InfraScience
/
infrastructure-as-code
22
0
Fork 2
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Another attempt at the OVN load balancer.

This commit is contained in:
Andrea Dell'Amico 2024-11-08 10:03:20 +01:00
parent c4e540673e
commit f7f3449472
Signed by: andrea.dellamico
GPG Key ID: 147ABE6CEB9E20FF
2 changed files with 297 additions and 656 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

284
openstack-tf/d4s-preprod/docker_swarm_cluster/docker-swarm.tf
View File

@ -31,6 +31,50 @@ resource "openstack_networking_secgroup_rule_v2" "everything_tcp" {
remote_ip_prefix = data.terraform_remote_state.privnet_dns_router.outputs.main_private_subnet.cidr
}
resource "openstack_networking_secgroup_rule_v2" "https_from_outside" {
security_group_id = openstack_networking_secgroup_v2.swarm_internal_traffic.id
description = "HTTPS from outside"
direction = "ingress"
ethertype = "IPv4"
protocol = "tcp"
port_range_min = 443
port_range_max = 443
remote_ip_prefix = "0.0.0.0/0"
}
resource "openstack_networking_secgroup_rule_v2" "http_from_outside" {
security_group_id = openstack_networking_secgroup_v2.swarm_internal_traffic.id
description = "HTTP from outside"
direction = "ingress"
ethertype = "IPv4"
protocol = "tcp"
port_range_min = 80
port_range_max = 80
remote_ip_prefix = "0.0.0.0/0"
}
# resource "openstack_networking_secgroup_rule_v2" "quic_from_outside" {
# security_group_id = openstack_networking_secgroup_v2.swarm_internal_traffic.id
# description = "QUIC from outside"
# direction = "ingress"
# ethertype = "IPv4"
# protocol = "udp"
# port_range_min = 443
# port_range_max = 443
# remote_ip_prefix = "0.0.0.0/0"
# }
resource "openstack_networking_secgroup_rule_v2" "haproxy_stats_from_outside" {
security_group_id = openstack_networking_secgroup_v2.swarm_internal_traffic.id
description = "HAPROXY stats from outside"
direction = "ingress"
ethertype = "IPv4"
protocol = "tcp"
port_range_min = 8880
port_range_max = 8880
remote_ip_prefix = "0.0.0.0/0"
}
#
# Swarm Manager VMs
#
@ -211,15 +255,15 @@ resource "openstack_lb_members_v2" "swarm_haproxy_stats_pool_members" {
}
}
resource "openstack_lb_monitor_v2" "swarm_haproxy_stats_monitor" {
pool_id = openstack_lb_pool_v2.swarm_haproxy_stats_pool.id
name = "swarm_haproxy_stats_monitor"
type = "TCP"
delay = 20
timeout = 5
max_retries = 3
admin_state_up = true
}
# resource "openstack_lb_monitor_v2" "swarm_haproxy_stats_monitor" {
# pool_id = openstack_lb_pool_v2.swarm_haproxy_stats_pool.id
# name = "swarm_haproxy_stats_monitor"
# type = "TCP"
# delay = 20
# timeout = 5
# max_retries = 3
# admin_state_up = true
# }
# HAPROXY HTTP
resource "openstack_lb_listener_v2" "swarm_haproxy_http_listener" {
@ -262,15 +306,15 @@ resource "openstack_lb_members_v2" "swarm_haproxy_http_pool_members" {
}
}
resource "openstack_lb_monitor_v2" "swarm_haproxy_http_monitor" {
pool_id = openstack_lb_pool_v2.swarm_haproxy_http_pool.id
name = "swarm_haproxy_http_monitor"
type = "TCP"
delay = 20
timeout = 5
max_retries = 3
admin_state_up = true
}
# resource "openstack_lb_monitor_v2" "swarm_haproxy_http_monitor" {
# pool_id = openstack_lb_pool_v2.swarm_haproxy_http_pool.id
# name = "swarm_haproxy_http_monitor"
# type = "TCP"
# delay = 20
# timeout = 5
# max_retries = 3
# admin_state_up = true
# }
# HAPROXY HTTPS
resource "openstack_lb_listener_v2" "swarm_haproxy_https_listener" {
@ -316,120 +360,110 @@ resource "openstack_lb_members_v2" "swarm_haproxy_https_pool_members" {
