssn_k8s_masters_shape + ssn_k8s_workers_shape = var.ssn_k8s_workers_shape + os_user = var.os_user } module "common" { @@ -69,7 +72,7 @@ module "notebook" { user_tag = "${var.user_tag}" custom_tag = "${var.custom_tag}" notebook_name = "${var.notebook_name}" - subnet_id = "${var.subnet_id}" + subnet_id = "${var.subnet_id_a}" nb-sg_id = "${var.nb-sg_id}" note_profile_name = "${var.note_profile_name}" product = "${var.product_name}" @@ -85,7 +88,7 @@ module "data_engine" { user_tag = "${var.user_tag}" custom_tag = "${var.custom_tag}" notebook_name = "${var.notebook_name}" - subnet_id = "${var.subnet_id}" + subnet_id = "${var.subnet_id_a}" nb-sg_id = "${var.nb-sg_id}" note_profile_name = "${var.note_profile_name}" product = "${var.product_name}" @@ -104,7 +107,7 @@ module "emr" { user_tag = "${var.user_tag}" custom_tag = "${var.custom_tag}" notebook_name = "${var.notebook_name}" - subnet_id = "${var.subnet_id}" + subnet_id = "${var.subnet_id_a}" nb-sg_id = "${var.nb-sg_id}" note_profile_name = "${var.note_profile_name}" product = "${var.product_name}" @@ -131,12 +134,12 @@ module "endpoint" { region = var.region zone = var.zone product = var.product_name - subnet_cidr = var.subnet_cidr + subnet_cidr = var.subnet_cidr_a endpoint_instance_shape = var.endpoint_instance_shape key_name = var.key_name ami = var.ami vpc_id = var.vpc_id - subnet_id = var.subnet_id + subnet_id = var.subnet_id_a network_type = var.network_type vpc_cidr = var.vpc_cidr endpoint_volume_size = var.endpoint_volume_size diff --git a/infrastructure-provisioning/terraform/aws/main/variables.tf b/infrastructure-provisioning/terraform/aws/main/variables.tf index 111a68f856..fc50cf2898 100644 --- a/infrastructure-provisioning/terraform/aws/main/variables.tf +++ b/infrastructure-provisioning/terraform/aws/main/variables.tf @@ -62,12 +62,21 @@ variable "vpc_id" { variable "vpc_cidr" { default = "172.31.0.0/16" } -variable "subnet_id" { +variable "subnet_id_a" { default = "" } -variable "subnet_cidr" { +variable "subnet_id_b" { + default = "" +} +variable "subnet_cidr_a" { default = "172.31.0.0/24" } +variable "subnet_cidr_b" { + default = "172.31.1.0/24" +} +variable "subnet_cidr_c" { + default = "172.31.2.0/24" +} variable "ami" { default = "ami-07b4f3c02c7f83d59" } diff --git a/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/auto_scaling_groups.tf b/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/auto_scaling_groups.tf index 6aa3e427ba..0ee3f3518f 100644 --- a/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/auto_scaling_groups.tf +++ b/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/auto_scaling_groups.tf @@ -19,14 +19,18 @@ # # ****************************************************************************** +locals { + subnet_c_id = data.aws_subnet.k8s-subnet-c-data == [] ? "" : data.aws_subnet.k8s-subnet-c-data.0.id +} + data "template_file" "ssn_k8s_masters_user_data" { template = file("../modules/ssn-k8s/files/masters-user-data.sh") vars = { k8s-asg = "${var.service_base_name}-ssn-masters" k8s-region = var.region k8s-bucket-name = aws_s3_bucket.ssn_k8s_bucket.id - k8s-eip = aws_eip.k8s-lb-eip.public_ip - k8s-tg-arn = aws_lb_target_group.ssn_k8s_lb_target_group.arn + k8s-nlb-dns-name = aws_lb.ssn_k8s_nlb.dns_name #aws_eip.k8s-lb-eip.public_ip + k8s-tg-arn = aws_lb_target_group.ssn_k8s_nlb_target_group.arn k8s_os_user = var.os_user } } @@ -82,8 +86,9 @@ resource "aws_autoscaling_group" "ssn_k8s_autoscaling_group_masters" { launch_configuration = aws_launch_configuration.ssn_k8s_launch_conf_masters.name min_size = var.ssn_k8s_masters_count max_size = var.ssn_k8s_masters_count - vpc_zone_identifier = [data.aws_subnet.k8s-subnet-data.id] - target_group_arns = [aws_lb_target_group.ssn_k8s_lb_target_group.arn] + vpc_zone_identifier = compact([data.aws_subnet.k8s-subnet-a-data.id, data.aws_subnet.k8s-subnet-b-data.id, local.subnet_c_id]) + target_group_arns = [aws_lb_target_group.ssn_k8s_nlb_target_group.arn, + aws_lb_target_group.ssn_k8s_alb_target_group.arn] lifecycle { create_before_destroy = true @@ -102,7 +107,7 @@ resource "aws_autoscaling_group" "ssn_k8s_autoscaling_group_workers" { launch_configuration = aws_launch_configuration.ssn_k8s_launch_conf_workers.name min_size = var.ssn_k8s_workers_count max_size = var.ssn_k8s_workers_count - vpc_zone_identifier = [data.aws_subnet.k8s-subnet-data.id] + vpc_zone_identifier = compact([data.aws_subnet.k8s-subnet-a-data.id, data.aws_subnet.k8s-subnet-b-data.id, local.subnet_c_id]) lifecycle { create_before_destroy = true diff --git a/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/files/masters-user-data.sh b/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/files/masters-user-data.sh index 2091b89f31..8a8ab9602e 100644 --- a/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/files/masters-user-data.sh +++ b/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/files/masters-user-data.sh @@ -74,15 +74,15 @@ apiVersion: kubeadm.k8s.io/v1beta2 kind: ClusterConfiguration kubernetesVersion: stable apiServerCertSANs: - - ${k8s-eip} -controlPlaneEndpoint: "${k8s-eip}:6443" + - ${k8s-nlb-dns-name} +controlPlaneEndpoint: "${k8s-nlb-dns-name}:6443" EOF sudo kubeadm init --config=/tmp/kubeadm-config.yaml --upload-certs while check_elb_status do if [[ $RUN == "false" ]]; then - echo "Waiting for LB healthy status..." + echo "Waiting for NLB healthy status..." else echo "LB status is healthy!" break diff --git a/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/lb.tf b/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/lb.tf index 18afc7321b..552481f03c 100644 --- a/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/lb.tf +++ b/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/lb.tf @@ -19,36 +19,65 @@ # # ****************************************************************************** -resource "aws_lb" "ssn_k8s_lb" { - name = "${var.service_base_name}-ssn-lb" +resource "aws_lb" "ssn_k8s_nlb" { + name = "${var.service_base_name}-ssn-nlb" load_balancer_type = "network" - - subnet_mapping { - subnet_id = data.aws_subnet.k8s-subnet-data.id - allocation_id = aws_eip.k8s-lb-eip.id + subnets = compact([data.aws_subnet.k8s-subnet-a-data.id, data.aws_subnet.k8s-subnet-b-data.id, local.subnet_c_id]) + tags = { + Name = "${var.service_base_name}-ssn-nlb" } +} + +resource "aws_lb" "ssn_k8s_alb" { + name = "${var.service_base_name}-ssn-alb" + internal = false + load_balancer_type = "application" + security_groups = [aws_security_group.ssn_k8s_sg.id] + subnets = compact([data.aws_subnet.k8s-subnet-a-data.id, data.aws_subnet.k8s-subnet-b-data.id, local.subnet_c_id]) + tags = { - Name = "${var.service_base_name}-ssn-lb" + Name = "${var.service_base_name}-ssn-alb" } } -resource "aws_lb_target_group" "ssn_k8s_lb_target_group" { - name = "${var.service_base_name}-ssn-lb-target-group" +resource "aws_lb_target_group" "ssn_k8s_nlb_target_group" { + name = "${var.service_base_name}-ssn-nlb-target-group" port = 6443 protocol = "TCP" vpc_id = data.aws_vpc.ssn_k8s_vpc_data.id tags = { - Name = "${var.service_base_name}-ssn-lb-target-group" + Name = "${var.service_base_name}-ssn-nlb-target-group" + } +} + +resource "aws_lb_target_group" "ssn_k8s_alb_target_group" { + name = "${var.service_base_name}-ssn-alb-target-group" + port = 31080 + protocol = "HTTP" + vpc_id = data.aws_vpc.ssn_k8s_vpc_data.id + tags = { + Name = "${var.service_base_name}-ssn-alb-target-group" + } +} + +resource "aws_lb_listener" "ssn_k8s_alb_listener" { + load_balancer_arn = aws_lb.ssn_k8s_alb.arn + port = "80" + protocol = "HTTP" + + default_action { + type = "forward" + target_group_arn = aws_lb_target_group.ssn_k8s_alb_target_group.arn } } -resource "aws_lb_listener" "ssn_k8s_lb_listener" { - load_balancer_arn = aws_lb.ssn_k8s_lb.arn +resource "aws_lb_listener" "ssn_k8s_nlb_listener" { + load_balancer_arn = aws_lb.ssn_k8s_nlb.arn port = "6443" protocol = "TCP" default_action { type = "forward" - target_group_arn = aws_lb_target_group.ssn_k8s_lb_target_group.arn + target_group_arn = aws_lb_target_group.ssn_k8s_nlb_target_group.arn } } \ No newline at end of file diff --git a/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/security_groups.tf b/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/security_groups.tf index 95881fbf12..70fb6e431f 100644 --- a/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/security_groups.tf +++ b/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/security_groups.tf @@ -19,10 +19,20 @@ # # ****************************************************************************** -data "aws_eip" "ssn_k8s_lb_eip" { - id = aws_eip.k8s-lb-eip.id - depends_on = [aws_lb_listener.ssn_k8s_lb_listener] -} +//data "aws_eip" "ssn_k8s_lb_eip_a" { +// id = aws_eip.k8s-lb-eip-a.id +// depends_on = [aws_lb_listener.ssn_k8s_nlb_listener] +//} +// +//data "aws_eip" "ssn_k8s_lb_eip_a" { +// id = aws_eip.k8s-lb-eip-b.id # Need to be refactored +// depends_on = [aws_lb_listener.ssn_k8s_nlb_listener] +//} +// +//data "aws_eip" "ssn_k8s_lb_eip_a" { +// id = aws_eip.k8s-lb-eip-a.id +// depends_on = [aws_lb_listener.ssn_k8s_nlb_listener] +//} resource "aws_security_group" "ssn_k8s_sg" { name = "${var.service_base_name}-ssn-sg" @@ -48,12 +58,12 @@ resource "aws_security_group" "ssn_k8s_sg" { cidr_blocks = ["0.0.0.0/0"] description = "Need to be changed in the future" } - ingress { - from_port = 0 - to_port = 0 - protocol = -1 - cidr_blocks = ["${data.aws_eip.ssn_k8s_lb_eip.public_ip}/32", "${data.aws_eip.ssn_k8s_lb_eip.private_ip}/32"] - } +// ingress { +// from_port = 0 +// to_port = 0 # Need to be refactored +// protocol = -1 +// cidr_blocks = ["${data.aws_eip.ssn_k8s_lb_eip.public_ip}/32", "${data.aws_eip.ssn_k8s_lb_eip.private_ip}/32"] +// } egress { from_port = 0 diff --git a/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/variables.tf b/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/variables.tf index 7660088d37..a9ef123e4a 100644 --- a/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/variables.tf +++ b/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/variables.tf @@ -25,9 +25,15 @@ variable "vpc_id" {} variable "vpc_cidr" {} -variable "subnet_id" {} +variable "subnet_id_a" {} -variable "subnet_cidr" {} +variable "subnet_id_b" {} + +variable "subnet_cidr_a" {} + +variable "subnet_cidr_b" {} + +variable "subnet_cidr_c" {} variable "env_os" {} diff --git a/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/vpc.tf b/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/vpc.tf index 4c50323668..78e26b6117 100644 --- a/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/vpc.tf +++ b/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/vpc.tf @@ -51,25 +51,77 @@ data "aws_vpc" "ssn_k8s_vpc_data" { id = var.vpc_id == "" ? aws_vpc.ssn_k8s_vpc.0.id : var.vpc_id } -resource "aws_subnet" "ssn_k8s_subnet" { - count = var.subnet_id == "" ? 1 : 0 +resource "aws_subnet" "ssn_k8s_subnet_a" { + count = var.subnet_id_a == "" ? 1 : 0 vpc_id = data.aws_vpc.ssn_k8s_vpc_data.id - availability_zone = "${var.region}${var.zone}" - cidr_block = var.subnet_cidr + availability_zone = "${var.region}a" + cidr_block = var.subnet_cidr_a map_public_ip_on_launch = true tags = { - Name = "${var.service_base_name}-ssn-subnet" + Name = "${var.service_base_name}-ssn-subnet-az-a" } } -data "aws_subnet" "k8s-subnet-data" { - id = var.subnet_id == "" ? aws_subnet.ssn_k8s_subnet.0.id : var.subnet_id +resource "aws_subnet" "ssn_k8s_subnet_b" { + count = var.subnet_id_b == "" ? 1 : 0 + vpc_id = data.aws_vpc.ssn_k8s_vpc_data.id + availability_zone = "${var.region}b" + cidr_block = var.subnet_cidr_b + map_public_ip_on_launch = true + + tags = { + Name = "${var.service_base_name}-ssn-subnet-az-b" + } } -resource "aws_eip" "k8s-lb-eip" { - vpc = true +resource "aws_subnet" "ssn_k8s_subnet_c" { + count = var.ssn_k8s_masters_count > 2 ? 1 : 0 + vpc_id = data.aws_vpc.ssn_k8s_vpc_data.id + availability_zone = "${var.region}c" + cidr_block = var.subnet_cidr_c + map_public_ip_on_launch = true + tags = { - Name = "${var.service_base_name}-ssn-eip" + Name = "${var.service_base_name}-ssn-subnet-az-c" } -} \ No newline at end of file +} + +data "aws_subnet" "k8s-subnet-a-data" { + id = var.subnet_id_a == "" ? aws_subnet.ssn_k8s_subnet_a.0.id : var.subnet_id_a +} + +data "aws_subnet" "k8s-subnet-b-data" { + id = var.subnet_id_b == "" ? aws_subnet.ssn_k8s_subnet_b.0.id : var.subnet_id_b +} + +data "aws_subnet" "k8s-subnet-c-data" { + count = var.ssn_k8s_masters_count > 2 ? 1 : 0 + id = aws_subnet.ssn_k8s_subnet_c.0.id +} + +//resource "aws_eip" "k8s-lb-eip-a" { +// vpc = true +// tags = { +// Name = "${var.service_base_name}-ssn-eip-a" +// } +//} +// +//resource "aws_eip" "k8s-lb-eip-b" { +// vpc = true +// tags = { +// Name = "${var.service_base_name}-ssn-eip-b" +// } +//} +// +//resource "aws_eip" "k8s-lb-eip-c" { +// count = var.ssn_k8s_masters_count > 2 ? 