Compare commits

..

323 Commits

Author SHA1 Message Date
Andrea Dell'Amico 756d335c25
escriptorium resources. 2024-11-22 13:34:08 +01:00
Andrea Dell'Amico e182c49175
Open Prometheus to the s2i2s network. 2024-11-20 19:01:19 +01:00
Antonio Calanducci 407746d005 Merge branch 'main' of code-repo.d4science.org:InfraScience/infrastructure-as-code 2024-11-20 09:53:23 +01:00
Antonio Calanducci de73270c39 Rename seadatanet to seadatanet_ts 2024-11-20 09:52:33 +01:00
Andrea Dell'Amico 815bc8fb24
See #28235. CKAN test resources. 2024-11-18 19:53:29 +01:00
Giancarlo Panichi 83d7d0f7c9 Added giancarlo.panichi key to ubuntu1804 script 2024-11-18 17:50:07 +01:00
Antonio Calanducci aa73e69ec7 Update beacon dataset share volumes' size 2024-11-15 17:54:13 +01:00
Andrea Dell'Amico 31699a8ca2
Resources for the CKAN legacy VM. 2024-11-14 18:04:24 +01:00
Andrea Dell'Amico b6e3efb344
Add support for Ubuntu 24.04 at GARR. 2024-11-14 18:03:57 +01:00
Andrea Dell'Amico 2a3e70cea2
Remove Roberto's key and add the GC's one. 2024-11-14 18:03:34 +01:00
Andrea Dell'Amico 2dccec18a1
Project basic data of the garr-na region. 2024-11-14 16:00:28 +01:00
Giancarlo Panichi 969edb7f06 Updated resources for storagehub in dev 2024-11-12 15:15:45 +01:00
Andrea Dell'Amico d1173e3731
New state for the swarm in preprod. 2024-11-08 12:54:03 +01:00
Giancarlo Panichi b1c546eb60 Added storagehub4 in production 2024-11-08 11:46:46 +01:00
Giancarlo Panichi a91cab9e0b Deleted geoserver-2 on dev 2024-11-08 11:18:07 +01:00
Andrea Dell'Amico f7f3449472
Another attempt at the OVN load balancer. 2024-11-08 10:03:24 +01:00
Giancarlo Panichi c4e540673e Destroyed some unprovisioned services,
to reclaim space for StorageHub2 in prod
2024-11-07 18:40:18 +01:00
Giancarlo Panichi 83b57ee8cd Added StorageHub3 in production 2024-11-07 17:51:30 +01:00
Andrea Dell'Amico 5c2854ef55
Swarm pre: manila volume for portainer. 2024-11-06 19:43:43 +01:00
Andrea Dell'Amico 439944a380
Docker swarm in preprod. 2024-11-06 17:59:22 +01:00
Antonio Calanducci c890ac9cf7 update volume size for beacon argo dataset 2024-11-04 17:38:07 +01:00
Giancarlo Panichi 3339ea62d3 Added geoportal in preprod 2024-10-31 17:40:18 +01:00
Giancarlo Panichi 7c4730c9ae Added geoportal in preprod 2024-10-31 17:30:06 +01:00
Giancarlo Panichi 6afc75b2c0 Added geonetwork1 2024-10-31 12:13:28 +01:00
Giancarlo Panichi 7455dc273c Added geoserver1 in preprod 2024-10-31 11:46:04 +01:00
Francesco Mangiacrapa cf8fa3996b Created the geoportal-service plan for Prepoduction infra
Commented version = "-> 1.53.0 or 1.54.0" in the modules 'instance_with{out}_data_volume"
2024-10-22 15:07:58 +02:00
Andrea Dell'Amico cc9b584779
Orientdb: open the web interface to the internal network. 2024-10-11 16:58:56 +02:00
Francesco Mangiacrapa c0344587f5 Updated some comments 2024-10-10 17:16:08 +02:00
Francesco Mangiacrapa c95b326578 Updated variable name 2024-10-10 16:46:07 +02:00
Francesco Mangiacrapa faf9658f26 Created TF module "postgres"
Created TF project "ckan-catalogue-engines"
see #28235
2024-10-10 16:37:19 +02:00
Luca Frosini d79da0e5cd Added smart-executor state 2024-10-09 11:42:29 +02:00
Luca Frosini 10afd8d69c Added resource-registry state 2024-10-09 11:23:52 +02:00
Andrea Dell'Amico e57d2f0854
Configure cassandra debugging in preprod. 2024-10-07 15:58:39 +02:00
Andrea Dell'Amico 2013c4db19
Add a security rule to enable debugging via jump proxy. 2024-10-07 15:58:39 +02:00
Giancarlo Panichi c41dc6949d Added storagehub-3 in pre 2024-10-07 15:37:20 +02:00
Giancarlo Panichi f2c156e260 Added storagehub-3 in pre 2024-10-07 15:27:12 +02:00
Giancarlo Panichi 13f65d464a Added storagehub-4 2024-10-07 12:11:58 +02:00
Luca Frosini 87887cca2e Created OrientDB Terraform plan and terraformed VMs 2024-10-03 16:50:40 +02:00
Luca Frosini 48ffb45756 Add state of provisioned gCat VMs 2024-10-03 16:49:41 +02:00
Antonio Calanducci 0149137e82 Update emodnet physics hostname 2024-09-23 15:32:23 +02:00
Antonio Calanducci f9cb5ccc1a Add state after emodnet resource creation 2024-09-23 12:16:17 +02:00
Antonio Calanducci 7987219fa5 Add DNS record for Emodnet VM 2024-09-23 10:35:20 +02:00
Antonio Calanducci 954c2e2229 EMODNet VM creation 2024-09-20 08:58:44 +02:00
Giancarlo Panichi 2d70c409f9 Added geonetwork-recofi-rdb-pilot 2024-09-12 10:30:24 +02:00
Giancarlo Panichi b51677c0b7 Added geoserver-recofi-rdb-pilot 2024-09-11 17:54:35 +02:00
Giancarlo Panichi 0d90a25d48 Added registry recordset to dns 2024-07-30 12:33:45 +02:00
Giancarlo Panichi 9e6891733c Aggiunto icproxy in dev 2024-07-29 14:29:46 +02:00
Giancarlo Panichi 6dc65018c2 Added geoserver-2 2024-07-26 11:29:31 +02:00
Giancarlo Panichi 43418c2a0c Added geoserver-2 with Ubuntu 24.04 2024-07-26 11:26:31 +02:00
Giancarlo Panichi d693a68dad Decommission storagehub-2204-1 2024-07-24 16:16:03 +02:00
Andrea Dell'Amico 73161f2071
New state. 2024-07-22 11:14:38 +02:00
Giancarlo Panichi a494d283f9 Added storagehub-3 on Ubuntu 24.04 2024-07-19 17:45:49 +02:00
Marco Procaccini 75d73502d4 harbor tfstate aggiornato dopo plan e apply 2024-07-19 11:35:25 +02:00
Giancarlo Panichi e8bafeeaac Added storagehub-2204-1 on dev 2024-07-18 12:02:07 +02:00
Andrea Dell'Amico eeb703d8ae
harbor: security that allows postgresql connections. 2024-07-17 12:25:42 +02:00
Andrea Dell'Amico 7deabd2633
prod basic infrastructure: egress security group to reach postgresql. 2024-07-17 12:25:11 +02:00
Andrea Dell'Amico 4980f0ca33
Fix a typo. 2024-07-16 16:51:34 +02:00
Andrea Dell'Amico b5e666e8e3
Mongodb: add a swap volume. 2024-07-12 18:27:49 +02:00
Marco Procaccini c38b2b3b29 vm powerdns creata. Bug fix: udp port name 2024-07-11 14:06:55 +02:00
Marco Procaccini 455790e15b bug fix: rimosso keycloak 2024-07-11 12:08:28 +02:00
Marco Procaccini 14d713c6fd bug fix porta https 2024-07-11 11:57:05 +02:00
Marco Procaccini 63e1478d5b Merge branch 'main' of code-repo.d4science.org:InfraScience/infrastructure-as-code 2024-07-11 11:54:41 +02:00
Marco Procaccini 211198e2ee aggiunti security groups http e https su porta 80. Bug fix protocol upd security group 2024-07-11 11:54:35 +02:00
Antonio Calanducci 6cabc5631f Merge branch 'main' of code-repo.d4science.org:InfraScience/infrastructure-as-code 2024-07-11 11:46:15 +02:00
Antonio Calanducci e2ef4da000 add NFS share for beacon argo, cora_ts, cora_pr, seadatanet instances 2024-07-11 11:46:04 +02:00
Marco Procaccini 5f93ed0af2 first draft powerdns terraform plan 2024-07-11 11:35:14 +02:00
Marco Procaccini e51fe2f5e4 terraform state aggiornato 2024-07-10 12:35:13 +02:00
Andrea Dell'Amico 7fc04aa770
Harbor: fix the network configuration. 2024-07-10 11:59:45 +02:00
Marco Procaccini 15de6381bd aggiunto il terraform state 2024-07-10 11:27:23 +02:00
Marco Procaccini 573d156a1a Merge branch 'main' of code-repo.d4science.org:InfraScience/infrastructure-as-code 2024-07-09 19:58:44 +02:00
Marco Procaccini 7b8e09796d macchina harbor correttamente creata con anche record dns 2024-07-09 19:58:21 +02:00
Giancarlo Panichi b95dfefe80 Added public db 2024-07-09 18:07:58 +02:00
Giancarlo Panichi 875de807a1 Added public db 2024-07-09 17:00:52 +02:00
Marco Procaccini 747950287b network defined in the resource instance 2024-07-09 16:55:28 +02:00
Giancarlo Panichi 1e2b3b3df0 Added icproxy services 2024-07-09 12:05:14 +02:00
Andrea Dell'Amico 12f8cfd540
Create the object store bucket. 2024-07-08 19:10:20 +02:00
Andrea Dell'Amico 617fc043b9
harbor VM: do not choose the availability zone. 2024-07-08 19:04:01 +02:00
Andrea Dell'Amico bdd7def962
harbor: fix the networks and the security groups. 2024-07-08 19:02:36 +02:00
Andrea Dell'Amico 0f3657dd57
Add the postgresql network into the state output. 2024-07-08 18:56:56 +02:00
Marco Procaccini a6f396f86c primo draft harbor terraform 2024-07-08 17:18:46 +02:00
Antonio Calanducci 055837555d Merge branch 'main' of code-repo.d4science.org:InfraScience/infrastructure-as-code 2024-07-03 11:32:04 +02:00
Antonio Calanducci 92d648a782 add manila shares for 3 dataset of bluecloud beacon 2024-07-03 11:31:27 +02:00
Andrea Dell'Amico 52df91d983
Try to add ICMP to the load balancer. 2024-07-02 19:43:55 +02:00
Andrea Dell'Amico dbdee08c44
K8s resources at garr-ct1. 2024-07-02 17:56:51 +02:00
Andrea Dell'Amico e28b7ed747
See #27446. K8S VMs at garr-ct1. 2024-06-28 19:29:05 +02:00
Andrea Dell'Amico 380a173632
Fix the mongodb state. 2024-06-27 18:52:34 +02:00
Andrea Dell'Amico 7e16e70be9
Fixes #27671. Increase the size of storagehub. 2024-06-26 19:13:11 +02:00
Giancarlo Panichi 78d96bcae1 Added geoserver-itineris-downstream 2024-06-25 14:37:43 +02:00
Giancarlo Panichi 33db28370b Added geoserver itineris downstream 2024-06-25 12:09:32 +02:00
Giancarlo Panichi 1d125ce504 Dismissed geonetwork iotcss3 and geonetwork fisherieatlas
no longer necessary
2024-06-21 16:18:11 +02:00
Andrea Dell'Amico de011f40d5
Altro volume per l'istanza scilake di test. 2024-06-20 18:31:12 +02:00
Giancarlo Panichi d04758fea7 Added geonetwork-next 2024-06-20 15:57:59 +02:00
Giancarlo Panichi 04bf96d957 Destroyed geonetwork-prod 2024-06-20 15:43:44 +02:00
Giancarlo Panichi 2355136f59 Added geonetwork-next 2024-06-20 15:31:06 +02:00
Giancarlo Panichi 813097bde3 Added geoserver-next 2024-06-20 15:23:06 +02:00
Giancarlo Panichi 59a7a2d2df Added geoserver-next 2024-06-20 15:18:15 +02:00
Alfredo Oliviero 055fa0be10 state update for liferay lr61-01 2024-06-19 11:52:11 +02:00
Andrea Dell'Amico c1d2408ae8
Public IP address for the static web VM. 2024-06-19 11:50:44 +02:00
Andrea Dell'Amico e164eacf0d
More RAM for liferay in production. 2024-06-13 17:55:47 +02:00
Giancarlo Panichi ecdee82253 Created geoserver-itineris-ev 2024-06-12 15:09:25 +02:00
Andrea Dell'Amico 7356dd8a50
Fixes #27569. Add the main network interface as a port. 2024-06-07 14:59:41 +02:00
Andrea Dell'Amico c64e3be555
Added some outputs to use as data source. 2024-06-07 14:58:35 +02:00
Andrea Dell'Amico 2cd86e3b7f
Accounting datastudio with floating IP address. 2024-06-06 20:01:56 +02:00
Andrea Dell'Amico 5cef75cd2a
The plugin version changed. 2024-06-06 18:24:39 +02:00
Andrea Dell'Amico 703ef4da39
Resize the postgresql instances. 2024-06-06 18:10:59 +02:00
Andrea Dell'Amico 9ec3095aab
Ignore the .terraform.lock.hcl files. 2024-06-06 18:10:16 +02:00
Andrea Dell'Amico e91c8419b4
Keycloak resources in production. 2024-05-31 17:57:50 +02:00
Andrea Dell'Amico 3497ebb3c9
Octavia: increase the client and server data timeout. 2024-05-31 17:07:02 +02:00
Andrea Dell'Amico 6180c1f9db
Update of the keycloak-pre state. 2024-05-29 12:24:56 +02:00
Andrea Dell'Amico a28657c300
Keycloak in preproduction. 2024-05-28 18:56:24 +02:00
Andrea Dell'Amico c3ef9453ea
Keycloak: add a nfs share for backward compatibility. 2024-05-28 18:55:36 +02:00
Giancarlo Panichi 129878d111 Updated accounting dashboard db 2024-05-28 16:30:27 +02:00
Giancarlo Panichi 812b128dbd Added accounting-dashboard-db 2024-05-28 10:39:46 +02:00
Andrea Dell'Amico 2bd632462d
Fix the scilake intelcomp volumes. 2024-05-22 01:07:48 +02:00
Giancarlo Panichi 47a3844d57 Added geoserver for Itineris Clima 2024-05-21 18:20:16 +02:00
Andrea Dell'Amico bc1d5e5281
manila shares for scilake intelcomp. 2024-05-21 13:00:23 +02:00
Andrea Dell'Amico 4874c96c02
Remove the bluecloud-reiner-webodv, it was only a example. 2024-05-16 13:41:53 +02:00
Antonio Calanducci e2305629fd Add NFS share for FAIR-EASE webodv exporer (Reiner) 2024-05-16 13:19:51 +02:00
Andrea Dell'Amico 4c2175f26d
manila shares example for the new webodv. 2024-05-16 11:38:58 +02:00
Andrea Dell'Amico 947d0e68c1
Fix the paths of the modules in the manila shares. 2024-05-16 11:38:36 +02:00
Andrea Dell'Amico 28919e4d7f
Move the current manila shares into a subdirectory. 2024-05-16 11:38:05 +02:00
Andrea Dell'Amico a1b21fb06d
DNS record for the shinyproxy dev instance. 2024-05-15 18:22:33 +02:00
Giancarlo Panichi 2b598fbef4 Added aquacultureatlas geonetwork 2024-05-08 15:04:02 +02:00
Andrea Dell'Amico 66812fb3c2
New state for mongodb. 2024-05-02 19:31:53 +02:00
Andrea Dell'Amico 2b76a1b38e
Fix a state inconsistency. 2024-05-02 18:26:01 +02:00
Andrea Dell'Amico 9229d112ab
Add the output. 2024-05-02 18:26:01 +02:00
Andrea Dell'Amico c7d923ee90
d4science production: add the prometheus public IP address to the state. 2024-05-02 18:26:01 +02:00
Giancarlo Panichi 6dfdf42e30 Added static-web service 2024-04-29 16:54:58 +02:00
Giancarlo Panichi 13f5384652 Created static-web service 2024-04-29 16:31:51 +02:00
Giancarlo Panichi 30a112f8db Removed tunaatlas geoserver 2024-04-24 15:04:40 +02:00
Giancarlo Panichi a1f121aa35 Removed geonetwork for tunaatlas 2024-04-24 14:59:17 +02:00
Andrea Dell'Amico d50bff95bc
See #26245. security group for the port in the timescaledb network. 2024-04-22 15:22:41 +02:00
Andrea Dell'Amico d253ca51ee
dnet-scilake resources. 2024-04-20 21:48:08 +02:00
Andrea Dell'Amico f1e3fb26ee
More garr-ct1 environment. 2024-04-20 21:47:40 +02:00
Andrea Dell'Amico ae79f34b92
Definitions common to the GARR resources. 2024-04-20 21:47:09 +02:00
Andrea Dell'Amico d94ba84149
Fix the indentation. 2024-04-20 16:00:48 +02:00
Andrea Dell'Amico 0e8f6d3653
Add more data to the garr-ct1 setup. 2024-04-20 15:45:21 +02:00
Andrea Dell'Amico aafde5a308
Add the garr-ct1 basic configuration. 2024-04-20 15:33:50 +02:00
Giancarlo Panichi deae3baa38 Added access service in production 2024-04-19 14:08:10 +02:00
Andrea Dell'Amico 4c381a5059
Manila share for the itineris isotope swarm app. 2024-04-18 16:16:10 +02:00
Andrea Dell'Amico 4049730c23
Increase the liferay share. 2024-04-17 19:11:45 +02:00
Andrea Dell'Amico b4e18cdef4
Manila volume for the D4Science PgAdmin service in production. 2024-04-17 18:12:39 +02:00
Giancarlo Panichi 105b840628 Dismissed Ariadne geoserver 2024-04-11 11:12:06 +02:00
Giancarlo Panichi dc6910d711 Dismissed Ariadne geonetwork 2024-04-11 10:55:58 +02:00
Giancarlo Panichi 79ab1c58d3 Added geonetwork Gaia Blu Lab 2024-04-09 15:56:35 +02:00
Giancarlo Panichi bca283b4df Added geoserver itineris critical zone 2024-04-05 17:32:24 +02:00
Andrea Dell'Amico d781591a82
Add the open-asfa-test NFS shares. 2024-03-28 18:30:05 +01:00
Andrea Dell'Amico 5b2b419cb0
NFS share for the itineris pgadmin. 2024-03-28 18:29:00 +01:00
Giancarlo Panichi a3066e0e53 Added geonetwork-itineris
Removed geonetwork-itineris-carbon
2024-03-26 12:59:32 +01:00
Andrea Dell'Amico 3c04dace24
Manila shares for the dev CCP. 2024-03-25 16:45:15 +01:00
Andrea Dell'Amico c23c8c3f74
Fix the Keycload module, and configure keycloak in dev. 2024-03-25 16:45:15 +01:00
Antonio Calanducci d78bedb0f5 Add CNAME records in docker swarm stack for dev using terraform import 2024-03-22 17:39:43 +01:00
Antonio Calanducci de6291936b Add workspace to add DNS records for docker swarm stacks in dev env 2024-03-22 15:46:46 +01:00
Andrea Dell'Amico dcf1677e3a
liferay test endpoint. 2024-03-20 17:30:39 +01:00
Andrea Dell'Amico 8b71341eef
GRSF DNS recordset in preprod. 2024-03-20 17:29:59 +01:00
Andrea Dell'Amico 02d65992cd
Add the swarm storageNFS ip addresses to the dev variables. 2024-03-19 12:04:40 +01:00
Andrea Dell'Amico 1951f4fdf3
Add a CNAME to the prod socialservice. 2024-03-19 12:03:45 +01:00
Andrea Dell'Amico 5493908641
Lifeary: change the name of the NFS shares. 2024-03-18 18:02:57 +01:00
Andrea Dell'Amico 5c8fdfb305
Liferay: the NFS share is now a variable. 2024-03-18 18:02:30 +01:00
Andrea Dell'Amico 3996cd0d54
See #25861. recordset for the dev keycloak VM. 2024-03-18 15:19:42 +01:00
Marco Procaccini d872995840 gitignore update 2024-03-14 18:26:13 +01:00
Marco Procaccini 4f7ee3b8ea ssh key management dev 2024-03-14 18:25:04 +01:00
Marco Procaccini 4931767df7 access service 2024-03-14 18:24:34 +01:00
Marco Procaccini e979042e83 Access instance 2024-03-14 16:32:43 +01:00
Luca Frosini 81ebb70d04 Terraformed grsf-publisher instances 2024-03-12 17:38:04 +01:00
Andrea Dell'Amico 75c6d4e9b1
Liferay resources in production. 2024-03-12 15:23:39 +01:00
Andrea Dell'Amico 89892d29b4
VMs for the social service in production. 2024-03-12 12:00:21 +01:00
Andrea Dell'Amico e930a2d8f0
Add cassandra in production. 2024-03-12 11:53:36 +01:00
Luca Frosini ac9bbdc2e3 accounting service VMs has been created 2024-03-08 11:06:32 +01:00
Andrea Dell'Amico 26efafdfd5
See #26997. New CNAME for the workspace-repository. 2024-03-06 17:16:02 +01:00
Andrea Dell'Amico e7ec7726c8
Add outputs to timescaledb in production. 2024-03-05 19:11:37 +01:00
Andrea Dell'Amico 03a62144a7
liferay preprod: add the timescaledb network. 2024-03-05 19:01:52 +01:00
Andrea Dell'Amico c0a6b56150
liferay module: manage the timescaledb network. 2024-03-05 19:01:26 +01:00
Andrea Dell'Amico 8b05c335dd
manila shares for swarm stacks. 2024-03-05 18:34:15 +01:00
Andrea Dell'Amico 7204c84c36
Add outputs to timescaledb. 2024-03-05 18:33:26 +01:00
Giancarlo Panichi 74e62730fe Added uri-resolver in production 2024-02-27 12:30:18 +01:00
Giancarlo Panichi cdf653c293 Added uri-resolver in preprod 2024-02-27 11:52:10 +01:00
Giancarlo Panichi c56cf21862 Added Ariadne service in prod 2024-02-26 17:17:11 +01:00
Giancarlo Panichi d3a7219766 Created plan for graphdb Ariadne 2024-02-26 16:21:16 +01:00
Andrea Dell'Amico 4a9a96186b
Fix the swarm port in the NFS network. 2024-02-21 10:55:10 +01:00
Andrea Dell'Amico 128586a63d
Add ports to the Share NFS network. 2024-02-20 19:25:25 +01:00
Andrea Dell'Amico d66efc4b8f
Permit UDP and IGMP traffic between the liferay nodes 2024-02-20 12:45:24 +01:00
Andrea Dell'Amico 64f78b2ca5
Add swarm data to the outputs 2024-02-19 19:40:37 +01:00
Giancarlo Panichi f7aea54a8d Updated dataminer instances in preprod 2024-02-19 15:10:49 +01:00
Giancarlo Panichi a0583c6ede Updated plan for dataminers in preprod 2024-02-19 15:06:22 +01:00
Giancarlo Panichi e3eb37ad30 Created instances of authorization in production 2024-02-19 14:56:00 +01:00
Giancarlo Panichi c01ab61bf7 Added plan for Authorization in production 2024-02-19 14:32:53 +01:00
Giancarlo Panichi 675b8aebad Create instance of authorization in preprod 2024-02-19 12:33:45 +01:00
Giancarlo Panichi e90ac474f3 Added plan for authorization in preprod 2024-02-19 12:30:56 +01:00
Giancarlo Panichi 67b9720579 Added authorization service in dev 2024-02-15 18:49:18 +01:00
Giancarlo Panichi 73a0ef566a Added security group dataminer_publish 2024-02-15 17:35:27 +01:00
Andrea Dell'Amico 0c746b807a
timescaledb preprod. 2024-02-14 16:35:53 +01:00
Giancarlo Panichi 887bf54393 Added CNAME for dataminer load balancers 2024-02-13 12:44:49 +01:00
Giancarlo Panichi ae09c220a5 Added CNAME for dataminer load balancers 2024-02-13 12:41:48 +01:00
Andrea Dell'Amico 8b69d03a73
See #26699. worspace-repository CNAME in preprod. 2024-02-07 17:05:19 +01:00
Andrea Dell'Amico b44b80108a
Change the mongodb ACL. Introduce the use of modules. 2024-02-07 12:06:45 +01:00
Giancarlo Panichi 29225b27d3 Added storagehub in production 2024-02-06 17:28:36 +01:00
Giancarlo Panichi 8a52dd1bbd Added geonetwork Itineris Carbon in production 2024-02-05 16:10:24 +01:00
Giancarlo Panichi 6db6c0cc96 Added geonetwork Itineris Carbon in production 2024-02-05 15:45:20 +01:00
Giancarlo Panichi 2ee09cda73 Added GeoServer Itineris Carbon in production 2024-02-05 15:20:00 +01:00
Giancarlo Panichi 3b6d088b45 Added Geoserver Itineris Carbon in production 2024-02-05 15:17:06 +01:00
Giancarlo Panichi f9f4280964 Added StorageHub in preprod 2024-02-02 17:48:53 +01:00
Giancarlo Panichi a924670f21 Added storagehub in preprod 2024-02-02 17:44:53 +01:00
Andrea Dell'Amico ace1f66e85
Move the outputs into a separate file. 2024-01-31 16:23:32 +01:00
Andrea Dell'Amico 4267a5b1d0
Redmine: instance in dev. 2024-01-31 16:15:18 +01:00
Andrea Dell'Amico 8004f8bdf8
Add the StorageNFS information to the state. 2024-01-31 16:00:55 +01:00
Giancarlo Panichi 09b1a6666f Created thredds in production 2024-01-31 11:33:06 +01:00
Giancarlo Panichi 6d9946cef4 Added thredds in production 2024-01-31 11:21:50 +01:00
Andrea Dell'Amico 134035acd0
Add the NFS network Id to the state. 2024-01-30 19:02:45 +01:00
Andrea Dell'Amico f2c51abfae
Add a global security group for the NFS ports. 2024-01-30 18:41:04 +01:00
Giancarlo Panichi a4a7feefef Added thredds on preprod 2024-01-30 17:41:26 +01:00
Francesco Mangiacrapa aea78fe1e6 Merge branch 'main' of https://code-repo.d4science.org/InfraScience/infrastructure-as-code into main 2024-01-30 15:47:13 +01:00
Francesco Mangiacrapa d238b1d48a Added DNS CNAME 2024-01-30 15:46:34 +01:00
Andrea Dell'Amico dfcb50a591
New gCore DNS records. 2024-01-30 15:34:38 +01:00
Francesco Mangiacrapa aa6f61631c Created geoportal project as terraform plan 2024-01-30 15:24:06 +01:00
Andrea Dell'Amico 15a757cda9
State of thredds in dev. 2024-01-30 12:50:27 +01:00
Giancarlo Panichi ed0aae9193 Added thredds in dev 2024-01-30 11:58:50 +01:00
Giancarlo Panichi a7cdac378a Updated networks for sdi servers 2024-01-26 16:05:08 +01:00
Giancarlo Panichi fea258ce73 Added sdi service in preprod 2024-01-26 13:00:10 +01:00
Giancarlo Panichi 420a8ff4ec Added sdi service in preprod 2024-01-26 12:48:09 +01:00
Giancarlo Panichi 6378bc9f1a Updated sdi1 server in production 2024-01-26 12:19:35 +01:00
Andrea Dell'Amico 04cfbffcc2
Stato di sdi in production. 2024-01-25 15:40:32 +01:00
Giancarlo Panichi 3c43bc19a6 Created SDI service in production 2024-01-25 13:01:41 +01:00
Giancarlo Panichi f7f1e5c99a Added sdi service in production 2024-01-25 12:51:33 +01:00
Giancarlo Panichi d764f2a9a4 Added SDI service on production 2024-01-25 12:40:16 +01:00
Andrea Dell'Amico b5c10f29c0
Stato del geoserver di produzione. 2024-01-25 12:04:11 +01:00
Giancarlo Panichi d137dc08a8 Added geoserver in preprod 2024-01-25 10:53:34 +01:00
Giancarlo Panichi 61cfd620a9 Created geonetwork on preprod 2024-01-24 17:50:09 +01:00
Giancarlo Panichi e905311290 Added geonetwork in preprod 2024-01-24 15:17:31 +01:00
Ahmed Salah Tawfik Ibrahim d60addbe6d Social Service Terraform 2024-01-23 14:26:50 +01:00
Giancarlo Panichi a837085f39 Created dataminer services on preprod 2024-01-22 12:48:09 +01:00
Andrea Dell'Amico 4a59deaffe
social service in preproduction. 2024-01-19 19:05:15 +01:00
Andrea Dell'Amico 896540b09b
Add the cassandra network name to the variables. 2024-01-19 18:20:51 +01:00
Giancarlo Panichi bbd8fbd779 Updated dataminers in preprod 2024-01-19 18:19:41 +01:00
Giancarlo Panichi f63c6b6170 Updated dataminer in preprod 2024-01-19 17:34:20 +01:00
Giancarlo Panichi 6dd09b8bdd Updated dataminers for preprod 2024-01-19 17:27:24 +01:00
Giancarlo Panichi 97ae76b956 Merge pull request 'Added plan for dataminer in preproduction' (#19) from feature/26452 into main
Reviewed-on: InfraScience/infrastructure-as-code#19
2024-01-19 16:44:44 +01:00
Giancarlo Panichi 9a70cb4c1d Added plan for dataminer in preproduction 2024-01-19 16:43:27 +01:00
Andrea Dell'Amico 5038d6540b
See #26405. Recordsets for the gCore services in production. 2024-01-18 17:52:59 +01:00
Giancarlo Panichi 5ba4e41806 Added CNAME to geoservers 2024-01-18 10:59:00 +01:00
Giancarlo Panichi 3709672723 Added cname to geoserver 2024-01-18 10:23:31 +01:00
Andrea Dell'Amico 039e6ab61b
Cassandra resources in preproduction. 2024-01-17 19:53:57 +01:00
Andrea Dell'Amico a62eed1717
Module that manages the cassandra VMs and subnet. 2024-01-17 19:53:05 +01:00
Giancarlo Panichi 203096196f Added dns info to geonetworks 2024-01-17 18:01:30 +01:00
Giancarlo Panichi 5dc940b52f Recreated Dataminer istances 2024-01-17 17:19:02 +01:00
Giancarlo Panichi c005d9cc45 Destroy dataminer istances 2024-01-17 17:06:09 +01:00
Giancarlo Panichi 23f7512cb4 Merge pull request 'feature/26282' (#18) from feature/26282 into main
Reviewed-on: InfraScience/infrastructure-as-code#18
2024-01-17 15:38:02 +01:00
Giancarlo Panichi 2184f5691b Added volume size 2024-01-17 15:36:16 +01:00
Giancarlo Panichi 7d88cba937 Changed volume size of istances 2024-01-17 15:30:10 +01:00
Giancarlo Panichi 94d96f674c Changed volume size of instances 2024-01-17 15:26:17 +01:00
Francesco Mangiacrapa 21a81ad956 Added (optional) parameter to set the volume size of the VM. Default value is 10 (GB) 2024-01-17 12:15:48 +01:00
Francesco Mangiacrapa 1f0274453f Applied plan for geonetwork-globalfisheriesatlas 2024-01-16 11:55:19 +01:00
Francesco Mangiacrapa c9a0c6d6b2 Added module dns_resources. Using it into geonetwork project 2024-01-16 11:03:06 +01:00
Andrea Dell'Amico 0da976e4c1
Add the 'default' security group to the docker swarm worker nodes. 2024-01-15 13:33:28 +01:00
Andrea Dell'Amico d3aa2288fe
Update the production state. 2024-01-15 12:44:41 +01:00
Andrea Dell'Amico 4a6da9f626
Add - commented - the availability zone to octavia. 2024-01-11 19:13:41 +01:00
Andrea Dell'Amico c412be26fc
Change the grafana's IP address. 2024-01-11 19:11:50 +01:00
Luca Frosini 6de6e2e941 Changed name for instance ofr GRSF VRE 2024-01-11 12:12:11 +01:00
Luca Frosini ef54dbc3f9 Changed plan for grsf-publisher service 2024-01-11 12:09:43 +01:00
Andrea Dell'Amico 117b0e7907
preprod liferay: recordset and s3 container. 2023-12-21 13:30:17 +01:00
Andrea Dell'Amico 8ac57eeb42
preprod: add outputs to the project setup. 2023-12-21 13:29:48 +01:00
Andrea Dell'Amico 33df04e799
Ignore the modifications to the VM networks. 2023-12-19 14:51:53 +01:00
Andrea Dell'Amico 7d61ffdc16
Fix the basic infra in preproduction. 2023-12-19 13:31:36 +01:00
Andrea Dell'Amico 2adc683253
Fix the prod global setup. 2023-12-19 13:05:00 +01:00
Luca Frosini 718bf0a358 Recreated resource-regsitry instances 2023-12-18 17:02:48 +01:00
Luca Frosini c095dbd484 Merge branch 'main' of code-repo.d4science.org:InfraScience/infrastructure-as-code 2023-12-18 16:32:13 +01:00
Luca Frosini a40489c691 VMs destroyed and recreated 2023-12-18 16:32:02 +01:00
Giancarlo Panichi f335e011a7 Apply DataMiner plan 2023-12-18 16:11:17 +01:00
Giancarlo Panichi 03297ed835 Merge pull request 'feature/26281' (#17) from feature/26281 into main
Reviewed-on: InfraScience/infrastructure-as-code#17
2023-12-18 15:57:05 +01:00
Luca Frosini d7c9e1fdbf Created grsf-publisher instances 2023-12-18 15:24:11 +01:00
Luca Frosini 68bb61e45c gcat-service instances 2023-12-18 15:20:44 +01:00
Luca Frosini 749a0655d7 Created accounting-service instances 2023-12-18 15:18:18 +01:00
Luca Frosini aa47cb9757 Applied refactored smart-executor instances 2023-12-18 15:15:31 +01:00
Giancarlo Panichi cbc2a387a9 Created DataMiner plan 2023-12-18 11:01:49 +01:00
Giancarlo Panichi a1dfe6020b Created DataMiner plan 2023-12-18 11:00:39 +01:00
Luca Frosini d3379e61da Increased smart c1_small smart-executor VMs to m1_medium 2023-12-18 10:01:58 +01:00
Giancarlo Panichi 9e65013730 Created DataMiner Plan 2023-12-15 18:30:06 +01:00
Giancarlo Panichi e55b16404d Created DataMiner plan 2023-12-15 18:12:22 +01:00
Giancarlo Panichi 54dc0b38ff Created Dataminer plan 2023-12-15 18:09:26 +01:00
Andrea Dell'Amico 723ef7e3b2
Import the keycloak bucket. 2023-12-15 16:09:58 +01:00
Andrea Dell'Amico 78ee369ea5 Merge pull request 'Added `keycloak` and `nubis*` mini-cluster do `dev`' (#16) from mauro.mugnaini/infrastructure-as-code:main into main
Reviewed-on: InfraScience/infrastructure-as-code#16
2023-12-15 12:29:27 +01:00
Mauro Mugnaini 571ba60aba
`nubis*` mini-cliuster added in `dev` 2023-12-15 11:01:24 +01:00
Mauro Mugnaini 0cda469a6f
`keycloak` for `dev` added 2023-12-15 11:00:37 +01:00
Andrea Dell'Amico fda690fc94
geoserver and smartexecutor in production. 2023-12-14 18:18:21 +01:00
Andrea Dell'Amico 4d13bc6c15
Fix the state of production. 2023-12-14 14:29:28 +01:00
Luca Frosini 0697704d18 Switched using state variable 2023-12-14 14:22:35 +01:00
Luca Frosini 43be7b490f Using state for networks and security_groups 2023-12-14 14:19:40 +01:00
Luca Frosini 07ba2fefe1 Fixed security groups 2023-12-14 14:13:52 +01:00
Luca Frosini f3bb21cba9 Getting security groups from state 2023-12-14 13:55:59 +01:00
Andrea Dell'Amico 8ef11f0446
Do not rebuild instances when the ssh_key or user_data change. 2023-12-14 12:55:20 +01:00
Andrea Dell'Amico bd48be7ea7
Fix the variable of the load balancer security group. 2023-12-14 12:48:10 +01:00
Luca Frosini 75b6367e1f Using variable from state 2023-12-14 12:13:43 +01:00
Giancarlo Panichi fb2ad871b3 Merge pull request 'Updated geoserver configuration for prod' (#15) from feature/26232 into main
Reviewed-on: InfraScience/infrastructure-as-code#15
2023-12-14 11:00:44 +01:00
Giancarlo Panichi 91136abe74 Updated geoserver configuration for prod 2023-12-14 10:58:45 +01:00
Andrea Dell'Amico d3811d01ee
Fix the state in the dev environment. 2023-12-13 19:40:16 +01:00
Andrea Dell'Amico 2119ef9ac2
Create the geonetworks. 2023-12-13 18:57:23 +01:00
Andrea Dell'Amico 272fe6ab34
New state for the resource registry. 2023-12-13 18:23:34 +01:00
Andrea Dell'Amico 444ba8cd81
Fix the security groups definitions. 2023-12-13 18:20:56 +01:00
Andrea Dell'Amico 76a9517cc9
orientdb in production. 2023-12-13 18:08:53 +01:00
Andrea Dell'Amico 5548041553
Fixes to the orientdb module. 2023-12-13 18:08:24 +01:00
Andrea Dell'Amico fe5fcfeb37
Fixed the formatting. 2023-12-13 17:17:42 +01:00
Andrea Dell'Amico b300ee7bf0
timescaledb: the affinity policy is now a variable. 2023-12-13 16:55:40 +01:00
Andrea Dell'Amico 13289bc6f8
Use the remote data source. 2023-12-13 16:06:45 +01:00
Giancarlo Panichi bf6847de2b Merge pull request 'Added geoserver and geonetwork for' (#14) from feature/26232 into main
Reviewed-on: InfraScience/infrastructure-as-code#14
2023-12-13 15:34:16 +01:00
Giancarlo Panichi f819872a18 Added geoserver and geonetwork for
MEI and Global Fisheries Atlas
2023-12-13 15:31:50 +01:00
Giancarlo Panichi 2ca84ac6eb Merge pull request 'Updated GeoServer Terraform plan' (#13) from feature/26232 into main
Reviewed-on: InfraScience/infrastructure-as-code#13
2023-12-13 15:08:30 +01:00
Giancarlo Panichi 62cbe65b5f Updated GeoServer Terraform plan 2023-12-13 15:05:37 +01:00
Luca Frosini bb4d89e5b6 Added terrafomr plan for grs-publisher service in pre and prod 2023-12-13 11:12:29 +01:00
Luca Frosini 6a5e4ad3b9 Terraformed grsf-publisher instances 2023-12-13 11:12:07 +01:00
Luca Frosini 0db95c114f Created terraform-plan for accounting-service 2023-12-12 18:16:12 +01:00
Giancarlo Panichi 695d0bb246 Merge pull request 'feature/25884' (#12) from feature/25884 into main
Reviewed-on: InfraScience/infrastructure-as-code#12
2023-12-12 18:06:40 +01:00
Luca Frosini 137d87c8da Added terraform state 2023-12-12 14:00:48 +01:00
Andrea Dell'Amico 8443fc033f
Fix the timescaledb instance names. 2023-12-11 22:36:05 +01:00
Andrea Dell'Amico 30ef362dd2
Fix a typo. 2023-12-11 22:30:46 +01:00
Andrea Dell'Amico 152078876a
Change the volume size of the prod timescaledb. 2023-12-11 22:28:28 +01:00
Andrea Dell'Amico 6dcc7c7a01
Convert timescaledb and a bit of the resource registry module. 2023-12-11 22:15:33 +01:00
Andrea Dell'Amico 6809103372
Rework the common and production variables. 2023-12-11 22:12:54 +01:00
Andrea Dell'Amico 864322d3a1
Fix the project setup module and the production configuration. 2023-12-11 22:12:07 +01:00
Andrea Dell'Amico a7fa0fd898
The terraform provider was left out from the previous commit. 2023-12-11 18:22:19 +01:00
Andrea Dell'Amico 9a87860105
The production project-setup now uses modules. 2023-12-11 18:16:52 +01:00
Andrea Dell'Amico db59cf45a1
Proper module for the main network and dns zone. 2023-12-11 18:15:58 +01:00
Andrea Dell'Amico b00237ae03
Cleanup the production vars and the project setup tasks. 2023-12-11 13:49:45 +01:00
Giancarlo Panichi 5acc78ca99 Merge pull request 'feature/25884' (#11) from feature/25884 into main
Reviewed-on: InfraScience/infrastructure-as-code#11
2023-12-11 11:41:08 +01:00
391 changed files with 160655 additions and 1983 deletions

2
.gitignore vendored
View File

@ -1,6 +1,7 @@
# ---> Terraform # ---> Terraform
# Local .terraform directories # Local .terraform directories
**/.terraform/* **/.terraform/*
**/.terraform.lock.hcl
# .tfstate files # .tfstate files
# *.tfstate # *.tfstate
@ -46,3 +47,4 @@ terraform.rc
*.lock.hcl *.lock.hcl
.project .project
openstack-tf/modules/ssh-key-ref/terraform.tfstate

View File

@ -0,0 +1,98 @@
# Define required providers
terraform {
required_version = ">= 0.14.0"
required_providers {
openstack = {
source = "terraform-provider-openstack/openstack"
version = "~> 1.53.0"
}
}
}
data "terraform_remote_state" "privnet_dns_router" {
backend = "local"
config = {
path = "../project-setup/terraform.tfstate"
}
}
#
# Uses common_variables as module
#
module "common_variables" {
source = "../../modules/common_variables"
}
# Module used
module "ssh_settings" {
source = "../../modules/ssh-key-ref"
}
# Instances
resource "openstack_compute_instance_v2" "access_service_dev" {
name = "access"
availability_zone_hints = module.common_variables.availability_zone_no_gpu_name
flavor_name = module.common_variables.flavor_list.m1_medium
key_pair = module.ssh_settings.ssh_key_name
security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers]
block_device {
uuid = module.common_variables.ubuntu_1804.uuid
source_type = "image"
volume_size = 30
boot_index = 0
destination_type = "volume"
delete_on_termination = false
}
# Creates the networks according to input networks
dynamic "network" {
for_each = toset([data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name])
content {
name = network.value
}
}
# user_data script used
user_data = file("${module.common_variables.ubuntu_1804.user_data_file}")
# Do not replace the instance when the ssh key changes
lifecycle {
ignore_changes = [
# Ignore changes to tags, e.g. because a management agent
# updates these based on some ruleset managed elsewhere.
key_pair, user_data, network
]
}
}
locals {
cname_target = "main-lb.${data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name}"
}
#
# Add DNS record/s
#
module "dns_records_create" {
source = "../../modules/dns_resources"
dns_resources_map = {
access_service_dev = {
zone_id = data.terraform_remote_state.privnet_dns_router.outputs.dns_zone_id
name = join(".", ["access", data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name])
description = "Access access"
ttl = 8600
type = "CNAME"
records = [local.cname_target]
}
}
}

View File

@ -0,0 +1,512 @@
{
"version": 4,
"terraform_version": "1.7.4",
"serial": 25,
"lineage": "b02df62e-fde6-6c33-ed5c-624a54e2b07d",
"outputs": {},
"resources": [
{
"mode": "data",
"type": "terraform_remote_state",
"name": "privnet_dns_router",
"provider": "provider[\"terraform.io/builtin/terraform\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"backend": "local",
"config": {
"value": {
"path": "../project-setup/terraform.tfstate"
},
"type": [
"object",
{
"path": "string"
}
]
},
"defaults": null,
"outputs": {
"value": {
"almalinux_9": {
"name": "AlmaLinux-9.0-20220718",
"uuid": "541650fc-dd19-4f38-bb1d-7333ed9dd688"
},
"availability_zone_no_gpu_name": "cnr-isti-nova-a",
"availability_zone_with_gpu_name": "cnr-isti-nova-gpu-a",
"availability_zones_names": {
"availability_zone_no_gpu": "cnr-isti-nova-a",
"availability_zone_with_gpu": "cnr-isti-nova-gpu-a"
},
"basic_services_ip": {
"ca": "10.1.29.247",
"ca_cidr": "10.1.29.247/32",
"haproxy_l7_1": "10.1.28.50",
"haproxy_l7_1_cidr": "10.1.28.50/32",
"haproxy_l7_2": "10.1.30.241",
"haproxy_l7_2_cidr": "10.1.30.241/32",
"octavia_main": "10.1.28.227",
"octavia_main_cidr": "10.1.28.227/32",
"prometheus": "10.1.30.129",
"prometheus_cidr": "10.1.30.129/32",
"ssh_jump": "10.1.29.164",
"ssh_jump_cidr": "10.1.29.164/32"
},
"centos_7": {
"name": "CentOS-7",
"uuid": "f0187a99-64f6-462a-ab5f-ef52fe62f2ca"
},
"default_security_group_name": "default",
"dns_zone": {
"description": "DNS primary zone for the d4s-dev-cloud project",
"email": "postmaster@isti.cnr.it",
"ttl": "8600",
"zone_name": "cloud-dev.d4science.org."
},
"dns_zone_id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488",
"el7_data_file": "../../openstack_vm_data_scripts/el7.sh",
"external_gateway_ip": [
{
"ip_address": "146.48.31.109",
"subnet_id": "57f87509-4016-46fb-b8c3-25fca7f72ccb"
}
],
"external_network": {
"id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b",
"name": "external-network"
},
"external_network_id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b",
"external_router": {
"description": "D4Science DEV main router",
"id": "2ae28c5f-036b-45db-bc9f-5bab8fa3e914",
"name": "d4s-dev-cloud-external-router"
},
"flavor_list": {
"c1_large": "c1.large",
"c1_medium": "c1.medium",
"c1_small": "c1.small",
"c2_large": "c2.large",
"m1_large": "m1.large",
"m1_medium": "m1.medium",
"m1_xlarge": "m1.xlarge",
"m1_xxl": "m1.xxl",
"m2_large": "m2.large",
"m2_medium": "m2.medium",
"m2_small": "m2.small",
"m3_large": "m3.large"
},
"floating_ip_pools": {
"main_public_ip_pool": "external-network"
},
"haproxy_l7_data": {
"flavor": "m1.medium",
"haproxy_1": "haproxy-l7-1",
"haproxy_2": "haproxy-l7-2",
"name": "main-haproxy-l7",
"vm_count": "2"
},
"internal_ca_data": {
"flavor": "m1.small",
"name": "ca"
},
"main_haproxy_l7_ip": [
"10.1.28.50",
"10.1.30.241"
],
"main_private_network": {
"description": "D4Science DEV private network (use this as the main network)",
"name": "d4s-dev-cloud-main"
},
"main_private_network_id": "e0af5eba-f24a-4d0d-8184-bc654b980c4a",
"main_private_subnet": {
"allocation_end": "10.1.31.254",
"allocation_start": "10.1.28.30",
"cidr": "10.1.28.0/22",
"description": "D4Science DEV main private subnet",
"gateway_ip": "10.1.28.1",
"name": "d4s-dev-cloud-sub"
},
"main_region": "isti_area_pi_1",
"main_subnet_network_id": "2aa977f2-80b4-447c-a6b0-dfa06bf68751",
"mtu_size": 8942,
"networks_list": {
"cassandra": "cassandra-net",
"orientdb": "orientdb-net",
"orientdb_se": "orientdb-se-net",
"shared_postgresql": "postgresql-srv-net",
"swarm": "swarm-nfs-net",
"timescaledb": "timescaledb-net"
},
"networks_with_d4s_services": {
"garr_ct1_net": "90.147.166.0/23",
"garr_na_net": "90.147.152.0/24",
"garr_pa1_net": "90.147.188.0/23",
"infrascience_net": "146.48.122.0/23",
"isti_net": "146.48.80.0/21",
"s2i2s_net": "146.48.28.0/22"
},
"nfs_share_no_ingress_secgroup_id": "5887da8d-e362-4509-93ac-8a70bf8baef9",
"octavia_information": {
"main_lb_description": "Main L4 load balancer for the D4Science DEV",
"main_lb_hostname": "main-lb",
"main_lb_name": "lb-dev-l4",
"octavia_flavor": "octavia_amphora-mvcpu-ha",
"octavia_flavor_id": "394988b5-6603-4a1e-a939-8e177c6681c7"
},
"os_project_data": {
"id": "e8f8ca72f30648a8b389b4e745ac83a9"
},
"policy_list": {
"affinity": "affinity",
"anti_affinity": "anti-affinity",
"soft_affinity": "soft-affinity",
"soft_anti_affinity": "soft-anti-affinity"
},
"prometheus_server_data": {
"flavor": "m1.medium",
"name": "prometheus",
"public_grafana_server_cidr": "146.48.28.103/32",
"vol_data_device": "/dev/vdb",
"vol_data_name": "prometheus-data",
"vol_data_size": "100"
},
"resolvers_ip": [
"146.48.29.97",
"146.48.29.98",
"146.48.29.99"
],
"resource_registry_addresses": {},
"security_group_list": {
"acaland": "acaland's dev machine",
"access_to_orientdb": "access_to_orientdb",
"access_to_orientdb_se": "access_to_orientdb_se",
"access_to_the_timescaledb_service": "access_to_the_timescaledb_service",
"cassandra": "Cassandra",
"dataminer-publish": "dataminer-publish",
"debugging_from_jump_node": "debugging_from_jump_node",
"default": "default",
"docker_swarm": "Docker Swarm",
"docker_swarm_NFS": "Docker Swarm NFS",
"haproxy": "traffic_from_main_lb_to_haproxy_l7",
"http_and_https_from_the_load_balancers": "traffic_from_the_main_load_balancers",
"limited_HTTPS_access": "restricted_web_service",
"limited_SSH_access": "Limited SSH access",
"mongo": "mongo",
"nfs_share_no_ingress": "nfs_share_no_ingress",
"orientdb_internal_docker_traffic": "orientdb_internal_docker_traffic",
"postgreSQL": "PostgreSQL service",
"public_HTTPS": "Public HTTPS"
},
"shared_postgresql_server_data": {
"allocation_pool_end": "192.168.3.254",
"allocation_pool_start": "192.168.0.100",
"flavor": "m1.medium",
"name": "shared-postgresql-server",
"network_cidr": "192.168.0.0/22",
"network_description": "Network used to communicate with the shared postgresql service",
"network_name": "postgresql-srv-net",
"server_cidr": "192.168.0.5/22",
"server_ip": "192.168.0.5",
"vol_data_device": "/dev/vdb",
"vol_data_name": "shared-postgresql-data",
"vol_data_size": "100"
},
"smartexecutor_addresses": {},
"ssh_jump_proxy": {
"flavor": "m2.small",
"name": "ssh-jump-proxy"
},
"ssh_sources": {
"d4s_vpn_1_cidr": "146.48.122.27/32",
"d4s_vpn_2_cidr": "146.48.122.49/32",
"infrascience_net_cidr": "146.48.122.0/23",
"s2i2s_vpn_1_cidr": "146.48.28.10/32",
"s2i2s_vpn_2_cidr": "146.48.28.11/32",
"shell_d4s_cidr": "146.48.122.95/32"
},
"storage_nfs_network_id": "5f4023cc-4016-404c-94e5-86220095fbaf",
"storage_nfs_subnet_id": "6ff0f9e8-0e74-4cc3-a268-7ed4af435696",
"ubuntu1804_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh",
"ubuntu2204_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh",
"ubuntu_1804": {
"name": "Ubuntu-Bionic-18.04",
"user_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh",
"uuid": "7ed6a2cd-2b07-482e-8ce4-f018dff16c89"
},
"ubuntu_2204": {
"name": "Ubuntu-Jammy-22.04",
"user_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh",
"uuid": "54768889-8556-4be4-a2eb-82a4d9b34627"
}
},
"type": [
"object",
{
"almalinux_9": [
"map",
"string"
],
"availability_zone_no_gpu_name": "string",
"availability_zone_with_gpu_name": "string",
"availability_zones_names": [
"map",
"string"
],
"basic_services_ip": [
"map",
"string"
],
"centos_7": [
"map",
"string"
],
"default_security_group_name": "string",
"dns_zone": [
"map",
"string"
],
"dns_zone_id": "string",
"el7_data_file": "string",
"external_gateway_ip": [
"list",
[
"object",
{
"ip_address": "string",
"subnet_id": "string"
}
]
],
"external_network": [
"map",
"string"
],
"external_network_id": "string",
"external_router": [
"map",
"string"
],
"flavor_list": [
"map",
"string"
],
"floating_ip_pools": [
"map",
"string"
],
"haproxy_l7_data": [
"map",
"string"
],
"internal_ca_data": [
"map",
"string"
],
"main_haproxy_l7_ip": [
"list",
"string"
],
"main_private_network": [
"map",
"string"
],
"main_private_network_id": "string",
"main_private_subnet": [
"map",
"string"
],
"main_region": "string",
"main_subnet_network_id": "string",
"mtu_size": "number",
"networks_list": [
"map",
"string"
],
"networks_with_d4s_services": [
"map",
"string"
],
"nfs_share_no_ingress_secgroup_id": "string",
"octavia_information": [
"map",
"string"
],
"os_project_data": [
"map",
"string"
],
"policy_list": [
"map",
"string"
],
"prometheus_server_data": [
"map",
"string"
],
"resolvers_ip": [
"list",
"string"
],
"resource_registry_addresses": [
"map",
"string"
],
"security_group_list": [
"map",
"string"
],
"shared_postgresql_server_data": [
"map",
"string"
],
"smartexecutor_addresses": [
"map",
"string"
],
"ssh_jump_proxy": [
"map",
"string"
],
"ssh_sources": [
"map",
"string"
],
"storage_nfs_network_id": "string",
"storage_nfs_subnet_id": "string",
"ubuntu1804_data_file": "string",
"ubuntu2204_data_file": "string",
"ubuntu_1804": [
"map",
"string"
],
"ubuntu_2204": [
"map",
"string"
]
}
]
},
"workspace": null
},
"sensitive_attributes": []
}
]
},
{
"mode": "managed",
"type": "openstack_compute_instance_v2",
"name": "access_service_dev",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"access_ip_v4": "10.1.29.106",
"access_ip_v6": "",
"admin_pass": null,
"all_metadata": {},
"all_tags": [],
"availability_zone": "cnr-isti-nova-a",
"availability_zone_hints": "cnr-isti-nova-a",
"block_device": [
{
"boot_index": 0,
"delete_on_termination": false,
"destination_type": "volume",
"device_type": "",
"disk_bus": "",
"guest_format": "",
"multiattach": false,
"source_type": "image",
"uuid": "7ed6a2cd-2b07-482e-8ce4-f018dff16c89",
"volume_size": 30,
"volume_type": ""
}
],
"config_drive": null,
"created": "2024-03-14 17:22:40 +0000 UTC",
"flavor_id": "4",
"flavor_name": "m1.medium",
"floating_ip": null,
"force_delete": false,
"id": "613569ae-36aa-4440-96b9-0bfc760d2334",
"image_id": "Attempt to boot from volume - no image supplied",
"image_name": null,
"key_pair": "Marco Procaccini",
"metadata": null,
"name": "access",
"network": [
{
"access_network": false,
"fixed_ip_v4": "10.1.29.106",
"fixed_ip_v6": "",
"floating_ip": "",
"mac": "fa:16:3e:06:7c:be",
"name": "d4s-dev-cloud-main",
"port": "",
"uuid": "e0af5eba-f24a-4d0d-8184-bc654b980c4a"
}
],
"network_mode": null,
"personality": [],
"power_state": "active",
"region": "isti_area_pi_1",
"scheduler_hints": [],
"security_groups": [
"default",
"traffic_from_the_main_load_balancers"
],
"stop_before_destroy": false,
"tags": null,
"timeouts": null,
"updated": "2024-03-14 17:23:20 +0000 UTC",
"user_data": "47d4769e61324c305c4b70ed6673de4fad84150d",
"vendor_options": [],
"volume": []
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router"
]
}
]
},
{
"module": "module.dns_records_create",
"mode": "managed",
"type": "openstack_dns_recordset_v2",
"name": "add_dns_recordset",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"index_key": "access_service_dev",
"schema_version": 0,
"attributes": {
"description": "Access access",
"disable_status_check": false,
"id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488/1df31040-e622-47eb-ba04-3351851009a4",
"name": "access.cloud-dev.d4science.org.",
"project_id": "e8f8ca72f30648a8b389b4e745ac83a9",
"records": [
"main-lb.cloud-dev.d4science.org."
],
"region": "isti_area_pi_1",
"timeouts": null,
"ttl": 8600,
"type": "CNAME",
"value_specs": null,
"zone_id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router"
]
}
]
}
],
"check_results": null
}

