[PATCH v3 07/10] terraform/lambdalabs: add Kconfig structure for Lambda Labs

[Luis Chamberlain <mcgrof@kernel.org>]

Add comprehensive Kconfig system for Lambda Labs cloud provider:
- Main Kconfig: Provider overview and menu organization
- Kconfig.location: Region selection with smart inference modes
- Kconfig.compute: Instance type configuration with capacity info
- Kconfig.identity: SSH key management
- Kconfig.smart: Smart selection algorithms configuration
- Kconfig.storage: Placeholder for future storage features

Key features:
- Three selection modes: smart cheapest, smart inference, manual
- Dynamic region/instance generation based on API availability
- Complete region mappings including us-east-3 and other regions
- Provider limitations clearly documented
- Integration with dynamic configuration system

The Kconfig structure provides user-friendly configuration while
handling Lambda Labs provider constraints transparently.

Generated-by: Claude AI
Signed-off-by: Your Name <email@example.com>
---
 terraform/lambdalabs/Kconfig                  | 33 ++++++++
 terraform/lambdalabs/kconfigs/Kconfig.compute | 48 ++++++++++++
 .../lambdalabs/kconfigs/Kconfig.identity      | 76 +++++++++++++++++++
 .../lambdalabs/kconfigs/Kconfig.location      | 73 ++++++++++++++++++
 terraform/lambdalabs/kconfigs/Kconfig.smart   | 25 ++++++
 terraform/lambdalabs/kconfigs/Kconfig.storage | 12 +++
 6 files changed, 267 insertions(+)
 create mode 100644 terraform/lambdalabs/Kconfig
 create mode 100644 terraform/lambdalabs/kconfigs/Kconfig.compute
 create mode 100644 terraform/lambdalabs/kconfigs/Kconfig.identity
 create mode 100644 terraform/lambdalabs/kconfigs/Kconfig.location
 create mode 100644 terraform/lambdalabs/kconfigs/Kconfig.smart
 create mode 100644 terraform/lambdalabs/kconfigs/Kconfig.storage

diff --git a/terraform/lambdalabs/Kconfig b/terraform/lambdalabs/Kconfig
new file mode 100644
index 0000000..050f546
--- /dev/null
+++ b/terraform/lambdalabs/Kconfig
@@ -0,0 +1,33 @@
+if TERRAFORM_LAMBDALABS
+
+# Lambda Labs Terraform Provider Limitations:
+# The elct9620/lambdalabs provider (v0.3.0) has significant limitations:
+# - NO OS/distribution selection (always Ubuntu 22.04)
+# - NO storage volume management
+# - NO custom user creation (always uses "ubuntu" user)
+# - NO user data/cloud-init support
+#
+# Only these features are supported:
+# - Region selection
+# - GPU instance type selection
+# - SSH key management
+
+menu "Resource Location"
+source "terraform/lambdalabs/kconfigs/Kconfig.location"
+endmenu
+
+menu "Compute"
+source "terraform/lambdalabs/kconfigs/Kconfig.compute"
+endmenu
+
+# Storage menu removed - not supported by provider
+# OS image selection removed - not supported by provider
+
+menu "Identity & Access"
+source "terraform/lambdalabs/kconfigs/Kconfig.identity"
+endmenu
+
+# Note: Storage and OS configuration files are kept as placeholders
+# for future provider updates but contain no options currently
+
+endif # TERRAFORM_LAMBDALABS
diff --git a/terraform/lambdalabs/kconfigs/Kconfig.compute b/terraform/lambdalabs/kconfigs/Kconfig.compute
new file mode 100644
index 0000000..579e720
--- /dev/null
+++ b/terraform/lambdalabs/kconfigs/Kconfig.compute
@@ -0,0 +1,48 @@
+# Lambda Labs compute configuration
+
+if TERRAFORM_LAMBDALABS_REGION_SMART_CHEAPEST
+
+comment "Instance type: Automatically selected (cheapest available)"
+comment "Enable manual region selection to choose specific instance type"
+
+endif # TERRAFORM_LAMBDALABS_REGION_SMART_CHEAPEST
+
+# Include dynamically generated instance types when not using smart cheapest selection
