From a28657c3006a1991464e4316d0f75f99c2d18f39 Mon Sep 17 00:00:00 2001 From: Andrea Dell'Amico Date: Tue, 28 May 2024 18:56:24 +0200 Subject: [PATCH] Keycloak in preproduction. --- openstack-tf/d4s-preprod/keycloak/main.tf | 48 + openstack-tf/d4s-preprod/keycloak/outputs.tf | 21 + openstack-tf/d4s-preprod/keycloak/provider.tf | 3 + .../d4s-preprod/keycloak/terraform.tfstate | 1985 +++++++++++++++++ 4 files changed, 2057 insertions(+) create mode 100644 openstack-tf/d4s-preprod/keycloak/main.tf create mode 100644 openstack-tf/d4s-preprod/keycloak/outputs.tf create mode 100644 openstack-tf/d4s-preprod/keycloak/provider.tf create mode 100644 openstack-tf/d4s-preprod/keycloak/terraform.tfstate diff --git a/openstack-tf/d4s-preprod/keycloak/main.tf b/openstack-tf/d4s-preprod/keycloak/main.tf new file mode 100644 index 0000000..bdec530 --- /dev/null +++ b/openstack-tf/d4s-preprod/keycloak/main.tf @@ -0,0 +1,48 @@ +# Define required providers +terraform { + required_version = ">= 0.14.0" + required_providers { + openstack = { + source = "terraform-provider-openstack/openstack" + version = ">= 1.53.0" + } + } +} + +data "terraform_remote_state" "privnet_dns_router" { + backend = "local" + + config = { + path = "../project-setup/terraform.tfstate" + } +} + +# +# Uses common_variables as module +# +module "common_variables" { + source = "../../modules/common_variables" +} + +module "keycloak" { + source = "../../modules/keycloak" + + keycloak_data = { + affinity_policy = "soft-anti-affinity" + srv_name = "keycloak-pre" + vm_count = 2 + vm_flavor = "m1.medium" + boot_vol_size = 10 + share_description = "NFS share for the keycloak preprod static data" + share_name = "keycloak_pre_nfs_share" + } + + keycloak_recordsets = { + keycloak_main_record = { + name = join(".", ["accounts", data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name]), + description = "Keycloak preproduction endpoint" + } + } + + keycloak_object_store = "keycloak-data-preprod" +} diff --git a/openstack-tf/d4s-preprod/keycloak/outputs.tf b/openstack-tf/d4s-preprod/keycloak/outputs.tf new file mode 100644 index 0000000..f7a5f4e --- /dev/null +++ b/openstack-tf/d4s-preprod/keycloak/outputs.tf @@ -0,0 +1,21 @@ +output "keycloak_data" { + value = module.keycloak.keycloak_data +} + +output "keycloak_recordsets" { + value = module.keycloak.keycloak_recordsets +} + +output "keycloak_nfs_port_data" { + value = module.keycloak.nfs_port_data +} + +output "keycloak_nfs_volume_data" { + value = module.keycloak.keycloak_nfs_volume_data +} + +output "keycloak_nfs_volume_acls" { + value = module.keycloak.keycloak_nfs_volume_acls + sensitive = true +} + diff --git a/openstack-tf/d4s-preprod/keycloak/provider.tf b/openstack-tf/d4s-preprod/keycloak/provider.tf new file mode 100644 index 0000000..5c9deb7 --- /dev/null +++ b/openstack-tf/d4s-preprod/keycloak/provider.tf @@ -0,0 +1,3 @@ +provider "openstack" { + cloud = "d4s-pre" +} diff --git a/openstack-tf/d4s-preprod/keycloak/terraform.tfstate b/openstack-tf/d4s-preprod/keycloak/terraform.tfstate new file mode 100644 index 0000000..4d05637 --- /dev/null +++ b/openstack-tf/d4s-preprod/keycloak/terraform.tfstate @@ -0,0 +1,1985 @@ +{ + "version": 4, + "terraform_version": "1.7.5", + "serial": 45, + "lineage": "aac22e76-7c1f-3103-be59-a76f24bce592", + "outputs": { + "keycloak_data": { + "value": { + "affinity_policy": "soft-anti-affinity", + "boot_vol_size": "10", + "share_description": "NFS share for the keycloak preprod static data", + "share_name": "keycloak_pre_nfs_share", + "srv_name": "keycloak-pre", + "vm_count": "2", + "vm_flavor": "m1.medium" + }, + "type": [ + "map", + "string" + ] + }, + "keycloak_nfs_port_data": { + "value": [ + { + "fixed_ip": "172.17.0.193", + "id": "0367bb79-9a94-430c-95be-c4863b98ab8d/fb9a46d7-e408-45bc-bb9c-2b906fcf7b9f", + "instance_id": "0367bb79-9a94-430c-95be-c4863b98ab8d", + "network_id": "5f4023cc-4016-404c-94e5-86220095fbaf", + "port_id": "fb9a46d7-e408-45bc-bb9c-2b906fcf7b9f", + "region": "isti_area_pi_1", + "timeouts": null + }, + { + "fixed_ip": "172.17.3.112", + "id": "1a34934c-2e11-4f50-8be7-93b4ab553e12/cfb3b491-2099-4308-b57a-a0d8911f889c", + "instance_id": "1a34934c-2e11-4f50-8be7-93b4ab553e12", + "network_id": "5f4023cc-4016-404c-94e5-86220095fbaf", + "port_id": "cfb3b491-2099-4308-b57a-a0d8911f889c", + "region": "isti_area_pi_1", + "timeouts": null + } + ], + "type": [ + "tuple", + [ + [ + "object", + { + "fixed_ip": "string", + "id": "string", + "instance_id": "string", + "network_id": "string", + "port_id": "string", + "region": "string", + "timeouts": [ + "object", + { + "create": "string", + "delete": "string" + } + ] + } + ], + [ + "object", + { + "fixed_ip": "string", + "id": "string", + "instance_id": "string", + "network_id": "string", + "port_id": "string", + "region": "string", + "timeouts": [ + "object", + { + "create": "string", + "delete": "string" + } + ] + } + ] + ] + ] + }, + "keycloak_nfs_volume_acls": { + "value": [ + { + "access_key": "", + "access_level": "rw", + "access_to": "172.17.0.193", + "access_type": "ip", + "id": "fdc074da-d7db-4366-95dc-630ead4938d5", + "region": "isti_area_pi_1", + "share_id": "b4e9f6b1-b14b-4d93-9559-fa0ab01680cd", + "state": "active", + "timeouts": null + }, + { + "access_key": "", + "access_level": "rw", + "access_to": "172.17.3.112", + "access_type": "ip", + "id": "ec53c7d5-736e-40c1-918a-28069a5936ff", + "region": "isti_area_pi_1", + "share_id": "b4e9f6b1-b14b-4d93-9559-fa0ab01680cd", + "state": "active", + "timeouts": null + } + ], + "type": [ + "tuple", + [ + [ + "object", + { + "access_key": "string", + "access_level": "string", + "access_to": "string", + "access_type": "string", + "id": "string", + "region": "string", + "share_id": "string", + "state": "string", + "timeouts": [ + "object", + { + "create": "string", + "delete": "string", + "update": "string" + } + ] + } + ], + [ + "object", + { + "access_key": "string", + "access_level": "string", + "access_to": "string", + "access_type": "string", + "id": "string", + "region": "string", + "share_id": "string", + "state": "string", + "timeouts": [ + "object", + { + "create": "string", + "delete": "string", + "update": "string" + } + ] + } + ] + ] + ], + "sensitive": true + }, + "keycloak_nfs_volume_data": { + "value": { + "all_metadata": {}, + "availability_zone": "nova", + "description": "NFS share for the keycloak preprod static data", + "export_locations": [ + { + "path": "172.17.0.7:/volumes/_nogroup/67c21a7b-287a-4b3a-a03f-521a751edfd3/36048b93-7eb3-4273-aac3-f5fed0919af0", + "preferred": "false" + } + ], + "has_replicas": false, + "host": "", + "id": "b4e9f6b1-b14b-4d93-9559-fa0ab01680cd", + "is_public": false, + "metadata": null, + "name": "keycloak_pre_nfs_share", + "project_id": "6fdc02e2827b405dad99f34698659742", + "region": "isti_area_pi_1", + "replication_type": "", + "share_network_id": "", + "share_proto": "NFS", + "share_server_id": "", + "share_type": "default", + "size": 30, + "snapshot_id": "", + "timeouts": null + }, + "type": [ + "object", + { + "all_metadata": [ + "map", + "string" + ], + "availability_zone": "string", + "description": "string", + "export_locations": [ + "list", + [ + "object", + { + "path": "string", + "preferred": "string" + } + ] + ], + "has_replicas": "bool", + "host": "string", + "id": "string", + "is_public": "bool", + "metadata": [ + "map", + "string" + ], + "name": "string", + "project_id": "string", + "region": "string", + "replication_type": "string", + "share_network_id": "string", + "share_proto": "string", + "share_server_id": "string", + "share_type": "string", + "size": "number", + "snapshot_id": "string", + "timeouts": [ + "object", + { + "create": "string", + "delete": "string", + "update": "string" + } + ] + } + ] + }, + "keycloak_recordsets": { + "value": { + "keycloak_main_record": { + "description": "Keycloak preproduction endpoint", + "name": "accounts.cloud-pre.d4science.org." + } + }, + "type": [ + "map", + [ + "object", + { + "description": "string", + "name": "string" + } + ] + ] + } + }, + "resources": [ + { + "mode": "data", + "type": "terraform_remote_state", + "name": "privnet_dns_router", + "provider": "provider[\"terraform.io/builtin/terraform\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "backend": "local", + "config": { + "value": { + "path": "../project-setup/terraform.tfstate" + }, + "type": [ + "object", + { + "path": "string" + } + ] + }, + "defaults": null, + "outputs": { + "value": { + "almalinux_9": { + "name": "AlmaLinux-9.0-20220718", + "uuid": "541650fc-dd19-4f38-bb1d-7333ed9dd688" + }, + "availability_zone_no_gpu_name": "cnr-isti-nova-a", + "availability_zone_with_gpu_name": "cnr-isti-nova-gpu-a", + "availability_zones_names": { + "availability_zone_no_gpu": "cnr-isti-nova-a", + "availability_zone_with_gpu": "cnr-isti-nova-gpu-a" + }, + "basic_services_ip": { + "ca": "10.1.32.4", + "ca_cidr": "10.1.32.4/32", + "haproxy_l7_1": "10.1.32.11", + "haproxy_l7_1_cidr": "10.1.32.11/32", + "haproxy_l7_2": "10.1.32.12", + "haproxy_l7_2_cidr": "10.1.32.12/32", + "octavia_main": "10.1.32.20", + "octavia_main_cidr": "10.1.32.20/32", + "prometheus": "10.1.32.10", + "prometheus_cidr": "10.1.32.10/32", + "ssh_jump": "10.1.32.5", + "ssh_jump_cidr": "10.1.32.5/32" + }, + "centos_7": { + "name": "CentOS-7", + "uuid": "f0187a99-64f6-462a-ab5f-ef52fe62f2ca" + }, + "default_security_group_name": "default_for_all", + "dns_zone": { + "description": "DNS primary zone for the d4s-pre-cloud project", + "email": "postmaster@isti.cnr.it", + "id": "c1a4b4bc-f167-4387-855d-38f0f99ca05c", + "ttl": "8600", + "zone_name": "cloud-pre.d4science.org." + }, + "dns_zone_id": "c1a4b4bc-f167-4387-855d-38f0f99ca05c", + "el7_data_file": "../../openstack_vm_data_scripts/el7.sh", + "external_gateway_ip": [ + { + "ip_address": "146.48.30.241", + "subnet_id": "57f87509-4016-46fb-b8c3-25fca7f72ccb" + } + ], + "external_network": { + "id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b", + "name": "external-network" + }, + "external_network_id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b", + "external_router": { + "description": "D4Science Preprod main router", + "id": "cc26064a-bb08-4c0b-929f-d0cb39f934a3", + "name": "d4s-pre-cloud-external-router" + }, + "flavor_list": { + "c1_large": "c1.large", + "c1_medium": "c1.medium", + "c1_small": "c1.small", + "c2_large": "c2.large", + "m1_large": "m1.large", + "m1_medium": "m1.medium", + "m1_xlarge": "m1.xlarge", + "m1_xxl": "m1.xxl", + "m2_large": "m2.large", + "m2_medium": "m2.medium", + "m2_small": "m2.small", + "m3_large": "m3.large" + }, + "floating_ip_pools": { + "main_public_ip_pool": "external-network" + }, + "haproxy_l7_data": { + "flavor": "m1.medium", + "haproxy_1": "haproxy-l7-1", + "haproxy_2": "haproxy-l7-2", + "name": "main-haproxy-l7", + "vm_count": "2" + }, + "internal_ca_data": { + "flavor": "m1.small", + "name": "ca" + }, + "main_haproxy_l7_ip": [ + "10.1.32.11", + "10.1.32.12" + ], + "main_private_network": { + "description": "D4Science Preprod private network (use this as the main network)", + "name": "d4s-pre-cloud-main" + }, + "main_private_network_id": "23fd8a99-d551-4ada-8d3a-9859542ebb8c", + "main_private_subnet": { + "allocation_end": "10.1.35.254", + "allocation_start": "10.1.32.100", + "cidr": "10.1.32.0/22", + "description": "D4Science Preprod main private subnet", + "gateway_ip": "10.1.32.1", + "name": "d4s-pre-cloud-main-subnet" + }, + "main_region": "isti_area_pi_1", + "main_subnet_network_id": "cd77a2fd-4a36-4254-b1d0-70b3874c6d04", + "mtu_size": 8942, + "networks_list": { + "cassandra": "cassandra-net", + "orientdb": "orientdb-net", + "orientdb_se": "orientdb-se-net", + "shared_postgresql": "postgresql-srv-net", + "swarm": "swarm-nfs-net", + "timescaledb": "timescaledb-net" + }, + "networks_with_d4s_services": { + "garr_ct1_net": "90.147.166.0/23", + "garr_na_net": "90.147.152.0/24", + "garr_pa1_net": "90.147.188.0/23", + "infrascience_net": "146.48.122.0/23", + "isti_net": "146.48.80.0/21", + "s2i2s_net": "146.48.28.0/22" + }, + "nfs_share_no_ingress_secgroup_id": "ddb16502-7217-4677-a8a7-ca0cbf9a779a", + "octavia_information": { + "main_lb_description": "Main L4 load balancer for the D4Science PRE production", + "main_lb_hostname": "main-lb", + "main_lb_name": "d4s-pre-cloud-l4-load-balancer", + "octavia_flavor": "octavia_amphora-mvcpu-ha", + "octavia_flavor_id": "394988b5-6603-4a1e-a939-8e177c6681c7", + "octavia_vrrp_ip_1": "10.1.33.159/32", + "octavia_vrrp_ip_2": "10.1.32.199/32", + "swarm_lb_name": "d4s-pre-cloud-l4-swarm-load-balancer" + }, + "os_project_data": { + "id": "6fdc02e2827b405dad99f34698659742" + }, + "policy_list": { + "affinity": "affinity", + "anti_affinity": "anti-affinity", + "soft_affinity": "soft-affinity", + "soft_anti_affinity": "soft-anti-affinity" + }, + "prometheus_server_data": { + "flavor": "m1.medium", + "name": "prometheus", + "public_grafana_server_cidr": "146.48.28.103/32", + "vol_data_device": "/dev/vdb", + "vol_data_name": "prometheus-data", + "vol_data_size": "100" + }, + "resolvers_ip": [ + "146.48.29.97", + "146.48.29.98", + "146.48.29.99" + ], + "resource_registry_addresses": {}, + "security_group_list": { + "acaland": "acaland's dev machine", + "access_to_orientdb": "access_to_orientdb", + "access_to_orientdb_se": "access_to_orientdb_se", + "access_to_the_timescaledb_service": "access_to_the_timescaledb_service", + "cassandra": "Cassandra", + "dataminer-publish": "dataminer-publish", + "debugging_from_jump_node": "debugging_from_jump_node", + "default": "default", + "docker_swarm": "Docker Swarm", + "docker_swarm_NFS": "Docker Swarm NFS", + "haproxy": "traffic_from_main_lb_to_haproxy_l7", + "http_and_https_from_the_load_balancers": "traffic_from_the_main_load_balancers", + "limited_HTTPS_access": "restricted_web_service", + "limited_SSH_access": "Limited SSH access", + "mongo": "mongo", + "nfs_share_no_ingress": "nfs_share_no_ingress", + "orientdb_internal_docker_traffic": "orientdb_internal_docker_traffic", + "postgreSQL": "PostgreSQL service", + "public_HTTPS": "Public HTTPS" + }, + "shared_postgresql_server_data": { + "allocation_pool_end": "192.168.3.254", + "allocation_pool_start": "192.168.0.100", + "flavor": "m1.medium", + "name": "shared-postgresql-server", + "network_cidr": "192.168.0.0/22", + "network_description": "Network used to communicate with the shared postgresql service", + "network_name": "postgresql-srv-net", + "server_cidr": "192.168.0.5/22", + "server_ip": "192.168.0.5", + "vol_data_device": "/dev/vdb", + "vol_data_name": "shared-postgresql-data", + "vol_data_size": "100" + }, + "smartexecutor_addresses": {}, + "ssh_jump_proxy": { + "flavor": "m2.small", + "name": "ssh-jump-proxy" + }, + "ssh_sources": { + "d4s_vpn_1_cidr": "146.48.122.27/32", + "d4s_vpn_2_cidr": "146.48.122.49/32", + "infrascience_net_cidr": "146.48.122.0/23", + "s2i2s_vpn_1_cidr": "146.48.28.10/32", + "s2i2s_vpn_2_cidr": "146.48.28.11/32", + "shell_d4s_cidr": "146.48.122.95/32" + }, + "storage_nfs_network_id": "5f4023cc-4016-404c-94e5-86220095fbaf", + "storage_nfs_subnet_id": "6ff0f9e8-0e74-4cc3-a268-7ed4af435696", + "ubuntu1804_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh", + "ubuntu2204_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh", + "ubuntu_1804": { + "name": "Ubuntu-Bionic-18.04", + "user_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh", + "uuid": "7ed6a2cd-2b07-482e-8ce4-f018dff16c89" + }, + "ubuntu_2204": { + "name": "Ubuntu-Jammy-22.04", + "user_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh", + "uuid": "54768889-8556-4be4-a2eb-82a4d9b34627" + } + }, + "type": [ + "object", + { + "almalinux_9": [ + "map", + "string" + ], + "availability_zone_no_gpu_name": "string", + "availability_zone_with_gpu_name": "string", + "availability_zones_names": [ + "map", + "string" + ], + "basic_services_ip": [ + "map", + "string" + ], + "centos_7": [ + "map", + "string" + ], + "default_security_group_name": "string", + "dns_zone": [ + "map", + "string" + ], + "dns_zone_id": "string", + "el7_data_file": "string", + "external_gateway_ip": [ + "list", + [ + "object", + { + "ip_address": "string", + "subnet_id": "string" + } + ] + ], + "external_network": [ + "map", + "string" + ], + "external_network_id": "string", + "external_router": [ + "map", + "string" + ], + "flavor_list": [ + "map", + "string" + ], + "floating_ip_pools": [ + "map", + "string" + ], + "haproxy_l7_data": [ + "map", + "string" + ], + "internal_ca_data": [ + "map", + "string" + ], + "main_haproxy_l7_ip": [ + "list", + "string" + ], + "main_private_network": [ + "map", + "string" + ], + "main_private_network_id": "string", + "main_private_subnet": [ + "map", + "string" + ], + "main_region": "string", + "main_subnet_network_id": "string", + "mtu_size": "number", + "networks_list": [ + "map", + "string" + ], + "networks_with_d4s_services": [ + "map", + "string" + ], + "nfs_share_no_ingress_secgroup_id": "string", + "octavia_information": [ + "map", + "string" + ], + "os_project_data": [ + "map", + "string" + ], + "policy_list": [ + "map", + "string" + ], + "prometheus_server_data": [ + "map", + "string" + ], + "resolvers_ip": [ + "list", + "string" + ], + "resource_registry_addresses": [ + "map", + "string" + ], + "security_group_list": [ + "map", + "string" + ], + "shared_postgresql_server_data": [ + "map", + "string" + ], + "smartexecutor_addresses": [ + "map", + "string" + ], + "ssh_jump_proxy": [ + "map", + "string" + ], + "ssh_sources": [ + "map", + "string" + ], + "storage_nfs_network_id": "string", + "storage_nfs_subnet_id": "string", + "ubuntu1804_data_file": "string", + "ubuntu2204_data_file": "string", + "ubuntu_1804": [ + "map", + "string" + ], + "ubuntu_2204": [ + "map", + "string" + ] + } + ] + }, + "workspace": null + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.keycloak", + "mode": "data", + "type": "terraform_remote_state", + "name": "privnet_dns_router", + "provider": "provider[\"terraform.io/builtin/terraform\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "backend": "local", + "config": { + "value": { + "path": "../project-setup/terraform.tfstate" + }, + "type": [ + "object", + { + "path": "string" + } + ] + }, + "defaults": null, + "outputs": { + "value": { + "almalinux_9": { + "name": "AlmaLinux-9.0-20220718", + "uuid": "541650fc-dd19-4f38-bb1d-7333ed9dd688" + }, + "availability_zone_no_gpu_name": "cnr-isti-nova-a", + "availability_zone_with_gpu_name": "cnr-isti-nova-gpu-a", + "availability_zones_names": { + "availability_zone_no_gpu": "cnr-isti-nova-a", + "availability_zone_with_gpu": "cnr-isti-nova-gpu-a" + }, + "basic_services_ip": { + "ca": "10.1.32.4", + "ca_cidr": "10.1.32.4/32", + "haproxy_l7_1": "10.1.32.11", + "haproxy_l7_1_cidr": "10.1.32.11/32", + "haproxy_l7_2": "10.1.32.12", + "haproxy_l7_2_cidr": "10.1.32.12/32", + "octavia_main": "10.1.32.20", + "octavia_main_cidr": "10.1.32.20/32", + "prometheus": "10.1.32.10", + "prometheus_cidr": "10.1.32.10/32", + "ssh_jump": "10.1.32.5", + "ssh_jump_cidr": "10.1.32.5/32" + }, + "centos_7": { + "name": "CentOS-7", + "uuid": "f0187a99-64f6-462a-ab5f-ef52fe62f2ca" + }, + "default_security_group_name": "default_for_all", + "dns_zone": { + "description": "DNS primary zone for the d4s-pre-cloud project", + "email": "postmaster@isti.cnr.it", + "id": "c1a4b4bc-f167-4387-855d-38f0f99ca05c", + "ttl": "8600", + "zone_name": "cloud-pre.d4science.org." + }, + "dns_zone_id": "c1a4b4bc-f167-4387-855d-38f0f99ca05c", + "el7_data_file": "../../openstack_vm_data_scripts/el7.sh", + "external_gateway_ip": [ + { + "ip_address": "146.48.30.241", + "subnet_id": "57f87509-4016-46fb-b8c3-25fca7f72ccb" + } + ], + "external_network": { + "id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b", + "name": "external-network" + }, + "external_network_id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b", + "external_router": { + "description": "D4Science Preprod main router", + "id": "cc26064a-bb08-4c0b-929f-d0cb39f934a3", + "name": "d4s-pre-cloud-external-router" + }, + "flavor_list": { + "c1_large": "c1.large", + "c1_medium": "c1.medium", + "c1_small": "c1.small", + "c2_large": "c2.large", + "m1_large": "m1.large", + "m1_medium": "m1.medium", + "m1_xlarge": "m1.xlarge", + "m1_xxl": "m1.xxl", + "m2_large": "m2.large", + "m2_medium": "m2.medium", + "m2_small": "m2.small", + "m3_large": "m3.large" + }, + "floating_ip_pools": { + "main_public_ip_pool": "external-network" + }, + "haproxy_l7_data": { + "flavor": "m1.medium", + "haproxy_1": "haproxy-l7-1", + "haproxy_2": "haproxy-l7-2", + "name": "main-haproxy-l7", + "vm_count": "2" + }, + "internal_ca_data": { + "flavor": "m1.small", + "name": "ca" + }, + "main_haproxy_l7_ip": [ + "10.1.32.11", + "10.1.32.12" + ], + "main_private_network": { + "description": "D4Science Preprod private network (use this as the main network)", + "name": "d4s-pre-cloud-main" + }, + "main_private_network_id": "23fd8a99-d551-4ada-8d3a-9859542ebb8c", + "main_private_subnet": { + "allocation_end": "10.1.35.254", + "allocation_start": "10.1.32.100", + "cidr": "10.1.32.0/22", + "description": "D4Science Preprod main private subnet", + "gateway_ip": "10.1.32.1", + "name": "d4s-pre-cloud-main-subnet" + }, + "main_region": "isti_area_pi_1", + "main_subnet_network_id": "cd77a2fd-4a36-4254-b1d0-70b3874c6d04", + "mtu_size": 8942, + "networks_list": { + "cassandra": "cassandra-net", + "orientdb": "orientdb-net", + "orientdb_se": "orientdb-se-net", + "shared_postgresql": "postgresql-srv-net", + "swarm": "swarm-nfs-net", + "timescaledb": "timescaledb-net" + }, + "networks_with_d4s_services": { + "garr_ct1_net": "90.147.166.0/23", + "garr_na_net": "90.147.152.0/24", + "garr_pa1_net": "90.147.188.0/23", + "infrascience_net": "146.48.122.0/23", + "isti_net": "146.48.80.0/21", + "s2i2s_net": "146.48.28.0/22" + }, + "nfs_share_no_ingress_secgroup_id": "ddb16502-7217-4677-a8a7-ca0cbf9a779a", + "octavia_information": { + "main_lb_description": "Main L4 load balancer for the D4Science PRE production", + "main_lb_hostname": "main-lb", + "main_lb_name": "d4s-pre-cloud-l4-load-balancer", + "octavia_flavor": "octavia_amphora-mvcpu-ha", + "octavia_flavor_id": "394988b5-6603-4a1e-a939-8e177c6681c7", + "octavia_vrrp_ip_1": "10.1.33.159/32", + "octavia_vrrp_ip_2": "10.1.32.199/32", + "swarm_lb_name": "d4s-pre-cloud-l4-swarm-load-balancer" + }, + "os_project_data": { + "id": "6fdc02e2827b405dad99f34698659742" + }, + "policy_list": { + "affinity": "affinity", + "anti_affinity": "anti-affinity", + "soft_affinity": "soft-affinity", + "soft_anti_affinity": "soft-anti-affinity" + }, + "prometheus_server_data": { + "flavor": "m1.medium", + "name": "prometheus", + "public_grafana_server_cidr": "146.48.28.103/32", + "vol_data_device": "/dev/vdb", + "vol_data_name": "prometheus-data", + "vol_data_size": "100" + }, + "resolvers_ip": [ + "146.48.29.97", + "146.48.29.98", + "146.48.29.99" + ], + "resource_registry_addresses": {}, + "security_group_list": { + "acaland": "acaland's dev machine", + "access_to_orientdb": "access_to_orientdb", + "access_to_orientdb_se": "access_to_orientdb_se", + "access_to_the_timescaledb_service": "access_to_the_timescaledb_service", + "cassandra": "Cassandra", + "dataminer-publish": "dataminer-publish", + "debugging_from_jump_node": "debugging_from_jump_node", + "default": "default", + "docker_swarm": "Docker Swarm", + "docker_swarm_NFS": "Docker Swarm NFS", + "haproxy": "traffic_from_main_lb_to_haproxy_l7", + "http_and_https_from_the_load_balancers": "traffic_from_the_main_load_balancers", + "limited_HTTPS_access": "restricted_web_service", + "limited_SSH_access": "Limited SSH access", + "mongo": "mongo", + "nfs_share_no_ingress": "nfs_share_no_ingress", + "orientdb_internal_docker_traffic": "orientdb_internal_docker_traffic", + "postgreSQL": "PostgreSQL service", + "public_HTTPS": "Public HTTPS" + }, + "shared_postgresql_server_data": { + "allocation_pool_end": "192.168.3.254", + "allocation_pool_start": "192.168.0.100", + "flavor": "m1.medium", + "name": "shared-postgresql-server", + "network_cidr": "192.168.0.0/22", + "network_description": "Network used to communicate with the shared postgresql service", + "network_name": "postgresql-srv-net", + "server_cidr": "192.168.0.5/22", + "server_ip": "192.168.0.5", + "vol_data_device": "/dev/vdb", + "vol_data_name": "shared-postgresql-data", + "vol_data_size": "100" + }, + "smartexecutor_addresses": {}, + "ssh_jump_proxy": { + "flavor": "m2.small", + "name": "ssh-jump-proxy" + }, + "ssh_sources": { + "d4s_vpn_1_cidr": "146.48.122.27/32", + "d4s_vpn_2_cidr": "146.48.122.49/32", + "infrascience_net_cidr": "146.48.122.0/23", + "s2i2s_vpn_1_cidr": "146.48.28.10/32", + "s2i2s_vpn_2_cidr": "146.48.28.11/32", + "shell_d4s_cidr": "146.48.122.95/32" + }, + "storage_nfs_network_id": "5f4023cc-4016-404c-94e5-86220095fbaf", + "storage_nfs_subnet_id": "6ff0f9e8-0e74-4cc3-a268-7ed4af435696", + "ubuntu1804_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh", + "ubuntu2204_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh", + "ubuntu_1804": { + "name": "Ubuntu-Bionic-18.04", + "user_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh", + "uuid": "7ed6a2cd-2b07-482e-8ce4-f018dff16c89" + }, + "ubuntu_2204": { + "name": "Ubuntu-Jammy-22.04", + "user_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh", + "uuid": "54768889-8556-4be4-a2eb-82a4d9b34627" + } + }, + "type": [ + "object", + { + "almalinux_9": [ + "map", + "string" + ], + "availability_zone_no_gpu_name": "string", + "availability_zone_with_gpu_name": "string", + "availability_zones_names": [ + "map", + "string" + ], + "basic_services_ip": [ + "map", + "string" + ], + "centos_7": [ + "map", + "string" + ], + "default_security_group_name": "string", + "dns_zone": [ + "map", + "string" + ], + "dns_zone_id": "string", + "el7_data_file": "string", + "external_gateway_ip": [ + "list", + [ + "object", + { + "ip_address": "string", + "subnet_id": "string" + } + ] + ], + "external_network": [ + "map", + "string" + ], + "external_network_id": "string", + "external_router": [ + "map", + "string" + ], + "flavor_list": [ + "map", + "string" + ], + "floating_ip_pools": [ + "map", + "string" + ], + "haproxy_l7_data": [ + "map", + "string" + ], + "internal_ca_data": [ + "map", + "string" + ], + "main_haproxy_l7_ip": [ + "list", + "string" + ], + "main_private_network": [ + "map", + "string" + ], + "main_private_network_id": "string", + "main_private_subnet": [ + "map", + "string" + ], + "main_region": "string", + "main_subnet_network_id": "string", + "mtu_size": "number", + "networks_list": [ + "map", + "string" + ], + "networks_with_d4s_services": [ + "map", + "string" + ], + "nfs_share_no_ingress_secgroup_id": "string", + "octavia_information": [ + "map", + "string" + ], + "os_project_data": [ + "map", + "string" + ], + "policy_list": [ + "map", + "string" + ], + "prometheus_server_data": [ + "map", + "string" + ], + "resolvers_ip": [ + "list", + "string" + ], + "resource_registry_addresses": [ + "map", + "string" + ], + "security_group_list": [ + "map", + "string" + ], + "shared_postgresql_server_data": [ + "map", + "string" + ], + "smartexecutor_addresses": [ + "map", + "string" + ], + "ssh_jump_proxy": [ + "map", + "string" + ], + "ssh_sources": [ + "map", + "string" + ], + "storage_nfs_network_id": "string", + "storage_nfs_subnet_id": "string", + "ubuntu1804_data_file": "string", + "ubuntu2204_data_file": "string", + "ubuntu_1804": [ + "map", + "string" + ], + "ubuntu_2204": [ + "map", + "string" + ] + } + ] + }, + "workspace": null + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.keycloak", + "mode": "managed", + "type": "openstack_compute_instance_v2", + "name": "keycloak", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "access_ip_v4": "10.1.33.163", + "access_ip_v6": "", + "admin_pass": null, + "all_metadata": {}, + "all_tags": [], + "availability_zone": "cnr-isti-nova-a", + "availability_zone_hints": "cnr-isti-nova-a", + "block_device": [ + { + "boot_index": 0, + "delete_on_termination": false, + "destination_type": "volume", + "device_type": "", + "disk_bus": "", + "guest_format": "", + "multiattach": false, + "source_type": "image", + "uuid": "54768889-8556-4be4-a2eb-82a4d9b34627", + "volume_size": 10, + "volume_type": "" + } + ], + "config_drive": null, + "created": "2024-05-28 16:30:11 +0000 UTC", + "flavor_id": "4", + "flavor_name": "m1.medium", + "force_delete": false, + "id": "0367bb79-9a94-430c-95be-c4863b98ab8d", + "image_id": "Attempt to boot from volume - no image supplied", + "image_name": null, + "key_pair": "adellam", + "metadata": null, + "name": "keycloak-pre-01", + "network": [ + { + "access_network": false, + "fixed_ip_v4": "10.1.33.163", + "fixed_ip_v6": "", + "mac": "fa:16:3e:ca:5f:97", + "name": "d4s-pre-cloud-main", + "port": "", + "uuid": "23fd8a99-d551-4ada-8d3a-9859542ebb8c" + }, + { + "access_network": false, + "fixed_ip_v4": "192.168.0.126", + "fixed_ip_v6": "", + "mac": "fa:16:3e:e9:74:aa", + "name": "postgresql-srv-net", + "port": "", + "uuid": "e25395f4-f1aa-4819-b5a5-36d25ee5af54" + } + ], + "network_mode": null, + "personality": [], + "power_state": "active", + "region": "isti_area_pi_1", + "scheduler_hints": [ + { + "additional_properties": {}, + "build_near_host_ip": "", + "different_cell": [], + "different_host": [], + "group": "d9244665-679d-4a04-975f-6a4e539b7127", + "query": [], + "same_host": [], + "target_cell": "" + } + ], + "security_groups": [ + "default_for_all", + "keycloak_cluster_traffic", + "traffic_to_keycloak_from_the_main_load_balancers" + ], + "stop_before_destroy": false, + "tags": [], + "timeouts": null, + "updated": "2024-05-28 16:31:08 +0000 UTC", + "user_data": "", + "vendor_options": [] + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19", + "dependencies": [ + "module.keycloak.data.terraform_remote_state.privnet_dns_router", + "module.keycloak.openstack_compute_servergroup_v2.keycloak_server_group", + "module.keycloak.openstack_networking_secgroup_v2.keycloak_cluster_traffic", + "module.keycloak.openstack_networking_secgroup_v2.traffic_from_haproxy_to_keycloak" + ] + }, + { + "index_key": 1, + "schema_version": 0, + "attributes": { + "access_ip_v4": "10.1.35.114", + "access_ip_v6": "", + "admin_pass": null, + "all_metadata": {}, + "all_tags": [], + "availability_zone": "cnr-isti-nova-a", + "availability_zone_hints": "cnr-isti-nova-a", + "block_device": [ + { + "boot_index": 0, + "delete_on_termination": false, + "destination_type": "volume", + "device_type": "", + "disk_bus": "", + "guest_format": "", + "multiattach": false, + "source_type": "image", + "uuid": "54768889-8556-4be4-a2eb-82a4d9b34627", + "volume_size": 10, + "volume_type": "" + } + ], + "config_drive": null, + "created": "2024-05-28 16:30:11 +0000 UTC", + "flavor_id": "4", + "flavor_name": "m1.medium", + "force_delete": false, + "id": "1a34934c-2e11-4f50-8be7-93b4ab553e12", + "image_id": "Attempt to boot from volume - no image supplied", + "image_name": null, + "key_pair": "adellam", + "metadata": null, + "name": "keycloak-pre-02", + "network": [ + { + "access_network": false, + "fixed_ip_v4": "10.1.35.114", + "fixed_ip_v6": "", + "mac": "fa:16:3e:2b:c2:c7", + "name": "d4s-pre-cloud-main", + "port": "", + "uuid": "23fd8a99-d551-4ada-8d3a-9859542ebb8c" + }, + { + "access_network": false, + "fixed_ip_v4": "192.168.3.142", + "fixed_ip_v6": "", + "mac": "fa:16:3e:01:07:56", + "name": "postgresql-srv-net", + "port": "", + "uuid": "e25395f4-f1aa-4819-b5a5-36d25ee5af54" + } + ], + "network_mode": null, + "personality": [], + "power_state": "active", + "region": "isti_area_pi_1", + "scheduler_hints": [ + { + "additional_properties": {}, + "build_near_host_ip": "", + "different_cell": [], + "different_host": [], + "group": "d9244665-679d-4a04-975f-6a4e539b7127", + "query": [], + "same_host": [], + "target_cell": "" + } + ], + "security_groups": [ + "default_for_all", + "keycloak_cluster_traffic", + "traffic_to_keycloak_from_the_main_load_balancers" + ], + "stop_before_destroy": false, + "tags": [], + "timeouts": null, + "updated": "2024-05-28 16:31:11 +0000 UTC", + "user_data": "", + "vendor_options": [] + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19", + "dependencies": [ + "module.keycloak.data.terraform_remote_state.privnet_dns_router", + "module.keycloak.openstack_compute_servergroup_v2.keycloak_server_group", + "module.keycloak.openstack_networking_secgroup_v2.keycloak_cluster_traffic", + "module.keycloak.openstack_networking_secgroup_v2.traffic_from_haproxy_to_keycloak" + ] + } + ] + }, + { + "module": "module.keycloak", + "mode": "managed", + "type": "openstack_compute_interface_attach_v2", + "name": "nfs_port_to_keycloak", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "fixed_ip": "172.17.0.193", + "id": "0367bb79-9a94-430c-95be-c4863b98ab8d/fb9a46d7-e408-45bc-bb9c-2b906fcf7b9f", + "instance_id": "0367bb79-9a94-430c-95be-c4863b98ab8d", + "network_id": "5f4023cc-4016-404c-94e5-86220095fbaf", + "port_id": "fb9a46d7-e408-45bc-bb9c-2b906fcf7b9f", + "region": "isti_area_pi_1", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "module.keycloak.data.terraform_remote_state.privnet_dns_router", + "module.keycloak.openstack_compute_instance_v2.keycloak", + "module.keycloak.openstack_compute_servergroup_v2.keycloak_server_group", + "module.keycloak.openstack_networking_port_v2.keycloak_nfs_port", + "module.keycloak.openstack_networking_secgroup_v2.keycloak_cluster_traffic", + "module.keycloak.openstack_networking_secgroup_v2.traffic_from_haproxy_to_keycloak" + ] + }, + { + "index_key": 1, + "schema_version": 0, + "attributes": { + "fixed_ip": "172.17.3.112", + "id": "1a34934c-2e11-4f50-8be7-93b4ab553e12/cfb3b491-2099-4308-b57a-a0d8911f889c", + "instance_id": "1a34934c-2e11-4f50-8be7-93b4ab553e12", + "network_id": "5f4023cc-4016-404c-94e5-86220095fbaf", + "port_id": "cfb3b491-2099-4308-b57a-a0d8911f889c", + "region": "isti_area_pi_1", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "module.keycloak.data.terraform_remote_state.privnet_dns_router", + "module.keycloak.openstack_compute_instance_v2.keycloak", + "module.keycloak.openstack_compute_servergroup_v2.keycloak_server_group", + "module.keycloak.openstack_networking_port_v2.keycloak_nfs_port", + "module.keycloak.openstack_networking_secgroup_v2.keycloak_cluster_traffic", + "module.keycloak.openstack_networking_secgroup_v2.traffic_from_haproxy_to_keycloak" + ] + } + ] + }, + { + "module": "module.keycloak", + "mode": "managed", + "type": "openstack_compute_servergroup_v2", + "name": "keycloak_server_group", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "d9244665-679d-4a04-975f-6a4e539b7127", + "members": [ + "1a34934c-2e11-4f50-8be7-93b4ab553e12", + "0367bb79-9a94-430c-95be-c4863b98ab8d" + ], + "name": "keycloak", + "policies": [ + "soft-anti-affinity" + ], + "region": "isti_area_pi_1", + "rules": [ + { + "max_server_per_host": 0 + } + ], + "value_specs": null + }, + "sensitive_attributes": [], + "private": "bnVsbA==" + } + ] + }, + { + "module": "module.keycloak", + "mode": "managed", + "type": "openstack_dns_recordset_v2", + "name": "keycloak_dns_recordset", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "index_key": "keycloak_main_record", + "schema_version": 0, + "attributes": { + "description": "Keycloak preproduction endpoint", + "disable_status_check": false, + "id": "c1a4b4bc-f167-4387-855d-38f0f99ca05c/ae7550dd-59c0-4252-a3d8-7ec384c097e2", + "name": "accounts.cloud-pre.d4science.org.", + "project_id": "6fdc02e2827b405dad99f34698659742", + "records": [ + "main-lb.cloud-pre.d4science.org." + ], + "region": "isti_area_pi_1", + "timeouts": null, + "ttl": 8600, + "type": "CNAME", + "value_specs": null, + "zone_id": "c1a4b4bc-f167-4387-855d-38f0f99ca05c" + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19", + "dependencies": [ + "data.terraform_remote_state.privnet_dns_router", + "module.keycloak.data.terraform_remote_state.privnet_dns_router" + ] + } + ] + }, + { + "module": "module.keycloak", + "mode": "managed", + "type": "openstack_networking_port_secgroup_associate_v2", + "name": "keycloak_nfs_port_secgroup", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "all_security_group_ids": [ + "c01f6017-3e5b-4a89-ade1-53be2974b678", + "ddb16502-7217-4677-a8a7-ca0cbf9a779a" + ], + "enforce": false, + "id": "fb9a46d7-e408-45bc-bb9c-2b906fcf7b9f", + "port_id": "fb9a46d7-e408-45bc-bb9c-2b906fcf7b9f", + "region": "isti_area_pi_1", + "security_group_ids": [ + "ddb16502-7217-4677-a8a7-ca0cbf9a779a" + ] + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.keycloak.data.terraform_remote_state.privnet_dns_router", + "module.keycloak.openstack_networking_port_v2.keycloak_nfs_port" + ] + }, + { + "index_key": 1, + "schema_version": 0, + "attributes": { + "all_security_group_ids": [ + "c01f6017-3e5b-4a89-ade1-53be2974b678", + "ddb16502-7217-4677-a8a7-ca0cbf9a779a" + ], + "enforce": false, + "id": "cfb3b491-2099-4308-b57a-a0d8911f889c", + "port_id": "cfb3b491-2099-4308-b57a-a0d8911f889c", + "region": "isti_area_pi_1", + "security_group_ids": [ + "ddb16502-7217-4677-a8a7-ca0cbf9a779a" + ] + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.keycloak.data.terraform_remote_state.privnet_dns_router", + "module.keycloak.openstack_networking_port_v2.keycloak_nfs_port" + ] + } + ] + }, + { + "module": "module.keycloak", + "mode": "managed", + "type": "openstack_networking_port_v2", + "name": "keycloak_nfs_port", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "admin_state_up": true, + "all_fixed_ips": [ + "172.17.0.193" + ], + "all_security_group_ids": [ + "c01f6017-3e5b-4a89-ade1-53be2974b678", + "ddb16502-7217-4677-a8a7-ca0cbf9a779a" + ], + "all_tags": [], + "allowed_address_pairs": [], + "binding": [ + { + "host_id": "", + "profile": "", + "vif_details": {}, + "vif_type": "", + "vnic_type": "normal" + } + ], + "description": "", + "device_id": "0367bb79-9a94-430c-95be-c4863b98ab8d", + "device_owner": "compute:cnr-isti-nova-a", + "dns_assignment": [ + { + "fqdn": "host-172-17-0-193.openstacklocal.", + "hostname": "host-172-17-0-193", + "ip_address": "172.17.0.193" + } + ], + "dns_name": "", + "extra_dhcp_option": [], + "fixed_ip": [ + { + "ip_address": "", + "subnet_id": "6ff0f9e8-0e74-4cc3-a268-7ed4af435696" + } + ], + "id": "fb9a46d7-e408-45bc-bb9c-2b906fcf7b9f", + "mac_address": "fa:16:3e:20:cf:c8", + "name": "keycloak-pre-01", + "network_id": "5f4023cc-4016-404c-94e5-86220095fbaf", + "no_fixed_ip": null, + "no_security_groups": null, + "port_security_enabled": true, + "qos_policy_id": "", + "region": "isti_area_pi_1", + "security_group_ids": null, + "tags": [], + "tenant_id": "6fdc02e2827b405dad99f34698659742", + "timeouts": null, + "value_specs": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "module.keycloak.data.terraform_remote_state.privnet_dns_router" + ] + }, + { + "index_key": 1, + "schema_version": 0, + "attributes": { + "admin_state_up": true, + "all_fixed_ips": [ + "172.17.3.112" + ], + "all_security_group_ids": [ + "c01f6017-3e5b-4a89-ade1-53be2974b678", + "ddb16502-7217-4677-a8a7-ca0cbf9a779a" + ], + "all_tags": [], + "allowed_address_pairs": [], + "binding": [ + { + "host_id": "", + "profile": "", + "vif_details": {}, + "vif_type": "", + "vnic_type": "normal" + } + ], + "description": "", + "device_id": "1a34934c-2e11-4f50-8be7-93b4ab553e12", + "device_owner": "compute:cnr-isti-nova-a", + "dns_assignment": [ + { + "fqdn": "host-172-17-3-112.openstacklocal.", + "hostname": "host-172-17-3-112", + "ip_address": "172.17.3.112" + } + ], + "dns_name": "", + "extra_dhcp_option": [], + "fixed_ip": [ + { + "ip_address": "", + "subnet_id": "6ff0f9e8-0e74-4cc3-a268-7ed4af435696" + } + ], + "id": "cfb3b491-2099-4308-b57a-a0d8911f889c", + "mac_address": "fa:16:3e:e5:e4:5a", + "name": "keycloak-pre-02", + "network_id": "5f4023cc-4016-404c-94e5-86220095fbaf", + "no_fixed_ip": null, + "no_security_groups": null, + "port_security_enabled": true, + "qos_policy_id": "", + "region": "isti_area_pi_1", + "security_group_ids": null, + "tags": [], + "tenant_id": "6fdc02e2827b405dad99f34698659742", + "timeouts": null, + "value_specs": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "module.keycloak.data.terraform_remote_state.privnet_dns_router" + ] + } + ] + }, + { + "module": "module.keycloak", + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "haproxy-l7-8443", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "index_key": "10.1.32.11", + "schema_version": 0, + "attributes": { + "description": "HTTPS traffic from HAPROXY L7 to Keycloak", + "direction": "ingress", + "ethertype": "IPv4", + "id": "2a8df529-8c6a-4929-ba5b-63cd9ce6d564", + "port_range_max": 9443, + "port_range_min": 9443, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "10.1.32.11/32", + "security_group_id": "a0ddf16e-6584-403e-88fe-58cffd159d6b", + "tenant_id": "6fdc02e2827b405dad99f34698659742", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "module.keycloak.data.terraform_remote_state.privnet_dns_router", + "module.keycloak.openstack_networking_secgroup_v2.traffic_from_haproxy_to_keycloak" + ] + }, + { + "index_key": "10.1.32.12", + "schema_version": 0, + "attributes": { + "description": "HTTPS traffic from HAPROXY L7 to Keycloak", + "direction": "ingress", + "ethertype": "IPv4", + "id": "a44a7e27-f694-430b-b31c-0562a1deeefc", + "port_range_max": 9443, + "port_range_min": 9443, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "10.1.32.12/32", + "security_group_id": "a0ddf16e-6584-403e-88fe-58cffd159d6b", + "tenant_id": "6fdc02e2827b405dad99f34698659742", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "module.keycloak.data.terraform_remote_state.privnet_dns_router", + "module.keycloak.openstack_networking_secgroup_v2.traffic_from_haproxy_to_keycloak" + ] + } + ] + }, + { + "module": "module.keycloak", + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "igmp_egress_between_keycloak_nodes", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "Egress IGMP traffic between keycloak nodes", + "direction": "egress", + "ethertype": "IPv4", + "id": "e78a28cf-797c-4505-9533-9e223c3d401b", + "port_range_max": 0, + "port_range_min": 0, + "protocol": "igmp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "0.0.0.0/0", + "security_group_id": "02f82195-5912-42c8-b1a1-e185d6233fa7", + "tenant_id": "6fdc02e2827b405dad99f34698659742", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "module.keycloak.openstack_networking_secgroup_v2.keycloak_cluster_traffic" + ] + } + ] + }, + { + "module": "module.keycloak", + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "igmp_ingress_between_keycloak_nodes", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "Ingress IGMP traffic between keycloak nodes", + "direction": "ingress", + "ethertype": "IPv4", + "id": "ea478150-2f3a-471f-b3ff-fbe1714d0e11", + "port_range_max": 0, + "port_range_min": 0, + "protocol": "igmp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "0.0.0.0/0", + "security_group_id": "02f82195-5912-42c8-b1a1-e185d6233fa7", + "tenant_id": "6fdc02e2827b405dad99f34698659742", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "module.keycloak.openstack_networking_secgroup_v2.keycloak_cluster_traffic" + ] + } + ] + }, + { + "module": "module.keycloak", + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "tcp_traffic_between_keycloak_nodes", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "description": "TCP traffic between keycloak nodes", + "direction": "ingress", + "ethertype": "IPv4", + "id": "9a59f29a-2f9f-4ad2-b8c3-f51e2d9997bc", + "port_range_max": 0, + "port_range_min": 0, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "10.1.33.163/32", + "security_group_id": "02f82195-5912-42c8-b1a1-e185d6233fa7", + "tenant_id": "6fdc02e2827b405dad99f34698659742", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "module.keycloak.data.terraform_remote_state.privnet_dns_router", + "module.keycloak.openstack_compute_instance_v2.keycloak", + "module.keycloak.openstack_compute_servergroup_v2.keycloak_server_group", + "module.keycloak.openstack_networking_secgroup_v2.keycloak_cluster_traffic", + "module.keycloak.openstack_networking_secgroup_v2.traffic_from_haproxy_to_keycloak" + ] + }, + { + "index_key": 1, + "schema_version": 0, + "attributes": { + "description": "TCP traffic between keycloak nodes", + "direction": "ingress", + "ethertype": "IPv4", + "id": "3883c8ec-328f-4172-8aaa-6bff921a6bff", + "port_range_max": 0, + "port_range_min": 0, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "10.1.35.114/32", + "security_group_id": "02f82195-5912-42c8-b1a1-e185d6233fa7", + "tenant_id": "6fdc02e2827b405dad99f34698659742", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "module.keycloak.data.terraform_remote_state.privnet_dns_router", + "module.keycloak.openstack_compute_instance_v2.keycloak", + "module.keycloak.openstack_compute_servergroup_v2.keycloak_server_group", + "module.keycloak.openstack_networking_secgroup_v2.keycloak_cluster_traffic", + "module.keycloak.openstack_networking_secgroup_v2.traffic_from_haproxy_to_keycloak" + ] + } + ] + }, + { + "module": "module.keycloak", + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "udp_traffic_between_keycloak_nodes", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "description": "UDP traffic between keycloak nodes", + "direction": "ingress", + "ethertype": "IPv4", + "id": "4cccf6a0-1a63-433b-902b-d7efdfa0f510", + "port_range_max": 0, + "port_range_min": 