Made cloud-init configs an input to libvirt-nodes.

- Organized main.tf
- Still need to add cloud-init as an input parameter for the libvirt
  module.

.gitignore

@@ -11,6 +11,8 @@
 
 # Crash log files
 crash.log
+# Added to original pulled from github/gitignore
+crash*.log
 
 # Exclude all .tfvars files, which are likely to contain sentitive data, such as
 # password, private keys, and other secrets. These should not be part of version

.terraform.lock.hcl

@@ -0,0 +1,57 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/dmacvicar/libvirt" {
+  version = "0.6.11"
+  hashes = [
+    "h1:6QzHY/7aNdaaDxJZKygotWnM5uHoS2gs/03CzUCJX60=",
+    "zh:15300a1c3c294eccade4c8a678412d81602ab041dc0a5aab72fee5425d778e89",
+    "zh:1605806de0d3b86b7e94b5d04a7ad9b6ac695781f9672ab6002c23caef43b98e",
+    "zh:21efc5937d89f9ec96bc626d2ce3621c0919b3da97ab63b4e520c37d3f5c7357",
+    "zh:2c143a6909917fd11191447de4c496f084c7da5200beb9f512791a80a1f33e7c",
+    "zh:3ca369718cc49feefc3a6ffa795a9055e60de33989a9f1c72b6db16048a181fa",
+    "zh:71db1d1cf2c06984bba408ad5dc9b4e25285684ee5c530a61583b202cff21b96",
+    "zh:a67adfc988311d34adcc119500c2ef048a45d632b00bb5a15ea6d3ffdc1c3d1c",
+    "zh:a83448cbcc194e3b52af9b89b9273a116082d83f2c966035bf8a8c5d5606ca9c",
+    "zh:a9c5a818dd2606460d4d6f33af7cb387f3e984d631fc233aaec0dda4e0756c2b",
+    "zh:af3263e66cf9138361d6d7408533edd6de8498e67c88cf0084421ae31fe89054",
+    "zh:b9596cb26c1e391172472de4ada9b3b0a08e4777e41327db8e021454cc6aae20",
+    "zh:e28124b9ee0b8c18b6f776eb6523d8935f3072c47cd803ea2f1a06206effaa48",
+    "zh:edd00638d8c088b8a38e7ab8b9e8ab3bd710f7357d0f6b4a38e0028bd49d8460",
+  ]
+}
+
+provider "registry.terraform.io/hashicorp/aws" {
+  version = "3.64.2"
+  hashes = [
+    "h1:oFsgTmmt/eJ8KLo59PSmYu/irUHJiPnQEey0VqaOOck=",
+    "zh:0b029a2282beabfe410eb2969e18ca773d3473415e442be4dc8ce0eb6d1cd8c5",
+    "zh:3209de3266a1138f1ccb09f094fdd98b6f55afc06e291db0abe092ec5dbe7640",
+    "zh:40648266551631cbc15f8a76e80faf300510e3b38c2544d43fc25e37e6802727",
+    "zh:483c8af92ae70146f2790a70c1a810251e7135aa912b66e769c934eddceebe32",
+    "zh:4d106d8d415d8df342f3f85e58c35418e6c55e3cb7f02897f832cefac4dca68c",
+    "zh:972626a6ddb31d5216606d12ab5c30fbf8d51ed2bbe0efcdd7cffa68c1141557",
+    "zh:a230d55ec52b1695148d40296877ee23e0b302e817154f9b838eb117c87b13fa",
+    "zh:c95fddfbd7f870db949da0601323e866e0f0fb0d4a93e96725ae5b88029e84d5",
+    "zh:ea0c7f568074f835f22273c8e7e61e87f5277e32004c72122915fd3c8df49ccc",
+    "zh:f96d25887e6e2d2ae47659e2c586efea2167995b59a479ae65a02b097da86474",
+    "zh:fe7502d8e52d3b5ccb2b3c178e7ea894344783093aa71ffb20e978914c976182",
+  ]
+}
+
+provider "registry.terraform.io/hashicorp/template" {
+  version = "2.2.0"
+  hashes = [
+    "h1:94qn780bi1qjrbC3uQtjJh3Wkfwd5+tTtJHOb7KTg9w=",
+    "zh:01702196f0a0492ec07917db7aaa595843d8f171dc195f4c988d2ffca2a06386",
+    "zh:09aae3da826ba3d7df69efeb25d146a1de0d03e951d35019a0f80e4f58c89b53",
+    "zh:09ba83c0625b6fe0a954da6fbd0c355ac0b7f07f86c91a2a97849140fea49603",
+    "zh:0e3a6c8e16f17f19010accd0844187d524580d9fdb0731f675ffcf4afba03d16",
+    "zh:45f2c594b6f2f34ea663704cc72048b212fe7d16fb4cfd959365fa997228a776",
+    "zh:77ea3e5a0446784d77114b5e851c970a3dde1e08fa6de38210b8385d7605d451",
+    "zh:8a154388f3708e3df5a69122a23bdfaf760a523788a5081976b3d5616f7d30ae",
+    "zh:992843002f2db5a11e626b3fc23dc0c87ad3729b3b3cff08e32ffb3df97edbde",
+    "zh:ad906f4cebd3ec5e43d5cd6dc8f4c5c9cc3b33d2243c89c5fc18f97f7277b51d",
+    "zh:c979425ddb256511137ecd093e23283234da0154b7fa8b21c2687182d9aea8b2",
+  ]
+}