1 : 0 +// vpc = true +// tags = { +// Name = "${var.service_base_name}-ssn-eip-c" +// } +//} +// +//data "aws_eip" "k8s-lb-eip-c-data" { +// id = aws_eip.k8s-lb-eip-c.0.id +//} \ No newline at end of file diff --git a/infrastructure-provisioning/terraform/bin/terraform-cli.py b/infrastructure-provisioning/terraform/bin/terraform-cli.py index 845ff1c005..f62e852cb0 100755 --- a/infrastructure-provisioning/terraform/bin/terraform-cli.py +++ b/infrastructure-provisioning/terraform/bin/terraform-cli.py @@ -359,11 +359,21 @@ def cli_args(self): default='t2.medium') .add_int('--ssn_root_volume_size', 'Size of root volume in GB.', default=30) - .add_str('--subnet_cidr', - 'CIDR for Subnet creation. Conflicts with subnet_id.', + .add_str('--subnet_cidr_a', + 'CIDR for Subnet creation in zone a. Conflicts with subnet_id_a.', default='172.31.0.0/24') - .add_str('--subnet_id', - 'ID of AWS Subnet if you already have subnet created.') + .add_str('--subnet_cidr_b', + 'CIDR for Subnet creation in zone b. Conflicts with subnet_id_b.', + default='172.31.1.0/24') + .add_str('--subnet_cidr_c', + 'CIDR for Subnet creation in zone c. Conflicts with subnet_id_c.', + default='172.31.2.0/24') + .add_str('--subnet_id_a', + 'ID of AWS Subnet in zone a if you already have subnet created.') + .add_str('--subnet_id_b', + 'ID of AWS Subnet in zone b if you already have subnet created.') + .add_str('--subnet_id_c', + 'ID of AWS Subnet in zone c if you already have subnet created.') .add_str('--vpc_cidr', 'CIDR for VPC creation. Conflicts with vpc_id', default='172.31.0.0/16') .add_str('--vpc_id', 'ID of AWS VPC if you already have VPC created.') From 17b5e3502b29dfc0b6d1f3a1d6836d2a703c461d Mon Sep 17 00:00:00 2001 From: Oleh Martushevskyi Date: Mon, 15 Jul 2019 11:54:08 +0300 Subject: [PATCH 28/46] [DLAB-792]: refactored DLAB-ui chart --- .../dlab-ui-chart/templates/deployment.yaml | 25 +++++++++++-------- .../dlab-ui-chart/templates/ingress.yaml | 4 ++- .../dlab-ui-chart/templates/service.yaml | 6 +++-- .../modules/dlab-ui/dlab-ui-chart/values.yaml | 6 +++-- 4 files changed, 25 insertions(+), 16 deletions(-) diff --git a/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/deployment.yaml b/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/deployment.yaml index 4213083e6b..5d7afe17c9 100644 --- a/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/deployment.yaml +++ b/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/deployment.yaml @@ -45,17 +45,20 @@ spec: image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" imagePullPolicy: {{ .Values.image.pullPolicy }} ports: - - name: https - containerPort: 443 - protocol: TCP - livenessProbe: - httpGet: - path: / - port: http - readinessProbe: - httpGet: - path: / - port: http +# - name: https +# containerPort: 443 +# protocol: TCP + - name: http + containerPort: 80 + protocol: TCP +# livenessProbe: +# httpGet: +# path: / +# port: http +# readinessProbe: +# httpGet: +# path: / +# port: http resources: {{- toYaml .Values.resources | nindent 12 }} {{- with .Values.nodeSelector }} diff --git a/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/ingress.yaml b/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/ingress.yaml index c5e02f4050..fdc5e0e9e7 100644 --- a/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/ingress.yaml +++ b/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/ingress.yaml @@ -28,6 +28,7 @@ metadata: {{ include "dlab-ui.labels" . | indent 4 }} {{- with .Values.ingress.annotations }} annotations: + nginx.ingress.kubernetes.io/ssl-redirect: "false" {{- toYaml . | nindent 4 }} {{- end }} spec: @@ -49,7 +50,8 @@ spec: - path: {{ . }} backend: serviceName: {{ $fullName }} - servicePort: 443 + # servicePort: 443 + servicePort: 80 {{- end }} {{- end }} {{- end }} \ No newline at end of file diff --git a/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/service.yaml b/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/service.yaml index 826277af4e..a88e59440e 100644 --- a/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/service.yaml +++ b/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/service.yaml @@ -29,9 +29,11 @@ spec: type: {{ .Values.service.type }} ports: - port: {{ .Values.service.port }} - targetPort: 58443 + #targetPort: 58443 + targetPort: 58080 protocol: TCP - name: https + #name: https + name: http selector: app.kubernetes.io/name: {{ include "dlab-ui.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} diff --git a/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/values.yaml b/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/values.yaml index 2c8021cf85..e37ee86801 100644 --- a/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/values.yaml +++ b/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/values.yaml @@ -28,7 +28,8 @@ replicaCount: 1 image: repository: koppox/dlab-ui tag: '1.3-hardj' - pullPolicy: IfNotPresent + # pullPolicy: IfNotPresent + pullPolicy: Always #imagePullSecrets: [] #nameOverride: "" @@ -36,7 +37,8 @@ image: service: type: NodePort - port: 58443 +# port: 58443 + port: 58080 ingress: enabled: true From 73b5ab2a4303f18d81ee6ae188efbeb4a239dfa4 Mon Sep 17 00:00:00 2001 From: Oleh Martushevskyi Date: Mon, 15 Jul 2019 13:11:31 +0300 Subject: [PATCH 29/46] [DLAB-792]: refactored DLAB-ui chart --- .../terraform/aws/main/main.tf | 4 ++++ .../dlab-ui-chart/templates/deployment.yaml | 7 +++++-- .../dlab-ui/dlab-ui-chart/templates/ingress.yaml | 14 ++++++++------ .../dlab-ui/dlab-ui-chart/templates/service.yaml | 2 ++ .../aws/modules/dlab-ui/dlab-ui-chart/values.yaml | 1 + 5 files changed, 20 insertions(+), 8 deletions(-) diff --git a/infrastructure-provisioning/terraform/aws/main/main.tf b/infrastructure-provisioning/terraform/aws/main/main.tf index 10d3ad3f45..2ed5212ab9 100644 --- a/infrastructure-provisioning/terraform/aws/main/main.tf +++ b/infrastructure-provisioning/terraform/aws/main/main.tf @@ -153,6 +153,10 @@ module "mongo" { source = "../modules/mongo" } +module "keycloak" { + source = "../modules/keycloak" +} + output "ssn_k8s_masters_ip_addresses" { value = module.ssn-k8s.ssn_k8s_masters_ip_addresses } \ No newline at end of file diff --git a/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/deployment.yaml b/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/deployment.yaml index 5d7afe17c9..1fdaba01d5 100644 --- a/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/deployment.yaml +++ b/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/deployment.yaml @@ -1,3 +1,4 @@ +{{- /* # ***************************************************************************** # # Licensed to the Apache Software Foundation (ASF) under one @@ -18,6 +19,8 @@ # under the License. # # ****************************************************************************** +*/ -}} + apiVersion: apps/v1 kind: Deployment metadata: @@ -49,8 +52,8 @@ spec: # containerPort: 443 # protocol: TCP - name: http - containerPort: 80 - protocol: TCP + containerPort: 80 + protocol: TCP # livenessProbe: # httpGet: # path: / diff --git a/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/ingress.yaml b/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/ingress.yaml index fdc5e0e9e7..e556b1fe02 100644 --- a/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/ingress.yaml +++ b/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/ingress.yaml @@ -1,4 +1,5 @@ -# ***************************************************************************** +{{- /* +# ****************************************************************************** # # Licensed to the Apache Software Foundation (ASF) under one # or more contributor license agreements. See the NOTICE file @@ -18,18 +19,20 @@ # under the License. # # ****************************************************************************** +*/ -}} + {{- if .Values.ingress.enabled -}} {{- $fullName := include "dlab-ui.fullname" . -}} +{{ $servicePort := .Values.service.port }} apiVersion: extensions/v1beta1 kind: Ingress metadata: name: {{ $fullName }} labels: {{ include "dlab-ui.labels" . | indent 4 }} - {{- with .Values.ingress.annotations }} annotations: - nginx.ingress.kubernetes.io/ssl-redirect: "false" - {{- toYaml . | nindent 4 }} +{{- with .Values.ingress.annotations }} +{{ toYaml . | indent 4 }} {{- end }} spec: {{- if .Values.ingress.tls }} @@ -50,8 +53,7 @@ spec: - path: {{ . }} backend: serviceName: {{ $fullName }} - # servicePort: 443 - servicePort: 80 + servicePort: {{ $servicePort }} {{- end }} {{- end }} {{- end }} \ No newline at end of file diff --git a/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/service.yaml b/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/service.yaml index a88e59440e..ad4fc4b65f 100644 --- a/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/service.yaml +++ b/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/service.yaml @@ -1,3 +1,4 @@ +{{- /* # ***************************************************************************** # # Licensed to the Apache Software Foundation (ASF) under one @@ -18,6 +19,7 @@ # under the License. # # ****************************************************************************** +*/ -}} apiVersion: v1 kind: Service diff --git a/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/values.yaml b/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/values.yaml index e37ee86801..f183afdbca 100644 --- a/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/values.yaml +++ b/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/values.yaml @@ -44,6 +44,7 @@ ingress: enabled: true annotations: kubernetes.io/ingress.class: nginx + nginx.ingress.kubernetes.io/ssl-redirect: "false" # kubernetes.io/tls-acme: "true" rules: - paths: [/] From a319dc88a0e03ba5d6825ca467a12d2eeb242da4 Mon Sep 17 00:00:00 2001 From: Oleh Martushevskyi Date: Mon, 15 Jul 2019 13:16:57 +0300 Subject: [PATCH 30/46] [DLAB-792]: refactored DLAB-ui chart --- .../terraform/aws/modules/dlab-ui/dlab-ui.tf | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui.tf b/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui.tf index 04cd33e121..cfb66a551b 100644 --- a/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui.tf +++ b/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui.tf @@ -17,4 +17,17 @@ # specific language governing permissions and limitations # under the License. # -# ****************************************************************************** \ No newline at end of file +# ****************************************************************************** + +provider "helm" { + install_tiller = true + namespace = "kube-system" + service_account = "tiller" + tiller_image = "gcr.io/kubernetes-helm/tiller:v2.14.1" +} + + +resource "helm_release" "my_mongo" { + name = "dlab-ui" + chart = "./dlab-ui-chart" +} From 8ea6a5a61edaa7b0ed6a54ea1a09c2960cabf96d Mon Sep 17 00:00:00 2001 From: Oleh Martushevskyi Date: Mon, 15 Jul 2019 13:18:38 +0300 Subject: [PATCH 31/46] [DLAB-792]: refactored DLAB-ui chart --- .../terraform/aws/modules/dlab-ui/dlab-ui.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui.tf b/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui.tf index cfb66a551b..9d6b2d6303 100644 --- a/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui.tf +++ b/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui.tf @@ -27,7 +27,7 @@ provider "helm" { } -resource "helm_release" "my_mongo" { +resource "helm_release" "dlab-ui" { name = "dlab-ui" chart = "./dlab-ui-chart" } From 31887a7c7fc43080d646b1ccb89029aa00688830 Mon Sep 17 00:00:00 2001 From: Oleh Martushevskyi Date: Mon, 15 Jul 2019 13:20:11 +0300 Subject: [PATCH 32/46] [DLAB-792]: refactored DLAB-ui chart --- infrastructure-provisioning/terraform/aws/main/main.tf | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/infrastructure-provisioning/terraform/aws/main/main.tf b/infrastructure-provisioning/terraform/aws/main/main.tf index 2ed5212ab9..26ee5ec3a1 100644 --- a/infrastructure-provisioning/terraform/aws/main/main.tf +++ b/infrastructure-provisioning/terraform/aws/main/main.tf @@ -157,6 +157,10 @@ module "keycloak" { source = "../modules/keycloak" } +module "dlab-ui" { + source = "../modules/dlab-ui" +} + output "ssn_k8s_masters_ip_addresses" { value = module.ssn-k8s.ssn_k8s_masters_ip_addresses } \ No newline at end of file From 46fa2b1e83f18569c3124509be7d35302af4b28f Mon Sep 17 00:00:00 2001 From: Oleh Martushevskyi Date: Mon, 15 Jul 2019 13:36:24 +0300 Subject: [PATCH 33/46] [DLAB-792]: refactored DLAB-ui chart --- .../terraform/aws/modules/dlab-ui/dlab-ui.tf | 2 +- .../ssn-k8s/files/masters-user-data.sh | 48 +++++++++---------- 2 files changed, 25 insertions(+), 25 deletions(-) diff --git a/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui.tf b/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui.tf index 9d6b2d6303..2cf2426331 100644 --- a/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui.tf +++ b/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui.tf @@ -29,5 +29,5 @@ provider "helm" { resource "helm_release" "dlab-ui" { name = "dlab-ui" - chart = "./dlab-ui-chart" + chart = "../modules/dlab-ui/dlab-ui-chart" } diff --git a/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/files/masters-user-data.sh b/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/files/masters-user-data.sh index 8a8ab9602e..0fc3ec0dd3 100644 --- a/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/files/masters-user-data.sh +++ b/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/files/masters-user-data.sh @@ -158,31 +158,31 @@ sudo mv /tmp/update_files.sh /usr/local/bin/update_files.sh sudo chmod 755 /usr/local/bin/update_files.sh sudo bash -c 'echo "0 0 * * * root /usr/local/bin/update_files.sh" >> /etc/crontab' -cat < /tmp/remove-etcd-member.sh -#!/bin/bash -hostname=\$(/bin/hostname) -not_ready_node=\$(/usr/bin/sudo -i -u ${k8s_os_user} /usr/bin/kubectl get nodes | grep NotReady | grep master | awk '{print \$1}') -if [[ \$not_ready_node != "" ]]; then -etcd_pod_name=\$(/usr/bin/sudo -i -u ${k8s_os_user} /usr/bin/kubectl get pods -n kube-system | /bin/grep etcd \ - | /bin/grep "\$hostname" | /usr/bin/awk '{print \$1}') -etcd_member_id=\$(/usr/bin/sudo -i -u ${k8s_os_user} /usr/bin/kubectl -n kube-system exec -it \$etcd_pod_name \ - -- /bin/sh -c "ETCDCTL_API=3 etcdctl member list --endpoints=https://[127.0.0.1]:2379 \ - --cacert=/etc/kubernetes/pki/etcd/ca.crt --cert=/etc/kubernetes/pki/etcd/healthcheck-client.crt \ - --key=/etc/kubernetes/pki/etcd/healthcheck-client.key" | /bin/grep ", \$not_ready_node" | /usr/bin/awk -F',' '{print \$1}') -/usr/bin/sudo -i -u ${k8s_os_user} /usr/bin/kubectl -n kube-system exec -it \$etcd_pod_name \ - -- /bin/sh -c "ETCDCTL_API=3 etcdctl member remove \$etcd_member_id --endpoints=https://[127.0.0.1]:2379 \ - --cacert=/etc/kubernetes/pki/etcd/ca.crt --cert=/etc/kubernetes/pki/etcd/healthcheck-client.crt \ - --key=/etc/kubernetes/pki/etcd/healthcheck-client.key" -/usr/bin/sudo -i -u ${k8s_os_user} /usr/bin/kubectl delete node \$not_ready_node - -fi - -EOF -sudo mv /tmp/remove-etcd-member.sh /usr/local/bin/remove-etcd-member.sh -sudo chmod 755 /usr/local/bin/remove-etcd-member.sh -sleep 600 +#cat < /tmp/remove-etcd-member.sh +##!/bin/bash +#hostname=\$(/bin/hostname) +#not_ready_node=\$(/usr/bin/sudo -i -u ${k8s_os_user} /usr/bin/kubectl get nodes | grep NotReady | grep master | awk '{print \$1}') +#if [[ \$not_ready_node != "" ]]; then +#etcd_pod_name=\$(/usr/bin/sudo -i -u ${k8s_os_user} /usr/bin/kubectl get pods -n kube-system | /bin/grep etcd \ +# | /bin/grep "\$hostname" | /usr/bin/awk '{print \$1}') +#etcd_member_id=\$(/usr/bin/sudo -i -u ${k8s_os_user} /usr/bin/kubectl -n kube-system exec -it \$etcd_pod_name \ +# -- /bin/sh -c "ETCDCTL_API=3 etcdctl member list --endpoints=https://[127.0.0.1]:2379 \ +# --cacert=/etc/kubernetes/pki/etcd/ca.crt --cert=/etc/kubernetes/pki/etcd/healthcheck-client.crt \ +# --key=/etc/kubernetes/pki/etcd/healthcheck-client.key" | /bin/grep ", \$not_ready_node" | /usr/bin/awk -F',' '{print \$1}') +#/usr/bin/sudo -i -u ${k8s_os_user} /usr/bin/kubectl -n kube-system exec -it \$etcd_pod_name \ +# -- /bin/sh -c "ETCDCTL_API=3 etcdctl member remove \$etcd_member_id --endpoints=https://[127.0.0.1]:2379 \ +# --cacert=/etc/kubernetes/pki/etcd/ca.crt --cert=/etc/kubernetes/pki/etcd/healthcheck-client.crt \ +# --key=/etc/kubernetes/pki/etcd/healthcheck-client.key" +#/usr/bin/sudo -i -u ${k8s_os_user} /usr/bin/kubectl delete node \$not_ready_node +# +#fi +# +#EOF +# sudo mv /tmp/remove-etcd-member.sh /usr/local/bin/remove-etcd-member.sh +# sudo chmod 755 /usr/local/bin/remove-etcd-member.sh +# sleep 300 +# sudo bash -c 'echo "* * * * * root /usr/local/bin/remove-etcd-member.sh >> /var/log/cron_k8s.log 2>&1" >> /etc/crontab' sudo -i -u ${k8s_os_user} helm repo update -sudo bash -c 'echo "* * * * * root /usr/local/bin/remove-etcd-member.sh >> /var/log/cron_k8s.log 2>&1" >> /etc/crontab' wget https://releases.hashicorp.com/terraform/0.12.3/terraform_0.12.3_linux_amd64.zip -O /tmp/terraform_0.12.3_linux_amd64.zip unzip /tmp/terraform_0.12.3_linux_amd64.zip -d /tmp/ sudo mv /tmp/terraform /usr/local/bin/ From 540c520ca61f241c6d25dfd29211b02643605ba6 Mon Sep 17 00:00:00 2001 From: Oleh Martushevskyi Date: Mon, 15 Jul 2019 14:15:54 +0300 Subject: [PATCH 34/46] [DLAB-792]: refactored DLab terraform --- .../aws/{modules/ami => ami/main}/ami.tf | 0 .../{modules/ami => ami/main}/variables.tf | 0 .../{modules/common => common/main}/iam.tf | 0 .../common => common/main}/network.tf | 0 .../common => common/main}/variables.tf | 0 .../main}/instance.tf | 0 .../variables.tf => data_engine/main/main.tf} | 3 +- .../main}/variables.tf | 0 .../aws/{modules/emr => emr/main}/instance.tf | 0 .../terraform/aws/emr/main/main.tf | 0 .../{modules/emr => emr/main}/variables.tf | 0 .../endpoint => endpoint/main}/README.md | 0 .../main}/files/assume-policy.json | 0 .../main}/files/endpoint-policy.json | 0 .../endpoint => endpoint/main}/iam.tf | 0 .../endpoint => endpoint/main}/instance.tf | 0 .../terraform/aws/endpoint/main/main.tf | 0 .../endpoint => endpoint/main}/network.tf | 0 .../endpoint => endpoint/main}/variables.tf | 0 .../terraform/aws/main/main.tf | 166 ------------------ .../aws/modules/ssn-k8s/variables.tf | 62 ------- .../notebook => notebooks/main}/instance.tf | 0 .../terraform/aws/notebooks/main/main.tf | 0 .../notebook => notebooks/main}/variables.tf | 0 .../main}/dlab-ui-chart/.helmignore | 0 .../main}/dlab-ui-chart/Chart.yaml | 0 .../main}/dlab-ui-chart/templates/NOTES.txt | 0 .../dlab-ui-chart/templates/_helpers.tpl | 0 .../dlab-ui-chart/templates/deployment.yaml | 0 .../dlab-ui-chart/templates/ingress.yaml | 0 .../dlab-ui-chart/templates/service.yaml | 0 .../main}/dlab-ui-chart/values.yaml | 0 .../main}/dlab-ui.tf | 11 +- .../main}/ingress.yaml | 0 .../main}/keycloak.tf | 2 +- .../main/main.tf} | 12 +- .../mongo => ssn-helm-charts/main}/mongo.tf | 10 +- .../main}/mysql.tf | 0 .../nginx => ssn-helm-charts/main}/nginx.tf | 9 +- .../main}/variables.tf | 9 + .../ssn-k8s => ssn-k8s/main}/README.md | 0 .../main}/auto_scaling_groups.tf | 4 +- .../main}/files/assume-policy.json | 0 .../main}/files/masters-user-data.sh | 0 .../main}/files/ssn-policy.json.tpl | 0 .../main}/files/workers-user-data.sh | 0 .../{modules/ssn-k8s => ssn-k8s/main}/lb.tf | 0 .../terraform/aws/ssn-k8s/main/main.tf | 5 + .../ssn-k8s => ssn-k8s/main}/role_policy.tf | 4 +- .../{modules/ssn-k8s => ssn-k8s/main}/s3.tf | 0 .../main}/security_groups.tf | 0 .../aws/{ => ssn-k8s}/main/variables.tf | 90 +--------- .../{modules/ssn-k8s => ssn-k8s/main}/vpc.tf | 0 53 files changed, 32 insertions(+), 355 deletions(-) rename infrastructure-provisioning/terraform/aws/{modules/ami => ami/main}/ami.tf (100%) rename infrastructure-provisioning/terraform/aws/{modules/ami => ami/main}/variables.tf (100%) rename infrastructure-provisioning/terraform/aws/{modules/common => common/main}/iam.tf (100%) rename infrastructure-provisioning/terraform/aws/{modules/common => common/main}/network.tf (100%) rename infrastructure-provisioning/terraform/aws/{modules/common => common/main}/variables.tf (100%) rename infrastructure-provisioning/terraform/aws/{modules/data_engine => data_engine/main}/instance.tf (100%) rename infrastructure-provisioning/terraform/aws/{modules/keycloak/variables.tf => data_engine/main/main.tf} (98%) rename infrastructure-provisioning/terraform/aws/{modules/data_engine => data_engine/main}/variables.tf (100%) rename infrastructure-provisioning/terraform/aws/{modules/emr => emr/main}/instance.tf (100%) create mode 100644 infrastructure-provisioning/terraform/aws/emr/main/main.tf rename infrastructure-provisioning/terraform/aws/{modules/emr => emr/main}/variables.tf (100%) rename infrastructure-provisioning/terraform/aws/{modules/endpoint => endpoint/main}/README.md (100%) rename infrastructure-provisioning/terraform/aws/{modules/endpoint => endpoint/main}/files/assume-policy.json (100%) rename infrastructure-provisioning/terraform/aws/{modules/endpoint => endpoint/main}/files/endpoint-policy.json (100%) rename infrastructure-provisioning/terraform/aws/{modules/endpoint => endpoint/main}/iam.tf (100%) rename infrastructure-provisioning/terraform/aws/{modules/endpoint => endpoint/main}/instance.tf (100%) create mode 100644 infrastructure-provisioning/terraform/aws/endpoint/main/main.tf rename infrastructure-provisioning/terraform/aws/{modules/endpoint => endpoint/main}/network.tf (100%) rename infrastructure-provisioning/terraform/aws/{modules/endpoint => endpoint/main}/variables.tf (100%) delete mode 100644 infrastructure-provisioning/terraform/aws/main/main.tf delete mode 100644 infrastructure-provisioning/terraform/aws/modules/ssn-k8s/variables.tf rename infrastructure-provisioning/terraform/aws/{modules/notebook => notebooks/main}/instance.tf (100%) create mode 100644 infrastructure-provisioning/terraform/aws/notebooks/main/main.tf rename infrastructure-provisioning/terraform/aws/{modules/notebook => notebooks/main}/variables.tf (100%) rename infrastructure-provisioning/terraform/aws/{modules/dlab-ui => ssn-helm-charts/main}/dlab-ui-chart/.helmignore (100%) rename infrastructure-provisioning/terraform/aws/{modules/dlab-ui => ssn-helm-charts/main}/dlab-ui-chart/Chart.yaml (100%) rename infrastructure-provisioning/terraform/aws/{modules/dlab-ui => ssn-helm-charts/main}/dlab-ui-chart/templates/NOTES.txt (100%) rename infrastructure-provisioning/terraform/aws/{modules/dlab-ui => ssn-helm-charts/main}/dlab-ui-chart/templates/_helpers.tpl (100%) rename infrastructure-provisioning/terraform/aws/{modules/dlab-ui => ssn-helm-charts/main}/dlab-ui-chart/templates/deployment.yaml (100%) rename infrastructure-provisioning/terraform/aws/{modules/dlab-ui => ssn-helm-charts/main}/dlab-ui-chart/templates/ingress.yaml (100%) rename infrastructure-provisioning/terraform/aws/{modules/dlab-ui => ssn-helm-charts/main}/dlab-ui-chart/templates/service.yaml (100%) rename infrastructure-provisioning/terraform/aws/{modules/dlab-ui => ssn-helm-charts/main}/dlab-ui-chart/values.yaml (100%) rename infrastructure-provisioning/terraform/aws/{modules/dlab-ui => ssn-helm-charts/main}/dlab-ui.tf (81%) rename infrastructure-provisioning/terraform/aws/{modules/keycloak => ssn-helm-charts/main}/ingress.yaml (100%) rename infrastructure-provisioning/terraform/aws/{modules/keycloak => ssn-helm-charts/main}/keycloak.tf (97%) rename infrastructure-provisioning/terraform/aws/{modules/nginx/variables.tf => ssn-helm-charts/main/main.tf} (79%) rename infrastructure-provisioning/terraform/aws/{modules/mongo => ssn-helm-charts/main}/mongo.tf (88%) rename infrastructure-provisioning/terraform/aws/{modules/keycloak => ssn-helm-charts/main}/mysql.tf (100%) rename infrastructure-provisioning/terraform/aws/{modules/nginx => ssn-helm-charts/main}/nginx.tf (86%) rename infrastructure-provisioning/terraform/aws/{modules/mongo => ssn-helm-charts/main}/variables.tf (85%) rename infrastructure-provisioning/terraform/aws/{modules/ssn-k8s => ssn-k8s/main}/README.md (100%) rename infrastructure-provisioning/terraform/aws/{modules/ssn-k8s => ssn-k8s/main}/auto_scaling_groups.tf (97%) rename infrastructure-provisioning/terraform/aws/{modules/ssn-k8s => ssn-k8s/main}/files/assume-policy.json (100%) rename infrastructure-provisioning/terraform/aws/{modules/ssn-k8s => ssn-k8s/main}/files/masters-user-data.sh (100%) rename infrastructure-provisioning/terraform/aws/{modules/ssn-k8s => ssn-k8s/main}/files/ssn-policy.json.tpl (100%) rename infrastructure-provisioning/terraform/aws/{modules/ssn-k8s => ssn-k8s/main}/files/workers-user-data.sh (100%) rename infrastructure-provisioning/terraform/aws/{modules/ssn-k8s => ssn-k8s/main}/lb.tf (100%) create mode 100644 infrastructure-provisioning/terraform/aws/ssn-k8s/main/main.tf rename infrastructure-provisioning/terraform/aws/{modules/ssn-k8s => ssn-k8s/main}/role_policy.tf (92%) rename infrastructure-provisioning/terraform/aws/{modules/ssn-k8s => ssn-k8s/main}/s3.tf (100%) rename infrastructure-provisioning/terraform/aws/{modules/ssn-k8s => ssn-k8s/main}/security_groups.tf (100%) rename infrastructure-provisioning/terraform/aws/{ => ssn-k8s}/main/variables.tf (68%) rename infrastructure-provisioning/terraform/aws/{modules/ssn-k8s => ssn-k8s/main}/vpc.tf (100%) diff --git a/infrastructure-provisioning/terraform/aws/modules/ami/ami.tf b/infrastructure-provisioning/terraform/aws/ami/main/ami.tf similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/ami/ami.tf rename to infrastructure-provisioning/terraform/aws/ami/main/ami.tf diff --git a/infrastructure-provisioning/terraform/aws/modules/ami/variables.tf b/infrastructure-provisioning/terraform/aws/ami/main/variables.tf similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/ami/variables.tf rename to infrastructure-provisioning/terraform/aws/ami/main/variables.tf diff --git a/infrastructure-provisioning/terraform/aws/modules/common/iam.tf b/infrastructure-provisioning/terraform/aws/common/main/iam.tf similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/common/iam.tf rename to infrastructure-provisioning/terraform/aws/common/main/iam.tf diff --git a/infrastructure-provisioning/terraform/aws/modules/common/network.tf b/infrastructure-provisioning/terraform/aws/common/main/network.tf similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/common/network.tf rename to infrastructure-provisioning/terraform/aws/common/main/network.tf diff --git a/infrastructure-provisioning/terraform/aws/modules/common/variables.tf b/infrastructure-provisioning/terraform/aws/common/main/variables.tf similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/common/variables.tf rename to infrastructure-provisioning/terraform/aws/common/main/variables.tf diff --git a/infrastructure-provisioning/terraform/aws/modules/data_engine/instance.tf b/infrastructure-provisioning/terraform/aws/data_engine/main/instance.tf similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/data_engine/instance.tf rename to infrastructure-provisioning/terraform/aws/data_engine/main/instance.tf diff --git a/infrastructure-provisioning/terraform/aws/modules/keycloak/variables.tf