Update operator and bastion cloud inits

OguzPastirmaci · hyder · commit 7e794091f019 · 2025-02-28T19:18:21.000+11:00
diff --git a/module-bastion.tf b/module-bastion.tf
@@ -46,6 +46,7 @@ module "bastion" {
   compartment_id = local.compartment_id
 
   # Bastion
+  await_cloudinit          = var.bastion_await_cloudinit
   assign_dns               = var.assign_dns
   availability_domain      = coalesce(var.bastion_availability_domain, lookup(local.ad_numbers_to_names, local.ad_numbers[0]))
   bastion_image_os_version = var.bastion_image_os_version
@@ -87,4 +88,4 @@ output "bastion_public_ip" {
 output "ssh_to_bastion" {
   description = "SSH command for bastion host"
   value       = local.bastion_ssh_command
-}
+}
diff --git a/module-operator.tf b/module-operator.tf
@@ -54,12 +54,15 @@ module "operator" {
   bastion_user = var.bastion_user
 
   # Operator
+  await_cloudinit           = var.operator_await_cloudinit
   assign_dns                = var.assign_dns
   availability_domain       = coalesce(var.operator_availability_domain, lookup(local.ad_numbers_to_names, local.ad_numbers[0]))
   cloud_init                = var.operator_cloud_init
   image_id                  = local.operator_image_id
   install_cilium            = var.cilium_install
   install_helm              = var.operator_install_helm
+  install_helm_from_repo    = var.operator_install_helm_from_repo
+  install_oci_cli_from_repo = var.operator_install_oci_cli_from_repo
   install_istioctl          = var.operator_install_istioctl
   install_k9s               = var.operator_install_k9s
   install_kubectx           = var.operator_install_kubectx
@@ -113,4 +116,4 @@ output "ssh_to_operator" {
   value = local.operator_enabled ? join(" ", concat(["ssh"],
     local.bastion_proxy_command, local.operator_ssh_args)
   ) : null
-}
+}
diff --git a/modules/bastion/cloudinit.tf b/modules/bastion/cloudinit.tf
@@ -38,6 +38,7 @@ data "cloudinit_config" "bastion" {
 }
 
 resource "null_resource" "await_cloudinit" {
+  count = var.await_cloudinit ? 1 : 0
   connection {
     host        = oci_core_instance.bastion.public_ip
     user        = var.user
@@ -53,4 +54,4 @@ resource "null_resource" "await_cloudinit" {
   provisioner "remote-exec" {
     inline = ["cloud-init status --wait &> /dev/null"]
   }
-}
+}
diff --git a/modules/bastion/variables.tf b/modules/bastion/variables.tf
@@ -6,6 +6,7 @@ variable "compartment_id" { type = string }
 variable "state_id" { type = string }
 
 # Bastion
+variable "await_cloudinit" { type = string }
 variable "assign_dns" { type = bool }
 variable "availability_domain" { type = string }
 variable "bastion_image_os_version" {type = string}
@@ -27,4 +28,4 @@ variable "user" { type = string }
 variable "defined_tags" { type = map(string) }
 variable "freeform_tags" { type = map(string) }
 variable "tag_namespace" { type = string }
-variable "use_defined_tags" { type = bool }
+variable "use_defined_tags" { type = bool }
diff --git a/modules/operator/cloudinit.tf b/modules/operator/cloudinit.tf
@@ -102,17 +102,34 @@ data "cloudinit_config" "operator" {
     merge_type = local.default_cloud_init_merge_type
   }
 
+
+  # OCI CLI installation from repo
+  dynamic "part" {
+    for_each = var.install_oci_cli_from_repo ? [1] : []
+    content {
+      content_type = "text/cloud-config"
+      content = jsonencode({
+        runcmd = [
+          "curl -LO https://raw.githubusercontent.com/oracle/oci-cli/master/scripts/install/install.sh",
+          "su -c 'bash /install.sh --accept-all-defaults' - ${var.user}",
+        ]
+      })
+      filename   = "20-oci_cli_from_repo.yml"
+      merge_type = local.default_cloud_init_merge_type
+    }
+  }
+
   # kubectl installation
   dynamic "part" {
-    for_each = var.install_kubectl_from_repo ? [] : [1]
+    for_each = var.install_kubectl_from_repo ? [1] : []
     content {
       content_type = "text/cloud-config"
       content = jsonencode({
         runcmd = [
           "CLI_ARCH='${local.arch_amd}'",
           "if [ \"$(uname -m)\" = ${local.arch_arm} ]; then CLI_ARCH='arm64'; fi",
           "curl -LO https://dl.k8s.io/release/${var.kubernetes_version}/bin/linux/$CLI_ARCH/kubectl",
-          "install -o root -g root -m 0755 kubectl /usr/bin/kubectl"
+          "install -o root -g root -m 0755 kubectl /usr/bin/kubectl",
         ]
       })
       filename   = "20-kubectl.yml"
@@ -137,6 +154,23 @@ data "cloudinit_config" "operator" {
     }
   }
 
