20482: Allows the site admin to specify a custom AMI for the nodes.

Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <lucas.dipentima@curii.com>

diff --git a/tools/salt-install/terraform/aws/services/locals.tf b/tools/salt-install/terraform/aws/services/locals.tf
index d515453cb1cfb970c142f6de0abe72286837a5e6..73de27780aada207edeb6be4bd68ad5e50e3ffd1 100644 (file)
--- a/tools/salt-install/terraform/aws/services/locals.tf
+++ b/tools/salt-install/terraform/aws/services/locals.tf
@@ -10,10 +10,10 @@ locals {
   public_ip = data.terraform_remote_state.vpc.outputs.public_ip
   private_ip = data.terraform_remote_state.vpc.outputs.private_ip
   pubkey_path = pathexpand(var.pubkey_path)
-  pubkey_name = "${local.cluster_name}-arvados-deployer-key"
   public_hosts = data.terraform_remote_state.vpc.outputs.public_hosts
   private_hosts = data.terraform_remote_state.vpc.outputs.private_hosts
   user_facing_hosts = data.terraform_remote_state.vpc.outputs.user_facing_hosts
   internal_service_hosts = data.terraform_remote_state.vpc.outputs.internal_service_hosts
   ssl_password_secret_name = "${local.cluster_name}-${var.ssl_password_secret_name_suffix}"
+  instance_ami_id = var.instance_ami != "" ? var.instance_ami : data.aws_ami.debian-11.image_id
 }

diff --git a/tools/salt-install/terraform/aws/services/main.tf b/tools/salt-install/terraform/aws/services/main.tf
index e4724c92c2224edc3c988c175f72c8abd069114b..c528a12399fe48e993198e525923cee749b2ba53 100644 (file)
--- a/tools/salt-install/terraform/aws/services/main.tf
+++ b/tools/salt-install/terraform/aws/services/main.tf
@@ -41,7 +41,7 @@ resource "aws_iam_instance_profile" "default_instance_profile" {
 
 resource "aws_instance" "arvados_service" {
   for_each = toset(concat(local.public_hosts, local.private_hosts))
-  ami = data.aws_ami.debian-11.image_id
+  ami = local.instance_ami_id
   instance_type = var.default_instance_type
   user_data = templatefile("user_data.sh", {
     "hostname": each.value,

diff --git a/tools/salt-install/terraform/aws/services/terraform.tfvars b/tools/salt-install/terraform/aws/services/terraform.tfvars
index 7231717ee6fdb542f5b81c69f33cd543c723031a..4be0edd59f3be6b54bd7703d815e6403f283120e 100644 (file)
--- a/tools/salt-install/terraform/aws/services/terraform.tfvars
+++ b/tools/salt-install/terraform/aws/services/terraform.tfvars
@@ -3,7 +3,7 @@
 # SPDX-License-Identifier: CC-BY-SA-3.0
 
 # Set to a specific SSH public key path. Default: ~/.ssh/id_rsa.pub
-# pubkey_path = /path/to/pub.key
+# pubkey_path = "/path/to/pub.key"
 
 # Set the instance type for your hosts. Default: m5a.large
 # default_instance_type = "t2.micro"
@@ -14,4 +14,7 @@
 
 # User for software deployment. Depends on the AMI's distro.
 # Default: 'admin'
-# deploy_user = ubuntu
+# deploy_user = "ubuntu"
+
+# Instance AMI to use for service nodes. Default: latest from Debian 11
+# instance_ami = "ami-0481e8ba7f486bd99"
\ No newline at end of file

diff --git a/tools/salt-install/terraform/aws/services/variables.tf b/tools/salt-install/terraform/aws/services/variables.tf
index 4117b7b49413386fec9a7aff20b87de9e2d4003e..99005a22038ef99bc83b0c58ffb0f8df11d50593 100644 (file)
--- a/tools/salt-install/terraform/aws/services/variables.tf
+++ b/tools/salt-install/terraform/aws/services/variables.tf
@@ -24,4 +24,10 @@ variable "ssl_password_secret_name_suffix" {
   description = "Name suffix for the SSL certificate's private key password AWS secret."
   type = string
   default = "arvados-ssl-privkey-password"
+}
+
+variable "instance_ami" {
+  description = "The EC2 instance AMI to use on the nodes"
+  type = string
+  default = ""
 }
\ No newline at end of file