From 0f45daf99b7b78eeef8568fa2525d21c111e7b88 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jo=C3=A3o=20Feteira?= <joaofet@gmail.com>
Date: Wed, 9 Nov 2022 10:22:24 +0000
Subject: [PATCH] adding post config infra code

---
 .gitignore                  |  9 ++--
 ansible_kind/hosts.tftpl    | 10 +++++
 infra/README.md             | 82 +++++++++++++++++++++++++++++++------
 infra/compute_instances.tf  | 43 ++++++++++++++++++-
 infra/general.auto.tfvars   |  2 +-
 infra/instance_templates.tf |  2 -
 infra/keys/nephio           |  1 -
 infra/keys/nephio.tftpl     |  1 +
 infra/outputs.tf            |  7 ++--
 infra/scripts/startup.sh    |  9 ----
 infra/ssh_keys.tf           |  4 +-
 infra/variables.tf          |  6 +++
 12 files changed, 139 insertions(+), 37 deletions(-)
 create mode 100644 ansible_kind/hosts.tftpl
 delete mode 100644 infra/keys/nephio
 create mode 100644 infra/keys/nephio.tftpl
 delete mode 100644 infra/scripts/startup.sh

diff --git a/.gitignore b/.gitignore
index 427e606..19146cc 100644
--- a/.gitignore
+++ b/.gitignore
@@ -50,10 +50,11 @@ override.tf.json
 
 # End of https://www.gitignore.io/api/terraform,visualstudiocode
 
-plan
+# Other files files
 **/key.json
-.vscode
 .kube*
 kubeconfig.yaml
-.vagrant
-*.log
+
+# Project Specific
+ansible_kind/hosts
+infra/keys/nephio
\ No newline at end of file
diff --git a/ansible_kind/hosts.tftpl b/ansible_kind/hosts.tftpl
new file mode 100644
index 0000000..4dec224
--- /dev/null
+++ b/ansible_kind/hosts.tftpl
@@ -0,0 +1,10 @@
+[servers]
+%{ for compute_instances in hosts ~}
+%{ for ips in compute_instances ~}
+${ips}
+%{ endfor ~}
+%{ endfor ~}
+
+[all:vars]
+ansible_ssh_common_args="-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null"
+ansible_user=${user}
\ No newline at end of file
diff --git a/infra/README.md b/infra/README.md
index d2191f6..c5e4df1 100644
--- a/infra/README.md
+++ b/infra/README.md
@@ -1,21 +1,79 @@
 # kind-cluster-gce
 
-Terraform code to provision Kind clusters on top of GCE Instances.
-For now it creates a number (that can be defined) of Kind K8S Clusters (based on the scripts folder) for central and edge clusters.
-We can even set multiple interfaces for each VM in order to have additional NICs for Multus for instance.
-
-## todo
-
-- automate the #Post section of the scripts
+Terraform code to provision Kind clusters on top of GCE Instances
 
 ## requirements
 
 - [terraform 1.3.2](https://www.terraform.io/downloads.html)
 - [Google Cloud SDK](https://cloud.google.com/sdk/docs/install)
+- [Ansible](https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html)
 
 ## usage
 
-To run the terraform code locally change the variable project_id in general.auto.tfvars and:
+- Generate the SSH Key on your local machine:
+
+```bash
+ssh-keygen -t rsa -f ~/.ssh/nephio.pub -C nephio -b 2048
+```
+
+- Fill in the required parameters in compute_instances.tf file:
+
+```bash
+  # Compute Instances parameters definition
+  ssh_public_key_path  = "xxxxx"
+  ssh_private_key_path = "xxxxx"
+  num_vms              = NUMBER
+  user                 = "ubuntu"  - must be this one unless we autogenerate the kind_setup.yaml as it is performed on the ansible hosts inventory
+```
+
+- Choose if you want to configure the VMs through the script method or through and ansible role by uncommenting the specific section in compute_instances.tf file:
+
+```bash
+# # VM configuration through bash script 
+# Needs some reworking if using more than "nephio-poc" object in locals
+# resource "null_resource" "config_vm" {
+#   count = local.num_vms
+#   connection {
+#     type        = "ssh"
+#     user        = local.user
+#     private_key = file(local.ssh_private_key_path)
+#     host        = module.compute_instances["nephio-poc"].instances_details[count.index].*.network_interface[0].*.access_config[0].*.nat_ip[0]
+#   }
+
+#   provisioner "remote-exec" {
+#     script = "../scripts/startup.sh"
+#   }
+# }
+```
+
+OR
+
+```bash
+# # VM configuration through ansible playbooks
+# resource "local_file" "ansible_inventory" {
+#   content    = templatefile("../ansible_kind/hosts.tftpl", { hosts = { for k, vm in module.compute_instances : k => vm.instances_details[*].*.network_interface[0].*.access_config[0].*.nat_ip[0] }, user = local.user })
+#   filename   = "../ansible_kind/hosts"
+#   depends_on = [module.compute_instances]
+# }
+
+# resource "null_resource" "config_vm" {
+#   provisioner "local-exec" {
+#     command = "ansible-playbook -i '../ansible_kind/hosts' --private-key ${local.ssh_private_key_path} ../ansible_kind/kind_setup.yaml"
+#   }
+#   depends_on = [local_file.ansible_inventory]
+# }
+```
+
+- Change the parameters in the general.auto.tfvars file:
+
+```bash
+# General Settings
+project_id = "xxxxx"
+region     = "xxxxx"
+zone       = "xxxxx"
+```
+
+- To run the terraform code locally run:
 
 ```bash
 gcloud auth login
@@ -26,10 +84,10 @@ terraform plan
 terraform apply
 ```
 
