Start the conversions to modules.
This commit is contained in:
parent
9c9e4bed7b
commit
bdcff8147e
|
@ -0,0 +1,16 @@
|
||||||
|
# Define required providers
|
||||||
|
terraform {
|
||||||
|
required_version = ">= 0.14.0"
|
||||||
|
required_providers {
|
||||||
|
openstack = {
|
||||||
|
source = "terraform-provider-openstack/openstack"
|
||||||
|
version = "~> 1.53.0"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
provider "openstack" {
|
||||||
|
cloud = "d4s-dev"
|
||||||
|
# cloud = "ISTI-Cloud"
|
||||||
|
}
|
||||||
|
|
|
@ -1 +0,0 @@
|
||||||
../../common_variables/00-terraform-provider.tf
|
|
|
@ -1 +0,0 @@
|
||||||
../variables/00-variables.tf
|
|
|
@ -1 +0,0 @@
|
||||||
../../common_variables/01-external-network-and-resolvers.tf
|
|
|
@ -1 +0,0 @@
|
||||||
../../common_setups/10-main-network.tf
|
|
|
@ -0,0 +1,4 @@
|
||||||
|
module "main-network" {
|
||||||
|
source = "../../modules/main_private_net_and_dns_zone"
|
||||||
|
}
|
||||||
|
|
|
@ -1,5 +0,0 @@
|
||||||
provider "openstack" {
|
|
||||||
# cloud = "d4s-dev"
|
|
||||||
cloud = "ISTI-Cloud"
|
|
||||||
}
|
|
||||||
|
|
|
@ -1,8 +1,8 @@
|
||||||
{
|
{
|
||||||
"version": 4,
|
"version": 4,
|
||||||
"terraform_version": "1.6.3",
|
"terraform_version": "1.6.3",
|
||||||
"serial": 12,
|
"serial": 6,
|
||||||
"lineage": "8e064d5b-7e27-7da1-5aa2-330932157309",
|
"lineage": "194691ec-f344-4bd2-98ae-cbd15e9c9cdf",
|
||||||
"outputs": {
|
"outputs": {
|
||||||
"dns_zone_id": {
|
"dns_zone_id": {
|
||||||
"value": "cbae638a-9d99-44aa-946c-0f5ffb7fc488",
|
"value": "cbae638a-9d99-44aa-946c-0f5ffb7fc488",
|
||||||
|
@ -32,7 +32,7 @@
|
||||||
"schema_version": 0,
|
"schema_version": 0,
|
||||||
"attributes": {
|
"attributes": {
|
||||||
"description": "ACME challenge delegation",
|
"description": "ACME challenge delegation",
|
||||||
"disable_status_check": false,
|
"disable_status_check": null,
|
||||||
"id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488/5e69d2f7-1926-4a74-b0c4-ad675975c144",
|
"id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488/5e69d2f7-1926-4a74-b0c4-ad675975c144",
|
||||||
"name": "_acme-challenge.cloud-dev.d4science.org.",
|
"name": "_acme-challenge.cloud-dev.d4science.org.",
|
||||||
"project_id": "e8f8ca72f30648a8b389b4e745ac83a9",
|
"project_id": "e8f8ca72f30648a8b389b4e745ac83a9",
|
||||||
|
@ -47,10 +47,7 @@
|
||||||
"zone_id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488"
|
"zone_id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488"
|
||||||
},
|
},
|
||||||
"sensitive_attributes": [],
|
"sensitive_attributes": [],
|
||||||
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19",
|
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMCJ9"
|
||||||
"dependencies": [
|
|
||||||
"openstack_dns_zone_v2.primary_project_dns_zone"
|
|
||||||
]
|
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
|
@ -65,7 +62,7 @@
|
||||||
"attributes": {
|
"attributes": {
|
||||||
"attributes": {},
|
"attributes": {},
|
||||||
"description": "DNS primary zone for the d4s-dev-cloud project",
|
"description": "DNS primary zone for the d4s-dev-cloud project",
|
||||||
"disable_status_check": false,
|
"disable_status_check": null,
|
||||||
"email": "postmaster@isti.cnr.it",
|
"email": "postmaster@isti.cnr.it",
|
||||||
"id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488",
|
"id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488",
|
||||||
"masters": [],
|
"masters": [],
|
||||||
|
@ -78,7 +75,7 @@
|
||||||
"value_specs": null
|
"value_specs": null
|
||||||
},
|
},
|
||||||
"sensitive_attributes": [],
|
"sensitive_attributes": [],
|
||||||
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19"
|
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMCJ9"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
|
@ -118,7 +115,7 @@
|
||||||
"value_specs": null
|
"value_specs": null
|
||||||
},
|
},
|
||||||
"sensitive_attributes": [],
|
"sensitive_attributes": [],
|
||||||
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0="
|
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfSwic2NoZW1hX3ZlcnNpb24iOiIwIn0="
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
|
@ -140,12 +137,7 @@
|
||||||
"timeouts": null
|
"timeouts": null
|
||||||
},
|
},
|
||||||
"sensitive_attributes": [],
|
"sensitive_attributes": [],
|
||||||
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfSwic2NoZW1hX3ZlcnNpb24iOiIwIn0=",
|
