diff --git a/openstack-tf/d4s-dev/geoserver/.terraform.lock.hcl b/openstack-tf/d4s-dev/geoserver/.terraform.lock.hcl new file mode 100644 index 0000000..95c8b6a --- /dev/null +++ b/openstack-tf/d4s-dev/geoserver/.terraform.lock.hcl @@ -0,0 +1,24 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/terraform-provider-openstack/openstack" { + version = "1.53.0" + constraints = "~> 1.53.0" + hashes = [ + "h1:YLGvYkSuagyP5orUTyKNK+JhzS17EFTUDpZ5R5/fFv4=", + "zh:09da7ca98ffd3de7b9ce36c4c13446212a6e763ba1162be71b50f95d453cb68e", + "zh:14041bcbb87312411d88612056ed185650bfd01284b8ea0761ce8105a331708e", + "zh:35bf4c788fdbc17c8e40ebc7b33c7de4b45a2fa2efaa657b10f0e3bd37c9627f", + "zh:46ede8ef4cfa12d654c538afc1e1ec34a1f3e8eb4e986ee23dceae398b7176a6", + "zh:59675734990dab1e8d87997853ea75e8104bba730b3f5a7146ac735540c9d6bf", + "zh:6de52428849806498670e827b54810be7510a2a79449602c1aede4235a0ec036", + "zh:78b2a20601272afceffac8f8ca78a6b647b84196c0dd8dc710fae297f6be15a4", + "zh:7c41ed3a4fac09677e676ecf9f9edd1e38eef449e656cb01a848d2c799c6de8f", + "zh:852800228f4118a4aa6cfaa4468b851247cbed6f037fd204f08de69eb1edc149", + "zh:86d618e7f9a07d978b8bc4b190be350a00de64ec535f9c8f5dfe133542a55483", + "zh:963a9e72b66d8bcf43de9b14a674ae3ca3719ce2f829217f7a65b66fc3773397", + "zh:a8e72ab67795071bda61f99a6de3d2d40122fb51971768fd75e1324abe874ced", + "zh:ce1890cf3af17d569af3bc7673cec0a8f78e6f5d701767593f3d29c551f44848", + "zh:e6f1b96eb684f527a47f71923f268c86a36d7894751b31ee9e726d7502a639cd", + ] +} diff --git a/openstack-tf/d4s-dev/geoserver/geoserver.tf b/openstack-tf/d4s-dev/geoserver/geoserver.tf new file mode 120000 index 0000000..e934684 --- /dev/null +++ b/openstack-tf/d4s-dev/geoserver/geoserver.tf @@ -0,0 +1 @@ +../../modules/geoserver/geoserver.tf \ No newline at end of file diff --git a/openstack-tf/d4s-dev/geoserver/geoserver.zip b/openstack-tf/d4s-dev/geoserver/geoserver.zip new file mode 100644 index 0000000..8b6690f Binary files /dev/null and b/openstack-tf/d4s-dev/geoserver/geoserver.zip differ diff --git a/openstack-tf/d4s-dev/geoserver/main.tf b/openstack-tf/d4s-dev/geoserver/main.tf new file mode 100644 index 0000000..e3df3d8 --- /dev/null +++ b/openstack-tf/d4s-dev/geoserver/main.tf @@ -0,0 +1,18 @@ +# Define required providers +terraform { + required_version = ">= 0.14.0" + required_providers { + openstack = { + source = "terraform-provider-openstack/openstack" + version = "~> 1.53.0" + } + } +} + +data "terraform_remote_state" "privnet_dns_router" { + backend = "local" + + config = { + path = "../project-setup/terraform.tfstate" + } +} diff --git a/openstack-tf/d4s-dev/geoserver/provider.tf b/openstack-tf/d4s-dev/geoserver/provider.tf new file mode 100644 index 0000000..fa7a121 --- /dev/null +++ b/openstack-tf/d4s-dev/geoserver/provider.tf @@ -0,0 +1,3 @@ +provider "openstack" { + cloud = "d4s-dev" +} diff --git a/openstack-tf/d4s-dev/geoserver/variables-dev.tf b/openstack-tf/d4s-dev/geoserver/variables-dev.tf new file mode 120000 index 0000000..fde4869 --- /dev/null +++ b/openstack-tf/d4s-dev/geoserver/variables-dev.tf @@ -0,0 +1 @@ +../variables/variables-dev.tf \ No newline at end of file diff --git a/openstack-tf/d4s-dev/geoserver/variables-geoserver.tf