added initial files

Issue-ID: INT-1698 Change-Id: I3405a7815bc51dbdf2cb61cd2003d46f428f059c Signed-off-by: yoonsoonjahng <yoonsoon.jahng@yoppworks.com>
author: yoonsoonjahng <yoonsoon.jahng@yoppworks.com> 2020-09-02 13:06:34 -0400
committer: yoonsoonjahng <yoonsoon.jahng@yoppworks.com> 2020-09-09 21:07:31 -0400
commit: bc47c630d9fdc0e0e75b64a0c3d2311df28cfeaa (patch)
tree: 23f97a308af22389a46534dba2328e3d4e52e3e0 /openlab
parent: e291bec2483388ff1b6f2552dd894d7092823a06 (diff)
21 files changed, 314 insertions, 0 deletions
diff --git a/openlab/README.md b/openlab/README.md
new file mode 100644
index 0000000..1df82fb
--- /dev/null
+++ b/openlab/README.md
@@ -0,0 +1,3 @@
+# openlab
+
+Terraform scripts for Openlab(Windriver Lab)
diff --git a/openlab/modules/kubernetes/kubernetes/main.tf b/openlab/modules/kubernetes/kubernetes/main.tf
new file mode 100644
index 0000000..eccbcd4
--- /dev/null
+++ b/openlab/modules/kubernetes/kubernetes/main.tf
@@ -0,0 +1,48 @@
+provider "helm" {
+  version = "~> 0.10.0"
+  init_helm_home = true
+  install_tiller = true
+  service_account = var.service_account
+  namespace    = var.namespace
+  tiller_image = "gcr.io/kubernetes-helm/tiller:v2.16.6"
+
+  kubernetes {
+    config_path = "${var.kubernetes_home}/kube_config_cluster.yaml"
+  }
+}
+
+provider "kubernetes" {
+  version = ">= 1.10"
+  load_config_file = true
+}
+
+resource "kubernetes_service_account" "tiller" {
+  automount_service_account_token = true
+
+  metadata {
+    name = var.service_account
+    namespace = var.namespace
+  }
+}
+
+resource "kubernetes_cluster_role_binding" "tiller" {
+  metadata {
+    name = "tiller"
+  }
+
+  role_ref {
+    api_group = "rbac.authorization.k8s.io"
+    kind      = "ClusterRole"
+    name      = "cluster-admin"
+  }
+
+  subject {
+    kind      = "ServiceAccount"
+    name      = kubernetes_service_account.tiller.metadata.0.name
+    namespace = kubernetes_service_account.tiller.metadata.0.namespace
+  }
+
+  provisioner "local-exec" {
+    command = "helm init --service-account ${var.service_account};kubectl -n ${var.namespace} rollout status deployment/tiller-deploy"
+  }
+}
diff --git a/openlab/modules/kubernetes/kubernetes/variables.tf b/openlab/modules/kubernetes/kubernetes/variables.tf
new file mode 100644
index 0000000..6e26b85
--- /dev/null
+++ b/openlab/modules/kubernetes/kubernetes/variables.tf
@@ -0,0 +1,5 @@
+variable "kubernetes_home" {}
+
+variable "service_account" {}
+
+variable "namespace" {}
+\ No newline at end of file
diff --git a/openlab/modules/kubernetes/rancher/data.tf b/openlab/modules/kubernetes/rancher/data.tf
new file mode 100644
index 0000000..fa38a55
--- /dev/null
+++ b/openlab/modules/kubernetes/rancher/data.tf
@@ -0,0 +1,15 @@
+data "terraform_remote_state" "control_plane_floating_ips" {
+  backend = var.backend
+  config = {
+    bucket      = var.backend_state
+    prefix      = "${var.region}/${var.environment}/compute/control/terraform.tfstate"
+  }
+}
+
+data "terraform_remote_state" "worker_node_floating_ips" {
+  backend = var.backend
+  config = {
+    bucket      = var.backend_state
+    prefix      = "${var.region}/${var.environment}/compute/worker/terraform.tfstate"
+  }
+}
diff --git a/openlab/modules/kubernetes/rancher/main.tf b/openlab/modules/kubernetes/rancher/main.tf
new file mode 100644
index 0000000..b787f0b
--- /dev/null
+++ b/openlab/modules/kubernetes/rancher/main.tf
@@ -0,0 +1,55 @@
+# If your terraform version is < 0.13-beta, manual installation is needed.
