First bits of terraforming openstack.

This commit is contained in:
Andrea Dell'Amico 2023-11-02 19:50:01 +01:00
parent b61a17e07b
commit eccfb0b2a8
Signed by: andrea.dellamico
GPG Key ID: 147ABE6CEB9E20FF
14 changed files with 169 additions and 16 deletions

View File

@ -3,7 +3,7 @@
# S2I2S # S2I2S
openstack --os-cloud ISTI-Cloud zone create --sudo-project-id s2i2s-cloud --email postmaster@isti.cnr.it s2i2s.cloud.isti.cnr.it. openstack --os-cloud ISTI-Cloud zone create --sudo-project-id s2i2s-cloud --email postmaster@isti.cnr.it s2i2s.cloud.isti.cnr.it.
openstack --os-cloud ISTI-Cloud network create --project s2i2s-cloud --no-share --mtu 8942 --dns-domain s2i2s.cloud.isti.cnr.it. --provider-network-type vlan --provider-physical-network datacentre --provider-segment 1001 s2i2s-cloud-main openstack --os-cloud ISTI-Cloud network create --project s2i2s-cloud --no-share --mtu 8942 --dns-domain s2i2s.cloud.isti.cnr.it. --provider-network-type vlan --provider-physical-network datacentre --provider-segment 1001 s2i2s-cloud-main
# *** Network, created by the project manager (IMPORTANTE: aggiungere VLAN e ID) # *** Network, created by the project manager
openstack --os-cloud s2i2s subnet create --network s2i2s-cloud-main --dhcp --dns-nameserver 146.48.29.97 --dns-nameserver 146.48.29.98 --dns-nameserver 146.48.29.99 --subnet-range 10.100.100.0/22 --gateway 10.100.100.1 --dns-publish-fixed-ip s2i2s-cloud-sub openstack --os-cloud s2i2s subnet create --network s2i2s-cloud-main --dhcp --dns-nameserver 146.48.29.97 --dns-nameserver 146.48.29.98 --dns-nameserver 146.48.29.99 --subnet-range 10.100.100.0/22 --gateway 10.100.100.1 --dns-publish-fixed-ip s2i2s-cloud-sub
openstack --os-cloud s2i2s router create --description "S2I2S net main router" --external-gateway external-network s2i2s-cloud-external-router openstack --os-cloud s2i2s router create --description "S2I2S net main router" --external-gateway external-network s2i2s-cloud-external-router
openstack --os-cloud s2i2s router add subnet s2i2s-cloud-external-router s2i2s-cloud-sub openstack --os-cloud s2i2s router add subnet s2i2s-cloud-external-router s2i2s-cloud-sub
@ -60,7 +60,7 @@ openstack --os-cloud d4s-pre security group rule create \
--description "Allow ICMP" --ingress --protocol icmp \ --description "Allow ICMP" --ingress --protocol icmp \
--remote-ip 0.0.0.0/0 default --remote-ip 0.0.0.0/0 default
openstack --os-cloud d4s-pre security group rule create \ openstack --os-cloud d4s-pre security group rule create \
--description "Prometheus node exporter" --ingress --protocol icmp \ --description "Prometheus node exporter" --ingress --protocol tcp \
--dst-port "9100" \ --dst-port "9100" \
--remote-ip 10.1.32.0/22 default --remote-ip 10.1.32.0/22 default

View File

@ -0,0 +1,42 @@
resource "openstack_networking_network_v2" "main-private-network" {
name = var.main_private_network["name"]
admin_state_up = "true"
external = "false"
description = var.main_private_network.description
dns_domain = var.dns-zone
mtu = var.mtu_size
port_security_enabled = true
shared = false
region = var.main_region
}
resource "openstack_networking_subnet_v2" "main-private-subnet" {
name = var.main_private_subnet.name
description = var.main_private_subnet.description
network_id = openstack_networking_network_v2.main-private-network.id
cidr = var.main_private_subnet.cidr
gateway_ip = var.main_private_subnet.gateway_ip
dns_nameservers = var.resolvers_ip
ip_version = 4
enable_dhcp = true
allocation_pool {
start = var.main_private_subnet.allocation_start
end = var.main_private_subnet.allocation_end
}
}
# Shell command:
# openstack --os-cloud d4s-pre router create --description "D4Science Preprod main router" --external-gateway external-network d4s-pre-cloud-external-router
# resource "openstack_networking_router_v2" "external-router" {
# name = var.external_router.name
# description = var.external_router.description
# external_network_id = var.external_network.id
# enable_snat = true
# }
# Router interface configuration
resource "openstack_networking_router_interface_v2" "private-network-routing" {
# router_id = openstack_networking_router_v2.external-router.id
router_id = var.external_router.id
subnet_id = openstack_networking_subnet_v2.main-private-subnet.id
}