+if !TERRAFORM_LAMBDALABS_REGION_SMART_CHEAPEST
+source "terraform/lambdalabs/kconfigs/Kconfig.compute.generated"
+endif
+
+config TERRAFORM_LAMBDALABS_INSTANCE_TYPE
+	string
+	output yaml
+	default $(shell, python3 scripts/lambdalabs_smart_inference.py instance) if TERRAFORM_LAMBDALABS_REGION_SMART_CHEAPEST
+	# Dynamically generated mappings for all instance types
+	default "cpu_4x_general" if TERRAFORM_LAMBDALABS_INSTANCE_TYPE_CPU_4X_GENERAL
+	default "gpu_1x_a10" if TERRAFORM_LAMBDALABS_INSTANCE_TYPE_GPU_1X_A10
+	default "gpu_1x_a100" if TERRAFORM_LAMBDALABS_INSTANCE_TYPE_GPU_1X_A100
+	default "gpu_1x_a100_sxm4" if TERRAFORM_LAMBDALABS_INSTANCE_TYPE_GPU_1X_A100_SXM4
+	default "gpu_1x_a6000" if TERRAFORM_LAMBDALABS_INSTANCE_TYPE_GPU_1X_A6000
+	default "gpu_1x_gh200" if TERRAFORM_LAMBDALABS_INSTANCE_TYPE_GPU_1X_GH200
+	default "gpu_1x_h100_pcie" if TERRAFORM_LAMBDALABS_INSTANCE_TYPE_GPU_1X_H100_PCIE
+	default "gpu_1x_h100_sxm5" if TERRAFORM_LAMBDALABS_INSTANCE_TYPE_GPU_1X_H100_SXM5
+	default "gpu_1x_rtx6000" if TERRAFORM_LAMBDALABS_INSTANCE_TYPE_GPU_1X_RTX6000
+	default "gpu_2x_a100" if TERRAFORM_LAMBDALABS_INSTANCE_TYPE_GPU_2X_A100
+	default "gpu_2x_a6000" if TERRAFORM_LAMBDALABS_INSTANCE_TYPE_GPU_2X_A6000
+	default "gpu_2x_h100_sxm5" if TERRAFORM_LAMBDALABS_INSTANCE_TYPE_GPU_2X_H100_SXM5
+	default "gpu_4x_a100" if TERRAFORM_LAMBDALABS_INSTANCE_TYPE_GPU_4X_A100
+	default "gpu_4x_a6000" if TERRAFORM_LAMBDALABS_INSTANCE_TYPE_GPU_4X_A6000
+	default "gpu_4x_h100_sxm5" if TERRAFORM_LAMBDALABS_INSTANCE_TYPE_GPU_4X_H100_SXM5
+	default "gpu_8x_a100" if TERRAFORM_LAMBDALABS_INSTANCE_TYPE_GPU_8X_A100
+	default "gpu_8x_a100_80gb_sxm4" if TERRAFORM_LAMBDALABS_INSTANCE_TYPE_GPU_8X_A100_80GB_SXM4
+	default "gpu_8x_b200_sxm6" if TERRAFORM_LAMBDALABS_INSTANCE_TYPE_GPU_8X_B200_SXM6
+	default "gpu_8x_h100_sxm5" if TERRAFORM_LAMBDALABS_INSTANCE_TYPE_GPU_8X_H100_SXM5
+	default "gpu_8x_v100" if TERRAFORM_LAMBDALABS_INSTANCE_TYPE_GPU_8X_V100
+
+# OS image is not configurable - provider limitation
+config TERRAFORM_LAMBDALABS_IMAGE
+	string
+	default "ubuntu-22.04"
+	help
+	  Lambda Labs terraform provider does NOT support OS/image selection.
+	  The provider always deploys Ubuntu 22.04. This is a placeholder
+	  config that exists only for consistency with other cloud providers.
diff --git a/terraform/lambdalabs/kconfigs/Kconfig.identity b/terraform/lambdalabs/kconfigs/Kconfig.identity
new file mode 100644
index 0000000..5bc2602
--- /dev/null
+++ b/terraform/lambdalabs/kconfigs/Kconfig.identity
@@ -0,0 +1,76 @@
+# Lambda Labs identity and access configuration
+
+# SSH Key Security Model
+# =======================
+# For security, each kdevops project directory should use its own SSH key.
+# This prevents key sharing between different projects and environments.
+#
+# Two modes are supported:
+# 1. Unique keys per directory (recommended) - Each project gets its own key
+# 2. Shared key (legacy) - Use a common key name across projects
+
+choice
+	prompt "Lambda Labs SSH key management strategy"
+	default TERRAFORM_LAMBDALABS_SSH_KEY_UNIQUE
+	help
+	  Choose how SSH keys are managed for Lambda Labs instances.
+
+	  Unique keys (recommended): Each project directory gets its own SSH key,
+	  preventing key sharing between projects. The key name includes a hash
+	  of the directory path for uniqueness.
+
+	  Shared key: Use the same key name across all projects (less secure).
+
+config TERRAFORM_LAMBDALABS_SSH_KEY_UNIQUE
+	bool "Use unique SSH key per project directory (recommended)"
+	help
+	  Generate a unique SSH key name for each kdevops project directory.
