arif/terraform
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add latest updates

Browse Source 
* Issues with etc due to storage
* Issues with cinder due to storage
* This only works if the conflict between placement and contraints is
  removed from the juju provider
This commit is contained in:
Arif Ali 2024-05-06 17:44:43 +01:00
parent 8b14721da2
commit f1b2063a93
Signed by: arif
GPG Key ID: 369608FBA1353A70
12 changed files with 1306 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
juju/home-maas/00-variables.tf
View File

@ -10,6 +10,11 @@ variable openstack-origin {
default = "distro"
}
variable openstack-region {
type = string
default = "RegionOne"
}
variable osd-devices {
type = string
default = ""
@ -44,3 +49,18 @@ variable dns-servers {
type = string
default = ""
}
variable nagios-context {
type = string
default = ""
}
variable mysql-connections {
type = string
default = "4000"
}
variable mysql-tuning-level {
type = string
default = "safest"
}

147
juju/home-maas/04-keystone.tf Normal file
View File

@ -0,0 +1,147 @@
resource "juju_machine" "keystone-1" {
model = juju_model.cpe-focal.name
placement = join(":",["lxd",juju_machine.all_machines["103"].machine_id])
constraints = "spaces=oam"
}
resource "juju_machine" "keystone-2" {
model = juju_model.cpe-focal.name
placement = join(":",["lxd",juju_machine.all_machines["104"].machine_id])
constraints = "spaces=oam"
}
resource "juju_machine" "keystone-3" {
model = juju_model.cpe-focal.name
placement = join(":",["lxd",juju_machine.all_machines["105"].machine_id])
constraints = "spaces=oam"
}
resource "juju_application" "keystone" {
name = "keystone"
model = juju_model.cpe-focal.name
charm {
name = "keystone"
channel = "ussuri/stable"
}
units = 3
placement = "${join(",",sort([
juju_machine.keystone-1.machine_id,
juju_machine.keystone-2.machine_id,
juju_machine.keystone-3.machine_id,
]))}"
endpoint_bindings = [{
space = "oam"
},{
space = "oam"
endpoint = "public"
},{
space = "oam"
endpoint = "admin"
},{
space = "oam"
endpoint = "internal"
},{
space = "oam"
endpoint = "shared-db"
}]
config = {
worker-multiplier = var.worker-multiplier
openstack-origin = var.openstack-origin
vip = "10.0.1.216"
region = var.openstack-region
preferred-api-version = "3"
token-provider = "fernet"
}
}
resource "juju_application" "keystone-mysql-router" {
name = "keystone-mysql-router"
model = juju_model.cpe-focal.name
charm {
name = "mysql-router"
channel = "8.0/stable"
}
units = 0
endpoint_bindings = [{
space = "oam"
},{
space = "oam"
endpoint = "shared-db"
},{
space = "oam"
endpoint = "db-router"
}]
config = {
source = var.openstack-origin
}
}
resource "juju_application" "hacluster-keystone" {
name = "hacluster-keystone"
model = juju_model.cpe-focal.name
charm {
name = "hacluster"
channel = "2.0.3/stable"
}
units = 0
}
resource "juju_integration" "keystone-ha" {
model = juju_model.cpe-focal.name
application {
name = juju_application.keystone.name
endpoint = "ha"
}
application {
name = juju_application.hacluster-keystone.name
endpoint = "ha"
}
}
resource "juju_integration" "keystone-mysql" {
model = juju_model.cpe-focal.name
application {
name = juju_application.keystone.name
endpoint = "shared-db"
}
application {
name = juju_application.keystone-mysql-router.name
endpoint = "shared-db"
}
}
resource "juju_integration" "keystone-db" {
model = juju_model.cpe-focal.name
application {
name = juju_application.keystone-mysql-router.name
endpoint = "db-router"
}
application {
name = juju_application.mysql-innodb-cluster.name
endpoint = "db-router"
}
}

