From 37120a73243766462c7f0e1b43453de04b642241 Mon Sep 17 00:00:00 2001 From: Sebastian Haderecker Date: Thu, 15 Apr 2021 12:37:30 +0200 Subject: [PATCH 01/12] Update gitignore --- cloud/.gitignore | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cloud/.gitignore b/cloud/.gitignore index 06ddc876..f50f50f8 100644 --- a/cloud/.gitignore +++ b/cloud/.gitignore @@ -6,5 +6,5 @@ **/terraform.* # OpenStack clouds -clouds.yaml -secure.yaml +**/clouds.yaml +**/secure.yaml From c659572df1f143fbcecb56515497fcd87f9f0ad9 Mon Sep 17 00:00:00 2001 From: Sebastian Haderecker Date: Thu, 15 Apr 2021 14:44:55 +0200 Subject: [PATCH 02/12] TF: Formatting --- cloud/terraform/otc/main.tf | 2 +- cloud/terraform/otc/provider.tf | 2 +- cloud/terraform/otc/versions.tf | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/cloud/terraform/otc/main.tf b/cloud/terraform/otc/main.tf index 7a002b03..c6e81bf3 100644 --- a/cloud/terraform/otc/main.tf +++ b/cloud/terraform/otc/main.tf @@ -45,7 +45,7 @@ resource "opentelekomcloud_compute_instance_v2" "ecs_1" { flavor_name = var.flavor key_pair = var.key_pair security_groups = [opentelekomcloud_networking_secgroup_v2.secgroup_1.name] - user_data = templatefile("../cloud-init.yaml", {timezone = var.timezone, password = var.linux_password, tpot_flavor = var.tpot_flavor, web_user = var.web_user, web_password = var.web_password}) + user_data = templatefile("../cloud-init.yaml", { timezone = var.timezone, password = var.linux_password, tpot_flavor = var.tpot_flavor, web_user = var.web_user, web_password = var.web_password }) network { name = opentelekomcloud_networking_network_v2.network_1.name diff --git a/cloud/terraform/otc/provider.tf b/cloud/terraform/otc/provider.tf index 9dac3e37..462028fa 100644 --- a/cloud/terraform/otc/provider.tf +++ b/cloud/terraform/otc/provider.tf @@ -1,3 +1,3 @@ provider "opentelekomcloud" { - cloud = "open-telekom-cloud" + cloud = "open-telekom-cloud" } diff --git a/cloud/terraform/otc/versions.tf b/cloud/terraform/otc/versions.tf index 5d973281..c1162050 100644 --- a/cloud/terraform/otc/versions.tf +++ b/cloud/terraform/otc/versions.tf @@ -2,11 +2,11 @@ terraform { required_version = ">= 0.13" required_providers { opentelekomcloud = { - source = "opentelekomcloud/opentelekomcloud" + source = "opentelekomcloud/opentelekomcloud" version = "1.22.5" } random = { - source = "hashicorp/random" + source = "hashicorp/random" version = "~> 3.0.1" } } From 77e0b8c313519d12c61fff30c684b456d60b804e Mon Sep 17 00:00:00 2001 From: Sebastian Haderecker Date: Thu, 15 Apr 2021 14:51:12 +0200 Subject: [PATCH 03/12] Update provider versions --- cloud/terraform/otc/.terraform.lock.hcl | 53 ++++++++++++------------- cloud/terraform/otc/versions.tf | 4 +- 2 files changed, 28 insertions(+), 29 deletions(-) diff --git a/cloud/terraform/otc/.terraform.lock.hcl b/cloud/terraform/otc/.terraform.lock.hcl index 0885519e..ce0226cc 100644 --- a/cloud/terraform/otc/.terraform.lock.hcl +++ b/cloud/terraform/otc/.terraform.lock.hcl @@ -2,38 +2,37 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/random" { - version = "3.0.1" - constraints = "~> 3.0.1" + version = "3.1.0" + constraints = "~> 3.1.0" hashes = [ - "h1:SzM8nt2wzLMI28A3CWAtW25g3ZCm1O4xD0h3Ps/rU1U=", - "zh:0d4f683868324af056a9eb2b06306feef7c202c88dbbe6a4ad7517146a22fb50", - "zh:4824b3c7914b77d41dfe90f6f333c7ac9860afb83e2a344d91fbe46e5dfbec26", - "zh:4b82e43712f3cf0d0cbc95b2cbcd409ba8f0dc7848fdfb7c13633c27468ed04a", - "zh:78b3a2b860c3ebc973a794000015f5946eb59b82705d701d487475406b2612f1", - "zh:88bc65197bd74ff408d147b32f0045372ae3a3f2a2fdd7f734f315d988c0e4a2", - "zh:91bd3c9f625f177f3a5d641a64e54d4b4540cb071070ecda060a8261fb6eb2ef", - "zh:a6818842b28d800f784e0c93284ff602b0c4022f407e4750da03f50b853a9a2c", - "zh:c4a1a2b52abd05687e6cfded4a789dcd7b43e7a746e4d02dd1055370cf9a994d", - "zh:cf65041bf12fc3bde709c1d267dbe94142bc05adcabc4feb17da3b12249132ac", - "zh:e385e00e7425dda9d30b74ab4ffa4636f4b8eb23918c0b763f0ffab84ece0c5c", + "h1:BZMEPucF+pbu9gsPk0G0BHx7YP04+tKdq2MrRDF1EDM=", + "zh:2bbb3339f0643b5daa07480ef4397bd23a79963cc364cdfbb4e86354cb7725bc", + "zh:3cd456047805bf639fbf2c761b1848880ea703a054f76db51852008b11008626", + "zh:4f251b0eda5bb5e3dc26ea4400dba200018213654b69b4a5f96abee815b4f5ff", + "zh:7011332745ea061e517fe1319bd6c75054a314155cb2c1199a5b01fe1889a7e2", + "zh:738ed82858317ccc246691c8b85995bc125ac3b4143043219bd0437adc56c992", + "zh:7dbe52fac7bb21227acd7529b487511c91f4107db9cc4414f50d04ffc3cab427", + "zh:a3a9251fb15f93e4cfc1789800fc2d7414bbc18944ad4c5c98f466e6477c42bc", + "zh:a543ec1a3a8c20635cf374110bd2f87c07374cf2c50617eee2c669b3ceeeaa9f", + "zh:d9ab41d556a48bd7059f0810cf020500635bfc696c9fc3adab5ea8915c1d886b", + "zh:d9e13427a7d011dbd654e591b0337e6074eef8c3b9bb11b2e39eaaf257044fd7", + "zh:f7605bd1437752114baf601bdf6931debe6dc6bfe3006eb7e9bb9080931dca8a", ] } provider "registry.terraform.io/opentelekomcloud/opentelekomcloud" { - version = "1.22.5" - constraints = "1.22.5" + version = "1.23.6" + constraints = "~> 1.23.4" hashes = [ - "h1:H20WxSx+j2JyrqHAgqsrV3rMWEOEZVEQuA7upz/1IgY=", - "zh:276ab06e7c011351fc5a803fea0321a9d12b1353bd43f5389f3bbf491e31fc41", - "zh:3191dc598ea4e4c99d08a2b1a5f65710dbcc1a892b1f9dde7b52515f32028319", - "zh:43db37c5fb6a886ce3bbc2aa730854476da7dd0340622ad874998041fa96f7a2", - "zh:45f3e2677a4c35bd88d435c906224092e0dde17055a203b474da2eeacffbf9b7", - "zh:504568581e561130fc0a9ceb6514e9664c67e3a89cd6c912f64c82f0a0305a30", - "zh:5646c76cbe710fd0acde409cdcfb352dd53a282c0207e46e33ac5714d0eaa0b9", - "zh:578b0f5d43f156f86ca6a63604da6e968f035d0b4bf6ccfc83db284fd31057f6", - "zh:784459b8350dc650f01e6866bcec0632e8b5a8733d81e6ed53bc8cc1254abb92", - "zh:970aa873a81994cddf84279b255d3f51a4138b23cb9162707cefb84042451bfc", - "zh:e892b8b6225a46067586b8e54a7102ac1b0fc296b4851dab3d4cc185de538d66", - "zh:f8c4699eebe99ac93d9cdccfcc809a5bd3d6c238be136d5a26c4e812ef30ec32", + "h1:B/1Md957jWaDgFqsJDzmJc75KwL0eC/PCVuZ8HV5xSc=", + "zh:1aa79010869d082157fb44fc83c3bff4e40938ec0ca916f704d974c7f7ca39e4", + "zh:3155b8366828ce50231f69962b55df1e2261ed63c44bb64e2c950dd68769df1b", + "zh:4a909617aa96a6d8aead14f56996ad94e0a1cae9d28e8df1ddae19c2095ed337", + "zh:4f71046719632b4b90f88d29d8ba88915ee6ad66cd9d7ebe84a7459013e5003a", + "zh:67e4d10b2db79ad78ae2ec8d9dfac53c4721028f97f4436a7aa45e80b1beefd3", + "zh:7f12541fc5a3513e5522ff2bd5fee17d1e67bfe64f9ef59d03863fc7389e12ce", + "zh:86fadabfc8307cf6084a412ffc9c797ec94932d08bc663a3fcebf98101e951f6", + "zh:98744b39c2bfe3e8e6f929f750a689971071b257f3f066f669f93c8e0b76d179", + "zh:c363d41debb060804e2c6bd9cb50b4e8daa37362299e3ea74e187265cd85f2ca", ] } diff --git a/cloud/terraform/otc/versions.tf b/cloud/terraform/otc/versions.tf index c1162050..d5a6ae2a 100644 --- a/cloud/terraform/otc/versions.tf +++ b/cloud/terraform/otc/versions.tf @@ -3,11 +3,11 @@ terraform { required_providers { opentelekomcloud = { source = "opentelekomcloud/opentelekomcloud" - version = "1.22.5" + version = "~> 1.23.4" } random = { source = "hashicorp/random" - version = "~> 3.0.1" + version = "~> 3.1.0" } } } From aec0761580aa5eba4d284bbd9d8ce215b8822809 Mon Sep 17 00:00:00 2001 From: Sebastian Haderecker Date: Thu, 15 Apr 2021 14:59:03 +0200 Subject: [PATCH 04/12] TF: More formatting --- cloud/terraform/otc/variables.tf | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/cloud/terraform/otc/variables.tf b/cloud/terraform/otc/variables.tf index 47e0df5b..0c62edbf 100644 --- a/cloud/terraform/otc/variables.tf +++ b/cloud/terraform/otc/variables.tf @@ -35,12 +35,12 @@ variable "ecs_prefix" { # ECS configuration variable "availability_zone" { - default = "eu-de-03" + default = "eu-de-03" description = "Select an availability zone" } variable "flavor" { - default = "s3.medium.8" + default = "s3.medium.8" description = "Select a compute flavor" } @@ -50,18 +50,18 @@ variable "key_pair" { } variable "volume_size" { - default = "128" + default = "128" description = "Set the volume size" } # These will go in the generated tpot.conf file variable "tpot_flavor" { - default = "STANDARD" + default = "STANDARD" description = "Specify your tpot flavor [STANDARD, SENSOR, INDUSTRIAL, COLLECTOR, NEXTGEN, MEDICAL]" } variable "web_user" { - default = "webuser" + default = "webuser" description = "Set a username for the web user" } From 0c7d0d0eaa5c9c67e7f922151bf52d95d6141e19 Mon Sep 17 00:00:00 2001 From: Sebastian Haderecker Date: Thu, 15 Apr 2021 15:16:33 +0200 Subject: [PATCH 05/12] TF: Check if input variables are defined --- cloud/terraform/otc/variables.tf | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/cloud/terraform/otc/variables.tf b/cloud/terraform/otc/variables.tf index 0c62edbf..40831815 100644 --- a/cloud/terraform/otc/variables.tf +++ b/cloud/terraform/otc/variables.tf @@ -6,6 +6,11 @@ variable "timezone" { variable "linux_password" { #default = "LiNuXuSeRPaSs#" description = "Set a password for the default user" + + validation { + condition = length(var.linux_password) > 0 + error_message = "Please specify a password for the default user." + } } # Cloud resources name configuration @@ -47,6 +52,11 @@ variable "flavor" { variable "key_pair" { #default = "" description = "Specify your SSH key pair" + + validation { + condition = length(var.key_pair) > 0 + error_message = "Please specify a Key Pair." + } } variable "volume_size" { @@ -68,4 +78,9 @@ variable "web_user" { variable "web_password" { #default = "w3b$ecret" description = "Set a password for the web user" + + validation { + condition = length(var.web_password) > 0 + error_message = "Please specify a password for the web user." + } } From b0ea90c65b076dbee7d9e55998b2ee1bd02947a2 Mon Sep 17 00:00:00 2001 From: Sebastian Haderecker Date: Thu, 15 Apr 2021 16:18:17 +0200 Subject: [PATCH 06/12] TF: Rework ECS and EIP setup --- cloud/terraform/otc/main.tf | 70 +++++++++++++++----------------- cloud/terraform/otc/outputs.tf | 6 +-- cloud/terraform/otc/variables.tf | 52 +++++++++++++++--------- 3 files changed, 68 insertions(+), 60 deletions(-) diff --git a/cloud/terraform/otc/main.tf b/cloud/terraform/otc/main.tf index c6e81bf3..86e38e1e 100644 --- a/cloud/terraform/otc/main.tf +++ b/cloud/terraform/otc/main.tf @@ -14,24 +14,18 @@ resource "opentelekomcloud_networking_secgroup_rule_v2" "secgroup_rule_1" { security_group_id = opentelekomcloud_networking_secgroup_v2.secgroup_1.id } -resource "opentelekomcloud_networking_network_v2" "network_1" { - name = var.network_name +resource "opentelekomcloud_vpc_v1" "vpc_1" { + name = var.vpc_name + cidr = var.vpc_cidr } -resource "opentelekomcloud_networking_subnet_v2" "subnet_1" { - name = var.subnet_name - network_id = opentelekomcloud_networking_network_v2.network_1.id - cidr = "192.168.0.0/24" - dns_nameservers = ["1.1.1.1", "8.8.8.8"] -} +resource "opentelekomcloud_vpc_subnet_v1" "subnet_1" { + name = var.subnet_name + cidr = var.subnet_cidr + vpc_id = opentelekomcloud_vpc_v1.vpc_1.id -resource "opentelekomcloud_networking_router_v2" "router_1" { - name = var.router_name -} - -resource "opentelekomcloud_networking_router_interface_v2" "router_interface_1" { - router_id = opentelekomcloud_networking_router_v2.router_1.id - subnet_id = opentelekomcloud_networking_subnet_v2.subnet_1.id + gateway_ip = var.subnet_gateway_ip + dns_list = ["100.125.4.25", "100.125.129.199"] } resource "random_id" "tpot" { @@ -39,33 +33,35 @@ resource "random_id" "tpot" { prefix = var.ecs_prefix } -resource "opentelekomcloud_compute_instance_v2" "ecs_1" { +resource "opentelekomcloud_ecs_instance_v1" "ecs_1" { + name = random_id.tpot.b64_std + image_id = data.opentelekomcloud_images_image_v2.debian.id + flavor = var.ecs_flavor + vpc_id = opentelekomcloud_vpc_v1.vpc_1.id + + nics { + network_id = opentelekomcloud_vpc_subnet_v1.subnet_1.id + } + + system_disk_size = var.ecs_disk_size + security_groups = [opentelekomcloud_networking_secgroup_v2.secgroup_1.id] availability_zone = var.availability_zone - name = random_id.tpot.b64_std - flavor_name = var.flavor - key_pair = var.key_pair - security_groups = [opentelekomcloud_networking_secgroup_v2.secgroup_1.name] + key_name = var.key_pair user_data = templatefile("../cloud-init.yaml", { timezone = var.timezone, password = var.linux_password, tpot_flavor = var.tpot_flavor, web_user = var.web_user, web_password = var.web_password }) +} - network { - name = opentelekomcloud_networking_network_v2.network_1.name +resource "opentelekomcloud_vpc_eip_v1" "eip_1" { + publicip { + type = "5_bgp" } - - block_device { - uuid = data.opentelekomcloud_images_image_v2.debian.id - source_type = "image" - volume_size = var.volume_size - destination_type = "volume" - delete_on_termination = "true" + bandwidth { + name = "bandwidth-${random_id.tpot.b64_std}" + size = var.eip_size + share_type = "PER" } - - depends_on = [opentelekomcloud_networking_router_interface_v2.router_interface_1] } -resource "opentelekomcloud_networking_floatingip_v2" "floatip_1" { -} - -resource "opentelekomcloud_compute_floatingip_associate_v2" "fip_2" { - floating_ip = opentelekomcloud_networking_floatingip_v2.floatip_1.address - instance_id = opentelekomcloud_compute_instance_v2.ecs_1.id +resource "opentelekomcloud_compute_floatingip_associate_v2" "fip_1" { + floating_ip = opentelekomcloud_vpc_eip_v1.eip_1.publicip.0.ip_address + instance_id = opentelekomcloud_ecs_instance_v1.ecs_1.id } diff --git a/cloud/terraform/otc/outputs.tf b/cloud/terraform/otc/outputs.tf index 2ec77c27..96cc7922 100644 --- a/cloud/terraform/otc/outputs.tf +++ b/cloud/terraform/otc/outputs.tf @@ -1,11 +1,11 @@ output "Admin_UI" { - value = "https://${opentelekomcloud_networking_floatingip_v2.floatip_1.address}:64294" + value = "https://${opentelekomcloud_vpc_eip_v1.eip_1.publicip.0.ip_address}:64294" } output "SSH_Access" { - value = "ssh -p 64295 linux@${opentelekomcloud_networking_floatingip_v2.floatip_1.address}" + value = "ssh -p 64295 linux@${opentelekomcloud_vpc_eip_v1.eip_1.publicip.0.ip_address}" } output "Web_UI" { - value = "https://${opentelekomcloud_networking_floatingip_v2.floatip_1.address}:64297" + value = "https://${opentelekomcloud_vpc_eip_v1.eip_1.publicip.0.ip_address}:64297" } diff --git a/cloud/terraform/otc/variables.tf b/cloud/terraform/otc/variables.tf index 40831815..e70c89eb 100644 --- a/cloud/terraform/otc/variables.tf +++ b/cloud/terraform/otc/variables.tf @@ -1,4 +1,4 @@ -# cloud-init configuration +## cloud-init configuration ## variable "timezone" { default = "UTC" } @@ -13,40 +13,52 @@ variable "linux_password" { } } -# Cloud resources name configuration +## Security Group ## variable "secgroup_name" { - default = "tpot-secgroup" + default = "sg-tpot" } variable "secgroup_desc" { - default = "T-Pot Security Group" + default = "Security Group for T-Pot" } -variable "network_name" { - default = "tpot-network" +## Virtual Private Cloud ## +variable "vpc_name" { + default = "vpc-tpot" } +variable "vpc_cidr" { + default = "192.168.0.0/16" +} + +## Subnet ## variable "subnet_name" { - default = "tpot-subnet" + default = "subnet-tpot" } -variable "router_name" { - default = "tpot-router" +variable "subnet_cidr" { + default = "192.168.0.0/24" } +variable "subnet_gateway_ip" { + default = "192.168.0.1" +} + +## Elastic Cloud Server ## variable "ecs_prefix" { default = "tpot-" } -# ECS configuration -variable "availability_zone" { - default = "eu-de-03" - description = "Select an availability zone" +variable "ecs_flavor" { + default = "s3.medium.8" } -variable "flavor" { - default = "s3.medium.8" - description = "Select a compute flavor" +variable "ecs_disk_size" { + default = "128" +} + +variable "availability_zone" { + default = "eu-de-03" } variable "key_pair" { @@ -59,12 +71,12 @@ variable "key_pair" { } } -variable "volume_size" { - default = "128" - description = "Set the volume size" +## Elastic IP ## +variable "eip_size" { + default = "100" } -# These will go in the generated tpot.conf file +## These will go in the generated tpot.conf file ## variable "tpot_flavor" { default = "STANDARD" description = "Specify your tpot flavor [STANDARD, SENSOR, INDUSTRIAL, COLLECTOR, NEXTGEN, MEDICAL]" From de3d7c7f4f5763c8ef5445d3e544c93d369a493a Mon Sep 17 00:00:00 2001 From: Sebastian Haderecker Date: Thu, 15 Apr 2021 16:22:55 +0200 Subject: [PATCH 07/12] TF: Check input variables also for AWS --- cloud/terraform/aws/variables.tf | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/cloud/terraform/aws/variables.tf b/cloud/terraform/aws/variables.tf index ba764aab..a59ed0eb 100644 --- a/cloud/terraform/aws/variables.tf +++ b/cloud/terraform/aws/variables.tf @@ -55,7 +55,7 @@ variable "ec2_ami" { } } -# cloud-init configuration +## cloud-init configuration ## variable "timezone" { default = "UTC" } @@ -63,20 +63,30 @@ variable "timezone" { variable "linux_password" { #default = "LiNuXuSeRPaSs#" description = "Set a password for the default user" + + validation { + condition = length(var.linux_password) > 0 + error_message = "Please specify a password for the default user." + } } -# These will go in the generated tpot.conf file +## These will go in the generated tpot.conf file ## variable "tpot_flavor" { - default = "STANDARD" + default = "STANDARD" description = "Specify your tpot flavor [STANDARD, SENSOR, INDUSTRIAL, COLLECTOR, NEXTGEN, MEDICAL]" } variable "web_user" { - default = "webuser" + default = "webuser" description = "Set a username for the web user" } variable "web_password" { #default = "w3b$ecret" description = "Set a password for the web user" + + validation { + condition = length(var.web_password) > 0 + error_message = "Please specify a password for the web user." + } } From c9ec5347d562f81dab98b2325f8338954be14646 Mon Sep 17 00:00:00 2001 From: Sebastian Haderecker Date: Thu, 15 Apr 2021 16:23:49 +0200 Subject: [PATCH 08/12] TF: Formatting --- cloud/terraform/aws/main.tf | 4 ++-- cloud/terraform/aws/versions.tf | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/cloud/terraform/aws/main.tf b/cloud/terraform/aws/main.tf index 533ee4bc..44185446 100644 --- a/cloud/terraform/aws/main.tf +++ b/cloud/terraform/aws/main.tf @@ -60,7 +60,7 @@ resource "aws_instance" "tpot" { volume_size = 128 delete_on_termination = true } - user_data = templatefile("../cloud-init.yaml", {timezone = var.timezone, password = var.linux_password, tpot_flavor = var.tpot_flavor, web_user = var.web_user, web_password = var.web_password}) - vpc_security_group_ids = [aws_security_group.tpot.id] + user_data = templatefile("../cloud-init.yaml", { timezone = var.timezone, password = var.linux_password, tpot_flavor = var.tpot_flavor, web_user = var.web_user, web_password = var.web_password }) + vpc_security_group_ids = [aws_security_group.tpot.id] associate_public_ip_address = true } diff --git a/cloud/terraform/aws/versions.tf b/cloud/terraform/aws/versions.tf index a0de97d3..9ae9023e 100644 --- a/cloud/terraform/aws/versions.tf +++ b/cloud/terraform/aws/versions.tf @@ -2,7 +2,7 @@ terraform { required_version = ">= 0.13" required_providers { aws = { - source = "hashicorp/aws" + source = "hashicorp/aws" version = "3.26.0" } } From 628ea0224ca98baa0b4d285062a8c981a753efc5 Mon Sep 17 00:00:00 2001 From: Sebastian Haderecker Date: Thu, 15 Apr 2021 16:34:52 +0200 Subject: [PATCH 09/12] Update Terraform readme --- cloud/terraform/README.md | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/cloud/terraform/README.md b/cloud/terraform/README.md index b8e19900..8aaf2c5a 100644 --- a/cloud/terraform/README.md +++ b/cloud/terraform/README.md @@ -37,12 +37,13 @@ This can easily be extended to support other [Terraform providers](https://regis ### Open Telekom Cloud (OTC) * ECS instance: - * s2.medium.8 (1 vCPU, 8 GB RAM) + * s3.medium.8 (1 vCPU, 8 GB RAM) * 128 GB disk * Debian 10 * Public EIP * Security Group -* Network, Subnet, Router (= Virtual Private Cloud [VPC]) + * All TCP/UDP ports are open to the Internet +* Virtual Private Cloud (VPC) and Subnet ## Prerequisites @@ -90,11 +91,13 @@ In `aws/variables.tf`, you can change the additional variables: ### Open Telekom Cloud (OTC) In `otc/variables.tf`, you can change the additional variables: +* `ecs_flavor` +* `ecs_disk_size` * `availability_zone` -* `flavor` * `key_pair` - Specify an existing SSH key pair -* `volume_size` -Furthermore you can configure the naming of the created infrastructure (per default everything gets prefixed with "tpot-", e.g. "tpot-router"). +* `eip_size` + +... and some more, but these are the most relevant. ## Initialising From 0649d565218a0f6e80c45086204119741b00e072 Mon Sep 17 00:00:00 2001 From: Sebastian Haderecker Date: Thu, 15 Apr 2021 16:58:19 +0200 Subject: [PATCH 10/12] Improve Ansible resource naming --- .../openstack/roles/create_net/tasks/main.yaml | 16 ++++++++-------- .../openstack/roles/create_vm/tasks/main.yaml | 4 ++-- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/cloud/ansible/openstack/roles/create_net/tasks/main.yaml b/cloud/ansible/openstack/roles/create_net/tasks/main.yaml index c372d8bb..f1036c7c 100644 --- a/cloud/ansible/openstack/roles/create_net/tasks/main.yaml +++ b/cloud/ansible/openstack/roles/create_net/tasks/main.yaml @@ -1,25 +1,25 @@ - name: Create security group openstack.cloud.security_group: cloud: "{{ cloud }}" - name: sg-tpot-any - description: tpot any-any + name: sg-tpot-ansible + description: Security Group for T-Pot - name: Add rules to security group openstack.cloud.security_group_rule: cloud: "{{ cloud }}" - security_group: sg-tpot-any + security_group: sg-tpot-ansible remote_ip_prefix: 0.0.0.0/0 - name: Create network openstack.cloud.network: cloud: "{{ cloud }}" - name: network-tpot + name: network-tpot-ansible - name: Create subnet openstack.cloud.subnet: cloud: "{{ cloud }}" - network_name: network-tpot - name: subnet-tpot + network_name: network-tpot-ansible + name: subnet-tpot-ansible cidr: 192.168.0.0/24 dns_nameservers: - 1.1.1.1 @@ -28,6 +28,6 @@ - name: Create router openstack.cloud.router: cloud: "{{ cloud }}" - name: router-tpot + name: router-tpot-ansible interfaces: - - subnet-tpot + - subnet-tpot-ansible diff --git a/cloud/ansible/openstack/roles/create_vm/tasks/main.yaml b/cloud/ansible/openstack/roles/create_vm/tasks/main.yaml index 71ad71e7..a7ff7043 100644 --- a/cloud/ansible/openstack/roles/create_vm/tasks/main.yaml +++ b/cloud/ansible/openstack/roles/create_vm/tasks/main.yaml @@ -13,8 +13,8 @@ key_name: "{{ key_name }}" timeout: 200 flavor: "{{ flavor }}" - security_groups: sg-tpot-any - network: network-tpot + security_groups: sg-tpot-ansible + network: network-tpot-ansible register: tpot - name: Add instance to inventory From 8c19ea68c89a69335607beb505d0c79f39d01509 Mon Sep 17 00:00:00 2001 From: Sebastian Haderecker Date: Thu, 15 Apr 2021 16:58:56 +0200 Subject: [PATCH 11/12] Ansible: Use OTC nameservers for subnet --- cloud/ansible/openstack/roles/create_net/tasks/main.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cloud/ansible/openstack/roles/create_net/tasks/main.yaml b/cloud/ansible/openstack/roles/create_net/tasks/main.yaml index f1036c7c..0d8b9449 100644 --- a/cloud/ansible/openstack/roles/create_net/tasks/main.yaml +++ b/cloud/ansible/openstack/roles/create_net/tasks/main.yaml @@ -22,8 +22,8 @@ name: subnet-tpot-ansible cidr: 192.168.0.0/24 dns_nameservers: - - 1.1.1.1 - - 8.8.8.8 + - 100.125.4.25 + - 100.125.129.199 - name: Create router openstack.cloud.router: From d0cc43e89e4b99a4e1485f5171a857e79a93949d Mon Sep 17 00:00:00 2001 From: Sebastian Haderecker Date: Thu, 15 Apr 2021 17:00:13 +0200 Subject: [PATCH 12/12] Ansible: Create VM: Use default timeout and explicitly declare auto_ip --- cloud/ansible/openstack/roles/create_vm/tasks/main.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cloud/ansible/openstack/roles/create_vm/tasks/main.yaml b/cloud/ansible/openstack/roles/create_vm/tasks/main.yaml index a7ff7043..d7810a0d 100644 --- a/cloud/ansible/openstack/roles/create_vm/tasks/main.yaml +++ b/cloud/ansible/openstack/roles/create_vm/tasks/main.yaml @@ -11,7 +11,7 @@ boot_from_volume: yes volume_size: "{{ volume_size }}" key_name: "{{ key_name }}" - timeout: 200 + auto_ip: yes flavor: "{{ flavor }}" security_groups: sg-tpot-ansible network: network-tpot-ansible