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfSwic2NoZW1hX3ZlcnNpb24iOiIwIn0="
|
||||||
"dependencies": [
|
|
||||||
"openstack_networking_network_v2.main-private-network",
|
|
||||||
"openstack_networking_router_v2.external-router",
|
|
||||||
"openstack_networking_subnet_v2.main-private-subnet"
|
|
||||||
]
|
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
|
@ -180,14 +172,10 @@
|
||||||
"tenant_id": "e8f8ca72f30648a8b389b4e745ac83a9",
|
"tenant_id": "e8f8ca72f30648a8b389b4e745ac83a9",
|
||||||
"timeouts": null,
|
"timeouts": null,
|
||||||
"value_specs": null,
|
"value_specs": null,
|
||||||
"vendor_options": [
|
"vendor_options": []
|
||||||
{
|
|
||||||
"set_router_gateway_after_create": true
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
},
|
||||||
"sensitive_attributes": [],
|
"sensitive_attributes": [],
|
||||||
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0="
|
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfSwic2NoZW1hX3ZlcnNpb24iOiIwIn0="
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
|
@ -240,10 +228,7 @@
|
||||||
"value_specs": null
|
"value_specs": null
|
||||||
},
|
},
|
||||||
"sensitive_attributes": [],
|
"sensitive_attributes": [],
|
||||||
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=",
|
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfSwic2NoZW1hX3ZlcnNpb24iOiIwIn0="
|
||||||
"dependencies": [
|
|
||||||
"openstack_networking_network_v2.main-private-network"
|
|
||||||
]
|
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
|
@ -79,7 +79,7 @@ variable "basic_services_ip" {
|
||||||
|
|
||||||
variable "main_haproxy_l7_ip" {
|
variable "main_haproxy_l7_ip" {
|
||||||
type = list(string)
|
type = list(string)
|
||||||
default = ["10.1.40.11", "10.1.40.12"]
|
default = ["10.1.28.50", "10.1.30.241"]
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1 +0,0 @@
|
||||||
../../common_setups/10-main-network.tf
|
|
|
@ -0,0 +1,89 @@
|
||||||
|
resource "openstack_dns_zone_v2" "primary_project_dns_zone" {
|
||||||
|
name = var.dns_zone.zone_name
|
||||||
|
email = var.dns_zone.email
|
||||||
|
description = var.dns_zone.description
|
||||||
|
project_id = var.os_project_data.id
|
||||||
|
ttl = var.dns_zone.ttl
|
||||||
|
type = "PRIMARY"
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "openstack_networking_network_v2" "main-private-network" {
|
||||||
|
name = var.main_private_network.name
|
||||||
|
admin_state_up = "true"
|
||||||
|
external = "false"
|
||||||
|
description = var.main_private_network.description
|
||||||
|
dns_domain = var.dns_zone.zone_name
|
||||||
|
mtu = var.mtu_size
|
||||||
|
port_security_enabled = true
|
||||||
|
shared = false
|
||||||
|
region = var.main_region
|
||||||
|
tenant_id = var.os_project_data.id
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "openstack_networking_subnet_v2" "main-private-subnet" {
|
||||||
|
name = var.main_private_subnet.name
|
||||||
|
description = var.main_private_subnet.description
|
||||||
|
network_id = openstack_networking_network_v2.main-private-network.id
|
||||||
|
cidr = var.main_private_subnet.cidr
|
||||||
|
gateway_ip = var.main_private_subnet.gateway_ip
|
||||||
|
dns_nameservers = var.resolvers_ip
|
||||||
|
ip_version = 4
|
||||||
|
enable_dhcp = true
|
||||||
|
tenant_id = var.os_project_data.id
|
||||||
|
allocation_pool {
|
||||||
|
start = var.main_private_subnet.allocation_start
|
||||||
|
end = var.main_private_subnet.allocation_end
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "openstack_networking_router_v2" "external-router" {
|
||||||
|
name = var.external_router.name
|
||||||
|
description = var.external_router.description
|
||||||
|
external_network_id = var.external_network.id
|
||||||
|
tenant_id = var.os_project_data.id
|
||||||
|
enable_snat = true
|
||||||
|
vendor_options {
|
||||||
|
set_router_gateway_after_create = true
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
# Router interface configuration
|
||||||
|
resource "openstack_networking_router_interface_v2" "private-network-routing" {
|
||||||
|
router_id = openstack_networking_router_v2.external-router.id
|
||||||
|
# router_id = var.external_router.id
|
||||||
|
subnet_id = openstack_networking_subnet_v2.main-private-subnet.id
|
||||||
|
}
|
||||||
|
|
||||||
|
locals {
|
||||||
|
acme_challenge_recordset_name = "_acme-challenge.${var.dns_zone.zone_name}"
|
||||||
|
acme_challenge_delegation = "_acme-challenge.d4science.net."
