From d59195c25318949750492c357ee0b43475a9a5b3 Mon Sep 17 00:00:00 2001 From: Andrea Dell'Amico Date: Thu, 16 Nov 2023 18:55:24 +0100 Subject: [PATCH] An attempt on using modules. Add orientdb. --- .../common_setups/15-security-groups.tf | 2 +- .../common_setups/25-ssh-jump-proxy.tf | 2 +- openstack-tf/common_setups/30-internal-ca.tf | 2 +- openstack-tf/common_setups/35-prometheus.tf | 2 +- openstack-tf/common_setups/40-postgresql.tf | 2 +- openstack-tf/common_setups/45-haproxy.tf | 2 +- .../common_variables/00-terraform-provider.tf | 10 - openstack-tf/common_variables/outputs.tf | 65 + ...rojects-and-users-vars.tf => variables.tf} | 67 + .../d4s-dev/orientdb/.terraform.lock.hcl | 24 + .../orientdb/00-provider-configuration.tf | 4 + openstack-tf/d4s-dev/orientdb/00-variables.tf | 1 + .../external-network-and-resolvers.tf | 1 + openstack-tf/d4s-dev/orientdb/main.tf | 26 + .../d4s-dev/orientdb/orientdb.auto.tfvars | 18 + openstack-tf/d4s-dev/orientdb/orientdb.tf | 1 + .../orientdb/projects-and-users-vars.tf | 1 + .../d4s-dev/orientdb/terraform.tfstate | 1098 +++++++++++++++++ .../d4s-dev/orientdb/variables-orientdb.tf | 1 + .../d4s-dev/variables/00-variables.tf | 22 +- ...roduction-basic-infrastructure.auto.tfvars | 2 + .../external-network-and-resolvers.tf} | 0 .../projects-and-users-vars.tf | 52 + ...ariables-external-network-and-resolvers.tf | 50 - .../variables.tf | 122 +- openstack-tf/modules/orientdb/orientdb.tf | 348 ++++++ .../modules/orientdb/variables-orientdb.tf | 48 + 27 files changed, 1830 insertions(+), 143 deletions(-) delete mode 100644 openstack-tf/common_variables/00-terraform-provider.tf create mode 100644 openstack-tf/common_variables/outputs.tf rename openstack-tf/common_variables/{05-projects-and-users-vars.tf => variables.tf} (65%) create mode 100644 openstack-tf/d4s-dev/orientdb/.terraform.lock.hcl create mode 100644 openstack-tf/d4s-dev/orientdb/00-provider-configuration.tf create mode 120000 openstack-tf/d4s-dev/orientdb/00-variables.tf create mode 120000 openstack-tf/d4s-dev/orientdb/external-network-and-resolvers.tf create mode 100644 openstack-tf/d4s-dev/orientdb/main.tf create mode 100644 openstack-tf/d4s-dev/orientdb/orientdb.auto.tfvars create mode 120000 openstack-tf/d4s-dev/orientdb/orientdb.tf create mode 120000 openstack-tf/d4s-dev/orientdb/projects-and-users-vars.tf create mode 100644 openstack-tf/d4s-dev/orientdb/terraform.tfstate create mode 120000 openstack-tf/d4s-dev/orientdb/variables-orientdb.tf rename openstack-tf/{common_variables/01-external-network-and-resolvers.tf => modules/common_variables/external-network-and-resolvers.tf} (100%) create mode 100644 openstack-tf/modules/common_variables/projects-and-users-vars.tf delete mode 100644 openstack-tf/modules/main_private_net_and_dns_zone/variables-external-network-and-resolvers.tf create mode 100644 openstack-tf/modules/orientdb/orientdb.tf create mode 100644 openstack-tf/modules/orientdb/variables-orientdb.tf diff --git a/openstack-tf/common_setups/15-security-groups.tf b/openstack-tf/common_setups/15-security-groups.tf index 8eb1875c..ac82b971 100644 --- a/openstack-tf/common_setups/15-security-groups.tf +++ b/openstack-tf/common_setups/15-security-groups.tf @@ -1,7 +1,7 @@ # # This is the security group that should be added to every instance resource "openstack_networking_secgroup_v2" "default" { - name = "default_for_all" + name = var.default_security_group_name delete_default_rules = "true" description = "Default security group with rules for ssh access via jump proxy, prometheus scraping" } diff --git a/openstack-tf/common_setups/25-ssh-jump-proxy.tf b/openstack-tf/common_setups/25-ssh-jump-proxy.tf index b22e3a6c..92d3cb5b 100644 --- a/openstack-tf/common_setups/25-ssh-jump-proxy.tf +++ b/openstack-tf/common_setups/25-ssh-jump-proxy.tf @@ -4,7 +4,7 @@ resource "openstack_compute_instance_v2" "ssh_jump_proxy" { availability_zone_hints = var.availability_zones_names.availability_zone_no_gpu flavor_name = var.ssh_jump_proxy.flavor key_pair = var.ssh_key_file.name - security_groups = [openstack_networking_secgroup_v2.default.name,openstack_networking_secgroup_v2.access_to_the_jump_proxy.name] + security_groups = [var.default_security_group_name,openstack_networking_secgroup_v2.access_to_the_jump_proxy.name] block_device { uuid = var.ubuntu_2204.uuid source_type = "image" diff --git a/openstack-tf/common_setups/30-internal-ca.tf b/openstack-tf/common_setups/30-internal-ca.tf index 4af256e2..b3ab313a 100644 --- a/openstack-tf/common_setups/30-internal-ca.tf +++ b/openstack-tf/common_setups/30-internal-ca.tf @@ -3,7 +3,7 @@ resource "openstack_compute_instance_v2" "internal_ca" { availability_zone_hints = var.availability_zones_names.availability_zone_no_gpu flavor_name = var.internal_ca_data.flavor key_pair = var.ssh_key_file.name - security_groups = [openstack_networking_secgroup_v2.default.name] + security_groups = [var.default_security_group_name] block_device { uuid = var.ubuntu_2204.uuid source_type = "image" diff --git a/openstack-tf/common_setups/35-prometheus.tf b/openstack-tf/common_setups/35-prometheus.tf index 7649fe17..9c75f3f5 100644 --- a/openstack-tf/common_setups/35-prometheus.tf +++ b/openstack-tf/common_setups/35-prometheus.tf @@ -9,7 +9,7 @@ resource "openstack_compute_instance_v2" "prometheus_server" { availability_zone_hints = var.availability_zones_names.availability_zone_no_gpu flavor_name = var.prometheus_server_data.flavor key_pair = var.ssh_key_file.name - security_groups = [openstack_networking_secgroup_v2.default.name,openstack_networking_secgroup_v2.restricted_web.name,openstack_networking_secgroup_v2.prometheus_access_from_grafana.name] + security_groups = [var.default_security_group_name,openstack_networking_secgroup_v2.restricted_web.name,openstack_networking_secgroup_v2.prometheus_access_from_grafana.name] block_device { uuid = var.ubuntu_2204.uuid source_type = "image" diff --git a/openstack-tf/common_setups/40-postgresql.tf b/openstack-tf/common_setups/40-postgresql.tf index 19c14e34..3d748e93 100644 --- a/openstack-tf/common_setups/40-postgresql.tf +++ b/openstack-tf/common_setups/40-postgresql.tf @@ -58,7 +58,7 @@ resource "openstack_compute_instance_v2" "shared_postgresql_server" { availability_zone_hints = var.availability_zones_names.availability_zone_no_gpu flavor_name = var.shared_postgresql_server_data.flavor key_pair = var.ssh_key_file.name - security_groups = [openstack_networking_secgroup_v2.default.name,openstack_networking_secgroup_v2.shared_postgresql_access.name] + security_groups = [var.default_security_group_name,openstack_networking_secgroup_v2.shared_postgresql_access.name] block_device { uuid = var.ubuntu_2204.uuid source_type = "image" diff --git a/openstack-tf/common_setups/45-haproxy.tf b/openstack-tf/common_setups/45-haproxy.tf index cab3fbf8..c04543d6 100644 --- a/openstack-tf/common_setups/45-haproxy.tf +++ b/openstack-tf/common_setups/45-haproxy.tf @@ -116,7 +116,7 @@ resource "openstack_compute_instance_v2" "main_haproxy_l7" { availability_zone_hints = var.availability_zones_names.availability_zone_no_gpu flavor_name = var.haproxy_l7_data.flavor key_pair = var.ssh_key_file.name - security_groups = [openstack_networking_secgroup_v2.default.name,openstack_networking_secgroup_v2.main_lb_to_haproxy_l7.name] + security_groups = [var.default_security_group_name,openstack_networking_secgroup_v2.main_lb_to_haproxy_l7.name] scheduler_hints { group = openstack_compute_servergroup_v2.main_haproxy_l7.id } diff --git a/openstack-tf/common_variables/00-terraform-provider.tf b/openstack-tf/common_variables/00-terraform-provider.tf deleted file mode 100644 index 4f9ce289..00000000 --- a/openstack-tf/common_variables/00-terraform-provider.tf +++ /dev/null @@ -1,10 +0,0 @@ -# Define required providers -terraform { -required_version = ">= 0.14.0" - required_providers { - openstack = { - source = "terraform-provider-openstack/openstack" - version = "~> 1.53.0" - } - } -} diff --git a/openstack-tf/common_variables/outputs.tf b/openstack-tf/common_variables/outputs.tf new file mode 100644 index 00000000..d1a85b7f --- /dev/null +++ b/openstack-tf/common_variables/outputs.tf @@ -0,0 +1,65 @@ + +output "mtu_size_value" { + value = var.mtu_size +} + +output "main_region_name" { + value = var.main_region +} + +output "resolvers_ip" { + value = var.resolvers_ip +} + +output "external_network_name" { + value = var.external_network.name +} + +output "external_network_id" { + value = var.external_network.id +} + +output "availability_zone_no_gpu_name" { + value = var.availability_zones_names.availability_zone_no_gpu +} + +output "availability_zone_with_gpu_name" { + value = var.availability_zones_names.availability_zone_with_gpu +} + +output "ssh_sources_list" { + value = var.ssh_sources +} + +output "ssh_key_file_config" { + value = var.ssh_key_file +} + +output "ubuntu1804_img" { + value = var.ubuntu_1804 +} + +output "ubuntu2204_img" { + value = var.ubuntu_2204 +} + +output "centos7_img" { + value = var.centos_7 +} + +output "almalinux9_img" { + value = var.almalinux_9 +} + +output "ubuntu1804_datafile" { + value = var.ubuntu1804_data_file +} + +output "ubuntu2204_datafile" { + value = var.ubuntu2204_data_file +} + +output "el7_datafile" { + value = var.el7_data_file +} + diff --git a/openstack-tf/common_variables/05-projects-and-users-vars.tf b/openstack-tf/common_variables/variables.tf similarity index 65% rename from openstack-tf/common_variables/05-projects-and-users-vars.tf rename to openstack-tf/common_variables/variables.tf index 54bb2846..6ec81384 100644 --- a/openstack-tf/common_variables/05-projects-and-users-vars.tf +++ b/openstack-tf/common_variables/variables.tf @@ -1,3 +1,54 @@ +# Global definitions +variable "main_region" { + type = string + default = "isti_area_pi_1" +} + +variable "external_network" { + type = map(string) + default = { + name = "external-network" + id = "1d2ff137-6ff7-4017-be2b-0d6c4af2353b" + } +} + +variable "floating_ip_pools" { + type = map(string) + default = { + main_public_ip_pool = "external-network" + } +} + +variable "resolvers_ip" { + type = list(string) + default = ["146.48.29.97", "146.48.29.98", "146.48.29.99"] +} + +variable "mtu_size" { + type = number + default = 8942 +} + +variable "availability_zones_names" { + type = map(string) + default = { + availability_zone_no_gpu = "cnr-isti-nova-a" + availability_zone_with_gpu = "cnr-isti-nova-gpu-a" + } +} + +variable "ssh_sources" { + type = map(string) + default = { + s2i2s_vpn_1_cidr = "146.48.28.10/32" + s2i2s_vpn_2_cidr = "146.48.28.11/32" + d4s_vpn_1_cidr = "146.48.122.27/32" + d4s_vpn_2_cidr = "146.48.122.49/32" + shell_d4s_cidr = "146.48.122.95/32" + infrascience_net_cidr = "146.48.122.0/23" + } +} + variable "ssh_key_file" { type = map(string) default = { @@ -110,3 +161,19 @@ variable "haproxy_l7_data" { vm_count = "2" } } + +variable "default_security_group_name" { + default = "default_for_all" +} + +variable "resource_registry_addresses" { + type = map(string) + default = { + } +} + +variable "smartexecutor_addresses" { + type = map(string) + default = { + } +} diff --git a/openstack-tf/d4s-dev/orientdb/.terraform.lock.hcl b/openstack-tf/d4s-dev/orientdb/.terraform.lock.hcl new file mode 100644 index 00000000..46d2bb65 --- /dev/null +++ b/openstack-tf/d4s-dev/orientdb/.terraform.lock.hcl @@ -0,0 +1,24 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/terraform-provider-openstack/openstack" { + version = "1.53.0" + constraints = "~> 1.53.0" + hashes = [ + "h1:ZSJPqrlaHQ3sj7wyJuPSG+NblFZbAA6Y0d3GjSJf3o8=", + "zh:09da7ca98ffd3de7b9ce36c4c13446212a6e763ba1162be71b50f95d453cb68e", + "zh:14041bcbb87312411d88612056ed185650bfd01284b8ea0761ce8105a331708e", + "zh:35bf4c788fdbc17c8e40ebc7b33c7de4b45a2fa2efaa657b10f0e3bd37c9627f", + "zh:46ede8ef4cfa12d654c538afc1e1ec34a1f3e8eb4e986ee23dceae398b7176a6", + "zh:59675734990dab1e8d87997853ea75e8104bba730b3f5a7146ac735540c9d6bf", + "zh:6de52428849806498670e827b54810be7510a2a79449602c1aede4235a0ec036", + "zh:78b2a20601272afceffac8f8ca78a6b647b84196c0dd8dc710fae297f6be15a4", + "zh:7c41ed3a4fac09677e676ecf9f9edd1e38eef449e656cb01a848d2c799c6de8f", + "zh:852800228f4118a4aa6cfaa4468b851247cbed6f037fd204f08de69eb1edc149", + "zh:86d618e7f9a07d978b8bc4b190be350a00de64ec535f9c8f5dfe133542a55483", + "zh:963a9e72b66d8bcf43de9b14a674ae3ca3719ce2f829217f7a65b66fc3773397", + "zh:a8e72ab67795071bda61f99a6de3d2d40122fb51971768fd75e1324abe874ced", + "zh:ce1890cf3af17d569af3bc7673cec0a8f78e6f5d701767593f3d29c551f44848", + "zh:e6f1b96eb684f527a47f71923f268c86a36d7894751b31ee9e726d7502a639cd", + ] +} diff --git a/openstack-tf/d4s-dev/orientdb/00-provider-configuration.tf b/openstack-tf/d4s-dev/orientdb/00-provider-configuration.tf new file mode 100644 index 00000000..df431972 --- /dev/null +++ b/openstack-tf/d4s-dev/orientdb/00-provider-configuration.tf @@ -0,0 +1,4 @@ +provider "openstack" { + cloud = "d4s-dev" +} + diff --git a/openstack-tf/d4s-dev/orientdb/00-variables.tf b/openstack-tf/d4s-dev/orientdb/00-variables.tf new file mode 120000 index 00000000..df2af105 --- /dev/null +++ b/openstack-tf/d4s-dev/orientdb/00-variables.tf @@ -0,0 +1 @@ +../variables/00-variables.tf \ No newline at end of file diff --git a/openstack-tf/d4s-dev/orientdb/external-network-and-resolvers.tf b/openstack-tf/d4s-dev/orientdb/external-network-and-resolvers.tf new file mode 120000 index 00000000..5918f321 --- /dev/null +++ b/openstack-tf/d4s-dev/orientdb/external-network-and-resolvers.tf @@ -0,0 +1 @@ +../../modules/common_variables/external-network-and-resolvers.tf \ No newline at end of file diff --git a/openstack-tf/d4s-dev/orientdb/main.tf b/openstack-tf/d4s-dev/orientdb/main.tf new file mode 100644 index 00000000..f7f73faf --- /dev/null +++ b/openstack-tf/d4s-dev/orientdb/main.tf @@ -0,0 +1,26 @@ +# Define required providers +terraform { +required_version = ">= 0.14.0" + required_providers { + openstack = { + source = "terraform-provider-openstack/openstack" + version = "~> 1.53.0" + } + } +} + +data "terraform_remote_state" "privnet_dns_router" { + backend = "local" + + config = { + path = "../project-setup/terraform.tfstate" + } +} + +# module "variables" { +# source = "../variables" +# } + +# module "orientdb" { +# source = "../../modules/orientdb" +# } diff --git a/openstack-tf/d4s-dev/orientdb/orientdb.auto.tfvars b/openstack-tf/d4s-dev/orientdb/orientdb.auto.tfvars new file mode 100644 index 00000000..83a5cfb1 --- /dev/null +++ b/openstack-tf/d4s-dev/orientdb/orientdb.auto.tfvars @@ -0,0 +1,18 @@ +orientdb_nodes_count = 3 +orientdb_node_flavor = "m1.medium" +orientdb_se_node_flavor = "m1.medium" +orientdb_se_ip = "192.168.10.4" +orientdb_se_cidr = "192.168.10.4/32" + +default_security_group_name = "default" +resource_registry_addresses = { + r1 = "10.1.28.73/32" + r2 = "10.1.28.157/32" +} + +smartexecutor_addresses = { + sm1 = "10.1.31.225/32" + sm2 = "10.1.28.168/32" + sm3 = "10.1.30.101/32" + sm4 = "10.1.31.253/32" +} diff --git a/openstack-tf/d4s-dev/orientdb/orientdb.tf b/openstack-tf/d4s-dev/orientdb/orientdb.tf new file mode 120000 index 00000000..7a3e19e2 --- /dev/null +++ b/openstack-tf/d4s-dev/orientdb/orientdb.tf @@ -0,0 +1 @@ +../../modules/orientdb/orientdb.tf \ No newline at end of file diff --git a/openstack-tf/d4s-dev/orientdb/projects-and-users-vars.tf b/openstack-tf/d4s-dev/orientdb/projects-and-users-vars.tf new file mode 120000 index 00000000..38d9ca9a --- /dev/null +++ b/openstack-tf/d4s-dev/orientdb/projects-and-users-vars.tf @@ -0,0 +1 @@ +../../modules/common_variables/projects-and-users-vars.tf \ No newline at end of file diff --git a/openstack-tf/d4s-dev/orientdb/terraform.tfstate b/openstack-tf/d4s-dev/orientdb/terraform.tfstate new file mode 100644 index 00000000..ea153c86 --- /dev/null +++ b/openstack-tf/d4s-dev/orientdb/terraform.tfstate @@ -0,0 +1,1098 @@ +{ + "version": 4, + "terraform_version": "1.6.3", + "serial": 31, + "lineage": "7607c85c-02c0-0227-fd2b-4958c821fe57", + "outputs": {}, + "resources": [ + { + "mode": "data", + "type": "terraform_remote_state", + "name": "privnet_dns_router", + "provider": "provider[\"terraform.io/builtin/terraform\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "backend": "local", + "config": { + "value": { + "path": "../project-setup/terraform.tfstate" + }, + "type": [ + "object", + { + "path": "string" + } + ] + }, + "defaults": null, + "outputs": { + "value": { + "dns_zone_id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488", + "external_gateway_ip": "146.48.31.109", + "main_private_network_id": "e0af5eba-f24a-4d0d-8184-bc654b980c4a", + "main_subnet_network_id": "2aa977f2-80b4-447c-a6b0-dfa06bf68751" + }, + "type": [ + "object", + { + "dns_zone_id": "string", + "external_gateway_ip": "string", + "main_private_network_id": "string", + "main_subnet_network_id": "string" + } + ] + }, + "workspace": null + }, + "sensitive_attributes": [] + } + ] + }, + { + "mode": "managed", + "type": "openstack_compute_instance_v2", + "name": "orientdb_se_server", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "access_ip_v4": "10.1.30.10", + "access_ip_v6": "", + "admin_pass": null, + "all_metadata": {}, + "all_tags": [], + "availability_zone": "cnr-isti-nova-a", + "availability_zone_hints": "cnr-isti-nova-a", + "block_device": [ + { + "boot_index": 0, + "delete_on_termination": false, + "destination_type": "volume", + "device_type": "", + "disk_bus": "", + "guest_format": "", + "multiattach": false, + "source_type": "image", + "uuid": "54768889-8556-4be4-a2eb-82a4d9b34627", + "volume_size": 10, + "volume_type": "" + }, + { + "boot_index": -1, + "delete_on_termination": false, + "destination_type": "volume", + "device_type": "", + "disk_bus": "", + "guest_format": "", + "multiattach": false, + "source_type": "blank", + "uuid": "", + "volume_size": 10, + "volume_type": "" + } + ], + "config_drive": null, + "created": "2023-11-16 17:46:37 +0000 UTC", + "flavor_id": "4", + "flavor_name": "m1.medium", + "floating_ip": null, + "force_delete": false, + "id": "71889cbb-6efc-423c-88e4-8718bf331441", + "image_id": "Attempt to boot from volume - no image supplied", + "image_name": null, + "key_pair": "adellam", + "metadata": null, + "name": "orientdb-se", + "network": [ + { + "access_network": false, + "fixed_ip_v4": "10.1.30.10", + "fixed_ip_v6": "", + "floating_ip": "", + "mac": "fa:16:3e:e2:34:4f", + "name": "d4s-dev-cloud-main", + "port": "", + "uuid": "e0af5eba-f24a-4d0d-8184-bc654b980c4a" + }, + { + "access_network": false, + "fixed_ip_v4": "192.168.10.4", + "fixed_ip_v6": "", + "floating_ip": "", + "mac": "fa:16:3e:45:70:ec", + "name": "orientdb-net", + "port": "", + "uuid": "64fbde08-3759-43ed-b754-998882a3dcd4" + } + ], + "network_mode": null, + "personality": [], + "power_state": "active", + "region": "isti_area_pi_1", + "scheduler_hints": [], + "security_groups": [ + "access_to_orientdb_se", + "default" + ], + "stop_before_destroy": false, + "tags": null, + "timeouts": null, + "updated": "2023-11-16 17:47:14 +0000 UTC", + "user_data": "bb83b25fd1219aa1b850ece9be8d7b0f31714608", + "vendor_options": [], + "volume": [] + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19", + "dependencies": [ + "openstack_networking_network_v2.orientdb_network", + "openstack_networking_secgroup_v2.access_to_orientdb_se", + "openstack_networking_subnet_v2.orientdb_subnet" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_compute_instance_v2", + "name": "orientdb_servers", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "access_ip_v4": "10.1.30.13", + "access_ip_v6": "", + "admin_pass": null, + "all_metadata": {}, + "all_tags": [], + "availability_zone": "cnr-isti-nova-a", + "availability_zone_hints": "cnr-isti-nova-a", + "block_device": [ + { + "boot_index": 0, + "delete_on_termination": false, + "destination_type": "volume", + "device_type": "", + "disk_bus": "", + "guest_format": "", + "multiattach": false, + "source_type": "image", + "uuid": "54768889-8556-4be4-a2eb-82a4d9b34627", + "volume_size": 10, + "volume_type": "" + }, + { + "boot_index": -1, + "delete_on_termination": false, + "destination_type": "volume", + "device_type": "", + "disk_bus": "", + "guest_format": "", + "multiattach": false, + "source_type": "blank", + "uuid": "", + "volume_size": 10, + "volume_type": "" + } + ], + "config_drive": null, + "created": "2023-11-16 17:44:05 +0000 UTC", + "flavor_id": "4", + "flavor_name": "m1.medium", + "floating_ip": null, + "force_delete": false, + "id": "a5327cfb-8065-4d59-902a-efa5b9d17c37", + "image_id": "Attempt to boot from volume - no image supplied", + "image_name": null, + "key_pair": "adellam", + "metadata": null, + "name": "orientdb-01", + "network": [ + { + "access_network": false, + "fixed_ip_v4": "10.1.30.13", + "fixed_ip_v6": "", + "floating_ip": "", + "mac": "fa:16:3e:4d:12:a9", + "name": "d4s-dev-cloud-main", + "port": "", + "uuid": "e0af5eba-f24a-4d0d-8184-bc654b980c4a" + }, + { + "access_network": false, + "fixed_ip_v4": "192.168.10.5", + "fixed_ip_v6": "", + "floating_ip": "", + "mac": "fa:16:3e:ea:df:0d", + "name": "orientdb-net", + "port": "", + "uuid": "64fbde08-3759-43ed-b754-998882a3dcd4" + } + ], + "network_mode": null, + "personality": [], + "power_state": "active", + "region": "isti_area_pi_1", + "scheduler_hints": [ + { + "additional_properties": {}, + "build_near_host_ip": "", + "different_cell": [], + "different_host": [], + "group": "48007b16-4036-4a5b-af0c-0a3b365d1ec6", + "query": [], + "same_host": [], + "target_cell": "" + } + ], + "security_groups": [ + "access_to_orientdb", + "default", + "orientdb_internal_docker_traffic" + ], + "stop_before_destroy": false, + "tags": [], + "timeouts": null, + "updated": "2023-11-16 17:44:52 +0000 UTC", + "user_data": "bb83b25fd1219aa1b850ece9be8d7b0f31714608", + "vendor_options": [], + "volume": [] + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19", + "dependencies": [ + "openstack_compute_servergroup_v2.orientdb_cluster", + "openstack_networking_network_v2.orientdb_network", + "openstack_networking_secgroup_v2.access_to_orientdb", + "openstack_networking_secgroup_v2.orientdb_internal_traffic", + "openstack_networking_subnet_v2.orientdb_subnet" + ] + }, + { + "index_key": 1, + "schema_version": 0, + "attributes": { + "access_ip_v4": "10.1.28.165", + "access_ip_v6": "", + "admin_pass": null, + "all_metadata": {}, + "all_tags": [], + "availability_zone": "cnr-isti-nova-a", + "availability_zone_hints": "cnr-isti-nova-a", + "block_device": [ + { + "boot_index": 0, + "delete_on_termination": false, + "destination_type": "volume", + "device_type": "", + "disk_bus": "", + "guest_format": "", + "multiattach": false, + "source_type": "image", + "uuid": "54768889-8556-4be4-a2eb-82a4d9b34627", + "volume_size": 10, + "volume_type": "" + }, + { + "boot_index": -1, + "delete_on_termination": false, + "destination_type": "volume", + "device_type": "", + "disk_bus": "", + "guest_format": "", + "multiattach": false, + "source_type": "blank", + "uuid": "", + "volume_size": 10, + "volume_type": "" + } + ], + "config_drive": null, + "created": "2023-11-16 17:44:04 +0000 UTC", + "flavor_id": "4", + "flavor_name": "m1.medium", + "floating_ip": null, + "force_delete": false, + "id": "9f3c2f0c-33e6-4f20-a26b-6ab303ce72dc", + "image_id": "Attempt