Fix the orientdb module.
This commit is contained in:
parent
f771b207fe
commit
a3fc3784b4
|
@ -0,0 +1,5 @@
|
||||||
|
orientdb_nodes_count = 3
|
||||||
|
orientdb_node_flavor = "m1.medium"
|
||||||
|
orientdb_se_node_flavor = "m1.medium"
|
||||||
|
orientdb_se_ip = "192.168.12.4"
|
||||||
|
orientdb_se_cidr = "192.168.12.4/32"
|
|
@ -0,0 +1 @@
|
||||||
|
../variables/dev.auto.tfvars
|
|
@ -17,10 +17,80 @@ data "terraform_remote_state" "privnet_dns_router" {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
# module "variables" {
|
# data "terraform_remote_state" "basic_infrastructure" {
|
||||||
# source = "../variables"
|
# backend = "local"
|
||||||
|
|
||||||
|
# config = {
|
||||||
|
# path = "../basic-infrastructure/terraform.tfstate"
|
||||||
|
# }
|
||||||
# }
|
# }
|
||||||
|
|
||||||
# module "orientdb" {
|
# module "orientdb" {
|
||||||
# source = "../../modules/orientdb"
|
# source = "../../modules/orientdb"
|
||||||
|
# os_project_data = {
|
||||||
|
# id = "e8f8ca72f30648a8b389b4e745ac83a9"
|
||||||
|
# }
|
||||||
|
|
||||||
|
# dns_zone = {
|
||||||
|
# zone_name = "cloud-dev.d4science.org."
|
||||||
|
# email = "postmaster@isti.cnr.it"
|
||||||
|
# description = "DNS primary zone for the d4s-dev-cloud project"
|
||||||
|
# ttl = 8600
|
||||||
|
# }
|
||||||
|
|
||||||
|
# dns_zone_id = "cbae638a-9d99-44aa-946c-0f5ffb7fc488"
|
||||||
|
|
||||||
|
# default_security_group_name = "default"
|
||||||
|
|
||||||
|
# main_private_network = {
|
||||||
|
# name = "d4s-dev-cloud-main"
|
||||||
|
# description = "D4Science DEV private network (use this as the main network)"
|
||||||
|
# }
|
||||||
|
|
||||||
|
# main_private_subnet = {
|
||||||
|
# name = "d4s-dev-cloud-sub"
|
||||||
|
# description = "D4Science DEV main private subnet"
|
||||||
|
# cidr = "10.1.28.0/22"
|
||||||
|
# gateway_ip = "10.1.28.1"
|
||||||
|
# allocation_start = "10.1.28.30"
|
||||||
|
# allocation_end = "10.1.31.254"
|
||||||
|
# }
|
||||||
|
|
||||||
|
# external_router = {
|
||||||
|
# name = "d4s-dev-cloud-external-router"
|
||||||
|
# description = "D4Science DEV main router"
|
||||||
|
# id = "2ae28c5f-036b-45db-bc9f-5bab8fa3e914"
|
||||||
|
# }
|
||||||
|
|
||||||
|
# main_haproxy_l7_ip = ["10.1.28.50", "10.1.30.241"]
|
||||||
|
|
||||||
|
# octavia_information = {
|
||||||
|
# main_lb_name = "lb-dev-l4"
|
||||||
|
# main_lb_description = "Main L4 load balancer for the D4Science DEV"
|
||||||
|
# octavia_flavor = "octavia_amphora-mvcpu-ha"
|
||||||
|
# octavia_flavor_id = "394988b5-6603-4a1e-a939-8e177c6681c7"
|
||||||
|
# main_lb_hostname = "main-lb"
|
||||||
|
# }
|
||||||
|
|
||||||
|
# basic_services_ip = {
|
||||||
|
# ca = "10.1.29.247"
|
||||||
|
# ca_cidr = "10.1.29.247/32"
|
||||||
|
# ssh_jump = "10.1.29.164"
|
||||||
|
# ssh_jump_cidr = "10.1.29.164/32"
|
||||||
|
# prometheus = "10.1.30.129"
|
||||||
|
# prometheus_cidr = "10.1.30.129/32"
|
||||||
|
# haproxy_l7_1 = "10.1.28.50"
|
||||||
|
# haproxy_l7_1_cidr = "10.1.28.50/32"
|
||||||
|
# haproxy_l7_2 = "10.1.30.241"
|
||||||
|
# haproxy_l7_2_cidr = "10.1.30.241/32"
|
||||||
|
# octavia_main = "10.1.28.227"
|
||||||
|
# octavia_main_cidr = "10.1.28.227/32"
|
||||||
|
# }
|
||||||
|
|
||||||
|
# orientdb_nodes_count = 3
|
||||||
|
# orientdb_node_flavor = "m1.medium"
|
||||||
|
# orientdb_se_node_flavor = "m1.medium"
|
||||||
|
# orientdb_se_ip = "192.168.12.4"
|
||||||
|
# orientdb_se_cidr = "192.168.12.4/32"
|
||||||
|
|
||||||
# }
|
# }
|
||||||
|
|
|
@ -1,7 +0,0 @@
|
||||||
orientdb_nodes_count = 3
