diff options
Diffstat (limited to 'fdio.infra.terraform/terraform-nomad-vpp-device')
8 files changed, 343 insertions, 0 deletions
diff --git a/fdio.infra.terraform/terraform-nomad-vpp-device/conf/nomad/vpp-device.hcl.tftpl b/fdio.infra.terraform/terraform-nomad-vpp-device/conf/nomad/vpp-device.hcl.tftpl new file mode 100644 index 0000000000..aac1a46165 --- /dev/null +++ b/fdio.infra.terraform/terraform-nomad-vpp-device/conf/nomad/vpp-device.hcl.tftpl @@ -0,0 +1,188 @@ +job "${job_name}" { + # The "region" parameter specifies the region in which to execute the job. + # If omitted, this inherits the default region name of "global". + # region = "global" + # + # The "datacenters" parameter specifies the list of datacenters which should + # be considered when placing this task. This must be provided. + datacenters = "${datacenters}" + + # The "type" parameter controls the type of job, which impacts the scheduler's + # decision on placement. This configuration is optional and defaults to + # "service". For a full list of job types and their differences, please see + # the online documentation. + # + type = "system" + + # The "group" stanza defines a series of tasks that should be co-located on + # the same Nomad client. Any task within a group will be placed on the same + # client. + # + # https://www.nomadproject.io/docs/job-specification/group + # + group "csit-shim-amd-group-1" { + # The "count" parameter specifies the number of the task groups that should + # be running under this group. This value must be non-negative. + count = ${group_count} + + # The constraint allows restricting the set of eligible nodes. Constraints + # may filter on attributes or client metadata. + # + # https://www.nomadproject.io/docs/job-specification/constraint + # + constraint { + attribute = "$${node.class}" + value = "csit" + } + + # The restart stanza configures a tasks's behavior on task failure. Restarts + # happen on the client that is running the task. + # + # https://www.nomadproject.io/docs/job-specification/restart + # + restart { + interval = "1m" + attempts = 3 + delay = "15s" + mode = "delay" + } + + # The network stanza specifies the networking requirements for the task + # group, including the network mode and port allocations. When scheduling + # jobs in Nomad they are provisioned across your fleet of machines along + # with other jobs and services. Because you don't know in advance what host + # your job will be provisioned on, Nomad will provide your tasks with + # network configuration when they start up. + # + # https://www.nomadproject.io/docs/job-specification/network + # + network { + port "ssh" { + static = 6022 + } + port "ssh2" { + static = 6023 + } + } + + # The "task" stanza creates an individual unit of work, such as a Docker + # container, web application, or batch processing. + # + # https://www.nomadproject.io/docs/job-specification/task + # + task "csit-shim-amd-task-1" { + # The "driver" parameter specifies the task driver that should be used to + # run the task. + driver = "docker" + + # The "config" stanza specifies the driver configuration, which is passed + # directly to the driver to start the task. The details of configurations + # are specific to each driver, so please see specific driver + # documentation for more information. + config { + image = "${image_x86_64}" + network_mode = "host" + pid_mode = "host" + volumes = [ + "/var/run/docker.sock:/var/run/docker.sock" + ] + privileged = true + } + + # The "resources" stanza describes the requirements a task needs to + # execute. Resource requirements include memory, network, cpu, and more. + # This ensures the task will execute on a machine that contains enough + # resource capacity. + # + # https://www.nomadproject.io/docs/job-specification/resources + # + resources { + cpu = ${cpu} + memory = ${memory} + } + } + } + + group "csit-shim-arm-group-1" { + # The "count" parameter specifies the number of the task groups that should + # be running under this group. This value must be