Accounting datastudio with floating IP address.
This commit is contained in:
parent
5cef75cd2a
commit
2cd86e3b7f
GPG Key ID:
147ABE6CEB9E20FF
|
|
@ -29,6 +29,24 @@ module "ssh_settings" {
|
|||
source = "../../modules/ssh-key-ref"
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_v2" "accounting_dashboard_db_access_list" {
|
||||
name = "accounting_dashboard_db_access_list"
|
||||
delete_default_rules = "true"
|
||||
description = "Allowed connections to the accounting dashboard database"
|
||||
}
|
||||
|
||||
resource "openstack_networking_secgroup_rule_v2" "access_to_the_accounting_dashboard_db" {
|
||||
for_each = toset([var.accounting_dashoard_allowed_sources.infrascience_net,var.accounting_dashoard_allowed_sources.google_datastudio1,var.accounting_dashoard_allowed_sources.google_datastudio2,var.accounting_dashoard_allowed_sources.google_datastudio3,var.accounting_dashoard_allowed_sources.google_datastudio4,var.accounting_dashoard_allowed_sources.google_datastudio5,var.accounting_dashoard_allowed_sources.google_datastudio6,var.accounting_dashoard_allowed_sources.google_datastudio7,var.accounting_dashoard_allowed_sources.google_datastudio8,var.accounting_dashoard_allowed_sources.google_datastudio9,var.accounting_dashoard_allowed_sources.google_datastudio10,var.accounting_dashoard_allowed_sources.google_datastudio11,var.accounting_dashoard_allowed_sources.google_datastudio12,var.accounting_dashoard_allowed_sources.google_datastudio13,var.accounting_dashoard_allowed_sources.openstack_production])
|
||||
security_group_id = openstack_networking_secgroup_v2.accounting_dashboard_db_access_list.id
|
||||
description = "Access to the Accounting Dashboard DB"
|
||||
direction = "ingress"
|
||||
ethertype = "IPv4"
|
||||
protocol = "tcp"
|
||||
port_range_min = 5432
|
||||
port_range_max = 5432
|
||||
remote_ip_prefix = each.value
|
||||
}
|
||||
|
||||
# Block device
|
||||
resource "openstack_blockstorage_volume_v3" "accounting_dashboard_db_data_vol" {
|
||||
name = var.accounting_dashboard_db_data.vol_data_name
|
||||
|
|
@ -79,24 +97,35 @@ resource "openstack_compute_volume_attach_v2" "accounting_dashboard_db_data_atta
|
|||
depends_on = [openstack_compute_instance_v2.accounting_dashboard_db_server]
|
||||
}
|
||||
|
||||
# Floating IP and DNS record
|
||||
resource "openstack_networking_floatingip_v2" "accounting_dashboard_db_ip" {
|
||||
pool = data.terraform_remote_state.privnet_dns_router.outputs.floating_ip_pools.main_public_ip_pool
|
||||
# The DNS association does not work because of a bug in the OpenStack API
|
||||
description = "Accounting dashboard"
|
||||
}
|
||||
|
||||
resource "openstack_networking_floatingip_associate_v2" "accounting_dashboard_db" {
|
||||
floating_ip = openstack_networking_floatingip_v2.accounting_dashboard_db_ip.address
|
||||
port_id = openstack_compute_instance_v2.accounting_dashboard_db_server.network[0].fixed_ip_v4
|
||||
}
|
||||
|
||||
locals {
|
||||
cname_target = "main-lb.${data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name}"
|
||||
accounting_dashboard_recordset_name = "accounting-dashboard-db.${data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name}"
|
||||
}
|
||||
|
||||
#
|
||||
# Add DNS record/s
|
||||
#
|
||||
module "dns_records_create" {
|
||||
source = "../../modules/dns_resources"
|
||||
|
||||
dns_resources_map = {
|
||||
acccounting-dashboard-db-server = {
|
||||
zone_id = data.terraform_remote_state.privnet_dns_router.outputs.dns_zone_id
|
||||
name = join(".", [var.accounting_dashboard_db_data.name, data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name])
|
||||
description = "Accounting Dashboard DB Server"
|
||||
ttl = 8600
|
||||
type = "CNAME"
|
||||
records = [local.cname_target]
|
||||
}
|
||||
}
|
||||
resource "openstack_dns_recordset_v2" "accounting_dashboard_recordset" {
|
||||
zone_id = data.terraform_remote_state.privnet_dns_router.outputs.dns_zone_id
|
||||
name = local.accounting_dashboard_recordset_name
|
||||
description = "Public IP address of the Accounting Dashboard"
|
||||
ttl = 8600
|
||||
type = "A"
|
||||
records = [openstack_networking_floatingip_v2.accounting_dashboard_db_ip.address]
|
||||
}
|
||||
|
||||
output "accounting_dashboard_public_ip_address" {
|
||||
value = openstack_networking_floatingip_v2.accounting_dashboard_db_ip.address
|
||||
}
|
||||
|
||||
output "accounting_dashboard_hostname" {
|
||||
value = openstack_dns_recordset_v2.accounting_dashboard_recordset.name
|
||||
}
|
||||
|
|
|
|||
|
|
@ -10,4 +10,26 @@ variable "accounting_dashboard_db_data" {
|
|||
vol_data_device = "/dev/vdb"
|
||||
server_ip = "192.168.0.10"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
variable "accounting_dashoard_allowed_sources" {
|
||||
type = map(string)
|
||||
default = {
|
||||
"infrascience_net" = "146.48.122.0/23"
|
||||
"google_datastudio1" = "64.18.0.0/20"
|
||||
"google_datastudio2" = "64.233.160.0/19"
|
||||
"google_datastudio3" = "66.102.0.0/20"
|
||||
"google_datastudio4" = "66.249.80.0/20"
|
||||
"google_datastudio5" = "72.14.192.0/18"
|
||||
"google_datastudio6" = "74.125.0.0/16"
|
||||
"google_datastudio7" = "108.177.8.0/21"
|
||||
"google_datastudio8" = "173.194.0.0/16"
|
||||
"google_datastudio9" = "207.126.144.0/20"
|
||||
"google_datastudio10" = "209.85.128.0/17"
|
||||
"google_datastudio11" = "216.58.192.0/19"
|
||||
"google_datastudio12" = "216.239.32.0/19"
|
||||
"google_datastudio13" = "142.251.74.0/23"
|
||||
"openstack_production" = "146.48.31.57/32"
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue