From b44b80108ab1108ba66eef4b3f95e9d83add1b3b Mon Sep 17 00:00:00 2001 From: Andrea Dell'Amico Date: Wed, 7 Feb 2024 12:06:45 +0100 Subject: [PATCH] Change the mongodb ACL. Introduce the use of modules. --- openstack-tf/d4s-production/mongodb/main.tf | 18 +- .../mongodb/mongodb.auto.tfvars | 16 +- .../d4s-production/mongodb/provider.tf | 2 +- .../d4s-production/mongodb/terraform.tfstate | 401 +++++++++++++++++- .../modules/common_variables/variables.tf | 2 +- openstack-tf/modules/mongodb/mongodb.tf | 22 +- 6 files changed, 424 insertions(+), 37 deletions(-) diff --git a/openstack-tf/d4s-production/mongodb/main.tf b/openstack-tf/d4s-production/mongodb/main.tf index 00dcf68..a74b798 100644 --- a/openstack-tf/d4s-production/mongodb/main.tf +++ b/openstack-tf/d4s-production/mongodb/main.tf @@ -1,6 +1,6 @@ # Define required providers terraform { -required_version = ">= 0.14.0" + required_version = ">= 0.14.0" required_providers { openstack = { source = "terraform-provider-openstack/openstack" @@ -17,10 +17,14 @@ data "terraform_remote_state" "privnet_dns_router" { } } -# module "variables" { -# source = "../variables" -# } +# +# Uses common_variables as module +# +module "common_variables" { + source = "../../modules/common_variables" +} + +module "ssh_settings" { + source = "../../modules/ssh-key-ref" +} -# module "mongodb" { -# source = "../../modules/mongodb" -# } diff --git a/openstack-tf/d4s-production/mongodb/mongodb.auto.tfvars b/openstack-tf/d4s-production/mongodb/mongodb.auto.tfvars index 231b5e1..79b34f0 100644 --- a/openstack-tf/d4s-production/mongodb/mongodb.auto.tfvars +++ b/openstack-tf/d4s-production/mongodb/mongodb.auto.tfvars @@ -1,18 +1,18 @@ mongodb_cluster_data = { - count = 4 - name = "mongodb-replica" - flavor = "m2.large" - data_disk_size = 10000 + count = 4 + name = "mongodb-replica" + flavor = "m2.large" + data_disk_size = 10000 image_type_name = "Ubuntu-Focal-20.04" image_type_uuid = "75c23040-2be7-49e9-8029-a16dc9f755d1" } -mongodb_ip = [ "10.1.40.22", "10.1.40.23", "10.1.40.24", "10.1.40.25" ] +mongodb_ip = ["10.1.40.22", "10.1.40.23", "10.1.40.24", "10.1.40.25"] mongodb_vol_data = { - name = "mongodb-vol" - flavor = "m1.medium" - data_disk_size = 200 + name = "mongodb-vol" + flavor = "m1.medium" + data_disk_size = 200 image_type_name = "Ubuntu-Focal-20.04" image_type_uuid = "75c23040-2be7-49e9-8029-a16dc9f755d1" } diff --git a/openstack-tf/d4s-production/mongodb/provider.tf b/openstack-tf/d4s-production/mongodb/provider.tf index a0cf95e..ca8de74 100644 --- a/openstack-tf/d4s-production/mongodb/provider.tf +++ b/openstack-tf/d4s-production/mongodb/provider.tf @@ -1,3 +1,3 @@ provider "openstack" { - cloud = "d4s-production" + cloud = "d4s-production" } diff --git a/openstack-tf/d4s-production/mongodb/terraform.tfstate b/openstack-tf/d4s-production/mongodb/terraform.tfstate index e18f4b3..7739e25 100644 --- a/openstack-tf/d4s-production/mongodb/terraform.tfstate +++ b/openstack-tf/d4s-production/mongodb/terraform.tfstate @@ -1,7 +1,7 @@ { "version": 4, - "terraform_version": "1.6.4", - "serial": 39, + "terraform_version": "1.6.6", + "serial": 41, "lineage": "8125b507-dffc-191e-5c2e-5ad0afce4380", "outputs": {}, "resources": [ @@ -29,18 +29,362 @@ "defaults": null, "outputs": { "value": { + "almalinux_9": { + "name": "AlmaLinux-9.0-20220718", + "uuid": "541650fc-dd19-4f38-bb1d-7333ed9dd688" + }, + "availability_zone_no_gpu_name": "cnr-isti-nova-a", + "availability_zone_with_gpu_name": "cnr-isti-nova-gpu-a", + "availability_zones_names": { + "availability_zone_no_gpu": "cnr-isti-nova-a", + "availability_zone_with_gpu": "cnr-isti-nova-gpu-a" + }, + "basic_services_ip": { + "ca": "10.1.40.4", + "ca_cidr": "10.1.40.4/32", + "haproxy_l7_1": "10.1.40.11", + "haproxy_l7_1_cidr": "10.1.40.11/32", + "haproxy_l7_2": "10.1.40.12", + "haproxy_l7_2_cidr": "10.1.40.12/32", + "octavia_main": "10.1.40.20", + "octavia_main_cidr": "10.1.40.20/32", + "prometheus": "10.1.40.10", + "prometheus_cidr": "10.1.40.10/32", + "ssh_jump": "10.1.40.5", + "ssh_jump_cidr": "10.1.40.5/32" + }, + "centos_7": { + "name": "CentOS-7", + "uuid": "f0187a99-64f6-462a-ab5f-ef52fe62f2ca" + }, + "default_security_group_name": "default_for_all", + "dns_zone": { + "description": "DNS primary zone for the d4s-production-cloud project", + "email": "postmaster@isti.cnr.it", + "ttl": "8600", + "zone_name": "cloud.d4science.org." + }, "dns_zone_id": "74135b34-1a9c-4c01-8cf0-22450a5660c4", - "external_gateway_ip": "146.48.31.57", + "el7_data_file": "../../openstack_vm_data_scripts/el7.sh", + "external_gateway_ip": [ + { + "ip_address": "146.48.31.57", + "subnet_id": "57f87509-4016-46fb-b8c3-25fca7f72ccb" + } + ], + "external_network": { + "id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b", + "name": "external-network" + }, + "external_network_id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b", + "external_router": { + "description": "D4Science Production main router", + "id": "cc26064a-bb08-4c0b-929f-d0cb39f934a3", + "name": "d4s-production-cloud-external-router" + }, + "flavor_list": { + "c1_large": "c1.large", + "c1_medium": "c1.medium", + "c1_small": "c1.small", + "c2_large": "c2.large", + "m1_large": "m1.large", + "m1_medium": "m1.medium", + "m1_xlarge": "m1.xlarge", + "m1_xxl": "m1.xxl", + "m2_large": "m2.large", + "m2_medium": "m2.medium", + "m2_small": "m2.small", + "m3_large": "m3.large" + }, + "floating_ip_pools": { + "main_public_ip_pool": "external-network" + }, + "haproxy_l7_data": { + "flavor": "m1.medium", + "haproxy_1": "haproxy-l7-1", + "haproxy_2": "haproxy-l7-2", + "name": "main-haproxy-l7", + "vm_count": "2" + }, + "internal_ca_data": { + "flavor": "m1.small", + "name": "ca" + }, + "main_haproxy_l7_ip": [ + "10.1.40.11", + "10.1.40.12" + ], + "main_private_network": { + "description": "D4Science Production private network (use this as the main network)", + "name": "d4s-production-cloud-main" + }, "main_private_network_id": "020df98d-ae72-452a-b376-3b6dc289acac", - "main_subnet_network_id": "5d7b83ad-e058-4a3a-bfd8-d20ba6d42e1a" + "main_private_subnet": { + "allocation_end": "10.1.47.254", + "allocation_start": "10.1.41.100", + "cidr": "10.1.40.0/21", + "description": "D4Science Production main private subnet", + "gateway_ip": "10.1.40.1", + "name": "d4s-production-cloud-main-subnet" + }, + "main_region": "isti_area_pi_1", + "main_subnet_network_id": "5d7b83ad-e058-4a3a-bfd8-d20ba6d42e1a", + "mtu_size": 8942, + "networks_list": { + "cassandra": "cassandra-net", + "orientdb": "orientdb-net", + "orientdb_se": "orientdb-se-net", + "shared_postgresql": "postgresql-srv-net", + "swarm": "swarm-nfs-net", + "timescaledb": "timescaledb-net" + }, + "networks_with_d4s_services": { + "garr_ct1_net": "90.147.166.0/23", + "garr_na_net": "90.147.152.0/24", + "garr_pa1_net": "90.147.188.0/23", + "infrascience_net": "146.48.122.0/23", + "isti_net": "146.48.80.0/21", + "s2i2s_net": "146.48.28.0/22" + }, + "nfs_share_no_ingress_secgroup_id": "167e4897-f776-4cbd-986f-77313aa68af2", + "octavia_information": { + "main_lb_description": "Main