Add README and move TF under hack dir

openshift · Sep 18, 2018 · 7034500 · 7034500
1 parent 2fff462
commit 7034500
Show file tree

Hide file tree

Showing 12 changed files with 69 additions and 469 deletions.
diff --git a/.gitignore b/.gitignore
@@ -19,5 +19,8 @@
 *.tfstate
 *.tfstate.*
 
+# Terraform plan file
+*.tfplan.*
+
 # Auto-generated manifests
 tfManifests/
diff --git a/hack/aws-provision.sh b/hack/aws-provision.sh
@@ -0,0 +1,18 @@
+#!/usr/bin/env bash
+
+# Your AWS user account
+export TF_VAR_aws_user=$(aws iam get-user | jq --raw-output '.User.UserName')
+
+export TF_VAR_cluster_domain="aos-cloud.eu"
+export TF_VAR_cluster_name=$(whoami)
+export TF_VAR_cluster_namespace="dev-${TF_VAR_cluster_name}"
+
+export TF_IN_AUTOMATION="true"
+
+cd ./prebuild
+echo "***  starting terraform"
+
+terraform init -input=false
+if [ $? == "0" ]; then
+  terraform plan -input=false -out=tfplan.out && terraform apply -input=false -auto-approve tfplan.out
+fi
diff --git a/hack/prebuild/README.md b/hack/prebuild/README.md
@@ -0,0 +1,19 @@
+# Building a dev environment using terraform
+This directory holds the recipes required in order to deploy a working AWS dev environment using [terraform](https://www.terraform.io/downloads.html).
+
+## Deployment Instructions
+1. Download terraform from the link above and place it into your `$PATH`.
+2. The following environment variables need to be set:
+  1. `TF_VAR_aws_user` your AWS username (`aws iam get-user | jq --raw-output '.User.UserName'`)
+  2. `TF_VAR_cluster_domain` The Route53 domain name to be used for the cluster.
+  3. `TF_VAR_cluster_name` (self explanatory...)
+  4. `TF_VAR_cluster_namespace`: the namespace to deploy the cluster components to (suggestion: `dev-${TF_VAR_cluster_name}`)
+
+4. Run terraform:
+```
+> terraform init
+> terraform plan
+> terraform apply
+```
+
+To destroy the environment, simply run `terraform destroy`.
diff --git a/prebuild/main.tf → hack/prebuild/main.tf b/prebuild/main.tf → hack/prebuild/main.tf
@@ -7,7 +7,7 @@ data "aws_region" "current" {}
 
 module "vpc" {
   source          = "terraform-aws-modules/vpc/aws"
-  name            = "${var.vpc_name}"
+  name            = "vpc-${var.cluster_name}"
   cidr            = "${var.vpc_cidr}"
   azs             = "${data.aws_availability_zones.azs.names}"
   public_subnets  = "${var.vpc_public_networks}"
@@ -25,15 +25,16 @@ module "vpc" {
   single_nat_gateway = true
 
   tags = {
-    Owner       = "user"
+    Owner       = "${var.aws_user}"
     Environment = "dev"
   }
 
   vpc_tags = {
-    Name = "${var.vpc_name}"
+    Name = "vpc-${var.cluster_name}"
   }
 }
 
+/*
 # Generate Manifest Dir
 resource "template_dir" "manifests" {
   source_dir      = "${path.module}/resources"
@@ -57,3 +58,5 @@ resource "template_dir" "manifests" {
     ssh_key_name                 = "${var.sshKey}"
   }
 }
+*/
+
diff --git a/prebuild/security_groups.tf → hack/prebuild/security_groups.tf b/prebuild/security_groups.tf → hack/prebuild/security_groups.tf
@@ -18,12 +18,12 @@ resource "aws_security_group_rule" "deault_egress" {
   cidr_blocks = ["0.0.0.0/0"]
 }
 
-resource "aws_security_group_rule" "default_ingress_ssh" {
+resource "aws_security_group_rule" "default_ingress" {
   type              = "ingress"
   security_group_id = "${aws_security_group.cluster_default.id}"
 
-  protocol    = "tcp"
+  from_port   = 0
+  to_port     = 0
+  protocol    = "-1"
   cidr_blocks = ["0.0.0.0/0"]
-  from_port   = 22
-  to_port     = 22
 }
diff --git a/prebuild/variables.tf → hack/prebuild/variables.tf b/prebuild/variables.tf → hack/prebuild/variables.tf
@@ -1,29 +1,18 @@
-variable "sshKey" {
+// Your aws account user name
+variable "aws_user" {
   type = "string"
 }
 
 variable "cluster_domain" {
-  type    = "string"
-}
-
-variable "container_images" {
-  description = "Container images to use"
-  type        = "map"
-
-  default = {
-    aws_machine_controller = "quay.io/kalmog/aws-machine-controller:0.0.1"
-    cluster_apiserver      = "gcr.io/k8s-cluster-api/cluster-apiserver:0.0.6"
-    controller_manager     = "gcr.io/k8s-cluster-api/controller-manager:0.0.7"
-    etcd                   = "k8s.gcr.io/etcd:3.1.12"
-  }
+  type = "string"
 }
 
 variable "cluster_namespace" {
-  type    = "string"
+  type = "string"
 }
 
 variable "cluster_name" {
-  type    = "string"
+  type = "string"
 }
 
 variable "aws_region" {
@@ -36,11 +25,6 @@ variable "vpc_cidr" {
   default = "10.0.0.0/16"
 }
 
-variable "vpc_name" {
-  type    = "string"
-  default = "test"
-}
-
 variable "vpc_public_networks" {
   default = [
     "10.0.101.0/24",
@@ -56,3 +40,17 @@ variable "vpc_private_networks" {
     "10.0.3.0/24",
   ]
 }
+
+// only needed if we want to dynamically generate
+// the manifests
+variable "container_images" {
+  description = "Container images to use"
+  type        = "map"
+
+  default = {
+    aws_machine_controller = "openshift/origin-aws-machine-controllers"
+    cluster_apiserver      = "gcr.io/k8s-cluster-api/cluster-apiserver:0.0.6"
+    controller_manager     = "gcr.io/k8s-cluster-api/controller-manager:0.0.7"
+    etcd                   = "k8s.gcr.io/etcd:3.1.12"
+  }
+}
diff --git a/prebuild/resources/addons.yaml b/prebuild/resources/addons.yaml
diff --git a/prebuild/resources/cluster-api-server.yaml b/prebuild/resources/cluster-api-server.yaml