You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

264 lines
7.5 KiB

  1. # Define CloudComp group number
  2. variable "group_number" {
  3. type = string
  4. default = "<number of your group here, private-cloud is only reachable via vpn>"
  5. }
  6. ## OpenStack credentials can be used in a more secure way by using
  7. ## cloud.yaml from https://private-cloud2.informatik.hs-fulda.de/project/api_access/clouds.yaml/
  8. # or by using env vars exported from openrc here,
  9. # e.g., using 'export TF_VAR_os_password=$OS_PASSWORD'
  10. # Define OpenStack credentials, project config etc.
  11. locals {
  12. auth_url = "https://10.32.4.182:5000/v3"
  13. user_name = "CloudComp${var.group_number}"
  14. user_password = "<password of your group here, private-cloud is only reachable via vpn>"
  15. tenant_name = "CloudComp${var.group_number}"
  16. #network_name = "CloudComp${var.group_number}-net"
  17. router_name = "CloudComp${var.group_number}-router"
  18. image_name = "ubuntu-22.04-jammy-x86_64"
  19. flavor_name = "m1.small"
  20. region_name = "RegionOne"
  21. dns_nameservers = [ "10.33.16.100" ]
  22. }
  23. # Define OpenStack provider
  24. terraform {
  25. required_version = ">= 0.14.0"
  26. required_providers {
  27. openstack = {
  28. source = "terraform-provider-openstack/openstack"
  29. # last version before 2.0.0, shows octavia/neutron lbaas deprecation warnings
  30. # "~> 1.54.1"
  31. version = ">= 2.0.0"
  32. }
  33. }
  34. }
  35. # Configure the OpenStack Provider
  36. provider "openstack" {
  37. user_name = local.user_name
  38. tenant_name = local.tenant_name
  39. password = local.user_password
  40. auth_url = local.auth_url
  41. region = local.region_name
  42. # due to currenty missing valid certificate
  43. insecure = true
  44. }
  45. ###########################################################################
  46. #
  47. # create keypair
  48. #
  49. ###########################################################################
  50. # import keypair, if public_key is not specified, create new keypair to use
  51. resource "openstack_compute_keypair_v2" "terraform-keypair" {
  52. name = "my-terraform-pubkey"
  53. #public_key = file("~/.ssh/id_rsa.pub")
  54. }
  55. ###########################################################################
  56. #
  57. # create security group
  58. #
  59. ###########################################################################
  60. resource "openstack_networking_secgroup_v2" "terraform-secgroup" {
  61. name = "my-terraform-secgroup"
  62. description = "for terraform instances"
  63. }
  64. resource "openstack_networking_secgroup_rule_v2" "terraform-secgroup-rule-http" {
  65. direction = "ingress"
  66. ethertype = "IPv4"
  67. protocol = "tcp"
  68. port_range_min = 80
  69. port_range_max = 80
  70. #remote_ip_prefix = "0.0.0.0/0"
  71. security_group_id = openstack_networking_secgroup_v2.terraform-secgroup.id
  72. }
  73. resource "openstack_networking_secgroup_rule_v2" "terraform-secgroup-rule-ssh" {
  74. direction = "ingress"
  75. ethertype = "IPv4"
  76. protocol = "tcp"
  77. port_range_min = 22
  78. port_range_max = 22
  79. #remote_ip_prefix = "0.0.0.0/0"
  80. security_group_id = openstack_networking_secgroup_v2.terraform-secgroup.id
  81. }
  82. ###########################################################################
  83. #
  84. # create network
  85. #
  86. ###########################################################################
  87. resource "openstack_networking_network_v2" "terraform-network-1" {
  88. name = "my-terraform-network-1"
  89. admin_state_up = "true"
  90. }
  91. resource "openstack_networking_subnet_v2" "terraform-subnet-1" {
  92. name = "my-terraform-subnet-1"
  93. network_id = openstack_networking_network_v2.terraform-network-1.id
  94. cidr = "192.168.255.0/24"
  95. dns_nameservers = local.dns_nameservers
  96. ip_version = 4
  97. }
  98. data "openstack_networking_router_v2" "router-1" {
  99. name = local.router_name
  100. }
  101. resource "openstack_networking_router_interface_v2" "router_interface_1" {
  102. router_id = data.openstack_networking_router_v2.router-1.id
  103. subnet_id = openstack_networking_subnet_v2.terraform-subnet-1.id