to boot from volume - no image supplied", + "image_name": null, + "key_pair": "adellam", + "metadata": null, + "name": "orientdb-02", + "network": [ + { + "access_network": false, + "fixed_ip_v4": "10.1.28.165", + "fixed_ip_v6": "", + "floating_ip": "", + "mac": "fa:16:3e:e6:77:57", + "name": "d4s-dev-cloud-main", + "port": "", + "uuid": "e0af5eba-f24a-4d0d-8184-bc654b980c4a" + }, + { + "access_network": false, + "fixed_ip_v4": "192.168.10.6", + "fixed_ip_v6": "", + "floating_ip": "", + "mac": "fa:16:3e:08:cb:4c", + "name": "orientdb-net", + "port": "", + "uuid": "64fbde08-3759-43ed-b754-998882a3dcd4" + } + ], + "network_mode": null, + "personality": [], + "power_state": "active", + "region": "isti_area_pi_1", + "scheduler_hints": [ + { + "additional_properties": {}, + "build_near_host_ip": "", + "different_cell": [], + "different_host": [], + "group": "48007b16-4036-4a5b-af0c-0a3b365d1ec6", + "query": [], + "same_host": [], + "target_cell": "" + } + ], + "security_groups": [ + "access_to_orientdb", + "default", + "orientdb_internal_docker_traffic" + ], + "stop_before_destroy": false, + "tags": [], + "timeouts": null, + "updated": "2023-11-16 17:45:03 +0000 UTC", + "user_data": "bb83b25fd1219aa1b850ece9be8d7b0f31714608", + "vendor_options": [], + "volume": [] + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19", + "dependencies": [ + "openstack_compute_servergroup_v2.orientdb_cluster", + "openstack_networking_network_v2.orientdb_network", + "openstack_networking_secgroup_v2.access_to_orientdb", + "openstack_networking_secgroup_v2.orientdb_internal_traffic", + "openstack_networking_subnet_v2.orientdb_subnet" + ] + }, + { + "index_key": 2, + "schema_version": 0, + "attributes": { + "access_ip_v4": "10.1.30.30", + "access_ip_v6": "", + "admin_pass": null, + "all_metadata": {}, + "all_tags": [], + "availability_zone": "cnr-isti-nova-a", + "availability_zone_hints": "cnr-isti-nova-a", + "block_device": [ + { + "boot_index": 0, + "delete_on_termination": false, + "destination_type": "volume", + "device_type": "", + "disk_bus": "", + "guest_format": "", + "multiattach": false, + "source_type": "image", + "uuid": "54768889-8556-4be4-a2eb-82a4d9b34627", + "volume_size": 10, + "volume_type": "" + }, + { + "boot_index": -1, + "delete_on_termination": false, + "destination_type": "volume", + "device_type": "", + "disk_bus": "", + "guest_format": "", + "multiattach": false, + "source_type": "blank", + "uuid": "", + "volume_size": 10, + "volume_type": "" + } + ], + "config_drive": null, + "created": "2023-11-16 17:44:04 +0000 UTC", + "flavor_id": "4", + "flavor_name": "m1.medium", + "floating_ip": null, + "force_delete": false, + "id": "925889eb-d5d0-4b2d-8c7c-4f9c66bbf2c8", + "image_id": "Attempt to boot from volume - no image supplied", + "image_name": null, + "key_pair": "adellam", + "metadata": null, + "name": "orientdb-03", + "network": [ + { + "access_network": false, + "fixed_ip_v4": "10.1.30.30", + "fixed_ip_v6": "", + "floating_ip": "", + "mac": "fa:16:3e:63:05:61", + "name": "d4s-dev-cloud-main", + "port": "", + "uuid": "e0af5eba-f24a-4d0d-8184-bc654b980c4a" + }, + { + "access_network": false, + "fixed_ip_v4": "192.168.10.7", + "fixed_ip_v6": "", + "floating_ip": "", + "mac": "fa:16:3e:48:75:b3", + "name": "orientdb-net", + "port": "", + "uuid": "64fbde08-3759-43ed-b754-998882a3dcd4" + } + ], + "network_mode": null, + "personality": [], + "power_state": "active", + "region": "isti_area_pi_1", + "scheduler_hints": [ + { + "additional_properties": {}, + "build_near_host_ip": "", + "different_cell": [], + "different_host": [], + "group": "48007b16-4036-4a5b-af0c-0a3b365d1ec6", + "query": [], + "same_host": [], + "target_cell": "" + } + ], + "security_groups": [ + "access_to_orientdb", + "default", + "orientdb_internal_docker_traffic" + ], + "stop_before_destroy": false, + "tags": [], + "timeouts": null, + "updated": "2023-11-16 17:45:05 +0000 UTC", + "user_data": "bb83b25fd1219aa1b850ece9be8d7b0f31714608", + "vendor_options": [], + "volume": [] + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19", + "dependencies": [ + "openstack_compute_servergroup_v2.orientdb_cluster", + "openstack_networking_network_v2.orientdb_network", + "openstack_networking_secgroup_v2.access_to_orientdb", + "openstack_networking_secgroup_v2.orientdb_internal_traffic", + "openstack_networking_subnet_v2.orientdb_subnet" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_compute_servergroup_v2", + "name": "orientdb_cluster", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "48007b16-4036-4a5b-af0c-0a3b365d1ec6", + "members": [ + "a5327cfb-8065-4d59-902a-efa5b9d17c37", + "925889eb-d5d0-4b2d-8c7c-4f9c66bbf2c8", + "9f3c2f0c-33e6-4f20-a26b-6ab303ce72dc" + ], + "name": "orientdb_cluster", + "policies": [ + "soft-anti-affinity" + ], + "region": "isti_area_pi_1", + "rules": [ + { + "max_server_per_host": 0 + } + ], + "value_specs": null + }, + "sensitive_attributes": [], + "private": "bnVsbA==" + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_network_v2", + "name": "orientdb_network", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "admin_state_up": true, + "all_tags": [], + "availability_zone_hints": [], + "description": "Network used by the OrientDB cluster and to access the service", + "dns_domain": "", + "external": false, + "id": "64fbde08-3759-43ed-b754-998882a3dcd4", + "mtu": 8942, + "name": "orientdb-net", + "port_security_enabled": true, + "qos_policy_id": "", + "region": "isti_area_pi_1", + "segments": [], + "shared": false, + "tags": [], + "tenant_id": "e8f8ca72f30648a8b389b4e745ac83a9", + "timeouts": null, + "transparent_vlan": false, + "value_specs": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=" + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "access_to_orient_from_clients", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "index_key": "10.1.28.157/32", + "schema_version": 0, + "attributes": { + "description": "TCP traffic from the resource registries and the SSH jump server", + "direction": "ingress", + "ethertype": "IPv4", + "id": "48e35bdc-617d-405c-95d3-bbef785d3113", + "port_range_max": 2490, + "port_range_min": 2424, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "10.1.28.157/32", + "security_group_id": "252ad4f7-f380-465b-ad9e-98d7ff7d5379", + "tenant_id": "e8f8ca72f30648a8b389b4e745ac83a9", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.access_to_orientdb" + ] + }, + { + "index_key": "10.1.28.73/32", + "schema_version": 0, + "attributes": { + "description": "TCP traffic from the resource registries and the SSH jump server", + "direction": "ingress", + "ethertype": "IPv4", + "id": "bbba3bc1-fd8d-4b3c-9e2a-f90c36b8a386", + "port_range_max": 2490, + "port_range_min": 2424, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "10.1.28.73/32", + "security_group_id": "252ad4f7-f380-465b-ad9e-98d7ff7d5379", + "tenant_id": "e8f8ca72f30648a8b389b4e745ac83a9", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.access_to_orientdb" + ] + }, + { + "index_key": "10.1.29.164/32", + "schema_version": 0, + "attributes": { + "description": "TCP traffic from the resource registries and the SSH jump server", + "direction": "ingress", + "ethertype": "IPv4", + "id": "0ce76118-1bb8-4f4f-b69d-24dbc6ce4f2a", + "port_range_max": 2490, + "port_range_min": 2424, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "10.1.29.164/32", + "security_group_id": "252ad4f7-f380-465b-ad9e-98d7ff7d5379", + "tenant_id": "e8f8ca72f30648a8b389b4e745ac83a9", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.access_to_orientdb" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "access_to_orient_from_haproxy", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "index_key": "10.1.28.50/32", + "schema_version": 