[PATCH v2 06/10] terraform/lambdalabs: add Kconfig structure for Lambda Labs

[Luis Chamberlain <mcgrof@kernel.org>]

Add the Kconfig menu structure for Lambda Labs cloud provider. This
includes configuration options for:
- Instance type selection (with dynamic and manual modes)
- Region selection
- SSH key management options
- Smart instance inference based on cost and availability
- Persistent storage configuration
- OS image selection

The configuration is structured with modular Kconfig files:
- Main Lambda Labs configuration entry point
- Compute resources (instance types)
- Location settings (regions)
- Identity management (SSH keys)
- Storage options
- Smart selection logic

This provides the configuration structure but doesn't enable Lambda Labs
in the provider menu yet, maintaining build stability.

Generated-by: Claude AI
Signed-off-by: Luis Chamberlain <mcgrof@kernel.org>
---
 terraform/lambdalabs/Kconfig                  | 33 +++++++
 terraform/lambdalabs/kconfigs/Kconfig.compute | 34 +++++++
 .../lambdalabs/kconfigs/Kconfig.identity      | 76 ++++++++++++++++
 .../lambdalabs/kconfigs/Kconfig.location      | 89 +++++++++++++++++++
 .../kconfigs/Kconfig.location.manual          | 57 ++++++++++++
 terraform/lambdalabs/kconfigs/Kconfig.smart   | 25 ++++++
 terraform/lambdalabs/kconfigs/Kconfig.storage | 12 +++
 7 files changed, 326 insertions(+)
 create mode 100644 terraform/lambdalabs/Kconfig
 create mode 100644 terraform/lambdalabs/kconfigs/Kconfig.compute
 create mode 100644 terraform/lambdalabs/kconfigs/Kconfig.identity
 create mode 100644 terraform/lambdalabs/kconfigs/Kconfig.location
 create mode 100644 terraform/lambdalabs/kconfigs/Kconfig.location.manual
 create mode 100644 terraform/lambdalabs/kconfigs/Kconfig.smart
 create mode 100644 terraform/lambdalabs/kconfigs/Kconfig.storage

diff --git a/terraform/lambdalabs/Kconfig b/terraform/lambdalabs/Kconfig
new file mode 100644
index 0000000..050f546
--- /dev/null
+++ b/terraform/lambdalabs/Kconfig
@@ -0,0 +1,33 @@
+if TERRAFORM_LAMBDALABS
+
+# Lambda Labs Terraform Provider Limitations:
+# The elct9620/lambdalabs provider (v0.3.0) has significant limitations:
+# - NO OS/distribution selection (always Ubuntu 22.04)
+# - NO storage volume management
+# - NO custom user creation (always uses "ubuntu" user)
+# - NO user data/cloud-init support
+#
+# Only these features are supported:
+# - Region selection
+# - GPU instance type selection
+# - SSH key management
+
+menu "Resource Location"
+source "terraform/lambdalabs/kconfigs/Kconfig.location"
+endmenu
+
+menu "Compute"
+source "terraform/lambdalabs/kconfigs/Kconfig.compute"
+endmenu
+
+# Storage menu removed - not supported by provider
+# OS image selection removed - not supported by provider
+
+menu "Identity & Access"
+source "terraform/lambdalabs/kconfigs/Kconfig.identity"
+endmenu
+
+# Note: Storage and OS configuration files are kept as placeholders
+# for future provider updates but contain no options currently
+
+endif # TERRAFORM_LAMBDALABS
diff --git a/terraform/lambdalabs/kconfigs/Kconfig.compute b/terraform/lambdalabs/kconfigs/Kconfig.compute
new file mode 100644
index 0000000..2311e90
--- /dev/null
+++ b/terraform/lambdalabs/kconfigs/Kconfig.compute
@@ -0,0 +1,34 @@
+# Lambda Labs compute configuration
+
+# Smart cheapest instance selection
+config TERRAFORM_LAMBDALABS_SMART_CHEAPEST
+	bool "Automatically select cheapest available instance in closest region"
+	default y
+	help
+	  Enable smart inference that:
+	  1. Determines your location from public IP
+	  2. Finds all available instance/region combinations
+	  3. Selects the cheapest instance type
+	  4. Picks the closest region where that instance is available
+
+	  This ensures you get the most affordable option with lowest latency.