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "openstack_dns_recordset_v2" "acme_challenge_recordset" {
|
||||||
|
zone_id = openstack_dns_zone_v2.primary_project_dns_zone.id
|
||||||
|
name = local.acme_challenge_recordset_name
|
||||||
|
description = "ACME challenge delegation"
|
||||||
|
ttl = 8600
|
||||||
|
type = "CNAME"
|
||||||
|
records = ["_acme-challenge.d4science.net."]
|
||||||
|
}
|
||||||
|
|
||||||
|
output "main_private_network_id" {
|
||||||
|
description = "Main private network id"
|
||||||
|
value = openstack_networking_network_v2.main-private-network.id
|
||||||
|
}
|
||||||
|
|
||||||
|
output "main_subnet_network_id" {
|
||||||
|
description = "Main subnet network id"
|
||||||
|
value = openstack_networking_subnet_v2.main-private-subnet.id
|
||||||
|
}
|
||||||
|
|
||||||
|
output "dns_zone_id" {
|
||||||
|
description = "Id of the new DNS zone"
|
||||||
|
value = openstack_dns_zone_v2.primary_project_dns_zone.id
|
||||||
|
}
|
||||||
|
|
||||||
|
output "external_gateway_ip" {
|
||||||
|
description = "Public IP address of the external gateway"
|
||||||
|
value = openstack_networking_router_v2.external-router.external_fixed_ip[0].ip_address
|
||||||
|
}
|
|
@ -1 +1 @@
|
||||||
../../common_setups/ssh-keys.tf
|
../../modules/ssh_keys/ssh-keys.tf
|
|
@ -1,3 +1,13 @@
|
||||||
|
# Define required providers
|
||||||
|
terraform {
|
||||||
|
required_version = ">= 0.14.0"
|
||||||
|
required_providers {
|
||||||
|
openstack = {
|
||||||
|
source = "terraform-provider-openstack/openstack"
|
||||||
|
version = "~> 1.53.0"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
resource "openstack_dns_zone_v2" "primary_project_dns_zone" {
|
resource "openstack_dns_zone_v2" "primary_project_dns_zone" {
|
||||||
name = var.dns_zone.zone_name
|
name = var.dns_zone.zone_name
|
||||||
email = var.dns_zone.email
|
email = var.dns_zone.email
|
|
@ -0,0 +1,50 @@
|
||||||
|
# Global definitions
|
||||||
|
variable "main_region" {
|
||||||
|
type = string
|
||||||
|
default = "isti_area_pi_1"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "external_network" {
|
||||||
|
type = map(string)
|
||||||
|
default = {
|
||||||
|
name = "external-network"
|
||||||
|
id = "1d2ff137-6ff7-4017-be2b-0d6c4af2353b"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "floating_ip_pools" {
|
||||||
|
type = map(string)
|
||||||
|
default = {
|
||||||
|
main_public_ip_pool = "external-network"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "resolvers_ip" {
|
||||||
|
type = list(string)
|
||||||
|
default = ["146.48.29.97", "146.48.29.98", "146.48.29.99"]
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "mtu_size" {
|
||||||
|
type = number
|
||||||
|
default = 8942
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "availability_zones_names" {
|
||||||
|
type = map(string)
|
||||||
|
default = {
|
||||||
|
availability_zone_no_gpu = "cnr-isti-nova-a"
|
||||||
|
availability_zone_with_gpu = "cnr-isti-nova-gpu-a"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "ssh_sources" {
|
||||||
|
type = map(string)
|
||||||
|
default = {
|
||||||
|
s2i2s_vpn_1_cidr = "146.48.28.10/32"
|
||||||
|
s2i2s_vpn_2_cidr = "146.48.28.11/32"
|
||||||
|
d4s_vpn_1_cidr = "146.48.122.27/32"
|
||||||
|
d4s_vpn_2_cidr = "146.48.122.49/32"
|
||||||
|
shell_d4s_cidr = "146.48.122.95/32"
|
||||||
|
infrascience_net_cidr = "146.48.122.0/23"
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,95 @@
|
||||||
|
variable "os_project_data" {
|
||||||
|
type = map(string)
|
||||||
|
default = {
|
||||||
|
id = "e8f8ca72f30648a8b389b4e745ac83a9"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "dns_zone" {
|
||||||
|
type = map(string)
|
||||||
|
default = {
|
||||||
|
zone_name = "cloud-dev.d4science.org."