+	  This improves security by ensuring projects don't share SSH keys.
+
+	  The key name will be generated based on the directory path, like:
+	  "kdevops-lambda-kdevops-a1b2c3d4"
+
+	  The key will be automatically created and uploaded to Lambda Labs
+	  when you run 'make bringup' if it doesn't already exist.
+
+config TERRAFORM_LAMBDALABS_SSH_KEY_SHARED
+	bool "Use shared SSH key name (legacy)"
+	help
+	  Use a fixed SSH key name that you specify. This is less secure
+	  as multiple projects might share the same key.
+
+	  You'll need to ensure the key exists in Lambda Labs before
+	  running 'make bringup'.
+
+endchoice
+
+config TERRAFORM_LAMBDALABS_SSH_KEY_NAME_CUSTOM
+	string "Custom SSH key name (only for shared mode)"
+	default "kdevops-lambdalabs"
+	depends on TERRAFORM_LAMBDALABS_SSH_KEY_SHARED
+	help
+	  Specify the custom SSH key name to use when in shared mode.
+	  This key must already exist in your Lambda Labs account.
+
+config TERRAFORM_LAMBDALABS_SSH_KEY_NAME
+	string
+	output yaml
+	default $(shell, python3 scripts/lambdalabs_ssh_key_name.py 2>/dev/null || echo "kdevops-lambdalabs") if TERRAFORM_LAMBDALABS_SSH_KEY_UNIQUE
+	default TERRAFORM_LAMBDALABS_SSH_KEY_NAME_CUSTOM if TERRAFORM_LAMBDALABS_SSH_KEY_SHARED
+
+config TERRAFORM_LAMBDALABS_SSH_KEY_AUTO_CREATE
+	bool "Automatically create and upload SSH key if missing"
+	default y if TERRAFORM_LAMBDALABS_SSH_KEY_UNIQUE
+	default n if TERRAFORM_LAMBDALABS_SSH_KEY_SHARED
+	help
+	  When enabled, kdevops will automatically:
+	  1. Generate a new SSH key pair if it doesn't exist
+	  2. Upload the public key to Lambda Labs if not already there
+	  3. Clean up the key when destroying infrastructure
+
+	  This is enabled by default for unique keys mode and disabled
+	  for shared key mode.
+
+# Note: Lambda Labs doesn't support custom SSH users
+# Instances always use the OS default user (ubuntu for Ubuntu 22.04)
+# To handle this, we disable SSH user inference for Lambda Labs
diff --git a/terraform/lambdalabs/kconfigs/Kconfig.location b/terraform/lambdalabs/kconfigs/Kconfig.location
new file mode 100644
index 0000000..7dd3d5b
--- /dev/null
+++ b/terraform/lambdalabs/kconfigs/Kconfig.location
@@ -0,0 +1,73 @@
+# Lambda Labs location configuration with smart inference
+
+choice
+	prompt "Lambda Labs region selection method"
+	default TERRAFORM_LAMBDALABS_REGION_SMART_CHEAPEST
+	help
+	  Select how to choose the Lambda Labs region for deployment.
+
+config TERRAFORM_LAMBDALABS_REGION_SMART_CHEAPEST
+	bool "Smart selection - automatically select cheapest instance in closest region"
+	help
+	  Enable smart inference that:
+	  1. Determines your location from public IP
+	  2. Finds all available instance/region combinations
+	  3. Selects the cheapest instance type
+	  4. Picks the closest region where that instance is available
+	  
+	  This ensures you get the most affordable option with lowest latency.
+
+config TERRAFORM_LAMBDALABS_REGION_SMART_INFER
+	bool "Smart inference - automatically select region with available capacity"
+	help
+	  Automatically selects a region that has available capacity for your
+	  chosen instance type. This eliminates manual checking of region availability.
+
+config TERRAFORM_LAMBDALABS_REGION_MANUAL
+	bool "Manual region selection"
+	help
+	  Manually select a specific region. Note that the selected region
+	  may not have capacity for your chosen instance type.
