diff --git a/openstack-tf/d4s-dev/orientdb/dev-orientdb.auto.tfvars b/openstack-tf/d4s-dev/orientdb/dev-orientdb.auto.tfvars new file mode 100644 index 00000000..899ad3f7 --- /dev/null +++ b/openstack-tf/d4s-dev/orientdb/dev-orientdb.auto.tfvars @@ -0,0 +1,5 @@ +orientdb_nodes_count = 3 +orientdb_node_flavor = "m1.medium" +orientdb_se_node_flavor = "m1.medium" +orientdb_se_ip = "192.168.12.4" +orientdb_se_cidr = "192.168.12.4/32" diff --git a/openstack-tf/d4s-dev/orientdb/dev.auto.tfvars b/openstack-tf/d4s-dev/orientdb/dev.auto.tfvars new file mode 120000 index 00000000..55e7b69c --- /dev/null +++ b/openstack-tf/d4s-dev/orientdb/dev.auto.tfvars @@ -0,0 +1 @@ +../variables/dev.auto.tfvars \ No newline at end of file diff --git a/openstack-tf/d4s-dev/orientdb/main.tf b/openstack-tf/d4s-dev/orientdb/main.tf index f7f73faf..3a4e66b9 100644 --- a/openstack-tf/d4s-dev/orientdb/main.tf +++ b/openstack-tf/d4s-dev/orientdb/main.tf @@ -1,6 +1,6 @@ # Define required providers terraform { -required_version = ">= 0.14.0" + required_version = ">= 0.14.0" required_providers { openstack = { source = "terraform-provider-openstack/openstack" @@ -17,10 +17,80 @@ data "terraform_remote_state" "privnet_dns_router" { } } -# module "variables" { -# source = "../variables" +# data "terraform_remote_state" "basic_infrastructure" { +# backend = "local" + +# config = { +# path = "../basic-infrastructure/terraform.tfstate" +# } # } # module "orientdb" { # source = "../../modules/orientdb" +# os_project_data = { +# id = "e8f8ca72f30648a8b389b4e745ac83a9" +# } + +# dns_zone = { +# zone_name = "cloud-dev.d4science.org." +# email = "postmaster@isti.cnr.it" +# description = "DNS primary zone for the d4s-dev-cloud project" +# ttl = 8600 +# } + +# dns_zone_id = "cbae638a-9d99-44aa-946c-0f5ffb7fc488" + +# default_security_group_name = "default" + +# main_private_network = { +# name = "d4s-dev-cloud-main" +# description = "D4Science DEV private network (use this as the main network)" +# } + +# main_private_subnet = { +# name = "d4s-dev-cloud-sub" +# description = "D4Science DEV main private subnet" +# cidr = "10.1.28.0/22" +# gateway_ip = "10.1.28.1" +# allocation_start = "10.1.28.30" +# allocation_end = "10.1.31.254" +# } + +# external_router = { +# name = "d4s-dev-cloud-external-router" +# description = "D4Science DEV main router" +# id = "2ae28c5f-036b-45db-bc9f-5bab8fa3e914" +# } + +# main_haproxy_l7_ip = ["10.1.28.50", "10.1.30.241"] + +# octavia_information = { +# main_lb_name = "lb-dev-l4" +# main_lb_description = "Main L4 load balancer for the D4Science DEV" +# octavia_flavor = "octavia_amphora-mvcpu-ha" +# octavia_flavor_id = "394988b5-6603-4a1e-a939-8e177c6681c7" +# main_lb_hostname = "main-lb" +# } + +# basic_services_ip = { +# ca = "10.1.29.247" +# ca_cidr = "10.1.29.247/32" +# ssh_jump = "10.1.29.164" +# ssh_jump_cidr = "10.1.29.164/32" +# prometheus = "10.1.30.129" +# prometheus_cidr = "10.1.30.129/32" +# haproxy_l7_1 = "10.1.28.50" +# haproxy_l7_1_cidr = "10.1.28.50/32" +# haproxy_l7_2 = "10.1.30.241" +# haproxy_l7_2_cidr = "10.1.30.241/32" +# octavia_main = "10.1.28.227" +# octavia_main_cidr = "10.1.28.227/32" +# } + +# orientdb_nodes_count = 3 +# orientdb_node_flavor = "m1.medium" +# orientdb_se_node_flavor = "m1.medium" +# orientdb_se_ip = "192.168.12.4" +# orientdb_se_cidr = "192.168.12.4/32" + # } diff --git a/openstack-tf/d4s-dev/orientdb/orientdb.auto.tfvars