diff --git a/e2e/terraform/compute.tf b/e2e/terraform/compute.tf
index 33da7ce5241cdfe2cc2a473c0d256245f1217a72..91a6965b60f189e81ea3326599b9b6779fd6e26b 100644
--- a/e2e/terraform/compute.tf
+++ b/e2e/terraform/compute.tf
@@ -8,7 +8,7 @@ data "template_file" "user_data_server" {
}
}
-data "template_file" "user_data_client" {
+data "template_file" "user_data_client_linux" {
template = "${file("${path.root}/user-data-client.sh")}"
count = "${var.client_count}"
@@ -61,7 +61,7 @@ resource "aws_instance" "server" {
"sudo chmod 0755 /usr/local/bin/nomad",
"sudo chown root:root /usr/local/bin/nomad",
"sudo systemctl enable nomad.service",
- "sudo systemctl start nomad.service"
+ "sudo systemctl start nomad.service",
]
connection {
@@ -71,7 +71,7 @@ resource "aws_instance" "server" {
}
}
-resource "aws_instance" "client" {
+resource "aws_instance" "client_linux" {
ami = "${data.aws_ami.main.image_id}"
instance_type = "${var.instance_type}"
key_name = "${module.keys.key_name}"
@@ -85,14 +85,14 @@ resource "aws_instance" "client" {
ConsulAutoJoin = "auto-join"
}
- ebs_block_device = {
- device_name = "/dev/xvdd"
- volume_type = "gp2"
- volume_size = "50"
- delete_on_termination = "true"
+ ebs_block_device = {
+ device_name = "/dev/xvdd"
+ volume_type = "gp2"
+ volume_size = "50"
+ delete_on_termination = "true"
}
- user_data = "${element(data.template_file.user_data_client.*.rendered, count.index)}"
+ user_data = "${element(data.template_file.user_data_client_linux.*.rendered, count.index)}"
iam_instance_profile = "${aws_iam_instance_profile.instance_profile.name}"
provisioner "file" {
@@ -113,8 +113,8 @@ resource "aws_instance" "client" {
"sudo cp /tmp/client.hcl /etc/nomad.d/nomad.hcl",
"sudo chmod 0755 /usr/local/bin/nomad",
"sudo chown root:root /usr/local/bin/nomad",
- "sudo systemctl enable nomad.service",
- "sudo systemctl start nomad.service"
+ "sudo systemctl enable nomad.service",
+ "sudo systemctl start nomad.service",
]
connection {
@@ -124,3 +124,74 @@ resource "aws_instance" "client" {
}
}
+resource "random_string" "windows_admin_password" {
+ length = 16
+ special = true
+}
+
+resource "aws_instance" "client_windows" {
+ ami = "${data.aws_ami.windows.image_id}"
+ instance_type = "${var.instance_type}"
+ key_name = "${module.keys.key_name}"
+ vpc_security_group_ids = ["${aws_security_group.primary.id}"]
+ count = "${var.windows_client_count}"
+ depends_on = ["aws_instance.server"]
+
+ # Instance tags
+ tags {
+ Name = "${local.random_name}-client-windows-${count.index}"
+ ConsulAutoJoin = "auto-join"
+ }
+
+ ebs_block_device = {
+ device_name = "xvdd"
+ volume_type = "gp2"
+ volume_size = "50"
+ delete_on_termination = "true"
+ }
+
+ user_data = <<EOF
+ <powershell>
+ # Bring ebs volume online with read-write access
+ Get-Disk | Where-Object IsOffline -Eq $True | Set-Disk -IsOffline $False
+ Get-Disk | Where-Object isReadOnly -Eq $True | Set-Disk -IsReadOnly $False
+
+ # Set Administrator password
+ $admin = [adsi]("WinNT://./administrator, user")
+ $admin.psbase.invoke("SetPassword", "${random_string.windows_admin_password}")
+
+ # Run Consul
+ $ipaddr = Test-Connection $env:COMPUTERNAME -Count 1 | Select IPV4Address
+ cat C:\ops\shared\consul\consul.json | \
+ %{$_ -replace "IP_ADDRESS","$ipaddr"} | \
+ %{$_ -replace "RETRY_JOIN","${var.retry_join} > C:\ops\consul.d\config.json
+
+ sc.exe create "Consul" binPath= "C:\ops\bin\consul.exe" agent -config-dir C:\ops\consul.d" start= auto
+ sc.exe start "Consul"
+ </powershell>
+ EOF
+
+ iam_instance_profile = "${aws_iam_instance_profile.instance_profile.name}"
+
+ provisioner "file" {
+ content = "${file("${path.root}/configs/${var.indexed == false ? "client.hcl" : "indexed/client-${count.index}.hcl"}")}"
+ destination = "C:\\ops\\nomad.d\\client.hcl"
+
+ connection {
+ user = "Administrator"
+ private_key = "${module.keys.private_key_pem}"
+ }
+ }
+
+ provisioner "remote-exec" {
+ inline = [
+ "aws s3 cp s3://nomad-team-test-binary/builds-oss/${var.nomad_sha}.tar.gz nomad.tar.gz",
+ "Expand-7Zip .\nomad.tar.gz -C C:\\ops\\bin",
+ ]
+
+ connection {
+ user = "Administrator"
+ private_key = "${module.keys.private_key_pem}"
+ }
+ }
+}
diff --git a/e2e/terraform/main.tf b/e2e/terraform/main.tf
index 517187bad14290c7ea911ea5b4f576e330985771..14a3c01527c69ec0519553012e586b9a18a01b99 100644
--- a/e2e/terraform/main.tf
+++ b/e2e/terraform/main.tf
@@ -28,6 +28,11 @@ variable "client_count" {
default = "4"
}
+variable "windows_client_count" {
+ description = "The number of windows clients to provision."
