main #4

Merged
andrea.dellamico merged 8 commits from francesco.mangiacrapa/infrastructure-as-code:main into main 2023-12-04 15:15:35 +01:00
4 changed files with 82 additions and 32 deletions
Showing only changes of commit 13a1c58534 - Show all commits

View File

@ -20,6 +20,43 @@
# }
# locals {
# smartgears_service_instances_map = {
# geoportal_service = {
# name = "geoportal-cms",
# description = "The Geoportal instance",
# flavor = "${var.flavor_list.m1_large}",
# networks = ["d4s-dev-cloud-main", "postgresql-srv-net"],
# security_groups = ["default", "http and https from the load balancers"]
# block_device_uuid = "7ed6a2cd-2b07-482e-8ce4-f018dff16c89" #ubuntu_18_04.uuid of DEV
# },
# # URI-Resolver instance 1
# uri_resolver_service_i1 = {
# name = "data",
# description = "The data instance",
# flavor = "m1.medium",
# networks = ["d4s-dev-cloud-main"],
# security_groups = ["default", "http and https from the load balancers"]
# block_device_uuid = "7ed6a2cd-2b07-482e-8ce4-f018dff16c89" #ubuntu_18_04.uuid of DEV
# }
# }
# }
# variable "smartgears_service_instances_map" {
# type = map(object({
# name = string
# description = string
# flavor = string
# networks = list(string)
# security_groups = list(string)
# block_device_uuid = string
# }))
# default = local.smartgears_service_instances_map
# }
variable "smartgears_service_instances_map" {
type = map(object({
name = string

View File

@ -1,4 +1,4 @@
# Generic martgears_service instance
# Generic smartgears_service instance
resource "openstack_compute_instance_v2" "smartgears_service" {
for_each = var.smartgears_service_instances_map
name = each.value.name
@ -24,3 +24,4 @@ resource "openstack_compute_instance_v2" "smartgears_service" {
user_data = file("${var.ubuntu1804_data_file}")
}

View File

@ -0,0 +1,12 @@
#This file must be renamed as 'ssh-key-ref-outputs.tf'
#replace the placeholders {YOUR_PRIVATE_KEYNAME} (without .pb) and {YOUR_KEYNAME} with proper values
output "ssh_key_file" {
value = "~/.ssh/{YOUR_PRIVATE_KEYNAME}"
sensitive = true
}
output "ssh_key_name" {
value = "{YOUR_KEYNAME}"
sensitive = false
}

View File

@ -1,27 +1,27 @@
# TimeScaleDB shared server
# Network
resource "openstack_networking_network_v2" "timescaledb_net" {
name = var.timescaledb_net.network_name
admin_state_up = "true"
external = "false"
description = var.timescaledb_net.network_description
dns_domain = var.dns_zone.zone_name
mtu = var.mtu_size
name = var.timescaledb_net.network_name
admin_state_up = "true"
external = "false"
description = var.timescaledb_net.network_description
dns_domain = var.dns_zone.zone_name
mtu = var.mtu_size
port_security_enabled = true
shared = false
region = var.main_region
shared = false
region = var.main_region
}
# Subnet
resource "openstack_networking_subnet_v2" "timescaledb_subnet" {
name = "timescaledb-subnet"
description = "subnet used to connect to the shared TimeScaleDB service"
description = "subnet used to connect to the shared TimeScaleDB service"
network_id = openstack_networking_network_v2.timescaledb_net.id
cidr = var.timescaledb_net.network_cidr
dns_nameservers = var.resolvers_ip
ip_version = 4
enable_dhcp = true
no_gateway = true
ip_version = 4
enable_dhcp = true
no_gateway = true
allocation_pool {
start = var.timescaledb_net.allocation_pool_start
end = var.timescaledb_net.allocation_pool_end
@ -30,20 +30,20 @@ resource "openstack_networking_subnet_v2" "timescaledb_subnet" {
# Security group
resource "openstack_networking_secgroup_v2" "timescaledb_access" {
name = "access_to_the_timescaledb_service"
delete_default_rules = "true"
description = "Access the shared TimeScaleDB service using the dedicated network"
name = "access_to_the_timescaledb_service"
delete_default_rules = "true"
description = "Access the shared TimeScaleDB service using the dedicated network"
}
resource "openstack_networking_secgroup_rule_v2" "timescaledb_access_from_dedicated_subnet" {
security_group_id = openstack_networking_secgroup_v2.timescaledb_access.id
description = "Allow connections to port 5432 from the 192.168.11.0/24 network"
direction = "ingress"
ethertype = "IPv4"
protocol = "tcp"
port_range_min = 5432
port_range_max = 5432
remote_ip_prefix = var.timescaledb_net.network_cidr
security_group_id = openstack_networking_secgroup_v2.timescaledb_access.id
description = "Allow connections to port 5432 from the 192.168.11.0/24 network"
direction = "ingress"
ethertype = "IPv4"
protocol = "tcp"
port_range_min = 5432
port_range_max = 5432
remote_ip_prefix = var.timescaledb_net.network_cidr
}
resource "openstack_compute_servergroup_v2" "timescaledb_cluster" {
@ -53,12 +53,12 @@ resource "openstack_compute_servergroup_v2" "timescaledb_cluster" {
# Instances with an additional block device
resource "openstack_compute_instance_v2" "timescaledb_server" {
count = var.timescaledb_nodes_count
name = var.timescaledb_server_data.node_name
count = var.timescaledb_nodes_count
name = var.timescaledb_server_data.node_name
availability_zone_hints = var.availability_zones_names.availability_zone_no_gpu
flavor_name = var.timescaledb_node_flavor
key_pair = var.ssh_key_file.name
security_groups = [var.default_security_group_name,openstack_networking_secgroup_v2.timescaledb_access.name]
flavor_name = var.timescaledb_node_flavor
key_pair = var.ssh_key_file.name
security_groups = [var.default_security_group_name, openstack_networking_secgroup_v2.timescaledb_access.name]
scheduler_hints {
group = openstack_compute_servergroup_v2.timescaledb_cluster.id
}
@ -83,11 +83,11 @@ resource "openstack_compute_instance_v2" "timescaledb_server" {
name = var.main_private_network.name
}
network {
name = var.timescaledb_net.network_name
fixed_ip_v4 = var.timescaledb_ip.*[count.index]
name = var.timescaledb_net.network_name
fixed_ip_v4 = var.timescaledb_ip.* [count.index]
}
user_data = "${file("${var.ubuntu2204_data_file}")}"
user_data = file("${var.ubuntu2204_data_file}")
depends_on = [openstack_networking_subnet_v2.timescaledb_subnet]
}