Add bastion VM as part of multi-nodes deployment

We previously considered the OpenStack worker from Eve as the bastion from which to orchestrate multi-nodes deployments in the CI. However, since we cannot attach this worker to the private networks it deployed, we introduce another VM, which we call "bastion", that will assume (in the long-term) the responsibility of installing and testing the product. Issue: GH-889
scality · Apr 11, 2019 · 8b8ac42 · 8b8ac42
1 parent cd22238
commit 8b8ac42
Showing 1 changed file with 40 additions and 0 deletions.
diff --git a/eve/workers/openstack-multiple-nodes/terraform/nodes.tf b/eve/workers/openstack-multiple-nodes/terraform/nodes.tf
@@ -1,3 +1,41 @@
+resource "openstack_compute_instance_v2" "bastion" {
+  name        = "${local.prefix}-bastion"
+  image_name  = "${var.openstack_image_name}"
+  flavor_name = "${var.openstack_flavour_name}"
+  key_pair    = "${openstack_compute_keypair_v2.local_ssh_key.name}"
+
+  security_groups = [
+    "${openstack_networking_secgroup_v2.nodes.name}",
+    "${openstack_networking_secgroup_v2.nodes_internal.name}"
+  ]
+
+  network = [
+    "${var.openstack_network}",
+    "${local.control_plane_network}",
+    "${local.workload_plane_network}",
+  ]
+
+    # We need the subnets to be created before attempting to reach the DHCP server
+  depends_on = [
+    "openstack_networking_subnet_v2.control_plane_subnet",
+    "openstack_networking_subnet_v2.workload_plane_subnet",
+  ]
+
+  connection {
+    user        = "centos"
+    private_key = "${file("~/.ssh/terraform")}"
+  }
+
+  # Obtain IP addresses for both private networks
+  provisioner "remote-exec" {
+    inline = [
+      "sudo chattr +i /etc/resolv.conf",
+      "sudo dhclient -r eth1 eth2",  # Release first
+      "sudo dhclient eth1 eth2",  # Then request new IPs
+    ]
+  }
+  }
+
 resource "openstack_compute_instance_v2" "bootstrap" {
   name        = "${local.prefix}-bootstrap"
   image_name  = "${var.openstack_image_name}"
@@ -84,6 +122,7 @@ resource "openstack_compute_instance_v2" "nodes" {
     }
 
 locals {
+  bastion_ip   = "${openstack_compute_instance_v2.bastion.network.0.fixed_ip_v4}"
   bootstrap_ip = "${openstack_compute_instance_v2.bootstrap.network.0.fixed_ip_v4}"
 
   # FIXME: this syntax does not work (but will in v0.12)
@@ -96,6 +135,7 @@ locals {
 
 output "ips" {
   value = {
+    bastion   = "${local.bastion_ip}"
     bootstrap = "${local.bootstrap_ip}"
   }
 }