InfraScience
/
infrastructure-as-code
22
0
Fork 2
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Open Prometheus to the s2i2s network.

This commit is contained in:
Andrea Dell'Amico 2024-11-20 19:01:08 +01:00
parent 407746d005
commit e182c49175
Signed by: andrea.dellamico
GPG Key ID: 147ABE6CEB9E20FF
2 changed files with 211 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

226
openstack-tf/d4s-production/basic-infrastructure/terraform.tfstate
View File

@ -1,7 +1,7 @@
{
"version": 4,
"terraform_version": "1.7.5",
"serial": 593,
"terraform_version": "1.9.8",
"serial": 598,
"lineage": "954b57a1-c68e-fa2b-cf2f-79cc54aea13e",
"outputs": {
"access_postgresql_security_group": {
@ -733,7 +733,7 @@
"stop_before_destroy": false,
"tags": [],
"timeouts": null,
"updated": "2023-11-06 18:34:47 +0000 UTC",
"updated": "2024-10-09 14:12:25 +0000 UTC",
"user_data": "",
"vendor_options": []
},
@ -1931,7 +1931,7 @@
"stop_before_destroy": false,
"tags": [],
"timeouts": null,
"updated": "2023-11-06 18:57:32 +0000 UTC",
"updated": "2024-10-09 14:12:16 +0000 UTC",
"user_data": "",
"vendor_options": []
},
@ -5008,6 +5008,10 @@
"value": "../../openstack_vm_data_scripts/ubuntu2204.sh",
"type": "string"
},
"ubuntu2404_data_file": {
"value": "../../openstack_vm_data_scripts/ubuntu2404.sh",
"type": "string"
},
"ubuntu_1804": {
"value": {
"name": "Ubuntu-Bionic-18.04",
@ -5030,6 +5034,17 @@
"string"
]
},
"ubuntu_2404": {
"value": {
"name": "Ubuntu-Noble-24.04.img",
"user_data_file": "../../openstack_vm_data_scripts/ubuntu2404.sh",
"uuid": "fc3f705d-3cf5-4866-8ef6-ff6e2cdd4075"
},
"type": [
"map",
"string"
]
},
"vm_access_to_the_shared_postgresql_server": {
"value": {
"all_tags": [],
@ -5038,7 +5053,7 @@
"id": "10c993ac-ffc0-404f-892c-45d061dc073f",
"name": "vm_access_to_the_shared_postgresql_server",
"region": "isti_area_pi_1",
"tags": null,
"tags": [],
"tenant_id": "1b45adf388934758b56d0dfdb4bfacf3",
"timeouts": null
},
@ -5771,11 +5786,18 @@
"stop_before_destroy": false,
"tags": [],
"timeouts": null,
"updated": "2023-11-06 18:34:47 +0000 UTC",
"updated": "2024-10-09 14:12:25 +0000 UTC",
"user_data": "",
"vendor_options": []
},
"sensitive_attributes": [],
"sensitive_attributes": [
[
{
"type": "get_attr",
"value": "admin_pass"
}
]
],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"openstack_compute_servergroup_v2.swarm_masters",
@ -5884,7 +5906,14 @@
"user_data": "",
"vendor_options": []
},
"sensitive_attributes": [],
"sensitive_attributes": [
[
{
"type": "get_attr",
"value": "admin_pass"
}
]
],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"openstack_compute_servergroup_v2.swarm_masters",
@ -5993,7 +6022,14 @@
"user_data": "",
"vendor_options": []
},
"sensitive_attributes": [],
"sensitive_attributes": [
[
{
"type": "get_attr",
"value": "admin_pass"
}
]
],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"openstack_compute_servergroup_v2.swarm_masters",
@ -6106,11 +6142,18 @@
"stop_before_destroy": false,
"tags": [],
"timeouts": null,
"updated": "2023-11-06 18:57:32 +0000 UTC",
"updated": "2024-10-09 14:12:16 +0000 UTC",
"user_data": "",
"vendor_options": []
},
"sensitive_attributes": [],
"sensitive_attributes": [
[
{
"type": "get_attr",
"value": "admin_pass"
}
]
],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"openstack_compute_servergroup_v2.swarm_workers",
@ -6218,7 +6261,14 @@
"user_data": "",
"vendor_options": []
},
"sensitive_attributes": [],
"sensitive_attributes": [
[
{
"type": "get_attr",
"value": "admin_pass"
}
]
],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"openstack_compute_servergroup_v2.swarm_workers",
@ -6326,7 +6376,14 @@
"user_data": "",
"vendor_options": []
},
"sensitive_attributes": [],
"sensitive_attributes": [
[
{
"type": "get_attr",
"value": "admin_pass"
}
]
],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"openstack_compute_servergroup_v2.swarm_workers",
@ -6434,7 +6491,14 @@
"user_data": "",
"vendor_options": []
},
"sensitive_attributes": [],
"sensitive_attributes": [
[
{
"type": "get_attr",
"value": "admin_pass"
}
]
],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"openstack_compute_servergroup_v2.swarm_workers",
@ -6542,7 +6606,14 @@
"user_data": "",
"vendor_options": []
},
"sensitive_attributes": [],
"sensitive_attributes": [
[
{
"type": "get_attr",
"value": "admin_pass"
}
]
],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"openstack_compute_servergroup_v2.swarm_workers",
@ -6650,7 +6721,14 @@
"user_data": "",
"vendor_options": []
},
"sensitive_attributes": [],
"sensitive_attributes": [
[
{
"type": "get_attr",
"value": "admin_pass"
}
]
],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"openstack_compute_servergroup_v2.swarm_workers",
@ -6758,7 +6836,14 @@
"user_data": "",
"vendor_options": []
},
"sensitive_attributes": [],
"sensitive_attributes": [
[
{
"type": "get_attr",
"value": "admin_pass"
}
]
],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"openstack_compute_servergroup_v2.swarm_workers",
@ -6866,7 +6951,14 @@
"user_data": "",
"vendor_options": []
},
"sensitive_attributes": [],
"sensitive_attributes": [
[
{
"type": "get_attr",
"value": "admin_pass"
}
]
],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"openstack_compute_servergroup_v2.swarm_workers",
@ -6945,7 +7037,14 @@
"user_data": "bb83b25fd1219aa1b850ece9be8d7b0f31714608",
"vendor_options": []
},
"sensitive_attributes": [],
"sensitive_attributes": [
[
{
"type": "get_attr",
"value": "admin_pass"
}
]
],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19"
}
]
@ -7031,7 +7130,14 @@
"user_data": "bb83b25fd1219aa1b850ece9be8d7b0f31714608",
"vendor_options": []
},
"sensitive_attributes": [],
"sensitive_attributes": [
[
{
"type": "get_attr",
"value": "admin_pass"
}
]
],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"openstack_compute_servergroup_v2.main_haproxy_l7",
@ -7113,7 +7219,14 @@
"user_data": "bb83b25fd1219aa1b850ece9be8d7b0f31714608",
"vendor_options": []
},
"sensitive_attributes": [],
"sensitive_attributes": [
[
{
"type": "get_attr",
"value": "admin_pass"
}
]
],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"openstack_compute_servergroup_v2.main_haproxy_l7",
@ -7192,7 +7305,14 @@
"user_data": "bb83b25fd1219aa1b850ece9be8d7b0f31714608",
"vendor_options": []
},
"sensitive_attributes": [],
"sensitive_attributes": [
[
{
"type": "get_attr",
"value": "admin_pass"
}
]
],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"openstack_networking_secgroup_v2.prometheus_access_from_grafana",
@ -7275,11 +7395,18 @@
"stop_before_destroy": false,
"tags": [],
"timeouts": null,
"updated": "2024-06-06 16:01:23 +0000 UTC",
"updated": "2024-10-04 16:23:33 +0000 UTC",
"user_data": "",
"vendor_options": []
},
"sensitive_attributes": [],
"sensitive_attributes": [
[
{
"type": "get_attr",
"value": "admin_pass"
}
]
],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"openstack_networking_secgroup_v2.shared_postgresql_access"
@ -7356,7 +7483,14 @@
"user_data": "bb83b25fd1219aa1b850ece9be8d7b0f31714608",
"vendor_options": []
},
"sensitive_attributes": [],
"sensitive_attributes": [
[
{
"type": "get_attr",
"value": "admin_pass"
}
]
],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"openstack_networking_secgroup_v2.access_to_the_jump_proxy"
@ -7442,7 +7576,14 @@
"user_data": "bb83b25fd1219aa1b850ece9be8d7b0f31714608",
"vendor_options": []
},
"sensitive_attributes": [],
"sensitive_attributes": [
[
{
"type": "get_attr",
"value": "admin_pass"
}
]
],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"openstack_networking_network_v2.swarm_nfs_net",
@ -11331,6 +11472,37 @@
}
]
},
{
"mode": "managed",
"type": "openstack_networking_secgroup_rule_v2",
"name": "main_network_to_prometheus",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"description": "Allow HTTPS from the main network",
"direction": "ingress",
"ethertype": "IPv4",
"id": "f9979b00-dd48-4481-b1f9-ef66b8ac02ca",
"port_range_max": 443,
"port_range_min": 443,
"protocol": "tcp",
"region": "isti_area_pi_1",
"remote_group_id": "",
"remote_ip_prefix": "146.48.28.0/22",
"security_group_id": "5523b084-49a5-4990-a5e0-1d267287e318",
"tenant_id": "1b45adf388934758b56d0dfdb4bfacf3",
"timeouts": null
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==",
"dependencies": [
"openstack_networking_secgroup_v2.prometheus_access_from_grafana"
]
}
]
},
{
"mode": "managed",
"type": "openstack_networking_secgroup_rule_v2",
@ -12261,7 +12433,7 @@
"id": "10c993ac-ffc0-404f-892c-45d061dc073f",
"name": "vm_access_to_the_shared_postgresql_server",
"region": "isti_area_pi_1",
"tags": null,
"tags": [],
"tenant_id": "1b45adf388934758b56d0dfdb4bfacf3",
"timeouts": null
},

12
openstack-tf/modules/d4science_infra_setup/security-groups.tf
View File

@ -372,6 +372,18 @@ resource "openstack_networking_secgroup_rule_v2" "grafana_d4s" {
remote_ip_prefix = var.prometheus_server_data.public_grafana_server_cidr
}
resource "openstack_networking_secgroup_rule_v2" "main_network_to_prometheus" {
security_group_id = openstack_networking_secgroup_v2.prometheus_access_from_grafana.id
description = "Allow HTTPS from the main network"
direction = "ingress"
ethertype = "IPv4"
protocol = "tcp"
port_range_min = 443
port_range_max = 443
# remote_ip_prefix = data.terraform_remote_state.privnet_dns_router.outputs.external_gateway_ip.ip_address
remote_ip_prefix = "146.48.28.0/22"
}
output "default_security_group" {
value = openstack_networking_secgroup_v2.default
}