View File

@ -1,7 +1,15 @@
#### NEUTRON # Global definitions
variable "external_network" { variable "main_region" {
type = string type = string
default = "external-network" default = "isti_area_pi_1"
}
variable "external_network" {
type = map(string)
default = {
name = "external-network"
id = "1d2ff137-6ff7-4017-be2b-0d6c4af2353b"
}
} }
variable "resolvers_ip" { variable "resolvers_ip" {
@ -9,3 +17,7 @@ variable "resolvers_ip" {
default = ["146.48.29.97", "146.48.29.98", "146.48.29.99"] default = ["146.48.29.97", "146.48.29.98", "146.48.29.99"]
} }
variable "mtu_size" {
type = number
default = 8942
}

View File

@ -4,7 +4,7 @@ required_version = ">= 0.14.0"
required_providers { required_providers {
openstack = { openstack = {
source = "terraform-provider-openstack/openstack" source = "terraform-provider-openstack/openstack"
version = "~> 1.51.1" version = "~> 1.53.0"
} }
} }
} }

View File

@ -0,0 +1,24 @@
# This file is maintained automatically by "terraform init".
# Manual edits may be lost in future updates.
provider "registry.terraform.io/terraform-provider-openstack/openstack" {
version = "1.53.0"
constraints = "~> 1.53.0"
hashes = [
"h1:ZSJPqrlaHQ3sj7wyJuPSG+NblFZbAA6Y0d3GjSJf3o8=",
"zh:09da7ca98ffd3de7b9ce36c4c13446212a6e763ba1162be71b50f95d453cb68e",
"zh:14041bcbb87312411d88612056ed185650bfd01284b8ea0761ce8105a331708e",
"zh:35bf4c788fdbc17c8e40ebc7b33c7de4b45a2fa2efaa657b10f0e3bd37c9627f",
"zh:46ede8ef4cfa12d654c538afc1e1ec34a1f3e8eb4e986ee23dceae398b7176a6",
"zh:59675734990dab1e8d87997853ea75e8104bba730b3f5a7146ac735540c9d6bf",
"zh:6de52428849806498670e827b54810be7510a2a79449602c1aede4235a0ec036",
"zh:78b2a20601272afceffac8f8ca78a6b647b84196c0dd8dc710fae297f6be15a4",
"zh:7c41ed3a4fac09677e676ecf9f9edd1e38eef449e656cb01a848d2c799c6de8f",
"zh:852800228f4118a4aa6cfaa4468b851247cbed6f037fd204f08de69eb1edc149",
"zh:86d618e7f9a07d978b8bc4b190be350a00de64ec535f9c8f5dfe133542a55483",
"zh:963a9e72b66d8bcf43de9b14a674ae3ca3719ce2f829217f7a65b66fc3773397",
"zh:a8e72ab67795071bda61f99a6de3d2d40122fb51971768fd75e1324abe874ced",
"zh:ce1890cf3af17d569af3bc7673cec0a8f78e6f5d701767593f3d29c551f44848",
"zh:e6f1b96eb684f527a47f71923f268c86a36d7894751b31ee9e726d7502a639cd",
]
}

View File

@ -0,0 +1,20 @@
# Configure the OpenStack Provider
provider "openstack" {
cloud = "d4s-dev"
}
variable "dns-zone" {
type = string
default = "cloud-dev.d4science.org."
}
variable "main_private_network" {
type = string
default = "d4s-dev-cloud-main"
}
variable "mtu_size" {
type = number
default = 8942
}

View File

@ -0,0 +1,11 @@
# How to obtain the "generated" data
terraformer can obtain the resources of a region. On OpenStack it is limited to the compute, block storage and networks resources.
The command is
```shell-session
terraformer import openstack --resources="*" --regions isti_area_pi_1
```
and it requires the load of the shell application credentials, it does not understand the `clouds.yaml` ones.