}
}
resource "openstack_lb_monitor_v2" "swarm_haproxy_https_monitor" {
pool_id = openstack_lb_pool_v2.swarm_haproxy_https_pool.id
name = "swarm_haproxy_https_monitor"
type = "TCP"
delay = 20
timeout = 5
max_retries = 3
admin_state_up = true
}
# resource "openstack_lb_monitor_v2" "swarm_haproxy_https_monitor" {
# pool_id = openstack_lb_pool_v2.swarm_haproxy_https_pool.id
# name = "swarm_haproxy_https_monitor"
# type = "TCP"
# delay = 20
# timeout = 5
# max_retries = 3
# admin_state_up = true
# }
# HTTP/3 (QUIC)
resource "openstack_lb_listener_v2" "swarm_haproxy_quic_listener" {
loadbalancer_id = openstack_lb_loadbalancer_v2.swarm_lb.id
protocol = "UDP"
protocol_port = 443
description = "HTTPS listener of the main HAPROXY instances"
name = "swarm_haproxy_quic_listener"
timeout_client_data = 3600000
timeout_member_connect = 10000
timeout_member_data = 7200000
admin_state_up = true
}
# resource "openstack_lb_listener_v2" "swarm_haproxy_quic_listener" {
# loadbalancer_id = openstack_lb_loadbalancer_v2.swarm_lb.id
# protocol = "UDP"
# protocol_port = 443
# description = "HTTPS listener of the main HAPROXY instances"
# name = "swarm_haproxy_quic_listener"
# timeout_client_data = 3600000
# timeout_member_connect = 10000
# timeout_member_data = 7200000
# admin_state_up = true
# }
resource "openstack_lb_pool_v2" "swarm_haproxy_quic_pool" {
listener_id = openstack_lb_listener_v2.swarm_haproxy_quic_listener.id
protocol = "UDP"
lb_method = "SOURCE_IP_PORT"
name = "swarm-haproxy-lb-quic"
description = "Pool for the HTTP/3 (QUIC) listener of the Docker Swarm HAPROXY instances"
persistence {
type = "SOURCE_IP"
}
admin_state_up = true
}
# resource "openstack_lb_pool_v2" "swarm_haproxy_quic_pool" {
# listener_id = openstack_lb_listener_v2.swarm_haproxy_quic_listener.id
# protocol = "UDP"
# lb_method = "SOURCE_IP_PORT"
# name = "swarm-haproxy-lb-quic"
# description = "Pool for the HTTP/3 (QUIC) listener of the Docker Swarm HAPROXY instances"
# persistence {
# type = "SOURCE_IP"
# }
# admin_state_up = true
# }
resource "openstack_lb_members_v2" "swarm_haproxy_quic_pool_members" {
pool_id = openstack_lb_pool_v2.swarm_haproxy_quic_pool.id
member {
name = "swarm mgr haproxy 1"
address = var.docker_swarm_data.mgr1_ip
protocol_port = 443
}
member {
name = "swarm mgr haproxy 2"
address = var.docker_swarm_data.mgr2_ip
protocol_port = 443
}
member {
name = "swarm mgr haproxy 3"
address = var.docker_swarm_data.mgr3_ip
protocol_port = 443
}
}
resource "openstack_lb_monitor_v2" "swarm_haproxy_quic_monitor" {
pool_id = openstack_lb_pool_v2.swarm_haproxy_quic_pool.id
name = "swarm_haproxy_quic_monitor"
type = "UDP-CONNECT"
delay = 20
timeout = 5
max_retries = 3
admin_state_up = true
}
# resource "openstack_lb_members_v2" "swarm_haproxy_quic_pool_members" {
# pool_id = openstack_lb_pool_v2.swarm_haproxy_quic_pool.id
# member {
# name = "swarm mgr haproxy 1"
# address = var.docker_swarm_data.mgr1_ip
# protocol_port = 443
# }
# member {
# name = "swarm mgr haproxy 2"
# address = var.docker_swarm_data.mgr2_ip
# protocol_port = 443
# }
# member {
# name = "swarm mgr haproxy 3"
# address = var.docker_swarm_data.mgr3_ip
# protocol_port = 443
# }
# }
# HAPROXY HTTP on port 8080
resource "openstack_lb_listener_v2" "swarm_haproxy_8080_listener" {
loadbalancer_id = openstack_lb_loadbalancer_v2.swarm_lb.id
protocol = "TCP"
protocol_port = 8080
description = "HTTP port 8080 listener of the Docker Swarm HAPROXY instances"