-To access the VM after creation:
+## VM Access
+
+To access the VM after creation run:
 
 ```bash
-gcloud compute ssh --zone ZONE VM_NAME --project "XXXX" --tunnel-through-iap
+ssh USER@IP -i PRIVATEKEYPATH
 ```
-
-(one can get the VM name from the terraform outputs or via gcloud compute instances list)
diff --git a/infra/compute_instances.tf b/infra/compute_instances.tf
index 76141f7..2fc51f9 100644
--- a/infra/compute_instances.tf
+++ b/infra/compute_instances.tf
@@ -1,19 +1,30 @@
 # compute_instances.tf
 
 locals {
+  # Compute Instances parameters definition
+  ssh_public_key_path  = "xxxxx"
+  ssh_private_key_path = "xxxxx"
+  num_vms              = 2
+  user                 = "ubuntu"
   # Compute Instances definition
   compute_instances = {
     "nephio-poc" = { # Prefix for each Compute Instance
       name                = "nephio-poc"
       region              = var.region
       zone                = var.zone
-      num_instances       = 1
+      num_instances       = local.num_vms
       instance_template   = module.instance_templates["cluster"].self_link
       deletion_protection = false # Protect the instance from deletion
     }
   }
 }
 
+# Public Key File Generation
+resource "local_file" "public_key" {
+  content  = templatefile("keys/nephio.tftpl", { pub_key = file(local.ssh_public_key_path), user = local.user })
+  filename = "keys/nephio"
+}
+
 # Compute Instances Creation
 module "compute_instances" {
   for_each            = { for compute_instances in local.compute_instances : compute_instances.name => compute_instances }
@@ -28,3 +39,33 @@ module "compute_instances" {
   deletion_protection = each.value.deletion_protection
   depends_on          = [module.subnets, module.service_accounts, resource.google_compute_project_metadata.ssh_keys]
 }
+
+# # VM configuration through bash script 
+# Needs some reworking if using more than "nephio-poc" object in locals
+# resource "null_resource" "config_vm" {
+#   count = local.num_vms
+#   connection {
+#     type        = "ssh"
+#     user        = local.user
+#     private_key = file(local.ssh_private_key_path)
+#     host        = module.compute_instances["nephio-poc"].instances_details[count.index].*.network_interface[0].*.access_config[0].*.nat_ip[0]
+#   }
+
+#   provisioner "remote-exec" {
+#     script = "../scripts/startup.sh"
+#   }
+# }
+
+# # VM configuration through ansible playbooks
+# resource "local_file" "ansible_inventory" {
+#   content    = templatefile("../ansible_kind/hosts.tftpl", { hosts = { for k, vm in module.compute_instances : k => vm.instances_details[*].*.network_interface[0].*.access_config[0].*.nat_ip[0] }, user = local.user })
+#   filename   = "../ansible_kind/hosts"
+#   depends_on = [module.compute_instances]
+# }
+
+# resource "null_resource" "config_vm" {
+#   provisioner "local-exec" {
+#     command = "ansible-playbook -i '../ansible_kind/hosts' --private-key ${local.ssh_private_key_path} ../ansible_kind/kind_setup.yaml"
+#   }
+#   depends_on = [local_file.ansible_inventory]
+# }
diff --git a/infra/general.auto.tfvars b/infra/general.auto.tfvars
index 5911fd3..d5566e5 100644
--- a/infra/general.auto.tfvars
+++ b/infra/general.auto.tfvars
@@ -1,4 +1,4 @@
 # General Settings
-project_id = "xxxx"
+project_id = "xxxxx"
 region     = "europe-west1"
