updated terraform examples

2022-04-08 11:43:01 +02:00
parent 48fc259af9
commit d82c5b6447
19 changed files with 1253 additions and 3 deletions
--- a/terraform/lab1/get-terraform.sh
+++ b/terraform/lab1/get-terraform.sh
@ -0,0 +1,3 @@
+#!/bin/bash
+wget https://releases.hashicorp.com/terraform/1.1.3/terraform_1.1.3_linux_amd64.zip -O terraform_1.1.3_linux_amd64.zip
+unzip -o terraform_1.1.3_linux_amd64.zip
--- a/terraform/lab1/lab1.tf
+++ b/terraform/lab1/lab1.tf
@ -0,0 +1,178 @@
+# Define CloudComp group number
+variable "group_number" {
+  type = string
+  default = "20"
+}
+
+## OpenStack credentials can be used in a more secure way by using
+## cloud.yaml from https://private-cloud.informatik.hs-fulda.de/project/api_access/clouds.yaml/
+
+# or by using env vars exported from openrc here,
+# e.g., using 'export TF_VAR_os_password=$OS_PASSWORD'
+
+# Define OpenStack credentials, project config etc.
+locals {
+  auth_url      = "https://private-cloud.informatik.hs-fulda.de:5000/v3"
+  user_name     = "CloudComp${var.group_number}"
+  user_password = "<password of your group here, private-cloud is only reachable via vpn>"
+  tenant_name   = "CloudComp${var.group_number}"
+  #network_name  = "CloudComp${var.group_number}-net"
+  router_name   = "CloudComp${var.group_number}-router"
+  image_name    = "Ubuntu 20.04 - Focal Fossa - 64-bit - Cloud Based Image"
+  flavor_name   = "m1.small"
+  region_name   = "RegionOne"
+}
+
+# Define OpenStack provider
+terraform {
+required_version = ">= 0.14.0"
+  required_providers {
+    openstack = {
+      source  = "terraform-provider-openstack/openstack"
+      version = ">= 1.46.0"
+    }
+  }
+}
+
+# Configure the OpenStack Provider
+provider "openstack" {
+  user_name   = local.user_name
+  tenant_name = local.tenant_name
+  password    = local.user_password
+  auth_url    = local.auth_url
+  region      = local.region_name
+  use_octavia = true
+}
+
+
+
+###########################################################################
+#
+# create keypair
+#
+###########################################################################
+
+# import keypair, if public_key is not specified, create new keypair to use
+resource "openstack_compute_keypair_v2" "terraform-keypair" {
+  name       = "my-terraform-pubkey"
+  #public_key = file("~/.ssh/id_rsa.pub")
+}
+
+
+
+###########################################################################
+#
+# create security group
+#
+###########################################################################
+
+resource "openstack_networking_secgroup_v2" "terraform-secgroup" {
+  name        = "my-terraform-secgroup"
+  description = "for terraform instances"
+}
+
+resource "openstack_networking_secgroup_rule_v2" "terraform-secgroup-rule-http" {
+  direction         = "ingress"
+  ethertype         = "IPv4"
+  protocol          = "tcp"
+  port_range_min    = 80
+  port_range_max    = 80
+  #remote_ip_prefix  = "0.0.0.0/0"
+  security_group_id = openstack_networking_secgroup_v2.terraform-secgroup.id
+}
+
+resource "openstack_networking_secgroup_rule_v2" "terraform-secgroup-rule-ssh" {
+  direction         = "ingress"
+  ethertype         = "IPv4"
+  protocol          = "tcp"
+  port_range_min    = 22
+  port_range_max    = 22
+  #remote_ip_prefix  = "0.0.0.0/0"
+  security_group_id = openstack_networking_secgroup_v2.terraform-secgroup.id
+}
+
+
+###########################################################################
+#
+# create network
+#
+###########################################################################
+
+resource "openstack_networking_network_v2" "terraform-network-1" {
+  name           = "my-terraform-network-1"
+  admin_state_up = "true"
+}
+
+resource "openstack_networking_subnet_v2" "terraform-subnet-1" {