b/openstack-tf/d4s-dev/orientdb/orientdb.auto.tfvars deleted file mode 100644 index 80692a19..00000000 --- a/openstack-tf/d4s-dev/orientdb/orientdb.auto.tfvars +++ /dev/null @@ -1,7 +0,0 @@ -orientdb_nodes_count = 3 -orientdb_node_flavor = "m1.medium" -orientdb_se_node_flavor = "m1.medium" -orientdb_se_ip = "192.168.12.4" -orientdb_se_cidr = "192.168.12.4/32" - -default_security_group_name = "default" diff --git a/openstack-tf/d4s-dev/orientdb/outputs.tf b/openstack-tf/d4s-dev/orientdb/outputs.tf new file mode 120000 index 00000000..5c8e7fba --- /dev/null +++ b/openstack-tf/d4s-dev/orientdb/outputs.tf @@ -0,0 +1 @@ +../../modules/common_variables/outputs.tf \ No newline at end of file diff --git a/openstack-tf/d4s-dev/orientdb/provider.tf b/openstack-tf/d4s-dev/orientdb/provider.tf index df431972..e39e6c9d 100644 --- a/openstack-tf/d4s-dev/orientdb/provider.tf +++ b/openstack-tf/d4s-dev/orientdb/provider.tf @@ -1,4 +1,4 @@ provider "openstack" { - cloud = "d4s-dev" + cloud = "d4s-dev" } diff --git a/openstack-tf/d4s-dev/orientdb/terraform.tfstate b/openstack-tf/d4s-dev/orientdb/terraform.tfstate index bce53f61..c32360c4 100644 --- a/openstack-tf/d4s-dev/orientdb/terraform.tfstate +++ b/openstack-tf/d4s-dev/orientdb/terraform.tfstate @@ -1,7 +1,7 @@ { "version": 4, "terraform_version": "1.6.4", - "serial": 44, + "serial": 58, "lineage": "7607c85c-02c0-0227-fd2b-4958c821fe57", "outputs": {}, "resources": [ @@ -138,7 +138,7 @@ "default" ], "stop_before_destroy": false, - "tags": null, + "tags": [], "timeouts": null, "updated": "2023-11-23 10:48:27 +0000 UTC", "user_data": "bb83b25fd1219aa1b850ece9be8d7b0f31714608", @@ -588,7 +588,7 @@ "region": "isti_area_pi_1", "segments": [], "shared": false, - "tags": null, + "tags": [], "tenant_id": "e8f8ca72f30648a8b389b4e745ac83a9", "timeouts": null, "transparent_vlan": false, @@ -672,9 +672,9 @@ "description": "TCP traffic from the load balancers", "direction": "ingress", "ethertype": "IPv4", - "id": "6799246f-a17b-4e46-b2fe-8e4e5e21a3de", - "port_range_max": 2424, - "port_range_min": 2424, + "id": "b4cdae7a-0771-4dbf-b6c7-7513eb904acf", + "port_range_max": 2480, + "port_range_min": 2480, "protocol": "tcp", "region": "isti_area_pi_1", "remote_group_id": "", @@ -696,9 +696,9 @@ "description": "TCP traffic from the load balancers", "direction": "ingress", "ethertype": "IPv4", - "id": "f2729899-f411-4b13-9c8f-12eb81a9f1e9", - "port_range_max": 2424, - "port_range_min": 2424, + "id": "6e78f200-1ed3-4d70-b803-100ca0f41d0d", + "port_range_max": 2480, + "port_range_min": 2480, "protocol": "tcp", "region": "isti_area_pi_1", "remote_group_id": "", @@ -725,10 +725,10 @@ "index_key": "10.1.29.164/32", "schema_version": 0, "attributes": { - "description": "TCP traffic from the resource registries and the SSH jump server", + "description": "TCP traffic from the smart executors and the SSH jump server", "direction": "ingress", "ethertype": "IPv4", - "id": "6fd47297-3621-4827-8d19-4cca9db46a05", + "id": "38ffd61d-6ec8-413f-a61a-c95b68687f6c", "port_range_max": 2490, "port_range_min": 2424, "protocol": "tcp", @@ -751,10 +751,10 @@ "index_key": "192.168.12.0/24", "schema_version": 0, "attributes": { - "description": "TCP traffic from the resource registries and the SSH jump server", + "description": "TCP traffic from the smart executors and the SSH jump