This includes a basic template to provision and manage user's NERC OpenStack resources using Terraform. NERC has an OpenStack deployment. Terraform is an open-source Infrastructure as Code (IaC) software tool that works with NERC and allows you to orchestrate, provision, and manage infrastructure resources quickly and easily.
If you have multiple instances/ VMs you are managing for your work or research, it can be simpler and more reproducible if you are doing it with automation tool like Terraform.
To use Terraform you will need to install it from here.
The basic setup is as follows:
-
Git clone this
terraform-nerc-r-shiny
repo. -
Generate and move a new SSH key pair to your local
~/.ssh
folder. -
Download the NERC's OpenStack RC file i.e.
-openrc.sh
file into the repo. -
Run
source *-openrc.sh
. -
Review
example.tfvars
file in the repo and change some of the local variables' values as per your settings i.e. quantity, keypair-name, keypair-path, user-data-path, secgroup, network_name, etc.NOTE: Please make sure to review bash script file i.e.
install-R-Shiny.sh
is pointing asuser-data-path
variable inexample.tfvars
. This includes the script required to setup Shiny R server. If you want to change and update this script you can just change this file and then runterraform plan
andterraform apply
command pointing thisexample.tfvars
file. -
Review
network.tf
file in the repo and you can see we openedr-shiny-ingress
resource that open ingress port of3838
which is required to expose R Shiny web server ashttp://<Newly_Created_Floating_IP>:3838
. -
Initalize Terraform in the repo with
terraform init
. -
See what changes Terraform wants to make to your infrastructure with
terraform plan -var-file="example.tfvars"
. -
Apply the changes with
terraform apply -var-file="example.tfvars"
. -
The terminal will show the Floating IP(s) of the newly creted instance(s). Try to SSH into it using
ssh almalinux@<Floating_IP> -i ./your-private-key-pair
. -
Go to the NERC's OpenStack dashboard to review your newly provisioned resources.
-
Clean up all resources using
terraform destroy -var-file="example.tfvars"
.
You can download the environment file with the credentials from the OpenStack dashboard.
-
Log in to the NERC's OpenStack dashboard, choose the project for which you want to download the OpenStack RC file.
-
Navigate to Identity > Application Credentials.
-
Click on "Create Application Credential" button and provide a Name and Roles for the application credential. All other fields are optional and leaving the "Secret" field empty will set it to autogenerate (recommended).
- After clicking "Create Application Credential" button, the ID and Secret will be displayed and you will be prompted to
Download openrc file
or to Downloadclouds.yaml
. Both of these are different methods of configuring the client for CLI access. Please save the file.
Then, source your downloaded OpenStack RC File:
Find the file (by default it will be named the same as the application credential name with the suffix -openrc.sh
where project is the name of your OpenStack project).
Source the file:
[user@laptop ~]$ source app-cred-<Credential_Name>-openrc.sh
NOTE: When you source the file, environment variables are set for your current shell.
Create a new key running: ssh-keygen -t rsa -f your-private-key-pair
Make sure the newly generated SSH key pairs exist on your ~/.ssh
folder.
The Terraform deployment workflow on the NERC looks like this:
Initialize - Install the plugins Terraform needs to manage the infrastructure.
Plan - Preview the changes Terraform will make to match your configuration.
Apply - Make the planned changes.
Terraform keeps track of your real infrastructure in a state file, which acts as a source of truth for your environment. Terraform uses the state file to determine the changes to make to your infrastructure so that it will match your configuration. Terraform's state allows you to track resource changes throughout your deployments. You can securely share your state with your teammates, provide a stable environment for Terraform to run in, and prevent race conditions when multiple people make configuration changes at once.
For more info read this.