2020-08-20 11:53:27 +00:00
|
|
|
# Configure the Packet Provider.
|
2020-09-10 14:37:32 +00:00
|
|
|
terraform {
|
|
|
|
required_providers {
|
2021-02-04 19:49:28 +00:00
|
|
|
metal = {
|
|
|
|
source = "equinix/metal"
|
|
|
|
version = "1.0.0"
|
2020-09-10 14:37:32 +00:00
|
|
|
}
|
|
|
|
null = {
|
2021-01-12 06:58:06 +00:00
|
|
|
source = "hashicorp/null"
|
2021-01-12 06:40:17 +00:00
|
|
|
version = "~> 2.1.2"
|
|
|
|
}
|
|
|
|
template = {
|
2021-01-12 06:58:06 +00:00
|
|
|
source = "hashicorp/template"
|
2021-01-12 06:40:17 +00:00
|
|
|
version = "~> 2.1.2"
|
2020-09-10 14:37:32 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-02-04 19:49:28 +00:00
|
|
|
provider "metal" {
|
|
|
|
auth_token = var.metal_api_token
|
2020-08-20 11:53:27 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
# Create a new VLAN in datacenter "ewr1"
|
2021-02-04 19:49:28 +00:00
|
|
|
resource "metal_vlan" "provisioning_vlan" {
|
2020-09-10 14:37:32 +00:00
|
|
|
description = "provisioning_vlan"
|
2020-08-20 11:53:27 +00:00
|
|
|
facility = var.facility
|
|
|
|
project_id = var.project_id
|
|
|
|
}
|
|
|
|
|
|
|
|
# Create a device and add it to tf_project_1
|
2021-02-04 19:49:28 +00:00
|
|
|
resource "metal_device" "tink_provisioner" {
|
2020-08-20 11:53:27 +00:00
|
|
|
hostname = "tink-provisioner"
|
|
|
|
plan = var.device_type
|
|
|
|
facilities = [var.facility]
|
|
|
|
operating_system = "ubuntu_18_04"
|
|
|
|
billing_cycle = "hourly"
|
|
|
|
project_id = var.project_id
|
2020-09-10 14:37:32 +00:00
|
|
|
user_data = file("install_package.sh")
|
|
|
|
}
|
|
|
|
|
|
|
|
resource "null_resource" "tink_directory" {
|
|
|
|
connection {
|
|
|
|
type = "ssh"
|
|
|
|
user = var.ssh_user
|
2021-02-04 19:49:28 +00:00
|
|
|
host = metal_device.tink_provisioner.network[0].address
|
2020-09-10 14:37:32 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
provisioner "remote-exec" {
|
|
|
|
inline = [
|
|
|
|
"mkdir -p /root/tink/deploy"
|
|
|
|
]
|
|
|
|
}
|
|
|
|
|
|
|
|
provisioner "file" {
|
|
|
|
source = "../../setup.sh"
|
|
|
|
destination = "/root/tink/setup.sh"
|
|
|
|
}
|
|
|
|
|
|
|
|
provisioner "file" {
|
|
|
|
source = "../../generate-envrc.sh"
|
|
|
|
destination = "/root/tink/generate-envrc.sh"
|
|
|
|
}
|
|
|
|
|
2021-03-03 18:18:02 +00:00
|
|
|
provisioner "file" {
|
|
|
|
source = "../../current_versions.sh"
|
|
|
|
destination = "/root/tink/current_versions.sh"
|
|
|
|
}
|
|
|
|
|
2020-09-10 14:37:32 +00:00
|
|
|
provisioner "file" {
|
|
|
|
source = "../../deploy"
|
|
|
|
destination = "/root/tink"
|
|
|
|
}
|
|
|
|
|
2021-01-22 08:35:16 +00:00
|
|
|
provisioner "remote-exec" {
|
|
|
|
inline = [
|
|
|
|
"iptables -A FORWARD -i eth1 -o bond0 -j ACCEPT",
|
|
|
|
"iptables -A FORWARD -i bond0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT",
|
|
|
|
"iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE",
|
|
|
|
]
|
|
|
|
}
|
|
|
|
|
2020-09-10 14:37:32 +00:00
|
|
|
provisioner "remote-exec" {
|
|
|
|
inline = [
|
|
|
|
"chmod +x /root/tink/*.sh /root/tink/deploy/tls/*.sh"
|
|
|
|
]
|
|
|
|
}
|
2020-08-20 11:53:27 +00:00
|
|
|
}
|
|
|
|
|
2021-02-04 19:49:28 +00:00
|
|
|
resource "metal_device_network_type" "tink_provisioner_network_type" {
|
|
|
|
device_id = metal_device.tink_provisioner.id
|
2020-09-10 14:37:32 +00:00
|
|
|
type = "hybrid"
|
2020-08-20 11:53:27 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