example.tfvars

@@ -0,0 +1,34 @@
+# A CIDR block ending in '/32' equates to a single IP address, '0.0.0.0/0'
+# equates to any ip address.
+admin-ips = [ "8.8.8.8/32", "0.0.0.0/0" ]
+
+disk-image-dir = "/path/to/disk/pool/"
+libvirt-connection-url = "qemu+ssh://<user>@<host>/system"
+
+master-nodes = 1
+worker-nodes = 2
+
+node-memory = 2048
+node-vcpus = 2
+
+# 1 GiB, 1 vcpu, only one that is free.
+# This one won't work with k8s because it requires at least 2 vcpus.
+aws-ec2-instance-type = "t2.micro"
+
+# 4 GiB, 2 vcpus
+# aws-ec2-instnce-type = "t2.medium"
+
+# AWS Amazon Linux 2 AMI (HVM), SSD Volume Type - Oregon - 2021.11.11 - free
+# base-image = "ami-00be885d550dcee43"
+# AWS Amazon Linux 2 AMI (HVM), SSD Volume Type - us-east-2 - 2021.11.12 - free
+base-image = "ami-0dd0ccab7e2801812"
+# base-image = "https://cloud-images.ubuntu.com/releases/focal/release/ubuntu-20.04-server-cloudimg-amd64-disk-kvm.img"
+# From https://cloud.centos.org/centos/7/images/ from	2020-11-12 06:52
+# base-image = "https://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud-2009.qcow2"
+
+# Password hash created with:
+# python3 -c 'import crypt; print(crypt.crypt("linux", crypt.mksalt(crypt.METHOD_SHA512)))'
+# where "linux" is the password.
+root-admin-passwd = "$6$fiLRWvGQkdK.MnZA$Co9NkA5ruuBUA389JzmKJiC8gKRohmyM09AFnVBOD7ErZnxK4RHMUlKvYg1HSgwaCXTl7H/q1svoeQeUfgc6f0"
+
+root-admin-pub-key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDfDcjMFmWd6qy9KIlnIHNbEfeNLHC885UUH3jGwESmMTpFfPUn01t9hq5GGaFDrBR55VgdKebAv2JSVl209+r3tE5XxUX5/s2Pu3o2283PiZhA+D18skL7fzaolygOY8mxi9CZSDFia//lLbqT/OE45VGahVBRtda4gmjrade0XRKqjJUCkIo6huG9Ub6yP4gFtFU/C1rRvQo0hqT/imsMYU0Q5XzrKVWv3CpzA7EIQq8llU0fRGMuXWYYOXznPeqqf5BTbWhMWUXVS0o7Cz+zvbxwq1dOR1qHbJ8Vrkt30Cz5QEd159dIM3LHCtOHnveeOpkFo0RqkhQdpZM+2cKzESvivGNGP9h+PrSjcveADxVwDHcxguumUyM012M3yR8cK9KY+GqW5jPdAs13yXGTG4OWiQKeKEgX910l/FndhQi0tSpSEhIlfcEpa3k3P8RrhKJbwiRgR7Qvus4R/KU+lx4OiOr4RKyPQJobC0i0/bvqkw+UHWp4U0Hqivjsb6k= admin"

