diff --git a/cfssl.tf b/cfssl.tf index d34d6cc..98a4f0b 100644 --- a/cfssl.tf +++ b/cfssl.tf @@ -36,45 +36,21 @@ data "ignition_file" "cfssl-client-config" { } } -data "template_file" "cfssl-disk-formatter" { - template = "${ var.cloud_provider == "aws" ? - file("${path.module}/resources/aws-disk-formatter.service") - :var.cloud_provider == "gce" ? - file("${path.module}/resources/gce-disk-formatter.service") - :"" - }" - - vars { - volumeid = "${var.cfssl_data_volumeid}" - user = "root" - group = "root" - filesystem = "ext4" - } -} - -data "ignition_systemd_unit" "cfssl-disk-formatter" { - name = "cfssl-disk-formatter.service" - content = "${data.template_file.cfssl-disk-formatter.rendered}" -} - data "template_file" "cfssl-disk-mounter" { - template = "${ var.cloud_provider == "aws" ? - file("${path.module}/resources/aws-disk-mounter.mount") - :var.cloud_provider == "gce" ? - file("${path.module}/resources/gce-disk-mounter.mount") - :"" - }" + template = "${file("${path.module}/resources/disk-mounter.service")}" vars { - volumeid = "${var.cfssl_data_volumeid}" - mountpoint = "/var/lib/cfssl" - filesystem = "ext4" - disk-formatter = "cfssl-disk-formatter.service" + script_path = "/opt/bin/format-and-mount" + volume_id = "${var.cfssl_data_volumeid}" + filesystem = "ext4" + user = "root" + group = "root" + mountpoint = "/var/lib/cfssl" } } -data "ignition_systemd_unit" "var-lib-cfssl-mounter" { - name = "var-lib-cfssl.mount" +data "ignition_systemd_unit" "cfssl-disk-mounter" { + name = "disk-mounter.service" content = "${data.template_file.cfssl-disk-mounter.rendered}" } @@ -192,6 +168,7 @@ data "ignition_config" "cfssl" { data.ignition_file.cfssl-sk-csr.id, data.ignition_file.cfssl-nginx-conf.id, data.ignition_file.cfssl-nginx-auth.id, + data.ignition_file.format-and-mount.id, ), var.cfssl_additional_files, )}"] @@ -204,8 +181,7 @@ data "ignition_config" "cfssl" { data.ignition_systemd_unit.node-exporter.id, data.ignition_systemd_unit.cfssl.id, data.ignition_systemd_unit.cfssl-nginx.id, - data.ignition_systemd_unit.cfssl-disk-formatter.id, - data.ignition_systemd_unit.var-lib-cfssl-mounter.id, + data.ignition_systemd_unit.cfssl-disk-mounter.id, ), module.cfssl-restarter.systemd_units, var.cfssl_additional_systemd_units, diff --git a/common.tf b/common.tf index 8daf55d..3deda4b 100644 --- a/common.tf +++ b/common.tf @@ -61,3 +61,13 @@ data "ignition_systemd_unit" "node-exporter" { content = "${data.template_file.node-exporter.rendered}" } + +data "ignition_file" "format-and-mount" { + mode = 0755 + filesystem = "root" + path = "/opt/bin/format-and-mount" + + content { + content = "${file("${path.module}/resources/format-and-mount")}" + } +} diff --git a/etcd.tf b/etcd.tf index e620766..e3ea9d2 100644 --- a/etcd.tf +++ b/etcd.tf @@ -67,52 +67,24 @@ data "ignition_file" "etcdctl-wrapper" { } } -data "template_file" "disk-formatter" { - count = "${length(var.etcd_addresses)}" - - template = "${ var.cloud_provider == "aws" ? - file("${path.module}/resources/aws-disk-formatter.service") - :var.cloud_provider == "gce" ? - file("${path.module}/resources/gce-disk-formatter.service") - :"" - }" - - vars { - volumeid = "${var.etcd_data_volumeids[count.index]}" - user = "etcd" - group = "etcd" - filesystem = "ext4" - } -} - -data "ignition_systemd_unit" "disk-formatter" { - count = "${length(var.etcd_addresses)}" - name = "disk-formatter.service" - content = "${element(data.template_file.disk-formatter.