update for qdrant deployment

Author: boddumanohar

bootstrap-cluster.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 
-KEY="$HOME/.ssh/simplyblock-ohio.pem"
+KEY="~/.ssh/simplyblock-qdrant.pem"
 
 print_help() {
     echo "Usage: $0 [options]"
@@ -35,7 +35,6 @@ SPDK_IMAGE=""
 CONTACT_POINT=""
 SPDK_DEBUG="false"
 
-
 while [[ $# -gt 0 ]]; do
     arg="$1"
     case $arg in
@@ -101,31 +100,31 @@ while [[ $# -gt 0 ]]; do
     shift
 done
 
-SECRET_VALUE=$(terraform output -raw secret_value)
+# SECRET_VALUE=$(terraform output -raw secret_value)
 KEY_NAME=$(terraform output -raw key_name)
 BASTION_IP=$(terraform output -raw bastion_public_ip)
 GRAFANA_ENDPOINT=$(terraform output -raw grafana_invoke_url)
 
 ssh_dir="$HOME/.ssh"
 
-if [ ! -d "$ssh_dir" ]; then
-    mkdir -p "$ssh_dir"
-    echo "Directory $ssh_dir created."
-else
-    echo "Directory $ssh_dir already exists."
-fi
-
-if [[ -n "$SECRET_VALUE" ]]; then
-    KEY="$HOME/.ssh/$KEY_NAME"
-    if [ -f "$HOME/.ssh/$KEY_NAME" ]; then
-        echo "the ssh key: ${KEY} already exits on local"
-    else
-        echo "$SECRET_VALUE" >"$KEY"
-        chmod 400 "$KEY"
-    fi
-else
-    echo "Failed to retrieve secret value. Falling back to default key."
-fi
+# if [ ! -d "$ssh_dir" ]; then
+#     mkdir -p "$ssh_dir"
+#     echo "Directory $ssh_dir created."
+# else
+#     echo "Directory $ssh_dir already exists."
+# fi
+
+# if [[ -n "$SECRET_VALUE" ]]; then
+#     KEY="$HOME/.ssh/$KEY_NAME"
+#     if [ -f "$HOME/.ssh/$KEY_NAME" ]; then
+#         echo "the ssh key: ${KEY} already exits on local"
+#     else
+#         echo "$SECRET_VALUE" >"$KEY"
+#         chmod 400 "$KEY"
+#     fi
+# else
+#     echo "Failed to retrieve secret value. Falling back to default key."
+# fi
 
 mnodes=$(terraform output -raw mgmt_private_ips)
 echo "mgmt_private_ips: ${mnodes}"
@@ -236,7 +235,6 @@ if [ "$SPDK_DEBUG" == "true" ]; then
     command+=" --spdk-debug"
 fi
 
-
 ssh -i "$KEY" -o StrictHostKeyChecking=no \
     -o ProxyCommand="ssh -o StrictHostKeyChecking=no -i \"$KEY\" -W %h:%p ec2-user@${BASTION_IP}" \
     ec2-user@${mnodes[0]} "

bootstrap-k3s.sh

@@ -1,30 +1,30 @@
 #!/bin/bash
 
-KEY="$HOME/.ssh/simplyblock-ohio.pem"
-
-SECRET_VALUE=$(terraform output -raw secret_value)
-KEY_NAME=$(terraform output -raw key_name)
-
-ssh_dir="$HOME/.ssh"
-
-if [ ! -d "$ssh_dir" ]; then
-    mkdir -p "$ssh_dir"
-    echo "Directory $ssh_dir created."
-else
-    echo "Directory $ssh_dir already exists."
-fi
-
-if [[ -n "$SECRET_VALUE" ]]; then
-    KEY="$HOME/.ssh/$KEY_NAME"
-    if [ -f "$HOME/.ssh/$KEY_NAME" ]; then
-        echo "the ssh key: ${KEY} already exits on local"
-    else
-        echo "$SECRET_VALUE" >"$KEY"
-        chmod 400 "$KEY"
-    fi
-else
-    echo "Failed to retrieve secret value. Falling back to default key."
-fi
+# KEY="$HOME/.ssh/simplyblock-ohio.pem"
+
+# SECRET_VALUE=$(terraform output -raw secret_value)
+KEY="~/.ssh/simplyblock-qdrant.pem"
+
+# ssh_dir="$HOME/.ssh"
+
+# if [ ! -d "$ssh_dir" ]; then
+#     mkdir -p "$ssh_dir"
+#     echo "Directory $ssh_dir created."
+# else
+#     echo "Directory $ssh_dir already exists."
+# fi
+
+# if [[ -n "$SECRET_VALUE" ]]; then
+#     KEY="$HOME/.ssh/$KEY_NAME"
+#     if [ -f "$HOME/.ssh/$KEY_NAME" ]; then
+#         echo "the ssh key: ${KEY} already exits on local"
+#     else
+#         echo "$SECRET_VALUE" >"$KEY"
+#         chmod 400 "$KEY"
+#     fi
+# else
+#     echo "Failed to retrieve secret value. Falling back to default key."
+# fi
 
 mnodes=($(terraform output -raw extra_nodes_public_ips))
 

data.tf

@@ -2,6 +2,6 @@ data "aws_availability_zones" "available" {
   state = "available"
 }
 