View File

@ -40,8 +40,8 @@ module "instance_without_data_volume" {
name = "accounting-service-1", name = "accounting-service-1",
description = "This instance serves accounting service", description = "This instance serves accounting service",
flavor = module.common_variables.flavor_list.m1_medium, flavor = module.common_variables.flavor_list.m1_medium,
networks = ["d4s-dev-cloud-main", "timescaledb-net"], networks = [data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name, module.common_variables.networks_list.timescaledb],
security_groups = [module.common_variables.security_group_list.default, module.common_variables.security_group_list.http_and_https_from_the_load_balancers], security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [openstack_compute_servergroup_v2.accounting_service_server_group.id], server_groups_ids = [openstack_compute_servergroup_v2.accounting_service_server_group.id],
image_ref = module.common_variables.ubuntu_1804 image_ref = module.common_variables.ubuntu_1804
}, },
@ -49,8 +49,8 @@ module "instance_without_data_volume" {
name = "accounting-service-2", name = "accounting-service-2",
description = "This instance serves accounting service", description = "This instance serves accounting service",
flavor = module.common_variables.flavor_list.m1_medium, flavor = module.common_variables.flavor_list.m1_medium,
networks = ["d4s-dev-cloud-main", "timescaledb-net"], networks = [data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name, module.common_variables.networks_list.timescaledb],
security_groups = [module.common_variables.security_group_list.default, module.common_variables.security_group_list.http_and_https_from_the_load_balancers], security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [openstack_compute_servergroup_v2.accounting_service_server_group.id], server_groups_ids = [openstack_compute_servergroup_v2.accounting_service_server_group.id],
image_ref = module.common_variables.ubuntu_1804 image_ref = module.common_variables.ubuntu_1804
} }

View File

@ -0,0 +1,280 @@
{
"version": 4,
"terraform_version": "1.6.4",
"serial": 4,
"lineage": "f78ebf28-70a5-0531-aeaa-0c7b62a54d5c",
"outputs": {},
"resources": [
{
"mode": "data",
"type": "terraform_remote_state",
"name": "privnet_dns_router",
"provider": "provider[\"terraform.io/builtin/terraform\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"backend": "local",
"config": {
"value": {
"path": "../project-setup/terraform.tfstate"
},
"type": [
"object",
{
"path": "string"
}
]
},
"defaults": null,
"outputs": {
"value": {
"dns_zone_id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488",
"external_gateway_ip": "146.48.31.109",
"main_private_network_id": "e0af5eba-f24a-4d0d-8184-bc654b980c4a",
"main_subnet_network_id": "2aa977f2-80b4-447c-a6b0-dfa06bf68751"
},
"type": [
"object",
{
"dns_zone_id": "string",
"external_gateway_ip": "string",
"main_private_network_id": "string",
"main_subnet_network_id": "string"
}
]
},
"workspace": null
},
"sensitive_attributes": []
}
]
},
{
"mode": "managed",
"type": "openstack_compute_servergroup_v2",
"name": "accounting_service_server_group",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"id": "75fba0c5-1f32-4214-aac8-aebf2d1a1115",
"members": [],
"name": "accounting-service",
"policies": [
"soft-anti-affinity"
],
"region": "isti_area_pi_1",
"rules": [
{
"max_server_per_host": 0
}
],
"value_specs": null
},
"sensitive_attributes": [],
"private": "bnVsbA=="
}
]
},
{
"module": "module.instance_without_data_volume",
"mode": "managed",
"type": "openstack_compute_instance_v2",
"name": "smartgears_service",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"index_key": "accounting_service_1",
"schema_version": 0,
"attributes": {
"access_ip_v4": "10.1.31.58",
"access_ip_v6": "",
"admin_pass": null,
"all_metadata": {},
"all_tags": [],
"availability_zone": "cnr-isti-nova-a",
"availability_zone_hints": "cnr-isti-nova-a",
"block_device": [
{
"boot_index": 0,
"delete_on_termination": false,
"destination_type": "volume",
"device_type": "",
"disk_bus": "",
"guest_format": "",
"multiattach": false,
"source_type": "image",
"uuid": "7ed6a2cd-2b07-482e-8ce4-f018dff16c89",
"volume_size": 10,
"volume_type": ""
}
],
"config_drive": null,
"created": "2023-12-12 10:29:52 +0000 UTC",
"flavor_id": "4",
"flavor_name": "m1.medium",
"floating_ip": null,
"force_delete": false,
"id": "8cd0d856-bbae-408e-9a8a-5d9fae3162ac",
"image_id": "Attempt to boot from volume - no image supplied",
"image_name": null,
"key_pair": "pc-frosini_key",
"metadata": null,
"name": "accounting-service-1",
"network": [
{
"access_network": false,
"fixed_ip_v4": "10.1.31.58",
"fixed_ip_v6": "",
"floating_ip": "",
"mac": "fa:16:3e:aa:fe:a6",
"name": "d4s-dev-cloud-main",
"port": "",
"uuid": "e0af5eba-f24a-4d0d-8184-bc654b980c4a"
},
{
"access_network": false,
"fixed_ip_v4": "192.168.11.112",
"fixed_ip_v6": "",
"floating_ip": "",
"mac": "fa:16:3e:c0:d9:54",
"name": "timescaledb-net",
"port": "",
"uuid": "ec57aa06-17c8-4475-b4c2-3783f3c7ec7a"
}
],
"network_mode": null,
"personality": [],
"power_state": "active",
"region": "isti_area_pi_1",
"scheduler_hints": [
{
"additional_properties": null,
"build_near_host_ip": "",
"different_cell": [],
"different_host": [],
"group": "75fba0c5-1f32-4214-aac8-aebf2d1a1115",
"query": [],
"same_host": [],
"target_cell": ""
}
],
"security_groups": [
"default",
"http and https from the load balancers"
],
"stop_before_destroy": false,
"tags": null,
"timeouts": null,
"updated": "2023-12-12 10:30:28 +0000 UTC",
"user_data": "ef3d6e5deb29bd1e5de5a76ae6860f3ee872738c",
"vendor_options": [],
"volume": []
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"openstack_compute_servergroup_v2.accounting_service_server_group"
]
},
{
"index_key": "accounting_service_2",
"schema_version": 0,
"attributes": {
"access_ip_v4": "10.1.31.30",
"access_ip_v6": "",
"admin_pass": null,
"all_metadata": {},
"all_tags": [],
"availability_zone": "cnr-isti-nova-a",
"availability_zone_hints": "cnr-isti-nova-a",
"block_device": [
{
"boot_index": 0,
"delete_on_termination": false,
"destination_type": "volume",
"device_type": "",
"disk_bus": "",
"guest_format": "",
"multiattach": false,
"source_type": "image",
"uuid": "7ed6a2cd-2b07-482e-8ce4-f018dff16c89",
"volume_size": 10,
"volume_type": ""
}
],
"config_drive": null,
"created": "2023-12-12 10:29:53 +0000 UTC",
"flavor_id": "4",
"flavor_name": "m1.medium",
"floating_ip": null,
"force_delete": false,
"id": "117e32e0-89e7-4c17-89f6-c80a023ec44b",
"image_id": "Attempt to boot from volume - no image supplied",
"image_name": null,
"key_pair": "pc-frosini_key",
"metadata": null,
"name": "accounting-service-2",
"network": [
{
"access_network": false,
"fixed_ip_v4": "10.1.31.30",
"fixed_ip_v6": "",
"floating_ip": "",
"mac": "fa:16:3e:24:79:ce",
"name": "d4s-dev-cloud-main",
"port": "",
"uuid": "e0af5eba-f24a-4d0d-8184-bc654b980c4a"
},
{
"access_network": false,
"fixed_ip_v4": "192.168.11.245",
"fixed_ip_v6": "",
"floating_ip": "",
"mac": "fa:16:3e:0b:c2:5e",
"name": "timescaledb-net",
"port": "",
"uuid": "ec57aa06-17c8-4475-b4c2-3783f3c7ec7a"
}
],
"network_mode": null,
"personality": [],
"power_state": "active",
"region": "isti_area_pi_1",
"scheduler_hints": [
{
"additional_properties": null,
"build_near_host_ip": "",
"different_cell": [],
"different_host": [],
"group": "75fba0c5-1f32-4214-aac8-aebf2d1a1115",
"query": [],
"same_host": [],
"target_cell": ""
}
],
"security_groups": [
"default",
"http and https from the load balancers"
],
"stop_before_destroy": false,
"tags": null,
"timeouts": null,
"updated": "2023-12-12 10:30:26 +0000 UTC",
"user_data": "ef3d6e5deb29bd1e5de5a76ae6860f3ee872738c",
"vendor_options": [],
"volume": []
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"openstack_compute_servergroup_v2.accounting_service_server_group"
]
}
]
}
],
"check_results": null
}

View File

@ -0,0 +1,65 @@
# Define required providers
terraform {
required_version = ">= 0.14.0"
required_providers {
openstack = {
source = "terraform-provider-openstack/openstack"
version = "~> 1.53.0"
}
}
}
data "terraform_remote_state" "privnet_dns_router" {
backend = "local"
config = {
path = "../project-setup/terraform.tfstate"
}
}
#
# Uses common_variables as module
#
module "common_variables" {
source = "../../modules/common_variables"
}
module "instance_without_data_volume" {
source = "../../modules/instance_without_data_volume"
instances_without_data_volume_map = {
auth_d = {
name = "auth-d",
description = "This instance is a Authorization service",
flavor = module.common_variables.flavor_list.m1_medium,
networks = [data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name, module.common_variables.networks_list.shared_postgresql],
security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [],
image_ref = module.common_variables.ubuntu_1804
image_volume_size = 20
},
}
}
locals {
cname_target = "main-lb.${data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name}"
}
#
# Add DNS record/s
#
module "dns_records_create" {
source = "../../modules/dns_resources"
dns_resources_map = {
auth-d = {
zone_id = data.terraform_remote_state.privnet_dns_router.outputs.dns_zone_id
name = join(".", ["auth-d", data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name])
description = "Authorization auth-d"
ttl = 8600
type = "CNAME"
records = [local.cname_target]
}
}
}

View File

@ -0,0 +1,3 @@
provider "openstack" {
cloud = "d4s-dev"
}

View File

@ -0,0 +1,524 @@
{
"version": 4,
"terraform_version": "1.6.4",
"serial": 8,
"lineage": "5c181534-e215-5b78-32e5-7901710ee61a",
"outputs": {},
"resources": [
{
"mode": "data",
"type": "terraform_remote_state",
"name": "privnet_dns_router",
"provider": "provider[\"terraform.io/builtin/terraform\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"backend": "local",
"config": {
"value": {
"path": "../project-setup/terraform.tfstate"
},
"type": [
"object",
{
"path": "string"
}
]
},
"defaults": null,
"outputs": {
"value": {
"almalinux_9": {
"name": "AlmaLinux-9.0-20220718",
"uuid": "541650fc-dd19-4f38-bb1d-7333ed9dd688"
},
"availability_zone_no_gpu_name": "cnr-isti-nova-a",
"availability_zone_with_gpu_name": "cnr-isti-nova-gpu-a",
"availability_zones_names": {
"availability_zone_no_gpu": "cnr-isti-nova-a",
"availability_zone_with_gpu": "cnr-isti-nova-gpu-a"
},
"basic_services_ip": {
"ca": "10.1.29.247",
"ca_cidr": "10.1.29.247/32",
"haproxy_l7_1": "10.1.28.50",
"haproxy_l7_1_cidr": "10.1.28.50/32",
"haproxy_l7_2": "10.1.30.241",
"haproxy_l7_2_cidr": "10.1.30.241/32",
"octavia_main": "10.1.28.227",
"octavia_main_cidr": "10.1.28.227/32",
"prometheus": "10.1.30.129",
"prometheus_cidr": "10.1.30.129/32",
"ssh_jump": "10.1.29.164",
"ssh_jump_cidr": "10.1.29.164/32"
},
"centos_7": {
"name": "CentOS-7",
"uuid": "f0187a99-64f6-462a-ab5f-ef52fe62f2ca"
},
"default_security_group_name": "default",
"dns_zone": {
"description": "DNS primary zone for the d4s-dev-cloud project",
"email": "postmaster@isti.cnr.it",
"ttl": "8600",
"zone_name": "cloud-dev.d4science.org."
},
"dns_zone_id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488",
"el7_data_file": "../../openstack_vm_data_scripts/el7.sh",
"external_gateway_ip": [
{
"ip_address": "146.48.31.109",
"subnet_id": "57f87509-4016-46fb-b8c3-25fca7f72ccb"
}
],
"external_network": {
"id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b",
"name": "external-network"
},
"external_network_id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b",
"external_router": {
"description": "D4Science DEV main router",
"id": "2ae28c5f-036b-45db-bc9f-5bab8fa3e914",
"name": "d4s-dev-cloud-external-router"
},
"flavor_list": {
"c1_large": "c1.large",
"c1_medium": "c1.medium",
"c1_small": "c1.small",
"c2_large": "c2.large",
"m1_large": "m1.large",
"m1_medium": "m1.medium",
"m1_xlarge": "m1.xlarge",
"m1_xxl": "m1.xxl",
"m2_large": "m2.large",
"m2_medium": "m2.medium",
"m2_small": "m2.small",
"m3_large": "m3.large"
},
"floating_ip_pools": {
"main_public_ip_pool": "external-network"
},
"haproxy_l7_data": {
"flavor": "m1.medium",
"haproxy_1": "haproxy-l7-1",
"haproxy_2": "haproxy-l7-2",
"name": "main-haproxy-l7",
"vm_count": "2"
},
"internal_ca_data": {
"flavor": "m1.small",
"name": "ca"
},
"main_haproxy_l7_ip": [
"10.1.28.50",
"10.1.30.241"
],
"main_private_network": {
"description": "D4Science DEV private network (use this as the main network)",
"name": "d4s-dev-cloud-main"
},
"main_private_network_id": "e0af5eba-f24a-4d0d-8184-bc654b980c4a",
"main_private_subnet": {
"allocation_end": "10.1.31.254",
"allocation_start": "10.1.28.30",
"cidr": "10.1.28.0/22",
"description": "D4Science DEV main private subnet",
"gateway_ip": "10.1.28.1",
"name": "d4s-dev-cloud-sub"
},
"main_region": "isti_area_pi_1",
"main_subnet_network_id": "2aa977f2-80b4-447c-a6b0-dfa06bf68751",
"mtu_size": 8942,
"networks_list": {
"cassandra": "cassandra-net",
"orientdb": "orientdb-net",
"orientdb_se": "orientdb-se-net",
"shared_postgresql": "postgresql-srv-net",
"swarm": "swarm-nfs-net",
"timescaledb": "timescaledb-net"
},
"networks_with_d4s_services": {
"garr_ct1_net": "90.147.166.0/23",
"garr_na_net": "90.147.152.0/24",
"garr_pa1_net": "90.147.188.0/23",
"infrascience_net": "146.48.122.0/23",
"isti_net": "146.48.80.0/21",
"s2i2s_net": "146.48.28.0/22"
},
"nfs_share_no_ingress_secgroup_id": "5887da8d-e362-4509-93ac-8a70bf8baef9",
"octavia_information": {
"main_lb_description": "Main L4 load balancer for the D4Science DEV",
"main_lb_hostname": "main-lb",
"main_lb_name": "lb-dev-l4",
"octavia_flavor": "octavia_amphora-mvcpu-ha",
"octavia_flavor_id": "394988b5-6603-4a1e-a939-8e177c6681c7"
},
"os_project_data": {
"id": "e8f8ca72f30648a8b389b4e745ac83a9"
},
"policy_list": {
"affinity": "affinity",
"anti_affinity": "anti-affinity",
"soft_affinity": "soft-affinity",
"soft_anti_affinity": "soft-anti-affinity"
},
"prometheus_server_data": {
"flavor": "m1.medium",
"name": "prometheus",
"public_grafana_server_cidr": "146.48.28.103/32",
"vol_data_device": "/dev/vdb",
"vol_data_name": "prometheus-data",
"vol_data_size": "100"
},
"resolvers_ip": [
"146.48.29.97",
"146.48.29.98",
"146.48.29.99"
],
"resource_registry_addresses": {},
"security_group_list": {
"acaland": "acaland's dev machine",
"access_to_orientdb": "access_to_orientdb",
"access_to_orientdb_se": "access_to_orientdb_se",
"access_to_the_timescaledb_service": "access_to_the_timescaledb_service",
"cassandra": "Cassandra",
"dataminer-publish": "dataminer-publish",
"debugging_from_jump_node": "debugging_from_jump_node",
"default": "default",
"docker_swarm": "Docker Swarm",
"docker_swarm_NFS": "Docker Swarm NFS",
"haproxy": "traffic_from_main_lb_to_haproxy_l7",
"http_and_https_from_the_load_balancers": "traffic_from_the_main_load_balancers",
"limited_HTTPS_access": "restricted_web_service",
"limited_SSH_access": "Limited SSH access",
"mongo": "mongo",
"nfs_share_no_ingress": "nfs_share_no_ingress",
"orientdb_internal_docker_traffic": "orientdb_internal_docker_traffic",
"postgreSQL": "PostgreSQL service",
"public_HTTPS": "Public HTTPS"
},
"shared_postgresql_server_data": {
"allocation_pool_end": "192.168.3.254",
"allocation_pool_start": "192.168.0.100",
"flavor": "m1.medium",
"name": "shared-postgresql-server",
"network_cidr": "192.168.0.0/22",
"network_description": "Network used to communicate with the shared postgresql service",
"network_name": "postgresql-srv-net",
"server_cidr": "192.168.0.5/22",
"server_ip": "192.168.0.5",
"vol_data_device": "/dev/vdb",
"vol_data_name": "shared-postgresql-data",
"vol_data_size": "100"
},
"smartexecutor_addresses": {},
"ssh_jump_proxy": {
"flavor": "m2.small",
"name": "ssh-jump-proxy"
},
"ssh_sources": {
"d4s_vpn_1_cidr": "146.48.122.27/32",
"d4s_vpn_2_cidr": "146.48.122.49/32",
"infrascience_net_cidr": "146.48.122.0/23",
"s2i2s_vpn_1_cidr": "146.48.28.10/32",
"s2i2s_vpn_2_cidr": "146.48.28.11/32",
"shell_d4s_cidr": "146.48.122.95/32"
},
"storage_nfs_network_id": "5f4023cc-4016-404c-94e5-86220095fbaf",
"storage_nfs_subnet_id": "6ff0f9e8-0e74-4cc3-a268-7ed4af435696",
"ubuntu1804_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh",
"ubuntu2204_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh",
"ubuntu_1804": {
"name": "Ubuntu-Bionic-18.04",
"user_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh",
"uuid": "7ed6a2cd-2b07-482e-8ce4-f018dff16c89"
},
"ubuntu_2204": {
"name": "Ubuntu-Jammy-22.04",
"user_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh",
"uuid": "54768889-8556-4be4-a2eb-82a4d9b34627"
}
},
"type": [
"object",
{
"almalinux_9": [
"map",
"string"
],
"availability_zone_no_gpu_name": "string",
"availability_zone_with_gpu_name": "string",
"availability_zones_names": [
"map",
"string"
],
"basic_services_ip": [
"map",
"string"
],
"centos_7": [
"map",
"string"
],
"default_security_group_name": "string",
"dns_zone": [
"map",
"string"
],
"dns_zone_id": "string",
"el7_data_file": "string",
"external_gateway_ip": [
"list",
[
"object",
{
"ip_address": "string",
"subnet_id": "string"
}
]
],
"external_network": [
"map",
"string"
],
"external_network_id": "string",
"external_router": [
"map",
"string"
],
"flavor_list": [
"map",
"string"
],
"floating_ip_pools": [
"map",
"string"
],
"haproxy_l7_data": [
"map",
"string"
],
"internal_ca_data": [
"map",
"string"
],
"main_haproxy_l7_ip": [
"list",
"string"
],
"main_private_network": [
"map",
"string"
],
"main_private_network_id": "string",
"main_private_subnet": [
"map",
"string"
],
"main_region": "string",
"main_subnet_network_id": "string",
"mtu_size": "number",
"networks_list": [
"map",
"string"
],
"networks_with_d4s_services": [
"map",
"string"
],
"nfs_share_no_ingress_secgroup_id": "string",
"octavia_information": [
"map",
"string"
],
"os_project_data": [
"map",
"string"
],
"policy_list": [
"map",
"string"
],
"prometheus_server_data": [
"map",
"string"
],
"resolvers_ip": [
"list",
"string"
],
"resource_registry_addresses": [
"map",
"string"
],
"security_group_list": [
"map",
"string"
],
"shared_postgresql_server_data": [
"map",
"string"
],
"smartexecutor_addresses": [
"map",
"string"
],
"ssh_jump_proxy": [
"map",
"string"
],
"ssh_sources": [
"map",
"string"
],
"storage_nfs_network_id": "string",
"storage_nfs_subnet_id": "string",
"ubuntu1804_data_file": "string",
"ubuntu2204_data_file": "string",
"ubuntu_1804": [
"map",
"string"
],
"ubuntu_2204": [
"map",
"string"
]
}
]
},
"workspace": null
},
"sensitive_attributes": []
}
]
},
{
"module": "module.dns_records_create",
"mode": "managed",
"type": "openstack_dns_recordset_v2",
"name": "add_dns_recordset",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"index_key": "auth-d",
"schema_version": 0,
"attributes": {
"description": "Authorization auth-d",
"disable_status_check": false,
"id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488/a597f62b-bceb-4e26-917d-dc685743e84e",
"name": "auth-d.cloud-dev.d4science.org.",
"project_id": "e8f8ca72f30648a8b389b4e745ac83a9",
"records": [
"main-lb.cloud-dev.d4science.org."
],
"region": "isti_area_pi_1",
"timeouts": null,
"ttl": 8600,
"type": "CNAME",
"value_specs": null,
"zone_id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router"
]
}
]
},
{
"module": "module.instance_without_data_volume",
"mode": "managed",
"type": "openstack_compute_instance_v2",
"name": "smartgears_service",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"index_key": "auth_d",
"schema_version": 0,
"attributes": {
"access_ip_v4": "10.1.28.143",
"access_ip_v6": "",
"admin_pass": null,
"all_metadata": {},
"all_tags": [],
"availability_zone": "cnr-isti-nova-a",
"availability_zone_hints": "cnr-isti-nova-a",
"block_device": [
{
"boot_index": 0,
"delete_on_termination": false,
"destination_type": "volume",
"device_type": "",
"disk_bus": "",
"guest_format": "",
"multiattach": false,
"source_type": "image",
"uuid": "7ed6a2cd-2b07-482e-8ce4-f018dff16c89",
"volume_size": 20,
"volume_type": ""
}
],
"config_drive": null,
"created": "2024-02-15 17:29:24 +0000 UTC",
"flavor_id": "4",
"flavor_name": "m1.medium",
"floating_ip": null,
"force_delete": false,
"id": "a9cf8e63-53db-4dad-94b9-2c7ae30bb055",
"image_id": "Attempt to boot from volume - no image supplied",
"image_name": null,
"key_pair": "Giancarlo Panichi",
"metadata": null,
"name": "auth-d",
"network": [
{
"access_network": false,
"fixed_ip_v4": "10.1.28.143",
"fixed_ip_v6": "",
"floating_ip": "",
"mac": "fa:16:3e:8d:06:39",
"name": "d4s-dev-cloud-main",
"port": "",
"uuid": "e0af5eba-f24a-4d0d-8184-bc654b980c4a"
},
{
"access_network": false,
"fixed_ip_v4": "192.168.2.189",
"fixed_ip_v6": "",
"floating_ip": "",
"mac": "fa:16:3e:77:b6:6a",
"name": "postgresql-srv-net",
"port": "",
"uuid": "00422a4a-4b8b-4c85-acf9-ef733df842b9"
}
],
"network_mode": null,
"personality": [],
"power_state": "active",
"region": "isti_area_pi_1",
"scheduler_hints": [],
"security_groups": [
"default",
"traffic_from_the_main_load_balancers"
],
"stop_before_destroy": false,
"tags": [],
"timeouts": null,
"updated": "2024-02-15 17:30:07 +0000 UTC",
"user_data": "47d4769e61324c305c4b70ed6673de4fad84150d",
"vendor_options": [],
"volume": []
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router"
]
}
]
}
],
"check_results": null
}

View File

@ -1,4 +1,4 @@
echo "Do not use" # echo "Do not use"
# Define required providers # Define required providers
terraform { terraform {

View File

@ -0,0 +1,103 @@
# Define required providers
terraform {
required_version = ">= 0.14.0"
required_providers {
openstack = {
source = "terraform-provider-openstack/openstack"
version = ">= 1.54.0"
}
}
}
data "terraform_remote_state" "privnet_dns_router" {
backend = "local"
config = {
path = "../project-setup/terraform.tfstate"
}
}
#
# Uses common_variables as module
#
module "common_variables" {
source = "../../modules/common_variables"
}
# Module used
module "ssh_settings" {
source = "../../modules/ssh-key-ref"
}
#
# Creates the server group "ckan-catalogue", NB but I'm not using it!!!!
#
resource "openstack_compute_servergroup_v2" "ckan-catalogue" {
name = "ckan-catalogue"
policies = [module.common_variables.policy_list.soft_anti_affinity]
}
#
# Postgres instances via "postgres" module
#
module "instance_postgres_via_module" {
source = "../../modules/postgres"
# Postgres networking configuration.
# NB. use this configuration by settings properly all the key fields
# postgres_networking_data = {
# description = "Data for the PostgreSQL server, including network CIDR and server IP"
# networking_security_group_name = "my network security name"
# network_cidr = "192.168.0.0/22"
# server_ip = "192.168.0.5"
# network_name = "the_network_name"
# server_cidr = "192.168.0.5/22"
# port_range_min = 5432
# port_range_max = 5432
# }
# Postgres instance
postgres_instance_data = {
postgres-ckan-dev = {
name = "postgres-ckan-dev",
description = "The Postgres ckan-dev instance",
flavor = module.common_variables.flavor_list.m1_large,
networks = [data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name, module.common_variables.networks_list.shared_postgresql],
security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [],
image_ref = module.common_variables.ubuntu_2204,
volume = {
name = "postgres-ckan-dev_data_volume",
size = "20",
device = "/dev/vdb",
}
}
}
}
#
# Solr instances via "instance_with_data_volume" module
#
module "instance_with_data_volume" {
source = "../../modules/instance_with_data_volume"
instances_with_data_volume_map = {
solr-ckan-dev = {
name = "solr-ckan-dev",
description = "The Solr ckan-dev instance",
flavor = module.common_variables.flavor_list.m1_large,
networks = [data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name],
security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [],
image_ref = module.common_variables.ubuntu_2204,
volume = {
name = "solr-ckan-dev_data_volume",
size = "20",
device = "/dev/vdb"
}
}
}
}

View File

@ -0,0 +1,3 @@
provider "openstack" {
cloud = "d4s-dev"
}

View File

@ -0,0 +1,6 @@
# Default instances without data volume is EMPTY. Override it to create a proper instance plan
variable "ckan_instances" {
type = list(string)
default = ["ckan-dev"]
}

View File

@ -0,0 +1,76 @@
# Define required providers
terraform {
required_version = ">= 0.14.0"
required_providers {
openstack = {
source = "terraform-provider-openstack/openstack"
version = "~> 1.53.0"
}
}
}
data "terraform_remote_state" "privnet_dns_router" {
backend = "local"
config = {
path = "../project-setup/terraform.tfstate"
}
}
#
# Uses common_variables as module
#
module "common_variables" {
source = "../../modules/common_variables"
}
locals {
cname_target = "swarm-lb.${data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name}"
}
#
# We only manage the DNS records, for the services behind HAProxy
#
module "dns_records_create" {
source = "../../modules/dns_resources"
dns_resources_map = {
vremodeler-dev = {
zone_id = data.terraform_remote_state.privnet_dns_router.outputs.dns_zone_id
name = join(".", ["vremodeler", data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name])
description = "Vremodeler dev"
ttl = 8600
type = "CNAME"
records = [local.cname_target]
}
netme-sobigdata = {
name = join(".", ["netme-sobigdata", data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name])
zone_id = data.terraform_remote_state.privnet_dns_router.outputs.dns_zone_id
records = [local.cname_target]
type = "CNAME"
description = "SoBigData NetMe service"
ttl = 8600
}
ontotagme-sobigdata = {
zone_id = data.terraform_remote_state.privnet_dns_router.outputs.dns_zone_id
name = join(".", ["ontotagme-sobigdata", data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name])
description = "SoBigData OntoTagme service"
ttl = 8600
type = "CNAME"
records = [local.cname_target]
}
shinyproxy-dev = {
zone_id = data.terraform_remote_state.privnet_dns_router.outputs.dns_zone_id
name = join(".", ["shinyproxy", data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name])
description = "Shinyproxy DEV instance"
ttl = 8600
type = "CNAME"
records = [local.cname_target]
}
}
}

View File

@ -0,0 +1,3 @@
provider "openstack" {
cloud = "d4s-dev"
}

View File

@ -0,0 +1,507 @@
{
"version": 4,
"terraform_version": "1.7.5",
"serial": 10,
"lineage": "ab6b1d6a-298d-8238-5cb5-61ea6b858172",
"outputs": {},
"resources": [
{
"mode": "data",
"type": "terraform_remote_state",
"name": "privnet_dns_router",
"provider": "provider[\"terraform.io/builtin/terraform\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"backend": "local",
"config": {
"value": {
"path": "../project-setup/terraform.tfstate"
},
"type": [
"object",
{
"path": "string"
}
]
},
"defaults": null,
"outputs": {
"value": {
"almalinux_9": {
"name": "AlmaLinux-9.0-20220718",
"uuid": "541650fc-dd19-4f38-bb1d-7333ed9dd688"
},
"availability_zone_no_gpu_name": "cnr-isti-nova-a",
"availability_zone_with_gpu_name": "cnr-isti-nova-gpu-a",
"availability_zones_names": {
"availability_zone_no_gpu": "cnr-isti-nova-a",
"availability_zone_with_gpu": "cnr-isti-nova-gpu-a"
},
"basic_services_ip": {
"ca": "10.1.29.247",
"ca_cidr": "10.1.29.247/32",
"haproxy_l7_1": "10.1.28.50",
"haproxy_l7_1_cidr": "10.1.28.50/32",
"haproxy_l7_2": "10.1.30.241",
"haproxy_l7_2_cidr": "10.1.30.241/32",
"octavia_main": "10.1.28.227",
"octavia_main_cidr": "10.1.28.227/32",
"prometheus": "10.1.30.129",
"prometheus_cidr": "10.1.30.129/32",
"ssh_jump": "10.1.29.164",
"ssh_jump_cidr": "10.1.29.164/32"
},
"centos_7": {
"name": "CentOS-7",
"uuid": "f0187a99-64f6-462a-ab5f-ef52fe62f2ca"
},
"default_security_group_name": "default",
"dns_zone": {
"description": "DNS primary zone for the d4s-dev-cloud project",
"email": "postmaster@isti.cnr.it",
"ttl": "8600",
"zone_name": "cloud-dev.d4science.org."
},
"dns_zone_id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488",
"el7_data_file": "../../openstack_vm_data_scripts/el7.sh",
"external_gateway_ip": [
{
"ip_address": "146.48.31.109",
"subnet_id": "57f87509-4016-46fb-b8c3-25fca7f72ccb"
}
],
"external_network": {
"id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b",
"name": "external-network"
},
"external_network_id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b",
"external_router": {
"description": "D4Science DEV main router",
"id": "2ae28c5f-036b-45db-bc9f-5bab8fa3e914",
"name": "d4s-dev-cloud-external-router"
},
"flavor_list": {
"c1_large": "c1.large",
"c1_medium": "c1.medium",
"c1_small": "c1.small",
"c2_large": "c2.large",
"m1_large": "m1.large",
"m1_medium": "m1.medium",
"m1_xlarge": "m1.xlarge",
"m1_xxl": "m1.xxl",
"m2_large": "m2.large",
"m2_medium": "m2.medium",
"m2_small": "m2.small",
"m3_large": "m3.large"
},
"floating_ip_pools": {
"main_public_ip_pool": "external-network"
},
"haproxy_l7_data": {
"flavor": "m1.medium",
"haproxy_1": "haproxy-l7-1",
"haproxy_2": "haproxy-l7-2",
"name": "main-haproxy-l7",
"vm_count": "2"
},
"internal_ca_data": {
"flavor": "m1.small",
"name": "ca"
},
"main_haproxy_l7_ip": [
"10.1.28.50",
"10.1.30.241"
],
"main_private_network": {
"description": "D4Science DEV private network (use this as the main network)",
"name": "d4s-dev-cloud-main"
},
"main_private_network_id": "e0af5eba-f24a-4d0d-8184-bc654b980c4a",
"main_private_subnet": {
"allocation_end": "10.1.31.254",
"allocation_start": "10.1.28.30",
"cidr": "10.1.28.0/22",
"description": "D4Science DEV main private subnet",
"gateway_ip": "10.1.28.1",
"name": "d4s-dev-cloud-sub"
},
"main_region": "isti_area_pi_1",
"main_subnet_network_id": "2aa977f2-80b4-447c-a6b0-dfa06bf68751",
"mtu_size": 8942,
"networks_list": {
"cassandra": "cassandra-net",
"orientdb": "orientdb-net",
"orientdb_se": "orientdb-se-net",
"shared_postgresql": "postgresql-srv-net",
"swarm": "swarm-nfs-net",
"timescaledb": "timescaledb-net"
},
"networks_with_d4s_services": {
"garr_ct1_net": "90.147.166.0/23",
"garr_na_net": "90.147.152.0/24",
"garr_pa1_net": "90.147.188.0/23",
"infrascience_net": "146.48.122.0/23",
"isti_net": "146.48.80.0/21",
"s2i2s_net": "146.48.28.0/22"
},
"nfs_share_no_ingress_secgroup_id": "5887da8d-e362-4509-93ac-8a70bf8baef9",
"octavia_information": {
"main_lb_description": "Main L4 load balancer for the D4Science DEV",
"main_lb_hostname": "main-lb",
"main_lb_name": "lb-dev-l4",
"octavia_flavor": "octavia_amphora-mvcpu-ha",
"octavia_flavor_id": "394988b5-6603-4a1e-a939-8e177c6681c7"
},
"os_project_data": {
"id": "e8f8ca72f30648a8b389b4e745ac83a9"
},
"policy_list": {
"affinity": "affinity",
"anti_affinity": "anti-affinity",
"soft_affinity": "soft-affinity",
"soft_anti_affinity": "soft-anti-affinity"
},
"prometheus_server_data": {
"flavor": "m1.medium",
"name": "prometheus",
"public_grafana_server_cidr": "146.48.28.103/32",
"vol_data_device": "/dev/vdb",
"vol_data_name": "prometheus-data",
"vol_data_size": "100"
},
"resolvers_ip": [
"146.48.29.97",
"146.48.29.98",
"146.48.29.99"
],
"resource_registry_addresses": {},
"security_group_list": {
"acaland": "acaland's dev machine",
"access_to_orientdb": "access_to_orientdb",
"access_to_orientdb_se": "access_to_orientdb_se",
"access_to_the_timescaledb_service": "access_to_the_timescaledb_service",
"cassandra": "Cassandra",
"dataminer-publish": "dataminer-publish",
"debugging_from_jump_node": "debugging_from_jump_node",
"default": "default",
"docker_swarm": "Docker Swarm",
"docker_swarm_NFS": "Docker Swarm NFS",
"haproxy": "traffic_from_main_lb_to_haproxy_l7",
"http_and_https_from_the_load_balancers": "traffic_from_the_main_load_balancers",
"limited_HTTPS_access": "restricted_web_service",
"limited_SSH_access": "Limited SSH access",
"mongo": "mongo",
"nfs_share_no_ingress": "nfs_share_no_ingress",
"orientdb_internal_docker_traffic": "orientdb_internal_docker_traffic",
"postgreSQL": "PostgreSQL service",
"public_HTTPS": "Public HTTPS"
},
"shared_postgresql_server_data": {
"allocation_pool_end": "192.168.3.254",
"allocation_pool_start": "192.168.0.100",
"flavor": "m1.medium",
"name": "shared-postgresql-server",
"network_cidr": "192.168.0.0/22",
"network_description": "Network used to communicate with the shared postgresql service",
"network_name": "postgresql-srv-net",
"server_cidr": "192.168.0.5/22",
"server_ip": "192.168.0.5",
"vol_data_device": "/dev/vdb",
"vol_data_name": "shared-postgresql-data",
"vol_data_size": "100"
},
"smartexecutor_addresses": {},
"ssh_jump_proxy": {
"flavor": "m2.small",
"name": "ssh-jump-proxy"
},
"ssh_sources": {
"d4s_vpn_1_cidr": "146.48.122.27/32",
"d4s_vpn_2_cidr": "146.48.122.49/32",
"infrascience_net_cidr": "146.48.122.0/23",
"s2i2s_vpn_1_cidr": "146.48.28.10/32",
"s2i2s_vpn_2_cidr": "146.48.28.11/32",
"shell_d4s_cidr": "146.48.122.95/32"
},
"storage_nfs_network_id": "5f4023cc-4016-404c-94e5-86220095fbaf",
"storage_nfs_subnet_id": "6ff0f9e8-0e74-4cc3-a268-7ed4af435696",
"ubuntu1804_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh",
"ubuntu2204_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh",
"ubuntu_1804": {
"name": "Ubuntu-Bionic-18.04",
"user_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh",
"uuid": "7ed6a2cd-2b07-482e-8ce4-f018dff16c89"
},
"ubuntu_2204": {
"name": "Ubuntu-Jammy-22.04",
"user_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh",
"uuid": "54768889-8556-4be4-a2eb-82a4d9b34627"
}
},
"type": [
"object",
{
"almalinux_9": [
"map",
"string"
],
"availability_zone_no_gpu_name": "string",
"availability_zone_with_gpu_name": "string",
"availability_zones_names": [
"map",
"string"
],
"basic_services_ip": [
"map",
"string"
],
"centos_7": [
"map",
"string"
],
"default_security_group_name": "string",
"dns_zone": [
"map",
"string"
],
"dns_zone_id": "string",
"el7_data_file": "string",
"external_gateway_ip": [
"list",
[
"object",
{
"ip_address": "string",
"subnet_id": "string"
}
]
],
"external_network": [
"map",
"string"
],
"external_network_id": "string",
"external_router": [
"map",
"string"
],
"flavor_list": [
"map",
"string"
],
"floating_ip_pools": [
"map",
"string"
],
"haproxy_l7_data": [
"map",
"string"
],
"internal_ca_data": [
"map",
"string"
],
"main_haproxy_l7_ip": [
"list",
"string"
],
"main_private_network": [
"map",
"string"
],
"main_private_network_id": "string",
"main_private_subnet": [
"map",
"string"
],
"main_region": "string",
"main_subnet_network_id": "string",
"mtu_size": "number",
"networks_list": [
"map",
"string"
],
"networks_with_d4s_services": [
"map",
"string"
],
"nfs_share_no_ingress_secgroup_id": "string",
"octavia_information": [
"map",
"string"
],
"os_project_data": [
"map",
"string"
],
"policy_list": [
"map",
"string"
],
"prometheus_server_data": [
"map",
"string"
],
"resolvers_ip": [
"list",
"string"
],
"resource_registry_addresses": [
"map",
"string"
],
"security_group_list": [
"map",
"string"
],
"shared_postgresql_server_data": [
"map",
"string"
],
"smartexecutor_addresses": [
"map",
"string"
],
"ssh_jump_proxy": [
"map",
"string"
],
"ssh_sources": [
"map",
"string"
],
"storage_nfs_network_id": "string",
"storage_nfs_subnet_id": "string",
"ubuntu1804_data_file": "string",
"ubuntu2204_data_file": "string",
"ubuntu_1804": [
"map",
"string"
],
"ubuntu_2204": [
"map",
"string"
]
}
]
},
"workspace": null
},
"sensitive_attributes": []
}
]
},
{
"module": "module.dns_records_create",
"mode": "managed",
"type": "openstack_dns_recordset_v2",
"name": "add_dns_recordset",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"index_key": "netme-sobigdata",
"schema_version": 0,
"attributes": {
"description": "SoBigData NetMe service",
"disable_status_check": false,
"id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488/11ec2f93-2424-40aa-af83-492572e2c280",
"name": "netme-sobigdata.cloud-dev.d4science.org.",
"project_id": "e8f8ca72f30648a8b389b4e745ac83a9",
"records": [
"swarm-lb.cloud-dev.d4science.org."
],
"region": "isti_area_pi_1",
"timeouts": null,
"ttl": 8600,
"type": "CNAME",
"value_specs": null,
"zone_id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router"
]
},
{
"index_key": "ontotagme-sobigdata",
"schema_version": 0,
"attributes": {
"description": "SoBigData OntoTagme service",
"disable_status_check": false,
"id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488/4a2411a1-638f-49c2-8c8b-f29d4bc5aba9",
"name": "ontotagme-sobigdata.cloud-dev.d4science.org.",
"project_id": "e8f8ca72f30648a8b389b4e745ac83a9",
"records": [
"swarm-lb.cloud-dev.d4science.org."
],
"region": "isti_area_pi_1",
"timeouts": null,
"ttl": 8600,
"type": "CNAME",
"value_specs": null,
"zone_id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router"
]
},
{
"index_key": "shinyproxy-dev",
"schema_version": 0,
"attributes": {
"description": "Shinyproxy DEV instance",
"disable_status_check": false,
"id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488/ddc4bca3-bb9c-44db-bac3-dbddae71a3a3",
"name": "shinyproxy.cloud-dev.d4science.org.",
"project_id": "e8f8ca72f30648a8b389b4e745ac83a9",
"records": [
"swarm-lb.cloud-dev.d4science.org."
],
"region": "isti_area_pi_1",
"timeouts": null,
"ttl": 8600,
"type": "CNAME",
"value_specs": null,
"zone_id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router"
]
},
{
"index_key": "vremodeler-dev",
"schema_version": 0,
"attributes": {
"description": "Vremodeler dev",
"disable_status_check": false,
"id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488/9bf82d9a-38f9-4d73-a0cd-1b3bce167c06",
"name": "vremodeler.cloud-dev.d4science.org.",
"project_id": "e8f8ca72f30648a8b389b4e745ac83a9",
"records": [
"swarm-lb.cloud-dev.d4science.org."
],
"region": "isti_area_pi_1",
"timeouts": null,
"ttl": 8600,
"type": "CNAME",
"value_specs": null,
"zone_id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router"
]
}
]
}
],
"check_results": null
}

View File

@ -42,8 +42,8 @@ module "instance_without_data_volume" {
name = "gcat-1", name = "gcat-1",
description = "This instance serves gcat service", description = "This instance serves gcat service",
flavor = module.common_variables.flavor_list.m1_medium, flavor = module.common_variables.flavor_list.m1_medium,
networks = ["d4s-dev-cloud-main"], networks = [data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name],
security_groups = [module.common_variables.security_group_list.default, module.common_variables.security_group_list.http_and_https_from_the_load_balancers], security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [openstack_compute_servergroup_v2.gcat_server_group.id], server_groups_ids = [openstack_compute_servergroup_v2.gcat_server_group.id],
image_ref = module.common_variables.ubuntu_1804 image_ref = module.common_variables.ubuntu_1804
}, },
@ -51,8 +51,8 @@ module "instance_without_data_volume" {
name = "gcat-2", name = "gcat-2",
description = "This instance serves gcat service", description = "This instance serves gcat service",
flavor = module.common_variables.flavor_list.m1_medium, flavor = module.common_variables.flavor_list.m1_medium,
networks = ["d4s-dev-cloud-main"], networks = [data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name],
security_groups = [module.common_variables.security_group_list.default, module.common_variables.security_group_list.http_and_https_from_the_load_balancers], security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [openstack_compute_servergroup_v2.gcat_server_group.id], server_groups_ids = [openstack_compute_servergroup_v2.gcat_server_group.id],
image_ref = module.common_variables.ubuntu_1804 image_ref = module.common_variables.ubuntu_1804
} }

View File

@ -2,23 +2,23 @@
# Manual edits may be lost in future updates. # Manual edits may be lost in future updates.
provider "registry.terraform.io/terraform-provider-openstack/openstack" { provider "registry.terraform.io/terraform-provider-openstack/openstack" {
version = "1.53.0" version = "2.0.0"
constraints = "~> 1.53.0" constraints = ">= 1.54.0"
hashes = [ hashes = [
"h1:YLGvYkSuagyP5orUTyKNK+JhzS17EFTUDpZ5R5/fFv4=", "h1:raN7bKNdWwlAUprknjprlcP8/YluslrdVtyO+YI4PHs=",
"zh:09da7ca98ffd3de7b9ce36c4c13446212a6e763ba1162be71b50f95d453cb68e", "zh:17dcb07e1af0bf5dfa0aa280a7ad450dffcd4c2b2fba91088eb5ec191ad8a0a0",
"zh:14041bcbb87312411d88612056ed185650bfd01284b8ea0761ce8105a331708e", "zh:2546f047d34f4372e4eb10db5ba23a45a8952327ae94d15371b2432ba477404e",
"zh:35bf4c788fdbc17c8e40ebc7b33c7de4b45a2fa2efaa657b10f0e3bd37c9627f", "zh:257a96029772251de0ce039483d565744e28e902904a60cb2e1d0af91b09d74d",
"zh:46ede8ef4cfa12d654c538afc1e1ec34a1f3e8eb4e986ee23dceae398b7176a6", "zh:29d71f2a9d74701965a19ad1623d46bfe624e7d58c261075acad04bef373b579",
"zh:59675734990dab1e8d87997853ea75e8104bba730b3f5a7146ac735540c9d6bf", "zh:30e759253fb7df4d24de8e248ff5f0f038c6e54b82377c70bc19815443476eb6",
"zh:6de52428849806498670e827b54810be7510a2a79449602c1aede4235a0ec036", "zh:383d8286588b0ccd02062373ee7812ad583775b7d1ef09112716ebf3a6f257cd",
"zh:78b2a20601272afceffac8f8ca78a6b647b84196c0dd8dc710fae297f6be15a4", "zh:533beb32a7d355f5ecfc249eb40a9800061dd2590960c48910d7ab8a711495ef",
"zh:7c41ed3a4fac09677e676ecf9f9edd1e38eef449e656cb01a848d2c799c6de8f", "zh:5f52cfb93aabf766d6781f66b9cee8b9126a52a330e16c6eadd1b52e8c251870",
"zh:852800228f4118a4aa6cfaa4468b851247cbed6f037fd204f08de69eb1edc149", "zh:6720f59ade2db328d8e3d37ac4bd588a186379d6c29ebd76761fca916a230ddc",
"zh:86d618e7f9a07d978b8bc4b190be350a00de64ec535f9c8f5dfe133542a55483", "zh:725c285c6e979d9564ae0c6017587e65ca6727733cb6fdf0af57047e0f89cb00",
"zh:963a9e72b66d8bcf43de9b14a674ae3ca3719ce2f829217f7a65b66fc3773397", "zh:739ec820139bdd742743c892f0c123b3ef4c0288ed33739380ed362cdcb49085",
"zh:a8e72ab67795071bda61f99a6de3d2d40122fb51971768fd75e1324abe874ced", "zh:7d223f9e986a8ece51f86143d01f2c7d805c55dce1090e53059d8a38e1121de4",
"zh:ce1890cf3af17d569af3bc7673cec0a8f78e6f5d701767593f3d29c551f44848", "zh:9d682904a5346febb820f7d1290d3a5bd09761c0427c9854c3248d222ce970c2",
"zh:e6f1b96eb684f527a47f71923f268c86a36d7894751b31ee9e726d7502a639cd", "zh:f06515d93af460abc39e7713089f9fe714bcb25315582628ecb0b1af7a2a6e2f",
] ]
} }

View File

@ -4,7 +4,7 @@ terraform {
required_providers { required_providers {
openstack = { openstack = {
source = "terraform-provider-openstack/openstack" source = "terraform-provider-openstack/openstack"
version = "~> 1.53.0" version = ">= 1.54.0"
} }
} }
} }
@ -16,7 +16,6 @@ data "terraform_remote_state" "privnet_dns_router" {
path = "../project-setup/terraform.tfstate" path = "../project-setup/terraform.tfstate"
} }
} }
# #
# Uses common_variables as module # Uses common_variables as module
# #
@ -24,33 +23,45 @@ module "common_variables" {
source = "../../modules/common_variables" source = "../../modules/common_variables"
} }
#
# Creates the server group "sdi-geo"
#
resource "openstack_compute_servergroup_v2" "sdi_geo_server_group" {
name = "sdi-geo"
policies = [module.common_variables.policy_list.soft_anti_affinity]
}
module "instance_with_data_volume" { module "instance_with_data_volume" {
source = "../../modules/instance_with_data_volume" source = "../../modules/instance_with_data_volume"
instances_with_data_volume_map = { instances_with_data_volume_map = {
geonetwork_1 = { geonetwork_next = {
name = "geonetwork-1", name = "geonetwork-next",
description = "This instance serves geonetwork service", description = "This instance serves geonetwork service",
flavor = module.common_variables.flavor_list.m1_medium, flavor = module.common_variables.flavor_list.m1_medium,
networks = ["d4s-dev-cloud-main",module.common_variables.networks_list.shared_postgresql], networks = [data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name, module.common_variables.networks_list.shared_postgresql],
security_groups = [module.common_variables.security_group_list.default, module.common_variables.security_group_list.http_and_https_from_the_load_balancers], security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [openstack_compute_servergroup_v2.sdi_geo_server_group.id], server_groups_ids = [],
image_ref = module.common_variables.ubuntu_1804 image_ref = module.common_variables.ubuntu_1804
volume = { volume = {
name = "geonetwork_1_data_volume", name = "geonetwork_next_data_volume",
size = "30", size = "20",
device = "/dev/vdb" device = "/dev/vdb"
} }
} }
} }
} }
locals {
cname_target = "main-lb.${data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name}"
}
#
# Add DNS record/s
#
module "dns_records_create" {
source = "../../modules/dns_resources"
dns_resources_map = {
geonetwork-next = {
zone_id = data.terraform_remote_state.privnet_dns_router.outputs.dns_zone_id
name = join(".", ["geonetwork-next", data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name])
description = "Geonetwork geonetwork-next"
ttl = 8600
type = "CNAME"
records = [local.cname_target]
}
}
}

View File

@ -46,8 +46,8 @@ module "instance_without_data_volume" {
name = "geoportal-cms", name = "geoportal-cms",
description = "The Geoportal instance", description = "The Geoportal instance",
flavor = module.common_variables.flavor_list.m1_medium, flavor = module.common_variables.flavor_list.m1_medium,
networks = ["d4s-dev-cloud-main", module.common_variables.networks_list.shared_postgresql], networks = [data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name, module.common_variables.networks_list.shared_postgresql],
security_groups = [module.common_variables.security_group_list.default, module.common_variables.security_group_list.http_and_https_from_the_load_balancers], security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [openstack_compute_servergroup_v2.geoportal.id], server_groups_ids = [openstack_compute_servergroup_v2.geoportal.id],
image_ref = module.common_variables.ubuntu_1804 image_ref = module.common_variables.ubuntu_1804
} }

View File

@ -2,24 +2,23 @@
# Manual edits may be lost in future updates. # Manual edits may be lost in future updates.
provider "registry.terraform.io/terraform-provider-openstack/openstack" { provider "registry.terraform.io/terraform-provider-openstack/openstack" {
version = "1.53.0" version = "2.0.0"
constraints = "~> 1.53.0" constraints = ">= 1.54.0"
hashes = [ hashes = [
"h1:YLGvYkSuagyP5orUTyKNK+JhzS17EFTUDpZ5R5/fFv4=", "h1:raN7bKNdWwlAUprknjprlcP8/YluslrdVtyO+YI4PHs=",
"h1:ZSJPqrlaHQ3sj7wyJuPSG+NblFZbAA6Y0d3GjSJf3o8=", "zh:17dcb07e1af0bf5dfa0aa280a7ad450dffcd4c2b2fba91088eb5ec191ad8a0a0",
"zh:09da7ca98ffd3de7b9ce36c4c13446212a6e763ba1162be71b50f95d453cb68e", "zh:2546f047d34f4372e4eb10db5ba23a45a8952327ae94d15371b2432ba477404e",
"zh:14041bcbb87312411d88612056ed185650bfd01284b8ea0761ce8105a331708e", "zh:257a96029772251de0ce039483d565744e28e902904a60cb2e1d0af91b09d74d",
"zh:35bf4c788fdbc17c8e40ebc7b33c7de4b45a2fa2efaa657b10f0e3bd37c9627f", "zh:29d71f2a9d74701965a19ad1623d46bfe624e7d58c261075acad04bef373b579",
"zh:46ede8ef4cfa12d654c538afc1e1ec34a1f3e8eb4e986ee23dceae398b7176a6", "zh:30e759253fb7df4d24de8e248ff5f0f038c6e54b82377c70bc19815443476eb6",
"zh:59675734990dab1e8d87997853ea75e8104bba730b3f5a7146ac735540c9d6bf", "zh:383d8286588b0ccd02062373ee7812ad583775b7d1ef09112716ebf3a6f257cd",
"zh:6de52428849806498670e827b54810be7510a2a79449602c1aede4235a0ec036", "zh:533beb32a7d355f5ecfc249eb40a9800061dd2590960c48910d7ab8a711495ef",
"zh:78b2a20601272afceffac8f8ca78a6b647b84196c0dd8dc710fae297f6be15a4", "zh:5f52cfb93aabf766d6781f66b9cee8b9126a52a330e16c6eadd1b52e8c251870",
"zh:7c41ed3a4fac09677e676ecf9f9edd1e38eef449e656cb01a848d2c799c6de8f", "zh:6720f59ade2db328d8e3d37ac4bd588a186379d6c29ebd76761fca916a230ddc",
"zh:852800228f4118a4aa6cfaa4468b851247cbed6f037fd204f08de69eb1edc149", "zh:725c285c6e979d9564ae0c6017587e65ca6727733cb6fdf0af57047e0f89cb00",
"zh:86d618e7f9a07d978b8bc4b190be350a00de64ec535f9c8f5dfe133542a55483", "zh:739ec820139bdd742743c892f0c123b3ef4c0288ed33739380ed362cdcb49085",
"zh:963a9e72b66d8bcf43de9b14a674ae3ca3719ce2f829217f7a65b66fc3773397", "zh:7d223f9e986a8ece51f86143d01f2c7d805c55dce1090e53059d8a38e1121de4",
"zh:a8e72ab67795071bda61f99a6de3d2d40122fb51971768fd75e1324abe874ced", "zh:9d682904a5346febb820f7d1290d3a5bd09761c0427c9854c3248d222ce970c2",
"zh:ce1890cf3af17d569af3bc7673cec0a8f78e6f5d701767593f3d29c551f44848", "zh:f06515d93af460abc39e7713089f9fe714bcb25315582628ecb0b1af7a2a6e2f",
"zh:e6f1b96eb684f527a47f71923f268c86a36d7894751b31ee9e726d7502a639cd",
] ]
} }

