From 8b05c335dd0fa2869bfee7ffe8e95e60d144f670 Mon Sep 17 00:00:00 2001
From: Andrea Dell'Amico <andrea.dellamico@isti.cnr.it>
Date: Tue, 5 Mar 2024 18:34:15 +0100
Subject: [PATCH] manila shares for swarm stacks.

---
 .../manila-swarm-shares/bluecloud-webodv.tf   | 115 ++++++++++++++++++
 .../manila-swarm-shares/main.tf               |  37 ++++++
 .../manila-swarm-shares/provider.tf           |   3 +
 3 files changed, 155 insertions(+)
 create mode 100644 openstack-tf/d4s-production/manila-swarm-shares/bluecloud-webodv.tf
 create mode 100644 openstack-tf/d4s-production/manila-swarm-shares/main.tf
 create mode 100644 openstack-tf/d4s-production/manila-swarm-shares/provider.tf

diff --git a/openstack-tf/d4s-production/manila-swarm-shares/bluecloud-webodv.tf b/openstack-tf/d4s-production/manila-swarm-shares/bluecloud-webodv.tf
new file mode 100644
index 0000000..1dd0a50
--- /dev/null
+++ b/openstack-tf/d4s-production/manila-swarm-shares/bluecloud-webodv.tf
@@ -0,0 +1,115 @@
+# NFS shares required by 
+# Create a NFS share
+resource "openstack_sharedfilesystem_share_v2" "webodv_private_data" {
+  name        = "sobigdata_webodv_private_data"
+  description = "NFS share for the sobigdata webodv private data"
+  share_proto = "NFS"
+  size        = 1000
+}
+
+# Allow access to the NFS share
+resource "openstack_sharedfilesystem_share_access_v2" "webodv_mgr_private_data_share_access" {
+  for_each     = { for nfs_ip in data.terraform_remote_state.main_infrastructure.outputs.swarm_managers_nfs_ip_ports : join("", nfs_ip.all_fixed_ips) => nfs_ip }
+  share_id     = openstack_sharedfilesystem_share_v2.webodv_private_data.id
+  access_type  = "ip"
+  access_to    = each.key
+  access_level = "rw"
+}
+
+resource "openstack_sharedfilesystem_share_access_v2" "webodv_workers_private_data_share_access" {
+  for_each     = { for nfs_ip in data.terraform_remote_state.main_infrastructure.outputs.swarm_workers_nfs_ip_ports : join("", nfs_ip.all_fixed_ips) => nfs_ip }
+  share_id     = openstack_sharedfilesystem_share_v2.webodv_private_data.id
+  access_type  = "ip"
+  access_to    = each.key
+  access_level = "rw"
+}
+
+resource "openstack_sharedfilesystem_share_v2" "webodv_home_data" {
+  name        = "sobigdata_webodv_home_data"
+  description = "NFS share for the sobigdata webodv home data"
+  share_proto = "NFS"
+  size        = 10
+}
+
+# Allow access to the NFS share
+resource "openstack_sharedfilesystem_share_access_v2" "webodv_mgr_home_data_share_access" {
+  for_each     = { for nfs_ip in data.terraform_remote_state.main_infrastructure.outputs.swarm_managers_nfs_ip_ports : join("", nfs_ip.all_fixed_ips) => nfs_ip }
+  share_id     = openstack_sharedfilesystem_share_v2.webodv_home_data.id
+  access_type  = "ip"
+  access_to    = each.key
+  access_level = "rw"
+}
+
+resource "openstack_sharedfilesystem_share_access_v2" "webodv_workers_home_data_share_access" {
+  for_each     = { for nfs_ip in data.terraform_remote_state.main_infrastructure.outputs.swarm_workers_nfs_ip_ports : join("", nfs_ip.all_fixed_ips) => nfs_ip }
+  share_id     = openstack_sharedfilesystem_share_v2.webodv_home_data.id
+  access_type  = "ip"
+  access_to    = each.key
+  access_level = "rw"
+}
+
+resource "openstack_sharedfilesystem_share_v2" "webodv_public_data" {
+  name        = "sobigdata_webodv_home_data"
+  description = "NFS share for the sobigdata webodv home data"
+  share_proto = "NFS"
+  size        = 10
+}
+
