From efacdfe1ad0b9f07aa81fb477b8cdfc001a31203 Mon Sep 17 00:00:00 2001 From: Enxebre Date: Tue, 17 Oct 2017 11:53:22 +0200 Subject: [PATCH 1/2] platform/gcp: improve tests support --- Documentation/variables/gcp.md | 1 + Makefile | 2 ++ examples/terraform.tfvars.gcp | 3 +++ modules/gcp/etcd/etcd.tf | 1 + modules/gcp/etcd/variables.tf | 4 ++++ modules/gcp/master-igm/master.tf | 1 + modules/gcp/master-igm/variables.tf | 4 ++++ modules/gcp/network/loadbalancer.tf | 16 +++++++++++++++- modules/gcp/worker-igm/variables.tf | 4 ++++ modules/gcp/worker-igm/worker.tf | 1 + platforms/gcp/main.tf | 10 ++++++++++ platforms/gcp/variables.tf | 5 +++++ tests/rspec/lib/container_linux.rb | 4 ++-- tests/rspec/lib/gcp_cluster.rb | 28 +++++++++++++++++++++++++++- tests/smoke/gcp/vars/gcp.tfvars.json | 22 ++++++++-------------- 15 files changed, 88 insertions(+), 18 deletions(-) diff --git a/Documentation/variables/gcp.md b/Documentation/variables/gcp.md index 357ca05de8..9148d0564e 100644 --- a/Documentation/variables/gcp.md +++ b/Documentation/variables/gcp.md @@ -15,6 +15,7 @@ This document gives an overview of variables used in the Google Cloud platform o | tectonic_gcp_master_disktype | The type of disk (pd-standard or pd-ssd) for the master nodes. | string | `pd-standard` | | tectonic_gcp_master_gce_type | Instance size for the master node(s). Example: `n1-standard-2`. | string | `n1-standard-2` | | tectonic_gcp_region | The GCP region to use. Some regions only have 2 zones. | string | - | +| tectonic_gcp_ssh_key | (required) Path to an SSH public key file to be provisioned as the SSH key for the 'core' user. | string | - | | tectonic_gcp_worker_disk_size | The size of the disk in gigabytes for the root block device of worker nodes. | string | `30` | | tectonic_gcp_worker_disktype | The type of disk (pd-standard or pd-ssd) for the worker nodes. | string | `pd-standard` | | tectonic_gcp_worker_gce_type | Instance size for the worker node(s). Example: `n1-standard-2`. | string | `n1-standard-2` | diff --git a/Makefile b/Makefile index 2b93eccd73..faa4fd84e5 100644 --- a/Makefile +++ b/Makefile @@ -184,6 +184,8 @@ tests/smoke: bin/smoke smoke-test-env-docker-image -e GOOGLE_CREDENTIALS \ -e GOOGLE_CLOUD_KEYFILE_JSON \ -e GCLOUD_KEYFILE_JSON \ + -e GOOGLE_PROJECT \ + -e tectonic_gcp_ssh_key \ -e TF_VAR_tectonic_aws_region \ -e TF_VAR_tectonic_aws_ssh_key \ -e TF_VAR_tectonic_azure_location \ diff --git a/examples/terraform.tfvars.gcp b/examples/terraform.tfvars.gcp index f177a5a6bf..5fe70a8d68 100644 --- a/examples/terraform.tfvars.gcp +++ b/examples/terraform.tfvars.gcp @@ -145,6 +145,9 @@ tectonic_gcp_master_gce_type = "n1-standard-2" // The GCP region to use. Some regions only have 2 zones. tectonic_gcp_region = "" +// (required) Path to an SSH public key file to be provisioned as the SSH key for the 'core' user. +tectonic_gcp_ssh_key = "" + // The size of the disk in gigabytes for the root block device of worker nodes. tectonic_gcp_worker_disk_size = "30" diff --git a/modules/gcp/etcd/etcd.tf b/modules/gcp/etcd/etcd.tf index d939c070b7..7e9da17adb 100644 --- a/modules/gcp/etcd/etcd.tf +++ b/modules/gcp/etcd/etcd.tf @@ -41,6 +41,7 @@ resource "google_compute_instance" "etcd-node" { metadata = { user-data = "${data.ignition_config.etcd.