├── roles ├── gcp_rhel_vm │ ├── tests │ │ ├── inventory │ │ └── test.yml │ ├── handlers │ │ └── main.yml │ ├── defaults │ │ └── main.yml │ ├── tasks │ │ ├── download_tf_module.yml │ │ ├── main.yml │ │ ├── rhel_vm.yml │ │ └── output.yml │ ├── vars │ │ └── main.yml │ ├── meta │ │ └── main.yml │ └── README.md ├── gcp_linux_fastchat_simple │ ├── tests │ │ ├── inventory │ │ └── test.yml │ ├── handlers │ │ └── main.yml │ ├── defaults │ │ └── main.yml │ ├── tasks │ │ ├── download_tf_module.yml │ │ ├── cloud_init_config.yml │ │ ├── fw_security.yml │ │ ├── main.yml │ │ ├── fastchat.yml │ │ └── read_tfstate.yml │ ├── vars │ │ └── main.yml │ ├── meta │ │ └── main.yml │ └── README.md └── gcp_linux_stable_diffusion │ ├── tests │ ├── inventory │ └── test.yml │ ├── handlers │ └── main.yml │ ├── defaults │ └── main.yml │ ├── tasks │ ├── download_tf_module.yml │ ├── cloud_init_config.yml │ ├── fw_security.yml │ ├── main.yml │ ├── stable_diffusion.yml │ └── read_tfstate.yml │ ├── vars │ └── main.yml │ ├── meta │ └── main.yml │ └── README.md ├── requirements.yml ├── requirements.txt ├── playbooks ├── intel_gcp_rhel_vm.yml ├── intel_gcp_linux_fastchat_simple.yml ├── intel_gcp_linux_stable_diffusion.yml └── intel_gcp_vm.yml ├── galaxy.yml ├── security.md ├── ansible.cfg ├── hosts ├── .gitignore ├── CONTRIBUTING.md ├── CODE_OF_CONDUCT.md ├── LICENSE.md └── README.md /roles/gcp_rhel_vm/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /requirements.yml: -------------------------------------------------------------------------------- 1 | --- 2 | collections: 3 | - google.cloud 4 | -------------------------------------------------------------------------------- /roles/gcp_linux_fastchat_simple/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /roles/gcp_linux_stable_diffusion/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | ansible==8.5.0 2 | requests >= 2.18.4 3 | google-auth >= 1.3.0 -------------------------------------------------------------------------------- /roles/gcp_rhel_vm/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for gcp_rhel_vm 3 | -------------------------------------------------------------------------------- /roles/gcp_linux_fastchat_simple/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for gcp_linux_fastchat_simple 3 | -------------------------------------------------------------------------------- /roles/gcp_linux_stable_diffusion/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for gcp_linux_stable_diffusion 3 | -------------------------------------------------------------------------------- /roles/gcp_rhel_vm/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - gcp_rhel_vm 6 | -------------------------------------------------------------------------------- /roles/gcp_rhel_vm/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for gcp_rhel_vm 3 | gcp_vm_tf_source: https://github.com/intel/terraform-intel-gcp-vm.git -------------------------------------------------------------------------------- /roles/gcp_linux_fastchat_simple/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - gcp_linux_fastchat_simple 6 | -------------------------------------------------------------------------------- /roles/gcp_linux_stable_diffusion/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - gcp_linux_stable_diffusion 6 | -------------------------------------------------------------------------------- /playbooks/intel_gcp_rhel_vm.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Run gcp_rhel_vm role 3 | hosts: localhost 4 | tasks: 5 | - name: Running a role gcp rhel vm 6 | ansible.builtin.import_role: 7 | name: gcp_rhel_vm 8 | vars: 9 | project: "your-gcp-project" 10 | gcp_rhel_vm_state: present 11 | 12 | -------------------------------------------------------------------------------- /roles/gcp_rhel_vm/tasks/download_tf_module.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for cloning terraform modules 3 | - name: Clone a github repository {{ gcp_vm_tf_source|basename }} 4 | ansible.builtin.git: 5 | repo: '{{ gcp_vm_tf_source }}' 6 | dest: '{{ gcp_vm_tf_module_path }}' 7 | clone: yes 8 | update: yes 9 | version: main 10 | 11 | -------------------------------------------------------------------------------- /roles/gcp_linux_stable_diffusion/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for gcp_linux_stable_diffusion 3 | tags: [] 4 | instance_name: '' 5 | vm_update: false 6 | instance_id: '' 7 | random_id: '' 8 | keypair_name: '' 9 | gcp_instance: '' 10 | gcp_info: 11 | instances: [] 12 | gcp_vm_tf_source: https://github.com/intel/terraform-intel-gcp-vm.git -------------------------------------------------------------------------------- /roles/gcp_linux_fastchat_simple/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for gcp_linux_fastchat_simple 3 | tags: [] 4 | instance_name: '' 5 | vm_update: false 6 | instance_id: '' 7 | random_id: '' 8 | keypair_name: '' 9 | gcp_instance: '' 10 | gcp_info: 11 | instances: [] 12 | gcp_vm_tf_source: https://github.com/intel/terraform-intel-gcp-vm.git 13 | -------------------------------------------------------------------------------- /roles/gcp_linux_fastchat_simple/tasks/download_tf_module.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for cloning terraform modules 3 | - name: Clone a github repository {{ gcp_vm_tf_source|basename }} 4 | ansible.builtin.git: 5 | repo: '{{ gcp_vm_tf_source }}' 6 | dest: '{{ gcp_vm_tf_module_path }}' 7 | clone: yes 8 | update: yes 9 | version: main 10 | 11 | -------------------------------------------------------------------------------- /roles/gcp_linux_stable_diffusion/tasks/download_tf_module.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for cloning terraform modules 3 | - name: Clone a github repository {{ gcp_vm_tf_source|basename }} 4 | ansible.builtin.git: 5 | repo: '{{ gcp_vm_tf_source }}' 6 | dest: '{{ gcp_vm_tf_module_path }}' 7 | clone: yes 8 | update: yes 9 | version: main 10 | 11 | -------------------------------------------------------------------------------- /playbooks/intel_gcp_linux_fastchat_simple.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Run gcp_linux_fastchat_simple role 3 | hosts: localhost 4 | tasks: 5 | - name: Running a role gcp linux fastchat simple 6 | ansible.builtin.import_role: 7 | name: gcp_linux_fastchat_simple 8 | vars: 9 | project: "your-gcp-project" 10 | fastchat_state: present 11 | 12 | -------------------------------------------------------------------------------- /playbooks/intel_gcp_linux_stable_diffusion.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Run gcp_linux_stable_diffusion role 3 | hosts: localhost 4 | tasks: 5 | - name: Running a role gcp linux stable diffusion 6 | ansible.builtin.import_role: 7 | name: gcp_linux_stable_diffusion 8 | vars: 9 | project: "your-gcp-project" 10 | gcp_vm_state: present 11 | 12 | -------------------------------------------------------------------------------- /galaxy.yml: -------------------------------------------------------------------------------- 1 | namespace: intel 2 | name: ansible_intel_gcp_vm 3 | version: 1.0.0 4 | readme: README.md 5 | authors: 6 | - Akhil D 7 | description: This module will create virtual machine in GCP, The instance is pre-configured with parameters. 8 | tags: 9 | - ansible 10 | - gcp 11 | - vm 12 | repository: 'https://github.com/OTCShare2/ansible-intel-gcp-vm' 13 | -------------------------------------------------------------------------------- /roles/gcp_linux_stable_diffusion/tasks/cloud_init_config.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Slurp the cloud_init config file 3 | ansible.builtin.slurp: 4 | src: '{{ gcp_vm_tf_module_path }}/{{ cloud_init_config_path }}/cloud_init.yml' 5 | register: cloud_init_output 6 | 7 | - set_fact: 8 | cloud_init_data: "{{ cloud_init_output['content'] | b64decode }}" 9 | 10 | - ansible.builtin.debug: 11 | var: cloud_init_data 12 | -------------------------------------------------------------------------------- /security.md: -------------------------------------------------------------------------------- 1 | # Security Policy 2 | Intel is committed to rapidly addressing security vulnerabilities affecting our customers and providing clear guidance on the solution, impact, severity and mitigation. 3 | 4 | ## Reporting a Vulnerability 5 | Please report any security vulnerabilities in this project utilizing the guidelines [here](https://www.intel.com/content/www/us/en/security-center/vulnerability-handling-guidelines.html). 6 | -------------------------------------------------------------------------------- /roles/gcp_linux_fastchat_simple/tasks/cloud_init_config.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Slurp the cloud_init config file 3 | ansible.builtin.slurp: 4 | src: '{{ gcp_vm_tf_module_path }}/{{ cloud_init_config_path }}/cloud_init.yml' 5 | register: cloud_init_output 6 | 7 | - set_fact: 8 | cloud_init_data: "{{ cloud_init_output['content'] | b64decode }}" 9 | 10 | - ansible.builtin.debug: 11 | var: cloud_init_data 12 | 13 | 14 | 15 | 16 | -------------------------------------------------------------------------------- /roles/gcp_rhel_vm/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for gcp_rhel_vm 3 | - name: Download Terraform modules 4 | ansible.builtin.include_tasks: 5 | file: download_tf_module.yml 6 | when: gcp_rhel_vm_state == "present" 7 | 8 | - name: Optimized Recipe for Red Hat Enterprise Linux (RHEL) VM 9 | ansible.builtin.include_tasks: 10 | file: rhel_vm.yml 11 | 12 | - name: Rhel vm output 13 | ansible.builtin.include_tasks: 14 | file: output.yml -------------------------------------------------------------------------------- /roles/gcp_rhel_vm/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for gcp_rhel_vm 3 | # build in 4 | role_name: '{{role_path|basename}}' 5 | ansible_python_interpreter: /usr/bin/python3 6 | 7 | # terraform path 8 | gcp_vm_tf_module_path: '/home/{{ansible_env.USER}}/{{ role_name }}/terraform/gcp_rhel_vm/' 9 | 10 | # rhel_vm 11 | gcp_rhel_vm_state: present 12 | boot_image_project: "rhel-cloud" 13 | boot_image_family: "rhel-8" 14 | gcp_rhel_vm_name: "vm1" 15 | access_config: 16 | - nat_ip: '' 17 | public_ptr_domain_name: '' 18 | network_tier: 'PREMIUM' 19 | zone: "us-central1-a" -------------------------------------------------------------------------------- /roles/gcp_linux_fastchat_simple/tasks/fw_security.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Create GCP Firewall Rule 3 | google.cloud.gcp_compute_firewall: 4 | state: '{{ fastchat_state }}' 5 | project: '{{ project }}' 6 | name: '{{ fw_name }}' 7 | network: '{{network_name}}' 8 | description: '{{ fw_description }}' 9 | allowed: '{{ fw_allowed }}' 10 | source_ranges: "{{ source_ranges }}" 11 | target_tags: "{{ target_tags }}" 12 | auth_kind: "{{ gcp_auth_kind }}" 13 | service_account_file: "{{ gcp_cred_file_path }}" 14 | register: gcp_output 15 | 16 | - debug: 17 | var: gcp_output 18 | -------------------------------------------------------------------------------- /roles/gcp_linux_stable_diffusion/tasks/fw_security.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Create GCP Firewall Rule 3 | google.cloud.gcp_compute_firewall: 4 | state: '{{ gcp_vm_state }}' 5 | project: '{{ project }}' 6 | name: '{{ fw_name }}' 7 | network: '{{ network_name }}' 8 | description: '{{ fw_description }}' 9 | allowed: '{{ fw_allowed }}' 10 | source_ranges: "{{ source_ranges }}" 11 | target_tags: "{{ target_tags }}" 12 | auth_kind: "{{ gcp_auth_kind }}" 13 | service_account_file: "{{ gcp_cred_file_path }}" 14 | register: gcp_fw_output 15 | 16 | - debug: 17 | var: gcp_fw_output 18 | -------------------------------------------------------------------------------- /ansible.cfg: -------------------------------------------------------------------------------- 1 | # Since Ansible 2.12 (core): 2 | # To generate an example config file (a "disabled" one with all default settings, commented out): 3 | # $ ansible-config init --disabled > ansible.cfg 4 | # 5 | # Also you can now have a more complete file by including existing plugins: 6 | # ansible-config init --disabled -t all > ansible.cfg 7 | 8 | # For previous versions of Ansible you can check for examples in the 'stable' branches of each version 9 | # Note that this file was always incomplete and lagging changes to configuration settings 10 | 11 | # for example, for 2.9: https://github.com/ansible/ansible/blob/stable-2.9/examples/ansible.cfg 12 | -------------------------------------------------------------------------------- /roles/gcp_linux_stable_diffusion/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for gcp_linux_stable_diffusion 3 | - name: Download Terraform modules 4 | ansible.builtin.include_tasks: 5 | file: download_tf_module.yml 6 | when: gcp_vm_state == "present" 7 | 8 | - name: Read TF state 9 | ansible.builtin.include_tasks: 10 | file: read_tfstate.yml 11 | 12 | - name: encrypt Cloud init file 13 | ansible.builtin.include_tasks: 14 | file: cloud_init_config.yml 15 | 16 | - name: Optimized Recipe for GCP linux stable diffusion 17 | ansible.builtin.include_tasks: 18 | file: stable_diffusion.yml 19 | 20 | - name: Optimized Recipe for fw security 21 | ansible.builtin.include_tasks: 22 | file: fw_security.yml 23 | -------------------------------------------------------------------------------- /roles/gcp_rhel_vm/tasks/rhel_vm.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: 'Check mandatory variables are defined' 3 | assert: 4 | that: 5 | - project is defined 6 | 7 | - name: Create GCP Linux VM with Rhel image 8 | community.general.terraform: 9 | project_path: '{{ gcp_vm_tf_module_path }}' 10 | state: '{{ gcp_rhel_vm_state }}' 11 | force_init: true 12 | complex_vars: true 13 | variables: 14 | project: '{{ project }}' 15 | boot_image_project: '{{ boot_image_project }}' 16 | boot_image_family: '{{ boot_image_family }}' 17 | name: '{{ gcp_rhel_vm_name }}' 18 | access_config: '{{ access_config }}' 19 | zone: '{{ zone }}' 20 | register: gcp_vm_output 21 | 22 | - debug: 23 | var: gcp_vm_output -------------------------------------------------------------------------------- /roles/gcp_linux_fastchat_simple/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for gcp_linux_fastchat simple 3 | - name: Download Terraform modules 4 | ansible.builtin.include_tasks: 5 | file: download_tf_module.yml 6 | when: fastchat_state == "present" 7 | 8 | - name: Read TF state 9 | ansible.builtin.include_tasks: 10 | file: read_tfstate.yml 11 | 12 | - name: encrypt Cloud init file 13 | ansible.builtin.include_tasks: 14 | file: cloud_init_config.yml 15 | 16 | - name: Optimized Recipe for FastChat 17 | ansible.builtin.include_tasks: 18 | file: fastchat.yml 19 | 20 | - name: Optimized Recipe for fw security 21 | ansible.builtin.include_tasks: 22 | file: fw_security.yml 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | -------------------------------------------------------------------------------- /roles/gcp_rhel_vm/tasks/output.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - set_fact: 3 | gcp_rhel_vm_instance : '{{ gcp_vm_output.outputs }}' 4 | when: gcp_vm_output.outputs | length > 0 5 | 6 | - name: Validating gcp_rhel_vm_instance output 7 | fail: 8 | msg: "gcp_rhel_vm_instance instance got an error" 9 | when: gcp_vm_output.outputs | length == 0 10 | 11 | - name: Displaying rhel vm output 12 | ansible.builtin.debug: 13 | msg: 14 | - "name: {{ gcp_rhel_vm_instance.name.value }}" 15 | - "instance_id: {{ gcp_rhel_vm_instance.instance_id.value }}" 16 | - "cpu_platform: {{ gcp_rhel_vm_instance.cpu_platform.value }}" 17 | - "boot_disk_family: {{ gcp_rhel_vm_instance.boot_disk_size.value }}" 18 | - "machine_type: {{ gcp_rhel_vm_instance.machine_type.value }}" 19 | 20 | -------------------------------------------------------------------------------- /hosts: -------------------------------------------------------------------------------- 1 | # This is the default ansible 'hosts' file. 2 | # 3 | # It should live in /etc/ansible/hosts 4 | # 5 | # - Comments begin with the '#' character 6 | # - Blank lines are ignored 7 | # - Groups of hosts are delimited by [header] elements 8 | # - You can enter hostnames or ip addresses 9 | # - A hostname/ip can be a member of multiple groups 10 | 11 | # Ex 1: Ungrouped hosts, specify before any group headers: 12 | 13 | ## green.example.com 14 | ## blue.example.com 15 | ## 192.168.100.1 16 | ## 192.168.100.10 17 | 18 | # Ex 2: A collection of hosts belonging to the 'webservers' group: 19 | 20 | ## [webservers] 21 | ## alpha.example.org 22 | ## beta.example.org 23 | ## 192.168.1.100 24 | ## 192.168.1.110 25 | 26 | # If you have multiple hosts following a pattern, you can specify 27 | # them like this: 28 | 29 | ## www[001:006].example.com 30 | 31 | # Ex 3: A collection of database servers in the 'dbservers' group: 32 | 33 | ## [dbservers] 34 | ## 35 | ## db01.intranet.mydomain.net 36 | ## db02.intranet.mydomain.net 37 | ## 10.25.1.56 38 | ## 10.25.1.57 39 | 40 | # Here's another example of host ranges, this time there are no 41 | # leading 0s: 42 | 43 | ## db-[99:101]-node.example.com 44 | 45 | -------------------------------------------------------------------------------- /roles/gcp_linux_stable_diffusion/tasks/stable_diffusion.