Cleanup the production vars and the project setup tasks.
This commit is contained in:
parent
5acc78ca99
commit
b00237ae03
GPG Key ID:
147ABE6CEB9E20FF
|
|
@ -1,89 +0,0 @@
|
|||
resource "openstack_dns_zone_v2" "primary_project_dns_zone" {
|
||||
name = var.dns_zone.zone_name
|
||||
email = var.dns_zone.email
|
||||
description = var.dns_zone.description
|
||||
project_id = var.os_project_data.id
|
||||
ttl = var.dns_zone.ttl
|
||||
type = "PRIMARY"
|
||||
}
|
||||
|
||||
resource "openstack_networking_network_v2" "main-private-network" {
|
||||
name = var.main_private_network.name
|
||||
admin_state_up = "true"
|
||||
external = "false"
|
||||
description = var.main_private_network.description
|
||||
dns_domain = var.dns_zone.zone_name
|
||||
mtu = var.mtu_size
|
||||
port_security_enabled = true
|
||||
shared = false
|
||||
region = var.main_region
|
||||
tenant_id = var.os_project_data.id
|
||||
}
|
||||
|
||||
resource "openstack_networking_subnet_v2" "main-private-subnet" {
|
||||
name = var.main_private_subnet.name
|
||||
description = var.main_private_subnet.description
|
||||
network_id = openstack_networking_network_v2.main-private-network.id
|
||||
cidr = var.main_private_subnet.cidr
|
||||
gateway_ip = var.main_private_subnet.gateway_ip
|
||||
dns_nameservers = var.resolvers_ip
|
||||
ip_version = 4
|
||||
enable_dhcp = true
|
||||
tenant_id = var.os_project_data.id
|
||||
allocation_pool {
|
||||
start = var.main_private_subnet.allocation_start
|
||||
end = var.main_private_subnet.allocation_end
|
||||
}
|
||||
}
|
||||
|
||||
resource "openstack_networking_router_v2" "external-router" {
|
||||
name = var.external_router.name
|
||||
description = var.external_router.description
|
||||
external_network_id = var.external_network.id
|
||||
tenant_id = var.os_project_data.id
|
||||
enable_snat = true
|
||||
vendor_options {
|
||||
set_router_gateway_after_create = true
|
||||
}
|
||||
}
|
||||
|
||||
# Router interface configuration
|
||||
resource "openstack_networking_router_interface_v2" "private-network-routing" {
|
||||
router_id = openstack_networking_router_v2.external-router.id
|
||||
# router_id = var.external_router.id
|
||||
subnet_id = openstack_networking_subnet_v2.main-private-subnet.id
|
||||
}
|
||||
|
||||
locals {
|
||||
acme_challenge_recordset_name = "_acme-challenge.${var.dns_zone.zone_name}"
|
||||
acme_challenge_delegation = "_acme-challenge.d4science.net."
|
||||
}
|
||||
|
||||
resource "openstack_dns_recordset_v2" "acme_challenge_recordset" {
|
||||
zone_id = openstack_dns_zone_v2.primary_project_dns_zone.id
|
||||
name = local.acme_challenge_recordset_name
|
||||
description = "ACME challenge delegation"
|
||||
ttl = 8600
|
||||
type = "CNAME"
|
||||
records = ["_acme-challenge.d4science.net."]
|
||||
}
|
||||
|
||||
output "main_private_network_id" {
|
||||
description = "Main private network id"
|
||||
value = openstack_networking_network_v2.main-private-network.id
|
||||
}
|
||||
|
||||
output "main_subnet_network_id" {
|
||||
description = "Main subnet network id"
|
||||
value = openstack_networking_subnet_v2.main-private-subnet.id
|
||||
}
|
||||
|
||||
output "dns_zone_id" {
|
||||
description = "Id of the new DNS zone"
|
||||
value = openstack_dns_zone_v2.primary_project_dns_zone.id
|
||||
}
|
||||
|
||||
output "external_gateway_ip" {
|
||||
description = "Public IP address of the external gateway"
|
||||
value = openstack_networking_router_v2.external-router.external_fixed_ip[0].ip_address
|
||||
}
|
||||
|
|
@ -9,7 +9,12 @@ required_version = ">= 0.14.0"
|
|||
}
|
||||
}
|
||||
|
||||
provider "openstack" {
|
||||
# cloud = "d4s-production"
|
||||
cloud = "ISTI-Cloud"
|
||||
# SSH settings
|
||||
module "ssh_settings" {
|
||||
source = "../../modules/ssh-key-ref"
|
||||
}
|
||||
|
||||
provider "openstack" {
