Feature/tailscale access (#1)

* AWS_R53_ENABLED: Delete unused variable

* Add Tailscale Feature
- Removed R53 configuration
- Updated Ansible playbook to handle empty variables
- Updated Ansible playbook to use variables file
- Updated README to include updated requirements

---------

Co-authored-by: Damien A <sepales.pret0h@icloud.com>

.gitignore

@@ -42,3 +42,4 @@ network_images/*.tar.xz
 .DS_Store
 .vscode/settings.json
 .vscode
+ansible/clab_vars.yml

README.md

@@ -1,11 +1,6 @@
 # AWS ContainerLab Deployment
 
-This project automates the deployment of ContainerLab on an AWS EC2 instance using Terraform for infrastructure provisioning and Ansible for software setup and configuration. It also configures a Route53 DNS record for easy access to the ContainerLab instance.
+This project automates the deployment of ContainerLab on an AWS EC2 instance using Terraform for infrastructure provisioning and Ansible for software setup and configuration. It also configures a [tailscale access](https://tailscale.com) for easy access to the ContainerLab instance.
-
-## To Do
-
-- [ ] Improving documentation
-- [ ] Complete DNS configuration conditioning
 
 ## Prerequisites
 
@@ -14,9 +9,11 @@ Before you begin, ensure you have the following prerequisites installed and conf
 - AWS CLI
 - Terraform
 - Ansible
+- Ansible module : [ansible.posix](https://galaxy.ansible.com/ui/repo/published/ansible/posix/)
 - Git (if cloning the repository)
 - An AWS account with the necessary permissions
-- A configured AWS Key Pair
+- A configured [AWS Key Pair](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/create-key-pairs.html)
+- Tailscale [Authentication Key](https://tailscale.com/kb/1085/auth-keys)
 
 ## Installation
 
@@ -25,13 +22,21 @@ Before you begin, ensure you have the following prerequisites installed and conf
     Set your AWS credentials and other sensitive data in **terraform/terraform.tfvars**.  
     Example:
 
-    ```bash
+    ```tfvars
     AWS_ACCESS_KEY = "your_access_key"
     AWS_SECRET_KEY = "your_secret_key"
     AWS_REGION     = "desired_aws_region"
     AWS_KEY_NAME   = "your_key_pair_name"
     ```
 
+    Set your Tailscale Key and your git repository or local folder in **ansible/clab_variables.yml**
+
+    ```yml
+    repo_git_url: ""
+    local_dir_path: ""
+    tailscale_auth_key: ""
+    ```
+
     **Important**: Never commit terraform.tfvars to version control as it contains sensitive information.
 
 2. **Clone the Repository**
@@ -60,23 +65,6 @@ Before you begin, ensure you have the following prerequisites installed and conf
     terraform apply
     ```
 
-    If you want to clone a specific GitHub repository during installation, pass the repository URL as a variable:
-
-    ```bash
-    terraform apply -var="GITHUB_REPO_URL=https://github.com/MasqAs/projet-vxlan-automation"
-    ```
-
-    Or, if you want to push a local directory:
-
-    ```bash
-    terraform apply -var="LOCAL_DIR_PATH=/path/to/your/local/directory"
-    ```
-
-    >:pen:  **if you use the local folder**  
-    >Note that there is no synchronization between your remote folder and your local folder once the instance has been created.
-
-    Enter `yes` when prompted to proceed.
-
 5. **Ansible Automation**
 
     The Terraform configuration will automatically trigger the Ansible playbook install_containerlab.yml after the EC2 instance is up. This playbook configures the instance with the necessary packages and settings, installs ContainerLab, and optionally clones the specified GitHub repository.
@@ -85,21 +73,11 @@ Before you begin, ensure you have the following prerequisites installed and conf
 
 The `network_images` folder is intended for Docker images that will be used by ContainerLab. These images should be pre-downloaded and placed in this folder before running the Ansible playbook. During the setup process, the images will be copied to the remote `/tmp` directory of the ContainerLab host and then imported into Docker.
 
-## Accessing ContainerLab
-
-- You can access the ContainerLab instance via SSH using the public IP or the DNS name provided by Route53.
-- The public IP of the instance can be found in the Terraform output.
-- The DNS name will be in the format containerlab `<your_route53_zone_name>`.
-
-> :warning: **ROUTE 53**  
-> By default, Route 53 is disabled to avoid errors in case of incomplete configuration.  
-> To enable it, modify the variables: `AWS_R53_ENABLED` and `AWS_R53_ZONE_ID`.  
-> In any case, `AWS_R53_ZONE_ID` need to be configured.
-
 ## Customization
 
 - You can customize the deployment by modifying the Terraform variables in **terraform/variables.tf**.
 - The Ansible playbook can be customized by editing **ansible/install_containerlab.yml**.
+- You have to configure Ansible by add variables in **ansible/clab_variables.yml**
 
 ## Clean Up
 

ansible/clab_vars.yml.sample

@@ -0,0 +1,3 @@
+repo_git_url: ""
+local_dir_path: ""
+tailscale_auth_key: ""

ansible/install_containerlab.yml

@@ -1,11 +1,14 @@
 ---
 - hosts: all
   become: yes
-  vars:
+  vars_files:
-    repo_git_url: ""
+  - ./clab_vars.yml
-    local_dir_path: ""
   tasks:
 