-data "aws_secretsmanager_secret_version" "simply" {
-  secret_id = local.selected_key_name
-}
+# data "aws_secretsmanager_secret_version" "simply" {
+#   secret_id = local.selected_key_name
+# }

locals.tf

@@ -11,32 +11,35 @@ locals {
   } }
 
   key_name = {
-    "us-east-1"  = "simplyblock-us-east-1.pem"
-    "us-east-2"  = "simplyblock-us-east-2.pem"
-    "eu-north-1" = "simplyblock-eu-north-1.pem"
-    "eu-west-1"  = "simplyblock-eu-west-1.pem"
+    "us-east-1"    = "simplyblock-us-east-1.pem"
+    "us-east-2"    = "simplyblock-us-east-2.pem"
+    "eu-north-1"   = "simplyblock-eu-north-1.pem"
+    "eu-west-1"    = "simplyblock-eu-west-1.pem"
+    "eu-central-1" = "simplyblock-qdrant"
   }
 
   selected_key_name = try(local.key_name[var.region], "simplyblock-us-east-2.pem")
 
-# Images are generated from this image builder:
-# https://us-east-2.console.aws.amazon.com/imagebuilder/home?region=us-east-2#/pipelines/arn:aws:imagebuilder:us-east-2:565979732541:image-pipeline/tst
-#
-# it is basically rhel9 + the following lines:
-#  $sudo yum update -y
-#  $sudo yum install -y yum-utils xorg-x11-xauth nvme-cli fio
+  # Images are generated from this image builder:
+  # https://us-east-2.console.aws.amazon.com/imagebuilder/home?region=us-east-2#/pipelines/arn:aws:imagebuilder:us-east-2:565979732541:image-pipeline/tst
+  #
+  # it is basically rhel9 + the following lines:
+  #  $sudo yum update -y
+  #  $sudo yum install -y yum-utils xorg-x11-xauth nvme-cli fio
   region_ami_map = {
-    "us-east-1"  = "ami-0d647905a963bb139"
-    "us-east-2"  = "ami-00ff94d69b3ced2aa"
-    "eu-north-1" = "ami-0f8c92340db698d74"
-    "eu-west-1"  = "ami-02a1fc058c85a41dd"
+    "us-east-1"    = "ami-0d647905a963bb139"
+    "us-east-2"    = "ami-00ff94d69b3ced2aa"
+    "eu-north-1"   = "ami-0f8c92340db698d74"
+    "eu-west-1"    = "ami-02a1fc058c85a41dd"
+    "eu-central-1" = "ami-0134dde2b68fe1b07"
   }
 
   region_ami_map_arm = {
-    "us-east-1"  = "ami-07472131ec292b5da"
-    "us-east-2"  = "ami-08f9f3bb075432791"
-    "eu-north-1" = "ami-096f8d910bbf871bc"
-    "eu-west-1"  = "ami-02b8573b23fde21aa"
+    "us-east-1"    = "ami-07472131ec292b5da"
+    "us-east-2"    = "ami-08f9f3bb075432791"
+    "eu-north-1"   = "ami-096f8d910bbf871bc"
+    "eu-west-1"    = "ami-02b8573b23fde21aa"
+    "eu-central-1" = "ami-02212921a6e889ed6"
   }
 
   ami_map = {

main.tf

@@ -3,11 +3,11 @@ module "vpc" {
   source = "terraform-aws-modules/vpc/aws"
 
   name = "${terraform.workspace}-storage-vpc-sb"
-  cidr = "10.0.0.0/16"
+  cidr = "10.245.16.0/21"
 
   azs                     = [data.aws_availability_zones.available.names[0], data.aws_availability_zones.available.names[1], ]
-  private_subnets         = ["10.0.1.0/24", "10.0.3.0/24"]
-  public_subnets          = ["10.0.2.0/24", "10.0.4.0/24"]
+  private_subnets         = ["10.245.16.0/23", "10.245.18.0/23"]
+  public_subnets          = ["10.245.20.0/25", "10.245.20.128/25"]
   map_public_ip_on_launch = true
 