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: 'Check mandatory variables are defined' 3 | assert: 4 | that: 5 | - project is defined 6 | 7 | - name: Create random string 8 | set_fact: 9 | random_id: "{{ lookup('community.general.random_string', length=12, min_special=0, special=false, lower=false, upper=false) }}" 10 | when: gcp_vm_state == "present" and vm_update == false 11 | 12 | - debug: 13 | var: random_id 14 | 15 | - name: Create GCP Linux VM with Optimized Cloud Recipe for Stable Diffusion 16 | community.general.terraform: 17 | project_path: '{{ gcp_vm_tf_module_path }}' 18 | state: '{{ gcp_vm_state }}' 19 | force_init: true 20 | complex_vars: true 21 | variables: 22 | project: '{{ project }}' 23 | boot_image_project: '{{ boot_image_project }}' 24 | boot_image_family: '{{ boot_image_family }}' 25 | name: '{{ gcp_vm_name }}' 26 | zone: '{{ zone }}' 27 | machine_type: '{{ machine_type }}' 28 | allow_stopping_for_update: true 29 | tags: '{{ vm_tags }}' 30 | user_data: '{{ cloud_init_data }}' 31 | access_config: '{{ access_config }}' 32 | register: gcp_vm_output 33 | 34 | - debug: 35 | var: gcp_vm_output 36 | 37 | -------------------------------------------------------------------------------- /playbooks/intel_gcp_vm.yml: -------------------------------------------------------------------------------- 1 | - hosts: localhost 2 | vars: 3 | terraform_source: https://github.com/intel/terraform-intel-gcp-vm.git 4 | tasks: 5 | - set_fact: 6 | terraform_module_download_path: '/home/{{ansible_env.USER}}/terraform/main/intel_gcp_vm/' 7 | 8 | - name: Clone a github repository 9 | git: 10 | repo: '{{ terraform_source }}' 11 | dest: '{{ terraform_module_download_path }}' 12 | clone: yes 13 | update: yes 14 | version: main 15 | 16 | - name: GCP VM Module 17 | community.general.terraform: 18 | project_path: '{{ terraform_module_download_path }}' 19 | state: present 20 | force_init: true 21 | complex_vars: true 22 | # for additional variables 23 | # https://github.com/intel/terraform-intel-gcp-vm/blob/main/variables.tf 24 | variables: 25 | name: gcp-vm-playbook 26 | project: "your-gcp-project" 27 | boot_image_project: "ubuntu-os-cloud" 28 | boot_image_family: "ubuntu-2204-lts" 29 | zone: "us-central1-a" 30 | machine_type: "c3-standard-4" 31 | allow_stopping_for_update: true 32 | register: vm_output 33 | 34 | - debug: 35 | var: vm_output 36 | -------------------------------------------------------------------------------- /roles/gcp_linux_stable_diffusion/tasks/read_tfstate.yml: -------------------------------------------------------------------------------- 1 | - name: Read terraform output 2 | command: chdir='{{ gcp_vm_tf_module_path }}' terraform output -json 3 | register: gcp_vm_output_tf_output 4 | 5 | - debug: 6 | var: gcp_vm_output_tf_output 7 | 8 | - set_fact: 9 | gcp_vm_output_tf_output: "{{ gcp_vm_output_tf_output.stdout }}" 10 | 11 | - debug: 12 | var: gcp_vm_output_tf_output 13 | 14 | - block: 15 | - name: "Checking Terraform resource" 16 | debug: 17 | msg: "Terraform cannot delete the resource because it is not found in the state file. Manual intervention is required." 18 | - meta: end_play 19 | when: gcp_vm_state == 'absent' and gcp_vm_output_tf_output | length == 0 20 | 21 | - set_fact: 22 | instance_id: "{{ gcp_vm_output_tf_output.id.value }}" 23 | instance_name: "{{ gcp_vm_output_tf_output.name.value }}" 24 | when: gcp_vm_output_tf_output | length > 0 25 | 26 | - set_fact: 27 | random_id: "{{ instance_name.split('-')[-1] }}" 28 | when: instance_name | length > 0 29 | 30 | - set_fact: 31 | vm_update: true 32 | when: gcp_vm_state == 'present' and instance_id | length > 0 33 | 34 | - ansible.builtin.debug: 35 | msg: 36 | - "instance_id: {{ instance_id }}" 37 | - "random_id: {{ random_id }}" 38 | 39 | -------------------------------------------------------------------------------- /roles/gcp_linux_fastchat_simple/tasks/fastchat.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks for optimized-mysql-server CURD operations 3 | - name: 'Check mandatory variables are defined' 4 | assert: 5 | that: 6 | - project is defined 7 | 8 | - name: Create random string 9 | set_fact: 10 | random_id: "{{ lookup('community.general.random_string', length=12, min_special=0, special=false, lower=false, upper=false) }}" 11 | when: fastchat_state == "present" and vm_update == false 12 | 13 | - debug: 14 | var: random_id 15 | 16 | - name: Create GCP Linux VM with Intel Cloud Optimized Recipe for FastChat 17 | community.general.terraform: 18 | project_path: '{{ gcp_vm_tf_module_path }}' 19 | state: '{{ fastchat_state }}' 20 | force_init: true 21 | complex_vars: true 22 | variables: 23 | project: '{{ project }}' 24 | boot_image_project: '{{ boot_image_project }}' 25 | boot_image_family: '{{ boot_image_family }}' 26 | name: '{{ fastchat_vm_name }}' 27 | zone: '{{ zone }}' 28 | machine_type: '{{ machine_type }}' 29 | allow_stopping_for_update: true 30 | tags: "{{ vm_tags }}" 31 | user_data: '{{ cloud_init_data }}' 32 | access_config: '{{ access_config }}' 33 | register: fastchat_output 34 | 35 | - debug: 36 | var: fastchat_output 37 | 38 | -------------------------------------------------------------------------------- /roles/gcp_linux_fastchat_simple/tasks/read_tfstate.yml: -------------------------------------------------------------------------------- 1 | - name: Read terraform output 2 | command: chdir='{{ gcp_vm_tf_module_path }}' terraform output -json 3 | register: fastchat_output_tf_output 4 | 5 | - debug: 6 | var: fastchat_output_tf_output 7 | 8 | - set_fact: 9 | fastchat_output_tf_output: "{{ fastchat_output_tf_output.stdout }}" 10 | 11 | - debug: 12 | var: fastchat_output_tf_output 13 | 14 | - block: 15 | - name: "Checking Terraform resource" 16 | debug: 17 | msg: "Terraform cannot delete the resource because it is not found in the state file. Manual intervention is required." 18 | - meta: end_play 19 | when: fastchat_state == 'absent' and fastchat_output_tf_output | length == 0 20 | 21 | - set_fact: 22 | instance_id: "{{ fastchat_output_tf_output.id.value }}" 23 | instance_name: "{{ fastchat_output_tf_output.name.value }}" 24 | when: fastchat_output_tf_output | length > 0 25 | 26 | - set_fact: 27 | random_id: "{{ instance_name.split('-')[-1] }}" 28 | when: instance_name | length > 0 29 | 30 | - set_fact: 31 | vm_update: true 32 | when: fastchat_state == 'present' and instance_id | length > 0 33 | 34 | - ansible.builtin.debug: 35 | msg: 36 | - "instance_id: {{ instance_id }}" 37 | - "random_id: {{ random_id }}" 38 | 39 | -------------------------------------------------------------------------------- /roles/gcp_linux_stable_diffusion/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for gcp_linux_stable_diffusion 3 | # build in 4 | role_name: '{{role_path|basename}}' 5 | ansible_python_interpreter: /usr/bin/python3 6 | 7 | # terraform path 8 | gcp_vm_tf_module_path: '/home/{{ansible_env.USER}}/{{ role_name }}/terraform/gcp_linux_stable_diffusion/' 9 | 10 | # cloud init path 11 | cloud_init_config_path: examples/gcp-linux-stable-diffusion/ 12 | 13 | # stable_diffusion vm 14 | gcp_vm_state: present 15 | boot_image_project: "ubuntu-os-cloud" 16 | boot_image_family: "ubuntu-2204-lts" 17 | gcp_vm_name: "intel-diffusion-{{random_id}}" 18 | machine_type: "c3-standard-44" 19 | vm_tags: ["diffusion-{{random_id}}"] 20 | zone: "us-central1-a" 21 | access_config: 22 | - nat_ip: '' 23 | public_ptr_domain_name: '' 24 | network_tier: 'PREMIUM' 25 | 26 | # firewall security 27 | fw_name: "diffusion-firewall-{{random_id}}" 28 | fw_description: "Allows access to Stable Diffusion" 29 | network_name: {"selfLink": "global/networks/default"} 30 | ip_protocol: tcp 31 | ports: ["22", "5000", "5001", "7860"] 32 | fw_allowed: 33 | - ip_protocol: '{{ ip_protocol }}' 34 | ports: '{{ ports }}' 35 | target_tags: ["diffusion-{{random_id}}"] 36 | source_ranges: ["0.0.0.0/0"] 37 | gcp_auth_kind: "serviceaccount" 38 | gcp_cred_file_path: "/tmp/gcp_cred.json" -------------------------------------------------------------------------------- /roles/gcp_linux_fastchat_simple/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for intel_optimized_mysql_server_vpc_creation 3 | # build in 4 | role_name: '{{role_path|basename}}' 5 | ansible_python_interpreter: /usr/bin/python3 6 | 7 | # terraform path 8 | gcp_vm_tf_module_path: '/home/{{ansible_env.USER}}/{{ role_name }}/terraform/gcp_linux_fastchat/' 9 | 10 | # cloud init path 11 | cloud_init_config_path: examples/gcp-linux-fastchat-simple/ 12 | 13 | # fastchat.yml 14 | fastchat_state: present 15 | fastchat_vm_name: "intel-fastchat-{{random_id}}" 16 | boot_image_project: "ubuntu-os-cloud" 17 | boot_image_family: "ubuntu-2204-lts" 18 | machine_type: "c3-standard-22" 19 | zone: "us-central1-a" 20 | vm_tags: ["fschat-{{random_id}}"] 21 | access_config: 22 | - nat_ip: '' 23 | public_ptr_domain_name: '' 24 | network_tier: 'PREMIUM' 25 | 26 | 27 | # firewall security.yml 28 | fw_name: "intel-fastchat-firewall-{{random_id}}" 29 | fw_description: "Allows access to FastChat Webserver" 30 | network_name: {"selfLink": "global/networks/default"} 31 | ip_protocol: tcp 32 | ports: ["22", "5000", "5001", "7860"] 33 | fw_allowed: 34 | - ip_protocol: '{{ ip_protocol }}' 35 | ports: '{{ ports }}' 36 | target_tags: ["fschat-{{random_id}}"] 37 | source_ranges: ["0.0.0.0/0"] 38 | gcp_auth_kind: "serviceaccount" 39 | gcp_cred_file_path: "/tmp/gcp_cred.json" 40 | 41 | 42 | -------------------------------------------------------------------------------- /roles/gcp_rhel_vm/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your role description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Choose a valid license ID from https://spdx.org - some suggested licenses: 11 | # - BSD-3-Clause (default) 12 | # - MIT 13 | # - GPL-2.0-or-later 14 | # - GPL-3.0-only 15 | # - Apache-2.0 16 | # - CC-BY-4.0 17 | license: license (GPL-2.0-or-later, MIT, etc) 18 | 19 | min_ansible_version: 2.1 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # 25 | # Provide a list of supported platforms, and for each platform a list of versions. 26 | # If you don't wish to enumerate all versions for a particular platform, use 'all'. 27 | # To view available platforms and versions (or releases), visit: 28 | # https://galaxy.ansible.com/api/v1/platforms/ 29 | # 30 | # platforms: 31 | # - name: Fedora 32 | # versions: 33 | # - all 34 | # - 25 35 | # - name: SomePlatform 36 | # versions: 37 | # - all 38 | # - 1.0 39 | # - 7 40 | # - 99.99 41 | 42 | galaxy_tags: [] 43 | # List tags for your role here, one per line. A tag is a keyword that describes 44 | # and categorizes the role. Users find roles by searching for tags. Be sure to 45 | # remove the '[]' above, if you add tags to this list. 46 | # 47 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 48 | # Maximum 20 tags per role. 49 | 50 | dependencies: [] 51 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 52 | # if you add dependencies to this list. 53 | -------------------------------------------------------------------------------- /roles/gcp_linux_fastchat_simple/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your role description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Choose a valid license ID from https://spdx.org - some suggested licenses: 11 | # - BSD-3-Clause (default) 12 | # - MIT 13 | # - GPL-2.0-or-later 14 | # - GPL-3.0-only 15 | # - Apache-2.0 16 | # - CC-BY-4.0 17 | license: license (GPL-2.0-or-later, MIT, etc) 18 | 19 | min_ansible_version: 2.1 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # 25 | # Provide a list of supported platforms, and for each platform a list of versions. 26 | # If you don't wish to enumerate all versions for a particular platform, use 'all'. 27 | # To view available platforms and versions (or releases), visit: 28 | # https://galaxy.ansible.com/api/v1/platforms/ 29 | # 30 | # platforms: 31 | # - name: Fedora 32 | # versions: 33 | # - all 34 | # - 25 35 | # - name: SomePlatform 36 | # versions: 37 | # - all 38 | # - 1.0 39 | # - 7 40 | # - 99.99 41 | 42 | galaxy_tags: [] 43 | # List tags for your role here, one per line. A tag is a keyword that describes 44 | # and categorizes the role. Users find roles by searching for tags. Be sure to 45 | # remove the '[]' above, if you add tags to this list. 46 | # 47 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 48 | # Maximum 20 tags per role. 49 | 50 | dependencies: [] 51 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 52 | # if you add dependencies to this list. 53 | -------------------------------------------------------------------------------- /roles/gcp_linux_stable_diffusion/meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: your name 3 | description: your role description 4 | company: your company (optional) 5 | 6 | # If the issue tracker for your role is not on github, uncomment the 7 | # next line and provide a value 8 | # issue_tracker_url: http://example.com/issue/tracker 9 | 10 | # Choose a valid license ID from https://spdx.org - some suggested licenses: 11 | # - BSD-3-Clause (default) 12 | # - MIT 13 | # - GPL-2.0-or-later 14 | # - GPL-3.0-only 15 | # - Apache-2.0 16 | # - CC-BY-4.0 17 | license: license (GPL-2.0-or-later, MIT, etc) 18 | 19 | min_ansible_version: 2.1 20 | 21 | # If this a Container Enabled role, provide the minimum Ansible Container version. 22 | # min_ansible_container_version: 23 | 24 | # 25 | # Provide a list of supported platforms, and for each platform a list of versions. 26 | # If you don't wish to enumerate all versions for a particular platform, use 'all'. 27 | # To view available platforms and versions (or releases), visit: 28 | # https://galaxy.ansible.com/api/v1/platforms/ 29 | # 30 | # platforms: 31 | # - name: Fedora 32 | # versions: 33 | # - all 34 | # - 25 35 | # - name: SomePlatform 36 | # versions: 37 | # - all 38 | # - 1.0 39 | # - 7 40 | # - 99.99 41 | 42 | galaxy_tags: [] 43 | # List tags for your role here, one per line. A tag is a keyword that describes 44 | # and categorizes the role. Users find roles by searching for tags. Be sure to 45 | # remove the '[]' above, if you add tags to this list. 46 | # 47 | # NOTE: A tag is limited to a single word comprised of alphanumeric characters. 48 | # Maximum 20 tags per role. 49 | 50 | dependencies: [] 51 | # List your role dependencies here, one per line. Be sure to remove the '[]' above, 52 | # if you add dependencies to this list. 53 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Byte-compiled / optimized / DLL files 2 | __pycache__/ 3 | *.py[cod] 4 | *$py.class 5 | ansible.cfg 6 | 7 | # C extensions 8 | *.so 9 | 10 | # PyInstaller 11 | # Usually these files are written by a python script from a template 12 | # before PyInstaller builds the exe, so as to inject date/other infos into it. 13 | *.manifest 14 | *.spec 15 | 16 | # Installer logs 17 | pip-log.txt 18 | pip-delete-this-directory.txt 19 | 20 | # Unit test / coverage reports 21 | htmlcov/ 22 | .tox/ 23 | .nox/ 24 | .coverage 25 | .coverage.