b/openstack-tf/d4s-dev/geoserver/variables-geoserver.tf new file mode 120000 index 0000000..36ea770 --- /dev/null +++ b/openstack-tf/d4s-dev/geoserver/variables-geoserver.tf @@ -0,0 +1 @@ +../../modules/geoserver/variables-geoserver.tf \ No newline at end of file diff --git a/openstack-tf/d4s-dev/geoserver/variables.tf b/openstack-tf/d4s-dev/geoserver/variables.tf new file mode 120000 index 0000000..be9f787 --- /dev/null +++ b/openstack-tf/d4s-dev/geoserver/variables.tf @@ -0,0 +1 @@ +../../modules/common_variables/variables.tf \ No newline at end of file diff --git a/openstack-tf/d4s-dev/variables/variables-dev.tf b/openstack-tf/d4s-dev/variables/variables-dev.tf index c033677..501738a 100644 --- a/openstack-tf/d4s-dev/variables/variables-dev.tf +++ b/openstack-tf/d4s-dev/variables/variables-dev.tf @@ -7,13 +7,13 @@ variable "os_project_data" { } variable "dns_zone" { - type = map(string) + type = map(string) default = { - zone_name = "cloud-dev.d4science.org." - email = "postmaster@isti.cnr.it" + zone_name = "cloud-dev.d4science.org." + email = "postmaster@isti.cnr.it" description = "DNS primary zone for the d4s-dev-cloud project" - ttl = 8600 - } + ttl = 8600 + } } variable "dns_zone_id" { @@ -28,62 +28,62 @@ variable "default_security_group_name" { variable "main_private_network" { type = map(string) default = { - name = "d4s-dev-cloud-main" + name = "d4s-dev-cloud-main" description = "D4Science DEV private network (use this as the main network)" - } + } } variable "main_private_subnet" { type = map(string) default = { - name = "d4s-dev-cloud-sub" - description = "D4Science DEV main private subnet" - cidr = "10.1.28.0/22" - gateway_ip = "10.1.28.1" + name = "d4s-dev-cloud-sub" + description = "D4Science DEV main private subnet" + cidr = "10.1.28.0/22" + gateway_ip = "10.1.28.1" allocation_start = "10.1.28.30" - allocation_end = "10.1.31.254" - } + allocation_end = "10.1.31.254" + } } variable "external_router" { type = map(string) default = { - name = "d4s-dev-cloud-external-router" + name = "d4s-dev-cloud-external-router" description = "D4Science DEV main router" - id = "2ae28c5f-036b-45db-bc9f-5bab8fa3e914" - } + id = "2ae28c5f-036b-45db-bc9f-5bab8fa3e914" + } } variable "main_haproxy_l7_ip" { - type = list(string) + type = list(string) default = ["10.1.28.50", "10.1.30.241"] } variable "octavia_information" { type = map(string) default = { - main_lb_name = "lb-dev-l4" + main_lb_name = "lb-dev-l4" main_lb_description = "Main L4 load balancer for the D4Science DEV" - octavia_flavor = "octavia_amphora-mvcpu-ha" - octavia_flavor_id = "394988b5-6603-4a1e-a939-8e177c6681c7" - main_lb_hostname = "main-lb" + octavia_flavor = "octavia_amphora-mvcpu-ha" + octavia_flavor_id = "394988b5-6603-4a1e-a939-8e177c6681c7" + main_lb_hostname = "main-lb" } } variable "basic_services_ip" { type = map(string) default = { - ca = "10.1.29.247" - ca_cidr = "10.1.29.247/32" - ssh_jump = "10.1.29.164" - ssh_jump_cidr = "10.1.29.164/32" - prometheus = "10.1.30.129" - prometheus_cidr = "10.1.30.129/32" - haproxy_l7_1 = "10.1.28.50" + ca = "10.1.29.247" + ca_cidr = "10.1.29.247/32" + ssh_jump = "10.1.29.164" + ssh_jump_cidr = "10.1.29.164/32" + prometheus = "10.1.30.129" + prometheus_cidr = "10.1.30.129/32" + haproxy_l7_1 = "10.1.28.50" haproxy_l7_1_cidr = "10.1.28.50/32" - haproxy_l7_2 = "10.1.30.241" + haproxy_l7_2 = "10.1.30.241" haproxy_l7_2_cidr = "10.1.30.241/32" - octavia_main = "10.1.28.227" + octavia_main = "10.1.28.227" octavia_main_cidr = "10.1.28.227/32" } } @@ -91,29 +91,55 @@ variable "basic_services_ip" { variable "orientdb_net" { type = map(string) default = { - network_name = "orientdb-net" - network_description = "Network used by the OrientDB cluster and to access the service" - network_cidr = "192.168.10.0/24" - allocation_pool_start = "192.168.10.11" - allocation_pool_end = "192.168.10.254" - } + network_name = "orientdb-net" + network_description = "Network used by the OrientDB cluster and to access the service" + network_cidr = "192.168.10.0/24" + allocation_pool_start = "192.168.10.11" + allocation_pool_end = "192.168.10.254" + } } variable "orientdb_se_net" { type = map(string) default = { - network_name = "orientdb-se-net" - network_description = "Network used by the OrientDB for Smart Executor" - network_cidr = "192.168.12.0/24" - allocation_pool_start = "192.168.12.11" - allocation_pool_end = "192.168.12.254" - } + network_name = "orientdb-se-net" + network_description = "Network used by the OrientDB for Smart Executor" + network_cidr = "192.168.12.0/24" + allocation_pool_start = "192.168.12.11" + allocation_pool_end = "192.168.12.254" + } } variable "orientdb_se_secgroup" { - default = "access_to_orientdb_se" + default = "access_to_orientdb_se" } variable "postgresql_secgroup" { - default = "PostgreSQL service" + default = "PostgreSQL service" +} + +#Added by Francesco +variable "security_group_list" { + type = map(string) + default = { + postgreSQL = "PostgreSQL service" + acaland = "acaland's dev machine" + haproxy = "HAPROXY L7" + access_to_orientdb = "access_to_orientdb" + dataminer-publish = "dataminer-publish" + docker_swarm_NFS = "Docker Swarm NFS" + public_HTTPS = "Public HTTPS" + haproxy = "HAPROXY L7" + orientdb_internal_docker_traffic = "orientdb_internal_docker_traffic" + limited_SSH_access = "Limited SSH access" + access_to_the_timescaledb_service = "access_to_the_timescaledb_service" + docker_swarm = "Docker Swarm" + http_and_https_from_the_load_balancers = "http and https from the load balancers" + limited_HTTPS_access = "Limited HTTPS access" + mongo = "mongo" + limited_SSH_access = "Limited SSH access" + default = "default" + cassandra = "Cassandra" + access_to_orientdb_se = "access_to_orientdb_se" + } } diff --git a/openstack-tf/modules/common_variables/variables.tf b/openstack-tf/modules/common_variables/variables.tf index 011f40f..2ed0fcd 100644 --- a/openstack-tf/modules/common_variables/variables.tf +++ b/openstack-tf/modules/common_variables/variables.tf @@ -1,15 +1,15 @@ # Global definitions variable "main_region" { - type = string + type = string default = "isti_area_pi_1" } variable "external_network" { - type = map(string) + type = map(string) default = { name = "external-network" - id = "1d2ff137-6ff7-4017-be2b-0d6c4af2353b" - } + id = "1d2ff137-6ff7-4017-be2b-0d6c4af2353b" + } } variable "floating_ip_pools" { @@ -25,14 +25,14 @@ variable "resolvers_ip" { } variable "mtu_size" { - type = number + type = number default = 8942 } variable "availability_zones_names" { type = map(string) default = { - availability_zone_no_gpu = "cnr-isti-nova-a" + availability_zone_no_gpu = "cnr-isti-nova-a" availability_zone_with_gpu = "cnr-isti-nova-gpu-a" } } @@ -40,11 +40,11 @@ variable "availability_zones_names" { variable "ssh_sources" { type = map(string) default = { - s2i2s_vpn_1_cidr = "146.48.28.10/32" - s2i2s_vpn_2_cidr = "146.48.28.11/32" - d4s_vpn_1_cidr = "146.48.122.27/32" - d4s_vpn_2_cidr = "146.48.122.49/32" - shell_d4s_cidr = "146.48.122.95/32" + s2i2s_vpn_1_cidr = "146.48.28.10/32" + s2i2s_vpn_2_cidr = "146.48.28.11/32" + d4s_vpn_1_cidr = "146.48.122.27/32" + d4s_vpn_2_cidr = "146.48.122.49/32" + shell_d4s_cidr = "146.48.122.95/32" infrascience_net_cidr = "146.48.122.0/23" } } @@ -52,21 +52,21 @@ variable "ssh_sources" { variable "networks_with_d4s_services" { type = map(string) default = { - "isti_net" = "146.48.80.0/21" - "s2i2s_net" = "146.48.28.0/22" + "isti_net" = "146.48.80.0/21" + "s2i2s_net" = "146.48.28.0/22" "infrascience_net" = "146.48.122.0/23" - "garr_ct1_net" = "90.147.166.0/23" - "garr_pa1_net" = "90.147.188.0/23" - "garr_na_net" = "90.147.152.0/24" + "garr_ct1_net" = "90.147.166.0/23" + "garr_pa1_net" = "90.147.188.0/23" + "garr_na_net" = "90.147.152.0/24" } } variable "ssh_key_file" { type = map(string) default = { - file = "~/.ssh/id_ed25519" - name = "adellam" - } + file = "~/.ssh/privateKeySsh" + name = "francescomangiacrapa" + } } variable "ubuntu_1804" { @@ -75,7 +75,7 @@ variable "ubuntu_1804" { default = { name = "Ubuntu-Bionic-18.04" uuid = "7ed6a2cd-2b07-482e-8ce4-f018dff16c89" - } + } } variable "ubuntu_2204" { @@ -83,7 +83,7 @@ variable "ubuntu_2204" { default = { name = "Ubuntu-Jammy-22.04" uuid = "54768889-8556-4be4-a2eb-82a4d9b34627" - } + } } variable "centos_7" { @@ -91,7 +91,7 @@ variable "centos_7" { default = { name = "CentOS-7" uuid = "f0187a99-64f6-462a-ab5f-ef52fe62f2ca" - } + } } variable "almalinux_9" { @@ -99,7 +99,7 @@ variable "almalinux_9" { default = { name = "AlmaLinux-9.0-20220718" uuid = "541650fc-dd19-4f38-bb1d-7333ed9dd688" - } + } } variable "ubuntu1804_data_file" { @@ -117,61 +117,61 @@ variable "el7_data_file" { variable "ssh_jump_proxy" { type = map(string) default = { - name = "ssh-jump-proxy" + name = "ssh-jump-proxy" flavor = "m2.small" - } + } } variable "internal_ca_data" { type = map(string) default = { - name ="ca" + name = "ca" flavor = "m1.small" - } + } } variable "prometheus_server_data" { type = map(string) default = { - name ="prometheus" - flavor = "m1.medium" - vol_data_name = "prometheus-data" - vol_data_size = "100" - vol_data_device = "/dev/vdb" + name = "prometheus" + flavor = "m1.medium" + vol_data_name = "prometheus-data" + vol_data_size = "100" + vol_data_device = "/dev/vdb" public_grafana_server_cidr = "146.48.122.132/32" - } + } } variable "shared_postgresql_server_data" { type = map(string) default = { - name ="shared-postgresql-server" - flavor = "m1.medium" - vol_data_name = "shared-postgresql-data" - vol_data_size = "100" + name = "shared-postgresql-server" + flavor = "m1.medium" + vol_data_name = "shared-postgresql-data" + vol_data_size = "100" vol_data_device = "/dev/vdb" -# vol_backup_name = "" -# vol_backup_size = "" -# vol_backup_device = "" - network_name = "postgresql-srv-net" - network_description = "Network used to communicate with the shared postgresql service" - network_cidr = "192.168.0.0/22" + # vol_backup_name = "" + # vol_backup_size = "" + # vol_backup_device = "" + network_name = "postgresql-srv-net" + network_description = "Network used to communicate with the shared postgresql service" + network_cidr = "192.168.0.0/22" allocation_pool_start = "192.168.0.100" - allocation_pool_end = "192.168.3.254" - server_ip = "192.168.0.5" - server_cidr = "192.168.0.5/22" - } + allocation_pool_end = "192.168.3.254" + server_ip = "192.168.0.5" + server_cidr = "192.168.0.5/22" + } } variable "haproxy_l7_data" { type = map(string) default = { - name = "main-haproxy-l7" + name = "main-haproxy-l7" haproxy_1 = "haproxy-l7-1" haproxy_2 = "haproxy-l7-2" - flavor = "m1.medium" - vm_count = "2" - } + flavor = "m1.medium" + vm_count = "2" + } } variable "resource_registry_addresses" { diff --git a/openstack-tf/modules/geoserver/geoserver.tf b/openstack-tf/modules/geoserver/geoserver.tf new file mode 100644 index 0000000..a6a1433 --- /dev/null +++ b/openstack-tf/modules/geoserver/geoserver.tf @@ -0,0 +1,38 @@ +# Geoserver attached volume - used for 'geoserver_data' +resource "openstack_blockstorage_volume_v3" "geoserver_data_vol" { + name = var.geoserver_basic_data.vol_data_name + size = var.geoserver_basic_data.vol_data_size +} + +# Geoserver instance +resource "openstack_compute_instance_v2" "geoserver" { + name = var.geoserver_basic.name + availability_zone_hints = var.availability_zones_names.availability_zone_no_gpu + flavor_name = var.geoserver_basic.flavor + key_pair = var.ssh_key_file.name + security_groups = [var.security_group_list.default, var.security_group_list.http_and_https_from_the_load_balancers] + block_device { + uuid = var.ubuntu_1804.uuid + source_type = "image" + volume_size = 10 + boot_index = 0 + destination_type = "volume" + delete_on_termination = false + } + network { + name = var.main_private_network.name + } + network { + name = var.shared_postgresql_server_data.network_name + } + user_data = file("${var.ubuntu1804_data_file}") +} + + +# Attach the additional volume +resource "openstack_compute_volume_attach_v2" "geoserver_data_attach_vol" { + instance_id = openstack_compute_instance_v2.geoserver.id + volume_id = openstack_blockstorage_volume_v3.geoserver_data_vol.id + device = var.geoserver_basic_data.vol_data_device + depends_on = [openstack_compute_instance_v2.geoserver] +} diff --git a/openstack-tf/modules/geoserver/variables-geoserver.tf b/openstack-tf/modules/geoserver/variables-geoserver.tf new file mode 100644 index 0000000..a685d92 --- /dev/null +++ b/openstack-tf/modules/geoserver/variables-geoserver.tf @@ -0,0 +1,17 @@ +variable "geoserver_basic" { + type = map(string) + default = { + name = "geoserver" + description = "Geoserver instance" + flavor = "c1.medium" + } +} + +variable "geoserver_basic_data" { + type = map(string) + default = { + vol_data_name = "geoserver_data_volume" + vol_data_size = "20" + vol_data_device = "/dev/vdb" + } +}