b/infrastructure-provisioning/terraform/aws/data_engine/main/main.tf similarity index 98% rename from infrastructure-provisioning/terraform/aws/modules/keycloak/variables.tf rename to infrastructure-provisioning/terraform/aws/data_engine/main/main.tf index 04cd33e121..39191b2723 100644 --- a/infrastructure-provisioning/terraform/aws/modules/keycloak/variables.tf +++ b/infrastructure-provisioning/terraform/aws/data_engine/main/main.tf @@ -17,4 +17,5 @@ # specific language governing permissions and limitations # under the License. # -# ****************************************************************************** \ No newline at end of file +# ****************************************************************************** + diff --git a/infrastructure-provisioning/terraform/aws/modules/data_engine/variables.tf b/infrastructure-provisioning/terraform/aws/data_engine/main/variables.tf similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/data_engine/variables.tf rename to infrastructure-provisioning/terraform/aws/data_engine/main/variables.tf diff --git a/infrastructure-provisioning/terraform/aws/modules/emr/instance.tf b/infrastructure-provisioning/terraform/aws/emr/main/instance.tf similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/emr/instance.tf rename to infrastructure-provisioning/terraform/aws/emr/main/instance.tf diff --git a/infrastructure-provisioning/terraform/aws/emr/main/main.tf b/infrastructure-provisioning/terraform/aws/emr/main/main.tf new file mode 100644 index 0000000000..e69de29bb2 diff --git a/infrastructure-provisioning/terraform/aws/modules/emr/variables.tf b/infrastructure-provisioning/terraform/aws/emr/main/variables.tf similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/emr/variables.tf rename to infrastructure-provisioning/terraform/aws/emr/main/variables.tf diff --git a/infrastructure-provisioning/terraform/aws/modules/endpoint/README.md b/infrastructure-provisioning/terraform/aws/endpoint/main/README.md similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/endpoint/README.md rename to infrastructure-provisioning/terraform/aws/endpoint/main/README.md diff --git a/infrastructure-provisioning/terraform/aws/modules/endpoint/files/assume-policy.json b/infrastructure-provisioning/terraform/aws/endpoint/main/files/assume-policy.json similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/endpoint/files/assume-policy.json rename to infrastructure-provisioning/terraform/aws/endpoint/main/files/assume-policy.json diff --git a/infrastructure-provisioning/terraform/aws/modules/endpoint/files/endpoint-policy.json b/infrastructure-provisioning/terraform/aws/endpoint/main/files/endpoint-policy.json similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/endpoint/files/endpoint-policy.json rename to infrastructure-provisioning/terraform/aws/endpoint/main/files/endpoint-policy.json diff --git a/infrastructure-provisioning/terraform/aws/modules/endpoint/iam.tf b/infrastructure-provisioning/terraform/aws/endpoint/main/iam.tf similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/endpoint/iam.tf rename to infrastructure-provisioning/terraform/aws/endpoint/main/iam.tf diff --git a/infrastructure-provisioning/terraform/aws/modules/endpoint/instance.tf b/infrastructure-provisioning/terraform/aws/endpoint/main/instance.tf similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/endpoint/instance.tf rename to infrastructure-provisioning/terraform/aws/endpoint/main/instance.tf diff --git a/infrastructure-provisioning/terraform/aws/endpoint/main/main.tf b/infrastructure-provisioning/terraform/aws/endpoint/main/main.tf new file mode 100644 index 0000000000..e69de29bb2 diff --git a/infrastructure-provisioning/terraform/aws/modules/endpoint/network.tf b/infrastructure-provisioning/terraform/aws/endpoint/main/network.tf similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/endpoint/network.tf rename to infrastructure-provisioning/terraform/aws/endpoint/main/network.tf diff --git a/infrastructure-provisioning/terraform/aws/modules/endpoint/variables.tf b/infrastructure-provisioning/terraform/aws/endpoint/main/variables.tf similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/endpoint/variables.tf rename to infrastructure-provisioning/terraform/aws/endpoint/main/variables.tf diff --git a/infrastructure-provisioning/terraform/aws/main/main.tf b/infrastructure-provisioning/terraform/aws/main/main.tf deleted file mode 100644 index 26ee5ec3a1..0000000000 --- a/infrastructure-provisioning/terraform/aws/main/main.tf +++ /dev/null @@ -1,166 +0,0 @@ -# ***************************************************************************** -# -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. -# -# ****************************************************************************** - -provider "aws" { - region = var.region - access_key = var.access_key_id - secret_key = var.secret_access_key -} - -module "ssn-k8s" { - source = "../modules/ssn-k8s" - service_base_name = var.service_base_name - vpc_id = var.vpc_id - vpc_cidr = var.vpc_cidr - subnet_id_a = var.subnet_id_a - subnet_id_b = var.subnet_id_b - env_os = var.env_os - ami = var.ami - key_name = var.key_name - region = var.region - zone = var.zone - ssn_k8s_masters_count = var.ssn_k8s_masters_count - ssn_k8s_workers_count = var.ssn_k8s_workers_count - ssn_root_volume_size = var.ssn_root_volume_size - allowed_cidrs = var.allowed_cidrs - subnet_cidr_a = var.subnet_cidr_a - subnet_cidr_b = var.subnet_cidr_b - subnet_cidr_c = var.subnet_cidr_c - ssn_k8s_masters_shape = var.ssn_k8s_masters_shape - ssn_k8s_workers_shape = var.ssn_k8s_workers_shape - os_user = var.os_user -} - -module "common" { - source = "../modules/common" - project_tag = "${var.project_tag}" - endpoint_tag = "${var.endpoint_tag}" - user_tag = "${var.user_tag}" - custom_tag = "${var.custom_tag}" - notebook_name = "${var.notebook_name}" - region = "${var.region}" - zone = "${var.zone}" - product = "${var.product_name}" - vpc = "${var.vpc_id}" - cidr_range = "${var.note_cidr_range}" - traefik_cidr = "${var.traefik_cidr}" - instance_type = "${var.instance_type}" -} - -module "notebook" { - source = "../modules/notebook" - project_tag = "${var.project_tag}" - endpoint_tag = "${var.endpoint_tag}" - user_tag = "${var.user_tag}" - custom_tag = "${var.custom_tag}" - notebook_name = "${var.notebook_name}" - subnet_id = "${var.subnet_id_a}" - nb-sg_id = "${var.nb-sg_id}" - note_profile_name = "${var.note_profile_name}" - product = "${var.product_name}" - note_ami = "${var.note_ami}" - instance_type = "${var.instance_type}" - key_name = "${var.key_name}" -} - -module "data_engine" { - source = "../modules/data_engine" - project_tag = "${var.project_tag}" - endpoint_tag = "${var.endpoint_tag}" - user_tag = "${var.user_tag}" - custom_tag = "${var.custom_tag}" - notebook_name = "${var.notebook_name}" - subnet_id = "${var.subnet_id_a}" - nb-sg_id = "${var.nb-sg_id}" - note_profile_name = "${var.note_profile_name}" - product = "${var.product_name}" - note_ami = "${var.note_ami}" - instance_type = "${var.instance_type}" - key_name = "${var.key_name}" - cluster_name = "${var.cluster_name}" - slave_count = "${var.slave_count}" - ami = "${var.ami}" -} - -module "emr" { - source = "../modules/emr" - project_tag = "${var.project_tag}" - endpoint_tag = "${var.endpoint_tag}" - user_tag = "${var.user_tag}" - custom_tag = "${var.custom_tag}" - notebook_name = "${var.notebook_name}" - subnet_id = "${var.subnet_id_a}" - nb-sg_id = "${var.nb-sg_id}" - note_profile_name = "${var.note_profile_name}" - product = "${var.product_name}" - note_ami = "${var.note_ami}" - emr_template = "${var.emr_template}" - master_shape = "${var.master_shape}" - slave_shape = "${var.slave_shape}" - key_name = "${var.key_name}" - cluster_name = "${var.cluster_name}" - instance_count = "${var.instance_count}" - bid_price = "${var.bid_price}" -} - -module "ami" { - source = "../modules/ami" - source_instance_id = "${var.source_instance_id}" - project_tag = "${var.project_tag}" - notebook_name = "${var.notebook_name}" -} - -module "endpoint" { - source = "../modules/endpoint" - service_base_name = var.service_base_name - region = var.region - zone = var.zone - product = var.product_name - subnet_cidr = var.subnet_cidr_a - endpoint_instance_shape = var.endpoint_instance_shape - key_name = var.key_name - ami = var.ami - vpc_id = var.vpc_id - subnet_id = var.subnet_id_a - network_type = var.network_type - vpc_cidr = var.vpc_cidr - endpoint_volume_size = var.endpoint_volume_size -} - -module "nginx" { - source = "../modules/nginx" -} - -module "mongo" { - source = "../modules/mongo" -} - -module "keycloak" { - source = "../modules/keycloak" -} - -module "dlab-ui" { - source = "../modules/dlab-ui" -} - -output "ssn_k8s_masters_ip_addresses" { - value = module.ssn-k8s.ssn_k8s_masters_ip_addresses -} \ No newline at end of file diff --git a/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/variables.tf b/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/variables.tf deleted file mode 100644 index a9ef123e4a..0000000000 --- a/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/variables.tf +++ /dev/null @@ -1,62 +0,0 @@ -# ***************************************************************************** -# -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. -# -# ****************************************************************************** - -variable "service_base_name" {} - -variable "vpc_id" {} - -variable "vpc_cidr" {} - -variable "subnet_id_a" {} - -variable "subnet_id_b" {} - -variable "subnet_cidr_a" {} - -variable "subnet_cidr_b" {} - -variable "subnet_cidr_c" {} - -variable "env_os" {} - -variable "ami" {} - -variable "key_name" {} - -variable "region" {} - -variable "zone" {} - -variable "ssn_k8s_masters_count" {} - -variable "ssn_k8s_workers_count" {} - -variable "ssn_root_volume_size" {} - -variable "allowed_cidrs" { - type = list -} - -variable "ssn_k8s_masters_shape" {} - -variable "ssn_k8s_workers_shape" {} - -variable "os_user" {} diff --git a/infrastructure-provisioning/terraform/aws/modules/notebook/instance.tf b/infrastructure-provisioning/terraform/aws/notebooks/main/instance.tf similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/notebook/instance.tf rename to infrastructure-provisioning/terraform/aws/notebooks/main/instance.tf diff --git a/infrastructure-provisioning/terraform/aws/notebooks/main/main.tf b/infrastructure-provisioning/terraform/aws/notebooks/main/main.tf new file mode 100644 index 0000000000..e69de29bb2 diff --git a/infrastructure-provisioning/terraform/aws/modules/notebook/variables.tf b/infrastructure-provisioning/terraform/aws/notebooks/main/variables.tf similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/notebook/variables.tf rename to infrastructure-provisioning/terraform/aws/notebooks/main/variables.tf diff --git a/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/.helmignore b/infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/dlab-ui-chart/.helmignore similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/.helmignore rename to infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/dlab-ui-chart/.helmignore diff --git a/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/Chart.yaml b/infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/dlab-ui-chart/Chart.yaml similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/Chart.yaml rename to infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/dlab-ui-chart/Chart.yaml diff --git a/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/NOTES.txt b/infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/dlab-ui-chart/templates/NOTES.txt similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/NOTES.txt rename to infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/dlab-ui-chart/templates/NOTES.txt diff --git a/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/_helpers.tpl b/infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/dlab-ui-chart/templates/_helpers.tpl similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/_helpers.tpl rename to infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/dlab-ui-chart/templates/_helpers.tpl diff --git a/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/deployment.yaml b/infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/dlab-ui-chart/templates/deployment.yaml similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/deployment.yaml rename to infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/dlab-ui-chart/templates/deployment.yaml diff --git a/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/ingress.yaml b/infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/dlab-ui-chart/templates/ingress.yaml similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/ingress.yaml rename to infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/dlab-ui-chart/templates/ingress.yaml diff --git a/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/service.yaml b/infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/dlab-ui-chart/templates/service.yaml similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/templates/service.yaml rename to infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/dlab-ui-chart/templates/service.yaml diff --git