InfraScience
/
infrastructure-as-code
23
0
Fork 2
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixed IP and a new security group for liferay.

This commit is contained in:
Andrea Dell'Amico 2023-12-01 17:56:01 +01:00
parent 59321c60f8
commit aea7caef12
Signed by: andrea.dellamico
GPG Key ID: 147ABE6CEB9E20FF
4 changed files with 141 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
openstack-tf/d4s-preprod/liferay/main.tf
View File

@ -83,5 +83,6 @@ module "liferay" {
boot_vol_size = 30
}
liferay_ip_addrs = ["10.1.32.24", "10.1.32.25"]
}

137
openstack-tf/d4s-preprod/liferay/terraform.tfstate
View File

@ -1,7 +1,7 @@
{
"version": 4,
"terraform_version": "1.6.4",
"serial": 5,
"serial": 16,
"lineage": "2cef4407-f7f5-0a46-74de-03956dd178ed",
"outputs": {},
"resources": [
@ -132,7 +132,7 @@
"index_key": 0,
"schema_version": 0,
"attributes": {
"access_ip_v4": "10.1.32.184",
"access_ip_v4": "10.1.32.24",
"access_ip_v6": "",
"admin_pass": null,
"all_metadata": {},
@ -155,12 +155,12 @@
}
],
"config_drive": null,
"created": "2023-12-01 15:18:47 +0000 UTC",
"created": "2023-12-01 16:51:07 +0000 UTC",
"flavor_id": "9",
"flavor_name": "m1.large",
"floating_ip": null,
"force_delete": false,
"id": "c94c2c05-b75a-4af9-8e4d-a9e689db34c2",
"id": "aaf50b2a-40e2-4bbe-8e4e-39f5d83dd08f",
"image_id": "Attempt to boot from volume - no image supplied",
"image_name": null,
"key_pair": "adellam",
@ -169,20 +169,20 @@
"network": [
{
"access_network": false,
"fixed_ip_v4": "10.1.32.184",
"fixed_ip_v4": "10.1.32.24",
"fixed_ip_v6": "",
"floating_ip": "",
"mac": "fa:16:3e:b7:f7:42",
"mac": "fa:16:3e:93:d4:8f",
"name": "d4s-pre-cloud-main",
"port": "",
"uuid": "23fd8a99-d551-4ada-8d3a-9859542ebb8c"
},
{
"access_network": false,
"fixed_ip_v4": "192.168.3.34",
"fixed_ip_v4": "192.168.2.43",
"fixed_ip_v6": "",
"floating_ip": "",
"mac": "fa:16:3e:d1:6c:e0",
"mac": "fa:16:3e:32:7c:e5",
"name": "postgresql-srv-net",
"port": "",
"uuid": "e25395f4-f1aa-4819-b5a5-36d25ee5af54"
@ -194,7 +194,7 @@
"region": "isti_area_pi_1",
"scheduler_hints": [
{
"additional_properties": null,
"additional_properties": {},
"build_near_host_ip": "",
"different_cell": [],
"different_host": [],
@ -206,13 +206,14 @@
],
"security_groups": [
"default_for_all",
"liferay_cluster_traffic",
"restricted_web_service",
"traffic_from_the_main_load_balancers"
],
"stop_before_destroy": false,
"tags": null,
"tags": [],
"timeouts": null,
"updated": "2023-12-01 15:20:35 +0000 UTC",
"updated": "2023-12-01 16:52:40 +0000 UTC",
"user_data": "47d4769e61324c305c4b70ed6673de4fad84150d",
"vendor_options": [],
"volume": []
@ -220,14 +221,15 @@
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"module.liferay.openstack_compute_servergroup_v2.liferay"
"module.liferay.openstack_compute_servergroup_v2.liferay",
"module.liferay.openstack_networking_secgroup_v2.liferay_cluster_traffic"
]
},
{
"index_key": 1,
"schema_version": 0,
"attributes": {
"access_ip_v4": "10.1.34.124",
"access_ip_v4": "10.1.32.25",
"access_ip_v6": "",
"admin_pass": null,
"all_metadata": {},
@ -250,12 +252,12 @@
}
],
"config_drive": null,
"created": "2023-12-01 15:18:48 +0000 UTC",
"created": "2023-12-01 16:51:07 +0000 UTC",
"flavor_id": "9",
"flavor_name": "m1.large",
"floating_ip": null,
"force_delete": false,
"id": "b7968935-494d-49e3-b7a9-20db4e793d0a",
"id": "0b9deb27-50ba-409f-a9a7-b3a55b5e5b29",
"image_id": "Attempt to boot from volume - no image supplied",
"image_name": null,
"key_pair": "adellam",
@ -264,20 +266,20 @@
"network": [
{
"access_network": false,
"fixed_ip_v4": "10.1.34.124",
"fixed_ip_v4": "10.1.32.25",
"fixed_ip_v6": "",
"floating_ip": "",
"mac": "fa:16:3e:eb:cd:cd",
"mac": "fa:16:3e:93:23:75",
"name": "d4s-pre-cloud-main",
"port": "",
"uuid": "23fd8a99-d551-4ada-8d3a-9859542ebb8c"
},
{
"access_network": false,
"fixed_ip_v4": "192.168.1.205",
"fixed_ip_v4": "192.168.2.233",
"fixed_ip_v6": "",
"floating_ip": "",
"mac": "fa:16:3e:2e:9a:09",
"mac": "fa:16:3e:01:04:ec",
"name": "postgresql-srv-net",
"port": "",
"uuid": "e25395f4-f1aa-4819-b5a5-36d25ee5af54"
@ -289,7 +291,7 @@
"region": "isti_area_pi_1",
"scheduler_hints": [
{
"additional_properties": null,
"additional_properties": {},
"build_near_host_ip": "",
"different_cell": [],
"different_host": [],
@ -301,13 +303,14 @@
],
"security_groups": [
"default_for_all",
"liferay_cluster_traffic",
"restricted_web_service",
"traffic_from_the_main_load_balancers"
],
"stop_before_destroy": false,
"tags": null,
"tags": [],
"timeouts": null,
"updated": "2023-12-01 15:19:57 +0000 UTC",
"updated": "2023-12-01 16:51:47 +0000 UTC",
"user_data": "47d4769e61324c305c4b70ed6673de4fad84150d",
"vendor_options": [],
"volume": []
@ -315,7 +318,8 @@
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"module.liferay.openstack_compute_servergroup_v2.liferay"
"module.liferay.openstack_compute_servergroup_v2.liferay",
"module.liferay.openstack_networking_secgroup_v2.liferay_cluster_traffic"
]
}
]
@ -331,7 +335,10 @@
"schema_version": 0,
"attributes": {
"id": "ea1d150d-3dc0-4d03-a09f-b40069d0b70c",
"members": [],
"members": [
"aaf50b2a-40e2-4bbe-8e4e-39f5d83dd08f",
"0b9deb27-50ba-409f-a9a7-b3a55b5e5b29"
],
"name": "liferay",
"policies": [
"soft-anti-affinity"
@ -348,6 +355,88 @@
"private": "bnVsbA=="
}
]
},
{
"module": "module.liferay",
"mode": "managed",
"type": "openstack_networking_secgroup_rule_v2",
"name": "traffic_between_liferay_nodes",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"index_key": 0,
"schema_version": 0,
"attributes": {
"description": "Traffic between liferay nodes",
"direction": "ingress",
"ethertype": "IPv4",
"id": "c06d140b-d14b-4c31-bf55-3115225ac7bd",
"port_range_max": 0,
"port_range_min": 0,
"protocol": "tcp",
"region": "isti_area_pi_1",
"remote_group_id": "",
"remote_ip_prefix": "10.1.32.24/32",
"security_group_id": "67747d93-a58e-41e2-9486-31ef27d389c4",
"tenant_id": "6fdc02e2827b405dad99f34698659742",
"timeouts": null
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==",
"dependencies": [
"module.liferay.openstack_networking_secgroup_v2.liferay_cluster_traffic"
]
},
{
"index_key": 1,
"schema_version": 0,
"attributes": {
"description": "Traffic between liferay nodes",
"direction": "ingress",
"ethertype": "IPv4",
"id": "1367e3f1-f815-43df-aee9-fd219cb257d9",
"port_range_max": 0,
"port_range_min": 0,
"protocol": "tcp",
"region": "isti_area_pi_1",
"remote_group_id": "",
"remote_ip_prefix": "10.1.32.25/32",
"security_group_id": "67747d93-a58e-41e2-9486-31ef27d389c4",
"tenant_id": "6fdc02e2827b405dad99f34698659742",
"timeouts": null
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==",
"dependencies": [
"module.liferay.openstack_networking_secgroup_v2.liferay_cluster_traffic"
]
}
]
},
{
"module": "module.liferay",
"mode": "managed",
"type": "openstack_networking_secgroup_v2",
"name": "liferay_cluster_traffic",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"all_tags": [],
"delete_default_rules": true,
"description": "Traffic between the Liferay cluster nodes",
"id": "67747d93-a58e-41e2-9486-31ef27d389c4",
"name": "liferay_cluster_traffic",
"region": "isti_area_pi_1",
"tags": [],
"tenant_id": "6fdc02e2827b405dad99f34698659742",
"timeouts": null
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ=="
}
]
}
],
"check_results": null