*.rendered[count.index]}" + sshKeys = "core:${file(var.public_ssh_key)}" } service_account { diff --git a/modules/gcp/etcd/variables.tf b/modules/gcp/etcd/variables.tf index 2085de339a..78cdc1a51e 100644 --- a/modules/gcp/etcd/variables.tf +++ b/modules/gcp/etcd/variables.tf @@ -99,3 +99,7 @@ variable "tls_peer_crt_pem" { variable "ign_etcd_dropin_id_list" { type = "list" } + +variable "public_ssh_key" { + default = "" +} diff --git a/modules/gcp/master-igm/master.tf b/modules/gcp/master-igm/master.tf index 04e98627c0..fb91b6ec83 100644 --- a/modules/gcp/master-igm/master.tf +++ b/modules/gcp/master-igm/master.tf @@ -39,6 +39,7 @@ resource "google_compute_instance_template" "master-it" { metadata = { user-data = "${data.ignition_config.main.rendered}" + sshKeys = "core:${file(var.public_ssh_key)}" } service_account { diff --git a/modules/gcp/master-igm/variables.tf b/modules/gcp/master-igm/variables.tf index 726f378f07..5b826319c3 100644 --- a/modules/gcp/master-igm/variables.tf +++ b/modules/gcp/master-igm/variables.tf @@ -96,3 +96,7 @@ variable "image_re" { description = "(internal) Regular expression used to extract repo and tag components from image strings" type = "string" } + +variable "public_ssh_key" { + default = "" +} diff --git a/modules/gcp/network/loadbalancer.tf b/modules/gcp/network/loadbalancer.tf index 8ad090a746..2492b98529 100644 --- a/modules/gcp/network/loadbalancer.tf +++ b/modules/gcp/network/loadbalancer.tf @@ -1,5 +1,6 @@ resource "google_compute_target_pool" "master-targetpool" { - name = "${var.cluster_name}-master-targetpool" + name = "${var.cluster_name}-master-targetpool" + session_affinity = "CLIENT_IP_PROTO" } resource "google_compute_target_pool" "worker-targetpool" { @@ -35,6 +36,19 @@ resource "google_compute_address" "ingress-ip" { name = "${var.cluster_name}-ingress-ip" } +resource "google_compute_forwarding_rule" "api-external-ssh-fwd-rule" { + load_balancing_scheme = "EXTERNAL" + name = "${var.cluster_name}-api-external-ssh-fwd-rule" + ip_address = "${google_compute_address.masters-ip.address}" + region = "${var.gcp_region}" + target = "${google_compute_target_pool.master-targetpool.self_link}" + port_range = "22" +} + +resource "google_compute_address" "tectonic-ingress-ip" { + name = "tectonic-ingress-ip" +} + resource "google_compute_forwarding_rule" "ingress-external-http-fwd-rule" { load_balancing_scheme = "EXTERNAL" name = "${var.cluster_name}-ingress-external-http-fwd-rule" diff --git a/modules/gcp/worker-igm/variables.tf b/modules/gcp/worker-igm/variables.tf index 8a513e667e..02010a6f78 100644 --- a/modules/gcp/worker-igm/variables.tf +++ b/modules/gcp/worker-igm/variables.tf @@ -59,3 +59,7 @@ variable "disk_size" { variable "ign_gcs_puller_id" { type = "string" } + +variable "public_ssh_key" { + default = "" +} diff --git a/modules/gcp/worker-igm/worker.tf b/modules/gcp/worker-igm/worker.tf index 518e128f6b..b7da04abed 100644 --- a/modules/gcp/worker-igm/worker.tf +++ b/modules/gcp/worker-igm/worker.tf @@ -39,6 +39,7 @@ resource "google_compute_instance_template" "worker-it" { metadata = { user-data = "${data.ignition_config.main.rendered}" + sshKeys = "core:${file(var.public_ssh_key)}" } service_account { diff --git a/platforms/gcp/main.tf b/platforms/gcp/main.tf index e9d56f9a86..14027e7a49 100644 --- a/platforms/gcp/main.tf +++ b/platforms/gcp/main.tf @@ -19,6 +19,13 @@ provider "google" { version = "1.1.0" } +module "container_linux" { + source = "../../modules/container_linux" + + channel = "${var.tectonic_container_linux_channel}" + version = "${var.tectonic_container_linux_version}" +} + module "network" { source = "../../modules/gcp/network" @@ -73,6 +80,7 @@ module "etcd" { machine_type = "${var.tectonic_gcp_etcd_gce_type}" managed_zone_name = "${var.tectonic_gcp_ext_google_managedzone_name}" cluster_name = "${var.tectonic_cluster_name}" + public_ssh_key = "${var.tectonic_gcp_ssh_key}" base_domain = "${var.tectonic_base_domain}" container_image = "${var.tectonic_container_images["etcd"]}" @@ -103,6 +111,7 @@ module "masters" { zone_list = "${var.tectonic_gcp_zones}" machine_type = "${var.tectonic_gcp_master_gce_type}" cluster_name = "${var.tectonic_cluster_name}" + public_ssh_key = "${var.tectonic_gcp_ssh_key}" assets_gcs_location = "${google_storage_bucket.tectonic.name}/${google_storage_bucket_object.tectonic-assets.name}" master_subnetwork_name = "${module.network.master_subnetwork_name}" @@ -137,6 +146,7 @@ module "workers" { zone_list = "${var.tectonic_gcp_zones}" machine_type = "${var.tectonic_gcp_worker_gce_type}" cluster_name = "${var.tectonic_cluster_name}" + public_ssh_key = "${var.tectonic_gcp_ssh_key}" worker_subnetwork_name = "${module.network.worker_subnetwork_name}" worker_targetpool_self_link = "${module.network.worker_targetpool_self_link}" diff --git a/platforms/gcp/variables.tf b/platforms/gcp/variables.tf index 204ca9e8e3..c0fb527abb 100644 --- a/platforms/gcp/variables.tf +++ b/platforms/gcp/variables.tf @@ -92,3 +92,8 @@ variable "tectonic_gcp_etcd_disk_size" { default = "30" description = "The size of the disk in gigabytes for the root block device of etcd nodes." } + +variable "tectonic_gcp_ssh_key" { + type = "string" + description = "(required) Path to an SSH public key file to be provisioned as the SSH key for the 'core' user." +} diff --git a/tests/rspec/lib/container_linux.rb b/tests/rspec/lib/container_linux.rb index 5660364b01..1353768ab1 100644 --- a/tests/rspec/lib/container_linux.rb +++ b/tests/rspec/lib/container_linux.rb @@ -16,13 +16,13 @@ module ContainerLinux def self.version(cluster) v, err, = ssh_exec(cluster.master_ip_address, SSH_CMD_CONTAINER_LINUX_VERSION) - raise "failed to get Container Linux version for #{cluster.master_ip_address}" if err != '' + raise "failed to get Container Linux version for #{cluster.master_ip_address}: #{err}" if err != '' v.chomp end def self.channel(cluster) c, err, = ssh_exec(cluster.master_ip_address, SSH_CMD_CONTAINER_LINUX_CHANNEL) - raise "failed to get Container Linux channel for #{cluster.master_ip_address}" if err != '' + raise "failed to get Container Linux channel for #{cluster.master_ip_address}: #{err}" if err != '' c.chomp end end diff --git a/tests/rspec/lib/gcp_cluster.rb b/tests/rspec/lib/gcp_cluster.rb index b19d4af70e..28ca621e93 100644 --- a/tests/rspec/lib/gcp_cluster.rb +++ b/tests/rspec/lib/gcp_cluster.rb @@ -24,6 +24,32 @@ def credentials_defined? GCLOUD_KEYFILE_JSON GOOGLE_APPLICATION_CREDENTIALS ] - EnvVar.contains_any(credential_vars) + EnvVar.contains_any?