srieger
/
cloud-computing-msc-ai-examples
1
2
Fork 1
Code Issues 1 Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
56 Commits
1 Branch
0 Tags
1.4 MiB
Tree: 17e8b41743
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '17e8b41743'
${ noResults }
cloud-computing-msc-ai-exam.../terraform/demo4-scale-out-lb/demo4-scale-out-lb.tf

353 lines
12 KiB
Raw Normal View History

initial version of terraform openstack example incl load balancer
3 years ago
  1. # Define CloudComp group number
  2. variable "group_number" {
  3. type = string
  4. default = "30"
  5. }
  7. # Define OpenStack credentials, project config etc.
  8. locals {
  9. auth_url = "https://private-cloud.informatik.hs-fulda.de:5000/v3"
  10. user_name = "CloudComp${var.group_number}"
  11. user_password = "demo"
  12. tenant_name = "CloudComp${var.group_number}"
  13. network_name = "CloudComp${var.group_number}-net"
  14. image_name = "Ubuntu 18.04 - Bionic Beaver - 64-bit - Cloud Based Image"
  15. flavor_name = "m1.small"
  16. region_name = "RegionOne"
  17. }
  19. # Define OpenStack provider
  20. terraform {
  21. required_version = ">= 0.14.0"
  22. required_providers {
  23. openstack = {
  24. source = "terraform-provider-openstack/openstack"
  25. version = ">= 1.40.0"
  26. }
  27. }
  28. }
  30. # Configure the OpenStack Provider
  31. provider "openstack" {
  32. user_name = local.user_name
  33. tenant_name = local.tenant_name
  34. password = local.user_password
  35. auth_url = local.auth_url
  36. region = local.region_name
  37. use_octavia = true
  38. }
  40. # import keypair
  41. resource "openstack_compute_keypair_v2" "terraform-keypair" {
  42. name = "my-terraform-pubkey"
  43. #public_key = file("~/.ssh/id_rsa.pub")
  44. }
  46. # create api security group
  47. resource "openstack_networking_secgroup_v2" "terraform-secgroup-api" {
  48. name = "my-terraform-secgroup-api"
  49. description = "for API services only"
  50. }
  52. resource "openstack_networking_secgroup_rule_v2" "terraform-secgroup-api-rule-http" {
  53. direction = "ingress"
  54. ethertype = "IPv4"
  55. protocol = "tcp"
  56. port_range_min = 80
  57. port_range_max = 80
  58. #remote_ip_prefix = "0.0.0.0/0"
  59. security_group_id = openstack_networking_secgroup_v2.terraform-secgroup-api.id
  60. }
  62. resource "openstack_networking_secgroup_rule_v2" "terraform-secgroup-api-rule-ssh" {
  63. direction = "ingress"
  64. ethertype = "IPv4"
  65. protocol = "tcp"
  66. port_range_min = 22
  67. port_range_max = 22
  68. #remote_ip_prefix = "0.0.0.0/0"
  69. security_group_id = openstack_networking_secgroup_v2.terraform-secgroup-api.id
  70. }
  72. # create worker security group
  73. resource "openstack_networking_secgroup_v2" "terraform-secgroup-worker" {
  74. name = "my-terraform-secgroup-worker"
  75. description = "for services that run on a worker node"
  76. }
  78. resource "openstack_networking_secgroup_rule_v2" "terraform-secgroup-worker-rule-ssh" {
  79. direction = "ingress"
  80. ethertype = "IPv4"
  81. protocol = "tcp"
  82. port_range_min = 22
  83. port_range_max = 22
  84. #remote_ip_prefix = "0.0.0.0/0"
  85. security_group_id = openstack_networking_secgroup_v2.terraform-secgroup-worker.id
  86. }
  88. resource "openstack_networking_secgroup_v2" "terraform-secgroup-control" {
  89. name = "my-terraform-secgroup-control"
  90. description = "for services that run on a control node"
  91. }
  93. resource "openstack_networking_secgroup_rule_v2" "terraform-secgroup-control-rule-ssh" {
  94. direction = "ingress"
  95. ethertype = "IPv4"
  96. protocol = "tcp"
  97. port_range_min = 22
  98. port_range_max = 22
  99. #remote_ip_prefix = "0.0.0.0/0"
  100. security_group_id = openstack_networking_secgroup_v2.terraform-secgroup-control.id
  101. }
  103. resource "openstack_networking_secgroup_rule_v2" "terraform-secgroup-control-rule-http" {
  104. direction = "ingress"
  105. ethertype = "IPv4"
  106. protocol = "tcp"
  107. port_range_min = 80
  108. port_range_max = 80
  109. #remote_ip_prefix = "0.0.0.0/0"
  110. security_group_id = openstack_networking_secgroup_v2.terraform-secgroup-control.id
  111. }
  113. resource "openstack_networking_secgroup_rule_v2" "terraform-secgroup-control-rule-rabbitmq" {
  114. direction = "ingress"
  115. ethertype = "IPv4"
  116. protocol = "tcp"
  117. port_range_min = 5672
  118. port_range_max = 5672
  119. remote_group_id = openstack_networking_secgroup_v2.terraform-secgroup-worker.id
  120. security_group_id = openstack_networking_secgroup_v2.terraform-secgroup-control.id
  121. }
  123. # create services security group