57
juju/home-maas/04-mysql.tf Normal file
View File

@ -0,0 +1,57 @@
resource "juju_machine" "mysql-1" {
model = juju_model.cpe-focal.name
placement = join(":",["lxd",juju_machine.all_machines["100"].machine_id])
constraints = "spaces=oam"
}
resource "juju_machine" "mysql-2" {
model = juju_model.cpe-focal.name
placement = join(":",["lxd",juju_machine.all_machines["101"].machine_id])
constraints = "spaces=oam"
}
resource "juju_machine" "mysql-3" {
model = juju_model.cpe-focal.name
placement = join(":",["lxd",juju_machine.all_machines["102"].machine_id])
constraints = "spaces=oam"
}
resource "juju_application" "mysql-innodb-cluster" {
name = "mysql-innodb-cluster"
model = juju_model.cpe-focal.name
charm {
name = "mysql-innodb-cluster"
channel = "8.0/stable"
base = "ubuntu@20.04"
}
units = 3
placement = "${join(",",sort([
juju_machine.mysql-1.machine_id,
juju_machine.mysql-2.machine_id,
juju_machine.mysql-3.machine_id,
]))}"
endpoint_bindings = [{
space = "oam"
},{
endpoint = "cluster"
space = "oam"
},{
endpoint = "db-router"
space = "oam"
}]
config = {
source = var.openstack-origin
#innodb-buffer-pool-size = "16G"
wait-timeout = "3600"
enable-binlogs = "false"
snapd_refresh = "max"
max-connections = var.mysql-connections
tuning-level = var.mysql-tuning-level
}
}

52
juju/home-maas/04-rmq.tf Normal file
View File

@ -0,0 +1,52 @@
resource "juju_machine" "rmq-1" {
model = juju_model.cpe-focal.name
placement = join(":",["lxd",juju_machine.all_machines["103"].machine_id])
constraints = "spaces=oam"
}
resource "juju_machine" "rmq-2" {
model = juju_model.cpe-focal.name
placement = join(":",["lxd",juju_machine.all_machines["104"].machine_id])
constraints = "spaces=oam"
}
resource "juju_machine" "rmq-3" {
model = juju_model.cpe-focal.name
placement = join(":",["lxd",juju_machine.all_machines["105"].machine_id])
constraints = "spaces=oam"
}
resource "juju_application" "rabbitmq-server" {
name = "rabbitmq-server"
model = juju_model.cpe-focal.name
charm {
name = "rabbitmq-server"
channel = "3.8/stable"
}
units = 3
placement = "${join(",",sort([
juju_machine.rmq-1.machine_id,
juju_machine.rmq-2.machine_id,
juju_machine.rmq-3.machine_id,
]))}"
endpoint_bindings = [{
space = "oam"
},{
endpoint = "amqp"
space = "oam"
},{
endpoint = "cluster"
space = "oam"
}]
config = {
source = var.openstack-origin
min-cluster-size = "3"
cluster-partition-handling = "pause_minority"
}
}

