Merge pull request #1845 from chef/praj/scenario_for_external_postgres

Adding Terraform scenario for external-postgres

terraform/aws/scenarios/omnibus-external-postgresql/README.md

@@ -0,0 +1,12 @@
+# Omnibus External Postgresql
+
+This directory contains the Terraform code used to instantiate an external
+Postgresql Server followed by a Chef Infra Server utilizing an Omnibus
+built artifact downloaded from `$upgrade_version_url` as the install package.
+
+The Chef Infra Server will receive a `/etc/opscode/chef-server.rb`
+configuration file that is setup to use the external Postgresql server with
+ssl=off by default.
+
+Once both servers are installed and configured, the pedant tests are run
+against the Chef Infra Server.

terraform/aws/scenarios/omnibus-external-postgresql/main.tf

@@ -0,0 +1,177 @@
+module "chef_server" {
+  source = "../../modules/aws_instance"
+
+  aws_profile       = "${var.aws_profile}"
+  aws_region        = "${var.aws_region}"
+  aws_vpc_name      = "${var.aws_vpc_name}"
+  aws_department    = "${var.aws_department}"
+  aws_contact       = "${var.aws_contact}"
+  aws_ssh_key_id    = "${var.aws_ssh_key_id}"
+  aws_instance_type = "${var.aws_instance_type}"
+  enable_ipv6       = "${var.enable_ipv6}"
+  platform          = "${var.platform}"
+  name              = "chef_server-${var.scenario}-${var.enable_ipv6 ? "ipv6" : "ipv4"}-${var.platform}"
+}
+
+module "external_postgresql" {
+  source = "../../modules/aws_instance"
+
+  aws_profile       = "${var.aws_profile}"
+  aws_region        = "${var.aws_region}"
+  aws_vpc_name      = "${var.aws_vpc_name}"
+  aws_department    = "${var.aws_department}"
+  aws_contact       = "${var.aws_contact}"
+  aws_ssh_key_id    = "${var.aws_ssh_key_id}"
+  aws_instance_type = "${var.aws_instance_type}"
+  enable_ipv6       = "${var.enable_ipv6}"
+  platform          = "ubuntu-16.04"
+  name              = "external_postgresql-${var.scenario}-${var.enable_ipv6 ? "ipv6" : "ipv4"}-${var.platform}"
+}
+
+# generate static hosts configuration
+data "template_file" "hosts_config" {
+  template = "${file("${path.module}/templates/hosts.tpl")}"
+
+  vars {
+    chef_server_ip = "${var.enable_ipv6 == true ? module.chef_server.public_ipv6_address : module.chef_server.private_ipv4_address}"
+    external_postgresql_ip  = "${var.enable_ipv6 == true ? module.external_postgresql.public_ipv6_address : module.external_postgresql.private_ipv4_address}"
+  }
+}
+
+# generate chef_server.rb configuration
+data "template_file" "chef_server_rb" {
+  template = "${file("${path.module}/templates/chef-server.rb.tpl")}"
+
+  vars {
+    external_postgresql_ip = "${var.enable_ipv6 == true ? module.external_postgresql.public_ipv6_address : module.external_postgresql.private_ipv4_address}"
+  }
+}
+
+# update external_postgres server
+resource "null_resource" "external_postgresql_config" {
+  # provide some connection info
+  connection {
+    type = "ssh"
+    user = "${module.external_postgresql.ssh_username}"
+    host = "${module.external_postgresql.public_ipv4_dns}"
+  }
+
+  provisioner "file" {
+    content     = "${data.template_file.hosts_config.rendered}"
+    destination = "/tmp/hosts"
+  }
+
+  provisioner "remote-exec" {
+    inline = [
+      "set -evx",
+      "sudo chown root:root /tmp/hosts",
+      "sudo mv /tmp/hosts /etc/hosts",
+      "sleep 30",
+      "echo 'deb http://apt.postgresql.org/pub/repos/apt/ xenial-pgdg main' | sudo tee /etc/apt/sources.list.d/pgdg.list",