name = "swarm_haproxy_8080_listener"
admin_state_up = true
}
# resource "openstack_lb_listener_v2" "swarm_haproxy_8080_listener" {
# loadbalancer_id = openstack_lb_loadbalancer_v2.swarm_lb.id
# protocol = "TCP"
# protocol_port = 8080
# description = "HTTP port 8080 listener of the Docker Swarm HAPROXY instances"
# name = "swarm_haproxy_8080_listener"
# admin_state_up = true
# }
resource "openstack_lb_pool_v2" "swarm_haproxy_8080_pool" {
listener_id = openstack_lb_listener_v2.swarm_haproxy_8080_listener.id
protocol = "TCP"
lb_method = "SOURCE_IP_PORT"
name = "swarm-haproxy-lb-http-8080"
description = "Pool for the HTTP port 8080 listener of the Docker Swarm HAPROXY instances"
persistence {
type = "SOURCE_IP"
}
admin_state_up = true
}
# resource "openstack_lb_pool_v2" "swarm_haproxy_8080_pool" {
# listener_id = openstack_lb_listener_v2.swarm_haproxy_8080_listener.id
# protocol = "TCP"
# lb_method = "SOURCE_IP_PORT"
# name = "swarm-haproxy-lb-http-8080"
# description = "Pool for the HTTP port 8080 listener of the Docker Swarm HAPROXY instances"
# persistence {
# type = "SOURCE_IP"
# }
# admin_state_up = true
# }
resource "openstack_lb_members_v2" "swarm_haproxy_8080_pool_members" {
pool_id = openstack_lb_pool_v2.swarm_haproxy_8080_pool.id
member {
name = "swarm mgr haproxy 1"
address = var.docker_swarm_data.mgr1_ip
protocol_port = 8080
}
member {
name = "swarm mgr haproxy 2"
address = var.docker_swarm_data.mgr2_ip
protocol_port = 8080
}
member {
name = "swarm mgr haproxy 3"
address = var.docker_swarm_data.mgr3_ip
protocol_port = 8080
}
}
# resource "openstack_lb_members_v2" "swarm_haproxy_8080_pool_members" {
# pool_id = openstack_lb_pool_v2.swarm_haproxy_8080_pool.id
# member {
# name = "swarm mgr haproxy 1"
# address = var.docker_swarm_data.mgr1_ip
# protocol_port = 8080
# }
# member {
# name = "swarm mgr haproxy 2"
# address = var.docker_swarm_data.mgr2_ip
# protocol_port = 8080
# }
# member {
# name = "swarm mgr haproxy 3"
# address = var.docker_swarm_data.mgr3_ip
# protocol_port = 8080
# }
# }
resource "openstack_lb_monitor_v2" "swarm_haproxy_8080_monitor" {
pool_id = openstack_lb_pool_v2.swarm_haproxy_8080_pool.id
name = "swarm_haproxy_8080_monitor"
type = "TCP"
delay = 20
timeout = 5
max_retries = 3
admin_state_up = true
}
# resource "openstack_lb_monitor_v2" "swarm_haproxy_8080_monitor" {
# pool_id = openstack_lb_pool_v2.swarm_haproxy_8080_pool.id
# name = "swarm_haproxy_8080_monitor"
# type = "TCP"
# delay = 20
# timeout = 5
# max_retries = 3
# admin_state_up = true
# }
# NFS share for portainer
#
@ -442,10 +476,10 @@ resource "openstack_sharedfilesystem_share_v2" "portainer_data" {
# Allow access to the NFS share
resource "openstack_sharedfilesystem_share_access_v2" "portainer_access_swarm_mgr" {
for_each = { for ip in var.swarm_managers_ip : join("", [ip]) => ip }
count = var.docker_swarm_data.mgr_count
share_id = openstack_sharedfilesystem_share_v2.portainer_data.id
access_type = "ip"
access_to = each.key
access_to = openstack_compute_interface_attach_v2.nfs_port_to_swarm_mgr[count.index].fixed_ip
access_level = "rw"
}

669
openstack-tf/d4s-preprod/docker_swarm_cluster/terraform.tfstate
View File

@ -1,49 +1,49 @@
{
"version": 4,
"terraform_version": "1.9.8",
"serial": 63,
"serial": 91,
"lineage": "e3112c4a-e2c8-d93d-14fd-76e7756842a5",
"outputs": {
"portainer_data_mgr_acls": {
"value": {
"10.1.32.31": {
"value": [
{
"access_key": "",
"access_level": "rw",
"access_to": "10.1.32.31",
