From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0C2301F2BB5 for ; Mon, 5 May 2025 09:07:50 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1746436071; cv=none; b=K+bAowETuNfBJX5POy1PmlkLwsg38tjiAelSh1mgjx7qHQpsx6s5GSBd868cJja5qIjUaX4JSeEUOnWowwcH36QYL7Y89Oj8iFnj7V+TneHxJV4pd8KzSVal14QQOHJ2wPrZbWYyR86s2SJtsnR8QQgpeOilmvGw+Ii9XxKh9A8= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1746436071; c=relaxed/simple; bh=5voQZUjnzQ654pKRFT/c/t5ZZhehSguzeu7JlLjLf2E=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=Eg4NSYlEiR3rLY1G1TU+gfWpr9alRK3Pu/HXszJkxYy4YIh2cqmUXZc+SQrYKNLrrMbZgyF9OSpCtUuwtopAWZSeGhgMaLnsTav3X8YgmBjGVUtAVUhZMQGm6skIrfN3mOdgBFj094wvusRpuAQIRclS8Y8snpZxhcKYp9Gzxxc= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=I+mnLg6A; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="I+mnLg6A" Received: by smtp.kernel.org (Postfix) with ESMTPSA id C222EC4CEF2; Mon, 5 May 2025 09:07:49 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1746436070; bh=5voQZUjnzQ654pKRFT/c/t5ZZhehSguzeu7JlLjLf2E=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=I+mnLg6AbrG2TjDJEwXN5Nktm9hiwUhdFn7KN7ccW6zrfWKhQtbe1xAKq1Z41iDEI BNPaE5COPm6rNpCmWhm/jmYoLnwzOMDV17d/nri3cjC1DnvCdNC830HdTnyTIbnHUh zCAi5CcEAQqYzY7xpBNHKtlFFc2hXDiiXBTCKp/xD1E2weh+CtQtUQGvbB+6Hk0Wy2 6GgfTex8M2QgEWTn0nNEUiEoCM+v4O9GXxcmuOjuF8K4cab4CKmVBNOnakeYd1fQDZ NJOF+2B/P0b9iRzxsU3XLksdGHQdMDtW9BK62cCv98WejJhFl3th66ynXewrPHrpOC /DijtM/zu9kyg== From: Chandan Babu R To: kdevops@lists.linux.dev Cc: Chandan Babu R , chuck.lever@oracle.com Subject: [PATCH V2 3/3] Allow private IP address to be assigned to instances created on OCI Date: Mon, 5 May 2025 14:37:18 +0530 Message-ID: <20250505090724.955860-3-chandanbabu@kernel.org> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20250505090724.955860-1-chandanbabu@kernel.org> References: <20250505090724.955860-1-chandanbabu@kernel.org> Precedence: bulk X-Mailing-List: kdevops@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit The OCI tenancy available to kernel developers from Oracle allows only private IP addresses to be assigned to compute instances. Hence this commit brings back the ability to work with OCI instances having private IP addresses. The variable "public_ip_map" defined in terraform/*/output.tf files has also been renamed to "controller_ip_map" in order to abstract away the type of the IP address being used. Signed-off-by: Chandan Babu R --- Changelog: V1 -> V2: 1. Rename ansible_ip_map to controller_ip_map. 2. Update documentation of controller_ip_map variable. playbooks/roles/terraform/tasks/main.yml | 8 ++++---- playbooks/roles/terraform/templates/ssh_config.j2 | 4 ++-- scripts/status_terraform.sh | 2 +- terraform/aws/output.tf | 9 +++++---- terraform/azure/output.tf | 9 +++++---- terraform/gce/output.tf | 9 +++++---- terraform/oci/output.tf | 14 +++++++++----- terraform/openstack/output.tf | 9 +++++---- 8 files changed, 36 insertions(+), 28 deletions(-) diff --git a/playbooks/roles/terraform/tasks/main.yml b/playbooks/roles/terraform/tasks/main.yml index d04dc997..419831e8 100644 --- a/playbooks/roles/terraform/tasks/main.yml +++ b/playbooks/roles/terraform/tasks/main.yml @@ -7,22 +7,22 @@ tags: - bringup -- name: Retrieve the public_ip_map from terraform +- name: Retrieve the controller_ip_map from terraform delegate_to: localhost run_once: true ansible.builtin.command: chdir: "{{ topdir_path }}/terraform/{{ kdevops_terraform_provider }}" - cmd: "terraform output -json public_ip_map" + cmd: "terraform output -json controller_ip_map" register: terraform_output changed_when: false tags: - ssh -- name: Convert the retrieved public_ip_map into a dictionary +- name: Convert the retrieved controller_ip_map into a dictionary delegate_to: localhost run_once: true ansible.builtin.set_fact: - public_ip_map: "{{ terraform_output.stdout | from_json }}" + controller_ip_map: "{{ terraform_output.stdout | from_json }}" tags: - ssh diff --git a/playbooks/roles/terraform/templates/ssh_config.j2 b/playbooks/roles/terraform/templates/ssh_config.j2 index d9b057b1..3f6d6191 100644 --- a/playbooks/roles/terraform/templates/ssh_config.j2 +++ b/playbooks/roles/terraform/templates/ssh_config.j2 @@ -1,5 +1,5 @@ -Host {{ inventory_hostname }} {{ public_ip_map[inventory_hostname] }} - HostName {{ public_ip_map[inventory_hostname] }} +Host {{ inventory_hostname }} {{ controller_ip_map[inventory_hostname] }} + HostName {{ controller_ip_map[inventory_hostname] }} User {{ kdevops_terraform_ssh_config_user }} Port 22 IdentityFile {{ kdevops_terraform_ssh_config_privkey_file }} diff --git a/scripts/status_terraform.sh b/scripts/status_terraform.sh index dc82d79e..9b016498 100755 --- a/scripts/status_terraform.sh +++ b/scripts/status_terraform.sh @@ -13,5 +13,5 @@ if [[ ${COUNT} -eq 1 ]]; then else echo "There are ${COUNT} active terraform resources on '$1'." fi -terraform output public_ip_map +terraform output controller_ip_map exit 0 diff --git a/terraform/aws/output.tf b/terraform/aws/output.tf index ab18bc55..b4150268 100644 --- a/terraform/aws/output.tf +++ b/terraform/aws/output.tf @@ -1,10 +1,11 @@ # All generic output goes here -# Each provider's output.tf needs to define a public_ip_map. This +# Each provider's output.tf needs to define a controller_ip_map. This # map is used to build the Ansible controller's ssh configuration. -# Each map entry contains the node's hostname and public IP address. -output "public_ip_map" { - description = "The public IP addresses assigned to each instance" +# Each map entry contains the node's hostname and public/private IP +# address. +output "controller_ip_map" { + description = "The IP addresses assigned to each instance" value = zipmap(var.kdevops_nodes[*], aws_eip.kdevops_eip[*].public_ip) } diff --git a/terraform/azure/output.tf b/terraform/azure/output.tf index 38104c90..a654717b 100644 --- a/terraform/azure/output.tf +++ b/terraform/azure/output.tf @@ -1,7 +1,8 @@ -# Each provider's output.tf needs to define a public_ip_map. This +# Each provider's output.tf needs to define a controller_ip_map. This # map is used to build the Ansible controller's ssh configuration. -# Each map entry contains the node's hostname and public IP address. -output "public_ip_map" { - description = "The public IP addresses assigned to each instance" +# Each map entry contains the node's hostname and public/private IP +# address. +output "controller_ip_map" { + description = "The IP addresses assigned to each instance" value = zipmap(var.kdevops_nodes[*], azurerm_public_ip.kdevops_publicip[*].ip_address) } diff --git a/terraform/gce/output.tf b/terraform/gce/output.tf index 15889cc4..358f1b15 100644 --- a/terraform/gce/output.tf +++ b/terraform/gce/output.tf @@ -1,10 +1,11 @@ # All generic output goes here -# Each provider's output.tf needs to define a public_ip_map. This +# Each provider's output.tf needs to define a controller_ip_map. This # map is used to build the Ansible controller's ssh configuration. -# Each map entry contains the node's hostname and public IP address. -output "public_ip_map" { - description = "The public IP addresses assigned to each instance" +# Each map entry contains the node's hostname and public/private IP +# address. +output "controller_ip_map" { + description = "The IP addresses assigned to each instance" value = zipmap(var.kdevops_nodes[*], google_compute_instance.kdevops_instance[*].network_interface[0].access_config[0].nat_ip) } diff --git a/terraform/oci/output.tf b/terraform/oci/output.tf index 1657b804..e2dc6c4a 100644 --- a/terraform/oci/output.tf +++ b/terraform/oci/output.tf @@ -1,9 +1,13 @@ # All generic output goes here -# Each provider's output.tf needs to define a public_ip_map. This +# Each provider's output.tf needs to define a controller_ip_map. This # map is used to build the Ansible controller's ssh configuration. -# Each map entry contains the node's hostname and public IP address. -output "public_ip_map" { - description = "The public IP addresses assigned to each instance" - value = zipmap(var.kdevops_nodes[*], oci_core_instance.kdevops_instance.*.public_ip) +# Each map entry contains the node's hostname and public/private IP +# address. +output "controller_ip_map" { + description = "The IP addresses assigned to each instance" + value = zipmap(var.kdevops_nodes[*], + var.oci_assign_public_ip ? + oci_core_instance.kdevops_instance.*.public_ip : + oci_core_instance.kdevops_instance.*.private_ip) } diff --git a/terraform/openstack/output.tf b/terraform/openstack/output.tf index d5d3a6b1..1667521a 100644 --- a/terraform/openstack/output.tf +++ b/terraform/openstack/output.tf @@ -18,10 +18,11 @@ output "kdevops_hosts_and_ipv4" { value = data.null_data_source.group_hostnames_and_ips.*.outputs } -# Each provider's output.tf needs to define a public_ip_map. This +# Each provider's output.tf needs to define a controller_ip_map. This # map is used to build the Ansible controller's ssh configuration. -# Each map entry contains the node's hostname and public IP address. -output "public_ip_map" { - description = "The public IP addresses assigned to each instance" +# Each map entry contains the node's hostname and public/private IP +# address. +output "controller_ip_map" { + description = "The IP addresses assigned to each instance" value = zipmap(var.kdevops_nodes[*], openstack_compute_instance_v2.kdevops_instances[*].access_ip_v4) } -- 2.45.2