(credential_vars) + end + + def master_ip_addresses + ip_addresses = [] + Dir.chdir(@build_path) do + ip_address = `echo module.network.master_ip | terraform console ../../platforms/gcp`.chomp + if ip_address.empty? + raise 'should get the master_ip_address to use in the tests.' + end + ip_addresses.push(ip_address) + ip_addresses + end + end + + def master_ip_address + master_ip_addresses[0] + end + + def tectonic_console_url + Dir.chdir(@build_path) do + console_url = `echo module.dns.kube_ingress_fqdn | terraform console ../../platforms/gcp`.chomp + if console_url.empty? + raise 'should get the console url to use in the UI tests.' + end + console_url + end end end diff --git a/tests/smoke/gcp/vars/gcp.tfvars.json b/tests/smoke/gcp/vars/gcp.tfvars.json index 9854232b30..8ee08c7f9e 100644 --- a/tests/smoke/gcp/vars/gcp.tfvars.json +++ b/tests/smoke/gcp/vars/gcp.tfvars.json @@ -1,23 +1,17 @@ { - "tectonic_cluster_name": "test-cluster", - "tectonic_gcp_project_id": "project-id", + "tectonic_bootstrap_upgrade_cl": "false", "tectonic_gcp_region": "us-central1", - "google_managedzone_name": "managedzone-name", - "tectonic_base_domain": "tectonic.dev.coreos.systems", + "tectonic_gcp_zones" : ["us-central1-a","us-central1-b"], + "tectonic_gcp_ext_google_managedzone_name": "testing", + "tectonic_gcp_ssh_key": "~/.ssh/id_rsa.pub", + "tectonic_base_domain": "tectonic.gcp.dev.coreos.systems", "tectonic_gcp_credentials": "", - "tectonic_master_count": "3", - "tectonic_worker_count": "2", - "tectonic_etcd_count": "3", - "tectonic_cl_channel": "stable", + "tectonic_master_count": "1", + "tectonic_worker_count": "1", + "tectonic_etcd_count": "1", "tectonic_gcp_master_gce_type": "n1-standard-2", "tectonic_gcp_worker_gce_type": "n1-standard-2", "tectonic_gcp_etcd_gce_type": "n1-standard-1", "tectonic_gcp_etcd_disktype": "pd-standard", - "tectonic_gcp_etcd_disk_size": 30, - "tectonic_update_server": "", - "tectonic_update_channel": "", - "tectonic_update_app_id": "", - "tectonic_gcp_network_masters_cidr_range": "10.10.0.0/16", - "tectonic_gcp_network_workers_cidr_range": "10.11.0.0/16", "tectonic_etcd_servers": [] } From ed73252da796dd94874fd4d7a4f878cd8224ce93 Mon Sep 17 00:00:00 2001 From: Enxebre Date: Fri, 20 Oct 2017 15:26:00 +0200 Subject: [PATCH 2/2] platform/gcp: add TF_VAR_tectonic_gcp_ssh_key --- Makefile | 2 +- modules/gcp/network/loadbalancer.tf | 4 ---- 2 files changed, 1 insertion(+), 5 deletions(-) diff --git a/Makefile b/Makefile index faa4fd84e5..cabefe958b 100644 --- a/Makefile +++ b/Makefile @@ -185,7 +185,7 @@ tests/smoke: bin/smoke smoke-test-env-docker-image -e GOOGLE_CLOUD_KEYFILE_JSON \ -e GCLOUD_KEYFILE_JSON \ -e GOOGLE_PROJECT \ - -e tectonic_gcp_ssh_key \ + -e TF_VAR_tectonic_gcp_ssh_key \ -e TF_VAR_tectonic_aws_region \ -e TF_VAR_tectonic_aws_ssh_key \ -e TF_VAR_tectonic_azure_location \ diff --git a/modules/gcp/network/loadbalancer.tf b/modules/gcp/network/loadbalancer.tf index 2492b98529..598c4cb86d 100644 --- a/modules/gcp/network/loadbalancer.tf +++ b/modules/gcp/network/loadbalancer.tf @@ -45,10 +45,6 @@ resource "google_compute_forwarding_rule" "api-external-ssh-fwd-rule" { port_range = "22" } -resource "google_compute_address" "tectonic-ingress-ip" { - name = "tectonic-ingress-ip" -} - resource "google_compute_forwarding_rule" "ingress-external-http-fwd-rule" { load_balancing_scheme = "EXTERNAL" name = "${var.cluster_name}-ingress-external-http-fwd-rule"