+      "wget --quiet https://www.postgresql.org/media/keys/ACCC4CF8.asc",
+      "sudo apt-key add ACCC4CF8.asc",
+      "sudo apt-get update",
+      "sudo apt-get install -y ssl-cert sysstat postgresql-9.6",
+      "echo 'host    all             all            ${module.chef_server.private_ipv4_address}/32         md5' | sudo tee -a /etc/postgresql/9.6/main/pg_hba.conf",
+      "echo \"listen_addresses='*'\" | sudo tee -a /etc/postgresql/9.6/main/postgresql.conf",
+      "sudo systemctl restart postgresql",
+      "sudo -u postgres psql -c \"CREATE USER bofh SUPERUSER ENCRYPTED PASSWORD 'i1uvd3v0ps';\""
+    ]
+  }
+}
+
+# update chef server
+resource "null_resource" "chef_server_config" {
+  depends_on = ["null_resource.external_postgresql_config"]
+
+  # provide some connection info
+  connection {
+    type = "ssh"
+    user = "${module.chef_server.ssh_username}"
+    host = "${module.chef_server.public_ipv4_dns}"
+  }
+
+  provisioner "file" {
+    content     = "${data.template_file.hosts_config.rendered}"
+    destination = "/tmp/hosts"
+  }
+
+  provisioner "file" {
+    content    = "${data.template_file.chef_server_rb.rendered}"
+    destination = "/tmp/chef-server.rb"
+  }
+
+  provisioner "file" {
+    source      = "${path.module}/../../../common/files/dhparam.pem"
+    destination = "/tmp/dhparam.pem"
+  }
+
+  # install chef-server
+  provisioner "remote-exec" {
+    inline = [
+      "set -evx",
+      "echo -e '\nBEGIN INSTALL CHEF SERVER\n'",
+      "sudo chown root:root /tmp/hosts",
+      "sudo mv /tmp/hosts /etc/hosts",
+      "curl -vo /tmp/${replace(var.upgrade_version_url, "/^.*\\//", "")} ${var.upgrade_version_url}",
+      "sudo ${replace(var.upgrade_version_url, "rpm", "") != var.upgrade_version_url ? "rpm -U" : "dpkg -iEG"} /tmp/${replace(var.upgrade_version_url, "/^.*\\//", "")}",
+      "sudo chown root:root /tmp/chef-server.rb",
+      "sudo chown root:root /tmp/dhparam.pem",
+      "sudo mv /tmp/chef-server.rb /etc/opscode",
+      "sudo mv /tmp/dhparam.pem /etc/opscode",
+      "sudo chef-server-ctl reconfigure --chef-license=accept",
+      "sleep 120",
+      "echo -e '\nEND INSTALL CHEF SERVER\n'",
+    ]
+  }
+
+  # add user + organization
+  provisioner "remote-exec" {
+    script = "${path.module}/../../../common/files/add_user.sh"
+  }
+}
+
+resource "null_resource" "chef_server_test" {
+  depends_on = ["null_resource.chef_server_config"]
+
+  connection {
+    type = "ssh"
+    user = "${module.chef_server.ssh_username}"
+    host = "${module.chef_server.public_ipv4_dns}"
+  }
+
+  # run smoke test
+  provisioner "remote-exec" {
+    script = "${path.module}/../../../common/files/test_chef_server-smoke.sh"
+  }
+
+  # install push jobs addon
+  provisioner "remote-exec" {
+    script = "${path.module}/../../../common/files/install_addon_push_jobs.sh"
+  }
+
+  # test push jobs addon
+  provisioner "remote-exec" {
+    script = "${path.module}/../../../common/files/test_addon_push_jobs.sh"
+  }
+
+  # install chef manage addon
+  provisioner "remote-exec" {
+    script = "${path.module}/../../../common/files/install_addon_chef_manage.sh"
+  }
+
+  # run pedant test
+  provisioner "remote-exec" {
+    script = "${path.module}/../../../common/files/test_chef_server-pedant.sh"
+  }
+
+  # run psql test
+  provisioner "remote-exec" {
+    script = "${path.module}/../../../common/files/test_psql.sh"
+  }
+
+  # run gather-logs test
+  provisioner "remote-exec" {
+    script = "${path.module}/../../../common/files/test_gather_logs.sh"
+  }
+}