* 26 | .cache 27 | nosetests.xml 28 | coverage.xml 29 | *.cover 30 | *.py,cover 31 | .hypothesis/ 32 | .pytest_cache/ 33 | 34 | # Translations 35 | *.mo 36 | *.pot 37 | 38 | # Django stuff: 39 | *.log 40 | local_settings.py 41 | db.sqlite3 42 | db.sqlite3-journal 43 | 44 | # Flask stuff: 45 | instance/ 46 | .webassets-cache 47 | 48 | # Scrapy stuff: 49 | .scrapy 50 | 51 | # Sphinx documentation 52 | docs/_build/ 53 | 54 | # PyBuilder 55 | target/ 56 | 57 | # Jupyter Notebook 58 | .ipynb_checkpoints 59 | 60 | # IPython 61 | profile_default/ 62 | ipython_config.py 63 | 64 | # pyenv 65 | .python-version 66 | 67 | # pipenv 68 | # According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control. 69 | # However, in case of collaboration, if having platform-specific dependencies or dependencies 70 | # having no cross-platform support, pipenv may install dependencies that don't work, or not 71 | # install all needed dependencies. 72 | #Pipfile.lock 73 | 74 | # PEP 582; used by e.g. github.com/David-OConnor/pyflow 75 | __pypackages__/ 76 | 77 | # Celery stuff 78 | celerybeat-schedule 79 | celerybeat.pid 80 | 81 | # SageMath parsed files 82 | *.sage.py 83 | 84 | # Environments 85 | .env 86 | .venv 87 | env/ 88 | venv/ 89 | ENV/ 90 | env.bak/ 91 | venv.bak/ 92 | 93 | # Spyder project settings 94 | .spyderproject 95 | .spyproject 96 | 97 | # Rope project settings 98 | .ropeproject 99 | 100 | # mkdocs documentation 101 | /site 102 | 103 | # mypy 104 | .mypy_cache/ 105 | .dmypy.json 106 | dmypy.json 107 | 108 | # Pyre type checker 109 | .pyre/ 110 | 111 | # inventory 112 | *.ini 113 | 114 | context/ 115 | 116 | # inventory/vars for testing 117 | testing.inventory.yml 118 | testing.extra-vars.yml 119 | 120 | # IDEs 121 | .idea 122 | 123 | # Changelogs 124 | changelogs/.plugin-cache.yaml 125 | 126 | # VSCode settings file 127 | /.vscode/settings.json -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # Contributing 2 | 3 | ### License 4 | 5 | is licensed under the terms in [LICENSE]. By contributing to the project, you agree to the license and copyright terms therein and release your contribution under these terms. 6 | 7 | ### Sign your work 8 | 9 | Please use the sign-off line at the end of the patch. Your signature certifies that you wrote the patch or otherwise have the right to pass it on as an open-source patch. The rules are pretty simple: if you can certify 10 | the below (from [developercertificate.org](http://developercertificate.org/)): 11 | 12 | ``` 13 | Developer Certificate of Origin 14 | Version 1.1 15 | 16 | Copyright (C) 2004, 2006 The Linux Foundation and its contributors. 17 | 660 York Street, Suite 102, 18 | San Francisco, CA 94110 USA 19 | 20 | Everyone is permitted to copy and distribute verbatim copies of this 21 | license document, but changing it is not allowed. 22 | 23 | Developer's Certificate of Origin 1.1 24 | 25 | By making a contribution to this project, I certify that: 26 | 27 | (a) The contribution was created in whole or in part by me and I 28 | have the right to submit it under the open source license 29 | indicated in the file; or 30 | 31 | (b) The contribution is based upon previous work that, to the best 32 | of my knowledge, is covered under an appropriate open source 33 | license and I have the right under that license to submit that 34 | work with modifications, whether created in whole or in part 35 | by me, under the same open source license (unless I am 36 | permitted to submit under a different license), as indicated 37 | in the file; or 38 | 39 | (c) The contribution was provided directly to me by some other 40 | person who certified (a), (b) or (c) and I have not modified 41 | it. 42 | 43 | (d) I understand and agree that this project and the contribution 44 | are public and that a record of the contribution (including all 45 | personal information I submit with it, including my sign-off) is 46 | maintained indefinitely and may be redistributed consistent with 47 | this project or the open source license(s) involved. 48 | ``` 49 | 50 | Then you just add a line to every git commit message: 51 | 52 | Signed-off-by: Joe Smith 53 | 54 | Use your real name (sorry, no pseudonyms or anonymous contributions.) 55 | 56 | If you set your `user.name` and `user.email` git configs, you can sign your 57 | commit automatically with `git commit -s`. 58 | -------------------------------------------------------------------------------- /CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- 1 | # Contributor Covenant Code of Conduct 2 | 3 | ## Our Pledge 4 | 5 | We as members, contributors, and leaders pledge to make participation in our 6 | community a harassment-free experience for everyone, regardless of age, body 7 | size, visible or invisible disability, ethnicity, sex characteristics, gender 8 | identity and expression, level of experience, education, socio-economic status, 9 | nationality, personal appearance, race, caste, color, religion, or sexual 10 | identity and orientation. 11 | 12 | We pledge to act and interact in ways that contribute to an open, welcoming, 13 | diverse, inclusive, and healthy community. 14 | 15 | ## Our Standards 16 | 17 | Examples of behavior that contributes to a positive environment for our 18 | community include: 19 | 20 | * Demonstrating empathy and kindness toward other people 21 | * Being respectful of differing opinions, viewpoints, and experiences 22 | * Giving and gracefully accepting constructive feedback 23 | * Accepting responsibility and apologizing to those affected by our mistakes, 24 | and learning from the experience 25 | * Focusing on what is best not just for us as individuals, but for the overall 26 | community 27 | 28 | Examples of unacceptable behavior include: 29 | 30 | * The use of sexualized language or imagery, and sexual attention or advances of 31 | any kind 32 | * Trolling, insulting or derogatory comments, and personal or political attacks 33 | * Public or private harassment 34 | * Publishing others' private information, such as a physical or email address, 35 | without their explicit permission 36 | * Other conduct which could reasonably be considered inappropriate in a 37 | professional setting 38 | 39 | ## Enforcement Responsibilities 40 | 41 | Community leaders are responsible for clarifying and enforcing our standards of 42 | acceptable behavior and will take appropriate and fair corrective action in 43 | response to any behavior that they deem inappropriate, threatening, offensive, 44 | or harmful. 45 | 46 | Community leaders have the right and responsibility to remove, edit, or reject 47 | comments, commits, code, wiki edits, issues, and other contributions that are 48 | not aligned to this Code of Conduct, and will communicate reasons for moderation 49 | decisions when appropriate. 50 | 51 | ## Scope 52 | 53 | This Code of Conduct applies within all community spaces, and also applies when 54 | an individual is officially representing the community in public spaces. 55 | Examples of representing our community include using an official e-mail address, 56 | posting via an official social media account, or acting as an appointed 57 | representative at an online or offline event. 58 | 59 | ## Enforcement 60 | 61 | Instances of abusive, harassing, or otherwise unacceptable behavior may be 62 | reported to the community leaders responsible for enforcement at 63 | CommunityCodeOfConduct AT intel DOT com. 64 | All complaints will be reviewed and investigated promptly and fairly. 65 | 66 | All community leaders are obligated to respect the privacy and security of the 67 | reporter of any incident. 68 | 69 | ## Enforcement Guidelines 70 | 71 | Community leaders will follow these Community Impact Guidelines in determining 72 | the consequences for any action they deem in violation of this Code of Conduct: 73 | 74 | ### 1. Correction 75 | 76 | **Community Impact**: Use of inappropriate language or other behavior deemed 77 | unprofessional or unwelcome in the community. 78 | 79 | **Consequence**: A private, written warning from community leaders, providing 80 | clarity around the nature of the violation and an explanation of why the 81 | behavior was inappropriate. A public apology may be requested. 82 | 83 | ### 2. Warning 84 | 85 | **Community Impact**: A violation through a single incident or series of 86 | actions. 87 | 88 | **Consequence**: A warning with consequences for continued behavior. No 89 | interaction with the people involved, including unsolicited interaction with 90 | those enforcing the Code of Conduct, for a specified period of time. This 91 | includes avoiding interactions in community spaces as well as external channels 92 | like social media. Violating these terms may lead to a temporary or permanent 93 | ban. 94 | 95 | ### 3. Temporary Ban 96 | 97 | **Community Impact**: A serious violation of community standards, including 98 | sustained inappropriate behavior. 99 | 100 | **Consequence**: A temporary ban from any sort of interaction or public 101 | communication with the community for a specified period of time. No public or 102 | private interaction with the people involved, including unsolicited interaction 103 | with those enforcing the Code of Conduct, is allowed during this period. 104 | Violating these terms may lead to a permanent ban. 105 | 106 | ### 4. Permanent Ban 107 | 108 | **Community Impact**: Demonstrating a pattern of violation of community 109 | standards, including sustained inappropriate behavior, harassment of an 110 | individual, or aggression toward or disparagement of classes of individuals. 111 | 112 | **Consequence**: A permanent ban from any sort of public interaction within the 113 | community. 114 | 115 | ## Attribution 116 | 117 | This Code of Conduct is adapted from the [Contributor Covenant][homepage], 118 | version 2.1, available at 119 | [https://www.contributor-covenant.org/version/2/1/code_of_conduct.html][v2.1]. 120 | 121 | Community Impact Guidelines were inspired by 122 | [Mozilla's code of conduct enforcement ladder][Mozilla CoC]. 123 | 124 | For answers to common questions about this code of conduct, see the FAQ at 125 | [https://www.contributor-covenant.org/faq][FAQ]. Translations are available at 126 | [https://www.contributor-covenant.org/translations][translations]. 127 | 128 | [homepage]: https://www.contributor-covenant.org 129 | [v2.1]: https://www.contributor-covenant.org/version/2/1/code_of_conduct.html 130 | [Mozilla CoC]: https://github.com/mozilla/diversity 131 | [FAQ]: https://www.contributor-covenant.org/faq 132 | -------------------------------------------------------------------------------- /LICENSE.md: -------------------------------------------------------------------------------- 1 | 2 | Apache License 3 | Version 2.0, January 2004 4 | http://www.apache.org/licenses/ 5 | 6 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 7 | 8 | 1. Definitions. 9 | 10 | "License" shall mean the terms and conditions for use, reproduction, 11 | and distribution as defined by Sections 1 through 9 of this document. 12 | 13 | "Licensor" shall mean the copyright owner or entity authorized by 14 | the copyright owner that is granting the License. 15 | 16 | "Legal Entity" shall mean the union of the acting entity and all 17 | other entities that control, are controlled by, or are under common 18 | control with that entity. For the purposes of this definition, 19 | "control" means (i) the power, direct or indirect, to cause the 20 | direction or management of such entity, whether by contract or 21 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 22 | outstanding shares, or (iii) beneficial ownership of such entity. 23 | 24 | "You" (or "Your") shall mean an individual or Legal Entity 25 | exercising permissions granted by this License. 26 | 27 | "Source" form shall mean the preferred form for making modifications, 28 | including but not limited to software source code, documentation 29 | source, and configuration files. 30 | 31 | "Object" form shall mean any form resulting from mechanical 32 | transformation or translation of a Source form, including but 33 | not limited to compiled object code, generated documentation, 34 | and conversions to other media types. 35 | 36 | "Work" shall mean the work of authorship, whether in Source or 37 | Object form, made available under the License, as indicated by a 38 | copyright notice that is included in or attached to the work 39 | (an example is provided in the Appendix below). 40 | 41 | "Derivative Works" shall mean any work, whether in Source or Object 42 | form, that is based on (or derived from) the Work and for which the 43 | editorial revisions, annotations, elaborations, or other modifications 44 | represent, as a whole, an original work of authorship. For the purposes 45 | of this License, Derivative Works shall not include works that remain 46 | separable from, or merely link (or bind by name) to the interfaces of, 47 | the Work and Derivative Works thereof. 48 | 49 | "Contribution" shall mean any work of authorship, including 50 | the original version of the Work and any modifications or additions 51 | to that Work or Derivative Works thereof, that is intentionally 52 | submitted to Licensor for inclusion in the Work by the copyright owner 53 | or by an individual or Legal Entity authorized to submit on behalf of 54 | the copyright owner. For the purposes of this definition, "submitted" 55 | means any form of electronic, verbal, or written communication sent 56 | to the Licensor or its representatives, including but not limited to 57 | communication on electronic mailing lists, source code control systems, 58 | and issue tracking systems that are managed by, or on behalf of, the 59 | Licensor for the purpose of discussing and improving the Work, but 60 | excluding communication that is conspicuously marked or otherwise 61 | designated in writing by the copyright owner as "Not a Contribution." 62 | 63 | "Contributor" shall mean Licensor and any individual or Legal Entity 64 | on behalf of whom a Contribution has been received by Licensor and 65 | subsequently incorporated within the Work. 66 | 67 | 2. Grant of Copyright License. Subject to the terms and conditions of 68 | this License, each Contributor hereby grants to You a perpetual, 69 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 70 | copyright license to reproduce, prepare Derivative Works of, 71 | publicly display, publicly perform, sublicense, and distribute the 72 | Work and such Derivative Works in Source or Object form. 73 | 74 | 3. Grant of Patent License. Subject to the terms and conditions of 75 | this License, each Contributor hereby grants to You a perpetual, 76 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 77 | (except as stated in this section) patent license to make, have made, 78 | use, offer to sell, sell, import, and otherwise transfer the Work, 79 | where such license applies only to those patent claims licensable 80 | by such Contributor that are necessarily infringed by their 81 | Contribution(s) alone or by combination of their Contribution(s) 82 | with the Work to which such Contribution(s) was submitted. If You 83 | institute patent litigation against any entity (including a 84 | cross-claim or counterclaim in a lawsuit) alleging that the Work 85 | or a Contribution incorporated within the Work constitutes direct 86 | or contributory patent infringement, then any patent licenses 87 | granted to You under this License for that Work shall terminate 88 | as of the date such litigation is filed. 