+  name       = "my-terraform-subnet-1"
+  network_id = openstack_networking_network_v2.terraform-network-1.id
+  cidr       = "192.168.255.0/24"
+  ip_version = 4
+}
+
+data "openstack_networking_router_v2" "router-1" {
+  name = local.router_name
+}
+
+resource "openstack_networking_router_interface_v2" "router_interface_1" {
+  router_id = data.openstack_networking_router_v2.router-1.id
+  subnet_id = openstack_networking_subnet_v2.terraform-subnet-1.id
+}
+
+
+
+###########################################################################
+#
+# create instances
+#
+###########################################################################
+
+resource "openstack_compute_instance_v2" "terraform-instance-1" {
+  name              = "my-terraform-instance-1"
+  image_name        = local.image_name
+  flavor_name       = local.flavor_name
+  key_pair          = openstack_compute_keypair_v2.terraform-keypair.name
+  security_groups   = [openstack_networking_secgroup_v2.terraform-secgroup.name]
+
+  depends_on = [openstack_networking_subnet_v2.terraform-subnet-1]
+
+  network {
+    uuid = openstack_networking_network_v2.terraform-network-1.id
+  }
+
+  user_data = <<-EOF
+    #!/bin/bash
+    apt-get update
+    apt-get -y install apache2
+    rm /var/www/html/index.html
+    cat > /var/www/html/index.html << INNEREOF
+    <!DOCTYPE html>
+    <html>
+      <body>
+        <h1>It works!</h1>
+        <p>hostname</p>
+      </body>
+    </html>
+    INNEREOF
+    sed -i "s/hostname/terraform-instance-1/" /var/www/html/index.html
+    sed -i "1s/$/ terraform-instance-1/" /etc/hosts
+  EOF
+}
+
+###########################################################################
+#
+# assign floating ip to instance
+#
+###########################################################################
+resource "openstack_networking_floatingip_v2" "fip_1" {
+  pool    = "public1"
+}
+
+resource "openstack_compute_floatingip_associate_v2" "fip_1_assoc" {
+  floating_ip = openstack_networking_floatingip_v2.fip_1.address
+  instance_id = openstack_compute_instance_v2.terraform-instance-1.id
+}
+
+output "vip_addr" {
+  value = openstack_networking_floatingip_v2.fip_1
+}
--- a/terraform/lab1/run-terraform.sh
+++ b/terraform/lab1/run-terraform.sh
@ -0,0 +1,23 @@
+#!/bin/bash
+
+# initialization of terraform state and download openstack plugin/dependencies
+./terraform init
+
+# show what will done
+./terraform plan
+
+# let terraform create the resources specified in .tf file in same directory
+./terraform apply
+
+# you can also use "terraform apply -auto-approve" to prevent terraform from asking back whether it should proceed
+
+# among the benefits of terraform, is that is deploys the resources rather quick. It identifies dependencies and
+# deploys independent resources in parallel.
+# "terraform graph" creates a dependency graph of the resource specified in the .tf file
+# another benefit of terraform is, that it does the heavy lifting to support the APIs of multiple cloud
+# providers and supports way more features and cloud services than, e.g., libcloud, hence it's quite popular
+#
+# among the drawbacks however is, that it comes with its own definition language and does not offer the full
+# flexibility of a programming language. In this regard, libcloud, boto3, openstack-sdk etc. are way more flexible
+#
+# we discuss different cloud service deployment solutions and their pros/cons in the course
--- a/terraform/lab1/stop-terraform.sh
+++ b/terraform/lab1/stop-terraform.sh
@ -0,0 +1,6 @@
+#!/bin/bash
+
+# let terraform remove the resources specified in .tf file in same directory
+./terraform destroy
+
+# you can also use "terraform destroy -auto-approve" to prevent terraform from asking back whether it should proceed