|
|
||||||
orientdb_node_flavor = "m1.medium"
|
|
||||||
orientdb_se_node_flavor = "m1.medium"
|
|
||||||
orientdb_se_ip = "192.168.12.4"
|
|
||||||
orientdb_se_cidr = "192.168.12.4/32"
|
|
||||||
|
|
||||||
default_security_group_name = "default"
|
|
|
@ -0,0 +1 @@
|
||||||
|
../../modules/common_variables/outputs.tf
|
|
@ -1,7 +1,7 @@
|
||||||
{
|
{
|
||||||
"version": 4,
|
"version": 4,
|
||||||
"terraform_version": "1.6.4",
|
"terraform_version": "1.6.4",
|
||||||
"serial": 44,
|
"serial": 58,
|
||||||
"lineage": "7607c85c-02c0-0227-fd2b-4958c821fe57",
|
"lineage": "7607c85c-02c0-0227-fd2b-4958c821fe57",
|
||||||
"outputs": {},
|
"outputs": {},
|
||||||
"resources": [
|
"resources": [
|
||||||
|
@ -138,7 +138,7 @@
|
||||||
"default"
|
"default"
|
||||||
],
|
],
|
||||||
"stop_before_destroy": false,
|
"stop_before_destroy": false,
|
||||||
"tags": null,
|
"tags": [],
|
||||||
"timeouts": null,
|
"timeouts": null,
|
||||||
"updated": "2023-11-23 10:48:27 +0000 UTC",
|
"updated": "2023-11-23 10:48:27 +0000 UTC",
|
||||||
"user_data": "bb83b25fd1219aa1b850ece9be8d7b0f31714608",
|
"user_data": "bb83b25fd1219aa1b850ece9be8d7b0f31714608",
|
||||||
|
@ -588,7 +588,7 @@
|
||||||
"region": "isti_area_pi_1",
|
"region": "isti_area_pi_1",
|
||||||
"segments": [],
|
"segments": [],
|
||||||
"shared": false,
|
"shared": false,
|
||||||
"tags": null,
|
"tags": [],
|
||||||
"tenant_id": "e8f8ca72f30648a8b389b4e745ac83a9",
|
"tenant_id": "e8f8ca72f30648a8b389b4e745ac83a9",
|
||||||
"timeouts": null,
|
"timeouts": null,
|
||||||
"transparent_vlan": false,
|
"transparent_vlan": false,
|
||||||
|
@ -672,9 +672,9 @@
|
||||||
"description": "TCP traffic from the load balancers",
|
"description": "TCP traffic from the load balancers",
|
||||||
"direction": "ingress",
|
"direction": "ingress",
|
||||||
"ethertype": "IPv4",
|
"ethertype": "IPv4",
|
||||||
"id": "6799246f-a17b-4e46-b2fe-8e4e5e21a3de",
|
"id": "b4cdae7a-0771-4dbf-b6c7-7513eb904acf",
|
||||||
"port_range_max": 2424,
|
"port_range_max": 2480,
|
||||||
"port_range_min": 2424,
|
"port_range_min": 2480,
|
||||||
"protocol": "tcp",
|
"protocol": "tcp",
|
||||||
"region": "isti_area_pi_1",
|
"region": "isti_area_pi_1",
|
||||||
"remote_group_id": "",
|
"remote_group_id": "",
|
||||||
|
@ -696,9 +696,9 @@
|
||||||
"description": "TCP traffic from the load balancers",
|
"description": "TCP traffic from the load balancers",
|
||||||
"direction": "ingress",
|
"direction": "ingress",
|
||||||
"ethertype": "IPv4",
|
"ethertype": "IPv4",
|
||||||
"id": "f2729899-f411-4b13-9c8f-12eb81a9f1e9",
|
"id": "6e78f200-1ed3-4d70-b803-100ca0f41d0d",
|
||||||
"port_range_max": 2424,
|
"port_range_max": 2480,
|
||||||
"port_range_min": 2424,
|
"port_range_min": 2480,
|
||||||
"protocol": "tcp",
|
"protocol": "tcp",
|
||||||
"region": "isti_area_pi_1",
|
"region": "isti_area_pi_1",
|
||||||
"remote_group_id": "",
|
"remote_group_id": "",
|
||||||
|
@ -725,10 +725,10 @@
|
||||||
"index_key": "10.1.29.164/32",
|
"index_key": "10.1.29.164/32",
|
||||||
"schema_version": 0,
|
"schema_version": 0,
|
||||||
"attributes": {
|
"attributes": {
|
||||||
"description": "TCP traffic from the resource registries and the SSH jump server",
|
"description": "TCP traffic from the smart executors and the SSH jump server",
|
||||||
"direction": "ingress",
|
"direction": "ingress",
|
||||||
"ethertype": "IPv4",
|
"ethertype": "IPv4",
|
||||||
"id": "6fd47297-3621-4827-8d19-4cca9db46a05",
|
"id": "38ffd61d-6ec8-413f-a61a-c95b68687f6c",
|
||||||
