From cefa86029c9d4fc4cffaa05d33da9c978dbb1c16 Mon Sep 17 00:00:00 2001
From: Christopher Baines <mail@cbaines.net>
Date: Sat, 7 Apr 2018 15:45:00 +0100
Subject: Improve the support for Libvirt

Separate out the backend things, like the virtual network, from the
mini environment. This makes it easier to have resources shared
between mini environments.

Also handle the deployment of this new backend related Terraform
configuration.
---
 .../backends/terraform_libvirt_controller.rb       |  1 +
 app/jobs/backends/deploy_terraform_libvirt_job.rb  | 59 +++++++++++++++
 app/models/backends/terraform_libvirt.rb           | 42 +++++++++--
 terraform/libvirt/backend/main.tf                  | 20 ++++++
 terraform/libvirt/mini_environment.tf              | 68 ------------------
 terraform/libvirt/mini_environment/main.tf         | 83 ++++++++++++++++++++++
 6 files changed, 201 insertions(+), 72 deletions(-)
 create mode 100644 app/jobs/backends/deploy_terraform_libvirt_job.rb
 create mode 100644 terraform/libvirt/backend/main.tf
 delete mode 100644 terraform/libvirt/mini_environment.tf
 create mode 100644 terraform/libvirt/mini_environment/main.tf

diff --git a/app/controllers/backends/terraform_libvirt_controller.rb b/app/controllers/backends/terraform_libvirt_controller.rb
index 34081ad..bbc5e08 100644
--- a/app/controllers/backends/terraform_libvirt_controller.rb
+++ b/app/controllers/backends/terraform_libvirt_controller.rb
@@ -26,6 +26,7 @@ class Backends::TerraformLibvirtController < ApplicationController
 
   def create
     backend = Backends::TerraformLibvirt.create(create_params)
+    Backends::DeployTerraformLibvirtJob.enqueue(backend.id)
 
     flash[:success] = "Backend #{backend.label} created"
 
diff --git a/app/jobs/backends/deploy_terraform_libvirt_job.rb b/app/jobs/backends/deploy_terraform_libvirt_job.rb
new file mode 100644
index 0000000..3b8b51a
--- /dev/null
+++ b/app/jobs/backends/deploy_terraform_libvirt_job.rb
@@ -0,0 +1,59 @@
+# GOV.UK Mini Environment Admin
+# Copyright © 2018  Christopher Baines <mail@cbaines.net>
+#
+# This file is part of the GOV.UK Mini Environment Admin.
+#
+# The GOV.UK Mini Environment Admin is free software: you can
+# redistribute it and/or modify it under the terms of the GNU Affero
+# General Public License as published by the Free Software Foundation,
+# either version 3 of the License, or (at your option) any later
+# version.
+#
+# The GOV.UK Mini Environment Admin is distributed in the hope that it
+# will be useful, but WITHOUT ANY WARRANTY; without even the implied
+# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+# See the GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public
+# License along with the GOV.UK Mini Environment Admin.  If not, see
+# <http://www.gnu.org/licenses/>.
+
+class Backends::DeployTerraformLibvirtJob < Que::Job
+  def run(terraform_libvirt_backend_id)
+    @terraform_libvirt_backend_id = terraform_libvirt_backend_id
+
+    Backends::TerraformLibvirt
+      .find(terraform_libvirt_backend_id)
+      .deploy_backend
+  end
+
+  def destroy
+    FinishedTerraformJob.create(
+      model_id: @terraform_libvirt_backend_id,
+      job_class: attrs[:job_class]
+    )
+    super
+  end
+
+  def self.jobs(terraform_libvirt_backend_id)
+    [
+      QueJob
+        .where(
+          job_class: name
+        ).where(
+          "args->>0 = '#{terraform_libvirt_backend_id}'"
+        ).to_a,
+      FinishedTerraformJob
+        .where(
+          job_class: name,
+          model_id: terraform_libvirt_backend_id
+        )
+    ].flatten.sort_by do |x|
+      if x.instance_of? QueJob
+        x.run_at
+      else # FinishedTerraformJob
+        x.created_at
+      end
+    end
+  end
+end
diff --git a/app/models/backends/terraform_libvirt.rb b/app/models/backends/terraform_libvirt.rb
index f108560..b069b70 100644
--- a/app/models/backends/terraform_libvirt.rb
+++ b/app/models/backends/terraform_libvirt.rb
@@ -56,7 +56,11 @@ class Backends::TerraformLibvirt < ApplicationRecord
       web_domain: "www.#{slug}.#{domain}",
       # Assume that this is a local environment, and not externally
       # accessible
-      use_https: 'development'
+      use_https: 'development',
+      http_ports_mode: 'standard',
+      host_name: "#{slug}.#{domain}",
+      admin_environment_label: mini_environment.name,
+      signon_instance_name: slug
     )
   end
 
@@ -80,10 +84,29 @@ class Backends::TerraformLibvirt < ApplicationRecord
     end
   end
 
+  def deploy_backend
+    TerraformWorkingDirectory.new(
+      terraform_state_id,
+      'terraform/libvirt/backend'
+    ).within_working_directory do
+      RubyTerraform.apply(
+        vars: {
+          uri: uri,
+          domain: domain
+        },
+        auto_approve: true
+      )
+    end
+  end
+
+  def terraform_state_id
+    "backend/terraform_libvirt/#{id}"
+  end
+
   def within_terraform_working_directory(mini_environment, &block)
     TerraformWorkingDirectory.new(
       "mini_environment/#{mini_environment.id}",
-      'terraform/libvirt'
+      'terraform/libvirt/mini_environment'
     ).within_working_directory(&block)
   end
 
