Created
November 28, 2023 15:10
-
-
Save gannebamm/c43f4294f574df3e5e78d643c68d4bc3 to your computer and use it in GitHub Desktop.
from a terraform workshop
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #################### Provider #################### | |
| # To use the OpenStack provider, we need to specify the provider block | |
| terraform { | |
| required_providers { | |
| openstack = { | |
| source = "terraform-provider-openstack/openstack" | |
| version = "1.53.0" | |
| } | |
| } | |
| } | |
| #################### Variables #################### | |
| variable "name_prefix" { | |
| type = string | |
| default = "<yourname>_clum" | |
| } | |
| variable "public_key" { | |
| type = map(any) | |
| default = { | |
| name = "<yourname>_clum_key" | |
| pubkey = "<your public key>" | |
| } | |
| } | |
| #################### Images #################### | |
| # # Note: To upload an image to OpenStack cloud | |
| # # Since multiple images are already present in the cloud, we can ignore this step | |
| # resource "openstack_images_image_v2" "cloud-image" { | |
| # name = "RancherOS" | |
| # image_source_url = "https://releases.rancher.com/os/latest/rancheros-openstack.img" | |
| # container_format = "bare" | |
| # disk_format = "qcow2" | |
| # } | |
| #################### Key Pairs #################### | |
| # To create a key pair, so that we can ssh into the instance later | |
| resource "openstack_compute_keypair_v2" "my-cloud-key" { | |
| name = var.public_key["name"] | |
| public_key = var.public_key["pubkey"] | |
| } | |
| #################### Networks #################### | |
| # # Note: Only one network can be created in the current project, so we can ignore this step | |
| # # as a network named "tf-network" is already present in the cloud and a subnet is already | |
| # # created in it and the router is already connected to it. | |
| # # In this block, we create a private internal network. This network will serve as | |
| # # the isolated space for our internal resources. The admin_state_up attribute is | |
| # # set to true, indicating that the network is active. | |
| # resource "openstack_networking_network_v2" "tf_network" { | |
| # name = "${var.name_prefix}_tf_network" | |
| # admin_state_up = "true" | |
| # } | |
| # # This block creates a subnet within the private network, specifying its name, | |
| # # CIDR block (IP address range), IP version (IPv4 in this case), and enabling DHCP. | |
| # # This subnet will be used to allocate IP addresses to the instances connected to | |
| # # this network. | |
| # resource "openstack_networking_subnet_v2" "tf_subnet" { | |
| # network_id = openstack_networking_network_v2.tf_network.id | |
| # name = "${var.name_prefix}_tf_subnet" | |
| # cidr = "192.168.0.0/24" | |
| # ip_version = 4 | |
| # enable_dhcp = true | |
| # } | |
| # # Here, we use a data block to fetch information about the existing external network. | |
| # # This information will be utilized when creating the router to ensure connectivity | |
| # # to the external world. | |
| # data "openstack_networking_network_v2" "external" { | |
| # name = "external" | |
| # } | |
| # # This block creates a router, linking it to the external network. The router plays | |
| # # a crucial role in connecting the internal and external networks, facilitating | |
| # # communication between resources inside and outside the private network. | |
| # # This connection to an external network is necessary because it enables communication | |
| # # between resources within the private/internal network and the external world, | |
| # # such as the internet. | |
| # resource "openstack_networking_router_v2" "tf_router" { | |
| # name = "${var.name_prefix}_tf_router" | |
| # external_network_id = data.openstack_networking_network_v2.external.id | |
| # } | |
| # # Finally, we establish an interface for the router, connecting it to the previously | |