+  # Helm installation from repo
+  dynamic "part" {
+    for_each = var.install_helm_from_repo ? [1] : []
+    content {
+      content_type = "text/cloud-config"
+      content = jsonencode({
+        runcmd = [
+          "curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3",
+          "chmod 700 get_helm.sh",
+          "./get_helm.sh",
+        ]
+      })
+      filename   = "20-helm_from_repo.yml"
+      merge_type = local.default_cloud_init_merge_type
+    }
+  }
+
   # Optional Helm installation bashrc
   dynamic "part" {
     for_each = var.install_helm ? [1] : []
@@ -166,7 +200,7 @@ data "cloudinit_config" "operator" {
       content_type = "text/cloud-config"
       content = jsonencode({
         runcmd = [
-          "curl -LO https://github.com/derailed/k9s/releases/download/v0.27.2/k9s_Linux_amd64.tar.gz",
+          "curl -LO https://github.com/derailed/k9s/releases/download/v0.40.5/k9s_Linux_amd64.tar.gz",
           "tar -xvzf k9s_Linux_amd64.tar.gz && mv ./k9s /usr/bin/k9s",
         ]
       })
@@ -196,7 +230,7 @@ data "cloudinit_config" "operator" {
 
   # stern installation
   dynamic "part" {
-    for_each = var.install_kubectx ? [1] : []
+    for_each = var.install_stern ? [1] : []
     content {
       content_type = "text/cloud-config"
       content = jsonencode({
@@ -311,6 +345,7 @@ data "cloudinit_config" "operator" {
 }
 
 resource "null_resource" "await_cloudinit" {
+  count = var.await_cloudinit ? 1 : 0
   connection {
     bastion_host        = var.bastion_host
     bastion_user        = var.bastion_user
@@ -329,4 +364,4 @@ resource "null_resource" "await_cloudinit" {
   provisioner "remote-exec" {
     inline = ["cloud-init status --wait &> /dev/null"]
   }
-}
+}
diff --git a/modules/operator/variables.tf b/modules/operator/variables.tf
@@ -10,12 +10,15 @@ variable "bastion_host" { type = string }
 variable "bastion_user" { type = string }
 
 # Operator
+variable "await_cloudinit" { type = string }
 variable "assign_dns" { type = bool }
 variable "availability_domain" { type = string }
 variable "cloud_init" { type = list(map(string)) }
 variable "image_id" { type = string }
 variable "install_cilium" { type = bool }
+variable "install_oci_cli_from_repo" { type = bool }
 variable "install_helm" { type = bool }
+variable "install_helm_from_repo" { type = bool }
 variable "install_istioctl" { type = bool }
 variable "install_k9s" { type = bool }
 variable "install_kubectl_from_repo" { 
@@ -45,4 +48,4 @@ variable "volume_kms_key_id" { type = string }
 variable "defined_tags" { type = map(string) }
 variable "freeform_tags" { type = map(string) }
 variable "tag_namespace" { type = string }
-variable "use_defined_tags" { type = bool }
+variable "use_defined_tags" { type = bool }
diff --git a/variables-bastion.tf b/variables-bastion.tf
@@ -87,3 +87,9 @@ variable "bastion_upgrade" {
   description = "Whether to upgrade bastion packages after provisioning."
   type        = bool
 }
+
+variable "bastion_await_cloudinit" {
+  default     = true
+  description = "Whether to block until successful connection to bastion and completion of cloud-init."
+  type        = bool
+}
diff --git a/variables-operator.tf b/variables-operator.tf
@@ -65,6 +65,18 @@ variable "operator_install_helm" {
   type        = bool
 }
 
+variable "operator_install_helm_from_repo" {
+  default     = false
+  description = "Whether to install Helm on the created operator host."
+  type        = bool
+}
+
+variable "operator_install_oci_cli_from_repo" {
+  default     = false
+  description = "Whether to install OCI from repo on the created operator host."
+  type        = bool
+}
+
 variable "operator_install_istioctl" {
   default     = false
   description = "Whether to install istioctl on the created operator host."
@@ -90,9 +102,9 @@ variable "operator_install_kubectx" {
 }
 
 variable "operator_install_stern" {
-  default = false
+  default     = false
   description = "Whether to install stern on the created operator host. NOTE: Provided only as a convenience and not supported by or sourced from Oracle - use at your own risk."
-  type = bool
+  type        = bool
 }
 
 variable "operator_shape" {
@@ -129,3 +141,9 @@ variable "operator_private_ip" {
   description = "The IP address of an existing operator host. Ignored when create_operator = true."
   type        = string
 }
+
+variable "operator_await_cloudinit" {
+  default     = true
+  description = "Whether to block until successful connection to operator and completion of cloud-init."
+  type        = bool
+}

Original file line number	Diff line number	Diff line change
`@@ -38,6 +38,7 @@ data "cloudinit_config" "bastion" {`
`38`	`38`	`}`
`39`	`39`
`40`	`40`	`resource "null_resource" "await_cloudinit" {`
	`41`	`+ count = var.await_cloudinit ? 1 : 0`
`41`	`42`	`connection {`
`42`	`43`	`host = oci_core_instance.bastion.public_ip`
`43`	`44`	`user = var.user`
`@@ -53,4 +54,4 @@ resource "null_resource" "await_cloudinit" {`
`53`	`54`	`provisioner "remote-exec" {`
`54`	`55`	`inline = ["cloud-init status --wait &> /dev/null"]`
`55`	`56`	`}`
`56`		`-}`
	`57`	`+}`