49
juju/home-maas/05-ceph.tf
View File

@ -24,25 +24,27 @@ resource "juju_application" "ceph-osd" {
osd-devices = var.osd-devices
source = var.openstack-origin
aa-profile-mode = "complain"
osd-encrypt = "true"
osd-encrypt-keymanager = "vault"
customize-failure-domain = "true"
autotune = "false"
bluestore = "true"
#osd-encrypt = "true"
#osd-encrypt-keymanager = "vault"
}
}
resource "juju_machine" "ceph-mon-1" {
model = juju_model.cpe-focal.name
placement = join(":",["lxd",juju_machine.all_machines["101"].machine_id])
placement = join(":",["lxd",juju_machine.all_machines["100"].machine_id])
constraints = "spaces=oam,ceph-access,ceph-replica"
}
resource "juju_machine" "ceph-mon-2" {
model = juju_model.cpe-focal.name
placement = join(":",["lxd",juju_machine.all_machines["102"].machine_id])
placement = join(":",["lxd",juju_machine.all_machines["101"].machine_id])
constraints = "spaces=oam,ceph-access,ceph-replica"
}
resource "juju_machine" "ceph-mon-3" {
model = juju_model.cpe-focal.name
placement = join(":",["lxd",juju_machine.all_machines["103"].machine_id])
placement = join(":",["lxd",juju_machine.all_machines["102"].machine_id])
constraints = "spaces=oam,ceph-access,ceph-replica"
}
@ -68,20 +70,20 @@ resource "juju_application" "ceph-mon" {
endpoint_bindings = [{
space = "oam"
},{
space = "ceph-access"
endpoint = "public"
},{
space = "ceph-access"
},{
endpoint = "osd"
},{
space = "ceph-access"
},{
endpoint = "client"
},{
space = "ceph-access"
endpoint = "admin"
},{
space = "ceph-replica"
endpoint = "admin"
space = "ceph-access"
},{
endpoint = "cluster"
space = "ceph-replica"
}]
config = {
@ -94,17 +96,17 @@ resource "juju_application" "ceph-mon" {
resource "juju_machine" "ceph-rgw-1" {
model = juju_model.cpe-focal.name
placement = join(":",["lxd",juju_machine.all_machines["101"].machine_id])
placement = join(":",["lxd",juju_machine.all_machines["100"].machine_id])
constraints = "spaces=oam,ceph-access"
}
resource "juju_machine" "ceph-rgw-2" {
model = juju_model.cpe-focal.name
placement = join(":",["lxd",juju_machine.all_machines["102"].machine_id])
placement = join(":",["lxd",juju_machine.all_machines["101"].machine_id])
constraints = "spaces=oam,ceph-access"
}
resource "juju_machine" "ceph-rgw-3" {
model = juju_model.cpe-focal.name
placement = join(":",["lxd",juju_machine.all_machines["103"].machine_id])
placement = join(":",["lxd",juju_machine.all_machines["102"].machine_id])
constraints = "spaces=oam,ceph-access"
}
@ -143,9 +145,10 @@ resource "juju_application" "ceph-radosgw" {
}]
config = {
source: var.openstack-origin
source = var.openstack-origin
vip = "10.0.1.224"
operator-roles = "Member,admin"
region = var.openstack-region
os-admin-hostname = "swift-internal.example.com"
os-internal-hostname = "swift-internal.example.com"
os-public-hostname = "swift.example.com"
@ -212,3 +215,19 @@ resource "juju_integration" "rgw-ha" {
endpoint = "ha"
}
}
resource "juju_integration" "rgw-keystone" {
model = juju_model.cpe-focal.name
application {
name = juju_application.ceph-radosgw.name
endpoint = "identity-service"
}
application {
name = juju_application.keystone.name
endpoint = "identity-service"
}
}