"port_range_max": 2490,
|
"port_range_max": 2490,
|
||||||
"port_range_min": 2424,
|
"port_range_min": 2424,
|
||||||
"protocol": "tcp",
|
"protocol": "tcp",
|
||||||
|
@ -751,10 +751,10 @@
|
||||||
"index_key": "192.168.12.0/24",
|
"index_key": "192.168.12.0/24",
|
||||||
"schema_version": 0,
|
"schema_version": 0,
|
||||||
"attributes": {
|
"attributes": {
|
||||||
"description": "TCP traffic from the resource registries and the SSH jump server",
|
"description": "TCP traffic from the smart executors and the SSH jump server",
|
||||||
"direction": "ingress",
|
"direction": "ingress",
|
||||||
"ethertype": "IPv4",
|
"ethertype": "IPv4",
|
||||||
"id": "f1c1e536-df8f-4da7-82b9-a4d564ed6744",
|
"id": "e4f06118-5298-492a-853e-6a45aa97ad13",
|
||||||
"port_range_max": 2490,
|
"port_range_max": 2490,
|
||||||
"port_range_min": 2424,
|
"port_range_min": 2424,
|
||||||
"protocol": "tcp",
|
"protocol": "tcp",
|
||||||
|
@ -788,9 +788,9 @@
|
||||||
"description": "TCP traffic from the load balancers",
|
"description": "TCP traffic from the load balancers",
|
||||||
"direction": "ingress",
|
"direction": "ingress",
|
||||||
"ethertype": "IPv4",
|
"ethertype": "IPv4",
|
||||||
"id": "8180389a-0741-4a6c-9625-0f2ee1e7770f",
|
"id": "ad34990c-1b8e-4aec-984d-4d68d5dff075",
|
||||||
"port_range_max": 2424,
|
"port_range_max": 2480,
|
||||||
"port_range_min": 2424,
|
"port_range_min": 2480,
|
||||||
"protocol": "tcp",
|
"protocol": "tcp",
|
||||||
"region": "isti_area_pi_1",
|
"region": "isti_area_pi_1",
|
||||||
"remote_group_id": "",
|
"remote_group_id": "",
|
||||||
|
@ -812,9 +812,9 @@
|
||||||
"description": "TCP traffic from the load balancers",
|
"description": "TCP traffic from the load balancers",
|
||||||
"direction": "ingress",
|
"direction": "ingress",
|
||||||
"ethertype": "IPv4",
|
"ethertype": "IPv4",
|
||||||
"id": "a0486ca2-7bf4-471f-9f4b-1b9964eb9dc2",
|
"id": "0a79ae44-7ff9-47ac-8b07-936e399aa227",
|
||||||
"port_range_max": 2424,
|
"port_range_max": 2480,
|
||||||
"port_range_min": 2424,
|
"port_range_min": 2480,
|
||||||
"protocol": "tcp",
|
"protocol": "tcp",
|
||||||
"region": "isti_area_pi_1",
|
"region": "isti_area_pi_1",
|
||||||
"remote_group_id": "",
|
"remote_group_id": "",
|
||||||
|
@ -946,7 +946,7 @@
|
||||||
"attributes": {
|
"attributes": {
|
||||||
"all_tags": [],
|
"all_tags": [],
|
||||||
"delete_default_rules": true,
|
"delete_default_rules": true,
|
||||||
"description": "Clients that talk to the OrientDB service",
|
"description": "Clients that talk to the OrientDB SE service",
|
||||||
"id": "f72e0d63-949e-47b7-95fa-69cc7ff2415a",
|
"id": "f72e0d63-949e-47b7-95fa-69cc7ff2415a",
|
||||||
"name": "access_to_orientdb_se",
|
"name": "access_to_orientdb_se",
|
||||||
"region": "isti_area_pi_1",
|
"region": "isti_area_pi_1",
|
||||||
|
@ -1026,7 +1026,7 @@
|
||||||
"region": "isti_area_pi_1",
|
"region": "isti_area_pi_1",
|
||||||
"service_types": [],
|
"service_types": [],
|
||||||
"subnetpool_id": "",
|
"subnetpool_id": "",
|
||||||
"tags": null,
|
"tags": [],
|
||||||
"tenant_id": "e8f8ca72f30648a8b389b4e745ac83a9",
|
"tenant_id": "e8f8ca72f30648a8b389b4e745ac83a9",
|
||||||
"timeouts": null,
|
"timeouts": null,
|
||||||
"value_specs": null
|
"value_specs": null
|
||||||
|
|
|
@ -1 +0,0 @@
|
||||||
../variables/variables-dev.tf
|
|
|
@ -0,0 +1,60 @@
|
||||||
|
#
|
||||||
|
os_project_data = {
|
||||||
|
id = "e8f8ca72f30648a8b389b4e745ac83a9"
|
||||||
|
}
|
||||||
|
|
||||||
|
dns_zone = {
|
||||||
|
zone_name = "cloud-dev.d4science.org."