  124. resource "openstack_networking_secgroup_v2" "terraform-secgroup-services" {
  125. name = "my-terraform-secgroup-services"
  126. description = "for DB and AMQP services only"
  127. }
  129. resource "openstack_networking_secgroup_rule_v2" "terraform-secgroup-services-rule-ssh" {
  130. direction = "ingress"
  131. ethertype = "IPv4"
  132. protocol = "tcp"
  133. port_range_min = 22
  134. port_range_max = 22
  135. #remote_ip_prefix = "0.0.0.0/0"
  136. security_group_id = openstack_networking_secgroup_v2.terraform-secgroup-services.id
  137. }
  139. resource "openstack_networking_secgroup_rule_v2" "terraform-secgroup-services-rule-http" {
  140. direction = "ingress"
  141. ethertype = "IPv4"
  142. protocol = "tcp"
  143. port_range_min = 80
  144. port_range_max = 80
  145. #remote_ip_prefix = "0.0.0.0/0"
  146. security_group_id = openstack_networking_secgroup_v2.terraform-secgroup-services.id
  147. }
  149. resource "openstack_networking_secgroup_rule_v2" "terraform-secgroup-services-rule-mysql-api" {
  150. direction = "ingress"
  151. ethertype = "IPv4"
  152. protocol = "tcp"
  153. port_range_min = 3306
  154. port_range_max = 3306
  155. remote_group_id = openstack_networking_secgroup_v2.terraform-secgroup-api.id
  156. security_group_id = openstack_networking_secgroup_v2.terraform-secgroup-services.id
  157. }
  159. resource "openstack_networking_secgroup_rule_v2" "terraform-secgroup-services-rule-rabbitmq-worker" {
  160. direction = "ingress"
  161. ethertype = "IPv4"
  162. protocol = "tcp"
  163. port_range_min = 5672
  164. port_range_max = 5672
  165. remote_group_id = openstack_networking_secgroup_v2.terraform-secgroup-worker.id
  166. security_group_id = openstack_networking_secgroup_v2.terraform-secgroup-services.id
  167. }
  169. resource "openstack_networking_secgroup_rule_v2" "terraform-secgroup-services-rule-rabbitmq-api" {
  170. direction = "ingress"
  171. ethertype = "IPv4"
  172. protocol = "tcp"
  173. port_range_min = 5672
  174. port_range_max = 5672
  175. remote_group_id = openstack_networking_secgroup_v2.terraform-secgroup-api.id
  176. security_group_id = openstack_networking_secgroup_v2.terraform-secgroup-services.id
  177. }
  180. ###########################################################################
  181. #
  182. # create app-services instance
  183. #
  184. ###########################################################################
  185. resource "openstack_compute_instance_v2" "terraform-instance-app-services" {
  186. name = "my-terraform-app-services"
  187. image_name = local.image_name
  188. flavor_name = local.flavor_name
  189. key_pair = openstack_compute_keypair_v2.terraform-keypair.name
  190. security_groups = [openstack_networking_secgroup_v2.terraform-secgroup-services.name]
  192. network {
  193. name = local.network_name
  194. }
  196. user_data = <<-EOF
  197. #!/usr/bin/env bash
  198. curl -L -s https://gogs.informatik.hs-fulda.de/srieger/cloud-computing-msc-ai-examples/raw/master/faafo/contrib/install.sh | bash -s -- \
  199. -i database -i messaging
  200. rabbitmqctl add_user faafo guest
  201. rabbitmqctl set_user_tags faafo administrator
  202. rabbitmqctl set_permissions -p / faafo ".*" ".*" ".*"
  203. EOF
  204. }
  206. ###########################################################################
  207. #
  208. # create app-api instances
  209. #
  210. ###########################################################################
  211. resource "openstack_compute_instance_v2" "terraform-instance-app-api-1" {
  212. name = "my-terraform-app-api-1"
  213. image_name = local.image_name
  214. flavor_name = local.flavor_name
  215. key_pair = openstack_compute_keypair_v2.terraform-keypair.name
  216. security_groups = [openstack_networking_secgroup_v2.terraform-secgroup-api.name]
  218. network {
  219. name = local.network_name
  220. }
  222. user_data = <<-EOF
  223. #!/usr/bin/env bash
  224. curl -L -s https://gogs.informatik.hs-fulda.de/srieger/cloud-computing-msc-ai-examples/raw/master/faafo/contrib/install.sh | bash -s -- \
  225. -i faafo -r api -m 'amqp://faafo:guest@${openstack_compute_instance_v2.terraform-instance-app-services.access_ip_v4}:5672/' \
  226. -d 'mysql+pymysql://faafo:password@${openstack_compute_instance_v2.terraform-instance-app-services.access_ip_v4}:3306/faafo'
  227. EOF
  228. }
  230. resource "openstack_compute_instance_v2" "terraform-instance-app-api-2" {
  231. name = "my-terraform-app-api-2"
  232. image_name = local.image_name
  233. flavor_name = local.flavor_name