0, + "attributes": { + "description": "TCP traffic from the load balancers", + "direction": "ingress", + "ethertype": "IPv4", + "id": "6799246f-a17b-4e46-b2fe-8e4e5e21a3de", + "port_range_max": 2424, + "port_range_min": 2424, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "10.1.28.50/32", + "security_group_id": "252ad4f7-f380-465b-ad9e-98d7ff7d5379", + "tenant_id": "e8f8ca72f30648a8b389b4e745ac83a9", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.access_to_orientdb" + ] + }, + { + "index_key": "10.1.30.241/32", + "schema_version": 0, + "attributes": { + "description": "TCP traffic from the load balancers", + "direction": "ingress", + "ethertype": "IPv4", + "id": "f2729899-f411-4b13-9c8f-12eb81a9f1e9", + "port_range_max": 2424, + "port_range_min": 2424, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "10.1.30.241/32", + "security_group_id": "252ad4f7-f380-465b-ad9e-98d7ff7d5379", + "tenant_id": "e8f8ca72f30648a8b389b4e745ac83a9", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.access_to_orientdb" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "access_to_orient_se_from_clients", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "index_key": "10.1.28.168/32", + "schema_version": 0, + "attributes": { + "description": "TCP traffic from the resource registries and the SSH jump server", + "direction": "ingress", + "ethertype": "IPv4", + "id": "9bd69721-f3a5-4aae-b23b-8f99270fecd4", + "port_range_max": 2490, + "port_range_min": 2424, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "10.1.28.168/32", + "security_group_id": "f72e0d63-949e-47b7-95fa-69cc7ff2415a", + "tenant_id": "e8f8ca72f30648a8b389b4e745ac83a9", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.access_to_orientdb_se" + ] + }, + { + "index_key": "10.1.29.164/32", + "schema_version": 0, + "attributes": { + "description": "TCP traffic from the resource registries and the SSH jump server", + "direction": "ingress", + "ethertype": "IPv4", + "id": "6fd47297-3621-4827-8d19-4cca9db46a05", + "port_range_max": 2490, + "port_range_min": 2424, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "10.1.29.164/32", + "security_group_id": "f72e0d63-949e-47b7-95fa-69cc7ff2415a", + "tenant_id": "e8f8ca72f30648a8b389b4e745ac83a9", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.access_to_orientdb_se" + ] + }, + { + "index_key": "10.1.30.101/32", + "schema_version": 0, + "attributes": { + "description": "TCP traffic from the resource registries and the SSH jump server", + "direction": "ingress", + "ethertype": "IPv4", + "id": "50081189-a724-4c03-920d-17e53ebb809a", + "port_range_max": 2490, + "port_range_min": 2424, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "10.1.30.101/32", + "security_group_id": "f72e0d63-949e-47b7-95fa-69cc7ff2415a", + "tenant_id": "e8f8ca72f30648a8b389b4e745ac83a9", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.access_to_orientdb_se" + ] + }, + { + "index_key": "10.1.31.225/32", + "schema_version": 0, + "attributes": { + "description": "TCP traffic from the resource registries and the SSH jump server", + "direction": "ingress", + "ethertype": "IPv4", + "id": "555fedb3-fad5-49a0-9c22-efdf04f548eb", + "port_range_max": 2490, + "port_range_min": 2424, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "10.1.31.225/32", + "security_group_id": "f72e0d63-949e-47b7-95fa-69cc7ff2415a", + "tenant_id": "e8f8ca72f30648a8b389b4e745ac83a9", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.access_to_orientdb_se" + ] + }, + { + "index_key": "10.1.31.253/32", + "schema_version": 0, + "attributes": { + "description": "TCP traffic from the resource registries and the SSH jump server", + "direction": "ingress", + "ethertype": "IPv4", + "id": "a3a619c4-0ba2-4f2b-8c39-7c7567e86a14", + "port_range_max": 2490, + "port_range_min": 2424, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "10.1.31.253/32", + "security_group_id": "f72e0d63-949e-47b7-95fa-69cc7ff2415a", + "tenant_id": "e8f8ca72f30648a8b389b4e745ac83a9", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.access_to_orientdb_se" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "access_to_orient_se_from_haproxy", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "index_key": "10.1.28.50/32", + "schema_version": 0, + "attributes": { + "description": "TCP traffic from the load balancers", + "direction": "ingress", + "ethertype": "IPv4", + "id": "8180389a-0741-4a6c-9625-0f2ee1e7770f", + "port_range_max": 2424, + "port_range_min": 2424, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "10.1.28.50/32", + "security_group_id": "f72e0d63-949e-47b7-95fa-69cc7ff2415a", + "tenant_id": "e8f8ca72f30648a8b389b4e745ac83a9", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.access_to_orientdb_se" + ] + }, + { + "index_key": "10.1.30.241/32", + "schema_version": 0, + "attributes": { + "description": "TCP traffic from the load balancers", + "direction": "ingress", + "ethertype": "IPv4", + "id": "a0486ca2-7bf4-471f-9f4b-1b9964eb9dc2", + "port_range_max": 2424, + "port_range_min": 2424, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "10.1.30.241/32", + "security_group_id": "f72e0d63-949e-47b7-95fa-69cc7ff2415a", + "tenant_id": "e8f8ca72f30648a8b389b4e745ac83a9", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.access_to_orientdb_se" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "orientdb_ports", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "description": "TCP traffic between OrientDB nodes", + "direction": "ingress", + "ethertype": "IPv4", + "id": "19b355de-3156-43c5-9693-2b29a356c9b3", + "port_range_max": 2490, + "port_range_min": 2424, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "192.168.10.5/32", + "security_group_id": "3c6f61f0-7105-4b8c-b51e-e141159a9193", + "tenant_id": "e8f8ca72f30648a8b389b4e745ac83a9", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.orientdb_internal_traffic" + ] + }, + { + "index_key": 1, + "schema_version": 0, + "attributes": { + "description": "TCP traffic between OrientDB nodes", + "direction": "ingress", + "ethertype": "IPv4", + "id": "354e7909-b9ef-49aa-aebe-45416ba78f37", + "port_range_max": 2490, + "port_range_min": 2424, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "192.168.10.6/32", + "security_group_id": "3c6f61f0-7105-4b8c-b51e-e141159a9193", + "tenant_id": "e8f8ca72f30648a8b389b4e745ac83a9", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.orientdb_internal_traffic" + ] + }, + { + "index_key": 2, + "schema_version": 0, + "attributes": { + "description": "TCP traffic between OrientDB nodes", + "direction": "ingress", + "ethertype": "IPv4", + "id": "d769cc7b-de59-4c65-8a44-a0e43430ab08", + "port_range_max": 2490, + "port_range_min": 2424, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "192.168.10.7/32", + "security_group_id": "3c6f61f0-7105-4b8c-b51e-e141159a9193", + "tenant_id": "e8f8ca72f30648a8b389b4e745ac83a9", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.orientdb_internal_traffic" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_v2", + "name": "access_to_orientdb", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "all_tags": [], + "delete_default_rules": true, + "description": "Clients that talk to the OrientDB service", + "id": "252ad4f7-f380-465b-ad9e-98d7ff7d5379", + "name": "access_to_orientdb", + "region": "isti_area_pi_1", + "tags": [], + "tenant_id": "e8f8ca72f30648a8b389b4e745ac83a9", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==" + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_v2", + "name": "access_to_orientdb_se", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "all_tags": [], + "delete_default_rules": true, + "description": "Clients