|
||||||
|
email = "postmaster@isti.cnr.it"
|
||||||
|
description = "DNS primary zone for the d4s-dev-cloud project"
|
||||||
|
ttl = 8600
|
||||||
|
}
|
||||||
|
|
||||||
|
dns_zone_id = "cbae638a-9d99-44aa-946c-0f5ffb7fc488"
|
||||||
|
|
||||||
|
default_security_group_name = "default"
|
||||||
|
|
||||||
|
main_private_network = {
|
||||||
|
name = "d4s-dev-cloud-main"
|
||||||
|
description = "D4Science DEV private network (use this as the main network)"
|
||||||
|
}
|
||||||
|
|
||||||
|
main_private_subnet = {
|
||||||
|
name = "d4s-dev-cloud-sub"
|
||||||
|
description = "D4Science DEV main private subnet"
|
||||||
|
cidr = "10.1.28.0/22"
|
||||||
|
gateway_ip = "10.1.28.1"
|
||||||
|
allocation_start = "10.1.28.30"
|
||||||
|
allocation_end = "10.1.31.254"
|
||||||
|
}
|
||||||
|
|
||||||
|
external_router = {
|
||||||
|
name = "d4s-dev-cloud-external-router"
|
||||||
|
description = "D4Science DEV main router"
|
||||||
|
id = "2ae28c5f-036b-45db-bc9f-5bab8fa3e914"
|
||||||
|
}
|
||||||
|
|
||||||
|
main_haproxy_l7_ip = ["10.1.28.50", "10.1.30.241"]
|
||||||
|
|
||||||
|
octavia_information = {
|
||||||
|
main_lb_name = "lb-dev-l4"
|
||||||
|
main_lb_description = "Main L4 load balancer for the D4Science DEV"
|
||||||
|
octavia_flavor = "octavia_amphora-mvcpu-ha"
|
||||||
|
octavia_flavor_id = "394988b5-6603-4a1e-a939-8e177c6681c7"
|
||||||
|
main_lb_hostname = "main-lb"
|
||||||
|
}
|
||||||
|
|
||||||
|
basic_services_ip = {
|
||||||
|
ca = "10.1.29.247"
|
||||||
|
ca_cidr = "10.1.29.247/32"
|
||||||
|
ssh_jump = "10.1.29.164"
|
||||||
|
ssh_jump_cidr = "10.1.29.164/32"
|
||||||
|
prometheus = "10.1.30.129"
|
||||||
|
prometheus_cidr = "10.1.30.129/32"
|
||||||
|
haproxy_l7_1 = "10.1.28.50"
|
||||||
|
haproxy_l7_1_cidr = "10.1.28.50/32"
|
||||||
|
haproxy_l7_2 = "10.1.30.241"
|
||||||
|
haproxy_l7_2_cidr = "10.1.30.241/32"
|
||||||
|
octavia_main = "10.1.28.227"
|
||||||
|
octavia_main_cidr = "10.1.28.227/32"
|
||||||
|
}
|
|
@ -0,0 +1,7 @@
|
||||||
|
output "os_project_data" {
|
||||||
|
value = var.os_project_data
|
||||||
|
}
|
||||||
|
|
||||||
|
output "main_haproxy_l7_ip" {
|
||||||
|
value = var.main_haproxy_l7_ip
|
||||||
|
}
|
|
@ -87,59 +87,3 @@ variable "basic_services_ip" {
|
||||||
octavia_main_cidr = "10.1.28.227/32"
|
octavia_main_cidr = "10.1.28.227/32"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "orientdb_net" {
|
|
||||||
type = map(string)
|
|
||||||
default = {
|
|
||||||
network_name = "orientdb-net"
|
|
||||||
network_description = "Network used by the OrientDB cluster and to access the service"
|
|
||||||
network_cidr = "192.168.10.0/24"
|
|
||||||
allocation_pool_start = "192.168.10.11"
|
|
||||||
allocation_pool_end = "192.168.10.254"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
variable "orientdb_se_net" {
|
|
||||||
type = map(string)
|
|
||||||
default = {
|
|
||||||
network_name = "orientdb-se-net"
|
|
||||||
network_description = "Network used by the OrientDB for Smart Executor"
|
|
||||||
network_cidr = "192.168.12.0/24"
|
|
||||||
allocation_pool_start = "192.168.12.11"
|
|
||||||
allocation_pool_end = "192.168.12.254"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
variable "orientdb_se_secgroup" {
|
|
||||||
default = "access_to_orientdb_se"
|
|
||||||
}
|
|
||||||
|
|
||||||
variable "postgresql_secgroup" {
|
|
||||||
default = "PostgreSQL service"
|
|
||||||
}
|
|
||||||
|
|
||||||
#Added by Francesco
|
|
||||||
variable "security_group_list" {
|
|
||||||
type = map(string)
|
|
||||||
default = {
|
|
||||||
postgreSQL = "PostgreSQL service"
|
|
||||||
acaland = "acaland's dev machine"
|
|
||||||
haproxy = "HAPROXY L7"
|
|
||||||
access_to_orientdb = "access_to_orientdb"
|
|
||||||
dataminer-publish = "dataminer-publish"
|
|
||||||
docker_swarm_NFS = "Docker Swarm NFS"
|
|
||||||
public_HTTPS = "Public HTTPS"
|
|
||||||
haproxy = "HAPROXY L7"
|
|
||||||
orientdb_internal_docker_traffic = "orientdb_internal_docker_traffic"
|
|
||||||
limited_SSH_access = "Limited SSH access"
|
|
||||||
access_to_the_timescaledb_service = "access_to_the_timescaledb_service"
|
|
||||||
docker_swarm = "Docker Swarm"
|
|
||||||
http_and_https_from_the_load_balancers = "http and https from the load balancers"
|
|
||||||
limited_HTTPS_access = "Limited HTTPS access"
|
|
||||||
mongo = "mongo"
|
|
||||||
limited_SSH_access = "Limited SSH access"
|
|
||||||
default = "default"
|
|
||||||
cassandra = "Cassandra"
|
|
||||||