main.tf

@@ -8,42 +8,133 @@ terraform {
   }
 }
 
-provider "libvirt" {
-  uri = var.libvirt-connection-url
+################################################################################
+# cloud-init
+################################################################################
+
+data "template_file" "master-node-user-datas" {
+  template = file("${path.module}/cloud_init.cfg")
+  vars = {
+    admin-passwd  = "${var.root-admin-passwd}"
+    admin-pub-key = "${var.root-admin-pub-key}"
+    hostname      = "${var.vm-name-prefix}-master-${count.index}"
+  }
+  count = var.master-nodes
+}
+
+data "template_file" "worker-node-user-datas" {
+  template = file("${path.module}/cloud_init.cfg")
+  vars = {
+    admin-passwd  = "${var.root-admin-passwd}"
+    admin-pub-key = "${var.root-admin-pub-key}"
+    hostname      = "${var.vm-name-prefix}-worker-${count.index}"
+  }
+  count = var.worker-nodes
+}
+
+################################################################################
+# aws
+# To use the aws module, uncomment the aws modules/resources and comment out the
+# libvirt modules/resources.
+################################################################################
+
+provider "aws" {
+  region = "us-east-2"
+}
+
+module "aws-network" {
+  source = "./modules/aws-network"
+  name-prefix = var.vm-name-prefix
+  vpc-cidr-block = var.aws-vpc-cidr-block
+  subnet-cidr-block = var.aws-subnet-cidr-block
+  admin-ips = var.admin-ips
+}
+
+# This key pair is not actually used. Keys are added to the nodes via cloud-init
+# instead. We just add this here that this key will show up in the AWS console."
+resource "aws_key_pair" "key" {
+  key_name   = "${var.vm-name-prefix}-key}"
+  public_key = var.root-admin-pub-key
+  tags = {
+    Name = "${var.vm-name-prefix}-key"
+  }
 }
 
 module "master-nodes" {
-  source = "./modules/node"
-  pool-name = libvirt_pool.images.name
-  name-prefix = "${var.vm-name-prefix}-master"
-  num-nodes = var.master-nodes
-  node-memory = var.node-memory
-  node-vcpus = var.node-vcpus
-  base-image = var.ubuntu-image
-  root-admin-passwd = var.root-admin-passwd
-  root-admin-pub-key = var.root-admin-pub-key
-  libvirt-connection-url = var.libvirt-connection-url
+  source             = "./modules/aws-nodes"
+  ami                = var.base-image
+  ec2-instance-type  = var.aws-ec2-instance-type
+  subnet-id          = module.aws-network.subnet.id
+  security-group-ids = [module.aws-network.default-security-group.id]
+  user-datas         = data.template_file.master-node-user-datas
+  num-nodes          = var.master-nodes
+  name-prefix        = "${var.vm-name-prefix}-master"
 }
 
 module "worker-nodes" {
-  source = "./modules/node"
-  pool-name = libvirt_pool.images.name
-  name-prefix = "${var.vm-name-prefix}-worker"
-  num-nodes = var.worker-nodes
-  node-memory = var.node-memory
-  node-vcpus = var.node-vcpus
-  base-image = var.ubuntu-image
-  root-admin-passwd = var.root-admin-passwd
-  root-admin-pub-key = var.root-admin-pub-key
-  libvirt-connection-url = var.libvirt-connection-url
+  source             = "./modules/aws-nodes"
+  ami                = var.base-image
+  ec2-instance-type  = var.aws-ec2-instance-type
+  subnet-id          = module.aws-network.subnet.id
+  security-group-ids = [module.aws-network.default-security-group.id]
+  user-datas         = data.template_file.worker-node-user-datas
+  num-nodes          = var.worker-nodes
+  name-prefix        = "${var.vm-name-prefix}-worker"
 }
 