+
+if !TERRAFORM_LAMBDALABS_SMART_CHEAPEST
+# Include dynamically generated instance types only if not using smart selection
+source "terraform/lambdalabs/kconfigs/Kconfig.compute.generated"
+endif
+
+config TERRAFORM_LAMBDALABS_INSTANCE_TYPE
+	string
+	output yaml
+	default $(shell, python3 scripts/lambdalabs_smart_inference.py instance) if TERRAFORM_LAMBDALABS_SMART_CHEAPEST
+	default "gpu_1x_a10"
+
+# OS image is not configurable - provider limitation
+config TERRAFORM_LAMBDALABS_IMAGE
+	string
+	default "ubuntu-22.04"
+	help
+	  Lambda Labs terraform provider does NOT support OS/image selection.
+	  The provider always deploys Ubuntu 22.04. This is a placeholder
+	  config that exists only for consistency with other cloud providers.
diff --git a/terraform/lambdalabs/kconfigs/Kconfig.identity b/terraform/lambdalabs/kconfigs/Kconfig.identity
new file mode 100644
index 0000000..5bc2602
--- /dev/null
+++ b/terraform/lambdalabs/kconfigs/Kconfig.identity
@@ -0,0 +1,76 @@
+# Lambda Labs identity and access configuration
+
+# SSH Key Security Model
+# =======================
+# For security, each kdevops project directory should use its own SSH key.
+# This prevents key sharing between different projects and environments.
+#
+# Two modes are supported:
+# 1. Unique keys per directory (recommended) - Each project gets its own key
+# 2. Shared key (legacy) - Use a common key name across projects
+
+choice
+	prompt "Lambda Labs SSH key management strategy"
+	default TERRAFORM_LAMBDALABS_SSH_KEY_UNIQUE
+	help
+	  Choose how SSH keys are managed for Lambda Labs instances.
+
+	  Unique keys (recommended): Each project directory gets its own SSH key,
+	  preventing key sharing between projects. The key name includes a hash
+	  of the directory path for uniqueness.
+
+	  Shared key: Use the same key name across all projects (less secure).
+
+config TERRAFORM_LAMBDALABS_SSH_KEY_UNIQUE
+	bool "Use unique SSH key per project directory (recommended)"
+	help
+	  Generate a unique SSH key name for each kdevops project directory.
+	  This improves security by ensuring projects don't share SSH keys.
+
+	  The key name will be generated based on the directory path, like:
+	  "kdevops-lambda-kdevops-a1b2c3d4"
+
+	  The key will be automatically created and uploaded to Lambda Labs
+	  when you run 'make bringup' if it doesn't already exist.
+
+config TERRAFORM_LAMBDALABS_SSH_KEY_SHARED
+	bool "Use shared SSH key name (legacy)"
+	help
+	  Use a fixed SSH key name that you specify. This is less secure
+	  as multiple projects might share the same key.
+
+	  You'll need to ensure the key exists in Lambda Labs before
+	  running 'make bringup'.
+
+endchoice
+
+config TERRAFORM_LAMBDALABS_SSH_KEY_NAME_CUSTOM
+	string "Custom SSH key name (only for shared mode)"
+	default "kdevops-lambdalabs"
+	depends on TERRAFORM_LAMBDALABS_SSH_KEY_SHARED
+	help
+	  Specify the custom SSH key name to use when in shared mode.
+	  This key must already exist in your Lambda Labs account.