View File

@ -4,7 +4,7 @@ terraform {
required_providers { required_providers {
openstack = { openstack = {
source = "terraform-provider-openstack/openstack" source = "terraform-provider-openstack/openstack"
version = "~> 1.53.0" version = ">= 1.54.0"
} }
} }
} }
@ -17,7 +17,6 @@ data "terraform_remote_state" "privnet_dns_router" {
} }
} }
# #
# Uses common_variables as module # Uses common_variables as module
# #
@ -25,139 +24,80 @@ module "common_variables" {
source = "../../modules/common_variables" source = "../../modules/common_variables"
} }
# Module used
module "instance_with_data_volume" { module "ssh_settings" {
source = "../../modules/instance_with_data_volume" source = "../../modules/ssh-key-ref"
instances_with_data_volume_map = {
geona = {
name = "geoserver-geona",
description = "Geoserver geona instance",
flavor = module.common_variables.flavor_list.m1_large,
networks = ["d4s-dev-cloud-main", module.common_variables.networks_list.shared_postgresql],
security_groups = [module.common_variables.security_group_list.default, module.common_variables.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [],
image_ref = module.common_variables.ubuntu_1804,
volume = {
name = "geoserver-geona_data_volume",
size = "50",
device = "/dev/vdb"
}
},
esquiline = {
name = "geoserver-esquiline",
description = "Geoserver esquiline instance",
flavor = module.common_variables.flavor_list.m2_small,
networks = ["d4s-dev-cloud-main", module.common_variables.networks_list.shared_postgresql],
security_groups = [module.common_variables.security_group_list.default, module.common_variables.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [],
image_ref = module.common_variables.ubuntu_1804,
volume = {
name = "geoserver-esquiline_data_volume",
size = "20",
device = "/dev/vdb",
}
},
ariadne = {
name = "geoserver-ariadne",
description = "Geoserver ariadne instance",
flavor = module.common_variables.flavor_list.m2_small,
networks = ["d4s-dev-cloud-main", module.common_variables.networks_list.shared_postgresql],
security_groups = [module.common_variables.security_group_list.default, module.common_variables.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [],
image_ref = module.common_variables.ubuntu_1804,
volume = {
name = "geoserver-ariadne_data_volume",
size = "20",
device = "/dev/vdb",
}
},
grsf = {
name = "geoserver-grsf",
description = "Geoserver grsf instance",
flavor = module.common_variables.flavor_list.m1_large,
networks = ["d4s-dev-cloud-main", module.common_variables.networks_list.shared_postgresql],
security_groups = [module.common_variables.security_group_list.default, module.common_variables.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [],
image_ref = module.common_variables.ubuntu_1804
volume = {
name = "geoserver-grsf_data_volume"
size = "40",
device = "/dev/vdb",
}
},
protectedareaimpactmaps = {
name = "geoserver-protectedareaimpactmaps",
description = "Geoserver protectedareaimpactmaps instance",
flavor = module.common_variables.flavor_list.c1_large,
networks = ["d4s-dev-cloud-main", module.common_variables.networks_list.shared_postgresql],
security_groups = [module.common_variables.security_group_list.default, module.common_variables.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [],
image_ref = module.common_variables.ubuntu_1804,
volume = {
name = "geoserver-protectedareaimpactmaps_data_volume"
size = "70",
device = "/dev/vdb",
}
}
sdi-lab = {
name = "geoserver-sdi-lab",
description = "Geoserver sdi-lab instance",
flavor = module.common_variables.flavor_list.m1_large,
networks = ["d4s-dev-cloud-main", module.common_variables.networks_list.shared_postgresql],
security_groups = [module.common_variables.security_group_list.default, module.common_variables.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [],
image_ref = module.common_variables.ubuntu_1804,
volume = {
name = "geoserver-sdi-lab_data_volume",
size = "100",
device = "/dev/vdb",
}
}
tunaatlas = {
name = "geoserver-tunaatlas",
description = "Geoserver tunaatlas instance",
flavor = module.common_variables.flavor_list.m1_large,
networks = ["d4s-dev-cloud-main", module.common_variables.networks_list.shared_postgresql],
security_groups = [module.common_variables.security_group_list.default, module.common_variables.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [],
image_ref = module.common_variables.ubuntu_1804,
volume = {
name = "geoserver-tunaatlas_data_volume",
size = "60",
device = "/dev/vdb",
}
}
wecafc-firms = {
name = "geoserver-wecafc-firms",
description = "Geoserver wecafc-firms instance",
flavor = module.common_variables.flavor_list.m1_large,
networks = ["d4s-dev-cloud-main", module.common_variables.networks_list.shared_postgresql],
security_groups = [module.common_variables.security_group_list.default, module.common_variables.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [],
image_ref = module.common_variables.ubuntu_1804,
volume = {
name = "geoserver-wecafc-firms_data_volume",
size = "40",
device = "/dev/vdb",
}
}
aquacultureatlas = {
name = "geoserver-aquacultureatlas",
description = "Geoserver aquacultureatlas instance",
flavor = module.common_variables.flavor_list.m1_large,
networks = ["d4s-dev-cloud-main", module.common_variables.networks_list.shared_postgresql],
security_groups = [module.common_variables.security_group_list.default, module.common_variables.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [],
image_ref = module.common_variables.ubuntu_1804,
volume = {
name = "geoserver-aquacultureatlas_data_volume",
size = "50",
device = "/dev/vdb",
}
} }
} # Volumes
# resource "openstack_blockstorage_volume_v3" "geoserver_2_dev_data_volume" {
# name = "geoserver_2_data_volume"
# size = "20"
# }
# Geoservers
# resource "openstack_compute_instance_v2" "geoserver_2_dev" {
# name = "geoserver-2"
# availability_zone_hints = module.common_variables.availability_zone_no_gpu_name
# flavor_name = "c1.medium"
# key_pair = module.ssh_settings.ssh_key_name
# security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers]
# block_device {
# uuid = module.common_variables.ubuntu_2404.uuid
# source_type = "image"
# volume_size = 10
# boot_index = 0
# destination_type = "volume"
# delete_on_termination = false
# }
# # Creates the networks according to input networks
# dynamic "network" {
# for_each = toset([data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name, module.common_variables.networks_list.shared_postgresql])
# content {
# name = network.value
# }
# }
# # user_data script used
# user_data = file("${module.common_variables.ubuntu_2404.user_data_file}")
# # Do not replace the instance when the ssh key changes
# lifecycle {
# ignore_changes = [
# # Ignore changes to tags, e.g. because a management agent
# # updates these based on some ruleset managed elsewhere.
# key_pair, user_data, network
# ]
# }
# }
# resource "openstack_compute_volume_attach_v2" "geoserver_2_dev_attach" {
# instance_id = openstack_compute_instance_v2.geoserver_2_dev.id
# volume_id = openstack_blockstorage_volume_v3.geoserver_2_dev_data_volume.id
# device = "/dev/vdb"
# }
locals {
cname_target = "main-lb.${data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name}"
} }
#
# Add DNS record/s
#
# module "dns_records_create" {
# source = "../../modules/dns_resources"
# dns_resources_map = {
# geoserver-2 = {
# zone_id = data.terraform_remote_state.privnet_dns_router.outputs.dns_zone_id
# name = join(".", ["geoserver-2", data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name])
# description = "Geoserver geoserver-2"
# ttl = 8600
# type = "CNAME"
# records = [local.cname_target]
# }
# }
# }

View File

@ -0,0 +1,398 @@
{
"version": 4,
"terraform_version": "1.6.4",
"serial": 12,
"lineage": "ee9a7e77-5d61-f866-c3d3-dbb0ae8bdf59",
"outputs": {},
"resources": [
{
"mode": "data",
"type": "terraform_remote_state",
"name": "privnet_dns_router",
"provider": "provider[\"terraform.io/builtin/terraform\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"backend": "local",
"config": {
"value": {
"path": "../project-setup/terraform.tfstate"
},
"type": [
"object",
{
"path": "string"
}
]
},
"defaults": null,
"outputs": {
"value": {
"almalinux_9": {
"name": "AlmaLinux-9.0-20220718",
"uuid": "541650fc-dd19-4f38-bb1d-7333ed9dd688"
},
"availability_zone_no_gpu_name": "cnr-isti-nova-a",
"availability_zone_with_gpu_name": "cnr-isti-nova-gpu-a",
"availability_zones_names": {
"availability_zone_no_gpu": "cnr-isti-nova-a",
"availability_zone_with_gpu": "cnr-isti-nova-gpu-a"
},
"basic_services_ip": {
"ca": "10.1.29.247",
"ca_cidr": "10.1.29.247/32",
"haproxy_l7_1": "10.1.28.50",
"haproxy_l7_1_cidr": "10.1.28.50/32",
"haproxy_l7_2": "10.1.30.241",
"haproxy_l7_2_cidr": "10.1.30.241/32",
"octavia_main": "10.1.28.227",
"octavia_main_cidr": "10.1.28.227/32",
"prometheus": "10.1.30.129",
"prometheus_cidr": "10.1.30.129/32",
"ssh_jump": "10.1.29.164",
"ssh_jump_cidr": "10.1.29.164/32"
},
"centos_7": {
"name": "CentOS-7",
"uuid": "f0187a99-64f6-462a-ab5f-ef52fe62f2ca"
},
"default_security_group_name": "default",
"dns_zone": {
"description": "DNS primary zone for the d4s-dev-cloud project",
"email": "postmaster@isti.cnr.it",
"ttl": "8600",
"zone_name": "cloud-dev.d4science.org."
},
"dns_zone_id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488",
"el7_data_file": "../../openstack_vm_data_scripts/el7.sh",
"external_gateway_ip": [
{
"ip_address": "146.48.31.109",
"subnet_id": "57f87509-4016-46fb-b8c3-25fca7f72ccb"
}
],
"external_network": {
"id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b",
"name": "external-network"
},
"external_network_id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b",
"external_router": {
"description": "D4Science DEV main router",
"id": "2ae28c5f-036b-45db-bc9f-5bab8fa3e914",
"name": "d4s-dev-cloud-external-router"
},
"flavor_list": {
"c1_large": "c1.large",
"c1_medium": "c1.medium",
"c1_small": "c1.small",
"c2_large": "c2.large",
"m1_large": "m1.large",
"m1_medium": "m1.medium",
"m1_xlarge": "m1.xlarge",
"m1_xxl": "m1.xxl",
"m2_large": "m2.large",
"m2_medium": "m2.medium",
"m2_small": "m2.small",
"m3_large": "m3.large"
},
"floating_ip_pools": {
"main_public_ip_pool": "external-network"
},
"haproxy_l7_data": {
"flavor": "m1.medium",
"haproxy_1": "haproxy-l7-1",
"haproxy_2": "haproxy-l7-2",
"name": "main-haproxy-l7",
"vm_count": "2"
},
"internal_ca_data": {
"flavor": "m1.small",
"name": "ca"
},
"main_haproxy_l7_ip": [
"10.1.28.50",
"10.1.30.241"
],
"main_private_network": {
"description": "D4Science DEV private network (use this as the main network)",
"name": "d4s-dev-cloud-main"
},
"main_private_network_id": "e0af5eba-f24a-4d0d-8184-bc654b980c4a",
"main_private_subnet": {
"allocation_end": "10.1.31.254",
"allocation_start": "10.1.28.30",
"cidr": "10.1.28.0/22",
"description": "D4Science DEV main private subnet",
"gateway_ip": "10.1.28.1",
"name": "d4s-dev-cloud-sub"
},
"main_region": "isti_area_pi_1",
"main_subnet_network_id": "2aa977f2-80b4-447c-a6b0-dfa06bf68751",
"mtu_size": 8942,
"networks_list": {
"cassandra": "cassandra-net",
"orientdb": "orientdb-net",
"orientdb_se": "orientdb-se-net",
"shared_postgresql": "postgresql-srv-net",
"swarm": "swarm-nfs-net",
"timescaledb": "timescaledb-net"
},
"networks_with_d4s_services": {
"garr_ct1_net": "90.147.166.0/23",
"garr_na_net": "90.147.152.0/24",
"garr_pa1_net": "90.147.188.0/23",
"infrascience_net": "146.48.122.0/23",
"isti_net": "146.48.80.0/21",
"s2i2s_net": "146.48.28.0/22"
},
"nfs_share_no_ingress_secgroup_id": "5887da8d-e362-4509-93ac-8a70bf8baef9",
"octavia_information": {
"main_lb_description": "Main L4 load balancer for the D4Science DEV",
"main_lb_hostname": "main-lb",
"main_lb_name": "lb-dev-l4",
"octavia_flavor": "octavia_amphora-mvcpu-ha",
"octavia_flavor_id": "394988b5-6603-4a1e-a939-8e177c6681c7"
},
"os_project_data": {
"id": "e8f8ca72f30648a8b389b4e745ac83a9"
},
"policy_list": {
"affinity": "affinity",
"anti_affinity": "anti-affinity",
"soft_affinity": "soft-affinity",
"soft_anti_affinity": "soft-anti-affinity"
},
"prometheus_server_data": {
"flavor": "m1.medium",
"name": "prometheus",
"public_grafana_server_cidr": "146.48.28.103/32",
"vol_data_device": "/dev/vdb",
"vol_data_name": "prometheus-data",
"vol_data_size": "100"
},
"resolvers_ip": [
"146.48.29.97",
"146.48.29.98",
"146.48.29.99"
],
"resource_registry_addresses": {},
"security_group_list": {
"acaland": "acaland's dev machine",
"access_to_orientdb": "access_to_orientdb",
"access_to_orientdb_se": "access_to_orientdb_se",
"access_to_the_timescaledb_service": "access_to_the_timescaledb_service",
"cassandra": "Cassandra",
"dataminer-publish": "dataminer-publish",
"debugging_from_jump_node": "debugging_from_jump_node",
"default": "default",
"docker_swarm": "Docker Swarm",
"docker_swarm_NFS": "Docker Swarm NFS",
"haproxy": "traffic_from_main_lb_to_haproxy_l7",
"http_and_https_from_the_load_balancers": "traffic_from_the_main_load_balancers",
"limited_HTTPS_access": "restricted_web_service",
"limited_SSH_access": "Limited SSH access",
"mongo": "mongo",
"nfs_share_no_ingress": "nfs_share_no_ingress",
"orientdb_internal_docker_traffic": "orientdb_internal_docker_traffic",
"postgreSQL": "PostgreSQL service",
"public_HTTPS": "Public HTTPS"
},
"shared_postgresql_server_data": {
"allocation_pool_end": "192.168.3.254",
"allocation_pool_start": "192.168.0.100",
"flavor": "m1.medium",
"name": "shared-postgresql-server",
"network_cidr": "192.168.0.0/22",
"network_description": "Network used to communicate with the shared postgresql service",
"network_name": "postgresql-srv-net",
"server_cidr": "192.168.0.5/22",
"server_ip": "192.168.0.5",
"vol_data_device": "/dev/vdb",
"vol_data_name": "shared-postgresql-data",
"vol_data_size": "100"
},
"smartexecutor_addresses": {},
"ssh_jump_proxy": {
"flavor": "m2.small",
"name": "ssh-jump-proxy"
},
"ssh_sources": {
"d4s_vpn_1_cidr": "146.48.122.27/32",
"d4s_vpn_2_cidr": "146.48.122.49/32",
"infrascience_net_cidr": "146.48.122.0/23",
"s2i2s_vpn_1_cidr": "146.48.28.10/32",
"s2i2s_vpn_2_cidr": "146.48.28.11/32",
"shell_d4s_cidr": "146.48.122.95/32"
},
"storage_nfs_network_id": "5f4023cc-4016-404c-94e5-86220095fbaf",
"storage_nfs_subnet_id": "6ff0f9e8-0e74-4cc3-a268-7ed4af435696",
"ubuntu1804_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh",
"ubuntu2204_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh",
"ubuntu_1804": {
"name": "Ubuntu-Bionic-18.04",
"user_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh",
"uuid": "7ed6a2cd-2b07-482e-8ce4-f018dff16c89"
},
"ubuntu_2204": {
"name": "Ubuntu-Jammy-22.04",
"user_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh",
"uuid": "54768889-8556-4be4-a2eb-82a4d9b34627"
}
},
"type": [
"object",
{
"almalinux_9": [
"map",
"string"
],
"availability_zone_no_gpu_name": "string",
"availability_zone_with_gpu_name": "string",
"availability_zones_names": [
"map",
"string"
],
"basic_services_ip": [
"map",
"string"
],
"centos_7": [
"map",
"string"
],
"default_security_group_name": "string",
"dns_zone": [
"map",
"string"
],
"dns_zone_id": "string",
"el7_data_file": "string",
"external_gateway_ip": [
"list",
[
"object",
{
"ip_address": "string",
"subnet_id": "string"
}
]
],
"external_network": [
"map",
"string"
],
"external_network_id": "string",
"external_router": [
"map",
"string"
],
"flavor_list": [
"map",
"string"
],
"floating_ip_pools": [
"map",
"string"
],
"haproxy_l7_data": [
"map",
"string"
],
"internal_ca_data": [
"map",
"string"
],
"main_haproxy_l7_ip": [
"list",
"string"
],
"main_private_network": [
"map",
"string"
],
"main_private_network_id": "string",
"main_private_subnet": [
"map",
"string"
],
"main_region": "string",
"main_subnet_network_id": "string",
"mtu_size": "number",
"networks_list": [
"map",
"string"
],
"networks_with_d4s_services": [
"map",
"string"
],
"nfs_share_no_ingress_secgroup_id": "string",
"octavia_information": [
"map",
"string"
],
"os_project_data": [
"map",
"string"
],
"policy_list": [
"map",
"string"
],
"prometheus_server_data": [
"map",
"string"
],
"resolvers_ip": [
"list",
"string"
],
"resource_registry_addresses": [
"map",
"string"
],
"security_group_list": [
"map",
"string"
],
"shared_postgresql_server_data": [
"map",
"string"
],
"smartexecutor_addresses": [
"map",
"string"
],
"ssh_jump_proxy": [
"map",
"string"
],
"ssh_sources": [
"map",
"string"
],
"storage_nfs_network_id": "string",
"storage_nfs_subnet_id": "string",
"ubuntu1804_data_file": "string",
"ubuntu2204_data_file": "string",
"ubuntu_1804": [
"map",
"string"
],
"ubuntu_2204": [
"map",
"string"
]
}
]
},
"workspace": null
},
"sensitive_attributes": []
}
]
}
],
"check_results": null
}

View File

@ -40,8 +40,8 @@ module "instance_without_data_volume" {
name = "grsf-publisher-1", name = "grsf-publisher-1",
description = "This instance serves GRSF Publisher service", description = "This instance serves GRSF Publisher service",
flavor = module.common_variables.flavor_list.m1_medium, flavor = module.common_variables.flavor_list.m1_medium,
networks = ["d4s-dev-cloud-main"], networks = [data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name],
security_groups = [module.common_variables.security_group_list.default, module.common_variables.security_group_list.http_and_https_from_the_load_balancers], security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [openstack_compute_servergroup_v2.grsf_publisher_server_group.id], server_groups_ids = [openstack_compute_servergroup_v2.grsf_publisher_server_group.id],
image_ref = module.common_variables.ubuntu_1804 image_ref = module.common_variables.ubuntu_1804
}, },
@ -49,8 +49,8 @@ module "instance_without_data_volume" {
name = "grsf-publisher-2", name = "grsf-publisher-2",
description = "This instance serves GRSF Publisher service", description = "This instance serves GRSF Publisher service",
flavor = module.common_variables.flavor_list.m1_medium, flavor = module.common_variables.flavor_list.m1_medium,
networks = ["d4s-dev-cloud-main"], networks = [data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name],
security_groups = [module.common_variables.security_group_list.default, module.common_variables.security_group_list.http_and_https_from_the_load_balancers], security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [openstack_compute_servergroup_v2.grsf_publisher_server_group.id], server_groups_ids = [openstack_compute_servergroup_v2.grsf_publisher_server_group.id],
image_ref = module.common_variables.ubuntu_1804 image_ref = module.common_variables.ubuntu_1804
} }

View File

@ -1,8 +1,8 @@
{ {
"version": 4, "version": 4,
"terraform_version": "1.6.4", "terraform_version": "1.6.4",
"serial": 5, "serial": 4,
"lineage": "e3a2cae2-4c05-25e0-9e16-4616ea0bd8d4", "lineage": "4ec3970d-0df8-c08e-c4d2-9ad0087a78aa",
"outputs": {}, "outputs": {},
"resources": [ "resources": [
{ {
@ -53,15 +53,15 @@
{ {
"mode": "managed", "mode": "managed",
"type": "openstack_compute_servergroup_v2", "type": "openstack_compute_servergroup_v2",
"name": "sdi_geo_server_group", "name": "grsf_publisher_server_group",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [ "instances": [
{ {
"schema_version": 0, "schema_version": 0,
"attributes": { "attributes": {
"id": "39b5a9fa-8c3b-40d9-8d8a-e595d47358f5", "id": "cdd95dd0-21f7-430e-9838-347adf5b0542",
"members": [], "members": [],
"name": "sdi-geo", "name": "grsf-publisher",
"policies": [ "policies": [
"soft-anti-affinity" "soft-anti-affinity"
], ],
@ -79,55 +79,17 @@
] ]
}, },
{ {
"module": "module.instance_with_data_volume", "module": "module.instance_without_data_volume",
"mode": "managed",
"type": "openstack_blockstorage_volume_v3",
"name": "instance_data_volume",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"index_key": "geonetwork_1",
"schema_version": 0,
"attributes": {
"attachment": [],
"availability_zone": "nova",
"consistency_group_id": null,
"description": "",
"enable_online_resize": null,
"id": "e89ec101-eab3-4291-a192-47aa2542cde7",
"image_id": null,
"metadata": {},
"multiattach": null,
"name": "geonetwork_1_data_volume",
"region": "isti_area_pi_1",
"scheduler_hints": [],
"size": 30,
"snapshot_id": "",
"source_replica": null,
"source_vol_id": "",
"timeouts": null,
"volume_type": "cephUnencrypted"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=",
"dependencies": [
"openstack_compute_servergroup_v2.sdi_geo_server_group"
]
}
]
},
{
"module": "module.instance_with_data_volume",
"mode": "managed", "mode": "managed",
"type": "openstack_compute_instance_v2", "type": "openstack_compute_instance_v2",
"name": "instance_with_data_volume", "name": "smartgears_service",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [ "instances": [
{ {
"index_key": "geonetwork_1", "index_key": "grsf_publisher_1",
"schema_version": 0, "schema_version": 0,
"attributes": { "attributes": {
"access_ip_v4": "10.1.28.82", "access_ip_v4": "10.1.29.255",
"access_ip_v6": "", "access_ip_v6": "",
"admin_pass": null, "admin_pass": null,
"all_metadata": {}, "all_metadata": {},
@ -150,37 +112,27 @@
} }
], ],
"config_drive": null, "config_drive": null,
"created": "2023-12-11 10:25:30 +0000 UTC", "created": "2023-12-13 10:02:41 +0000 UTC",
"flavor_id": "4", "flavor_id": "4",
"flavor_name": "m1.medium", "flavor_name": "m1.medium",
"floating_ip": null, "floating_ip": null,
"force_delete": false, "force_delete": false,
"id": "ce706ddc-cd05-45fc-bfff-b46839c91604", "id": "44cdb0f2-a28f-4057-b059-a6e3e5750019",
"image_id": "Attempt to boot from volume - no image supplied", "image_id": "Attempt to boot from volume - no image supplied",
"image_name": null, "image_name": null,
"key_pair": "Giancarlo Panichi", "key_pair": "pc-frosini_key",
"metadata": null, "metadata": null,
"name": "geonetwork-1", "name": "grsf-publisher-1",
"network": [ "network": [
{ {
"access_network": false, "access_network": false,
"fixed_ip_v4": "10.1.28.82", "fixed_ip_v4": "10.1.29.255",
"fixed_ip_v6": "", "fixed_ip_v6": "",
"floating_ip": "", "floating_ip": "",
"mac": "fa:16:3e:bf:64:1d", "mac": "fa:16:3e:69:22:68",
"name": "d4s-dev-cloud-main", "name": "d4s-dev-cloud-main",
"port": "", "port": "",
"uuid": "e0af5eba-f24a-4d0d-8184-bc654b980c4a" "uuid": "e0af5eba-f24a-4d0d-8184-bc654b980c4a"
},
{
"access_network": false,
"fixed_ip_v4": "192.168.2.223",
"fixed_ip_v6": "",
"floating_ip": "",
"mac": "fa:16:3e:f5:c3:88",
"name": "postgresql-srv-net",
"port": "",
"uuid": "00422a4a-4b8b-4c85-acf9-ef733df842b9"
} }
], ],
"network_mode": null, "network_mode": null,
@ -193,7 +145,7 @@
"build_near_host_ip": "", "build_near_host_ip": "",
"different_cell": [], "different_cell": [],
"different_host": [], "different_host": [],
"group": "39b5a9fa-8c3b-40d9-8d8a-e595d47358f5", "group": "cdd95dd0-21f7-430e-9838-347adf5b0542",
"query": [], "query": [],
"same_host": [], "same_host": [],
"target_cell": "" "target_cell": ""
@ -206,45 +158,99 @@
"stop_before_destroy": false, "stop_before_destroy": false,
"tags": null, "tags": null,
"timeouts": null, "timeouts": null,
"updated": "2023-12-11 10:26:05 +0000 UTC", "updated": "2023-12-13 10:03:14 +0000 UTC",
"user_data": "47d4769e61324c305c4b70ed6673de4fad84150d", "user_data": "ef3d6e5deb29bd1e5de5a76ae6860f3ee872738c",
"vendor_options": [], "vendor_options": [],
"volume": [] "volume": []
}, },
"sensitive_attributes": [], "sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19", "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [ "dependencies": [
"openstack_compute_servergroup_v2.sdi_geo_server_group" "openstack_compute_servergroup_v2.grsf_publisher_server_group"
]
}
] ]
}, },
{ {
"module": "module.instance_with_data_volume", "index_key": "grsf_publisher_2",
"mode": "managed",
"type": "openstack_compute_volume_attach_v2",
"name": "attach_volume",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"index_key": "geonetwork_1",
"schema_version": 0, "schema_version": 0,
"attributes": { "attributes": {
"device": "/dev/vdb", "access_ip_v4": "10.1.30.200",
"id": "ce706ddc-cd05-45fc-bfff-b46839c91604/e89ec101-eab3-4291-a192-47aa2542cde7", "access_ip_v6": "",
"instance_id": "ce706ddc-cd05-45fc-bfff-b46839c91604", "admin_pass": null,
"multiattach": null, "all_metadata": {},
"all_tags": [],
"availability_zone": "cnr-isti-nova-a",
"availability_zone_hints": "cnr-isti-nova-a",
"block_device": [
{
"boot_index": 0,
"delete_on_termination": false,
"destination_type": "volume",
"device_type": "",
"disk_bus": "",
"guest_format": "",
"multiattach": false,
"source_type": "image",
"uuid": "7ed6a2cd-2b07-482e-8ce4-f018dff16c89",
"volume_size": 10,
"volume_type": ""
}
],
"config_drive": null,
"created": "2023-12-13 10:02:40 +0000 UTC",
"flavor_id": "4",
"flavor_name": "m1.medium",
"floating_ip": null,
"force_delete": false,
"id": "fe712343-fe93-4665-8de3-bf57aba10231",
"image_id": "Attempt to boot from volume - no image supplied",
"image_name": null,
"key_pair": "pc-frosini_key",
"metadata": null,
"name": "grsf-publisher-2",
"network": [
{
"access_network": false,
"fixed_ip_v4": "10.1.30.200",
"fixed_ip_v6": "",
"floating_ip": "",
"mac": "fa:16:3e:41:4f:9c",
"name": "d4s-dev-cloud-main",
"port": "",
"uuid": "e0af5eba-f24a-4d0d-8184-bc654b980c4a"
}
],
"network_mode": null,
"personality": [],
"power_state": "active",
"region": "isti_area_pi_1", "region": "isti_area_pi_1",
"scheduler_hints": [
{
"additional_properties": null,
"build_near_host_ip": "",
"different_cell": [],
"different_host": [],
"group": "cdd95dd0-21f7-430e-9838-347adf5b0542",
"query": [],
"same_host": [],
"target_cell": ""
}
],
"security_groups": [
"default",
"http and https from the load balancers"
],
"stop_before_destroy": false,
"tags": null,
"timeouts": null, "timeouts": null,
"updated": "2023-12-13 10:03:13 +0000 UTC",
"user_data": "ef3d6e5deb29bd1e5de5a76ae6860f3ee872738c",
"vendor_options": [], "vendor_options": [],
"volume_id": "e89ec101-eab3-4291-a192-47aa2542cde7" "volume": []
}, },
"sensitive_attributes": [], "sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=", "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [ "dependencies": [
"module.instance_with_data_volume.openstack_blockstorage_volume_v3.instance_data_volume", "openstack_compute_servergroup_v2.grsf_publisher_server_group"
"module.instance_with_data_volume.openstack_compute_instance_v2.instance_with_data_volume",
"openstack_compute_servergroup_v2.sdi_geo_server_group"
] ]
} }
] ]

View File

@ -0,0 +1,92 @@
# Define required providers
terraform {
required_version = ">= 0.14.0"
required_providers {
openstack = {
source = "terraform-provider-openstack/openstack"
version = ">= 1.54.0"
}
}
}
data "terraform_remote_state" "privnet_dns_router" {
backend = "local"
config = {
path = "../project-setup/terraform.tfstate"
}
}
#
# Uses common_variables as module
#
module "common_variables" {
source = "../../modules/common_variables"
}
# Module used
module "ssh_settings" {
source = "../../modules/ssh-key-ref"
}
# Instances
resource "openstack_compute_instance_v2" "icproxy1_dev" {
name = "registry1"
availability_zone_hints = module.common_variables.availability_zone_no_gpu_name
flavor_name = "m1.medium"
key_pair = module.ssh_settings.ssh_key_name
security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers]
block_device {
uuid = module.common_variables.ubuntu_1804.uuid
source_type = "image"
volume_size = 10
boot_index = 0
destination_type = "volume"
delete_on_termination = false
}
# Creates the networks according to input networks
dynamic "network" {
for_each = toset([data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name])
content {
name = network.value
}
}
# user_data script used
user_data = file("${module.common_variables.ubuntu_1804.user_data_file}")
# Do not replace the instance when the ssh key changes
lifecycle {
ignore_changes = [
# Ignore changes to tags, e.g. because a management agent
# updates these based on some ruleset managed elsewhere.
key_pair, user_data, network
]
}
}
locals {
cname_target = "main-lb.${data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name}"
}
#
# Add DNS record/s
#
module "dns_records_create" {
source = "../../modules/dns_resources"
dns_resources_map = {
icproxy1-dev = {
zone_id = data.terraform_remote_state.privnet_dns_router.outputs.dns_zone_id
name = join(".", ["registry1", data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name])
description = "ICProxy 1"
ttl = 8600
type = "CNAME"
records = [local.cname_target]
}
}
}

View File

@ -0,0 +1,3 @@
provider "openstack" {
cloud = "d4s-dev"
}

View File

@ -0,0 +1,509 @@
{
"version": 4,
"terraform_version": "1.6.4",
"serial": 3,
"lineage": "77fc36f5-2d41-5382-7849-e0318df84e95",
"outputs": {},
"resources": [
{
"mode": "data",
"type": "terraform_remote_state",
"name": "privnet_dns_router",
"provider": "provider[\"terraform.io/builtin/terraform\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"backend": "local",
"config": {
"value": {
"path": "../project-setup/terraform.tfstate"
},
"type": [
"object",
{
"path": "string"
}
]
},
"defaults": null,
"outputs": {
"value": {
"almalinux_9": {
"name": "AlmaLinux-9.0-20220718",
"uuid": "541650fc-dd19-4f38-bb1d-7333ed9dd688"
},
"availability_zone_no_gpu_name": "cnr-isti-nova-a",
"availability_zone_with_gpu_name": "cnr-isti-nova-gpu-a",
"availability_zones_names": {
"availability_zone_no_gpu": "cnr-isti-nova-a",
"availability_zone_with_gpu": "cnr-isti-nova-gpu-a"
},
"basic_services_ip": {
"ca": "10.1.29.247",
"ca_cidr": "10.1.29.247/32",
"haproxy_l7_1": "10.1.28.50",
"haproxy_l7_1_cidr": "10.1.28.50/32",
"haproxy_l7_2": "10.1.30.241",
"haproxy_l7_2_cidr": "10.1.30.241/32",
"octavia_main": "10.1.28.227",
"octavia_main_cidr": "10.1.28.227/32",
"prometheus": "10.1.30.129",
"prometheus_cidr": "10.1.30.129/32",
"ssh_jump": "10.1.29.164",
"ssh_jump_cidr": "10.1.29.164/32"
},
"centos_7": {
"name": "CentOS-7",
"uuid": "f0187a99-64f6-462a-ab5f-ef52fe62f2ca"
},
"default_security_group_name": "default",
"dns_zone": {
"description": "DNS primary zone for the d4s-dev-cloud project",
"email": "postmaster@isti.cnr.it",
"ttl": "8600",
"zone_name": "cloud-dev.d4science.org."
},
"dns_zone_id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488",
"el7_data_file": "../../openstack_vm_data_scripts/el7.sh",
"external_gateway_ip": [
{
"ip_address": "146.48.31.109",
"subnet_id": "57f87509-4016-46fb-b8c3-25fca7f72ccb"
}
],
"external_network": {
"id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b",
"name": "external-network"
},
"external_network_id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b",
"external_router": {
"description": "D4Science DEV main router",
"id": "2ae28c5f-036b-45db-bc9f-5bab8fa3e914",
"name": "d4s-dev-cloud-external-router"
},
"flavor_list": {
"c1_large": "c1.large",
"c1_medium": "c1.medium",
"c1_small": "c1.small",
"c2_large": "c2.large",
"m1_large": "m1.large",
"m1_medium": "m1.medium",
"m1_xlarge": "m1.xlarge",
"m1_xxl": "m1.xxl",
"m2_large": "m2.large",
"m2_medium": "m2.medium",
"m2_small": "m2.small",
"m3_large": "m3.large"
},
"floating_ip_pools": {
"main_public_ip_pool": "external-network"
},
"haproxy_l7_data": {
"flavor": "m1.medium",
"haproxy_1": "haproxy-l7-1",
"haproxy_2": "haproxy-l7-2",
"name": "main-haproxy-l7",
"vm_count": "2"
},
"internal_ca_data": {
"flavor": "m1.small",
"name": "ca"
},
"main_haproxy_l7_ip": [
"10.1.28.50",
"10.1.30.241"
],
"main_private_network": {
"description": "D4Science DEV private network (use this as the main network)",
"name": "d4s-dev-cloud-main"
},
"main_private_network_id": "e0af5eba-f24a-4d0d-8184-bc654b980c4a",
"main_private_subnet": {
"allocation_end": "10.1.31.254",
"allocation_start": "10.1.28.30",
"cidr": "10.1.28.0/22",
"description": "D4Science DEV main private subnet",
"gateway_ip": "10.1.28.1",
"name": "d4s-dev-cloud-sub"
},
"main_region": "isti_area_pi_1",
"main_subnet_network_id": "2aa977f2-80b4-447c-a6b0-dfa06bf68751",
"mtu_size": 8942,
"networks_list": {
"cassandra": "cassandra-net",
"orientdb": "orientdb-net",
"orientdb_se": "orientdb-se-net",
"shared_postgresql": "postgresql-srv-net",
"swarm": "swarm-nfs-net",
"timescaledb": "timescaledb-net"
},
"networks_with_d4s_services": {
"garr_ct1_net": "90.147.166.0/23",
"garr_na_net": "90.147.152.0/24",
"garr_pa1_net": "90.147.188.0/23",
"infrascience_net": "146.48.122.0/23",
"isti_net": "146.48.80.0/21",
"s2i2s_net": "146.48.28.0/22"
},
"nfs_share_no_ingress_secgroup_id": "5887da8d-e362-4509-93ac-8a70bf8baef9",
"octavia_information": {
"main_lb_description": "Main L4 load balancer for the D4Science DEV",
"main_lb_hostname": "main-lb",
"main_lb_name": "lb-dev-l4",
"octavia_flavor": "octavia_amphora-mvcpu-ha",
"octavia_flavor_id": "394988b5-6603-4a1e-a939-8e177c6681c7"
},
"os_project_data": {
"id": "e8f8ca72f30648a8b389b4e745ac83a9"
},
"policy_list": {
"affinity": "affinity",
"anti_affinity": "anti-affinity",
"soft_affinity": "soft-affinity",
"soft_anti_affinity": "soft-anti-affinity"
},
"prometheus_server_data": {
"flavor": "m1.medium",
"name": "prometheus",
"public_grafana_server_cidr": "146.48.28.103/32",
"vol_data_device": "/dev/vdb",
"vol_data_name": "prometheus-data",
"vol_data_size": "100"
},
"resolvers_ip": [
"146.48.29.97",
"146.48.29.98",
"146.48.29.99"
],
"resource_registry_addresses": {},
"security_group_list": {
"acaland": "acaland's dev machine",
"access_to_orientdb": "access_to_orientdb",
"access_to_orientdb_se": "access_to_orientdb_se",
"access_to_the_timescaledb_service": "access_to_the_timescaledb_service",
"cassandra": "Cassandra",
"dataminer-publish": "dataminer-publish",
"debugging_from_jump_node": "debugging_from_jump_node",
"default": "default",
"docker_swarm": "Docker Swarm",
"docker_swarm_NFS": "Docker Swarm NFS",
"haproxy": "traffic_from_main_lb_to_haproxy_l7",
"http_and_https_from_the_load_balancers": "traffic_from_the_main_load_balancers",
"limited_HTTPS_access": "restricted_web_service",
"limited_SSH_access": "Limited SSH access",
"mongo": "mongo",
"nfs_share_no_ingress": "nfs_share_no_ingress",
"orientdb_internal_docker_traffic": "orientdb_internal_docker_traffic",
"postgreSQL": "PostgreSQL service",
"public_HTTPS": "Public HTTPS"
},
"shared_postgresql_server_data": {
"allocation_pool_end": "192.168.3.254",
"allocation_pool_start": "192.168.0.100",
"flavor": "m1.medium",
"name": "shared-postgresql-server",
"network_cidr": "192.168.0.0/22",
"network_description": "Network used to communicate with the shared postgresql service",
"network_name": "postgresql-srv-net",
"server_cidr": "192.168.0.5/22",
"server_ip": "192.168.0.5",
"vol_data_device": "/dev/vdb",
"vol_data_name": "shared-postgresql-data",
"vol_data_size": "100"
},
"smartexecutor_addresses": {},
"ssh_jump_proxy": {
"flavor": "m2.small",
"name": "ssh-jump-proxy"
},
"ssh_sources": {
"d4s_vpn_1_cidr": "146.48.122.27/32",
"d4s_vpn_2_cidr": "146.48.122.49/32",
"infrascience_net_cidr": "146.48.122.0/23",
"s2i2s_vpn_1_cidr": "146.48.28.10/32",
"s2i2s_vpn_2_cidr": "146.48.28.11/32",
"shell_d4s_cidr": "146.48.122.95/32"
},
"storage_nfs_network_id": "5f4023cc-4016-404c-94e5-86220095fbaf",
"storage_nfs_subnet_id": "6ff0f9e8-0e74-4cc3-a268-7ed4af435696",
"ubuntu1804_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh",
"ubuntu2204_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh",
"ubuntu_1804": {
"name": "Ubuntu-Bionic-18.04",
"user_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh",
"uuid": "7ed6a2cd-2b07-482e-8ce4-f018dff16c89"
},
"ubuntu_2204": {
"name": "Ubuntu-Jammy-22.04",
"user_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh",
"uuid": "54768889-8556-4be4-a2eb-82a4d9b34627"
}
},
"type": [
"object",
{
"almalinux_9": [
"map",
"string"
],
"availability_zone_no_gpu_name": "string",
"availability_zone_with_gpu_name": "string",
"availability_zones_names": [
"map",
"string"
],
"basic_services_ip": [
"map",
"string"
],
"centos_7": [
"map",
"string"
],
"default_security_group_name": "string",
"dns_zone": [
"map",
"string"
],
"dns_zone_id": "string",
"el7_data_file": "string",
"external_gateway_ip": [
"list",
[
"object",
{
"ip_address": "string",
"subnet_id": "string"
}
]
],
"external_network": [
"map",
"string"
],
"external_network_id": "string",
"external_router": [
"map",
"string"
],
"flavor_list": [
"map",
"string"
],
"floating_ip_pools": [
"map",
"string"
],
"haproxy_l7_data": [
"map",
"string"
],
"internal_ca_data": [
"map",
"string"
],
"main_haproxy_l7_ip": [
"list",
"string"
],
"main_private_network": [
"map",
"string"
],
"main_private_network_id": "string",
"main_private_subnet": [
"map",
"string"
],
"main_region": "string",
"main_subnet_network_id": "string",
"mtu_size": "number",
"networks_list": [
"map",
"string"
],
"networks_with_d4s_services": [
"map",
"string"
],
"nfs_share_no_ingress_secgroup_id": "string",
"octavia_information": [
"map",
"string"
],
"os_project_data": [
"map",
"string"
],
"policy_list": [
"map",
"string"
],
"prometheus_server_data": [
"map",
"string"
],
"resolvers_ip": [
"list",
"string"
],
"resource_registry_addresses": [
"map",
"string"
],
"security_group_list": [
"map",
"string"
],
"shared_postgresql_server_data": [
"map",
"string"
],
"smartexecutor_addresses": [
"map",
"string"
],
"ssh_jump_proxy": [
"map",
"string"
],
"ssh_sources": [
"map",
"string"
],
"storage_nfs_network_id": "string",
"storage_nfs_subnet_id": "string",
"ubuntu1804_data_file": "string",
"ubuntu2204_data_file": "string",
"ubuntu_1804": [
"map",
"string"
],
"ubuntu_2204": [
"map",
"string"
]
}
]
},
"workspace": null
},
"sensitive_attributes": []
}
]
},
{
"mode": "managed",
"type": "openstack_compute_instance_v2",
"name": "icproxy1_dev",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"access_ip_v4": "10.1.30.29",
"access_ip_v6": "",
"admin_pass": null,
"all_metadata": {},
"all_tags": [],
"availability_zone": "cnr-isti-nova-a",
"availability_zone_hints": "cnr-isti-nova-a",
"block_device": [
{
"boot_index": 0,
"delete_on_termination": false,
"destination_type": "volume",
"device_type": "",
"disk_bus": "",
"guest_format": "",
"multiattach": false,
"source_type": "image",
"uuid": "7ed6a2cd-2b07-482e-8ce4-f018dff16c89",
"volume_size": 10,
"volume_type": ""
}
],
"config_drive": null,
"created": "2024-07-29 12:19:23 +0000 UTC",
"flavor_id": "4",
"flavor_name": "m1.medium",
"force_delete": false,
"id": "8e779980-105f-433e-952f-539a1e1d8c4c",
"image_id": "Attempt to boot from volume - no image supplied",
"image_name": null,
"key_pair": "Giancarlo Panichi",
"metadata": null,
"name": "registry1",
"network": [
{
"access_network": false,
"fixed_ip_v4": "10.1.30.29",
"fixed_ip_v6": "",
"mac": "fa:16:3e:f0:e1:7a",
"name": "d4s-dev-cloud-main",
"port": "",
"uuid": "e0af5eba-f24a-4d0d-8184-bc654b980c4a"
}
],
"network_mode": null,
"personality": [],
"power_state": "active",
"region": "isti_area_pi_1",
"scheduler_hints": [],
"security_groups": [
"default",
"traffic_from_the_main_load_balancers"
],
"stop_before_destroy": false,
"tags": null,
"timeouts": null,
"updated": "2024-07-29 12:20:18 +0000 UTC",
"user_data": "47d4769e61324c305c4b70ed6673de4fad84150d",
"vendor_options": []
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router"
]
}
]
},
{
"module": "module.dns_records_create",
"mode": "managed",
"type": "openstack_dns_recordset_v2",
"name": "add_dns_recordset",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"index_key": "icproxy1-dev",
"schema_version": 0,
"attributes": {
"description": "ICProxy 1",
"disable_status_check": false,
"id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488/dade7d41-a74b-489c-ae67-660f49ea3b7c",
"name": "registry1.cloud-dev.d4science.org.",
"project_id": "e8f8ca72f30648a8b389b4e745ac83a9",
"records": [
"main-lb.cloud-dev.d4science.org."
],
"region": "isti_area_pi_1",
"timeouts": null,
"ttl": 8600,
"type": "CNAME",
"value_specs": null,
"zone_id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router"
]
}
]
}
],
"check_results": null
}

View File

@ -0,0 +1,37 @@
# Define required providers
terraform {
required_version = ">= 0.14.0"
required_providers {
openstack = {
source = "terraform-provider-openstack/openstack"
# version = "~> 1.53.0"
}
}
}
data "terraform_remote_state" "privnet_dns_router" {
backend = "local"
config = {
path = "../project-setup/terraform.tfstate"
}
}
#
# Uses common_variables as module
#
module "common_variables" {
source = "../../modules/common_variables"
}
module "keycloak" {
source = "../../modules/keycloak"
keycloak_recordsets = {
keycloak_main_record = {
name = join(".", ["accounts", data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name]),
description = "Keycloak dev endpoint"
}
}
keycloak_object_store = "keycloak-data-dev"
}

View File

@ -0,0 +1,3 @@
provider "openstack" {
cloud = "d4s-dev"
}

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,55 @@
# NFS shares required by the CCP
# Create a NFS share for the repository data
#
resource "openstack_sharedfilesystem_share_v2" "ccp_dev_repository_data" {
name = "ccp_dev_repository_data"
description = "NFS share for the CCP repository data"
share_proto = "NFS"
size = 5
}
# Allow access to the NFS share
resource "openstack_sharedfilesystem_share_access_v2" "ccp_dev_repository_nfs_access" {
for_each = var.swarm_manila_interfaces_ip
share_id = openstack_sharedfilesystem_share_v2.ccp_dev_repository_data.id
access_type = "ip"
access_to = each.value
access_level = "rw"
}
# NFS shares required by the CCP
# Create a NFS share for the method logs
#
resource "openstack_sharedfilesystem_share_v2" "ccp_dev_methods_logs" {
name = "ccp_dev_method_logs"
description = "NFS share for the CCP method logs"
share_proto = "NFS"
size = 1
}
# Allow access to the NFS share
resource "openstack_sharedfilesystem_share_access_v2" "ccp_dev_methods_logs_nfs_access" {
for_each = var.swarm_manila_interfaces_ip
share_id = openstack_sharedfilesystem_share_v2.ccp_dev_methods_logs.id
access_type = "ip"
access_to = each.value
access_level = "rw"
}
output "ccp_dev_repository_data" {
value = openstack_sharedfilesystem_share_v2.ccp_dev_repository_data
}
output "ccp_dev_repository_data_nfs_acls" {
value = openstack_sharedfilesystem_share_access_v2.ccp_dev_repository_nfs_access
sensitive = true
}
output "ccp_dev_methods_logs" {
value = openstack_sharedfilesystem_share_v2.ccp_dev_methods_logs
}
output "ccp_dev_methods_logs_access_nfs_acls" {
value = openstack_sharedfilesystem_share_access_v2.ccp_dev_methods_logs_nfs_access
sensitive = true
}

View File

@ -0,0 +1,51 @@
# Define required providers
terraform {
required_version = ">= 0.14.0"
required_providers {
openstack = {
source = "terraform-provider-openstack/openstack"
#version = "~> 1.53.0"
}
}
}
data "terraform_remote_state" "privnet_dns_router" {
backend = "local"
config = {
path = "../project-setup/terraform.tfstate"
}
}
# data "terraform_remote_state" "main_infrastructure" {
# backend = "local"
# config = {
# path = "../basic-infrastructure/terraform.tfstate"
# }
# }
# SSH settings
module "ssh_settings" {
source = "../../modules/ssh-key-ref"
}
#
# Uses common_variables as module
#
module "common_variables" {
source = "../../modules/common_variables"
}
variable "swarm_manila_interfaces_ip" {
type = map(string)
default = {
"mgr_1" = "172.17.2.74"
"mgr_2" = "172.17.3.218"
"mgr_3" = "172.17.2.230"
"worker_1" = "172.17.0.166"
"worker_2" = "172.17.2.171"
"worker_3" = "172.17.0.146"
"worker_4" = "172.17.1.195"
"worker_5" = "172.17.2.187"
}
}

View File

@ -0,0 +1,3 @@
provider "openstack" {
cloud = "d4s-dev"
}

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,88 @@
# Define required providers
terraform {
required_version = ">= 0.14.0"
required_providers {
openstack = {
source = "terraform-provider-openstack/openstack"
version = "~> 1.53.0"
}
}
}
data "terraform_remote_state" "privnet_dns_router" {
backend = "local"
config = {
path = "../project-setup/terraform.tfstate"
}
}
#
# Uses common_variables as module
#
module "common_variables" {
source = "../../modules/common_variables"
}
#
# Creates the server group "nubisware-cluster"
# Even in dev because this service is crucial the server group is
# created with anti-affinity policy
#
resource "openstack_compute_servergroup_v2" "nubisware-cluster_server_group" {
name = "nubisware-cluster"
policies = [module.common_variables.policy_list.anti_affinity]
}
module "instance_with_data_volume" {
source = "../../modules/instance_with_data_volume"
instances_with_data_volume_map = {
nubisware1 = {
name = "nubis1",
description = "Nubisware cluster nubis1 instance",
flavor = module.common_variables.flavor_list.m1_large,
networks = [data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name, module.common_variables.networks_list.shared_postgresql],
security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.default, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [],
image_ref = data.terraform_remote_state.privnet_dns_router.outputs.ubuntu_2204,
volume = {
name = "nubis1_data_volume",
size = "100",
device = "/dev/vdb",
}
},
nubis2 = {
name = "nubis2",
description = "Nubisware cluster nubis2 instance",
flavor = module.common_variables.flavor_list.m1_medium,
networks = [data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name, module.common_variables.networks_list.shared_postgresql],
security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.default, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [],
image_ref = data.terraform_remote_state.privnet_dns_router.outputs.ubuntu_2204,
volume = {
name = "nubis2_data_volume",
size = "50",
device = "/dev/vdb",
}
},
nubis3 = {
name = "nubis3",
description = "Nubisware cluster nubis3 instance",
flavor = module.common_variables.flavor_list.m1_medium,
networks = [data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name, module.common_variables.networks_list.shared_postgresql],
security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.default, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [],
image_ref = data.terraform_remote_state.privnet_dns_router.outputs.ubuntu_2204,
volume = {
name = "nubis3_data_volume",
size = "50",
device = "/dev/vdb",
}
}
}
}