# Create a device and add it to tf_project_1
|
2021-02-04 19:49:28 +00:00
|
|
|
resource "metal_device" "tink_worker" {
|
2020-09-10 14:37:32 +00:00
|
|
|
count = var.worker_count
|
|
|
|
|
|
|
|
hostname = "tink-worker-${count.index}"
|
2020-08-20 11:53:27 +00:00
|
|
|
plan = var.device_type
|
|
|
|
facilities = [var.facility]
|
|
|
|
operating_system = "custom_ipxe"
|
|
|
|
ipxe_script_url = "https://boot.netboot.xyz"
|
|
|
|
always_pxe = "true"
|
|
|
|
billing_cycle = "hourly"
|
|
|
|
project_id = var.project_id
|
2020-09-10 14:37:32 +00:00
|
|
|
}
|
|
|
|
|
2021-02-04 19:49:28 +00:00
|
|
|
resource "metal_device_network_type" "tink_worker_network_type" {
|
2020-09-10 14:37:32 +00:00
|
|
|
count = var.worker_count
|
|
|
|
|
2021-02-04 19:49:28 +00:00
|
|
|
device_id = metal_device.tink_worker[count.index].id
|
2020-09-10 14:37:32 +00:00
|
|
|
type = "layer2-individual"
|
2020-08-20 11:53:27 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
# Attach VLAN to provisioner
|
2021-02-04 19:49:28 +00:00
|
|
|
resource "metal_port_vlan_attachment" "provisioner" {
|
|
|
|
depends_on = [metal_device_network_type.tink_provisioner_network_type]
|
|
|
|
device_id = metal_device.tink_provisioner.id
|
2020-09-10 14:37:32 +00:00
|
|
|
port_name = "eth1"
|
2021-02-04 19:49:28 +00:00
|
|
|
vlan_vnid = metal_vlan.provisioning_vlan.vxlan
|
2020-08-20 11:53:27 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
# Attach VLAN to worker
|
2021-02-04 19:49:28 +00:00
|
|
|
resource "metal_port_vlan_attachment" "worker" {
|
2020-09-10 14:37:32 +00:00
|
|
|
count = var.worker_count
|
2021-02-04 19:49:28 +00:00
|
|
|
depends_on = [metal_device_network_type.tink_worker_network_type]
|
2020-09-10 14:37:32 +00:00
|
|
|
|
2021-02-04 19:49:28 +00:00
|
|
|
device_id = metal_device.tink_worker[count.index].id
|
2020-08-20 11:53:27 +00:00
|
|
|
port_name = "eth0"
|
2021-02-04 19:49:28 +00:00
|
|
|
vlan_vnid = metal_vlan.provisioning_vlan.vxlan
|
2020-08-20 11:53:27 +00:00
|
|
|
}
|
|
|
|
|
2020-09-10 14:37:32 +00:00
|
|
|
data "template_file" "worker_hardware_data" {
|
|
|
|
count = var.worker_count
|
|
|
|
template = file("${path.module}/hardware_data.tpl")
|
|
|
|
vars = {
|
2021-02-04 19:49:28 +00:00
|
|
|
id = metal_device.tink_worker[count.index].id
|
|
|
|
facility_code = metal_device.tink_worker[count.index].deployed_facility
|
|
|
|
plan_slug = metal_device.tink_worker[count.index].plan
|
2020-09-10 14:37:32 +00:00
|
|
|
address = "192.168.1.${count.index + 5}"
|
2021-02-04 19:49:28 +00:00
|
|
|
mac = metal_device.tink_worker[count.index].ports[1].mac
|
2020-09-10 14:37:32 +00:00
|
|
|
}
|
2020-08-20 11:53:27 +00:00
|
|
|
}
|
|
|
|
|
2020-09-10 14:37:32 +00:00
|
|
|
resource "null_resource" "hardware_data" {
|
|
|
|
count = var.worker_count
|
|
|
|
depends_on = [null_resource.tink_directory]
|
|
|
|
|
|
|
|
connection {
|
|
|
|
type = "ssh"
|
|
|
|
user = var.ssh_user
|
2021-02-04 19:49:28 +00:00
|
|
|
host = metal_device.tink_provisioner.network[0].address
|
2020-09-10 14:37:32 +00:00
|
|
|
}
|
2020-08-20 11:53:27 +00:00
|
|
|
|
2020-09-10 14:37:32 +00:00
|
|
|
provisioner "file" {
|
|
|
|
content = data.template_file.worker_hardware_data[count.index].rendered
|
|
|
|
destination = "/root/tink/deploy/hardware-data-${count.index}.json"
|
|
|
|
}
|
2020-08-20 11:53:27 +00:00
|
|
|
}
|