  234. key_pair = openstack_compute_keypair_v2.terraform-keypair.name
  235. security_groups = [openstack_networking_secgroup_v2.terraform-secgroup-api.id]
  237. network {
  238. name = local.network_name
  239. }
  241. user_data = <<-EOF
  242. #!/usr/bin/env bash
  243. curl -L -s https://gogs.informatik.hs-fulda.de/srieger/cloud-computing-msc-ai-examples/raw/master/faafo/contrib/install.sh | bash -s -- \
  244. -i faafo -r api -m 'amqp://faafo:guest@${openstack_compute_instance_v2.terraform-instance-app-services.access_ip_v4}:5672/' \
  245. -d 'mysql+pymysql://faafo:password@${openstack_compute_instance_v2.terraform-instance-app-services.access_ip_v4}:3306/faafo'
  246. EOF
  247. }
  249. ###########################################################################
  250. #
  251. # create worker instances
  252. #
  253. ###########################################################################
  254. resource "openstack_compute_instance_v2" "terraform-instance-app-worker-1" {
  255. name = "my-terraform-app-worker-1"
  256. image_name = local.image_name
  257. flavor_name = local.flavor_name
  258. key_pair = openstack_compute_keypair_v2.terraform-keypair.name
  259. security_groups = [openstack_networking_secgroup_v2.terraform-secgroup-worker.id]
  261. network {
  262. name = local.network_name
  263. }
  265. user_data = <<-EOF
  266. #!/usr/bin/env bash
  267. curl -L -s https://gogs.informatik.hs-fulda.de/srieger/cloud-computing-msc-ai-examples/raw/master/faafo/contrib/install.sh | bash -s -- \
  268. -i faafo -r worker -e 'http://${openstack_compute_instance_v2.terraform-instance-app-api-1.access_ip_v4}' -m 'amqp://faafo:guest@${openstack_compute_instance_v2.terraform-instance-app-services.access_ip_v4}:5672/'
  269. EOF
  270. }
  272. resource "openstack_compute_instance_v2" "terraform-instance-app-worker-2" {
  273. name = "my-terraform-app-worker-2"
  274. image_name = local.image_name
  275. flavor_name = local.flavor_name
  276. key_pair = openstack_compute_keypair_v2.terraform-keypair.name
  277. security_groups = [openstack_networking_secgroup_v2.terraform-secgroup-worker.id]
  279. network {
  280. name = local.network_name
  281. }
  283. user_data = <<-EOF
  284. #!/usr/bin/env bash
  285. curl -L -s https://gogs.informatik.hs-fulda.de/srieger/cloud-computing-msc-ai-examples/raw/master/faafo/contrib/install.sh | bash -s -- \
  286. -i faafo -r worker -e 'http://${openstack_compute_instance_v2.terraform-instance-app-api-1.access_ip_v4}' -m 'amqp://faafo:guest@${openstack_compute_instance_v2.terraform-instance-app-services.access_ip_v4}:5672/'
  287. EOF
  288. }
  290. ###########################################################################
  291. #
  292. # create load balancer
  293. #
  294. ###########################################################################
  295. data "openstack_networking_network_v2" "network_1" {
  296. name = local.network_name
  297. }
  299. resource "openstack_lb_loadbalancer_v2" "lb_1" {
  300. vip_subnet_id = data.openstack_networking_network_v2.network_1.subnets[0]
  301. }
  303. resource "openstack_lb_listener_v2" "listener_1" {
  304. protocol = "HTTP"
  305. protocol_port = 80
  306. loadbalancer_id = openstack_lb_loadbalancer_v2.lb_1.id
  307. connection_limit = 1024
  308. }
  310. resource "openstack_lb_pool_v2" "pool_1" {
  311. protocol = "HTTP"
  312. lb_method = "ROUND_ROBIN"
  313. listener_id = openstack_lb_listener_v2.listener_1.id
  314. }
  316. resource "openstack_lb_members_v2" "members_1" {
  317. pool_id = openstack_lb_pool_v2.pool_1.id
  319. member {
  320. address = openstack_compute_instance_v2.terraform-instance-app-api-1.access_ip_v4
  321. protocol_port = 80
  322. }
  324. member {
  325. address = openstack_compute_instance_v2.terraform-instance-app-api-2.access_ip_v4
  326. protocol_port = 80
  327. }
  328. }
  330. resource "openstack_lb_monitor_v2" "monitor_1" {
  331. pool_id = openstack_lb_pool_v2.pool_1.id
  332. type = "HTTP"
  333. delay = 5
  334. timeout = 5
  335. max_retries = 3
  336. http_method = "GET"
  337. url_path = "/"
  338. expected_codes = 200
  339. }
  341. ###########################################################################
  342. #
  343. # assign floating ip to load balancer
  344. #
  345. ###########################################################################
  346. resource "openstack_networking_floatingip_v2" "fip_1" {
  347. pool = "public1"
  348. port_id = openstack_lb_loadbalancer_v2.lb_1.vip_port_id
  349. }
  351. output "loadbalancer_vip_addr" {
  352. value = openstack_networking_floatingip_v2.fip_1
  353. }