L4 load balancer for the D4Science production", + "main_lb_hostname": "main-lb", + "main_lb_name": "d4s-production-cloud-l4-load-balancer", + "octavia_flavor": "octavia_amphora-mvcpu-ha", + "octavia_flavor_id": "394988b5-6603-4a1e-a939-8e177c6681c7", + "swarm_lb_name": "d4s-production-cloud-l4-swarm-load-balancer" + }, + "os_project_data": { + "id": "1b45adf388934758b56d0dfdb4bfacf3" + }, + "policy_list": { + "affinity": "affinity", + "anti_affinity": "anti-affinity", + "soft_affinity": "soft-affinity", + "soft_anti_affinity": "soft-anti-affinity" + }, + "prometheus_server_data": { + "flavor": "m1.medium", + "name": "prometheus", + "public_grafana_server_cidr": "146.48.28.103/32", + "vol_data_device": "/dev/vdb", + "vol_data_name": "prometheus-data", + "vol_data_size": "100" + }, + "resolvers_ip": [ + "146.48.29.97", + "146.48.29.98", + "146.48.29.99" + ], + "resource_registry_addresses": {}, + "security_group_list": { + "acaland": "acaland's dev machine", + "access_to_orientdb": "access_to_orientdb", + "access_to_orientdb_se": "access_to_orientdb_se", + "access_to_the_timescaledb_service": "access_to_the_timescaledb_service", + "cassandra": "Cassandra", + "dataminer-publish": "dataminer-publish", + "debugging_from_jump_node": "debugging_from_jump_node", + "default": "default", + "docker_swarm": "Docker Swarm", + "docker_swarm_NFS": "Docker Swarm NFS", + "haproxy": "traffic_from_main_lb_to_haproxy_l7", + "http_and_https_from_the_load_balancers": "traffic_from_the_main_load_balancers", + "limited_HTTPS_access": "restricted_web_service", + "limited_SSH_access": "Limited SSH access", + "mongo": "mongo", + "nfs_share_no_ingress": "nfs_share_no_ingress", + "orientdb_internal_docker_traffic": "orientdb_internal_docker_traffic", + "postgreSQL": "PostgreSQL service", + "public_HTTPS": "Public HTTPS" + }, + "shared_postgresql_server_data": { + "allocation_pool_end": "192.168.3.254", + "allocation_pool_start": "192.168.0.100", + "flavor": "m1.medium", + "name": "shared-postgresql-server", + "network_cidr": "192.168.0.0/22", + "network_description": "Network used to communicate with the shared postgresql service", + "network_name": "postgresql-srv-net", + "server_cidr": "192.168.0.5/22", + "server_ip": "192.168.0.5", + "vol_data_device": "/dev/vdb", + "vol_data_name": "shared-postgresql-data", + "vol_data_size": "100" + }, + "smartexecutor_addresses": {}, + "ssh_jump_proxy": { + "flavor": "m2.small", + "name": "ssh-jump-proxy" + }, + "ssh_sources": { + "d4s_vpn_1_cidr": "146.48.122.27/32", + "d4s_vpn_2_cidr": "146.48.122.49/32", + "infrascience_net_cidr": "146.48.122.0/23", + "s2i2s_vpn_1_cidr": "146.48.28.10/32", + "s2i2s_vpn_2_cidr": "146.48.28.11/32", + "shell_d4s_cidr": "146.48.122.95/32" + }, + "storage_nfs_network_id": "5f4023cc-4016-404c-94e5-86220095fbaf", + "storage_nfs_subnet_id": "6ff0f9e8-0e74-4cc3-a268-7ed4af435696", + "ubuntu1804_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh", + "ubuntu2204_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh", + "ubuntu_1804": { + "name": "Ubuntu-Bionic-18.04", + "user_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh", + "uuid": "7ed6a2cd-2b07-482e-8ce4-f018dff16c89" + }, + "ubuntu_2204": { + "name": "Ubuntu-Jammy-22.04", + "user_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh", + "uuid": "54768889-8556-4be4-a2eb-82a4d9b34627" + } }, "type": [ "object", { + "almalinux_9": [ + "map", + "string" + ], + "availability_zone_no_gpu_name": "string", + "availability_zone_with_gpu_name": "string", + "availability_zones_names": [ + "map", + "string" + ], + "basic_services_ip": [ + "map", + "string" + ], + "centos_7": [ + "map", + "string" + ], + "default_security_group_name": "string", + "dns_zone": [ + "map", + "string" + ], "dns_zone_id": "string", - "external_gateway_ip": "string", + "el7_data_file": "string", + "external_gateway_ip": [ + "list", + [ + "object", + { + "ip_address": "string", + "subnet_id": "string" + } + ] + ], + "external_network": [ + "map", + "string" + ], + "external_network_id": "string", + "external_router": [ + "map", + "string" + ], + "flavor_list": [ + "map", + "string" + ], + "floating_ip_pools": [ + "map", + "string" + ], + "haproxy_l7_data": [ + "map", + "string" + ], + "internal_ca_data": [ + "map", + "string" + ], + "main_haproxy_l7_ip": [ + "list", + "string" + ], + "main_private_network": [ + "map", + "string" + ], "main_private_network_id": "string", - "main_subnet_network_id": "string" + "main_private_subnet": [ + "map", + "string" + ], + "main_region": "string", + "main_subnet_network_id": "string", + "mtu_size": "number", + "networks_list": [ + "map", + "string" + ], + "networks_with_d4s_services": [ + "map", + "string" + ], + "nfs_share_no_ingress_secgroup_id": "string", + "octavia_information": [ + "map", + "string" + ], + "os_project_data": [ + "map", + "string" + ], + "policy_list": [ + "map", + "string" + ], + "prometheus_server_data": [ + "map", + "string" + ], + "resolvers_ip": [ + "list", + "string" + ], + "resource_registry_addresses": [ + "map", + "string" + ], + "security_group_list": [ + "map", + "string" + ], + "shared_postgresql_server_data": [ + "map", + "string" + ], + "smartexecutor_addresses": [ + "map", + "string" + ], + "ssh_jump_proxy": [ + "map", + "string" + ], + "ssh_sources": [ + "map", + "string" + ], + "storage_nfs_network_id": "string", + "storage_nfs_subnet_id": "string", + "ubuntu1804_data_file": "string", + "ubuntu2204_data_file": "string", + "ubuntu_1804": [ + "map", + "string" + ], + "ubuntu_2204": [ + "map", + "string" + ] } ] }, @@ -71,6 +415,7 @@ "sensitive_attributes": [], "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDB9fQ==", "dependencies": [ + "data.terraform_remote_state.privnet_dns_router", "openstack_compute_instance_v2.mongodb_cluster_nodes", "openstack_compute_servergroup_v2.mongodb", "openstack_networking_floatingip_v2.mongodb_cluster_floating_ip", @@ -92,6 +437,7 @@ "sensitive_attributes": [], "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDB9fQ==", "dependencies": [ + "data.terraform_remote_state.privnet_dns_router", "openstack_compute_instance_v2.mongodb_cluster_nodes", "openstack_compute_servergroup_v2.mongodb", "openstack_networking_floatingip_v2.mongodb_cluster_floating_ip", @@ -113,6 +459,7 @@ "sensitive_attributes": [], "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDB9fQ==", "dependencies": [ + "data.terraform_remote_state.privnet_dns_router", "openstack_compute_instance_v2.mongodb_cluster_nodes", "openstack_compute_servergroup_v2.mongodb", "openstack_networking_floatingip_v2.mongodb_cluster_floating_ip", @@ -134,6 +481,7 @@ "sensitive_attributes": [], "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDB9fQ==", "dependencies": [ + "data.terraform_remote_state.privnet_dns_router", "openstack_compute_instance_v2.mongodb_cluster_nodes", "openstack_compute_servergroup_v2.mongodb", "openstack_networking_floatingip_v2.mongodb_cluster_floating_ip", @@ -162,6 +510,7 @@ "sensitive_attributes": [], "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDB9fQ==", "dependencies": [ + "data.terraform_remote_state.privnet_dns_router", "openstack_compute_instance_v2.mongodb_vol_node", "openstack_networking_floatingip_v2.mongodb_vol_floating_ip", "openstack_networking_secgroup_v2.mongodb_cluster_traffic" @@ -269,6 +618,7 @@ "sensitive_attributes": [], "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19", "dependencies": [ + "data.terraform_remote_state.privnet_dns_router", "openstack_compute_servergroup_v2.mongodb", "openstack_networking_secgroup_v2.mongodb_cluster_traffic" ] @@ -367,6 +717,7 @@ "sensitive_attributes": [], "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19", "dependencies": [ + "data.terraform_remote_state.privnet_dns_router", "openstack_compute_servergroup_v2.mongodb", "openstack_networking_secgroup_v2.mongodb_cluster_traffic" ] @@ -465,6 +816,7 @@ "sensitive_attributes": [], "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19", "dependencies": [ + "data.terraform_remote_state.privnet_dns_router", "openstack_compute_servergroup_v2.mongodb", "openstack_networking_secgroup_v2.mongodb_cluster_traffic" ] @@ -563,6 +915,7 @@ "sensitive_attributes": [], "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19", "dependencies": [ + "data.terraform_remote_state.privnet_dns_router", "openstack_compute_servergroup_v2.mongodb", "openstack_networking_secgroup_v2.mongodb_cluster_traffic" ] @@ -647,7 +1000,7 @@ "mongodb_cluster_traffic" ], "stop_before_destroy": false, - "tags": null, + "tags": [], "timeouts": null, "updated": "2023-11-17 15:37:07 +0000 UTC", "user_data": "bb83b25fd1219aa1b850ece9be8d7b0f31714608", @@ -657,6 +1010,7 @@ "sensitive_attributes": [], "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19", "dependencies": [ + "data.terraform_remote_state.privnet_dns_router", "openstack_networking_secgroup_v2.mongodb_cluster_traffic" ] } @@ -723,6 +1077,7 @@ "sensitive_attributes": [], "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19", "dependencies": [ + "data.terraform_remote_state.privnet_dns_router", "openstack_compute_instance_v2.mongodb_cluster_nodes", "openstack_compute_servergroup_v2.mongodb", "openstack_networking_floatingip_v2.mongodb_cluster_floating_ip", @@ -751,6 +1106,7 @@ "sensitive_attributes": [], "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19", "dependencies": [ + "data.terraform_remote_state.privnet_dns_router", "openstack_compute_instance_v2.mongodb_cluster_nodes", "openstack_compute_servergroup_v2.mongodb", "openstack_networking_floatingip_v2.mongodb_cluster_floating_ip", @@ -779,6 +1135,7 @@ "sensitive_attributes": [], "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19", "dependencies": [ + "data.terraform_remote_state.privnet_dns_router", "openstack_compute_instance_v2.mongodb_cluster_nodes", "openstack_compute_servergroup_v2.mongodb", "openstack_networking_floatingip_v2.mongodb_cluster_floating_ip", @@ -807,6 +1164,7 @@ "sensitive_attributes": [], "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19", "dependencies": [ + "data.terraform_remote_state.privnet_dns_router", "openstack_compute_instance_v2.mongodb_cluster_nodes", "openstack_compute_servergroup_v2.mongodb", "openstack_networking_floatingip_v2.mongodb_cluster_floating_ip", @@ -842,6 +1200,7 @@ "sensitive_attributes": [], "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19", "dependencies": [ + "data.terraform_remote_state.privnet_dns_router", "openstack_compute_instance_v2.mongodb_vol_node", "openstack_networking_floatingip_v2.mongodb_vol_floating_ip", "openstack_networking_secgroup_v2.mongodb_cluster_traffic" @@ -967,10 +1326,10 @@ "description": "MongoDB Volatile", "dns_domain": "", "dns_name": "", - "fixed_ip": "", + "fixed_ip": "10.1.40.29", "id": "e30940cd-1a48-4e8b-95d9-458f7bc23f16", "pool": "external-network", - "port_id": "", + "port_id": "4624b95e-a7d5-4260-a1a1-7e874af3111c", "region": "isti_area_pi_1", "subnet_id": null, "subnet_ids": null, @@ -1069,6 +1428,30 @@ "openstack_networking_secgroup_v2.mongodb_cluster_traffic" ] }, + { + "index_key": "146.48.80.0/21", + "schema_version": 0, + "attributes": { + "description": "Access to the MongoDB service", + "direction": "ingress", + "ethertype": "IPv4", + "id": "e5848f09-96f8-4e06-b2a1-f917280e0ed7", + "port_range_max": 27017, + "port_range_min": 27017, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "146.48.80.0/21", + "security_group_id": "6db66d56-dfa2-40ce-9724-9fef9e77275c", + "tenant_id": "1b45adf388934758b56d0dfdb4bfacf3", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.mongodb_cluster_traffic" + ] + }, { "index_key": "90.147.152.0/24", "schema_version": 0, diff --git a/openstack-tf/modules/common_variables/variables.tf b/openstack-tf/modules/common_variables/variables.tf index b392f16..393bcb5 100644 --- a/openstack-tf/modules/common_variables/variables.tf +++ b/openstack-tf/modules/common_variables/variables.tf @@ -194,7 +194,7 @@ variable "flavor_list" { m2_small = "m2.small" #RAM 8 - VCPUs 2 m2_medium = "m2.medium" #RAM 16 - VCPUs 4 m2_large = "m2.large" #RAM 32 - VCPUs 8 - m3_large = "m3.large" #RAM 64 - VCPUs 16 + m3_large = "m3.large" #RAM 64 - VCPUs 16 } } diff --git a/openstack-tf/modules/mongodb/mongodb.tf b/openstack-tf/modules/mongodb/mongodb.tf index 904f4da..22c2e07 100644 --- a/openstack-tf/modules/mongodb/mongodb.tf +++ b/openstack-tf/modules/mongodb/mongodb.tf @@ -28,7 +28,7 @@ resource "openstack_networking_secgroup_rule_v2" "access_to_the_mongodb_service_ remote_ip_prefix = var.main_private_subnet.cidr } resource "openstack_networking_secgroup_rule_v2" "access_to_the_mongodb_service_from_the_outside" { - for_each = toset([var.networks_with_d4s_services.infrascience_net, var.networks_with_d4s_services.s2i2s_net, var.networks_with_d4s_services.garr_ct1_net, var.networks_with_d4s_services.garr_pa1_net, var.networks_with_d4s_services.garr_na_net]) + for_each = toset([var.networks_with_d4s_services.infrascience_net, var.networks_with_d4s_services.s2i2s_net, var.networks_with_d4s_services.garr_ct1_net, var.networks_with_d4s_services.garr_pa1_net, var.networks_with_d4s_services.garr_na_net, var.networks_with_d4s_services.isti_net]) security_group_id = openstack_networking_secgroup_v2.mongodb_cluster_traffic.id