From 0a72160f13eed5047adff904d815af13e75070c5 Mon Sep 17 00:00:00 2001 From: Alexandre Peixoto Ferreira Date: Wed, 30 Aug 2023 08:43:40 -0500 Subject: [PATCH] Split terraform script so helm charts are installed separatel. Signed-off-by: Alexandre Peixoto Ferreira --- terraform/README.md | 14 +++++++++++--- terraform/k3s/main.tf | 37 +++++++++++++++++++++++++------------ terraform/smarter-main.tf | 3 ++- 3 files changed, 38 insertions(+), 16 deletions(-) diff --git a/terraform/README.md b/terraform/README.md index 4d5c0d7..b4a6058 100644 --- a/terraform/README.md +++ b/terraform/README.md @@ -1,10 +1,14 @@ # Terraform script to install smarter on AWS EC2 -This script installs SMARTER example using helm charts into one AWS EC2 instance. +This script installs SMARTER example into one AWS EC2 instance. This figure shows the components of the application and where they reside. ![SMARTER](SMARTER_example.png) +Terraform script allocates an AWS EC2 instance with Ubuntu and installs a k3s cluster ond helm on the instance. A shell script is created on home directory of the EC2 instance that is capable of installing all cloud components of SMARTER. This separation allows the user to have more control of how the system is deployed. + +## AWS authentication and deployment configuration + It assumes that the environment variables AWS\_ACCESS\_KEY\_ID, AWS\_SECRET\_ACCESS\_KEY and AWS\_SESSION\_TOKEN are set correctly so Terraform can access AWS. Set the following variables to correct values: region (provider "aws"): AWS region to allocate an EC2 instance on. @@ -41,12 +45,13 @@ terraform apply -var "letsencrypt_email=" ## Checking status of installation -Please observe that the full installation of k3s, helm charts in the EC2 instance can take up to 15min (expected around 10min) with various parts of the system being available at different times. If it is desired to follow the installation the command below will print the current log and follow it +Please observe that the full installation of k3s, helm charts in the EC2 instance can take up to 8min (expected around 7min) with various parts of the system being available at different times. If it is desired to follow the installation the command below will print the current log and follow it ```bash ssh -i ssh/-prod-k3s.pem ubuntu@ "tail -f /var/log/cloud-init-output.log" ``` + ## Outputs Terraform will output the name of EC2 instance allocated and password/ID generated by Terraform. @@ -60,7 +65,10 @@ ssh -i ssh/-prod-k3s.pem ubuntu@ ``` K3s cloud access on the instance (running the cloud containers) can be achieved by setting KUBECONFIG to /etc/rancher/k3s/k3s.yaml. It should be already be set for the ubuntu user at the end of the installation. -K3s edge, that manages the edge devices and applications running on them, can be accessed by setting KUBECONFIG as $(pwd)/k3s.yaml.\, that also will be available at the end of the installation. + +A script called install-smarter.sh is created at home directory that will install helm charts for cloud components in the existing k3s cluster. + +After running install-smarter.sh script, K3s edge that manages the edge devices and applications running on them, can be accessed by setting KUBECONFIG as $(pwd)/k3s.yaml.\. Helm was used to install charts and can be used to manage them by setting the correct KUBECONFIG. diff --git a/terraform/k3s/main.tf b/terraform/k3s/main.tf index 05d898d..cad89c0 100644 --- a/terraform/k3s/main.tf +++ b/terraform/k3s/main.tf @@ -68,32 +68,45 @@ until [ -f /etc/rancher/k3s/k3s.yaml ] do sleep 5 done -echo "----- Adding smarter-cloud to k3s" -sudo su - ubuntu bash -c "helm repo add smarter https://smarter-project.github.io/documentation;helm install my-smartercloud smarter/smarter-cloud --set email=${var.letsencrypt_email} --set host=grafana --set domain=$PUBLIC_HOSTNAME.sslip.io --set prometheus.grafana.adminPassword=${random_string.k3s_edge_id.result} --wait" -echo "----- Checking if TLS certificate was generated" -until [ ! -z "$(kubectl get secret/my-smartercloud-grafana-tls 2>/dev/null)" ] +echo "----- Creating demo script to install smarter-cloud and smarter-edge" +cat << INTERNALEOF > /home/ubuntu/install-smarter.sh +#!/bin/bash +echo "----- Install smarter repository locally" +helm repo add smarter https://smarter-project.github.io/documentation +echo "----- Install smarter-cloud from smarter repository (this installs grafana, influxdb, fluentbit and other pieces)" +helm install my-smartercloud smarter/smarter-cloud --set email=${var.letsencrypt_email} --set host=grafana --set domain=$PUBLIC_HOSTNAME.sslip.io --set prometheus.grafana.adminPassword=${random_string.k3s_edge_id.result} --wait +echo "----- Check if TLS certificate was generated" +until [ ! -z "\$(kubectl get secret/my-smartercloud-grafana-tls 2>/dev/null)" ] do echo "Certificate not generated yet, wait 5 seconds and test again" sleep 5 done -echo "----- Adding smarter-edge to k3s" -#sudo su - ubuntu bash -c "helm install my-smartercloud-edge smarter/smarter-k3s-edge --set configuration.externalHostIP=$ADVERTISE_IP --set configuration.hostIP=$LOCAL_IP --set configuration.port=6444 --set configuration.portHTTP=80 --set configuration.id='${random_string.k3s_edge_id.result}' --set configuration.smarter_demo_labels=true --set configuration.host=grafana --set configuration.domain=$PUBLIC_HOSTNAME.sslip.io --set configuration.traefik=true --set configuration.certificateID=my-smartercloud-grafana-tls --set configuration.wwwpath=/k3s/ --wait" -sudo su - ubuntu bash -c "helm install my-smartercloud-edge smarter/smarter-k3s-edge --set configuration.externalHostIP=$ADVERTISE_IP --set configuration.hostIP=$LOCAL_IP --set configuration.port=6444 --set configuration.portHTTP=80 --set configuration.id='${random_string.k3s_edge_id.result}' --set configuration.smarter_demo_labels=true --set configuration.host=k3s --set configuration.domain=$PUBLIC_HOSTNAME.sslip.io --set configuration.traefik=true --set configuration.wwwpath=/ --wait" +echo "----- TLS certificate was generated" +echo "----- Install smarter-k3s-edge from smarter repository (this install a k3s server instance to manage edge nodes)" +helm install my-smartercloud-edge smarter/smarter-k3s-edge --set configuration.externalHostIP=$ADVERTISE_IP --set configuration.hostIP=$LOCAL_IP --set configuration.port=6444 --set configuration.portHTTP=80 --set configuration.id='${random_string.k3s_edge_id.result}' --set configuration.smarter_demo_labels=true --set configuration.host=k3s --set configuration.domain=$PUBLIC_HOSTNAME.sslip.io --set configuration.traefik=true --set configuration.wwwpath=/ --wait echo "----- Waiting for k3s.yaml from k3s-edge" until [ -f /home/ubuntu/k3s.yaml.${random_string.k3s_edge_id.result} ] do - #sudo su - ubuntu bash -c "wget --no-check-certificate https://grafana.$PUBLIC_HOSTNAME.sslip.io/k3s/k3s.yaml.${random_string.k3s_edge_id.result}" - sudo su - ubuntu bash -c "wget --no-check-certificate https://k3s.$PUBLIC_HOSTNAME.sslip.io/k3s.yaml.${random_string.k3s_edge_id.result}" - if [ -z "$(grep 'kind: Config' /home/ubuntu/k3s.yaml.${random_string.k3s_edge_id.result})" ] + wget --no-check-certificate https://k3s.$PUBLIC_HOSTNAME.sslip.io/k3s.yaml.${random_string.k3s_edge_id.result} + if [ -z "\$(grep 'kind: Config' /home/ubuntu/k3s.yaml.${random_string.k3s_edge_id.result})" ] then echo "Received a file but it is not a k3s.yaml file, removing" rm /home/ubuntu/k3s.yaml.${random_string.k3s_edge_id.result} fi sleep 5 done -echo "----- Adding smarter-edge to k3s-edge" -sudo su - ubuntu bash -c "export KUBECONFIG=/home/ubuntu/k3s.yaml.${random_string.k3s_edge_id.result};helm install --create-namespace --namespace smarter my-smartercloud-edge smarter/smarter-edge --wait;helm install --create-namespace --namespace smarter --set global.domain=$(curl http://169.254.169.254/latest/meta-data/public-hostname | cut -d '.' -f 2-) --set smarter-fluent-bit.fluentd.host=$(curl http://169.254.169.254/latest/meta-data/public-hostname | cut -d '.' -f 1) my-smartercloud-demo smarter/smarter-demo --wait" +echo "***** Now we have a k3s cluster at the cloud and a edge k3s server running inside that k3s cluster" +echo "----- Install smarter-edge at edge k3s server (this installs CNI, DNS and smarter-device-manager)" +export KUBECONFIG=/home/ubuntu/k3s.yaml.${random_string.k3s_edge_id.result} +helm install --create-namespace --namespace smarter my-smartercloud-edge smarter/smarter-edge --wait +echo "----- Install smarter-edge at edge k3s server" +helm install --create-namespace --namespace smarter --set global.domain=\$(curl http://169.254.169.254/latest/meta-data/public-hostname | cut -d '.' -f 2-) --set smarter-fluent-bit.fluentd.host=\$(curl http://169.254.169.254/latest/meta-data/public-hostname | cut -d '.' -f 1) my-smartercloud-demo smarter/smarter-demo --wait +echo "----- Finished installing, now add edge nodes" +INTERNALEOF +chmod u+x /home/ubuntu/install-smarter.sh +chown ubuntu:ubuntu /home/ubuntu/install-smarter.sh echo "----- Finished installing" +echo "Installation finished" > /etc/smarter.OK EOF content_type = "text/x-shellscript" } diff --git a/terraform/smarter-main.tf b/terraform/smarter-main.tf index bbcbde6..202e8d8 100644 --- a/terraform/smarter-main.tf +++ b/terraform/smarter-main.tf @@ -111,7 +111,8 @@ module "k3s" { resource "null_resource" "k3s-wait" { provisioner "local-exec" { - command = "until [ ! -z \"$(wget https://${format("k3s.%s.sslip.io",substr(split(".",module.k3s.instance.public_dns)[0],4,-1))}/k3s-start.sh.${module.k3s.k3s_edge.result} -O - 2>/dev/null)\" ];do sleep 5;done" + #command = "until [ ! -z \"$(wget https://${format("k3s.%s.sslip.io",substr(split(".",module.k3s.instance.public_dns)[0],4,-1))}/k3s-start.sh.${module.k3s.k3s_edge.result} -O - 2>/dev/null)\" ];do sleep 5;done" + command = "while true;do ssh -F none -o \"StrictHostKeyChecking no\" -o \"UserKnownHostsFile /dev/null\" -i ${format("%s ubuntu@%s",module.ssh_key_pair.private_key_filename,module.k3s.instance.public_dns)} \"while true;do if [ -e /etc/smarter.OK ];then exit 0;fi;sleep 0;done\";if [ $? -eq 0 ];then exit 0;fi;sleep 5;done" } }