 zone       = "europe-west1-b"
diff --git a/infra/instance_templates.tf b/infra/instance_templates.tf
index 13e525b..20c487e 100644
--- a/infra/instance_templates.tf
+++ b/infra/instance_templates.tf
@@ -33,7 +33,6 @@ locals {
       #     network_tier = null
       #   }]
       # }]
-      startup_script = file("scripts/startup.sh")
       service_account = {
         email  = "compute-general@${var.project_id}.iam.gserviceaccount.com"
         scopes = []
@@ -64,7 +63,6 @@ module "instance_templates" {
   access_config        = each.value.access_config
   # additional_networks = each.value.additional_networks
   subnetwork_project = var.project_id
-  startup_script     = each.value.startup_script
   service_account    = each.value.service_account
   depends_on         = [module.subnets, module.service_accounts]
 }
diff --git a/infra/keys/nephio b/infra/keys/nephio
deleted file mode 100644
index 90c790d..0000000
--- a/infra/keys/nephio
+++ /dev/null
@@ -1 +0,0 @@
-nephio:ssh-rsa UBERSSHPUBKEYTOBEFILLED nephio
diff --git a/infra/keys/nephio.tftpl b/infra/keys/nephio.tftpl
new file mode 100644
index 0000000..15717f1
--- /dev/null
+++ b/infra/keys/nephio.tftpl
@@ -0,0 +1 @@
+${user}:${pub_key}
\ No newline at end of file
diff --git a/infra/outputs.tf b/infra/outputs.tf
index 1b0047d..223d674 100644
--- a/infra/outputs.tf
+++ b/infra/outputs.tf
@@ -1,12 +1,11 @@
 # outputs.tf
 
-output "name" {
+output "vm_names" {
   description = "VM Name"
   value       = { for k, vm in module.compute_instances : k => vm.*.instances_details[0].*.name }
 }
 
-output "ip" {
+output "vm_external_ips" {
   description = "VM External IP"
-  value       = { for k, vm in module.compute_instances : k => vm.*.instances_details[0].*.network_interface[0].*.access_config[0].*.nat_ip[0] }
+  value       = { for k, vm in module.compute_instances : k => vm.instances_details[*].*.network_interface[0].*.access_config[0].*.nat_ip[0] }
 }
-
diff --git a/infra/scripts/startup.sh b/infra/scripts/startup.sh
deleted file mode 100644
index cee73b0..0000000
--- a/infra/scripts/startup.sh
+++ /dev/null
@@ -1,9 +0,0 @@
-#! /bin/bash
-
-# # If root login is to be enabled
-# sudo sh -c 'echo root:UBERPASSTOBEFILLED| chpasswd'
-# sudo sed -i 's/PermitRootLogin no/PermitRootLogin yes/' /etc/ssh/sshd_config
-# sudo sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/' /etc/ssh/sshd_config
-# sudo service sshd restart
-
-# TO FILL
\ No newline at end of file
diff --git a/infra/ssh_keys.tf b/infra/ssh_keys.tf
index de12fa0..58c096e 100644
--- a/infra/ssh_keys.tf
+++ b/infra/ssh_keys.tf
@@ -1,7 +1,5 @@
 resource "google_compute_project_metadata" "ssh_keys" {
   metadata = {
-    ssh-keys = file("keys/nephio")
+    ssh-keys = local_file.public_key.content
   }
 }
-
-#to genereate the key: ssh-keygen -t rsa -f ~/.ssh/nephio.pub -C nephio -b 2048 and then edit keys/nephio and change it to the format username:ssh-rsa xxxxx username
diff --git a/infra/variables.tf b/infra/variables.tf
index 8753e0b..a415f86 100644
--- a/infra/variables.tf
+++ b/infra/variables.tf
@@ -16,3 +16,9 @@ variable "zone" {
   type        = string
   default     = null
 }
+
+variable "ssh_private_key_path" {
+  description = "Private SSH Key Path to be provided on terraform apply run"
+  type        = string
+  default     = null
+}