0, + "protocol": "udp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "10.1.33.163/32", + "security_group_id": "02f82195-5912-42c8-b1a1-e185d6233fa7", + "tenant_id": "6fdc02e2827b405dad99f34698659742", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "module.keycloak.data.terraform_remote_state.privnet_dns_router", + "module.keycloak.openstack_compute_instance_v2.keycloak", + "module.keycloak.openstack_compute_servergroup_v2.keycloak_server_group", + "module.keycloak.openstack_networking_secgroup_v2.keycloak_cluster_traffic", + "module.keycloak.openstack_networking_secgroup_v2.traffic_from_haproxy_to_keycloak" + ] + }, + { + "index_key": 1, + "schema_version": 0, + "attributes": { + "description": "UDP traffic between keycloak nodes", + "direction": "ingress", + "ethertype": "IPv4", + "id": "55619286-6365-451e-81e9-bdad06e939bf", + "port_range_max": 0, + "port_range_min": 0, + "protocol": "udp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "10.1.35.114/32", + "security_group_id": "02f82195-5912-42c8-b1a1-e185d6233fa7", + "tenant_id": "6fdc02e2827b405dad99f34698659742", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "module.keycloak.data.terraform_remote_state.privnet_dns_router", + "module.keycloak.openstack_compute_instance_v2.keycloak", + "module.keycloak.openstack_compute_servergroup_v2.keycloak_server_group", + "module.keycloak.openstack_networking_secgroup_v2.keycloak_cluster_traffic", + "module.keycloak.openstack_networking_secgroup_v2.traffic_from_haproxy_to_keycloak" + ] + } + ] + }, + { + "module": "module.keycloak", + "mode": "managed", + "type": "openstack_networking_secgroup_v2", + "name": "keycloak_cluster_traffic", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "all_tags": [], + "delete_default_rules": true, + "description": "Traffic between the keycloak cluster nodes", + "id": "02f82195-5912-42c8-b1a1-e185d6233fa7", + "name": "keycloak_cluster_traffic", + "region": "isti_area_pi_1", + "tags": [], + "tenant_id": "6fdc02e2827b405dad99f34698659742", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==" + } + ] + }, + { + "module": "module.keycloak", + "mode": "managed", + "type": "openstack_networking_secgroup_v2", + "name": "traffic_from_haproxy_to_keycloak", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "all_tags": [], + "delete_default_rules": true, + "description": "Allow traffic from the main L7 HAPROXY load balancers to keycloak", + "id": "a0ddf16e-6584-403e-88fe-58cffd159d6b", + "name": "traffic_to_keycloak_from_the_main_load_balancers", + "region": "isti_area_pi_1", + "tags": [], + "tenant_id": "6fdc02e2827b405dad99f34698659742", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==" + } + ] + }, + { + "module": "module.keycloak", + "mode": "managed", + "type": "openstack_objectstorage_container_v1", + "name": "keycloak_1", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 1, + "attributes": { + "container_read": null, + "container_sync_key": null, + "container_sync_to": null, + "container_write": null, + "content_type": null, + "force_destroy": false, + "id": "keycloak-data-preprod", + "metadata": null, + "name": "keycloak-data-preprod", + "region": "isti_area_pi_1", + "storage_policy": "default-placement", + "versioning": false, + "versioning_legacy": [] + }, + "sensitive_attributes": [], + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==" + } + ] + }, + { + "module": "module.keycloak", + "mode": "managed", + "type": "openstack_sharedfilesystem_share_access_v2", + "name": "keycloak_nfs_share_access", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "access_key": "", + "access_level": "rw", + "access_to": "172.17.0.193", + "access_type": "ip", + "id": "fdc074da-d7db-4366-95dc-630ead4938d5", + "region": "isti_area_pi_1", + "share_id": "b4e9f6b1-b14b-4d93-9559-fa0ab01680cd", + "state": "active", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19", + "dependencies": [ + "module.keycloak.data.terraform_remote_state.privnet_dns_router", + "module.keycloak.openstack_compute_instance_v2.keycloak", + "module.keycloak.openstack_compute_interface_attach_v2.nfs_port_to_keycloak", + "module.keycloak.openstack_compute_servergroup_v2.keycloak_server_group", + "module.keycloak.openstack_networking_port_v2.keycloak_nfs_port", + "module.keycloak.openstack_networking_secgroup_v2.keycloak_cluster_traffic", + "module.keycloak.openstack_networking_secgroup_v2.traffic_from_haproxy_to_keycloak", + "module.keycloak.openstack_sharedfilesystem_share_v2.keycloak_static" + ] + }, + { + "index_key": 1, + "schema_version": 0, + "attributes": { + "access_key": "", + "access_level": "rw", + "access_to": "172.17.3.112", + "access_type": "ip", + "id": "ec53c7d5-736e-40c1-918a-28069a5936ff", + "region": "isti_area_pi_1", + "share_id": "b4e9f6b1-b14b-4d93-9559-fa0ab01680cd", + "state": "active", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19", + "dependencies": [ + "module.keycloak.data.terraform_remote_state.privnet_dns_router", + "module.keycloak.openstack_compute_instance_v2.keycloak", + "module.keycloak.openstack_compute_interface_attach_v2.nfs_port_to_keycloak", + "module.keycloak.openstack_compute_servergroup_v2.keycloak_server_group", + "module.keycloak.openstack_networking_port_v2.keycloak_nfs_port", + "module.keycloak.openstack_networking_secgroup_v2.keycloak_cluster_traffic", + "module.keycloak.openstack_networking_secgroup_v2.traffic_from_haproxy_to_keycloak", + "module.keycloak.openstack_sharedfilesystem_share_v2.keycloak_static" + ] + } + ] + }, + { + "module": "module.keycloak", + "mode": "managed", + "type": "openstack_sharedfilesystem_share_v2", + "name": "keycloak_static", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "all_metadata": {}, + "availability_zone": "nova", + "description": "NFS share for the keycloak preprod static data", + "export_locations": [ + { + "path": "172.17.0.7:/volumes/_nogroup/67c21a7b-287a-4b3a-a03f-521a751edfd3/36048b93-7eb3-4273-aac3-f5fed0919af0", + "preferred": "false" + } + ], + "has_replicas": false, + "host": "", + "id": "b4e9f6b1-b14b-4d93-9559-fa0ab01680cd", + "is_public": false, + "metadata": null, + "name": "keycloak_pre_nfs_share", + "project_id": "6fdc02e2827b405dad99f34698659742", + "region": "isti_area_pi_1", + "replication_type": "", + "share_network_id": "", + "share_proto": "NFS", + "share_server_id": "", + "share_type": "default", + "size": 30, + "snapshot_id": "", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19" + } + ] + } + ], + "check_results": null +}