refactor cloud-init configuration

department_1/team_1/dev/lin-dev.noris.de.tf

@@ -21,41 +21,22 @@ resource "vcd_vm" "lin-dev" {
   }
 
   guest_properties = {
+    "password" = "T0p53cr3t"
     "user-data" = base64encode(<<EOT
 #cloud-config
-hostname: lin-dev.noris.de
-groups:
-  - noris
-users:
-${var.cloud_init_config["users"]["root"]}
-write_files:
-  - path: /etc/cloud/cloud.cfg.d/99_network.cfg
-    owner: root/root
-    permissions: 0o644
-    defer: true
-    content: |
-      instance-id: lin-dev.noris.de
-      local-hostname: lin-dev.noris.de
-      network:
-        version: 2
-        ethernets:
-          eth0:
-            addresses:
-              - "172.16.0.2/28"
-              - "2001:780:0:1::2/64"
-            routes:
-              - to: 0.0.0.0/0
-                via: 172.16.0.1
-                metric: 1
-                on-link: true
-              - to: ::/0
-                via: 2001:780:0:1::1
-                metric: 1
-                on-link: true
-      ${var.cloud_init_config["network_nameservers"]}
-${var.cloud_init_config["resolv_conf"]}
-runcmd:
-${var.cloud_init_config["cmd_debian_netconfig"]}
+${var.cloud_init_default_config}
+bootcmd:
+  - [ sh, -c, "while [ ! -e /dev/sdb ]; do echo 'Waiting for /dev/sdb to be available'; sleep 1; done" ]
+disk_setup:
+  /dev/sdb:
+    layout: true
+    table_type: gpt
+    overwrite: false
+fs_setup:
+  - device: /dev/sdb1
+    filesystem: ext4
+mounts:
+  - [/dev/sdb1, /mnt]
 EOT
     )
   }

department_1/team_1/dev/variables.tf

@@ -29,42 +29,29 @@ variable "vdc_edge_gateway_name" {
 }
 
 #############
-# cloud-init config snippets
+# cloud-init config
 #############
-variable "cloud_init_config" {
+variable "cloud_init_default_config" {
   description = "cloud-init config snippets that can be supplied when creating a Linux VM. Keep the indentation!"
   type        = any
-  default = {
-    users = {
-      root = <<EOT
+  default     = <<EOT
+users:
+  - default
   - name: root
     ssh_authorized_keys:
-    - ssh-rsa AAAAB3Nza8Og8/u2bfQ== [email protected]
-EOT
-    }
-    cmd_debian_netconfig = <<EOT
-  - cloud-init devel net-convert --network-data /etc/cloud/cloud.cfg.d/99_network.cfg --kind yaml --output-kind eni -D debian -d /
-  - systemctl restart networking
-EOT
-    cmd_rhel_netconfig   = <<EOT
-  - nmcli connection delete "System eth0"  # delete System eth0 connection as it causes our config to be ignored
-  - cloud-init devel net-convert --network-data /etc/cloud/cloud.cfg.d/99_network.cfg --kind yaml --output-kind network-manager -D rhel -d /
-  - systemctl restart NetworkManager
-EOT
-    network_nameservers  = <<EOT
-            nameservers:
-              addresses:
-                - "62.128.1.42"
-                - "62.128.1.53"
-EOT
-    resolv_conf          = <<EOT
-  - path: /etc/resolv.conf
-    owner: root/root
-    permissions: 0o644
-    defer: true
+      - "ssh-rsa AAAAB3Nza8Og8/u2bfQ== [email protected]"
+  - name: imperator
+    sudo: ALL=(ALL) NOPASSWD:ALL
+    ssh_authorized_keys:
+      - "ssh-rsa AAAAB3Nza8Og8/u2bfQ== [email protected]"
+    groups: [noris]
+groups:
+  - noris
+write_files:
+  - path: /etc/motd
+    owner: root:root
+    append: true
     content: |
-      nameserver 62.128.1.42
-      nameserver 62.128.1.53
+      "You may fire when ready" - this is only a dev system.
 EOT
-  }
 }