89 | 90 | 4. Redistribution. You may reproduce and distribute copies of the 91 | Work or Derivative Works thereof in any medium, with or without 92 | modifications, and in Source or Object form, provided that You 93 | meet the following conditions: 94 | 95 | (a) You must give any other recipients of the Work or 96 | Derivative Works a copy of this License; and 97 | 98 | (b) You must cause any modified files to carry prominent notices 99 | stating that You changed the files; and 100 | 101 | (c) You must retain, in the Source form of any Derivative Works 102 | that You distribute, all copyright, patent, trademark, and 103 | attribution notices from the Source form of the Work, 104 | excluding those notices that do not pertain to any part of 105 | the Derivative Works; and 106 | 107 | (d) If the Work includes a "NOTICE" text file as part of its 108 | distribution, then any Derivative Works that You distribute must 109 | include a readable copy of the attribution notices contained 110 | within such NOTICE file, excluding those notices that do not 111 | pertain to any part of the Derivative Works, in at least one 112 | of the following places: within a NOTICE text file distributed 113 | as part of the Derivative Works; within the Source form or 114 | documentation, if provided along with the Derivative Works; or, 115 | within a display generated by the Derivative Works, if and 116 | wherever such third-party notices normally appear. The contents 117 | of the NOTICE file are for informational purposes only and 118 | do not modify the License. You may add Your own attribution 119 | notices within Derivative Works that You distribute, alongside 120 | or as an addendum to the NOTICE text from the Work, provided 121 | that such additional attribution notices cannot be construed 122 | as modifying the License. 123 | 124 | You may add Your own copyright statement to Your modifications and 125 | may provide additional or different license terms and conditions 126 | for use, reproduction, or distribution of Your modifications, or 127 | for any such Derivative Works as a whole, provided Your use, 128 | reproduction, and distribution of the Work otherwise complies with 129 | the conditions stated in this License. 130 | 131 | 5. Submission of Contributions. Unless You explicitly state otherwise, 132 | any Contribution intentionally submitted for inclusion in the Work 133 | by You to the Licensor shall be under the terms and conditions of 134 | this License, without any additional terms or conditions. 135 | Notwithstanding the above, nothing herein shall supersede or modify 136 | the terms of any separate license agreement you may have executed 137 | with Licensor regarding such Contributions. 138 | 139 | 6. Trademarks. This License does not grant permission to use the trade 140 | names, trademarks, service marks, or product names of the Licensor, 141 | except as required for reasonable and customary use in describing the 142 | origin of the Work and reproducing the content of the NOTICE file. 143 | 144 | 7. Disclaimer of Warranty. Unless required by applicable law or 145 | agreed to in writing, Licensor provides the Work (and each 146 | Contributor provides its Contributions) on an "AS IS" BASIS, 147 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 148 | implied, including, without limitation, any warranties or conditions 149 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 150 | PARTICULAR PURPOSE. You are solely responsible for determining the 151 | appropriateness of using or redistributing the Work and assume any 152 | risks associated with Your exercise of permissions under this License. 153 | 154 | 8. Limitation of Liability. In no event and under no legal theory, 155 | whether in tort (including negligence), contract, or otherwise, 156 | unless required by applicable law (such as deliberate and grossly 157 | negligent acts) or agreed to in writing, shall any Contributor be 158 | liable to You for damages, including any direct, indirect, special, 159 | incidental, or consequential damages of any character arising as a 160 | result of this License or out of the use or inability to use the 161 | Work (including but not limited to damages for loss of goodwill, 162 | work stoppage, computer failure or malfunction, or any and all 163 | other commercial damages or losses), even if such Contributor 164 | has been advised of the possibility of such damages. 165 | 166 | 9. Accepting Warranty or Additional Liability. While redistributing 167 | the Work or Derivative Works thereof, You may choose to offer, 168 | and charge a fee for, acceptance of support, warranty, indemnity, 169 | or other liability obligations and/or rights consistent with this 170 | License. However, in accepting such obligations, You may act only 171 | on Your own behalf and on Your sole responsibility, not on behalf 172 | of any other Contributor, and only if You agree to indemnify, 173 | defend, and hold each Contributor harmless for any liability 174 | incurred by, or claims asserted against, such Contributor by reason 175 | of your accepting any such warranty or additional liability. 176 | 177 | END OF TERMS AND CONDITIONS 178 | 179 | APPENDIX: How to apply the Apache License to your work. 180 | 181 | To apply the Apache License to your work, attach the following 182 | boilerplate notice, with the fields enclosed by brackets "[]" 183 | replaced with your own identifying information. (Don't include 184 | the brackets!) The text should be enclosed in the appropriate 185 | comment syntax for the file format. We also recommend that a 186 | file or class name and description of purpose be included on the 187 | same "printed page" as the copyright notice for easier 188 | identification within third-party archives. 189 | 190 | Copyright [yyyy] [name of copyright owner] 191 | 192 | Licensed under the Apache License, Version 2.0 (the "License"); 193 | you may not use this file except in compliance with the License. 194 | You may obtain a copy of the License at 195 | 196 | http://www.apache.org/licenses/LICENSE-2.0 197 | 198 | Unless required by applicable law or agreed to in writing, software 199 | distributed under the License is distributed on an "AS IS" BASIS, 200 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 201 | See the License for the specific language governing permissions and 202 | limitations under the License. 203 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # PROJECT NOT UNDER ACTIVE MANAGEMENT # 2 | This project will no longer be maintained by Intel. 3 | Intel has ceased development and contributions including, but not limited to, maintenance, bug fixes, new releases, or updates, to this project. 4 | Intel no longer accepts patches to this project. 5 | If you have an ongoing need to use this project, are interested in independently developing it, or would like to maintain patches for the open source software community, please create your own fork of this project. 6 | 7 |

8 | Intel Logo 9 |

10 | 11 | ## Intel® Optimized Cloud Modules for Ansible 12 | 13 | © Copyright 2024, Intel Corporation 14 | 15 | ## GCP VM module 16 | This module provides the functionality to ensure that you are utilizing Intel's latest generation processor in the creation of a virtual machine in GCP. 17 | 18 | 19 | ### Explained Ansible GCP VM collection 20 | This collection included 3 roles and 4 playbooks. 21 | 22 | **Role**:- Ansible roles are a way to reuse and organize your Ansible code. They are self-contained units that contain all the files and configuration needed to automate a specific task. 23 | Roles are defined using a directory structure with specific directories for tasks, variables, files, templates, and other artifacts. This structure makes it easy to find and reuse code, and it also makes it easy to extend behaviour of roles. 24 | 25 | To use a role in an Ansible playbook, you simply need to list it in the roles section of the playbook. Ansible will then automatically load the role and execute its tasks. 26 | 27 | For this module, there are 3 roles. 28 | 1. gcp_linux_fastchat_simple It creates GCP C3 4th Gen Xeon(code named Sapphire Rapids) & Intel® Optimized Cloud Recipe for FastChat 29 | 2. gcp_linux_stable_diffusion It creates GCP C3 4th Gen Xeon(code named Sapphire Rapids) & Intel® Optimized Cloud Recipe for Stable Diffusion 30 | 3. gcp_rhel_vm It creates a Red Hat Enterprise Linux (RHEL) VM on the Intel Sapphire Rapids CPU with an Intel Sapphire Rapids c3-standard-4. 31 | 32 | ** 33 | ****Playbook**:- An Ansible playbook is a YAML file that describes the tasks, are composed of a series of plays, which are groups of tasks that are executed in a specific order. Each play defines a set of tasks that should be executed on a specific group of hosts. 34 | Playbooks can also include variables, which can be used to store data that is used by the tasks. This makes it easy to reuse playbooks for different environments and configurations. 35 | for this module. 36 | For this module, there are 4 playbooks: 37 | 1. Playbook **intel_gcp_vm.yml** - Used to create an GCP VM, it uses Terraform module **terraform-intel-gcp-vm** and being called by Ansible module community.general.terraform 38 | 2. Playbook **intel_gcp_linux_fastchat_simple.yml** - It executes role called [gcp_linux_fastchat_simple](#gcp_linux_fastchat_simple) 39 | 3. Playbook **intel_gcp_linux_stable_diffusion.yml** - It executes role called [gcp_linux_stable_diffusion](#gcp_linux_stable_diffusion) 40 | 4. Playbook **intel_gcp_rhel_vm.yml** - It executes role called [gcp_rhel_vm](#gcp_rhel_vm) 41 | 42 | ```bash 43 | . 44 | ├── CODE_OF_CONDUCT.md 45 | ├── CONTRIBUTING.md 46 | ├── galaxy.yml 47 | ├── hosts 48 | ├── playbooks 49 | │   ├── intel_gcp_linux_fastchat_simple.yml 50 | │   ├── intel_gcp_linux_stable_diffusion.yml 51 | │   └── intel_gcp_rhel_vm.yml 52 | ├── README.md 53 | ├── requirements.txt 54 | ├── requirements.yml 55 | ├── roles 56 | │   ├── gcp_linux_fastchat_simple 57 | │   │   ├── defaults 58 | │   │   │   └── main.yml 59 | │   │   ├── handlers 60 | │   │   │   └── main.yml 61 | │   │   ├── meta 62 | │   │   │   └── main.yml 63 | │   │   ├── README.md 64 | │   │   ├── tasks 65 | │   │   │   ├── cloud_init_config.yml 66 | │   │   │   ├── download_tf_module.yml 67 | │   │   │   ├── fastchat.yml 68 | │   │   │   ├── fw_security.yml 69 | │   │   │   ├── main.yml 70 | │   │   │   └── read_tfstate.yml 71 | │   │   ├── tests 72 | │   │   │   ├── inventory 73 | │   │   │   └── test.yml 74 | │   │   └── vars 75 | │   │   └── main.yml 76 | │   ├── gcp_linux_stable_diffusion 77 | │   │   ├── defaults 78 | │   │   │   └── main.yml 79 | │   │   ├── files 80 | │   │   ├── handlers 81 | │   │   │   └── main.yml 82 | │   │   ├── meta 83 | │   │   │   └── main.yml 84 | │   │   ├── README.md 85 | │   │   ├── tasks 86 | │   │   │   ├── cloud_init_config.yml 87 | │   │   │   ├── download_tf_module.yml 88 | │   │   │   ├── fw_security.yml 89 | │   │   │   ├── main.yml 90 | │   │   │   ├── read_tfstate.yml 91 | │   │   │   └── stable_diffusion.yml 92 | │   │   ├── templates 93 | │   │   ├── tests 94 | │   │   │   ├── inventory 95 | │   │   │   └── test.yml 96 | │   │   └── vars 97 | │   │   └── main.yml 98 | │   └── gcp_rhel_vm 99 | │   ├── defaults 100 | │   │   └── main.yml 101 | │   ├── files 102 | │   ├── handlers 103 | │   │   └── main.yml 104 | │   ├── meta 105 | │   │   └── main.yml 106 | │   ├── README.md 107 | │   ├── tasks 108 | │   │   ├── download_tf_module.yml 109 | │   │   ├── main.yml 110 | │   │   ├── output.yml 111 | │   │   └── rhel_vm.yml 112 | │   ├── templates 113 | │   ├── tests 114 | │   │   ├── inventory 115 | │   │   └── test.yml 116 | │   └── vars 117 | │   └── main.yml 118 | └── security.md 119 | 120 | ``` 121 | 122 | Requirements 123 | ------------ 124 | | Name | Version | 125 | |------------------------------------------------------------------------------------------------|------------| 126 | | [Terraform](#requirement\_terraform) | =1.5.7 | 127 | | [Google Cloud CLI](#requirement\_google_cloud_cli) | ~> 455.0.0 | 128 | | [Random](#requirement\_random) | ~>3.4.3 | 129 | | [Ansible Core](#requirement\_ansible\_core) | ~>2.14.2 | 130 | | [Ansible](#requirement\_ansible) | ~>7.2.0-1 | 131 | | [Requests](#requirement\_requests) | ~> 2.18.4 | 132 | | [Google-auth](#requirement\_google_auth) | ~>1.3.0 | 133 | | [Cryptography](#requirement\_cryptography) | ~>41.0.5 | 134 | 135 | Note: 136 | 1. Install requirements using `requirements.txt` and `requirements.yml`, Use below command: 137 | ```bash 138 | pip3 install -r requirements.txt 139 | ansible-galaxy install -r requirements.yml 140 | ``` 141 | 2. Above role requires `Terraform` as we are executing terraform module [terraform-intel-gcp-vm]() using Ansible module called [community.general.terraform]() 142 | 143 | 144 | ## Installation of collection 145 | 146 | ### Below are ways to install and use it: 147 | 148 | 1. **Case 1:-** When user's needs can be met with the default configuration, and they want to install a collection 149 | from Ansible Galaxy to the default location (as a third-party collection), it is recommended to use the following command: 150 | ```commandline 151 | ansible-galaxy collection install 152 | ``` 153 | 154 | 2. **Case 2:-** When user's needs cannot be met with the default configuration, wants to extend/modify existing configuration and flow, they can install collection using Ansible Galaxy in user's define location. 155 | Use below approaches: 156 | 157 | 1. 158 | ```commandline 159 | ansible-galaxy collection install -p 160 | ``` 161 | Note: collection will download collection, you can remove as per need. 162 | 163 | 2. Download source and copy role directory to your Ansible boilerplate from GitHub (used to extended behavior of role) 164 | ```commandline 165 | git clone https://github.com/OTCShare2/ansible-intel-gcp-vm.git 166 | cd ansible-intel-gcp-vm 167 | cp -r role/gcp_linux_fastchat_simple // 168 | ``` 169 | 170 | ## Authenticate GCP 171 | 1. Download and Install Google Cloud CLI: https://cloud.google.com/sdk/docs/install 172 | 2. GCP account access configured: https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/provider_reference.html#running-terraform-on-your-workstation 173 | 174 | 175 | ## Usage 176 | Use [playbook](playbooks/intel_gcp_vm.yml) to execute Terraform module [terraform-intel-gcp-vm]() using Ansible module [community.general.terraform]() as below 177 | 178 | ```yml 179 | - hosts: localhost 180 | vars: 181 | terraform_source: https://github.com/intel/terraform-intel-gcp-vm.git 182 | tasks: 183 | - set_fact: 184 | terraform_module_download_path: '/home/{{ansible_env.USER}}/terraform/main/intel_gcp_vm/' 185 | 186 | - name: Clone a github repository 187 | git: 188 | repo: '{{ terraform_source }}' 189 | dest: '{{ terraform_module_download_path }}' 190 | clone: yes 191 | update: yes 192 | version: main 193 | 194 | - name: GCP VM Module 195 | community.general.terraform: 196 | project_path: '{{ terraform_module_download_path }}' 197 | state: absent 198 | force_init: true 199 | complex_vars: true 200 | # for additional variables 201 | # https://github.com/intel/terraform-intel-gcp-vm/blob/main/variables.tf 202 | variables: 203 | name: gcp-vm-playbook 204 | project: "fluid-tuner-405104" 205 | boot_image_project: "ubuntu-os-cloud" 206 | boot_image_family: "ubuntu-2204-lts" 207 | zone: "us-central1-a" 208 | machine_type: "e2-micro" 209 | allow_stopping_for_update: true 210 | register: vm_output 211 | 212 | - debug: 213 | var: vm_output 214 | ``` 215 | Use below Command: 216 | ```commandline 217 | ansible-playbook intel_gcp_vm.yml 218 | ``` 219 | 220 | ## Run Ansible with Different State 221 | #### State - planned (terraform plan) 222 | ```yaml 223 | - name: GCP VM Module 224 | community.general.terraform: 225 | project_path: '{{ terraform_module_download_path }}' 226 | state: planned 227 | force_init: true 228 | complex_vars: true 229 | # for additional variables 230 | # https://github.com/intel/terraform-intel-gcp-vm/blob/main/variables.tf 231 | variables: 232 | name: gcp-vm-playbook 233 | ``` 234 | 235 | #### State - present (terraform apply) 236 | ```yaml 237 | - name: GCP VM Module 238 | community.general.terraform: 239 | project_path: '{{ terraform_module_download_path }}' 240 | state: present 241 | force_init: true 242 | complex_vars: true 243 | # for additional variables 244 | # https://github.com/intel/terraform-intel-gcp-vm/blob/main/variables.tf 245 | variables: 246 | name: gcp-vm-playbook 247 | ``` 248 | 249 | 250 | #### State - absent (terraform destroy) 251 | ```yaml 252 | - name: GCP VM Module 253 | community.general.terraform: 254 | project_path: '{{ terraform_module_download_path }}' 255 | state: absent 256 | force_init: true 257 | complex_vars: true 258 | # for additional variables 259 | # https://github.com/intel/terraform-intel-gcp-vm/blob/main/variables.tf 260 | variables: 261 | name: gcp-vm-playbook 262 | ``` 263 | ## See roles folder for complete examples 264 | 265 | | Role Name | 266 | |----------------------------------------------------------------------------------------------------------------------------| 267 | | [gcp_linux_fastchat_simple](https://github.com/OTCShare2/ansible-intel-gcp-vm/tree/main/roles/gcp_linux_fastchat_simple) | 268 | | [gcp_linux_stable_diffusion](https://github.com/OTCShare2/ansible-intel-gcp-vm/tree/main/roles/gcp_linux_stable_diffusion) | 269 | | [gcp_rhel_vm](https://github.com/OTCShare2/ansible-intel-gcp-vm/tree/main/roles/gcp_rhel_vm) | 270 | 271 | 272 | ## Inputs 273 | 274 | | Name | Description | Type | Default | Required | 275 | |------|-------------|------|---------|:--------:| 276 | | [access\_config](#input\_access\_config) | Access configurations, i.e. IPs via which this instance can be accessed via the Internet. Omit to ensure that the instance is not accessible from the Internet. If omitted, ssh provisioners will not work unless Terraform can send traffic to the instance's network. This can be represented as multiple maps | 