| # # created subnet. This step enables the router to manage traffic. | |
| # resource "openstack_networking_router_interface_v2" "tf_router_interface_1" { | |
| # router_id = openstack_networking_router_v2.tf_router.id | |
| # subnet_id = openstack_networking_subnet_v2.tf_subnet.id | |
| # } | |
| #################### Security Groups #################### | |
| # Lets create a couple of security groups to allow SSH and outgoing connections | |
| resource "openstack_networking_secgroup_v2" "public-ssh" { | |
| name = "${var.name_prefix}_ssh" | |
| description = "[TF] Allow SSH connections from anywhere" | |
| delete_default_rules = "true" | |
| } | |
| resource "openstack_networking_secgroup_rule_v2" "public-ssh-4" { | |
| direction = "ingress" | |
| ethertype = "IPv4" | |
| protocol = "tcp" | |
| port_range_min = 22 | |
| port_range_max = 22 | |
| security_group_id = openstack_networking_secgroup_v2.public-ssh.id | |
| } | |
| resource "openstack_networking_secgroup_v2" "egress-public" { | |
| name = "${var.name_prefix}_egress_public" | |
| description = "[TF] Allow any outgoing connection" | |
| delete_default_rules = true | |
| } | |
| resource "openstack_networking_secgroup_rule_v2" "egress-public-4" { | |
| direction = "egress" | |
| ethertype = "IPv4" | |
| security_group_id = openstack_networking_secgroup_v2.egress-public.id | |
| } | |
| #################### Flavors #################### | |
| # To get the id of a flavor matching the given criteria | |
| # data "openstack_compute_flavor_v2" "denbi_tiny" { | |
| # vcpus = "1" | |
| # ram = "2048" | |
| # disk = "50" | |
| # } | |
| #################### Simple demo instance example #################### | |
| # Lets get the latest ubuntu image id using data block | |
| data "openstack_images_image_v2" "ubuntu" { | |
| name = "ubuntu-20.04 (2020-11-02)" | |
| most_recent = true | |
| } | |
| # Lets create an instance | |
| resource "openstack_compute_instance_v2" "demo" { | |
| name = "${var.name_prefix}_demo" | |
| flavor_name = "de.NBI tiny" | |
| image_id = data.openstack_images_image_v2.ubuntu.id | |
| key_pair = openstack_compute_keypair_v2.my-cloud-key.name | |
| security_groups = ["${var.name_prefix}_ssh", "${var.name_prefix}_egress_public"] | |
| network { | |
| name = "tf-network" | |
| } | |
| } | |
| #################### Floating IPs #################### | |
| # Lets create a floating IP | |
| resource "openstack_networking_floatingip_v2" "floating_ip" { | |
| pool = "external" | |
| } | |
| # Attach our floating IP to the instance | |
| resource "openstack_compute_floatingip_associate_v2" "float_ip_assoc" { | |
| floating_ip = openstack_networking_floatingip_v2.floating_ip.address | |
| instance_id = openstack_compute_instance_v2.demo.id | |
| } | |
| #################### Volumes #################### | |
| resource "openstack_blockstorage_volume_v2" "scratch_volume" { | |
| name = "${var.name_prefix}_scratch_volume" | |
| description = "Scratch volume for ${var.name_prefix}" | |
| size = 2 | |
| } | |
| # Attach our volume to the instance | |
| resource "openstack_compute_volume_attach_v2" "scratch_volume_attach" { | |
| instance_id = openstack_compute_instance_v2.demo.id | |
| volume_id = openstack_blockstorage_volume_v2.scratch_volume.id | |
| } | |
| #################### Example with cloud-init #################### | |
| ## In this example, we use cloud-init to configure the volume and mount it | |
| ## to the instance at /scratch directory during boot time. So this entire block | |
| ## should be copied to a file and run as a single terraform apply command. | |
| # # Lets get the latest ubuntu image data | |
| # data "openstack_images_image_v2" "ubuntu_alt_example" { | |
| # name = "ubuntu-20.04 (2020-11-02)" | |
| # most_recent = true | |
| # } | |
| # # Lets create an instance | |
| # resource "openstack_compute_instance_v2" "demo_alt_example" { | |
