Skip to content
This repository was archived by the owner on Oct 14, 2020. It is now read-only.

Commit faaa266

Browse files
jmassardojmassardo
committed
committing tons of local changes
Signed-off-by: James Massardo <[email protected]>
1 parent 7aecae2 commit faaa266

17 files changed

+271
-267
lines changed

LinuxNodes.tf

-91
This file was deleted.

.gitignore

+4-1
Original file line numberDiff line numberDiff line change
@@ -4,4 +4,7 @@ terraform.tfstate
44
terraform.tfstate.backup
55
delivery.license
66
AzureCredentials.tf
7-
profiles/*
7+
profiles/*
8+
.DS_Store
9+
output.log
10+
terraform.tfvars

AutomateServer.tf

+21-32
Original file line numberDiff line numberDiff line change
@@ -1,38 +1,34 @@
11
#create a public IP address for the virtual machine
22
resource "azurerm_public_ip" "automate_pubip" {
3-
name = "automate_pubip"
4-
location = "${var.azure_region}"
5-
resource_group_name = "${azurerm_resource_group.rg.name}"
6-
public_ip_address_allocation = "dynamic"
7-
domain_name_label = "${var.automate_server_name}-${lower(substr("${join("", split(":", timestamp()))}", 8, -1))}"
8-
9-
tags {
10-
environment = "${var.azure_env}"
11-
}
3+
name = "automate_pubip"
4+
location = var.azure_region
5+
resource_group_name = azurerm_resource_group.rg.name
6+
allocation_method = "Dynamic"
7+
domain_name_label = "${var.automate_server_name}-${lower(substr(join("", split(":", timestamp())), 8, -1))}"
128
}
139

1410
#create the network interface and put it on the proper vlan/subnet
1511
resource "azurerm_network_interface" "automate_ip" {
1612
name = "automate_ip"
17-
location = "${var.azure_region}"
18-
resource_group_name = "${azurerm_resource_group.rg.name}"
13+
location = var.azure_region
14+
resource_group_name = azurerm_resource_group.rg.name
1915

2016
ip_configuration {
2117
name = "automate_ipconf"
22-
subnet_id = "${azurerm_subnet.subnet.id}"
18+
subnet_id = azurerm_subnet.subnet.id
2319
private_ip_address_allocation = "static"
2420
private_ip_address = "10.1.1.11"
25-
public_ip_address_id = "${azurerm_public_ip.automate_pubip.id}"
21+
public_ip_address_id = azurerm_public_ip.automate_pubip.id
2622
}
2723
}
2824

2925
#create the actual VM
3026
resource "azurerm_virtual_machine" "automate" {
3127
name = "automate"
32-
location = "${var.azure_region}"
33-
resource_group_name = "${azurerm_resource_group.rg.name}"
34-
network_interface_ids = ["${azurerm_network_interface.automate_ip.id}"]
35-
vm_size = "${var.automate_vm_size}"
28+
location = var.azure_region
29+
resource_group_name = azurerm_resource_group.rg.name
30+
network_interface_ids = [azurerm_network_interface.automate_ip.id]
31+
vm_size = var.automate_vm_size
3632

3733
storage_image_reference {
3834
publisher = "Canonical"
@@ -49,24 +45,20 @@ resource "azurerm_virtual_machine" "automate" {
4945
}
5046

5147
os_profile {
52-
computer_name = "${var.automate_server_name}"
53-
admin_username = "${var.username}"
54-
admin_password = "${var.password}"
48+
computer_name = var.automate_server_name
49+
admin_username = var.username
50+
admin_password = var.password
5551
}
5652

5753
os_profile_linux_config {
5854
disable_password_authentication = false
5955
}
6056

61-
tags {
62-
environment = "${var.azure_env}"
63-
}
64-
6557
connection {
66-
host = "${azurerm_public_ip.automate_pubip.fqdn}"
58+
host = azurerm_public_ip.automate_pubip.fqdn
6759
type = "ssh"
68-
user = "${var.username}"
69-
password = "${var.password}"
60+
user = var.username
61+
password = var.password
7062
}
7163

7264
provisioner "file" {
@@ -94,25 +86,21 @@ resource "azurerm_virtual_machine" "automate" {
9486
destination = "/tmp/admin-linux-baseline-2.2.2.tar.gz"
9587
}
9688

