From 609e616d7c072c3aeef85bc21980b67f64d87a98 Mon Sep 17 00:00:00 2001 From: Damien A Date: Fri, 10 Nov 2023 10:59:04 +0100 Subject: [PATCH] =?UTF-8?q?Add=20behavior=20:=20-=20Personal=20SSH=20Key?= =?UTF-8?q?=20=F0=9F=94=90=20-=20Deploy=20repository=20from=20variables=20?= =?UTF-8?q?=E2=9A=99=EF=B8=8F=20-=20Import=20custom=20network=20images=20?= =?UTF-8?q?=F0=9F=9B=9C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .gitignore | 4 ++- README.md | 2 ++ ansible/install_containerlab.yml | 45 ++++++++++++++++++++++++++++++++ terraform/main.tf | 25 +++++++----------- terraform/outputs.tf | 6 ++++- terraform/route53-record.tf | 12 +++++++++ terraform/variables.tf | 8 ++++++ 7 files changed, 84 insertions(+), 18 deletions(-) create mode 100644 terraform/route53-record.tf diff --git a/.gitignore b/.gitignore index 8610eda..72a8eef 100644 --- a/.gitignore +++ b/.gitignore @@ -38,4 +38,6 @@ terraform.rc # Data file inventory -tf-key-pair.pem \ No newline at end of file +network_images/* +.DS_Store +.vscode/settings.json diff --git a/README.md b/README.md index 5d7075d..4651ad9 100644 --- a/README.md +++ b/README.md @@ -12,6 +12,8 @@ This project automates the deployment of ContainerLab tools on an AWS EC2 instan - AWS Account - Terraform installed - Ansible installed +- SSH key configured +- Route 53 domaine configured ## Usage diff --git a/ansible/install_containerlab.yml b/ansible/install_containerlab.yml index 6ae5256..2f24554 100644 --- a/ansible/install_containerlab.yml +++ b/ansible/install_containerlab.yml @@ -1,6 +1,8 @@ --- - hosts: all become: yes + vars: + repo_git_url: "" tasks: - name: Install required system packages @@ -14,6 +16,8 @@ - virtualenv - python3-setuptools - git + - tree + - htop state: latest update_cache: true @@ -43,3 +47,44 @@ curl -sL https://get.containerlab.dev | sudo bash args: creates: /usr/local/bin/containerlab + + - name: Ensure /opt/containerlab directory exists + file: + path: /opt/containerlab + state: directory + mode: '0755' + owner: admin + group: admin + become: yes + + - name: Ensure user 'admin' exists + user: + name: admin + append: yes + groups: docker + shell: /bin/bash + become: yes + + - name: Clone specified GitHub repository to /opt/containerlab + git: + repo: "{{ repo_git_url }}" + dest: "/opt/containerlab/projet/" + clone: yes + update: yes + version: "main" + become: yes + when: repo_git_url | length > 0 + + - name: Copy network images to remote /tmp directory + copy: + src: "{{ item }}" + dest: "/tmp/{{ item | basename }}" + with_fileglob: + - "../network_images/*" + when: inventory_hostname in groups['all'] + + - name: Import network image to Docker with specific tag + command: + cmd: "docker import /tmp/{{ item | basename }} {{ (item | basename | regex_replace('^(\\D+)-.*-(.*)\\.tar\\.xz', '\\1')) | lower }}:{{ item | basename | regex_replace('^(\\D+)-.*-(.*)\\.tar\\.xz', '\\2') }}" + loop: "{{ query('fileglob', '../network_images/*.tar.xz') }}" + when: inventory_hostname in groups['all'] \ No newline at end of file diff --git a/terraform/main.tf b/terraform/main.tf index 87e6936..876fdd4 100644 --- a/terraform/main.tf +++ b/terraform/main.tf @@ -4,20 +4,6 @@ provider "aws" { secret_key = var.AWS_SECRET_KEY } -resource "aws_key_pair" "tf-key-pair" { - key_name = "tf-key-pair" - public_key = tls_private_key.rsa.public_key_openssh -} -resource "tls_private_key" "rsa" { - algorithm = "RSA" - rsa_bits = 4096 -} -resource "local_file" "tf-key" { - content = tls_private_key.rsa.private_key_pem - filename = "tf-key-pair.pem" - file_permission = "0600" -} - resource "aws_security_group" "netlab_sg" { name = "netlab_sg" @@ -45,14 +31,21 @@ resource "aws_security_group" "netlab_sg" { resource "aws_instance" "containerlab_host" { ami = var.AWS_AMIS[var.AWS_REGION] instance_type = "t2.xlarge" - key_name = "tf-key-pair" + key_name = var.AWS_KEY_NAME vpc_security_group_ids = [aws_security_group.netlab_sg.id] + root_block_device { + volume_size = "128" + volume_type = "gp2" + encrypted = "false" + delete_on_termination = "true" + } + provisioner "local-exec" { command = "echo ${aws_instance.containerlab_host.public_ip} > ../ansible/inventory" } provisioner "local-exec" { - command = "sleep 20; ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -u admin -i ../ansible/inventory --private-key ./tf-key-pair.pem ../ansible/install_containerlab.yml" + command = "sleep 20; ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -u admin -i ../ansible/inventory --private-key ${var.AWS_KEY_LOCATION} ../ansible/install_containerlab.yml --extra-vars repo_git_url=${var.GITHUB_REPO_URL}" } } \ No newline at end of file diff --git a/terraform/outputs.tf b/terraform/outputs.tf index fb5ce4b..236fff1 100644 --- a/terraform/outputs.tf +++ b/terraform/outputs.tf @@ -1,3 +1,7 @@ output "public_ip" { value = aws_instance.containerlab_host.public_ip -} \ No newline at end of file +} + +output "containerlab_fqdn" { + value = "${aws_route53_record.containerlab_fqdn.name}.${data.aws_route53_zone.selected.name}" +} diff --git a/terraform/route53-record.tf b/terraform/route53-record.tf new file mode 100644 index 0000000..73faaf8 --- /dev/null +++ b/terraform/route53-record.tf @@ -0,0 +1,12 @@ +data "aws_route53_zone" "selected" { + zone_id = var.AWS_R53_ZONE_ID +} + + +resource "aws_route53_record" "containerlab_fqdn" { + zone_id = var.AWS_R53_ZONE_ID + name = "containerlab" + type = "A" + ttl = "300" + records = [aws_instance.containerlab_host.public_ip] +} \ No newline at end of file diff --git a/terraform/variables.tf b/terraform/variables.tf index d282001..6accfe2 100644 --- a/terraform/variables.tf +++ b/terraform/variables.tf @@ -1,5 +1,13 @@ variable "AWS_ACCESS_KEY" {} variable "AWS_SECRET_KEY" {} +variable "AWS_KEY_NAME" {} +variable "AWS_KEY_LOCATION" {} +variable "AWS_R53_ZONE_ID" {} + +variable "GITHUB_REPO_URL" { + type = string + default = "" +} variable "AWS_REGION" { type = string