# 3. Infrastructure Provisioning with Terraform

With the prerequisite configurations in place, we will now proceed to provision our virtualized infrastructure using Terraform's Infrastructure as Code (IaC) approach. The configuration will deploy three VM instances along with their requisite networking components in the OpenStack environment."

### Environment Setup

Navigate to the Terraform configuration directory for the KVM-based deployment:

In [1]:
cd /home/jgr7704_nyu_edu/work/ML-SysOps_Project-main\ 2/continous_X_pipeline/tf/kvm/

In [2]:
export PATH=/work/.local/bin:$PATH

Unset any OpenStack-related environment variables from the Chameleon Jupyter environment to prevent unintended configuration overrides that would interfere with Terraform's execution parameters:

In [3]:
unset $(set | grep -o "^OS_[A-Za-z0-9_]*")

In [4]:
cat  clouds.yaml

clouds:
  openstack:
    auth:
      auth_url: https://kvm.tacc.chameleoncloud.org:5000
      application_credential_id: "c71e81c8cc784cbf84800747af918b1a"
      application_credential_secret: "twAavQigIBZH--wkOLc1L3Y5iGhQgCMVkxLwsQeFa-7KUn50FBLh49PCZZE0la9m5u9wigCQV1UQ25p0Dbh7-g"
    region_name: "KVM@TACC"
    interface: "public"
    identity_api_version: 3
    auth_type: "v3applicationcredential"


### Terraform Configuration Architecture

data.tf: Defines data sources that retrieve existing infrastructure metadata from OpenStack for resources outside of Terraform's management scope.

 main.tf: Contains the primary resource allocation declarations. The configuration attaches pre-allocated block storage to node1, which serves as the Kubernetes control plane node. This architecture ensures data persistence beyond VM lifecycle, providing durable storage for critical services including MinIO and PostgreSQL instances.

variables.tf: Establishes input variables enabling deployment flexibility across various environments. Variable values can be supplied via command-line arguments or environment variables prefixed with `TF_VAR_`. For instance, the `instance_hostname` variable facilitates VM naming through string interpolation syntax: `name = \"${var.instance_hostname}"`

### Variable Configuration

Generate a terraform.tfvars file to override default configuration parameters:

In [5]:
terraform init

[0m[1mInitializing the backend...[0m
[0m[1mInitializing provider plugins...[0m
- Reusing previous version of terraform-provider-openstack/openstack from the dependency lock file
- Using previously-installed terraform-provider-openstack/openstack v1.51.1

[0m[1m[32mTerraform has been successfully initialized![0m[32m[0m
[0m[32m
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.

If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.[0m


"Configure environment variables for project nomenclature adherence, specifying the key identifier shared across team members:

In [10]:
# runs in Chameleon Jupyter environment
export TF_VAR_suffix=project31
export TF_VAR_key=id_rsa_chameleon

Validate the configuration schema for syntactic correctness and internal consistency:

In [11]:
terraform validate

[32m[1mSuccess![0m The configuration is valid.
[0m


Generate an execution plan detailing resources to be provisioned 

In [12]:
terraform apply -auto-approve

[0m[1mdata.openstack_networking_secgroup_v2.allow_http_80: Reading...[0m[0m
[0m[1mdata.openstack_networking_secgroup_v2.allow_9090: Reading...[0m[0m
[0m[1mdata.openstack_networking_secgroup_v2.allow_8081: Reading...[0m[0m
[0m[1mdata.openstack_networking_secgroup_v2.allow_9001: Reading...[0m[0m
[0m[1mdata.openstack_networking_secgroup_v2.allow_8080: Reading...[0m[0m
[0m[1mdata.openstack_networking_secgroup_v2.allow_ssh: Reading...[0m[0m
[0m[1mdata.openstack_networking_subnet_v2.sharednet2_subnet: Reading...[0m[0m
[0m[1mdata.openstack_networking_floatingip_v2.reserved_ip: Reading...[0m[0m
[0m[1mdata.openstack_networking_network_v2.sharednet2: Reading...[0m[0m
[0m[1mopenstack_networking_network_v2.private_net: Refreshing state... [id=3c6a6b43-7de7-4664-a8aa-c4f2b0338b51][0m
[0m[1mdata.openstack_networking_secgroup_v2.allow_9001: Read complete after 1s [id=ad2912c0-caa9-49e0-b431-b9b3953b91b3][0m
[0m[1mdata.openstack_networking_secgroup_v2.allow_