+# https://github.com/rancher/terraform-provider-rke
+provider "rke" {}
+
+locals {
+  control_node = [for ip in (flatten(data.terraform_remote_state.control_plane_floating_ips.outputs.floating_ips)): {
+      address = ip
+      role = "control"
+   }]
+  worker_node = [for ip in (flatten(data.terraform_remote_state.worker_node_floating_ips.outputs.floating_ips)): {
+      address = ip
+      role = "worker"
+  }]
+
+  all_node = concat(local.control_node, local.worker_node)
+}
+
+resource "rke_cluster" "cluster" {
+  kubernetes_version = var.kubernetes_version
+  cluster_name = var.kubernetes_cluster_name
+
+  dynamic nodes {
+
+    for_each = local.all_node
+
+    content {
+      address = nodes.value.address
+      user = var.kubernetes_user
+      role = (nodes.value.role == "control") ? [ "controlplane", "etcd" ] : ["worker"]
+    }
+  }
+
+  # You have to have private key on your machine excuting terraform
+  # An Openstack keypair is generated and stored within the remote state at
+  # "${var.region}/${var.environment}/keypair/terraform.tfstate"
+  ssh_key_path = var.ssh_private_key_path
+
+  disable_port_check = false
+
+  depends_on = [null_resource.wait-for-docker]
+}
+
+resource "local_file" "kube_cluster_yaml" {
+  filename = "${var.kubernetes_home}/kube_config_cluster.yaml"
+  sensitive_content = rke_cluster.cluster.kube_config_yaml
+}
+
+resource "null_resource" "wait-for-docker" {
+  provisioner "local-exec" {
+    # wait untill VM's bootstrapping's done
+    # If your VMs for Computing node have finished bootstrapping already,
+    # you may not need this waiting time
+    command = "sleep 120"
+  }
+}
diff --git a/openlab/modules/kubernetes/rancher/output.tf b/openlab/modules/kubernetes/rancher/output.tf
new file mode 100644
index 0000000..aa25e43
--- /dev/null
+++ b/openlab/modules/kubernetes/rancher/output.tf
@@ -0,0 +1,7 @@
+output "ips" {
+  value = local.all_node
+}
+
+output "kube_config_file" {
+  value = local_file.kube_cluster_yaml.filename
+}
+\ No newline at end of file
diff --git a/openlab/modules/kubernetes/rancher/variables.tf b/openlab/modules/kubernetes/rancher/variables.tf
new file mode 100644
index 0000000..8d63243
--- /dev/null
+++ b/openlab/modules/kubernetes/rancher/variables.tf
@@ -0,0 +1,17 @@
+variable "backend" {}
+
+variable "backend_state" {}
+
+variable "region" {}
+
+variable "environment" {}
+
+variable "ssh_private_key_path" {}
+
+variable "kubernetes_user" {}
+
+variable "kubernetes_version" {}
+
+variable "kubernetes_cluster_name" {}
+
+variable "kubernetes_home" {}
diff --git a/openlab/modules/openstack/compute/data.tf b/openlab/modules/openstack/compute/data.tf
new file mode 100644
index 0000000..24c6c62
--- /dev/null
+++ b/openlab/modules/openstack/compute/data.tf
@@ -0,0 +1,36 @@
+data "terraform_remote_state" "keypair" {
+  backend = var.backend
+  config = {
+    bucket      = var.backend_state
+    prefix      = "${var.region}/${var.environment}/keypair/terraform.tfstate"
+  }
+}
+
+data "terraform_remote_state" "network" {
+  backend = var.backend
+  config = {
+    bucket      = var.backend_state
