diff --git a/azure/terraform/init.tf b/azure/terraform/init.tf index 349c754..d819a99 100644 --- a/azure/terraform/init.tf +++ b/azure/terraform/init.tf @@ -1,52 +1,56 @@ # Keyword use: # - provider: Define the provider(s) # - data: Retrieve data information to be used within the file # - resource: Define resource and create/update terraform { backend "azurerm" { resource_group_name = "euwest-admin" storage_account_name = "swhterraform" container_name = "tfstate" key = "prod.azure.terraform.tfstate" } } # Configure the Microsoft Azure Provider # Empty if using the `az login` tool provider "azurerm" { version = "~> 1.27" } # Reuse the network security group as defined currently data "azurerm_network_security_group" "worker-nsg" { name = "worker-nsg" resource_group_name = "swh-resource" } # Same for the subnet data "azurerm_subnet" "default" { name = "default" virtual_network_name = "swh-vnet" resource_group_name = "swh-resource" } variable "firstboot_script" { type = string default = "/root/firstboot.sh" } variable "ssh_key_data_ardumont" { type = string default = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDZarzgHrzUYspvrgSI6fszrALo92BDys7QOkJgUfZa9t9m4g7dUANNtwBiqIbqijAQPmB1zKgG6QTZC5rJkRy6KqXCW/+Qeedw/FWIbuI7jOD5WxnglbEQgvPkkB8kf1xIF7icRfWcQmK2je/3sFd9yS4/+jftNMPPXkBCxYm74onMenyllA1akA8FLyujLu6MNA1D8iLLXvz6pBDTT4GZ5/bm3vSE6Go8Xbuyu4SCtYZSHaHC2lXZ6Hhi6dbli4d3OwkUWz+YhFGaEra5Fx45Iig4UCL6kXPkvL/oSc9KGerpT//Xj9qz1K7p/IrBS8+eA4X69bHYYV0UZKDADZSn ardumont@yavin4" } variable "ssh_key_data_olasd" { type = string default = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDZ1TCpfzrvxLhEMhxjbxqPDCwY0nazIr1cyIbhGD2bUdAbZqVMdNtr7MeDnlLIKrIPJWuvltauvLNkYU0iLc1jMntdBCBM3hgXjmTyDtc8XvXseeBp5tDqccYNR/cnDUuweNcL5tfeu5kzaAg3DFi5Dsncs5hQK5KQ8CPKWcacPjEk4ir9gdFrtKG1rZmg/wi7YbfxrJYWzb171hdV13gSgyXdsG5UAFsNyxsKSztulcLKxvbmDgYbzytr38FK2udRk7WuqPbtEAW1zV4yrBXBSB/uw8EAMi+wwvLTwyUcEl4u0CTlhREljUx8LhYrsQUCrBcmoPAmlnLCD5Q9XrGH nicolasd@darboux id_rsa.inria.pub" } variable "user_admin" { type = string default = "tmpadmin" } + +variable "boot_diagnostics_uri" { + default = "https://swhresourcediag966.blob.core.windows.net" +} diff --git a/azure/terraform/kafka.tf b/azure/terraform/kafka.tf index 50f54e8..96949a2 100644 --- a/azure/terraform/kafka.tf +++ b/azure/terraform/kafka.tf @@ -1,132 +1,138 @@ variable "kafka_servers" { default = 6 } variable "kafka_disk_size" { default = 8192 } resource "azurerm_resource_group" "euwest-kafka" { name = "euwest-kafka" location = "westeurope" tags = { environment = "Kafka" } } resource "azurerm_network_interface" "kafka-interface" { count = var.kafka_servers name = format("kafka%02d-interface", count.index + 1) location = "westeurope" resource_group_name = "euwest-kafka" network_security_group_id = data.azurerm_network_security_group.worker-nsg.id ip_configuration { name = "vaultNicConfiguration" subnet_id = data.azurerm_subnet.default.id public_ip_address_id = "" private_ip_address_allocation = "Dynamic" } } resource "azurerm_virtual_machine" "kafka-server" { count = var.kafka_servers name = format("kafka%02d", count.index + 1) location = "westeurope" resource_group_name = "euwest-kafka" network_interface_ids = [azurerm_network_interface.kafka-interface[count.index].id] vm_size = "Standard_B2s" + boot_diagnostics { + enabled = true + storage_uri = var.boot_diagnostics_uri + } + storage_os_disk { name = format("kafka%02d-osdisk", count.index + 1) caching = "ReadWrite" create_option = "FromImage" managed_disk_type = "Premium_LRS" } storage_data_disk { name = format("kafka%02d-datadisk", count.index + 1) caching = "None" create_option = "Empty" managed_disk_type = "Standard_LRS" disk_size_gb = var.kafka_disk_size lun = 1 } storage_image_reference { publisher = "credativ" offer = "Debian" sku = "9" version = "latest" } os_profile { computer_name = format("kafka%02d", count.index + 1) admin_username = var.user_admin } os_profile_linux_config { disable_password_authentication = true ssh_keys { path = "/home/${var.user_admin}/.ssh/authorized_keys" key_data = var.ssh_key_data_olasd } } provisioner "remote-exec" { inline = [ "sudo mkdir /root/.ssh", "echo ${var.ssh_key_data_ardumont} | sudo tee -a /root/.ssh/authorized_keys", "echo ${var.ssh_key_data_olasd} | sudo tee -a /root/.ssh/authorized_keys", ] connection { type = "ssh" user = var.user_admin host = azurerm_network_interface.kafka-interface[count.index].private_ip_address } } provisioner "file" { content = templatefile("templates/firstboot.sh.tpl", { hostname = format("kafka%02d", count.index + 1), fqdn = format("kafka%02d.euwest.azure.internal.softwareheritage.org", count.index + 1), ip_address = azurerm_network_interface.kafka-interface[count.index].private_ip_address, facter_location = "azure_euwest", disks = [{ base_disk = "/dev/sdc", mountpoint = "/srv/kafka", filesystem = "ext4", mount_options = "defaults", }] + raids = [] }) destination = var.firstboot_script connection { type = "ssh" user = "root" host = azurerm_network_interface.kafka-interface[count.index].private_ip_address } } provisioner "remote-exec" { inline = [ "userdel -f ${var.user_admin}", "chmod +x ${var.firstboot_script}", "cat ${var.firstboot_script}", "${var.firstboot_script}", ] connection { type = "ssh" user = "root" host = azurerm_network_interface.kafka-interface[count.index].private_ip_address } } tags = { environment = "Kafka" } }