non-negative. + count = ${group_count} + + # The constraint allows restricting the set of eligible nodes. Constraints + # may filter on attributes or client metadata. + # + # https://www.nomadproject.io/docs/job-specification/constraint + # + constraint { + attribute = "$${node.class}" + value = "csitarm" + } + + # The restart stanza configures a tasks's behavior on task failure. Restarts + # happen on the client that is running the task. + # + # https://www.nomadproject.io/docs/job-specification/restart + # + restart { + interval = "1m" + attempts = 3 + delay = "15s" + mode = "delay" + } + + # The network stanza specifies the networking requirements for the task + # group, including the network mode and port allocations. When scheduling + # jobs in Nomad they are provisioned across your fleet of machines along + # with other jobs and services. Because you don't know in advance what host + # your job will be provisioned on, Nomad will provide your tasks with + # network configuration when they start up. + # + # https://www.nomadproject.io/docs/job-specification/network + # + network { + port "ssh" { + static = 6022 + } + port "ssh2" { + static = 6023 + } + } + + # The "task" stanza creates an individual unit of work, such as a Docker + # container, web application, or batch processing. + # + # https://www.nomadproject.io/docs/job-specification/task + # + task "csit-shim-arm-task-1" { + # The "driver" parameter specifies the task driver that should be used to + # run the task. + driver = "docker" + + # The "config" stanza specifies the driver configuration, which is passed + # directly to the driver to start the task. The details of configurations + # are specific to each driver, so please see specific driver + # documentation for more information. + config { + image = "${image_aarch64}" + network_mode = "host" + pid_mode = "host" + volumes = [ + "/var/run/docker.sock:/var/run/docker.sock" + ] + privileged = true + } + + # The "resources" stanza describes the requirements a task needs to + # execute. Resource requirements include memory, network, cpu, and more. + # This ensures the task will execute on a machine that contains enough + # resource capacity. + # + # https://www.nomadproject.io/docs/job-specification/resources + # + resources { + cpu = ${cpu} + memory = ${memory} + } + } + } +}
\ No newline at end of file diff --git a/fdio.infra.terraform/terraform-nomad-vpp-device/fdio/main.tf b/fdio.infra.terraform/terraform-nomad-vpp-device/fdio/main.tf new file mode 100644 index 0000000000..96666e6e89 --- /dev/null +++ b/fdio.infra.terraform/terraform-nomad-vpp-device/fdio/main.tf @@ -0,0 +1,15 @@ +module "vpp-device" { + providers = { + nomad = nomad.yul1 + } + source = "../" + + # nomad + datacenters = ["yul1"] + job_name = "prod-device-csit-shim" + group_count = "1" + cpu = "1500" + memory = "4096" + image_aarch64 = "fdiotools/csit_shim-ubuntu2004:2021_03_02_143938_UTC-aarch64" + image_x86_64 = "fdiotools/csit_shim-ubuntu2004:2021_03_04_142103_UTC-x86_64" +}
\ No newline at end of file diff --git a/fdio.infra.terraform/terraform-nomad-vpp-device/fdio/providers.tf b/fdio.infra.terraform/terraform-nomad-vpp-device/fdio/providers.tf new file mode 100644 index 0000000000..42a6a45ce0 --- /dev/null +++ b/fdio.infra.terraform/terraform-nomad-vpp-device/fdio/providers.tf @@ -0,0 +1,13 @@ +provider "nomad" { + address = var.nomad_provider_address + alias = "yul1" + # ca_file = var.nomad_provider_ca_file + # cert_file = var.nomad_provider_cert_file + # key_file = var.nomad_provider_key_file +} + +provider "vault" { + address = var.vault_provider_address + skip_tls_verify = var.vault_provider_skip_tls_verify + token = var.vault_provider_token +}
