fix: cloud-init changes to allow user to pass custom script per nodepool(#502)

* fix: cloudinit changes to allow user to pass custom script

* added variable type in submodule

* feat: Custom Cloud-init

* doc changes for cloudinit

* doc changes for cloudinit

Author: karthicgit

docs/cloudinit.adoc

@@ -0,0 +1,38 @@
+= cloud-init
+:idprefix:
+:idseparator: -
+:sectlinks:
+:sectnums:
+:toc: auto
+
+:uri-cloudinit: https://docs.oracle.com/en-us/iaas/Content/ContEng/Tasks/contengusingcustomcloudinitscripts.htm
+
+== Instructions:
+
+* {uri-cloudinit}[Using cloud-init in OKE] 
+* The default cloud-init script used by this module is as below:
+----
+#!/bin/bash
+
+# DO NOT MODIFY
+curl --fail -H "Authorization: Bearer Oracle" -L0 http://169.254.169.254/opc/v2/instance/metadata/oke_init_script | base64 --decode >/var/run/oke-init.sh
+
+## run oke provisioning script
+bash -x /var/run/oke-init.sh
+
+### adjust block volume size
+/usr/libexec/oci-growfs -y
+
+timedatectl set-timezone ${worker_timezone}
+----
+
+* To customize this you can modify the above script and pass the script as input variable to `cloudinit_nodepool_common`. This script will be used across all the nodepools.
+
+* To use specific cloud-init script for a nodepool pass the script as input variable to `cloudinit_nodepool` as a map.This will take precedence over `cloudinit_nodepool_common` for that nodepool.
+Ex: cloudinit_nodepool        = {
+  #np1 = "/tmp/np1cloudinit.sh"
+  #np3 = "/tmp/np3cloudinit.sh"
+#}
+
+
+

docs/terraformoptions.adoc

@@ -698,6 +698,18 @@ node_pools = {
 |
 |7.9
 
+|cloudinit_nodepool_common
+|cloud-init common for all nodepools when no specific script mentioned for nodepool in cloudinit_nodepool.
+|e.g.: `"/tmp/commoncloudinit.sh"`
+|""
+
+|cloudinit_nodepool
+|cloud-init specific to nodepool to override cloudinit_nodepool_common.
+|e.g.: `cloudinit_nodepool = {
+np2 = "/tmp/np2cloudinit.sh"
+}`
+|{}
+
 |node_pool_timezone
 |The preferred timezone for the worker nodes. {uri-timezones}[List of timezones].
 |

main.tf

@@ -14,7 +14,7 @@ module "vcn" {
   create_nat_gateway       = var.worker_type == "private" || var.create_operator == true || (var.load_balancers == "internal" || var.load_balancers == "both") ? true : false
   create_service_gateway   = true
   nat_gateway_public_ip_id = var.nat_gateway_public_ip_id
-  create_drg = var.create_drg
+  create_drg               = var.create_drg
 
   # lpgs
   local_peering_gateways = var.local_peering_gateways
@@ -242,6 +242,8 @@ module "oke" {
   enable_pv_encryption_in_transit = var.enable_pv_encryption_in_transit
   use_node_pool_volume_encryption = var.use_node_pool_volume_encryption
   node_pool_volume_kms_key_id     = var.node_pool_volume_kms_key_id
+  cloudinit_nodepool              = var.cloudinit_nodepool
+  cloudinit_nodepool_common       = var.cloudinit_nodepool_common
 
   # oke load balancer parameters
   preferred_load_balancer = var.preferred_load_balancer
@@ -330,7 +332,7 @@ module "extensions" {
   use_cluster_encryption       = var.use_cluster_encryption
   cluster_kms_key_id           = var.cluster_kms_key_id
   cluster_kms_dynamic_group_id = module.oke.cluster_kms_dynamic_group_id
-  create_policies      = var.create_policies
+  create_policies              = var.create_policies
 
   # ocir parameters
   email_address    = var.email_address

modules/oke/cloudinit.tf

@@ -4,8 +4,7 @@ locals {
       worker_timezone = var.node_pool_timezone
     }
   )
-  # example for adding more script 
-  # second_script_template = templatefile("${path.module}/cloudinit/second.template.sh",{})
+
 }
 
 # cloud-init for workers
@@ -18,12 +17,6 @@ data "cloudinit_config" "worker" {
     content_type = "text/x-shellscript"
     content      = local.worker_script_template
   }
-  
-  # example for adding more script
-  # part {
-  #   filename     = "second.sh"
-  #   content_type = "text/x-shellscript"
-  #   content      = local.second_script_template
-  # }
+
 }
 

modules/oke/cloudinit/second.template.sh

@@ -36,9 +36,9 @@ resource "oci_containerengine_node_pool" "nodepools" {
   }
 
   node_metadata = {
-    user_data = data.cloudinit_config.worker.rendered
+    user_data = var.cloudinit_nodepool_common == "" && lookup(var.cloudinit_nodepool, each.key, null) == null ? data.cloudinit_config.worker.rendered : lookup(var.cloudinit_nodepool, each.key, null) != null ? filebase64(lookup(var.cloudinit_nodepool, each.key, null)) : filebase64(var.cloudinit_nodepool_common)
   }
-  
+
   node_source_details {
     boot_volume_size_in_gbs = lookup(each.value, "boot_volume_size", 50)
     # check is done for GPU,A1 and other shapes.In future if some other shapes or images added we need to modify

modules/oke/nodepools.tf

@@ -53,6 +53,14 @@ variable "use_node_pool_volume_encryption" {
 
 variable "node_pool_volume_kms_key_id" {}
 
+variable "cloudinit_nodepool" {
+  type = map(any)
+}
+
+variable "cloudinit_nodepool_common" {
+  type = string
+}
+
 variable "enable_pv_encryption_in_transit" {
   type = bool
 }

modules/oke/variables.tf

@@ -172,10 +172,16 @@ node_pool_image_id    = "none"
 node_pool_name_prefix = "np"
 node_pool_os          = "Oracle Linux"
 node_pool_os_version  = "7.9"
-node_pool_timezone    = "Etc/UTC"
 worker_nsgs           = []
 worker_type           = "private"
 
+#cloudinit_nodepool_common = "/tmp/commoncloudinit.sh"
+#cloudinit_nodepool        = {
+  #np1 = "/tmp/np1cloudinit.sh"
+  #np3 = "/tmp/np3cloudinit.sh"
+#}
+node_pool_timezone        = "Etc/UTC"
+
 # upgrade of existing node pools
 upgrade_nodepool        = false
 node_pools_to_drain     = ["np1", "np2"]

terraform.tfvars.example

@@ -539,6 +539,18 @@ variable "enable_pv_encryption_in_transit" {
   default     = false
 }
 
+variable "cloudinit_nodepool" {
+  description = "Cloudinit script specific to nodepool"
+  type        = map(any)
+  default     = {}
+}
+
+variable "cloudinit_nodepool_common" {
+  description = "Cloudinit script common to all nodepool when cloudinit_nodepool  is not provided"
+  type        = string
+  default     = ""
+}
+
 variable "node_pools" {
   default = {
     np1 = { shape = "VM.Standard.E4.Flex", ocpus = 1, memory = 16, node_pool_size = 1, boot_volume_size = 150, label = { app = "frontend", pool = "np1" } }