OCTOPUS-496: remove non-cis approach

Signed-off-by: Paul Bastide <[email protected]>

main.tf

@@ -27,10 +27,9 @@ resource "random_id" "label" {
 locals {
   cluster_id = var.cluster_id == "" ? random_id.label[0].hex : (var.cluster_id_prefix == "" ? var.cluster_id : "${var.cluster_id_prefix}-${var.cluster_id}")
   # Generates vm_id as combination of vm_id_prefix + (random_id or user-defined vm_id)
-  name_prefix                 = var.name_prefix == "" ? "mac-${random_id.label[0].hex}" : "${var.name_prefix}"
-  node_prefix                 = var.use_zone_info_for_names ? "${var.powervs_zone}-" : ""
-  vpc_name                    = var.vpc_create ? "${local.name_prefix}-vpc" : var.vpc_name
-  skip_transit_gateway_create = var.ibm_cloud_cis
+  name_prefix = var.name_prefix == "" ? "mac-${random_id.label[0].hex}" : "${var.name_prefix}"
+  node_prefix = var.use_zone_info_for_names ? "${var.powervs_zone}-" : ""
+  vpc_name    = var.vpc_create ? "${local.name_prefix}-vpc" : var.vpc_name
 }
 
 ### Prepares the VPC Support Machine
@@ -81,7 +80,6 @@ module "vpc_prepare" {
   create_custom_subnet       = var.create_custom_subnet
   skip_create_security_group = var.skip_create_security_group
   skip_route_creation        = var.skip_route_creation
-  ibm_cloud_cis              = var.ibm_cloud_cis
 }
 
 ### Prepares the VPC gateway
@@ -106,40 +104,11 @@ module "vpc_gateway" {
   worker_3 = var.worker_3
 }
 
-### Prepares the VPC Support Machine
-module "pvs_link" {
-  count = var.ibm_cloud_cis ? 0 : 1
-  providers = {
-    ibm = ibm.powervs
-  }
-  depends_on = [module.vpc_prepare]
-  source     = "./modules/2_pvs_link"
-
-  powervs_service_instance_id = var.powervs_service_instance_id
-  cluster_id                  = local.cluster_id
-  powervs_network_name        = var.powervs_network_name
-}
-
-module "transit_gateway" {
-  count = local.skip_transit_gateway_create ? 0 : 1
-  providers = {
-    ibm = ibm.vpc
-  }
-  depends_on = [module.vpc_prepare, module.pvs_link]
-  source     = "./modules/3_transit_gateway"
-
-  cluster_id     = local.cluster_id
-  vpc_name       = local.vpc_name
-  vpc_crn        = module.vpc_prepare.vpc_crn
-  vpc_region     = var.vpc_region
-  resource_group = module.vpc.vpc_resource_group
-}
-
 module "support" {
   providers = {
     ibm = ibm.powervs
   }
-  depends_on = [module.transit_gateway]
+  depends_on = [module.vpc_gateway]
   source     = "./modules/4_pvs_support"
 
   private_key_file     = var.private_key_file
@@ -154,7 +123,6 @@ module "support" {
   vpc_region           = var.vpc_region
   resource_group       = module.vpc.vpc_resource_group
   ignition_ip          = var.powervs_bastion_private_ip
-  ibm_cloud_cis        = var.ibm_cloud_cis
 }
 
 module "image" {
@@ -214,6 +182,4 @@ module "post" {
   worker_2                  = var.worker_2
   worker_3                  = var.worker_3
   cicd_image_pruner_cleanup = var.cicd_image_pruner_cleanup
-  ibm_cloud_cis             = var.ibm_cloud_cis
 }
-

modules/1_vpc_gateway/variables.tf

@@ -3,15 +3,11 @@
 # SPDX-License-Identifier: Apache-2.0
 ################################################################
 
-# 
 variable "ibmcloud_api_key" {}
 variable "vpc_region" {}
 variable "resource_group_name" {}
 variable "vpc_name" {}
 variable "vpc_create_public_gateways" {}
-
-
-## Null Provider
 variable "private_key_file" {}
 variable "rhel_username" {}
 variable "bastion_public_ip" {}

modules/1_vpc_prepare/security_groups.tf

@@ -73,7 +73,7 @@ locals {
 # Dev Note: Only opens to the Load Balancers SG
 # If it exists, it implies that the SG needs to be updated.
 resource "ibm_is_security_group_rule" "lbs_to_workers_http" {
-  count     = var.ibm_cloud_cis ? 1 : 0
+  count     = 1
   group     = ibm_is_security_group.worker_vm_sg[0].id
   direction = "inbound"
   remote    = local.lbs_sg[0].id
@@ -85,7 +85,7 @@ resource "ibm_is_security_group_rule" "lbs_to_workers_http" {
 