list(object({
    nat_ip                 = optional(string, null)
    public_ptr_domain_name = optional(string)
    network_tier           = optional(string)
  }))
| `[]` | no | 277 | | [allow\_stopping\_for\_update](#input\_allow\_stopping\_for\_update) | If true, allows Terraform to stop the instance to update its properties | `bool` | `null` | no | 278 | | [automatic\_restart](#input\_automatic\_restart) | Specifies if the instance should be restarted if it was terminated by Compute Engine (not a user). | `bool` | `true` | no | 279 | | [boot\_disk\_auto\_delete](#input\_boot\_disk\_auto\_delete) | Whether the disk will be auto-deleted when the instance is deleted. | `bool` | `true` | no | 280 | | [boot\_disk\_byo\_encryption\_key](#input\_boot\_disk\_byo\_encryption\_key) | A 256-bit [customer-supplied encryption key] (https://cloud.google.com/compute/docs/disks/customer-supplied-encryption), encoded in RFC 4648 base64 to encrypt this disk. | `string` | `null` | no | 281 | | [boot\_disk\_labels](#input\_boot\_disk\_labels) | A set of key/value label pairs assigned to the disk. This field is only applicable for persistent disks. | `map(string)` | `{}` | no | 282 | | [boot\_disk\_mode](#input\_boot\_disk\_mode) | The mode in which to attach this disk, either READ\_WRITE or READ\_ONLY. | `string` | `"READ_WRITE"` | no | 283 | | [boot\_disk\_size](#input\_boot\_disk\_size) | Size of the OS disk | `number` | `100` | no | 284 | | [boot\_disk\_source](#input\_boot\_disk\_source) | The name or self\_link of the existing disk (such as those managed by google\_compute\_disk) or disk image. | `string` | `null` | no | 285 | | [boot\_disk\_type](#input\_boot\_disk\_type) | Disk type associated with the OS disk. Values can be either pd-ssd, local-ssd, or pd-standard | `string` | `"pd-ssd"` | no | 286 | | [boot\_image\_family](#input\_boot\_image\_family) | The image from which to initialize this disk | `string` | `"ubuntu-2204-lts"` | no | 287 | | [boot\_image\_project](#input\_boot\_image\_project) | The ID of the project in which the source image resides. | `string` | `"ubuntu-os-cloud"` | no | 288 | | [can\_ip\_forward](#input\_can\_ip\_forward) | Conditional that allows sending and receiving of packets with non-matching source or destination IPs. | `bool` | `false` | no | 289 | | [deletion\_protection](#input\_deletion\_protection) | Enable deletion protection on this instance | `bool` | `false` | no | 290 | | [description](#input\_description) | A brief description of this resource | `string` | `"Intel accelerated virtual machine."` | no | 291 | | [desired\_status](#input\_desired\_status) | Desired status of the instance. | `string` | `"RUNNING"` | no | 292 | | [enable\_integrity\_monitoring](#input\_enable\_integrity\_monitoring) | Compare the most recent boot measurements to the integrity policy baseline and return a pair of pass/fail results depending on whether they match or not. | `bool` | `true` | no | 293 | | [enable\_nested\_virtualization](#input\_enable\_nested\_virtualization) | Boolean that specifies if nested virtualization should be enabled or disabled on the instance. | `bool` | `false` | no | 294 | | [enable\_secure\_boot](#input\_enable\_secure\_boot) | Verify the digital signature of all boot components, and halt the boot process if signature verification fails. | `bool` | `false` | no | 295 | | [enable\_vtpm](#input\_enable\_vtpm) | Use a virtualized trusted platform module, which is a specialized computer chip you can use to encrypt objects like keys and certificates. | `bool` | `true` | no | 296 | | [hostname](#input\_hostname) | A custom hostname for the instance. Must be a fully qualified DNS name and RFC-1035-valid | `string` | `null` | no | 297 | | [ipv6\_access\_config](#input\_ipv6\_access\_config) | Access configurations, i.e. IPs via which this instance can be accessed via the Internet. Omit to ensure that the instance is not accessible from the Internet. If omitted, ssh provisioners will not work unless Terraform can send traffic to the instance's network. This can be represented as multiple maps | 
list(object({
    public_ptr_domain_name = optional(string, null)
    network_tier           = optional(string, null)
  }))
| `[]` | no | 298 | | [machine\_type](#input\_machine\_type) | The machine type to create | `string` | `"c3-standard-4"` | no | 299 | | [name](#input\_name) | A unique name for the resource, required by GCE. Changing this forces a new resource to be created. | `string` | n/a | yes | 300 | | [network](#input\_network) | The name or self\_link of the network to attach this interface to. | `string` | `"default"` | no | 301 | | [network\_ip](#input\_network\_ip) | The private IP address to assign to the instance. If empty, the address will be automatically assigned. | `string` | `""` | no | 302 | | [nic\_type](#input\_nic\_type) | The type of vNIC to be used on this compute instance. | `string` | `null` | no | 303 | | [on\_host\_maintenance](#input\_on\_host\_maintenance) | Describes maintenance behavior for the instance. Can be MIGRATE or TERMINATE | `string` | `"MIGRATE"` | no | 304 | | [preemptible](#input\_preemptible) | Specifies if the instance is preemptible. If this field is set to true, then automatic\_restart must be set to false. | `bool` | `false` | no | 305 | | [project](#input\_project) | The ID of the project in which the resource resides. | `string` | `""` | no | 306 | | [provisioning\_model](#input\_provisioning\_model) | Describe the type of preemptible VM. This field accepts the value STANDARD or SPOT | `string` | `"STANDARD"` | no | 307 | | [service\_account](#input\_service\_account) | Service account and scopes that will be associated with the GCE instance. | 
object({
    service_email = optional(string, null)
    scopes        = optional(set(string), [])
  })
| `{}` | no | 308 | | [stack\_type](#input\_stack\_type) | he stack type for this network interface to identify whether the IPv6 feature is enabled or not. | `string` | `"IPV4_ONLY"` | no | 309 | | [subnetwork](#input\_subnetwork) | The name or self\_link of the subnetwork to attach this interface to. Either network or subnetwork must be provided. | `string` | `null` | no | 310 | | [subnetwork\_project](#input\_subnetwork\_project) | The project in which the subnetwork belongs. If the subnetwork is a name and this field is not provided, the provider project is used. | `string` | `null` | no | 311 | | [tags](#input\_tags) | A list of network tags to attach to the instance | `list(string)` | `[]` | no | 312 | | [termination\_action](#input\_termination\_action) | The action that will be applied to the instance when it is terminated. | `string` | `null` | no | 313 | | [threads\_per\_core](#input\_threads\_per\_core) | The action that will be applied to the instance when it is terminated. | `number` | `null` | no | 314 | | [user\_data](#input\_user\_data) | User data to be placed on the instance. Used to place cloud-init on VMs | `string` | `null` | no | 315 | | [visible\_core\_count](#input\_visible\_core\_count) | The number of physical cores to expose to an instance. | `number` | `null` | no | 316 | | [zone](#input\_zone) | The zone that the machine should be created in. If it is not provided, the provider zone is used. | `string` | `null` | no | 317 | 318 | ## Outputs 319 | 320 | | Name | Description | 321 | |------|-------------| 322 | | [boot\_disk\_size](#output\_boot\_disk\_size) | Size of the boot disk of the instance | 323 | | [cpu\_platform](#output\_cpu\_platform) | The CPU platform of the VM instance | 324 | | [current\_status](#output\_current\_status) | Current status of the VM instance | 325 | | [id](#output\_id) | An identifier for the resource | 326 | | [instance\_id](#output\_instance\_id) | The server-assigned unique identifier of this instance | 327 | | [machine\_type](#output\_machine\_type) | Type of the machine created | 328 | | [min\_cpu\_platform](#output\_min\_cpu\_platform) | Minimum CPU platform for the VM instance | 329 | | [name](#output\_name) | Unique name of the instance created | 330 | | [private\_ip](#output\_private\_ip) | Internal IP address of the instance | 331 | | [public\_ip](#output\_public\_ip) | Public IP address of the instance | 332 | | [self\_link](#output\_self\_link) | The URI of the created resource | 333 | -------------------------------------------------------------------------------- /roles/gcp_rhel_vm/README.md: -------------------------------------------------------------------------------- 1 |

2 | Intel Logo 3 |

4 | 5 | # Intel Optimized Cloud Modules for Terraform 6 | 7 | © Copyright 2024, Intel Corporation 8 | 9 | ## Intel Red Hat Enterprise Linux GCP VM Example 10 | 11 | This module creates a Red Hat Enterprise Linux (RHEL) VM on the Intel Sapphire Rapids CPU. The virtual machine is created on an Intel Sapphire Rapids c3-standard-4 by default. 12 | 13 | Update the project with a project id in GCP. It is located on the variables.tf file under this example folder for "GCP-Linux-VM". 14 | 15 | For the list of publicly available images for compute engines see https://cloud.google.com/compute/docs/images OR run gcloud compute images list --project gce-uefi-images to see the name, project, family and status easily in the CLI 16 | 17 | 18 | ## Installation of `gcp_rhel_vm` role 19 | ### Below are ways to install and use it: 20 | 1. **Case 1:-** Install collection using Ansible Galaxy (Use as third party collection, installed in default location), Use below command to installed collection 21 | ```commandline 22 | ansible-galaxy collection install 23 | ``` 24 | 25 | 2. **Case 2:-** Install collection using Ansible Galaxy (Installed in given location), Use below command to installed collection 26 | 27 | 1. 28 | ```commandline 29 | ansible-galaxy collection install -p 30 | ``` 31 | Note: collection will download collection, you can remove as per need 32 | 33 | 2. Download source and Copy role directory to your Ansible boilerplate from GitHub (Used to extended behavior of role) 34 | ```commandline 35 | git clone https://github.com/OTCShare2/ansible-intel-gcp-vm.git 36 | cd ansible-intel-gcp-vm 37 | cp -r role/gcp_rhel_vm on // 38 | ``` 39 | 40 | Requirements 41 | ------------ 42 | | Name | Version | 43 | |-------------------------------------------------------------------------------------------------|------------| 44 | | [Terraform](#requirement\_terraform) | =1.5.7 | 45 | | [Google Cloud CLI](#requirement\_google_cloud_cli) | ~> 455.0.0 | 46 | | [Random](#requirement\_random) | ~>3.4.3 | 47 | | [Ansible Core](#requirement\_ansible\_core) | ~>2.14.2 | 48 | | [Ansible](#requirement\_ansible) | ~>7.2.0-1 | 49 | | [Requests](#requirement\_requests) | ~> 2.18.4 | 50 | | [Google-auth](#requirement\_google_auth) | ~>1.3.0 | 51 | | [Cryptography](#requirement\_cryptography) | ~>41.0.5 | 52 | 53 | 1. Install requirements using `requirements.txt` and `requirements.yml`, Use below command: 54 | ```bash 55 | pip3 install -r requirements.txt 56 | ansible-galaxy install -r requirements.yml 57 | ``` 58 | 2. Above role requires `Terraform` as we are executing terraform module [terraform-intel-gcp-vm]() using Ansible module called [community.general.terraform]() 59 | 60 | 61 | ## Usage 62 | 63 | > [!WARNING] 64 | > Once a VM is created, refrain from updating its name. Any alterations to the name will result in the creation of a new VM. 65 | 66 | Use playbook to run intel_gcp_rhel_vm as below 67 | ```yml 68 | --- 69 | - name: Run gcp_rhel_vm role 70 | hosts: localhost 71 | tasks: 72 | - name: Running a role gcp rhel vm 73 | ansible.builtin.import_role: 74 | name: gcp_rhel_vm 75 | vars: 76 | project: "" 77 | gcp_rhel_vm_state: present 78 | ``` 79 | Use below Command: 80 | ```commandline 81 | ansible-playbook intel_gcp_rhel_vm.yml 82 | ``` 83 | 84 | ## Run Ansible with dfferent state 85 | #### State - present (terraform apply) 86 | ```yaml 87 | --- 88 | - name: Run gcp_rhel_vm role 89 | hosts: localhost 90 | tasks: 91 | - name: Running a role gcp rhel vm 92 | ansible.builtin.import_role: 93 | name: gcp_rhel_vm 94 | vars: 95 | project: "" 96 | gcp_rhel_vm_state: present 97 | ``` 98 | Use below Command: 99 | ```commandline 100 | ansible-playbook intel_gcp_rhel_vm.yml 101 | ``` 102 | 103 | #### State - absent (terraform destroy) 104 | ```yaml 105 | --- 106 | - name: Run gcp_rhel_vm role 107 | hosts: localhost 108 | tasks: 109 | - name: Running a role gcp rhel vm 110 | ansible.builtin.import_role: 111 | name: gcp_rhel_vm 112 | vars: 113 | project: "" 114 | gcp_rhel_vm_state: absent 115 | ``` 116 | Use below Command: 117 | ```commandline 118 | ansible-playbook intel_gcp_rhel_vm.yml 119 | ``` 120 | 121 | ### Terraform Modules 122 | | Name | 123 | |--------------------------------------------------------------------------------------------| 124 | | [terraform-intel-gcp-vm]() | 125 | 126 | # Ansible 127 | 128 | ## Module State Inputs 129 | 130 | | Name | Description | Type | Default | Required | 131 | |----------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------|----------|-----------|:--------:| 132 | | [gcp_rhel_vm_state](#input\_gcp_rhel_vm_state) | It specifices vm state of given stage, choies: "planned", "present" ← (default), "absent" | `string` | `present` | no | 133 | 134 | 135 | ## GCP VM Exposed Inputs 136 | 137 | | Name | Description | Type | Default | Required | 138 | |------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------|:--------:| 139 | | [project](#input\_project0) | The ID of the project in which the resource resides. | `string` | `` | yes | 140 | | [gcp_rhel_vm_name](#input\_gcp_rhel_vm_name) | A unique name for the resource, required by GCE. Changing this forces a new resource to be created. | `string` | `vm1` | no | 141 | | [boot\_image\_family](#input\_boot\_image\_family0) | The image from which to initialize this disk | `string` | `rhel-8` | no | 142 | | [boot\_image\_project](#input\_boot\_image\_project0) | The ID of the project in which the source image resides. | `string` | `rhel-cloud` | no | 143 | | [access\_config](#input\_access\_config0) | Access configurations, i.e. IPs via which this instance can be accessed via the Internet. Omit to ensure that the instance is not accessible from the Internet. If omitted, ssh provisioners will not work unless Terraform can send traffic to the instance's network. This can be represented as multiple maps | 
list(object({
    nat_ip                 = optional(string, null)
    public_ptr_domain_name = optional(string)
    network_tier = optional(string)
  }))
