From 78614de3301f6f5c52ca15850b898de3df3cc449 Mon Sep 17 00:00:00 2001 From: Tong Li Date: Sat, 6 Aug 2016 10:04:09 -0400 Subject: [PATCH] Add lampstack terraform scripts for workload test Change-Id: Ibc4529b5a0ba6f0069090233eb3e3002f4801b8f --- .gitignore | 9 + terraform/lampstack/README.md | 162 ++++++++++++++++++ terraform/lampstack/lampstack.tf | 108 ++++++++++++ terraform/lampstack/onvm/app/index.php | 15 ++ .../lampstack/onvm/scripts/installapache.sh | 19 ++ terraform/lampstack/onvm/scripts/installdb.sh | 21 +++ terraform/lampstack/vars_lampstack.tf | 34 ++++ 7 files changed, 368 insertions(+) create mode 100755 .gitignore create mode 100755 terraform/lampstack/README.md create mode 100755 terraform/lampstack/lampstack.tf create mode 100755 terraform/lampstack/onvm/app/index.php create mode 100755 terraform/lampstack/onvm/scripts/installapache.sh create mode 100755 terraform/lampstack/onvm/scripts/installdb.sh create mode 100755 terraform/lampstack/vars_lampstack.tf diff --git a/.gitignore b/.gitignore new file mode 100755 index 0000000..4777357 --- /dev/null +++ b/.gitignore @@ -0,0 +1,9 @@ +/onvm/conf/nodes.conf.yml +/onvm/conf/ids.conf.yml +/onvm/conf/hosts +/onvm/lampstack/openrc +*.out +*/**/*.log +*/**/.DS_Store +*/**/._ +*/**/*.tfstate* diff --git a/terraform/lampstack/README.md b/terraform/lampstack/README.md new file mode 100755 index 0000000..de8f7c6 --- /dev/null +++ b/terraform/lampstack/README.md @@ -0,0 +1,162 @@ +# LAMPstack Terraform deployments + +## Status + +This will install a 3 node lampstack by defulat. Two nodes will be used as +web servers and one node will be used as database node. + +Once the script finishes, a set of URL will be displayed at the end for +verification. + +## Requirements + +- [Install Terraform](https://www.terraform.io/intro/getting-started/install.html) +- Make sure there is an Ubuntu image available on your cloud. + +## Terraform + +Terraform will be used to provision all of the OpenStack resources required to +LAMP stack and all required software. + +### Prep + +#### Deal with ssh keys for Openstack Authentication + +Ensure your local ssh-agent is running and your ssh key has been added. +This step is required by the terraform provisioner. Otherwise, you will have +to use a key pair without passphrase. + +``` +eval $(ssh-agent -s) +ssh-add ~/.ssh/id_rsa + +``` + +#### General Openstack Settings + +Terraform OpenStack provider requires few environment variables to be set +before you can run the scripts. In general, you can simply export OS +environment varialbes like the following: + +``` +export OS_REGION_NAME=RegionOne +export OS_PROJECT_NAME=demo +export OS_IDENTITY_API_VERSION=3 +export OS_PASSWORD=secret +export OS_DOMAIN_NAME=default +export OS_USERNAME=demo +export OS_TENANT_NAME=demo +export OS_PROJECT_DOMAIN_NAME=default +export OS_AUTH_URL=http://9.30.217.9:5000/v3 + +``` + +The values of these variables should be provided by your cloud provider. When +use keystone 2.0 API, you will not need to setup domain name. + +#### LAMP Stack Settings + +You most likely will need to specify the name of your Ubuntu `glance` image, +flavor, lamp stack size (how many nodes in the stack), private and public +network names, and keys. Here is the list of the default values defined in file +vars_lampstack.tf. + +``` +image_name = "ubuntu-14.04" +private_net = "internal" +public_net = "external" +flavor = "m1.medium" +public_key_path = "~/.ssh/id_rsa.pub" +stack_size = 3 +db_username = dbuser +db_password = dbpass +``` + +You can change the settings in the file or you can simply set in environment +variables like the following: + +``` +export TF_VAR_image_name="trusty 1404" +export TF_VAR_private_net=Bluebox +export TF_VAR_public_net=internet +export TF_VAR_flavor="m1.small" +export TF_VAR_public_key_path="~/.ssh/id_rsa.pub" +export TF_VAR_stack_size=5 +export TF_VAR_db_username=george +export TF_VAR_db_password=secret + +``` + +## Provision the LAMP stack + +With all your OpenStack and TF vars set, you should be able to run +`terraform apply`. But lets check with `terraform plan` that things look +correct first: + + +``` +$ terraform plan +Refreshing Terraform state prior to plan... +... +... ++ openstack_networking_floatingip_v2.database + address: "" + fixed_ip: "" + pool: "internet" + port_id: "" + region: "RegionOne" + tenant_id: "" + + +Plan: 8 to add, 0 to change, 0 to destroy. +``` + +If there is no errors showing, we can go ahead and run + +``` +$ terraform apply +... +... +Outputs: + +lampstack = Success!!! + +Access service at the following URLs: +http://99.30.217.44 +http://99.30.217.42 + +``` + +The above results show that the LAMP Stack actually provisioned correctly +and the LAMP application is up running and can be accessed by either of the +urls. + + +## Next Steps + +### Check its up + +Use the access urls to access the application. Since there are multiple web +server nodes, any of the urls should work. + +``` +$ curl http://99.30.217.44 +$ curl http://99.30.217.42 + +``` + +## Cleanup + +Once you're done with it, don't forget to nuke the whole thing. + +``` +$ terraform destroy \ +Do you really want to destroy? + Terraform will delete all your managed infrastructure. + There is no undo. Only 'yes' will be accepted to confirm. + + Enter a value: yes +... +... +Apply complete! Resources: 0 added, 0 changed, 8 destroyed. +``` diff --git a/terraform/lampstack/lampstack.tf b/terraform/lampstack/lampstack.tf new file mode 100755 index 0000000..e42d195 --- /dev/null +++ b/terraform/lampstack/lampstack.tf @@ -0,0 +1,108 @@ +# The terraform to stand up LAMP stack + +resource "openstack_compute_keypair_v2" "lampstack_key" { + name = "lampstack_key" + public_key = "${file(var.public_key_path)}" +} + +resource "openstack_compute_secgroup_v2" "lampstack_sg" { + name = "lampstack_sg" + description = "lampstack security group" + rule { + from_port = 22 + to_port = 22 + ip_protocol = "tcp" + cidr = "0.0.0.0/0" + } + rule { + from_port = 80 + to_port = 80 + ip_protocol = "tcp" + cidr = "0.0.0.0/0" + } + rule { + from_port = 3306 + to_port = 3306 + ip_protocol = "tcp" + cidr = "0.0.0.0/0" + } +} + +resource "openstack_networking_floatingip_v2" "database" { + count = 1 + pool = "${var.public_net}" +} + +resource "openstack_compute_instance_v2" "database" { + name = "database" + image_name = "${var.image_name}" + flavor_name = "${var.flavor}" + key_pair = "lampstack_key" + security_groups = ["${openstack_compute_secgroup_v2.lampstack_sg.name}"] + network { + name = "${var.private_net}" + } + floating_ip = "${openstack_networking_floatingip_v2.database.0.address}" + + connection { + user = "ubuntu" + timeout = "30s" + } + + provisioner "file" { + source = "onvm" + destination = "/tmp/onvm" + } + + provisioner "remote-exec" { + inline = [ + "echo ${self.network.0.fixed_ip_v4} database > /tmp/onvm/hostname", + "chmod +x /tmp/onvm/scripts/*", + "/tmp/onvm/scripts/installdb.sh ${var.db_username} ${var.db_password}" + ] + } +} + +resource "openstack_networking_floatingip_v2" "apache" { + count = "${var.stack_size - 1}" + pool = "${var.public_net}" +} + +resource "openstack_compute_instance_v2" "apache" { + name = "apache_${count.index}" + count = "${var.stack_size - 1}" + image_name = "${var.image_name}" + flavor_name = "${var.flavor}" + key_pair = "lampstack_key" + security_groups = ["${openstack_compute_secgroup_v2.lampstack_sg.name}"] + network { + name = "${var.private_net}" + } + floating_ip = "${element(openstack_networking_floatingip_v2.apache.