diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 18e0edb5b66b9ce028b9387915ed9a55436d7ffd..08675a26ee4e332f489bb2869194aaea102aec5c 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -136,6 +136,43 @@ build_ssh_proxy_image:
- if: $PIPELINE_TARGET == "build" && $BUILD_TARGET == "ssh-proxy"
when: always
+.build_login_image_template: &build_login_image_template
+ script:
+ - *update_ansible_repo
+ - *get_ansible_files
+ # packer vars for job env
+ - export PKR_VAR_flavor="${PROXY_BUILD_FLAVOR:-$PKR_VAR_flavor}"
+ - export PKR_VAR_build_instance_name="${BUILD_TARGET}-${EXT_REPO_HEAD}"
+ - export PKR_VAR_image_date_suffix=false
+ - |
+ if [ $CI_PIPELINE_SOURCE == 'merge_request_event' ]; then
+ export PKR_VAR_image_name="${BUILD_TARGET}-PR-${CI_MERGE_REQUEST_IID}"
+ elif [ $CI_PIPELINE_SOURCE == 'schedule' ]; then
+ export PKR_VAR_image_name="${BUILD_TARGET}-${BUILD_DATE}"
+ fi
+ # packer commands
+ - packer init openstack-login
+ - packer validate openstack-login
+ - packer build -machine-readable openstack-login | tee login_build.log
+ - export BUILT_LOGIN_IMAGE_ID=$(grep 'Image:' login_build.log | awk '{print $4}')
+ - echo BUILT_LOGIN_IMAGE_ID=${BUILT_LOGIN_IMAGE_ID} | tee -a $CI_PROJECT_DIR/image.env
+ # set image properties with repo state
+ - openstack image set --property EXT_PR_SRC_REPO=${EXT_PR_SRC_REPO} --property EXT_PR_SRC_BRANCH_SHA=${EXT_PR_SRC_BRANCH_SHA} --property EXT_PR_TARGET_REPO=${EXT_PR_TARGET_REPO} --property EXT_PR_TARGET_BRANCH_SHA=${EXT_PR_TARGET_BRANCH_SHA} --property PACKER_IMAGE_HEAD=${CI_COMMIT_SHORT_SHA} ${BUILT_LOGIN_IMAGE_ID}
+ artifacts:
+ reports:
+ dotenv: image.env
+
+build_login_image:
+ stage: build
+ environment:
+ name: $ENV
+ tags:
+ - build
+ <<: *build_login_image_template
+ rules:
+ - if: $PIPELINE_TARGET == "build" && $BUILD_TARGET == "login"
+ when: always
+
deploy_http_proxy_node:
stage: deploy
environment:
@@ -236,3 +273,54 @@ deploy_ssh_proxy_node:
rules:
- if: $PIPELINE_TARGET == "deploy" && $SSH_PROXY_IMAGE_ID
when: always
+
+deploy_login_node:
+ stage: deploy
+ environment:
+ name: $ENV
+ tags:
+ - build
+ script:
+ - openstack image set --accept $LOGIN_IMAGE_ID || true
+ - FAILED=false
+ - |
+ cat > user_data.txt <<EOF
+ #!/bin/bash
+ cat >> /etc/NetworkManager/conf.d/90-dns-none.conf<<EEOF
+ [main]
+ dns=none
+ EEOF
+ systemctl reload NetworkManager
+ echo "$DEV_KEY" >> /root/.ssh/authorized_keys
+ ip route replace default via ${DEFAULT_GATEWAY_IP} dev eth0
+ git clone ${CI_REPOSITORY_URL} /tmp/${CI_PROJECT_NAME}
+ cd /tmp/${CI_PROJECT_NAME}
+ git checkout ${CI_COMMIT_REF_NAME}
+ cat >> ansible/hosts<<EEOF
+ [$ENV]
+ 127.0.0.1
+ EEOF
+ ansible-playbook -c local -i ansible/hosts --extra-vars="$EXTRA_VARS" ansible/cluster.yml | tee -a /tmp/ansible.log