| # name = "${var.name_prefix}_demo" | |
| # flavor_name = "de.NBI tiny" | |
| # image_id = data.openstack_images_image_v2.ubuntu_alt_example.id | |
| # key_pair = openstack_compute_keypair_v2.my-cloud-key.name | |
| # security_groups = ["${var.name_prefix}_ssh", "${var.name_prefix}_egress_public"] | |
| # network { | |
| # name = "tf-network" | |
| # } | |
| # user_data = <<-EOF | |
| # #cloud-config | |
| # bootcmd: | |
| # - test -z "$(blkid /dev/vdb)" && mkfs -t ext4 /dev/vdb | |
| # - mkdir -p /scratch | |
| # mounts: | |
| # - ["/dev/vdb", "/scratch", auto, "defaults,nofail", "0", "2"] | |
| # runcmd: | |
| # - [ chown, "ubuntu.ubuntu", -R, /scratch ] | |
| # package_update: true | |
| # package_upgrade: true | |
| # EOF | |
| # } | |
| # # Lets create a floating IP | |
| # resource "openstack_networking_floatingip_v2" "floating_ip" { | |
| # pool = "external" | |
| # } | |
| # # Attach our floating IP to the instance | |
| # resource "openstack_compute_floatingip_associate_v2" "float_ip_assoc" { | |
| # floating_ip = openstack_networking_floatingip_v2.floating_ip.address | |
| # instance_id = openstack_compute_instance_v2.demo_alt_example.id | |
| # } | |
| # # Lets create a volume | |
| # resource "openstack_blockstorage_volume_v2" "scratch_volume_alt_example" { | |
| # name = "${var.name_prefix}_scratch_volume_alt_example" | |
| # description = "Scratch volume for ${var.name_prefix}" | |
| # size = 2 | |
| # } | |
| # # Attach our volume to the instance | |
| # resource "openstack_compute_volume_attach_v2" "scratch_volume_attach_alt_example" { | |
| # instance_id = openstack_compute_instance_v2.demo_alt_example.id | |
| # volume_id = openstack_blockstorage_volume_v2.scratch_volume_alt_example.id | |
| # } | |
| #################### Example with count #################### | |
| # data "openstack_images_image_v2" "ubuntu" { | |
| # name = "ubuntu-20.04 (2020-11-02)" | |
| # most_recent = true | |
| # } | |
| # # Lets create 2 instances | |
| # resource "openstack_compute_instance_v2" "demo_count" { | |
| # count = 2 | |
| # name = "${var.name_prefix}_demo_${count.index}" | |
| # flavor_name = "de.NBI tiny" | |
| # image_id = data.openstack_images_image_v2.ubuntu.id | |
| # key_pair = openstack_compute_keypair_v2.my-cloud-key.name | |
| # security_groups = ["${var.name_prefix}_ssh", "${var.name_prefix}_egress_public"] | |
| # network { | |
| # name = "tf-network" | |
| # } | |
| # } | |
| # # Lets create 2 floating IPs | |
| # resource "openstack_networking_floatingip_v2" "floating_ip_count" { | |
| # count = 2 | |
| # pool = "external" | |
| # } | |
| # # # Attach our floating IPs to the instances | |
| # resource "openstack_compute_floatingip_associate_v2" "float_ip_assoc_count" { | |
| # count = 2 | |
| # floating_ip = openstack_networking_floatingip_v2.floating_ip_count[count.index].address | |
| # instance_id = openstack_compute_instance_v2.demo_count[count.index].id | |
| # } | |
| # # Lets create 2 volumes | |
| # resource "openstack_blockstorage_volume_v2" "scratch_volume_count" { | |
| # count = 2 | |
| # name = "${var.name_prefix}_scratch_volume_${count.index}" | |
| # description = "Scratch svolume for ${var.name_prefix}" | |
| # size = 2 | |
| # } | |
| # # Attach our volumes to the instances | |
| # resource "openstack_compute_volume_attach_v2" "scratch_volume_attach_count" { | |
| # count = 2 | |
| # instance_id = openstack_compute_instance_v2.demo_count[count.index].id | |
| # volume_id = openstack_blockstorage_volume_v2.scratch_volume_count[count.index].id | |
| # } | |
| #################### Outputs #################### | |
| # Output the IP address attached to our resource | |
| output "demo_instance_floating_ip" { | |
| # value = openstack_networking_floatingip_v2.floating_ip.address | |
| value = openstack_compute_instance_v2.demo.access_ip_v4 | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment