Merge pull request #27 from mengesb/etcd_tuning

ETCD tuning
mengesb · Oct 29, 2016 · 0596266 · 0596266
2 parents c0f3d54 + bfcc649
commit 0596266
Show file tree

Hide file tree

Showing 7 changed files with 113 additions and 10 deletions.
diff --git a/.gitignore b/.gitignore
@@ -4,3 +4,4 @@ terraform.tfvars
 *.swp*
 .chef
 logfiles
+etcd_configs
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -3,6 +3,11 @@ tf_hachef CHANGELOG
 
 This file is used to list changes made in each version of the tf_hachef Terraform plan.
 
+v0.2.9 (2016-10-29)
+-------------------
+- Added ETCD tunable variables and implementation
+- Update `private_key` for `connection` to use `${file()}` interpolation
+
 v0.2.8 (2016-10-28)
 -------------------
 - Updated repo structure to prepare for multiple providers and plans per provider feature set.

diff --git a/providers/aws/route53_ssl/README.md b/providers/aws/route53_ssl/README.md
@@ -645,6 +645,24 @@ these defaults and necessary inputs are defined, for your convenience in
     <td>integer</td>
     <td>180</td>
   </tr>
+  <tr>
+    <td>etcd_path</td>
+    <td></td>
+    <td>Path to configure ETCD settings</td>
+    <td>`/opt/chef-backend/service/etcd/env`</td>
+  </tr>
+  <tr>
+    <td>etcd_settings</td>
+    <td></td>
+    <td>Map of settings for ETCD configuration. Key is setting name, value is the value</td>
+    <td>ETCD_HEARTBEAT_INTERVAL = 600<br>ETCD_ELECTION_TIMEOUT   = 6000<br>ETCD_SNAPSHOT_COUNT     = 5000</td>
+  </tr>
+  <tr>
+    <td>etcd_restart_cmd</td>
+    <td></td>
+    <td>Command issued to restart ETCD service</td>
+    <td>sudo chef-backend-ctl restart etcd</td>
+  </tr>
 </table>
 
 

diff --git a/providers/aws/route53_ssl/etcd_configs/.gitkeep b/providers/aws/route53_ssl/etcd_configs/.gitkeep
diff --git a/providers/aws/route53_ssl/files/etcd_template.bash.tpl b/providers/aws/route53_ssl/files/etcd_template.bash.tpl
@@ -0,0 +1,4 @@
+#!/usr/bin/env bash
+
+[[ -f ${path}/${file} ]] && sudo mv ${path}/${file} ${path}/${file}.bak
+echo ${input} | sudo tee -a ${path}/${file}
diff --git a/providers/aws/route53_ssl/main.tf b/providers/aws/route53_ssl/main.tf
@@ -248,7 +248,7 @@ resource "aws_instance" "chef-backends" {
   connection {
     host        = "${self.public_ip}"
     user        = "${var.ami_user[var.os]}"
-    private_key = "${var.instance_keys["key_file"]}"
+    private_key = "${file("${var.instance_keys["key_file"]}")}"
   }
   # Setup
   provisioner "remote-exec" {
@@ -302,7 +302,7 @@ resource "null_resource" "establish_leader" {
   connection {
     host        = "${aws_instance.chef-backends.0.public_ip}"
     user        = "${var.ami_user[var.os]}"
-    private_key = "${var.instance_keys["key_file"]}"
+    private_key = "${file("${var.instance_keys["key_file"]}")}"
   }
   provisioner "remote-exec" {
     inline = [
@@ -335,7 +335,7 @@ resource "null_resource" "follow_leader" {
   connection {
     host        = "${element(aws_instance.chef-backends.*.public_ip, count.index + 1)}"
     user        = "${var.ami_user[var.os]}"
-    private_key = "${var.instance_keys["key_file"]}"
+    private_key = "${file("${var.instance_keys["key_file"]}")}"
   }
   provisioner "file" {
     source      = ".chef/chef-backend-secrets.json"
@@ -358,6 +358,59 @@ resource "null_resource" "follow_leader" {
     command = "rm -f /tmp/configuring.${sha256(element(aws_instance.chef-backends.*.id, count.index + 1))}"
   }
 }
+data "template_file" "etcd_settings" {
+  count = "${length(var.etcd_settings)}"
+  template = "${file("${path.module}/files/etcd_template.bash.tpl")}"
+  vars {
+    path = "${var.etcd_path}"
+    file = "${element(keys(var.etcd_settings), count.index)}"
+    input = "${element(values(var.etcd_settings), count.index)}"
+  }
+}
+resource "null_resource" "etcd_files" {
+  count = "${length(var.etcd_settings)}"
+  provisioner "local-exec" {
+    command = <<-EOC
+      mkdir -p etcd_configs
+      [ -f etcd_configs/etcd_config.${count.index}.bash ] && rm -f etcd_configs/etcd_config.${count.index}.bash
+      tee etcd_configs/etcd_config.${count.index}.bash <<EOF
+      ${element(data.template_file.etcd_settings.*.rendered, count.index)}
+      EOF
+      EOC
+  }
+}
+resource "null_resource" "etcd_configure" {
+  depends_on = ["null_resource.establish_leader","null_resource.follow_leader","null_resource.etcd_files"]
+  count = "${var.chef_backend["count"]}"
+  connection {
+    host        = "${element(aws_instance.chef-backends.*.public_ip, count.index)}"
+    user        = "${var.ami_user[var.os]}"
+    private_key = "${file("${var.instance_keys["key_file"]}")}"
+  }
+  provisioner "file" {
+    source      = "etcd_configs"
+    destination = "/tmp/"
+  }
+  provisioner "remote-exec" {
+    inline = [
+      "for F in $(ls /tmp/etcd_configs); do bash /tmp/etcd_configs/$F; done",
+    ]
+  }
+}
+resource "null_resource" "etcd_restart" {
+  depends_on = ["null_resource.etcd_configure"]
+  count = "${var.chef_backend["count"]}"
+  connection {
+    host        = "${element(aws_instance.chef-backends.*.public_ip, count.index % var.chef_backend["count"])}"
+    user        = "${var.ami_user[var.os]}"
+    private_key = "${file("${var.instance_keys["key_file"]}")}"
+  }
+  provisioner "remote-exec" {
+    inline = [
+      "${var.etcd_restart_cmd}"
+    ]
+  }
+}
 resource "aws_route53_record" "chef-backends-private" {
   count   = "${var.chef_backend["count"]}"
   zone_id = "${var.r53_zones["internal"]}"
@@ -407,7 +460,7 @@ resource "aws_instance" "chef-frontends" {
   connection {
     host        = "${self.public_ip}"
     user        = "${var.ami_user[var.os]}"
-    private_key = "${var.instance_keys["key_file"]}"
+    private_key = "${file("${var.instance_keys["key_file"]}")}"
   }
   # Setup
   provisioner "remote-exec" {
@@ -468,7 +521,7 @@ resource "null_resource" "generate_frontend_cfg" {
   connection {
     host        = "${aws_instance.chef-backends.0.public_ip}"
     user        = "${var.ami_user[var.os]}"
-    private_key = "${var.instance_keys["key_file"]}"
+    private_key = "${file("${var.instance_keys["key_file"]}")}"
   }
   # Generate chef server configuration
   provisioner "remote-exec" {
@@ -489,7 +542,7 @@ resource "null_resource" "generate_frontend_cfg" {
     connection {
       host        = "${aws_instance.chef-backends.0.public_ip}"
       user        = "${var.ami_user[var.os]}"
-      private_key = "${var.instance_keys["key_file"]}"
+      private_key = "${file("${var.instance_keys["key_file"]}")}"
     }
     inline = [
       "sudo rm -f /tmp/chef-server.rb.${sha256(element(aws_instance.chef-frontends.*.tags.Name, count.index))}",
@@ -500,7 +553,7 @@ resource "null_resource" "generate_frontend_cfg" {
     connection {
       host        = "${element(aws_instance.chef-frontends.*.public_ip, count.index)}"
       user        = "${var.ami_user[var.os]}"
-      private_key = "${var.instance_keys["key_file"]}"
+      private_key = "${file("${var.instance_keys["key_file"]}")}"
     }
     source      = ".chef/chef-server.rb.${sha256(element(aws_instance.chef-frontends.*.tags.Name, count.index))}"
     destination = "/tmp/chef-server.rb.${sha256(element(aws_instance.chef-frontends.*.tags.Name, count.index))}"
@@ -512,7 +565,7 @@ resource "null_resource" "first_frontend" {
   connection {
     host        = "${element(aws_instance.chef-frontends.*.public_ip, count.index)}"
     user        = "${var.ami_user[var.os]}"
-    private_key = "${var.instance_keys["key_file"]}"
+    private_key = "${file("${var.instance_keys["key_file"]}")}"
   }
   provisioner "remote-exec" {
     inline = [
@@ -538,7 +591,7 @@ resource "null_resource" "other_frontends" {
   connection {
     host        = "${element(aws_instance.chef-frontends.*.public_ip, count.index + 1)}"
     user        = "${var.ami_user[var.os]}"
-    private_key = "${var.instance_keys["key_file"]}"
+    private_key = "${file("${var.instance_keys["key_file"]}")}"
   }
   # Put chef-frontend.tgz
   provisioner "file" {
@@ -587,7 +640,7 @@ resource "null_resource" "chef-setup" {
   connection {
     host        = "${aws_instance.chef-frontends.0.public_ip}"
     user        = "${var.ami_user[var.os]}"
-    private_key = "${var.instance_keys["key_file"]}"
+    private_key = "${file("${var.instance_keys["key_file"]}")}"
   }
   # TODO: Maybe create parametertized script to run these commands (wrapping chef-server-ctl)
   provisioner "remote-exec" {

diff --git a/providers/aws/route53_ssl/variables.tf b/providers/aws/route53_ssl/variables.tf
@@ -338,4 +338,26 @@ variable "r53_ttls" {
     internal        = "180"
   }
 }
+#
+# ETCD settings
+#
+variable "etcd_path" {
+  type = "string"
+  description = "Path to configure ETCD settings"
+  default = "/opt/chef-backend/service/etcd/env"
+}
+variable "etcd_settings" {
+  type = "map"
+  description = "Various ETCD settings"
+  default = {
+    ETCD_HEARTBEAT_INTERVAL = 600
+    ETCD_ELECTION_TIMEOUT   = 6000
+    ETCD_SNAPSHOT_COUNT     = 5000
+  }
+}
+variable "etcd_restart_cmd" {
+  type = "string"
+  description = "Command issued to restart ETCD service"
+  default = "sudo chef-backend-ctl restart etcd"
+}
-Original file line number
+Diff line change
@@ Expand Up / @@ -4,3 +4,4 @@ terraform.tfvars @@
     *.swp*
     .chef
     logfiles
+    etcd_configs