 # TCP Inbound 443 - Security group *ocp-sec-group
 resource "ibm_is_security_group_rule" "lbs_to_workers_https" {
-  count     = var.ibm_cloud_cis ? 1 : 0
+  count     = 1
   group     = ibm_is_security_group.worker_vm_sg[0].id
   direction = "inbound"
   remote    = local.lbs_sg[0].id

modules/1_vpc_prepare/variables.tf

@@ -13,7 +13,6 @@ variable "public_key" {}
 variable "powervs_machine_cidr" {}
 variable "resource_group" {}
 variable "name_prefix" {}
-variable "ibm_cloud_cis" {}
 
 variable "worker_1" {
   type = object({ count = number, profile = string, zone = string })
@@ -54,12 +53,10 @@ variable "worker_3" {
   }
 }
 variable "create_custom_subnet" {}
-
-## SSH related
 variable "ssh_agent" {}
 variable "bastion_public_ip" {}
 variable "private_key_file" {}
 variable "connection_timeout" {}
 variable "rhel_username" {}
 variable "skip_create_security_group" {}
-variable "skip_route_creation" {}
+variable "skip_route_creation" {}

modules/4_pvs_support/pvs_support.tf

@@ -70,37 +70,8 @@ EOF
   }
 }
 
-# Dev Note: adds static routes to the dhcpd.conf file
-resource "null_resource" "add_dhcp_static_routes" {
-  count      = var.ibm_cloud_cis ? 0 : 1
-  depends_on = [null_resource.setup]
-  connection {
-    type        = "ssh"
-    user        = var.rhel_username
-    host        = var.bastion_public_ip
-    private_key = file(var.private_key_file)
-    agent       = var.ssh_agent
-    timeout     = "${var.connection_timeout}m"
-  }
-
-  # Copies the custom routes for dhcp
-  provisioner "file" {
-    source      = "${path.module}/files/static-route.sh"
-    destination = "/root/ocp4-upi-compute-powervs-ibmcloud/intel/support/static-route.sh"
-  }
-
-  # Dev Note: Adds static routes
-  provisioner "remote-exec" {
-    inline = [<<EOF
-cd ocp4-upi-compute-powervs-ibmcloud/intel/support
-bash static-route.sh
-EOF
-    ]
-  }
-}
-
 resource "null_resource" "limit_csi_arch" {
-  depends_on = [null_resource.setup, null_resource.add_dhcp_static_routes]
+  depends_on = [null_resource.setup]
   connection {
     type        = "ssh"
     user        = var.rhel_username
@@ -122,43 +93,8 @@ EOF
   }
 }
 
-resource "null_resource" "create_resolv_conf_for_intel_workers" {
-  count = var.ibm_cloud_cis ? 0 : 1
-
-  depends_on = [null_resource.limit_csi_arch]
-  connection {
-    type        = "ssh"
-    user        = var.rhel_username
-    host        = var.bastion_public_ip
-    private_key = sensitive(file(var.private_key_file))
-    agent       = var.ssh_agent
-    timeout     = "${var.connection_timeout}m"
-  }
-
-  provisioner "remote-exec" {
-    inline = [<<EOF
-mkdir -p /root/ocp4-upi-compute-powervs-ibmcloud/intel/butane/
-EOF
-    ]
-  }
-
-  provisioner "file" {
-    source      = "${path.module}/files/resolv.sh"
-    destination = "/root/ocp4-upi-compute-powervs-ibmcloud/intel/butane/resolv.sh"
-  }
-
-  # Dev Note: Creates a worker specific butane configuration
-  provisioner "remote-exec" {
-    inline = [<<EOF
-cd /root/ocp4-upi-compute-powervs-ibmcloud/intel/butane/
-bash resolv.sh
-EOF
-    ]
-  }
-}
-
 resource "null_resource" "migrate_mcp" {
-  depends_on = [null_resource.limit_csi_arch, null_resource.create_resolv_conf_for_intel_workers]
+  depends_on = [null_resource.limit_csi_arch]
   connection {
     type        = "ssh"
     user        = var.rhel_username

modules/4_pvs_support/variables.tf

@@ -14,5 +14,4 @@ variable "ignition_ip" {}
 variable "ibmcloud_api_key" {}
 variable "vpc_name" {}
 variable "vpc_region" {}
-variable "resource_group" {}
-variable "ibm_cloud_cis" {}
+variable "resource_group" {}