+    prefix      = "${var.region}/${var.environment}/network/terraform.tfstate"
+  }
+}
+
+data "terraform_remote_state" "securitygroup" {
+  backend = var.backend
+  config = {
+    bucket      = var.backend_state
+    prefix      = "${var.region}/${var.environment}/securitygroup/terraform.tfstate"
+  }
+}
+
+data "openstack_images_image_v2" "vm_image" {
+  name = var.image
+}
+
+data "openstack_compute_flavor_v2" "flavor" {
+  name = var.flavor
+}
+
+data "openstack_networking_network_v2" "egress_network" {
+  name = var.network
+}
+
diff --git a/openlab/modules/openstack/compute/main.tf b/openlab/modules/openstack/compute/main.tf
new file mode 100644
index 0000000..1e08737
--- /dev/null
+++ b/openlab/modules/openstack/compute/main.tf
@@ -0,0 +1,27 @@
+resource "openstack_compute_instance_v2" "nodes" {
+  name      = "${var.cluster_name}-${var.node_name}-${count.index}"
+  image_id  = data.openstack_images_image_v2.vm_image.id
+  flavor_id = data.openstack_compute_flavor_v2.flavor.id
+  key_pair  = data.terraform_remote_state.keypair.outputs.name
+  network {
+    name = data.terraform_remote_state.network.outputs.name
+  }
+  security_groups = [ data.terraform_remote_state.securitygroup.outputs.name ]
+
+  user_data = var.user_data
+
+  count = var.node_count
+}
+
+resource "openstack_compute_floatingip_v2" "floatingip" {
+  pool = var.floating_ip_pool
+
+  count = var.node_count
+}
+
+resource "openstack_compute_floatingip_associate_v2" "floatipassociation" {
+  floating_ip = openstack_compute_floatingip_v2.floatingip[count.index].address
+  instance_id = openstack_compute_instance_v2.nodes[count.index].id
+
+  count = var.node_count
+}
diff --git a/openlab/modules/openstack/compute/output.tf b/openlab/modules/openstack/compute/output.tf
new file mode 100644
index 0000000..28ae6d0
--- /dev/null
+++ b/openlab/modules/openstack/compute/output.tf
@@ -0,0 +1,11 @@
+output "floating_ips" {
+  value = [openstack_compute_floatingip_associate_v2.floatipassociation.*.floating_ip]
+}
+
+output "fixed_ips" {
+  value = [openstack_compute_instance_v2.nodes.*.access_ip_v4]
+}
+
+output "hostnames" {
+  value = [openstack_compute_instance_v2.nodes.*.name]
+}
+\ No newline at end of file
diff --git a/openlab/modules/openstack/compute/variables.tf b/openlab/modules/openstack/compute/variables.tf
new file mode 100644
index 0000000..871719d
--- /dev/null
+++ b/openlab/modules/openstack/compute/variables.tf
@@ -0,0 +1,18 @@
+variable "cluster_name" {
+  description = "A name for the cluster"
+  type = string
+}
+
+variable "backend" {}
+variable "backend_state" {}
+variable "region" {}
+variable "environment" {}
+
+variable "node_name" {}
+variable "image" {}
+variable "flavor" {}
+variable "network" {}
+variable "floating_ip_pool" {}
+variable "user_data" {}
+
+variable "node_count" {}
diff --git a/openlab/modules/openstack/keypair/main.tf b/openlab/modules/openstack/keypair/main.tf
new file mode 100644
index 0000000..5b1384a
--- /dev/null
+++ b/openlab/modules/openstack/keypair/main.tf
@@ -0,0 +1,6 @@
+resource "openstack_compute_keypair_v2" "key" {
+  # You cna find a public/private key pair from your remote state storage.