@@ -92,10 +115,21 @@ class Backends::TerraformLibvirt < ApplicationRecord
   end
 
   def terraform_variables(mini_environment)
+    slug = mini_environment.name.parameterize
+
     {
       uri: uri,
-      machine_name: mini_environment.name.parameterize,
-      vm_image_and_system: mini_environment.backend_data['build_output']
+      machine_name: slug,
+      host_name: "#{slug}.#{domain}",
+      vm_image_and_system: mini_environment.backend_data['build_output'],
+      backend_remote_state_address: (
+        'http://localhost:3000' +
+        Rails
+          .application
+          .routes
+          .url_helpers
+          .terraform_http_backend_path(terraform_state_id)
+      )
     }
   end
 end
diff --git a/terraform/libvirt/backend/main.tf b/terraform/libvirt/backend/main.tf
new file mode 100644
index 0000000..24995e0
--- /dev/null
+++ b/terraform/libvirt/backend/main.tf
@@ -0,0 +1,20 @@
+variable "uri" {
+  type = "string"
+}
+
+terraform {
+  backend "http" {}
+}
+
+provider "libvirt" {
+  uri = "${var.uri}"
+}
+
+resource "libvirt_network" "vm_network" {
+  name = "vm_network"
+  addresses = ["10.0.1.0/24"]
+}
+
+output "network_name" {
+  value = "${libvirt_network.vm_network.name}"
+}
diff --git a/terraform/libvirt/mini_environment.tf b/terraform/libvirt/mini_environment.tf
deleted file mode 100644
index 4b9965d..0000000
--- a/terraform/libvirt/mini_environment.tf
+++ /dev/null
@@ -1,68 +0,0 @@
-terraform {
-  backend "http" {}
-}
-
-variable "machine_name" {
-  type = "string"
-}
-
-variable "uri" {
-  type = "string"
-}
-
-variable "vm_image_and_system" {
-  type = "string"
-}
-
-provider "libvirt" {
-  uri = "${var.uri}"
-}
-
-resource "libvirt_network" "vm_network" {
-   name = "vm_network"
-   addresses = ["10.0.1.0/24"]
-}
-
-# Create the machine
-resource "libvirt_domain" "domain-ubuntu" {
-  name = "${var.machine_name}"
-  memory = "8196"
-  vcpu = 4
-
-  kernel = "${var.vm_image_and_system}/system/kernel/bzImage"
-  initrd = "${var.vm_image_and_system}/system/initrd"
-
-  cmdline {
-    "--root" = "/dev/vda1"
-    "--system" = "${var.vm_image_and_system}/system"
-    "--load" = "${var.vm_image_and_system}/system/boot"
-  }
-
-  filesystem {
-    source   = "/gnu/store"
-    target   = "TAG_gnu_store"
-    readonly = true
-    accessmode = "passthrough"
-  }
-
-  disk {
-    file = "${var.vm_image_and_system}/image"
-    readonly = true
-  }
-
-  network_interface {
-    network_name = "${libvirt_network.vm_network.name}"
-  }
-
-  console {
-    type        = "pty"
-    target_port = "0"
-    target_type = "serial"
-  }
-
-  console {
-    type        = "pty"
-    target_type = "virtio"
-    target_port = "1"
-  }
-}
diff --git a/terraform/libvirt/mini_environment/main.tf b/terraform/libvirt/mini_environment/main.tf
new file mode 100644
index 0000000..00c3394
--- /dev/null
+++ b/terraform/libvirt/mini_environment/main.tf
@@ -0,0 +1,83 @@
+variable "backend_remote_state_address" {
+  type = "string"
+}
+
+variable "machine_name" {
+  type = "string"
+}
+
+variable "host_name" {
+  type = "string"
+}
+
+variable "uri" {
+  type = "string"
+}
+
+variable "vm_image_and_system" {
+  type = "string"
+}
+
+terraform {
+  backend "http" {}
+}
+
+provider "libvirt" {
+  uri = "${var.uri}"
+}
+
+data "terraform_remote_state" "backend" {
+  backend = "http"
+  config {
+    address = "${var.backend_remote_state_address}"
+  }
+}
+
+resource "local_file" "dnsmasq-config" {
+  content = "address=/${var.host_name}/${libvirt_domain.main.network_interface.0.addresses.0}"
+  filename = "/etc/NetworkManager/dnsmasq.d/${var.host_name}.conf"
+}
+
+resource "libvirt_domain" "main" {
+  name = "${var.machine_name}"
+  memory = "8196"
+  vcpu = 4
+
+  kernel = "${var.vm_image_and_system}/system/kernel/bzImage"
+  initrd = "${var.vm_image_and_system}/system/initrd"
+
+  cmdline {
+    "--root" = "/dev/vda1"
+    "--system" = "${var.vm_image_and_system}/system"
+    "--load" = "${var.vm_image_and_system}/system/boot"
+  }
+
+  filesystem {
+    source   = "/gnu/store"
+    target   = "TAG_gnu_store"
+    readonly = true
+    accessmode = "passthrough"
+  }
+
+  disk {
+    file = "${var.vm_image_and_system}/image"
+    readonly = true
+  }
+
+  network_interface {
+    network_name = "${data.terraform_remote_state.backend.network_name}"
+    wait_for_lease = true
+  }
+
+  console {
+    type        = "pty"
+    target_port = "0"
+    target_type = "serial"
+  }
+
+  console {
+    type        = "pty"
+    target_type = "virtio"
+    target_port = "1"
+  }
+}
-- 
cgit v1.2.3