Prep for tag (#124)

* added sandbox_version to terraform variables to help with tagging and explicit versioning of the installed environment
* tested using existing VPC and existing public subnet
* automatically scp deployed info to head node
* not using, removed requirements.txt

Author: patrick-tripp

DEPLOYMENT.md

@@ -18,6 +18,9 @@ Newer versions are NOT open source for commercial use.
 Download and install the package that matches your desktop computer's architecture.  
 https://releases.hashicorp.com/terraform/1.5.7/  
 
+Terraform Language Documentation
+https://developer.hashicorp.com/terraform/language/v1.5.x
+
 On a Mac you can also install it using brew:
 ```brew install terraform```
 

scripts/reqs.p11

@@ -3,7 +3,7 @@ set -x
 
 echo `date` > ~/setup.log
 
-BRANCH=main
+BRANCH=${sandbox_version}
 
 # RHEL8+
 RUNUSER="ec2-user"
@@ -15,7 +15,6 @@ mkdir -p /mnt/efs/fs1
 sudo yum -y -q install git 
 
 
-
 ## Install EFS utilities
 ########################
 # https://github.com/aws/efs-utils/blob/v2.3.3/README.md

scripts/requirements.txt

@@ -313,7 +313,10 @@ resource "aws_instance" "head_node" {
   key_name             = var.key_name
   iam_instance_profile = aws_iam_instance_profile.cloud_sandbox_iam_instance_profile.name
 
-  user_data            = templatefile("init_template.tpl", { efs_name = aws_efs_file_system.main_efs.dns_name, ami_name = "${var.name_tag}-${random_pet.ami_id.id}", aws_region = var.preferred_region, project = var.project_tag })
+  # The user_data section is executed in the last step of initialization/creation of the instance
+  # the variables in { } will be exported and available to the shell script in init_template.tpl
+
+  user_data  = templatefile("init_template.tpl", { efs_name = aws_efs_file_system.main_efs.dns_name, ami_name = "${var.name_tag}-${random_pet.ami_id.id}", aws_region = var.preferred_region, project = var.project_tag, sandbox_version = var.sandbox_version})
 
   # associate_public_ip_address = true
   network_interface {
@@ -358,21 +361,18 @@ resource "aws_network_interface" "head_node" {
   }
 }
 
+# https://developer.hashicorp.com/terraform/language/v1.5.x/resources/terraform-data
+
+# scp deployment info to head node automatically
+resource "terraform_data" "send_outputs" {
 
-# TODO scp deployment info to head node automatically
-# quick search reply from google AI - fix/check/test for correctness, e.g. fix trigger
-#resource "null_resource" "run_post_apply_script" {
-#  # This 'triggers' block ensures the null_resource is re-evaluated
-#  # if any of the specified values change, effectively re-running the script.
-#  # You can add dependencies on other resources if you want the script
-#  # to run only after those resources are fully provisioned.
-#  triggers = {
-#    always_run = timestamp() # This ensures it runs on every apply
-#  }
-#
-#  provisioner "local-exec" {
-#    command = "${path.module}/scp.terraform.output.sh"
-#  }
-#}
+  triggers_replace = [
+    timestamp() 
+  ]
+  # aws_instance.head_node.id
 
+  provisioner "local-exec" {
+    command = "./scp.terraform.output.sh"
+  }
+}
 

terraform/init_template.tpl

@@ -9,7 +9,15 @@
 # The following variables must be defined, no defaults exist:
 #------------------------------------------------------------
 
-# List of the specific IP's or IP address rangest the are allowed SSH access to the system
+# Specify the cloud sandbox branch or tag to use for the node setup
+# wil default to main if not defined. 
+# Examples:
+# sandbox_version = "main"
+# sandbox_version = "v2.1.0"
+
+sandbox_version = "main"
+
+# List of the specific IP's or IP address ranges that are allowed SSH access to the system
 # They should be in the format ###.###.###.###/32 for a single IP, any number of IPs can be added to the list.
 # Example:  
 allowed_ssh_cidr_list =  ["72.0.162.256/32", "94.256.4.28/32" ]
@@ -19,7 +27,7 @@ allowed_ssh_cidr_list =  ["72.0.162.256/32", "94.256.4.28/32" ]
 
 # Example:
 key_name = "my-sandbox-key"
-public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC2cQ3fq/VNzP1R2+94nGwonW9k20nuQJcCd3g2ylW5clzyjun6eWz2PZKMwtJh7E28B1jp3F8YTP5XBPg+Z++hpvcthL2XtAwANd0ouvZO6gkcrbgjhuM0A4NKJM6RylGAOqqPY/ZE6gOUGrnIbhd9eI3RKhSQbxf5hwS7tIG1FebO9HuObaM23LDB1/Ra/YMTXB5LHPChlfxrEIlM/0//tO7OUfRPNgtudAb/MQZ+YD+6I77QDtTwZwQvebxLK62bP5CrpV4XY5ybWOZ0T3m4pVNfhfl7+QWAvWeStNpH3B3q1ZtPLTuAVvsR4RWk7t75IwpHwiPBcgZn/PTpN45z"
+public_key = "ssh-rsa AAAABbbccd+long-sequence-of-characters+a123abcd+XYX/z910A"
 
 # (Optional VPC) If using an existing VPC use the ID to deploy resources to use that VPC ID, otherwise leave blank
 # vpc_id = "vpc-0dd381e9f82c9ae68e7"

terraform/main.tf

@@ -72,5 +72,5 @@ output "aws_placement_group" {
 */
 output "login_command" {
    description = "SSH Login"
-   value = one(aws_eip.head_node[*]) != null ? "ssh -i ~/.ssh/${var.key_name}.pem ec2-user@${one(aws_eip.head_node[*]).public_dns}" : "ssh -i ~/.ssh/${var.key_name}.pem ec2-user@${aws_instance.head_node.private_dns}"
+   value = aws_instance.head_node.public_ip != null ? "ssh -i ~/.ssh/${var.key_name}.pem ec2-user@${aws_instance.head_node.public_ip}" : "ssh -i ~/.ssh/${var.key_name}.pem ec2-user@${aws_instance.head_node.private_dns}"
 }

terraform/mysettings.tfvars

@@ -8,6 +8,9 @@ terraform output > $outputfile
 key=`cat $outputfile | grep login_command | awk -F= '{print $2}' | awk '{print $3}'`
 login=`cat $outputfile | grep login_command | awk -F= '{print $2}' | awk '{print $4}' | awk -F\" '{print $1}'`
 
+remote_host=`cat deployment.info | grep login_command | awk -F@ '{print $2}' | awk -F\" '{print $1}'`
+ssh-keyscan -H $remote_host >> ~/.ssh/known_hosts
+
 echo "Copying deployment.info to head node"
 echo "++++++++++++++++++++++++++++++++++++"
 echo "scp -i $key -p $outputfile ${login}:~/$outputfile"

terraform/outputs.tf

@@ -127,3 +127,9 @@ variable "ami_id" {
   type        = string
   default     = "unknown value"
 }
+
+variable "sandbox_version" {
+  description = "Specify the Cloud-Sandbox branch/tag to use"
+  type = string
+  default = "main"
+}