+ rm -rf /tmp/${CI_PROJECT_NAME}
+ EOF
+ - |
+ export cmd="openstack server create"
+ cmd+=" -c id -f value --image $LOGIN_IMAGE_ID"
+ cmd+=" --flavor $INSTANCE_FLAVOR"
+ cmd+=" --network $INSTANCE_NETWORK"
+ cmd+=" --security-group allow-ssh"
+ cmd+=" --user-data user_data.txt"
+ if [ -n "$LOGIN_PORT" ];then cmd+=" --port $LOGIN_PORT"; fi
+ cmd+=" --wait $LOGIN_INSTANCE_NAME"
+ - export LOGIN_INSTANCE_ID=$(bash -c "$cmd")
+ - |
+ # Associate the floating IP(s) with the SSH Proxy instance
+ for LOGIN_FLOATING_IP in ${LOGIN_FLOATING_IP_LIST[@]};
+ do
+ echo "Associating FLOATING_IP $LOGIN_FLOATING_IP with LOGIN_INSTANCE_ID $LOGIN_INSTANCE_ID"
+ openstack server add floating ip $LOGIN_INSTANCE_ID $LOGIN_FLOATING_IP
+ done
+ rules:
+ - if: $PIPELINE_TARGET == "deploy" && $LOGIN_IMAGE_ID
+ when: always
+
diff --git a/ansible/compute.yml b/ansible/compute.yml
index 2907d08077a8431a717209aec22fc362bf2391a7..400992914c594449e23f024038a4b5c37076f95b 100644
--- a/ansible/compute.yml
+++ b/ansible/compute.yml
@@ -8,5 +8,3 @@
- { name: 'pam_slurm_adopt', tags: 'pam_slurm_adopt' }
- { name: 'install_nhc', tags: 'install_nhc'}
-- name: Setup node for use as a virtual cheaha node
- ansible.builtin.import_playbook: cheaha.yml
diff --git a/openstack-compute/README.md b/openstack-login/README.md
similarity index 100%
rename from openstack-compute/README.md
rename to openstack-login/README.md
diff --git a/openstack-compute/nodeimage.pkr.hcl b/openstack-login/nodeimage.pkr.hcl
similarity index 85%
rename from openstack-compute/nodeimage.pkr.hcl
rename to openstack-login/nodeimage.pkr.hcl
index 15941bab1900a056d3d67bdba2db2bd5d94a31fb..008b7683c26e97119664bfbb03c19ea7d8ee8fcf 100644
--- a/openstack-compute/nodeimage.pkr.hcl
+++ b/openstack-login/nodeimage.pkr.hcl
@@ -36,6 +36,14 @@ source "openstack" "image" {
build {
sources = ["source.openstack.image"]
+ provisioner "shell" {
+ inline = [
+ "sudo yum install -y libselinux-python3 python3 python3-pip tmux vim git bash-completion curl wget unzip",
+ "sudo python3 -m pip install --upgrade pip",
+ "sudo pip3 install s3cmd==2.3.0 ansible==4.10.0 python-openstackclient==5.8.0"
+ ]
+ }
+
provisioner "ansible" {
use_proxy = false
user = var.ssh_username
diff --git a/openstack-compute/variables.pkr.hcl b/openstack-login/variables.pkr.hcl
similarity index 99%
rename from openstack-compute/variables.pkr.hcl
rename to openstack-login/variables.pkr.hcl
index 20efd641406f81250b3cb1cc6514f5078ee2a503..d3681394fe7c66990a5b9f1507f38f7dbc74d025 100644
--- a/openstack-compute/variables.pkr.hcl
+++ b/openstack-login/variables.pkr.hcl
@@ -1,6 +1,7 @@
variable "root_ssh_key" {
type = string
description = "The root key to use for ssh"
+ default = ""
}
variable "image_name" {