+
+config TERRAFORM_LAMBDALABS_SSH_KEY_NAME
+	string
+	output yaml
+	default $(shell, python3 scripts/lambdalabs_ssh_key_name.py 2>/dev/null || echo "kdevops-lambdalabs") if TERRAFORM_LAMBDALABS_SSH_KEY_UNIQUE
+	default TERRAFORM_LAMBDALABS_SSH_KEY_NAME_CUSTOM if TERRAFORM_LAMBDALABS_SSH_KEY_SHARED
+
+config TERRAFORM_LAMBDALABS_SSH_KEY_AUTO_CREATE
+	bool "Automatically create and upload SSH key if missing"
+	default y if TERRAFORM_LAMBDALABS_SSH_KEY_UNIQUE
+	default n if TERRAFORM_LAMBDALABS_SSH_KEY_SHARED
+	help
+	  When enabled, kdevops will automatically:
+	  1. Generate a new SSH key pair if it doesn't exist
+	  2. Upload the public key to Lambda Labs if not already there
+	  3. Clean up the key when destroying infrastructure
+
+	  This is enabled by default for unique keys mode and disabled
+	  for shared key mode.
+
+# Note: Lambda Labs doesn't support custom SSH users
+# Instances always use the OS default user (ubuntu for Ubuntu 22.04)
+# To handle this, we disable SSH user inference for Lambda Labs
diff --git a/terraform/lambdalabs/kconfigs/Kconfig.location b/terraform/lambdalabs/kconfigs/Kconfig.location
new file mode 100644
index 0000000..7c54845
--- /dev/null
+++ b/terraform/lambdalabs/kconfigs/Kconfig.location
@@ -0,0 +1,89 @@
+# Lambda Labs location configuration with smart inference
+
+if !TERRAFORM_LAMBDALABS_SMART_CHEAPEST
+
+choice
+	prompt "Lambda Labs region selection method"
+	default TERRAFORM_LAMBDALABS_REGION_SMART_INFER
+	depends on !TERRAFORM_LAMBDALABS_SMART_CHEAPEST
+	help
+	  Select how to choose the Lambda Labs region for deployment.
+	  Smart inference automatically finds a region with available capacity.
+
+config TERRAFORM_LAMBDALABS_REGION_SMART_INFER
+	bool "Smart inference - automatically select region with available capacity"
+	help
+	  Automatically selects a region that has available capacity for your
+	  chosen instance type. This eliminates manual checking of region availability.
+
+config TERRAFORM_LAMBDALABS_REGION_MANUAL
+	bool "Manual region selection"
+	help
+	  Manually select a specific region. Note that the selected region
+	  may not have capacity for your chosen instance type.
+
+endchoice
+
+if TERRAFORM_LAMBDALABS_REGION_MANUAL
+
+choice
+	prompt "Lambda Labs region"
+	default TERRAFORM_LAMBDALABS_REGION_US_TX_1
+	depends on TERRAFORM_LAMBDALABS_REGION_MANUAL
+
+config TERRAFORM_LAMBDALABS_REGION_US_TX_1
+	bool "us-tx-1 - Texas, USA"
+
+config TERRAFORM_LAMBDALABS_REGION_US_MIDWEST_1
+	bool "us-midwest-1 - Midwest, USA"
+
+config TERRAFORM_LAMBDALABS_REGION_US_WEST_1
+	bool "us-west-1 - West Coast, USA"
+
+config TERRAFORM_LAMBDALABS_REGION_US_WEST_2
+	bool "us-west-2 - West Coast, USA (alt)"
+
+config TERRAFORM_LAMBDALABS_REGION_US_WEST_3
+	bool "us-west-3 - West Coast, USA (alt 2)"
+
+config TERRAFORM_LAMBDALABS_REGION_US_SOUTH_1
+	bool "us-south-1 - South, USA"
+
