Matthias Hinrichs
270 lines
6.5 KiB
Terraform
270 lines
6.5 KiB
Terraform
provider "openstack" {
|
|
user_name = "admin"
|
|
tenant_name = "admin"
|
|
password = "3QAtP4dECYsRtxIpW23OpPYiE7XOUvZ9UDmtyiDT"
|
|
auth_url = "http://console.hnrx.cloud:5000/v3"
|
|
region = "RegionOne"
|
|
}
|
|
|
|
provider "openstack" {
|
|
alias = "octavia"
|
|
user_name = "octavia"
|
|
tenant_name = "service"
|
|
password = "L8dZsrWOtNI8UvLVGKseC3FB5tRZ0cZTI1xw87Ns"
|
|
auth_url = "http://console.hnrx.cloud:5000/v3"
|
|
region = "RegionOne"
|
|
}
|
|
|
|
# Projects
|
|
resource "openstack_identity_project_v3" "hnrx-prod" {
|
|
name = "hnrx-prod"
|
|
description = "hnrx production project"
|
|
}
|
|
|
|
resource "openstack_identity_project_v3" "hnrx-dev" {
|
|
name = "hnrx-dev"
|
|
description = "hnrx development project"
|
|
}
|
|
|
|
# Networks
|
|
resource "openstack_networking_network_v2" "hnrx-prod" {
|
|
name = "hnrx-prod"
|
|
admin_state_up = "true"
|
|
shared = true
|
|
external = true
|
|
segments {
|
|
physical_network = "physnet1"
|
|
segmentation_id = 113
|
|
network_type = "vlan"
|
|
}
|
|
}
|
|
|
|
resource "openstack_networking_network_v2" "hnrx-dev" {
|
|
name = "hnrx-dev"
|
|
admin_state_up = "true"
|
|
shared = true
|
|
external = true
|
|
segments {
|
|
physical_network = "physnet1"
|
|
segmentation_id = 112
|
|
network_type = "vlan"
|
|
}
|
|
}
|
|
|
|
resource "openstack_networking_network_v2" "internal" {
|
|
name = "internal"
|
|
shared = true
|
|
}
|
|
|
|
# Subnets
|
|
resource "openstack_networking_subnet_v2" "hnrx-prod" {
|
|
name = "hnrx-prod-subnet"
|
|
network_id = openstack_networking_network_v2.hnrx-prod.id
|
|
cidr = "192.168.113.0/24"
|
|
allocation_pool {
|
|
start = "192.168.113.10"
|
|
end = "192.168.113.200"
|
|
}
|
|
enable_dhcp = true
|
|
gateway_ip = "192.168.113.1"
|
|
}
|
|
|
|
resource "openstack_networking_subnet_v2" "hnrx-dev" {
|
|
name = "hnrx-dev-subnet"
|
|
network_id = openstack_networking_network_v2.hnrx-dev.id
|
|
cidr = "192.168.112.0/24"
|
|
allocation_pool {
|
|
start = "192.168.112.10"
|
|
end = "192.168.112.200"
|
|
}
|
|
enable_dhcp = true
|
|
gateway_ip = "192.168.112.1"
|
|
}
|
|
|
|
resource "openstack_networking_subnet_v2" "internal-subnet" {
|
|
name = "internal-subnet"
|
|
network_id = openstack_networking_network_v2.internal.id
|
|
cidr = "10.0.10.0/24"
|
|
dns_nameservers = ["192.168.1.1"]
|
|
}
|
|
|
|
# Security Groups
|
|
resource "openstack_networking_secgroup_v2" "hnrx_default" {
|
|
name = "hnrx-default"
|
|
description = "hnrx-default security group"
|
|
}
|
|
|
|
resource "openstack_networking_secgroup_rule_v2" "secgroup_rule_1" {
|
|
direction = "ingress"
|
|
ethertype = "IPv4"
|
|
protocol = "tcp"
|
|
port_range_min = 22
|
|
port_range_max = 22
|
|
remote_ip_prefix = "0.0.0.0/0"
|
|
security_group_id = openstack_networking_secgroup_v2.hnrx_default.id
|
|
}
|
|
|
|
resource "openstack_networking_secgroup_rule_v2" "default_sg_icmp" {
|
|
security_group_id = openstack_networking_secgroup_v2.hnrx_default.id
|
|
direction = "ingress"
|
|
protocol = "icmp"
|
|
remote_ip_prefix = "0.0.0.0/0"
|
|
ethertype = "IPv4"
|
|
}
|
|
|
|
# Router
|
|
resource "openstack_networking_router_v2" "internal-router" {
|
|
name = "internal-router"
|
|
admin_state_up = true
|
|
external_network_id = openstack_networking_network_v2.hnrx-prod.id
|
|
}
|
|
|
|
resource "openstack_networking_router_interface_v2" "router_interface_1" {
|
|
router_id = openstack_networking_router_v2.internal-router.id
|
|
subnet_id = openstack_networking_subnet_v2.internal-subnet.id
|
|
}
|