View File

@ -0,0 +1,3 @@
provider "openstack" {
cloud = "d4s-dev"
}

View File

@ -0,0 +1,841 @@
{
"version": 4,
"terraform_version": "1.6.5",
"serial": 14,
"lineage": "9fd17746-175c-a207-ce08-8647d287161e",
"outputs": {},
"resources": [
{
"mode": "data",
"type": "terraform_remote_state",
"name": "privnet_dns_router",
"provider": "provider[\"terraform.io/builtin/terraform\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"backend": "local",
"config": {
"value": {
"path": "../project-setup/terraform.tfstate"
},
"type": [
"object",
{
"path": "string"
}
]
},
"defaults": null,
"outputs": {
"value": {
"almalinux_9": {
"name": "AlmaLinux-9.0-20220718",
"uuid": "541650fc-dd19-4f38-bb1d-7333ed9dd688"
},
"availability_zone_no_gpu_name": "cnr-isti-nova-a",
"availability_zone_with_gpu_name": "cnr-isti-nova-gpu-a",
"availability_zones_names": {
"availability_zone_no_gpu": "cnr-isti-nova-a",
"availability_zone_with_gpu": "cnr-isti-nova-gpu-a"
},
"basic_services_ip": {
"ca": "10.1.29.247",
"ca_cidr": "10.1.29.247/32",
"haproxy_l7_1": "10.1.28.50",
"haproxy_l7_1_cidr": "10.1.28.50/32",
"haproxy_l7_2": "10.1.30.241",
"haproxy_l7_2_cidr": "10.1.30.241/32",
"octavia_main": "10.1.28.227",
"octavia_main_cidr": "10.1.28.227/32",
"prometheus": "10.1.30.129",
"prometheus_cidr": "10.1.30.129/32",
"ssh_jump": "10.1.29.164",
"ssh_jump_cidr": "10.1.29.164/32"
},
"centos_7": {
"name": "CentOS-7",
"uuid": "f0187a99-64f6-462a-ab5f-ef52fe62f2ca"
},
"default_security_group_name": "default",
"dns_zone": {
"description": "DNS primary zone for the d4s-dev-cloud project",
"email": "postmaster@isti.cnr.it",
"ttl": "8600",
"zone_name": "cloud-dev.d4science.org."
},
"dns_zone_id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488",
"el7_data_file": "../../openstack_vm_data_scripts/el7.sh",
"external_gateway_ip": [
{
"ip_address": "146.48.31.109",
"subnet_id": "57f87509-4016-46fb-b8c3-25fca7f72ccb"
}
],
"external_network": {
"id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b",
"name": "external-network"
},
"external_network_id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b",
"external_router": {
"description": "D4Science DEV main router",
"id": "2ae28c5f-036b-45db-bc9f-5bab8fa3e914",
"name": "d4s-dev-cloud-external-router"
},
"flavor_list": {
"c1_large": "c1.large",
"c1_medium": "c1.medium",
"c1_small": "c1.small",
"m1_large": "m1.large",
"m1_medium": "m1.medium",
"m1_xlarge": "m1.xlarge",
"m2_large": "m2.large",
"m2_medium": "m2.medium",
"m2_small": "m2.small"
},
"floating_ip_pools": {
"main_public_ip_pool": "external-network"
},
"haproxy_l7_data": {
"flavor": "m1.medium",
"haproxy_1": "haproxy-l7-1",
"haproxy_2": "haproxy-l7-2",
"name": "main-haproxy-l7",
"vm_count": "2"
},
"internal_ca_data": {
"flavor": "m1.small",
"name": "ca"
},
"main_haproxy_l7_ip": [
"10.1.28.50",
"10.1.30.241"
],
"main_private_network": {
"description": "D4Science DEV private network (use this as the main network)",
"name": "d4s-dev-cloud-main"
},
"main_private_network_id": "e0af5eba-f24a-4d0d-8184-bc654b980c4a",
"main_private_subnet": {
"allocation_end": "10.1.31.254",
"allocation_start": "10.1.28.30",
"cidr": "10.1.28.0/22",
"description": "D4Science DEV main private subnet",
"gateway_ip": "10.1.28.1",
"name": "d4s-dev-cloud-sub"
},
"main_region": "isti_area_pi_1",
"main_subnet_network_id": "2aa977f2-80b4-447c-a6b0-dfa06bf68751",
"mtu_size": 8942,
"networks_list": {
"orientdb": "orientdb-net",
"orientdb_se": "orientdb-se-net",
"shared_postgresql": "postgresql-srv-net",
"swarm": "swarm-nfs-net",
"timescaledb": "timescaledb-net"
},
"networks_with_d4s_services": {
"garr_ct1_net": "90.147.166.0/23",
"garr_na_net": "90.147.152.0/24",
"garr_pa1_net": "90.147.188.0/23",
"infrascience_net": "146.48.122.0/23",
"isti_net": "146.48.80.0/21",
"s2i2s_net": "146.48.28.0/22"
},
"octavia_information": {
"main_lb_description": "Main L4 load balancer for the D4Science DEV",
"main_lb_hostname": "main-lb",
"main_lb_name": "lb-dev-l4",
"octavia_flavor": "octavia_amphora-mvcpu-ha",
"octavia_flavor_id": "394988b5-6603-4a1e-a939-8e177c6681c7"
},
"os_project_data": {
"id": "e8f8ca72f30648a8b389b4e745ac83a9"
},
"policy_list": {
"affinity": "affinity",
"anti_affinity": "anti-affinity",
"soft_affinity": "soft-affinity",
"soft_anti_affinity": "soft-anti-affinity"
},
"prometheus_server_data": {
"flavor": "m1.medium",
"name": "prometheus",
"public_grafana_server_cidr": "146.48.122.132/32",
"vol_data_device": "/dev/vdb",
"vol_data_name": "prometheus-data",
"vol_data_size": "100"
},
"resolvers_ip": [
"146.48.29.97",
"146.48.29.98",
"146.48.29.99"
],
"resource_registry_addresses": {},
"security_group_list": {
"acaland": "acaland's dev machine",
"access_to_orientdb": "access_to_orientdb",
"access_to_orientdb_se": "access_to_orientdb_se",
"access_to_the_timescaledb_service": "access_to_the_timescaledb_service",
"cassandra": "Cassandra",
"dataminer-publish": "dataminer-publish",
"debugging_from_jump_node": "debugging_from_jump_node",
"default": "default",
"docker_swarm": "Docker Swarm",
"docker_swarm_NFS": "Docker Swarm NFS",
"haproxy": "HAPROXY L7",
"http_and_https_from_the_load_balancers": "http and https from the load balancers",
"limited_HTTPS_access": "Limited HTTPS access",
"limited_SSH_access": "Limited SSH access",
"mongo": "mongo",
"orientdb_internal_docker_traffic": "orientdb_internal_docker_traffic",
"postgreSQL": "PostgreSQL service",
"public_HTTPS": "Public HTTPS"
},
"shared_postgresql_server_data": {
"allocation_pool_end": "192.168.3.254",
"allocation_pool_start": "192.168.0.100",
"flavor": "m1.medium",
"name": "shared-postgresql-server",
"network_cidr": "192.168.0.0/22",
"network_description": "Network used to communicate with the shared postgresql service",
"network_name": "postgresql-srv-net",
"server_cidr": "192.168.0.5/22",
"server_ip": "192.168.0.5",
"vol_data_device": "/dev/vdb",
"vol_data_name": "shared-postgresql-data",
"vol_data_size": "100"
},
"smartexecutor_addresses": {},
"ssh_jump_proxy": {
"flavor": "m2.small",
"name": "ssh-jump-proxy"
},
"ssh_sources": {
"d4s_vpn_1_cidr": "146.48.122.27/32",
"d4s_vpn_2_cidr": "146.48.122.49/32",
"infrascience_net_cidr": "146.48.122.0/23",
"s2i2s_vpn_1_cidr": "146.48.28.10/32",
"s2i2s_vpn_2_cidr": "146.48.28.11/32",
"shell_d4s_cidr": "146.48.122.95/32"
},
"ubuntu1804_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh",
"ubuntu2204_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh",
"ubuntu_1804": {
"name": "Ubuntu-Bionic-18.04",
"user_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh",
"uuid": "7ed6a2cd-2b07-482e-8ce4-f018dff16c89"
},
"ubuntu_2204": {
"name": "Ubuntu-Jammy-22.04",
"user_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh",
"uuid": "54768889-8556-4be4-a2eb-82a4d9b34627"
}
},
"type": [
"object",
{
"almalinux_9": [
"map",
"string"
],
"availability_zone_no_gpu_name": "string",
"availability_zone_with_gpu_name": "string",
"availability_zones_names": [
"map",
"string"
],
"basic_services_ip": [
"map",
"string"
],
"centos_7": [
"map",
"string"
],
"default_security_group_name": "string",
"dns_zone": [
"map",
"string"
],
"dns_zone_id": "string",
"el7_data_file": "string",
"external_gateway_ip": [
"list",
[
"object",
{
"ip_address": "string",
"subnet_id": "string"
}
]
],
"external_network": [
"map",
"string"
],
"external_network_id": "string",
"external_router": [
"map",
"string"
],
"flavor_list": [
"map",
"string"
],
"floating_ip_pools": [
"map",
"string"
],
"haproxy_l7_data": [
"map",
"string"
],
"internal_ca_data": [
"map",
"string"
],
"main_haproxy_l7_ip": [
"list",
"string"
],
"main_private_network": [
"map",
"string"
],
"main_private_network_id": "string",
"main_private_subnet": [
"map",
"string"
],
"main_region": "string",
"main_subnet_network_id": "string",
"mtu_size": "number",
"networks_list": [
"map",
"string"
],
"networks_with_d4s_services": [
"map",
"string"
],
"octavia_information": [
"map",
"string"
],
"os_project_data": [
"map",
"string"
],
"policy_list": [
"map",
"string"
],
"prometheus_server_data": [
"map",
"string"
],
"resolvers_ip": [
"list",
"string"
],
"resource_registry_addresses": [
"map",
"string"
],
"security_group_list": [
"map",
"string"
],
"shared_postgresql_server_data": [
"map",
"string"
],
"smartexecutor_addresses": [
"map",
"string"
],
"ssh_jump_proxy": [
"map",
"string"
],
"ssh_sources": [
"map",
"string"
],
"ubuntu1804_data_file": "string",
"ubuntu2204_data_file": "string",
"ubuntu_1804": [
"map",
"string"
],
"ubuntu_2204": [
"map",
"string"
]
}
]
},
"workspace": null
},
"sensitive_attributes": []
}
]
},
{
"mode": "managed",
"type": "openstack_compute_servergroup_v2",
"name": "nubisware-cluster_server_group",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"id": "37f44331-bf43-4a8d-830b-17c3bc76c3d1",
"members": [],
"name": "nubisware-cluster",
"policies": [
"anti-affinity"
],
"region": "isti_area_pi_1",
"rules": [
{
"max_server_per_host": 0
}
],
"value_specs": null
},
"sensitive_attributes": [],
"private": "bnVsbA=="
}
]
},
{
"module": "module.instance_with_data_volume",
"mode": "managed",
"type": "openstack_blockstorage_volume_v3",
"name": "instance_data_volume",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"index_key": "nubis2",
"schema_version": 0,
"attributes": {
"attachment": [],
"availability_zone": "nova",
"consistency_group_id": null,
"description": "",
"enable_online_resize": null,
"id": "96665eb9-6ffb-4e9f-9cb5-e5a455539433",
"image_id": null,
"metadata": {},
"multiattach": null,
"name": "nubis2_data_volume",
"region": "isti_area_pi_1",
"scheduler_hints": [],
"size": 50,
"snapshot_id": "",
"source_replica": null,
"source_vol_id": "",
"timeouts": null,
"volume_type": "cephUnencrypted"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router"
]
},
{
"index_key": "nubis3",
"schema_version": 0,
"attributes": {
"attachment": [],
"availability_zone": "nova",
"consistency_group_id": null,
"description": "",
"enable_online_resize": null,
"id": "e2a9639b-f4a2-470b-960f-aa935277c12c",
"image_id": null,
"metadata": {},
"multiattach": null,
"name": "nubis3_data_volume",
"region": "isti_area_pi_1",
"scheduler_hints": [],
"size": 50,
"snapshot_id": "",
"source_replica": null,
"source_vol_id": "",
"timeouts": null,
"volume_type": "cephUnencrypted"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router"
]
},
{
"index_key": "nubisware1",
"schema_version": 0,
"attributes": {
"attachment": [],
"availability_zone": "nova",
"consistency_group_id": null,
"description": "",
"enable_online_resize": null,
"id": "e3da071c-8d80-4006-98ff-5830021a082c",
"image_id": null,
"metadata": {},
"multiattach": null,
"name": "nubis1_data_volume",
"region": "isti_area_pi_1",
"scheduler_hints": [],
"size": 100,
"snapshot_id": "",
"source_replica": null,
"source_vol_id": "",
"timeouts": null,
"volume_type": "cephUnencrypted"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router"
]
}
]
},
{
"module": "module.instance_with_data_volume",
"mode": "managed",
"type": "openstack_compute_instance_v2",
"name": "instance_with_data_volume",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"index_key": "nubis2",
"schema_version": 0,
"attributes": {
"access_ip_v4": "10.1.30.126",
"access_ip_v6": "",
"admin_pass": null,
"all_metadata": {},
"all_tags": [],
"availability_zone": "cnr-isti-nova-a",
"availability_zone_hints": "cnr-isti-nova-a",
"block_device": [
{
"boot_index": 0,
"delete_on_termination": false,
"destination_type": "volume",
"device_type": "",
"disk_bus": "",
"guest_format": "",
"multiattach": false,
"source_type": "image",
"uuid": "54768889-8556-4be4-a2eb-82a4d9b34627",
"volume_size": 10,
"volume_type": ""
}
],
"config_drive": null,
"created": "2023-12-14 16:05:16 +0000 UTC",
"flavor_id": "4",
"flavor_name": "m1.medium",
"floating_ip": null,
"force_delete": false,
"id": "bb9b6e3b-d436-414e-bac3-d6f0157534b3",
"image_id": "Attempt to boot from volume - no image supplied",
"image_name": null,
"key_pair": "mauromugnaini",
"metadata": null,
"name": "nubis2",
"network": [
{
"access_network": false,
"fixed_ip_v4": "10.1.30.126",
"fixed_ip_v6": "",
"floating_ip": "",
"mac": "fa:16:3e:e2:58:08",
"name": "d4s-dev-cloud-main",
"port": "",
"uuid": "e0af5eba-f24a-4d0d-8184-bc654b980c4a"
},
{
"access_network": false,
"fixed_ip_v4": "192.168.2.94",
"fixed_ip_v6": "",
"floating_ip": "",
"mac": "fa:16:3e:ae:f3:f2",
"name": "postgresql-srv-net",
"port": "",
"uuid": "00422a4a-4b8b-4c85-acf9-ef733df842b9"
}
],
"network_mode": null,
"personality": [],
"power_state": "active",
"region": "isti_area_pi_1",
"scheduler_hints": [],
"security_groups": [
"default",
"http and https from the load balancers"
],
"stop_before_destroy": false,
"tags": null,
"timeouts": null,
"updated": "2023-12-14 16:06:46 +0000 UTC",
"user_data": "bb83b25fd1219aa1b850ece9be8d7b0f31714608",
"vendor_options": [],
"volume": []
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router"
]
},
{
"index_key": "nubis3",
"schema_version": 0,
"attributes": {
"access_ip_v4": "10.1.31.175",
"access_ip_v6": "",
"admin_pass": null,
"all_metadata": {},
"all_tags": [],
"availability_zone": "cnr-isti-nova-a",
"availability_zone_hints": "cnr-isti-nova-a",
"block_device": [
{
"boot_index": 0,
"delete_on_termination": false,
"destination_type": "volume",
"device_type": "",
"disk_bus": "",
"guest_format": "",
"multiattach": false,
"source_type": "image",
"uuid": "54768889-8556-4be4-a2eb-82a4d9b34627",
"volume_size": 10,
"volume_type": ""
}
],
"config_drive": null,
"created": "2023-12-14 15:58:23 +0000 UTC",
"flavor_id": "4",
"flavor_name": "m1.medium",
"floating_ip": null,
"force_delete": false,
"id": "a9becd80-a5b1-48cf-b917-54bba6566313",
"image_id": "Attempt to boot from volume - no image supplied",
"image_name": null,
"key_pair": "mauromugnaini",
"metadata": null,
"name": "nubis3",
"network": [
{
"access_network": false,
"fixed_ip_v4": "10.1.31.175",
"fixed_ip_v6": "",
"floating_ip": "",
"mac": "fa:16:3e:ea:c0:82",
"name": "d4s-dev-cloud-main",
"port": "",
"uuid": "e0af5eba-f24a-4d0d-8184-bc654b980c4a"
},
{
"access_network": false,
"fixed_ip_v4": "192.168.2.176",
"fixed_ip_v6": "",
"floating_ip": "",
"mac": "fa:16:3e:bc:f1:fb",
"name": "postgresql-srv-net",
"port": "",
"uuid": "00422a4a-4b8b-4c85-acf9-ef733df842b9"
}
],
"network_mode": null,
"personality": [],
"power_state": "active",
"region": "isti_area_pi_1",
"scheduler_hints": [],
"security_groups": [
"default",
"http and https from the load balancers"
],
"stop_before_destroy": false,
"tags": [],
"timeouts": null,
"updated": "2023-12-14 15:59:00 +0000 UTC",
"user_data": "bb83b25fd1219aa1b850ece9be8d7b0f31714608",
"vendor_options": [],
"volume": []
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router"
]
},
{
"index_key": "nubisware1",
"schema_version": 0,
"attributes": {
"access_ip_v4": "10.1.29.166",
"access_ip_v6": "",
"admin_pass": null,
"all_metadata": {},
"all_tags": [],
"availability_zone": "cnr-isti-nova-a",
"availability_zone_hints": "cnr-isti-nova-a",
"block_device": [
{
"boot_index": 0,
"delete_on_termination": false,
"destination_type": "volume",
"device_type": "",
"disk_bus": "",
"guest_format": "",
"multiattach": false,
"source_type": "image",
"uuid": "54768889-8556-4be4-a2eb-82a4d9b34627",
"volume_size": 10,
"volume_type": ""
}
],
"config_drive": null,
"created": "2023-12-14 16:05:17 +0000 UTC",
"flavor_id": "9",
"flavor_name": "m1.large",
"floating_ip": null,
"force_delete": false,
"id": "c601f649-5b61-4bce-9fd8-745a500c108b",
"image_id": "Attempt to boot from volume - no image supplied",
"image_name": null,
"key_pair": "mauromugnaini",
"metadata": null,
"name": "nubis1",
"network": [
{
"access_network": false,
"fixed_ip_v4": "10.1.29.166",
"fixed_ip_v6": "",
"floating_ip": "",
"mac": "fa:16:3e:03:8d:14",
"name": "d4s-dev-cloud-main",
"port": "",
"uuid": "e0af5eba-f24a-4d0d-8184-bc654b980c4a"
},
{
"access_network": false,
"fixed_ip_v4": "192.168.2.171",
"fixed_ip_v6": "",
"floating_ip": "",
"mac": "fa:16:3e:b6:e4:1e",
"name": "postgresql-srv-net",
"port": "",
"uuid": "00422a4a-4b8b-4c85-acf9-ef733df842b9"
}
],
"network_mode": null,
"personality": [],
"power_state": "active",
"region": "isti_area_pi_1",
"scheduler_hints": [],
"security_groups": [
"default",
"http and https from the load balancers"
],
"stop_before_destroy": false,
"tags": null,
"timeouts": null,
"updated": "2023-12-14 16:05:59 +0000 UTC",
"user_data": "bb83b25fd1219aa1b850ece9be8d7b0f31714608",
"vendor_options": [],
"volume": []
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router"
]
}
]
},
{
"module": "module.instance_with_data_volume",
"mode": "managed",
"type": "openstack_compute_volume_attach_v2",
"name": "attach_volume",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"index_key": "nubis2",
"schema_version": 0,
"attributes": {
"device": "/dev/vdb",
"id": "bb9b6e3b-d436-414e-bac3-d6f0157534b3/96665eb9-6ffb-4e9f-9cb5-e5a455539433",
"instance_id": "bb9b6e3b-d436-414e-bac3-d6f0157534b3",
"multiattach": null,
"region": "isti_area_pi_1",
"timeouts": null,
"vendor_options": [],
"volume_id": "96665eb9-6ffb-4e9f-9cb5-e5a455539433"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router",
"module.instance_with_data_volume.openstack_blockstorage_volume_v3.instance_data_volume",
"module.instance_with_data_volume.openstack_compute_instance_v2.instance_with_data_volume"
]
},
{
"index_key": "nubis3",
"schema_version": 0,
"attributes": {
"device": "/dev/vdb",
"id": "a9becd80-a5b1-48cf-b917-54bba6566313/e2a9639b-f4a2-470b-960f-aa935277c12c",
"instance_id": "a9becd80-a5b1-48cf-b917-54bba6566313",
"multiattach": null,
"region": "isti_area_pi_1",
"timeouts": null,
"vendor_options": [],
"volume_id": "e2a9639b-f4a2-470b-960f-aa935277c12c"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router",
"module.instance_with_data_volume.openstack_blockstorage_volume_v3.instance_data_volume",
"module.instance_with_data_volume.openstack_compute_instance_v2.instance_with_data_volume"
]
},
{
"index_key": "nubisware1",
"schema_version": 0,
"attributes": {
"device": "/dev/vdb",
"id": "c601f649-5b61-4bce-9fd8-745a500c108b/e3da071c-8d80-4006-98ff-5830021a082c",
"instance_id": "c601f649-5b61-4bce-9fd8-745a500c108b",
"multiattach": null,
"region": "isti_area_pi_1",
"timeouts": null,
"vendor_options": [],
"volume_id": "e3da071c-8d80-4006-98ff-5830021a082c"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router",
"module.instance_with_data_volume.openstack_blockstorage_volume_v3.instance_data_volume",
"module.instance_with_data_volume.openstack_compute_instance_v2.instance_with_data_volume"
]
}
]
}
],
"check_results": null
}

View File

@ -10,7 +10,176 @@ required_version = ">= 0.14.0"
} }
} }
module "main-network" { module "common_variables" {
source = "../../modules/common_variables"
}
# Main module
module "main_private_net_and_dns_zone" {
source = "../../modules/main_private_net_and_dns_zone" source = "../../modules/main_private_net_and_dns_zone"
dns_zone = {
zone_name = "cloud-dev.d4science.org."
email = "postmaster@isti.cnr.it"
description = "DNS primary zone for the d4s-dev-cloud project"
ttl = 8600
}
os_project_data = {
id = "e8f8ca72f30648a8b389b4e745ac83a9"
}
main_private_network = {
name = "d4s-dev-cloud-main"
description = "D4Science DEV private network (use this as the main network)"
}
main_private_subnet = {
name = "d4s-dev-cloud-sub"
description = "D4Science Production main private subnet"
cidr = "10.1.28.0/22"
gateway_ip = "10.1.28.1"
allocation_start = "10.1.28.30"
allocation_end = "10.1.31.254"
}
external_router = {
name = "d4s-dev-cloud-external-router"
description = "D4Science DEV main router"
}
}
output "dns_zone_id" {
value = module.main_private_net_and_dns_zone.dns_zone_id
}
output "main_private_network_id" {
value = module.main_private_net_and_dns_zone.main_private_network_id
}
output "main_subnet_network_id" {
value = module.main_private_net_and_dns_zone.main_subnet_network_id
}
output "external_gateway_ip" {
value = module.main_private_net_and_dns_zone.external_gateway_ip
}
# Module used
output "main_region" {
value = module.common_variables.main_region
}
output "external_network" {
value = module.common_variables.external_network
}
output "external_network_id" {
value = module.common_variables.external_network.id
}
output "floating_ip_pools" {
value = module.common_variables.floating_ip_pools
}
output "resolvers_ip" {
value = module.common_variables.resolvers_ip
}
output "mtu_size" {
value = module.common_variables.mtu_size
}
output "availability_zones_names" {
value = module.common_variables.availability_zones_names
}
output "availability_zone_no_gpu_name" {
value = module.common_variables.availability_zones_names.availability_zone_no_gpu
}
output "availability_zone_with_gpu_name" {
value = module.common_variables.availability_zones_names.availability_zone_with_gpu
}
output "ssh_sources" {
value = module.common_variables.ssh_sources
}
output "networks_with_d4s_services" {
value = module.common_variables.networks_with_d4s_services
}
output "ubuntu_1804" {
value = module.common_variables.ubuntu_1804
}
output "ubuntu_2204" {
value = module.common_variables.ubuntu_2204
}
output "centos_7" {
value = module.common_variables.centos_7
}
output "almalinux_9" {
value = module.common_variables.almalinux_9
}
output "ubuntu1804_data_file" {
value = module.common_variables.ubuntu1804_data_file
}
output "ubuntu2204_data_file" {
value = module.common_variables.ubuntu2204_data_file
}
output "el7_data_file" {
value = module.common_variables.el7_data_file
}
output "ssh_jump_proxy" {
value = module.common_variables.ssh_jump_proxy
}
output "internal_ca_data" {
value = module.common_variables.internal_ca_data
}
output "prometheus_server_data" {
value = module.common_variables.prometheus_server_data
}
output "shared_postgresql_server_data" {
value = module.common_variables.shared_postgresql_server_data
}
output "haproxy_l7_data" {
value = module.common_variables.haproxy_l7_data
}
output "resource_registry_addresses" {
value = module.common_variables.resource_registry_addresses
}
output "smartexecutor_addresses" {
value = module.common_variables.smartexecutor_addresses
}
#Added by Francesco
output "policy_list" {
value = module.common_variables.policy_list
}
#Added by Francesco
output "flavor_list" {
value = module.common_variables.flavor_list
}
#Added by Francesco
output "security_group_list" {
value = module.common_variables.security_group_list
}
#Added by Francesco
output "networks_list" {
value = module.common_variables.networks_list
} }

View File

@ -0,0 +1 @@
../variables/outputs-dev.tf

View File

@ -1,24 +1,449 @@
{ {
"version": 4, "version": 4,
"terraform_version": "1.6.3", "terraform_version": "1.6.6",
"serial": 6, "serial": 14,
"lineage": "194691ec-f344-4bd2-98ae-cbd15e9c9cdf", "lineage": "194691ec-f344-4bd2-98ae-cbd15e9c9cdf",
"outputs": { "outputs": {
"almalinux_9": {
"value": {
"name": "AlmaLinux-9.0-20220718",
"uuid": "541650fc-dd19-4f38-bb1d-7333ed9dd688"
},
"type": [
"map",
"string"
]
},
"availability_zone_no_gpu_name": {
"value": "cnr-isti-nova-a",
"type": "string"
},
"availability_zone_with_gpu_name": {
"value": "cnr-isti-nova-gpu-a",
"type": "string"
},
"availability_zones_names": {
"value": {
"availability_zone_no_gpu": "cnr-isti-nova-a",
"availability_zone_with_gpu": "cnr-isti-nova-gpu-a"
},
"type": [
"map",
"string"
]
},
"basic_services_ip": {
"value": {
"ca": "10.1.29.247",
"ca_cidr": "10.1.29.247/32",
"haproxy_l7_1": "10.1.28.50",
"haproxy_l7_1_cidr": "10.1.28.50/32",
"haproxy_l7_2": "10.1.30.241",
"haproxy_l7_2_cidr": "10.1.30.241/32",
"octavia_main": "10.1.28.227",
"octavia_main_cidr": "10.1.28.227/32",
"prometheus": "10.1.30.129",
"prometheus_cidr": "10.1.30.129/32",
"ssh_jump": "10.1.29.164",
"ssh_jump_cidr": "10.1.29.164/32"
},
"type": [
"map",
"string"
]
},
"centos_7": {
"value": {
"name": "CentOS-7",
"uuid": "f0187a99-64f6-462a-ab5f-ef52fe62f2ca"
},
"type": [
"map",
"string"
]
},
"default_security_group_name": {
"value": "default",
"type": "string"
},
"dns_zone": {
"value": {
"description": "DNS primary zone for the d4s-dev-cloud project",
"email": "postmaster@isti.cnr.it",
"ttl": "8600",
"zone_name": "cloud-dev.d4science.org."
},
"type": [
"map",
"string"
]
},
"dns_zone_id": { "dns_zone_id": {
"value": "cbae638a-9d99-44aa-946c-0f5ffb7fc488", "value": "cbae638a-9d99-44aa-946c-0f5ffb7fc488",
"type": "string" "type": "string"
}, },
"external_gateway_ip": { "el7_data_file": {
"value": "146.48.31.109", "value": "../../openstack_vm_data_scripts/el7.sh",
"type": "string" "type": "string"
}, },
"external_gateway_ip": {
"value": [
{
"ip_address": "146.48.31.109",
"subnet_id": "57f87509-4016-46fb-b8c3-25fca7f72ccb"
}
],
"type": [
"list",
[
"object",
{
"ip_address": "string",
"subnet_id": "string"
}
]
]
},
"external_network": {
"value": {
"id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b",
"name": "external-network"
},
"type": [
"map",
"string"
]
},
"external_network_id": {
"value": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b",
"type": "string"
},
"external_router": {
"value": {
"description": "D4Science DEV main router",
"id": "2ae28c5f-036b-45db-bc9f-5bab8fa3e914",
"name": "d4s-dev-cloud-external-router"
},
"type": [
"map",
"string"
]
},
"flavor_list": {
"value": {
"c1_large": "c1.large",
"c1_medium": "c1.medium",
"c1_small": "c1.small",
"c2_large": "c2.large",
"m1_large": "m1.large",
"m1_medium": "m1.medium",
"m1_xlarge": "m1.xlarge",
"m1_xxl": "m1.xxl",
"m2_large": "m2.large",
"m2_medium": "m2.medium",
"m2_small": "m2.small",
"m3_large": "m3.large"
},
"type": [
"map",
"string"
]
},
"floating_ip_pools": {
"value": {
"main_public_ip_pool": "external-network"
},
"type": [
"map",
"string"
]
},
"haproxy_l7_data": {
"value": {
"flavor": "m1.medium",
"haproxy_1": "haproxy-l7-1",
"haproxy_2": "haproxy-l7-2",
"name": "main-haproxy-l7",
"vm_count": "2"
},
"type": [
"map",
"string"
]
},
"internal_ca_data": {
"value": {
"flavor": "m1.small",
"name": "ca"
},
"type": [
"map",
"string"
]
},
"main_haproxy_l7_ip": {
"value": [
"10.1.28.50",
"10.1.30.241"
],
"type": [
"list",
"string"
]
},
"main_private_network": {
"value": {
"description": "D4Science DEV private network (use this as the main network)",
"name": "d4s-dev-cloud-main"
},
"type": [
"map",
"string"
]
},
"main_private_network_id": { "main_private_network_id": {
"value": "e0af5eba-f24a-4d0d-8184-bc654b980c4a", "value": "e0af5eba-f24a-4d0d-8184-bc654b980c4a",
"type": "string" "type": "string"
}, },
"main_private_subnet": {
"value": {
"allocation_end": "10.1.31.254",
"allocation_start": "10.1.28.30",
"cidr": "10.1.28.0/22",
"description": "D4Science DEV main private subnet",
"gateway_ip": "10.1.28.1",
"name": "d4s-dev-cloud-sub"
},
"type": [
"map",
"string"
]
},
"main_region": {
"value": "isti_area_pi_1",
"type": "string"
},
"main_subnet_network_id": { "main_subnet_network_id": {
"value": "2aa977f2-80b4-447c-a6b0-dfa06bf68751", "value": "2aa977f2-80b4-447c-a6b0-dfa06bf68751",
"type": "string" "type": "string"
},
"mtu_size": {
"value": 8942,
"type": "number"
},
"networks_list": {
"value": {
"cassandra": "cassandra-net",
"orientdb": "orientdb-net",
"orientdb_se": "orientdb-se-net",
"shared_postgresql": "postgresql-srv-net",
"swarm": "swarm-nfs-net",
"timescaledb": "timescaledb-net"
},
"type": [
"map",
"string"
]
},
"networks_with_d4s_services": {
"value": {
"garr_ct1_net": "90.147.166.0/23",
"garr_na_net": "90.147.152.0/24",
"garr_pa1_net": "90.147.188.0/23",
"infrascience_net": "146.48.122.0/23",
"isti_net": "146.48.80.0/21",
"s2i2s_net": "146.48.28.0/22"
},
"type": [
"map",
"string"
]
},
"nfs_share_no_ingress_secgroup_id": {
"value": "5887da8d-e362-4509-93ac-8a70bf8baef9",
"type": "string"
},
"octavia_information": {
"value": {
"main_lb_description": "Main L4 load balancer for the D4Science DEV",
"main_lb_hostname": "main-lb",
"main_lb_name": "lb-dev-l4",
"octavia_flavor": "octavia_amphora-mvcpu-ha",
"octavia_flavor_id": "394988b5-6603-4a1e-a939-8e177c6681c7"
},
"type": [
"map",
"string"
]
},
"os_project_data": {
"value": {
"id": "e8f8ca72f30648a8b389b4e745ac83a9"
},
"type": [
"map",
"string"
]
},
"policy_list": {
"value": {
"affinity": "affinity",
"anti_affinity": "anti-affinity",
"soft_affinity": "soft-affinity",
"soft_anti_affinity": "soft-anti-affinity"
},
"type": [
"map",
"string"
]
},
"prometheus_server_data": {
"value": {
"flavor": "m1.medium",
"name": "prometheus",
"public_grafana_server_cidr": "146.48.28.103/32",
"vol_data_device": "/dev/vdb",
"vol_data_name": "prometheus-data",
"vol_data_size": "100"
},
"type": [
"map",
"string"
]
},
"resolvers_ip": {
"value": [
"146.48.29.97",
"146.48.29.98",
"146.48.29.99"
],
"type": [
"list",
"string"
]
},
"resource_registry_addresses": {
"value": {},
"type": [
"map",
"string"
]
},
"security_group_list": {
"value": {
"acaland": "acaland's dev machine",
"access_to_orientdb": "access_to_orientdb",
"access_to_orientdb_se": "access_to_orientdb_se",
"access_to_the_timescaledb_service": "access_to_the_timescaledb_service",
"cassandra": "Cassandra",
"dataminer-publish": "dataminer-publish",
"debugging_from_jump_node": "debugging_from_jump_node",
"default": "default",
"docker_swarm": "Docker Swarm",
"docker_swarm_NFS": "Docker Swarm NFS",
"haproxy": "traffic_from_main_lb_to_haproxy_l7",
"http_and_https_from_the_load_balancers": "traffic_from_the_main_load_balancers",
"limited_HTTPS_access": "restricted_web_service",
"limited_SSH_access": "Limited SSH access",
"mongo": "mongo",
"nfs_share_no_ingress": "nfs_share_no_ingress",
"orientdb_internal_docker_traffic": "orientdb_internal_docker_traffic",
"postgreSQL": "PostgreSQL service",
"public_HTTPS": "Public HTTPS"
},
"type": [
"map",
"string"
]
},
"shared_postgresql_server_data": {
"value": {
"allocation_pool_end": "192.168.3.254",
"allocation_pool_start": "192.168.0.100",
"flavor": "m1.medium",
"name": "shared-postgresql-server",
"network_cidr": "192.168.0.0/22",
"network_description": "Network used to communicate with the shared postgresql service",
"network_name": "postgresql-srv-net",
"server_cidr": "192.168.0.5/22",
"server_ip": "192.168.0.5",
"vol_data_device": "/dev/vdb",
"vol_data_name": "shared-postgresql-data",
"vol_data_size": "100"
},
"type": [
"map",
"string"
]
},
"smartexecutor_addresses": {
"value": {},
"type": [
"map",
"string"
]
},
"ssh_jump_proxy": {
"value": {
"flavor": "m2.small",
"name": "ssh-jump-proxy"
},
"type": [
"map",
"string"
]
},
"ssh_sources": {
"value": {
"d4s_vpn_1_cidr": "146.48.122.27/32",
"d4s_vpn_2_cidr": "146.48.122.49/32",
"infrascience_net_cidr": "146.48.122.0/23",
"s2i2s_vpn_1_cidr": "146.48.28.10/32",
"s2i2s_vpn_2_cidr": "146.48.28.11/32",
"shell_d4s_cidr": "146.48.122.95/32"
},
"type": [
"map",
"string"
]
},
"storage_nfs_network_id": {
"value": "5f4023cc-4016-404c-94e5-86220095fbaf",
"type": "string"
},
"storage_nfs_subnet_id": {
"value": "6ff0f9e8-0e74-4cc3-a268-7ed4af435696",
"type": "string"
},
"ubuntu1804_data_file": {
"value": "../../openstack_vm_data_scripts/ubuntu1804.sh",
"type": "string"
},
"ubuntu2204_data_file": {
"value": "../../openstack_vm_data_scripts/ubuntu2204.sh",
"type": "string"
},
"ubuntu_1804": {
"value": {
"name": "Ubuntu-Bionic-18.04",
"user_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh",
"uuid": "7ed6a2cd-2b07-482e-8ce4-f018dff16c89"
},
"type": [
"map",
"string"
]
},
"ubuntu_2204": {
"value": {
"name": "Ubuntu-Jammy-22.04",
"user_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh",
"uuid": "54768889-8556-4be4-a2eb-82a4d9b34627"
},
"type": [
"map",
"string"
]
} }
}, },
"resources": [ "resources": [
@ -47,7 +472,10 @@
"zone_id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488" "zone_id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488"
}, },
"sensitive_attributes": [], "sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMCJ9" "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMCJ9",
"dependencies": [
"openstack_dns_zone_v2.primary_project_dns_zone"
]
} }
] ]
}, },
@ -100,13 +528,7 @@
"port_security_enabled": true, "port_security_enabled": true,
"qos_policy_id": "", "qos_policy_id": "",
"region": "isti_area_pi_1", "region": "isti_area_pi_1",
"segments": [ "segments": [],
{
"network_type": "geneve",
"physical_network": "",
"segmentation_id": 13667
}
],
"shared": false, "shared": false,
"tags": [], "tags": [],
"tenant_id": "e8f8ca72f30648a8b389b4e745ac83a9", "tenant_id": "e8f8ca72f30648a8b389b4e745ac83a9",
@ -137,7 +559,12 @@
"timeouts": null "timeouts": null
}, },
"sensitive_attributes": [], "sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfSwic2NoZW1hX3ZlcnNpb24iOiIwIn0=" "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfSwic2NoZW1hX3ZlcnNpb24iOiIwIn0=",
"dependencies": [
"openstack_networking_network_v2.main-private-network",
"openstack_networking_router_v2.external-router",
"openstack_networking_subnet_v2.main-private-subnet"
]
} }
] ]
}, },
@ -172,10 +599,69 @@
"tenant_id": "e8f8ca72f30648a8b389b4e745ac83a9", "tenant_id": "e8f8ca72f30648a8b389b4e745ac83a9",
"timeouts": null, "timeouts": null,
"value_specs": null, "value_specs": null,
"vendor_options": [] "vendor_options": [
{
"set_router_gateway_after_create": true
}
]
}, },
"sensitive_attributes": [], "sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfSwic2NoZW1hX3ZlcnNpb24iOiIwIn0=" "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0="
}
]
},
{
"mode": "managed",
"type": "openstack_networking_secgroup_rule_v2",
"name": "egress_ipv4_allowed",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"description": "Allow the egress traffic from the NFS port",
"direction": "egress",
"ethertype": "IPv4",
"id": "b6f234e2-db03-4b25-899d-725217796ae0",
"port_range_max": 0,
"port_range_min": 0,
"protocol": "",
"region": "isti_area_pi_1",
"remote_group_id": "",
"remote_ip_prefix": "0.0.0.0/0",
"security_group_id": "5887da8d-e362-4509-93ac-8a70bf8baef9",
"tenant_id": "e8f8ca72f30648a8b389b4e745ac83a9",
"timeouts": null
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==",
"dependencies": [
"openstack_networking_secgroup_v2.nfs_share_no_ingress"
]
}
]
},
{
"mode": "managed",
"type": "openstack_networking_secgroup_v2",
"name": "nfs_share_no_ingress",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"all_tags": [],
"delete_default_rules": true,
"description": "Security rule that must be assigned to the NFS ports",
"id": "5887da8d-e362-4509-93ac-8a70bf8baef9",
"name": "nfs_share_no_ingress",
"region": "isti_area_pi_1",
"tags": [],
"tenant_id": "e8f8ca72f30648a8b389b4e745ac83a9",
"timeouts": null
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ=="
} }
] ]
}, },
@ -228,7 +714,10 @@
"value_specs": null "value_specs": null
}, },
"sensitive_attributes": [], "sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfSwic2NoZW1hX3ZlcnNpb24iOiIwIn0=" "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfSwic2NoZW1hX3ZlcnNpb24iOiIwIn0=",
"dependencies": [
"openstack_networking_network_v2.main-private-network"
]
} }
] ]
} }

View File

@ -0,0 +1 @@
../variables/variables-dev.tf

View File

@ -0,0 +1,97 @@
# Define required providers
terraform {
required_version = ">= 0.14.0"
required_providers {
openstack = {
source = "terraform-provider-openstack/openstack"
version = "~> 1.53.0"
}
}
}
data "terraform_remote_state" "privnet_dns_router" {
backend = "local"
config = {
path = "../project-setup/terraform.tfstate"
}
}
# SSH settings
module "ssh_settings" {
source = "../../modules/ssh-key-ref"
}
#
# Uses common_variables as module
#
module "common_variables" {
source = "../../modules/common_variables"
}
# Create a NFS share
resource "openstack_sharedfilesystem_share_v2" "redmine_dev" {
name = "redmine_dev_nfs_share"
description = "NFS share for the dev redmine"
share_proto = "NFS"
size = 5
}
resource "openstack_networking_port_v2" "redmine_nfs_port" {
name = "redmine_nfs_port"
network_id = data.terraform_remote_state.privnet_dns_router.outputs.storage_nfs_network_id
admin_state_up = "true"
fixed_ip {
subnet_id = data.terraform_remote_state.privnet_dns_router.outputs.storage_nfs_subnet_id
}
}
resource "openstack_networking_port_secgroup_associate_v2" "redmine_nfs_port_secgroup" {
port_id = openstack_networking_port_v2.redmine_nfs_port.id
security_group_ids = [
data.terraform_remote_state.privnet_dns_router.outputs.nfs_share_no_ingress_secgroup_id
]
}
resource "openstack_compute_instance_v2" "redmine" {
name = "redmine-dev"
availability_zone_hints = module.common_variables.availability_zones_names.availability_zone_no_gpu
flavor_name = module.common_variables.flavor_list.m1_medium
key_pair = module.ssh_settings.ssh_key_name
security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.default, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.nfs_share_no_ingress]
block_device {
uuid = data.terraform_remote_state.privnet_dns_router.outputs.ubuntu_2204.uuid
source_type = "image"
volume_size = 20
boot_index = 0
destination_type = "volume"
delete_on_termination = true
}
network {
name = data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name
}
network {
name = module.common_variables.shared_postgresql_server_data.network_name
}
user_data = file("${data.terraform_remote_state.privnet_dns_router.outputs.ubuntu2204_data_file}")
# Do not replace the instance when the ssh key changes
lifecycle {
ignore_changes = [
# Ignore changes to tags, e.g. because a management agent
# updates these based on some ruleset managed elsewhere.
key_pair, user_data, network
]
}
}
resource "openstack_compute_interface_attach_v2" "nfs_port_to_redmine" {
instance_id = openstack_compute_instance_v2.redmine.id
port_id = openstack_networking_port_v2.redmine_nfs_port.id
}
# Allow access to the NFS share
resource "openstack_sharedfilesystem_share_access_v2" "redmine_dev_nfs_share_access" {
share_id = openstack_sharedfilesystem_share_v2.redmine_dev.id
access_type = "ip"
access_to = openstack_compute_interface_attach_v2.nfs_port_to_redmine.fixed_ip
access_level = "rw"
}

View File

@ -0,0 +1,7 @@
output "nfs_port_data" {
value = openstack_compute_interface_attach_v2.nfs_port_to_redmine
}
output "redmine_nfs_volume_data" {
value = openstack_sharedfilesystem_share_v2.redmine_dev
}

View File

@ -0,0 +1,3 @@
provider "openstack" {
cloud = "d4s-dev"
}

View File

@ -0,0 +1,792 @@
{
"version": 4,
"terraform_version": "1.6.6",
"serial": 19,
"lineage": "e609cf3f-5517-b905-f141-3e44c69a358a",
"outputs": {
"nfs_port_data": {
"value": {
"fixed_ip": "172.17.2.12",
"id": "3ba0a5f7-9eea-4986-ad9c-404ba2237857/effe8e41-22eb-4348-944f-cebd19b8957f",
"instance_id": "3ba0a5f7-9eea-4986-ad9c-404ba2237857",
"network_id": "5f4023cc-4016-404c-94e5-86220095fbaf",
"port_id": "effe8e41-22eb-4348-944f-cebd19b8957f",
"region": "isti_area_pi_1",
"timeouts": null
},
"type": [
"object",
{
"fixed_ip": "string",
"id": "string",
"instance_id": "string",
"network_id": "string",
"port_id": "string",
"region": "string",
"timeouts": [
"object",
{
"create": "string",
"delete": "string"
}
]
}
]
},
"redmine_nfs_volume_data": {
"value": {
"all_metadata": {},
"availability_zone": "nova",
"description": "NFS share for the dev redmine",
"export_locations": [
{
"path": "172.17.0.7:/volumes/_nogroup/24e94d6a-2d45-4852-bb24-1602881df2f3/5c12125e-4336-483a-9bac-bbfc83b084c9",
"preferred": "false"
}
],
"has_replicas": false,
"host": "",
"id": "42900a39-6251-441f-b535-0b18931c4cf3",
"is_public": false,
"metadata": null,
"name": "redmine_dev_nfs_share",
"project_id": "e8f8ca72f30648a8b389b4e745ac83a9",
"region": "isti_area_pi_1",
"replication_type": "",
"share_network_id": "",
"share_proto": "NFS",
"share_server_id": "",
"share_type": "default",
"size": 5,
"snapshot_id": "",
"timeouts": null
},
"type": [
"object",
{
"all_metadata": [
"map",
"string"
],
"availability_zone": "string",
"description": "string",
"export_locations": [
"list",
[
"object",
{
"path": "string",
"preferred": "string"
}
]
],
"has_replicas": "bool",
"host": "string",
"id": "string",
"is_public": "bool",
"metadata": [
"map",
"string"
],
"name": "string",
"project_id": "string",
"region": "string",
"replication_type": "string",
"share_network_id": "string",
"share_proto": "string",
"share_server_id": "string",
"share_type": "string",
"size": "number",
"snapshot_id": "string",
"timeouts": [
"object",
{
"create": "string",
"delete": "string",
"update": "string"
}
]
}
]
}
},
"resources": [
{
"mode": "data",
"type": "terraform_remote_state",
"name": "privnet_dns_router",
"provider": "provider[\"terraform.io/builtin/terraform\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"backend": "local",
"config": {
"value": {
"path": "../project-setup/terraform.tfstate"
},
"type": [
"object",
{
"path": "string"
}
]
},
"defaults": null,
"outputs": {
"value": {
"almalinux_9": {
"name": "AlmaLinux-9.0-20220718",
"uuid": "541650fc-dd19-4f38-bb1d-7333ed9dd688"
},
"availability_zone_no_gpu_name": "cnr-isti-nova-a",
"availability_zone_with_gpu_name": "cnr-isti-nova-gpu-a",
"availability_zones_names": {
"availability_zone_no_gpu": "cnr-isti-nova-a",
"availability_zone_with_gpu": "cnr-isti-nova-gpu-a"
},
"basic_services_ip": {
"ca": "10.1.29.247",
"ca_cidr": "10.1.29.247/32",
"haproxy_l7_1": "10.1.28.50",
"haproxy_l7_1_cidr": "10.1.28.50/32",
"haproxy_l7_2": "10.1.30.241",
"haproxy_l7_2_cidr": "10.1.30.241/32",
"octavia_main": "10.1.28.227",
"octavia_main_cidr": "10.1.28.227/32",
"prometheus": "10.1.30.129",
"prometheus_cidr": "10.1.30.129/32",
"ssh_jump": "10.1.29.164",
"ssh_jump_cidr": "10.1.29.164/32"
},
"centos_7": {
"name": "CentOS-7",
"uuid": "f0187a99-64f6-462a-ab5f-ef52fe62f2ca"
},
"default_security_group_name": "default",
"dns_zone": {
"description": "DNS primary zone for the d4s-dev-cloud project",
"email": "postmaster@isti.cnr.it",
"ttl": "8600",
"zone_name": "cloud-dev.d4science.org."
},
"dns_zone_id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488",
"el7_data_file": "../../openstack_vm_data_scripts/el7.sh",
"external_gateway_ip": [
{
"ip_address": "146.48.31.109",
"subnet_id": "57f87509-4016-46fb-b8c3-25fca7f72ccb"
}
],
"external_network": {
"id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b",
"name": "external-network"
},
"external_network_id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b",
"external_router": {
"description": "D4Science DEV main router",
"id": "2ae28c5f-036b-45db-bc9f-5bab8fa3e914",
"name": "d4s-dev-cloud-external-router"
},
"flavor_list": {
"c1_large": "c1.large",
"c1_medium": "c1.medium",
"c1_small": "c1.small",
"c2_large": "c2.large",
"m1_large": "m1.large",
"m1_medium": "m1.medium",
"m1_xlarge": "m1.xlarge",
"m1_xxl": "m1.xxl",
"m2_large": "m2.large",
"m2_medium": "m2.medium",
"m2_small": "m2.small",
"m3_large": "m3.large"
},
"floating_ip_pools": {
"main_public_ip_pool": "external-network"
},
"haproxy_l7_data": {
"flavor": "m1.medium",
"haproxy_1": "haproxy-l7-1",
"haproxy_2": "haproxy-l7-2",
"name": "main-haproxy-l7",
"vm_count": "2"
},
"internal_ca_data": {
"flavor": "m1.small",
"name": "ca"
},
"main_haproxy_l7_ip": [
"10.1.28.50",
"10.1.30.241"
],
"main_private_network": {
"description": "D4Science DEV private network (use this as the main network)",
"name": "d4s-dev-cloud-main"
},
"main_private_network_id": "e0af5eba-f24a-4d0d-8184-bc654b980c4a",
"main_private_subnet": {
"allocation_end": "10.1.31.254",
"allocation_start": "10.1.28.30",
"cidr": "10.1.28.0/22",
"description": "D4Science DEV main private subnet",
"gateway_ip": "10.1.28.1",
"name": "d4s-dev-cloud-sub"
},
"main_region": "isti_area_pi_1",
"main_subnet_network_id": "2aa977f2-80b4-447c-a6b0-dfa06bf68751",
"mtu_size": 8942,
"networks_list": {
"cassandra": "cassandra-net",
"orientdb": "orientdb-net",
"orientdb_se": "orientdb-se-net",
"shared_postgresql": "postgresql-srv-net",
"swarm": "swarm-nfs-net",
"timescaledb": "timescaledb-net"
},
"networks_with_d4s_services": {
"garr_ct1_net": "90.147.166.0/23",
"garr_na_net": "90.147.152.0/24",
"garr_pa1_net": "90.147.188.0/23",
"infrascience_net": "146.48.122.0/23",
"isti_net": "146.48.80.0/21",
"s2i2s_net": "146.48.28.0/22"
},
"nfs_share_no_ingress_secgroup_id": "5887da8d-e362-4509-93ac-8a70bf8baef9",
"octavia_information": {
"main_lb_description": "Main L4 load balancer for the D4Science DEV",
"main_lb_hostname": "main-lb",
"main_lb_name": "lb-dev-l4",
"octavia_flavor": "octavia_amphora-mvcpu-ha",
"octavia_flavor_id": "394988b5-6603-4a1e-a939-8e177c6681c7"
},
"os_project_data": {
"id": "e8f8ca72f30648a8b389b4e745ac83a9"
},
"policy_list": {
"affinity": "affinity",
"anti_affinity": "anti-affinity",
"soft_affinity": "soft-affinity",
"soft_anti_affinity": "soft-anti-affinity"
},
"prometheus_server_data": {
"flavor": "m1.medium",
"name": "prometheus",
"public_grafana_server_cidr": "146.48.28.103/32",
"vol_data_device": "/dev/vdb",
"vol_data_name": "prometheus-data",
"vol_data_size": "100"
},
"resolvers_ip": [
"146.48.29.97",
"146.48.29.98",
"146.48.29.99"
],
"resource_registry_addresses": {},
"security_group_list": {
"acaland": "acaland's dev machine",
"access_to_orientdb": "access_to_orientdb",
"access_to_orientdb_se": "access_to_orientdb_se",
"access_to_the_timescaledb_service": "access_to_the_timescaledb_service",
"cassandra": "Cassandra",
"dataminer-publish": "dataminer-publish",
"debugging_from_jump_node": "debugging_from_jump_node",
"default": "default",
"docker_swarm": "Docker Swarm",
"docker_swarm_NFS": "Docker Swarm NFS",
"haproxy": "traffic_from_main_lb_to_haproxy_l7",
"http_and_https_from_the_load_balancers": "traffic_from_the_main_load_balancers",
"limited_HTTPS_access": "restricted_web_service",
"limited_SSH_access": "Limited SSH access",
"mongo": "mongo",
"nfs_share_no_ingress": "nfs_share_no_ingress",
"orientdb_internal_docker_traffic": "orientdb_internal_docker_traffic",
"postgreSQL": "PostgreSQL service",
"public_HTTPS": "Public HTTPS"
},
"shared_postgresql_server_data": {
"allocation_pool_end": "192.168.3.254",
"allocation_pool_start": "192.168.0.100",
"flavor": "m1.medium",
"name": "shared-postgresql-server",
"network_cidr": "192.168.0.0/22",
"network_description": "Network used to communicate with the shared postgresql service",
"network_name": "postgresql-srv-net",
"server_cidr": "192.168.0.5/22",
"server_ip": "192.168.0.5",
"vol_data_device": "/dev/vdb",
"vol_data_name": "shared-postgresql-data",
"vol_data_size": "100"
},
"smartexecutor_addresses": {},
"ssh_jump_proxy": {
"flavor": "m2.small",
"name": "ssh-jump-proxy"
},
"ssh_sources": {
"d4s_vpn_1_cidr": "146.48.122.27/32",
"d4s_vpn_2_cidr": "146.48.122.49/32",
"infrascience_net_cidr": "146.48.122.0/23",
"s2i2s_vpn_1_cidr": "146.48.28.10/32",
"s2i2s_vpn_2_cidr": "146.48.28.11/32",
"shell_d4s_cidr": "146.48.122.95/32"
},
"storage_nfs_network_id": "5f4023cc-4016-404c-94e5-86220095fbaf",
"storage_nfs_subnet_id": "6ff0f9e8-0e74-4cc3-a268-7ed4af435696",
"ubuntu1804_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh",
"ubuntu2204_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh",
"ubuntu_1804": {
"name": "Ubuntu-Bionic-18.04",
"user_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh",
"uuid": "7ed6a2cd-2b07-482e-8ce4-f018dff16c89"
},
"ubuntu_2204": {
"name": "Ubuntu-Jammy-22.04",
"user_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh",
"uuid": "54768889-8556-4be4-a2eb-82a4d9b34627"
}
},
"type": [
"object",
{
"almalinux_9": [
"map",
"string"
],
"availability_zone_no_gpu_name": "string",
"availability_zone_with_gpu_name": "string",
"availability_zones_names": [
"map",
"string"
],
"basic_services_ip": [
"map",
"string"
],
"centos_7": [
"map",
"string"
],
"default_security_group_name": "string",
"dns_zone": [
"map",
"string"
],
"dns_zone_id": "string",
"el7_data_file": "string",
"external_gateway_ip": [
"list",
[
"object",
{
"ip_address": "string",
"subnet_id": "string"
}
]
],
"external_network": [
"map",
"string"
],
"external_network_id": "string",
"external_router": [
"map",
"string"
],
"flavor_list": [
"map",
"string"
],
"floating_ip_pools": [
"map",
"string"
],
"haproxy_l7_data": [
"map",
"string"
],
"internal_ca_data": [
"map",
"string"
],
"main_haproxy_l7_ip": [
"list",
"string"
],
"main_private_network": [
"map",
"string"
],
"main_private_network_id": "string",
"main_private_subnet": [
"map",
"string"
],
"main_region": "string",
"main_subnet_network_id": "string",
"mtu_size": "number",
"networks_list": [
"map",
"string"
],
"networks_with_d4s_services": [
"map",
"string"
],
"nfs_share_no_ingress_secgroup_id": "string",
"octavia_information": [
"map",
"string"
],
"os_project_data": [
"map",
"string"
],
"policy_list": [
"map",
"string"
],
"prometheus_server_data": [
"map",
"string"
],
"resolvers_ip": [
"list",
"string"
],
"resource_registry_addresses": [
"map",
"string"
],
"security_group_list": [
"map",
"string"
],
"shared_postgresql_server_data": [
"map",
"string"
],
"smartexecutor_addresses": [
"map",
"string"
],
"ssh_jump_proxy": [
"map",
"string"
],
"ssh_sources": [
"map",
"string"
],
"storage_nfs_network_id": "string",
"storage_nfs_subnet_id": "string",
"ubuntu1804_data_file": "string",
"ubuntu2204_data_file": "string",
"ubuntu_1804": [
"map",
"string"
],
"ubuntu_2204": [
"map",
"string"
]
}
]
},
"workspace": null
},
"sensitive_attributes": []
}
]
},
{
"mode": "managed",
"type": "openstack_compute_instance_v2",
"name": "redmine",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"access_ip_v4": "10.1.31.204",
"access_ip_v6": "",
"admin_pass": null,
"all_metadata": {},
"all_tags": [],
"availability_zone": "cnr-isti-nova-a",
"availability_zone_hints": "cnr-isti-nova-a",
"block_device": [
{
"boot_index": 0,
"delete_on_termination": true,
"destination_type": "volume",
"device_type": "",
"disk_bus": "",
"guest_format": "",
"multiattach": false,
"source_type": "image",
"uuid": "54768889-8556-4be4-a2eb-82a4d9b34627",
"volume_size": 20,
"volume_type": ""
}
],
"config_drive": null,
"created": "2024-01-31 15:04:07 +0000 UTC",
"flavor_id": "4",
"flavor_name": "m1.medium",
"floating_ip": null,
"force_delete": false,
"id": "3ba0a5f7-9eea-4986-ad9c-404ba2237857",
"image_id": "Attempt to boot from volume - no image supplied",
"image_name": null,
"key_pair": "adellam",
"metadata": null,
"name": "redmine-dev",
"network": [
{
"access_network": false,
"fixed_ip_v4": "10.1.31.204",
"fixed_ip_v6": "",
"floating_ip": "",
"mac": "fa:16:3e:4e:a5:f3",
"name": "d4s-dev-cloud-main",
"port": "",
"uuid": "e0af5eba-f24a-4d0d-8184-bc654b980c4a"
},
{
"access_network": false,
"fixed_ip_v4": "192.168.2.99",
"fixed_ip_v6": "",
"floating_ip": "",
"mac": "fa:16:3e:b0:51:28",
"name": "postgresql-srv-net",
"port": "",
"uuid": "00422a4a-4b8b-4c85-acf9-ef733df842b9"
}
],
"network_mode": null,
"personality": [],
"power_state": "active",
"region": "isti_area_pi_1",
"scheduler_hints": [],
"security_groups": [
"default",
"nfs_share_no_ingress",
"traffic_from_the_main_load_balancers"
],
"stop_before_destroy": false,
"tags": null,
"timeouts": null,
"updated": "2024-01-31 15:04:56 +0000 UTC",
"user_data": "bb83b25fd1219aa1b850ece9be8d7b0f31714608",
"vendor_options": [],
"volume": []
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router"
]
}
]
},
{
"mode": "managed",
"type": "openstack_compute_interface_attach_v2",
"name": "nfs_port_to_redmine",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"fixed_ip": "172.17.2.12",
"id": "3ba0a5f7-9eea-4986-ad9c-404ba2237857/effe8e41-22eb-4348-944f-cebd19b8957f",
"instance_id": "3ba0a5f7-9eea-4986-ad9c-404ba2237857",
"network_id": "5f4023cc-4016-404c-94e5-86220095fbaf",
"port_id": "effe8e41-22eb-4348-944f-cebd19b8957f",
"region": "isti_area_pi_1",
"timeouts": null
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router",
"openstack_compute_instance_v2.redmine",
"openstack_networking_port_v2.redmine_nfs_port"
]
}
]
},
{
"mode": "managed",
"type": "openstack_networking_port_secgroup_associate_v2",
"name": "redmine_nfs_port_secgroup",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"all_security_group_ids": [
"5887da8d-e362-4509-93ac-8a70bf8baef9",
"d1fc7c78-6426-4a18-b369-09fcf4fe6edf"
],
"enforce": false,
"id": "effe8e41-22eb-4348-944f-cebd19b8957f",
"port_id": "effe8e41-22eb-4348-944f-cebd19b8957f",
"region": "isti_area_pi_1",
"security_group_ids": [
"5887da8d-e362-4509-93ac-8a70bf8baef9"
]
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router",
"openstack_networking_port_v2.redmine_nfs_port"
]
}
]
},
{
"mode": "managed",
"type": "openstack_networking_port_v2",
"name": "redmine_nfs_port",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"admin_state_up": true,
"all_fixed_ips": [
"172.17.2.12"
],
"all_security_group_ids": [
"5887da8d-e362-4509-93ac-8a70bf8baef9",
"d1fc7c78-6426-4a18-b369-09fcf4fe6edf"
],
"all_tags": [],
"allowed_address_pairs": [],
"binding": [
{
"host_id": "",
"profile": "",
"vif_details": {},
"vif_type": "",
"vnic_type": "normal"
}
],
"description": "",
"device_id": "fa11c8b2-18d7-4688-a6f1-0ab78d6399ec",
"device_owner": "compute:cnr-isti-nova-a",
"dns_assignment": [
{
"fqdn": "host-172-17-2-12.openstacklocal.",
"hostname": "host-172-17-2-12",
"ip_address": "172.17.2.12"
}
],
"dns_name": "",
"extra_dhcp_option": [],
"fixed_ip": [
{
"ip_address": "",
"subnet_id": "6ff0f9e8-0e74-4cc3-a268-7ed4af435696"
}
],
"id": "effe8e41-22eb-4348-944f-cebd19b8957f",
"mac_address": "fa:16:3e:f5:57:88",
"name": "redmine_nfs_port",
"network_id": "5f4023cc-4016-404c-94e5-86220095fbaf",
"no_fixed_ip": null,
"no_security_groups": null,
"port_security_enabled": true,
"qos_policy_id": "",
"region": "isti_area_pi_1",
"security_group_ids": null,
"tags": [],
"tenant_id": "e8f8ca72f30648a8b389b4e745ac83a9",
"timeouts": null,
"value_specs": null
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router"
]
}
]
},
{
"mode": "managed",
"type": "openstack_sharedfilesystem_share_access_v2",
"name": "redmine_dev_nfs_share_access",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"access_key": "",
"access_level": "rw",
"access_to": "172.17.2.12",
"access_type": "ip",
"id": "dec8bf74-c50d-4841-a278-3786b12b591f",
"region": "isti_area_pi_1",
"share_id": "42900a39-6251-441f-b535-0b18931c4cf3",
"state": "active",
"timeouts": null
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router",
"openstack_compute_instance_v2.redmine",
"openstack_compute_interface_attach_v2.nfs_port_to_redmine",
"openstack_networking_port_v2.redmine_nfs_port",
"openstack_sharedfilesystem_share_v2.redmine_dev"
]
}
]
},
{
"mode": "managed",
"type": "openstack_sharedfilesystem_share_v2",
"name": "redmine_dev",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"all_metadata": {},
"availability_zone": "nova",
"description": "NFS share for the dev redmine",
"export_locations": [
{
"path": "172.17.0.7:/volumes/_nogroup/24e94d6a-2d45-4852-bb24-1602881df2f3/5c12125e-4336-483a-9bac-bbfc83b084c9",
"preferred": "false"
}
],
"has_replicas": false,
"host": "",
"id": "42900a39-6251-441f-b535-0b18931c4cf3",
"is_public": false,
"metadata": null,
"name": "redmine_dev_nfs_share",
"project_id": "e8f8ca72f30648a8b389b4e745ac83a9",
"region": "isti_area_pi_1",
"replication_type": "",
"share_network_id": "",
"share_proto": "NFS",
"share_server_id": "",
"share_type": "default",
"size": 5,
"snapshot_id": "",
"timeouts": null
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19"
}
]
}
],
"check_results": null
}

