Last active
August 29, 2015 14:28
-
-
Save hany/fe19df0e7884332d4626 to your computer and use it in GitHub Desktop.
Terraform files for Cloud.ca
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
provider "cloudstack" { | |
api_url = "${var.api_url}" | |
api_key = "${var.api_key}" | |
secret_key = "${var.secret_key}" | |
} | |
resource "cloudstack_vpc" "staging" { | |
name = "staging" | |
cidr = "10.164.240.0/22" | |
vpc_offering = "Default VPC offering" | |
zone = "${var.zone}" | |
project = "${var.project}" | |
} | |
resource "cloudstack_network_acl" "allow_all" { | |
name = "allow_all" | |
vpc = "${cloudstack_vpc.staging.id}" | |
} | |
resource "cloudstack_network_acl_rule" "allow_all" { | |
aclid = "${cloudstack_network_acl.allow_all.id}" | |
rule { | |
action = "allow" | |
source_cidr = "0.0.0.0/0" | |
protocol = "all" | |
traffic_type = "ingress" | |
} | |
rule { | |
action = "allow" | |
source_cidr = "0.0.0.0/0" | |
protocol = "all" | |
traffic_type = "egress" | |
} | |
} | |
resource "cloudstack_network" "proxy" { | |
name = "proxy" | |
cidr = "10.164.240.0/24" | |
network_offering = "VPC without Load Balancing" | |
vpc = "${cloudstack_vpc.staging.id}" | |
zone = "${var.zone}" | |
aclid = "${cloudstack_network_acl.allow_all.id}" | |
project = "${var.project}" | |
} | |
resource "cloudstack_network" "app" { | |
name = "app" | |
cidr = "10.164.241.0/24" | |
network_offering = "VPC without Load Balancing" | |
vpc = "${cloudstack_vpc.staging.id}" | |
zone = "${var.zone}" | |
aclid = "${cloudstack_network_acl.allow_all.id}" | |
project = "${var.project}" | |
} | |
resource "cloudstack_network" "db" { | |
name = "db" | |
cidr = "10.164.242.0/24" | |
network_offering = "VPC without Load Balancing" | |
vpc = "${cloudstack_vpc.staging.id}" | |
zone = "${var.zone}" | |
aclid = "${cloudstack_network_acl.allow_all.id}" | |
project = "${var.project}" | |
} | |
resource "cloudstack_network" "util" { | |
name = "util" | |
cidr = "10.164.243.0/24" | |
network_offering = "VPC without Load Balancing" | |
vpc = "${cloudstack_vpc.staging.id}" | |
zone = "${var.zone}" | |
aclid = "${cloudstack_network_acl.allow_all.id}" | |
project = "${var.project}" | |
} | |
resource "cloudstack_instance" "prod-proxy01" { | |
name = "prod-proxy01" | |
service_offering= "1vCPU.2GB" | |
network = "${cloudstack_network.proxy.id}" | |
template = "CentOS 6.6 base (64bit)" | |
zone = "${var.zone}" | |
project = "${var.project}" | |
user_data = "${file(\"user_data.sh\")}" | |
expunge = true | |
} | |
resource "cloudstack_instance" "prod-app01" { | |
name = "prod-app01" | |
service_offering= "1vCPU.2GB" | |
network = "${cloudstack_network.app.id}" | |
template = "CentOS 6.6 base (64bit)" | |
zone = "${var.zone}" | |
project = "${var.project}" | |
user_data = "${file(\"user_data.sh\")}" | |
expunge = true | |
} | |
resource "cloudstack_instance" "prod-app02" { | |
name = "prod-app02" | |
service_offering= "1vCPU.2GB" | |
network = "${cloudstack_network.app.id}" | |
template = "CentOS 6.6 base (64bit)" | |
zone = "${var.zone}" | |
project = "${var.project}" | |
user_data = "${file(\"user_data.sh\")}" | |
expunge = true | |
} | |
resource "cloudstack_instance" "prod-db01" { | |
name = "prod-db01" | |
service_offering= "1vCPU.2GB" | |
network = "${cloudstack_network.db.id}" | |
template = "CentOS 6.6 base (64bit)" | |
zone = "${var.zone}" | |
project = "${var.project}" | |
user_data = "${file(\"user_data.sh\")}" | |
expunge = true | |
} | |
resource "cloudstack_instance" "prod-queue01" { | |
name = "prod-queue01" | |
service_offering= "1vCPU.2GB" | |
network = "${cloudstack_network.util.id}" | |
template = "CentOS 6.6 base (64bit)" | |
zone = "${var.zone}" | |
project = "${var.project}" | |
user_data = "${file(\"user_data.sh\")}" | |
expunge = true | |
} | |
resource "cloudstack_instance" "prod-wrkr01" { | |
name = "prod-wrkr01" | |
service_offering= "1vCPU.2GB" | |
network = "${cloudstack_network.util.id}" | |
template = "CentOS 6.6 base (64bit)" | |
zone = "${var.zone}" | |
project = "${var.project}" | |