*.rendered, count.index)}" -} - -data "template_file" "disk-mounter" { - count = "${length(var.etcd_addresses)}" - - template = "${ var.cloud_provider == "aws" ? - file("${path.module}/resources/aws-disk-mounter.mount") - :var.cloud_provider == "gce" ? - file("${path.module}/resources/gce-disk-mounter.mount") - :"" - }" +data "template_file" "etcd-disk-mounter" { + count = "${length(var.etcd_addresses)}" + template = "${file("${path.module}/resources/disk-mounter.service")}" vars { - volumeid = "${var.etcd_data_volumeids[count.index]}" - mountpoint = "/var/lib/etcd" - filesystem = "ext4" - disk-formatter = "disk-formatter.service" + script_path = "/opt/bin/format-and-mount" + volume_id = "${var.etcd_data_volumeids[count.index]}" + filesystem = "ext4" + user = "etcd" + group = "etcd" + mountpoint = "/var/lib/etcd" } } -data "ignition_systemd_unit" "var-lib-etcd-mounter" { +data "ignition_systemd_unit" "etcd-disk-mounter" { count = "${length(var.etcd_addresses)}" - name = "var-lib-etcd.mount" - content = "${element(data.template_file.disk-mounter.*.rendered, count.index)}" + name = "disk-mounter.service" + content = "${data.template_file.etcd-disk-mounter.*.rendered[count.index]}" } resource "null_resource" "etcd_member" { @@ -164,6 +136,7 @@ data "ignition_config" "etcd" { element(data.ignition_file.etcd-cfssl-new-cert.*.id, count.index), data.ignition_file.etcd-prom-machine-role.id, element(data.ignition_file.etcdctl-wrapper.*.id, count.index), + data.ignition_file.format-and-mount.id, ), var.etcd_additional_files, )}"] @@ -175,8 +148,7 @@ data "ignition_config" "etcd" { data.ignition_systemd_unit.docker-opts-dropin.id, data.ignition_systemd_unit.node-exporter.id, element(data.ignition_systemd_unit.etcd-member-dropin.*.id, count.index), - element(data.ignition_systemd_unit.disk-formatter.*.id, count.index), - element(data.ignition_systemd_unit.var-lib-etcd-mounter.*.id, count.index), + element(data.ignition_systemd_unit.etcd-disk-mounter.*.id, count.index), ), module.etcd-member-restarter.systemd_units, var.etcd_additional_systemd_units, diff --git a/resources/aws-disk-formatter.service b/resources/aws-disk-formatter.service deleted file mode 100644 index be1d81a..0000000 --- a/resources/aws-disk-formatter.service +++ /dev/null @@ -1,8 +0,0 @@ -[Unit] -Description=Format device with volume-id: ${volumeid}, if it has no filesystem -[Service] -Type=oneshot -RemainAfterExit=yes -Environment=DEVICE=/dev/disk/by-id/nvme-Amazon_Elastic_Block_Store_${volumeid} -ExecStartPre=/bin/sh -c "until [ -e $${DEVICE} ]; do sleep 8; done" -ExecStart=/bin/sh -c "fsck -a $${DEVICE} || (mkfs.${filesystem} $${DEVICE} && mount $${DEVICE} /mnt && chown -R ${user}:${group} /mnt && umount /mnt)" diff --git a/resources/aws-disk-mounter.mount b/resources/aws-disk-mounter.mount deleted file mode 100644 index c8c3c09..0000000 --- a/resources/aws-disk-mounter.mount +++ /dev/null @@ -1,8 +0,0 @@ -[Unit] -Description=Mount device ${volumeid} to ${mountpoint} -Requires=${disk-formatter} -After=${disk-formatter} -[Mount] -What=/dev/disk/by-id/nvme-Amazon_Elastic_Block_Store_${volumeid} -Where=${mountpoint} -Type=${filesystem} diff --git a/resources/cfssl.service b/resources/cfssl.service index 3dbc72f..0e572f6 100644 --- a/resources/cfssl.service +++ b/resources/cfssl.service @@ -1,7 +1,7 @@ [Unit] Description=cfssl service -After=var-lib-cfssl.mount -Requires=var-lib-cfssl.mount +After=disk-mounter.service +Requires=disk-mounter.service [Service] WorkingDirectory=/var/lib/cfssl ExecStartPre=/bin/sh -c 'if [ ! -f sk-key.pem ]; then /opt/bin/cfssl genkey /etc/cfssl/sk-csr.json | /opt/bin/cfssljson -bare sk && rm sk.csr; fi' diff --git a/resources/disk-mounter.service b/resources/disk-mounter.service new file mode 100644 index 0000000..a1929be --- /dev/null +++ b/resources/disk-mounter.service @@ -0,0 +1,6 @@ +[Unit] +Description=Mounts device on mountpoint, formatting it if necessary +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=${script_path} ${volume_id} ${filesystem} ${user} ${group} ${mountpoint} diff --git a/resources/etcd-member-dropin.conf b/resources/etcd-member-dropin.conf index de0852d..07b1c0b 100644 --- a/resources/etcd-member-dropin.conf +++ b/resources/etcd-member-dropin.conf @@ -1,6 +1,6 @@ [Unit] -After=var-lib-etcd.mount -Requires=var-lib-etcd.mount +After=disk-mounter.service +Requires=disk-mounter.service [Service] Environment="ETCD_IMAGE_URL=${etcd_image_url}" Environment="ETCD_IMAGE_TAG=${etcd_image_tag}" diff --git a/resources/format-and-mount b/resources/format-and-mount new file mode 100644 index 0000000..2dae4b9 --- /dev/null +++ b/resources/format-and-mount @@ -0,0 +1,36 @@ +#!/bin/bash + +readonly volume_id="$1" +readonly filesystem="$2" +readonly user="$3" +readonly group="$4" +readonly mountpoint="$5" + +# Location used by providers: +# AWS nvme (m5): /dev/disk/by-id/nvme-Amazon_Elastic_Block_Store_${volume_id} +# AWS non-nvme (t2): /dev/${volume_id} +# GCP: /dev/disk/by-id/google-${volume_id} +readonly locations=" + /dev/disk/by-id/nvme-Amazon_Elastic_Block_Store_${volume_id} + /dev/${volume_id} + /dev/disk/by-id/google-${volume_id} +" +until mountpoint -q ${mountpoint}; do + sleep 8 + for device in ${locations}; do + echo "Looking for device ${device}..." + if [[ -e "${device}" ]]; then + echo "Device ${device} found" + fsck -a ${device} || ( + mkfs.${filesystem} ${device} \ + && mount ${device} /mnt \ + && chown -R ${user}:${group} /mnt \ + && umount /mnt + ) + mkdir -p ${mountpoint} + mount -t ${filesystem} ${device} ${mountpoint} + echo "${device} mounted at ${mountpoint}" + break + fi + done +done diff --git a/resources/gce-disk-formatter.service b/resources/gce-disk-formatter.service deleted file mode 100644 index 905a669..0000000 --- a/resources/gce-disk-formatter.service +++ /dev/null @@ -1,8 +0,0 @@ -[Unit] -Description=Format device with volume-id: ${volumeid}, if it has no filesystem -[Service] -Type=oneshot -RemainAfterExit=yes -Environment=DEVICE=/dev/disk/by-id/google-${volumeid} -ExecStartPre=/bin/sh -c "until [ -e $${DEVICE} ]; do sleep 8; done" -ExecStart=/bin/sh -c "fsck -a $${DEVICE} || (mkfs.${filesystem} $${DEVICE} && mount $${DEVICE} /mnt && chown -R ${user}:${group} /mnt && umount /mnt)" diff --git a/resources/gce-disk-mounter.mount b/resources/gce-disk-mounter.mount deleted file mode 100644 index 6ad8300..0000000 --- a/resources/gce-disk-mounter.mount +++ /dev/null @@ -1,8 +0,0 @@ -[Unit] -Description=Mount device ${volumeid} to ${mountpoint} -Requires=${disk-formatter} -After=${disk-formatter} -[Mount] -What=/dev/disk/by-id/google-${volumeid} -Where=${mountpoint} -Type=${filesystem}