View File

@ -42,8 +42,8 @@ module "instance_without_data_volume" {
name = "resource-registry-1", name = "resource-registry-1",
description = "This instance serves resource-registry service", description = "This instance serves resource-registry service",
flavor = module.common_variables.flavor_list.m1_medium, flavor = module.common_variables.flavor_list.m1_medium,
networks = ["d4s-dev-cloud-main", module.common_variables.networks_list.orientdb], networks = [data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name, module.common_variables.networks_list.orientdb],
security_groups = [module.common_variables.security_group_list.default, module.common_variables.security_group_list.http_and_https_from_the_load_balancers], security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [openstack_compute_servergroup_v2.resource_registry_server_group.id], server_groups_ids = [openstack_compute_servergroup_v2.resource_registry_server_group.id],
image_ref = module.common_variables.ubuntu_1804 image_ref = module.common_variables.ubuntu_1804
}, },
@ -51,8 +51,8 @@ module "instance_without_data_volume" {
name = "resource-registry-2", name = "resource-registry-2",
description = "This instance serves resource-registry service", description = "This instance serves resource-registry service",
flavor = module.common_variables.flavor_list.m1_medium, flavor = module.common_variables.flavor_list.m1_medium,
networks = ["d4s-dev-cloud-main", module.common_variables.networks_list.orientdb], networks = [data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name, module.common_variables.networks_list.orientdb],
security_groups = [module.common_variables.security_group_list.default, module.common_variables.security_group_list.http_and_https_from_the_load_balancers], security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [openstack_compute_servergroup_v2.resource_registry_server_group.id], server_groups_ids = [openstack_compute_servergroup_v2.resource_registry_server_group.id],
image_ref = module.common_variables.ubuntu_1804 image_ref = module.common_variables.ubuntu_1804
} }

View File

@ -30,7 +30,7 @@ module "common_variables" {
# #
resource "openstack_compute_servergroup_v2" "accounting_dashboard_harvester_server_group" { resource "openstack_compute_servergroup_v2" "accounting_dashboard_harvester_server_group" {
name = "accounting-dashboard-harvester-se-plugin" name = "accounting-dashboard-harvester-se-plugin"
policies = [module.common_variables.policy_list.anti_affinity] policies = [module.common_variables.policy_list.soft_anti_affinity]
} }
# #
@ -38,7 +38,7 @@ resource "openstack_compute_servergroup_v2" "accounting_dashboard_harvester_serv
# #
resource "openstack_compute_servergroup_v2" "accounting_aggregator_server_group" { resource "openstack_compute_servergroup_v2" "accounting_aggregator_server_group" {
name = "accounting-aggregator-se-plugin" name = "accounting-aggregator-se-plugin"
policies = [module.common_variables.policy_list.anti_affinity] policies = [module.common_variables.policy_list.soft_anti_affinity]
} }
# #
@ -46,7 +46,7 @@ resource "openstack_compute_servergroup_v2" "accounting_aggregator_server_group"
# #
resource "openstack_compute_servergroup_v2" "resource_checker_server_group" { resource "openstack_compute_servergroup_v2" "resource_checker_server_group" {
name = "resource-checker-se-plugin" name = "resource-checker-se-plugin"
policies = [module.common_variables.policy_list.anti_affinity] policies = [module.common_variables.policy_list.soft_anti_affinity]
} }
# #
@ -54,7 +54,7 @@ resource "openstack_compute_servergroup_v2" "resource_checker_server_group" {
# #
resource "openstack_compute_servergroup_v2" "social_data_indexer_server_group" { resource "openstack_compute_servergroup_v2" "social_data_indexer_server_group" {
name = "social-data-indexer-se-plugin" name = "social-data-indexer-se-plugin"
policies = [module.common_variables.policy_list.anti_affinity] policies = [module.common_variables.policy_list.soft_anti_affinity]
} }
# #
@ -62,7 +62,7 @@ resource "openstack_compute_servergroup_v2" "social_data_indexer_server_group" {
# #
resource "openstack_compute_servergroup_v2" "accounting_insert_storage_server_group" { resource "openstack_compute_servergroup_v2" "accounting_insert_storage_server_group" {
name = "accounting-insert-storage-se-plugin" name = "accounting-insert-storage-se-plugin"
policies = [module.common_variables.policy_list.anti_affinity] policies = [module.common_variables.policy_list.soft_anti_affinity]
} }
@ -74,8 +74,8 @@ module "instance_without_data_volume" {
name = "accounting-dashboard-harvester-se-plugin", name = "accounting-dashboard-harvester-se-plugin",
description = "This instance serves smart-executor service with accounting-dashboard-harvester-se-plugin", description = "This instance serves smart-executor service with accounting-dashboard-harvester-se-plugin",
flavor = module.common_variables.flavor_list.m1_medium, flavor = module.common_variables.flavor_list.m1_medium,
networks = ["d4s-dev-cloud-main", module.common_variables.networks_list.orientdb_se, module.common_variables.networks_list.timescaledb, module.common_variables.networks_list.shared_postgresql], networks = [data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name, module.common_variables.networks_list.orientdb_se, module.common_variables.networks_list.timescaledb, module.common_variables.networks_list.shared_postgresql],
security_groups = [module.common_variables.security_group_list.default, module.common_variables.security_group_list.http_and_https_from_the_load_balancers], security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [openstack_compute_servergroup_v2.accounting_dashboard_harvester_server_group.id], server_groups_ids = [openstack_compute_servergroup_v2.accounting_dashboard_harvester_server_group.id],
image_ref = module.common_variables.ubuntu_1804 image_ref = module.common_variables.ubuntu_1804
}, },
@ -83,17 +83,17 @@ module "instance_without_data_volume" {
name = "accounting-aggregator-se-plugin", name = "accounting-aggregator-se-plugin",
description = "This instance serves smart-executor service with accounting-aggregator-se-plugin", description = "This instance serves smart-executor service with accounting-aggregator-se-plugin",
flavor = module.common_variables.flavor_list.m1_medium, flavor = module.common_variables.flavor_list.m1_medium,
networks = ["d4s-dev-cloud-main", module.common_variables.networks_list.orientdb_se, module.common_variables.networks_list.timescaledb], networks = [data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name, module.common_variables.networks_list.orientdb_se, module.common_variables.networks_list.timescaledb],
security_groups = [module.common_variables.security_group_list.default, module.common_variables.security_group_list.http_and_https_from_the_load_balancers], security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [openstack_compute_servergroup_v2.accounting_aggregator_server_group.id], server_groups_ids = [openstack_compute_servergroup_v2.accounting_aggregator_server_group.id],
image_ref = module.common_variables.ubuntu_1804 image_ref = module.common_variables.ubuntu_1804
}, },
resource_checker_se_plugin = { resource_checker_se_plugin = {
name = "resource-checker-se-plugin", name = "resource-checker-se-plugin",
description = "This instance serves smart-executor service with resource-checker-se-plugin", description = "This instance serves smart-executor service with resource-checker-se-plugin",
flavor = module.common_variables.flavor_list.c1_small, flavor = module.common_variables.flavor_list.m1_medium,
networks = ["d4s-dev-cloud-main", module.common_variables.networks_list.orientdb_se], networks = [data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name, module.common_variables.networks_list.orientdb_se],
security_groups = [module.common_variables.security_group_list.default, module.common_variables.security_group_list.http_and_https_from_the_load_balancers], security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [openstack_compute_servergroup_v2.resource_checker_server_group.id], server_groups_ids = [openstack_compute_servergroup_v2.resource_checker_server_group.id],
image_ref = module.common_variables.ubuntu_1804 image_ref = module.common_variables.ubuntu_1804
}, },
@ -101,18 +101,18 @@ module "instance_without_data_volume" {
social_data_indexer_se_plugin = { social_data_indexer_se_plugin = {
name = "social-data-indexer-se-plugin", name = "social-data-indexer-se-plugin",
description = "This instance serves smart-executor service with social-data-indexer-se-plugin", description = "This instance serves smart-executor service with social-data-indexer-se-plugin",
flavor = module.common_variables.flavor_list.c1_small, flavor = module.common_variables.flavor_list.m1_medium,
networks = ["d4s-dev-cloud-main", module.common_variables.networks_list.orientdb_se], networks = [data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name, module.common_variables.networks_list.orientdb_se],
security_groups = [module.common_variables.security_group_list.default, module.common_variables.security_group_list.http_and_https_from_the_load_balancers], security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [openstack_compute_servergroup_v2.social_data_indexer_server_group.id], server_groups_ids = [openstack_compute_servergroup_v2.social_data_indexer_server_group.id],
image_ref = module.common_variables.ubuntu_1804 image_ref = module.common_variables.ubuntu_1804
}, },
accounting_insert_storage_se_plugin = { accounting_insert_storage_se_plugin = {
name = "accounting-insert-storage-se-plugin", name = "accounting-insert-storage-se-plugin",
description = "This instance serves smart-executor service with accounting-insert-storage-se-plugin", description = "This instance serves smart-executor service with accounting-insert-storage-se-plugin",
flavor = module.common_variables.flavor_list.c1_small, flavor = module.common_variables.flavor_list.m1_medium,
networks = ["d4s-dev-cloud-main", module.common_variables.networks_list.orientdb_se], networks = [data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name, module.common_variables.networks_list.orientdb_se],
security_groups = [module.common_variables.security_group_list.default, module.common_variables.security_group_list.http_and_https_from_the_load_balancers], security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [openstack_compute_servergroup_v2.accounting_insert_storage_server_group.id], server_groups_ids = [openstack_compute_servergroup_v2.accounting_insert_storage_server_group.id],
image_ref = module.common_variables.ubuntu_1804 image_ref = module.common_variables.ubuntu_1804
} }

View File

@ -1,7 +1,7 @@
{ {
"version": 4, "version": 4,
"terraform_version": "1.6.4", "terraform_version": "1.6.4",
"serial": 25, "serial": 29,
"lineage": "ae8eda4c-51c3-13f0-219b-df8ea9af7818", "lineage": "ae8eda4c-51c3-13f0-219b-df8ea9af7818",
"outputs": {}, "outputs": {},
"resources": [ "resources": [
@ -29,18 +29,350 @@
"defaults": null, "defaults": null,
"outputs": { "outputs": {
"value": { "value": {
"almalinux_9": {
"name": "AlmaLinux-9.0-20220718",
"uuid": "541650fc-dd19-4f38-bb1d-7333ed9dd688"
},
"availability_zone_no_gpu_name": "cnr-isti-nova-a",
"availability_zone_with_gpu_name": "cnr-isti-nova-gpu-a",
"availability_zones_names": {
"availability_zone_no_gpu": "cnr-isti-nova-a",
"availability_zone_with_gpu": "cnr-isti-nova-gpu-a"
},
"basic_services_ip": {
"ca": "10.1.29.247",
"ca_cidr": "10.1.29.247/32",
"haproxy_l7_1": "10.1.28.50",
"haproxy_l7_1_cidr": "10.1.28.50/32",
"haproxy_l7_2": "10.1.30.241",
"haproxy_l7_2_cidr": "10.1.30.241/32",
"octavia_main": "10.1.28.227",
"octavia_main_cidr": "10.1.28.227/32",
"prometheus": "10.1.30.129",
"prometheus_cidr": "10.1.30.129/32",
"ssh_jump": "10.1.29.164",
"ssh_jump_cidr": "10.1.29.164/32"
},
"centos_7": {
"name": "CentOS-7",
"uuid": "f0187a99-64f6-462a-ab5f-ef52fe62f2ca"
},
"default_security_group_name": "default",
"dns_zone": {
"description": "DNS primary zone for the d4s-dev-cloud project",
"email": "postmaster@isti.cnr.it",
"ttl": "8600",
"zone_name": "cloud-dev.d4science.org."
},
"dns_zone_id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488", "dns_zone_id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488",
"external_gateway_ip": "146.48.31.109", "el7_data_file": "../../openstack_vm_data_scripts/el7.sh",
"external_gateway_ip": [
{
"ip_address": "146.48.31.109",
"subnet_id": "57f87509-4016-46fb-b8c3-25fca7f72ccb"
}
],
"external_network": {
"id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b",
"name": "external-network"
},
"external_network_id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b",
"external_router": {
"description": "D4Science DEV main router",
"id": "2ae28c5f-036b-45db-bc9f-5bab8fa3e914",
"name": "d4s-dev-cloud-external-router"
},
"flavor_list": {
"c1_large": "c1.large",
"c1_medium": "c1.medium",
"c1_small": "c1.small",
"m1_large": "m1.large",
"m1_medium": "m1.medium",
"m1_xlarge": "m1.xlarge",
"m2_large": "m2.large",
"m2_medium": "m2.medium",
"m2_small": "m2.small"
},
"floating_ip_pools": {
"main_public_ip_pool": "external-network"
},
"haproxy_l7_data": {
"flavor": "m1.medium",
"haproxy_1": "haproxy-l7-1",
"haproxy_2": "haproxy-l7-2",
"name": "main-haproxy-l7",
"vm_count": "2"
},
"internal_ca_data": {
"flavor": "m1.small",
"name": "ca"
},
"main_haproxy_l7_ip": [
"10.1.28.50",
"10.1.30.241"
],
"main_private_network": {
"description": "D4Science DEV private network (use this as the main network)",
"name": "d4s-dev-cloud-main"
},
"main_private_network_id": "e0af5eba-f24a-4d0d-8184-bc654b980c4a", "main_private_network_id": "e0af5eba-f24a-4d0d-8184-bc654b980c4a",
"main_subnet_network_id": "2aa977f2-80b4-447c-a6b0-dfa06bf68751" "main_private_subnet": {
"allocation_end": "10.1.31.254",
"allocation_start": "10.1.28.30",
"cidr": "10.1.28.0/22",
"description": "D4Science DEV main private subnet",
"gateway_ip": "10.1.28.1",
"name": "d4s-dev-cloud-sub"
},
"main_region": "isti_area_pi_1",
"main_subnet_network_id": "2aa977f2-80b4-447c-a6b0-dfa06bf68751",
"mtu_size": 8942,
"networks_list": {
"orientdb": "orientdb-net",
"orientdb_se": "orientdb-se-net",
"shared_postgresql": "postgresql-srv-net",
"swarm": "swarm-nfs-net",
"timescaledb": "timescaledb-net"
},
"networks_with_d4s_services": {
"garr_ct1_net": "90.147.166.0/23",
"garr_na_net": "90.147.152.0/24",
"garr_pa1_net": "90.147.188.0/23",
"infrascience_net": "146.48.122.0/23",
"isti_net": "146.48.80.0/21",
"s2i2s_net": "146.48.28.0/22"
},
"octavia_information": {
"main_lb_description": "Main L4 load balancer for the D4Science DEV",
"main_lb_hostname": "main-lb",
"main_lb_name": "lb-dev-l4",
"octavia_flavor": "octavia_amphora-mvcpu-ha",
"octavia_flavor_id": "394988b5-6603-4a1e-a939-8e177c6681c7"
},
"os_project_data": {
"id": "e8f8ca72f30648a8b389b4e745ac83a9"
},
"policy_list": {
"affinity": "affinity",
"anti_affinity": "anti-affinity",
"soft_affinity": "soft-affinity",
"soft_anti_affinity": "soft-anti-affinity"
},
"prometheus_server_data": {
"flavor": "m1.medium",
"name": "prometheus",
"public_grafana_server_cidr": "146.48.122.132/32",
"vol_data_device": "/dev/vdb",
"vol_data_name": "prometheus-data",
"vol_data_size": "100"
},
"resolvers_ip": [
"146.48.29.97",
"146.48.29.98",
"146.48.29.99"
],
"resource_registry_addresses": {},
"security_group_list": {
"acaland": "acaland's dev machine",
"access_to_orientdb": "access_to_orientdb",
"access_to_orientdb_se": "access_to_orientdb_se",
"access_to_the_timescaledb_service": "access_to_the_timescaledb_service",
"cassandra": "Cassandra",
"dataminer-publish": "dataminer-publish",
"debugging_from_jump_node": "debugging_from_jump_node",
"default": "default",
"docker_swarm": "Docker Swarm",
"docker_swarm_NFS": "Docker Swarm NFS",
"haproxy": "HAPROXY L7",
"http_and_https_from_the_load_balancers": "http and https from the load balancers",
"limited_HTTPS_access": "Limited HTTPS access",
"limited_SSH_access": "Limited SSH access",
"mongo": "mongo",
"orientdb_internal_docker_traffic": "orientdb_internal_docker_traffic",
"postgreSQL": "PostgreSQL service",
"public_HTTPS": "Public HTTPS"
},
"shared_postgresql_server_data": {
"allocation_pool_end": "192.168.3.254",
"allocation_pool_start": "192.168.0.100",
"flavor": "m1.medium",
"name": "shared-postgresql-server",
"network_cidr": "192.168.0.0/22",
"network_description": "Network used to communicate with the shared postgresql service",
"network_name": "postgresql-srv-net",
"server_cidr": "192.168.0.5/22",
"server_ip": "192.168.0.5",
"vol_data_device": "/dev/vdb",
"vol_data_name": "shared-postgresql-data",
"vol_data_size": "100"
},
"smartexecutor_addresses": {},
"ssh_jump_proxy": {
"flavor": "m2.small",
"name": "ssh-jump-proxy"
},
"ssh_sources": {
"d4s_vpn_1_cidr": "146.48.122.27/32",
"d4s_vpn_2_cidr": "146.48.122.49/32",
"infrascience_net_cidr": "146.48.122.0/23",
"s2i2s_vpn_1_cidr": "146.48.28.10/32",
"s2i2s_vpn_2_cidr": "146.48.28.11/32",
"shell_d4s_cidr": "146.48.122.95/32"
},
"ubuntu1804_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh",
"ubuntu2204_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh",
"ubuntu_1804": {
"name": "Ubuntu-Bionic-18.04",
"user_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh",
"uuid": "7ed6a2cd-2b07-482e-8ce4-f018dff16c89"
},
"ubuntu_2204": {
"name": "Ubuntu-Jammy-22.04",
"user_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh",
"uuid": "54768889-8556-4be4-a2eb-82a4d9b34627"
}
}, },
"type": [ "type": [
"object", "object",
{ {
"almalinux_9": [
"map",
"string"
],
"availability_zone_no_gpu_name": "string",
"availability_zone_with_gpu_name": "string",
"availability_zones_names": [
"map",
"string"
],
"basic_services_ip": [
"map",
"string"
],
"centos_7": [
"map",
"string"
],
"default_security_group_name": "string",
"dns_zone": [
"map",
"string"
],
"dns_zone_id": "string", "dns_zone_id": "string",
"external_gateway_ip": "string", "el7_data_file": "string",
"external_gateway_ip": [
"list",
[
"object",
{
"ip_address": "string",
"subnet_id": "string"
}
]
],
"external_network": [
"map",
"string"
],
"external_network_id": "string",
"external_router": [
"map",
"string"
],
"flavor_list": [
"map",
"string"
],
"floating_ip_pools": [
"map",
"string"
],
"haproxy_l7_data": [
"map",
"string"
],
"internal_ca_data": [
"map",
"string"
],
"main_haproxy_l7_ip": [
"list",
"string"
],
"main_private_network": [
"map",
"string"
],
"main_private_network_id": "string", "main_private_network_id": "string",
"main_subnet_network_id": "string" "main_private_subnet": [
"map",
"string"
],
"main_region": "string",
"main_subnet_network_id": "string",
"mtu_size": "number",
"networks_list": [
"map",
"string"
],
"networks_with_d4s_services": [
"map",
"string"
],
"octavia_information": [
"map",
"string"
],
"os_project_data": [
"map",
"string"
],
"policy_list": [
"map",
"string"
],
"prometheus_server_data": [
"map",
"string"
],
"resolvers_ip": [
"list",
"string"
],
"resource_registry_addresses": [
"map",
"string"
],
"security_group_list": [
"map",
"string"
],
"shared_postgresql_server_data": [
"map",
"string"
],
"smartexecutor_addresses": [
"map",
"string"
],
"ssh_jump_proxy": [
"map",
"string"
],
"ssh_sources": [
"map",
"string"
],
"ubuntu1804_data_file": "string",
"ubuntu2204_data_file": "string",
"ubuntu_1804": [
"map",
"string"
],
"ubuntu_2204": [
"map",
"string"
]
} }
] ]
}, },
@ -60,7 +392,9 @@
"schema_version": 0, "schema_version": 0,
"attributes": { "attributes": {
"id": "2d792545-a513-4bde-a297-43afa74875df", "id": "2d792545-a513-4bde-a297-43afa74875df",
"members": [], "members": [
"52e2d652-c4d5-48a7-ba9b-bc64b3c16883"
],
"name": "accounting-aggregator-se-plugin", "name": "accounting-aggregator-se-plugin",
"policies": [ "policies": [
"soft-anti-affinity" "soft-anti-affinity"
@ -88,7 +422,9 @@
"schema_version": 0, "schema_version": 0,
"attributes": { "attributes": {
"id": "608bade3-e42b-46af-b969-25caf2e829c5", "id": "608bade3-e42b-46af-b969-25caf2e829c5",
"members": [], "members": [
"112aa21b-ca8c-4a8c-af5f-c48984483d05"
],
"name": "accounting-dashboard-harvester-se-plugin", "name": "accounting-dashboard-harvester-se-plugin",
"policies": [ "policies": [
"soft-anti-affinity" "soft-anti-affinity"
@ -116,7 +452,9 @@
"schema_version": 0, "schema_version": 0,
"attributes": { "attributes": {
"id": "c58d1633-fe27-4175-81b1-5f13baac97fc", "id": "c58d1633-fe27-4175-81b1-5f13baac97fc",
"members": [], "members": [
"7bb6f8cf-f4dc-4465-aeec-ec76d45980a0"
],
"name": "accounting-insert-storage-se-plugin", "name": "accounting-insert-storage-se-plugin",
"policies": [ "policies": [
"soft-anti-affinity" "soft-anti-affinity"
@ -144,7 +482,9 @@
"schema_version": 0, "schema_version": 0,
"attributes": { "attributes": {
"id": "fe90ec2c-8789-4c35-8420-b8dbd415be77", "id": "fe90ec2c-8789-4c35-8420-b8dbd415be77",
"members": [], "members": [
"bd45a9a2-3794-4d22-a52d-d5e77c8e84df"
],
"name": "resource-checker-se-plugin", "name": "resource-checker-se-plugin",
"policies": [ "policies": [
"soft-anti-affinity" "soft-anti-affinity"
@ -172,7 +512,9 @@
"schema_version": 0, "schema_version": 0,
"attributes": { "attributes": {
"id": "04a8b534-5e8c-4e74-b22d-b575b84cd627", "id": "04a8b534-5e8c-4e74-b22d-b575b84cd627",
"members": [], "members": [
"aaaea3c0-a75c-4248-8d03-660f0a484ab4"
],
"name": "social-data-indexer-se-plugin", "name": "social-data-indexer-se-plugin",
"policies": [ "policies": [
"soft-anti-affinity" "soft-anti-affinity"
@ -273,7 +615,7 @@
"region": "isti_area_pi_1", "region": "isti_area_pi_1",
"scheduler_hints": [ "scheduler_hints": [
{ {
"additional_properties": null, "additional_properties": {},
"build_near_host_ip": "", "build_near_host_ip": "",
"different_cell": [], "different_cell": [],
"different_host": [], "different_host": [],
@ -288,7 +630,7 @@
"http and https from the load balancers" "http and https from the load balancers"
], ],
"stop_before_destroy": false, "stop_before_destroy": false,
"tags": null, "tags": [],
"timeouts": null, "timeouts": null,
"updated": "2023-12-07 08:33:25 +0000 UTC", "updated": "2023-12-07 08:33:25 +0000 UTC",
"user_data": "ef3d6e5deb29bd1e5de5a76ae6860f3ee872738c", "user_data": "ef3d6e5deb29bd1e5de5a76ae6860f3ee872738c",
@ -298,6 +640,7 @@
"sensitive_attributes": [], "sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19", "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [ "dependencies": [
"data.terraform_remote_state.privnet_dns_router",
"openstack_compute_servergroup_v2.accounting_aggregator_server_group", "openstack_compute_servergroup_v2.accounting_aggregator_server_group",
"openstack_compute_servergroup_v2.accounting_dashboard_harvester_server_group", "openstack_compute_servergroup_v2.accounting_dashboard_harvester_server_group",
"openstack_compute_servergroup_v2.accounting_insert_storage_server_group", "openstack_compute_servergroup_v2.accounting_insert_storage_server_group",
@ -391,7 +734,7 @@
"region": "isti_area_pi_1", "region": "isti_area_pi_1",
"scheduler_hints": [ "scheduler_hints": [
{ {
"additional_properties": null, "additional_properties": {},
"build_near_host_ip": "", "build_near_host_ip": "",
"different_cell": [], "different_cell": [],
"different_host": [], "different_host": [],
@ -406,7 +749,7 @@
"http and https from the load balancers" "http and https from the load balancers"
], ],
"stop_before_destroy": false, "stop_before_destroy": false,
"tags": null, "tags": [],
"timeouts": null, "timeouts": null,
"updated": "2023-12-07 08:34:15 +0000 UTC", "updated": "2023-12-07 08:34:15 +0000 UTC",
"user_data": "ef3d6e5deb29bd1e5de5a76ae6860f3ee872738c", "user_data": "ef3d6e5deb29bd1e5de5a76ae6860f3ee872738c",
@ -416,6 +759,7 @@
"sensitive_attributes": [], "sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19", "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [ "dependencies": [
"data.terraform_remote_state.privnet_dns_router",
"openstack_compute_servergroup_v2.accounting_aggregator_server_group", "openstack_compute_servergroup_v2.accounting_aggregator_server_group",
"openstack_compute_servergroup_v2.accounting_dashboard_harvester_server_group", "openstack_compute_servergroup_v2.accounting_dashboard_harvester_server_group",
"openstack_compute_servergroup_v2.accounting_insert_storage_server_group", "openstack_compute_servergroup_v2.accounting_insert_storage_server_group",
@ -451,8 +795,8 @@
], ],
"config_drive": null, "config_drive": null,
"created": "2023-12-07 08:31:47 +0000 UTC", "created": "2023-12-07 08:31:47 +0000 UTC",
"flavor_id": "3", "flavor_id": "4",
"flavor_name": "c1.small", "flavor_name": "m1.medium",
"floating_ip": null, "floating_ip": null,
"force_delete": false, "force_delete": false,
"id": "7bb6f8cf-f4dc-4465-aeec-ec76d45980a0", "id": "7bb6f8cf-f4dc-4465-aeec-ec76d45980a0",
@ -489,7 +833,7 @@
"region": "isti_area_pi_1", "region": "isti_area_pi_1",
"scheduler_hints": [ "scheduler_hints": [
{ {
"additional_properties": null, "additional_properties": {},
"build_near_host_ip": "", "build_near_host_ip": "",
"different_cell": [], "different_cell": [],
"different_host": [], "different_host": [],
@ -504,16 +848,17 @@
"http and https from the load balancers" "http and https from the load balancers"
], ],
"stop_before_destroy": false, "stop_before_destroy": false,
"tags": null, "tags": [],
"timeouts": null, "timeouts": null,
"updated": "2023-12-07 08:33:38 +0000 UTC", "updated": "2023-12-18 08:59:33 +0000 UTC",
"user_data": "ef3d6e5deb29bd1e5de5a76ae6860f3ee872738c", "user_data": "",
"vendor_options": [], "vendor_options": [],
"volume": [] "volume": []
}, },
"sensitive_attributes": [], "sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19", "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [ "dependencies": [
"data.terraform_remote_state.privnet_dns_router",
"openstack_compute_servergroup_v2.accounting_aggregator_server_group", "openstack_compute_servergroup_v2.accounting_aggregator_server_group",
"openstack_compute_servergroup_v2.accounting_dashboard_harvester_server_group", "openstack_compute_servergroup_v2.accounting_dashboard_harvester_server_group",
"openstack_compute_servergroup_v2.accounting_insert_storage_server_group", "openstack_compute_servergroup_v2.accounting_insert_storage_server_group",
@ -549,8 +894,8 @@
], ],
"config_drive": null, "config_drive": null,
"created": "2023-12-07 08:31:47 +0000 UTC", "created": "2023-12-07 08:31:47 +0000 UTC",
"flavor_id": "3", "flavor_id": "4",
"flavor_name": "c1.small", "flavor_name": "m1.medium",
"floating_ip": null, "floating_ip": null,
"force_delete": false, "force_delete": false,
"id": "bd45a9a2-3794-4d22-a52d-d5e77c8e84df", "id": "bd45a9a2-3794-4d22-a52d-d5e77c8e84df",
@ -587,7 +932,7 @@
"region": "isti_area_pi_1", "region": "isti_area_pi_1",
"scheduler_hints": [ "scheduler_hints": [
{ {
"additional_properties": null, "additional_properties": {},
"build_near_host_ip": "", "build_near_host_ip": "",
"different_cell": [], "different_cell": [],
"different_host": [], "different_host": [],
@ -602,16 +947,17 @@
"http and https from the load balancers" "http and https from the load balancers"
], ],
"stop_before_destroy": false, "stop_before_destroy": false,
"tags": null, "tags": [],
"timeouts": null, "timeouts": null,
"updated": "2023-12-07 08:32:53 +0000 UTC", "updated": "2023-12-18 08:59:44 +0000 UTC",
"user_data": "ef3d6e5deb29bd1e5de5a76ae6860f3ee872738c", "user_data": "",
"vendor_options": [], "vendor_options": [],
"volume": [] "volume": []
}, },
"sensitive_attributes": [], "sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19", "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [ "dependencies": [
"data.terraform_remote_state.privnet_dns_router",
"openstack_compute_servergroup_v2.accounting_aggregator_server_group", "openstack_compute_servergroup_v2.accounting_aggregator_server_group",
"openstack_compute_servergroup_v2.accounting_dashboard_harvester_server_group", "openstack_compute_servergroup_v2.accounting_dashboard_harvester_server_group",
"openstack_compute_servergroup_v2.accounting_insert_storage_server_group", "openstack_compute_servergroup_v2.accounting_insert_storage_server_group",
@ -647,8 +993,8 @@
], ],
"config_drive": null, "config_drive": null,
"created": "2023-12-07 08:31:48 +0000 UTC", "created": "2023-12-07 08:31:48 +0000 UTC",
"flavor_id": "3", "flavor_id": "4",
"flavor_name": "c1.small", "flavor_name": "m1.medium",
"floating_ip": null, "floating_ip": null,
"force_delete": false, "force_delete": false,
"id": "aaaea3c0-a75c-4248-8d03-660f0a484ab4", "id": "aaaea3c0-a75c-4248-8d03-660f0a484ab4",
@ -685,7 +1031,7 @@
"region": "isti_area_pi_1", "region": "isti_area_pi_1",
"scheduler_hints": [ "scheduler_hints": [
{ {
"additional_properties": null, "additional_properties": {},
"build_near_host_ip": "", "build_near_host_ip": "",
"different_cell": [], "different_cell": [],
"different_host": [], "different_host": [],
@ -700,16 +1046,17 @@
"http and https from the load balancers" "http and https from the load balancers"
], ],
"stop_before_destroy": false, "stop_before_destroy": false,
"tags": null, "tags": [],
"timeouts": null, "timeouts": null,
"updated": "2023-12-07 08:32:26 +0000 UTC", "updated": "2023-12-18 08:59:43 +0000 UTC",
"user_data": "ef3d6e5deb29bd1e5de5a76ae6860f3ee872738c", "user_data": "",
"vendor_options": [], "vendor_options": [],
"volume": [] "volume": []
}, },
"sensitive_attributes": [], "sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19", "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [ "dependencies": [
"data.terraform_remote_state.privnet_dns_router",
"openstack_compute_servergroup_v2.accounting_aggregator_server_group", "openstack_compute_servergroup_v2.accounting_aggregator_server_group",
"openstack_compute_servergroup_v2.accounting_dashboard_harvester_server_group", "openstack_compute_servergroup_v2.accounting_dashboard_harvester_server_group",
"openstack_compute_servergroup_v2.accounting_insert_storage_server_group", "openstack_compute_servergroup_v2.accounting_insert_storage_server_group",

View File

@ -0,0 +1,30 @@
# Define required providers
terraform {
required_version = ">= 0.14.0"
required_providers {
openstack = {
source = "terraform-provider-openstack/openstack"
version = "~> 1.53.0"
}
}
}
data "terraform_remote_state" "privnet_dns_router" {
backend = "local"
config = {
path = "../project-setup/terraform.tfstate"
}
}
module "common_variables" {
source = "../../modules/common_variables"
}
module "variables" {
source = "../variables"
}
module "ssh_keys" {
source = "../../modules/ssh_keys"
}

View File

@ -0,0 +1,3 @@
provider "openstack" {
cloud = "d4s-dev"
}

View File

@ -0,0 +1,429 @@
{
"version": 4,
"terraform_version": "1.7.4",
"serial": 3,
"lineage": "48e9b647-6c03-4b28-7033-9e1d40b3795d",
"outputs": {},
"resources": [
{
"mode": "data",
"type": "terraform_remote_state",
"name": "privnet_dns_router",
"provider": "provider[\"terraform.io/builtin/terraform\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"backend": "local",
"config": {
"value": {
"path": "../project-setup/terraform.tfstate"
},
"type": [
"object",
{
"path": "string"
}
]
},
"defaults": null,
"outputs": {
"value": {
"almalinux_9": {
"name": "AlmaLinux-9.0-20220718",
"uuid": "541650fc-dd19-4f38-bb1d-7333ed9dd688"
},
"availability_zone_no_gpu_name": "cnr-isti-nova-a",
"availability_zone_with_gpu_name": "cnr-isti-nova-gpu-a",
"availability_zones_names": {
"availability_zone_no_gpu": "cnr-isti-nova-a",
"availability_zone_with_gpu": "cnr-isti-nova-gpu-a"
},
"basic_services_ip": {
"ca": "10.1.29.247",
"ca_cidr": "10.1.29.247/32",
"haproxy_l7_1": "10.1.28.50",
"haproxy_l7_1_cidr": "10.1.28.50/32",
"haproxy_l7_2": "10.1.30.241",
"haproxy_l7_2_cidr": "10.1.30.241/32",
"octavia_main": "10.1.28.227",
"octavia_main_cidr": "10.1.28.227/32",
"prometheus": "10.1.30.129",
"prometheus_cidr": "10.1.30.129/32",
"ssh_jump": "10.1.29.164",
"ssh_jump_cidr": "10.1.29.164/32"
},
"centos_7": {
"name": "CentOS-7",
"uuid": "f0187a99-64f6-462a-ab5f-ef52fe62f2ca"
},
"default_security_group_name": "default",
"dns_zone": {
"description": "DNS primary zone for the d4s-dev-cloud project",
"email": "postmaster@isti.cnr.it",
"ttl": "8600",
"zone_name": "cloud-dev.d4science.org."
},
"dns_zone_id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488",
"el7_data_file": "../../openstack_vm_data_scripts/el7.sh",
"external_gateway_ip": [
{
"ip_address": "146.48.31.109",
"subnet_id": "57f87509-4016-46fb-b8c3-25fca7f72ccb"
}
],
"external_network": {
"id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b",
"name": "external-network"
},
"external_network_id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b",
"external_router": {
"description": "D4Science DEV main router",
"id": "2ae28c5f-036b-45db-bc9f-5bab8fa3e914",
"name": "d4s-dev-cloud-external-router"
},
"flavor_list": {
"c1_large": "c1.large",
"c1_medium": "c1.medium",
"c1_small": "c1.small",
"c2_large": "c2.large",
"m1_large": "m1.large",
"m1_medium": "m1.medium",
"m1_xlarge": "m1.xlarge",
"m1_xxl": "m1.xxl",
"m2_large": "m2.large",
"m2_medium": "m2.medium",
"m2_small": "m2.small",
"m3_large": "m3.large"
},
"floating_ip_pools": {
"main_public_ip_pool": "external-network"
},
"haproxy_l7_data": {
"flavor": "m1.medium",
"haproxy_1": "haproxy-l7-1",
"haproxy_2": "haproxy-l7-2",
"name": "main-haproxy-l7",
"vm_count": "2"
},
"internal_ca_data": {
"flavor": "m1.small",
"name": "ca"
},
"main_haproxy_l7_ip": [
"10.1.28.50",
"10.1.30.241"
],
"main_private_network": {
"description": "D4Science DEV private network (use this as the main network)",
"name": "d4s-dev-cloud-main"
},
"main_private_network_id": "e0af5eba-f24a-4d0d-8184-bc654b980c4a",
"main_private_subnet": {
"allocation_end": "10.1.31.254",
"allocation_start": "10.1.28.30",
"cidr": "10.1.28.0/22",
"description": "D4Science DEV main private subnet",
"gateway_ip": "10.1.28.1",
"name": "d4s-dev-cloud-sub"
},
"main_region": "isti_area_pi_1",
"main_subnet_network_id": "2aa977f2-80b4-447c-a6b0-dfa06bf68751",
"mtu_size": 8942,
"networks_list": {
"cassandra": "cassandra-net",
"orientdb": "orientdb-net",
"orientdb_se": "orientdb-se-net",
"shared_postgresql": "postgresql-srv-net",
"swarm": "swarm-nfs-net",
"timescaledb": "timescaledb-net"
},
"networks_with_d4s_services": {
"garr_ct1_net": "90.147.166.0/23",
"garr_na_net": "90.147.152.0/24",
"garr_pa1_net": "90.147.188.0/23",
"infrascience_net": "146.48.122.0/23",
"isti_net": "146.48.80.0/21",
"s2i2s_net": "146.48.28.0/22"
},
"nfs_share_no_ingress_secgroup_id": "5887da8d-e362-4509-93ac-8a70bf8baef9",
"octavia_information": {
"main_lb_description": "Main L4 load balancer for the D4Science DEV",
"main_lb_hostname": "main-lb",
"main_lb_name": "lb-dev-l4",
"octavia_flavor": "octavia_amphora-mvcpu-ha",
"octavia_flavor_id": "394988b5-6603-4a1e-a939-8e177c6681c7"
},
"os_project_data": {
"id": "e8f8ca72f30648a8b389b4e745ac83a9"
},
"policy_list": {
"affinity": "affinity",
"anti_affinity": "anti-affinity",
"soft_affinity": "soft-affinity",
"soft_anti_affinity": "soft-anti-affinity"
},
"prometheus_server_data": {
"flavor": "m1.medium",
"name": "prometheus",
"public_grafana_server_cidr": "146.48.28.103/32",
"vol_data_device": "/dev/vdb",
"vol_data_name": "prometheus-data",
"vol_data_size": "100"
},
"resolvers_ip": [
"146.48.29.97",
"146.48.29.98",
"146.48.29.99"
],
"resource_registry_addresses": {},
"security_group_list": {
"acaland": "acaland's dev machine",
"access_to_orientdb": "access_to_orientdb",
"access_to_orientdb_se": "access_to_orientdb_se",
"access_to_the_timescaledb_service": "access_to_the_timescaledb_service",
"cassandra": "Cassandra",
"dataminer-publish": "dataminer-publish",
"debugging_from_jump_node": "debugging_from_jump_node",
"default": "default",
"docker_swarm": "Docker Swarm",
"docker_swarm_NFS": "Docker Swarm NFS",
"haproxy": "traffic_from_main_lb_to_haproxy_l7",
"http_and_https_from_the_load_balancers": "traffic_from_the_main_load_balancers",
"limited_HTTPS_access": "restricted_web_service",
"limited_SSH_access": "Limited SSH access",
"mongo": "mongo",
"nfs_share_no_ingress": "nfs_share_no_ingress",
"orientdb_internal_docker_traffic": "orientdb_internal_docker_traffic",
"postgreSQL": "PostgreSQL service",
"public_HTTPS": "Public HTTPS"
},
"shared_postgresql_server_data": {
"allocation_pool_end": "192.168.3.254",
"allocation_pool_start": "192.168.0.100",
"flavor": "m1.medium",
"name": "shared-postgresql-server",
"network_cidr": "192.168.0.0/22",
"network_description": "Network used to communicate with the shared postgresql service",
"network_name": "postgresql-srv-net",
"server_cidr": "192.168.0.5/22",
"server_ip": "192.168.0.5",
"vol_data_device": "/dev/vdb",
"vol_data_name": "shared-postgresql-data",
"vol_data_size": "100"
},
"smartexecutor_addresses": {},
"ssh_jump_proxy": {
"flavor": "m2.small",
"name": "ssh-jump-proxy"
},
"ssh_sources": {
"d4s_vpn_1_cidr": "146.48.122.27/32",
"d4s_vpn_2_cidr": "146.48.122.49/32",
"infrascience_net_cidr": "146.48.122.0/23",
"s2i2s_vpn_1_cidr": "146.48.28.10/32",
"s2i2s_vpn_2_cidr": "146.48.28.11/32",
"shell_d4s_cidr": "146.48.122.95/32"
},
"storage_nfs_network_id": "5f4023cc-4016-404c-94e5-86220095fbaf",
"storage_nfs_subnet_id": "6ff0f9e8-0e74-4cc3-a268-7ed4af435696",
"ubuntu1804_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh",
"ubuntu2204_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh",
"ubuntu_1804": {
"name": "Ubuntu-Bionic-18.04",
"user_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh",
"uuid": "7ed6a2cd-2b07-482e-8ce4-f018dff16c89"
},
"ubuntu_2204": {
"name": "Ubuntu-Jammy-22.04",
"user_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh",
"uuid": "54768889-8556-4be4-a2eb-82a4d9b34627"
}
},
"type": [
"object",
{
"almalinux_9": [
"map",
"string"
],
"availability_zone_no_gpu_name": "string",
"availability_zone_with_gpu_name": "string",
"availability_zones_names": [
"map",
"string"
],
"basic_services_ip": [
"map",
"string"
],
"centos_7": [
"map",
"string"
],
"default_security_group_name": "string",
"dns_zone": [
"map",
"string"
],
"dns_zone_id": "string",
"el7_data_file": "string",
"external_gateway_ip": [
"list",
[
"object",
{
"ip_address": "string",
"subnet_id": "string"
}
]
],
"external_network": [
"map",
"string"
],
"external_network_id": "string",
"external_router": [
"map",
"string"
],
"flavor_list": [
"map",
"string"
],
"floating_ip_pools": [
"map",
"string"
],
"haproxy_l7_data": [
"map",
"string"
],
"internal_ca_data": [
"map",
"string"
],
"main_haproxy_l7_ip": [
"list",
"string"
],
"main_private_network": [
"map",
"string"
],
"main_private_network_id": "string",
"main_private_subnet": [
"map",
"string"
],
"main_region": "string",
"main_subnet_network_id": "string",
"mtu_size": "number",
"networks_list": [
"map",
"string"
],
"networks_with_d4s_services": [
"map",
"string"
],
"nfs_share_no_ingress_secgroup_id": "string",
"octavia_information": [
"map",
"string"
],
"os_project_data": [
"map",
"string"
],
"policy_list": [
"map",
"string"
],
"prometheus_server_data": [
"map",
"string"
],
"resolvers_ip": [
"list",
"string"
],
"resource_registry_addresses": [
"map",
"string"
],
"security_group_list": [
"map",
"string"
],
"shared_postgresql_server_data": [
"map",
"string"
],
"smartexecutor_addresses": [
"map",
"string"
],
"ssh_jump_proxy": [
"map",
"string"
],
"ssh_sources": [
"map",
"string"
],
"storage_nfs_network_id": "string",
"storage_nfs_subnet_id": "string",
"ubuntu1804_data_file": "string",
"ubuntu2204_data_file": "string",
"ubuntu_1804": [
"map",
"string"
],
"ubuntu_2204": [
"map",
"string"
]
}
]
},
"workspace": null
},
"sensitive_attributes": []
}
]
},
{
"module": "module.ssh_keys",
"mode": "managed",
"type": "openstack_compute_keypair_v2",
"name": "initial_ssh_key",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"fingerprint": "c8:e0:f5:3d:5b:31:5e:f0:bf:e2:d6:b7:e5:1b:8a:6a",
"id": "Marco Procaccini",
"name": "Marco Procaccini",
"private_key": "",
"public_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCWabEzyFoWbwIkxq3Y9GF2VuRAfglZZxDwvyRgQEAeohF0ue+whk9fN91gI58hW8hEiW3RBt6R1Stp9Gk9lTzKpqtP591A0UsStGTt7D2cXbOS+X2Hj3uAeKwYmtV2AB4l5xzEluK2adWBSBpMZW+pqSjd6ifLR0TsiRcZ9LSaoa3aAqxv55pmeVrlETi9qMvJi083g72LOO/8k02Ea1VAstBoJ1niyaQ69sqVZDTvUSsjjUSla1AxA2cAS/5wjhHOlcuRdxqxuEmqYaCgexmKcRUYoFOWYnYU2iHgi9Ksg2NEr4tn6tQnNKlk7qD3OgIgoyGKhwOxq/Vap5nlO/DGJ6eQbGoK+27SqV9QrM8bj4Et23diTCfUfS96OyLGBjRYAPG50POUtpgXfn/RjhGS8rX4QMKM0ZysAWFAxUMDNFobE9ieXNTrLFh4f9cpVKN0aGooBak4gAdKiAwdqv+Q3DGrBYoz0m7crKUN/hWdXq57B2FaJUVTf/rIzK+cThE= marco@procpc\n",
"region": "isti_area_pi_1",
"user_id": "",
"value_specs": null
},
"sensitive_attributes": [
[
{
"type": "get_attr",
"value": "public_key"
}
]
],
"private": "bnVsbA=="
}
]
}
],
"check_results": null
}

View File

@ -0,0 +1,162 @@
# Define required providers
terraform {
required_version = ">= 0.14.0"
required_providers {
openstack = {
source = "terraform-provider-openstack/openstack"
version = ">= 1.54.0"
}
}
}
data "terraform_remote_state" "privnet_dns_router" {
backend = "local"
config = {
path = "../project-setup/terraform.tfstate"
}
}
#
# Uses common_variables as module
#
module "common_variables" {
source = "../../modules/common_variables"
}
# Module used
module "ssh_settings" {
source = "../../modules/ssh-key-ref"
}
resource "openstack_blockstorage_volume_v3" "storagehub_3_dev_data_volume" {
name = "storagehub_3_data_volume"
size = "25"
}
resource "openstack_blockstorage_volume_v3" "storagehub_4_dev_data_volume" {
name = "storagehub_4_data_volume"
size = "25"
}
# Instances 3
resource "openstack_compute_instance_v2" "storagehub_3_dev" {
name = "storagehub-3"
availability_zone_hints = module.common_variables.availability_zone_no_gpu_name
flavor_name = "m2.small"
key_pair = module.ssh_settings.ssh_key_name
security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers]
block_device {
uuid = module.common_variables.ubuntu_2404.uuid
source_type = "image"
volume_size = 10
boot_index = 0
destination_type = "volume"
delete_on_termination = false
}
# Creates the networks according to input networks
dynamic "network" {
for_each = toset([data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name, module.common_variables.networks_list.shared_postgresql])
content {
name = network.value
}
}
# user_data script used
user_data = file("${module.common_variables.ubuntu_2404.user_data_file}")
# Do not replace the instance when the ssh key changes
lifecycle {
ignore_changes = [
# Ignore changes to tags, e.g. because a management agent
# updates these based on some ruleset managed elsewhere.
key_pair, user_data, network
]
}
}
# Instances 4
resource "openstack_compute_instance_v2" "storagehub_4_dev" {
name = "storagehub-4"
availability_zone_hints = module.common_variables.availability_zone_no_gpu_name
flavor_name = "m2.small"
key_pair = module.ssh_settings.ssh_key_name
security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers]
block_device {
uuid = module.common_variables.ubuntu_2404.uuid
source_type = "image"
volume_size = 10
boot_index = 0
destination_type = "volume"
delete_on_termination = false
}
# Creates the networks according to input networks
dynamic "network" {
for_each = toset([data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name, module.common_variables.networks_list.shared_postgresql])
content {
name = network.value
}
}
# user_data script used
user_data = file("${module.common_variables.ubuntu_2404.user_data_file}")
# Do not replace the instance when the ssh key changes
lifecycle {
ignore_changes = [
# Ignore changes to tags, e.g. because a management agent
# updates these based on some ruleset managed elsewhere.
key_pair, user_data, network
]
}
}
# Attach
resource "openstack_compute_volume_attach_v2" "storagehub_3_dev_attach" {
instance_id = openstack_compute_instance_v2.storagehub_3_dev.id
volume_id = openstack_blockstorage_volume_v3.storagehub_3_dev_data_volume.id
device = "/dev/vdb"
}
resource "openstack_compute_volume_attach_v2" "storagehub_4_dev_attach" {
instance_id = openstack_compute_instance_v2.storagehub_4_dev.id
volume_id = openstack_blockstorage_volume_v3.storagehub_4_dev_data_volume.id
device = "/dev/vdb"
}
locals {
cname_target = "main-lb.${data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name}"
}
#
# Add DNS record/s
#
module "dns_records_create" {
source = "../../modules/dns_resources"
dns_resources_map = {
storagehub-3 = {
zone_id = data.terraform_remote_state.privnet_dns_router.outputs.dns_zone_id
name = join(".", ["storagehub-3", data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name])
description = "StorageHub 3"
ttl = 8600
type = "CNAME"
records = [local.cname_target]
},
storagehub-4 = {
zone_id = data.terraform_remote_state.privnet_dns_router.outputs.dns_zone_id
name = join(".", ["storagehub-4", data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name])
description = "StorageHub 4"
ttl = 8600
type = "CNAME"
records = [local.cname_target]
}
}
}