"access_to": "172.17.4.25",
"access_type": "ip",
"id": "bb7d370e-2eff-4dec-9077-6b37f748f170",
"id": "98ccd47e-26e1-4943-bafc-9104109b93df",
"region": "isti_area_pi_1",
"share_id": "2041b5c7-9e49-4ad4-9570-0de87b2a789c",
"state": "active",
"timeouts": null
},
"10.1.32.32": {
{
"access_key": "",
"access_level": "rw",
"access_to": "10.1.32.32",
"access_to": "172.17.2.108",
"access_type": "ip",
"id": "63127fa6-9fdc-4e32-a2fd-6d98122785f5",
"id": "88f188cf-c609-4388-b2fe-13bc7421227e",
"region": "isti_area_pi_1",
"share_id": "2041b5c7-9e49-4ad4-9570-0de87b2a789c",
"state": "active",
"timeouts": null
},
"10.1.32.33": {
{
"access_key": "",
"access_level": "rw",
"access_to": "10.1.32.33",
"access_to": "172.17.0.164",
"access_type": "ip",
"id": "5ba7996d-a213-4a8c-872a-d3e37fee4169",
"id": "8ba64722-6bcd-4246-8bc2-69123571d64c",
"region": "isti_area_pi_1",
"share_id": "2041b5c7-9e49-4ad4-9570-0de87b2a789c",
"state": "active",
"timeouts": null
}
},
],
"type": [
"object",
{
"10.1.32.31": [
"tuple",
[
[
"object",
{
"access_key": "string",
@ -64,7 +64,7 @@
]
}
],
"10.1.32.32": [
[
"object",
{
"access_key": "string",
@ -85,7 +85,7 @@
]
}
],
"10.1.32.33": [
[
"object",
{
"access_key": "string",
@ -106,7 +106,7 @@
]
}
]
}
]
],
"sensitive": true
},
@ -2707,55 +2707,6 @@
}
]
},
{
"mode": "managed",
"type": "openstack_lb_listener_v2",
"name": "swarm_haproxy_8080_listener",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"admin_state_up": true,
"allowed_cidrs": [],
"alpn_protocols": [],
"client_authentication": "NONE",
"client_ca_tls_container_ref": "",
"client_crl_container_ref": "",
"connection_limit": -1,
"default_pool_id": "ad7a0364-7d9f-4276-acf0-1c899be0a9d6",
"default_tls_container_ref": "",
"description": "HTTP port 8080 listener of the Docker Swarm HAPROXY instances",
"hsts_include_subdomains": false,
"hsts_max_age": 0,
"hsts_preload": false,
"id": "8c84ad37-d438-4265-8b0b-b09601045c15",
"insert_headers": {},
"loadbalancer_id": "da395ef1-5937-4d31-813a-38e2803b425d",
"name": "swarm_haproxy_8080_listener",
"protocol": "TCP",
"protocol_port": 8080,
"region": "isti_area_pi_1",
"sni_container_refs": [],
"tags": [],
"tenant_id": "6fdc02e2827b405dad99f34698659742",
"timeout_client_data": 50000,
"timeout_member_connect": 5000,
"timeout_member_data": 50000,
"timeout_tcp_inspect": 0,
"timeouts": null,
"tls_ciphers": "",
"tls_versions": []
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router",
"openstack_lb_loadbalancer_v2.swarm_lb"
]
}
]
},
{
"mode": "managed",
"type": "openstack_lb_listener_v2",
@ -2854,55 +2805,6 @@
}
]
},
{
"mode": "managed",
"type": "openstack_lb_listener_v2",
"name": "swarm_haproxy_quic_listener",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"admin_state_up": true,
"allowed_cidrs": [],
"alpn_protocols": [],
"client_authentication": "NONE",
"client_ca_tls_container_ref": "",
"client_crl_container_ref": "",
"connection_limit": -1,
"default_pool_id": "db09a5ba-a256-40f0-bbc2-e4e9dc8a27d4",
"default_tls_container_ref": "",
"description": "HTTPS listener of the main HAPROXY instances",
"hsts_include_subdomains": false,
"hsts_max_age": 0,
"hsts_preload": false,
"id": "5db32865-b1f5-4a64-bf06-aecf47771083",
"insert_headers": {},
"loadbalancer_id": "da395ef1-5937-4d31-813a-38e2803b425d",
"name": "swarm_haproxy_quic_listener",
"protocol": "UDP",
"protocol_port": 443,
"region": "isti_area_pi_1",
"sni_container_refs": [],
"tags": [],
"tenant_id": "6fdc02e2827b405dad99f34698659742",