terraform/aws/scenarios/omnibus-external-postgresql/templates/chef-server.rb.tpl

@@ -0,0 +1,21 @@
+opscode_erchef['keygen_start_size'] = 30
+
+opscode_erchef['keygen_cache_size'] = 60
+
+nginx['ssl_dhparam'] = '/etc/opscode/dhparam.pem'
+
+data_collector['token'] = 'foobar'
+
+profiles['root_url'] = 'http://localhost:9998'
+
+postgresql['external'] = true
+
+postgresql['vip'] = "${external_postgresql_ip}"
+postgresql['port'] = 5432
+postgresql['db_superuser'] = "bofh"
+postgresql['db_superuser_password'] = "i1uvd3v0ps"
+postgresql['external'] = true
+postgresql['sslmode'] = "disable"
+opscode_erchef['db_pool_size'] = 10
+oc_id['db_pool_size'] = 10
+oc_bifrost['db_pool_size'] = 10

terraform/aws/scenarios/omnibus-external-postgresql/templates/hosts.tpl

@@ -0,0 +1,13 @@
+127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
+
+# The following lines are desirable for IPv6 capable hosts
+::1       localhost.localdomain localhost6 localhost6.localdomain6 ip6-localhost ip6-loopback
+fe00::0 ip6-localnet
+ff00::0 ip6-mcastprefix
+ff02::1 ip6-allnodes
+ff02::2 ip6-allrouters
+ff02::3 ip6-allhosts
+
+${chef_server_ip} chef_server.internal
+
+${external_postgresql_ip} external_postgresql.internal external_postgresql.chef-server.dev

terraform/aws/scenarios/omnibus-external-postgresql/variables.tf

@@ -0,0 +1,64 @@
+#########################################################################
+# AWS
+#########################################################################
+variable "aws_profile" {
+  type        = "string"
+  description = "Name of the AWS profile used for authentication (e.g. chef-engineering)."
+  default     = "chef-engineering"
+}
+
+variable "aws_region" {
+  type        = "string"
+  description = "Name of the AWS region to create instances in (e.g. us-west-2)."
+  default     = "us-west-1"
+}
+
+variable "aws_vpc_name" {
+  type        = "string"
+  description = "Name of the AWS virtual private cloud where tests will be run."
+  default     = ""
+}
+
+variable "aws_department" {
+  type        = "string"
+  description = "Department that owns the resources should be one of: EngServ, Operations, Eng, Training, Solutions, Sales, BD, Success or Partner"
+}
+
+variable "aws_contact" {
+  type        = "string"
+  description = "The primary contact for the resources, this should be the IAM username and must be able to receive email by appending @chef.io to it (this person can explain what/why, might not be the business owner)."
+}
+
+variable "aws_ssh_key_id" {
+  type        = "string"
+  description = "AWS ID of the SSH key used to access the instance (e.g. csnapp)."
+}
+
+variable "aws_instance_type" {
+  type        = "string"
+  description = "Name of the AWS instance type used to determine size of instances (e.g. t2.medium)."
+  default     = "t2.medium"
+}
+
+variable "platform" {
+  type        = "string"
+  description = "Operating System of the instance to be created."
+}
+
+#########################################################################
+# Chef Server
+#########################################################################
+variable "scenario" {
+  type        = "string"
+  description = "The name of the scenario being executed."
+}
+
+variable "upgrade_version_url" {
+  type        = "string"
+  description = "The URL to a chef-server used during initial install."
+}
+
+variable "enable_ipv6" {
+  type        = "string"
+  description = "Use IPv6 in the chef-server.rb config and /etc/hosts."
+}