View File

@ -0,0 +1,3 @@
provider "openstack" {
cloud = "d4s-dev"
}

View File

@ -0,0 +1,765 @@
{
"version": 4,
"terraform_version": "1.6.4",
"serial": 23,
"lineage": "7ae19997-17fe-7f03-9bcb-e326176791ba",
"outputs": {},
"resources": [
{
"mode": "data",
"type": "terraform_remote_state",
"name": "privnet_dns_router",
"provider": "provider[\"terraform.io/builtin/terraform\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"backend": "local",
"config": {
"value": {
"path": "../project-setup/terraform.tfstate"
},
"type": [
"object",
{
"path": "string"
}
]
},
"defaults": null,
"outputs": {
"value": {
"almalinux_9": {
"name": "AlmaLinux-9.0-20220718",
"uuid": "541650fc-dd19-4f38-bb1d-7333ed9dd688"
},
"availability_zone_no_gpu_name": "cnr-isti-nova-a",
"availability_zone_with_gpu_name": "cnr-isti-nova-gpu-a",
"availability_zones_names": {
"availability_zone_no_gpu": "cnr-isti-nova-a",
"availability_zone_with_gpu": "cnr-isti-nova-gpu-a"
},
"basic_services_ip": {
"ca": "10.1.29.247",
"ca_cidr": "10.1.29.247/32",
"haproxy_l7_1": "10.1.28.50",
"haproxy_l7_1_cidr": "10.1.28.50/32",
"haproxy_l7_2": "10.1.30.241",
"haproxy_l7_2_cidr": "10.1.30.241/32",
"octavia_main": "10.1.28.227",
"octavia_main_cidr": "10.1.28.227/32",
"prometheus": "10.1.30.129",
"prometheus_cidr": "10.1.30.129/32",
"ssh_jump": "10.1.29.164",
"ssh_jump_cidr": "10.1.29.164/32"
},
"centos_7": {
"name": "CentOS-7",
"uuid": "f0187a99-64f6-462a-ab5f-ef52fe62f2ca"
},
"default_security_group_name": "default",
"dns_zone": {
"description": "DNS primary zone for the d4s-dev-cloud project",
"email": "postmaster@isti.cnr.it",
"ttl": "8600",
"zone_name": "cloud-dev.d4science.org."
},
"dns_zone_id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488",
"el7_data_file": "../../openstack_vm_data_scripts/el7.sh",
"external_gateway_ip": [
{
"ip_address": "146.48.31.109",
"subnet_id": "57f87509-4016-46fb-b8c3-25fca7f72ccb"
}
],
"external_network": {
"id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b",
"name": "external-network"
},
"external_network_id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b",
"external_router": {
"description": "D4Science DEV main router",
"id": "2ae28c5f-036b-45db-bc9f-5bab8fa3e914",
"name": "d4s-dev-cloud-external-router"
},
"flavor_list": {
"c1_large": "c1.large",
"c1_medium": "c1.medium",
"c1_small": "c1.small",
"c2_large": "c2.large",
"m1_large": "m1.large",
"m1_medium": "m1.medium",
"m1_xlarge": "m1.xlarge",
"m1_xxl": "m1.xxl",
"m2_large": "m2.large",
"m2_medium": "m2.medium",
"m2_small": "m2.small",
"m3_large": "m3.large"
},
"floating_ip_pools": {
"main_public_ip_pool": "external-network"
},
"haproxy_l7_data": {
"flavor": "m1.medium",
"haproxy_1": "haproxy-l7-1",
"haproxy_2": "haproxy-l7-2",
"name": "main-haproxy-l7",
"vm_count": "2"
},
"internal_ca_data": {
"flavor": "m1.small",
"name": "ca"
},
"main_haproxy_l7_ip": [
"10.1.28.50",
"10.1.30.241"
],
"main_private_network": {
"description": "D4Science DEV private network (use this as the main network)",
"name": "d4s-dev-cloud-main"
},
"main_private_network_id": "e0af5eba-f24a-4d0d-8184-bc654b980c4a",
"main_private_subnet": {
"allocation_end": "10.1.31.254",
"allocation_start": "10.1.28.30",
"cidr": "10.1.28.0/22",
"description": "D4Science DEV main private subnet",
"gateway_ip": "10.1.28.1",
"name": "d4s-dev-cloud-sub"
},
"main_region": "isti_area_pi_1",
"main_subnet_network_id": "2aa977f2-80b4-447c-a6b0-dfa06bf68751",
"mtu_size": 8942,
"networks_list": {
"cassandra": "cassandra-net",
"orientdb": "orientdb-net",
"orientdb_se": "orientdb-se-net",
"shared_postgresql": "postgresql-srv-net",
"swarm": "swarm-nfs-net",
"timescaledb": "timescaledb-net"
},
"networks_with_d4s_services": {
"garr_ct1_net": "90.147.166.0/23",
"garr_na_net": "90.147.152.0/24",
"garr_pa1_net": "90.147.188.0/23",
"infrascience_net": "146.48.122.0/23",
"isti_net": "146.48.80.0/21",
"s2i2s_net": "146.48.28.0/22"
},
"nfs_share_no_ingress_secgroup_id": "5887da8d-e362-4509-93ac-8a70bf8baef9",
"octavia_information": {
"main_lb_description": "Main L4 load balancer for the D4Science DEV",
"main_lb_hostname": "main-lb",
"main_lb_name": "lb-dev-l4",
"octavia_flavor": "octavia_amphora-mvcpu-ha",
"octavia_flavor_id": "394988b5-6603-4a1e-a939-8e177c6681c7"
},
"os_project_data": {
"id": "e8f8ca72f30648a8b389b4e745ac83a9"
},
"policy_list": {
"affinity": "affinity",
"anti_affinity": "anti-affinity",
"soft_affinity": "soft-affinity",
"soft_anti_affinity": "soft-anti-affinity"
},
"prometheus_server_data": {
"flavor": "m1.medium",
"name": "prometheus",
"public_grafana_server_cidr": "146.48.28.103/32",
"vol_data_device": "/dev/vdb",
"vol_data_name": "prometheus-data",
"vol_data_size": "100"
},
"resolvers_ip": [
"146.48.29.97",
"146.48.29.98",
"146.48.29.99"
],
"resource_registry_addresses": {},
"security_group_list": {
"acaland": "acaland's dev machine",
"access_to_orientdb": "access_to_orientdb",
"access_to_orientdb_se": "access_to_orientdb_se",
"access_to_the_timescaledb_service": "access_to_the_timescaledb_service",
"cassandra": "Cassandra",
"dataminer-publish": "dataminer-publish",
"debugging_from_jump_node": "debugging_from_jump_node",
"default": "default",
"docker_swarm": "Docker Swarm",
"docker_swarm_NFS": "Docker Swarm NFS",
"haproxy": "traffic_from_main_lb_to_haproxy_l7",
"http_and_https_from_the_load_balancers": "traffic_from_the_main_load_balancers",
"limited_HTTPS_access": "restricted_web_service",
"limited_SSH_access": "Limited SSH access",
"mongo": "mongo",
"nfs_share_no_ingress": "nfs_share_no_ingress",
"orientdb_internal_docker_traffic": "orientdb_internal_docker_traffic",
"postgreSQL": "PostgreSQL service",
"public_HTTPS": "Public HTTPS"
},
"shared_postgresql_server_data": {
"allocation_pool_end": "192.168.3.254",
"allocation_pool_start": "192.168.0.100",
"flavor": "m1.medium",
"name": "shared-postgresql-server",
"network_cidr": "192.168.0.0/22",
"network_description": "Network used to communicate with the shared postgresql service",
"network_name": "postgresql-srv-net",
"server_cidr": "192.168.0.5/22",
"server_ip": "192.168.0.5",
"vol_data_device": "/dev/vdb",
"vol_data_name": "shared-postgresql-data",
"vol_data_size": "100"
},
"smartexecutor_addresses": {},
"ssh_jump_proxy": {
"flavor": "m2.small",
"name": "ssh-jump-proxy"
},
"ssh_sources": {
"d4s_vpn_1_cidr": "146.48.122.27/32",
"d4s_vpn_2_cidr": "146.48.122.49/32",
"infrascience_net_cidr": "146.48.122.0/23",
"s2i2s_vpn_1_cidr": "146.48.28.10/32",
"s2i2s_vpn_2_cidr": "146.48.28.11/32",
"shell_d4s_cidr": "146.48.122.95/32"
},
"storage_nfs_network_id": "5f4023cc-4016-404c-94e5-86220095fbaf",
"storage_nfs_subnet_id": "6ff0f9e8-0e74-4cc3-a268-7ed4af435696",
"ubuntu1804_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh",
"ubuntu2204_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh",
"ubuntu_1804": {
"name": "Ubuntu-Bionic-18.04",
"user_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh",
"uuid": "7ed6a2cd-2b07-482e-8ce4-f018dff16c89"
},
"ubuntu_2204": {
"name": "Ubuntu-Jammy-22.04",
"user_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh",
"uuid": "54768889-8556-4be4-a2eb-82a4d9b34627"
}
},
"type": [
"object",
{
"almalinux_9": [
"map",
"string"
],
"availability_zone_no_gpu_name": "string",
"availability_zone_with_gpu_name": "string",
"availability_zones_names": [
"map",
"string"
],
"basic_services_ip": [
"map",
"string"
],
"centos_7": [
"map",
"string"
],
"default_security_group_name": "string",
"dns_zone": [
"map",
"string"
],
"dns_zone_id": "string",
"el7_data_file": "string",
"external_gateway_ip": [
"list",
[
"object",
{
"ip_address": "string",
"subnet_id": "string"
}
]
],
"external_network": [
"map",
"string"
],
"external_network_id": "string",
"external_router": [
"map",
"string"
],
"flavor_list": [
"map",
"string"
],
"floating_ip_pools": [
"map",
"string"
],
"haproxy_l7_data": [
"map",
"string"
],
"internal_ca_data": [
"map",
"string"
],
"main_haproxy_l7_ip": [
"list",
"string"
],
"main_private_network": [
"map",
"string"
],
"main_private_network_id": "string",
"main_private_subnet": [
"map",
"string"
],
"main_region": "string",
"main_subnet_network_id": "string",
"mtu_size": "number",
"networks_list": [
"map",
"string"
],
"networks_with_d4s_services": [
"map",
"string"
],
"nfs_share_no_ingress_secgroup_id": "string",
"octavia_information": [
"map",
"string"
],
"os_project_data": [
"map",
"string"
],
"policy_list": [
"map",
"string"
],
"prometheus_server_data": [
"map",
"string"
],
"resolvers_ip": [
"list",
"string"
],
"resource_registry_addresses": [
"map",
"string"
],
"security_group_list": [
"map",
"string"
],
"shared_postgresql_server_data": [
"map",
"string"
],
"smartexecutor_addresses": [
"map",
"string"
],
"ssh_jump_proxy": [
"map",
"string"
],
"ssh_sources": [
"map",
"string"
],
"storage_nfs_network_id": "string",
"storage_nfs_subnet_id": "string",
"ubuntu1804_data_file": "string",
"ubuntu2204_data_file": "string",
"ubuntu_1804": [
"map",
"string"
],
"ubuntu_2204": [
"map",
"string"
]
}
]
},
"workspace": null
},
"sensitive_attributes": []
}
]
},
{
"mode": "managed",
"type": "openstack_blockstorage_volume_v3",
"name": "storagehub_3_dev_data_volume",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"attachment": [
{
"device": "/dev/vdb",
"id": "760379aa-ba97-4d23-9e84-e10ddb7aae88",
"instance_id": "28fafca3-13db-48ce-8453-ae5a1bfd8640"
}
],
"availability_zone": "nova",
"backup_id": "",
"consistency_group_id": null,
"description": "",
"enable_online_resize": null,
"id": "760379aa-ba97-4d23-9e84-e10ddb7aae88",
"image_id": null,
"metadata": {},
"name": "storagehub_3_data_volume",
"region": "isti_area_pi_1",
"scheduler_hints": [],
"size": 25,
"snapshot_id": "",
"source_replica": null,
"source_vol_id": "",
"timeouts": null,
"volume_type": "cephUnencrypted"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0="
}
]
},
{
"mode": "managed",
"type": "openstack_blockstorage_volume_v3",
"name": "storagehub_4_dev_data_volume",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"attachment": [
{
"device": "/dev/vdb",
"id": "ffd82b63-0c07-4f0b-88fb-a6f3bdfd8d6b",
"instance_id": "52622dd4-4f62-4405-b4cd-ab4b43bab9ea"
}
],
"availability_zone": "nova",
"backup_id": "",
"consistency_group_id": null,
"description": "",
"enable_online_resize": null,
"id": "ffd82b63-0c07-4f0b-88fb-a6f3bdfd8d6b",
"image_id": null,
"metadata": {},
"name": "storagehub_4_data_volume",
"region": "isti_area_pi_1",
"scheduler_hints": [],
"size": 25,
"snapshot_id": "",
"source_replica": null,
"source_vol_id": "",
"timeouts": null,
"volume_type": "cephUnencrypted"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0="
}
]
},
{
"mode": "managed",
"type": "openstack_compute_instance_v2",
"name": "storagehub_3_dev",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"access_ip_v4": "10.1.30.146",
"access_ip_v6": "",
"admin_pass": null,
"all_metadata": {},
"all_tags": [],
"availability_zone": "cnr-isti-nova-a",
"availability_zone_hints": "cnr-isti-nova-a",
"block_device": [
{
"boot_index": 0,
"delete_on_termination": false,
"destination_type": "volume",
"device_type": "",
"disk_bus": "",
"guest_format": "",
"multiattach": false,
"source_type": "image",
"uuid": "fc3f705d-3cf5-4866-8ef6-ff6e2cdd4075",
"volume_size": 10,
"volume_type": ""
}
],
"config_drive": null,
"created": "2024-07-19 15:43:11 +0000 UTC",
"flavor_id": "10",
"flavor_name": "m2.small",
"force_delete": false,
"id": "28fafca3-13db-48ce-8453-ae5a1bfd8640",
"image_id": "Attempt to boot from volume - no image supplied",
"image_name": null,
"key_pair": "Giancarlo Panichi",
"metadata": null,
"name": "storagehub-3",
"network": [
{
"access_network": false,
"fixed_ip_v4": "10.1.30.146",
"fixed_ip_v6": "",
"mac": "fa:16:3e:58:5b:29",
"name": "d4s-dev-cloud-main",
"port": "",
"uuid": "e0af5eba-f24a-4d0d-8184-bc654b980c4a"
},
{
"access_network": false,
"fixed_ip_v4": "192.168.2.6",
"fixed_ip_v6": "",
"mac": "fa:16:3e:82:98:4e",
"name": "postgresql-srv-net",
"port": "",
"uuid": "00422a4a-4b8b-4c85-acf9-ef733df842b9"
}
],
"network_mode": null,
"personality": [],
"power_state": "active",
"region": "isti_area_pi_1",
"scheduler_hints": [],
"security_groups": [
"default",
"traffic_from_the_main_load_balancers"
],
"stop_before_destroy": false,
"tags": [],
"timeouts": null,
"updated": "2024-11-12 14:14:47 +0000 UTC",
"user_data": "",
"vendor_options": []
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router"
]
}
]
},
{
"mode": "managed",
"type": "openstack_compute_instance_v2",
"name": "storagehub_4_dev",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"access_ip_v4": "10.1.29.195",
"access_ip_v6": "",
"admin_pass": null,
"all_metadata": {},
"all_tags": [],
"availability_zone": "cnr-isti-nova-a",
"availability_zone_hints": "cnr-isti-nova-a",
"block_device": [
{
"boot_index": 0,
"delete_on_termination": false,
"destination_type": "volume",
"device_type": "",
"disk_bus": "",
"guest_format": "",
"multiattach": false,
"source_type": "image",
"uuid": "fc3f705d-3cf5-4866-8ef6-ff6e2cdd4075",
"volume_size": 10,
"volume_type": ""
}
],
"config_drive": null,
"created": "2024-10-07 10:05:52 +0000 UTC",
"flavor_id": "10",
"flavor_name": "m2.small",
"force_delete": false,
"id": "52622dd4-4f62-4405-b4cd-ab4b43bab9ea",
"image_id": "Attempt to boot from volume - no image supplied",
"image_name": null,
"key_pair": "Giancarlo Panichi",
"metadata": null,
"name": "storagehub-4",
"network": [
{
"access_network": false,
"fixed_ip_v4": "10.1.29.195",
"fixed_ip_v6": "",
"mac": "fa:16:3e:2f:58:d8",
"name": "d4s-dev-cloud-main",
"port": "",
"uuid": "e0af5eba-f24a-4d0d-8184-bc654b980c4a"
},
{
"access_network": false,
"fixed_ip_v4": "192.168.2.221",
"fixed_ip_v6": "",
"mac": "fa:16:3e:29:f9:b8",
"name": "postgresql-srv-net",
"port": "",
"uuid": "00422a4a-4b8b-4c85-acf9-ef733df842b9"
}
],
"network_mode": null,
"personality": [],
"power_state": "active",
"region": "isti_area_pi_1",
"scheduler_hints": [],
"security_groups": [
"default",
"traffic_from_the_main_load_balancers"
],
"stop_before_destroy": false,
"tags": [],
"timeouts": null,
"updated": "2024-11-12 14:14:48 +0000 UTC",
"user_data": "",
"vendor_options": []
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router"
]
}
]
},
{
"mode": "managed",
"type": "openstack_compute_volume_attach_v2",
"name": "storagehub_3_dev_attach",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"device": "/dev/vdb",
"id": "28fafca3-13db-48ce-8453-ae5a1bfd8640/760379aa-ba97-4d23-9e84-e10ddb7aae88",
"instance_id": "28fafca3-13db-48ce-8453-ae5a1bfd8640",
"multiattach": null,
"region": "isti_area_pi_1",
"tag": null,
"timeouts": null,
"vendor_options": [],
"volume_id": "760379aa-ba97-4d23-9e84-e10ddb7aae88"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router",
"openstack_blockstorage_volume_v3.storagehub_3_dev_data_volume",
"openstack_compute_instance_v2.storagehub_3_dev"
]
}
]
},
{
"mode": "managed",
"type": "openstack_compute_volume_attach_v2",
"name": "storagehub_4_dev_attach",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"device": "/dev/vdb",
"id": "52622dd4-4f62-4405-b4cd-ab4b43bab9ea/ffd82b63-0c07-4f0b-88fb-a6f3bdfd8d6b",
"instance_id": "52622dd4-4f62-4405-b4cd-ab4b43bab9ea",
"multiattach": null,
"region": "isti_area_pi_1",
"tag": null,
"timeouts": null,
"vendor_options": [],
"volume_id": "ffd82b63-0c07-4f0b-88fb-a6f3bdfd8d6b"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router",
"openstack_blockstorage_volume_v3.storagehub_4_dev_data_volume",
"openstack_compute_instance_v2.storagehub_4_dev"
]
}
]
},
{
"module": "module.dns_records_create",
"mode": "managed",
"type": "openstack_dns_recordset_v2",
"name": "add_dns_recordset",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"index_key": "storagehub-3",
"schema_version": 0,
"attributes": {
"description": "StorageHub 3",
"disable_status_check": false,
"id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488/e810a552-62bf-451d-b78b-45138988b853",
"name": "storagehub-3.cloud-dev.d4science.org.",
"project_id": "e8f8ca72f30648a8b389b4e745ac83a9",
"records": [
"main-lb.cloud-dev.d4science.org."
],
"region": "isti_area_pi_1",
"timeouts": null,
"ttl": 8600,
"type": "CNAME",
"value_specs": null,
"zone_id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router"
]
},
{
"index_key": "storagehub-4",
"schema_version": 0,
"attributes": {
"description": "StorageHub 4",
"disable_status_check": false,
"id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488/7c13f300-98b2-42a2-a261-bcc616d85cbe",
"name": "storagehub-4.cloud-dev.d4science.org.",
"project_id": "e8f8ca72f30648a8b389b4e745ac83a9",
"records": [
"main-lb.cloud-dev.d4science.org."
],
"region": "isti_area_pi_1",
"timeouts": null,
"ttl": 8600,
"type": "CNAME",
"value_specs": null,
"zone_id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router"
]
}
]
}
],
"check_results": null
}

View File

@ -0,0 +1,71 @@
# Define required providers
terraform {
required_version = ">= 0.14.0"
required_providers {
openstack = {
source = "terraform-provider-openstack/openstack"
version = "~> 1.53.0"
}
}
}
data "terraform_remote_state" "privnet_dns_router" {
backend = "local"
config = {
path = "../project-setup/terraform.tfstate"
}
}
#
# Uses common_variables as module
#
module "common_variables" {
source = "../../modules/common_variables"
}
module "instance_with_data_volume" {
source = "../../modules/instance_with_data_volume"
instances_with_data_volume_map = {
thredds1 = {
name = "thredds1",
description = "Thredds dev instance",
flavor = module.common_variables.flavor_list.m2_small,
networks = [data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name],
security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [],
image_ref = module.common_variables.ubuntu_1804,
image_volume_size = 20
volume = {
name = "thredds1_data_volume",
size = "280",
device = "/dev/vdb"
}
}
}
}
locals {
cname_target = "main-lb.${data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name}"
}
#
# Add DNS record/s
#
module "dns_records_create" {
source = "../../modules/dns_resources"
dns_resources_map = {
thredds1 = {
zone_id = data.terraform_remote_state.privnet_dns_router.outputs.dns_zone_id
name = join(".", ["thredds1", data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name])
description = "Thredds thredds1"
ttl = 8600
type = "CNAME"
records = [local.cname_target]
}
}
}

View File

@ -0,0 +1,3 @@
provider "openstack" {
cloud = "d4s-dev"
}

View File

@ -0,0 +1,577 @@
{
"version": 4,
"terraform_version": "1.6.6",
"serial": 7,
"lineage": "5d2f6ed3-379d-993a-46a5-4f1f7adb1dab",
"outputs": {},
"resources": [
{
"mode": "data",
"type": "terraform_remote_state",
"name": "privnet_dns_router",
"provider": "provider[\"terraform.io/builtin/terraform\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"backend": "local",
"config": {
"value": {
"path": "../project-setup/terraform.tfstate"
},
"type": [
"object",
{
"path": "string"
}
]
},
"defaults": null,
"outputs": {
"value": {
"almalinux_9": {
"name": "AlmaLinux-9.0-20220718",
"uuid": "541650fc-dd19-4f38-bb1d-7333ed9dd688"
},
"availability_zone_no_gpu_name": "cnr-isti-nova-a",
"availability_zone_with_gpu_name": "cnr-isti-nova-gpu-a",
"availability_zones_names": {
"availability_zone_no_gpu": "cnr-isti-nova-a",
"availability_zone_with_gpu": "cnr-isti-nova-gpu-a"
},
"basic_services_ip": {
"ca": "10.1.29.247",
"ca_cidr": "10.1.29.247/32",
"haproxy_l7_1": "10.1.28.50",
"haproxy_l7_1_cidr": "10.1.28.50/32",
"haproxy_l7_2": "10.1.30.241",
"haproxy_l7_2_cidr": "10.1.30.241/32",
"octavia_main": "10.1.28.227",
"octavia_main_cidr": "10.1.28.227/32",
"prometheus": "10.1.30.129",
"prometheus_cidr": "10.1.30.129/32",
"ssh_jump": "10.1.29.164",
"ssh_jump_cidr": "10.1.29.164/32"
},
"centos_7": {
"name": "CentOS-7",
"uuid": "f0187a99-64f6-462a-ab5f-ef52fe62f2ca"
},
"default_security_group_name": "default",
"dns_zone": {
"description": "DNS primary zone for the d4s-dev-cloud project",
"email": "postmaster@isti.cnr.it",
"ttl": "8600",
"zone_name": "cloud-dev.d4science.org."
},
"dns_zone_id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488",
"el7_data_file": "../../openstack_vm_data_scripts/el7.sh",
"external_gateway_ip": [
{
"ip_address": "146.48.31.109",
"subnet_id": "57f87509-4016-46fb-b8c3-25fca7f72ccb"
}
],
"external_network": {
"id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b",
"name": "external-network"
},
"external_network_id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b",
"external_router": {
"description": "D4Science DEV main router",
"id": "2ae28c5f-036b-45db-bc9f-5bab8fa3e914",
"name": "d4s-dev-cloud-external-router"
},
"flavor_list": {
"c1_large": "c1.large",
"c1_medium": "c1.medium",
"c1_small": "c1.small",
"m1_large": "m1.large",
"m1_medium": "m1.medium",
"m1_xlarge": "m1.xlarge",
"m2_large": "m2.large",
"m2_medium": "m2.medium",
"m2_small": "m2.small"
},
"floating_ip_pools": {
"main_public_ip_pool": "external-network"
},
"haproxy_l7_data": {
"flavor": "m1.medium",
"haproxy_1": "haproxy-l7-1",
"haproxy_2": "haproxy-l7-2",
"name": "main-haproxy-l7",
"vm_count": "2"
},
"internal_ca_data": {
"flavor": "m1.small",
"name": "ca"
},
"main_haproxy_l7_ip": [
"10.1.28.50",
"10.1.30.241"
],
"main_private_network": {
"description": "D4Science DEV private network (use this as the main network)",
"name": "d4s-dev-cloud-main"
},
"main_private_network_id": "e0af5eba-f24a-4d0d-8184-bc654b980c4a",
"main_private_subnet": {
"allocation_end": "10.1.31.254",
"allocation_start": "10.1.28.30",
"cidr": "10.1.28.0/22",
"description": "D4Science DEV main private subnet",
"gateway_ip": "10.1.28.1",
"name": "d4s-dev-cloud-sub"
},
"main_region": "isti_area_pi_1",
"main_subnet_network_id": "2aa977f2-80b4-447c-a6b0-dfa06bf68751",
"mtu_size": 8942,
"networks_list": {
"orientdb": "orientdb-net",
"orientdb_se": "orientdb-se-net",
"shared_postgresql": "postgresql-srv-net",
"swarm": "swarm-nfs-net",
"timescaledb": "timescaledb-net"
},
"networks_with_d4s_services": {
"garr_ct1_net": "90.147.166.0/23",
"garr_na_net": "90.147.152.0/24",
"garr_pa1_net": "90.147.188.0/23",
"infrascience_net": "146.48.122.0/23",
"isti_net": "146.48.80.0/21",
"s2i2s_net": "146.48.28.0/22"
},
"octavia_information": {
"main_lb_description": "Main L4 load balancer for the D4Science DEV",
"main_lb_hostname": "main-lb",
"main_lb_name": "lb-dev-l4",
"octavia_flavor": "octavia_amphora-mvcpu-ha",
"octavia_flavor_id": "394988b5-6603-4a1e-a939-8e177c6681c7"
},
"os_project_data": {
"id": "e8f8ca72f30648a8b389b4e745ac83a9"
},
"policy_list": {
"affinity": "affinity",
"anti_affinity": "anti-affinity",
"soft_affinity": "soft-affinity",
"soft_anti_affinity": "soft-anti-affinity"
},
"prometheus_server_data": {
"flavor": "m1.medium",
"name": "prometheus",
"public_grafana_server_cidr": "146.48.122.132/32",
"vol_data_device": "/dev/vdb",
"vol_data_name": "prometheus-data",
"vol_data_size": "100"
},
"resolvers_ip": [
"146.48.29.97",
"146.48.29.98",
"146.48.29.99"
],
"resource_registry_addresses": {},
"security_group_list": {
"acaland": "acaland's dev machine",
"access_to_orientdb": "access_to_orientdb",
"access_to_orientdb_se": "access_to_orientdb_se",
"access_to_the_timescaledb_service": "access_to_the_timescaledb_service",
"cassandra": "Cassandra",
"dataminer-publish": "dataminer-publish",
"debugging_from_jump_node": "debugging_from_jump_node",
"default": "default",
"docker_swarm": "Docker Swarm",
"docker_swarm_NFS": "Docker Swarm NFS",
"haproxy": "HAPROXY L7",
"http_and_https_from_the_load_balancers": "http and https from the load balancers",
"limited_HTTPS_access": "Limited HTTPS access",
"limited_SSH_access": "Limited SSH access",
"mongo": "mongo",
"orientdb_internal_docker_traffic": "orientdb_internal_docker_traffic",
"postgreSQL": "PostgreSQL service",
"public_HTTPS": "Public HTTPS"
},
"shared_postgresql_server_data": {
"allocation_pool_end": "192.168.3.254",
"allocation_pool_start": "192.168.0.100",
"flavor": "m1.medium",
"name": "shared-postgresql-server",
"network_cidr": "192.168.0.0/22",
"network_description": "Network used to communicate with the shared postgresql service",
"network_name": "postgresql-srv-net",
"server_cidr": "192.168.0.5/22",
"server_ip": "192.168.0.5",
"vol_data_device": "/dev/vdb",
"vol_data_name": "shared-postgresql-data",
"vol_data_size": "100"
},
"smartexecutor_addresses": {},
"ssh_jump_proxy": {
"flavor": "m2.small",
"name": "ssh-jump-proxy"
},
"ssh_sources": {
"d4s_vpn_1_cidr": "146.48.122.27/32",
"d4s_vpn_2_cidr": "146.48.122.49/32",
"infrascience_net_cidr": "146.48.122.0/23",
"s2i2s_vpn_1_cidr": "146.48.28.10/32",
"s2i2s_vpn_2_cidr": "146.48.28.11/32",
"shell_d4s_cidr": "146.48.122.95/32"
},
"ubuntu1804_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh",
"ubuntu2204_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh",
"ubuntu_1804": {
"name": "Ubuntu-Bionic-18.04",
"user_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh",
"uuid": "7ed6a2cd-2b07-482e-8ce4-f018dff16c89"
},
"ubuntu_2204": {
"name": "Ubuntu-Jammy-22.04",
"user_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh",
"uuid": "54768889-8556-4be4-a2eb-82a4d9b34627"
}
},
"type": [
"object",
{
"almalinux_9": [
"map",
"string"
],
"availability_zone_no_gpu_name": "string",
"availability_zone_with_gpu_name": "string",
"availability_zones_names": [
"map",
"string"
],
"basic_services_ip": [
"map",
"string"
],
"centos_7": [
"map",
"string"
],
"default_security_group_name": "string",
"dns_zone": [
"map",
"string"
],
"dns_zone_id": "string",
"el7_data_file": "string",
"external_gateway_ip": [
"list",
[
"object",
{
"ip_address": "string",
"subnet_id": "string"
}
]
],
"external_network": [
"map",
"string"
],
"external_network_id": "string",
"external_router": [
"map",
"string"
],
"flavor_list": [
"map",
"string"
],
"floating_ip_pools": [
"map",
"string"
],
"haproxy_l7_data": [
"map",
"string"
],
"internal_ca_data": [
"map",
"string"
],
"main_haproxy_l7_ip": [
"list",
"string"
],
"main_private_network": [
"map",
"string"
],
"main_private_network_id": "string",
"main_private_subnet": [
"map",
"string"
],
"main_region": "string",
"main_subnet_network_id": "string",
"mtu_size": "number",
"networks_list": [
"map",
"string"
],
"networks_with_d4s_services": [
"map",
"string"
],
"octavia_information": [
"map",
"string"
],
"os_project_data": [
"map",
"string"
],
"policy_list": [
"map",
"string"
],
"prometheus_server_data": [
"map",
"string"
],
"resolvers_ip": [
"list",
"string"
],
"resource_registry_addresses": [
"map",
"string"
],
"security_group_list": [
"map",
"string"
],
"shared_postgresql_server_data": [
"map",
"string"
],
"smartexecutor_addresses": [
"map",
"string"
],
"ssh_jump_proxy": [
"map",
"string"
],
"ssh_sources": [
"map",
"string"
],
"ubuntu1804_data_file": "string",
"ubuntu2204_data_file": "string",
"ubuntu_1804": [
"map",
"string"
],
"ubuntu_2204": [
"map",
"string"
]
}
]
},
"workspace": null
},
"sensitive_attributes": []
}
]
},
{
"module": "module.dns_records_create",
"mode": "managed",
"type": "openstack_dns_recordset_v2",
"name": "add_dns_recordset",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"index_key": "thredds1",
"schema_version": 0,
"attributes": {
"description": "Thredds thredds1",
"disable_status_check": false,
"id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488/40b567cb-7ba4-47ba-83de-2b300ac2afee",
"name": "thredds1.cloud-dev.d4science.org.",
"project_id": "e8f8ca72f30648a8b389b4e745ac83a9",
"records": [
"main-lb.cloud-dev.d4science.org."
],
"region": "isti_area_pi_1",
"timeouts": null,
"ttl": 8600,
"type": "CNAME",
"value_specs": null,
"zone_id": "cbae638a-9d99-44aa-946c-0f5ffb7fc488"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router"
]
}
]
},
{
"module": "module.instance_with_data_volume",
"mode": "managed",
"type": "openstack_blockstorage_volume_v3",
"name": "instance_data_volume",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"index_key": "thredds1",
"schema_version": 0,
"attributes": {
"attachment": [
{
"device": "/dev/vdb",
"id": "24d966e9-13ef-4e08-8fba-c334eb63f51b",
"instance_id": "b7039dac-cad3-4774-b446-feb391d3d539"
}
],
"availability_zone": "nova",
"consistency_group_id": null,
"description": "",
"enable_online_resize": null,
"id": "24d966e9-13ef-4e08-8fba-c334eb63f51b",
"image_id": null,
"metadata": {},
"multiattach": null,
"name": "thredds1_data_volume",
"region": "isti_area_pi_1",
"scheduler_hints": [],
"size": 280,
"snapshot_id": "",
"source_replica": null,
"source_vol_id": "",
"timeouts": null,
"volume_type": "cephUnencrypted"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router"
]
}
]
},
{
"module": "module.instance_with_data_volume",
"mode": "managed",
"type": "openstack_compute_instance_v2",
"name": "instance_with_data_volume",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"index_key": "thredds1",
"schema_version": 0,
"attributes": {
"access_ip_v4": "10.1.29.210",
"access_ip_v6": "",
"admin_pass": null,
"all_metadata": {},
"all_tags": [],
"availability_zone": "cnr-isti-nova-a",
"availability_zone_hints": "cnr-isti-nova-a",
"block_device": [
{
"boot_index": 0,
"delete_on_termination": false,
"destination_type": "volume",
"device_type": "",
"disk_bus": "",
"guest_format": "",
"multiattach": false,
"source_type": "image",
"uuid": "7ed6a2cd-2b07-482e-8ce4-f018dff16c89",
"volume_size": 20,
"volume_type": ""
}
],
"config_drive": null,
"created": "2024-01-30 11:46:59 +0000 UTC",
"flavor_id": "10",
"flavor_name": "m2.small",
"floating_ip": null,
"force_delete": false,
"id": "b7039dac-cad3-4774-b446-feb391d3d539",
"image_id": "Attempt to boot from volume - no image supplied",
"image_name": null,
"key_pair": "adellam",
"metadata": null,
"name": "thredds1",
"network": [
{
"access_network": false,
"fixed_ip_v4": "10.1.29.210",
"fixed_ip_v6": "",
"floating_ip": "",
"mac": "fa:16:3e:a2:7f:dd",
"name": "d4s-dev-cloud-main",
"port": "",
"uuid": "e0af5eba-f24a-4d0d-8184-bc654b980c4a"
}
],
"network_mode": null,
"personality": [],
"power_state": "active",
"region": "isti_area_pi_1",
"scheduler_hints": [],
"security_groups": [
"default",
"http and https from the load balancers"
],
"stop_before_destroy": false,
"tags": [],
"timeouts": null,
"updated": "2024-01-30 11:47:42 +0000 UTC",
"user_data": "47d4769e61324c305c4b70ed6673de4fad84150d",
"vendor_options": [],
"volume": []
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router"
]
}
]
},
{
"module": "module.instance_with_data_volume",
"mode": "managed",
"type": "openstack_compute_volume_attach_v2",
"name": "attach_volume",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"index_key": "thredds1",
"schema_version": 0,
"attributes": {
"device": "/dev/vdb",
"id": "b7039dac-cad3-4774-b446-feb391d3d539/24d966e9-13ef-4e08-8fba-c334eb63f51b",
"instance_id": "b7039dac-cad3-4774-b446-feb391d3d539",
"multiattach": null,
"region": "isti_area_pi_1",
"timeouts": null,
"vendor_options": [],
"volume_id": "24d966e9-13ef-4e08-8fba-c334eb63f51b"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router",
"module.instance_with_data_volume.openstack_blockstorage_volume_v3.instance_data_volume",
"module.instance_with_data_volume.openstack_compute_instance_v2.instance_with_data_volume"
]
}
]
}
],
"check_results": null
}

View File

@ -1,25 +0,0 @@
# This file is maintained automatically by "terraform init".
# Manual edits may be lost in future updates.
provider "registry.terraform.io/terraform-provider-openstack/openstack" {
version = "1.53.0"
constraints = "~> 1.53.0"
hashes = [
"h1:YLGvYkSuagyP5orUTyKNK+JhzS17EFTUDpZ5R5/fFv4=",
"h1:ZSJPqrlaHQ3sj7wyJuPSG+NblFZbAA6Y0d3GjSJf3o8=",
"zh:09da7ca98ffd3de7b9ce36c4c13446212a6e763ba1162be71b50f95d453cb68e",
"zh:14041bcbb87312411d88612056ed185650bfd01284b8ea0761ce8105a331708e",
"zh:35bf4c788fdbc17c8e40ebc7b33c7de4b45a2fa2efaa657b10f0e3bd37c9627f",
"zh:46ede8ef4cfa12d654c538afc1e1ec34a1f3e8eb4e986ee23dceae398b7176a6",
"zh:59675734990dab1e8d87997853ea75e8104bba730b3f5a7146ac735540c9d6bf",
"zh:6de52428849806498670e827b54810be7510a2a79449602c1aede4235a0ec036",
"zh:78b2a20601272afceffac8f8ca78a6b647b84196c0dd8dc710fae297f6be15a4",
"zh:7c41ed3a4fac09677e676ecf9f9edd1e38eef449e656cb01a848d2c799c6de8f",
"zh:852800228f4118a4aa6cfaa4468b851247cbed6f037fd204f08de69eb1edc149",
"zh:86d618e7f9a07d978b8bc4b190be350a00de64ec535f9c8f5dfe133542a55483",
"zh:963a9e72b66d8bcf43de9b14a674ae3ca3719ce2f829217f7a65b66fc3773397",
"zh:a8e72ab67795071bda61f99a6de3d2d40122fb51971768fd75e1324abe874ced",
"zh:ce1890cf3af17d569af3bc7673cec0a8f78e6f5d701767593f3d29c551f44848",
"zh:e6f1b96eb684f527a47f71923f268c86a36d7894751b31ee9e726d7502a639cd",
]
}

View File

@ -1,63 +0,0 @@
# Define required providers
terraform {
required_version = ">= 0.14.0"
required_providers {
openstack = {
source = "terraform-provider-openstack/openstack"
version = "~> 1.53.0"
}
}
}
data "terraform_remote_state" "privnet_dns_router" {
backend = "local"
config = {
path = "../project-setup/terraform.tfstate"
}
}
#
# Uses common_variables as module
#
module "common_variables" {
source = "../../modules/common_variables"
}
#
# Creates the server group "uri-resolver"
#
resource "openstack_compute_servergroup_v2" "uri-resolver" {
name = "uri-resolver"
policies = [module.common_variables.policy_list.soft_anti_affinity]
}
module "instance_without_data_volume" {
source = "../../modules/instance_without_data_volume"
instances_without_data_volume_map = {
# URI-Resolver instance 1
uri_resolver_service_i1 = {
name = "data-1",
description = "The data instance",
flavor = module.common_variables.flavor_list.m1_medium,
networks = ["d4s-dev-cloud-main"],
security_groups = [module.common_variables.security_group_list.default, module.common_variables.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [openstack_compute_servergroup_v2.uri-resolver.id],
image_ref = module.common_variables.ubuntu_1804
},
# URI-Resolver instance 2
uri_resolver_service_i2 = {
name = "data-2",
description = "The data1 instance",
flavor = module.common_variables.flavor_list.m1_medium,
networks = ["d4s-dev-cloud-main"],
security_groups = [module.common_variables.security_group_list.default, module.common_variables.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [openstack_compute_servergroup_v2.uri-resolver.id],
image_ref = module.common_variables.ubuntu_1804
}
}
}

View File

@ -10,8 +10,6 @@ dns_zone = {
ttl = 8600 ttl = 8600
} }
dns_zone_id = "cbae638a-9d99-44aa-946c-0f5ffb7fc488"
default_security_group_name = "default" default_security_group_name = "default"
main_private_network = { main_private_network = {
@ -34,16 +32,6 @@ external_router = {
id = "2ae28c5f-036b-45db-bc9f-5bab8fa3e914" id = "2ae28c5f-036b-45db-bc9f-5bab8fa3e914"
} }
main_haproxy_l7_ip = ["10.1.28.50", "10.1.30.241"]
octavia_information = {
main_lb_name = "lb-dev-l4"
main_lb_description = "Main L4 load balancer for the D4Science DEV"
octavia_flavor = "octavia_amphora-mvcpu-ha"
octavia_flavor_id = "394988b5-6603-4a1e-a939-8e177c6681c7"
main_lb_hostname = "main-lb"
}
basic_services_ip = { basic_services_ip = {
ca = "10.1.29.247" ca = "10.1.29.247"
ca_cidr = "10.1.29.247/32" ca_cidr = "10.1.29.247/32"
@ -58,3 +46,13 @@ basic_services_ip = {
octavia_main = "10.1.28.227" octavia_main = "10.1.28.227"
octavia_main_cidr = "10.1.28.227/32" octavia_main_cidr = "10.1.28.227/32"
} }
main_haproxy_l7_ip = ["10.1.28.50", "10.1.30.241"]
octavia_information = {
main_lb_name = "lb-dev-l4"
main_lb_description = "Main L4 load balancer for the D4Science DEV"
octavia_flavor = "octavia_amphora-mvcpu-ha"
octavia_flavor_id = "394988b5-6603-4a1e-a939-8e177c6681c7"
main_lb_hostname = "main-lb"
}

View File

@ -2,6 +2,38 @@ output "os_project_data" {
value = var.os_project_data value = var.os_project_data
} }
output "dns_zone" {
value = var.dns_zone
}
output "default_security_group_name" {
value = "default"
}
output "main_private_network" {
value = var.main_private_network
}
output "main_private_subnet" {
value = var.main_private_subnet
}
output "external_router" {
value = var.external_router
}
output "basic_services_ip" {
value = var.basic_services_ip
}
output "main_haproxy_l7_ip" { output "main_haproxy_l7_ip" {
value = var.main_haproxy_l7_ip value = var.main_haproxy_l7_ip
} }
output "octavia_information" {
value = var.octavia_information
}
output "swarm_manila_interfaces_ip" {
value = var.swarm_manila_interfaces_ip
}

View File

@ -16,11 +16,6 @@ variable "dns_zone" {
} }
} }
variable "dns_zone_id" {
# Set with the correct value after the setup is complete
default = ""
}
variable "default_security_group_name" { variable "default_security_group_name" {
default = "default" default = "default"
} }
@ -54,22 +49,6 @@ variable "external_router" {
} }
} }
variable "main_haproxy_l7_ip" {
type = list(string)
default = ["10.1.28.50", "10.1.30.241"]
}
variable "octavia_information" {
type = map(string)
default = {
main_lb_name = "lb-dev-l4"
main_lb_description = "Main L4 load balancer for the D4Science DEV"
octavia_flavor = "octavia_amphora-mvcpu-ha"
octavia_flavor_id = "394988b5-6603-4a1e-a939-8e177c6681c7"
main_lb_hostname = "main-lb"
}
}
variable "basic_services_ip" { variable "basic_services_ip" {
type = map(string) type = map(string)
default = { default = {
@ -87,3 +66,33 @@ variable "basic_services_ip" {
octavia_main_cidr = "10.1.28.227/32" octavia_main_cidr = "10.1.28.227/32"
} }
} }
variable "main_haproxy_l7_ip" {
type = list(string)
default = ["10.1.28.50", "10.1.30.241"]
}
variable "octavia_information" {
type = map(string)
default = {
main_lb_name = "lb-dev-l4"
main_lb_description = "Main L4 load balancer for the D4Science DEV"
octavia_flavor = "octavia_amphora-mvcpu-ha"
octavia_flavor_id = "394988b5-6603-4a1e-a939-8e177c6681c7"
main_lb_hostname = "main-lb"
}
}
variable "swarm_manila_interfaces_ip" {
type = map(string)
default = {
"mgr_1" = "172.17.2.74"
"mgr_2" = "172.17.3.218"
"mgr_3" = "172.17.2.230"
"worker_1" = "172.17.0.166"
"worker_2" = "172.17.2.171"
"worker_3" = "172.17.0.146"
"worker_4" = "172.17.1.195"
"worker_5" = "172.17.2.187"
}
}

View File

@ -0,0 +1,58 @@
# Define required providers
terraform {
required_version = ">= 0.14.0"
required_providers {
openstack = {
source = "terraform-provider-openstack/openstack"
version = "~> 1.53.0"
}
}
}
data "terraform_remote_state" "privnet_dns_router" {
backend = "local"
config = {
path = "../project-setup/terraform.tfstate"
}
}
#
# Uses common_variables as module
#
module "common_variables" {
source = "../../modules/common_variables"
}
#
# Creates the server group "accounting-service"
#
resource "openstack_compute_servergroup_v2" "accounting_service_server_group" {
name = "accounting-service"
policies = [module.common_variables.policy_list.soft_anti_affinity]
}
module "instance_without_data_volume" {
source = "../../modules/instance_without_data_volume"
instances_without_data_volume_map = {
accounting_service_1 = {
name = "accounting-service-1",
description = "This instance serves accounting service",
flavor = module.common_variables.flavor_list.m1_medium,
networks = [data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name, module.common_variables.networks_list.timescaledb],
security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.debugging_from_jump_node],
server_groups_ids = [openstack_compute_servergroup_v2.accounting_service_server_group.id],
image_ref = module.common_variables.ubuntu_1804
},
accounting_service_2 = {
name = "accounting-service-2",
description = "This instance serves accounting service",
flavor = module.common_variables.flavor_list.m1_medium,
networks = [data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name, module.common_variables.networks_list.timescaledb],
security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.debugging_from_jump_node],
server_groups_ids = [openstack_compute_servergroup_v2.accounting_service_server_group.id],
image_ref = module.common_variables.ubuntu_1804
}
}
}