97-
9889
provisioner "file" {
9990
source = "profiles/admin-linux-patch-baseline-0.4.0.tar.gz"
10091
destination = "/tmp/admin-linux-patch-baseline-0.4.0.tar.gz"
10192
}
10293

103-
10494
provisioner "file" {
10595
source = "profiles/admin-windows-baseline-1.1.0.tar.gz"
10696
destination = "/tmp/admin-windows-baseline-1.1.0.tar.gz"
10797
}
10898

109-
11099
provisioner "file" {
111100
source = "profiles/admin-windows-patch-baseline-0.4.0.tar.gz"
112101
destination = "/tmp/admin-windows-patch-baseline-0.4.0.tar.gz"
113102
}
114103

115-
116104
provisioner "remote-exec" {
117105
inline = [
118106
"sudo chmod +x /tmp/InstallChefAutomate.sh",
@@ -122,5 +110,6 @@ resource "azurerm_virtual_machine" "automate" {
122110
}
123111

124112
output "afqdn" {
125-
value = "${azurerm_public_ip.automate_pubip.fqdn}"
113+
value = azurerm_public_ip.automate_pubip.fqdn
126114
}
115+

AzureInfrastructure.tf

+21-16
Original file line numberDiff line numberDiff line change
@@ -1,33 +1,37 @@
11
# Setup the infrastructure components required to create the environment
2+
provider "azurerm" {
3+
features {
4+
}
5+
}
26

37
# Create a resource group to contain all the objects
48
resource "azurerm_resource_group" "rg" {
59
name = "${var.azure_rg_name}-${join("", split(":", timestamp()))}" #Removing the colons since Azure doesn't allow them.
6-
location = "${var.azure_region}"
10+
location = var.azure_region
711
}
812

913
# Create the virtual network
1014
resource "azurerm_virtual_network" "vnet" {
1115
name = "${var.azure_rg_name}_Network"
1216
address_space = ["10.1.0.0/16"]
13-
location = "${var.azure_region}"
14-
resource_group_name = "${azurerm_resource_group.rg.name}"
17+
location = var.azure_region
18+
resource_group_name = azurerm_resource_group.rg.name
1519
}
1620

1721
# Create the individual subnet for the servers
1822
resource "azurerm_subnet" "subnet" {
1923
name = "${var.azure_rg_name}_Subnet"
20-
resource_group_name = "${azurerm_resource_group.rg.name}"
21-
virtual_network_name = "${azurerm_virtual_network.vnet.name}"
22-
address_prefix = "10.1.1.0/24"
24+
resource_group_name = azurerm_resource_group.rg.name
25+
virtual_network_name = azurerm_virtual_network.vnet.name
26+
address_prefixes = ["10.1.1.0/24"]
2327
}
2428

2529
# create the network security group to allow inbound access to the servers
2630
resource "azurerm_network_security_group" "nsg" {
2731
name = "${var.azure_rg_name}_nsg"
28-
location = "${var.azure_region}"
29-
resource_group_name = "${azurerm_resource_group.rg.name}"
30-
32+
location = var.azure_region
33+
resource_group_name = azurerm_resource_group.rg.name
34+
3135
# create a rule to allow HTTPS inbound to all nodes in the network
3236
security_rule {
3337
name = "Allow_HTTPS"
@@ -40,7 +44,7 @@ resource "azurerm_network_security_group" "nsg" {
4044
source_address_prefix = "*"
4145
destination_address_prefix = "*"
4246
}
43-
47+
4448
# create a rule to allow SSH inbound to all nodes in the network. Note the priority. All rules but have a unique priority
4549
security_rule {
4650
name = "Allow_SSH"
@@ -53,9 +57,10 @@ resource "azurerm_network_security_group" "nsg" {
5357
source_address_prefix = "*"
5458
destination_address_prefix = "*"
5559
}
56-
57-
# add an environment tag.
58-
tags {
59-
environment = "${var.azure_env}"
60-
}
61-
}
60+
}
61+
62+
resource "azurerm_subnet_network_security_group_association" "sg_assoc" {
63+
subnet_id = azurerm_subnet.subnet.id
64+
network_security_group_id = azurerm_network_security_group.nsg.id
65+
}
66+

BootstrapNodes.sh

+10-7
Original file line numberDiff line numberDiff line change
@@ -1,16 +1,19 @@
11
chef_server_user=$1
22
chef_server_user_password=$2
33