243
juju/home-maas/05-cinder.tf Normal file
View File

@ -0,0 +1,243 @@
resource "juju_machine" "cinder-1" {
model = juju_model.cpe-focal.name
placement = join(":",["lxd",juju_machine.all_machines["100"].machine_id])
constraints = "spaces=oam"
}
resource "juju_machine" "cinder-2" {
model = juju_model.cpe-focal.name
placement = join(":",["lxd",juju_machine.all_machines["101"].machine_id])
constraints = "spaces=oam"
}
resource "juju_machine" "cinder-3" {
model = juju_model.cpe-focal.name
placement = join(":",["lxd",juju_machine.all_machines["102"].machine_id])
constraints = "spaces=oam"
}
resource "juju_application" "cinder" {
name = "cinder"
model = juju_model.cpe-focal.name
charm {
name = "cinder"
channel = "ussuri/stable"
}
units = 3
placement = "${join(",",sort([
juju_machine.cinder-1.machine_id,
juju_machine.cinder-2.machine_id,
juju_machine.cinder-3.machine_id,
]))}"
endpoint_bindings = [{
space = "oam"
},{
endpoint = "public"
space = "oam"
},{
endpoint = "admin"
space = "oam"
},{
endpoint = "internal"
space = "oam"
},{
endpoint = "shared-db"
space = "oam"
}]
config = {
worker-multiplier = var.worker-multiplier
openstack-origin = var.openstack-origin
region = var.openstack-region
vip = "10.0.1.212"
region = var.openstack-region
use-internal-endpoints = "true"
block-device = "None"
glance-api-version = "2"
enabled-services = "api,scheduler,volume"
}
}
resource "juju_application" "cinder-ceph" {
name = "cinder-ceph"
model = juju_model.cpe-focal.name
charm {
name = "cinder-ceph"
channel = "ussuri/stable"
}
units = 0
config = {
restrict-ceph-pools = "false"
}
}
resource "juju_application" "cinder-mysql-router" {
name = "cinder-mysql-router"
model = juju_model.cpe-focal.name
charm {
name = "mysql-router"
channel = "8.0/stable"
}
units = 0
endpoint_bindings = [{
space = "oam"
},{
space = "oam"
endpoint = "shared-db"
},{
space = "oam"
endpoint = "db-router"
}]
config = {
source = var.openstack-origin
}
}
resource "juju_application" "hacluster-cinder" {
name = "hacluster-cinder"
model = juju_model.cpe-focal.name
charm {
name = "hacluster"
channel = "2.0.3/stable"
}
units = 0
}
resource "juju_integration" "cinder-ha" {
model = juju_model.cpe-focal.name
application {
name = juju_application.cinder.name
endpoint = "ha"
}
application {
name = juju_application.hacluster-cinder.name
endpoint = "ha"
}
}
resource "juju_integration" "cinder-mysql" {
model = juju_model.cpe-focal.name
application {
name = juju_application.cinder.name
endpoint = "shared-db"
}
application {
name = juju_application.cinder-mysql-router.name
endpoint = "shared-db"
}
}
resource "juju_integration" "cinder-db" {
model = juju_model.cpe-focal.name
application {
name = juju_application.cinder-mysql-router.name
endpoint = "db-router"
}
application {
name = juju_application.mysql-innodb-cluster.name
endpoint = "db-router"
}
}
resource "juju_integration" "cinder-rmq" {
model = juju_model.cpe-focal.name
application {
name = juju_application.cinder.name
endpoint = "amqp"
}
application {
name = juju_application.rabbitmq-server.name
endpoint = "amqp"
}
}
resource "juju_integration" "cinder-keystone" {
model = juju_model.cpe-focal.name
application {
name = juju_application.cinder.name
endpoint = "identity-service"
}
application {
name = juju_application.keystone.name
endpoint = "identity-service"
}
}
resource "juju_integration" "cinder-ceph" {
model = juju_model.cpe-focal.name
application {
name = juju_application.cinder.name
endpoint = "ceph"
}
application {
name = juju_application.ceph-mon.name
endpoint = "client"
}
}
resource "juju_integration" "cinder-ceph-mon" {
model = juju_model.cpe-focal.name
application {
name = juju_application.cinder-ceph.name
endpoint = "ceph"
}
application {
name = juju_application.ceph-mon.name
endpoint = "client"
}
}
resource "juju_integration" "cinder-ceph-cinder" {
model = juju_model.cpe-focal.name
application {
name = juju_application.cinder-ceph.name
endpoint = "storage-backend"
}
application {
name = juju_application.cinder.name
endpoint = "storage-backend"
}
}

207
juju/home-maas/05-glance.tf Normal file
View File

@ -0,0 +1,207 @@
resource "juju_machine" "glance-1" {
model = juju_model.cpe-focal.name
placement = join(":",["lxd",juju_machine.all_machines["100"].machine_id])
constraints = "spaces=oam"
}
resource "juju_machine" "glance-2" {
model = juju_model.cpe-focal.name
placement = join(":",["lxd",juju_machine.all_machines["101"].machine_id])
constraints = "spaces=oam"
}
resource "juju_machine" "glance-3" {
model = juju_model.cpe-focal.name
placement = join(":",["lxd",juju_machine.all_machines["102"].machine_id])
constraints = "spaces=oam"
}
resource "juju_application" "glance" {
name = "glance"
model = juju_model.cpe-focal.name
charm {
name = "glance"
channel = "ussuri/stable"
}
units = 3
placement = "${join(",",sort([
juju_machine.glance-1.machine_id,
juju_machine.glance-2.machine_id,
juju_machine.glance-3.machine_id,
]))}"
endpoint_bindings = [{
space = "oam"
},{
endpoint = "public"
space = "oam"
},{
endpoint = "admin"
space = "oam"
},{
endpoint = "internal"
space = "oam"
},{
endpoint = "shared-db"
space = "oam"
}]
config = {
worker-multiplier = var.worker-multiplier
openstack-origin = var.openstack-origin
vip = "10.0.1.214"
region = var.openstack-region
use-internal-endpoints = "true"
restrict-ceph-pools = "false"
region = var.openstack-region
}
}
resource "juju_application" "glance-mysql-router" {
name = "glance-mysql-router"
model = juju_model.cpe-focal.name
charm {
name = "mysql-router"
channel = "8.0/stable"
}
units = 0
endpoint_bindings = [{
space = "oam"
},{
space = "oam"
endpoint = "shared-db"
},{
space = "oam"
endpoint = "db-router"
}]
config = {
source = var.openstack-origin
}
}
resource "juju_application" "hacluster-glance" {
name = "hacluster-glance"
model = juju_model.cpe-focal.name
charm {
name = "hacluster"
channel = "2.0.3/stable"
}
units = 0
}
resource "juju_integration" "glance-ha" {
model = juju_model.cpe-focal.name
application {
name = juju_application.glance.name
endpoint = "ha"
}
application {
name = juju_application.hacluster-glance.name
endpoint = "ha"
}
}
resource "juju_integration" "glance-mysql" {
model = juju_model.cpe-focal.name
application {
name = juju_application.glance.name
endpoint = "shared-db"
}
application {
name = juju_application.glance-mysql-router.name
endpoint = "shared-db"
}
}
resource "juju_integration" "glance-db" {
model = juju_model.cpe-focal.name
application {
name = juju_application.glance-mysql-router.name
endpoint = "db-router"
}
application {
name = juju_application.mysql-innodb-cluster.name
endpoint = "db-router"
}
}
resource "juju_integration" "glance-rmq" {
model = juju_model.cpe-focal.name
application {
name = juju_application.glance.name
endpoint = "amqp"
}
application {
name = juju_application.rabbitmq-server.name
endpoint = "amqp"
}
}
resource "juju_integration" "glance-keystone" {
model = juju_model.cpe-focal.name
application {
name = juju_application.glance.name
endpoint = "identity-service"
}
application {
name = juju_application.keystone.name
endpoint = "identity-service"
}
}
resource "juju_integration" "glance-ceph" {
model = juju_model.cpe-focal.name
application {
name = juju_application.glance.name
endpoint = "ceph"
}
application {
name = juju_application.ceph-mon.name
endpoint = "client"
}
}
resource "juju_integration" "glance-cinder" {
model = juju_model.cpe-focal.name
application {
name = juju_application.glance.name
endpoint = "image-service"
}
application {
name = juju_application.cinder.name
endpoint = "image-service"
}
}