-resource "libvirt_pool" "images" {
-  name = var.disk-image-pool-name
-  type = "dir"
-  path = var.disk-image-dir
-}
+################################################################################
+# end aws
+################################################################################
+
+################################################################################
+# libvirt
+# To use the libvirt module, uncomment the libvirt modules/resources and comment
+# out the aws modules/resources.
+################################################################################
+
+# provider "libvirt" {
+#   uri = var.libvirt-connection-url
+# }
+# 
+# module "master-nodes" {
+#   source                 = "./modules/libvirt-nodes"
+#   pool-name              = libvirt_pool.images.name
+#   name-prefix            = "${var.vm-name-prefix}-master"
+#   num-nodes              = var.master-nodes
+#   node-memory            = var.node-memory
+#   node-vcpus             = var.node-vcpus
+#   base-image             = var.base-image
+#   root-admin-passwd      = var.root-admin-passwd
+#   root-admin-pub-key     = var.root-admin-pub-key
+#   libvirt-connection-url = var.libvirt-connection-url
+#   user-datas             = data.template_file.master-node-user-datas
+# }
+# 
+# module "worker-nodes" {
+#   source                 = "./modules/libvirt-nodes"
+#   pool-name              = libvirt_pool.images.name
+#   name-prefix            = "${var.vm-name-prefix}-worker"
+#   num-nodes              = var.worker-nodes
+#   node-memory            = var.node-memory
+#   node-vcpus             = var.node-vcpus
+#   base-image             = var.base-image
+#   root-admin-passwd      = var.root-admin-passwd
+#   root-admin-pub-key     = var.root-admin-pub-key
+#   libvirt-connection-url = var.libvirt-connection-url
+#   user-datas             = data.template_file.worker-node-user-datas
+# }
+# 
+# resource "libvirt_pool" "images" {
+#   name = var.disk-image-pool-name
+#   type = "dir"
+#   path = var.disk-image-dir
+# }
+
+################################################################################
+# end libvirt
+################################################################################
 
+# TODO REM move to other file?
 output "master-ips" {
   value = module.master-nodes.ips
 }

modules/aws-network/main.tf

@@ -0,0 +1,67 @@
+resource "aws_vpc" "vpc" {
+  cidr_block = var.vpc-cidr-block
+  tags = {
+      Name = "${var.name-prefix}-vpc"
+  }
+}
+
+resource "aws_subnet" "subnet" {
+  vpc_id = aws_vpc.vpc.id
+  cidr_block = var.subnet-cidr-block
+  # availability_zone = var.avail_zone
+  tags = {
+      Name = "${var.name-prefix}-subnet"
+  }
+}
+
+resource "aws_default_security_group" "sg" {
+  vpc_id = aws_vpc.vpc.id
+
+  ingress {
+    from_port   = 22
+    to_port     = 22
+    protocol    = "tcp"
+    cidr_blocks = var.admin-ips
+  }
+
+  egress {
+    from_port       = 0
+    to_port         = 0
+    protocol        = "-1"
+    cidr_blocks     = ["0.0.0.0/0"]
+    prefix_list_ids = []
+  }
+
+  tags = {
+    Name = "${var.name-prefix}-ssh-from-admins--sg"
+  }
+}
+
+resource "aws_internet_gateway" "igw" {
+	vpc_id = aws_vpc.vpc.id
+  tags = {
+    Name = "${var.name-prefix}-igw"
+  }
+}
+
+resource "aws_default_route_table" "route-table" {
+   default_route_table_id = aws_vpc.vpc.main_route_table_id
+
+   route {
+     cidr_block = "0.0.0.0/0"
+     gateway_id = aws_internet_gateway.igw.id
+   }
+
+   # default route, mapping VPC CIDR block to "local", created implicitly and
+   # cannot be specified.
+
+   tags = {
+     Name = "${var.name-prefix}-route-table"
+   }
+}
+
+# Associate subnet with Route Table
+resource "aws_route_table_association" "a-rtb-subnet" {
+  subnet_id      = aws_subnet.subnet.id
+  route_table_id = aws_default_route_table.route-table.id
+}

