Pidgin Bamboo Terraform

This repository contains terraform and ansible scripts to configure the bamboo agents for pidgin.

It will create a number of libvirt based virtual machines based on some configuration. These machines are a cache which will act as a caching proxy for both debian packages and docker containers. The other virtual machines are all workers. They will automatically be provisioned to talk to bamboo and have everything set up to work. The number of workers is configurable in the node's configuration which is documented below.

Setup

TLDR: install mkisofs, libvirt, terraform, terraform-libvirt-provider, and make sure the AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY environment variables are properly set to the imfreedom minio instance.

Terraform can be run from anywhere that this repository is cloned to with a few caveats. First you need to install terraform. I typically install it to ~/bin/. Verify Terraform is installed and on your path by running terraform version.

Once you have a working terraform install you need to install the terraform-libvirt-provider. This should be installed into ~/.terraform.d/plugins.

Next we need to make sure that AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY environment variables are set to your credentials to the imfreedom minio instance. If you need credentials, talk to grim. To make sure these environment variables are set, I recommend using direnv and saving them to your .envrc in your clone. This file is already ignored in .hgignore

On Debian based hosts there is an apparmor policy that missing that will cause permission errors. To fix it you need to add the following to /etc/apparmor.d/abstractions/libvirt-qemu. I've been putting it at the end of the file and everything is fine.

  # for terraform-libvirt
  /var/lib/libvirt/images/* rwk,

Node Configuration

To actually terraform a node, we first need to create a <node>.tfvars in the nodes/ directory. A bare minimal example is below. Please note that you are going to need an ssh key, and it is highly recommented that it has been added to your ssh agent.

libvirt_uri = "qemu+ssh://host/system"
admin_ssh_pubkey = "ssh pubkey"
worker_count = 2

libvirt_uri is the connect string for libvirt and admin_ssh_pubkey is the SSH pubkey that should be accepted for the root user.

worker_count is the number of Bamboo agents to provision.

You can also use the volume_pool variable to use a different volume pool.

Once that file is created you provision nodes/node1.tfvars via:

make plan NODE=node1
make apply NODE=node1

Based on the number of workers, this can take quite a bit of time so make sure to run it in screen/tmux and maintain a stable internet connection.