View File

@ -0,0 +1,3 @@
provider "openstack" {
cloud = "d4s-pre"
}

View File

@ -0,0 +1,631 @@
{
"version": 4,
"terraform_version": "1.6.4",
"serial": 4,
"lineage": "f42b6286-369c-9d4b-f90c-b7aca3f46bc1",
"outputs": {},
"resources": [
{
"mode": "data",
"type": "terraform_remote_state",
"name": "privnet_dns_router",
"provider": "provider[\"terraform.io/builtin/terraform\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"backend": "local",
"config": {
"value": {
"path": "../project-setup/terraform.tfstate"
},
"type": [
"object",
{
"path": "string"
}
]
},
"defaults": null,
"outputs": {
"value": {
"almalinux_9": {
"name": "AlmaLinux-9.0-20220718",
"uuid": "541650fc-dd19-4f38-bb1d-7333ed9dd688"
},
"availability_zone_no_gpu_name": "cnr-isti-nova-a",
"availability_zone_with_gpu_name": "cnr-isti-nova-gpu-a",
"availability_zones_names": {
"availability_zone_no_gpu": "cnr-isti-nova-a",
"availability_zone_with_gpu": "cnr-isti-nova-gpu-a"
},
"basic_services_ip": {
"ca": "10.1.32.4",
"ca_cidr": "10.1.32.4/32",
"haproxy_l7_1": "10.1.32.11",
"haproxy_l7_1_cidr": "10.1.32.11/32",
"haproxy_l7_2": "10.1.32.12",
"haproxy_l7_2_cidr": "10.1.32.12/32",
"octavia_main": "10.1.32.20",
"octavia_main_cidr": "10.1.32.20/32",
"prometheus": "10.1.32.10",
"prometheus_cidr": "10.1.32.10/32",
"ssh_jump": "10.1.32.5",
"ssh_jump_cidr": "10.1.32.5/32"
},
"centos_7": {
"name": "CentOS-7",
"uuid": "f0187a99-64f6-462a-ab5f-ef52fe62f2ca"
},
"default_security_group_name": "default_for_all",
"dns_zone": {
"description": "DNS primary zone for the d4s-pre-cloud project",
"email": "postmaster@isti.cnr.it",
"id": "c1a4b4bc-f167-4387-855d-38f0f99ca05c",
"ttl": "8600",
"zone_name": "cloud-pre.d4science.org."
},
"dns_zone_id": "c1a4b4bc-f167-4387-855d-38f0f99ca05c",
"el7_data_file": "../../openstack_vm_data_scripts/el7.sh",
"external_gateway_ip": [
{
"ip_address": "146.48.30.241",
"subnet_id": "57f87509-4016-46fb-b8c3-25fca7f72ccb"
}
],
"external_network": {
"id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b",
"name": "external-network"
},
"external_network_id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b",
"external_router": {
"description": "D4Science Preprod main router",
"id": "cc26064a-bb08-4c0b-929f-d0cb39f934a3",
"name": "d4s-pre-cloud-external-router"
},
"flavor_list": {
"c1_large": "c1.large",
"c1_medium": "c1.medium",
"c1_small": "c1.small",
"c2_large": "c2.large",
"m1_large": "m1.large",
"m1_medium": "m1.medium",
"m1_xlarge": "m1.xlarge",
"m1_xxl": "m1.xxl",
"m2_large": "m2.large",
"m2_medium": "m2.medium",
"m2_small": "m2.small",
"m3_large": "m3.large"
},
"floating_ip_pools": {
"main_public_ip_pool": "external-network"
},
"haproxy_l7_data": {
"flavor": "m1.medium",
"haproxy_1": "haproxy-l7-1",
"haproxy_2": "haproxy-l7-2",
"name": "main-haproxy-l7",
"vm_count": "2"
},
"internal_ca_data": {
"flavor": "m1.small",
"name": "ca"
},
"main_haproxy_l7_ip": [
"10.1.32.11",
"10.1.32.12"
],
"main_private_network": {
"description": "D4Science Preprod private network (use this as the main network)",
"name": "d4s-pre-cloud-main"
},
"main_private_network_id": "23fd8a99-d551-4ada-8d3a-9859542ebb8c",
"main_private_subnet": {
"allocation_end": "10.1.35.254",
"allocation_start": "10.1.32.100",
"cidr": "10.1.32.0/22",
"description": "D4Science Preprod main private subnet",
"gateway_ip": "10.1.32.1",
"name": "d4s-pre-cloud-main-subnet"
},
"main_region": "isti_area_pi_1",
"main_subnet_network_id": "cd77a2fd-4a36-4254-b1d0-70b3874c6d04",
"mtu_size": 8942,
"networks_list": {
"cassandra": "cassandra-net",
"orientdb": "orientdb-net",
"orientdb_se": "orientdb-se-net",
"shared_postgresql": "postgresql-srv-net",
"swarm": "swarm-nfs-net",
"timescaledb": "timescaledb-net"
},
"networks_with_d4s_services": {
"garr_ct1_net": "90.147.166.0/23",
"garr_na_net": "90.147.152.0/24",
"garr_pa1_net": "90.147.188.0/23",
"infrascience_net": "146.48.122.0/23",
"isti_net": "146.48.80.0/21",
"s2i2s_net": "146.48.28.0/22"
},
"nfs_share_no_ingress_secgroup_id": "ddb16502-7217-4677-a8a7-ca0cbf9a779a",
"octavia_information": {
"main_lb_description": "Main L4 load balancer for the D4Science PRE production",
"main_lb_hostname": "main-lb",
"main_lb_name": "d4s-pre-cloud-l4-load-balancer",
"octavia_flavor": "octavia_amphora-mvcpu-ha",
"octavia_flavor_id": "394988b5-6603-4a1e-a939-8e177c6681c7",
"octavia_vrrp_ip_1": "10.1.33.159/32",
"octavia_vrrp_ip_2": "10.1.32.199/32",
"swarm_lb_name": "d4s-pre-cloud-l4-swarm-load-balancer"
},
"os_project_data": {
"id": "6fdc02e2827b405dad99f34698659742"
},
"policy_list": {
"affinity": "affinity",
"anti_affinity": "anti-affinity",
"soft_affinity": "soft-affinity",
"soft_anti_affinity": "soft-anti-affinity"
},
"prometheus_server_data": {
"flavor": "m1.medium",
"name": "prometheus",
"public_grafana_server_cidr": "146.48.28.103/32",
"vol_data_device": "/dev/vdb",
"vol_data_name": "prometheus-data",
"vol_data_size": "100"
},
"resolvers_ip": [
"146.48.29.97",
"146.48.29.98",
"146.48.29.99"
],
"resource_registry_addresses": {},
"security_group_list": {
"acaland": "acaland's dev machine",
"access_to_orientdb": "access_to_orientdb",
"access_to_orientdb_se": "access_to_orientdb_se",
"access_to_the_timescaledb_service": "access_to_the_timescaledb_service",
"cassandra": "Cassandra",
"dataminer-publish": "dataminer-publish",
"debugging_from_jump_node": "debugging_from_jump_node",
"default": "default",
"docker_swarm": "Docker Swarm",
"docker_swarm_NFS": "Docker Swarm NFS",
"haproxy": "traffic_from_main_lb_to_haproxy_l7",
"http_and_https_from_the_load_balancers": "traffic_from_the_main_load_balancers",
"limited_HTTPS_access": "restricted_web_service",
"limited_SSH_access": "Limited SSH access",
"mongo": "mongo",
"nfs_share_no_ingress": "nfs_share_no_ingress",
"orientdb_internal_docker_traffic": "orientdb_internal_docker_traffic",
"postgreSQL": "PostgreSQL service",
"public_HTTPS": "Public HTTPS"
},
"shared_postgresql_server_data": {
"allocation_pool_end": "192.168.3.254",
"allocation_pool_start": "192.168.0.100",
"flavor": "m1.medium",
"name": "shared-postgresql-server",
"network_cidr": "192.168.0.0/22",
"network_description": "Network used to communicate with the shared postgresql service",
"network_name": "postgresql-srv-net",
"server_cidr": "192.168.0.5/22",
"server_ip": "192.168.0.5",
"vol_data_device": "/dev/vdb",
"vol_data_name": "shared-postgresql-data",
"vol_data_size": "100"
},
"smartexecutor_addresses": {},
"ssh_jump_proxy": {
"flavor": "m2.small",
"name": "ssh-jump-proxy"
},
"ssh_sources": {
"d4s_vpn_1_cidr": "146.48.122.27/32",
"d4s_vpn_2_cidr": "146.48.122.49/32",
"infrascience_net_cidr": "146.48.122.0/23",
"s2i2s_vpn_1_cidr": "146.48.28.10/32",
"s2i2s_vpn_2_cidr": "146.48.28.11/32",
"shell_d4s_cidr": "146.48.122.95/32"
},
"storage_nfs_network_id": "5f4023cc-4016-404c-94e5-86220095fbaf",
"storage_nfs_subnet_id": "6ff0f9e8-0e74-4cc3-a268-7ed4af435696",
"ubuntu1804_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh",
"ubuntu2204_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh",
"ubuntu_1804": {
"name": "Ubuntu-Bionic-18.04",
"user_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh",
"uuid": "7ed6a2cd-2b07-482e-8ce4-f018dff16c89"
},
"ubuntu_2204": {
"name": "Ubuntu-Jammy-22.04",
"user_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh",
"uuid": "54768889-8556-4be4-a2eb-82a4d9b34627"
}
},
"type": [
"object",
{
"almalinux_9": [
"map",
"string"
],
"availability_zone_no_gpu_name": "string",
"availability_zone_with_gpu_name": "string",
"availability_zones_names": [
"map",
"string"
],
"basic_services_ip": [
"map",
"string"
],
"centos_7": [
"map",
"string"
],
"default_security_group_name": "string",
"dns_zone": [
"map",
"string"
],
"dns_zone_id": "string",
"el7_data_file": "string",
"external_gateway_ip": [
"list",
[
"object",
{
"ip_address": "string",
"subnet_id": "string"
}
]
],
"external_network": [
"map",
"string"
],
"external_network_id": "string",
"external_router": [
"map",
"string"
],
"flavor_list": [
"map",
"string"
],
"floating_ip_pools": [
"map",
"string"
],
"haproxy_l7_data": [
"map",
"string"
],
"internal_ca_data": [
"map",
"string"
],
"main_haproxy_l7_ip": [
"list",
"string"
],
"main_private_network": [
"map",
"string"
],
"main_private_network_id": "string",
"main_private_subnet": [
"map",
"string"
],
"main_region": "string",
"main_subnet_network_id": "string",
"mtu_size": "number",
"networks_list": [
"map",
"string"
],
"networks_with_d4s_services": [
"map",
"string"
],
"nfs_share_no_ingress_secgroup_id": "string",
"octavia_information": [
"map",
"string"
],
"os_project_data": [
"map",
"string"
],
"policy_list": [
"map",
"string"
],
"prometheus_server_data": [
"map",
"string"
],
"resolvers_ip": [
"list",
"string"
],
"resource_registry_addresses": [
"map",
"string"
],
"security_group_list": [
"map",
"string"
],
"shared_postgresql_server_data": [
"map",
"string"
],
"smartexecutor_addresses": [
"map",
"string"
],
"ssh_jump_proxy": [
"map",
"string"
],
"ssh_sources": [
"map",
"string"
],
"storage_nfs_network_id": "string",
"storage_nfs_subnet_id": "string",
"ubuntu1804_data_file": "string",
"ubuntu2204_data_file": "string",
"ubuntu_1804": [
"map",
"string"
],
"ubuntu_2204": [
"map",
"string"
]
}
]
},
"workspace": null
},
"sensitive_attributes": []
}
]
},
{
"mode": "managed",
"type": "openstack_compute_servergroup_v2",
"name": "accounting_service_server_group",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"id": "586fbbe7-4a0c-4de5-bdb6-6b51048d40dc",
"members": [],
"name": "accounting-service",
"policies": [
"soft-anti-affinity"
],
"region": "isti_area_pi_1",
"rules": [
{
"max_server_per_host": 0
}
],
"value_specs": null
},
"sensitive_attributes": [],
"private": "bnVsbA=="
}
]
},
{
"module": "module.instance_without_data_volume",
"mode": "managed",
"type": "openstack_compute_instance_v2",
"name": "smartgears_service",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"index_key": "accounting_service_1",
"schema_version": 0,
"attributes": {
"access_ip_v4": "10.1.34.208",
"access_ip_v6": "",
"admin_pass": null,
"all_metadata": {},
"all_tags": [],
"availability_zone": "cnr-isti-nova-a",
"availability_zone_hints": "cnr-isti-nova-a",
"block_device": [
{
"boot_index": 0,
"delete_on_termination": false,
"destination_type": "volume",
"device_type": "",
"disk_bus": "",
"guest_format": "",
"multiattach": false,
"source_type": "image",
"uuid": "7ed6a2cd-2b07-482e-8ce4-f018dff16c89",
"volume_size": 10,
"volume_type": ""
}
],
"config_drive": null,
"created": "2024-03-01 15:20:54 +0000 UTC",
"flavor_id": "4",
"flavor_name": "m1.medium",
"floating_ip": null,
"force_delete": false,
"id": "d7591a45-f2a5-4008-83eb-00f1b6466690",
"image_id": "Attempt to boot from volume - no image supplied",
"image_name": null,
"key_pair": "pc-frosini_key",
"metadata": null,
"name": "accounting-service-1",
"network": [
{
"access_network": false,
"fixed_ip_v4": "10.1.34.208",
"fixed_ip_v6": "",
"floating_ip": "",
"mac": "fa:16:3e:8b:4b:55",
"name": "d4s-pre-cloud-main",
"port": "",
"uuid": "23fd8a99-d551-4ada-8d3a-9859542ebb8c"
},
{
"access_network": false,
"fixed_ip_v4": "192.168.11.92",
"fixed_ip_v6": "",
"floating_ip": "",
"mac": "fa:16:3e:bd:6f:3a",
"name": "timescaledb-net",
"port": "",
"uuid": "435ac20a-8bd9-4e49-a86b-69bdfcd6967b"
}
],
"network_mode": null,
"personality": [],
"power_state": "active",
"region": "isti_area_pi_1",
"scheduler_hints": [
{
"additional_properties": null,
"build_near_host_ip": "",
"different_cell": [],
"different_host": [],
"group": "586fbbe7-4a0c-4de5-bdb6-6b51048d40dc",
"query": [],
"same_host": [],
"target_cell": ""
}
],
"security_groups": [
"debugging_from_jump_node",
"default_for_all",
"traffic_from_the_main_load_balancers"
],
"stop_before_destroy": false,
"tags": null,
"timeouts": null,
"updated": "2024-03-01 15:21:35 +0000 UTC",
"user_data": "ef3d6e5deb29bd1e5de5a76ae6860f3ee872738c",
"vendor_options": [],
"volume": []
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router",
"openstack_compute_servergroup_v2.accounting_service_server_group"
]
},
{
"index_key": "accounting_service_2",
"schema_version": 0,
"attributes": {
"access_ip_v4": "10.1.33.156",
"access_ip_v6": "",
"admin_pass": null,
"all_metadata": {},
"all_tags": [],
"availability_zone": "cnr-isti-nova-a",
"availability_zone_hints": "cnr-isti-nova-a",
"block_device": [
{
"boot_index": 0,
"delete_on_termination": false,
"destination_type": "volume",
"device_type": "",
"disk_bus": "",
"guest_format": "",
"multiattach": false,
"source_type": "image",
"uuid": "7ed6a2cd-2b07-482e-8ce4-f018dff16c89",
"volume_size": 10,
"volume_type": ""
}
],
"config_drive": null,
"created": "2024-03-01 15:20:54 +0000 UTC",
"flavor_id": "4",
"flavor_name": "m1.medium",
"floating_ip": null,
"force_delete": false,
"id": "f6d91d44-bb06-45c9-b96c-fa853bc06b08",
"image_id": "Attempt to boot from volume - no image supplied",
"image_name": null,
"key_pair": "pc-frosini_key",
"metadata": null,
"name": "accounting-service-2",
"network": [
{
"access_network": false,
"fixed_ip_v4": "10.1.33.156",
"fixed_ip_v6": "",
"floating_ip": "",
"mac": "fa:16:3e:0b:30:18",
"name": "d4s-pre-cloud-main",
"port": "",
"uuid": "23fd8a99-d551-4ada-8d3a-9859542ebb8c"
},
{
"access_network": false,
"fixed_ip_v4": "192.168.11.76",
"fixed_ip_v6": "",
"floating_ip": "",
"mac": "fa:16:3e:91:d5:61",
"name": "timescaledb-net",
"port": "",
"uuid": "435ac20a-8bd9-4e49-a86b-69bdfcd6967b"
}
],
"network_mode": null,
"personality": [],
"power_state": "active",
"region": "isti_area_pi_1",
"scheduler_hints": [
{
"additional_properties": null,
"build_near_host_ip": "",
"different_cell": [],
"different_host": [],
"group": "586fbbe7-4a0c-4de5-bdb6-6b51048d40dc",
"query": [],
"same_host": [],
"target_cell": ""
}
],
"security_groups": [
"debugging_from_jump_node",
"default_for_all",
"traffic_from_the_main_load_balancers"
],
"stop_before_destroy": false,
"tags": null,
"timeouts": null,
"updated": "2024-03-01 15:21:43 +0000 UTC",
"user_data": "ef3d6e5deb29bd1e5de5a76ae6860f3ee872738c",
"vendor_options": [],
"volume": []
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router",
"openstack_compute_servergroup_v2.accounting_service_server_group"
]
}
]
}
],
"check_results": null
}

View File

@ -0,0 +1,65 @@
# Define required providers
terraform {
required_version = ">= 0.14.0"
required_providers {
openstack = {
source = "terraform-provider-openstack/openstack"
version = "~> 1.53.0"
}
}
}
data "terraform_remote_state" "privnet_dns_router" {
backend = "local"
config = {
path = "../project-setup/terraform.tfstate"
}
}
#
# Uses common_variables as module
#
module "common_variables" {
source = "../../modules/common_variables"
}
module "instance_without_data_volume" {
source = "../../modules/instance_without_data_volume"
instances_without_data_volume_map = {
auth = {
name = "auth",
description = "This instance is a Authorization service",
flavor = module.common_variables.flavor_list.m1_medium,
networks = [data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name, module.common_variables.networks_list.shared_postgresql],
security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [],
image_ref = module.common_variables.ubuntu_1804
image_volume_size = 20
}
}
}
locals {
cname_target = "main-lb.${data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name}"
}
#
# Add DNS record/s
#
module "dns_records_create" {
source = "../../modules/dns_resources"
dns_resources_map = {
auth = {
zone_id = data.terraform_remote_state.privnet_dns_router.outputs.dns_zone_id
name = join(".", ["auth", data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name])
description = "Authorization auth"
ttl = 8600
type = "CNAME"
records = [local.cname_target]
}
}
}

View File

@ -0,0 +1,3 @@
provider "openstack" {
cloud = "d4s-pre"
}

View File

@ -0,0 +1,528 @@
{
"version": 4,
"terraform_version": "1.6.4",
"serial": 3,
"lineage": "7c9621c0-69f9-50dd-1df3-8da0167edb90",
"outputs": {},
"resources": [
{
"mode": "data",
"type": "terraform_remote_state",
"name": "privnet_dns_router",
"provider": "provider[\"terraform.io/builtin/terraform\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"backend": "local",
"config": {
"value": {
"path": "../project-setup/terraform.tfstate"
},
"type": [
"object",
{
"path": "string"
}
]
},
"defaults": null,
"outputs": {
"value": {
"almalinux_9": {
"name": "AlmaLinux-9.0-20220718",
"uuid": "541650fc-dd19-4f38-bb1d-7333ed9dd688"
},
"availability_zone_no_gpu_name": "cnr-isti-nova-a",
"availability_zone_with_gpu_name": "cnr-isti-nova-gpu-a",
"availability_zones_names": {
"availability_zone_no_gpu": "cnr-isti-nova-a",
"availability_zone_with_gpu": "cnr-isti-nova-gpu-a"
},
"basic_services_ip": {
"ca": "10.1.32.4",
"ca_cidr": "10.1.32.4/32",
"haproxy_l7_1": "10.1.32.11",
"haproxy_l7_1_cidr": "10.1.32.11/32",
"haproxy_l7_2": "10.1.32.12",
"haproxy_l7_2_cidr": "10.1.32.12/32",
"octavia_main": "10.1.32.20",
"octavia_main_cidr": "10.1.32.20/32",
"prometheus": "10.1.32.10",
"prometheus_cidr": "10.1.32.10/32",
"ssh_jump": "10.1.32.5",
"ssh_jump_cidr": "10.1.32.5/32"
},
"centos_7": {
"name": "CentOS-7",
"uuid": "f0187a99-64f6-462a-ab5f-ef52fe62f2ca"
},
"default_security_group_name": "default_for_all",
"dns_zone": {
"description": "DNS primary zone for the d4s-pre-cloud project",
"email": "postmaster@isti.cnr.it",
"id": "c1a4b4bc-f167-4387-855d-38f0f99ca05c",
"ttl": "8600",
"zone_name": "cloud-pre.d4science.org."
},
"dns_zone_id": "c1a4b4bc-f167-4387-855d-38f0f99ca05c",
"el7_data_file": "../../openstack_vm_data_scripts/el7.sh",
"external_gateway_ip": [
{
"ip_address": "146.48.30.241",
"subnet_id": "57f87509-4016-46fb-b8c3-25fca7f72ccb"
}
],
"external_network": {
"id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b",
"name": "external-network"
},
"external_network_id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b",
"external_router": {
"description": "D4Science Preprod main router",
"id": "cc26064a-bb08-4c0b-929f-d0cb39f934a3",
"name": "d4s-pre-cloud-external-router"
},
"flavor_list": {
"c1_large": "c1.large",
"c1_medium": "c1.medium",
"c1_small": "c1.small",
"c2_large": "c2.large",
"m1_large": "m1.large",
"m1_medium": "m1.medium",
"m1_xlarge": "m1.xlarge",
"m1_xxl": "m1.xxl",
"m2_large": "m2.large",
"m2_medium": "m2.medium",
"m2_small": "m2.small",
"m3_large": "m3.large"
},
"floating_ip_pools": {
"main_public_ip_pool": "external-network"
},
"haproxy_l7_data": {
"flavor": "m1.medium",
"haproxy_1": "haproxy-l7-1",
"haproxy_2": "haproxy-l7-2",
"name": "main-haproxy-l7",
"vm_count": "2"
},
"internal_ca_data": {
"flavor": "m1.small",
"name": "ca"
},
"main_haproxy_l7_ip": [
"10.1.32.11",
"10.1.32.12"
],
"main_private_network": {
"description": "D4Science Preprod private network (use this as the main network)",
"name": "d4s-pre-cloud-main"
},
"main_private_network_id": "23fd8a99-d551-4ada-8d3a-9859542ebb8c",
"main_private_subnet": {
"allocation_end": "10.1.35.254",
"allocation_start": "10.1.32.100",
"cidr": "10.1.32.0/22",
"description": "D4Science Preprod main private subnet",
"gateway_ip": "10.1.32.1",
"name": "d4s-pre-cloud-main-subnet"
},
"main_region": "isti_area_pi_1",
"main_subnet_network_id": "cd77a2fd-4a36-4254-b1d0-70b3874c6d04",
"mtu_size": 8942,
"networks_list": {
"cassandra": "cassandra-net",
"orientdb": "orientdb-net",
"orientdb_se": "orientdb-se-net",
"shared_postgresql": "postgresql-srv-net",
"swarm": "swarm-nfs-net",
"timescaledb": "timescaledb-net"
},
"networks_with_d4s_services": {
"garr_ct1_net": "90.147.166.0/23",
"garr_na_net": "90.147.152.0/24",
"garr_pa1_net": "90.147.188.0/23",
"infrascience_net": "146.48.122.0/23",
"isti_net": "146.48.80.0/21",
"s2i2s_net": "146.48.28.0/22"
},
"nfs_share_no_ingress_secgroup_id": "ddb16502-7217-4677-a8a7-ca0cbf9a779a",
"octavia_information": {
"main_lb_description": "Main L4 load balancer for the D4Science PRE production",
"main_lb_hostname": "main-lb",
"main_lb_name": "d4s-pre-cloud-l4-load-balancer",
"octavia_flavor": "octavia_amphora-mvcpu-ha",
"octavia_flavor_id": "394988b5-6603-4a1e-a939-8e177c6681c7",
"octavia_vrrp_ip_1": "10.1.33.159/32",
"octavia_vrrp_ip_2": "10.1.32.199/32",
"swarm_lb_name": "d4s-pre-cloud-l4-swarm-load-balancer"
},
"os_project_data": {
"id": "6fdc02e2827b405dad99f34698659742"
},
"policy_list": {
"affinity": "affinity",
"anti_affinity": "anti-affinity",
"soft_affinity": "soft-affinity",
"soft_anti_affinity": "soft-anti-affinity"
},
"prometheus_server_data": {
"flavor": "m1.medium",
"name": "prometheus",
"public_grafana_server_cidr": "146.48.28.103/32",
"vol_data_device": "/dev/vdb",
"vol_data_name": "prometheus-data",
"vol_data_size": "100"
},
"resolvers_ip": [
"146.48.29.97",
"146.48.29.98",
"146.48.29.99"
],
"resource_registry_addresses": {},
"security_group_list": {
"acaland": "acaland's dev machine",
"access_to_orientdb": "access_to_orientdb",
"access_to_orientdb_se": "access_to_orientdb_se",
"access_to_the_timescaledb_service": "access_to_the_timescaledb_service",
"cassandra": "Cassandra",
"dataminer-publish": "dataminer-publish",
"debugging_from_jump_node": "debugging_from_jump_node",
"default": "default",
"docker_swarm": "Docker Swarm",
"docker_swarm_NFS": "Docker Swarm NFS",
"haproxy": "traffic_from_main_lb_to_haproxy_l7",
"http_and_https_from_the_load_balancers": "traffic_from_the_main_load_balancers",
"limited_HTTPS_access": "restricted_web_service",
"limited_SSH_access": "Limited SSH access",
"mongo": "mongo",
"nfs_share_no_ingress": "nfs_share_no_ingress",
"orientdb_internal_docker_traffic": "orientdb_internal_docker_traffic",
"postgreSQL": "PostgreSQL service",
"public_HTTPS": "Public HTTPS"
},
"shared_postgresql_server_data": {
"allocation_pool_end": "192.168.3.254",
"allocation_pool_start": "192.168.0.100",
"flavor": "m1.medium",
"name": "shared-postgresql-server",
"network_cidr": "192.168.0.0/22",
"network_description": "Network used to communicate with the shared postgresql service",
"network_name": "postgresql-srv-net",
"server_cidr": "192.168.0.5/22",
"server_ip": "192.168.0.5",
"vol_data_device": "/dev/vdb",
"vol_data_name": "shared-postgresql-data",
"vol_data_size": "100"
},
"smartexecutor_addresses": {},
"ssh_jump_proxy": {
"flavor": "m2.small",
"name": "ssh-jump-proxy"
},
"ssh_sources": {
"d4s_vpn_1_cidr": "146.48.122.27/32",
"d4s_vpn_2_cidr": "146.48.122.49/32",
"infrascience_net_cidr": "146.48.122.0/23",
"s2i2s_vpn_1_cidr": "146.48.28.10/32",
"s2i2s_vpn_2_cidr": "146.48.28.11/32",
"shell_d4s_cidr": "146.48.122.95/32"
},
"storage_nfs_network_id": "5f4023cc-4016-404c-94e5-86220095fbaf",
"storage_nfs_subnet_id": "6ff0f9e8-0e74-4cc3-a268-7ed4af435696",
"ubuntu1804_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh",
"ubuntu2204_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh",
"ubuntu_1804": {
"name": "Ubuntu-Bionic-18.04",
"user_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh",
"uuid": "7ed6a2cd-2b07-482e-8ce4-f018dff16c89"
},
"ubuntu_2204": {
"name": "Ubuntu-Jammy-22.04",
"user_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh",
"uuid": "54768889-8556-4be4-a2eb-82a4d9b34627"
}
},
"type": [
"object",
{
"almalinux_9": [
"map",
"string"
],
"availability_zone_no_gpu_name": "string",
"availability_zone_with_gpu_name": "string",
"availability_zones_names": [
"map",
"string"
],
"basic_services_ip": [
"map",
"string"
],
"centos_7": [
"map",
"string"
],
"default_security_group_name": "string",
"dns_zone": [
"map",
"string"
],
"dns_zone_id": "string",
"el7_data_file": "string",
"external_gateway_ip": [
"list",
[
"object",
{
"ip_address": "string",
"subnet_id": "string"
}
]
],
"external_network": [
"map",
"string"
],
"external_network_id": "string",
"external_router": [
"map",
"string"
],
"flavor_list": [
"map",
"string"
],
"floating_ip_pools": [
"map",
"string"
],
"haproxy_l7_data": [
"map",
"string"
],
"internal_ca_data": [
"map",
"string"
],
"main_haproxy_l7_ip": [
"list",
"string"
],
"main_private_network": [
"map",
"string"
],
"main_private_network_id": "string",
"main_private_subnet": [
"map",
"string"
],
"main_region": "string",
"main_subnet_network_id": "string",
"mtu_size": "number",
"networks_list": [
"map",
"string"
],
"networks_with_d4s_services": [
"map",
"string"
],
"nfs_share_no_ingress_secgroup_id": "string",
"octavia_information": [
"map",
"string"
],
"os_project_data": [
"map",
"string"
],
"policy_list": [
"map",
"string"
],
"prometheus_server_data": [
"map",
"string"
],
"resolvers_ip": [
"list",
"string"
],
"resource_registry_addresses": [
"map",
"string"
],
"security_group_list": [
"map",
"string"
],
"shared_postgresql_server_data": [
"map",
"string"
],
"smartexecutor_addresses": [
"map",
"string"
],
"ssh_jump_proxy": [
"map",
"string"
],
"ssh_sources": [
"map",
"string"
],
"storage_nfs_network_id": "string",
"storage_nfs_subnet_id": "string",
"ubuntu1804_data_file": "string",
"ubuntu2204_data_file": "string",
"ubuntu_1804": [
"map",
"string"
],
"ubuntu_2204": [
"map",
"string"
]
}
]
},
"workspace": null
},
"sensitive_attributes": []
}
]
},
{
"module": "module.dns_records_create",
"mode": "managed",
"type": "openstack_dns_recordset_v2",
"name": "add_dns_recordset",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"index_key": "auth",
"schema_version": 0,
"attributes": {
"description": "Authorization auth",
"disable_status_check": false,
"id": "c1a4b4bc-f167-4387-855d-38f0f99ca05c/da91f076-3fb6-4097-a33a-50eb455f2924",
"name": "auth.cloud-pre.d4science.org.",
"project_id": "6fdc02e2827b405dad99f34698659742",
"records": [
"main-lb.cloud-pre.d4science.org."
],
"region": "isti_area_pi_1",
"timeouts": null,
"ttl": 8600,
"type": "CNAME",
"value_specs": null,
"zone_id": "c1a4b4bc-f167-4387-855d-38f0f99ca05c"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router"
]
}
]
},
{
"module": "module.instance_without_data_volume",
"mode": "managed",
"type": "openstack_compute_instance_v2",
"name": "smartgears_service",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"index_key": "auth",
"schema_version": 0,
"attributes": {
"access_ip_v4": "10.1.33.14",
"access_ip_v6": "",
"admin_pass": null,
"all_metadata": {},
"all_tags": [],
"availability_zone": "cnr-isti-nova-a",
"availability_zone_hints": "cnr-isti-nova-a",
"block_device": [
{
"boot_index": 0,
"delete_on_termination": false,
"destination_type": "volume",
"device_type": "",
"disk_bus": "",
"guest_format": "",
"multiattach": false,
"source_type": "image",
"uuid": "7ed6a2cd-2b07-482e-8ce4-f018dff16c89",
"volume_size": 20,
"volume_type": ""
}
],
"config_drive": null,
"created": "2024-02-19 11:32:42 +0000 UTC",
"flavor_id": "4",
"flavor_name": "m1.medium",
"floating_ip": null,
"force_delete": false,
"id": "111103bc-df3f-4db1-836b-26f53fe54f71",
"image_id": "Attempt to boot from volume - no image supplied",
"image_name": null,
"key_pair": "Giancarlo Panichi",
"metadata": null,
"name": "auth",
"network": [
{
"access_network": false,
"fixed_ip_v4": "10.1.33.14",
"fixed_ip_v6": "",
"floating_ip": "",
"mac": "fa:16:3e:db:c5:ae",
"name": "d4s-pre-cloud-main",
"port": "",
"uuid": "23fd8a99-d551-4ada-8d3a-9859542ebb8c"
},
{
"access_network": false,
"fixed_ip_v4": "192.168.2.230",
"fixed_ip_v6": "",
"floating_ip": "",
"mac": "fa:16:3e:db:1d:35",
"name": "postgresql-srv-net",
"port": "",
"uuid": "e25395f4-f1aa-4819-b5a5-36d25ee5af54"
}
],
"network_mode": null,
"personality": [],
"power_state": "active",
"region": "isti_area_pi_1",
"scheduler_hints": [],
"security_groups": [
"default_for_all",
"traffic_from_the_main_load_balancers"
],
"stop_before_destroy": false,
"tags": null,
"timeouts": null,
"updated": "2024-02-19 11:33:27 +0000 UTC",
"user_data": "47d4769e61324c305c4b70ed6673de4fad84150d",
"vendor_options": [],
"volume": []
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router"
]
}
]
}
],
"check_results": null
}

View File

@ -1 +0,0 @@
../../common_setups/15-security-groups.tf

View File

@ -1 +0,0 @@
../../common_setups/20-octavia.tf

View File

@ -1 +0,0 @@
../../common_setups/25-ssh-jump-proxy.tf

View File

@ -1 +0,0 @@
../../common_setups/30-internal-ca.tf

View File

@ -1 +0,0 @@
../../common_setups/35-prometheus.tf

View File

@ -1 +0,0 @@
../../common_setups/40-postgresql.tf

View File

@ -1 +0,0 @@
../../common_setups/45-haproxy.tf

View File

@ -0,0 +1 @@
../../modules/d4science_infra_setup/haproxy.tf

View File

@ -0,0 +1 @@
../../modules/d4science_infra_setup/internal-ca.tf

View File

@ -17,9 +17,9 @@ data "terraform_remote_state" "privnet_dns_router" {
} }
} }
# module "ssh_settings" { module "ssh_settings" {
# source = "../../modules/ssh-key-ref" source = "../../modules/ssh-key-ref"
# } }
# module "common_variables" { # module "common_variables" {
# source = "../../modules/common_variables" # source = "../../modules/common_variables"
# } # }

View File

@ -0,0 +1 @@
../../modules/d4science_infra_setup/octavia.tf

View File

@ -0,0 +1 @@
../variables/outputs-preprod.tf

View File

@ -0,0 +1 @@
../../modules/d4science_infra_setup/postgresql.tf

View File

@ -0,0 +1 @@
../../modules/d4science_infra_setup/prometheus.tf

View File

@ -0,0 +1 @@
../../modules/d4science_infra_setup/security-groups.tf

View File

@ -0,0 +1 @@
../../modules/d4science_infra_setup/ssh-jump-proxy.tf

View File

@ -1,7 +1,7 @@
{ {
"version": 4, "version": 4,
"terraform_version": "1.6.4", "terraform_version": "1.7.5",
"serial": 250, "serial": 267,
"lineage": "6a53b692-c1a8-ed53-bc6c-b7fb5e017eb8", "lineage": "6a53b692-c1a8-ed53-bc6c-b7fb5e017eb8",
"outputs": { "outputs": {
"almalinux_9": { "almalinux_9": {
@ -79,10 +79,6 @@
"string" "string"
] ]
}, },
"dns_zone_id": {
"value": "c1a4b4bc-f167-4387-855d-38f0f99ca05c",
"type": "string"
},
"el7_data_file": { "el7_data_file": {
"value": "../../openstack_vm_data_scripts/el7.sh", "value": "../../openstack_vm_data_scripts/el7.sh",
"type": "string" "type": "string"
@ -112,6 +108,28 @@
"string" "string"
] ]
}, },
"flavor_list": {
"value": {
"c1_large": "c1.large",
"c1_medium": "c1.medium",
"c1_small": "c1.small",
"c2_large": "c2.large",
"d1_large": "d1.large",
"d1_medium": "d1.medium",
"m1_large": "m1.large",
"m1_medium": "m1.medium",
"m1_xlarge": "m1.xlarge",
"m1_xxl": "m1.xxl",
"m2_large": "m2.large",
"m2_medium": "m2.medium",
"m2_small": "m2.small",
"m3_large": "m3.large"
},
"type": [
"map",
"string"
]
},
"floating_ip_pools": { "floating_ip_pools": {
"value": { "value": {
"main_public_ip_pool": "external-network" "main_public_ip_pool": "external-network"
@ -164,17 +182,10 @@
"name": "d4s-pre-cloud-main" "name": "d4s-pre-cloud-main"
}, },
"type": [ "type": [
"object", "map",
{ "string"
"description": "string",
"name": "string"
}
] ]
}, },
"main_private_network_id": {
"value": "23fd8a99-d551-4ada-8d3a-9859542ebb8c",
"type": "string"
},
"main_private_subnet": { "main_private_subnet": {
"value": { "value": {
"allocation_end": "10.1.35.254", "allocation_end": "10.1.35.254",
@ -189,10 +200,6 @@
"string" "string"
] ]
}, },
"main_private_subnet_id": {
"value": "cd77a2fd-4a36-4254-b1d0-70b3874c6d04",
"type": "string"
},
"main_region": { "main_region": {
"value": "isti_area_pi_1", "value": "isti_area_pi_1",
"type": "string" "type": "string"
@ -201,6 +208,20 @@
"value": 8942, "value": 8942,
"type": "number" "type": "number"
}, },
"networks_list": {
"value": {
"cassandra": "cassandra-net",
"orientdb": "orientdb-net",
"orientdb_se": "orientdb-se-net",
"shared_postgresql": "postgresql-srv-net",
"swarm": "swarm-nfs-net",
"timescaledb": "timescaledb-net"
},
"type": [
"map",
"string"
]
},
"networks_with_d4s_services": { "networks_with_d4s_services": {
"value": { "value": {
"garr_ct1_net": "90.147.166.0/23", "garr_ct1_net": "90.147.166.0/23",
@ -240,11 +261,27 @@
"string" "string"
] ]
}, },
"policy_list": {
"value": {
"affinity": "affinity",
"anti_affinity": "anti-affinity",
"soft_affinity": "soft-affinity",
"soft_anti_affinity": "soft-anti-affinity"
},
"type": [
"map",
"string"
]
},
"prometheus_public_ip_address": {
"value": "146.48.29.203",
"type": "string"
},
"prometheus_server_data": { "prometheus_server_data": {
"value": { "value": {
"flavor": "m1.medium", "flavor": "m1.medium",
"name": "prometheus", "name": "prometheus",
"public_grafana_server_cidr": "146.48.122.132/32", "public_grafana_server_cidr": "146.48.28.103/32",
"vol_data_device": "/dev/vdb", "vol_data_device": "/dev/vdb",
"vol_data_name": "prometheus-data", "vol_data_name": "prometheus-data",
"vol_data_size": "100" "vol_data_size": "100"
@ -254,6 +291,10 @@
"string" "string"
] ]
}, },
"prometheus_server_hostname": {
"value": "prometheus.cloud-pre.d4science.org.",
"type": "string"
},
"resolvers_ip": { "resolvers_ip": {
"value": [ "value": [
"146.48.29.97", "146.48.29.97",
@ -272,11 +313,38 @@
"string" "string"
] ]
}, },
"security_group_list": {
"value": {
"acaland": "acaland's dev machine",
"access_to_orientdb": "access_to_orientdb",
"access_to_orientdb_se": "access_to_orientdb_se",
"access_to_the_timescaledb_service": "access_to_the_timescaledb_service",
"cassandra": "Cassandra",
"dataminer-publish": "dataminer-publish",
"debugging_from_jump_node": "debugging_from_jump_node",
"default": "default",
"docker_swarm": "Docker Swarm",
"docker_swarm_NFS": "Docker Swarm NFS",
"haproxy": "traffic_from_main_lb_to_haproxy_l7",
"http_and_https_from_the_load_balancers": "traffic_from_the_main_load_balancers",
"limited_HTTPS_access": "restricted_web_service",
"limited_SSH_access": "Limited SSH access",
"mongo": "mongo",
"nfs_share_no_ingress": "nfs_share_no_ingress",
"orientdb_internal_docker_traffic": "orientdb_internal_docker_traffic",
"postgreSQL": "PostgreSQL service",
"public_HTTPS": "Public HTTPS"
},
"type": [
"map",
"string"
]
},
"shared_postgresql_server_data": { "shared_postgresql_server_data": {
"value": { "value": {
"allocation_pool_end": "192.168.3.254", "allocation_pool_end": "192.168.3.254",
"allocation_pool_start": "192.168.0.100", "allocation_pool_start": "192.168.0.100",
"flavor": "m1.medium", "flavor": "m1.large",
"name": "shared-postgresql-server", "name": "shared-postgresql-server",
"network_cidr": "192.168.0.0/22", "network_cidr": "192.168.0.0/22",
"network_description": "Network used to communicate with the shared postgresql service", "network_description": "Network used to communicate with the shared postgresql service",
@ -334,6 +402,7 @@
"ubuntu_1804": { "ubuntu_1804": {
"value": { "value": {
"name": "Ubuntu-Bionic-18.04", "name": "Ubuntu-Bionic-18.04",
"user_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh",
"uuid": "7ed6a2cd-2b07-482e-8ce4-f018dff16c89" "uuid": "7ed6a2cd-2b07-482e-8ce4-f018dff16c89"
}, },
"type": [ "type": [
@ -344,6 +413,7 @@
"ubuntu_2204": { "ubuntu_2204": {
"value": { "value": {
"name": "Ubuntu-Jammy-22.04", "name": "Ubuntu-Jammy-22.04",
"user_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh",
"uuid": "54768889-8556-4be4-a2eb-82a4d9b34627" "uuid": "54768889-8556-4be4-a2eb-82a4d9b34627"
}, },
"type": [ "type": [
@ -377,31 +447,199 @@
"defaults": null, "defaults": null,
"outputs": { "outputs": {
"value": { "value": {
"almalinux9_img": { "almalinux_9": {
"name": "AlmaLinux-9.0-20220718", "name": "AlmaLinux-9.0-20220718",
"uuid": "541650fc-dd19-4f38-bb1d-7333ed9dd688" "uuid": "541650fc-dd19-4f38-bb1d-7333ed9dd688"
}, },
"availability_zone_no_gpu_name": "cnr-isti-nova-a", "availability_zone_no_gpu_name": "cnr-isti-nova-a",
"availability_zone_with_gpu_name": "cnr-isti-nova-gpu-a", "availability_zone_with_gpu_name": "cnr-isti-nova-gpu-a",
"centos7_img": { "availability_zones_names": {
"availability_zone_no_gpu": "cnr-isti-nova-a",
"availability_zone_with_gpu": "cnr-isti-nova-gpu-a"
},
"basic_services_ip": {
"ca": "10.1.32.4",
"ca_cidr": "10.1.32.4/32",
"haproxy_l7_1": "10.1.32.11",
"haproxy_l7_1_cidr": "10.1.32.11/32",
"haproxy_l7_2": "10.1.32.12",
"haproxy_l7_2_cidr": "10.1.32.12/32",
"octavia_main": "10.1.32.20",
"octavia_main_cidr": "10.1.32.20/32",
"prometheus": "10.1.32.10",
"prometheus_cidr": "10.1.32.10/32",
"ssh_jump": "10.1.32.5",
"ssh_jump_cidr": "10.1.32.5/32"
},
"centos_7": {
"name": "CentOS-7", "name": "CentOS-7",
"uuid": "f0187a99-64f6-462a-ab5f-ef52fe62f2ca" "uuid": "f0187a99-64f6-462a-ab5f-ef52fe62f2ca"
}, },
"default_security_group_name": "default_for_all",
"dns_zone": {
"description": "DNS primary zone for the d4s-pre-cloud project",
"email": "postmaster@isti.cnr.it",
"id": "c1a4b4bc-f167-4387-855d-38f0f99ca05c",
"ttl": "8600",
"zone_name": "cloud-pre.d4science.org."
},
"dns_zone_id": "c1a4b4bc-f167-4387-855d-38f0f99ca05c", "dns_zone_id": "c1a4b4bc-f167-4387-855d-38f0f99ca05c",
"el7_datafile": "../../openstack_vm_data_scripts/el7.sh", "el7_data_file": "../../openstack_vm_data_scripts/el7.sh",
"external_gateway_ip": "146.48.30.241", "external_gateway_ip": [
{
"ip_address": "146.48.30.241",
"subnet_id": "57f87509-4016-46fb-b8c3-25fca7f72ccb"
}
],
"external_network": {
"id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b",
"name": "external-network"
},
"external_network_id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b", "external_network_id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b",
"external_network_name": "external-network", "external_router": {
"description": "D4Science Preprod main router",
"id": "cc26064a-bb08-4c0b-929f-d0cb39f934a3",
"name": "d4s-pre-cloud-external-router"
},
"flavor_list": {
"c1_large": "c1.large",
"c1_medium": "c1.medium",
"c1_small": "c1.small",
"c2_large": "c2.large",
"m1_large": "m1.large",
"m1_medium": "m1.medium",
"m1_xlarge": "m1.xlarge",
"m1_xxl": "m1.xxl",
"m2_large": "m2.large",
"m2_medium": "m2.medium",
"m2_small": "m2.small",
"m3_large": "m3.large"
},
"floating_ip_pools": {
"main_public_ip_pool": "external-network"
},
"haproxy_l7_data": {
"flavor": "m1.medium",
"haproxy_1": "haproxy-l7-1",
"haproxy_2": "haproxy-l7-2",
"name": "main-haproxy-l7",
"vm_count": "2"
},
"internal_ca_data": {
"flavor": "m1.small",
"name": "ca"
},
"main_haproxy_l7_ip": [
"10.1.32.11",
"10.1.32.12"
],
"main_private_network": {
"description": "D4Science Preprod private network (use this as the main network)",
"name": "d4s-pre-cloud-main"
},
"main_private_network_id": "23fd8a99-d551-4ada-8d3a-9859542ebb8c", "main_private_network_id": "23fd8a99-d551-4ada-8d3a-9859542ebb8c",
"main_region_name": "isti_area_pi_1", "main_private_subnet": {
"allocation_end": "10.1.35.254",
"allocation_start": "10.1.32.100",
"cidr": "10.1.32.0/22",
"description": "D4Science Preprod main private subnet",
"gateway_ip": "10.1.32.1",
"name": "d4s-pre-cloud-main-subnet"
},
"main_region": "isti_area_pi_1",
"main_subnet_network_id": "cd77a2fd-4a36-4254-b1d0-70b3874c6d04", "main_subnet_network_id": "cd77a2fd-4a36-4254-b1d0-70b3874c6d04",
"mtu_size_value": 8942, "mtu_size": 8942,
"networks_list": {
"cassandra": "cassandra-net",
"orientdb": "orientdb-net",
"orientdb_se": "orientdb-se-net",
"shared_postgresql": "postgresql-srv-net",
"swarm": "swarm-nfs-net",
"timescaledb": "timescaledb-net"
},
"networks_with_d4s_services": {
"garr_ct1_net": "90.147.166.0/23",
"garr_na_net": "90.147.152.0/24",
"garr_pa1_net": "90.147.188.0/23",
"infrascience_net": "146.48.122.0/23",
"isti_net": "146.48.80.0/21",
"s2i2s_net": "146.48.28.0/22"
},
"nfs_share_no_ingress_secgroup_id": "ddb16502-7217-4677-a8a7-ca0cbf9a779a",
"octavia_information": {
"main_lb_description": "Main L4 load balancer for the D4Science PRE production",
"main_lb_hostname": "main-lb",
"main_lb_name": "d4s-pre-cloud-l4-load-balancer",
"octavia_flavor": "octavia_amphora-mvcpu-ha",
"octavia_flavor_id": "394988b5-6603-4a1e-a939-8e177c6681c7",
"octavia_vrrp_ip_1": "10.1.33.159/32",
"octavia_vrrp_ip_2": "10.1.32.199/32",
"swarm_lb_name": "d4s-pre-cloud-l4-swarm-load-balancer"
},
"os_project_data": {
"id": "6fdc02e2827b405dad99f34698659742"
},
"policy_list": {
"affinity": "affinity",
"anti_affinity": "anti-affinity",
"soft_affinity": "soft-affinity",
"soft_anti_affinity": "soft-anti-affinity"
},
"prometheus_server_data": {
"flavor": "m1.medium",
"name": "prometheus",
"public_grafana_server_cidr": "146.48.28.103/32",
"vol_data_device": "/dev/vdb",
"vol_data_name": "prometheus-data",
"vol_data_size": "100"
},
"resolvers_ip": [ "resolvers_ip": [
"146.48.29.97", "146.48.29.97",
"146.48.29.98", "146.48.29.98",
"146.48.29.99" "146.48.29.99"
], ],
"ssh_sources_list": { "resource_registry_addresses": {},
"security_group_list": {
"acaland": "acaland's dev machine",
"access_to_orientdb": "access_to_orientdb",
"access_to_orientdb_se": "access_to_orientdb_se",
"access_to_the_timescaledb_service": "access_to_the_timescaledb_service",
"cassandra": "Cassandra",
"dataminer-publish": "dataminer-publish",
"debugging_from_jump_node": "debugging_from_jump_node",
"default": "default",
"docker_swarm": "Docker Swarm",
"docker_swarm_NFS": "Docker Swarm NFS",
"haproxy": "traffic_from_main_lb_to_haproxy_l7",
"http_and_https_from_the_load_balancers": "traffic_from_the_main_load_balancers",
"limited_HTTPS_access": "restricted_web_service",
"limited_SSH_access": "Limited SSH access",
"mongo": "mongo",
"nfs_share_no_ingress": "nfs_share_no_ingress",
"orientdb_internal_docker_traffic": "orientdb_internal_docker_traffic",
"postgreSQL": "PostgreSQL service",
"public_HTTPS": "Public HTTPS"
},
"shared_postgresql_server_data": {
"allocation_pool_end": "192.168.3.254",
"allocation_pool_start": "192.168.0.100",
"flavor": "m1.medium",
"name": "shared-postgresql-server",
"network_cidr": "192.168.0.0/22",
"network_description": "Network used to communicate with the shared postgresql service",
"network_name": "postgresql-srv-net",
"server_cidr": "192.168.0.5/22",
"server_ip": "192.168.0.5",
"vol_data_device": "/dev/vdb",
"vol_data_name": "shared-postgresql-data",
"vol_data_size": "100"
},
"smartexecutor_addresses": {},
"ssh_jump_proxy": {
"flavor": "m2.small",
"name": "ssh-jump-proxy"
},
"ssh_sources": {
"d4s_vpn_1_cidr": "146.48.122.27/32", "d4s_vpn_1_cidr": "146.48.122.27/32",
"d4s_vpn_2_cidr": "146.48.122.49/32", "d4s_vpn_2_cidr": "146.48.122.49/32",
"infrascience_net_cidr": "146.48.122.0/23", "infrascience_net_cidr": "146.48.122.0/23",
@ -409,54 +647,162 @@
"s2i2s_vpn_2_cidr": "146.48.28.11/32", "s2i2s_vpn_2_cidr": "146.48.28.11/32",
"shell_d4s_cidr": "146.48.122.95/32" "shell_d4s_cidr": "146.48.122.95/32"
}, },
"ubuntu1804_datafile": "../../openstack_vm_data_scripts/ubuntu1804.sh", "storage_nfs_network_id": "5f4023cc-4016-404c-94e5-86220095fbaf",
"ubuntu1804_img": { "storage_nfs_subnet_id": "6ff0f9e8-0e74-4cc3-a268-7ed4af435696",
"ubuntu1804_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh",
"ubuntu2204_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh",
"ubuntu_1804": {
"name": "Ubuntu-Bionic-18.04", "name": "Ubuntu-Bionic-18.04",
"user_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh",
"uuid": "7ed6a2cd-2b07-482e-8ce4-f018dff16c89" "uuid": "7ed6a2cd-2b07-482e-8ce4-f018dff16c89"
}, },
"ubuntu2204_datafile": "../../openstack_vm_data_scripts/ubuntu2204.sh", "ubuntu_2204": {
"ubuntu2204_img": {
"name": "Ubuntu-Jammy-22.04", "name": "Ubuntu-Jammy-22.04",
"user_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh",
"uuid": "54768889-8556-4be4-a2eb-82a4d9b34627" "uuid": "54768889-8556-4be4-a2eb-82a4d9b34627"
} }
}, },
"type": [ "type": [
"object", "object",
{ {
"almalinux9_img": [ "almalinux_9": [
"map", "map",
"string" "string"
], ],
"availability_zone_no_gpu_name": "string", "availability_zone_no_gpu_name": "string",
"availability_zone_with_gpu_name": "string", "availability_zone_with_gpu_name": "string",
"centos7_img": [ "availability_zones_names": [
"map",
"string"
],
"basic_services_ip": [
"map",
"string"
],
"centos_7": [
"map",
"string"
],
"default_security_group_name": "string",
"dns_zone": [
"map", "map",
"string" "string"
], ],
"dns_zone_id": "string", "dns_zone_id": "string",
"el7_datafile": "string", "el7_data_file": "string",
"external_gateway_ip": "string", "external_gateway_ip": [
"list",
[
"object",
{
"ip_address": "string",
"subnet_id": "string"
}
]
],
"external_network": [
"map",
"string"
],
"external_network_id": "string", "external_network_id": "string",
"external_network_name": "string", "external_router": [
"map",
"string"
],
"flavor_list": [
"map",
"string"
],
"floating_ip_pools": [
"map",
"string"
],
"haproxy_l7_data": [
"map",
"string"
],
"internal_ca_data": [
"map",
"string"
],
"main_haproxy_l7_ip": [
"list",
"string"
],
"main_private_network": [
"map",
"string"
],
"main_private_network_id": "string", "main_private_network_id": "string",
"main_region_name": "string", "main_private_subnet": [
"map",
"string"
],
"main_region": "string",
"main_subnet_network_id": "string", "main_subnet_network_id": "string",
"mtu_size_value": "number", "mtu_size": "number",
"networks_list": [
"map",
"string"
],
"networks_with_d4s_services": [
"map",
"string"
],
"nfs_share_no_ingress_secgroup_id": "string",
"octavia_information": [
"map",
"string"
],
"os_project_data": [
"map",
"string"
],
"policy_list": [
"map",
"string"
],
"prometheus_server_data": [
"map",
"string"
],
"resolvers_ip": [ "resolvers_ip": [
"list", "list",
"string" "string"
], ],
"ssh_sources_list": [ "resource_registry_addresses": [
"map", "map",
"string" "string"
], ],
"ubuntu1804_datafile": "string", "security_group_list": [
"ubuntu1804_img": [
"map", "map",
"string" "string"
], ],
"ubuntu2204_datafile": "string", "shared_postgresql_server_data": [
"ubuntu2204_img": [ "map",
"string"
],
"smartexecutor_addresses": [
"map",
"string"
],
"ssh_jump_proxy": [
"map",
"string"
],
"ssh_sources": [
"map",
"string"
],
"storage_nfs_network_id": "string",
"storage_nfs_subnet_id": "string",
"ubuntu1804_data_file": "string",
"ubuntu2204_data_file": "string",
"ubuntu_1804": [
"map",
"string"
],
"ubuntu_2204": [
"map", "map",
"string" "string"
] ]
@ -971,8 +1317,8 @@
], ],
"config_drive": null, "config_drive": null,
"created": "2023-11-05 14:54:15 +0000 UTC", "created": "2023-11-05 14:54:15 +0000 UTC",
"flavor_id": "4", "flavor_id": "9",
"flavor_name": "m1.medium", "flavor_name": "m1.large",
"floating_ip": null, "floating_ip": null,
"force_delete": false, "force_delete": false,
"id": "9ede65c7-70ca-4698-8551-754aa4f6fa1e", "id": "9ede65c7-70ca-4698-8551-754aa4f6fa1e",
@ -1015,8 +1361,8 @@
"stop_before_destroy": false, "stop_before_destroy": false,
"tags": [], "tags": [],
"timeouts": null, "timeouts": null,
"updated": "2023-11-05 14:54:48 +0000 UTC", "updated": "2024-06-06 15:43:37 +0000 UTC",
"user_data": "bb83b25fd1219aa1b850ece9be8d7b0f31714608", "user_data": "",
"vendor_options": [], "vendor_options": [],
"volume": [] "volume": []
}, },
@ -1385,9 +1731,9 @@
"sni_container_refs": [], "sni_container_refs": [],
"tags": [], "tags": [],
"tenant_id": "6fdc02e2827b405dad99f34698659742", "tenant_id": "6fdc02e2827b405dad99f34698659742",
"timeout_client_data": 50000, "timeout_client_data": 3600000,
"timeout_member_connect": 5000, "timeout_member_connect": 10000,
"timeout_member_data": 50000, "timeout_member_data": 7200000,
"timeout_tcp_inspect": 0, "timeout_tcp_inspect": 0,
"timeouts": null "timeouts": null
}, },
@ -2033,13 +2379,13 @@
"description": "Allow HTTPS from grafana.d4science.org", "description": "Allow HTTPS from grafana.d4science.org",
"direction": "ingress", "direction": "ingress",
"ethertype": "IPv4", "ethertype": "IPv4",
"id": "b4335816-fd94-4107-9cdd-e97fd5f8dab5", "id": "4a081ab2-579d-4cb0-b16d-cfb51f26aef4",
"port_range_max": 443, "port_range_max": 443,
"port_range_min": 443, "port_range_min": 443,
"protocol": "tcp", "protocol": "tcp",
"region": "isti_area_pi_1", "region": "isti_area_pi_1",
"remote_group_id": "", "remote_group_id": "",
"remote_ip_prefix": "146.48.122.132/32", "remote_ip_prefix": "146.48.28.103/32",
"security_group_id": "1a3161d4-00b1-411e-a3a6-5d3f1ec06483", "security_group_id": "1a3161d4-00b1-411e-a3a6-5d3f1ec06483",
"tenant_id": "6fdc02e2827b405dad99f34698659742", "tenant_id": "6fdc02e2827b405dad99f34698659742",
"timeouts": null "timeouts": null
@ -2582,22 +2928,22 @@
{ {
"mode": "managed", "mode": "managed",
"type": "openstack_networking_secgroup_rule_v2", "type": "openstack_networking_secgroup_rule_v2",
"name": "lb3_1_haproxy_l7_443", "name": "octavia_to_haproxy_l7_443",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [ "instances": [
{ {
"schema_version": 0, "schema_version": 0,
"attributes": { "attributes": {
"description": "Traffic from the first main lb instance to HAPROXY l7 1 port 443", "description": "Traffic from the octavia lb instance to HAPROXY l7 port 443",
"direction": "ingress", "direction": "ingress",
"ethertype": "IPv4", "ethertype": "IPv4",
"id": "99708119-4cee-4620-b12f-b30995d9e783", "id": "3436a7b9-9e18-4e19-af86-df62337a6f52",
"port_range_max": 443, "port_range_max": 443,
"port_range_min": 443, "port_range_min": 443,
"protocol": "tcp", "protocol": "tcp",
"region": "isti_area_pi_1", "region": "isti_area_pi_1",
"remote_group_id": "", "remote_group_id": "",
"remote_ip_prefix": "10.1.33.159/32", "remote_ip_prefix": "10.1.32.0/22",
"security_group_id": "194c32a1-5842-4be7-8c90-c03ebe4e25f0", "security_group_id": "194c32a1-5842-4be7-8c90-c03ebe4e25f0",
"tenant_id": "6fdc02e2827b405dad99f34698659742", "tenant_id": "6fdc02e2827b405dad99f34698659742",
"timeouts": null "timeouts": null
@ -2613,22 +2959,22 @@
{ {
"mode": "managed", "mode": "managed",
"type": "openstack_networking_secgroup_rule_v2", "type": "openstack_networking_secgroup_rule_v2",
"name": "lb3_1_haproxy_l7_80", "name": "octavia_to_haproxy_l7_80",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [ "instances": [
{ {
"schema_version": 0, "schema_version": 0,
"attributes": { "attributes": {
"description": "Traffic from the first main lb instance to HAPROXY l7 1 port 80", "description": "Traffic from the octavia lb instance to HAPROXY l7 port 80",
"direction": "ingress", "direction": "ingress",
"ethertype": "IPv4", "ethertype": "IPv4",
"id": "99d35bec-5bb6-46cc-b22f-23adc2b30881", "id": "d869e0c0-8ea5-498f-b38f-47c74cbe60a6",
"port_range_max": 80, "port_range_max": 80,
"port_range_min": 80, "port_range_min": 80,
"protocol": "tcp", "protocol": "tcp",
"region": "isti_area_pi_1", "region": "isti_area_pi_1",
"remote_group_id": "", "remote_group_id": "",
"remote_ip_prefix": "10.1.33.159/32", "remote_ip_prefix": "10.1.32.0/22",
"security_group_id": "194c32a1-5842-4be7-8c90-c03ebe4e25f0", "security_group_id": "194c32a1-5842-4be7-8c90-c03ebe4e25f0",
"tenant_id": "6fdc02e2827b405dad99f34698659742", "tenant_id": "6fdc02e2827b405dad99f34698659742",
"timeouts": null "timeouts": null
@ -2644,115 +2990,22 @@
{ {
"mode": "managed", "mode": "managed",
"type": "openstack_networking_secgroup_rule_v2", "type": "openstack_networking_secgroup_rule_v2",
"name": "lb3_1_haproxy_l7_8080", "name": "octavia_to_haproxy_l7_8880",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [ "instances": [
{ {
"schema_version": 0, "schema_version": 0,
"attributes": { "attributes": {
"description": "Traffic from the first main lb instance to HAPROXY l7 1 port 8080", "description": "Traffic from the octavia lb instance to HAPROXY l7 port 8880",
"direction": "ingress", "direction": "ingress",
"ethertype": "IPv4", "ethertype": "IPv4",
"id": "01f95b00-e717-4cc0-9a5b-7b33ea6bfdbd", "id": "3de492e5-804a-4cd0-8a86-79981600afab",
"port_range_max": 8080, "port_range_max": 8880,
"port_range_min": 8080, "port_range_min": 8880,
"protocol": "tcp", "protocol": "tcp",
"region": "isti_area_pi_1", "region": "isti_area_pi_1",
"remote_group_id": "", "remote_group_id": "",
"remote_ip_prefix": "10.1.33.159/32", "remote_ip_prefix": "10.1.32.0/22",
"security_group_id": "194c32a1-5842-4be7-8c90-c03ebe4e25f0",
"tenant_id": "6fdc02e2827b405dad99f34698659742",
"timeouts": null
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==",
"dependencies": [
"openstack_networking_secgroup_v2.main_lb_to_haproxy_l7"
]
}
]
},
{
"mode": "managed",
"type": "openstack_networking_secgroup_rule_v2",
"name": "lb3_2_haproxy_l7_443",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"description": "Traffic from the first main lb instance to HAPROXY l7 2 port 443",
"direction": "ingress",
"ethertype": "IPv4",
"id": "a6fd91df-518a-4310-b2b8-122e6c4b214d",
"port_range_max": 443,
"port_range_min": 443,
"protocol": "tcp",
"region": "isti_area_pi_1",
"remote_group_id": "",
"remote_ip_prefix": "10.1.32.199/32",
"security_group_id": "194c32a1-5842-4be7-8c90-c03ebe4e25f0",
"tenant_id": "6fdc02e2827b405dad99f34698659742",
"timeouts": null
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==",
"dependencies": [
"openstack_networking_secgroup_v2.main_lb_to_haproxy_l7"
]
}
]
},
{
"mode": "managed",
"type": "openstack_networking_secgroup_rule_v2",
"name": "lb3_2_haproxy_l7_80",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"description": "Traffic from the first main lb instance to HAPROXY l7 2 port 80",
"direction": "ingress",
"ethertype": "IPv4",
"id": "51a2fbbe-c50f-4038-bc33-f363713a7ca6",
"port_range_max": 80,
"port_range_min": 80,
"protocol": "tcp",
"region": "isti_area_pi_1",
"remote_group_id": "",
"remote_ip_prefix": "10.1.32.199/32",
"security_group_id": "194c32a1-5842-4be7-8c90-c03ebe4e25f0",
"tenant_id": "6fdc02e2827b405dad99f34698659742",
"timeouts": null
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==",
"dependencies": [
"openstack_networking_secgroup_v2.main_lb_to_haproxy_l7"
]
}
]
},
{
"mode": "managed",
"type": "openstack_networking_secgroup_rule_v2",
"name": "lb3_2_haproxy_l7_8080",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"description": "Traffic from the first main lb instance to HAPROXY l7 2 port 8080",
"direction": "ingress",
"ethertype": "IPv4",
"id": "8ceeb127-36b1-41cc-b993-1e61a5568d06",
"port_range_max": 8080,
"port_range_min": 8080,
"protocol": "tcp",
"region": "isti_area_pi_1",
"remote_group_id": "",
"remote_ip_prefix": "10.1.32.199/32",
"security_group_id": "194c32a1-5842-4be7-8c90-c03ebe4e25f0", "security_group_id": "194c32a1-5842-4be7-8c90-c03ebe4e25f0",
"tenant_id": "6fdc02e2827b405dad99f34698659742", "tenant_id": "6fdc02e2827b405dad99f34698659742",
"timeouts": null "timeouts": null