a/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/values.yaml b/infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/dlab-ui-chart/values.yaml similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui-chart/values.yaml rename to infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/dlab-ui-chart/values.yaml diff --git a/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui.tf b/infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/dlab-ui.tf similarity index 81% rename from infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui.tf rename to infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/dlab-ui.tf index 2cf2426331..fd818e84cb 100644 --- a/infrastructure-provisioning/terraform/aws/modules/dlab-ui/dlab-ui.tf +++ b/infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/dlab-ui.tf @@ -19,15 +19,8 @@ # # ****************************************************************************** -provider "helm" { - install_tiller = true - namespace = "kube-system" - service_account = "tiller" - tiller_image = "gcr.io/kubernetes-helm/tiller:v2.14.1" -} - - resource "helm_release" "dlab-ui" { name = "dlab-ui" - chart = "../modules/dlab-ui/dlab-ui-chart" + chart = "./dlab-ui-chart" + depends_on = [helm_release.mongodb] } diff --git a/infrastructure-provisioning/terraform/aws/modules/keycloak/ingress.yaml b/infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/ingress.yaml similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/keycloak/ingress.yaml rename to infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/ingress.yaml diff --git a/infrastructure-provisioning/terraform/aws/modules/keycloak/keycloak.tf b/infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/keycloak.tf similarity index 97% rename from infrastructure-provisioning/terraform/aws/modules/keycloak/keycloak.tf rename to infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/keycloak.tf index 7b8be2d269..ada495ae9f 100644 --- a/infrastructure-provisioning/terraform/aws/modules/keycloak/keycloak.tf +++ b/infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/keycloak.tf @@ -73,5 +73,5 @@ resource "helm_release" "keycloak" { name = "keycloak.service.nodePort" value = "31088" } - + depends_on = [helm_release.keycloak-mysql] } \ No newline at end of file diff --git a/infrastructure-provisioning/terraform/aws/modules/nginx/variables.tf b/infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/main.tf similarity index 79% rename from infrastructure-provisioning/terraform/aws/modules/nginx/variables.tf rename to infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/main.tf index d6d6143b2c..aa9282f103 100644 --- a/infrastructure-provisioning/terraform/aws/modules/nginx/variables.tf +++ b/infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/main.tf @@ -18,11 +18,9 @@ # under the License. # # ****************************************************************************** -variable "nginx_http_port" { - default = "31080" - description = "Sets the nodePort that maps to the Ingress' port 80" -} -variable "nginx_https_port" { - default = "31443" - description = "Sets the nodePort that maps to the Ingress' port 443" +provider "helm" { + install_tiller = true + namespace = "kube-system" + service_account = "tiller" + tiller_image = "gcr.io/kubernetes-helm/tiller:v2.14.1" } \ No newline at end of file diff --git a/infrastructure-provisioning/terraform/aws/modules/mongo/mongo.tf b/infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/mongo.tf similarity index 88% rename from infrastructure-provisioning/terraform/aws/modules/mongo/mongo.tf rename to infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/mongo.tf index ead3e8e401..ec9b400a3f 100644 --- a/infrastructure-provisioning/terraform/aws/modules/mongo/mongo.tf +++ b/infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/mongo.tf @@ -18,15 +18,8 @@ # under the License. # # ****************************************************************************** -provider "helm" { - install_tiller = true - namespace = "kube-system" - service_account = "tiller" - tiller_image = "gcr.io/kubernetes-helm/tiller:v2.14.1" -} - -resource "helm_release" "my_mongo" { +resource "helm_release" "mongodb" { name = "mongo-ha" chart = "stable/mongodb" @@ -63,4 +56,5 @@ resource "helm_release" "my_mongo" { name = "persistence.enabled" value = "false" } + depends_on = [helm_release.nginx] } diff --git a/infrastructure-provisioning/terraform/aws/modules/keycloak/mysql.tf b/infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/mysql.tf similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/keycloak/mysql.tf rename to infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/mysql.tf diff --git a/infrastructure-provisioning/terraform/aws/modules/nginx/nginx.tf b/infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/nginx.tf similarity index 86% rename from infrastructure-provisioning/terraform/aws/modules/nginx/nginx.tf rename to infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/nginx.tf index 26466b84b9..9b51e84226 100644 --- a/infrastructure-provisioning/terraform/aws/modules/nginx/nginx.tf +++ b/infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/nginx.tf @@ -18,15 +18,8 @@ # under the License. # # ****************************************************************************** -provider "helm" { - install_tiller = true - namespace = "kube-system" - service_account = "tiller" - tiller_image = "gcr.io/kubernetes-helm/tiller:v2.14.1" -} - -resource "helm_release" "my_mongo" { +resource "helm_release" "nginx" { name = "nginx-ingress" chart = "stable/nginx-ingress" diff --git a/infrastructure-provisioning/terraform/aws/modules/mongo/variables.tf b/infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/variables.tf similarity index 85% rename from infrastructure-provisioning/terraform/aws/modules/mongo/variables.tf rename to infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/variables.tf index 16342e5bee..1837993cb0 100644 --- a/infrastructure-provisioning/terraform/aws/modules/mongo/variables.tf +++ b/infrastructure-provisioning/terraform/aws/ssn-helm-charts/main/variables.tf @@ -18,6 +18,15 @@ # under the License. # # ****************************************************************************** +variable "nginx_http_port" { + default = "31080" + description = "Sets the nodePort that maps to the Ingress' port 80" +} +variable "nginx_https_port" { + default = "31443" + description = "Sets the nodePort that maps to the Ingress' port 443" +} + variable "mongo_root_pwd" { default = "$tr0ng_r00T-passworI)" description = "Password for MongoDB root user" diff --git a/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/README.md b/infrastructure-provisioning/terraform/aws/ssn-k8s/main/README.md similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/ssn-k8s/README.md rename to infrastructure-provisioning/terraform/aws/ssn-k8s/main/README.md diff --git a/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/auto_scaling_groups.tf b/infrastructure-provisioning/terraform/aws/ssn-k8s/main/auto_scaling_groups.tf similarity index 97% rename from infrastructure-provisioning/terraform/aws/modules/ssn-k8s/auto_scaling_groups.tf rename to infrastructure-provisioning/terraform/aws/ssn-k8s/main/auto_scaling_groups.tf index 0ee3f3518f..1e2850983a 100644 --- a/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/auto_scaling_groups.tf +++ b/infrastructure-provisioning/terraform/aws/ssn-k8s/main/auto_scaling_groups.tf @@ -24,7 +24,7 @@ locals { } data "template_file" "ssn_k8s_masters_user_data" { - template = file("../modules/ssn-k8s/files/masters-user-data.sh") + template = file("./files/masters-user-data.sh") vars = { k8s-asg = "${var.service_base_name}-ssn-masters" k8s-region = var.region @@ -36,7 +36,7 @@ data "template_file" "ssn_k8s_masters_user_data" { } data "template_file" "ssn_k8s_workers_user_data" { - template = file("../modules/ssn-k8s/files/workers-user-data.sh") + template = file("./files/workers-user-data.sh") vars = { k8s-bucket-name = aws_s3_bucket.ssn_k8s_bucket.id k8s_os_user = var.os_user diff --git a/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/files/assume-policy.json b/infrastructure-provisioning/terraform/aws/ssn-k8s/main/files/assume-policy.json similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/ssn-k8s/files/assume-policy.json rename to infrastructure-provisioning/terraform/aws/ssn-k8s/main/files/assume-policy.json diff --git a/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/files/masters-user-data.sh b/infrastructure-provisioning/terraform/aws/ssn-k8s/main/files/masters-user-data.sh similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/ssn-k8s/files/masters-user-data.sh rename to infrastructure-provisioning/terraform/aws/ssn-k8s/main/files/masters-user-data.sh diff --git a/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/files/ssn-policy.json.tpl b/infrastructure-provisioning/terraform/aws/ssn-k8s/main/files/ssn-policy.json.tpl similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/ssn-k8s/files/ssn-policy.json.tpl rename to infrastructure-provisioning/terraform/aws/ssn-k8s/main/files/ssn-policy.json.tpl diff --git a/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/files/workers-user-data.sh b/infrastructure-provisioning/terraform/aws/ssn-k8s/main/files/workers-user-data.sh similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/ssn-k8s/files/workers-user-data.sh rename to infrastructure-provisioning/terraform/aws/ssn-k8s/main/files/workers-user-data.sh diff --git a/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/lb.tf b/infrastructure-provisioning/terraform/aws/ssn-k8s/main/lb.tf similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/ssn-k8s/lb.tf rename to infrastructure-provisioning/terraform/aws/ssn-k8s/main/lb.tf diff --git a/infrastructure-provisioning/terraform/aws/ssn-k8s/main/main.tf b/infrastructure-provisioning/terraform/aws/ssn-k8s/main/main.tf new file mode 100644 index 0000000000..a34a0790bf --- /dev/null +++ b/infrastructure-provisioning/terraform/aws/ssn-k8s/main/main.tf @@ -0,0 +1,5 @@ +provider "aws" { + region = var.region + access_key = var.access_key_id + secret_key = var.secret_access_key +} \ No newline at end of file diff --git a/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/role_policy.tf b/infrastructure-provisioning/terraform/aws/ssn-k8s/main/role_policy.tf similarity index 92% rename from infrastructure-provisioning/terraform/aws/modules/ssn-k8s/role_policy.tf rename to infrastructure-provisioning/terraform/aws/ssn-k8s/main/role_policy.tf index 1e7f947ba6..c6f9fc8a79 100644 --- a/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/role_policy.tf +++ b/infrastructure-provisioning/terraform/aws/ssn-k8s/main/role_policy.tf @@ -20,7 +20,7 @@ # ****************************************************************************** data "template_file" "ssn_k8s_s3_policy" { - template = file("../modules/ssn-k8s/files/ssn-policy.json.tpl") + template = file("./files/ssn-policy.json.tpl") vars = { bucket_arn = aws_s3_bucket.ssn_k8s_bucket.arn } @@ -34,7 +34,7 @@ resource "aws_iam_policy" "ssn_k8s_policy" { resource "aws_iam_role" "ssn_k8s_role" { name = "${var.service_base_name}-ssn-role" - assume_role_policy = file("../modules/ssn-k8s/files/assume-policy.json") + assume_role_policy = file("./files/assume-policy.json") tags = { Name = "${var.service_base_name}-ssn-role" } diff --git a/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/s3.tf b/infrastructure-provisioning/terraform/aws/ssn-k8s/main/s3.tf similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/ssn-k8s/s3.tf rename to infrastructure-provisioning/terraform/aws/ssn-k8s/main/s3.tf diff --git a/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/security_groups.tf b/infrastructure-provisioning/terraform/aws/ssn-k8s/main/security_groups.tf similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/ssn-k8s/security_groups.tf rename to infrastructure-provisioning/terraform/aws/ssn-k8s/main/security_groups.tf diff --git a/infrastructure-provisioning/terraform/aws/main/variables.tf b/infrastructure-provisioning/terraform/aws/ssn-k8s/main/variables.tf similarity index 68% rename from infrastructure-provisioning/terraform/aws/main/variables.tf rename to infrastructure-provisioning/terraform/aws/ssn-k8s/main/variables.tf index fc50cf2898..1459959e47 100644 --- a/infrastructure-provisioning/terraform/aws/main/variables.tf +++ b/infrastructure-provisioning/terraform/aws/ssn-k8s/main/variables.tf @@ -95,92 +95,4 @@ variable "ssn_k8s_masters_shape" { variable "ssn_k8s_workers_shape" { default = "t2.medium" -} - -variable "endpoint_tag" { - default = "" -} - -variable "user_tag" { - default = "" -} - -variable "custom_tag" { - default = "" -} - -variable "notebook_name" { - default = "" -} - -variable "product_name" { - default = "" -} - -variable "nb-sg_id" { - default = "" -} - -variable "note_profile_name" { - default = "" -} - -variable "note_cidr_range" { - default = "" -} - -variable "traefik_cidr" { - default = "" -} - -variable "note_ami" { - default = "" -} - -variable "instance_type" { - default = "" -} - -variable "cluster_name" { - default = "" -} - -variable "slave_count" { - default = 1 -} - -variable "emr_template" { - default = "" -} - -variable "master_shape" { - default = "" -} - -variable "slave_shape" { - default = "" -} - -variable "instance_count" { - default = 1 -} - -variable "bid_price" { - default = "" -} - -variable "source_instance_id" { - default = "" -} - -variable "endpoint_instance_shape" { - default = "t2.medium" -} - -variable "network_type" { - default = "public" -} - -variable "endpoint_volume_size" { - default = "30" -} +} \ No newline at end of file diff --git a/infrastructure-provisioning/terraform/aws/modules/ssn-k8s/vpc.tf b/infrastructure-provisioning/terraform/aws/ssn-k8s/main/vpc.tf similarity index 100% rename from infrastructure-provisioning/terraform/aws/modules/ssn-k8s/vpc.tf rename to infrastructure-provisioning/terraform/aws/ssn-k8s/main/vpc.tf From bdc47694f02bb4af8d2df216b038d506cd253329 Mon Sep 17 00:00:00 2001 From: Oleh Martushevskyi Date: Mon, 15 Jul 2019 14:31:44 +0300 Subject: [PATCH 35/46] [DLAB-792]: refactored DLab terraform --- .../ami/main/ami.tf | 0 .../ami/main/variables.tf | 0 .../common/main/iam.tf | 0 .../common/main/network.tf | 0 .../common/main/variables.tf | 0 .../data_engine/main/instance.tf | 0 .../data_engine/main/main.tf | 0 .../data_engine/main/variables.tf | 0 .../emr/main/instance.tf | 0 .../emr/main/main.tf | 0 .../emr/main/variables.tf | 0 .../notebooks/main/instance.tf | 0 .../notebooks/main/main.tf | 0 .../notebooks/main/variables.tf | 0 .../terraform/aws/endpoint/main/main.tf | 26 +++++++++++++++++++ .../terraform/aws/endpoint/main/variables.tf | 7 +++++ .../terraform/aws/ssn-k8s/main/main.tf | 21 +++++++++++++++ 17 files changed, 54 insertions(+) rename infrastructure-provisioning/terraform/aws/{ => computational_resources}/ami/main/ami.tf (100%) rename infrastructure-provisioning/terraform/aws/{ => computational_resources}/ami/main/variables.tf (100%) rename infrastructure-provisioning/terraform/aws/{ => computational_resources}/common/main/iam.tf (100%) rename infrastructure-provisioning/terraform/aws/{ => computational_resources}/common/main/network.tf (100%) rename infrastructure-provisioning/terraform/aws/{ => computational_resources}/common/main/variables.tf (100%) rename infrastructure-provisioning/terraform/aws/{ => computational_resources}/data_engine/main/instance.tf (100%) rename infrastructure-provisioning/terraform/aws/{ => computational_resources}/data_engine/main/main.tf (100%) rename infrastructure-provisioning/terraform/aws/{ => computational_resources}/data_engine/main/variables.tf (100%) rename infrastructure-provisioning/terraform/aws/{ => computational_resources}/emr/main/instance.tf (100%) rename infrastructure-provisioning/terraform/aws/{ => computational_resources}/emr/main/main.tf (100%) rename infrastructure-provisioning/terraform/aws/{ => computational_resources}/emr/main/variables.tf (100%) rename infrastructure-provisioning/terraform/aws/{ => computational_resources}/notebooks/main/instance.tf (100%) rename infrastructure-provisioning/terraform/aws/{ => computational_resources}/notebooks/main/main.tf (100%) rename infrastructure-provisioning/terraform/aws/{ => computational_resources}/notebooks/main/variables.tf (100%) diff --git a/infrastructure-provisioning/terraform/aws/ami/main/ami.tf b/infrastructure-provisioning/terraform/aws/computational_resources/ami/main/ami.tf similarity index 100% rename from infrastructure-provisioning/terraform/aws/ami/main/ami.tf rename to infrastructure-provisioning/terraform/aws/computational_resources/ami/main/ami.tf diff --git a/infrastructure-provisioning/terraform/aws/ami/main/variables.tf b/infrastructure-provisioning/terraform/aws/computational_resources/ami/main/variables.tf similarity index 100% rename from infrastructure-provisioning/terraform/aws/ami/main/variables.tf rename to infrastructure-provisioning/terraform/aws/computational_resources/ami/main/variables.tf diff --git a/infrastructure-provisioning/terraform/aws/common/main/iam.tf b/infrastructure-provisioning/terraform/aws/computational_resources/common/main/iam.tf similarity index 100% rename from infrastructure-provisioning/terraform/aws/common/main/iam.tf rename to infrastructure-provisioning/terraform/aws/computational_resources/common/main/iam.tf diff --git a/infrastructure-provisioning/terraform/aws/common/main/network.tf b/infrastructure-provisioning/terraform/aws/computational_resources/common/main/network.tf similarity index 100% rename from infrastructure-provisioning/terraform/aws/common/main/network.tf rename to infrastructure-provisioning/terraform/aws/computational_resources/common/main/network.tf diff --git a/infrastructure-provisioning/terraform/aws/common/main/variables.tf b/infrastructure-provisioning/terraform/aws/computational_resources/common/main/variables.tf similarity index 100% rename from infrastructure-provisioning/terraform/aws/common/main/variables.tf rename to infrastructure-provisioning/terraform/aws/computational_resources/common/main/variables.tf diff --git a/infrastructure-provisioning/terraform/aws/data_engine/main/instance.tf b/infrastructure-provisioning/terraform/aws/computational_resources/data_engine/main/instance.tf similarity index 100% rename from infrastructure-provisioning/terraform/aws/data_engine/main/instance.tf rename to infrastructure-provisioning/terraform/aws/computational_resources/data_engine/main/instance.tf diff --git a/infrastructure-provisioning/terraform/aws/data_engine/main/main.tf b/infrastructure-provisioning/terraform/aws/computational_resources/data_engine/main/main.tf similarity index 100% rename from infrastructure-provisioning/terraform/aws/data_engine/main/main.tf rename to infrastructure-provisioning/terraform/aws/computational_resources/data_engine/main/main.tf diff --git a/infrastructure-provisioning/terraform/aws/data_engine/main/variables.tf b/infrastructure-provisioning/terraform/aws/computational_resources/data_engine/main/variables.tf similarity index 100% rename from infrastructure-provisioning/terraform/aws/data_engine/main/variables.tf rename to infrastructure-provisioning/terraform/aws/computational_resources/data_engine/main/variables.tf diff --git a/infrastructure-provisioning/terraform/aws/emr/main/instance.tf b/infrastructure-provisioning/terraform/aws/computational_resources/emr/main/instance.tf similarity index 100% rename from infrastructure-provisioning/terraform/aws/emr/main/instance.tf rename to infrastructure-provisioning/terraform/aws/computational_resources/emr/main/instance.tf diff --git a/infrastructure-provisioning/terraform/aws/emr/main/main.tf b/infrastructure-provisioning/terraform/aws/computational_resources/emr/main/main.tf similarity index 100% rename from infrastructure-provisioning/terraform/aws/emr/main/main.tf rename to infrastructure-provisioning/terraform/aws/computational_resources/emr/main/main.tf diff --git a/infrastructure-provisioning/terraform/aws/emr/main/variables.tf b/infrastructure-provisioning/terraform/aws/computational_resources/emr/main/variables.tf similarity index 100% rename from infrastructure-provisioning/terraform/aws/emr/main/variables.tf rename to infrastructure-provisioning/terraform/aws/computational_resources/emr/main/variables.tf diff --git a/infrastructure-provisioning/terraform/aws/notebooks/main/instance.tf b/infrastructure-provisioning/terraform/aws/computational_resources/notebooks/main/instance.tf similarity index 100% rename from infrastructure-provisioning/terraform/aws/notebooks/main/instance.tf rename to infrastructure-provisioning/terraform/aws/computational_resources/notebooks/main/instance.tf diff --git a/infrastructure-provisioning/terraform/aws/notebooks/main/main.tf b/infrastructure-provisioning/terraform/aws/computational_resources/notebooks/main/main.tf similarity index 100% rename from infrastructure-provisioning/terraform/aws/notebooks/main/main.tf rename to infrastructure-provisioning/terraform/aws/computational_resources/notebooks/main/main.tf diff --git a/infrastructure-provisioning/terraform/aws/notebooks/main/variables.tf b/infrastructure-provisioning/terraform/aws/computational_resources/notebooks/main/variables.tf similarity index 100% rename from infrastructure-provisioning/terraform/aws/notebooks/main/variables.tf rename to infrastructure-provisioning/terraform/aws/computational_resources/notebooks/main/variables.tf diff --git a/infrastructure-provisioning/terraform/aws/endpoint/main/main.tf b/infrastructure-provisioning/terraform/aws/endpoint/main/main.tf index e69de29bb2..56d5374d80 100644 --- a/infrastructure-provisioning/terraform/aws/endpoint/main/main.tf +++ b/infrastructure-provisioning/terraform/aws/endpoint/main/main.tf @@ -0,0 +1,26 @@ +# ***************************************************************************** +# +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# +# ****************************************************************************** + +provider "aws" { + region = var.region + access_key = var.access_key_id + secret_key = var.secret_access_key +} \ No newline at end of file diff --git a/infrastructure-provisioning/terraform/aws/endpoint/main/variables.tf b/infrastructure-provisioning/terraform/aws/endpoint/main/variables.tf index d9a755726c..3db3f9123a 100644 --- a/infrastructure-provisioning/terraform/aws/endpoint/main/variables.tf +++ b/infrastructure-provisioning/terraform/aws/endpoint/main/variables.tf @@ -21,6 +21,13 @@ variable "service_base_name" {} +variable "access_key_id" { + default = "" +} +variable "secret_access_key" { + default = "" +} + variable "region" {} variable "zone" {} diff --git a/infrastructure-provisioning/terraform/aws/ssn-k8s/main/main.tf b/infrastructure-provisioning/terraform/aws/ssn-k8s/main/main.tf index a34a0790bf..56d5374d80 100644 --- a/infrastructure-provisioning/terraform/aws/ssn-k8s/main/main.tf +++ b/infrastructure-provisioning/terraform/aws/ssn-k8s/main/main.tf @@ -1,3 +1,24 @@ +# ***************************************************************************** +# +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# +# ****************************************************************************** + provider "aws" { region = var.region access_key = var.access_key_id From 190a9b07d3dbdd2110547d96d02cca22081dae22 Mon Sep 17 00:00:00 2001 From: bohdana_kuzmenko Date: Mon, 15 Jul 2019 16:59:40 +0300 Subject: [PATCH 36/46] Add deploy terraform --- .../terraform/bin/terraform-cli.py | 223 ++++++++++++------ 1 file changed, 147 insertions(+), 76 deletions(-) diff --git a/infrastructure-provisioning/terraform/bin/terraform-cli.py b/infrastructure-provisioning/terraform/bin/terraform-cli.py index f62e852cb0..7c7a863be6 100755 --- a/infrastructure-provisioning/terraform/bin/terraform-cli.py +++ b/infrastructure-provisioning/terraform/bin/terraform-cli.py @@ -3,10 +3,10 @@ import os import abc import argparse -import re -import paramiko import time +from fabric.api import * +from fabric.contrib.files import exists class TerraformProviderError(Exception): @@ -18,7 +18,7 @@ class TerraformProviderError(Exception): class Console: @staticmethod - def exec_command(command): + def execute(command): """ Execute cli command Args: @@ -28,23 +28,10 @@ def exec_command(command): """ return os.popen(command).read() - @staticmethod - def remote(ip, user, pkey=None): - """ Get remote console\ - - Args: - ip: str address - user: str username - pkey: str path to pkey - passwd: str password - Returns: - SSHClient: remoter cli - """ - pkey = paramiko.RSAKey.from_private_key_file(pkey) - ssh = paramiko.SSHClient() - ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) - ssh.connect(ip, username=user, pkey=pkey) - return ssh + def connect_to_ssh(self, ip, name, pkey): + env.hosts = [ip] + env.user = name + env.key_filename = pkey class TerraformProvider: @@ -57,7 +44,7 @@ def initialize(self): TerraformProviderError: if initialization was not succeed """ terraform_success_init = 'Terraform has been successfully initialized!' - terraform_init_result = Console.exec_command('terraform init') + terraform_init_result = Console.execute('terraform init') if terraform_success_init not in terraform_init_result: raise TerraformProviderError(terraform_init_result) @@ -71,33 +58,35 @@ def validate(self): """ terraform_success_validate = 'Success!' - terraform_validate_result = Console.exec_command('terraform validate') + terraform_validate_result = Console.execute('terraform validate') if terraform_success_validate not in terraform_validate_result: raise TerraformProviderError(terraform_validate_result) - def apply(self, cli_args): + def apply(self, target, cli_args): """Run terraform Args: + target: str cli_args: dict of parameters Returns: None """ args_str = self.get_args_string(cli_args) - command = 'terraform apply -auto-approve -target module.ssn-k8s {}' - Console.exec_command(command.format(args_str)) + command = 'terraform apply -auto-approve -target {} {}' + Console.execute(command.format(target, args_str)) - def destroy(self, cli_args): + def destroy(self, target, cli_args): """Destroy terraform Args: + target: str cli_args: dict of parameters Returns: None """ args_str = self.get_args_string(cli_args) - command = 'terraform destroy -auto-approve -target module.ssn-k8s {}' - Console.exec_command(command.format(args_str)) + command = 'terraform destroy -auto-approve -target {} {}' + Console.execute(command.format(target, args_str)) def output(self, *args): """Get terraform output @@ -107,7 +96,7 @@ def output(self, *args): Returns: str: terraform output result """ - return Console.exec_command('terraform output {}'.format(' '.join(args))) + return Console.execute('terraform output {}'.format(' '.join(args))) @staticmethod def get_args_string(cli_args): @@ -199,10 +188,8 @@ def provision(self): try: terraform.initialize() terraform.validate() - if action == 'deploy': terraform.apply(terraform_args) - self.check_k8s_cluster_status() elif action == 'destroy': terraform.destroy(terraform_args) except TerraformProviderError as ex: @@ -223,44 +210,6 @@ def get_node_ip(self, output): raise TerraformProviderError('no ips') return ips[0] - def check_k8s_cluster_status(self): - """ Check for kubernetes status - - Returns: - None - Raises: - TerraformProviderError: if master or kubeDNS is not running - - """ - terraform = TerraformProvider() - output = terraform.output('-json ssn_k8s_masters_ip_addresses') - args = self.parse_args() - - ip = self.get_node_ip(output) - user_name = args.get('terraform_args').get('os_user') - pkey_path = args.get('service_args').get('pkey') - - console = Console.remote(ip, user_name, pkey=pkey_path) - start_time = time.time() - while True: - stdin, stdout, stderr = console.exec_command('kubectl cluster-info | ' - 'sed -r "s/\x1B\[([0-9]{1,2}(;[0-9]{1,2})?)