access_to_orientdb_se = "access_to_orientdb_se"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
|
@ -327,3 +327,29 @@ variable "flavor_list" {
|
||||||
m2_large = "m2.large" #RAM 32 - VCPUs 8
|
m2_large = "m2.large" #RAM 32 - VCPUs 8
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Added by Francesco
|
||||||
|
variable "security_group_list" {
|
||||||
|
type = map(string)
|
||||||
|
default = {
|
||||||
|
postgreSQL = "PostgreSQL service"
|
||||||
|
acaland = "acaland's dev machine"
|
||||||
|
haproxy = "HAPROXY L7"
|
||||||
|
access_to_orientdb = "access_to_orientdb"
|
||||||
|
dataminer-publish = "dataminer-publish"
|
||||||
|
docker_swarm_NFS = "Docker Swarm NFS"
|
||||||
|
public_HTTPS = "Public HTTPS"
|
||||||
|
haproxy = "HAPROXY L7"
|
||||||
|
orientdb_internal_docker_traffic = "orientdb_internal_docker_traffic"
|
||||||
|
limited_SSH_access = "Limited SSH access"
|
||||||
|
access_to_the_timescaledb_service = "access_to_the_timescaledb_service"
|
||||||
|
docker_swarm = "Docker Swarm"
|
||||||
|
http_and_https_from_the_load_balancers = "http and https from the load balancers"
|
||||||
|
limited_HTTPS_access = "Limited HTTPS access"
|
||||||
|
mongo = "mongo"
|
||||||
|
limited_SSH_access = "Limited SSH access"
|
||||||
|
default = "default"
|
||||||
|
cassandra = "Cassandra"
|
||||||
|
access_to_orientdb_se = "access_to_orientdb_se"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
@ -0,0 +1,37 @@
|
||||||
|
#
|
||||||
|
# Liferay nodes
|
||||||
|
#
|
||||||
|
# Server group
|
||||||
|
#
|
||||||
|
resource "openstack_compute_servergroup_v2" "liferay" {
|
||||||
|
name = "liferay"
|
||||||
|
policies = ["anti-affinity"]
|
||||||
|
}
|
||||||
|
|
||||||
|
# Instance
|
||||||
|
resource "openstack_compute_instance_v2" "liferay" {
|
||||||
|
count = var.liferay_data.vm_count
|
||||||
|
name = format("%s-%02d", var.liferay_data.name, count.index + 1)
|
||||||
|
availability_zone_hints = var.availability_zones_names.availability_zone_no_gpu
|
||||||
|
flavor_name = var.liferay_data.flavor
|
||||||
|
key_pair = module.ssh_settings.ssh_key_name
|
||||||
|
security_groups = [var.default_security_group_name, "traffic_from_the_main_load_balancers", "restricted_web_service"]
|
||||||
|
scheduler_hints {
|
||||||
|
group = openstack_compute_servergroup_v2.liferay.id
|
||||||
|
}
|
||||||
|
block_device {
|
||||||
|
uuid = var.ubuntu_1804.uuid
|
||||||
|
source_type = "image"
|
||||||
|
volume_size = 10
|
||||||
|
boot_index = 0
|
||||||
|
destination_type = "volume"
|
||||||
|
delete_on_termination = false
|
||||||
|
}
|
||||||
|
|
||||||
|
network {
|
||||||
|
name = var.main_private_network.name
|
||||||
|
fixed_ip_v4 = var.liferay_ip.* [count.index]
|
||||||
|
}
|
||||||
|
|
||||||
|
user_data = file("${var.ubuntu1804_data_file}")
|
||||||
|
}
|
|
@ -0,0 +1 @@
|
||||||
|
../common_variables/outputs.tf
|
|
@ -0,0 +1,27 @@
|
||||||
|
# Define required providers
|
||||||
|
terraform {
|
||||||
|
required_version = ">= 0.14.0"
|
||||||
|
required_providers {
|
||||||
|
openstack = {
|
||||||
|
source = "terraform-provider-openstack/openstack"
|
||||||
|
version = "~> 1.53.0"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
data "terraform_remote_state" "privnet_dns_router" {
|
||||||
|
backend = "local"
|
||||||
|
|
||||||
|
config = {
|
||||||
|
path = "../project-setup/terraform.tfstate"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
data "terraform_remote_state" "basic_infrastructure" {
|
||||||
|
backend = "local"
|
||||||
|
|
||||||
|
config = {
|
||||||
|
path = "../basic-infrastructure/terraform.tfstate"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
@ -0,0 +1 @@
|
||||||
|
../common_variables/variables.tf
|
|
@ -1,153 +1,4 @@
|
||||||
# Define required providers
|
# OrientDB and OrientDB for the smart executors
|
||||||
# terraform {
|
|
||||||
# required_version = ">= 0.14.0"
|
|
||||||
# required_providers {
|
|
||||||
# openstack = {
|
|
||||||
# source = "terraform-provider-openstack/openstack"
|
|
||||||
# version = "~> 1.53.0"
|
|
||||||
# }
|
|
||||||
# }
|
|
||||||
# }
|
|
||||||
#
|
|
||||||
# module "common_variables" {
|
|
||||||
# source = "../../modules/common_variables"
|
|
||||||
# }
|
|
||||||
#
|
|
||||||
# Server group
|
|
||||||
#
|
|
||||||
# resource "openstack_compute_servergroup_v2" "orientdb_cluster" {
|
|
||||||
# name = "orientdb_cluster"
|
|
||||||
# policies = ["soft-anti-affinity"]
|
|
||||||
# }
|
|
