Porting changes from upstream #2

Merged
mauro.mugnaini merged 104 commits from InfraScience/infrastructure-as-code:main into main 2024-03-20 12:31:43 +01:00
1 changed files with 84 additions and 11 deletions
Showing only changes of commit a0583c6ede - Show all commits

View File

@ -16,6 +16,7 @@ data "terraform_remote_state" "privnet_dns_router" {
path = "../project-setup/terraform.tfstate" path = "../project-setup/terraform.tfstate"
} }
} }
# #
# Uses common_variables as module # Uses common_variables as module
# #
@ -23,26 +24,98 @@ module "common_variables" {
source = "../../modules/common_variables" source = "../../modules/common_variables"
} }
#Module used
module "ssh_settings" {
source = "../../modules/ssh-key-ref"
}
resource "openstack_networking_secgroup_v2" "dataminer_publish" {
name = "dataminer_publish"
description = "Access to dataminer-ghost is allowed only to dm-pool-manager"
delete_default_rules = "true"
}
resource "openstack_compute_instance_v2" "dm_pool_manager_pre" {
name = "dm-pool-manager-pre"
availability_zone_hints = module.common_variables.availability_zone_no_gpu_name
flavor_name = module.common_variables.flavor_list.m1_large
key_pair = module.ssh_settings.ssh_key_name
security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers]
block_device {
uuid = module.common_variables.ubuntu_1804.uuid
source_type = "image"
volume_size = 30
boot_index = 0
destination_type = "volume"
delete_on_termination = false
}
# Creates the networks according to input networks
dynamic "network" {
for_each = toset([data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name])
content {
name = network.value
}
}
# user_data script used
user_data = file("${module.common_variables.ubuntu_1804.user_data_file}")
# Do not replace the instance when the ssh key changes
lifecycle {
ignore_changes = [
# Ignore changes to tags, e.g. because a management agent
# updates these based on some ruleset managed elsewhere.
key_pair, user_data, network
]
}
}
resource "openstack_networking_secgroup_rule_v2" "secgroup_dataminer_publish_rule_1" {
direction = "ingress"
ethertype = "IPv4"
protocol = "tcp"
port_range_min = 22
port_range_max = 22
remote_ip_prefix = join("/",[openstack_compute_instance_v2.dm_pool_manager_pre.network.0.fixed_ip_v4,"32"])
security_group_id = openstack_networking_secgroup_v2.dataminer_publish.id
}
resource "openstack_networking_secgroup_rule_v2" "secgroup_dataminer_publish_rule_2" {
direction = "ingress"
ethertype = "IPv4"
protocol = "tcp"
port_range_min = 80
port_range_max = 80
remote_ip_prefix = "0.0.0.0/0"
security_group_id = openstack_networking_secgroup_v2.dataminer_publish.id
}
resource "openstack_networking_secgroup_rule_v2" "secgroup_dataminer_publish_rule_3" {
direction = "ingress"
ethertype = "IPv4"
protocol = "tcp"
port_range_min = 443
port_range_max = 443
remote_ip_prefix = join("/",[openstack_compute_instance_v2.dm_pool_manager_pre.network.0.fixed_ip_v4,"32"])
security_group_id = openstack_networking_secgroup_v2.dataminer_publish.id
}
module "instance_without_data_volume" { module "instance_without_data_volume" {
source = "../../modules/instance_without_data_volume" source = "../../modules/instance_without_data_volume"
instances_without_data_volume_map = { instances_without_data_volume_map = {
dm_pool_manager_pre = {
name = "dm-pool-manager-pre",
description = "This instance is a DataMiner Pool Manager service",
flavor = module.common_variables.flavor_list.m1_medium,
networks = [data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name, module.common_variables.networks_list.shared_postgresql],
security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [],
image_ref = module.common_variables.ubuntu_1804
image_volume_size = 30
},
dataminer_pre_ghost = { dataminer_pre_ghost = {
name = "dataminer-pre-ghost", name = "dataminer-pre-ghost",
description = "This instance is a DataMiner Ghost service", description = "This instance is a DataMiner Ghost service",
flavor = module.common_variables.flavor_list.m1_large, flavor = module.common_variables.flavor_list.m1_large,
networks = [data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name, module.common_variables.networks_list.shared_postgresql], networks = [data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name, module.common_variables.networks_list.shared_postgresql],
security_groups = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers], security_groups = [openstack_networking_secgroup_v2.dataminer_publish.name,data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers],
server_groups_ids = [], server_groups_ids = [],
image_ref = module.common_variables.ubuntu_1804 image_ref = module.common_variables.ubuntu_1804
image_volume_size = 50 image_volume_size = 50