?[mGK]//g"') - outlines = stdout.readlines() - k8c_info_status = ''.join(outlines) - - kubernetes_success_status = 'Kubernetes master is running' - kubernetes_dns_success_status = 'KubeDNS is running' - - kubernetes_succeed = kubernetes_success_status in k8c_info_status - kube_dns_succeed = kubernetes_dns_success_status in k8c_info_status - - if kubernetes_succeed and kube_dns_succeed: - break - if (time.time() - start_time) >= 600: - raise TimeoutError - time.sleep(60) - - class DeployDirector: @@ -320,12 +269,12 @@ def build(self): return self.__params -class AWSSourceBuilder(AbstractDeployBuilder): +class AWSK8sSourceBuilder(AbstractDeployBuilder): @property def terraform_location(self): tf_dir = os.path.abspath(os.path.join(os.getcwd(), os.path.pardir)) - return os.path.join(tf_dir, 'aws/main') + return os.path.join(tf_dir, 'aws/ssn-k8s/main') @property def cli_args(self): @@ -377,18 +326,140 @@ def cli_args(self): .add_str('--vpc_cidr', 'CIDR for VPC creation. Conflicts with vpc_id', default='172.31.0.0/16') .add_str('--vpc_id', 'ID of AWS VPC if you already have VPC created.') - .add_str('--zone', 'Name of AWS zone', default='a')) + .add_str('--zone', 'Name of AWS zone', default='a') + ) + return params.build() + + def check_k8s_cluster_status(self): + """ Check for kubernetes status + + Returns: + None + Raises: + TerraformProviderError: if master or kubeDNS is not running + + """ + terraform = TerraformProvider() + output = terraform.output('-json ssn_k8s_masters_ip_addresses') + args = self.parse_args() + + ip = self.get_node_ip(output) + user_name = args.get('terraform_args').get('os_user') + pkey_path = args.get('service_args').get('pkey') + + Console.connect_to_ssh(ip, user_name, pkey_path) + start_time = time.time() + while True: + stdout = run( + 'kubectl cluster-info | ' + 'sed -r "s/\x1B\[([0-9]{1,2}(;[0-9]{1,2})?)?[mGK]//g"') + outlines = stdout.readlines() + k8c_info_status = ''.join(outlines) + + kubernetes_success_status = 'Kubernetes master is running' + kubernetes_dns_success_status = 'KubeDNS is running' + + kubernetes_succeed = kubernetes_success_status in k8c_info_status + kube_dns_succeed = kubernetes_dns_success_status in k8c_info_status + + if kubernetes_succeed and kube_dns_succeed: + break + if (time.time() - start_time) >= 600: + raise TimeoutError + time.sleep(60) + + def copy_terraform_to_remote(self): + args = self.parse_args() + tf_dir = os.path.abspath(os.path.join(os.getcwd(), os.path.pardir)) + source = os.path.join(tf_dir, 'aws/ss-helm-charts') + user_name = args.get('terraform_args').get('os_user') + put(source, '/home/{}/terraform/'.format(user_name)) + + def run_remote_terraform(self): + run('terraform apply') + + def deploy(self): + self.check_k8s_cluster_status() + self.copy_terraform_to_remote() + self.run_remote_terraform() + + +class AWSEndpointBuilder(AbstractDeployBuilder): + + @property + def terraform_location(self): + tf_dir = os.path.abspath(os.path.join(os.getcwd(), os.path.pardir)) + return os.path.join(tf_dir, 'aws/endpoint/main') + + @property + def cli_args(self): + params = ParamsBuilder() + (params + .add_str('--service_base_name', + 'Any infrastructure value (should be unique if multiple ' + 'SSN\'s have been deployed before). Should be same as on ssn') + .add_str('--vpc_id', 'ID of AWS VPC if you already have VPC created.') + .add_str('--vpc_cidr', 'CIDR for VPC creation. Conflicts with vpc_id.', + default='172.31.0.0/16') + .add_str('--subnet_id', + 'ID of AWS Subnet if you already have subnet created.') + .add_str('--subnet_cidr', + 'CIDR for Subnet creation. Conflicts with subnet_id.', + default='172.31.0.0/24') + .add_str('--ami', 'ID of EC2 AMI.', required=True) + .add_str('--key_name', 'Name of EC2 Key pair.', required=True) + .add_str('--region', 'Name of AWS region.', default='us-west-2') + .add_str('--zone', 'Name of AWS zone.', default='a') + .add_str('--network_type', + 'Type of created network (if network is not existed and ' + 'require creation) for endpoint', + default='public') + .add_str('--endpoint_instance_shape', 'Instance shape of Endpoint.', + default='t2.medium') + .add_int('--endpoint_volume_size', 'Size of root volume in GB.', + default=30) + .add_str('--request_id', 'Request id', is_terraform_param=False) + .add_str('--dlab_path', '', is_terraform_param=False) + .add_str('--resource', '', is_terraform_param=False) + .add_str('--conf_key_name', '', is_terraform_param=False) + .add_str('--pkey', '', is_terraform_param=False, required=True) + .add_str('--hostname', '', is_terraform_param=False) + .add_str('--jar_url', '', is_terraform_param=False) + .add_str('--os_user', '', is_terraform_param=False) + .add_str('--cloud_provider', '', is_terraform_param=False) + .add_str('--ssn_host', '', is_terraform_param=False) + .add_str('--mongo_password', '', is_terraform_param=False) + .add_str('--repository_address', '', is_terraform_param=False) + .add_str('--repository_user', '', is_terraform_param=False) + .add_str('--repository_pass', '', is_terraform_param=False) + .add_str('--docker_version', '', is_terraform_param=False, + default='18.06.3~ce~3-0~ubuntu') + + ) return params.build() def deploy(self): - # os.system('ls -l') - print('installation process') + pass def main(): - # TODO switch case depend on TF file name + parser = argparse.ArgumentParser() + parser.add_argument('--source', help='Target', choices=['aws'], + required=True) + parser.add_argument('--target', help='Source', choices=['k8s', 'endpoint'], + required=True) + arguments = vars(parser.parse_known_args()[0]) + + source = arguments.get('source').lower() + target = arguments.get('target').lower() + + if source == 'aws': + if target == 'k8s': + builder = AWSK8sSourceBuilder() + elif target == 'endpoint': + builder = AWSEndpointBuilder() + deploy_director = DeployDirector() - builder = AWSSourceBuilder() deploy_director.build(builder) From 9ff441725afe9219cb0d299b074b047a242bc7de Mon Sep 17 00:00:00 2001 From: bohdana_kuzmenko Date: Mon, 15 Jul 2019 17:02:48 +0300 Subject: [PATCH 37/46] Remove target --- .../terraform/bin/terraform-cli.py | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/infrastructure-provisioning/terraform/bin/terraform-cli.py b/infrastructure-provisioning/terraform/bin/terraform-cli.py index 7c7a863be6..e136b4e171 100755 --- a/infrastructure-provisioning/terraform/bin/terraform-cli.py +++ b/infrastructure-provisioning/terraform/bin/terraform-cli.py @@ -62,7 +62,7 @@ def validate(self): if terraform_success_validate not in terraform_validate_result: raise TerraformProviderError(terraform_validate_result) - def apply(self, target, cli_args): + def apply(self, cli_args): """Run terraform Args: @@ -72,10 +72,10 @@ def apply(self, target, cli_args): None """ args_str = self.get_args_string(cli_args) - command = 'terraform apply -auto-approve -target {} {}' - Console.execute(command.format(target, args_str)) + command = 'terraform apply -auto-approve {}' + Console.execute(command.format(args_str)) - def destroy(self, target, cli_args): + def destroy(self, cli_args): """Destroy terraform Args: @@ -85,8 +85,8 @@ def destroy(self, target, cli_args): None """ args_str = self.get_args_string(cli_args) - command = 'terraform destroy -auto-approve -target {} {}' - Console.execute(command.format(target, args_str)) + command = 'terraform destroy -auto-approve {}' + Console.execute(command.format(args_str)) def output(self, *args): """Get terraform output From 0200cad22f1084394501f2728cc050d1fb7a88b2 Mon Sep 17 00:00:00 2001 From: Oleh Martushevskyi Date: Mon, 15 Jul 2019 17:34:07 +0300 Subject: [PATCH 38/46] [DLAB-792]: refactored DLab terraform --- .../terraform/aws/endpoint/main/iam.tf | 4 ++-- infrastructure-provisioning/terraform/bin/terraform-cli.py | 6 ++++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/infrastructure-provisioning/terraform/aws/endpoint/main/iam.tf b/infrastructure-provisioning/terraform/aws/endpoint/main/iam.tf index 3500486580..d4b7202617 100644 --- a/infrastructure-provisioning/terraform/aws/endpoint/main/iam.tf +++ b/infrastructure-provisioning/terraform/aws/endpoint/main/iam.tf @@ -26,12 +26,12 @@ locals { } data "template_file" "endpoint_policy" { - template = file("../modules/endpoint/files/endpoint-policy.json") + template = file("./files/endpoint-policy.json") } resource "aws_iam_role" "endpoint_role" { name = local.role_name - assume_role_policy = file("../modules/endpoint/files/assume-policy.json") + assume_role_policy = file("./files/assume-policy.json") tags = { product = "${var.product}" Name = "${local.role_name}" diff --git a/infrastructure-provisioning/terraform/bin/terraform-cli.py b/infrastructure-provisioning/terraform/bin/terraform-cli.py index e136b4e171..8bafad5ec8 100755 --- a/infrastructure-provisioning/terraform/bin/terraform-cli.py +++ b/infrastructure-provisioning/terraform/bin/terraform-cli.py @@ -371,12 +371,14 @@ def check_k8s_cluster_status(self): def copy_terraform_to_remote(self): args = self.parse_args() tf_dir = os.path.abspath(os.path.join(os.getcwd(), os.path.pardir)) - source = os.path.join(tf_dir, 'aws/ss-helm-charts') + source = os.path.join(tf_dir, 'aws/ssn-helm-charts') user_name = args.get('terraform_args').get('os_user') put(source, '/home/{}/terraform/'.format(user_name)) def run_remote_terraform(self): - run('terraform apply') + with cd('terraform/ssn-helm-charts/'): + run('terraform init') + run('terraform apply') def deploy(self): self.check_k8s_cluster_status() From 881ae3149a594a563d0028124af3371f2f955d58 Mon Sep 17 00:00:00 2001 From: bohdana_kuzmenko Date: Mon, 15 Jul 2019 18:00:39 +0300 Subject: [PATCH 39/46] update fabric connection --- .../terraform/bin/terraform-cli.py | 73 +++++++++++++------ 1 file changed, 50 insertions(+), 23 deletions(-) diff --git a/infrastructure-provisioning/terraform/bin/terraform-cli.py b/infrastructure-provisioning/terraform/bin/terraform-cli.py index e136b4e171..8bb1b8b279 100755 --- a/infrastructure-provisioning/terraform/bin/terraform-cli.py +++ b/infrastructure-provisioning/terraform/bin/terraform-cli.py @@ -5,8 +5,7 @@ import argparse import time -from fabric.api import * -from fabric.contrib.files import exists +from fabric import Connection class TerraformProviderError(Exception): @@ -28,10 +27,10 @@ def execute(command): """ return os.popen(command).read() - def connect_to_ssh(self, ip, name, pkey): - env.hosts = [ip] - env.user = name - env.key_filename = pkey + def ssh(self, ip, name, pkey): + return Connection(host=ip, + user=name, + connect_kwargs={'key_filename': pkey}) class TerraformProvider: @@ -271,6 +270,33 @@ def build(self): class AWSK8sSourceBuilder(AbstractDeployBuilder): + def __init__(self): + super(AWSK8sSourceBuilder, self).__init__() + self._args = self.parse_args() + self._ip = None + self._user_name = self.args.get('terraform_args').get('os_user') + self._pkey_path = self.args.get('service_args').get('pkey') + + @property + def args(self): + return self._args + + @property + def ip(self): + return self._ip + + @ip.setter + def ip(self, ip): + self._ip = ip + + @property + def user_name(self): + return self._user_name + + @property + def pkey_path(self): + return self._pkey_path + @property def terraform_location(self): tf_dir = os.path.abspath(os.path.join(os.getcwd(), os.path.pardir)) @@ -339,22 +365,12 @@ def check_k8s_cluster_status(self): TerraformProviderError: if master or kubeDNS is not running """ - terraform = TerraformProvider() - output = terraform.output('-json ssn_k8s_masters_ip_addresses') - args = self.parse_args() - - ip = self.get_node_ip(output) - user_name = args.get('terraform_args').get('os_user') - pkey_path = args.get('service_args').get('pkey') - - Console.connect_to_ssh(ip, user_name, pkey_path) start_time = time.time() while True: - stdout = run( - 'kubectl cluster-info | ' - 'sed -r "s/\x1B\[([0-9]{1,2}(;[0-9]{1,2})?)?[mGK]//g"') - outlines = stdout.readlines() - k8c_info_status = ''.join(outlines) + with Console.ssh(self.ip, self.user_name, self.pkey_path) as c: + k8c_info_status = c.run( + 'kubectl cluster-info | ' + 'sed -r "s/\x1B\[([0-9]{1,2}(;[0-9]{1,2})?)