department_1/team_1/prod/lin-prod.noris.de.tf

@@ -16,46 +16,26 @@ resource "vcd_vm" "lin-prod" {
     ip_allocation_mode           = "MANUAL"
     ip                           = "172.16.0.18"
     secondary_ip_allocation_mode = "MANUAL"
-    secondary_ip                 = "2001:780:0:2:::18"
+    secondary_ip                 = "2001:780:0:2::18"
     is_primary                   = true
   }
 
   guest_properties = {
     "user-data" = base64encode(<<EOT
 #cloud-config
-hostname: lin-prod.noris.de
-groups:
-  - noris
-users:
-${var.cloud_init_config["users"]["root"]}
-write_files:
-  - path: /etc/cloud/cloud.cfg.d/99_network.cfg
-    owner: root/root
-    permissions: 0o644
-    defer: true
-    content: |
-      instance-id: lin-prod.noris.de
-      local-hostname: lin-prod.noris.de
-      network:
-        version: 2
-        ethernets:
-          eth0:
-            addresses:
-              - "172.16.0.18/28"
-              - "2001:780:0:2:::18"
-            routes:
-              - to: 0.0.0.0/0
-                via: 172.16.0.17
-                metric: 1
-                on-link: true
-              - to: ::/0
-                via: 2001:780:0:2:::1
-                metric: 1
-                on-link: true
-      ${var.cloud_init_config["network_nameservers"]}
-${var.cloud_init_config["resolv_conf"]}
-runcmd:
-${var.cloud_init_config["cmd_debian_netconfig"]}
+${var.cloud_init_default_config}
+bootcmd:
+  - [ sh, -c, "while [ ! -e /dev/sdb ]; do echo 'Waiting for /dev/sdb to be available'; sleep 1; done" ]
+disk_setup:
+  /dev/sdb:
+    layout: true
+    table_type: gpt
+    overwrite: false
+fs_setup:
+  - device: /dev/sdb1
+    filesystem: ext4
+mounts:
+  - [/dev/sdb1, /mnt]
 EOT
     )
   }

department_1/team_1/prod/variables.tf

@@ -29,42 +29,28 @@ variable "vdc_edge_gateway_name" {
 }
 
 #############
-# cloud-init config snippets
+# cloud-init config
 #############
-variable "cloud_init_config" {
-  description = "cloud-init config snippets that can be supplied when creating a Linux VM. Keep the indentation!"
+variable "cloud_init_default_config" {
+  description = "cloud-init default config for VMs"
   type        = any
-  default = {
-    users = {
-      root = <<EOT
+  default     = <<EOT
+users:
   - name: root
     ssh_authorized_keys:
-    - ssh-rsa AAAAB3Nza8Og8/u2bfQ== [email protected]
-EOT
-    }
-    cmd_debian_netconfig = <<EOT
-  - cloud-init devel net-convert --network-data /etc/cloud/cloud.cfg.d/99_network.cfg --kind yaml --output-kind eni -D debian -d /
-  - systemctl restart networking
-EOT
-    cmd_rhel_netconfig   = <<EOT
-  - nmcli connection delete "System eth0"  # delete System eth0 connection as it causes our config to be ignored
-  - cloud-init devel net-convert --network-data /etc/cloud/cloud.cfg.d/99_network.cfg --kind yaml --output-kind network-manager -D rhel -d /
-  - systemctl restart NetworkManager
-EOT
-    network_nameservers  = <<EOT
-            nameservers:
-              addresses:
-                - "62.128.1.42"
-                - "62.128.1.53"
-EOT
-    resolv_conf          = <<EOT
-  - path: /etc/resolv.conf
-    owner: root/root
-    permissions: 0o644
-    defer: true
+      - "ssh-rsa AAAAB3Nza8Og8/u2bfQ== [email protected]"
+  - name: imperator
+    sudo: ALL=(ALL) NOPASSWD:ALL
+    ssh_authorized_keys:
+      - "ssh-rsa AAAAB3Nza8Og8/u2bfQ== [email protected]"
+    groups: [noris]
+groups:
+  - noris
+write_files:
+  - path: /etc/motd
+    owner: root:root
+    append: true
     content: |
-      nameserver 62.128.1.42
-      nameserver 62.128.1.53
-EOT
-  }
+      "You may fire when ready" - but be careful, this is the production environment!
+  EOT
 }