4+
# Accept Chef licenses
5+
export CHEF_LICENSE="accept"
6+
47
cd /var/lib/jenkins/chef_repo
58
knife bootstrap 10.1.1.20 --ssh-user $chef_server_user --sudo --identity-file ~/.ssh/id_rsa --node-name linuxnode0 --run-list 'recipe[all_systems]' --node-ssl-verify-mode none -E dev
6-
knife bootstrap 10.1.1.21 --ssh-user $chef_server_user --sudo --identity-file ~/.ssh/id_rsa --node-name linuxnode1 --run-list 'recipe[all_systems]' --node-ssl-verify-mode none -E dev
7-
knife bootstrap 10.1.1.22 --ssh-user $chef_server_user --sudo --identity-file ~/.ssh/id_rsa --node-name linuxnode2 --run-list 'recipe[all_systems]' --node-ssl-verify-mode none -E prod
8-
knife bootstrap 10.1.1.23 --ssh-user $chef_server_user --sudo --identity-file ~/.ssh/id_rsa --node-name linuxnode3 --run-list 'recipe[all_systems]' --node-ssl-verify-mode none -E prod
9-
knife bootstrap 10.1.1.24 --ssh-user $chef_server_user --sudo --identity-file ~/.ssh/id_rsa --node-name linuxnode4 --run-list 'recipe[all_systems]' --node-ssl-verify-mode none -E prod
9+
knife bootstrap 10.1.1.21 --ssh-user $chef_server_user --sudo --identity-file ~/.ssh/id_rsa --node-name linuxnode1 --run-list 'recipe[all_systems]' --node-ssl-verify-mode none -E prod
10+
knife bootstrap 10.1.1.22 --ssh-user $chef_server_user --sudo --identity-file ~/.ssh/id_rsa --node-name linuxnode2 --node-ssl-verify-mode none --policy-group dev --policy-name lab_base
11+
knife bootstrap 10.1.1.23 --ssh-user $chef_server_user --sudo --identity-file ~/.ssh/id_rsa --node-name linuxnode3 --node-ssl-verify-mode none --policy-group stg --policy-name lab_base
12+
knife bootstrap 10.1.1.24 --ssh-user $chef_server_user --sudo --identity-file ~/.ssh/id_rsa --node-name linuxnode4 --node-ssl-verify-mode none --policy-group prod --policy-name lab_base
1013

1114

1215
knife bootstrap windows winrm 10.1.1.120 --winrm-user $chef_server_user --winrm-password "$chef_server_user_password" --node-name winnode0 --run-list 'recipe[all_systems]' --node-ssl-verify-mode none -E dev
1316
knife bootstrap windows winrm 10.1.1.121 --winrm-user $chef_server_user --winrm-password "$chef_server_user_password" --node-name winnode1 --run-list 'recipe[all_systems]' --node-ssl-verify-mode none -E dev
14-
knife bootstrap windows winrm 10.1.1.122 --winrm-user $chef_server_user --winrm-password "$chef_server_user_password" --node-name winnode2 --run-list 'recipe[all_systems]' --node-ssl-verify-mode none -E prod
15-
knife bootstrap windows winrm 10.1.1.123 --winrm-user $chef_server_user --winrm-password "$chef_server_user_password" --node-name winnode3 --run-list 'recipe[all_systems]' --node-ssl-verify-mode none -E prod
16-
knife bootstrap windows winrm 10.1.1.124 --winrm-user $chef_server_user --winrm-password "$chef_server_user_password" --node-name winnode4 --run-list 'recipe[all_systems]' --node-ssl-verify-mode none -E prod
17+
knife bootstrap windows winrm 10.1.1.122 --winrm-user $chef_server_user --winrm-password "$chef_server_user_password" --node-ssl-verify-mode none --node-name winnode2 --policy-group dev --policy-name lab_base
18+
knife bootstrap windows winrm 10.1.1.123 --winrm-user $chef_server_user --winrm-password "$chef_server_user_password" --node-ssl-verify-mode none --node-name winnode3 --policy-group stg --policy-name lab_base
19+
knife bootstrap windows winrm 10.1.1.124 --winrm-user $chef_server_user --winrm-password "$chef_server_user_password" --node-ssl-verify-mode none --node-name winnode4 --policy-group prod --policy-name lab_base

0 commit comments

Comments
 (0)