Support CDW VW changes - squashing to make rebase onto devel easier

Co-Authored-by: Saravanan Raju <[email protected]>
Co-Authored-by: Webster Mudge <[email protected]>
Co-Authored-by: Chris Perro <[email protected]>
Signed-off-by: Chris Perro <[email protected]>
Signed-off-by: Christopher Perro <[email protected]>

Author: 3 people

docs/configuration.yml

@@ -14,6 +14,7 @@ datahub:
     gcp:
   suffix:
   tags:
+  force_delete:
 de:
   definitions:
   suffix:
@@ -32,10 +33,37 @@ df:
   teardown:
     persist:
   force_delete:
-  terminate_deployments:
 dw:
   definitions:
+    - name:
+      use_default_dbc:
+      load_demo_data:
+      virtual_warehouses:
+        - name:
+          type:
+          template:
+          autoscaling:
+            min_nodes:
+            max_nodes:
+          tags:
+          configs:
+            common_configs:
+            application_configs:
+            enable_sso:
+            ldap_groups:
   suffix:
+  vw:
+    suffix:
+    type:
+    template:
+  dbc:
+    suffix:
+    default_suffix: 
+  tags:
+  overlay_network:
+  private_load_balancer:
+  private_worker_nodes:
+  force_delete:
 env:
   aws:
     policy:
@@ -198,7 +226,7 @@ globals:
   dynamic_inventory:
     vm:
       count:
-      os:
+  force_teardown:
   gcloud_credential_file:
   infra_type:
   labels:
@@ -356,6 +384,7 @@ ml:
   suffix:
   tags:
   public_loadbalancer:
+  force_delete:
 opdb:
   definitions:
   suffix:

roles/common/defaults/main.yml

@@ -111,11 +111,17 @@ common__aws_private_subnet_ids:           "{{ infra.aws.vpc.existing.private_sub
 common__aws_region:                       "{{ infra.aws.region | default('eu-west-1') }}"
 common__aws_profile:                      "{{ infra.aws.profile | default('') }}"
 common__aws_role_suffix:                  "{{ infra.aws.role.suffix | default(common__role_suffix) }}"
+
 common__aws_datalake_admin_role_name:     "{{ env.aws.role.name.datalake_admin | default([common__namespace, common__aws_datalake_admin_suffix, common__aws_role_suffix] | join('-')) }}"
 common__aws_datalake_admin_suffix:        "{{ env.aws.role.label.datalake_admin | default(common__datalake_admin_suffix) }}"
 common__aws_idbroker_role_name:           "{{ env.aws.role.name.idbroker | default([common__namespace, common__aws_idbroker_suffix, common__aws_role_suffix] | join('-')) }}"
 common__aws_idbroker_suffix:              "{{ env.aws.role.label.idbroker | default(common__idbroker_suffix) }}"
 
+
+common__aws_vpc_id:                       "{{ infra.aws.vpc.existing.vpc_id | default('') }}"
+common__aws_public_subnet_ids:            "{{ infra.aws.vpc.existing.public_subnet_ids | default([]) }}"
+common__aws_private_subnet_ids:           "{{ infra.aws.vpc.existing.private_subnet_ids | default([]) }}"
+
 # Azure Infra
 common__azure_storage_name:               "{{ infra.azure.storage.name | default(common__storage_name | replace('-','')) }}"
 

roles/common/meta/main.yml

@@ -13,6 +13,8 @@
 # limitations under the License.
 
 galaxy_info:
+  role_name: platform
+  namespace: cloudera
   author: Webster Mudge ([email protected])
   description: >
     Shared configuration variables managed by role dependency. 

roles/infrastructure/defaults/main.yml

@@ -95,9 +95,9 @@ infra__vpc_user_ports:              "{{ infra.vpc.user_ports | default([infra__a
 infra__vpc_user_cidr:               "{{ infra.vpc.user_cidr | default([]) }}"
 infra__vpc_tunneled_cidr:           "{{ infra.vpc.tunneled_cidr | default([]) }}"
 
-infra__aws_vpc_id:                  "{{ infra.aws.vpc.existing.vpc_id | default('') }}"
-infra__aws_public_subnet_ids:       "{{ infra.aws.vpc.existing.public_subnet_ids | default([]) }}"
-infra__aws_private_subnet_ids:      "{{ infra.aws.vpc.existing.private_subnet_ids | default([]) }}"
+infra__aws_vpc_id:                  "{{ common__aws_vpc_id }}"
+infra__aws_public_subnet_ids:       "{{ common__aws_public_subnet_ids }}"
+infra__aws_private_subnet_ids:      "{{ common__aws_private_subnet_ids }}"
 
 infra__security_group_knox_name:    "{{ common__security_group_knox_name }}"
 infra__security_group_default_name: "{{ common__security_group_default_name }}"

roles/infrastructure/tasks/initialize_aws.yml

@@ -115,7 +115,6 @@
 
         - name: Set facts for existing AWS Public Subnet IDs
           ansible.builtin.set_fact:
-            infra__aws_public_subnet_ids: "{{ infra__aws_public_subnet_ids }}"
             infra__aws_subnet_ids: "{{ infra__aws_subnet_ids | default([]) | union(infra__aws_public_subnet_ids) }}"
             infra__aws_vpc_id: "{{ __aws_public_subnets_info.subnets | map(attribute='vpc_id') | list | first }}"
 

roles/infrastructure/tasks/setup.yml

@@ -33,7 +33,7 @@
     ansible.builtin.include_tasks: "setup_{{ infra__type | lower }}_utility_service.yml"
 