+config TERRAFORM_LAMBDALABS_REGION_EU_CENTRAL_1
+	bool "europe-central-1 - Central Europe"
+
+config TERRAFORM_LAMBDALABS_REGION_ASIA_NORTHEAST_1
+	bool "asia-northeast-1 - Northeast Asia"
+
+config TERRAFORM_LAMBDALABS_REGION_ASIA_SOUTH_1
+	bool "asia-south-1 - South Asia"
+
+config TERRAFORM_LAMBDALABS_REGION_ME_WEST_1
+	bool "me-west-1 - Middle East West"
+
+config TERRAFORM_LAMBDALABS_REGION_US_EAST_1
+	bool "us-east-1 - East Coast, USA"
+
+endchoice
+
+endif # TERRAFORM_LAMBDALABS_REGION_MANUAL
+
+endif # !TERRAFORM_LAMBDALABS_SMART_CHEAPEST
+
+config TERRAFORM_LAMBDALABS_REGION
+	string
+	output yaml
+	default $(shell, python3 scripts/lambdalabs_smart_inference.py region) if TERRAFORM_LAMBDALABS_SMART_CHEAPEST
+	default $(shell, scripts/lambdalabs_infer_region.py $(TERRAFORM_LAMBDALABS_INSTANCE_TYPE)) if TERRAFORM_LAMBDALABS_REGION_SMART_INFER
+	default "us-tx-1" if TERRAFORM_LAMBDALABS_REGION_US_TX_1
+	default "us-midwest-1" if TERRAFORM_LAMBDALABS_REGION_US_MIDWEST_1
+	default "us-west-1" if TERRAFORM_LAMBDALABS_REGION_US_WEST_1
+	default "us-west-2" if TERRAFORM_LAMBDALABS_REGION_US_WEST_2
+	default "us-west-3" if TERRAFORM_LAMBDALABS_REGION_US_WEST_3
+	default "us-south-1" if TERRAFORM_LAMBDALABS_REGION_US_SOUTH_1
+	default "europe-central-1" if TERRAFORM_LAMBDALABS_REGION_EU_CENTRAL_1
+	default "asia-northeast-1" if TERRAFORM_LAMBDALABS_REGION_ASIA_NORTHEAST_1
+	default "asia-south-1" if TERRAFORM_LAMBDALABS_REGION_ASIA_SOUTH_1
+	default "me-west-1" if TERRAFORM_LAMBDALABS_REGION_ME_WEST_1
+	default "us-east-1" if TERRAFORM_LAMBDALABS_REGION_US_EAST_1
+	default "us-tx-1"
diff --git a/terraform/lambdalabs/kconfigs/Kconfig.location.manual b/terraform/lambdalabs/kconfigs/Kconfig.location.manual
new file mode 100644
index 0000000..8ab81df
--- /dev/null
+++ b/terraform/lambdalabs/kconfigs/Kconfig.location.manual
@@ -0,0 +1,57 @@
+# Manual region selection (included when TERRAFORM_LAMBDALABS_REGION_MANUAL is set)
+
+choice
+	prompt "Lambda Labs region"
+	default TERRAFORM_LAMBDALABS_REGION_US_TX_1
+	depends on TERRAFORM_LAMBDALABS_REGION_MANUAL
+
+config TERRAFORM_LAMBDALABS_REGION_US_TX_1
+	bool "us-tx-1 - Texas, USA"
+
+config TERRAFORM_LAMBDALABS_REGION_US_MIDWEST_1
+	bool "us-midwest-1 - Midwest, USA"
+
+config TERRAFORM_LAMBDALABS_REGION_US_WEST_1
+	bool "us-west-1 - West Coast, USA"
+
+config TERRAFORM_LAMBDALABS_REGION_US_WEST_2
+	bool "us-west-2 - West Coast, USA (alt)"
+
+config TERRAFORM_LAMBDALABS_REGION_US_WEST_3
+	bool "us-west-3 - West Coast, USA (alt 2)"
+
+config TERRAFORM_LAMBDALABS_REGION_US_SOUTH_1
+	bool "us-south-1 - South, USA"
+
+config TERRAFORM_LAMBDALABS_REGION_EU_CENTRAL_1
+	bool "europe-central-1 - Central Europe"
+
+config TERRAFORM_LAMBDALABS_REGION_ASIA_NORTHEAST_1
+	bool "asia-northeast-1 - Northeast Asia"
+
+config TERRAFORM_LAMBDALABS_REGION_ASIA_SOUTH_1
+	bool "asia-south-1 - South Asia"
+