that talk to the OrientDB service", + "id": "f72e0d63-949e-47b7-95fa-69cc7ff2415a", + "name": "access_to_orientdb_se", + "region": "isti_area_pi_1", + "tags": [], + "tenant_id": "e8f8ca72f30648a8b389b4e745ac83a9", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==" + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_v2", + "name": "orientdb_internal_traffic", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "all_tags": [], + "delete_default_rules": true, + "description": "Traffic between the OrientDB nodes", + "id": "3c6f61f0-7105-4b8c-b51e-e141159a9193", + "name": "orientdb_internal_docker_traffic", + "region": "isti_area_pi_1", + "tags": [], + "tenant_id": "e8f8ca72f30648a8b389b4e745ac83a9", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==" + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_subnet_v2", + "name": "orientdb_subnet", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "all_tags": [], + "allocation_pool": [ + { + "end": "192.168.10.254", + "start": "192.168.10.11" + } + ], + "allocation_pools": [ + { + "end": "192.168.10.254", + "start": "192.168.10.11" + } + ], + "cidr": "192.168.10.0/24", + "description": "Subnet used by the OrientDB service", + "dns_nameservers": [ + "146.48.29.97", + "146.48.29.98", + "146.48.29.99" + ], + "enable_dhcp": true, + "gateway_ip": "", + "host_routes": [], + "id": "5d45bf0a-539c-400e-aeec-57ab7de612ed", + "ip_version": 4, + "ipv6_address_mode": "", + "ipv6_ra_mode": "", + "name": "orientdb-subnet", + "network_id": "64fbde08-3759-43ed-b754-998882a3dcd4", + "no_gateway": true, + "prefix_length": null, + "region": "isti_area_pi_1", + "service_types": [], + "subnetpool_id": "", + "tags": [], + "tenant_id": "e8f8ca72f30648a8b389b4e745ac83a9", + "timeouts": null, + "value_specs": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "openstack_networking_network_v2.orientdb_network" + ] + } + ] + } + ], + "check_results": null +} diff --git a/openstack-tf/d4s-dev/orientdb/variables-orientdb.tf b/openstack-tf/d4s-dev/orientdb/variables-orientdb.tf new file mode 120000 index 00000000..4a17be9c --- /dev/null +++ b/openstack-tf/d4s-dev/orientdb/variables-orientdb.tf @@ -0,0 +1 @@ +../../modules/orientdb/variables-orientdb.tf \ No newline at end of file diff --git a/openstack-tf/d4s-dev/variables/00-variables.tf b/openstack-tf/d4s-dev/variables/00-variables.tf index be3755f3..60498675 100644 --- a/openstack-tf/d4s-dev/variables/00-variables.tf +++ b/openstack-tf/d4s-dev/variables/00-variables.tf @@ -1,3 +1,4 @@ +# variable "os_project_data" { type = map(string) default = { @@ -80,7 +81,6 @@ variable "basic_services_ip" { variable "main_haproxy_l7_ip" { type = list(string) default = ["10.1.28.50", "10.1.30.241"] - } variable "octavia_information" { @@ -93,3 +93,23 @@ variable "octavia_information" { main_lb_hostname = "main-lb" } } + +variable "default_security_group_name" { + default = "default" +} + +variable "resource_registry_addresses" { + type = map(string) + default = { + r1 = "10.1.28.73" + r2 = "10.1.28.157" + } +} + +variable "smartexecutor_addresses" { + type = map(string) + default = { + r1 = "10.1.28.73" + r2 = "10.1.28.157" + } +} diff --git a/openstack-tf/d4s-production/basic-infrastructure/production-basic-infrastructure.auto.tfvars b/openstack-tf/d4s-production/basic-infrastructure/production-basic-infrastructure.auto.tfvars index acdfc998..2b7cbd33 100644 --- a/openstack-tf/d4s-production/basic-infrastructure/production-basic-infrastructure.auto.tfvars +++ b/openstack-tf/d4s-production/basic-infrastructure/production-basic-infrastructure.auto.tfvars @@ -1,3 +1,5 @@ +default_security_group_name = "default_for_all" + shared_postgresql_server_data = { name ="shared-postgresql-server" flavor = "m1.large" diff --git a/openstack-tf/common_variables/01-external-network-and-resolvers.tf b/openstack-tf/modules/common_variables/external-network-and-resolvers.tf similarity index 100% rename from openstack-tf/common_variables/01-external-network-and-resolvers.tf rename to openstack-tf/modules/common_variables/external-network-and-resolvers.tf diff --git a/openstack-tf/modules/common_variables/projects-and-users-vars.tf b/openstack-tf/modules/common_variables/projects-and-users-vars.tf new file mode 100644 index 00000000..dc5d9bc7 --- /dev/null +++ b/openstack-tf/modules/common_variables/projects-and-users-vars.tf @@ -0,0 +1,52 @@ +variable "ssh_key_file" { + type = map(string) + default = { + file = "~/.ssh/id_ed25519" + name = "adellam" + } +} + +variable "ubuntu_1804" { + type = map(string) + + default = { + name = "Ubuntu-Bionic-18.04" + uuid = "7ed6a2cd-2b07-482e-8ce4-f018dff16c89" + } +} + +variable "ubuntu_2204" { + type = map(string) + default = { + name = "Ubuntu-Jammy-22.04" + uuid = "54768889-8556-4be4-a2eb-82a4d9b34627" + } +} + +variable "centos_7" { + type = map(string) + default = { + name = "CentOS-7" + uuid = "f0187a99-64f6-462a-ab5f-ef52fe62f2ca" + } +} + +variable "almalinux_9" { + type = map(string) + default = { + name = "AlmaLinux-9.0-20220718" + uuid = "541650fc-dd19-4f38-bb1d-7333ed9dd688" + } +} + +variable "ubuntu1804_data_file" { + default = "../../openstack_vm_data_scripts/ubuntu1804.sh" +} + +variable "ubuntu2204_data_file" { + default = "../../openstack_vm_data_scripts/ubuntu2204.sh" +} + +variable "el7_data_file" { + default = "../../openstack_vm_data_scripts/el7.sh" +} diff --git a/openstack-tf/modules/main_private_net_and_dns_zone/variables-external-network-and-resolvers.tf b/openstack-tf/modules/main_private_net_and_dns_zone/variables-external-network-and-resolvers.tf deleted file mode 100644 index 6df860a0..00000000 --- a/openstack-tf/modules/main_private_net_and_dns_zone/variables-external-network-and-resolvers.tf +++ /dev/null @@ -1,50 +0,0 @@ -# Global definitions -variable "main_region" { - type = string - default = "isti_area_pi_1" -} - -variable "external_network" { - type = map(string) - default = { - name = "external-network" - id = "1d2ff137-6ff7-4017-be2b-0d6c4af2353b" - } -} - -variable "floating_ip_pools" { - type = map(string) - default = { - main_public_ip_pool = "external-network" - } -} - -variable "resolvers_ip" { - type = list(string) - default = ["146.48.29.97", "146.48.29.98", "146.48.29.99"] -} - -variable "mtu_size" { - type = number - default = 8942 -} - -variable "availability_zones_names" { - type = map(string) - default = { - availability_zone_no_gpu = "cnr-isti-nova-a" - availability_zone_with_gpu = "cnr-isti-nova-gpu-a" - } -} - -variable "ssh_sources" { - type = map(string) - default = { - s2i2s_vpn_1_cidr = "146.48.28.10/32" - s2i2s_vpn_2_cidr = "146.48.28.11/32" - d4s_vpn_1_cidr = "146.48.122.27/32" - d4s_vpn_2_cidr = "146.48.122.49/32" - shell_d4s_cidr = "146.48.122.95/32" - infrascience_net_cidr = "146.48.122.0/23" - } -} diff --git a/openstack-tf/modules/main_private_net_and_dns_zone/variables.tf b/openstack-tf/modules/main_private_net_and_dns_zone/variables.tf index be3755f3..587fb45e 100644 --- a/openstack-tf/modules/main_private_net_and_dns_zone/variables.tf +++ b/openstack-tf/modules/main_private_net_and_dns_zone/variables.tf @@ -1,95 +1,65 @@ -variable "os_project_data" { - type = map(string) - default = { - id = "e8f8ca72f30648a8b389b4e745ac83a9" +# Define required providers +terraform { +required_version = ">= 0.14.0" + required_providers { + openstack = { + source = "terraform-provider-openstack/openstack" + version = "~> 1.53.0" + } } } -variable "dns_zone" { +# Global definitions +variable "main_region" { + type = string + default = "isti_area_pi_1" +} + +variable "external_network" { type = map(string) default = { - zone_name = "cloud-dev.d4science.org." - email = "postmaster@isti.cnr.it" - description = "DNS