View File

@ -0,0 +1 @@
../variables/variables-preprod.tf

View File

@ -0,0 +1,67 @@
# Define required providers
terraform {
required_version = ">= 0.14.0"
required_providers {
openstack = {
source = "terraform-provider-openstack/openstack"
version = "~> 1.53.0"
}
}
}
data "terraform_remote_state" "privnet_dns_router" {
backend = "local"
config = {
path = "../project-setup/terraform.tfstate"
}
}
#
# Uses common_variables as module
#
module "common_variables" {
source = "../../modules/common_variables"
}
#
# Creates the server group "accounting-service"
#
resource "openstack_compute_servergroup_v2" "accounting_service_server_group" {
name = "accounting-service"
policies = [module.common_variables.policy_list.soft_anti_affinity]
}
module "instance_without_data_volume" {
source = "../../modules/cassandra"
cassandra_nodes_count = 3
cassandra_node_flavor = module.common_variables.flavor_list.m1_medium
cassandra_server_data = {
node_name = "cassandra"
node_data_disk_size = 20
node_data_disk_device = "/dev/vdb"
}
cassandra_tcp_ports_map = {
tcp_plain = {
description = "Cassandra TCP port 7000",
port_min = 7000,
port_max = 7000
},
tcp_tls = {
description = "Cassandra TLS TCP port 7001",
port_min = 7001,
port_max = 7001
},
tcp_transport = {
description = "Cassandra TCP transport 9042",
port_min = 9042,
port_max = 9042
},
rpc = {
description = "Cassandra TCP transport 9160",
port_min = 9160,
port_max = 9160
}
}
}

View File

@ -0,0 +1,3 @@
provider "openstack" {
cloud = "d4s-pre"
}

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,172 @@
# Define required providers
terraform {
required_version = ">= 0.14.0"
required_providers {
openstack = {
source = "terraform-provider-openstack/openstack"
version = "~> 1.53.0"
}
}
}
data "terraform_remote_state" "privnet_dns_router" {
backend = "local"
config = {
path = "../project-setup/terraform.tfstate"
}
}
#
# Uses common_variables as module
#
module "common_variables" {
source = "../../modules/common_variables"
}
#Module used
module "ssh_settings" {
source = "../../modules/ssh-key-ref"
}
resource "openstack_networking_secgroup_v2" "dataminer_publish" {
name = "dataminer_publish"
description = "Access to dataminer-ghost is allowed only to dm-pool-manager"
delete_default_rules = "true"
}
resource "openstack_compute_instance_v2" "dm_pool_manager_pre" {
name = "dm-pool-manager-pre"
availability_zone_hints = module.common_variables.availability_zone_no_gpu_name
flavor_name = module.common_variables.flavor_list.m1_large
key_pair = module.ssh_settings.ssh_key_name
security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers]
block_device {
uuid = module.common_variables.ubuntu_1804.uuid
source_type = "image"
volume_size = 30
boot_index = 0
destination_type = "volume"
delete_on_termination = false
}
# Creates the networks according to input networks
dynamic "network" {
for_each = toset([data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name])
content {
name = network.value
}
}
# user_data script used
user_data = file("${module.common_variables.ubuntu_1804.user_data_file}")
# Do not replace the instance when the ssh key changes
lifecycle {
ignore_changes = [
# Ignore changes to tags, e.g. because a management agent
# updates these based on some ruleset managed elsewhere.
key_pair, user_data, network
]
}
}
resource "openstack_networking_secgroup_rule_v2" "secgroup_dataminer_publish_rule_1" {
direction = "ingress"
ethertype = "IPv4"
protocol = "tcp"
port_range_min = 22
port_range_max = 22
remote_ip_prefix = join("/",[openstack_compute_instance_v2.dm_pool_manager_pre.network.0.fixed_ip_v4,"32"])
security_group_id = openstack_networking_secgroup_v2.dataminer_publish.id
}
resource "openstack_networking_secgroup_rule_v2" "secgroup_dataminer_publish_rule_2" {
direction = "ingress"
ethertype = "IPv4"
protocol = "tcp"
port_range_min = 80
port_range_max = 80
remote_ip_prefix = "0.0.0.0/0"
security_group_id = openstack_networking_secgroup_v2.dataminer_publish.id
}
resource "openstack_networking_secgroup_rule_v2" "secgroup_dataminer_publish_rule_3" {
direction = "ingress"
ethertype = "IPv4"
protocol = "tcp"
port_range_min = 443
port_range_max = 443
remote_ip_prefix = join("/",[openstack_compute_instance_v2.dm_pool_manager_pre.network.0.fixed_ip_v4,"32"])
security_group_id = openstack_networking_secgroup_v2.dataminer_publish.id
}
module "instance_without_data_volume" {
source = "../../modules/instance_without_data_volume"
instances_without_data_volume_map = {
dataminer_pre_ghost = {
name = "dataminer-pre-ghost",
description = "This instance is a DataMiner Ghost service",
flavor = module.common_variables.flavor_list.m1_large,
networks = [data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name, module.common_variables.networks_list.shared_postgresql],
security_groups = [openstack_networking_secgroup_v2.dataminer_publish.name,data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [],
image_ref = module.common_variables.ubuntu_1804
image_volume_size = 50
},
dataminer_1_pre_1804 = {
name = "dataminer1-pre-1804",
description = "This instance is a DataMiner service",
flavor = module.common_variables.flavor_list.m1_large,
networks = [data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name, module.common_variables.networks_list.shared_postgresql],
security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [],
image_ref = module.common_variables.ubuntu_1804
image_volume_size = 50
}
}
}
locals {
cname_target = "main-lb.${data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name}"
}
#
# Add DNS record/s
#
module "dns_records_create" {
source = "../../modules/dns_resources"
dns_resources_map = {
dm-pool-manager-pre = {
zone_id = data.terraform_remote_state.privnet_dns_router.outputs.dns_zone_id
name = join(".", ["dm-pool-manager-pre", data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name])
description = "DM Pool Manager Preproduction"
ttl = 8600
type = "CNAME"
records = [local.cname_target]
},
dataminer-pre-ghost = {
zone_id = data.terraform_remote_state.privnet_dns_router.outputs.dns_zone_id
name = join(".", ["dataminer-pre-ghost", data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name])
description = "DataMiner Preproduction Ghost"
ttl = 8600
type = "CNAME"
records = [local.cname_target]
},
dataminer1-pre-1804 = {
zone_id = data.terraform_remote_state.privnet_dns_router.outputs.dns_zone_id
name = join(".", ["dataminer1-pre-1804", data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name])
description = "DataMiner 1 Pre 1804"
ttl = 8600
type = "CNAME"
records = [local.cname_target]
}
}
}

View File

@ -0,0 +1,3 @@
provider "openstack" {
cloud = "d4s-pre"
}

View File

@ -0,0 +1,865 @@
{
"version": 4,
"terraform_version": "1.6.4",
"serial": 46,
"lineage": "36794155-bcfa-624c-516e-62e6c5034c73",
"outputs": {},
"resources": [
{
"mode": "data",
"type": "terraform_remote_state",
"name": "privnet_dns_router",
"provider": "provider[\"terraform.io/builtin/terraform\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"backend": "local",
"config": {
"value": {
"path": "../project-setup/terraform.tfstate"
},
"type": [
"object",
{
"path": "string"
}
]
},
"defaults": null,
"outputs": {
"value": {
"almalinux_9": {
"name": "AlmaLinux-9.0-20220718",
"uuid": "541650fc-dd19-4f38-bb1d-7333ed9dd688"
},
"availability_zone_no_gpu_name": "cnr-isti-nova-a",
"availability_zone_with_gpu_name": "cnr-isti-nova-gpu-a",
"availability_zones_names": {
"availability_zone_no_gpu": "cnr-isti-nova-a",
"availability_zone_with_gpu": "cnr-isti-nova-gpu-a"
},
"basic_services_ip": {
"ca": "10.1.32.4",
"ca_cidr": "10.1.32.4/32",
"haproxy_l7_1": "10.1.32.11",
"haproxy_l7_1_cidr": "10.1.32.11/32",
"haproxy_l7_2": "10.1.32.12",
"haproxy_l7_2_cidr": "10.1.32.12/32",
"octavia_main": "10.1.32.20",
"octavia_main_cidr": "10.1.32.20/32",
"prometheus": "10.1.32.10",
"prometheus_cidr": "10.1.32.10/32",
"ssh_jump": "10.1.32.5",
"ssh_jump_cidr": "10.1.32.5/32"
},
"centos_7": {
"name": "CentOS-7",
"uuid": "f0187a99-64f6-462a-ab5f-ef52fe62f2ca"
},
"default_security_group_name": "default_for_all",
"dns_zone": {
"description": "DNS primary zone for the d4s-pre-cloud project",
"email": "postmaster@isti.cnr.it",
"id": "c1a4b4bc-f167-4387-855d-38f0f99ca05c",
"ttl": "8600",
"zone_name": "cloud-pre.d4science.org."
},
"dns_zone_id": "c1a4b4bc-f167-4387-855d-38f0f99ca05c",
"el7_data_file": "../../openstack_vm_data_scripts/el7.sh",
"external_gateway_ip": [
{
"ip_address": "146.48.30.241",
"subnet_id": "57f87509-4016-46fb-b8c3-25fca7f72ccb"
}
],
"external_network": {
"id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b",
"name": "external-network"
},
"external_network_id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b",
"external_router": {
"description": "D4Science Preprod main router",
"id": "cc26064a-bb08-4c0b-929f-d0cb39f934a3",
"name": "d4s-pre-cloud-external-router"
},
"flavor_list": {
"c1_large": "c1.large",
"c1_medium": "c1.medium",
"c1_small": "c1.small",
"c2_large": "c2.large",
"m1_large": "m1.large",
"m1_medium": "m1.medium",
"m1_xlarge": "m1.xlarge",
"m1_xxl": "m1.xxl",
"m2_large": "m2.large",
"m2_medium": "m2.medium",
"m2_small": "m2.small",
"m3_large": "m3.large"
},
"floating_ip_pools": {
"main_public_ip_pool": "external-network"
},
"haproxy_l7_data": {
"flavor": "m1.medium",
"haproxy_1": "haproxy-l7-1",
"haproxy_2": "haproxy-l7-2",
"name": "main-haproxy-l7",
"vm_count": "2"
},
"internal_ca_data": {
"flavor": "m1.small",
"name": "ca"
},
"main_haproxy_l7_ip": [
"10.1.32.11",
"10.1.32.12"
],
"main_private_network": {
"description": "D4Science Preprod private network (use this as the main network)",
"name": "d4s-pre-cloud-main"
},
"main_private_network_id": "23fd8a99-d551-4ada-8d3a-9859542ebb8c",
"main_private_subnet": {
"allocation_end": "10.1.35.254",
"allocation_start": "10.1.32.100",
"cidr": "10.1.32.0/22",
"description": "D4Science Preprod main private subnet",
"gateway_ip": "10.1.32.1",
"name": "d4s-pre-cloud-main-subnet"
},
"main_region": "isti_area_pi_1",
"main_subnet_network_id": "cd77a2fd-4a36-4254-b1d0-70b3874c6d04",
"mtu_size": 8942,
"networks_list": {
"cassandra": "cassandra-net",
"orientdb": "orientdb-net",
"orientdb_se": "orientdb-se-net",
"shared_postgresql": "postgresql-srv-net",
"swarm": "swarm-nfs-net",
"timescaledb": "timescaledb-net"
},
"networks_with_d4s_services": {
"garr_ct1_net": "90.147.166.0/23",
"garr_na_net": "90.147.152.0/24",
"garr_pa1_net": "90.147.188.0/23",
"infrascience_net": "146.48.122.0/23",
"isti_net": "146.48.80.0/21",
"s2i2s_net": "146.48.28.0/22"
},
"nfs_share_no_ingress_secgroup_id": "ddb16502-7217-4677-a8a7-ca0cbf9a779a",
"octavia_information": {
"main_lb_description": "Main L4 load balancer for the D4Science PRE production",
"main_lb_hostname": "main-lb",
"main_lb_name": "d4s-pre-cloud-l4-load-balancer",
"octavia_flavor": "octavia_amphora-mvcpu-ha",
"octavia_flavor_id": "394988b5-6603-4a1e-a939-8e177c6681c7",
"octavia_vrrp_ip_1": "10.1.33.159/32",
"octavia_vrrp_ip_2": "10.1.32.199/32",
"swarm_lb_name": "d4s-pre-cloud-l4-swarm-load-balancer"
},
"os_project_data": {
"id": "6fdc02e2827b405dad99f34698659742"
},
"policy_list": {
"affinity": "affinity",
"anti_affinity": "anti-affinity",
"soft_affinity": "soft-affinity",
"soft_anti_affinity": "soft-anti-affinity"
},
"prometheus_server_data": {
"flavor": "m1.medium",
"name": "prometheus",
"public_grafana_server_cidr": "146.48.28.103/32",
"vol_data_device": "/dev/vdb",
"vol_data_name": "prometheus-data",
"vol_data_size": "100"
},
"resolvers_ip": [
"146.48.29.97",
"146.48.29.98",
"146.48.29.99"
],
"resource_registry_addresses": {},
"security_group_list": {
"acaland": "acaland's dev machine",
"access_to_orientdb": "access_to_orientdb",
"access_to_orientdb_se": "access_to_orientdb_se",
"access_to_the_timescaledb_service": "access_to_the_timescaledb_service",
"cassandra": "Cassandra",
"dataminer-publish": "dataminer-publish",
"debugging_from_jump_node": "debugging_from_jump_node",
"default": "default",
"docker_swarm": "Docker Swarm",
"docker_swarm_NFS": "Docker Swarm NFS",
"haproxy": "traffic_from_main_lb_to_haproxy_l7",
"http_and_https_from_the_load_balancers": "traffic_from_the_main_load_balancers",
"limited_HTTPS_access": "restricted_web_service",
"limited_SSH_access": "Limited SSH access",
"mongo": "mongo",
"nfs_share_no_ingress": "nfs_share_no_ingress",
"orientdb_internal_docker_traffic": "orientdb_internal_docker_traffic",
"postgreSQL": "PostgreSQL service",
"public_HTTPS": "Public HTTPS"
},
"shared_postgresql_server_data": {
"allocation_pool_end": "192.168.3.254",
"allocation_pool_start": "192.168.0.100",
"flavor": "m1.medium",
"name": "shared-postgresql-server",
"network_cidr": "192.168.0.0/22",
"network_description": "Network used to communicate with the shared postgresql service",
"network_name": "postgresql-srv-net",
"server_cidr": "192.168.0.5/22",
"server_ip": "192.168.0.5",
"vol_data_device": "/dev/vdb",
"vol_data_name": "shared-postgresql-data",
"vol_data_size": "100"
},
"smartexecutor_addresses": {},
"ssh_jump_proxy": {
"flavor": "m2.small",
"name": "ssh-jump-proxy"
},
"ssh_sources": {
"d4s_vpn_1_cidr": "146.48.122.27/32",
"d4s_vpn_2_cidr": "146.48.122.49/32",
"infrascience_net_cidr": "146.48.122.0/23",
"s2i2s_vpn_1_cidr": "146.48.28.10/32",
"s2i2s_vpn_2_cidr": "146.48.28.11/32",
"shell_d4s_cidr": "146.48.122.95/32"
},
"storage_nfs_network_id": "5f4023cc-4016-404c-94e5-86220095fbaf",
"storage_nfs_subnet_id": "6ff0f9e8-0e74-4cc3-a268-7ed4af435696",
"ubuntu1804_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh",
"ubuntu2204_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh",
"ubuntu_1804": {
"name": "Ubuntu-Bionic-18.04",
"user_data_file": "../../openstack_vm_data_scripts/ubuntu1804.sh",
"uuid": "7ed6a2cd-2b07-482e-8ce4-f018dff16c89"
},
"ubuntu_2204": {
"name": "Ubuntu-Jammy-22.04",
"user_data_file": "../../openstack_vm_data_scripts/ubuntu2204.sh",
"uuid": "54768889-8556-4be4-a2eb-82a4d9b34627"
}
},
"type": [
"object",
{
"almalinux_9": [
"map",
"string"
],
"availability_zone_no_gpu_name": "string",
"availability_zone_with_gpu_name": "string",
"availability_zones_names": [
"map",
"string"
],
"basic_services_ip": [
"map",
"string"
],
"centos_7": [
"map",
"string"
],
"default_security_group_name": "string",
"dns_zone": [
"map",
"string"
],
"dns_zone_id": "string",
"el7_data_file": "string",
"external_gateway_ip": [
"list",
[
"object",
{
"ip_address": "string",
"subnet_id": "string"
}
]
],
"external_network": [
"map",
"string"
],
"external_network_id": "string",
"external_router": [
"map",
"string"
],
"flavor_list": [
"map",
"string"
],
"floating_ip_pools": [
"map",
"string"
],
"haproxy_l7_data": [
"map",
"string"
],
"internal_ca_data": [
"map",
"string"
],
"main_haproxy_l7_ip": [
"list",
"string"
],
"main_private_network": [
"map",
"string"
],
"main_private_network_id": "string",
"main_private_subnet": [
"map",
"string"
],
"main_region": "string",
"main_subnet_network_id": "string",
"mtu_size": "number",
"networks_list": [
"map",
"string"
],
"networks_with_d4s_services": [
"map",
"string"
],
"nfs_share_no_ingress_secgroup_id": "string",
"octavia_information": [
"map",
"string"
],
"os_project_data": [
"map",
"string"
],
"policy_list": [
"map",
"string"
],
"prometheus_server_data": [
"map",
"string"
],
"resolvers_ip": [
"list",
"string"
],
"resource_registry_addresses": [
"map",
"string"
],
"security_group_list": [
"map",
"string"
],
"shared_postgresql_server_data": [
"map",
"string"
],
"smartexecutor_addresses": [
"map",
"string"
],
"ssh_jump_proxy": [
"map",
"string"
],
"ssh_sources": [
"map",
"string"
],
"storage_nfs_network_id": "string",
"storage_nfs_subnet_id": "string",
"ubuntu1804_data_file": "string",
"ubuntu2204_data_file": "string",
"ubuntu_1804": [
"map",
"string"
],
"ubuntu_2204": [
"map",
"string"
]
}
]
},
"workspace": null
},
"sensitive_attributes": []
}
]
},
{
"mode": "managed",
"type": "openstack_compute_instance_v2",
"name": "dm_pool_manager_pre",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"access_ip_v4": "10.1.33.85",
"access_ip_v6": "",
"admin_pass": null,
"all_metadata": {},
"all_tags": [],
"availability_zone": "cnr-isti-nova-a",
"availability_zone_hints": "cnr-isti-nova-a",
"block_device": [
{
"boot_index": 0,
"delete_on_termination": false,
"destination_type": "volume",
"device_type": "",
"disk_bus": "",
"guest_format": "",
"multiattach": false,
"source_type": "image",
"uuid": "7ed6a2cd-2b07-482e-8ce4-f018dff16c89",
"volume_size": 30,
"volume_type": ""
}
],
"config_drive": null,
"created": "2024-02-19 14:07:19 +0000 UTC",
"flavor_id": "9",
"flavor_name": "m1.large",
"floating_ip": null,
"force_delete": false,
"id": "545ec252-36b8-42a8-8ccd-aa9324537839",
"image_id": "Attempt to boot from volume - no image supplied",
"image_name": null,
"key_pair": "Giancarlo Panichi",
"metadata": null,
"name": "dm-pool-manager-pre",
"network": [
{
"access_network": false,
"fixed_ip_v4": "10.1.33.85",
"fixed_ip_v6": "",
"floating_ip": "",
"mac": "fa:16:3e:d0:ce:74",
"name": "d4s-pre-cloud-main",
"port": "",
"uuid": "23fd8a99-d551-4ada-8d3a-9859542ebb8c"
}
],
"network_mode": null,
"personality": [],
"power_state": "active",
"region": "isti_area_pi_1",
"scheduler_hints": [],
"security_groups": [
"default_for_all",
"traffic_from_the_main_load_balancers"
],
"stop_before_destroy": false,
"tags": null,
"timeouts": null,
"updated": "2024-02-19 14:08:01 +0000 UTC",
"user_data": "47d4769e61324c305c4b70ed6673de4fad84150d",
"vendor_options": [],
"volume": []
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router"
]
}
]
},
{
"mode": "managed",
"type": "openstack_networking_secgroup_rule_v2",
"name": "secgroup_dataminer_publish_rule_1",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"description": "",
"direction": "ingress",
"ethertype": "IPv4",
"id": "805c498d-e6ef-4466-99db-45218ee47cd7",
"port_range_max": 22,
"port_range_min": 22,
"protocol": "tcp",
"region": "isti_area_pi_1",
"remote_group_id": "",
"remote_ip_prefix": "10.1.33.85/32",
"security_group_id": "fa1ed43b-5560-41eb-be4a-f66acb446ee1",
"tenant_id": "6fdc02e2827b405dad99f34698659742",
"timeouts": null
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router",
"openstack_compute_instance_v2.dm_pool_manager_pre",
"openstack_networking_secgroup_v2.dataminer_publish"
]
}
]
},
{
"mode": "managed",
"type": "openstack_networking_secgroup_rule_v2",
"name": "secgroup_dataminer_publish_rule_2",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"description": "",
"direction": "ingress",
"ethertype": "IPv4",
"id": "dd015f50-8765-4c16-bcbb-83f6f3f070bf",
"port_range_max": 80,
"port_range_min": 80,
"protocol": "tcp",
"region": "isti_area_pi_1",
"remote_group_id": "",
"remote_ip_prefix": "0.0.0.0/0",
"security_group_id": "fa1ed43b-5560-41eb-be4a-f66acb446ee1",
"tenant_id": "6fdc02e2827b405dad99f34698659742",
"timeouts": null
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==",
"dependencies": [
"openstack_networking_secgroup_v2.dataminer_publish"
]
}
]
},
{
"mode": "managed",
"type": "openstack_networking_secgroup_rule_v2",
"name": "secgroup_dataminer_publish_rule_3",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"description": "",
"direction": "ingress",
"ethertype": "IPv4",
"id": "cce9b287-bdb4-4dd2-8b9a-0444efef4b76",
"port_range_max": 443,
"port_range_min": 443,
"protocol": "tcp",
"region": "isti_area_pi_1",
"remote_group_id": "",
"remote_ip_prefix": "10.1.33.85/32",
"security_group_id": "fa1ed43b-5560-41eb-be4a-f66acb446ee1",
"tenant_id": "6fdc02e2827b405dad99f34698659742",
"timeouts": null
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router",
"openstack_compute_instance_v2.dm_pool_manager_pre",
"openstack_networking_secgroup_v2.dataminer_publish"
]
}
]
},
{
"mode": "managed",
"type": "openstack_networking_secgroup_v2",
"name": "dataminer_publish",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"all_tags": [],
"delete_default_rules": true,
"description": "Access to dataminer-ghost is allowed only to dm-pool-manager",
"id": "fa1ed43b-5560-41eb-be4a-f66acb446ee1",
"name": "dataminer_publish",
"region": "isti_area_pi_1",
"tags": null,
"tenant_id": "6fdc02e2827b405dad99f34698659742",
"timeouts": null
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ=="
}
]
},
{
"module": "module.dns_records_create",
"mode": "managed",
"type": "openstack_dns_recordset_v2",
"name": "add_dns_recordset",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"index_key": "dataminer-pre-ghost",
"schema_version": 0,
"attributes": {
"description": "DataMiner Preproduction Ghost",
"disable_status_check": false,
"id": "c1a4b4bc-f167-4387-855d-38f0f99ca05c/016af6ff-ee98-40cb-9c16-868b1bdb863f",
"name": "dataminer-pre-ghost.cloud-pre.d4science.org.",
"project_id": "6fdc02e2827b405dad99f34698659742",
"records": [
"main-lb.cloud-pre.d4science.org."
],
"region": "isti_area_pi_1",
"timeouts": null,
"ttl": 8600,
"type": "CNAME",
"value_specs": null,
"zone_id": "c1a4b4bc-f167-4387-855d-38f0f99ca05c"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router"
]
},
{
"index_key": "dataminer1-pre-1804",
"schema_version": 0,
"attributes": {
"description": "DataMiner 1 Pre 1804",
"disable_status_check": false,
"id": "c1a4b4bc-f167-4387-855d-38f0f99ca05c/ec23cac5-691f-4530-8625-e5bb62b21e45",
"name": "dataminer1-pre-1804.cloud-pre.d4science.org.",
"project_id": "6fdc02e2827b405dad99f34698659742",
"records": [
"main-lb.cloud-pre.d4science.org."
],
"region": "isti_area_pi_1",
"timeouts": null,
"ttl": 8600,
"type": "CNAME",
"value_specs": null,
"zone_id": "c1a4b4bc-f167-4387-855d-38f0f99ca05c"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router"
]
},
{
"index_key": "dm-pool-manager-pre",
"schema_version": 0,
"attributes": {
"description": "DM Pool Manager Preproduction",
"disable_status_check": false,
"id": "c1a4b4bc-f167-4387-855d-38f0f99ca05c/d0f826d0-25e0-4ac6-9e21-164630ed8f04",
"name": "dm-pool-manager-pre.cloud-pre.d4science.org.",
"project_id": "6fdc02e2827b405dad99f34698659742",
"records": [
"main-lb.cloud-pre.d4science.org."
],
"region": "isti_area_pi_1",
"timeouts": null,
"ttl": 8600,
"type": "CNAME",
"value_specs": null,
"zone_id": "c1a4b4bc-f167-4387-855d-38f0f99ca05c"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router"
]
}
]
},
{
"module": "module.instance_without_data_volume",
"mode": "managed",
"type": "openstack_compute_instance_v2",
"name": "smartgears_service",
"provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]",
"instances": [
{
"index_key": "dataminer_1_pre_1804",
"schema_version": 0,
"attributes": {
"access_ip_v4": "10.1.34.182",
"access_ip_v6": "",
"admin_pass": null,
"all_metadata": {},
"all_tags": [],
"availability_zone": "cnr-isti-nova-a",
"availability_zone_hints": "cnr-isti-nova-a",
"block_device": [
{
"boot_index": 0,
"delete_on_termination": false,
"destination_type": "volume",
"device_type": "",
"disk_bus": "",
"guest_format": "",
"multiattach": false,
"source_type": "image",
"uuid": "7ed6a2cd-2b07-482e-8ce4-f018dff16c89",
"volume_size": 50,
"volume_type": ""
}
],
"config_drive": null,
"created": "2024-01-22 11:03:53 +0000 UTC",
"flavor_id": "9",
"flavor_name": "m1.large",
"floating_ip": null,
"force_delete": false,
"id": "5da038e7-b282-4de0-8f7a-f80467b61449",
"image_id": "Attempt to boot from volume - no image supplied",
"image_name": null,
"key_pair": "Giancarlo Panichi",
"metadata": null,
"name": "dataminer1-pre-1804",
"network": [
{
"access_network": false,
"fixed_ip_v4": "10.1.34.182",
"fixed_ip_v6": "",
"floating_ip": "",
"mac": "fa:16:3e:40:3c:2a",
"name": "d4s-pre-cloud-main",
"port": "",
"uuid": "23fd8a99-d551-4ada-8d3a-9859542ebb8c"
},
{
"access_network": false,
"fixed_ip_v4": "192.168.0.148",
"fixed_ip_v6": "",
"floating_ip": "",
"mac": "fa:16:3e:2f:72:9f",
"name": "postgresql-srv-net",
"port": "",
"uuid": "e25395f4-f1aa-4819-b5a5-36d25ee5af54"
}
],
"network_mode": null,
"personality": [],
"power_state": "active",
"region": "isti_area_pi_1",
"scheduler_hints": [],
"security_groups": [
"default_for_all",
"traffic_from_the_main_load_balancers"
],
"stop_before_destroy": false,
"tags": [],
"timeouts": null,
"updated": "2024-01-22 11:05:44 +0000 UTC",
"user_data": "47d4769e61324c305c4b70ed6673de4fad84150d",
"vendor_options": [],
"volume": []
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router",
"openstack_networking_secgroup_v2.dataminer_publish"
]
},
{
"index_key": "dataminer_pre_ghost",
"schema_version": 0,
"attributes": {
"access_ip_v4": "10.1.32.170",
"access_ip_v6": "",
"admin_pass": null,
"all_metadata": {},
"all_tags": [],
"availability_zone": "cnr-isti-nova-a",
"availability_zone_hints": "cnr-isti-nova-a",
"block_device": [
{
"boot_index": 0,
"delete_on_termination": false,
"destination_type": "volume",
"device_type": "",
"disk_bus": "",
"guest_format": "",
"multiattach": false,
"source_type": "image",
"uuid": "7ed6a2cd-2b07-482e-8ce4-f018dff16c89",
"volume_size": 50,
"volume_type": ""
}
],
"config_drive": null,
"created": "2024-01-22 11:03:53 +0000 UTC",
"flavor_id": "9",
"flavor_name": "m1.large",
"floating_ip": null,
"force_delete": false,
"id": "06722ecf-556e-4a5c-99fc-d44a6147a5ce",
"image_id": "Attempt to boot from volume - no image supplied",
"image_name": null,
"key_pair": "Giancarlo Panichi",
"metadata": null,
"name": "dataminer-pre-ghost",
"network": [
{
"access_network": false,
"fixed_ip_v4": "10.1.32.170",
"fixed_ip_v6": "",
"floating_ip": "",
"mac": "fa:16:3e:54:79:54",
"name": "d4s-pre-cloud-main",
"port": "",
"uuid": "23fd8a99-d551-4ada-8d3a-9859542ebb8c"
},
{
"access_network": false,
"fixed_ip_v4": "192.168.2.221",
"fixed_ip_v6": "",
"floating_ip": "",
"mac": "fa:16:3e:86:3b:1b",
"name": "postgresql-srv-net",
"port": "",
"uuid": "e25395f4-f1aa-4819-b5a5-36d25ee5af54"
}
],
"network_mode": null,
"personality": [],
"power_state": "active",
"region": "isti_area_pi_1",
"scheduler_hints": [],
"security_groups": [
"dataminer_publish",
"default_for_all",
"traffic_from_the_main_load_balancers"
],
"stop_before_destroy": false,
"tags": [],
"timeouts": null,
"updated": "2024-01-22 11:06:43 +0000 UTC",
"user_data": "",
"vendor_options": [],
"volume": []
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19",
"dependencies": [
"data.terraform_remote_state.privnet_dns_router",
"openstack_networking_secgroup_v2.dataminer_publish"
]
}
]
}
],
"check_results": null
}

View File

@ -0,0 +1,3 @@
# Docker Swarm setup in preprod. Manager nodes only
It's expected to use Manila for NFS, and a OVN load balancer.

View File

@ -0,0 +1,510 @@
#
# Server groups for both the manager nodes
#
resource "openstack_compute_servergroup_v2" "swarm_masters" {
name = "swarm_masters"
policies = ["soft-anti-affinity"]
}
#
# Security groups
#
resource "openstack_networking_secgroup_v2" "swarm_internal_traffic" {
name = "swarm_internal_docker_traffic"
delete_default_rules = "true"
description = "Traffic between the Docker Swarm nodes"
}
resource "openstack_networking_secgroup_rule_v2" "everything_udp" {
security_group_id = openstack_networking_secgroup_v2.swarm_internal_traffic.id
description = "UDP traffic between Swarm nodes"
direction = "ingress"
ethertype = "IPv4"
protocol = "udp"
remote_ip_prefix = data.terraform_remote_state.privnet_dns_router.outputs.main_private_subnet.cidr
}
resource "openstack_networking_secgroup_rule_v2" "everything_tcp" {
security_group_id = openstack_networking_secgroup_v2.swarm_internal_traffic.id
description = "TCP traffic between Swarm nodes"
direction = "ingress"
ethertype = "IPv4"
protocol = "tcp"
remote_ip_prefix = data.terraform_remote_state.privnet_dns_router.outputs.main_private_subnet.cidr
}
resource "openstack_networking_secgroup_rule_v2" "https_from_outside" {
security_group_id = openstack_networking_secgroup_v2.swarm_internal_traffic.id
description = "HTTPS from outside"
direction = "ingress"
ethertype = "IPv4"
protocol = "tcp"
port_range_min = 443
port_range_max = 443
remote_ip_prefix = "0.0.0.0/0"
}
resource "openstack_networking_secgroup_rule_v2" "http_from_outside" {
security_group_id = openstack_networking_secgroup_v2.swarm_internal_traffic.id
description = "HTTP from outside"
direction = "ingress"
ethertype = "IPv4"
protocol = "tcp"
port_range_min = 80
port_range_max = 80
remote_ip_prefix = "0.0.0.0/0"
}
# resource "openstack_networking_secgroup_rule_v2" "quic_from_outside" {
# security_group_id = openstack_networking_secgroup_v2.swarm_internal_traffic.id
# description = "QUIC from outside"
# direction = "ingress"
# ethertype = "IPv4"
# protocol = "udp"
# port_range_min = 443
# port_range_max = 443
# remote_ip_prefix = "0.0.0.0/0"
# }
resource "openstack_networking_secgroup_rule_v2" "haproxy_stats_from_outside" {
security_group_id = openstack_networking_secgroup_v2.swarm_internal_traffic.id
description = "HAPROXY stats from outside"
direction = "ingress"
ethertype = "IPv4"
protocol = "tcp"
port_range_min = 8880
port_range_max = 8880
remote_ip_prefix = "0.0.0.0/0"
}
#
# Swarm Manager VMs
#
# Instance
resource "openstack_compute_instance_v2" "docker_swarm_managers" {
count = var.docker_swarm_data.mgr_count
name = format("%s-%02d", var.docker_swarm_data.mgr_name, count.index + 1)
# availability_zone_hints = var.availability_zones_names.availability_zone_no_gpu
flavor_name = var.docker_swarm_data.mgr_flavor
key_pair = module.ssh_settings.ssh_key_name
security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, openstack_networking_secgroup_v2.swarm_internal_traffic.name, "default", "nfs_share_no_ingress"]
scheduler_hints {
group = openstack_compute_servergroup_v2.swarm_masters.id
}
block_device {
uuid = module.common_variables.ubuntu_2204.uuid
source_type = "image"
volume_size = 10
boot_index = 0
destination_type = "volume"
delete_on_termination = false
}
block_device {
source_type = "blank"
volume_size = var.docker_swarm_data.mgr_data_disk_size
boot_index = -1
destination_type = "volume"
delete_on_termination = false
}
network {
name = data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name
fixed_ip_v4 = var.swarm_managers_ip.* [count.index]
}
network {
name = module.common_variables.networks_list.shared_postgresql
}
user_data = file("${module.common_variables.ubuntu2204_data_file}")
# Do not replace the instance when the ssh key changes
lifecycle {
ignore_changes = [
# Ignore changes to tags, e.g. because a management agent
# updates these based on some ruleset managed elsewhere.
key_pair, user_data, network
]
}
}
#
# Manila NFS Share
#
# Managers
resource "openstack_networking_port_v2" "swarm_mgr_nfs_port" {
count = var.docker_swarm_data.mgr_count
name = format("%s-%02d", var.docker_swarm_data.mgr_name, count.index + 1)
network_id = data.terraform_remote_state.privnet_dns_router.outputs.storage_nfs_network_id
admin_state_up = "true"
fixed_ip {
subnet_id = data.terraform_remote_state.privnet_dns_router.outputs.storage_nfs_subnet_id
}
}
resource "openstack_networking_port_secgroup_associate_v2" "swarm_mgr_nfs_port_secgroup" {
count = var.docker_swarm_data.mgr_count
port_id = openstack_networking_port_v2.swarm_mgr_nfs_port[count.index].id
security_group_ids = [data.terraform_remote_state.privnet_dns_router.outputs.nfs_share_no_ingress_secgroup_id]
}
resource "openstack_compute_interface_attach_v2" "nfs_port_to_swarm_mgr" {
count = var.docker_swarm_data.mgr_count
instance_id = openstack_compute_instance_v2.docker_swarm_managers[count.index].id
port_id = openstack_networking_port_v2.swarm_mgr_nfs_port[count.index].id
}
#
# Octavia
#
# Swarm load balancer. L4, backed by Octavia
resource "openstack_lb_loadbalancer_v2" "swarm_lb" {
vip_subnet_id = data.terraform_remote_state.privnet_dns_router.outputs.main_subnet_network_id
name = var.octavia_swarm_data.swarm_lb_name
description = var.octavia_swarm_data.swarm_lb_description
# flavor_id = var.octavia_swarm_data.octavia_flavor_id
vip_address = var.octavia_swarm_data.swarm_octavia_main_ip
# availability_zone = var.availability_zones_names.availability_zone_no_gpu
# loadbalancer_provider = "amphora"
loadbalancer_provider = "ovn"
}
# Allocate a floating IP
resource "openstack_networking_floatingip_v2" "swarm_lb_ip" {
pool = data.terraform_remote_state.privnet_dns_router.outputs.floating_ip_pools.main_public_ip_pool
# The DNS association does not work because of a bug in the OpenStack API
# dns_name = "main-lb"
# dns_domain = data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name
description = var.octavia_swarm_data.swarm_lb_description
}
resource "openstack_networking_floatingip_associate_v2" "swarm_lb" {
floating_ip = openstack_networking_floatingip_v2.swarm_lb_ip.address
port_id = openstack_lb_loadbalancer_v2.swarm_lb.vip_port_id
}
locals {
swarm_recordset_name = "${var.octavia_swarm_data.swarm_lb_hostname}.${data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name}"
portainer_recordset_name = "portainer.${data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name}"
conductor_recordset_name = "conductor.${data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name}"
}
resource "openstack_dns_recordset_v2" "swarm_lb_dns_recordset" {
zone_id = data.terraform_remote_state.privnet_dns_router.outputs.dns_zone_id
name = local.swarm_recordset_name
description = "Public IP address of the load balancer in front of Docker Swarm"
ttl = 8600
type = "A"
records = [openstack_networking_floatingip_v2.swarm_lb_ip.address]
}
resource "openstack_dns_recordset_v2" "swarm_portainer_dns_recordset" {
zone_id = data.terraform_remote_state.privnet_dns_router.outputs.dns_zone_id
name = local.portainer_recordset_name
description = "Portainer hostname"
ttl = 8600
type = "CNAME"
records = [local.swarm_recordset_name]
}
resource "openstack_dns_recordset_v2" "conductor_dns_recordset" {
zone_id = data.terraform_remote_state.privnet_dns_router.outputs.dns_zone_id
name = local.conductor_recordset_name
description = "Conductor hostname"
ttl = 8600
type = "CNAME"
records = [local.swarm_recordset_name]
}
# Main HAPROXY stats listener
resource "openstack_lb_listener_v2" "swarm_haproxy_stats_listener" {
loadbalancer_id = openstack_lb_loadbalancer_v2.swarm_lb.id
protocol = "TCP"
protocol_port = 8880
description = "Listener for the stats of the Docker Swarm HAPROXY instances"
name = "swarm_haproxy_stats_listener"
# allowed_cidrs = [data.terraform_remote_state.infrastructure_setup.outputs.ssh_sources.d4s_vpn_1_cidr, data.terraform_remote_state.infrastructure_setup.outputs.ssh_sources.d4s_vpn_2_cidr, data.terraform_remote_state.infrastructure_setup.outputs.ssh_sources.s2i2s_vpn_1_cidr, data.terraform_remote_state.infrastructure_setup.outputs.ssh_sources.s2i2s_vpn_2_cidr]
}
resource "openstack_lb_pool_v2" "swarm_haproxy_stats_pool" {
listener_id = openstack_lb_listener_v2.swarm_haproxy_stats_listener.id
protocol = "TCP"
lb_method = "SOURCE_IP_PORT"
name = "swarm-haproxy-lb-stats"
description = "Pool for the stats of the main HAPROXY instances"
persistence {
type = "SOURCE_IP"
}
}
resource "openstack_lb_members_v2" "swarm_haproxy_stats_pool_members" {
pool_id = openstack_lb_pool_v2.swarm_haproxy_stats_pool.id
member {
name = "swarm mgr haproxy 1"
address = var.docker_swarm_data.mgr1_ip
protocol_port = 8880
}
member {
name = "swarm mgr haproxy 2"
address = var.docker_swarm_data.mgr2_ip
protocol_port = 8880
}
member {
name = "swarm mgr haproxy 3"
address = var.docker_swarm_data.mgr3_ip
protocol_port = 8880
}
}
# resource "openstack_lb_monitor_v2" "swarm_haproxy_stats_monitor" {
# pool_id = openstack_lb_pool_v2.swarm_haproxy_stats_pool.id
# name = "swarm_haproxy_stats_monitor"
# type = "TCP"
# delay = 20
# timeout = 5
# max_retries = 3
# admin_state_up = true
# }
# HAPROXY HTTP
resource "openstack_lb_listener_v2" "swarm_haproxy_http_listener" {
loadbalancer_id = openstack_lb_loadbalancer_v2.swarm_lb.id
protocol = "TCP"
protocol_port = 80
description = "HTTP listener of the Docker Swarm HAPROXY instances"
name = "swarm_haproxy_http_listener"
admin_state_up = true
}
resource "openstack_lb_pool_v2" "swarm_haproxy_http_pool" {
listener_id = openstack_lb_listener_v2.swarm_haproxy_http_listener.id
protocol = "TCP"
lb_method = "SOURCE_IP_PORT"
name = "swarm-haproxy-lb-http"
description = "Pool for the HTTP listener of the Docker Swarm HAPROXY instances"
persistence {
type = "SOURCE_IP"
}
admin_state_up = true
}
resource "openstack_lb_members_v2" "swarm_haproxy_http_pool_members" {
pool_id = openstack_lb_pool_v2.swarm_haproxy_http_pool.id
member {
name = "swarm mgr haproxy 1"
address = var.docker_swarm_data.mgr1_ip
protocol_port = 80
}
member {
name = "swarm mgr haproxy 2"
address = var.docker_swarm_data.mgr2_ip
protocol_port = 80
}
member {
name = "swarm mgr haproxy 3"
address = var.docker_swarm_data.mgr3_ip
protocol_port = 80
}
}
# resource "openstack_lb_monitor_v2" "swarm_haproxy_http_monitor" {
# pool_id = openstack_lb_pool_v2.swarm_haproxy_http_pool.id
# name = "swarm_haproxy_http_monitor"
# type = "TCP"
# delay = 20
# timeout = 5
# max_retries = 3
# admin_state_up = true
# }
# HAPROXY HTTPS
resource "openstack_lb_listener_v2" "swarm_haproxy_https_listener" {
loadbalancer_id = openstack_lb_loadbalancer_v2.swarm_lb.id
protocol = "TCP"
protocol_port = 443
description = "HTTPS listener of the main HAPROXY instances"
name = "swarm_haproxy_https_listener"
timeout_client_data = 3600000
timeout_member_connect = 10000
timeout_member_data = 7200000
admin_state_up = true
}
resource "openstack_lb_pool_v2" "swarm_haproxy_https_pool" {
listener_id = openstack_lb_listener_v2.swarm_haproxy_https_listener.id
protocol = "TCP"
lb_method = "SOURCE_IP_PORT"
name = "swarm-haproxy-lb-https"
description = "Pool for the HTTPS listener of the Docker Swarm HAPROXY instances"
persistence {
type = "SOURCE_IP"
}
admin_state_up = true
}
resource "openstack_lb_members_v2" "swarm_haproxy_https_pool_members" {
pool_id = openstack_lb_pool_v2.swarm_haproxy_https_pool.id
member {
name = "swarm mgr haproxy 1"
address = var.docker_swarm_data.mgr1_ip
protocol_port = 443
}
member {
name = "swarm mgr haproxy 2"
address = var.docker_swarm_data.mgr2_ip
protocol_port = 443
}
member {
name = "swarm mgr haproxy 3"
address = var.docker_swarm_data.mgr3_ip
protocol_port = 443
}
}
# resource "openstack_lb_monitor_v2" "swarm_haproxy_https_monitor" {
# pool_id = openstack_lb_pool_v2.swarm_haproxy_https_pool.id
# name = "swarm_haproxy_https_monitor"
# type = "TCP"
# delay = 20
# timeout = 5
# max_retries = 3
# admin_state_up = true
# }
# HTTP/3 (QUIC)
# resource "openstack_lb_listener_v2" "swarm_haproxy_quic_listener" {
# loadbalancer_id = openstack_lb_loadbalancer_v2.swarm_lb.id
# protocol = "UDP"
# protocol_port = 443
# description = "HTTPS listener of the main HAPROXY instances"
# name = "swarm_haproxy_quic_listener"
# timeout_client_data = 3600000
# timeout_member_connect = 10000
# timeout_member_data = 7200000
# admin_state_up = true
# }
# resource "openstack_lb_pool_v2" "swarm_haproxy_quic_pool" {
# listener_id = openstack_lb_listener_v2.swarm_haproxy_quic_listener.id
# protocol = "UDP"
# lb_method = "SOURCE_IP_PORT"
# name = "swarm-haproxy-lb-quic"
# description = "Pool for the HTTP/3 (QUIC) listener of the Docker Swarm HAPROXY instances"
# persistence {
# type = "SOURCE_IP"
# }
# admin_state_up = true
# }
# resource "openstack_lb_members_v2" "swarm_haproxy_quic_pool_members" {
# pool_id = openstack_lb_pool_v2.swarm_haproxy_quic_pool.id
# member {
# name = "swarm mgr haproxy 1"
# address = var.docker_swarm_data.mgr1_ip
# protocol_port = 443
# }
# member {
# name = "swarm mgr haproxy 2"
# address = var.docker_swarm_data.mgr2_ip
# protocol_port = 443
# }
# member {
# name = "swarm mgr haproxy 3"
# address = var.docker_swarm_data.mgr3_ip
# protocol_port = 443
# }
# }
# HAPROXY HTTP on port 8080
# resource "openstack_lb_listener_v2" "swarm_haproxy_8080_listener" {
# loadbalancer_id = openstack_lb_loadbalancer_v2.swarm_lb.id
# protocol = "TCP"
# protocol_port = 8080
# description = "HTTP port 8080 listener of the Docker Swarm HAPROXY instances"
# name = "swarm_haproxy_8080_listener"
# admin_state_up = true
# }
# resource "openstack_lb_pool_v2" "swarm_haproxy_8080_pool" {
# listener_id = openstack_lb_listener_v2.swarm_haproxy_8080_listener.id
# protocol = "TCP"
# lb_method = "SOURCE_IP_PORT"
# name = "swarm-haproxy-lb-http-8080"
# description = "Pool for the HTTP port 8080 listener of the Docker Swarm HAPROXY instances"
# persistence {
# type = "SOURCE_IP"
# }
# admin_state_up = true
# }
# resource "openstack_lb_members_v2" "swarm_haproxy_8080_pool_members" {
# pool_id = openstack_lb_pool_v2.swarm_haproxy_8080_pool.id
# member {
# name = "swarm mgr haproxy 1"
# address = var.docker_swarm_data.mgr1_ip
# protocol_port = 8080
# }
# member {
# name = "swarm mgr haproxy 2"
# address = var.docker_swarm_data.mgr2_ip
# protocol_port = 8080
# }
# member {
# name = "swarm mgr haproxy 3"
# address = var.docker_swarm_data.mgr3_ip
# protocol_port = 8080
# }
# }
# resource "openstack_lb_monitor_v2" "swarm_haproxy_8080_monitor" {
# pool_id = openstack_lb_pool_v2.swarm_haproxy_8080_pool.id
# name = "swarm_haproxy_8080_monitor"
# type = "TCP"
# delay = 20
# timeout = 5
# max_retries = 3
# admin_state_up = true
# }
# NFS share for portainer
#
resource "openstack_sharedfilesystem_share_v2" "portainer_data" {
name = "portainer_data"
description = "NFS share for the Portainer preprod data"
share_proto = "NFS"
size = 10
}
# Allow access to the NFS share
resource "openstack_sharedfilesystem_share_access_v2" "portainer_access_swarm_mgr" {
count = var.docker_swarm_data.mgr_count
share_id = openstack_sharedfilesystem_share_v2.portainer_data.id
access_type = "ip"
access_to = openstack_compute_interface_attach_v2.nfs_port_to_swarm_mgr[count.index].fixed_ip
access_level = "rw"
}
# Outputs
output "swarm_loadbalancer_ip" {
description = "Docker Swarm Load balancer IP address"
value = openstack_lb_loadbalancer_v2.swarm_lb.vip_address
}
output "swarm_manager_nodes" {
description = "Docker Swarm Manager nodes data"
value = openstack_compute_instance_v2.docker_swarm_managers
sensitive = true
}
output "swarm_managers_nfs_ip_ports" {
description = "IP addresses in the share NFS network"
value = openstack_networking_port_v2.swarm_mgr_nfs_port
}
output "portainer_data_volume" {
value = openstack_sharedfilesystem_share_v2.portainer_data
}
output "portainer_data_mgr_acls" {
value = openstack_sharedfilesystem_share_access_v2.portainer_access_swarm_mgr
sensitive = true
}

View File

@ -0,0 +1,38 @@
# Define required providers
terraform {
required_version = ">= 0.14.0"
required_providers {
openstack = {
source = "terraform-provider-openstack/openstack"
version = ">= 2.0.0"
}
}
}
data "terraform_remote_state" "privnet_dns_router" {
backend = "local"
config = {
path = "../project-setup/terraform.tfstate"
}
}
data "terraform_remote_state" "infrastructure_setup" {
backend = "local"
config = {
path = "../basic-infrastructure/terraform.tfstate"
}
}
#
# Uses common_variables as module
#
module "common_variables" {
source = "../../modules/common_variables"
}
# Module used
module "ssh_settings" {
source = "../../modules/ssh-key-ref"
}

View File

@ -0,0 +1,3 @@
provider "openstack" {
cloud = "d4s-pre"
}

View File

@ -0,0 +1,33 @@
variable "docker_swarm_data" {
type = map(string)
default = {
mgr_name = "swarm-mgr"
mgr1_ip = "10.1.32.31"
mgr1_cidr = "10.1.32.31/32"
mgr2_ip = "10.1.32.32"
mgr2_cidr = "10.1.32.32/32"
mgr3_ip = "10.1.32.33"
mgr3_cidr = "10.1.32.33/32"
mgr_count = 3
mgr_flavor = "m1.large"
mgr_data_disk_size = 100
}
}
variable "swarm_managers_ip" {
type = list(string)
default = ["10.1.32.31", "10.1.32.32", "10.1.32.33"]
}
variable "octavia_swarm_data" {
type = map(string)
default = {
swarm_lb_name = "d4s-pre-cloud-swarm-l4"
swarm_lb_description = "L4 balancer that serves the D4Science pre Docker Swarm cluster"
swarm_lb_name = "d4s-pre-cloud-swarm-l4"
swarm_lb_hostname = "swarm-lb"
swarm_octavia_main_ip = "10.1.32.30"
swarm_octavia_main_cidr = "10.1.32.30/32"
}
}

File diff suppressed because it is too large Load Diff

View File

@ -42,8 +42,8 @@ module "instance_without_data_volume" {
name = "gcat-1", name = "gcat-1",
description = "This instance serves gcat service", description = "This instance serves gcat service",
flavor = module.common_variables.flavor_list.m1_medium, flavor = module.common_variables.flavor_list.m1_medium,
networks = ["d4s-pre-cloud-main"], networks = [data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name],
security_groups = [module.common_variables.security_group_list.default, module.common_variables.security_group_list.http_and_https_from_the_load_balancers], security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.debugging_from_jump_node],
server_groups_ids = [openstack_compute_servergroup_v2.gcat_server_group.id], server_groups_ids = [openstack_compute_servergroup_v2.gcat_server_group.id],
image_ref = module.common_variables.ubuntu_1804 image_ref = module.common_variables.ubuntu_1804
}, },
@ -51,8 +51,8 @@ module "instance_without_data_volume" {
name = "gcat-2", name = "gcat-2",
description = "This instance serves gcat service", description = "This instance serves gcat service",
flavor = module.common_variables.flavor_list.m1_medium, flavor = module.common_variables.flavor_list.m1_medium,
networks = ["d4s-pre-cloud-main"], networks = [data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name],
security_groups = [module.common_variables.security_group_list.default, module.common_variables.security_group_list.http_and_https_from_the_load_balancers], security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.debugging_from_jump_node],
server_groups_ids = [openstack_compute_servergroup_v2.gcat_server_group.id], server_groups_ids = [openstack_compute_servergroup_v2.gcat_server_group.id],
image_ref = module.common_variables.ubuntu_1804 image_ref = module.common_variables.ubuntu_1804
} }

Some files were not shown because too many files have changed in this diff Show More