wip

30cccbfb · Danielle Lancashire · 242dda11 · 30cccbfb · 30cccbfb · 30cccbfb
Unverified Commit 30cccbfb authored 5 years ago by Danielle Lancashire
Hide whitespace changes
Inline Side-by-side

Showing

with 103 additions and 20 deletions
+103 -20
--- a/e2e/terraform/compute.tf
+++ b/e2e/terraform/compute.tf
@@ -8,7 +8,7 @@ data "template_file" "user_data_server" {
  }
 }

-data "template_file" "user_data_client" {
+data "template_file" "user_data_client_linux" {
  template = "${file("${path.root}/user-data-client.sh")}"
  count    = "${var.client_count}"

@@ -61,7 +61,7 @@ resource "aws_instance" "server" {
      "sudo chmod 0755 /usr/local/bin/nomad",
      "sudo chown root:root /usr/local/bin/nomad",
      "sudo systemctl enable nomad.service",
-      "sudo systemctl start nomad.service"
+      "sudo systemctl start nomad.service",
    ]

    connection {
@@ -71,7 +71,7 @@ resource "aws_instance" "server" {
  }
 }

-resource "aws_instance" "client" {
+resource "aws_instance" "client_linux" {
  ami                    = "${data.aws_ami.main.image_id}"
  instance_type          = "${var.instance_type}"
  key_name               = "${module.keys.key_name}"
@@ -85,14 +85,14 @@ resource "aws_instance" "client" {
    ConsulAutoJoin = "auto-join"
  }

-  ebs_block_device =  {
-    device_name                 = "/dev/xvdd"
-    volume_type                 = "gp2"
-    volume_size                 = "50"
-    delete_on_termination       = "true"
+  ebs_block_device = {
+    device_name           = "/dev/xvdd"
+    volume_type           = "gp2"
+    volume_size           = "50"
+    delete_on_termination = "true"
  }

-  user_data            = "${element(data.template_file.user_data_client.*.rendered, count.index)}"
+  user_data            = "${element(data.template_file.user_data_client_linux.*.rendered, count.index)}"
  iam_instance_profile = "${aws_iam_instance_profile.instance_profile.name}"

  provisioner "file" {
@@ -113,8 +113,8 @@ resource "aws_instance" "client" {
      "sudo cp /tmp/client.hcl /etc/nomad.d/nomad.hcl",
      "sudo chmod 0755 /usr/local/bin/nomad",
      "sudo chown root:root /usr/local/bin/nomad",
-			"sudo systemctl enable nomad.service",
-      "sudo systemctl start nomad.service"
+      "sudo systemctl enable nomad.service",
+      "sudo systemctl start nomad.service",
    ]

    connection {
@@ -124,3 +124,74 @@ resource "aws_instance" "client" {
  }
 }

+resource "random_string" "windows_admin_password" {
+  length  = 16
+  special = true
+}
+
+resource "aws_instance" "client_windows" {
+  ami                    = "${data.aws_ami.windows.image_id}"
+  instance_type          = "${var.instance_type}"
+  key_name               = "${module.keys.key_name}"
+  vpc_security_group_ids = ["${aws_security_group.primary.id}"]
+  count                  = "${var.windows_client_count}"
+  depends_on             = ["aws_instance.server"]
+
+  # Instance tags
+  tags {
+    Name           = "${local.random_name}-client-windows-${count.index}"
+    ConsulAutoJoin = "auto-join"
+  }
+
+  ebs_block_device = {
+    device_name           = "xvdd"
+    volume_type           = "gp2"
+    volume_size           = "50"
+    delete_on_termination = "true"
+  }
+
+  user_data = <<EOF
+  <powershell>
+  # Bring ebs volume online with read-write access
+  Get-Disk | Where-Object IsOffline -Eq $True | Set-Disk -IsOffline $False
+  Get-Disk | Where-Object isReadOnly -Eq $True | Set-Disk -IsReadOnly $False
+
+  # Set Administrator password
+  $admin = [adsi]("WinNT://./administrator, user")
+  $admin.psbase.invoke("SetPassword", "${random_string.windows_admin_password}")
+
+  # Run Consul
+  $ipaddr = Test-Connection $env:COMPUTERNAME -Count 1 | Select IPV4Address
+  cat C:\ops\shared\consul\consul.json | \
+    %{$_ -replace "IP_ADDRESS","$ipaddr"} | \
+    %{$_ -replace "RETRY_JOIN","${var.retry_join} > C:\ops\consul.d\config.json
+
+  sc.exe create "Consul" binPath= "C:\ops\bin\consul.exe" agent -config-dir C:\ops\consul.d" start= auto
+  sc.exe start "Consul"
+  </powershell>
+  EOF
+
+  iam_instance_profile = "${aws_iam_instance_profile.instance_profile.name}"
+
+  provisioner "file" {
+    content     = "${file("${path.root}/configs/${var.indexed == false ? "client.hcl" : "indexed/client-${count.index}.hcl"}")}"
+    destination = "C:\\ops\\nomad.d\\client.hcl"
+
+    connection {
+      user        = "Administrator"
+      private_key = "${module.keys.private_key_pem}"
+    }
+  }
+
+  provisioner "remote-exec" {
+    inline = [
+      "aws s3 cp s3://nomad-team-test-binary/builds-oss/${var.nomad_sha}.tar.gz nomad.tar.gz",
+      "Expand-7Zip .\nomad.tar.gz -C C:\\ops\\bin",
+    ]
+
+    connection {
+      user        = "Administrator"
+      private_key = "${module.keys.private_key_pem}"
+    }
+  }
+}
--- a/e2e/terraform/main.tf
+++ b/e2e/terraform/main.tf
@@ -28,6 +28,11 @@ variable "client_count" {
  default     = "4"
 }