description = "Access to the MongoDB service" direction = "ingress" @@ -68,8 +68,8 @@ resource "openstack_compute_instance_v2" "mongodb_cluster_nodes" { name = format("%s-%02d", var.mongodb_cluster_data.name, count.index + 2) availability_zone_hints = var.availability_zones_names.availability_zone_no_gpu flavor_name = var.mongodb_cluster_data.flavor - key_pair = var.ssh_key_file.name - security_groups = [var.default_security_group_name, openstack_networking_secgroup_v2.mongodb_cluster_traffic.name] + key_pair = module.ssh_settings.ssh_key_file + security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, openstack_networking_secgroup_v2.mongodb_cluster_traffic.name] scheduler_hints { group = openstack_compute_servergroup_v2.mongodb.id } @@ -94,7 +94,7 @@ resource "openstack_compute_instance_v2" "mongodb_cluster_nodes" { name = var.main_private_network.name fixed_ip_v4 = var.mongodb_ip.* [count.index] } - user_data = file("${var.ubuntu2204_data_file}") + user_data = file("${module.common_variables.ubuntu_2204.user_data_file}") # Do not replace the instance when the ssh key changes lifecycle { ignore_changes = [ @@ -124,8 +124,8 @@ resource "openstack_compute_floatingip_associate_v2" "mongodb_cluster_ip" { resource "openstack_dns_recordset_v2" "mongodb_cluster_dns_recordsets" { count = var.mongodb_cluster_data.count - zone_id = var.dns_zone_id - name = join(".", [element(openstack_compute_instance_v2.mongodb_cluster_nodes.*.name, count.index), var.dns_zone.zone_name]) + zone_id = data.terraform_remote_state.privnet_dns_router.outputs.dns_zone_id + name = join(".", [element(openstack_compute_instance_v2.mongodb_cluster_nodes.*.name, count.index), data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name]) description = "Mongodb public hostnames" ttl = 8600 type = "A" @@ -141,8 +141,8 @@ resource "openstack_compute_instance_v2" "mongodb_vol_node" { name = "mongodb-vol" availability_zone_hints = var.availability_zones_names.availability_zone_no_gpu flavor_name = var.mongodb_vol_data.flavor - key_pair = var.ssh_key_file.name - security_groups = [var.default_security_group_name, openstack_networking_secgroup_v2.mongodb_cluster_traffic.name] + key_pair = module.ssh_settings.ssh_key_file + security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, openstack_networking_secgroup_v2.mongodb_cluster_traffic.name] block_device { uuid = var.mongodb_vol_data.image_type_uuid source_type = "image" @@ -164,7 +164,7 @@ resource "openstack_compute_instance_v2" "mongodb_vol_node" { name = var.main_private_network.name fixed_ip_v4 = var.mongodb_vol_ip } - user_data = file("${var.ubuntu2204_data_file}") + user_data = file("${module.common_variables.ubuntu_2204.user_data_file}") # Do not replace the instance when the ssh key changes lifecycle { ignore_changes = [ @@ -191,8 +191,8 @@ resource "openstack_compute_floatingip_associate_v2" "mongodb_vol_public_ip" { } resource "openstack_dns_recordset_v2" "mongodb_vol_dns_recordsets" { - zone_id = var.dns_zone_id - name = join(".", [openstack_compute_instance_v2.mongodb_vol_node.name], [var.dns_zone.zone_name]) + zone_id = data.terraform_remote_state.privnet_dns_router.outputs.dns_zone_id + name = join(".", [openstack_compute_instance_v2.mongodb_vol_node.name], [data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name]) description = "Mongodb Volatile public hostnames" ttl = 8600 type = "A"