terraform/juju/home-maas/10-vault.tf

230 lines
4.0 KiB
Terraform
Raw Normal View History

resource "juju_machine" "vault" {
count = var.num_units
2024-05-07 19:23:43 +00:00
model = var.model-name
2024-05-13 07:12:59 +00:00
placement = join(":",["lxd",juju_machine.all_machines[var.sdn_ids[count.index]].machine_id])
constraints = "spaces=oam"
}
resource "juju_application" "vault" {
name = "vault"
model = var.model-name
charm {
2024-05-07 19:23:43 +00:00
name = "vault"
2024-05-12 13:43:53 +00:00
channel = var.vault_channel
2024-05-07 19:23:43 +00:00
base = var.default-base
}
units = var.num_units
placement = "${join(",",sort([
for res in juju_machine.vault :
res.machine_id
]))}"
config = {
2024-05-07 19:23:43 +00:00
vip = var.vips["vault"]
nagios_context = var.nagios-context
}
}
resource "juju_application" "vault-mysql-router" {
name = "vault-mysql-router"
model = var.model-name
charm {
2024-05-07 19:23:43 +00:00
name = "mysql-router"
2024-05-12 13:43:53 +00:00
channel = var.mysql-router-channel
}
units = 0
endpoint_bindings = [
{
2024-05-07 19:23:43 +00:00
space = var.oam-space
},{
endpoint = "shared-db"
2024-05-07 19:23:43 +00:00
space = var.internal-space
},{
endpoint = "db-router"
2024-05-07 19:23:43 +00:00
space = var.internal-space
},
]
config = {
source = var.openstack-origin
}
}
resource "juju_application" "hacluster-vault" {
name = "hacluster-vault"
model = var.model-name
charm {
name = "hacluster"
2024-05-12 13:43:53 +00:00
channel = var.hacluster-channel
}
units = 0
}
resource "juju_machine" "etcd" {
count = var.num_units
2024-05-07 19:23:43 +00:00
model = var.model-name
2024-05-13 07:12:59 +00:00
placement = join(":",["lxd",juju_machine.all_machines[var.sdn_ids[count.index]].machine_id])
constraints = "spaces=oam"
}
resource "juju_application" "etcd" {
name = "etcd"
model = var.model-name
charm {
name = "etcd"
2024-05-12 13:43:53 +00:00
channel = var.etcd_channel
2024-05-07 19:23:43 +00:00
base = var.default-base
2024-05-12 13:43:53 +00:00
revision = var.etcd_revision
}
placement = "${join(",",sort([
for res in juju_machine.etcd :
res.machine_id
]))}"
endpoint_bindings = [{
2024-05-07 19:23:43 +00:00
space = var.oam-space
},{
2024-05-07 19:23:43 +00:00
space = var.internal-space
endpoint = "cluster"
},{
2024-05-07 19:23:43 +00:00
space = var.internal-space
endpoint = "db"
}]
2024-05-12 13:43:53 +00:00
units = var.num_units
config = {
channel = "3.2/stable"
}
}
resource "juju_machine" "easyrsa" {
2024-05-07 19:23:43 +00:00
model = var.model-name
placement = join(":",["lxd",juju_machine.all_machines["402"].machine_id])
constraints = "spaces=oam"
}
resource "juju_application" "easyrsa" {
name = "easyrsa"
model = var.model-name
charm {
2024-05-07 19:23:43 +00:00
name = "easyrsa"
2024-05-12 13:43:53 +00:00
channel = var.easyrsa_channel
2024-05-07 19:23:43 +00:00
base = var.default-base
}
placement = "${juju_machine.easyrsa.machine_id}"
2024-05-07 19:23:43 +00:00
endpoint_bindings = [{space = var.oam-space}]
units = 1
}
resource "juju_integration" "vault-etcd" {
model = var.model-name
application {
2024-05-07 19:23:43 +00:00
name = juju_application.vault.name
endpoint = "etcd"
}
application {
2024-05-07 19:23:43 +00:00
name = juju_application.etcd.name
endpoint = "db"
}
}
resource "juju_integration" "etcd-easyrsa" {
model = var.model-name
application {
2024-05-07 19:23:43 +00:00
name = juju_application.etcd.name
endpoint = "certificates"
}
application {
2024-05-07 19:23:43 +00:00
name = juju_application.easyrsa.name
endpoint = "client"
}
}
resource "juju_integration" "vault-ha" {
model = var.model-name
application {
2024-05-07 19:23:43 +00:00
name = juju_application.vault.name
endpoint = "ha"
}
application {
2024-05-07 19:23:43 +00:00
name = juju_application.hacluster-vault.name
endpoint = "ha"
}
}
resource "juju_integration" "vault-mysql" {
model = var.model-name
application {
2024-05-07 19:23:43 +00:00
name = juju_application.vault.name
endpoint = "shared-db"
}
application {
2024-05-07 19:23:43 +00:00
name = juju_application.vault-mysql-router.name
endpoint = "shared-db"
}
}
resource "juju_integration" "vault-ceph" {
model = var.model-name
application {
2024-05-07 19:23:43 +00:00
name = juju_application.vault.name
endpoint = "secrets"
}
application {
2024-05-07 19:23:43 +00:00
name = juju_application.ceph-osd.name
endpoint = "secrets-storage"
}
}
resource "juju_integration" "vault-db" {
model = var.model-name
application {
2024-05-07 19:23:43 +00:00
name = juju_application.vault-mysql-router.name
endpoint = "db-router"
}
application {
2024-05-07 19:23:43 +00:00
name = juju_application.mysql-innodb-cluster.name
endpoint = "db-router"
}
}