  104. }
  105. ###########################################################################
  106. #
  107. # create instances
  108. #
  109. ###########################################################################
  110. resource "openstack_compute_instance_v2" "terraform-instance-1" {
  111. name = "my-terraform-instance-1"
  112. image_name = local.image_name
  113. flavor_name = local.flavor_name
  114. key_pair = openstack_compute_keypair_v2.terraform-keypair.name
  115. security_groups = [openstack_networking_secgroup_v2.terraform-secgroup.name]
  116. depends_on = [openstack_networking_subnet_v2.terraform-subnet-1]
  117. network {
  118. uuid = openstack_networking_network_v2.terraform-network-1.id
  119. }
  120. user_data = <<-EOF
  121. #!/bin/bash
  122. apt-get update
  123. apt-get -y install apache2
  124. rm /var/www/html/index.html
  125. cat > /var/www/html/index.html << INNEREOF
  126. <!DOCTYPE html>
  127. <html>
  128. <body>
  129. <h1>It works!</h1>
  130. <p>hostname</p>
  131. </body>
  132. </html>
  133. INNEREOF
  134. sed -i "s/hostname/terraform-instance-1/" /var/www/html/index.html
  135. sed -i "1s/$/ terraform-instance-1/" /etc/hosts
  136. EOF
  137. }
  138. resource "openstack_compute_instance_v2" "terraform-instance-2" {
  139. name = "my-terraform-instance-2"
  140. image_name = local.image_name
  141. flavor_name = local.flavor_name
  142. key_pair = openstack_compute_keypair_v2.terraform-keypair.name
  143. security_groups = [openstack_networking_secgroup_v2.terraform-secgroup.id]
  144. depends_on = [openstack_networking_subnet_v2.terraform-subnet-1]
  145. network {
  146. uuid = openstack_networking_network_v2.terraform-network-1.id
  147. }
  148. user_data = <<-EOF
  149. #!/bin/bash
  150. apt-get update
  151. apt-get -y install apache2
  152. rm /var/www/html/index.html
  153. cat > /var/www/html/index.html << INNEREOF
  154. <!DOCTYPE html>
  155. <html>
  156. <body>
  157. <h1>It works!</h1>
  158. <p>hostname</p>
  159. </body>
  160. </html>
  161. INNEREOF
  162. sed -i "s/hostname/terraform-instance-2/" /var/www/html/index.html
  163. sed -i "1s/$/ terraform-instance-2/" /etc/hosts
  164. EOF
  165. }
  166. ###########################################################################
  167. #
  168. # create load balancer
  169. #
  170. ###########################################################################
  171. resource "openstack_lb_loadbalancer_v2" "lb_1" {
  172. vip_subnet_id = openstack_networking_subnet_v2.terraform-subnet-1.id
  173. }
  174. resource "openstack_lb_listener_v2" "listener_1" {
  175. protocol = "HTTP"
  176. protocol_port = 80
  177. loadbalancer_id = openstack_lb_loadbalancer_v2.lb_1.id
  178. connection_limit = 1024
  179. }
  180. resource "openstack_lb_pool_v2" "pool_1" {
  181. protocol = "HTTP"
  182. lb_method = "ROUND_ROBIN"
  183. listener_id = openstack_lb_listener_v2.listener_1.id
  184. }
  185. resource "openstack_lb_members_v2" "members_1" {
  186. pool_id = openstack_lb_pool_v2.pool_1.id
  187. member {
  188. address = openstack_compute_instance_v2.terraform-instance-1.access_ip_v4
  189. protocol_port = 80
  190. }
  191. member {
  192. address = openstack_compute_instance_v2.terraform-instance-2.access_ip_v4
  193. protocol_port = 80
  194. }
  195. }
  196. resource "openstack_lb_monitor_v2" "monitor_1" {
  197. pool_id = openstack_lb_pool_v2.pool_1.id
  198. type = "HTTP"
  199. delay = 5
  200. timeout = 5
  201. max_retries = 3
  202. http_method = "GET"
  203. url_path = "/"
  204. expected_codes = 200
  205. depends_on = [openstack_lb_loadbalancer_v2.lb_1, openstack_lb_listener_v2.listener_1, openstack_lb_pool_v2.pool_1, openstack_lb_members_v2.members_1 ]
  206. }
  207. ###########################################################################
  208. #
  209. # assign floating ip to load balancer
  210. #
  211. ###########################################################################
  212. resource "openstack_networking_floatingip_v2" "fip_1" {
  213. pool = "ext_net"
  214. port_id = openstack_lb_loadbalancer_v2.lb_1.vip_port_id
  215. }
  216. output "loadbalancer_vip_addr" {
  217. value = openstack_networking_floatingip_v2.fip_1
  218. }