|
||||||
|
email = "postmaster@isti.cnr.it"
|
||||||
|
description = "DNS primary zone for the d4s-dev-cloud project"
|
||||||
|
ttl = 8600
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "dns_zone_id" {
|
||||||
|
# Set with the correct value after the setup is complete
|
||||||
|
default = ""
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "main_private_network" {
|
||||||
|
type = map(string)
|
||||||
|
default = {
|
||||||
|
name = "d4s-dev-cloud-main"
|
||||||
|
description = "D4Science DEV private network (use this as the main network)"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "main_private_network_id" {
|
||||||
|
# Set with the correct value after the setup is complete
|
||||||
|
default = ""
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "main_private_subnet" {
|
||||||
|
type = map(string)
|
||||||
|
default = {
|
||||||
|
name = "d4s-dev-cloud-sub"
|
||||||
|
description = "D4Science DEV main private subnet"
|
||||||
|
cidr = "10.1.28.0/22"
|
||||||
|
gateway_ip = "10.1.28.1"
|
||||||
|
allocation_start = "10.1.28.30"
|
||||||
|
allocation_end = "10.1.31.254"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "main_private_subnet_id" {
|
||||||
|
# Set with the correct value after the setup is complete
|
||||||
|
default = ""
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "external_router" {
|
||||||
|
type = map(string)
|
||||||
|
default = {
|
||||||
|
name = "d4s-dev-cloud-external-router"
|
||||||
|
description = "D4Science DEV main router"
|
||||||
|
id = "2ae28c5f-036b-45db-bc9f-5bab8fa3e914"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "basic_services_ip" {
|
||||||
|
type = map(string)
|
||||||
|
default = {
|
||||||
|
ca = "10.1.29.247"
|
||||||
|
ca_cidr = "10.1.29.247/32"
|
||||||
|
ssh_jump = "10.1.29.164"
|
||||||
|
ssh_jump_cidr = "10.1.29.164/32"
|
||||||
|
prometheus = "10.1.30.129"
|
||||||
|
prometheus_cidr = "10.1.30.129/32"
|
||||||
|
haproxy_l7_1 = "10.1.28.50"
|
||||||
|
haproxy_l7_1_cidr = "10.1.28.50/32"
|
||||||
|
haproxy_l7_2 = "10.1.30.241"
|
||||||
|
haproxy_l7_2_cidr = "10.1.30.241/32"
|
||||||
|
octavia_main = "10.1.28.227"
|
||||||
|
octavia_main_cidr = "10.1.28.227/32"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "main_haproxy_l7_ip" {
|
||||||
|
type = list(string)
|
||||||
|
default = ["10.1.28.50", "10.1.30.241"]
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "octavia_information" {
|
||||||
|
type = map(string)
|
||||||
|
default = {
|
||||||
|
main_lb_name = "lb-dev-l4"
|
||||||
|
main_lb_description = "Main L4 load balancer for the D4Science DEV"
|
||||||
|
octavia_flavor = "octavia_amphora-mvcpu-ha"
|
||||||
|
octavia_flavor_id = "394988b5-6603-4a1e-a939-8e177c6681c7"
|
||||||
|
main_lb_hostname = "main-lb"
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in New Issue