"timeout_client_data": 3600000,
"timeout_member_connect": 10000,
"timeout_member_data": 7200000,
"timeout_tcp_inspect": 0,
"timeouts": null,
"tls_ciphers": "",
"tls_versions": []
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router",
"openstack_lb_loadbalancer_v2.swarm_lb"
]
}
]
},
{
"mode": "managed",
"type": "openstack_lb_listener_v2",
@ -2989,69 +2891,6 @@
}
]
},
{
"mode": "managed",
"type": "openstack_lb_members_v2",
"name": "swarm_haproxy_8080_pool_members",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"id": "ad7a0364-7d9f-4276-acf0-1c899be0a9d6",
"member": [
{
"address": "10.1.32.31",
"admin_state_up": true,
"backup": false,
"id": "a32241eb-1376-4231-b77b-19e9f0fe7fef",
"monitor_address": "",
"monitor_port": 0,
"name": "swarm mgr haproxy 1",
"protocol_port": 8080,
"subnet_id": "",
"weight": 1
},
{
"address": "10.1.32.32",
"admin_state_up": true,
"backup": false,
"id": "c405deac-7ded-4c11-9766-b08ddece34af",
"monitor_address": "",
"monitor_port": 0,
"name": "swarm mgr haproxy 2",
"protocol_port": 8080,
"subnet_id": "",
"weight": 1
},
{
"address": "10.1.32.33",
"admin_state_up": true,
"backup": false,
"id": "72dd0c94-ed6a-4da7-9c0a-86cddb9a1782",
"monitor_address": "",
"monitor_port": 0,
"name": "swarm mgr haproxy 3",
"protocol_port": 8080,
"subnet_id": "",
"weight": 1
}
],
"pool_id": "ad7a0364-7d9f-4276-acf0-1c899be0a9d6",
"region": "isti_area_pi_1",
"timeouts": null
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router",
"openstack_lb_listener_v2.swarm_haproxy_8080_listener",
"openstack_lb_loadbalancer_v2.swarm_lb",
"openstack_lb_pool_v2.swarm_haproxy_8080_pool"
]
}
]
},
{
"mode": "managed",
"type": "openstack_lb_members_v2",
@ -3178,69 +3017,6 @@
}
]
},
{
"mode": "managed",
"type": "openstack_lb_members_v2",
"name": "swarm_haproxy_quic_pool_members",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"id": "db09a5ba-a256-40f0-bbc2-e4e9dc8a27d4",
"member": [
{
"address": "10.1.32.31",
"admin_state_up": true,
"backup": false,
"id": "e708885c-4dd2-46e9-8f2a-c6290fc8ae95",
"monitor_address": "",
"monitor_port": 0,
"name": "swarm mgr haproxy 1",
"protocol_port": 443,
"subnet_id": "",
"weight": 1
},
{
"address": "10.1.32.32",
"admin_state_up": true,
"backup": false,
"id": "3e3d0d47-1138-4e1e-b61f-f61419a63cb2",
"monitor_address": "",
"monitor_port": 0,
"name": "swarm mgr haproxy 2",
"protocol_port": 443,
"subnet_id": "",
"weight": 1
},
{
"address": "10.1.32.33",
"admin_state_up": true,
"backup": false,
"id": "9e29303d-e7fe-4c12-82fb-25007aa98c8e",
"monitor_address": "",
"monitor_port": 0,
"name": "swarm mgr haproxy 3",
"protocol_port": 443,
"subnet_id": "",
"weight": 1
}
],
"pool_id": "db09a5ba-a256-40f0-bbc2-e4e9dc8a27d4",
"region": "isti_area_pi_1",
"timeouts": null
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router",
"openstack_lb_listener_v2.swarm_haproxy_quic_listener",
"openstack_lb_loadbalancer_v2.swarm_lb",
"openstack_lb_pool_v2.swarm_haproxy_quic_pool"
]
}
]
},
{
"mode": "managed",
"type": "openstack_lb_members_v2",
@ -3304,241 +3080,6 @@
}
]
},
{
"mode": "managed",
"type": "openstack_lb_monitor_v2",
"name": "swarm_haproxy_8080_monitor",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"admin_state_up": true,
"delay": 20,
"domain_name": "",
"expected_codes": "",
"http_method": "",
"http_version": "",
"id": "d4c80823-4e06-403b-9b60-811d1d4fa101",
"max_retries": 3,
"max_retries_down": 3,
"name": "swarm_haproxy_8080_monitor",