+ default = "1"
+}
+
variable "retry_join" {
description = "Used by Consul to automatically form a cluster."
default = "provider=aws tag_key=ConsulAutoJoin tag_value=auto-join"
@@ -49,9 +54,9 @@ locals {
# Generates keys to use for provisioning and access
module "keys" {
- name = "${local.random_name}"
- path = "${path.root}/keys"
- source = "mitchellh/dynamic-keys/aws"
+ name = "${local.random_name}"
+ path = "${path.root}/keys"
+ source = "mitchellh/dynamic-keys/aws"
version = "v1.0.0"
}
@@ -69,8 +74,8 @@ output "servers" {
value = "${aws_instance.server.*.public_ip}"
}
-output "clients" {
- value = "${aws_instance.client.*.public_ip}"
+output "linux_clients" {
+ value = "${aws_instance.client_linux.*.public_ip}"
}
output "message" {
@@ -79,8 +84,8 @@ Your cluster has been provisioned! - To prepare your environment, run the
following:
```
-export NOMAD_ADDR=http://${aws_instance.client.0.public_ip}:4646
-export CONSUL_HTTP_ADDR=http://${aws_instance.client.0.public_ip}:8500
+export NOMAD_ADDR=http://${aws_instance.client_linux.0.public_ip}:4646
+export CONSUL_HTTP_ADDR=http://${aws_instance.client_linux.0.public_ip}:8500
export NOMAD_E2E=1
```
@@ -92,7 +97,7 @@ go test -v ./e2e
ssh into nodes with:
```
-ssh -i keys/${local.random_name}.pem ubuntu@${aws_instance.client.0.public_ip}
+ssh -i keys/${local.random_name}.pem ubuntu@${aws_instance.client_linux.0.public_ip}
```
EOM
}
diff --git a/e2e/terraform/packer-windows.json b/e2e/terraform/packer-windows.json
index 9df6b3f14f771182b54ca3b96056cf3d149d773e..0eded1df1ffcd6ac865c5be6a2db0ec26c50ed51 100644
--- a/e2e/terraform/packer-windows.json
+++ b/e2e/terraform/packer-windows.json
@@ -34,6 +34,13 @@
"Set-PSRepository -InstallationPolicy Untrusted -Name PSGallery"
]
},
+ {
+ "type": "powershell",
+ "inline": [
+ "Set-PSRepository -InstallationPolicy Trusted -Name PSGallery",
+ "Install-Package -Force 7Zip4PowerShell",
+ "Set-PSRepository -InstallationPolicy Untrusted -Name PSGallery"
+ },
{
"type": "powershell",
"scripts": [
diff --git a/e2e/terraform/windows/bootstrap/fix-tls.ps1 b/e2e/terraform/windows/bootstrap/fix-tls.ps1
index 93a6132c0d982abed5ef06288c665d69156e283d..959ea4d3b170463950b8055d219cbbc3e029ba58 100644
--- a/e2e/terraform/windows/bootstrap/fix-tls.ps1
+++ b/e2e/terraform/windows/bootstrap/fix-tls.ps1
@@ -1,5 +1,5 @@
# This script hardens TLS configuration by disabling weak and broken protocols
-# and enabling useful protocols like TLS 1.1 and 1.1.
+# and enabling useful protocols like TLS 1.1 and 1.2.
$RunningAsAdmin = ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")
if (!$RunningAsAdmin) {