90
juju/home-maas/06-nova-compute.tf
View File

@ -185,3 +185,93 @@ resource "juju_integration" "compute-ceph-mon" {
endpoint = "client"
}
}
resource "juju_integration" "neutron-api-ovs" {
model = juju_model.cpe-focal.name
application {
name = juju_application.neutron-openvswitch.name
endpoint = "neutron-plugin-api"
}
application {
name = juju_application.neutron-api.name
endpoint = "neutron-plugin-api"
}
}
resource "juju_integration" "nova-compute-rmq" {
model = juju_model.cpe-focal.name
application {
name = juju_application.nova-compute.name
endpoint = "amqp"
}
application {
name = juju_application.rabbitmq-server.name
endpoint = "amqp"
}
}
resource "juju_integration" "neutron-ovs-rmq" {
model = juju_model.cpe-focal.name
application {
name = juju_application.neutron-openvswitch.name
endpoint = "amqp"
}
application {
name = juju_application.rabbitmq-server.name
endpoint = "amqp"
}
}
resource "juju_integration" "ceilometer-agent-rmq" {
model = juju_model.cpe-focal.name
application {
name = juju_application.ceilometer-agent.name
endpoint = "amqp"
}
application {
name = juju_application.rabbitmq-server.name
endpoint = "amqp"
}
}
resource "juju_integration" "nova-compute-glance" {
model = juju_model.cpe-focal.name
application {
name = juju_application.nova-compute.name
endpoint = "image-service"
}
application {
name = juju_application.glance.name
endpoint = "image-service"
}
}
resource "juju_integration" "nova-compute-cinder-ceph" {
model = juju_model.cpe-focal.name
application {
name = juju_application.nova-compute.name
endpoint = "ceph-access"
}
application {
name = juju_application.cinder-ceph.name
endpoint = "ceph-access"
}
}

199
juju/home-maas/08-neutron.tf
View File

@ -27,4 +27,203 @@ resource "juju_application" "neutron-gateway" {
}
}
resource "juju_machine" "neutron-api-1" {
model = juju_model.cpe-focal.name
placement = join(":",["lxd",juju_machine.all_machines["100"].machine_id])
constraints = "spaces=oam"
}
resource "juju_machine" "neutron-api-2" {
model = juju_model.cpe-focal.name
placement = join(":",["lxd",juju_machine.all_machines["101"].machine_id])
constraints = "spaces=oam"
}
resource "juju_machine" "neutron-api-3" {
model = juju_model.cpe-focal.name
placement = join(":",["lxd",juju_machine.all_machines["102"].machine_id])
constraints = "spaces=oam"
}
resource "juju_application" "neutron-api" {
name = "neutron-api"
model = juju_model.cpe-focal.name
charm {
name = "neutron-api"
channel = "ussuri/stable"
}
units = 3
placement = "${join(",",sort([
juju_machine.neutron-api-1.machine_id,
juju_machine.neutron-api-2.machine_id,
juju_machine.neutron-api-3.machine_id,
]))}"
endpoint_bindings = [{
space = "oam"