| `[{"nat_ip":"","public_ptr_domain_name":"","network_tier":"PREMIUM"}]` | no | 144 | | [zone](#input\_zone0) | Name the zone that machine should be created in. if it not provided, the provider zone is used | `string` | `us-central1-a` | no | 145 | 146 | ## VM Terraform Extended Inputs 147 | Below Input variables can be used to extend variables in role, Add or update variable in vars/main.yml file 148 | ### Usage 149 | 150 | roles/gcp_rhel_vm/vars/main.yml 151 | 152 | ```yaml 153 | hostname: "gcp.vm.04122023" 154 | ``` 155 | 156 | roles/gcp_rhel_vm/tasks/rhel_vm.yml 157 | ```yaml 158 | --- 159 | - name: Create GCP Linux VM with Rhel image 160 | community.general.terraform: 161 | project_path: '{{ gcp_vm_tf_module_path }}' 162 | state: '{{ gcp_rhel_vm_state }}' 163 | force_init: true 164 | complex_vars: true 165 | variables: 166 | project: '{{ project }}' 167 | boot_image_project: '{{ boot_image_project }}' 168 | boot_image_family: '{{ boot_image_family }}' 169 | name: '{{ gcp_rhel_vm_name }}' 170 | access_config: '{{ access_config }}' 171 | hostname: '{{ hostname }}' 172 | register: gcp_vm_output 173 | ``` 174 | 175 | Use `hostname` in playbook 176 | ```yaml 177 | --- 178 | - name: Run gcp_rhel_vm role 179 | hosts: localhost 180 | tasks: 181 | - name: Running a role gcp rhel vm 182 | ansible.builtin.import_role: 183 | name: gcp_rhel_vm 184 | vars: 185 | project: "" 186 | gcp_rhel_vm_state: present 187 | hostname: 188 | ``` 189 | 190 | ## Inputs 191 | 192 | | Name | Description | Type | Default | Required | 193 | |------|-------------|------|---------|:--------:| 194 | | [access\_config](#input\_access\_config) | Access configurations, i.e. IPs via which this instance can be accessed via the Internet. Omit to ensure that the instance is not accessible from the Internet. If omitted, ssh provisioners will not work unless Terraform can send traffic to the instance's network. This can be represented as multiple maps | 
list(object({
    nat_ip                 = optional(string, null)
    public_ptr_domain_name = optional(string)
    network_tier           = optional(string)
  }))
| `[]` | no | 195 | | [allow\_stopping\_for\_update](#input\_allow\_stopping\_for\_update) | If true, allows Terraform to stop the instance to update its properties | `bool` | `null` | no | 196 | | [automatic\_restart](#input\_automatic\_restart) | Specifies if the instance should be restarted if it was terminated by Compute Engine (not a user). | `bool` | `true` | no | 197 | | [boot\_disk\_auto\_delete](#input\_boot\_disk\_auto\_delete) | Whether the disk will be auto-deleted when the instance is deleted. | `bool` | `true` | no | 198 | | [boot\_disk\_byo\_encryption\_key](#input\_boot\_disk\_byo\_encryption\_key) | A 256-bit [customer-supplied encryption key] (https://cloud.google.com/compute/docs/disks/customer-supplied-encryption), encoded in RFC 4648 base64 to encrypt this disk. | `string` | `null` | no | 199 | | [boot\_disk\_labels](#input\_boot\_disk\_labels) | A set of key/value label pairs assigned to the disk. This field is only applicable for persistent disks. | `map(string)` | `{}` | no | 200 | | [boot\_disk\_mode](#input\_boot\_disk\_mode) | The mode in which to attach this disk, either READ\_WRITE or READ\_ONLY. | `string` | `"READ_WRITE"` | no | 201 | | [boot\_disk\_size](#input\_boot\_disk\_size) | Size of the OS disk | `number` | `100` | no | 202 | | [boot\_disk\_source](#input\_boot\_disk\_source) | The name or self\_link of the existing disk (such as those managed by google\_compute\_disk) or disk image. | `string` | `null` | no | 203 | | [boot\_disk\_type](#input\_boot\_disk\_type) | Disk type associated with the OS disk. Values can be either pd-ssd, local-ssd, or pd-standard | `string` | `"pd-ssd"` | no | 204 | | [boot\_image\_family](#input\_boot\_image\_family) | The image from which to initialize this disk | `string` | `"ubuntu-2204-lts"` | no | 205 | | [boot\_image\_project](#input\_boot\_image\_project) | The ID of the project in which the source image resides. | `string` | `"ubuntu-os-cloud"` | no | 206 | | [can\_ip\_forward](#input\_can\_ip\_forward) | Conditional that allows sending and receiving of packets with non-matching source or destination IPs. | `bool` | `false` | no | 207 | | [deletion\_protection](#input\_deletion\_protection) | Enable deletion protection on this instance | `bool` | `false` | no | 208 | | [description](#input\_description) | A brief description of this resource | `string` | `"Intel accelerated virtual machine."` | no | 209 | | [desired\_status](#input\_desired\_status) | Desired status of the instance. | `string` | `"RUNNING"` | no | 210 | | [enable\_integrity\_monitoring](#input\_enable\_integrity\_monitoring) | Compare the most recent boot measurements to the integrity policy baseline and return a pair of pass/fail results depending on whether they match or not. | `bool` | `true` | no | 211 | | [enable\_nested\_virtualization](#input\_enable\_nested\_virtualization) | Boolean that specifies if nested virtualization should be enabled or disabled on the instance. | `bool` | `false` | no | 212 | | [enable\_secure\_boot](#input\_enable\_secure\_boot) | Verify the digital signature of all boot components, and halt the boot process if signature verification fails. | `bool` | `false` | no | 213 | | [enable\_vtpm](#input\_enable\_vtpm) | Use a virtualized trusted platform module, which is a specialized computer chip you can use to encrypt objects like keys and certificates. | `bool` | `true` | no | 214 | | [hostname](#input\_hostname) | A custom hostname for the instance. Must be a fully qualified DNS name and RFC-1035-valid | `string` | `null` | no | 215 | | [ipv6\_access\_config](#input\_ipv6\_access\_config) | Access configurations, i.e. IPs via which this instance can be accessed via the Internet. Omit to ensure that the instance is not accessible from the Internet. If omitted, ssh provisioners will not work unless Terraform can send traffic to the instance's network. This can be represented as multiple maps | 
list(object({
    public_ptr_domain_name = optional(string, null)
    network_tier           = optional(string, null)
  }))
| `[]` | no | 216 | | [machine\_type](#input\_machine\_type) | The machine type to create | `string` | `"c3-standard-4"` | no | 217 | | [name](#input\_name) | A unique name for the resource, required by GCE. Changing this forces a new resource to be created. | `string` | n/a | yes | 218 | | [network](#input\_network) | The name or self\_link of the network to attach this interface to. | `string` | `"default"` | no | 219 | | [network\_ip](#input\_network\_ip) | The private IP address to assign to the instance. If empty, the address will be automatically assigned. | `string` | `""` | no | 220 | | [nic\_type](#input\_nic\_type) | The type of vNIC to be used on this compute instance. | `string` | `null` | no | 221 | | [on\_host\_maintenance](#input\_on\_host\_maintenance) | Describes maintenance behavior for the instance. Can be MIGRATE or TERMINATE | `string` | `"MIGRATE"` | no | 222 | | [preemptible](#input\_preemptible) | Specifies if the instance is preemptible. If this field is set to true, then automatic\_restart must be set to false. | `bool` | `false` | no | 223 | | [project](#input\_project) | The ID of the project in which the resource resides. | `string` | `""` | no | 224 | | [provisioning\_model](#input\_provisioning\_model) | Describe the type of preemptible VM. This field accepts the value STANDARD or SPOT | `string` | `"STANDARD"` | no | 225 | | [service\_account](#input\_service\_account) | Service account and scopes that will be associated with the GCE instance. | 
object({
    service_email = optional(string, null)
    scopes        = optional(set(string), [])
  })
| `{}` | no | 226 | | [stack\_type](#input\_stack\_type) | he stack type for this network interface to identify whether the IPv6 feature is enabled or not. | `string` | `"IPV4_ONLY"` | no | 227 | | [subnetwork](#input\_subnetwork) | The name or self\_link of the subnetwork to attach this interface to. Either network or subnetwork must be provided. | `string` | `null` | no | 228 | | [subnetwork\_project](#input\_subnetwork\_project) | The project in which the subnetwork belongs. If the subnetwork is a name and this field is not provided, the provider project is used. | `string` | `null` | no | 229 | | [tags](#input\_tags) | A list of network tags to attach to the instance | `list(string)` | `[]` | no | 230 | | [termination\_action](#input\_termination\_action) | The action that will be applied to the instance when it is terminated. | `string` | `null` | no | 231 | | [threads\_per\_core](#input\_threads\_per\_core) | The action that will be applied to the instance when it is terminated. | `number` | `null` | no | 232 | | [user\_data](#input\_user\_data) | User data to be placed on the instance. Used to place cloud-init on VMs | `string` | `null` | no | 233 | | [visible\_core\_count](#input\_visible\_core\_count) | The number of physical cores to expose to an instance. | `number` | `null` | no | 234 | | [zone](#input\_zone) | The zone that the machine should be created in. If it is not provided, the provider zone is used. | `string` | `null` | no | 235 | 236 | ## Outputs 237 | 238 | | Name | Description | 239 | |------|-------------| 240 | | [boot\_disk\_size](#output\_boot\_disk\_size) | Size of the boot disk of the instance | 241 | | [cpu\_platform](#output\_cpu\_platform) | The CPU platform of the VM instance | 242 | | [current\_status](#output\_current\_status) | Current status of the VM instance | 243 | | [id](#output\_id) | An identifier for the resource | 244 | | [instance\_id](#output\_instance\_id) | The server-assigned unique identifier of this instance | 245 | | [machine\_type](#output\_machine\_type) | Type of the machine created | 246 | | [min\_cpu\_platform](#output\_min\_cpu\_platform) | Minimum CPU platform for the VM instance | 247 | | [name](#output\_name) | Unique name of the instance created | 248 | | [private\_ip](#output\_private\_ip) | Internal IP address of the instance | 249 | | [public\_ip](#output\_public\_ip) | Public IP address of the instance | 250 | | [self\_link](#output\_self\_link) | The URI of the created resource | 251 | 252 | -------------------------------------------------------------------------------- /roles/gcp_linux_fastchat_simple/README.md: -------------------------------------------------------------------------------- 1 |

2 | Intel Logo 3 |

4 | 5 | # Intel® Optimized Cloud Modules for Ansible 6 | 7 | © Copyright 2024, Intel Corporation 8 | 9 | ## GCP C3 4th Gen Xeon(code named Sapphire Rapids) & Intel® Optimized Cloud Recipe for FastChat 10 | 11 | This demo will showcase Large Language Model(LLM) CPU inference using 4th Gen Xeon Scalable Processors on GCP. 12 | 13 | ## Authenticate GCP 14 | 1. Download and Install Google Cloud CLI: https://cloud.google.com/sdk/docs/install 15 | 2. GCP account access configured: https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/provider_reference.html#running-terraform-on-your-workstation 16 | 3. Create service account: https://cloud.google.com/iam/docs/keys-create-delete 17 | - Copy to location: /tmp/gcp_cred.json 18 | ```commandline 19 | cp /tmp/gcp_cred.json 20 | ``` 21 | 22 | ## Installation of `gcp-linux-fastchat-simple` role 23 | ### Below are ways to install and use it: 24 | 1. **Case 1:-** Install collection using Ansible Galaxy (Use as third party collection, installed in default location), Use below command to installed collection 25 | ```commandline 26 | ansible-galaxy collection install 27 | ``` 28 | 29 | 2. **Case 2:-** Install collection using Ansible Galaxy (Installed in given location), Use below command to installed collection 30 | 31 | 1. 32 | ```commandline 33 | ansible-galaxy collection install -p 34 | ``` 35 | Note: collection will download collection, you can remove as per need 36 | 37 | 2. Download source and Copy role directory to your Ansible boilerplate from GitHub (Used to extended behavior of role) 38 | ```commandline 39 | git clone https://github.com/OTCShare2/ansible-intel-gcp-vm.git 40 | cd ansible-intel-gcp-vm 41 | cp -r role/gcp-linux-fastchat-simple on // 42 | ``` 43 | 44 | Requirements 45 | ------------ 46 | | Name | Version | 47 | |-------------------------------------------------------------------------------------------------|------------| 48 | | [Terraform](#requirement\_terraform) | =1.5.7 | 49 | | [Google Cloud CLI](#requirement\_google_cloud_cli) | ~> 455.0.0 | 50 | | [Random](#requirement\_random) | ~>3.4.3 | 51 | | [Ansible Core](#requirement\_ansible\_core) | ~>2.14.2 | 52 | | [Ansible](#requirement\_ansible) | ~>7.2.0-1 | 53 | | [Requests](#requirement\_requests) | ~> 2.18.4 | 54 | | [Google-auth](#requirement\_google_auth) | ~>1.3.0 | 55 | | [Cryptography](#requirement\_cryptography) | ~>41.0.5 | 56 | 57 | 1. Install requirements using `requirements.txt` and `requirements.yml`, Use below command: 58 | ```bash 59 | pip3 install -r requirements.txt 60 | ansible-galaxy install -r requirements.yml 61 | ``` 62 | 2. Above role requires `Terraform` as we are executing terraform module [terraform-intel-gcp-vm]() using Ansible module called [community.general.terraform]() 63 | 64 | ## Usage 65 | > [!WARNING] 66 | > Once a VM is created, refrain from updating its name. Any alterations to the name will result in the creation of a new VM. 67 | 68 | Use playbook to run gcp_linux_fastchat_simple as below 69 | ```yml 70 | --- 71 | - name: Run gcp_linux_fastchat_simple role 72 | hosts: localhost 73 | tasks: 74 | - name: Running a role gcp linux fastchat simple 75 | ansible.builtin.import_role: 76 | name: gcp_linux_fastchat_simple 77 | vars: 78 | project: "" 79 | fastchat_state: present 80 | ``` 81 | Use below Command: 82 | ```commandline 83 | ansible-playbook intel_gcp_linux_fastchat_simple.yml 84 | ``` 85 | 86 | ## Run Ansible with different state 87 | #### State - present (terraform apply) 88 | ```yaml 89 | --- 90 | - name: Run gcp_linux_fastchat_simple role 91 | hosts: localhost 92 | tasks: 93 | - name: Running a role gcp linux fastchat simple 94 | ansible.builtin.import_role: 95 | name: gcp_linux_fastchat_simple 96 | vars: 97 | project: "" 98 | fastchat_state: present 99 | ``` 100 | Use below Command: 101 | ```commandline 102 | ansible-playbook intel_gcp_linux_fastchat_simple.yml 103 | ``` 104 | 105 | #### State - absent (terraform destroy) 106 | ```yaml 107 | --- 108 | - name: Run gcp_linux_fastchat_simple role 109 | hosts: localhost 110 | tasks: 111 | - name: Running a role gcp linux fastchat simple 112 | ansible.builtin.import_role: 113 | name: gcp_linux_fastchat_simple 114 | vars: 115 | project: "" 116 | fastchat_state: absent 117 | ``` 118 | Use below Command: 119 | ```commandline 120 | ansible-playbook intel_gcp_linux_fastchat_simple.yml 121 | ``` 122 | 123 | ### Terraform Modules 124 | | Name | 125 | |--------------------------------------------------------------------------------------------| 126 | | [terraform-intel-gcp-vm]() | 127 | 128 | # Ansible 129 | 130 | ## Module State Inputs 131 | 132 | | Name | Description | Type | Default | Required | 133 | |------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|----------|-----------|:--------:| 134 | | [fastchat_state](#input\_fastchat_state) | It specifices vm state of given stage, choies: "planned", "present" ← (default), "absent" | `string` | `present` | no | 135 | 136 | 137 | ## GCP VM Exposed Inputs 138 | 139 | | Name | Description | Type | Default | Required | 140 | |------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------|:--------:| 141 | | [project](#input\_project0) | The ID of the project in which the resource resides. | `string` | `` | yes | 142 | | [fastchat_vm_name](#input\_fastchat_vm_name) | A unique name for the resource, required by GCE. Changing this forces a new resource to be created. | `string` | `intel-fastchat-{{random_id}}` | no | 143 | | [boot\_image\_family](#input\_boot\_image\_family0) | The image from which to initialize this disk | `string` | `"ubuntu-2204-lts"` | no | 144 | | [boot\_image\_project](#input\_boot\_image\_project0) | The ID of the project in which the source image resides. | `string` | `"ubuntu-os-cloud"` | no | 145 | | [zone](#input\_zone0) | Name the zone that machine should be created in. if it not provided, the provider zone is used | `string` | `us-central1-a` | no | 146 | | [machine_type](#input\_machine_type0) | The mahine type to create. | `string` | `c3-standard-22` | no | 147 | | [vm_tags](#input\_tags0) | A list of network tags to attach to the instance | `list(string)` | `["fschat-{{random_id}}"]` | no | 148 | | [access\_config](#input\_access\_config0) | Access configurations, i.e. IPs via which this instance can be accessed via the Internet. Omit to ensure that the instance is not accessible from the Internet. If omitted, ssh provisioners will not work unless Terraform can send traffic to the instance's network. This can be represented as multiple maps | 