||||||
# #
|
|
||||||
# # Network for the cluster traffic
|
|
||||||
# #
|
|
||||||
# resource "openstack_networking_network_v2" "orientdb_network" {
|
|
||||||
# name = var.orientdb_net.network_name
|
|
||||||
# admin_state_up = "true"
|
|
||||||
# external = "false"
|
|
||||||
# description = var.orientdb_net.network_description
|
|
||||||
# mtu = module.common_variables.mtu_size_value
|
|
||||||
# port_security_enabled = true
|
|
||||||
# shared = false
|
|
||||||
# region = module.common_variables.main_region_name
|
|
||||||
# }
|
|
||||||
|
|
||||||
# # Subnet
|
|
||||||
# resource "openstack_networking_subnet_v2" "orientdb_subnet" {
|
|
||||||
# name = "orientdb-subnet"
|
|
||||||
# description = "Subnet used by the OrientDB service"
|
|
||||||
# network_id = openstack_networking_network_v2.orientdb_network.id
|
|
||||||
# cidr = var.orientdb_net.network_cidr
|
|
||||||
# dns_nameservers = module.common_variables.resolvers_ip
|
|
||||||
# ip_version = 4
|
|
||||||
# enable_dhcp = true
|
|
||||||
# no_gateway = true
|
|
||||||
# allocation_pool {
|
|
||||||
# start = var.orientdb_net.allocation_pool_start
|
|
||||||
# end = var.orientdb_net.allocation_pool_end
|
|
||||||
# }
|
|
||||||
# }
|
|
||||||
|
|
||||||
# #
|
|
||||||
# # Security groups
|
|
||||||
# #
|
|
||||||
# # Between OrientDB nodes
|
|
||||||
# resource "openstack_networking_secgroup_v2" "orientdb_internal_traffic" {
|
|
||||||
# name = "orientdb_internal_docker_traffic"
|
|
||||||
# delete_default_rules = "true"
|
|
||||||
# description = "Traffic between the OrientDB nodes"
|
|
||||||
# }
|
|
||||||
# resource "openstack_networking_secgroup_rule_v2" "everything_udp" {
|
|
||||||
# count = var.orientdb_nodes_count
|
|
||||||
# security_group_id = openstack_networking_secgroup_v2.orientdb_internal_traffic.id
|
|
||||||
# description = "UDP traffic between OrientDB nodes"
|
|
||||||
# direction = "ingress"
|
|
||||||
# ethertype = "IPv4"
|
|
||||||
# protocol = "udp"
|
|
||||||
# remote_ip_prefix = var.orientdb_ip.*[count.index]/32
|
|
||||||
# }
|
|
||||||
# resource "openstack_networking_secgroup_rule_v2" "everything_tcp" {
|
|
||||||
# count = var.orientdb_nodes_count
|
|
||||||
# security_group_id = openstack_networking_secgroup_v2.orientdb_internal_traffic.id
|
|
||||||
# description = "TCP traffic between OrientDB nodes"
|
|
||||||
# direction = "ingress"
|
|
||||||
# ethertype = "IPv4"
|
|
||||||
# protocol = "tcp"
|
|
||||||
# remote_ip_prefix = var.orientdb_ip.*[count.index]/32
|
|
||||||
# }
|
|
||||||
|
|
||||||
# resource "openstack_networking_secgroup_v2" "access_to_orientdb" {
|
|
||||||
# name = "access_to_orientdb"
|
|
||||||
# delete_default_rules = "true"
|
|
||||||
# description = "Clients that talk to the OrientDB service"
|
|
||||||
# }
|
|
||||||
# resource "openstack_networking_secgroup_rule_v2" "access_to_orient_udp" {
|
|
||||||
# security_group_id = openstack_networking_secgroup_v2.access_to_orientdb.id
|
|
||||||
# description = "UDP traffic"
|
|
||||||
# direction = "ingress"
|
|
||||||
# ethertype = "IPv4"
|
|
||||||
# protocol = "udp"
|
|
||||||
# remote_ip_prefix = openstack_networking_subnet_v2.orientdb_subnet.cidr
|
|
||||||
# }
|
|
||||||
# resource "openstack_networking_secgroup_rule_v2" "access_to_orient_tcp" {
|
|
||||||
# security_group_id = openstack_networking_secgroup_v2.access_to_orientdb.id
|
|
||||||
# description = "TCP traffic"
|
|
||||||
# direction = "ingress"
|
|
||||||
# ethertype = "IPv4"
|
|
||||||
# protocol = "tcp"
|
|
||||||
# remote_ip_prefix = openstack_networking_subnet_v2.orientdb_subnet.cidr
|
|
||||||
# }
|
|
||||||
|
|
||||||
# #
|
|
||||||
# # OrientDB
|
|
||||||
# #
|
|
||||||
# # Instance
|
|
||||||
# resource "openstack_compute_instance_v2" "orientdb_servers" {
|
|
||||||
# count = local.orientdb_nodes_count
|
|
||||||
# name = format("%s-%02d", var.orientdb_data.node_name, count.index+1)
|
|
||||||
# availability_zone_hints = module.common_variables.availability_zone_no_gpu_name
|
|
||||||
# flavor_name = var.orientdb_data.node_flavor
|
|
||||||
# key_pair = module.common_variables.ssh_key_file_config
|
|
||||||
# security_groups = [openstack_networking_secgroup_v2.default.name,openstack_networking_secgroup_v2.orientdb_internal_traffic.name]
|
|
||||||
# scheduler_hints {
|
|
||||||
# group = openstack_compute_servergroup_v2.orientdb_cluster.id
|
|
||||||
# }
|
|
||||||
# block_device {
|
|
||||||
# uuid = module.ubuntu2204.uuid
|