"pool_id": "ad7a0364-7d9f-4276-acf0-1c899be0a9d6",
"region": "isti_area_pi_1",
"tenant_id": "6fdc02e2827b405dad99f34698659742",
"timeout": 5,
"timeouts": null,
"type": "TCP",
"url_path": ""
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router",
"openstack_lb_listener_v2.swarm_haproxy_8080_listener",
"openstack_lb_loadbalancer_v2.swarm_lb",
"openstack_lb_pool_v2.swarm_haproxy_8080_pool"
]
}
]
},
{
"mode": "managed",
"type": "openstack_lb_monitor_v2",
"name": "swarm_haproxy_http_monitor",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"admin_state_up": true,
"delay": 20,
"domain_name": "",
"expected_codes": "",
"http_method": "",
"http_version": "",
"id": "aa981a29-0415-498f-8a67-588ac8293371",
"max_retries": 3,
"max_retries_down": 3,
"name": "swarm_haproxy_http_monitor",
"pool_id": "b21c47fc-3a41-4bc4-b941-a0f306f5f398",
"region": "isti_area_pi_1",
"tenant_id": "6fdc02e2827b405dad99f34698659742",
"timeout": 5,
"timeouts": null,
"type": "TCP",
"url_path": ""
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router",
"openstack_lb_listener_v2.swarm_haproxy_http_listener",
"openstack_lb_loadbalancer_v2.swarm_lb",
"openstack_lb_pool_v2.swarm_haproxy_http_pool"
]
}
]
},
{
"mode": "managed",
"type": "openstack_lb_monitor_v2",
"name": "swarm_haproxy_https_monitor",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"admin_state_up": true,
"delay": 20,
"domain_name": "",
"expected_codes": "",
"http_method": "",
"http_version": "",
"id": "26df7d97-c23a-47ff-939a-2d4b71f76560",
"max_retries": 3,
"max_retries_down": 3,
"name": "swarm_haproxy_https_monitor",
"pool_id": "57c5f92f-9b15-409c-b124-d08394f22ec0",
"region": "isti_area_pi_1",
"tenant_id": "6fdc02e2827b405dad99f34698659742",
"timeout": 5,
"timeouts": null,
"type": "TCP",
"url_path": ""
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router",
"openstack_lb_listener_v2.swarm_haproxy_https_listener",
"openstack_lb_loadbalancer_v2.swarm_lb",
"openstack_lb_pool_v2.swarm_haproxy_https_pool"
]
}
]
},
{
"mode": "managed",
"type": "openstack_lb_monitor_v2",
"name": "swarm_haproxy_quic_monitor",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"admin_state_up": true,
"delay": 20,
"domain_name": "",
"expected_codes": "",
"http_method": "",
"http_version": "",
"id": "b3e82045-cbc9-457f-8d8c-aeefdd850365",
"max_retries": 3,
"max_retries_down": 3,
"name": "swarm_haproxy_quic_monitor",
"pool_id": "db09a5ba-a256-40f0-bbc2-e4e9dc8a27d4",
"region": "isti_area_pi_1",
"tenant_id": "6fdc02e2827b405dad99f34698659742",
"timeout": 5,
"timeouts": null,
"type": "UDP-CONNECT",
"url_path": ""
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router",
"openstack_lb_listener_v2.swarm_haproxy_quic_listener",
"openstack_lb_loadbalancer_v2.swarm_lb",
"openstack_lb_pool_v2.swarm_haproxy_quic_pool"
]
}
]
},
{
"mode": "managed",
"type": "openstack_lb_monitor_v2",
"name": "swarm_haproxy_stats_monitor",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"admin_state_up": true,
"delay": 20,
"domain_name": "",
"expected_codes": "",
"http_method": "",
"http_version": "",
"id": "20581824-9c18-4727-b882-4002cccf2ddf",
"max_retries": 3,
"max_retries_down": 3,
"name": "swarm_haproxy_stats_monitor",
"pool_id": "8cb9c195-5d46-4d0c-8d0f-aaa6a091ef61",
"region": "isti_area_pi_1",
"tenant_id": "6fdc02e2827b405dad99f34698659742",
"timeout": 5,
"timeouts": null,
"type": "TCP",
"url_path": ""
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router",
"openstack_lb_listener_v2.swarm_haproxy_stats_listener",