list(object({
    nat_ip                 = optional(string, null)
    public_ptr_domain_name = optional(string)
    network_tier = optional(string)
  }))
| `[{"nat_ip":"","public_ptr_domain_name":"","network_tier":"PREMIUM"}]` | no | 149 | 150 | ## GCP Firewall Exposed Inputs 151 | 152 | | Name | Description | Type | Default | Required | 153 | |-----------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------|---------------------------------------------------------------|:--------:| 154 | | [fw_name](#input_fw_name) | A unique name for the resource, required by GCE. | `string` | `intel-fastchat-firewall-{{random_id}}` | no | 155 | | [fw_description](#input_fw_description) | An optional description of this resource. Provide this property when you create the resource. | `string` | `"Allows access to FastChat Webserver"` | no | 156 | | [network_name](#input_network_name) | This field represents a link to a Network resource in GCP.. | `string` | '{"selfLink": "global/networks/default"}' | no | 157 | | [fw_allowed](#input_fw_allowed) | The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection. | `list` | `[{"ip_protocol":"tcp","ports":["22","5000","5001","7860"]}]` | no | 158 | | [target_tags](#input_target_tags) | A list of instance tags indicating sets of instances located in the network that may make network connections as specified in allowed[]. If no targetTags are specified, the firewall rule applies to all instances on the specified network. | `string` | `["fschat-{{random_id}}"]` | no | 159 | | [source_ranges](#input_source_ranges) | If source ranges are specified, the firewall will apply only to traffic that has source IP address in these ranges. These ranges must be expressed in CIDR format | `string` | `["0.0.0.0/0"]` | no | 160 | | [gcp_auth_kind](#input_gcp_auth_kind) | TThe type of credential used. Choices: "application", "machineaccount", "serviceaccount", "accesstoken" | `string` | `serviceaccount` | no | 161 | | [gcp_cred_file_path](#input_gcp_cred_file_path) | The path of a Service Account JSON file if serviceaccount is selected as type. | `string` | `/tmp/gcp_cred.json` | no | 162 | 163 | 164 | ## VM Terraform Extended Inputs 165 | Below Input variables can be used to extend variables in role, Add or update variable in vars/main.yml file 166 | ### Usage 167 | 168 | roles/gcp_linux_fastchat_simple/vars/main.yml 169 | 170 | ```yaml 171 | hostname: "gcp.vm.04122023" 172 | ``` 173 | 174 | roles/gcp_linux_fastchat_simple/tasks/fastchat.yml 175 | ```yaml 176 | --- 177 | - name: Create GCP Linux VM with Intel Cloud Optimized Recipe for FastChat 178 | community.general.terraform: 179 | project_path: '{{ gcp_vm_tf_module_path }}' 180 | state: '{{ fastchat_state }}' 181 | force_init: true 182 | complex_vars: true 183 | variables: 184 | project: '{{ project }}' 185 | boot_image_project: '{{ boot_image_project }}' 186 | boot_image_family: '{{ boot_image_family }}' 187 | name: '{{ fastchat_vm_name }}' 188 | zone: '{{ zone }}' 189 | machine_type: '{{ machine_type }}' 190 | allow_stopping_for_update: true 191 | tags: "{{ vm_tags }}" 192 | user_data: '{{ cloud_init_data }}' 193 | access_config: '{{ access_config }}' 194 | hostname: '{{ hostname }}' 195 | register: fastchat_output 196 | ``` 197 | 198 | Use `hostname` in playbook 199 | ```yaml 200 | --- 201 | - name: Run gcp_linux_fastchat_simple role 202 | hosts: localhost 203 | tasks: 204 | - name: Running a role gcp linux fastchat simple 205 | ansible.builtin.import_role: 206 | name: gcp_linux_fastchat_simple 207 | vars: 208 | project: "" 209 | fastchat_state: present 210 | hostname: 211 | ``` 212 | 213 | ## Inputs 214 | 215 | | Name | Description | Type | Default | Required | 216 | |------|-------------|------|---------|:--------:| 217 | | [access\_config](#input\_access\_config) | Access configurations, i.e. IPs via which this instance can be accessed via the Internet. Omit to ensure that the instance is not accessible from the Internet. If omitted, ssh provisioners will not work unless Terraform can send traffic to the instance's network. This can be represented as multiple maps | 
list(object({
    nat_ip                 = optional(string, null)
    public_ptr_domain_name = optional(string)
    network_tier           = optional(string)
  }))
| `[]` | no | 218 | | [allow\_stopping\_for\_update](#input\_allow\_stopping\_for\_update) | If true, allows Terraform to stop the instance to update its properties | `bool` | `null` | no | 219 | | [automatic\_restart](#input\_automatic\_restart) | Specifies if the instance should be restarted if it was terminated by Compute Engine (not a user). | `bool` | `true` | no | 220 | | [boot\_disk\_auto\_delete](#input\_boot\_disk\_auto\_delete) | Whether the disk will be auto-deleted when the instance is deleted. | `bool` | `true` | no | 221 | | [boot\_disk\_byo\_encryption\_key](#input\_boot\_disk\_byo\_encryption\_key) | A 256-bit [customer-supplied encryption key] (https://cloud.google.com/compute/docs/disks/customer-supplied-encryption), encoded in RFC 4648 base64 to encrypt this disk. | `string` | `null` | no | 222 | | [boot\_disk\_labels](#input\_boot\_disk\_labels) | A set of key/value label pairs assigned to the disk. This field is only applicable for persistent disks. | `map(string)` | `{}` | no | 223 | | [boot\_disk\_mode](#input\_boot\_disk\_mode) | The mode in which to attach this disk, either READ\_WRITE or READ\_ONLY. | `string` | `"READ_WRITE"` | no | 224 | | [boot\_disk\_size](#input\_boot\_disk\_size) | Size of the OS disk | `number` | `100` | no | 225 | | [boot\_disk\_source](#input\_boot\_disk\_source) | The name or self\_link of the existing disk (such as those managed by google\_compute\_disk) or disk image. | `string` | `null` | no | 226 | | [boot\_disk\_type](#input\_boot\_disk\_type) | Disk type associated with the OS disk. Values can be either pd-ssd, local-ssd, or pd-standard | `string` | `"pd-ssd"` | no | 227 | | [boot\_image\_family](#input\_boot\_image\_family) | The image from which to initialize this disk | `string` | `"ubuntu-2204-lts"` | no | 228 | | [boot\_image\_project](#input\_boot\_image\_project) | The ID of the project in which the source image resides. | `string` | `"ubuntu-os-cloud"` | no | 229 | | [can\_ip\_forward](#input\_can\_ip\_forward) | Conditional that allows sending and receiving of packets with non-matching source or destination IPs. | `bool` | `false` | no | 230 | | [deletion\_protection](#input\_deletion\_protection) | Enable deletion protection on this instance | `bool` | `false` | no | 231 | | [description](#input\_description) | A brief description of this resource | `string` | `"Intel accelerated virtual machine."` | no | 232 | | [desired\_status](#input\_desired\_status) | Desired status of the instance. | `string` | `"RUNNING"` | no | 233 | | [enable\_integrity\_monitoring](#input\_enable\_integrity\_monitoring) | Compare the most recent boot measurements to the integrity policy baseline and return a pair of pass/fail results depending on whether they match or not. | `bool` | `true` | no | 234 | | [enable\_nested\_virtualization](#input\_enable\_nested\_virtualization) | Boolean that specifies if nested virtualization should be enabled or disabled on the instance. | `bool` | `false` | no | 235 | | [enable\_secure\_boot](#input\_enable\_secure\_boot) | Verify the digital signature of all boot components, and halt the boot process if signature verification fails. | `bool` | `false` | no | 236 | | [enable\_vtpm](#input\_enable\_vtpm) | Use a virtualized trusted platform module, which is a specialized computer chip you can use to encrypt objects like keys and certificates. | `bool` | `true` | no | 237 | | [hostname](#input\_hostname) | A custom hostname for the instance. Must be a fully qualified DNS name and RFC-1035-valid | `string` | `null` | no | 238 | | [ipv6\_access\_config](#input\_ipv6\_access\_config) | Access configurations, i.e. IPs via which this instance can be accessed via the Internet. Omit to ensure that the instance is not accessible from the Internet. If omitted, ssh provisioners will not work unless Terraform can send traffic to the instance's network. This can be represented as multiple maps | 
list(object({
    public_ptr_domain_name = optional(string, null)
    network_tier           = optional(string, null)
  }))
| `[]` | no | 239 | | [machine\_type](#input\_machine\_type) | The machine type to create | `string` | `"c3-standard-4"` | no | 240 | | [name](#input\_name) | A unique name for the resource, required by GCE. Changing this forces a new resource to be created. | `string` | n/a | yes | 241 | | [network](#input\_network) | The name or self\_link of the network to attach this interface to. | `string` | `"default"` | no | 242 | | [network\_ip](#input\_network\_ip) | The private IP address to assign to the instance. If empty, the address will be automatically assigned. | `string` | `""` | no | 243 | | [nic\_type](#input\_nic\_type) | The type of vNIC to be used on this compute instance. | `string` | `null` | no | 244 | | [on\_host\_maintenance](#input\_on\_host\_maintenance) | Describes maintenance behavior for the instance. Can be MIGRATE or TERMINATE | `string` | `"MIGRATE"` | no | 245 | | [preemptible](#input\_preemptible) | Specifies if the instance is preemptible. If this field is set to true, then automatic\_restart must be set to false. | `bool` | `false` | no | 246 | | [project](#input\_project) | The ID of the project in which the resource resides. | `string` | `""` | no | 247 | | [provisioning\_model](#input\_provisioning\_model) | Describe the type of preemptible VM. This field accepts the value STANDARD or SPOT | `string` | `"STANDARD"` | no | 248 | | [service\_account](#input\_service\_account) | Service account and scopes that will be associated with the GCE instance. | 
object({
    service_email = optional(string, null)
    scopes        = optional(set(string), [])
  })
| `{}` | no | 249 | | [stack\_type](#input\_stack\_type) | he stack type for this network interface to identify whether the IPv6 feature is enabled or not. | `string` | `"IPV4_ONLY"` | no | 250 | | [subnetwork](#input\_subnetwork) | The name or self\_link of the subnetwork to attach this interface to. Either network or subnetwork must be provided. | `string` | `null` | no | 251 | | [subnetwork\_project](#input\_subnetwork\_project) | The project in which the subnetwork belongs. If the subnetwork is a name and this field is not provided, the provider project is used. | `string` | `null` | no | 252 | | [tags](#input\_tags) | A list of network tags to attach to the instance | `list(string)` | `[]` | no | 253 | | [termination\_action](#input\_termination\_action) | The action that will be applied to the instance when it is terminated. | `string` | `null` | no | 254 | | [threads\_per\_core](#input\_threads\_per\_core) | The action that will be applied to the instance when it is terminated. | `number` | `null` | no | 255 | | [user\_data](#input\_user\_data) | User data to be placed on the instance. Used to place cloud-init on VMs | `string` | `null` | no | 256 | | [visible\_core\_count](#input\_visible\_core\_count) | The number of physical cores to expose to an instance. | `number` | `null` | no | 257 | | [zone](#input\_zone) | The zone that the machine should be created in. If it is not provided, the provider zone is used. | `string` | `null` | no | 258 | 259 | ## Outputs 260 | 261 | | Name | Description | 262 | |------|-------------| 263 | | [boot\_disk\_size](#output\_boot\_disk\_size) | Size of the boot disk of the instance | 264 | | [cpu\_platform](#output\_cpu\_platform) | The CPU platform of the VM instance | 265 | | [current\_status](#output\_current\_status) | Current status of the VM instance | 266 | | [id](#output\_id) | An identifier for the resource | 267 | | [instance\_id](#output\_instance\_id) | The server-assigned unique identifier of this instance | 268 | | [machine\_type](#output\_machine\_type) | Type of the machine created | 269 | | [min\_cpu\_platform](#output\_min\_cpu\_platform) | Minimum CPU platform for the VM instance | 270 | | [name](#output\_name) | Unique name of the instance created | 271 | | [private\_ip](#output\_private\_ip) | Internal IP address of the instance | 272 | | [public\_ip](#output\_public\_ip) | Public IP address of the instance | 273 | | [self\_link](#output\_self\_link) | The URI of the created resource | 274 | 275 | -------------------------------------------------------------------------------- /roles/gcp_linux_stable_diffusion/README.md: -------------------------------------------------------------------------------- 1 |

2 | Intel Logo 3 |

4 | 5 | # Intel Optimized Cloud Modules for Terraform 6 | 7 | © Copyright 2024, Intel Corporation 8 | 9 | ## GCP C3 4th Gen Xeon(code named Sapphire Rapids) & Intel® Optimized Cloud Recipe for Stable Diffusion 10 | 11 | This demo will showcase Stable Diffusion CPU inferencing using 4th Gen Xeon Scalable Processors on GCP. 12 | 13 | ## Authenticate GCP 14 | 1. Download and Install Google Cloud CLI: https://cloud.google.com/sdk/docs/install 15 | 2. GCP account access configured: https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/provider_reference.html#running-terraform-on-your-workstation 16 | 3. Create service account: https://cloud.google.com/iam/docs/keys-create-delete 17 | - Copy to location: /tmp/gcp_cred.json 18 | ```commandline 19 | cp /tmp/gcp_cred.json 20 | ``` 21 | 22 | ## Installation of `gcp_linux_stable_diffusion` role 23 | ### Below are ways to install and use it: 24 | 1. **Case 1:-** Install collection using Ansible Galaxy (Use as third party collection, installed in default location), Use below command to installed collection 25 | ```commandline 26 | ansible-galaxy collection install 27 | ``` 28 | 29 | 2. **Case 2:-** Install collection using Ansible Galaxy (Installed in given location), Use below command to installed collection 30 | 31 | 1. 32 | ```commandline 33 | ansible-galaxy collection install -p 34 | ``` 35 | Note: collection will download collection, you can remove as per need 36 | 37 | 2. Download source and Copy role directory to your Ansible boilerplate from GitHub (Used to extended behavior of role) 38 | ```commandline 39 | git clone https://github.com/OTCShare2/ansible-intel-gcp-vm.git 40 | cd ansible-intel-gcp-vm 41 | cp -r role/gcp_linux_stable_diffusion on // 42 | ``` 43 | 44 | Requirements 45 | ------------ 46 | | Name | Version | 47 | |-------------------------------------------------------------------------------------------------|------------| 48 | | [Terraform](#requirement\_terraform) | =1.5.7 | 49 | | [Google Cloud CLI](#requirement\_google_cloud_cli) | ~> 455.0.0 | 50 | | [Random](#requirement\_random) | ~>3.4.3 | 51 | | [Ansible Core](#requirement\_ansible\_core) | ~>2.14.2 | 52 | | [Ansible](#requirement\_ansible) | ~>7.2.0-1 | 53 | | [Requests](#requirement\_requests) | ~> 2.18.4 | 54 | | [Google-auth](#requirement\_google_auth) | ~>1.3.0 | 55 | | [Cryptography](#requirement\_cryptography) | ~>41.0.5 | 56 | 57 | 1. Install requirements using `requirements.txt` and `requirements.yml`, Use below command: 58 | ```bash 59 | pip3 install -r requirements.txt 60 | ansible-galaxy install -r requirements.yml 61 | ``` 62 | 2. Above role requires `Terraform` as we are executing terraform module [terraform-intel-gcp-vm]() using Ansible module called [community.general.terraform]() 63 | 64 | 65 | ## Usage 66 | 67 | > [!WARNING] 68 | > Once a VM is created, refrain from updating its name. Any alterations to the name will result in the creation of a new VM. 69 | 70 | Use playbook to run intel_gcp_linux_stable_diffusion as below 71 | ```yml 72 | --- 73 | - name: Run gcp_linux_stable_diffusion role 74 | hosts: localhost 75 | tasks: 76 | - name: Running a role gcp linux stable diffusion 77 | ansible.builtin.import_role: 78 | name: gcp_linux_stable_diffusion 79 | vars: 80 | project: "" 81 | gcp_vm_state: present 82 | ``` 83 | Use below Command: 84 | ```commandline 85 | ansible-playbook intel_gcp_linux_stable_diffusion.yml 86 | ``` 87 | 88 | ## Run Ansible with different state 89 | 90 | #### State - present (terraform apply) 91 | ```yaml 92 | --- 93 | - name: Run gcp_linux_stable_diffusion role 94 | hosts: localhost 95 | tasks: 96 | - name: Running a role gcp linux stable diffusion 97 | ansible.builtin.import_role: 98 | name: gcp_linux_stable_diffusion 99 | vars: 100 | project: "" 101 | gcp_vm_state: present 102 | ``` 103 | Use below Command: 104 | ```commandline 105 | ansible-playbook intel_gcp_linux_stable_diffusion.yml 106 | ``` 107 | 108 | #### State - absent (terraform destroy) 109 | ```yaml 110 | --- 111 | - name: Run gcp_linux_stable_diffusion role 112 | hosts: localhost 113 | tasks: 114 | - name: Running a role gcp linux stable diffusion 115 | ansible.builtin.import_role: 116 | name: gcp_linux_stable_diffusion 117 | vars: 118 | project: "" 119 | gcp_vm_state: absent 120 | ``` 121 | Use below Command: 122 | ```commandline 123 | ansible-playbook intel_gcp_linux_stable_diffusion.yml 124 | ``` 125 | 126 | ### Terraform Modules 127 | | Name | 128 | |--------------------------------------------------------------------------------------------| 129 | | [terraform-intel-gcp-vm]() | 130 | 131 | # Ansible 132 | 133 | ## Module State Inputs 134 | 135 | | Name | Description | Type | Default | Required | 136 | |------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|----------|-----------|:--------:| 137 | | [gcp_vm_state](#input\_gcp_vm_state) | It specifices vm state of given stage, choies: "planned", "present" ← (default), "absent" | `string` | `present` | no | 138 | 139 | 140 | ## GCP VM Exposed Inputs 141 | 142 | | Name | Description | Type | Default | Required | 143 | |------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------|:--------:| 144 | | [project](#input\_project0) | The ID of the project in which the resource resides. | `string` | `` | yes | 145 | | [gcp_vm_name](#input\_gcp_vm_name) | A unique name for the resource, required by GCE. Changing this forces a new resource to be created. | `string` | `intel-diffusion-{{random_id}}` | no | 146 | | [boot\_image\_family](#input\_boot\_image\_family0) | The image from which to initialize this disk | `string` | `"ubuntu-2204-lts"` | no | 147 | | [boot\_image\_project](#input\_boot\_image\_project0) | The ID of the project in which the source image resides. | `string` | `"ubuntu-os-cloud"` | no | 148 | | [zone](#input\_zone0) | Name the zone that machine should be created in. if it not provided, the provider zone is used | `string` | `us-central1-a` | no | 149 | | [machine_type](#input\_machine_type0) | The mahine type to create. | `string` | `c3-standard-44` | no | 150 | | [vm_tags](#input_vm_tags) | A list of network tags to attach to the instance | `list(string)` | `["diffusion-{{random_id}}"]` | no | 151 | | [access\_config](#input\_access\_config0) | Access configurations, i.e. IPs via which this instance can be accessed via the Internet. Omit to ensure that the instance is not accessible from the Internet. If omitted, ssh provisioners will not work unless Terraform can send traffic to the instance's network. This can be represented as multiple maps | 
list(object({
    nat_ip                 = optional(string, null)
    public_ptr_domain_name = optional(string)
    network_tier = optional(string)
  }))
| `[{"nat_ip":"","public_ptr_domain_name":"","network_tier":"PREMIUM"}]` | no | 152 | 153 | ## GCP Firewall Exposed Inputs 154 | 155 | | Name | Description | Type | Default | Required | 156 | |-----------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------|---------------------------------------------------------------|:--------:| 157 | | [fw_name](#input_fw_name) | A unique name for the resource, required by GCE. | `string` | `diffusion-firewall-{{random_id}}` | no | 158 | | [fw_description](#input_fw_description) | An optional description of this resource. Provide this property when you create the resource. | `string` | `"Allows access to Stable Diffusion"` | no | 159 | | [network](#input_network) | This field represents a link to a Network resource in GCP.. | `string` | '{"selfLink": "global/networks/default"}' | no | 160 | | [fw_allowed](#input_fw_allowed) | The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection. | `list` | `[{"ip_protocol":"tcp","ports":["22","5000","5001","7860"]}]` | no | 161 | | [target_tags](#input_target_tags) | A list of instance tags indicating sets of instances located in the network that may make network connections as specified in allowed[]. If no targetTags are specified, the firewall rule applies to all instances on the specified network. | `string` | `["diffusion-{{random_id}}"]` | no | 162 | | [source_ranges](#input_source_ranges) | If source ranges are specified, the firewall will apply only to traffic that has source IP address in these ranges. These ranges must be expressed in CIDR format | `string` | `["0.0.0.0/0"]` | no | 163 | | [gcp_auth_kind](#input_gcp_auth_kind) | TThe type of credential used. Choices: "application", "machineaccount", "serviceaccount", "accesstoken" | `string` | `serviceaccount` | no | 164 | | [gcp_cred_file_path](#input_gcp_cred_file_path) | The path of a Service Account JSON file if serviceaccount is selected as type. | `string` | `/tmp/gcp_cred.json` | no | 165 | 166 | 167 | ## VM Terraform Extended Inputs 168 | Below Input variables can be used to extend variables in role, Add or update variable in vars/main.yml file 169 | ### Usage 170 | 171 | roles/gcp_linux_stable_diffusion/vars/main.yml 172 | 173 | ```yaml 174 | hostname: "gcp.vm.04122023" 175 | ``` 176 | 177 | roles/gcp_linux_stable_diffusion/tasks/stable_diffusion.yml 178 | ```yaml 179 | --- 180 | - name: Create GCP Linux VM with Optimized Cloud Recipe for Stable Diffusion 181 | community.general.terraform: 182 | project_path: '{{ gcp_vm_tf_module_path }}' 183 | state: '{{ gcp_vm_state }}' 184 | force_init: true 185 | complex_vars: true 186 | variables: 187 | project: '{{ project }}' 188 | boot_image_project: '{{ boot_image_project }}' 189 | boot_image_family: '{{ boot_image_family }}' 190 | name: '{{ gcp_vm_name }}' 191 | zone: '{{ zone }}' 192 | machine_type: '{{ machine_type }}' 193 | allow_stopping_for_update: true 194 | tags: '{{ vm_tags }}' 195 | user_data: '{{ cloud_init_data }}' 196 | access_config: '{{ access_config }}' 197 | hostname: '{{ hostname }}' 198 | register: gcp_vm_output 199 | ``` 200 | 201 | Use `hostname` in playbook 202 | ```yaml 203 | --- 204 | - name: Run gcp_linux_stable_diffusion role 205 | hosts: localhost 206 | tasks: 207 | - name: Running a role gcp linux stable diffusion 208 | ansible.builtin.import_role: 209 | name: gcp_linux_stable_diffusion 210 | vars: 211 | project: "" 212 | gcp_vm_state: present 213 | hostname: 214 | ``` 215 | 216 | ## Inputs 217 | 218 | | Name | Description | Type | Default | Required | 219 | |------|-------------|------|---------|:--------:| 220 | | [access\_config](#input\_access\_config) | Access configurations, i.e. IPs via which this instance can be accessed via the Internet. Omit to ensure that the instance is not accessible from the Internet. If omitted, ssh provisioners will not work unless Terraform can send traffic to the instance's network. This can be represented as multiple maps | 
list(object({
    nat_ip                 = optional(string, null)
    public_ptr_domain_name = optional(string)
    network_tier           = optional(string)
  }))
| `[]` | no | 221 | | [allow\_stopping\_for\_update](#input\_allow\_stopping\_for\_update) | If true, allows Terraform to stop the instance to update its properties | `bool` | `null` | no | 222 | | [automatic\_restart](#input\_automatic\_restart) | Specifies if the instance should be restarted if it was terminated by Compute Engine (not a user). | `bool` | `true` | no | 223 | | [boot\_disk\_auto\_delete](#input\_boot\_disk\_auto\_delete) | Whether the disk will be auto-deleted when the instance is deleted. | `bool` | `true` | no | 224 | | [boot\_disk\_byo\_encryption\_key](#input\_boot\_disk\_byo\_encryption\_key) | A 256-bit [customer-supplied encryption key] (https://cloud.google.com/compute/docs/disks/customer-supplied-encryption), encoded in RFC 4648 base64 to encrypt this disk. | `string` | `null` | no | 225 | | [boot\_disk\_labels](#input\_boot\_disk\_labels) | A set of key/value label pairs assigned to the disk. This field is only applicable for persistent disks. | `map(string)` | `{}` | no | 226 | | [boot\_disk\_mode](#input\_boot\_disk\_mode) | The mode in which to attach this disk, either READ\_WRITE or READ\_ONLY. | `string` | `"READ_WRITE"` | no | 227 | | [boot\_disk\_size](#input\_boot\_disk\_size) | Size of the OS disk | `number` | `100` | no | 228 | | [boot\_disk\_source](#input\_boot\_disk\_source) | The name or self\_link of the existing disk (such as those managed by google\_compute\_disk) or disk image. | `string` | `null` | no | 229 | | [boot\_disk\_type](#input\_boot\_disk\_type) | Disk type associated with the OS disk. Values can be either pd-ssd, local-ssd, or pd-standard | `string` | `"pd-ssd"` | no | 230 | | [boot\_image\_family](#input\_boot\_image\_family) | The image from which to initialize this disk | `string` | `"ubuntu-2204-lts"` | no | 231 | | [boot\_image\_project](#input\_boot\_image\_project) | The ID of the project in which the source image resides. | `string` | `"ubuntu-os-cloud"` | no | 232 | | [can\_ip\_forward](#input\_can\_ip\_forward) | Conditional that allows sending and receiving of packets with non-matching source or destination IPs. | `bool` | `false` | no | 233 | | [deletion\_protection](#input\_deletion\_protection) | Enable deletion protection on this instance | `bool` | `false` | no | 234 | | [description](#input\_description) | A brief description of this resource | `string` | `"Intel accelerated virtual machine."` | no | 235 | | [desired\_status](#input\_desired\_status) | Desired status of the instance. | `string` | `"RUNNING"` | no | 236 | | [enable\_integrity\_monitoring](#input\_enable\_integrity\_monitoring) | Compare the most recent boot measurements to the integrity policy baseline and return a pair of pass/fail results depending on whether they match or not. | `bool` | `true` | no | 237 | | [enable\_nested\_virtualization](#input\_enable\_nested\_virtualization) | Boolean that specifies if nested virtualization should be enabled or disabled on the instance. | `bool` | `false` | no | 238 | | [enable\_secure\_boot](#input\_enable\_secure\_boot) | Verify the digital signature of all boot components, and halt the boot process if signature verification fails. | `bool` | `false` | no | 239 | | [enable\_vtpm](#input\_enable\_vtpm) | Use a virtualized trusted platform module, which is a specialized computer chip you can use to encrypt objects like keys and certificates. | `bool` | `true` | no | 240 | | [hostname](#input\_hostname) | A custom hostname for the instance. Must be a fully qualified DNS name and RFC-1035-valid | `string` | `null` | no | 241 | | [ipv6\_access\_config](#input\_ipv6\_access\_config) | Access configurations, i.e. IPs via which this instance can be accessed via the Internet. Omit to ensure that the instance is not accessible from the Internet. If omitted, ssh provisioners will not work unless Terraform can send traffic to the instance's network. This can be represented as multiple maps | 
list(object({
    public_ptr_domain_name = optional(string, null)
    network_tier           = optional(string, null)
  }))
| `[]` | no | 242 | | [machine\_type](#input\_machine\_type) | The machine type to create | `string` | `"c3-standard-4"` | no | 243 | | [name](#input\_name) | A unique name for the resource, required by GCE. Changing this forces a new resource to be created. | `string` | n/a | yes | 244 | | [network](#input\_network) | The name or self\_link of the network to attach this interface to. | `string` | `"default"` | no | 245 | | [network\_ip](#input\_network\_ip) | The private IP address to assign to the instance. If empty, the address will be automatically assigned. | `string` | `""` | no | 246 | | [nic\_type](#input\_nic\_type) | The type of vNIC to be used on this compute instance. | `string` | `null` | no | 247 | | [on\_host\_maintenance](#input\_on\_host\_maintenance) | Describes maintenance behavior for the instance. Can be MIGRATE or TERMINATE | `string` | `"MIGRATE"` | no | 248 | | [preemptible](#input\_preemptible) | Specifies if the instance is preemptible. If this field is set to true, then automatic\_restart must be set to false. | `bool` | `false` | no | 249 | | [project](#input\_project) | The ID of the project in which the resource resides. | `string` | `""` | no | 250 | | [provisioning\_model](#input\_provisioning\_model) | Describe the type of preemptible VM. This field accepts the value STANDARD or SPOT | `string` | `"STANDARD"` | no | 251 | | [service\_account](#input\_service\_account) | Service account and scopes that will be associated with the GCE instance. | 
object({
    service_email = optional(string, null)
    scopes        = optional(set(string), [])
  })
| `{}` | no | 252 | | [stack\_type](#input\_stack\_type) | he stack type for this network interface to identify whether the IPv6 feature is enabled or not. | `string` | `"IPV4_ONLY"` | no | 253 | | [subnetwork](#input\_subnetwork) | The name or self\_link of the subnetwork to attach this interface to. Either network or subnetwork must be provided. | `string` | `null` | no | 254 | | [subnetwork\_project](#input\_subnetwork\_project) | The project in which the subnetwork belongs. If the subnetwork is a name and this field is not provided, the provider project is used. | `string` | `null` | no | 255 | | [tags](#input\_tags) | A list of network tags to attach to the instance | `list(string)` | `[]` | no | 256 | | [termination\_action](#input\_termination\_action) | The action that will be applied to the instance when it is terminated. | `string` | `null` | no | 257 | | [threads\_per\_core](#input\_threads\_per\_core) | The action that will be applied to the instance when it is terminated. | `number` | `null` | no | 258 | | [user\_data](#input\_user\_data) | User data to be placed on the instance. Used to place cloud-init on VMs | `string` | `null` | no | 259 | | [visible\_core\_count](#input\_visible\_core\_count) | The number of physical cores to expose to an instance. | `number` | `null` | no | 260 | | [zone](#input\_zone) | The zone that the machine should be created in. If it is not provided, the provider zone is used. | `string` | `null` | no | 261 | 262 | ## Outputs 263 | 264 | | Name | Description | 265 | |------|-------------| 266 | | [boot\_disk\_size](#output\_boot\_disk\_size) | Size of the boot disk of the instance | 267 | | [cpu\_platform](#output\_cpu\_platform) | The CPU platform of the VM instance | 268 | | [current\_status](#output\_current\_status) | Current status of the VM instance | 269 | | [id](#output\_id) | An identifier for the resource | 270 | | [instance\_id](#output\_instance\_id) | The server-assigned unique identifier of this instance | 271 | | [machine\_type](#output\_machine\_type) | Type of the machine created | 272 | | [min\_cpu\_platform](#output\_min\_cpu\_platform) | Minimum CPU platform for the VM instance | 273 | | [name](#output\_name) | Unique name of the instance created | 274 | | [private\_ip](#output\_private\_ip) | Internal IP address of the instance | 275 | | [public\_ip](#output\_public\_ip) | Public IP address of the instance | 276 | | [self\_link](#output\_self\_link) | The URI of the created resource | 277 | 278 | --------------------------------------------------------------------------------