primary zone for the d4s-dev-cloud project" - ttl = 8600 + name = "external-network" + id = "1d2ff137-6ff7-4017-be2b-0d6c4af2353b" } } -variable "dns_zone_id" { - # Set with the correct value after the setup is complete - default = "" -} - -variable "main_private_network" { +variable "floating_ip_pools" { type = map(string) default = { - name = "d4s-dev-cloud-main" - description = "D4Science DEV private network (use this as the main network)" - } -} - -variable "main_private_network_id" { - # Set with the correct value after the setup is complete - default = "" -} - -variable "main_private_subnet" { - type = map(string) - default = { - name = "d4s-dev-cloud-sub" - description = "D4Science DEV main private subnet" - cidr = "10.1.28.0/22" - gateway_ip = "10.1.28.1" - allocation_start = "10.1.28.30" - allocation_end = "10.1.31.254" - } -} - -variable "main_private_subnet_id" { - # Set with the correct value after the setup is complete - default = "" -} - -variable "external_router" { - type = map(string) - default = { - name = "d4s-dev-cloud-external-router" - description = "D4Science DEV main router" - id = "2ae28c5f-036b-45db-bc9f-5bab8fa3e914" - } -} - -variable "basic_services_ip" { - type = map(string) - default = { - ca = "10.1.29.247" - ca_cidr = "10.1.29.247/32" - ssh_jump = "10.1.29.164" - ssh_jump_cidr = "10.1.29.164/32" - prometheus = "10.1.30.129" - prometheus_cidr = "10.1.30.129/32" - haproxy_l7_1 = "10.1.28.50" - haproxy_l7_1_cidr = "10.1.28.50/32" - haproxy_l7_2 = "10.1.30.241" - haproxy_l7_2_cidr = "10.1.30.241/32" - octavia_main = "10.1.28.227" - octavia_main_cidr = "10.1.28.227/32" + main_public_ip_pool = "external-network" } } -variable "main_haproxy_l7_ip" { - type = list(string) - default = ["10.1.28.50", "10.1.30.241"] - +variable "resolvers_ip" { + type = list(string) + default = ["146.48.29.97", "146.48.29.98", "146.48.29.99"] } -variable "octavia_information" { +variable "mtu_size" { + type = number + default = 8942 +} + +variable "availability_zones_names" { type = map(string) default = { - main_lb_name = "lb-dev-l4" - main_lb_description = "Main L4 load balancer for the D4Science DEV" - octavia_flavor = "octavia_amphora-mvcpu-ha" - octavia_flavor_id = "394988b5-6603-4a1e-a939-8e177c6681c7" - main_lb_hostname = "main-lb" + availability_zone_no_gpu = "cnr-isti-nova-a" + availability_zone_with_gpu = "cnr-isti-nova-gpu-a" } } + +variable "ssh_sources" { + type = map(string) + default = { + s2i2s_vpn_1_cidr = "146.48.28.10/32" + s2i2s_vpn_2_cidr = "146.48.28.11/32" + d4s_vpn_1_cidr = "146.48.122.27/32" + d4s_vpn_2_cidr = "146.48.122.49/32" + shell_d4s_cidr = "146.48.122.95/32" + infrascience_net_cidr = "146.48.122.0/23" + } +} + +output "mtu_size" { + value = var.mtu_size +} diff --git a/openstack-tf/modules/orientdb/orientdb.tf b/openstack-tf/modules/orientdb/orientdb.tf new file mode 100644 index 00000000..0ba86472 --- /dev/null +++ b/openstack-tf/modules/orientdb/orientdb.tf @@ -0,0 +1,348 @@ +# Define required providers +# terraform { +# required_version = ">= 0.14.0" +# required_providers { +# openstack = { +# source = "terraform-provider-openstack/openstack" +# version = "~> 1.53.0" +# } +# } +# } +# +# module "common_variables" { +# source = "../../modules/common_variables" +# } +# +# Server group +# +# resource "openstack_compute_servergroup_v2" "orientdb_cluster" { +# name = "orientdb_cluster" +# policies = ["soft-anti-affinity"] +# } +# # +# # Network for the cluster traffic +# # +# resource "openstack_networking_network_v2" "orientdb_network" { +# name = var.orientdb_net.network_name +# admin_state_up = "true" +# external = "false" +# description = var.orientdb_net.network_description +# mtu = module.common_variables.mtu_size_value +# port_security_enabled = true +# shared = false +# region = module.common_variables.main_region_name +# } + +# # Subnet +# resource "openstack_networking_subnet_v2" "orientdb_subnet" { +# name = "orientdb-subnet" +# description = "Subnet used by the OrientDB service" +# network_id = openstack_networking_network_v2.orientdb_network.id +# cidr = var.orientdb_net.network_cidr +# dns_nameservers = module.common_variables.resolvers_ip +# ip_version = 4 +# enable_dhcp = true +# no_gateway = true +# allocation_pool { +# start = var.orientdb_net.allocation_pool_start +# end = var.orientdb_net.allocation_pool_end +# } +# } + +# # +# # Security groups +# # +# # Between OrientDB nodes +# resource "openstack_networking_secgroup_v2" "orientdb_internal_traffic" { +# name = "orientdb_internal_docker_traffic" +# delete_default_rules = "true" +# description = "Traffic between the OrientDB nodes" +# } +# resource "openstack_networking_secgroup_rule_v2" "everything_udp" { +# count = var.orientdb_nodes_count +# security_group_id = openstack_networking_secgroup_v2.orientdb_internal_traffic.id +# description = "UDP traffic between OrientDB nodes" +# direction = "ingress" +# ethertype = "IPv4" +# protocol = "udp" +# remote_ip_prefix = var.orientdb_ip.*[count.index]/32 +# } +# resource "openstack_networking_secgroup_rule_v2" "everything_tcp" { +# count = var.orientdb_nodes_count +# security_group_id = openstack_networking_secgroup_v2.orientdb_internal_traffic.id +# description = "TCP traffic between OrientDB nodes" +# direction = "ingress" +# ethertype = "IPv4" +# protocol = "tcp" +# remote_ip_prefix = var.orientdb_ip.*[count.index]/32 +# } + +# resource "openstack_networking_secgroup_v2" "access_to_orientdb" { +# name = "access_to_orientdb" +# delete_default_rules = "true" +# description = "Clients that talk to the OrientDB service" +# } +# resource "openstack_networking_secgroup_rule_v2" "access_to_orient_udp" { +# security_group_id = openstack_networking_secgroup_v2.access_to_orientdb.id +# description = "UDP traffic" +# direction = "ingress" +# ethertype = "IPv4" +# protocol = "udp" +# remote_ip_prefix = openstack_networking_subnet_v2.orientdb_subnet.cidr +# } +# resource "openstack_networking_secgroup_rule_v2" "access_to_orient_tcp" { +# security_group_id = openstack_networking_secgroup_v2.access_to_orientdb.id +# description = "TCP traffic" +# direction = "ingress" +# ethertype = "IPv4" +# protocol = "tcp" +# remote_ip_prefix = openstack_networking_subnet_v2.orientdb_subnet.cidr +# } + +# # +# # OrientDB +# # +# # Instance +# resource "openstack_compute_instance_v2" "orientdb_servers" { +# count = local.orientdb_nodes_count +# name = format("%s-%02d", var.orientdb_data.node_name, count.index+1) +# availability_zone_hints = module.common_variables.availability_zone_no_gpu_name +# flavor_name = var.orientdb_data.node_flavor +# key_pair = module.common_variables.ssh_key_file_config +# security_groups = [openstack_networking_secgroup_v2.default.name,openstack_networking_secgroup_v2.orientdb_internal_traffic.name] +# scheduler_hints { +# group = openstack_compute_servergroup_v2.orientdb_cluster.id +# } +# block_device { +# uuid = module.ubuntu2204.uuid +# source_type = "image" +# volume_size = 10 +# boot_index = 0 +# destination_type = "volume" +# delete_on_termination = false +# } + +# block_device { +# source_type = "blank" +# volume_size = var.orientdb_data.node_data_disk_size +# boot_index = -1 +# destination_type = "volume" +# delete_on_termination = false +# } + +# network { +# name = var.main_private_network.name +# } +# network { +# name = var.orientdb_net.network_name +# fixed_ip_v4 = var.orientdb_ip.