*.address, count.index)}" + + depends_on = [ "openstack_compute_instance_v2.database" ] + + connection { + user = "ubuntu" + timeout = "30s" + } + + provisioner "file" { + source = "onvm" + destination = "/tmp/onvm" + } + + provisioner "remote-exec" { + inline = [ + "echo ${openstack_compute_instance_v2.database.network.0.fixed_ip_v4} database > /tmp/onvm/hostname", + "echo ${self.network.0.fixed_ip_v4} apache-${count.index} >> /tmp/onvm/hostname", + "chmod +x /tmp/onvm/scripts/*", + "/tmp/onvm/scripts/installapache.sh ${var.db_username} ${var.db_password}" + ] + } + +} + +output "lampstack" { + value = "Success!!!\n\nAccess service at the following URLs:\nhttp://${join("\nhttp://",openstack_compute_instance_v2.apache.*.floating_ip)}" +} diff --git a/terraform/lampstack/onvm/app/index.php b/terraform/lampstack/onvm/app/index.php new file mode 100755 index 0000000..a3af8a7 --- /dev/null +++ b/terraform/lampstack/onvm/app/index.php @@ -0,0 +1,15 @@ + setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); + echo "Connected successfully"; +} +catch(PDOException $e) { + echo "Connection failed: " . $e->getMessage(); +} +?> \ No newline at end of file diff --git a/terraform/lampstack/onvm/scripts/installapache.sh b/terraform/lampstack/onvm/scripts/installapache.sh new file mode 100755 index 0000000..b5e390c --- /dev/null +++ b/terraform/lampstack/onvm/scripts/installapache.sh @@ -0,0 +1,19 @@ +#!/usr/bin/env bash +# $1 db_username +# $2 db_password + +cat /tmp/onvm/hostname | sudo tee -a /etc/hosts >/dev/null +echo 'Installing apache2 and php 5...' +sudo apt-get -qqy update +sudo apt-get -qqy install apache2 php5 php5-mysql +echo 'ServerName localhost' | sudo tee -a /etc/apache2/apache2.conf >/dev/null + +sudo mv /tmp/onvm/app/* /var/www/html +sudo chown -R www-data:www-data /var/www/html +sudo rm -r -f /var/www/html/index.html + +cmdStr=$(echo "s/TTTFFFdbuser/$1/g") +sudo sed -i -e "${cmdStr}" /var/www/html/index.php + +cmdStr=$(echo "s/TTTFFFdbpass/$2/g") +sudo sed -i -e "${cmdStr}" /var/www/html/index.php diff --git a/terraform/lampstack/onvm/scripts/installdb.sh b/terraform/lampstack/onvm/scripts/installdb.sh new file mode 100755 index 0000000..9f04e4b --- /dev/null +++ b/terraform/lampstack/onvm/scripts/installdb.sh @@ -0,0 +1,21 @@ +#!/usr/bin/env bash +# $1 db_username +# $2 db_password + +cat /tmp/onvm/hostname | sudo tee -a /etc/hosts >/dev/null +pw=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 10 | head -n 1) +sudo apt-get -qqy update +sudo debconf-set-selections <<< "mysql-server mysql-server/root_password password $pw" +sudo debconf-set-selections <<< "mysql-server mysql-server/root_password_again password $pw" +sudo apt-get -qqy install mysql-server +echo 'Creating a database...' + +mysql -uroot -p$pw -e "CREATE DATABASE decision2016;" +mysql -uroot -p$pw -e "use decision2016; GRANT ALL PRIVILEGES ON decision2016.* TO '$1'@'localhost' IDENTIFIED BY '$2';" +mysql -uroot -p$pw -e "use decision2016; GRANT ALL PRIVILEGES ON decision2016.* TO '$1'@'%' IDENTIFIED BY '$2';" +mysql -uroot -p$pw -e "flush privileges" + +cmdStr=$(echo 's/127.0.0.1/database/g') +sudo sed -i -e "${cmdStr}" /etc/mysql/my.cnf + +sudo service mysql restart diff --git a/terraform/lampstack/vars_lampstack.tf b/terraform/lampstack/vars_lampstack.tf new file mode 100755 index 0000000..cc64907 --- /dev/null +++ b/terraform/lampstack/vars_lampstack.tf @@ -0,0 +1,34 @@ +variable "image_name" { + default = "ubuntu-14.04" +} + +variable "private_net" { + default = "internal" +} + +variable "public_net" { + default = "external" +} + +variable "flavor" { + default = "m1.medium" +} + +variable "public_key_path" { + description = "The path of the ssh pub key" + default = "~/.ssh/id_rsa.pub" +} + +variable "stack_size" { + default = 3 +} + +variable "db_username" { + description = "The lamp stack database user for remote access" + default = "dbuser" +} + +variable "db_password" { + description = "The lamp stack database user password for remote access" + default = "dbpass" +} \ No newline at end of file