   enable_nat_gateway = true
@@ -29,6 +29,34 @@ module "vpc" {
   }
 }
 
+resource "aws_route" "route_account_a_to_b0" {
+  destination_cidr_block    = "10.0.0.0/16"
+  vpc_peering_connection_id = "pcx-016667cb611b23b1f"
+  for_each                  = toset(module.vpc.private_route_table_ids)
+  route_table_id            = each.key
+}
+
+resource "aws_route" "route_account_a_to_b1" {
+  destination_cidr_block    = "10.1.0.0/16"
+  vpc_peering_connection_id = "pcx-016667cb611b23b1f"
+  for_each                  = toset(module.vpc.private_route_table_ids)
+  route_table_id            = each.key
+}
+
+resource "aws_route" "route_account_a_to_b2" {
+  destination_cidr_block    = "10.10.0.0/16"
+  vpc_peering_connection_id = "pcx-016667cb611b23b1f"
+  for_each                  = toset(module.vpc.private_route_table_ids)
+  route_table_id            = each.key
+}
+
+resource "aws_route" "route_account_a_to_b3" {
+  destination_cidr_block    = "10.11.0.0/16"
+  vpc_peering_connection_id = "pcx-016667cb611b23b1f"
+  for_each                  = toset(module.vpc.private_route_table_ids)
+  route_table_id            = each.key
+}
+
 module "apigatewayendpoint" {
   count                  = var.enable_apigateway == 1 && var.mgmt_nodes > 0 ? 1 : 0
   source                 = "./modules/apigateway"
@@ -296,6 +324,15 @@ resource "aws_security_group" "storage_nodes_sg" {
     description     = "allow ICMP Echo"
   }
 
+
+  ingress {
+    protocol    = "icmp"
+    from_port   = -1
+    to_port     = -1 # allow all types
+    cidr_blocks = ["0.0.0.0/0"]
+    description = "allow all ICMP from all"
+  }
+
   ingress {
     from_port       = 9100
     to_port         = 9100
@@ -631,6 +668,7 @@ resource "aws_instance" "storage_nodes" {
   vpc_security_group_ids = [aws_security_group.storage_nodes_sg.id]
   subnet_id              = module.vpc.private_subnets[local.az_index]
   iam_instance_profile   = aws_iam_instance_profile.inst_profile.name
+  disable_api_stop       = true
   root_block_device {
     volume_size = 45
   }
@@ -719,3 +757,9 @@ sudo sysctl -w vm.nr_hugepages=${var.nr_hugepages}
 cat /proc/meminfo | grep -i hug
 EOF
 }
+
+
+# creating variant in shopify: creating variant user errors in query: ,Location does not exist.: inventoryQuantities,0
+
+# location doesn't exist
+

outputs.tf

@@ -18,10 +18,10 @@ output "key_name" {
   value = local.selected_key_name
 }
 
-output "secret_value" {
-  sensitive = true
-  value     = data.aws_secretsmanager_secret_version.simply.secret_string
-}
+# output "secret_value" {
+#   sensitive = true
+#   value     = data.aws_secretsmanager_secret_version.simply.secret_string
+# }
 
 output "mgmt_node_details" {
   value = { for i, instance in aws_instance.mgmt_nodes :

tfengine.tf

@@ -15,24 +15,24 @@ data "aws_ami" "this" {
   }
 }
 
-resource "aws_autoscaling_group" "tfengine_asg" {
-  min_size            = 1
-  max_size            = 1
-  desired_capacity    = 1
-  vpc_zone_identifier = [module.vpc.private_subnets[0]]
-  tag {
-    key                 = "Name"
-    value               = "tfengine"
-    propagate_at_launch = true
-  }
-  lifecycle {
-    create_before_destroy = true
-  }
-  launch_template {
-    id      = aws_launch_template.tfengine_lc.id
-    version = "$Latest"
-  }
-}
+# resource "aws_autoscaling_group" "tfengine_asg" {
+#   min_size            = 1
+#   max_size            = 1
+#   desired_capacity    = 1
+#   vpc_zone_identifier = [module.vpc.private_subnets[0]]
+#   tag {
+#     key                 = "Name"
+#     value               = "tfengine"
+#     propagate_at_launch = true
+#   }
+#   lifecycle {
+#     create_before_destroy = true
+#   }
+#   launch_template {
+#     id      = aws_launch_template.tfengine_lc.id
+#     version = "$Latest"
+#   }
+# }
 
 resource "aws_launch_template" "tfengine_lc" {
   name_prefix   = "tfengine"
@@ -202,11 +202,11 @@ resource "aws_iam_role_policy_attachment" "AmazonSSMManagedInstanceCore" {
   role       = aws_iam_role.tfengine.name
 }
 
-# NOTE: Terraform uses the same role that we use to deploy the cluster to the customer's account
-resource "aws_iam_role_policy_attachment" "sbdeployPolicy" {
-  policy_arn = "arn:aws:iam::${local.account_id}:policy/sbdeployPolicy"
-  role       = aws_iam_role.tfengine.name
-}
+# # NOTE: Terraform uses the same role that we use to deploy the cluster to the customer's account
+# resource "aws_iam_role_policy_attachment" "sbdeployPolicy" {
+#   policy_arn = "arn:aws:iam::${local.account_id}:policy/sbdeployPolicy"
+#   role       = aws_iam_role.tfengine.name
+# }
 
 # attach policy
 resource "aws_iam_role_policy_attachment" "s3policy" {

variables.tf

@@ -1,5 +1,5 @@
 variable "region" {
-  default     = "us-east-2"
+  default     = "eu-central-1"
   description = "region to provision"
   type        = string
   validation {
@@ -11,11 +11,11 @@ variable "region" {
 variable "az" {
   description = "availability zone to provision"
   type        = string
-  default     = "us-east-2b"
+  default     = "eu-central-1a"
 }
 
 variable "env" {
-  default = "dev"
+  default = "staging"
   type    = string
 }