*[count.index] +# } + +# user_data = "${file("${module.common_variables.ubuntu2204_datafile}")}" +# depends_on = [ openstack_networking_subnet_v2.orientdb_subnet ] +# } + +# locals { +# orientdb_nodes_count = 3 +# } + +# +# Not using modules here +# +resource "openstack_compute_servergroup_v2" "orientdb_cluster" { + name = "orientdb_cluster" + policies = ["soft-anti-affinity"] +} +# +# Network for the cluster traffic +# +resource "openstack_networking_network_v2" "orientdb_network" { + name = var.orientdb_net.network_name + admin_state_up = "true" + external = "false" + description = var.orientdb_net.network_description + mtu = var.mtu_size + port_security_enabled = true + shared = false + region = var.main_region +} + +# Subnet +resource "openstack_networking_subnet_v2" "orientdb_subnet" { + name = "orientdb-subnet" + description = "Subnet used by the OrientDB service" + network_id = openstack_networking_network_v2.orientdb_network.id + cidr = var.orientdb_net.network_cidr + dns_nameservers = var.resolvers_ip + ip_version = 4 + enable_dhcp = true + no_gateway = true + allocation_pool { + start = var.orientdb_net.allocation_pool_start + end = var.orientdb_net.allocation_pool_end + } +} + +# +# Security groups +# +# Main OrientDB service +# Between OrientDB nodes +resource "openstack_networking_secgroup_v2" "orientdb_internal_traffic" { + name = "orientdb_internal_docker_traffic" + delete_default_rules = "true" + description = "Traffic between the OrientDB nodes" +} +resource "openstack_networking_secgroup_rule_v2" "orientdb_ports" { + count = var.orientdb_nodes_count + security_group_id = openstack_networking_secgroup_v2.orientdb_internal_traffic.id + description = "TCP traffic between OrientDB nodes" + port_range_min = 2424 + port_range_max = 2490 + direction = "ingress" + ethertype = "IPv4" + protocol = "tcp" + # remote_ip_prefix = format("%s-%02d", var.orientdb_ip, count.index+1, "/32") + remote_ip_prefix = var.orientdb_cidr.*[count.index] +} +# Access from the clients +resource "openstack_networking_secgroup_v2" "access_to_orientdb" { + name = "access_to_orientdb" + delete_default_rules = "true" + description = "Clients that talk to the OrientDB service" +} +resource "openstack_networking_secgroup_rule_v2" "access_to_orient_from_clients" { + for_each = toset([var.basic_services_ip.ssh_jump_cidr, var.resource_registry_addresses.r1, var.resource_registry_addresses.r2]) + security_group_id = openstack_networking_secgroup_v2.access_to_orientdb.id + description = "TCP traffic from the resource registries and the SSH jump server" + port_range_min = 2424 + port_range_max = 2490 + direction = "ingress" + ethertype = "IPv4" + protocol = "tcp" + remote_ip_prefix = each.key +} +resource "openstack_networking_secgroup_rule_v2" "access_to_orient_from_haproxy" { + for_each = toset( [var.basic_services_ip.haproxy_l7_1_cidr, var.basic_services_ip.haproxy_l7_2_cidr]) + security_group_id = openstack_networking_secgroup_v2.access_to_orientdb.id + description = "TCP traffic from the load balancers" + port_range_min = 2424 + port_range_max = 2424 + direction = "ingress" + ethertype = "IPv4" + protocol = "tcp" + remote_ip_prefix = each.key +} + +# OrientDB for the Smart Executor nodes +# Access from the clients +resource "openstack_networking_secgroup_v2" "access_to_orientdb_se" { + name = "access_to_orientdb_se" + delete_default_rules = "true" + description = "Clients that talk to the OrientDB service" +} +resource "openstack_networking_secgroup_rule_v2" "access_to_orient_se_from_clients" { + for_each = toset([var.basic_services_ip.ssh_jump_cidr, var.smartexecutor_addresses.sm1, var.smartexecutor_addresses.sm2,var.smartexecutor_addresses.sm3, var.smartexecutor_addresses.sm4]) + security_group_id = openstack_networking_secgroup_v2.access_to_orientdb_se.id + description = "TCP traffic from the resource registries and the SSH jump server" + port_range_min = 2424 + port_range_max = 2490 + direction = "ingress" + ethertype = "IPv4" + protocol = "tcp" + remote_ip_prefix = each.key +} +resource "openstack_networking_secgroup_rule_v2" "access_to_orient_se_from_haproxy" { + for_each = toset( [var.basic_services_ip.haproxy_l7_1_cidr, var.basic_services_ip.haproxy_l7_2_cidr]) + security_group_id = openstack_networking_secgroup_v2.access_to_orientdb_se.id + description = "TCP traffic from the load balancers" + port_range_min = 2424 + port_range_max = 2424 + direction = "ingress" + ethertype = "IPv4" + protocol = "tcp" + remote_ip_prefix = each.key +} + +# +# Swarm Manager VMs +# +# Instance +resource "openstack_compute_instance_v2" "orientdb_servers" { + count = local.orientdb_nodes_count + name = format("%s-%02d", var.orientdb_data.node_name, count.index+1) + availability_zone_hints = var.availability_zones_names.availability_zone_no_gpu + flavor_name = var.orientdb_node_flavor + key_pair = var.ssh_key_file.name + security_groups = [var.default_security_group_name,openstack_networking_secgroup_v2.orientdb_internal_traffic.name,openstack_networking_secgroup_v2.access_to_orientdb.name] + scheduler_hints { + group = openstack_compute_servergroup_v2.orientdb_cluster.id + } + block_device { + uuid = var.ubuntu_2204.uuid + source_type = "image" + volume_size = 10 + boot_index = 0 + destination_type = "volume" + delete_on_termination = false + } + + block_device { + source_type = "blank" + volume_size = var.orientdb_data.node_data_disk_size + boot_index = -1 + destination_type = "volume" + delete_on_termination = false + } + + network { + name = var.main_private_network.name + } + network { + name = var.orientdb_net.network_name + fixed_ip_v4 = var.orientdb_ip.*[count.index] + } + + user_data = "${file("${var.ubuntu2204_data_file}")}" + depends_on = [ openstack_networking_subnet_v2.orientdb_subnet ] +} + +resource "openstack_compute_instance_v2" "orientdb_se_server" { + name = "orientdb-se" + availability_zone_hints = var.availability_zones_names.availability_zone_no_gpu + flavor_name = var.orientdb_se_node_flavor + key_pair = var.ssh_key_file.name + security_groups = [var.default_security_group_name,openstack_networking_secgroup_v2.access_to_orientdb_se.name] + block_device { + uuid = var.ubuntu_2204.uuid + source_type = "image" + volume_size = 10 + boot_index = 0 + destination_type = "volume" + delete_on_termination = false + } + + block_device { + source_type = "blank" + volume_size = var.orientdb_data.node_data_disk_size + boot_index = -1 + destination_type = "volume" + delete_on_termination = false + } + + network { + name = var.main_private_network.name + } + network { + name = var.orientdb_net.network_name + fixed_ip_v4 = var.orientdb_se_ip + } + + user_data = "${file("${var.ubuntu2204_data_file}")}" + depends_on = [ openstack_networking_subnet_v2.orientdb_subnet ] +} + +locals { + orientdb_nodes_count = var.orientdb_nodes_count +} + diff --git a/openstack-tf/modules/orientdb/variables-orientdb.tf b/openstack-tf/modules/orientdb/variables-orientdb.tf new file mode 100644 index 00000000..9bf99812 --- /dev/null +++ b/openstack-tf/modules/orientdb/variables-orientdb.tf @@ -0,0 +1,48 @@ +variable "orientdb_data" { + type = map(string) + default = { + node_name = "orientdb" + node_data_disk_size = 10 + node_data_disk_device = "/dev/vdb" + } +} + +variable "orientdb_node_flavor" { + default = "" +} + +variable "orientdb_nodes_count" { + default = "" +} + +variable "orientdb_ip" { + type = list(string) + default = [ "192.168.10.5", "192.168.10.6", "192.168.10.7"] +} + +variable "orientdb_cidr" { + type = list(string) + default = [ "192.168.10.5/32", "192.168.10.6/32", "192.168.10.7/32" ] +} + +variable "orientdb_se_node_flavor" { + default = "" +} + +variable "orientdb_se_ip" { + default = "" +} +variable "orientdb_se_cidr" { + default = "" +} + +variable "orientdb_net" { + type = map(string) + default = { + network_name = "orientdb-net" + network_description = "Network used by the OrientDB cluster and to access the service" + network_cidr = "192.168.10.0/24" + allocation_pool_start = "192.168.10.11" + allocation_pool_end = "192.168.10.254" + } +}