5
openstack-tf/modules/liferay/liferay-variables.tf
View File

@ -8,3 +8,8 @@ variable "liferay_data" {
boot_vol_size = 30
}
}
variable "liferay_ip_addrs" {
type = list(string)
default = []
}

23
openstack-tf/modules/liferay/liferay.tf
View File

@ -1,5 +1,25 @@
#
# Liferay nodes
#
#
# Security group
#
resource "openstack_networking_secgroup_v2" "liferay_cluster_traffic" {
name = "liferay_cluster_traffic"
delete_default_rules = "true"
description = "Traffic between the Liferay cluster nodes"
}
resource "openstack_networking_secgroup_rule_v2" "traffic_between_liferay_nodes" {
count = var.liferay_data.vm_count
security_group_id = openstack_networking_secgroup_v2.liferay_cluster_traffic.id
description = "Traffic between liferay nodes"
direction = "ingress"
ethertype = "IPv4"
protocol = "tcp"
remote_ip_prefix = join("/", [element(var.liferay_ip_addrs.*, count.index), "32"])
}
#
# Server group
#
@ -15,7 +35,7 @@ resource "openstack_compute_instance_v2" "liferay" {
availability_zone_hints = var.availability_zones_names.availability_zone_no_gpu
flavor_name = var.liferay_data.vm_flavor
key_pair = module.ssh_settings.ssh_key_name
security_groups = [var.default_security_group_name, "traffic_from_the_main_load_balancers", "restricted_web_service"]
security_groups = [var.default_security_group_name, openstack_networking_secgroup_v2.liferay_cluster_traffic.name, "traffic_from_the_main_load_balancers", "restricted_web_service"]
scheduler_hints {
group = openstack_compute_servergroup_v2.liferay.id
}
@ -30,6 +50,7 @@ resource "openstack_compute_instance_v2" "liferay" {
network {
name = var.main_private_network.name
fixed_ip_v4 = var.liferay_ip_addrs.*[count.index]
}
network {
name = var.shared_postgresql_server_data.network_name