},{
endpoint = "public"
space = "oam"
},{
endpoint = "admin"
space = "oam"
},{
endpoint = "internal"
space = "oam"
},{
endpoint = "shared-db"
space = "oam"
}]
config = {
vip = "10.0.1.218"
worker-multiplier: var.worker-multiplier
openstack-origin: var.openstack-origin
region: var.openstack-region
neutron-security-groups = "true"
#overlay-network-type = "vxlan gre"
overlay-network-type = "vxlan"
use-internal-endpoints = "true"
enable-l3ha = "true"
dhcp-agents-per-network = "2"
enable-ml2-port-security = "true"
default-tenant-network-type = "vxlan"
l2-population = "true"
#global-physnet-mtu = "9000"
manage-neutron-plugin-legacy-mode = "true"
}
}
resource "juju_application" "neutron-mysql-router" {
name = "neutron-mysql-router"
model = juju_model.cpe-focal.name
charm {
name = "mysql-router"
channel = "8.0/stable"
}
units = 0
endpoint_bindings = [{
space = "oam"
},{
space = "oam"
endpoint = "shared-db"
},{
space = "oam"
endpoint = "db-router"
}]
config = {
source = var.openstack-origin
}
}
resource "juju_application" "hacluster-neutron" {
name = "hacluster-neutron"
model = juju_model.cpe-focal.name
charm {
name = "hacluster"
channel = "2.0.3/stable"
}
units = 0
}
resource "juju_integration" "neutron-ha" {
model = juju_model.cpe-focal.name
application {
name = juju_application.neutron-api.name
endpoint = "ha"
}
application {
name = juju_application.hacluster-neutron.name
endpoint = "ha"
}
}
resource "juju_integration" "neutron-mysql" {
model = juju_model.cpe-focal.name
application {
name = juju_application.neutron-api.name
endpoint = "shared-db"
}
application {
name = juju_application.neutron-mysql-router.name
endpoint = "shared-db"
}
}
resource "juju_integration" "neutron-db" {
model = juju_model.cpe-focal.name
application {
name = juju_application.neutron-mysql-router.name
endpoint = "db-router"
}
application {
name = juju_application.mysql-innodb-cluster.name
endpoint = "db-router"
}
}
resource "juju_integration" "neutron-keystone" {
model = juju_model.cpe-focal.name
application {
name = juju_application.neutron-api.name
endpoint = "identity-service"
}
application {
name = juju_application.keystone.name
endpoint = "identity-service"
}
}
resource "juju_integration" "neutron-api-rmq" {
model = juju_model.cpe-focal.name
application {
name = juju_application.neutron-api.name
endpoint = "amqp"
}
application {
name = juju_application.rabbitmq-server.name
endpoint = "amqp"
}
}
resource "juju_integration" "neutron-gw-rmq" {
model = juju_model.cpe-focal.name
application {
name = juju_application.neutron-gateway.name
endpoint = "amqp"
}
application {
name = juju_application.rabbitmq-server.name
endpoint = "amqp"
}
}