|
||||||
# source_type = "image"
|
|
||||||
# volume_size = 10
|
|
||||||
# boot_index = 0
|
|
||||||
# destination_type = "volume"
|
|
||||||
# delete_on_termination = false
|
|
||||||
# }
|
|
||||||
|
|
||||||
# block_device {
|
|
||||||
# source_type = "blank"
|
|
||||||
# volume_size = var.orientdb_data.node_data_disk_size
|
|
||||||
# boot_index = -1
|
|
||||||
# destination_type = "volume"
|
|
||||||
# delete_on_termination = false
|
|
||||||
# }
|
|
||||||
|
|
||||||
# network {
|
|
||||||
# name = var.main_private_network.name
|
|
||||||
# }
|
|
||||||
# network {
|
|
||||||
# name = var.orientdb_net.network_name
|
|
||||||
# fixed_ip_v4 = var.orientdb_ip.*[count.index]
|
|
||||||
# }
|
|
||||||
|
|
||||||
# user_data = "${file("${module.common_variables.ubuntu2204_datafile}")}"
|
|
||||||
# depends_on = [ openstack_networking_subnet_v2.orientdb_subnet ]
|
|
||||||
# }
|
|
||||||
|
|
||||||
# locals {
|
|
||||||
# orientdb_nodes_count = 3
|
|
||||||
# }
|
|
||||||
|
|
||||||
#
|
|
||||||
# Not using modules here
|
|
||||||
#
|
#
|
||||||
resource "openstack_compute_servergroup_v2" "orientdb_cluster" {
|
resource "openstack_compute_servergroup_v2" "orientdb_cluster" {
|
||||||
name = "orientdb_cluster"
|
name = "orientdb_cluster"
|
||||||
|
@ -256,8 +107,8 @@ resource "openstack_networking_secgroup_rule_v2" "access_to_orient_from_haproxy"
|
||||||
for_each = toset( [var.basic_services_ip.haproxy_l7_1_cidr, var.basic_services_ip.haproxy_l7_2_cidr])
|
for_each = toset( [var.basic_services_ip.haproxy_l7_1_cidr, var.basic_services_ip.haproxy_l7_2_cidr])
|
||||||
security_group_id = openstack_networking_secgroup_v2.access_to_orientdb.id
|
security_group_id = openstack_networking_secgroup_v2.access_to_orientdb.id
|
||||||
description = "TCP traffic from the load balancers"
|
description = "TCP traffic from the load balancers"
|
||||||
port_range_min = 2424
|
port_range_min = 2480
|
||||||
port_range_max = 2424
|
port_range_max = 2480
|
||||||
direction = "ingress"
|
direction = "ingress"
|
||||||
ethertype = "IPv4"
|
ethertype = "IPv4"
|
||||||
protocol = "tcp"
|
protocol = "tcp"
|
||||||
|
@ -269,12 +120,12 @@ resource "openstack_networking_secgroup_rule_v2" "access_to_orient_from_haproxy"
|
||||||
resource "openstack_networking_secgroup_v2" "access_to_orientdb_se" {
|
resource "openstack_networking_secgroup_v2" "access_to_orientdb_se" {
|
||||||
name = "access_to_orientdb_se"
|
name = "access_to_orientdb_se"
|
||||||
delete_default_rules = "true"
|
delete_default_rules = "true"
|
||||||
description = "Clients that talk to the OrientDB service"
|
description = "Clients that talk to the OrientDB SE service"
|
||||||
}
|
}
|
||||||
resource "openstack_networking_secgroup_rule_v2" "access_to_orient_se_from_clients" {
|
resource "openstack_networking_secgroup_rule_v2" "access_to_orient_se_from_clients" {
|
||||||
for_each = toset([var.basic_services_ip.ssh_jump_cidr, openstack_networking_subnet_v2.orientdb_se_subnet.cidr])
|
for_each = toset([var.basic_services_ip.ssh_jump_cidr, openstack_networking_subnet_v2.orientdb_se_subnet.cidr])
|
||||||
security_group_id = openstack_networking_secgroup_v2.access_to_orientdb_se.id
|
security_group_id = openstack_networking_secgroup_v2.access_to_orientdb_se.id
|
||||||
description = "TCP traffic from the resource registries and the SSH jump server"
|
description = "TCP traffic from the smart executors and the SSH jump server"
|
||||||
port_range_min = 2424
|
port_range_min = 2424
|
||||||
port_range_max = 2490
|
port_range_max = 2490
|
||||||
direction = "ingress"
|
direction = "ingress"
|
||||||
|
@ -286,8 +137,8 @@ resource "openstack_networking_secgroup_rule_v2" "access_to_orient_se_from_hapro
|
||||||
for_each = toset( [var.basic_services_ip.haproxy_l7_1_cidr, var.basic_services_ip.haproxy_l7_2_cidr])
|
for_each = toset( [var.basic_services_ip.haproxy_l7_1_cidr, var.basic_services_ip.haproxy_l7_2_cidr])
|
||||||
security_group_id = openstack_networking_secgroup_v2.access_to_orientdb_se.id
|
security_group_id = openstack_networking_secgroup_v2.access_to_orientdb_se.id
|
||||||
description = "TCP traffic from the load balancers"
|
description = "TCP traffic from the load balancers"
|
||||||
port_range_min = 2424
|
port_range_min = 2480
|
||||||
port_range_max = 2424
|
port_range_max = 2480
|
||||||
direction = "ingress"
|
direction = "ingress"
|
||||||
ethertype = "IPv4"
|
ethertype = "IPv4"
|
||||||
protocol = "tcp"