   - name: Set up provider-specific Infrastructure Compute
-    when: infra__dynamic_inventory_count
+    when: infra__dynamic_inventory_count | int > 0
     ansible.builtin.include_tasks: "setup_{{ infra__type | lower }}_compute.yml"
 
 - name: Set up for Terraform deployment engine

roles/platform/defaults/main.yml

@@ -117,6 +117,9 @@ plat__aws_storage_suffix:                     "{{ env.aws.storage.suffix | defau
 plat__aws_role_tags:                          "{{ env.aws.role.tags | default({}) }}"
 plat__aws_policy_tags:                        "{{ env.aws.policy.tags | default({}) }}"
 plat__aws_storage_tags:                       "{{ env.aws.storage.tags | default({}) }}"
+plat__aws_vpc_id:                             "{{ common__aws_vpc_id }}"
+plat__aws_public_subnet_ids:                  "{{ common__aws_public_subnet_ids }}"
+plat__aws_private_subnet_ids:                 "{{ common__aws_private_subnet_ids }}"
 
 plat__aws_xaccount_suffix:                    "{{ env.aws.role.label.cross_account | default(common__xaccount_suffix) }}"
 plat__aws_idbroker_suffix:                    "{{ common__aws_idbroker_suffix }}"

roles/platform/meta/main.yml

@@ -13,6 +13,8 @@
 # limitations under the License.
 
 galaxy_info:
+  role_name: platform
+  namespace: cloudera
   author: Webster Mudge ([email protected])
   description: >
     Deployment and management of Cloudera Data Platform (CDP) Public Cloud core

roles/platform/tasks/initialize_aws.yml

@@ -17,4 +17,9 @@
 - name: Retrieve AWS Caller details
   amazon.aws.aws_caller_info:
   register: __aws_caller_info
-  failed_when: __aws_caller_info.account is not defined
+  failed_when: __aws_caller_info.account is not defined
+
+- name: Confirm AWS SSH Public Key ID exists
+  ansible.builtin.command: aws ec2 describe-key-pairs --region "{{ plat__region }}" --key-name "{{ plat__public_key_id }}"
+  register: __aws_ssh_key_pair
+  failed_when: __aws_ssh_key_pair.rc != 0

roles/platform/tasks/initialize_setup_aws.yml

@@ -48,7 +48,7 @@
     plat__aws_xaccount_account_id: "{{ plat__cdp_xaccount_account_id }}"
 
 # Runlevel first, upstream second, and discover third
-- name: Discover AWS VPC if not defined
+- name: Discover AWS VPC if not defined or established by Infrastructure
   when: plat__aws_vpc_id == "" and infra__aws_vpc_id is undefined
   block:
     - name: Query AWS VPC by name
@@ -70,13 +70,12 @@
         plat__aws_vpc_id: "{{ __aws_vpc_info.vpcs[0].id }}"
 
 - name: Set fact for AWS VPC ID if established by Infrastructure
-  when: infra__aws_vpc_id is defined
+  when: plat__aws_vpc_id == "" and infra__aws_vpc_id is defined
   ansible.builtin.set_fact:
     plat__aws_vpc_id: "{{ infra__aws_vpc_id }}"
 
-# Runlevel first, upstream second, and discover third
-- name: Handle AWS Public and Private VPC Subnets if not defined
-  when: not plat__aws_public_subnet_ids or not plat__aws_private_subnet_ids
+- name: Handle AWS Subnet IDs if not defined
+  when: not plat__aws_public_subnet_ids or not plat__aws_private_subnet_ids # Defaults are empty lists
   block:
     - name: Query AWS Subnets
       amazon.aws.ec2_vpc_subnet_info:
@@ -143,13 +142,15 @@
   ansible.builtin.set_fact:
     plat__endpoint_access_scheme: "PUBLIC"
 
+# TODO Collapse the two SG queries together
 - name: Discover AWS Security Group for Knox
   when: infra__aws_security_group_knox_id is undefined
   block:
     - name: Query AWS Security Group for Knox
       amazon.aws.ec2_group_info:
         region: "{{ plat__region }}"
         filters:
+          vpc-id: "{{ plat__aws_vpc_id }}"
           group-name: "{{ plat__security_group_knox_name }}"
       register: __aws_security_group_knox_info
 
@@ -170,6 +171,7 @@
       amazon.aws.ec2_group_info:
         region: "{{ plat__region }}"
         filters:
+          vpc-id: "{{ plat__aws_vpc_id }}"
           group-name: "{{ plat__security_group_default_name }}"
       register: __aws_security_group_default_info