From f52994b7d64982b06b75cb6f49afbb5b536f77f6 Mon Sep 17 00:00:00 2001
From: Maikel Mertens <mmertens@gmail.com>
Date: Wed, 16 Aug 2017 13:10:29 +0200
Subject: [PATCH] Added Terraform variables for SSH user which depends on given
 AWS AMI, removed commented ssh_args and control_path settings in Ansible
 config to be able to connect through Bastion Host

---
 ansible.cfg                                    |  4 ++--
 contrib/terraform/aws/create-infrastructure.tf | 13 ++++++-------
 contrib/terraform/aws/terraform.tfvars         | 10 ++++++++--
 contrib/terraform/aws/variables.tf             |  9 ++++++++-
 4 files changed, 24 insertions(+), 12 deletions(-)

diff --git a/ansible.cfg b/ansible.cfg
index d1741836a..6b0e47796 100644
--- a/ansible.cfg
+++ b/ansible.cfg
@@ -1,7 +1,7 @@
 [ssh_connection]
 pipelining=True
-#ssh_args = -F ./ssh-bastion.conf -o ControlMaster=auto -o ControlPersist=30m
-#control_path = ~/.ssh/ansible-%%r@%%h:%%p
+ssh_args = -F ./ssh-bastion.conf -o ControlMaster=auto -o ControlPersist=30m
+control_path = ~/.ssh/ansible-%%r@%%h:%%p
 [defaults]
 host_key_checking=False
 gathering = smart
diff --git a/contrib/terraform/aws/create-infrastructure.tf b/contrib/terraform/aws/create-infrastructure.tf
index a58bca53c..65fd10e19 100644
--- a/contrib/terraform/aws/create-infrastructure.tf
+++ b/contrib/terraform/aws/create-infrastructure.tf
@@ -164,17 +164,16 @@ data "template_file" "inventory" {
     template = "${file("${path.module}/templates/inventory.tpl")}"
 
     vars {
-        public_ip_address_bastion = "${join("\n",formatlist("bastion ansible_ssh_host=%s" , aws_instance.bastion-server.*.public_ip))}"
-        connection_strings_master = "${join("\n",formatlist("%s ansible_ssh_host=%s",aws_instance.k8s-master.*.tags.Name, aws_instance.k8s-master.*.private_ip))}"
-        connection_strings_node = "${join("\n", formatlist("%s ansible_ssh_host=%s", aws_instance.k8s-worker.*.tags.Name, aws_instance.k8s-worker.*.private_ip))}"
-        connection_strings_etcd = "${join("\n",formatlist("%s ansible_ssh_host=%s", aws_instance.k8s-etcd.*.tags.Name, aws_instance.k8s-etcd.*.private_ip))}"
+        public_ip_address_bastion = "${join("\n",formatlist("bastion ansible_ssh_host=%s ansible_ssh_user=%s", aws_instance.bastion-server.*.public_ip, var.aws_bastion_ssh_user))}"
+        connection_strings_master = "${join("\n",formatlist("%s ansible_ssh_host=%s ansible_ssh_user=%s", aws_instance.k8s-master.*.tags.Name, aws_instance.k8s-master.*.private_ip, var.aws_cluster_ssh_user))}"
+        connection_strings_node = "${join("\n", formatlist("%s ansible_ssh_host=%s ansible_ssh_user=%s", aws_instance.k8s-worker.*.tags.Name, aws_instance.k8s-worker.*.private_ip, var.aws_cluster_ssh_user))}"
+        connection_strings_etcd = "${join("\n",formatlist("%s ansible_ssh_host=%s ansible_ssh_user=%s", aws_instance.k8s-etcd.*.tags.Name, aws_instance.k8s-etcd.*.private_ip, var.aws_cluster_ssh_user))}"
         list_master = "${join("\n",aws_instance.k8s-master.*.tags.Name)}"
         list_node = "${join("\n",aws_instance.k8s-worker.*.tags.Name)}"
         list_etcd = "${join("\n",aws_instance.k8s-etcd.*.tags.Name)}"
-        elb_api_fqdn = "apiserver_loadbalancer_domain_name=\"${module.aws-elb.aws_elb_api_fqdn}\""
+        elb_api_fqdn = "apiserver_loadbalancer_domain_name=\"${lower("${module.aws-elb.aws_elb_api_fqdn}")}\""
         elb_api_port = "loadbalancer_apiserver.port=${var.aws_elb_api_port}"
-        kube_insecure_apiserver_address = "kube_apiserver_insecure_bind_address: ${var.kube_insecure_apiserver_address}"
-
+        kube_insecure_apiserver_address = "kube_apiserver_insecure_bind_address=${var.kube_insecure_apiserver_address}"
     }
 }
 
diff --git a/contrib/terraform/aws/terraform.tfvars b/contrib/terraform/aws/terraform.tfvars
index a538d46f3..95ca09d55 100644
--- a/contrib/terraform/aws/terraform.tfvars
+++ b/contrib/terraform/aws/terraform.tfvars
@@ -1,19 +1,21 @@
 #Global Vars
 aws_cluster_name = "devtest"
 
+
 #VPC Vars
 aws_vpc_cidr_block = "10.250.192.0/18"
 aws_cidr_subnets_private = ["10.250.192.0/20","10.250.208.0/20"]
 aws_cidr_subnets_public = ["10.250.224.0/20","10.250.240.0/20"]
 aws_avail_zones = ["eu-central-1a","eu-central-1b"]
 
+
 #Bastion Host
 aws_bastion_ami = "ami-5900cc36"
 aws_bastion_size = "t2.small"
+aws_bastion_ssh_user = "admin"
 
 
 #Kubernetes Cluster
-
 aws_kube_master_num = 3
 aws_kube_master_size = "t2.medium"
 
@@ -23,9 +25,13 @@ aws_etcd_size = "t2.medium"
 aws_kube_worker_num = 4
 aws_kube_worker_size = "t2.medium"
 
+# Refer to: https://coreos.com/os/docs/latest/booting-on-ec2.html
 aws_cluster_ami = "ami-903df7ff"
+aws_cluster_ssh_user = "core"
+
+
 
 #Settings AWS ELB
-
 aws_elb_api_port = 443
 k8s_secure_api_port = 443
+kube_insecure_apiserver_address = 0.0.0.0
\ No newline at end of file
diff --git a/contrib/terraform/aws/variables.tf b/contrib/terraform/aws/variables.tf
index c740e6472..ff428ebef 100644
--- a/contrib/terraform/aws/variables.tf
+++ b/contrib/terraform/aws/variables.tf
@@ -22,7 +22,6 @@ variable "aws_cluster_name" {
 
 
 //AWS VPC Variables
-
 variable "aws_vpc_cidr_block" {
   description = "CIDR Block for VPC"
 }
@@ -51,6 +50,9 @@ variable "aws_bastion_ami" {
 variable "aws_bastion_size" {
     description = "EC2 Instance Size of Bastion Host"
 }
+variable "aws_bastion_ssh_user" {
+    description = "Default SSH username for Bastion Host, depends on selected AMI"
+}
 
 /*
 * AWS EC2 Settings
@@ -84,6 +86,11 @@ variable "aws_kube_worker_size" {
 variable "aws_cluster_ami" {
     description = "AMI ID for Kubernetes Cluster"
 }
+
+variable "aws_cluster_ssh_user" {
+    description = "Default SSH username for Kubernetes Cluster, depends on selected AMI"
+}
+
 /*
 * AWS ELB Settings
 *