+config TERRAFORM_LAMBDALABS_REGION_ME_WEST_1
+	bool "me-west-1 - Middle East West"
+
+config TERRAFORM_LAMBDALABS_REGION_US_EAST_1
+	bool "us-east-1 - East Coast, USA"
+
+endchoice
+
+config TERRAFORM_LAMBDALABS_REGION
+	string
+	output yaml
+	default "us-tx-1" if TERRAFORM_LAMBDALABS_REGION_US_TX_1
+	default "us-midwest-1" if TERRAFORM_LAMBDALABS_REGION_US_MIDWEST_1
+	default "us-west-1" if TERRAFORM_LAMBDALABS_REGION_US_WEST_1
+	default "us-west-2" if TERRAFORM_LAMBDALABS_REGION_US_WEST_2
+	default "us-west-3" if TERRAFORM_LAMBDALABS_REGION_US_WEST_3
+	default "us-south-1" if TERRAFORM_LAMBDALABS_REGION_US_SOUTH_1
+	default "europe-central-1" if TERRAFORM_LAMBDALABS_REGION_EU_CENTRAL_1
+	default "asia-northeast-1" if TERRAFORM_LAMBDALABS_REGION_ASIA_NORTHEAST_1
+	default "asia-south-1" if TERRAFORM_LAMBDALABS_REGION_ASIA_SOUTH_1
+	default "me-west-1" if TERRAFORM_LAMBDALABS_REGION_ME_WEST_1
+	default "us-east-1" if TERRAFORM_LAMBDALABS_REGION_US_EAST_1
+	default "us-tx-1"
\ No newline at end of file
diff --git a/terraform/lambdalabs/kconfigs/Kconfig.smart b/terraform/lambdalabs/kconfigs/Kconfig.smart
new file mode 100644
index 0000000..fb4e385
--- /dev/null
+++ b/terraform/lambdalabs/kconfigs/Kconfig.smart
@@ -0,0 +1,25 @@
+# Lambda Labs Smart Inference Configuration
+
+config TERRAFORM_LAMBDALABS_SMART_CHEAPEST
+	bool "Automatically select cheapest available instance in closest region"
+	default y
+	help
+	  Enable smart inference that:
+	  1. Determines your location from public IP
+	  2. Finds all available instance/region combinations
+	  3. Selects the cheapest instance type
+	  4. Picks the closest region where that instance is available
+
+	  This ensures you get the most affordable option with lowest latency.
+
+if TERRAFORM_LAMBDALABS_SMART_CHEAPEST
+
+config TERRAFORM_LAMBDALABS_SMART_INSTANCE
+	string
+	default $(shell, python3 scripts/lambdalabs_smart_inference.py instance)
+
+config TERRAFORM_LAMBDALABS_SMART_REGION
+	string
+	default $(shell, python3 scripts/lambdalabs_smart_inference.py region)
+
+endif # TERRAFORM_LAMBDALABS_SMART_CHEAPEST
diff --git a/terraform/lambdalabs/kconfigs/Kconfig.storage b/terraform/lambdalabs/kconfigs/Kconfig.storage
new file mode 100644
index 0000000..4a91702
--- /dev/null
+++ b/terraform/lambdalabs/kconfigs/Kconfig.storage
@@ -0,0 +1,12 @@
+# Lambda Labs storage configuration
+#
+# NOTE: The Lambda Labs terraform provider (elct9620/lambdalabs v0.3.0) does NOT support
+# storage volume management. Instances come with their default storage only.
+#
+# If you need additional storage, you must:
+# 1. Use the Lambda Labs web console to attach volumes manually
+# 2. Or use a different cloud provider that supports storage management
+#
+# This file is kept as a placeholder for future provider updates.
+
+# No configuration options available - provider doesn't support storage management
-- 
2.50.1