|
protocol = "tcp"
|
||||||
|
@ -299,11 +150,11 @@ resource "openstack_networking_secgroup_rule_v2" "access_to_orient_se_from_hapro
|
||||||
#
|
#
|
||||||
# Instances used by the resource registry
|
# Instances used by the resource registry
|
||||||
resource "openstack_compute_instance_v2" "orientdb_servers" {
|
resource "openstack_compute_instance_v2" "orientdb_servers" {
|
||||||
count = local.orientdb_nodes_count
|
count = var.orientdb_nodes_count
|
||||||
name = format("%s-%02d", var.orientdb_data.node_name, count.index+1)
|
name = format("%s-%02d", var.orientdb_data.node_name, count.index+1)
|
||||||
availability_zone_hints = var.availability_zones_names.availability_zone_no_gpu
|
availability_zone_hints = var.availability_zones_names.availability_zone_no_gpu
|
||||||
flavor_name = var.orientdb_node_flavor
|
flavor_name = var.orientdb_node_flavor
|
||||||
key_pair = var.ssh_key_file.name
|
key_pair = module.ssh_settings.ssh_key_name
|
||||||
security_groups = [var.default_security_group_name,openstack_networking_secgroup_v2.orientdb_internal_traffic.name,openstack_networking_secgroup_v2.access_to_orientdb.name]
|
security_groups = [var.default_security_group_name,openstack_networking_secgroup_v2.orientdb_internal_traffic.name,openstack_networking_secgroup_v2.access_to_orientdb.name]
|
||||||
scheduler_hints {
|
scheduler_hints {
|
||||||
group = openstack_compute_servergroup_v2.orientdb_cluster.id
|
group = openstack_compute_servergroup_v2.orientdb_cluster.id
|
||||||
|
@ -342,7 +193,7 @@ resource "openstack_compute_instance_v2" "orientdb_se_server" {
|
||||||
name = "orientdb-se"
|
name = "orientdb-se"
|
||||||
availability_zone_hints = var.availability_zones_names.availability_zone_no_gpu
|
availability_zone_hints = var.availability_zones_names.availability_zone_no_gpu
|
||||||
flavor_name = var.orientdb_se_node_flavor
|
flavor_name = var.orientdb_se_node_flavor
|
||||||
key_pair = var.ssh_key_file.name
|
key_pair = module.ssh_settings.ssh_key_name
|
||||||
security_groups = [var.default_security_group_name,openstack_networking_secgroup_v2.access_to_orientdb_se.name]
|
security_groups = [var.default_security_group_name,openstack_networking_secgroup_v2.access_to_orientdb_se.name]
|
||||||
block_device {
|
block_device {
|
||||||
uuid = var.ubuntu_2204.uuid
|
uuid = var.ubuntu_2204.uuid
|
||||||
|
@ -373,7 +224,3 @@ resource "openstack_compute_instance_v2" "orientdb_se_server" {
|
||||||
depends_on = [ openstack_networking_subnet_v2.orientdb_se_subnet ]
|
depends_on = [ openstack_networking_subnet_v2.orientdb_se_subnet ]
|
||||||
}
|
}
|
||||||
|
|
||||||
locals {
|
|
||||||
orientdb_nodes_count = var.orientdb_nodes_count
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1 @@
|
||||||
|
../common_variables/outputs.tf
|
|
@ -0,0 +1,11 @@
|
||||||
|
# Define required providers
|
||||||
|
terraform {
|
||||||
|
required_version = ">= 0.14.0"
|
||||||
|
required_providers {
|
||||||
|
openstack = {
|
||||||
|
source = "terraform-provider-openstack/openstack"
|
||||||
|
version = "~> 1.53.0"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
@ -35,3 +35,34 @@ variable "orientdb_se_ip" {
|
||||||
variable "orientdb_se_cidr" {
|
variable "orientdb_se_cidr" {
|
||||||
default = ""
|
default = ""
|
||||||
}
|
}
|
||||||
|
|
||||||
|
variable "orientdb_net" {
|
||||||
|
type = map(string)
|
||||||
|
default = {
|
||||||
|
network_name = "orientdb-net"
|
||||||
|
network_description = "Network used by the OrientDB cluster and to access the service"
|
||||||
|
network_cidr = "192.168.10.0/24"
|
||||||
|
allocation_pool_start = "192.168.10.11"
|
||||||
|
allocation_pool_end = "192.168.10.254"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "orientdb_se_net" {
|
||||||
|
type = map(string)
|
||||||
|
default = {
|
||||||
|
network_name = "orientdb-se-net"
|
||||||
|
network_description = "Network used by the OrientDB for Smart Executor"
|
||||||
|
network_cidr = "192.168.12.0/24"
|
||||||
|
allocation_pool_start = "192.168.12.11"
|
||||||
|
allocation_pool_end = "192.168.12.254"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "orientdb_se_secgroup" {
|
||||||
|
default = "access_to_orientdb_se"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "postgresql_secgroup" {
|
||||||
|
default = "PostgreSQL service"
|
||||||
|
}
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1 @@
|
||||||
|
../common_variables/variables.tf
|
Loading…
Reference in New Issue