?[mGK]//g"') kubernetes_success_status = 'Kubernetes master is running' kubernetes_dns_success_status = 'KubeDNS is running' @@ -368,17 +384,28 @@ def check_k8s_cluster_status(self): raise TimeoutError time.sleep(60) + def select_master_ip(self): + terraform = TerraformProvider() + output = terraform.output('-json ssn_k8s_masters_ip_addresses') + self.ip = self.get_node_ip(output) + def copy_terraform_to_remote(self): args = self.parse_args() tf_dir = os.path.abspath(os.path.join(os.getcwd(), os.path.pardir)) - source = os.path.join(tf_dir, 'aws/ss-helm-charts') + source = os.path.join(tf_dir, 'aws/ssn-helm-charts') user_name = args.get('terraform_args').get('os_user') - put(source, '/home/{}/terraform/'.format(user_name)) + with Console.ssh(self.ip, self.user_name, self.pkey_path) as conn: + conn.put(source, '/home/{}/terraform/'.format(user_name)) def run_remote_terraform(self): - run('terraform apply') + with Console.ssh(self.ip, self.user_name, self.pkey_path) as conn: + with conn.cd('/terraform/ssn-helm-charts'): + conn.run('terraform init') + conn.run('terraform validate') + conn.run('terraform apply') def deploy(self): + self.select_master_ip() self.check_k8s_cluster_status() self.copy_terraform_to_remote() self.run_remote_terraform() From ce0cec6ccad559e2d8e792c668bc7fccf95308ac Mon Sep 17 00:00:00 2001 From: bohdana_kuzmenko Date: Tue, 16 Jul 2019 09:17:58 +0300 Subject: [PATCH 40/46] update dir transferring --- .../terraform/bin/terraform-cli.py | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/infrastructure-provisioning/terraform/bin/terraform-cli.py b/infrastructure-provisioning/terraform/bin/terraform-cli.py index 8bb1b8b279..d40f5ce952 100755 --- a/infrastructure-provisioning/terraform/bin/terraform-cli.py +++ b/infrastructure-provisioning/terraform/bin/terraform-cli.py @@ -6,6 +6,7 @@ import time from fabric import Connection +from patchwork.transfers import rsync class TerraformProviderError(Exception): @@ -27,7 +28,8 @@ def execute(command): """ return os.popen(command).read() - def ssh(self, ip, name, pkey): + @staticmethod + def ssh(ip, name, pkey): return Connection(host=ip, user=name, connect_kwargs={'key_filename': pkey}) @@ -390,12 +392,12 @@ def select_master_ip(self): self.ip = self.get_node_ip(output) def copy_terraform_to_remote(self): - args = self.parse_args() tf_dir = os.path.abspath(os.path.join(os.getcwd(), os.path.pardir)) source = os.path.join(tf_dir, 'aws/ssn-helm-charts') - user_name = args.get('terraform_args').get('os_user') + remote_dir = '/home/{}/terraform/'.format(self.user_name) with Console.ssh(self.ip, self.user_name, self.pkey_path) as conn: - conn.put(source, '/home/{}/terraform/'.format(user_name)) + conn.run('mkdir -p {}'.format(remote_dir)) + rsync(conn, source, remote_dir) def run_remote_terraform(self): with Console.ssh(self.ip, self.user_name, self.pkey_path) as conn: @@ -485,7 +487,7 @@ def main(): builder = AWSK8sSourceBuilder() elif target == 'endpoint': builder = AWSEndpointBuilder() - + print(builder) deploy_director = DeployDirector() deploy_director.build(builder) From c0f6985a8f530cd2a9aaad7bbebf4d158f7b5024 Mon Sep 17 00:00:00 2001 From: bohdana_kuzmenko Date: Tue, 16 Jul 2019 09:20:13 +0300 Subject: [PATCH 41/46] add requirements --- infrastructure-provisioning/terraform/bin/requirements.txt | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 infrastructure-provisioning/terraform/bin/requirements.txt diff --git a/infrastructure-provisioning/terraform/bin/requirements.txt b/infrastructure-provisioning/terraform/bin/requirements.txt new file mode 100644 index 0000000000..5035545189 --- /dev/null +++ b/infrastructure-provisioning/terraform/bin/requirements.txt @@ -0,0 +1,2 @@ +fabric==2.4.0 +patchwork==1.0.1 \ No newline at end of file From 95b0cf2b8a47e8408f8e7adcc078c6698b4c43f6 Mon Sep 17 00:00:00 2001 From: bohdana_kuzmenko Date: Tue, 16 Jul 2019 10:47:10 +0300 Subject: [PATCH 42/46] add base logger --- .../terraform/bin/terraform-cli.py | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/infrastructure-provisioning/terraform/bin/terraform-cli.py b/infrastructure-provisioning/terraform/bin/terraform-cli.py index d40f5ce952..d653914ddb 100755 --- a/infrastructure-provisioning/terraform/bin/terraform-cli.py +++ b/infrastructure-provisioning/terraform/bin/terraform-cli.py @@ -7,7 +7,9 @@ import time from fabric import Connection from patchwork.transfers import rsync - +import logging +logging.basicConfig(level=logging.INFO, + format='%(levelname)s-%(message)s') class TerraformProviderError(Exception): """ @@ -44,8 +46,10 @@ def initialize(self): Raises: TerraformProviderError: if initialization was not succeed """ + logging.info('terraform init') terraform_success_init = 'Terraform has been successfully initialized!' terraform_init_result = Console.execute('terraform init') + logging.info(terraform_init_result) if terraform_success_init not in terraform_init_result: raise TerraformProviderError(terraform_init_result) @@ -58,8 +62,10 @@ def validate(self): TerraformProviderError: if validation status was not succeed """ + logging.info('terraform validate') terraform_success_validate = 'Success!' terraform_validate_result = Console.execute('terraform validate') + logging.info(terraform_validate_result) if terraform_success_validate not in terraform_validate_result: raise TerraformProviderError(terraform_validate_result) @@ -72,9 +78,11 @@ def apply(self, cli_args): Returns: None """ + logging.info('terraform apply') args_str = self.get_args_string(cli_args) command = 'terraform apply -auto-approve {}' - Console.execute(command.format(args_str)) + result = Console.execute(command.format(args_str)) + print(result) def destroy(self, cli_args): """Destroy terraform @@ -392,6 +400,7 @@ def select_master_ip(self): self.ip = self.get_node_ip(output) def copy_terraform_to_remote(self): + logging.info('transfer terraform dir to remote') tf_dir = os.path.abspath(os.path.join(os.getcwd(), os.path.pardir)) source = os.path.join(tf_dir, 'aws/ssn-helm-charts') remote_dir = '/home/{}/terraform/'.format(self.user_name) @@ -400,6 +409,7 @@ def copy_terraform_to_remote(self): rsync(conn, source, remote_dir) def run_remote_terraform(self): + logging.info('apply ssn-helm-charts') with Console.ssh(self.ip, self.user_name, self.pkey_path) as conn: with conn.cd('/terraform/ssn-helm-charts'): conn.run('terraform init') @@ -407,6 +417,7 @@ def run_remote_terraform(self): conn.run('terraform apply') def deploy(self): + logging.info('deploy') self.select_master_ip() self.check_k8s_cluster_status() self.copy_terraform_to_remote() @@ -487,7 +498,6 @@ def main(): builder = AWSK8sSourceBuilder() elif target == 'endpoint': builder = AWSEndpointBuilder() - print(builder) deploy_director = DeployDirector() deploy_director.build(builder) From 4192612051eda012f9befb1e81d19398636b2593 Mon Sep 17 00:00:00 2001 From: bohdana_kuzmenko Date: Tue, 16 Jul 2019 11:09:41 +0300 Subject: [PATCH 43/46] update output --- infrastructure-provisioning/terraform/bin/terraform-cli.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/infrastructure-provisioning/terraform/bin/terraform-cli.py b/infrastructure-provisioning/terraform/bin/terraform-cli.py index d653914ddb..266c531f1e 100755 --- a/infrastructure-provisioning/terraform/bin/terraform-cli.py +++ b/infrastructure-provisioning/terraform/bin/terraform-cli.py @@ -8,9 +8,11 @@ from fabric import Connection from patchwork.transfers import rsync import logging + logging.basicConfig(level=logging.INFO, format='%(levelname)s-%(message)s') + class TerraformProviderError(Exception): """ Raises errors while terraform provision @@ -380,7 +382,8 @@ def check_k8s_cluster_status(self): with Console.ssh(self.ip, self.user_name, self.pkey_path) as c: k8c_info_status = c.run( 'kubectl cluster-info | ' - 'sed -r "s/\x1B\[([0-9]{1,2}(;[0-9]{1,2})?)?[mGK]//g"') + 'sed -r "s/\x1B\[([0-9]{1,2}(;[0-9]{1,2})?)?[mGK]//g"') \ + .stdout kubernetes_success_status = 'Kubernetes master is running' kubernetes_dns_success_status = 'KubeDNS is running' From 1e4dd58a1b5545ba53369ca2ba70cf5179c4a820 Mon Sep 17 00:00:00 2001 From: Oleh Martushevskyi Date: Tue, 16 Jul 2019 11:29:37 +0300 Subject: [PATCH 44/46] fixed issues --- .../terraform/bin/terraform-cli.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/infrastructure-provisioning/terraform/bin/terraform-cli.py b/infrastructure-provisioning/terraform/bin/terraform-cli.py index bf7030407f..1f4b92f389 100755 --- a/infrastructure-provisioning/terraform/bin/terraform-cli.py +++ b/infrastructure-provisioning/terraform/bin/terraform-cli.py @@ -404,8 +404,8 @@ def select_master_ip(self): def copy_terraform_to_remote(self): logging.info('transfer terraform dir to remote') - tf_dir = os.path.abspath(os.path.join(os.getcwd(), os.path.pardir)) - source = os.path.join(tf_dir, 'aws/ssn-helm-charts') + tf_dir = os.path.abspath(os.path.join(os.getcwd(), os.path.pardir, os.path.pardir)) + source = os.path.join(tf_dir, 'ssn-helm-charts') remote_dir = '/home/{}/terraform/'.format(self.user_name) with Console.ssh(self.ip, self.user_name, self.pkey_path) as conn: conn.run('mkdir -p {}'.format(remote_dir)) @@ -414,10 +414,10 @@ def copy_terraform_to_remote(self): def run_remote_terraform(self): logging.info('apply ssn-helm-charts') with Console.ssh(self.ip, self.user_name, self.pkey_path) as conn: - with conn.cd('/terraform/ssn-helm-charts'): + with conn.cd('terraform/ssn-helm-charts/main'): conn.run('terraform init') conn.run('terraform validate') - conn.run('terraform apply') + conn.run('terraform apply -auto-approve') def deploy(self): From b1fe14ed4aa90edb5f2d2a363baca308c3d3454f Mon Sep 17 00:00:00 2001 From: Oleh Martushevskyi Date: Tue, 16 Jul 2019 12:52:34 +0300 Subject: [PATCH 45/46] added outputs --- .../aws/ssn-k8s/main/auto_scaling_groups.tf | 5 ---- .../terraform/aws/ssn-k8s/main/main.tf | 25 +++++++++++++++++++ 2 files changed, 25 insertions(+), 5 deletions(-) diff --git a/infrastructure-provisioning/terraform/aws/ssn-k8s/main/auto_scaling_groups.tf b/infrastructure-provisioning/terraform/aws/ssn-k8s/main/auto_scaling_groups.tf index 1e2850983a..aee3428760 100644 --- a/infrastructure-provisioning/terraform/aws/ssn-k8s/main/auto_scaling_groups.tf +++ b/infrastructure-provisioning/terraform/aws/ssn-k8s/main/auto_scaling_groups.tf @@ -129,8 +129,3 @@ data "aws_instances" "ssn_k8s_masters_instances" { instance_state_names = ["running"] depends_on = [aws_autoscaling_group.ssn_k8s_autoscaling_group_masters] } - -output "ssn_k8s_masters_ip_addresses" { - value = data.aws_instances.ssn_k8s_masters_instances.public_ips - depends_on = [data.aws_instances.ssn_k8s_masters_instances] -} diff --git a/infrastructure-provisioning/terraform/aws/ssn-k8s/main/main.tf b/infrastructure-provisioning/terraform/aws/ssn-k8s/main/main.tf index 56d5374d80..53103db91a 100644 --- a/infrastructure-provisioning/terraform/aws/ssn-k8s/main/main.tf +++ b/infrastructure-provisioning/terraform/aws/ssn-k8s/main/main.tf @@ -23,4 +23,29 @@ provider "aws" { region = var.region access_key = var.access_key_id secret_key = var.secret_access_key +} + +output "ssn_k8s_alb_dns_name" { + value = aws_lb.ssn_k8s_alb.dns_name +} + +output "ssn_k8s_masters_ip_addresses" { + value = data.aws_instances.ssn_k8s_masters_instances.public_ips + depends_on = [data.aws_instances.ssn_k8s_masters_instances] +} + +output "ssn_bucket_name" { + value = aws_s3_bucket.ssn_k8s_bucket.id +} + +output "ssn_vpc_id" { + value = data.aws_vpc.ssn_k8s_vpc_data.id +} + +output "ssn_subnets" { + value = compact([data.aws_subnet.k8s-subnet-a-data.id, data.aws_subnet.k8s-subnet-b-data.id, local.subnet_c_id]) +} + +output "ssn_k8s_sg_id" { + value = aws_security_group.ssn_k8s_sg.id } \ No newline at end of file From 7295736891dc2bcc7284ad7b1fd1f1b5f3e0bc01 Mon Sep 17 00:00:00 2001 From: Oleh Martushevskyi Date: Tue, 16 Jul 2019 16:53:22 +0300 Subject: [PATCH 46/46] [DLAB-911]: added creation of Elastic IP address for Endpoint --- .../terraform/aws/ssn-k8s/main/main.tf | 4 ++++ .../terraform/aws/ssn-k8s/main/vpc.tf | 7 +++++++ 2 files changed, 11 insertions(+) diff --git a/infrastructure-provisioning/terraform/aws/ssn-k8s/main/main.tf b/infrastructure-provisioning/terraform/aws/ssn-k8s/main/main.tf index 53103db91a..da8e517db8 100644 --- a/infrastructure-provisioning/terraform/aws/ssn-k8s/main/main.tf +++ b/infrastructure-provisioning/terraform/aws/ssn-k8s/main/main.tf @@ -48,4 +48,8 @@ output "ssn_subnets" { output "ssn_k8s_sg_id" { value = aws_security_group.ssn_k8s_sg.id +} + +output "endpoint_eip_" { + value = aws_eip.k8s-endpoint-eip.allocation_id } \ No newline at end of file diff --git a/infrastructure-provisioning/terraform/aws/ssn-k8s/main/vpc.tf b/infrastructure-provisioning/terraform/aws/ssn-k8s/main/vpc.tf index 78e26b6117..3c0908e73f 100644 --- a/infrastructure-provisioning/terraform/aws/ssn-k8s/main/vpc.tf +++ b/infrastructure-provisioning/terraform/aws/ssn-k8s/main/vpc.tf @@ -100,6 +100,13 @@ data "aws_subnet" "k8s-subnet-c-data" { id = aws_subnet.ssn_k8s_subnet_c.0.id } +resource "aws_eip" "k8s-endpoint-eip" { + vpc = true + tags = { + Name = "${var.service_base_name}-endpoint-eip" + } +} + //resource "aws_eip" "k8s-lb-eip-a" { // vpc = true // tags = {