server", "direction": "ingress", "ethertype": "IPv4", - "id": "f1c1e536-df8f-4da7-82b9-a4d564ed6744", + "id": "e4f06118-5298-492a-853e-6a45aa97ad13", "port_range_max": 2490, "port_range_min": 2424, "protocol": "tcp", @@ -788,9 +788,9 @@ "description": "TCP traffic from the load balancers", "direction": "ingress", "ethertype": "IPv4", - "id": "8180389a-0741-4a6c-9625-0f2ee1e7770f", - "port_range_max": 2424, - "port_range_min": 2424, + "id": "ad34990c-1b8e-4aec-984d-4d68d5dff075", + "port_range_max": 2480, + "port_range_min": 2480, "protocol": "tcp", "region": "isti_area_pi_1", "remote_group_id": "", @@ -812,9 +812,9 @@ "description": "TCP traffic from the load balancers", "direction": "ingress", "ethertype": "IPv4", - "id": "a0486ca2-7bf4-471f-9f4b-1b9964eb9dc2", - "port_range_max": 2424, - "port_range_min": 2424, + "id": "0a79ae44-7ff9-47ac-8b07-936e399aa227", + "port_range_max": 2480, + "port_range_min": 2480, "protocol": "tcp", "region": "isti_area_pi_1", "remote_group_id": "", @@ -946,7 +946,7 @@ "attributes": { "all_tags": [], "delete_default_rules": true, - "description": "Clients that talk to the OrientDB service", + "description": "Clients that talk to the OrientDB SE service", "id": "f72e0d63-949e-47b7-95fa-69cc7ff2415a", "name": "access_to_orientdb_se", "region": "isti_area_pi_1", @@ -1026,7 +1026,7 @@ "region": "isti_area_pi_1", "service_types": [], "subnetpool_id": "", - "tags": null, + "tags": [], "tenant_id": "e8f8ca72f30648a8b389b4e745ac83a9", "timeouts": null, "value_specs": null diff --git a/openstack-tf/d4s-dev/orientdb/variables-dev.tf b/openstack-tf/d4s-dev/orientdb/variables-dev.tf deleted file mode 120000 index fde4869e..00000000 --- a/openstack-tf/d4s-dev/orientdb/variables-dev.tf +++ /dev/null @@ -1 +0,0 @@ -../variables/variables-dev.tf \ No newline at end of file diff --git a/openstack-tf/d4s-dev/variables/dev.auto.tfvars b/openstack-tf/d4s-dev/variables/dev.auto.tfvars new file mode 100644 index 00000000..427abdbc --- /dev/null +++ b/openstack-tf/d4s-dev/variables/dev.auto.tfvars @@ -0,0 +1,60 @@ +# +os_project_data = { + id = "e8f8ca72f30648a8b389b4e745ac83a9" +} + +dns_zone = { + zone_name = "cloud-dev.d4science.org." + email = "postmaster@isti.cnr.it" + description = "DNS primary zone for the d4s-dev-cloud project" + ttl = 8600 +} + +dns_zone_id = "cbae638a-9d99-44aa-946c-0f5ffb7fc488" + +default_security_group_name = "default" + +main_private_network = { + name = "d4s-dev-cloud-main" + description = "D4Science DEV private network (use this as the main network)" +} + +main_private_subnet = { + name = "d4s-dev-cloud-sub" + description = "D4Science DEV main private subnet" + cidr = "10.1.28.0/22" + gateway_ip = "10.1.28.1" + allocation_start = "10.1.28.30" + allocation_end = "10.1.31.254" +} + +external_router = { + name = "d4s-dev-cloud-external-router" + description = "D4Science DEV main router" + id = "2ae28c5f-036b-45db-bc9f-5bab8fa3e914" +} + +main_haproxy_l7_ip = ["10.1.28.50", "10.1.30.241"] + +octavia_information = { + main_lb_name = "lb-dev-l4" + main_lb_description = "Main L4 load balancer for the D4Science DEV" + octavia_flavor = "octavia_amphora-mvcpu-ha" + octavia_flavor_id = "394988b5-6603-4a1e-a939-8e177c6681c7" + main_lb_hostname = "main-lb" +} + +basic_services_ip = { + ca = "10.1.29.247" + ca_cidr = "10.1.29.247/32" + ssh_jump = "10.1.29.164" + ssh_jump_cidr = "10.1.29.164/32" + prometheus = "10.1.30.129" + prometheus_cidr = "10.1.30.129/32" + haproxy_l7_1 = "10.1.28.50" + haproxy_l7_1_cidr = "10.1.28.50/32" + haproxy_l7_2 = "10.1.30.241" + haproxy_l7_2_cidr = "10.1.30.241/32" + octavia_main = "10.1.28.227" + octavia_main_cidr = "10.1.28.227/32" +} diff --git a/openstack-tf/d4s-dev/variables/outputs-dev.tf b/openstack-tf/d4s-dev/variables/outputs-dev.tf new file mode 100644 index 00000000..db2715e4 --- /dev/null +++ b/openstack-tf/d4s-dev/variables/outputs-dev.tf @@ -0,0 +1,7 @@ +output "os_project_data" { + value = var.os_project_data +} + +output "main_haproxy_l7_ip" { + value = var.main_haproxy_l7_ip +} diff --git a/openstack-tf/d4s-dev/variables/variables-dev.tf b/openstack-tf/d4s-dev/variables/variables-dev.tf index 501738a3..62ab3a99 100644 --- a/openstack-tf/d4s-dev/variables/variables-dev.tf +++ b/openstack-tf/d4s-dev/variables/variables-dev.tf @@ -87,59 +87,3 @@ variable "basic_services_ip" { octavia_main_cidr = "10.1.28.227/32" } } - -variable "orientdb_net" { - type = map(string) - default = { - network_name = "orientdb-net" - network_description = "Network used by the OrientDB cluster and to access the service" - network_cidr = "192.168.10.0/24" - allocation_pool_start = "192.168.10.11" - allocation_pool_end = "192.168.10.254" - } -} - -variable "orientdb_se_net" { - type = map(string) - default = { - network_name = "orientdb-se-net" - network_description = "Network used by the OrientDB for Smart Executor" - network_cidr = "192.168.12.0/24" - allocation_pool_start = "192.168.12.11" - allocation_pool_end = "192.168.12.254" - } -} - -variable "orientdb_se_secgroup" { - default = "access_to_orientdb_se" -} - -variable "postgresql_secgroup" { - default = "PostgreSQL service" -} - -#Added by Francesco -variable "security_group_list" { - type = map(string) - default = { - postgreSQL = "PostgreSQL service" - acaland = "acaland's dev machine" - haproxy = "HAPROXY L7" - access_to_orientdb = "access_to_orientdb" - dataminer-publish = "dataminer-publish" - docker_swarm_NFS = "Docker Swarm NFS" - public_HTTPS = "Public HTTPS" - haproxy = "HAPROXY L7" - orientdb_internal_docker_traffic = "orientdb_internal_docker_traffic" - limited_SSH_access = "Limited SSH access" - access_to_the_timescaledb_service = "access_to_the_timescaledb_service" - docker_swarm = "Docker Swarm" - http_and_https_from_the_load_balancers = "http and https from the load balancers" - limited_HTTPS_access = "Limited HTTPS access" - mongo = "mongo" - limited_SSH_access = "Limited SSH access" - default = "default" - cassandra = "Cassandra" - access_to_orientdb_se = "access_to_orientdb_se" - } -} diff --git a/openstack-tf/modules/common_variables/variables.tf b/openstack-tf/modules/common_variables/variables.tf index f8807ee0..5223b446 100644 --- a/openstack-tf/modules/common_variables/variables.tf +++ b/openstack-tf/modules/common_variables/variables.tf @@ -327,3 +327,29 @@ variable "flavor_list" { m2_large = "m2.large" #RAM 32 - VCPUs 8 } } + +# Added by Francesco +variable "security_group_list" { + type = map(string) + default = { + postgreSQL = "PostgreSQL service" + acaland = "acaland's dev machine" + haproxy = "HAPROXY L7" + access_to_orientdb = "access_to_orientdb" + dataminer-publish = "dataminer-publish" + docker_swarm_NFS = "Docker Swarm NFS" + public_HTTPS = "Public HTTPS" + haproxy = "HAPROXY L7" + orientdb_internal_docker_traffic = "orientdb_internal_docker_traffic" + limited_SSH_access = "Limited SSH access" + access_to_the_timescaledb_service = "access_to_the_timescaledb_service" + docker_swarm = "Docker Swarm" + http_and_https_from_the_load_balancers = "http and https from the load balancers" + limited_HTTPS_access = "Limited HTTPS access" + mongo = "mongo" + limited_SSH_access = "Limited SSH access" + default = "default" + cassandra = "Cassandra" + access_to_orientdb_se = "access_to_orientdb_se" + } +} diff --git a/openstack-tf/modules/liferay/liferay.tf b/openstack-tf/modules/liferay/liferay.tf new file mode 100644 index 00000000..c1534464 --- /dev/null +++ b/openstack-tf/modules/liferay/liferay.tf @@ -0,0 +1,37 @@ +# +# Liferay nodes +# +# Server group +# +resource "openstack_compute_servergroup_v2" "liferay" { + name = "liferay" + policies = ["anti-affinity"] +} + +# Instance +resource "openstack_compute_instance_v2" "liferay" { + count = var.liferay_data.vm_count + name = format("%s-%02d", var.liferay_data.name, count.index + 1) + availability_zone_hints = var.availability_zones_names.availability_zone_no_gpu + flavor_name = var.liferay_data.flavor + key_pair = module.ssh_settings.ssh_key_name + security_groups = [var.default_security_group_name, "traffic_from_the_main_load_balancers", "restricted_web_service"] + scheduler_hints { + group = openstack_compute_servergroup_v2.liferay.id + } + block_device { + uuid = var.ubuntu_1804.uuid + source_type = "image" + volume_size = 10 + boot_index = 0 + destination_type = "volume" + delete_on_termination = false + } + + network { + name = var.main_private_network.name + fixed_ip_v4 = var.liferay_ip.* [count.index] + } + + user_data = file("${var.ubuntu1804_data_file}") +} diff --git a/openstack-tf/modules/liferay/outputs.tf b/openstack-tf/modules/liferay/outputs.tf new file mode 120000 index 00000000..d953b684 --- /dev/null +++ b/openstack-tf/modules/liferay/outputs.tf @@ -0,0 +1 @@ +../common_variables/outputs.tf \ No newline at end of file diff --git a/openstack-tf/modules/liferay/terraform-provider.tf b/openstack-tf/modules/liferay/terraform-provider.tf new file mode 100644 index 00000000..21cde0e6 --- /dev/null +++ b/openstack-tf/modules/liferay/terraform-provider.tf @@ -0,0 +1,27 @@ +# Define required providers +terraform { +required_version = ">= 0.14.0" + required_providers { + openstack = { + source = "terraform-provider-openstack/openstack" + version = "~> 1.53.0" + } + } +} + +data "terraform_remote_state" "privnet_dns_router" { + backend = "local" + + config = { + path = "../project-setup/terraform.tfstate" + } +} + +data "terraform_remote_state" "basic_infrastructure" { + backend = "local" + + config = { + path = "../basic-infrastructure/terraform.tfstate" + } +} + diff --git a/openstack-tf/modules/liferay/variables.tf b/openstack-tf/modules/liferay/variables.tf new file mode 120000 index 00000000..619d9672 --- /dev/null +++ b/openstack-tf/modules/liferay/variables.tf @@ -0,0 +1 @@ +../common_variables/variables.tf \ No newline at end of file diff --git a/openstack-tf/modules/orientdb/orientdb.tf b/openstack-tf/modules/orientdb/orientdb.tf index 7be003cb..6c46a853 100644 --- a/openstack-tf/modules/orientdb/orientdb.tf +++ b/openstack-tf/modules/orientdb/orientdb.tf @@ -1,153 +1,4 @@ -# Define required providers -# terraform { -# required_version = ">= 0.14.0" -# required_providers { -# openstack = { -# source = "terraform-provider-openstack/openstack" -# version = "~> 1.53.0" -# } -# } -# } -# -# module "common_variables" { -# source = "../../modules/common_variables" -# } -# -# Server group -# -# resource "openstack_compute_servergroup_v2" "orientdb_cluster" { -# name = "orientdb_cluster" -# policies = ["soft-anti-affinity"] -# } -# # -# # Network for the cluster traffic -# # -# resource "openstack_networking_network_v2" "orientdb_network" { -# name = var.orientdb_net.network_name -# admin_state_up = "true" -# external = "false" -# description = var.orientdb_net.network_description -# mtu = module.common_variables.mtu_size_value -# port_security_enabled = true -# shared = false -# region = module.common_variables.main_region_name -# } - -# # Subnet -# resource "openstack_networking_subnet_v2" "orientdb_subnet" { -# name = "orientdb-subnet" -# description = "Subnet used by the OrientDB service" -# network_id = openstack_networking_network_v2.orientdb_network.id -# cidr = var.orientdb_net.network_cidr -# dns_nameservers = module.common_variables.resolvers_ip -# ip_version = 4 -# enable_dhcp = true -# no_gateway = true -# allocation_pool { -# start = var.orientdb_net.allocation_pool_start -# end = var.orientdb_net.allocation_pool_end -# } -# } - -# # -# # Security groups -# # -# # Between OrientDB nodes -# resource "openstack_networking_secgroup_v2" "orientdb_internal_traffic" { -# name = "orientdb_internal_docker_traffic" -# delete_default_rules = "true" -# description = "Traffic between the OrientDB nodes" -# } -# resource "openstack_networking_secgroup_rule_v2" "everything_udp" { -# count = var.orientdb_nodes_count -# security_group_id = openstack_networking_secgroup_v2.orientdb_internal_traffic.id -# description = "UDP traffic between OrientDB nodes" -# direction = "ingress" -# ethertype = "IPv4" -# protocol = "udp" -# remote_ip_prefix = var.orientdb_ip.*[count.index]/32 -# } -# resource "openstack_networking_secgroup_rule_v2" "everything_tcp" { -# count = var.orientdb_nodes_count -# security_group_id = openstack_networking_secgroup_v2.orientdb_internal_traffic.id -# description = "TCP traffic between OrientDB nodes" -# direction = "ingress" -# ethertype = "IPv4" -# protocol = "tcp" -# remote_ip_prefix = var.orientdb_ip.*[count.index]/32 -# } - -# resource "openstack_networking_secgroup_v2" "access_to_orientdb" { -# name = "access_to_orientdb" -# delete_default_rules = "true" -# description = "Clients that talk to the OrientDB service" -# } -# resource "openstack_networking_secgroup_rule_v2" "access_to_orient_udp" { -# security_group_id = openstack_networking_secgroup_v2.access_to_orientdb.id -# description = "UDP traffic" -# direction = "ingress" -# ethertype = "IPv4" -# protocol = "udp" -# remote_ip_prefix = openstack_networking_subnet_v2.orientdb_subnet.cidr -# } -# resource "openstack_networking_secgroup_rule_v2" "access_to_orient_tcp" { -# security_group_id = openstack_networking_secgroup_v2.access_to_orientdb.id -# description = "TCP traffic" -# direction = "ingress" -# ethertype = "IPv4" -# protocol = "tcp" -# remote_ip_prefix = openstack_networking_subnet_v2.orientdb_subnet.cidr -# } - -# # -# # OrientDB -# # -# # Instance -# resource "openstack_compute_instance_v2" "orientdb_servers" { -# count = local.orientdb_nodes_count -# name = format("%s-%02d", var.orientdb_data.node_name, count.index+1) -# availability_zone_hints = module.common_variables.availability_zone_no_gpu_name -# flavor_name = var.orientdb_data.node_flavor -# key_pair = module.common_variables.ssh_key_file_config -# security_groups = [openstack_networking_secgroup_v2.default.name,openstack_networking_secgroup_v2.orientdb_internal_traffic.name] -# scheduler_hints { -# group = openstack_compute_servergroup_v2.orientdb_cluster.id -# } -# block_device { -# uuid = module.ubuntu2204.uuid -# source_type = "image" -# volume_size = 10 -# boot_index = 0 -# destination_type = "volume" -# delete_on_termination = false -# } - -# block_device { -# source_type = "blank" -# volume_size = var.orientdb_data.node_data_disk_size -# boot_index = -1 -# destination_type = "volume" -# delete_on_termination = false -# } - -# network { -# name = var.main_private_network.name -# } -# network { -# name = var.orientdb_net.network_name -# fixed_ip_v4 = var.orientdb_ip.*[count.index] -# } - -# user_data = "${file("${module.common_variables.ubuntu2204_datafile}")}" -# depends_on = [ openstack_networking_subnet_v2.orientdb_subnet ] -# } - -# locals { -# orientdb_nodes_count = 3 -# } - -# -# Not using modules here +# OrientDB and OrientDB for the smart executors # resource "openstack_compute_servergroup_v2" "orientdb_cluster" { name = "orientdb_cluster" @@ -256,8 +107,8 @@ resource "openstack_networking_secgroup_rule_v2" "access_to_orient_from_haproxy" for_each = toset( [var.basic_services_ip.haproxy_l7_1_cidr, var.basic_services_ip.haproxy_l7_2_cidr]) security_group_id = openstack_networking_secgroup_v2.access_to_orientdb.id description = "TCP traffic from the load balancers" - port_range_min = 2424 - port_range_max = 2424 + port_range_min = 2480 + port_range_max = 2480 direction = "ingress" ethertype = "IPv4" protocol = "tcp" @@ -269,12 +120,12 @@ resource "openstack_networking_secgroup_rule_v2" "access_to_orient_from_haproxy" resource "openstack_networking_secgroup_v2" "access_to_orientdb_se" { name = "access_to_orientdb_se" delete_default_rules = "true" - description = "Clients that talk to the OrientDB service" + description = "Clients that talk to the OrientDB SE service" } resource "openstack_networking_secgroup_rule_v2" "access_to_orient_se_from_clients" { for_each = toset([var.basic_services_ip.ssh_jump_cidr, openstack_networking_subnet_v2.orientdb_se_subnet.cidr]) security_group_id = openstack_networking_secgroup_v2.access_to_orientdb_se.id - description = "TCP traffic from the resource registries and the SSH jump server" + description = "TCP traffic from the smart executors and the SSH jump server" port_range_min = 2424 port_range_max = 2490 direction = "ingress" @@ -286,8 +137,8 @@ resource "openstack_networking_secgroup_rule_v2" "access_to_orient_se_from_hapro for_each = toset( [var.basic_services_ip.haproxy_l7_1_cidr, var.basic_services_ip.haproxy_l7_2_cidr]) security_group_id = openstack_networking_secgroup_v2.access_to_orientdb_se.id description = "TCP traffic from the load balancers" - port_range_min = 2424 - port_range_max = 2424 + port_range_min = 2480 + port_range_max = 2480 direction = "ingress" ethertype = "IPv4" protocol = "tcp" @@ -299,11 +150,11 @@ resource "openstack_networking_secgroup_rule_v2" "access_to_orient_se_from_hapro # # Instances used by the resource registry resource "openstack_compute_instance_v2" "orientdb_servers" { - count = local.orientdb_nodes_count + count = var.orientdb_nodes_count name = format("%s-%02d", var.orientdb_data.node_name, count.index+1) availability_zone_hints = var.availability_zones_names.availability_zone_no_gpu flavor_name = var.orientdb_node_flavor - key_pair = var.ssh_key_file.name + key_pair = module.ssh_settings.ssh_key_name security_groups = [var.default_security_group_name,openstack_networking_secgroup_v2.orientdb_internal_traffic.name,openstack_networking_secgroup_v2.access_to_orientdb.name] scheduler_hints { group = openstack_compute_servergroup_v2.orientdb_cluster.id @@ -342,7 +193,7 @@ resource "openstack_compute_instance_v2" "orientdb_se_server" { name = "orientdb-se" availability_zone_hints = var.availability_zones_names.availability_zone_no_gpu flavor_name = var.orientdb_se_node_flavor - key_pair = var.ssh_key_file.name + key_pair = module.ssh_settings.ssh_key_name security_groups = [var.default_security_group_name,openstack_networking_secgroup_v2.access_to_orientdb_se.name] block_device { uuid = var.ubuntu_2204.uuid @@ -373,7 +224,3 @@ resource "openstack_compute_instance_v2" "orientdb_se_server" { depends_on = [ openstack_networking_subnet_v2.orientdb_se_subnet ] } -locals { - orientdb_nodes_count = var.orientdb_nodes_count -} - diff --git a/openstack-tf/modules/orientdb/outputs.tf b/openstack-tf/modules/orientdb/outputs.tf new file mode 120000 index 00000000..d953b684 --- /dev/null +++ b/openstack-tf/modules/orientdb/outputs.tf @@ -0,0 +1 @@ +../common_variables/outputs.tf \ No newline at end of file diff --git a/openstack-tf/modules/orientdb/terraform-provider.tf b/openstack-tf/modules/orientdb/terraform-provider.tf new file mode 100644 index 00000000..a4b36e6a --- /dev/null +++ b/openstack-tf/modules/orientdb/terraform-provider.tf @@ -0,0 +1,11 @@ +# Define required providers +terraform { +required_version = ">= 0.14.0" + required_providers { + openstack = { + source = "terraform-provider-openstack/openstack" + version = "~> 1.53.0" + } + } +} + diff --git a/openstack-tf/modules/orientdb/variables-orientdb.tf b/openstack-tf/modules/orientdb/variables-orientdb.tf index ad245bbd..5655a5a4 100644 --- a/openstack-tf/modules/orientdb/variables-orientdb.tf +++ b/openstack-tf/modules/orientdb/variables-orientdb.tf @@ -35,3 +35,34 @@ variable "orientdb_se_ip" { variable "orientdb_se_cidr" { default = "" } + +variable "orientdb_net" { + type = map(string) + default = { + network_name = "orientdb-net" + network_description = "Network used by the OrientDB cluster and to access the service" + network_cidr = "192.168.10.0/24" + allocation_pool_start = "192.168.10.11" + allocation_pool_end = "192.168.10.254" + } +} + +variable "orientdb_se_net" { + type = map(string) + default = { + network_name = "orientdb-se-net" + network_description = "Network used by the OrientDB for Smart Executor" + network_cidr = "192.168.12.0/24" + allocation_pool_start = "192.168.12.11" + allocation_pool_end = "192.168.12.254" + } +} + +variable "orientdb_se_secgroup" { + default = "access_to_orientdb_se" +} + +variable "postgresql_secgroup" { + default = "PostgreSQL service" +} + diff --git a/openstack-tf/modules/orientdb/variables.tf b/openstack-tf/modules/orientdb/variables.tf new file mode 120000 index 00000000..619d9672 --- /dev/null +++ b/openstack-tf/modules/orientdb/variables.tf @@ -0,0 +1 @@ +../common_variables/variables.tf \ No newline at end of file