View File

@ -0,0 +1 @@
../../common_variables/external-network-and-resolvers.tf

View File

@ -0,0 +1 @@
../../common_variables/terraform-provider.tf

View File

@ -0,0 +1,24 @@
# This file is maintained automatically by "terraform init".
# Manual edits may be lost in future updates.
provider "registry.terraform.io/terraform-provider-openstack/openstack" {
version = "1.53.0"
constraints = "~> 1.53.0"
hashes = [
"h1:ZSJPqrlaHQ3sj7wyJuPSG+NblFZbAA6Y0d3GjSJf3o8=",
"zh:09da7ca98ffd3de7b9ce36c4c13446212a6e763ba1162be71b50f95d453cb68e",
"zh:14041bcbb87312411d88612056ed185650bfd01284b8ea0761ce8105a331708e",
"zh:35bf4c788fdbc17c8e40ebc7b33c7de4b45a2fa2efaa657b10f0e3bd37c9627f",
"zh:46ede8ef4cfa12d654c538afc1e1ec34a1f3e8eb4e986ee23dceae398b7176a6",
"zh:59675734990dab1e8d87997853ea75e8104bba730b3f5a7146ac735540c9d6bf",
"zh:6de52428849806498670e827b54810be7510a2a79449602c1aede4235a0ec036",
"zh:78b2a20601272afceffac8f8ca78a6b647b84196c0dd8dc710fae297f6be15a4",
"zh:7c41ed3a4fac09677e676ecf9f9edd1e38eef449e656cb01a848d2c799c6de8f",
"zh:852800228f4118a4aa6cfaa4468b851247cbed6f037fd204f08de69eb1edc149",
"zh:86d618e7f9a07d978b8bc4b190be350a00de64ec535f9c8f5dfe133542a55483",
"zh:963a9e72b66d8bcf43de9b14a674ae3ca3719ce2f829217f7a65b66fc3773397",
"zh:a8e72ab67795071bda61f99a6de3d2d40122fb51971768fd75e1324abe874ced",
"zh:ce1890cf3af17d569af3bc7673cec0a8f78e6f5d701767593f3d29c551f44848",
"zh:e6f1b96eb684f527a47f71923f268c86a36d7894751b31ee9e726d7502a639cd",
]
}

View File

@ -9,16 +9,31 @@ variable "dns-zone" {
default = "cloud-pre.d4science.org." default = "cloud-pre.d4science.org."
} }
#### VM parameters variable "main_private_network" {
variable "flavor_http" {
type = string
default = "t2.medium"
}
variable "network_http" {
type = map(string) type = map(string)
default = { default = {
subnet_name = "subnet-http" name = "d4s-pre-cloud-main"
cidr = "192.168.1.0/24" description = "D4Science Preprod private network (use this as the main network)"
}
}
variable "main_private_subnet" {
type = map(string)
default = {
name = "d4s-pre-cloud-main-subnet"
description = "D4Science Preprod main private subnet"
cidr = "10.1.32.0/22"
gateway_ip = "10.1.32.1"
allocation_start = "10.1.32.100"
allocation_end = "10.1.35.254"
}
}
variable "external_router" {
type = map(string)
default = {
name = "d4s-pre-cloud-external-router"
description = "D4Science Preprod main router"
id = "cc26064a-bb08-4c0b-929f-d0cb39f934a3"
} }
} }

View File

@ -0,0 +1 @@
../../common_setups/10-main-network.tf

View File

@ -0,0 +1 @@
../../common_variables/external-network-and-resolvers.tf

View File

@ -0,0 +1 @@
../../common_variables/terraform-provider.tf