"openstack_lb_loadbalancer_v2.swarm_lb",
"openstack_lb_pool_v2.swarm_haproxy_stats_pool"
]
}
]
},
{
"mode": "managed",
"type": "openstack_lb_pool_v2",
"name": "swarm_haproxy_8080_pool",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"admin_state_up": true,
"alpn_protocols": [],
"ca_tls_container_ref": "",
"crl_container_ref": "",
"description": "Pool for the HTTP port 8080 listener of the Docker Swarm HAPROXY instances",
"id": "ad7a0364-7d9f-4276-acf0-1c899be0a9d6",
"lb_method": "SOURCE_IP_PORT",
"listener_id": "8c84ad37-d438-4265-8b0b-b09601045c15",
"loadbalancer_id": null,
"name": "swarm-haproxy-lb-http-8080",
"persistence": [
{
"cookie_name": "",
"type": "SOURCE_IP"
}
],
"protocol": "TCP",
"region": "isti_area_pi_1",
"tags": [],
"tenant_id": "6fdc02e2827b405dad99f34698659742",
"timeouts": null,
"tls_ciphers": "",
"tls_container_ref": "",
"tls_enabled": false,
"tls_versions": []
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router",
"openstack_lb_listener_v2.swarm_haproxy_8080_listener",
"openstack_lb_loadbalancer_v2.swarm_lb"
]
}
]
},
{
"mode": "managed",
"type": "openstack_lb_pool_v2",
@ -3629,51 +3170,6 @@
}
]
},
{
"mode": "managed",
"type": "openstack_lb_pool_v2",
"name": "swarm_haproxy_quic_pool",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"admin_state_up": true,
"alpn_protocols": [],
"ca_tls_container_ref": "",
"crl_container_ref": "",
"description": "Pool for the HTTP/3 (QUIC) listener of the Docker Swarm HAPROXY instances",
"id": "db09a5ba-a256-40f0-bbc2-e4e9dc8a27d4",
"lb_method": "SOURCE_IP_PORT",
"listener_id": "5db32865-b1f5-4a64-bf06-aecf47771083",
"loadbalancer_id": null,
"name": "swarm-haproxy-lb-quic",
"persistence": [
{
"cookie_name": "",
"type": "SOURCE_IP"
}
],
"protocol": "UDP",
"region": "isti_area_pi_1",
"tags": [],
"tenant_id": "6fdc02e2827b405dad99f34698659742",
"timeouts": null,
"tls_ciphers": "",
"tls_container_ref": "",
"tls_enabled": false,
"tls_versions": []
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router",
"openstack_lb_listener_v2.swarm_haproxy_quic_listener",
"openstack_lb_loadbalancer_v2.swarm_lb"
]
}
]
},
{
"mode": "managed",
"type": "openstack_lb_pool_v2",
@ -4113,6 +3609,99 @@
}
]
},
{
"mode": "managed",
"type": "openstack_networking_secgroup_rule_v2",
"name": "haproxy_stats_from_outside",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"description": "HAPROXY stats from outside",
"direction": "ingress",
"ethertype": "IPv4",
"id": "76320096-dadd-4ced-9ab5-e2c291fcd4da",
"port_range_max": 8880,
"port_range_min": 8880,
"protocol": "tcp",
"region": "isti_area_pi_1",
"remote_group_id": "",
"remote_ip_prefix": "0.0.0.0/0",
"security_group_id": "2a61ce69-d025-4c41-815f-08e92ca024e4",
"tenant_id": "6fdc02e2827b405dad99f34698659742",
"timeouts": null
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==",
"dependencies": [
"openstack_networking_secgroup_v2.swarm_internal_traffic"
]
}
]
},
{
"mode": "managed",
"type": "openstack_networking_secgroup_rule_v2",
"name": "http_from_outside",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"description": "HTTP from outside",
"direction": "ingress",
"ethertype": "IPv4",
"id": "61656720-ef02-42f0-bacf-e597c42d5b21",
"port_range_max": 80,
"port_range_min": 80,
"protocol": "tcp",
"region": "isti_area_pi_1",
"remote_group_id": "",
"remote_ip_prefix": "0.0.0.0/0",
"security_group_id": "2a61ce69-d025-4c41-815f-08e92ca024e4",
"tenant_id": "6fdc02e2827b405dad99f34698659742",