modules/aws-network/outputs.tf

@@ -0,0 +1,11 @@
+output "vpc" {
+  value = aws_vpc.vpc
+}
+
+output "subnet" {
+  value = aws_subnet.subnet
+}
+
+output "default-security-group" {
+  value = aws_default_security_group.sg
+}

modules/aws-network/variables.tf

@@ -0,0 +1,23 @@
+variable "admin-ips" {
+  description = "A list of ips or cidr blocks that are allowed to connect to the nodes."
+  type = list(string)
+}
+
+variable "name-prefix" {
+  default = "tf"
+  description = "This prefix will be used in all the names of the resources creates in our AWS network."
+  type = string
+}
+
+variable "subnet-cidr-block" {
+  default = "10.0.1.0/24"
+  description = "The address space to be used for this subnet."
+  type = string
+}
+
+variable "vpc-cidr-block" {
+  default = "10.0.0.0/16"
+  description = "The address space to be used for out networks VPC."
+  type = string
+}
+

modules/libvirt-nodes/main.tf

@@ -20,31 +20,21 @@ resource "libvirt_volume" "node-images" {
   format = "qcow2"
 }
 
-data "template_file" "node-user-datas" {
-  template = file("${path.module}/cloud_init.cfg")
-  vars = {
-    admin-passwd  = "${var.root-admin-passwd}"
-    admin-pub-key = "${var.root-admin-pub-key}"
-    hostname      = "${var.name-prefix}-${count.index}"
-  }
-  count = var.num-nodes
-}
-
 data "template_file" "network-config" {
   template = file("${path.module}/network_config.cfg")
 }
 
 resource "libvirt_cloudinit_disk" "node-inits" {
   name           = "${var.name-prefix}-${count.index}-init"
-  user_data      = element(data.template_file.node-user-datas.*.rendered, count.index)
+  user_data      = element(var.user-datas.*.rendered, count.index)
   network_config = data.template_file.network-config.rendered
   pool           = var.pool-name
   count          = var.num-nodes
 }
 
 resource "libvirt_domain" "nodes" {
-  count = var.num-nodes
-  name  = "${var.name-prefix}-${count.index}"
+  count  = var.num-nodes
+  name   = "${var.name-prefix}-${count.index}"
   memory = var.node-memory
   vcpu   = var.node-vcpus
 

modules/libvirt-nodes/variables.tf

@@ -24,6 +24,10 @@ variable "node-vcpus" {
   type        = number
 }
 
+variable "user-datas" {
+  description = "A list of cloud-init configs that get applied to their corresponding node."
+}
+
 variable "num-nodes" {
   description = "The number of nodes to create with this config."
 }

variables.tf

@@ -1,3 +1,22 @@
+variable "admin-ips" {
+  description = "A list of ips or cidr blocks that are allowed to connect to the nodes."
+  type = list(string)
+}
+
+variable "aws-ec2-instance-type" {
+  default = "t2.micro"
+  description = "The AWS instance type to use for all nodes."
+}
+
+variable "aws-subnet-cidr-block" {
+  default = "10.0.1.0/24"
+  description = "The address space to be used for this subnet."
+}
+
+variable "aws-vpc-cidr-block" {
+  default = "10.0.0.0/16"
+  description = "The address space to be used for the VPC that all the AWS nodes will be in."
+}
 
 variable "disk-image-dir" {
   description = "This is the location on the KVM hypervisor host where all the disk images will be kept."
@@ -44,7 +63,7 @@ variable "worker-nodes" {
   type        = number
 }
 
-variable "ubuntu-image" {
+variable "base-image" {
   default = "https://cloud-images.ubuntu.com/releases/focal/release/ubuntu-20.04-server-cloudimg-amd64-disk-kvm.img"
 }