# Terraform Deployment – Week 6

This repository contains Terraform configurations for provisioning infrastructure on ESXi and Azure, and Ansible playbooks for deploying a self made "Hello World" Docker container.

All sensitive information (e.g. SSH key files, passwords) and custom values are handled using Terraform variables stored in a separate file.

## Docker Image Build and Deployment

- A "Hello World" Docker image is built using a Gitea Actions workflow.
- The image is published to the Gitea package registry.

## Provioning with Terraform

```mermaid
graph TD
  subgraph ESXi omgeving
    ESXivSwitch[vSwitch]:::existing
    Portgroup[Portgroup]
    ESXiVM[Linux VM]

    ESXivSwitch --> Portgroup
    Portgroup --> ESXiVM
  end

  subgraph Azure
    VNet[Virtual Network]
    Subnet[Subnet]
    NIC[NIC]
    NSG["NSG (SSH open)"]
    AzureVM[Linux VM]
    PIP[Public IP]

    VNet --> Subnet
    Subnet --> NIC
    NIC --> AzureVM
    NSG --> NIC
    AzureVM --> PIP
  end

  subgraph Gitea
    subgraph Secrets
        AzurePublicKey["SSH Public Key (azure.pub)"]
        AzurePrivateKey["SSH Private Key (azure)"]
        SkylabPublicKey["SSH Public Key (skylab.pub)"]
    end
    subgraph Container Registry
        DockerImage[Hello World image]
    end
    Userdata[Userdata]
    AzureCloudInit[Azure Cloudinit]
    VMinfo["Output file: inventory.ini"]
  end

  SkylabPublicKey --> Userdata
  AzurePrivateKey --> Userdata
  AzurePublicKey --> AzureCloudInit
  Userdata --> ESXiVM
  AzureCloudInit --> AzureVM

  DockerImage --> ESXiVM
  DockerImage --> AzureVM

  ESXiVM --> VMinfo
  AzureVM --> VMinfo

  classDef existing stroke:#268b26
```

### Azure

- Complete network setup:
    - Virtual Network
    - Subnet
    - Network Security Group
    - NIC
- One Ubuntu 24.04 VM.
- VM type: `Standard_B2ats_v2`
- Public IP address enabled
- The `testuser` user is created using cloud-init
    - `azure.pub` is uploaded as public key.
- A file `/home/iac/hello.txt` containing `Hello World` is created using cloud-init
- VM public and private IP address is stored in the `vm_info.txt` file.

### ESXi

- One Ubuntu 24.04 VM.
- Provisioned with 1 vCPU and 2 GB RAM.
- The `testuser` user is created using cloud-init
    - `skylab.pub` is uploaded as public key.
    - `azure` private key us uploaded to access the Azure VM.
    - A SSH config file is created with info for connecting to the Azure VM.
    - sudo access.
    - no password prompt.
- VM private IP addresses are stored in the `vm_info.txt` file.

## VM Configuration with Ansible

Ansible is used to configure the provisioned VMs:

- Docker is installed using a custom-made Ansible role.
- The previously built Docker image is pulled from the Gitea registry.
- The container is then started on the VMs.