user_data = "${file(\"user_data.sh\")}" | |
expunge = true | |
} | |
resource "cloudstack_disk" "prod-db01-data" { | |
name = "prod-db01_data" | |
attach = "true" | |
disk_offering = "100GB - 100 IOPS Min." | |
virtual_machine = "${cloudstack_instance.prod-db01.id}" | |
zone = "${var.zone}" | |
project = "${var.project}" | |
} | |
resource "cloudstack_ipaddress" "prod-proxy-tier-ip" { | |
vpc = "${cloudstack_vpc.staging.id}" | |
project = "${var.project}" | |
} | |
resource "cloudstack_ipaddress" "prod-app-tier-ip" { | |
vpc = "${cloudstack_vpc.staging.id}" | |
project = "${var.project}" | |
} | |
resource "cloudstack_ipaddress" "prod-db-tier-ip" { | |
vpc = "${cloudstack_vpc.staging.id}" | |
project = "${var.project}" | |
} | |
resource "cloudstack_ipaddress" "prod-util-tier-ip" { | |
vpc = "${cloudstack_vpc.staging.id}" | |
project = "${var.project}" | |
} | |
resource "cloudstack_port_forward" "prod-proxy-ssh-map" { | |
ipaddress = "${cloudstack_ipaddress.prod-proxy-tier-ip.id}" | |
depends_on = ["cloudstack_instance.prod-proxy01", "cloudstack_network.proxy"] | |
# managed = "true" | |
forward { | |
protocol = "tcp" | |
private_port = 22 | |
public_port = 2222 | |
virtual_machine = "${cloudstack_instance.prod-proxy01.id}" | |
} | |
} | |
resource "cloudstack_port_forward" "prod-app-ssh-map" { | |
ipaddress = "${cloudstack_ipaddress.prod-app-tier-ip.id}" | |
depends_on = ["cloudstack_instance.prod-app01", "cloudstack_instance.prod-app01", "cloudstack_network.app"] | |
# managed = "true" | |
forward { | |
protocol = "tcp" | |
private_port = 22 | |
public_port = 2222 | |
virtual_machine = "${cloudstack_instance.prod-app01.id}" | |
} | |
forward { | |
protocol = "tcp" | |
private_port = 22 | |
public_port = 2223 | |
virtual_machine = "${cloudstack_instance.prod-app02.id}" | |
} | |
} | |
resource "cloudstack_port_forward" "prod-db-ssh-map" { | |
ipaddress = "${cloudstack_ipaddress.prod-db-tier-ip.id}" | |
depends_on = ["cloudstack_instance.prod-db01", "cloudstack_network.db"] | |
# managed = "true" | |
forward { | |
protocol = "tcp" | |
private_port = 22 | |
public_port = 2222 | |
virtual_machine = "${cloudstack_instance.prod-db01.id}" | |
} | |
} | |
resource "cloudstack_port_forward" "prod-util-ssh-map" { | |
ipaddress = "${cloudstack_ipaddress.prod-util-tier-ip.id}" | |
depends_on = ["cloudstack_instance.prod-queue01", "cloudstack_instance.prod-wrkr01", "cloudstack_network.util"] | |
# managed = "true" | |
forward { | |
protocol = "tcp" | |
private_port = 22 | |
public_port = 2222 | |
virtual_machine = "${cloudstack_instance.prod-queue01.id}" | |
} | |
forward { | |
protocol = "tcp" | |
private_port = 22 | |
public_port = 2223 | |
virtual_machine = "${cloudstack_instance.prod-wrkr01.id}" | |
} | |
} | |
output "proxy-ip" { | |
value = "${cloudstack_ipaddress.prod-proxy-tier-ip.ipaddress}" | |
} | |
output "app-ip" { | |
value = "${cloudstack_ipaddress.prod-app-tier-ip.ipaddress}" | |
} | |
output "db-ip" { | |
value = "${cloudstack_ipaddress.prod-db-tier-ip.ipaddress}" | |
} | |
output "util-ip" { | |
value = "${cloudstack_ipaddress.prod-util-tier-ip.ipaddress}" | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
echo 'ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAwkdSIYUv1U8TsouMVujqyr8QqmFVIMoDdj3+9pWlNJP8MnNYUrPvu67q1HbgemccerhumK7lrGXQrQ2dtUyfXZmoUlXOq+X4+qgNQCy/l3TEkeFJBhrXD5rqKA+mOYuUZWwF6BTyxOQ6eGmsyw3jRS9stJEgl0KMaD9HfQag4SG+AGBSWnpfUU9oKAgG9rYGjLra4zLPZfswiTTpKXN864R1hkfmFib6qsJSV2tYXZdK6UBVGjNxlGpdD2PZz7h+8dxMW5feOSzFAbzj2Kf0jxdNFcdObjmUvtHFWC0Ib7Sp0I96LioWJbfsPxKR6zjPZXivMfrHRzByrhLP4pHh5w== hany@mbp' > ~cca-user/.ssh/authorized_keys | |
chmod 0600 ~cca-user/.ssh/authorized_keys | |
chown cca-user ~cca-user/.ssh/authorized_keys |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
variable "api_url" { | |
default = "https://compute-east.cloud.ca/client/api" | |
} | |
variable "api_key" {} | |
variable "secret_key" {} | |
variable "zone" { | |
default = "QC-1" | |
} | |
variable "project" {} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment