Skip to content

Commit

Permalink
Instance prereqs init
Browse files Browse the repository at this point in the history
krystian-panek-vmltech committed Nov 4, 2023
1 parent 9e4bc40 commit 21b0d0b
Showing 4 changed files with 90 additions and 20 deletions.
41 changes: 32 additions & 9 deletions examples/aws_ssm/aws.tf
Original file line number Diff line number Diff line change
@@ -1,18 +1,36 @@
resource "aws_instance" "aem_single" {
ami = "ami-043e06a423cbdca17" // RHEL 8
instance_type = "m5.xlarge"
iam_instance_profile = aws_iam_instance_profile.ssm.name
iam_instance_profile = aws_iam_instance_profile.aem_ec2.name
tags = local.tags

user_data = <<-EOF
#!/bin/sh
echo "Installing prerequisites"
yum install -y unzip
echo "Installed prerequisites"
echo "Installing AWS CLI"
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
./aws/install
echo "Installed AWS CLI"
echo "Downloading AEM library files"
aws s3 cp --recursive "s3://aemc/instance/classic/" "/home/ec2-user/aemc/aem/home/lib"
echo "Downloaded AEM library files"
EOF
}

resource "aws_iam_instance_profile" "ssm" {
name = "${local.workspace}_ssm_ec2"
role = aws_iam_role.ssm.name
resource "aws_iam_instance_profile" "aem_ec2" {
name = "${local.workspace}_aem_ec2"
role = aws_iam_role.aem_ec2.name
tags = local.tags
}

resource "aws_iam_role" "ssm" {
name = "${local.workspace}_ssm"
resource "aws_iam_role" "aem_ec2" {
name = "${local.workspace}_aem_ec2"
assume_role_policy = <<EOF
{
"Version": "2012-10-17",
@@ -22,15 +40,20 @@ resource "aws_iam_role" "ssm" {
"Action": "sts:AssumeRole"
}
}
EOF
tags = local.tags
EOF
tags = local.tags
}

resource "aws_iam_role_policy_attachment" "ssm" {
role = aws_iam_role.ssm.name
role = aws_iam_role.aem_ec2.name
policy_arn = "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore"
}

resource "aws_iam_role_policy_attachment" "s3" {
role = aws_iam_role.aem_ec2.name
policy_arn = "arn:aws:iam::aws:policy/AmazonS3FullAccess"
}

output "instance_ip" {
value = aws_instance.aem_single.public_ip
}
49 changes: 48 additions & 1 deletion examples/ssh/aws.tf
Original file line number Diff line number Diff line change
@@ -2,8 +2,29 @@ resource "aws_instance" "aem_single" {
ami = "ami-043e06a423cbdca17" // RHEL 8
instance_type = "m5.xlarge"
associate_public_ip_address = true
tags = local.tags
iam_instance_profile = aws_iam_instance_profile.aem_ec2.name
key_name = aws_key_pair.main.key_name
tags = local.tags

// TODO? cloud-init status --wait
// TODO if it is in cloud-init then after logging in via SSH this is done async
user_data = <<-EOF
#!/bin/sh
echo "Installing prerequisites"
yum install -y unzip
echo "Installed prerequisites"
echo "Installing AWS CLI"
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
./aws/install
echo "Installed AWS CLI"
echo "Downloading AEM library files"
aws s3 cp --recursive "s3://aemc/instance/classic/" "/home/ec2-user/aemc/aem/home/lib"
echo "Downloaded AEM library files"
EOF
}

data "tls_public_key" "main" {
@@ -16,6 +37,32 @@ resource "aws_key_pair" "main" {
tags = local.tags
}

resource "aws_iam_instance_profile" "aem_ec2" {
name = "${local.workspace}_aem_ec2"
role = aws_iam_role.aem_ec2.name
tags = local.tags
}

resource "aws_iam_role" "aem_ec2" {
name = "${local.workspace}_aem_ec2"
assume_role_policy = <<EOF
{
"Version": "2012-10-17",
"Statement": {
"Effect": "Allow",
"Principal": {"Service": "ec2.amazonaws.com"},
"Action": "sts:AssumeRole"
}
}
EOF
tags = local.tags
}

resource "aws_iam_role_policy_attachment" "s3" {
role = aws_iam_role.aem_ec2.name
policy_arn = "arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess"
}

output "instance_ip" {
value = aws_instance.aem_single.public_ip
}
9 changes: 5 additions & 4 deletions internal/client/client.go
Original file line number Diff line number Diff line change
@@ -42,17 +42,17 @@ func (c Client) Connect() error {

func (c Client) ConnectWithRetry(timeout time.Duration, callback func()) error {
ctx, cancel := context.WithTimeout(context.Background(), timeout)
var err error
defer cancel()
for {
select {
case <-ctx.Done():
return fmt.Errorf("cannot connect - awaiting timeout reached '%s'", timeout)
return fmt.Errorf("cannot connect - awaiting timeout reached '%s': %w", timeout, err)
default:
err := c.Connect()
if err == nil {
if err = c.Connect(); err == nil {
return nil
}
time.Sleep(time.Second)
time.Sleep(3 * time.Second)
callback()
}
}
@@ -185,6 +185,7 @@ func (c Client) FileDelete(path string) error {
return nil
}

// TODO seems that if file exists it is not skipping copying file
func (c Client) FileCopy(localPath string, remotePath string, override bool) error {
if !override {
exists, err := c.FileExists(remotePath)
11 changes: 5 additions & 6 deletions internal/client/connection_ssh.go
Original file line number Diff line number Diff line change
@@ -21,9 +21,8 @@ type SSHConnection struct {
func (s *SSHConnection) Connect() error {
auth, err := goph.Key(s.privateKeyFile, s.passphrase)
if err != nil {
return fmt.Errorf("SSH: cannot get auth using private key '%s': %w", s.privateKeyFile, err)
return fmt.Errorf("ssh: cannot get auth using private key '%s': %w", s.privateKeyFile, err)
}
// TODO loop until establishment of connection
client, err := goph.NewConn(&goph.Config{
User: s.user,
Addr: s.host,
@@ -33,7 +32,7 @@ func (s *SSHConnection) Connect() error {
Callback: ssh.InsecureIgnoreHostKey(), // TODO make it secure by default
})
if err != nil {
return fmt.Errorf("SSH: cannot connect to host '%s': %w", s.host, err)
return fmt.Errorf("ssh: cannot connect to host '%s': %w", s.host, err)
}
s.client = client
return nil
@@ -44,7 +43,7 @@ func (s *SSHConnection) Disconnect() error {
return nil
}
if err := s.client.Close(); err != nil {
return fmt.Errorf("SSH: cannot disconnect from host '%s': %w", s.host, err)
return fmt.Errorf("ssh: cannot disconnect from host '%s': %w", s.host, err)
}
return nil
}
@@ -53,7 +52,7 @@ func (s *SSHConnection) Command(cmdLine []string) (*goph.Cmd, error) {
name, args := s.splitCommandLine(cmdLine)
cmd, err := s.client.Command(name, args...)
if err != nil {
return nil, fmt.Errorf("SSH: cannot create command '%s' for host '%s': %w", strings.Join(cmdLine, " "), s.host, err)
return nil, fmt.Errorf("ssh: cannot create command '%s' for host '%s': %w", strings.Join(cmdLine, " "), s.host, err)
}
return cmd, nil
}
@@ -69,7 +68,7 @@ func (s *SSHConnection) splitCommandLine(cmdLine []string) (string, []string) {

func (s *SSHConnection) CopyFile(localPath string, remotePath string) error {
if err := s.client.Upload(localPath, remotePath); err != nil {
return fmt.Errorf("SSH: cannot copy local file '%s' to remote path '%s' on host '%s': %w", localPath, remotePath, s.host, err)
return fmt.Errorf("ssh: cannot copy local file '%s' to remote path '%s' on host '%s': %w", localPath, remotePath, s.host, err)
}
return nil
}

0 comments on commit 21b0d0b

Please sign in to comment.