+  - name: Set hostname to ContainerLab
+    hostname:
+      name: ContainerLab
+
   - name: Install required system packages
     apt:
       pkg:
@@ -44,6 +47,27 @@
       name: "{{ ansible_user_id }}"
       group: docker
 
+  - name: Add Tailscale GPG apt Key
+    apt_key:
+      url: https://pkgs.tailscale.com/stable/ubuntu/focal.noarmor.gpg
+      state: present
+
+  - name: Add Tailscale Repository
+    apt_repository:
+      repo: deb https://pkgs.tailscale.com/stable/ubuntu/ focal main
+      state: present
+      filename: tailscale
+      update_cache: yes
+
+  - name: Update apt and install Tailscale
+    apt:
+      name: tailscale
+      state: latest
+      update_cache: yes
+
+  - name: Run Tailscale CLI command
+    command: "sudo tailscale up --authkey {{ tailscale_auth_key }}"
+  
   - name: Install ContainerLab
     shell: |
       curl -sL https://get.containerlab.dev | sudo bash
@@ -76,15 +100,15 @@
       update: yes
       version: "main"
     become: yes
-    when: repo_git_url | length > 0
+    when: (repo_git_url is defined) and (repo_git_url | length > 0)
 
   - name: Synchronize local directory to VM
-    synchronize:
+    ansible.posix.synchronize:
       src: "{{ local_dir_path }}"
       dest: "/opt/containerlab/projet/"
       recursive: yes
     become: yes
-    when: local_dir_path | length > 0
+    when: (local_dir_path is defined) and (local_dir_path | length > 0)
 
   - name: Copy network images to remote /tmp directory
     copy:

terraform/ec2.tf

@@ -20,12 +20,6 @@ resource "aws_security_group" "netlab_sg" {
     protocol    = "tcp"
     cidr_blocks = [var.AWS_LOCAL_IP]
   }
-  ingress {
-    from_port   = 50080
-    to_port     = 50080
-    protocol    = "tcp"
-    cidr_blocks = [var.AWS_LOCAL_IP]
-  }
 }
 
 resource "aws_instance" "containerlab_host" {
@@ -51,9 +45,11 @@ resource "aws_instance" "containerlab_host" {
   provisioner "local-exec" {
     command = <<EOT
       sleep 20
-      ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -u admin -i ../ansible/inventory --private-key ${var.AWS_KEY_LOCATION} ../ansible/install_containerlab.yml \
+      ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook \
-      ${var.GITHUB_REPO_URL != "" ? "--extra-vars repo_git_url=${var.GITHUB_REPO_URL}" : ""} \
+      -u admin \
-      ${var.LOCAL_DIR_PATH != "" ? "--extra-vars local_dir_path=${var.LOCAL_DIR_PATH}" : ""}
+      -i ../ansible/inventory \
+      --private-key ${var.AWS_KEY_LOCATION} \
+      ../ansible/install_containerlab.yml 
     EOT
   }
 }

terraform/outputs.tf

@@ -1,7 +1,3 @@
 output "public_ip" {
   value = aws_instance.containerlab_host.public_ip
 }
-
-output "containerlab_fqdn" {
-  value = var.AWS_R53_ENABLED && length(aws_route53_record.containerlab_fqdn) > 0 ? "${aws_route53_record.containerlab_fqdn[0].name}.${data.aws_route53_zone.selected.name}" : ""
-}

terraform/route53-record.tf

@@ -1,12 +0,0 @@
-data "aws_route53_zone" "selected" {
-  zone_id = var.AWS_R53_ZONE_ID
-}
-
-resource "aws_route53_record" "containerlab_fqdn" {
-  count = var.AWS_R53_ENABLED ? 1 : 0
-  zone_id = var.AWS_R53_ZONE_ID
-  name    = "containerlab"
-  type    = "A"
-  ttl     = "300"
-  records = [aws_instance.containerlab_host.public_ip]
-}

terraform/terraform.tfvars.sample

@@ -2,5 +2,3 @@ AWS_ACCESS_KEY   = "YOURACCESSKEY"
 AWS_SECRET_KEY   = "YOURACCESSTOKEN"
 AWS_KEY_NAME     = "AWS_key_name"
 AWS_KEY_LOCATION = "~/.ssh/aws_key.pem"
-AWS_R53_ENABLED  = "false"
-AWS_R53_ZONE_ID  = "R53_ZONE_ID"

terraform/variables.tf

@@ -2,27 +2,12 @@ variable "AWS_ACCESS_KEY" {}
 variable "AWS_SECRET_KEY" {}
 variable "AWS_KEY_NAME" {}
 variable "AWS_KEY_LOCATION" {}
-variable "AWS_R53_ZONE_ID" {}
-variable "AWS_R53_ENABLED" {
-  type    = bool
-  default = false
-}
 
 variable "AWS_LOCAL_IP" {
   type = string
   default = "0.0.0.0/0"
 }
 
-variable "GITHUB_REPO_URL" {
-  type    = string
-  default = ""
-}
-
-variable "LOCAL_DIR_PATH" {
-  type    = string
-  default = ""
-}
-
 variable "AWS_REGION" {
   type    = string
   default = "eu-west-3"