[MM-62747] add NFS support

[isacikgoz]

Summary

Adds EFS deployment capability

Ticket Link

https://mattermost.atlassian.net/browse/MM-62747

[agnivade]

Very interested to see the results of this. Have you run any tests yet?

[agnivade]

Ohh boy.

[agarciamontoro]

Oh boy indeed 😂 Maybe we should make use of modules for this. Having an s3 module that can be automatically switched on/off. Something like https://stackoverflow.com/a/72867545/3248221. I haven't ever tried that, so if that's too difficult/cumbersome, we could at least refactor this whole var.app_instance_count > 1 && var.s3_external_bucket_name == "" && !var.create_efs ? 1 : 0 into a new create_s3_resources variable. Thoughts?

[agnivade]

Why are we removing this?

[isacikgoz]

It's the only way to disable interactivity during install. I guess it will be required even if we are going to host the compiled binary.

[agnivade]

Can we just host the debian file somewhere that we can download and install? This is adding more complications to an already complicated and error-prone provisioning step.

[isacikgoz]

We can do so, maybe simply fork and host on github?

[agnivade]

Yep, that works.

[agarciamontoro]

Agree that we should try to make this a bit more reliable. At least using a specific tag of the repo. But I'm on board with the fork idea.

[agnivade]

Let's make this change as well to avoid making the debian. Just download from somewhere and do a dpkg -i

[agnivade]

t.initLoadTest already has this condition:

if len(t.output.Agents) == 0 {
	return errors.New("there are no agents to initialize load-test")
}

Do we still need this OR condition?

[isacikgoz]

Right, my addition was to avoid the error. I don't think having zero agents is a scenario we should fail. But I'm 0/5 as in the end this is a load test tool :)

[agnivade]

Hmm, would there be any use-case where you want to deploy app servers, but not agents?

But even if we did, then in that case, we can remove the if condition inside initLoadTest.

But let's confirm whether an error is needed or not - WDYT @agarciamontoro ?

[agarciamontoro]

This has been brought up before. I think it doesn't make a lot of sense right now, since we always want to run a load test, and for that we need agents. If we ended up splitting the tool in a deployer / loadtester pair, then that would make more sense. But I think we should always assume there's at least one agent. I'm happy to change my mind, but at least it should be in a separate PR, I feel it's a whole separate discussion.

[agnivade]

Let's change this @isacikgoz as per the above discussion.

[agnivade]

Let's use the const efsDirectory?

[agnivade]

This command is too complicated to read. Why the "||" with echo? Why are we doing tee but then redirecting to /dev/null? Why can't we do a >> to append?

[isacikgoz]

I wanted to add a check whether if it is already mounted. If not, we simply skip. For tee and /dev/null it's just syntactic taste :p

[agnivade]

What about cmd = fmt.Sprintf("grep -q %q /etc/fstab || sudo sh -c 'echo %q >> /etc/fstab'", efsDirectory, fstabEntry)?

[agnivade]

Instead of running the command, and then copying the same thing again in the svcScript, can we simply upload the script and then run the script as part of chmodding it - sudo chmod +x <file> && ./<file>?

[isacikgoz]

We need to change mod on every reboot otherwise ownership is set to root. I couldn't find a better workaround for that. That's why I had to create the service.

[agnivade]

Yeah sure. All I am saying is instead of running the chmod command separately, we can simply execute the file.

[agarciamontoro]

But do we need the script at all? Could we write ExecStart=chown -R ubuntu:ubuntu /mnt/mattermost-data directly in the unit file?

[agnivade]

Ah nice one!

[isacikgoz]

I guess we should do it in ExecStartPre then.

[isacikgoz]

I think this should get default if there is no vpc defined in the config.

[isacikgoz]

This was resulting with error if there were no agents. I think we should be able to deploy without agents. 0/5

[isacikgoz]

It's the only way to disable interactivity during install. I guess it will be required even if we are going to host the compiled binary.

[isacikgoz]

We can do so, maybe simply fork and host on github?

[isacikgoz]

Right, my addition was to avoid the error. I don't think having zero agents is a scenario we should fail. But I'm 0/5 as in the end this is a load test tool :)

[isacikgoz]

I wanted to add a check whether if it is already mounted. If not, we simply skip. For tee and /dev/null it's just syntactic taste :p

[isacikgoz]

We need to change mod on every reboot otherwise ownership is set to root. I couldn't find a better workaround for that. That's why I had to create the service.

[agarciamontoro]

This is great, @isacikgoz, thank you for all the work here!

I left a bunch of comments below, mostly nits, a few to discuss more in depth. The only other ask I have here is to add docs on the new config setting and update the config sample files (both json and toml) to add the setting there as well.

Thanks!

[agarciamontoro]

Should we make use of the ClusterSubnetIDs here if they are defined? Also, we have the variable cluster_vpc_id, which is configurable by the user.

[isacikgoz]

Ah yeah we should, let me add that.

[agarciamontoro]

Following the convention for the Name tag, this should be something like

Suggested change

	Name = "Shared-fs-${var.cluster_name}"
	Name = "${var.cluster_name}-shared-fs"

[agarciamontoro]

Can we also add Name tags to these in the form of "${var.cluster_name}-whatever-whatever"?

[isacikgoz]

We can add it to aws_efs_access_point but can't add it to aws_efs_mount_target, I'll go ahead and add only to the access point.

[agarciamontoro]

Why do we need for_each here? Can't we use count = var.create_efs ? 1 : 0 as well?

[isacikgoz]

@agarciamontoro We need to create mount target for each availability zone (by using the various subnets).

[agarciamontoro]

Here we should use a new entry in ClusterSubnetIDs. There's many examples of that in this file.

[isacikgoz]

I think we need to use the existing subnets, because this requires access from the other resources hence we create the targets accordingly.

[agarciamontoro]

Nit levels over 9000 (double new line):

Suggested change

	[Service]
	Type=simple
	ExecStart=/bin/bash -c "/opt/mount.sh"
	[Install]
	WantedBy=multi-user.target
	[Service]
	Type=simple
	ExecStart=/bin/bash -c "/opt/mount.sh"
	[Install]
	WantedBy=multi-user.target

[agarciamontoro]

Let's take #881 into account in case it's merged before this one. cc/@fmartingr

[agarciamontoro]

Nit: can we make this a multiline? Something like

Suggested change

	fstabEntry := fmt.Sprintf("%s.efs.%s.amazonaws.com:/ %s nfs4 nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport,_netdev 0 0", t.output.EFSAccessPoint.FileSystemId, t.config.AWSRegion, efsDirectory)
	fstabEntry := fmt.Sprintf("%s.efs.%s.amazonaws.com:/ %s nfs4 nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport,_netdev 0 0",
	t.output.EFSAccessPoint.FileSystemId,
	t.config.AWSRegion,
	efsDirectory)

[agarciamontoro]

But do we need the script at all? Could we write ExecStart=chown -R ubuntu:ubuntu /mnt/mattermost-data directly in the unit file?

[agarciamontoro]

Does this work directly? Don't we need something like sudo systemctl daemon-reload after uploading the file and before starting the service?

[isacikgoz]

I think it works directly, at least it seemed to work 😅

[agnivade]

Just 2 things to take care of. Looking good.

[agnivade]

Let's change this @isacikgoz as per the above discussion.

[agnivade]

Let's make this change as well to avoid making the debian. Just download from somewhere and do a dpkg -i