|
||||
cloud = "d4s-production"
|
||||
# cloud = "ISTI-Cloud"
|
||||
}
|
||||
|
|
@ -0,0 +1 @@
|
|||
../../modules/main_private_net_and_dns_zone/main_network_dns_zone.tf
|
||||
|
|
@ -0,0 +1 @@
|
|||
../variables/outputs-production.tf
|
||||
|
|
@ -0,0 +1 @@
|
|||
../variables/production.auto.tfvars
|
||||
|
|
@ -1 +0,0 @@
|
|||
../variables/variables-production.tf
|
||||
|
|
@ -0,0 +1,48 @@
|
|||
output "os_project_data" {
|
||||
value = var.os_project_data
|
||||
}
|
||||
|
||||
output "dns_zone" {
|
||||
value = var.dns_zone
|
||||
}
|
||||
|
||||
output "dns_zone_id" {
|
||||
value = var.dns_zone_id
|
||||
}
|
||||
|
||||
output "default_security_group_name" {
|
||||
value = "default_for_all"
|
||||
}
|
||||
|
||||
output "main_private_network" {
|
||||
value = var.main_private_network
|
||||
}
|
||||
|
||||
output "main_private_network_id" {
|
||||
# Set with the correct value after the setup is complete
|
||||
value = var.main_private_network_id
|
||||
}
|
||||
|
||||
output "main_private_subnet" {
|
||||
value = var.main_private_subnet
|
||||
}
|
||||
|
||||
output "main_private_subnet_id" {
|
||||
value = var.main_private_subnet_id
|
||||
}
|
||||
|
||||
output "external_router" {
|
||||
value = var.external_router
|
||||
}
|
||||
|
||||
output "basic_services_ip" {
|
||||
value = var.basic_services_ip
|
||||
}
|
||||
|
||||
output "main_haproxy_l7_ip" {
|
||||
value = var.main_haproxy_l7_ip
|
||||
}
|
||||
|
||||
output "octavia_information" {
|
||||
value = var.octavia_information
|
||||
}
|
||||
|
|
@ -0,0 +1,66 @@
|
|||
#
|
||||
os_project_data = {
|
||||
id = "1b45adf388934758b56d0dfdb4bfacf3"
|
||||
}
|
||||
|
||||
dns_zone = {
|
||||
zone_name = "cloud.d4science.org."
|
||||
email = "postmaster@isti.cnr.it"
|
||||
description = "DNS primary zone for the d4s-production-cloud project"
|
||||
ttl = 8600
|
||||
}
|
||||
|
||||
dns_zone_id = "74135b34-1a9c-4c01-8cf0-22450a5660c4"
|
||||
|
||||
default_security_group_name = "default_for_all"
|
||||
|
||||
main_private_network = {
|
||||
name = "d4s-production-cloud-main"
|
||||
description = "D4Science Production private network (use this as the main network)"
|
||||
}
|
||||
|
||||
main_private_network_id = "020df98d-ae72-452a-b376-3b6dc289acac"
|
||||
|
||||
main_private_subnet = {
|
||||
name = "d4s-production-cloud-main-subnet"
|
||||
description = "D4Science Production main private subnet"
|
||||
cidr = "10.1.40.0/21"
|
||||
gateway_ip = "10.1.40.1"
|
||||
allocation_start = "10.1.41.100"
|
||||
allocation_end = "10.1.47.254"
|
||||
}
|
||||
|
||||
main_private_subnet_id = "5d7b83ad-e058-4a3a-bfd8-d20ba6d42e1a"
|
||||
|
||||
external_router = {
|
||||
name = "d4s-production-cloud-external-router"
|
||||
description = "D4Science Production main router"
|
||||
id = "cc26064a-bb08-4c0b-929f-d0cb39f934a3"
|
||||
}
|
||||
|
||||
basic_services_ip = {
|
||||
ca = "10.1.40.4"
|
||||
ca_cidr = "10.1.40.4/32"
|
||||
ssh_jump = "10.1.40.5"
|
||||
ssh_jump_cidr = "10.1.40.5/32"
|
||||
prometheus = "10.1.40.10"
|
||||
prometheus_cidr = "10.1.40.10/32"
|
||||
haproxy_l7_1 = "10.1.40.11"
|
||||
haproxy_l7_1_cidr = "10.1.40.11/32"
|
||||
haproxy_l7_2 = "10.1.40.12"
|
||||
haproxy_l7_2_cidr = "10.1.40.12/32"
|
||||
octavia_main = "10.1.40.20"
|
||||
octavia_main_cidr = "10.1.40.20/32"
|
||||
}
|
||||
|
||||
main_haproxy_l7_ip = ["10.1.40.11", "10.1.40.12"]
|
||||
|
||||
|
||||
octavia_information = {
|
||||
main_lb_name = "d4s-production-cloud-l4-load-balancer"
|
||||
main_lb_description = "Main L4 load balancer for the D4Science production"
|
||||
swarm_lb_name = "d4s-production-cloud-l4-swarm-load-balancer"
|
||||
octavia_flavor = "octavia_amphora-mvcpu-ha"
|
||||
octavia_flavor_id = "394988b5-6603-4a1e-a939-8e177c6681c7"
|
||||
main_lb_hostname = "main-lb"
|
||||
}
|
||||
Loading…
Reference in New Issue