|
|
|
# Flavors
|
|
resource "openstack_compute_flavor_v2" "m1-tiny" {
|
|
name = "m1.tiny"
|
|
ram = "512"
|
|
vcpus = "1"
|
|
disk = "5"
|
|
is_public = true
|
|
}
|
|
|
|
resource "openstack_compute_flavor_v2" "m1-small" {
|
|
name = "m1.small"
|
|
ram = "1024"
|
|
vcpus = "1"
|
|
disk = "10"
|
|
is_public = true
|
|
}
|
|
|
|
resource "openstack_compute_flavor_v2" "m1-medium" {
|
|
name = "m1.medium"
|
|
ram = "2048"
|
|
vcpus = "1"
|
|
disk = "20"
|
|
is_public = true
|
|
}
|
|
|
|
resource "openstack_compute_flavor_v2" "m1-large" {
|
|
name = "m1.large"
|
|
ram = "4096"
|
|
vcpus = "1"
|
|
disk = "40"
|
|
is_public = true
|
|
}
|
|
|
|
resource "openstack_compute_flavor_v2" "m1-xlarge" {
|
|
name = "m1.xlarge"
|
|
ram = "8192"
|
|
vcpus = "1"
|
|
disk = "80"
|
|
is_public = true
|
|
}
|
|
|
|
resource "openstack_compute_flavor_v2" "c2-tiny" {
|
|
name = "c2.tiny"
|
|
ram = "1024"
|
|
vcpus = "2"
|
|
disk = "25"
|
|
is_public = true
|
|
}
|
|
|
|
resource "openstack_compute_flavor_v2" "c2-small" {
|
|
name = "c2.small"
|
|
ram = "2048"
|
|
vcpus = "2"
|
|
disk = "50"
|
|
is_public = true
|
|
}
|
|
|
|
resource "openstack_compute_flavor_v2" "c2-medium" {
|
|
name = "c2.medium"
|
|
ram = "4096"
|
|
vcpus = "2"
|
|
disk = "75"
|
|
is_public = true
|
|
}
|
|
|
|
resource "openstack_compute_flavor_v2" "c2-large" {
|
|
name = "c2.large"
|
|
ram = "8192"
|
|
vcpus = "2"
|
|
disk = "100"
|
|
is_public = true
|
|
}
|
|
|
|
resource "openstack_compute_flavor_v2" "c2-xlarge" {
|
|
name = "c2.xlarge"
|
|
ram = "16384"
|
|
vcpus = "2"
|
|
disk = "200"
|
|
is_public = true
|
|
}
|
|
|
|
# Images
|
|
resource "openstack_images_image_v2" "cirros" {
|
|
name = "CirrOS"
|
|
image_source_url = "https://files.hnrx.net/OS-Images/cirros-0.6.3-x86_64-disk.img"
|
|
container_format = "bare"
|
|
disk_format = "qcow2"
|
|
web_download = true
|
|
}
|
|
|
|
resource "openstack_images_image_v2" "fedora-41" {
|
|
name = "Fedora"
|
|
image_source_url = "https://files.hnrx.net/OS-Images/Fedora-Cloud-Base-Generic-41-1.4.x86_64.qcow2"
|
|
container_format = "bare"
|
|
disk_format = "qcow2"
|
|
web_download = true
|
|
}
|
|
|
|
resource "openstack_images_image_v2" "opensuse" {
|
|
name = "openSUSE-Leap-15.6.x86_64-1.0.4"
|
|
image_source_url = "https://files.hnrx.net/OS-Images/openSUSE-Leap-15.6.x86_64-1.0.4.qcow2"
|
|
web_download = true
|
|
container_format = "bare"
|
|
disk_format = "qcow2"
|
|
}
|
|
|
|
resource "openstack_images_image_v2" "talos" {
|
|
name = "talos-1.10.2"
|
|
image_source_url = "https://files.hnrx.net/OS-Images/talos-1.10.2-openstack-amd64.raw"
|
|
web_download = true
|
|
container_format = "bare"
|
|
disk_format = "raw"
|
|
}
|
|
|
|
resource "openstack_images_image_v2" "amphora" {
|
|
provider = openstack.octavia
|
|
name = "amphora-x64-haproxy.qcow2"
|
|
image_source_url = "https://files.hnrx.net/OS-Images/amphora-x64-haproxy.qcow2"
|
|
web_download = true
|
|
container_format = "bare"
|
|
disk_format = "qcow2"
|
|
visibility = "private"
|
|
tags = ["amphora", "haproxy"]
|
|
properties = {
|
|
"hw_architecture" = "x86_64"
|
|
"hw_rng_model" = "virtio"
|
|
}
|
|
}
|
|
|
|
# Keypairs
|
|
resource "openstack_compute_keypair_v2" "mh-key" {
|
|
name = "mh"
|
|
public_key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFJ4YMDAlzgWhvlwKbiyjztiQHKOXwhwJt0VVmQKONj+ matthias.hinrichs@me.com"
|
|
}
|
|
|
|
#DNS Zone
|
|
resource "openstack_dns_zone_v2" "hnrx-zone" {
|
|
name = "hnrx.cloud."
|
|
description = "default hnrx zone"
|
|
email = "matthias.hinrichs@hnrx.net"
|
|
type = "PRIMARY"
|
|
ttl = 60
|
|
}
|