+  name = "${var.cluster_name}-key"
+  # In order to generate a new keypair via existing public key
+  public_key = var.ssh_public_key
+}
diff --git a/openlab/modules/openstack/keypair/output.tf b/openlab/modules/openstack/keypair/output.tf
new file mode 100644
index 0000000..9c042e6
--- /dev/null
+++ b/openlab/modules/openstack/keypair/output.tf
@@ -0,0 +1,3 @@
+output "name" {
+  value = openstack_compute_keypair_v2.key.name
+}
+\ No newline at end of file
diff --git a/openlab/modules/openstack/keypair/variables.tf b/openlab/modules/openstack/keypair/variables.tf
new file mode 100644
index 0000000..b3c6a92
--- /dev/null
+++ b/openlab/modules/openstack/keypair/variables.tf
@@ -0,0 +1,6 @@
+variable "cluster_name" {
+  description = "A name for the cluster"
+  type = string
+}
+
+variable "ssh_public_key" { }
diff --git a/openlab/modules/openstack/network/data.tf b/openlab/modules/openstack/network/data.tf
new file mode 100644
index 0000000..fad533f
--- /dev/null
+++ b/openlab/modules/openstack/network/data.tf
@@ -0,0 +1,3 @@
+data "openstack_networking_network_v2" "egress_network" {
+  name = var.network
+}
+\ No newline at end of file
diff --git a/openlab/modules/openstack/network/main.tf b/openlab/modules/openstack/network/main.tf
new file mode 100644
index 0000000..80dd70e
--- /dev/null
+++ b/openlab/modules/openstack/network/main.tf
@@ -0,0 +1,25 @@
+resource "openstack_networking_network_v2" "network" {
+  name              = "${var.cluster_name}-network"
+  admin_state_up    = "true"
+}
+
+resource "openstack_networking_subnet_v2" "subnet" {
+  name        = "${var.cluster_name}-subnet"
+  network_id  = openstack_networking_network_v2.network.id
+  cidr        = "192.168.64.0/24"
+  ip_version  = 4
+  gateway_ip  = "192.168.64.1"
+  enable_dhcp = "true"
+  dns_nameservers = [ "8.8.8.8", "8.8.4.4" ]
+}
+
+resource "openstack_networking_router_v2" "router" {
+  name                = "${var.cluster_name}-router"
+  admin_state_up      = true
+  external_network_id = data.openstack_networking_network_v2.egress_network.id
+}
+
+resource "openstack_networking_router_interface_v2" "router_interface" {
+  router_id = openstack_networking_router_v2.router.id
+  subnet_id = openstack_networking_subnet_v2.subnet.id
+}
+\ No newline at end of file
diff --git a/openlab/modules/openstack/network/output.tf b/openlab/modules/openstack/network/output.tf
new file mode 100644
index 0000000..1ca1b0a
--- /dev/null
+++ b/openlab/modules/openstack/network/output.tf
@@ -0,0 +1,3 @@
+output "name" {
+  value = openstack_networking_network_v2.network.name
+}
+\ No newline at end of file
diff --git a/openlab/modules/openstack/network/variables.tf b/openlab/modules/openstack/network/variables.tf
new file mode 100644
index 0000000..86de2f0
--- /dev/null
+++ b/openlab/modules/openstack/network/variables.tf
@@ -0,0 +1,9 @@
+variable "cluster_name" {
+  description = "A name for the cluster"
+  type = string
+}
+
+variable "network" {
+  description = "A network to the Internet"
+  type = string
+}
diff --git a/openlab/modules/openstack/securitygroup/main.tf b/openlab/modules/openstack/securitygroup/main.tf
new file mode 100644
index 0000000..af7cbb4
--- /dev/null
+++ b/openlab/modules/openstack/securitygroup/main.tf
@@ -0,0 +1,10 @@
+resource "openstack_networking_secgroup_v2" "securitygroup" {
+  name        = "${var.cluster_name}-securitygroup"
+  description = "RKE security group"
+}
+
+resource "openstack_networking_secgroup_rule_v2" "securitygroup_rule" {
+  direction         = "ingress"
+  ethertype         = "IPv4"
+  security_group_id = openstack_networking_secgroup_v2.securitygroup.id
+}
diff --git a/openlab/modules/openstack/securitygroup/output.tf b/openlab/modules/openstack/securitygroup/output.tf
new file mode 100644
index 0000000..825f4bf
--- /dev/null
+++ b/openlab/modules/openstack/securitygroup/output.tf
@@ -0,0 +1,3 @@
+output "name" {
+  value = openstack_networking_secgroup_v2.securitygroup.name
+}
+\ No newline at end of file
diff --git a/openlab/modules/openstack/securitygroup/variables.tf b/openlab/modules/openstack/securitygroup/variables.tf
new file mode 100644
index 0000000..826fcfb
--- /dev/null
+++ b/openlab/modules/openstack/securitygroup/variables.tf
@@ -0,0 +1,4 @@
+variable "cluster_name" {
+  description = "A name for the cluster"
+  type = string
+}
author	yoonsoonjahng <yoonsoon.jahng@yoppworks.com>	2020-09-02 13:06:34 -0400
committer	yoonsoonjahng <yoonsoon.jahng@yoppworks.com>	2020-09-09 21:07:31 -0400
commit	bc47c630d9fdc0e0e75b64a0c3d2311df28cfeaa (patch)
tree	23f97a308af22389a46534dba2328e3d4e52e3e0 /openlab
parent	e291bec2483388ff1b6f2552dd894d7092823a06 (diff)