Terraform Deployment – Week 6

This repository contains Terraform configurations for provisioning infrastructure on ESXi and Azure, and Ansible playbooks for deploying a self made "Hello World" Docker container.

All sensitive information (e.g. SSH key files, passwords) and custom values are handled using Terraform variables stored in a separate file.

Docker Image Build and Deployment

• A "Hello World" Docker image is built using a Gitea Actions workflow.
• The image is published to the Gitea package registry.

Provioning with Terraform

graph TD
  subgraph ESXi
    ESXivSwitch[vSwitch]:::existing
    Portgroup[Portgroup]
    ESXiVM[Linux VM]
  end

  subgraph Azure
    VNet[Virtual Network]
    Subnet[Subnet]
    NIC[NIC]
    NSG["NSG (SSH open)"]
    AzureVM[Linux VM]
    PIP[Public IP]
  end

  subgraph Gitea
    subgraph Secrets 
        AzurePublicKey["SSH Public Key (azure.pub)"]
        AzurePrivateKey["SSH Private Key (azure)"]
        SkylabPrivateKey["SSH Private Key (skylab)"]
        SkylabPublicKey["SSH Public Key (skylab.pub)"]
    end
    subgraph Container Registry
        DockerImage[Hello World image]
    end
    subgraph Runners
        DockerBuildRunner[Docker Build Runner]
        ProvisionConfigureRunner[Provision & Configure VM's]
    end

    Userdata[Userdata]
    AzureCloudInit[Azure Cloudinit]
    VMinfo["Output file: inventory.ini"]
  end

  ESXivSwitch --> Portgroup
  Portgroup --> ESXiVM

  VNet --> Subnet
  Subnet --> NIC
  NIC --> AzureVM
  NSG --> NIC
  AzureVM --> PIP

  AzureCloudInit --> AzureVM

  DockerImage --> ESXiVM
  DockerImage --> AzureVM

  Userdata --> ESXiVM
  SkylabPrivateKey --> ProvisionConfigureRunner
  AzurePrivateKey --> ProvisionConfigureRunner
  AzurePrivateKey --> Userdata
  SkylabPublicKey --> Userdata
  AzurePublicKey ----> AzureCloudInit

  ProvisionConfigureRunner --> ESXi
  ProvisionConfigureRunner --> Azure
  DockerBuildRunner --> DockerImage


  ESXiVM --> VMinfo
  AzureVM --> VMinfo

  classDef existing stroke:#268b26

Azure

• Complete network setup:
  • Virtual Network
  • Subnet
  • Network Security Group
  • NIC
• One Ubuntu 24.04 VM.
• VM type: Standard_B2ats_v2
• Public IP address enabled
• The testuser user is created using cloud-init
  • azure.pub is uploaded as public key.
• A file /home/iac/hello.txt containing Hello World is created using cloud-init
• VM public and private IP address is stored in the vm_info.txt file.

ESXi

• One Ubuntu 24.04 VM.
• Provisioned with 1 vCPU and 2 GB RAM.
• The testuser user is created using cloud-init
  • skylab.pub is uploaded as public key.
  • azure private key us uploaded to access the Azure VM.
  • A SSH config file is created with info for connecting to the Azure VM.
  • sudo access.
  • no password prompt.
• VM private IP addresses are stored in the vm_info.txt file.

VM Configuration with Ansible

Ansible is used to configure the provisioned VMs:

• Docker is installed using a custom-made Ansible role.
• The previously built Docker image is pulled from the Gitea registry.
• The container is then started on the VMs.