250
juju/home-maas/10-vault.tf Normal file
View File

@ -0,0 +1,250 @@
resource "juju_machine" "vault-1" {
model = juju_model.cpe-focal.name
placement = join(":",["lxd",juju_machine.all_machines["400"].machine_id])
constraints = "spaces=oam"
}
resource "juju_machine" "vault-2" {
model = juju_model.cpe-focal.name
placement = join(":",["lxd",juju_machine.all_machines["401"].machine_id])
constraints = "spaces=oam"
}
resource "juju_machine" "vault-3" {
model = juju_model.cpe-focal.name
placement = join(":",["lxd",juju_machine.all_machines["402"].machine_id])
constraints = "spaces=oam"
}
resource "juju_application" "vault" {
name = "vault"
model = juju_model.cpe-focal.name
charm {
name = "vault"
channel = "1.7/stable"
base = "ubuntu@20.04"
}
units = 3
placement = "${join(",",sort([
juju_machine.vault-1.machine_id,
juju_machine.vault-2.machine_id,
juju_machine.vault-3.machine_id,
]))}"
config = {
vip = "10.0.1.222"
nagios_context = var.nagios-context
}
}
resource "juju_application" "vault-mysql-router" {
name = "vault-mysql-router"
model = juju_model.cpe-focal.name
charm {
name = "mysql-router"
channel = "8.0/stable"
}
units = 0
endpoint_bindings = [
{
space = "oam"
},{
endpoint = "shared-db"
space = "oam"
},{
endpoint = "db-router"
space = "oam"
},
]
config = {
source = var.openstack-origin
}
}
resource "juju_application" "hacluster-vault" {
name = "hacluster-vault"
model = juju_model.cpe-focal.name
charm {
name = "hacluster"
channel = "2.0.3/stable"
}
units = 0
}
resource "juju_machine" "etcd-1" {
model = juju_model.cpe-focal.name
placement = join(":",["lxd",juju_machine.all_machines["400"].machine_id])
constraints = "spaces=oam"
}
resource "juju_machine" "etcd-2" {
model = juju_model.cpe-focal.name
placement = join(":",["lxd",juju_machine.all_machines["401"].machine_id])
constraints = "spaces=oam"
}
resource "juju_machine" "etcd-3" {
model = juju_model.cpe-focal.name
placement = join(":",["lxd",juju_machine.all_machines["402"].machine_id])
constraints = "spaces=oam"
}
resource "juju_application" "etcd" {
name = "etcd"
model = juju_model.cpe-focal.name
charm {
name = "etcd"
channel = "latest/stable"
base = "ubuntu@20.04"
revision = 583
}
placement = "${join(",",sort([
juju_machine.etcd-1.machine_id,
juju_machine.etcd-2.machine_id,
juju_machine.etcd-3.machine_id,
]))}"
endpoint_bindings = [{
space = "oam"
},{
space = "oam"
endpoint = "cluster"
},{
space = "oam"
endpoint = "db"
}]
units = 3
config = {
channel = "3.2/stable"
}
}
resource "juju_machine" "easyrsa" {
model = juju_model.cpe-focal.name
placement = join(":",["lxd",juju_machine.all_machines["402"].machine_id])
constraints = "spaces=oam"
}
resource "juju_application" "easyrsa" {
name = "easyrsa"
model = juju_model.cpe-focal.name
charm {
name = "easyrsa"
channel = "latest/stable"
base = "ubuntu@20.04"
}
placement = "${juju_machine.easyrsa.machine_id}"
endpoint_bindings = [{space = "oam"}]
units = 1
}
resource "juju_integration" "vault-etcd" {
model = juju_model.cpe-focal.name
application {
name = juju_application.vault.name
endpoint = "etcd"
}
application {
name = juju_application.etcd.name
endpoint = "db"
}
}
resource "juju_integration" "etcd-easyrsa" {
model = juju_model.cpe-focal.name
application {
name = juju_application.etcd.name
endpoint = "certificates"
}
application {
name = juju_application.easyrsa.name
endpoint = "client"
}
}
resource "juju_integration" "vault-ha" {
model = juju_model.cpe-focal.name
application {
name = juju_application.vault.name
endpoint = "ha"
}
application {
name = juju_application.hacluster-vault.name
endpoint = "ha"
}
}
resource "juju_integration" "vault-mysql" {
model = juju_model.cpe-focal.name
application {
name = juju_application.vault.name
endpoint = "shared-db"
}
application {
name = juju_application.vault-mysql-router.name
endpoint = "shared-db"
}
}
resource "juju_integration" "vault-ceph" {
model = juju_model.cpe-focal.name
application {
name = juju_application.vault.name
endpoint = "secrets"
}
application {
name = juju_application.ceph-osd.name
endpoint = "secrets-storage"
}
}
resource "juju_integration" "vault-db" {
model = juju_model.cpe-focal.name
application {
name = juju_application.vault-mysql-router.name
endpoint = "db-router"
}
application {
name = juju_application.mysql-innodb-cluster.name
endpoint = "db-router"
}
}

5
juju/home-maas/terraform.tfvars
View File

@ -22,3 +22,8 @@ osd-devices = "/dev/sdb /dev/sdc"
data-port = "br-data:ens9"
bridge-mappings = "physnet1:br-data"
dns-servers = "192.168.1.13"
nagios-context = "arif-nc01"
#vips = [
# {vault=10.0.1.222}
#]

3
juju/init.tf
View File

@ -2,7 +2,8 @@ terraform {
required_providers {
juju = {
version = "~> 0.12.0"
source = "juju/juju"
#source = "juju/juju"
source = "terraform.local/juju/juju"
}
}
}