From 22b51b7416ce49131036e607482e92b5f3127f93 Mon Sep 17 00:00:00 2001 From: Arif Ali Date: Mon, 10 Jul 2023 15:24:23 +0100 Subject: [PATCH] Add more configuration * Add quota information as required as per my scripts * Add a terraform project for initial bits after deployment of stack --- openstack/init/{01-main.tf => 00-main.tf} | 9 +++ openstack/init/02-quota.tf | 25 +++++++ openstack/stsstack_init/00-main.tf | 18 +++++ openstack/stsstack_init/01-default-flavors.tf | 71 +++++++++++++++++++ .../stsstack_init/01-default-networks.tf | 57 +++++++++++++++ openstack/stsstack_init/01-default-roles.tf | 8 +++ openstack/stsstack_init/01-test-creds.tf | 46 ++++++++++++ 7 files changed, 234 insertions(+) rename openstack/init/{01-main.tf => 00-main.tf} (83%) create mode 100644 openstack/init/02-quota.tf create mode 100644 openstack/stsstack_init/00-main.tf create mode 100644 openstack/stsstack_init/01-default-flavors.tf create mode 100644 openstack/stsstack_init/01-default-networks.tf create mode 100644 openstack/stsstack_init/01-default-roles.tf create mode 100644 openstack/stsstack_init/01-test-creds.tf diff --git a/openstack/init/01-main.tf b/openstack/init/00-main.tf similarity index 83% rename from openstack/init/01-main.tf rename to openstack/init/00-main.tf index ff7f068..c4ba324 100644 --- a/openstack/init/01-main.tf +++ b/openstack/init/00-main.tf @@ -12,11 +12,20 @@ provider "openstack" { cloud = "arif-home" } +variable "domain_id" { + type = string + default = "3fd5a53e08e243b49ac3b171d57b4e4a" +} + resource "openstack_compute_keypair_v2" "arif-key" { name = "arif-key" public_key = file("/home/arif/.ssh/aarsa4096canonical.pub") } +resource "openstack_identity_role_v3" "tenantLead" { + name = "tenantLead" +} + resource "openstack_compute_secgroup_v2" "allow_ssh" { name = "allow_ssh" description = "Allow ssh" diff --git a/openstack/init/02-quota.tf b/openstack/init/02-quota.tf new file mode 100644 index 0000000..581a365 --- /dev/null +++ b/openstack/init/02-quota.tf @@ -0,0 +1,25 @@ +data "openstack_identity_project_v3" "admin" { + name = "admin" + domain_id = var.domain_id +} + +resource "openstack_networking_quota_v2" "network_quota_1" { + project_id = data.openstack_identity_project_v3.admin.id + floatingip = 100 + network = 100 + port = 100 + security_group = 500 + security_group_rule = 500 + subnet = 100 +} + +resource "openstack_compute_quotaset_v2" "compute_quota_1" { + project_id = data.openstack_identity_project_v3.admin.id + cores = 100 + instances = 100 +} + +resource "openstack_blockstorage_quotaset_v3" "block_quota_1" { + project_id = data.openstack_identity_project_v3.admin.id + volumes = 100 +} diff --git a/openstack/stsstack_init/00-main.tf b/openstack/stsstack_init/00-main.tf new file mode 100644 index 0000000..6377790 --- /dev/null +++ b/openstack/stsstack_init/00-main.tf @@ -0,0 +1,18 @@ +terraform { + required_version = ">= 0.14.0" + required_providers { + openstack = { + source = "terraform-provider-openstack/openstack" + version = "1.49.0" + } + } +} + +provider "openstack" { + cloud = "arif-home" +} + +variable "domain_id" { + type = string + default = "3fd5a53e08e243b49ac3b171d57b4e4a" +} diff --git a/openstack/stsstack_init/01-default-flavors.tf b/openstack/stsstack_init/01-default-flavors.tf new file mode 100644 index 0000000..1ebb2fb --- /dev/null +++ b/openstack/stsstack_init/01-default-flavors.tf @@ -0,0 +1,71 @@ +resource "openstack_compute_flavor_v2" "m1_tiny" { + name = "m1.tiny" + ram = "512" + vcpus = "1" + disk = "1" + flavor_id = "1" + is_public = true +} + +resource "openstack_compute_flavor_v2" "m1_small" { + name = "m1.small" + ram = "2048" + vcpus = "1" + disk = "20" + flavor_id = "2" + is_public = true +} + +resource "openstack_compute_flavor_v2" "m1_medium" { + name = "m1.medium" + ram = "4096" + vcpus = "2" + disk = "20" + flavor_id = "3" + is_public = true +} + +resource "openstack_compute_flavor_v2" "m1_large" { + name = "m1.large" + ram = "8192" + vcpus = "4" + disk = "20" + flavor_id = "4" + is_public = true +} + +resource "openstack_compute_flavor_v2" "m1_xlarge" { + name = "m1.xlarge" + ram = "16384" + vcpus = "4" + disk = "20" + flavor_id = "5" + is_public = true +} + +resource "openstack_compute_flavor_v2" "m1_cirros" { + name = "m1.cirros" + ram = "64" + vcpus = "1" + disk = "1" + flavor_id = "6" + is_public = true +} + +resource "openstack_compute_flavor_v2" "m1_tempest" { + name = "m1.tempest" + ram = "256" + vcpus = "1" + disk = "0" + flavor_id = "7" + is_public = true +} + +resource "openstack_compute_flavor_v2" "m2_tempest" { + name = "m2.tempest" + ram = "512" + vcpus = "1" + disk = "0" + flavor_id = "8" + is_public = true +} diff --git a/openstack/stsstack_init/01-default-networks.tf b/openstack/stsstack_init/01-default-networks.tf new file mode 100644 index 0000000..603dfed --- /dev/null +++ b/openstack/stsstack_init/01-default-networks.tf @@ -0,0 +1,57 @@ +resource "openstack_networking_network_v2" "ext_net" { + name = "ext_net" + admin_state_up = "true" + shared = true + external = true + + segments { + + physical_network = "physnet1" + network_type = "flat" + + } +} + +resource "openstack_networking_subnet_v2" "ext_net_subnet" { + name = "ext_net_subnet" + network_id = openstack_networking_network_v2.ext_net.id + cidr = "192.168.1.0/24" + gateway_ip = "192.168.1.254" + enable_dhcp = false + ip_version = 4 + dns_nameservers = ["192.168.1.9","192.168.1.13"] + + allocation_pool { + start = "192.168.1.42" + end = "192.168.1.79" + } +} + + +resource "openstack_networking_router_v2" "provider-router" { + name = "provider-router" + admin_state_up = true + external_network_id = openstack_networking_network_v2.ext_net.id +} + +resource "openstack_networking_network_v2" "private" { + name = "private" + admin_state_up = "true" +} + +resource "openstack_networking_subnet_v2" "private_subnet" { + name = "private_subnet" + network_id = openstack_networking_network_v2.private.id + cidr = "192.168.21.0/24" + + allocation_pool { + start = "192.168.21.2" + end = "192.168.21.254" + } + +} + +resource "openstack_networking_router_interface_v2" "private_ext_route" { + router_id = openstack_networking_router_v2.provider-router.id + subnet_id = openstack_networking_subnet_v2.private_subnet.id +} diff --git a/openstack/stsstack_init/01-default-roles.tf b/openstack/stsstack_init/01-default-roles.tf new file mode 100644 index 0000000..ad7d9cc --- /dev/null +++ b/openstack/stsstack_init/01-default-roles.tf @@ -0,0 +1,8 @@ +data "openstack_identity_role_v3" "Member" { + name = "Member" +} + +resource "openstack_identity_role_v3" "ResellerAdmin" { + name = "ResellerAdmin" +} + diff --git a/openstack/stsstack_init/01-test-creds.tf b/openstack/stsstack_init/01-test-creds.tf new file mode 100644 index 0000000..631bee2 --- /dev/null +++ b/openstack/stsstack_init/01-test-creds.tf @@ -0,0 +1,46 @@ + +resource "openstack_identity_project_v3" "demo" { + name = "demo" + domain_id = var.domain_id +} + +resource "openstack_identity_project_v3" "alt_demo" { + name = "alt_demo" + domain_id = var.domain_id +} + +resource "openstack_identity_user_v3" "demo" { + default_project_id = openstack_identity_project_v3.demo.id + name = "demo" + domain_id = var.domain_id + password = "pass" + enabled = true + + extra = { + email = "demo@dev.null" + } +} + +resource "openstack_identity_user_v3" "alt_demo" { + default_project_id = openstack_identity_project_v3.alt_demo.id + name = "alt_demo" + domain_id = var.domain_id + password = "secret" + enabled = true + + extra = { + email = "alt_demo@dev.null" + } +} + +resource "openstack_identity_role_assignment_v3" "demo_user_role_member" { + user_id = openstack_identity_user_v3.demo.id + project_id = openstack_identity_project_v3.demo.id + role_id = data.openstack_identity_role_v3.Member.id +} + +resource "openstack_identity_role_assignment_v3" "alt_demo_user_role_member" { + user_id = openstack_identity_user_v3.alt_demo.id + project_id = openstack_identity_project_v3.alt_demo.id + role_id = data.openstack_identity_role_v3.Member.id +}