Updated accounting dashboard db

This commit is contained in:
Giancarlo Panichi 2024-05-28 16:30:27 +02:00
parent 812b128dbd
commit 129878d111
2 changed files with 10 additions and 74 deletions

View File

@ -29,54 +29,6 @@ module "ssh_settings" {
source = "../../modules/ssh-key-ref"
}
# Network
resource "openstack_networking_network_v2" "accounting_dashboard_db_net" {
name = var.accounting_dashboard_db_data.network_name
admin_state_up = "true"
external = "false"
description = var.accounting_dashboard_db_data.network_description
dns_domain = var.dns_zone.zone_name
mtu = var.common_variables.mtu_size
port_security_enabled = true
shared = false
region = var.common_variables.main_region
}
# Subnet
resource "openstack_networking_subnet_v2" "accounting_dashboard_db_subnet" {
name = var.accounting_dashboard_db_data.subnet_name
description = var.accounting_dashboard_db_data.subnet_description
network_id = openstack_networking_network_v2.accounting_dashboard_db_net.id
cidr = var.accounting_dashboard_db_data.network_cidr
dns_nameservers = var.common_variables.resolvers_ip
ip_version = 4
enable_dhcp = true
no_gateway = true
allocation_pool {
start = var.accounting_dashboard_db_data.allocation_pool_start
end = var.accounting_dashboard_db_data.allocation_pool_end
}
}
# Security group
resource "openstack_networking_secgroup_v2" "accounting_dashboard_db_access" {
name = "access_to_the_accounting_dashboard_db_service"
delete_default_rules = "true"
description = "Access the accounting-dashboard-db service using the dedicated network"
}
resource "openstack_networking_secgroup_rule_v2" "accounting_dashboard_db_access_from_dedicated_subnet" {
security_group_id = openstack_networking_secgroup_v2.accounting_dashboard_db_access.id
description = "Allow connections to port 5432 from the 192.168.2.0/22 network"
direction = "ingress"
ethertype = "IPv4"
protocol = "tcp"
port_range_min = 5432
port_range_max = 5432
remote_ip_prefix = var.accounting_dashboard_db_data.network_cidr
}
# Block device
resource "openstack_blockstorage_volume_v3" "accounting_dashboard_db_data_vol" {
name = var.accounting_dashboard_db_data.vol_data_name
@ -84,15 +36,14 @@ resource "openstack_blockstorage_volume_v3" "accounting_dashboard_db_data_vol" {
}
# Instance
# change security group
resource "openstack_compute_instance_v2" "accounting_dashboard_db_server" {
name = var.accounting_dashboard_db_data.name
availability_zone_hints = var.availability_zones_names.availability_zone_no_gpu
availability_zone_hints = module.common_variables.availability_zone_no_gpu_name
flavor_name = var.accounting_dashboard_db_data.flavor
key_pair = module.ssh_settings.ssh_key_name
security_groups = [var.common_variables.default_security_group_name, openstack_networking_secgroup_v2.accounting_dashboard_db_access.name]
security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name]
block_device {
uuid = var.ubuntu_2204.uuid
uuid = module.common_variables.ubuntu_2204.uuid
source_type = "image"
volume_size = 10
boot_index = 0
@ -101,14 +52,15 @@ resource "openstack_compute_instance_v2" "accounting_dashboard_db_server" {
}
network {
name = var.main_private_network.name
name = data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name
}
network {
name = var.accounting_dashboard_db_data.network_name
name = module.common_variables.networks_list.shared_postgresql
fixed_ip_v4 = var.accounting_dashboard_db_data.server_ip
}
user_data = file("${var.common_variables.ubuntu2204_data_file}")
user_data = file("${module.common_variables.ubuntu2204_data_file}")
# Do not replace the instance when the ssh key changes
lifecycle {
ignore_changes = [

View File

@ -1,9 +1,4 @@
# TODO
# definire gli indirizzi ip statici da usare,
# spostare la variabile sotto nelle common-variables se serve,
# aggiungre sempre in common-variables il security-group per questo db
# e le definizioni per la rete dedicata affinché sia condivisibile
# con altri servizi
#Accounting Dashboard DB variables
variable "accounting_dashboard_db_data" {
type = map(string)
@ -13,17 +8,6 @@ variable "accounting_dashboard_db_data" {
vol_data_name = "accounting-dashboard-db-data"
vol_data_size = "10"
vol_data_device = "/dev/vdb"
# vol_backup_name = ""
# vol_backup_size = ""
# vol_backup_device = ""
network_name = "accounting-dashboard-db-net"
network_description = "Network used to communicate with the accounting-dashboard-db service"
network_cidr = "192.168.0.0/22"
subnet_name = "accounting-dashboard-db-subnet"
subnet_description = "Subnet used to connect to the accounting-dashboard-db service"
allocation_pool_start = "192.168.0.100"
allocation_pool_end = "192.168.3.254"
server_ip = "192.168.0.5"
server_cidr = "192.168.0.5/22"
server_ip = "192.168.0.10"
}
}