"timeouts": null
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==",
"dependencies": [
"openstack_networking_secgroup_v2.swarm_internal_traffic"
]
}
]
},
{
"mode": "managed",
"type": "openstack_networking_secgroup_rule_v2",
"name": "https_from_outside",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"description": "HTTPS from outside",
"direction": "ingress",
"ethertype": "IPv4",
"id": "35de5b80-6b8c-4282-94e9-5386f6ffee41",
"port_range_max": 443,
"port_range_min": 443,
"protocol": "tcp",
"region": "isti_area_pi_1",
"remote_group_id": "",
"remote_ip_prefix": "0.0.0.0/0",
"security_group_id": "2a61ce69-d025-4c41-815f-08e92ca024e4",
"tenant_id": "6fdc02e2827b405dad99f34698659742",
"timeouts": null
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==",
"dependencies": [
"openstack_networking_secgroup_v2.swarm_internal_traffic"
]
}
]
},
{
"mode": "managed",
"type": "openstack_networking_secgroup_v2",
@ -4145,14 +3734,14 @@
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"index_key": "10.1.32.31",
"index_key": 0,
"schema_version": 0,
"attributes": {
"access_key": "",
"access_level": "rw",
"access_to": "10.1.32.31",
"access_to": "172.17.4.25",
"access_type": "ip",
"id": "bb7d370e-2eff-4dec-9077-6b37f748f170",
"id": "98ccd47e-26e1-4943-bafc-9104109b93df",
"region": "isti_area_pi_1",
"share_id": "2041b5c7-9e49-4ad4-9570-0de87b2a789c",
"state": "active",
@ -4168,18 +3757,24 @@
],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router",
"openstack_compute_instance_v2.docker_swarm_managers",
"openstack_compute_interface_attach_v2.nfs_port_to_swarm_mgr",
"openstack_compute_servergroup_v2.swarm_masters",
"openstack_networking_port_v2.swarm_mgr_nfs_port",
"openstack_networking_secgroup_v2.swarm_internal_traffic",
"openstack_sharedfilesystem_share_v2.portainer_data"
]
},
{
"index_key": "10.1.32.32",
"index_key": 1,
"schema_version": 0,
"attributes": {
"access_key": "",
"access_level": "rw",
"access_to": "10.1.32.32",
"access_to": "172.17.2.108",
"access_type": "ip",
"id": "63127fa6-9fdc-4e32-a2fd-6d98122785f5",
"id": "88f188cf-c609-4388-b2fe-13bc7421227e",
"region": "isti_area_pi_1",
"share_id": "2041b5c7-9e49-4ad4-9570-0de87b2a789c",
"state": "active",
@ -4195,18 +3790,24 @@
],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router",
"openstack_compute_instance_v2.docker_swarm_managers",
"openstack_compute_interface_attach_v2.nfs_port_to_swarm_mgr",
"openstack_compute_servergroup_v2.swarm_masters",
"openstack_networking_port_v2.swarm_mgr_nfs_port",
"openstack_networking_secgroup_v2.swarm_internal_traffic",
"openstack_sharedfilesystem_share_v2.portainer_data"
]
},
{
"index_key": "10.1.32.33",
"index_key": 2,
"schema_version": 0,
"attributes": {
"access_key": "",
"access_level": "rw",
"access_to": "10.1.32.33",
"access_to": "172.17.0.164",
"access_type": "ip",
"id": "5ba7996d-a213-4a8c-872a-d3e37fee4169",
"id": "8ba64722-6bcd-4246-8bc2-69123571d64c",
"region": "isti_area_pi_1",
"share_id": "2041b5c7-9e49-4ad4-9570-0de87b2a789c",
"state": "active",
@ -4222,6 +3823,12 @@
],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router",
"openstack_compute_instance_v2.docker_swarm_managers",
"openstack_compute_interface_attach_v2.nfs_port_to_swarm_mgr",
"openstack_compute_servergroup_v2.swarm_masters",
"openstack_networking_port_v2.swarm_mgr_nfs_port",
"openstack_networking_secgroup_v2.swarm_internal_traffic",
"openstack_sharedfilesystem_share_v2.portainer_data"
]
}