siberiancomrade3 / terraform-vagrant-docker-demo Goto Github PK

This project is aimed to demonstrate how to launch fully automated setup of Grafana and Prometheus in Docker using Vagrant on a virtual machine in Selectel cloud.

1. Create a working directory for this demonstration: mkdir tf-demo ; cd tf-demo

2. Create/Obtain credentials and tokens from Web Console as described in https://kb.selectel.com/docs/cloud/servers/tools/how_to_use_openstack_api_through_console_clients/

3. Download and review contents of the small shell script rc.sh generated with your credentials. It has all information required to authenticate to the cloud.

4. Install Terraform. The demonstration was tested on Terraform version 1.1.x+. See the official instructions from HashiCorp: https://learn.hashicorp.com/tutorials/terraform/install-cli.

5. Set shell auto-completion feature for Terraform to simplify further command line tasks. Run: terraform -install-autocomplete. It will append a line to file .bashrc in your home directory. In order to activate this auto-completion functionality you should either re-open your shell or run the added line in the existing shell.

6. (Optionally) Install command line tool openstack. This tool will be helpful for checking cloud objects, review their parameters, etc. Consult the documentation at https://docs.openstack.org/newton/user-guide/common/cli-install-openstack-command-line-clients.html.

7. (Optionally) For running tool openstack from the previous step, import contents of shell script rc.sh downloaded above. Open UNIX shell and run source rc.sh.

8. Clone this git repository to the current directory created above:

   git clone https://github.com/SiberianComrade3/terraform-vagrant-docker-demo.git .

1. Define the following sensitive variables either in file terraform.tfvars (not included in Git repository) or through related environment variables (TF_VAR_sel_account, TF_VAR_sel_token, etc.). The example below shows setting variables in file terraform.tfvars:

   user_name      = ""   # account name created on the Web Console, also mentioned in rc.sh.
   user_password  = ""
   sel_account    =      # account number, several digits without quotes
   project_id     = ""   # long alphanumeric ID found on the Web Console and in the script rc.sh.
   sel_token      = ""   # Access token created and available through Web Console. Copy full string.
   proctor_ip     = ""   # Additional IP address or a subnet that has access to SSH and Grafana Web

2. Run terraform init to initialize Providers used in Terraform configuration. Expect to see the following successful message in green:

   Terraform has been successfully initialized!

   ⚠️ Be prepared that not all Providers can be downloaded from HashiCorp; they intentionally block access with HTTP code 405. If this is your case you should either use available mirrors or mirror the needed providers as described in README Extra.

3. Run terraform validate to ensure all files still have correct syntax.

   Success! The configuration is valid.

4. Run terraform apply. It should report successful creation of defined objects.

   Apply complete! Resources: 43 added, 0 changed, 0 destroyed.

5. Note output section of the previous command. It contains IP addresses and Grafana URL needed to establish connections to demo infrastructure. This output can be viewed again any time by running terraform output from root of working directory.

ℹ️ In case of problems occurred during Terraform execution, start it in debug mode like the following command:

TF_LOG=DEBUG OS_DEBUG=1 terraform apply

Open a web browser. Enter address https://<host_public_ip>:3000. For your convenience copy pre-generated URL found in output of the command terraform output grafana_url.

ℹ️ Access to Grafana Web interface is limited to IP addresses defined as proctor_ip and to public IP address of the host from which you ran Terraform (check curl ifconfig.ru).

⛔ Access to Grafana Web interface from other hosts won't be possible by design.

Watch the "Warning: Potential Security Risk" notice and click "Advanced..." to "Accept the Risk".

Pay attention that IP address used to access the server is registered in "Subject Alt Names" of SSL/TLS certificate provided by the Grafana server.

Login with SSH to Linux host machine as advised in output ssh_to_host (terraform output ssh_to_host), copy-paste full command that looks like below

ssh -q -o StrictHostKeyChecking=no -i ./id_rsa [email protected]

You should be able to get there as 'root' superuser without additional questions and see standard Shell command prompt.

🛑 Please allow several minutes to fully initialize the environment (Vagrant + Docker) in the cloud. You can control how it is being started in real-time by running on the Linux host machine:

tail -f /var/log/cloud-init-output.log

Wait for a final line like this:

Cloud-init v. 20.4 finished

Once Vagrant has started a virtual machine, run vagrant ssh to get inside it.

Check running Docker containers: sudo docker ps inside the virtual machine.

Optionally you might want to add some mild load to the host to watch how Grafana represents this.

In the virtual machine launched by Vagrant install a tool called 'stress': sudo apt install stress.

Run this tool with a few basic parameters: stress -c 1.

When tunning Ansible playbooks are needed, they can be made on the Linux host. YAML file guest_setup.yaml is put by default into /root/guest_setup.yaml. After changes to this file have been made, manually run the same command as Vagrant runs when starts a virtual machine:

PYTHONUNBUFFERED=1 ANSIBLE_NOCOLOR=true ANSIBLE_HOST_KEY_CHECKING=false ANSIBLE_SSH_ARGS='-o UserKnownHostsFile=/dev/null -o IdentitiesOnly=yes -o ControlMaster=auto -o ControlPersist=60s' ansible-playbook --connection=ssh --timeout=30 --limit="default" --inventory-file=/root/.vagrant/provisioners/ansible/inventory --become --become-user=root -v guest_setup.yaml

Run terraform destroy to save cloud resources and your budget.