+# Allow access to the NFS share
+resource "openstack_sharedfilesystem_share_access_v2" "webodv_mgr_public_data_share_access" {
+  for_each     = { for nfs_ip in data.terraform_remote_state.main_infrastructure.outputs.swarm_managers_nfs_ip_ports : join("", nfs_ip.all_fixed_ips) => nfs_ip }
+  share_id     = openstack_sharedfilesystem_share_v2.webodv_public_data.id
+  access_type  = "ip"
+  access_to    = each.key
+  access_level = "rw"
+}
+
+resource "openstack_sharedfilesystem_share_access_v2" "webodv_workers_public_data_share_access" {
+  for_each     = { for nfs_ip in data.terraform_remote_state.main_infrastructure.outputs.swarm_workers_nfs_ip_ports : join("", nfs_ip.all_fixed_ips) => nfs_ip }
+  share_id     = openstack_sharedfilesystem_share_v2.webodv_public_data.id
+  access_type  = "ip"
+  access_to    = each.key
+  access_level = "rw"
+}
+
+output "webodv_nfs_private_data" {
+  value = openstack_sharedfilesystem_share_v2.webodv_private_data
+}
+
+output "webodv_nfs_private_data_mgr_acls" {
+  value = openstack_sharedfilesystem_share_access_v2.webodv_mgr_private_data_share_access
+  sensitive = true
+}
+
+output "webodv_nfs_private_data_workers_acls" {
+  value = openstack_sharedfilesystem_share_access_v2.webodv_workers_private_data_share_access
+  sensitive = true
+}
+
+output "webodv_nfs_home_data" {
+  value = openstack_sharedfilesystem_share_v2.webodv_home_data
+}
+
+output "webodv_nfs_home_data_mgr_acls" {
+  value = openstack_sharedfilesystem_share_access_v2.webodv_mgr_home_data_share_access
+  sensitive = true
+}
+
+output "webodv_nfs_home_data_workers_acls" {
+  value = openstack_sharedfilesystem_share_access_v2.webodv_workers_home_data_share_access
+  sensitive = true
+}
+
+output "webodv_nfs_public_data" {
+  value = openstack_sharedfilesystem_share_v2.webodv_public_data
+}
+
+output "webodv_nfs_public_data_mgr_acls" {
+  value = openstack_sharedfilesystem_share_access_v2.webodv_mgr_public_data_share_access
+  sensitive = true
+}
+
+output "webodv_nfs_public_data_workers_acls" {
+  value = openstack_sharedfilesystem_share_access_v2.webodv_workers_public_data_share_access
+  sensitive = true
+}
diff --git a/openstack-tf/d4s-production/manila-swarm-shares/main.tf b/openstack-tf/d4s-production/manila-swarm-shares/main.tf
new file mode 100644
index 0000000..8741139
--- /dev/null
+++ b/openstack-tf/d4s-production/manila-swarm-shares/main.tf
@@ -0,0 +1,37 @@
+# Define required providers
+terraform {
+  required_version = ">= 0.14.0"
+  required_providers {
+    openstack = {
+      source  = "terraform-provider-openstack/openstack"
+      version = "~> 1.53.0"
+    }
+  }
+}
+
+data "terraform_remote_state" "privnet_dns_router" {
+  backend = "local"
+
+  config = {
+    path = "../project-setup/terraform.tfstate"
+  }
+}
+
+data "terraform_remote_state" "main_infrastructure" {
+  backend = "local"
+
+  config = {
+    path = "../basic-infrastructure/terraform.tfstate"
+  }
+}
+
+# SSH settings
+module "ssh_settings" {
+  source = "../../modules/ssh-key-ref"
+}
+#
+# Uses common_variables as module
+#
+module "common_variables" {
+  source = "../../modules/common_variables"
+}
diff --git a/openstack-tf/d4s-production/manila-swarm-shares/provider.tf b/openstack-tf/d4s-production/manila-swarm-shares/provider.tf
new file mode 100644
index 0000000..ca8de74
--- /dev/null
+++ b/openstack-tf/d4s-production/manila-swarm-shares/provider.tf
@@ -0,0 +1,3 @@
+provider "openstack" {
+  cloud = "d4s-production"
+}