\ No newline at end of file diff --git a/fdio.infra.terraform/terraform-nomad-vpp-device/fdio/variables.tf b/fdio.infra.terraform/terraform-nomad-vpp-device/fdio/variables.tf new file mode 100644 index 0000000000..569ba29c87 --- /dev/null +++ b/fdio.infra.terraform/terraform-nomad-vpp-device/fdio/variables.tf @@ -0,0 +1,47 @@ +variable "nomad_acl" { + description = "Nomad ACLs enabled/disabled." + type = bool + default = false +} + +variable "nomad_provider_address" { + description = "FD.io Nomad cluster address." + type = string + default = "http://10.30.51.23:4646" +} + +variable "nomad_provider_ca_file" { + description = "A local file path to a PEM-encoded certificate authority." + type = string + default = "/etc/nomad.d/ssl/nomad-ca.pem" +} + +variable "nomad_provider_cert_file" { + description = "A local file path to a PEM-encoded certificate." + type = string + default = "/etc/nomad.d/ssl/nomad-cli.pem" +} + +variable "nomad_provider_key_file" { + description = "A local file path to a PEM-encoded private key." + type = string + default = "/etc/nomad.d/ssl/nomad-cli-key.pem" +} + +variable "vault_provider_address" { + description = "Vault cluster address." + type = string + default = "http://10.30.51.23:8200" +} + +variable "vault_provider_skip_tls_verify" { + description = "Verification of the Vault server's TLS certificate." + type = bool + default = false +} + +variable "vault_provider_token" { + description = "Vault root token." + type = string + sensitive = true +}
\ No newline at end of file diff --git a/fdio.infra.terraform/terraform-nomad-vpp-device/fdio/versions.tf b/fdio.infra.terraform/terraform-nomad-vpp-device/fdio/versions.tf new file mode 100644 index 0000000000..82b792fd72 --- /dev/null +++ b/fdio.infra.terraform/terraform-nomad-vpp-device/fdio/versions.tf @@ -0,0 +1,9 @@ +terraform { + required_providers { + nomad = { + source = "hashicorp/nomad" + version = ">= 1.4.19" + } + } + required_version = ">= 1.3.7" +}
\ No newline at end of file diff --git a/fdio.infra.terraform/terraform-nomad-vpp-device/main.tf b/fdio.infra.terraform/terraform-nomad-vpp-device/main.tf new file mode 100644 index 0000000000..2e67085714 --- /dev/null +++ b/fdio.infra.terraform/terraform-nomad-vpp-device/main.tf @@ -0,0 +1,19 @@ +locals { + datacenters = join(",", var.datacenters) +} + +resource "nomad_job" "nomad_job_csit_shim" { + jobspec = templatefile( + "${path.module}/conf/nomad/vpp-device.hcl.tftpl", + { + datacenters = local.datacenters + job_name = var.job_name + group_count = var.group_count + cpu = var.cpu + mem = var.memory + image_aarch64 = var.image_aarch64 + image_x86_64 = var.image_x86_64 + } + ) + detach = false +}
\ No newline at end of file diff --git a/fdio.infra.terraform/terraform-nomad-vpp-device/variables.tf b/fdio.infra.terraform/terraform-nomad-vpp-device/variables.tf new file mode 100644 index 0000000000..0a11e1da3b --- /dev/null +++ b/fdio.infra.terraform/terraform-nomad-vpp-device/variables.tf @@ -0,0 +1,43 @@ +# Nomad +variable "datacenters" { + description = "Specifies the list of DCs to be considered placing this task" + type = list(string) + default = ["dc1"] +} + +# CSIT SHIM +variable "job_name" { + description = "CSIT SHIM job name" + type = string + default = "prod-csit-shim" +} + +variable "group_count" { + description = "Number of CSIT SHIM group instances" + type = number + default = 1 +} + +variable "cpu" { + description = "CSIT SHIM task CPU" + type = number + default = 2000 +} + +variable "memory" { + description = "CSIT SHIM task memory" + type = number + default = 10000 +} + +variable "image_aarch64" { + description = "CSIT SHIM AARCH64 docker image" + type = string + default = "fdiotools/csit_shim-ubuntu2004:prod-aarch64" +} + +variable "image_x86_64" { + description = "CSIT SHIM X86_64 docker image" + type = string + default = "fdiotools/csit_shim-ubuntu2004:prod-x86_64" +}
\ No newline at end of file diff --git a/fdio.infra.terraform/terraform-nomad-vpp-device/versions.tf b/fdio.infra.terraform/terraform-nomad-vpp-device/versions.tf new file mode 100644 index 0000000000..a319c35908 --- /dev/null +++ b/fdio.infra.terraform/terraform-nomad-vpp-device/versions.tf @@ -0,0 +1,9 @@ +terraform { + required_providers { + nomad = { + source = "hashicorp/nomad" + version = ">= 1.4.19" + } + } + required_version = ">= 1.3.7" +} |