+variable "windows_client_count" {
+  description = "The number of windows clients to provision."
+  default     = "1"
+}
+
 variable "retry_join" {
  description = "Used by Consul to automatically form a cluster."
  default     = "provider=aws tag_key=ConsulAutoJoin tag_value=auto-join"
@@ -49,9 +54,9 @@ locals {

 # Generates keys to use for provisioning and access
 module "keys" {
-  name   = "${local.random_name}"
-  path   = "${path.root}/keys"
-  source = "mitchellh/dynamic-keys/aws"
+  name    = "${local.random_name}"
+  path    = "${path.root}/keys"
+  source  = "mitchellh/dynamic-keys/aws"
  version = "v1.0.0"
 }

@@ -69,8 +74,8 @@ output "servers" {
  value = "${aws_instance.server.*.public_ip}"
 }

-output "clients" {
-  value = "${aws_instance.client.*.public_ip}"
+output "linux_clients" {
+  value = "${aws_instance.client_linux.*.public_ip}"
 }

 output "message" {
@@ -79,8 +84,8 @@ Your cluster has been provisioned! - To prepare your environment, run the
 following:

 ```
-export NOMAD_ADDR=http://${aws_instance.client.0.public_ip}:4646
-export CONSUL_HTTP_ADDR=http://${aws_instance.client.0.public_ip}:8500
+export NOMAD_ADDR=http://${aws_instance.client_linux.0.public_ip}:4646
+export CONSUL_HTTP_ADDR=http://${aws_instance.client_linux.0.public_ip}:8500
 export NOMAD_E2E=1
 ```

@@ -92,7 +97,7 @@ go test -v ./e2e

 ssh into nodes with:
 ```
-ssh -i keys/${local.random_name}.pem ubuntu@${aws_instance.client.0.public_ip}
+ssh -i keys/${local.random_name}.pem ubuntu@${aws_instance.client_linux.0.public_ip}
 ```
 EOM
 }
--- a/e2e/terraform/packer-windows.json
+++ b/e2e/terraform/packer-windows.json
@@ -34,6 +34,13 @@
        "Set-PSRepository -InstallationPolicy Untrusted -Name PSGallery"
      ]
    },
+    {
+      "type": "powershell",
+      "inline": [
+        "Set-PSRepository -InstallationPolicy Trusted -Name PSGallery",
+        "Install-Package -Force 7Zip4PowerShell",
+        "Set-PSRepository -InstallationPolicy Untrusted -Name PSGallery"
+    },
    {
      "type": "powershell",
      "scripts": [

--- a/e2e/terraform/windows/bootstrap/fix-tls.ps1
+++ b/e2e/terraform/windows/bootstrap/fix-tls.ps1
 # This script hardens TLS configuration by disabling weak and broken protocols
-# and enabling useful protocols like TLS 1.1 and 1.1.
+# and enabling useful protocols like TLS 1.1 and 1.2.

 $RunningAsAdmin = ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")
 if (!$RunningAsAdmin) {