+
+endchoice
+
+if TERRAFORM_LAMBDALABS_REGION_SMART_CHEAPEST
+
+comment "Region: Automatically selected (closest with cheapest instance)"
+comment "Instance: Automatically selected (cheapest available)"
+
+endif # TERRAFORM_LAMBDALABS_REGION_SMART_CHEAPEST
+
+if TERRAFORM_LAMBDALABS_REGION_SMART_INFER
+
+comment "Region: Automatically selected based on instance availability"
+
+endif # TERRAFORM_LAMBDALABS_REGION_SMART_INFER
+
+if TERRAFORM_LAMBDALABS_REGION_MANUAL
+# Include dynamically generated regions when using manual selection
+source "terraform/lambdalabs/kconfigs/Kconfig.location.generated"
+endif # TERRAFORM_LAMBDALABS_REGION_MANUAL
+
+config TERRAFORM_LAMBDALABS_REGION
+	string
+	output yaml
+	default $(shell, python3 scripts/lambdalabs_smart_inference.py region) if TERRAFORM_LAMBDALABS_REGION_SMART_CHEAPEST
+	default $(shell, scripts/lambdalabs_infer_region.py $(TERRAFORM_LAMBDALABS_INSTANCE_TYPE)) if TERRAFORM_LAMBDALABS_REGION_SMART_INFER
+	default "us-tx-1" if TERRAFORM_LAMBDALABS_REGION_US_TX_1
+	default "us-midwest-1" if TERRAFORM_LAMBDALABS_REGION_US_MIDWEST_1
+	default "us-west-1" if TERRAFORM_LAMBDALABS_REGION_US_WEST_1
+	default "us-west-2" if TERRAFORM_LAMBDALABS_REGION_US_WEST_2
+	default "us-west-3" if TERRAFORM_LAMBDALABS_REGION_US_WEST_3
+	default "us-south-1" if TERRAFORM_LAMBDALABS_REGION_US_SOUTH_1
+	default "us-south-2" if TERRAFORM_LAMBDALABS_REGION_US_SOUTH_2
+	default "us-south-3" if TERRAFORM_LAMBDALABS_REGION_US_SOUTH_3
+	default "europe-central-1" if TERRAFORM_LAMBDALABS_REGION_EU_CENTRAL_1
+	default "asia-northeast-1" if TERRAFORM_LAMBDALABS_REGION_ASIA_NORTHEAST_1
+	default "asia-northeast-2" if TERRAFORM_LAMBDALABS_REGION_ASIA_NORTHEAST_2
+	default "asia-south-1" if TERRAFORM_LAMBDALABS_REGION_ASIA_SOUTH_1
+	default "me-west-1" if TERRAFORM_LAMBDALABS_REGION_ME_WEST_1
+	default "us-east-1" if TERRAFORM_LAMBDALABS_REGION_US_EAST_1
+	default "us-east-3" if TERRAFORM_LAMBDALABS_REGION_US_EAST_3
+	default "australia-east-1" if TERRAFORM_LAMBDALABS_REGION_AUSTRALIA_EAST_1
+	default "us-tx-1"
diff --git a/terraform/lambdalabs/kconfigs/Kconfig.smart b/terraform/lambdalabs/kconfigs/Kconfig.smart
new file mode 100644
index 0000000..fb4e385
--- /dev/null
+++ b/terraform/lambdalabs/kconfigs/Kconfig.smart
@@ -0,0 +1,25 @@
+# Lambda Labs Smart Inference Configuration
+
+config TERRAFORM_LAMBDALABS_SMART_CHEAPEST
+	bool "Automatically select cheapest available instance in closest region"
+	default y
+	help
+	  Enable smart inference that:
+	  1. Determines your location from public IP
+	  2. Finds all available instance/region combinations
+	  3. Selects the cheapest instance type
+	  4. Picks the closest region where that instance is available
+
+	  This ensures you get the most affordable option with lowest latency.
+
+if TERRAFORM_LAMBDALABS_SMART_CHEAPEST
+
+config TERRAFORM_LAMBDALABS_SMART_INSTANCE
+	string
+	default $(shell, python3 scripts/lambdalabs_smart_inference.py instance)
+
+config TERRAFORM_LAMBDALABS_SMART_REGION
+	string
+	default $(shell, python3 scripts/lambdalabs_smart_inference.py region)
+
+endif # TERRAFORM_LAMBDALABS_SMART_CHEAPEST
diff --git a/terraform/lambdalabs/kconfigs/Kconfig.storage b/terraform/lambdalabs/kconfigs/Kconfig.storage
new file mode 100644
index 0000000..4a91702
--- /dev/null
+++ b/terraform/lambdalabs/kconfigs/Kconfig.storage
@@ -0,0 +1,12 @@
+# Lambda Labs storage configuration
+#
+# NOTE: The Lambda Labs terraform provider (elct9620/lambdalabs v0.3.0) does NOT support
+# storage volume management. Instances come with their default storage only.
+#
+# If you need additional storage, you must:
+# 1. Use the Lambda Labs web console to attach volumes manually
+# 2. Or use a different cloud provider that supports storage management
+#
+# This file is kept as a placeholder for future provider updates.
+
+# No configuration options available - provider doesn't support storage management
-- 
2.50.1