From f1b2063a935a3da5450103ffb282180ca0f59a6d Mon Sep 17 00:00:00 2001 From: Arif Ali Date: Mon, 6 May 2024 17:44:43 +0100 Subject: [PATCH] Add latest updates * Issues with etc due to storage * Issues with cinder due to storage * This only works if the conflict between placement and contraints is removed from the juju provider --- juju/home-maas/00-variables.tf | 20 +++ juju/home-maas/04-keystone.tf | 147 ++++++++++++++++++ juju/home-maas/04-mysql.tf | 57 +++++++ juju/home-maas/04-rmq.tf | 52 +++++++ juju/home-maas/05-ceph.tf | 49 ++++-- juju/home-maas/05-cinder.tf | 243 +++++++++++++++++++++++++++++ juju/home-maas/05-glance.tf | 207 +++++++++++++++++++++++++ juju/home-maas/06-nova-compute.tf | 90 +++++++++++ juju/home-maas/08-neutron.tf | 199 ++++++++++++++++++++++++ juju/home-maas/10-vault.tf | 250 ++++++++++++++++++++++++++++++ juju/home-maas/terraform.tfvars | 5 + juju/init.tf | 3 +- 12 files changed, 1306 insertions(+), 16 deletions(-) create mode 100644 juju/home-maas/04-keystone.tf create mode 100644 juju/home-maas/04-mysql.tf create mode 100644 juju/home-maas/04-rmq.tf create mode 100644 juju/home-maas/05-cinder.tf create mode 100644 juju/home-maas/05-glance.tf create mode 100644 juju/home-maas/10-vault.tf diff --git a/juju/home-maas/00-variables.tf b/juju/home-maas/00-variables.tf index 93a176a..32eb24a 100644 --- a/juju/home-maas/00-variables.tf +++ b/juju/home-maas/00-variables.tf @@ -10,6 +10,11 @@ variable openstack-origin { default = "distro" } +variable openstack-region { + type = string + default = "RegionOne" +} + variable osd-devices { type = string default = "" @@ -44,3 +49,18 @@ variable dns-servers { type = string default = "" } + +variable nagios-context { + type = string + default = "" +} + +variable mysql-connections { + type = string + default = "4000" +} + +variable mysql-tuning-level { + type = string + default = "safest" +} diff --git a/juju/home-maas/04-keystone.tf b/juju/home-maas/04-keystone.tf new file mode 100644 index 0000000..4b52c15 --- /dev/null +++ b/juju/home-maas/04-keystone.tf @@ -0,0 +1,147 @@ +resource "juju_machine" "keystone-1" { + model = juju_model.cpe-focal.name + placement = join(":",["lxd",juju_machine.all_machines["103"].machine_id]) + constraints = "spaces=oam" +} +resource "juju_machine" "keystone-2" { + model = juju_model.cpe-focal.name + placement = join(":",["lxd",juju_machine.all_machines["104"].machine_id]) + constraints = "spaces=oam" +} +resource "juju_machine" "keystone-3" { + model = juju_model.cpe-focal.name + placement = join(":",["lxd",juju_machine.all_machines["105"].machine_id]) + constraints = "spaces=oam" +} + + +resource "juju_application" "keystone" { + name = "keystone" + + model = juju_model.cpe-focal.name + + charm { + name = "keystone" + channel = "ussuri/stable" + } + + units = 3 + + placement = "${join(",",sort([ + juju_machine.keystone-1.machine_id, + juju_machine.keystone-2.machine_id, + juju_machine.keystone-3.machine_id, + ]))}" + + endpoint_bindings = [{ + space = "oam" + },{ + space = "oam" + endpoint = "public" + },{ + space = "oam" + endpoint = "admin" + },{ + space = "oam" + endpoint = "internal" + },{ + space = "oam" + endpoint = "shared-db" + }] + + config = { + worker-multiplier = var.worker-multiplier + openstack-origin = var.openstack-origin + vip = "10.0.1.216" + region = var.openstack-region + preferred-api-version = "3" + token-provider = "fernet" + } +} + +resource "juju_application" "keystone-mysql-router" { + name = "keystone-mysql-router" + + model = juju_model.cpe-focal.name + + charm { + name = "mysql-router" + channel = "8.0/stable" + } + + units = 0 + + endpoint_bindings = [{ + space = "oam" + },{ + space = "oam" + endpoint = "shared-db" + },{ + space = "oam" + endpoint = "db-router" + }] + + config = { + source = var.openstack-origin + } +} + +resource "juju_application" "hacluster-keystone" { + name = "hacluster-keystone" + + model = juju_model.cpe-focal.name + + charm { + name = "hacluster" + channel = "2.0.3/stable" + } + + units = 0 +} + +resource "juju_integration" "keystone-ha" { + + + model = juju_model.cpe-focal.name + + application { + name = juju_application.keystone.name + endpoint = "ha" + } + + application { + name = juju_application.hacluster-keystone.name + endpoint = "ha" + } +} + +resource "juju_integration" "keystone-mysql" { + + model = juju_model.cpe-focal.name + + application { + name = juju_application.keystone.name + endpoint = "shared-db" + } + + application { + name = juju_application.keystone-mysql-router.name + endpoint = "shared-db" + } +} + +resource "juju_integration" "keystone-db" { + + model = juju_model.cpe-focal.name + + application { + name = juju_application.keystone-mysql-router.name + endpoint = "db-router" + } + + application { + name = juju_application.mysql-innodb-cluster.name + endpoint = "db-router" + } +} + diff --git a/juju/home-maas/04-mysql.tf b/juju/home-maas/04-mysql.tf new file mode 100644 index 0000000..5748425 --- /dev/null +++ b/juju/home-maas/04-mysql.tf @@ -0,0 +1,57 @@ +resource "juju_machine" "mysql-1" { + model = juju_model.cpe-focal.name + placement = join(":",["lxd",juju_machine.all_machines["100"].machine_id]) + constraints = "spaces=oam" +} +resource "juju_machine" "mysql-2" { + model = juju_model.cpe-focal.name + placement = join(":",["lxd",juju_machine.all_machines["101"].machine_id]) + constraints = "spaces=oam" +} +resource "juju_machine" "mysql-3" { + model = juju_model.cpe-focal.name + placement = join(":",["lxd",juju_machine.all_machines["102"].machine_id]) + constraints = "spaces=oam" +} + + +resource "juju_application" "mysql-innodb-cluster" { + name = "mysql-innodb-cluster" + + model = juju_model.cpe-focal.name + + charm { + name = "mysql-innodb-cluster" + channel = "8.0/stable" + base = "ubuntu@20.04" + } + + units = 3 + + placement = "${join(",",sort([ + juju_machine.mysql-1.machine_id, + juju_machine.mysql-2.machine_id, + juju_machine.mysql-3.machine_id, + ]))}" + + endpoint_bindings = [{ + space = "oam" + },{ + endpoint = "cluster" + space = "oam" + },{ + endpoint = "db-router" + space = "oam" + }] + + config = { + source = var.openstack-origin + #innodb-buffer-pool-size = "16G" + wait-timeout = "3600" + enable-binlogs = "false" + snapd_refresh = "max" + max-connections = var.mysql-connections + tuning-level = var.mysql-tuning-level + } +} + diff --git a/juju/home-maas/04-rmq.tf b/juju/home-maas/04-rmq.tf new file mode 100644 index 0000000..3745a65 --- /dev/null +++ b/juju/home-maas/04-rmq.tf @@ -0,0 +1,52 @@ +resource "juju_machine" "rmq-1" { + model = juju_model.cpe-focal.name + placement = join(":",["lxd",juju_machine.all_machines["103"].machine_id]) + constraints = "spaces=oam" +} +resource "juju_machine" "rmq-2" { + model = juju_model.cpe-focal.name + placement = join(":",["lxd",juju_machine.all_machines["104"].machine_id]) + constraints = "spaces=oam" +} +resource "juju_machine" "rmq-3" { + model = juju_model.cpe-focal.name + placement = join(":",["lxd",juju_machine.all_machines["105"].machine_id]) + constraints = "spaces=oam" +} + + +resource "juju_application" "rabbitmq-server" { + name = "rabbitmq-server" + + model = juju_model.cpe-focal.name + + charm { + name = "rabbitmq-server" + channel = "3.8/stable" + } + + units = 3 + + placement = "${join(",",sort([ + juju_machine.rmq-1.machine_id, + juju_machine.rmq-2.machine_id, + juju_machine.rmq-3.machine_id, + ]))}" + + endpoint_bindings = [{ + space = "oam" + },{ + endpoint = "amqp" + space = "oam" + },{ + endpoint = "cluster" + space = "oam" + }] + + config = { + source = var.openstack-origin + min-cluster-size = "3" + cluster-partition-handling = "pause_minority" + } +} + diff --git a/juju/home-maas/05-ceph.tf b/juju/home-maas/05-ceph.tf index 5715ab0..1b4ffe2 100644 --- a/juju/home-maas/05-ceph.tf +++ b/juju/home-maas/05-ceph.tf @@ -24,25 +24,27 @@ resource "juju_application" "ceph-osd" { osd-devices = var.osd-devices source = var.openstack-origin aa-profile-mode = "complain" - osd-encrypt = "true" - osd-encrypt-keymanager = "vault" customize-failure-domain = "true" + autotune = "false" + bluestore = "true" + #osd-encrypt = "true" + #osd-encrypt-keymanager = "vault" } } resource "juju_machine" "ceph-mon-1" { model = juju_model.cpe-focal.name - placement = join(":",["lxd",juju_machine.all_machines["101"].machine_id]) + placement = join(":",["lxd",juju_machine.all_machines["100"].machine_id]) constraints = "spaces=oam,ceph-access,ceph-replica" } resource "juju_machine" "ceph-mon-2" { model = juju_model.cpe-focal.name - placement = join(":",["lxd",juju_machine.all_machines["102"].machine_id]) + placement = join(":",["lxd",juju_machine.all_machines["101"].machine_id]) constraints = "spaces=oam,ceph-access,ceph-replica" } resource "juju_machine" "ceph-mon-3" { model = juju_model.cpe-focal.name - placement = join(":",["lxd",juju_machine.all_machines["103"].machine_id]) + placement = join(":",["lxd",juju_machine.all_machines["102"].machine_id]) constraints = "spaces=oam,ceph-access,ceph-replica" } @@ -68,20 +70,20 @@ resource "juju_application" "ceph-mon" { endpoint_bindings = [{ space = "oam" },{ - space = "ceph-access" endpoint = "public" - },{ space = "ceph-access" + },{ endpoint = "osd" - },{ space = "ceph-access" + },{ endpoint = "client" - },{ space = "ceph-access" - endpoint = "admin" },{ - space = "ceph-replica" + endpoint = "admin" + space = "ceph-access" + },{ endpoint = "cluster" + space = "ceph-replica" }] config = { @@ -94,17 +96,17 @@ resource "juju_application" "ceph-mon" { resource "juju_machine" "ceph-rgw-1" { model = juju_model.cpe-focal.name - placement = join(":",["lxd",juju_machine.all_machines["101"].machine_id]) + placement = join(":",["lxd",juju_machine.all_machines["100"].machine_id]) constraints = "spaces=oam,ceph-access" } resource "juju_machine" "ceph-rgw-2" { model = juju_model.cpe-focal.name - placement = join(":",["lxd",juju_machine.all_machines["102"].machine_id]) + placement = join(":",["lxd",juju_machine.all_machines["101"].machine_id]) constraints = "spaces=oam,ceph-access" } resource "juju_machine" "ceph-rgw-3" { model = juju_model.cpe-focal.name - placement = join(":",["lxd",juju_machine.all_machines["103"].machine_id]) + placement = join(":",["lxd",juju_machine.all_machines["102"].machine_id]) constraints = "spaces=oam,ceph-access" } @@ -143,9 +145,10 @@ resource "juju_application" "ceph-radosgw" { }] config = { - source: var.openstack-origin + source = var.openstack-origin vip = "10.0.1.224" operator-roles = "Member,admin" + region = var.openstack-region os-admin-hostname = "swift-internal.example.com" os-internal-hostname = "swift-internal.example.com" os-public-hostname = "swift.example.com" @@ -212,3 +215,19 @@ resource "juju_integration" "rgw-ha" { endpoint = "ha" } } + +resource "juju_integration" "rgw-keystone" { + + model = juju_model.cpe-focal.name + + application { + name = juju_application.ceph-radosgw.name + endpoint = "identity-service" + } + + application { + name = juju_application.keystone.name + endpoint = "identity-service" + } +} + diff --git a/juju/home-maas/05-cinder.tf b/juju/home-maas/05-cinder.tf new file mode 100644 index 0000000..863cf61 --- /dev/null +++ b/juju/home-maas/05-cinder.tf @@ -0,0 +1,243 @@ +resource "juju_machine" "cinder-1" { + model = juju_model.cpe-focal.name + placement = join(":",["lxd",juju_machine.all_machines["100"].machine_id]) + constraints = "spaces=oam" +} +resource "juju_machine" "cinder-2" { + model = juju_model.cpe-focal.name + placement = join(":",["lxd",juju_machine.all_machines["101"].machine_id]) + constraints = "spaces=oam" +} +resource "juju_machine" "cinder-3" { + model = juju_model.cpe-focal.name + placement = join(":",["lxd",juju_machine.all_machines["102"].machine_id]) + constraints = "spaces=oam" +} + + +resource "juju_application" "cinder" { + name = "cinder" + + model = juju_model.cpe-focal.name + + charm { + name = "cinder" + channel = "ussuri/stable" + } + + units = 3 + + placement = "${join(",",sort([ + juju_machine.cinder-1.machine_id, + juju_machine.cinder-2.machine_id, + juju_machine.cinder-3.machine_id, + ]))}" + + endpoint_bindings = [{ + space = "oam" + },{ + endpoint = "public" + space = "oam" + },{ + endpoint = "admin" + space = "oam" + },{ + endpoint = "internal" + space = "oam" + },{ + endpoint = "shared-db" + space = "oam" + }] + + config = { + worker-multiplier = var.worker-multiplier + openstack-origin = var.openstack-origin + region = var.openstack-region + vip = "10.0.1.212" + region = var.openstack-region + use-internal-endpoints = "true" + block-device = "None" + glance-api-version = "2" + enabled-services = "api,scheduler,volume" + } +} + +resource "juju_application" "cinder-ceph" { + name = "cinder-ceph" + + model = juju_model.cpe-focal.name + + charm { + name = "cinder-ceph" + channel = "ussuri/stable" + } + + units = 0 + + config = { + restrict-ceph-pools = "false" + } +} + + +resource "juju_application" "cinder-mysql-router" { + name = "cinder-mysql-router" + + model = juju_model.cpe-focal.name + + charm { + name = "mysql-router" + channel = "8.0/stable" + } + + units = 0 + + endpoint_bindings = [{ + space = "oam" + },{ + space = "oam" + endpoint = "shared-db" + },{ + space = "oam" + endpoint = "db-router" + }] + + config = { + source = var.openstack-origin + } +} + +resource "juju_application" "hacluster-cinder" { + name = "hacluster-cinder" + + model = juju_model.cpe-focal.name + + charm { + name = "hacluster" + channel = "2.0.3/stable" + } + + units = 0 +} + +resource "juju_integration" "cinder-ha" { + + + model = juju_model.cpe-focal.name + + application { + name = juju_application.cinder.name + endpoint = "ha" + } + + application { + name = juju_application.hacluster-cinder.name + endpoint = "ha" + } +} + +resource "juju_integration" "cinder-mysql" { + + model = juju_model.cpe-focal.name + + application { + name = juju_application.cinder.name + endpoint = "shared-db" + } + + application { + name = juju_application.cinder-mysql-router.name + endpoint = "shared-db" + } +} + +resource "juju_integration" "cinder-db" { + + model = juju_model.cpe-focal.name + + application { + name = juju_application.cinder-mysql-router.name + endpoint = "db-router" + } + + application { + name = juju_application.mysql-innodb-cluster.name + endpoint = "db-router" + } +} + +resource "juju_integration" "cinder-rmq" { + + model = juju_model.cpe-focal.name + + application { + name = juju_application.cinder.name + endpoint = "amqp" + } + + application { + name = juju_application.rabbitmq-server.name + endpoint = "amqp" + } +} + +resource "juju_integration" "cinder-keystone" { + + model = juju_model.cpe-focal.name + + application { + name = juju_application.cinder.name + endpoint = "identity-service" + } + + application { + name = juju_application.keystone.name + endpoint = "identity-service" + } +} + +resource "juju_integration" "cinder-ceph" { + + model = juju_model.cpe-focal.name + + application { + name = juju_application.cinder.name + endpoint = "ceph" + } + + application { + name = juju_application.ceph-mon.name + endpoint = "client" + } +} + + +resource "juju_integration" "cinder-ceph-mon" { + + model = juju_model.cpe-focal.name + + application { + name = juju_application.cinder-ceph.name + endpoint = "ceph" + } + + application { + name = juju_application.ceph-mon.name + endpoint = "client" + } +} + +resource "juju_integration" "cinder-ceph-cinder" { + + model = juju_model.cpe-focal.name + + application { + name = juju_application.cinder-ceph.name + endpoint = "storage-backend" + } + + application { + name = juju_application.cinder.name + endpoint = "storage-backend" + } +} diff --git a/juju/home-maas/05-glance.tf b/juju/home-maas/05-glance.tf new file mode 100644 index 0000000..11cdc6d --- /dev/null +++ b/juju/home-maas/05-glance.tf @@ -0,0 +1,207 @@ +resource "juju_machine" "glance-1" { + model = juju_model.cpe-focal.name + placement = join(":",["lxd",juju_machine.all_machines["100"].machine_id]) + constraints = "spaces=oam" +} +resource "juju_machine" "glance-2" { + model = juju_model.cpe-focal.name + placement = join(":",["lxd",juju_machine.all_machines["101"].machine_id]) + constraints = "spaces=oam" +} +resource "juju_machine" "glance-3" { + model = juju_model.cpe-focal.name + placement = join(":",["lxd",juju_machine.all_machines["102"].machine_id]) + constraints = "spaces=oam" +} + + +resource "juju_application" "glance" { + name = "glance" + + model = juju_model.cpe-focal.name + + charm { + name = "glance" + channel = "ussuri/stable" + } + + units = 3 + + placement = "${join(",",sort([ + juju_machine.glance-1.machine_id, + juju_machine.glance-2.machine_id, + juju_machine.glance-3.machine_id, + ]))}" + + endpoint_bindings = [{ + space = "oam" + },{ + endpoint = "public" + space = "oam" + },{ + endpoint = "admin" + space = "oam" + },{ + endpoint = "internal" + space = "oam" + },{ + endpoint = "shared-db" + space = "oam" + }] + + config = { + worker-multiplier = var.worker-multiplier + openstack-origin = var.openstack-origin + vip = "10.0.1.214" + region = var.openstack-region + use-internal-endpoints = "true" + restrict-ceph-pools = "false" + region = var.openstack-region + } +} + +resource "juju_application" "glance-mysql-router" { + name = "glance-mysql-router" + + model = juju_model.cpe-focal.name + + charm { + name = "mysql-router" + channel = "8.0/stable" + } + + units = 0 + + endpoint_bindings = [{ + space = "oam" + },{ + space = "oam" + endpoint = "shared-db" + },{ + space = "oam" + endpoint = "db-router" + }] + + config = { + source = var.openstack-origin + } +} + +resource "juju_application" "hacluster-glance" { + name = "hacluster-glance" + + model = juju_model.cpe-focal.name + + charm { + name = "hacluster" + channel = "2.0.3/stable" + } + + units = 0 +} + +resource "juju_integration" "glance-ha" { + + + model = juju_model.cpe-focal.name + + application { + name = juju_application.glance.name + endpoint = "ha" + } + + application { + name = juju_application.hacluster-glance.name + endpoint = "ha" + } +} + +resource "juju_integration" "glance-mysql" { + + model = juju_model.cpe-focal.name + + application { + name = juju_application.glance.name + endpoint = "shared-db" + } + + application { + name = juju_application.glance-mysql-router.name + endpoint = "shared-db" + } +} + +resource "juju_integration" "glance-db" { + + model = juju_model.cpe-focal.name + + application { + name = juju_application.glance-mysql-router.name + endpoint = "db-router" + } + + application { + name = juju_application.mysql-innodb-cluster.name + endpoint = "db-router" + } +} + +resource "juju_integration" "glance-rmq" { + + model = juju_model.cpe-focal.name + + application { + name = juju_application.glance.name + endpoint = "amqp" + } + + application { + name = juju_application.rabbitmq-server.name + endpoint = "amqp" + } +} + +resource "juju_integration" "glance-keystone" { + + model = juju_model.cpe-focal.name + + application { + name = juju_application.glance.name + endpoint = "identity-service" + } + + application { + name = juju_application.keystone.name + endpoint = "identity-service" + } +} + +resource "juju_integration" "glance-ceph" { + + model = juju_model.cpe-focal.name + + application { + name = juju_application.glance.name + endpoint = "ceph" + } + + application { + name = juju_application.ceph-mon.name + endpoint = "client" + } +} + +resource "juju_integration" "glance-cinder" { + + model = juju_model.cpe-focal.name + + application { + name = juju_application.glance.name + endpoint = "image-service" + } + + application { + name = juju_application.cinder.name + endpoint = "image-service" + } +} diff --git a/juju/home-maas/06-nova-compute.tf b/juju/home-maas/06-nova-compute.tf index 6b51e42..9bce7e1 100644 --- a/juju/home-maas/06-nova-compute.tf +++ b/juju/home-maas/06-nova-compute.tf @@ -185,3 +185,93 @@ resource "juju_integration" "compute-ceph-mon" { endpoint = "client" } } + +resource "juju_integration" "neutron-api-ovs" { + + model = juju_model.cpe-focal.name + + application { + name = juju_application.neutron-openvswitch.name + endpoint = "neutron-plugin-api" + } + + application { + name = juju_application.neutron-api.name + endpoint = "neutron-plugin-api" + } +} + +resource "juju_integration" "nova-compute-rmq" { + + model = juju_model.cpe-focal.name + + application { + name = juju_application.nova-compute.name + endpoint = "amqp" + } + + application { + name = juju_application.rabbitmq-server.name + endpoint = "amqp" + } +} + +resource "juju_integration" "neutron-ovs-rmq" { + + model = juju_model.cpe-focal.name + + application { + name = juju_application.neutron-openvswitch.name + endpoint = "amqp" + } + + application { + name = juju_application.rabbitmq-server.name + endpoint = "amqp" + } +} + +resource "juju_integration" "ceilometer-agent-rmq" { + + model = juju_model.cpe-focal.name + + application { + name = juju_application.ceilometer-agent.name + endpoint = "amqp" + } + + application { + name = juju_application.rabbitmq-server.name + endpoint = "amqp" + } +} + +resource "juju_integration" "nova-compute-glance" { + + model = juju_model.cpe-focal.name + + application { + name = juju_application.nova-compute.name + endpoint = "image-service" + } + + application { + name = juju_application.glance.name + endpoint = "image-service" + } +} + +resource "juju_integration" "nova-compute-cinder-ceph" { + + model = juju_model.cpe-focal.name + + application { + name = juju_application.nova-compute.name + endpoint = "ceph-access" + } + + application { + name = juju_application.cinder-ceph.name + endpoint = "ceph-access" + } +} diff --git a/juju/home-maas/08-neutron.tf b/juju/home-maas/08-neutron.tf index 2896253..933ffb1 100644 --- a/juju/home-maas/08-neutron.tf +++ b/juju/home-maas/08-neutron.tf @@ -27,4 +27,203 @@ resource "juju_application" "neutron-gateway" { } } +resource "juju_machine" "neutron-api-1" { + model = juju_model.cpe-focal.name + placement = join(":",["lxd",juju_machine.all_machines["100"].machine_id]) + constraints = "spaces=oam" +} +resource "juju_machine" "neutron-api-2" { + model = juju_model.cpe-focal.name + placement = join(":",["lxd",juju_machine.all_machines["101"].machine_id]) + constraints = "spaces=oam" +} +resource "juju_machine" "neutron-api-3" { + model = juju_model.cpe-focal.name + placement = join(":",["lxd",juju_machine.all_machines["102"].machine_id]) + constraints = "spaces=oam" +} +resource "juju_application" "neutron-api" { + name = "neutron-api" + + model = juju_model.cpe-focal.name + + charm { + name = "neutron-api" + channel = "ussuri/stable" + } + + units = 3 + + placement = "${join(",",sort([ + juju_machine.neutron-api-1.machine_id, + juju_machine.neutron-api-2.machine_id, + juju_machine.neutron-api-3.machine_id, + ]))}" + + endpoint_bindings = [{ + space = "oam" + },{ + endpoint = "public" + space = "oam" + },{ + endpoint = "admin" + space = "oam" + },{ + endpoint = "internal" + space = "oam" + },{ + endpoint = "shared-db" + space = "oam" + }] + + config = { + vip = "10.0.1.218" + worker-multiplier: var.worker-multiplier + openstack-origin: var.openstack-origin + region: var.openstack-region + neutron-security-groups = "true" + #overlay-network-type = "vxlan gre" + overlay-network-type = "vxlan" + use-internal-endpoints = "true" + enable-l3ha = "true" + dhcp-agents-per-network = "2" + enable-ml2-port-security = "true" + default-tenant-network-type = "vxlan" + l2-population = "true" + #global-physnet-mtu = "9000" + manage-neutron-plugin-legacy-mode = "true" + } + + +} + +resource "juju_application" "neutron-mysql-router" { + name = "neutron-mysql-router" + + model = juju_model.cpe-focal.name + + charm { + name = "mysql-router" + channel = "8.0/stable" + } + + units = 0 + + endpoint_bindings = [{ + space = "oam" + },{ + space = "oam" + endpoint = "shared-db" + },{ + space = "oam" + endpoint = "db-router" + }] + + config = { + source = var.openstack-origin + } +} + +resource "juju_application" "hacluster-neutron" { + name = "hacluster-neutron" + + model = juju_model.cpe-focal.name + + charm { + name = "hacluster" + channel = "2.0.3/stable" + } + + units = 0 +} + +resource "juju_integration" "neutron-ha" { + + model = juju_model.cpe-focal.name + + application { + name = juju_application.neutron-api.name + endpoint = "ha" + } + + application { + name = juju_application.hacluster-neutron.name + endpoint = "ha" + } +} + +resource "juju_integration" "neutron-mysql" { + + model = juju_model.cpe-focal.name + + application { + name = juju_application.neutron-api.name + endpoint = "shared-db" + } + + application { + name = juju_application.neutron-mysql-router.name + endpoint = "shared-db" + } +} + +resource "juju_integration" "neutron-db" { + + model = juju_model.cpe-focal.name + + application { + name = juju_application.neutron-mysql-router.name + endpoint = "db-router" + } + + application { + name = juju_application.mysql-innodb-cluster.name + endpoint = "db-router" + } +} + +resource "juju_integration" "neutron-keystone" { + + model = juju_model.cpe-focal.name + + application { + name = juju_application.neutron-api.name + endpoint = "identity-service" + } + + application { + name = juju_application.keystone.name + endpoint = "identity-service" + } +} + +resource "juju_integration" "neutron-api-rmq" { + + model = juju_model.cpe-focal.name + + application { + name = juju_application.neutron-api.name + endpoint = "amqp" + } + + application { + name = juju_application.rabbitmq-server.name + endpoint = "amqp" + } +} + +resource "juju_integration" "neutron-gw-rmq" { + + model = juju_model.cpe-focal.name + + application { + name = juju_application.neutron-gateway.name + endpoint = "amqp" + } + + application { + name = juju_application.rabbitmq-server.name + endpoint = "amqp" + } +} diff --git a/juju/home-maas/10-vault.tf b/juju/home-maas/10-vault.tf new file mode 100644 index 0000000..812bc29 --- /dev/null +++ b/juju/home-maas/10-vault.tf @@ -0,0 +1,250 @@ +resource "juju_machine" "vault-1" { + model = juju_model.cpe-focal.name + placement = join(":",["lxd",juju_machine.all_machines["400"].machine_id]) + constraints = "spaces=oam" +} +resource "juju_machine" "vault-2" { + model = juju_model.cpe-focal.name + placement = join(":",["lxd",juju_machine.all_machines["401"].machine_id]) + constraints = "spaces=oam" +} +resource "juju_machine" "vault-3" { + model = juju_model.cpe-focal.name + placement = join(":",["lxd",juju_machine.all_machines["402"].machine_id]) + constraints = "spaces=oam" +} + +resource "juju_application" "vault" { + name = "vault" + + model = juju_model.cpe-focal.name + + charm { + name = "vault" + channel = "1.7/stable" + base = "ubuntu@20.04" + } + + units = 3 + + placement = "${join(",",sort([ + juju_machine.vault-1.machine_id, + juju_machine.vault-2.machine_id, + juju_machine.vault-3.machine_id, + ]))}" + + config = { + vip = "10.0.1.222" + nagios_context = var.nagios-context + } + +} + +resource "juju_application" "vault-mysql-router" { + name = "vault-mysql-router" + + model = juju_model.cpe-focal.name + + charm { + name = "mysql-router" + channel = "8.0/stable" + } + + units = 0 + + endpoint_bindings = [ + { + space = "oam" + },{ + endpoint = "shared-db" + space = "oam" + },{ + endpoint = "db-router" + space = "oam" + }, + ] + + config = { + source = var.openstack-origin + } +} + +resource "juju_application" "hacluster-vault" { + name = "hacluster-vault" + + model = juju_model.cpe-focal.name + + charm { + name = "hacluster" + channel = "2.0.3/stable" + } + + units = 0 + +} + + +resource "juju_machine" "etcd-1" { + model = juju_model.cpe-focal.name + placement = join(":",["lxd",juju_machine.all_machines["400"].machine_id]) + constraints = "spaces=oam" +} +resource "juju_machine" "etcd-2" { + model = juju_model.cpe-focal.name + placement = join(":",["lxd",juju_machine.all_machines["401"].machine_id]) + constraints = "spaces=oam" +} +resource "juju_machine" "etcd-3" { + model = juju_model.cpe-focal.name + placement = join(":",["lxd",juju_machine.all_machines["402"].machine_id]) + constraints = "spaces=oam" +} + +resource "juju_application" "etcd" { + name = "etcd" + + model = juju_model.cpe-focal.name + + charm { + name = "etcd" + channel = "latest/stable" + base = "ubuntu@20.04" + revision = 583 + } + + placement = "${join(",",sort([ + juju_machine.etcd-1.machine_id, + juju_machine.etcd-2.machine_id, + juju_machine.etcd-3.machine_id, + ]))}" + + endpoint_bindings = [{ + space = "oam" + },{ + space = "oam" + endpoint = "cluster" + },{ + space = "oam" + endpoint = "db" + }] + + units = 3 + + config = { + channel = "3.2/stable" + } +} + +resource "juju_machine" "easyrsa" { + model = juju_model.cpe-focal.name + placement = join(":",["lxd",juju_machine.all_machines["402"].machine_id]) + constraints = "spaces=oam" +} + +resource "juju_application" "easyrsa" { + name = "easyrsa" + + model = juju_model.cpe-focal.name + + charm { + name = "easyrsa" + channel = "latest/stable" + base = "ubuntu@20.04" + } + + placement = "${juju_machine.easyrsa.machine_id}" + + endpoint_bindings = [{space = "oam"}] + + units = 1 +} + +resource "juju_integration" "vault-etcd" { + + model = juju_model.cpe-focal.name + + application { + name = juju_application.vault.name + endpoint = "etcd" + } + + application { + name = juju_application.etcd.name + endpoint = "db" + } +} + +resource "juju_integration" "etcd-easyrsa" { + + model = juju_model.cpe-focal.name + + application { + name = juju_application.etcd.name + endpoint = "certificates" + } + + application { + name = juju_application.easyrsa.name + endpoint = "client" + } +} + +resource "juju_integration" "vault-ha" { + + model = juju_model.cpe-focal.name + + application { + name = juju_application.vault.name + endpoint = "ha" + } + + application { + name = juju_application.hacluster-vault.name + endpoint = "ha" + } +} + +resource "juju_integration" "vault-mysql" { + + model = juju_model.cpe-focal.name + + application { + name = juju_application.vault.name + endpoint = "shared-db" + } + + application { + name = juju_application.vault-mysql-router.name + endpoint = "shared-db" + } +} + +resource "juju_integration" "vault-ceph" { + + model = juju_model.cpe-focal.name + + application { + name = juju_application.vault.name + endpoint = "secrets" + } + + application { + name = juju_application.ceph-osd.name + endpoint = "secrets-storage" + } +} + +resource "juju_integration" "vault-db" { + + model = juju_model.cpe-focal.name + + application { + name = juju_application.vault-mysql-router.name + endpoint = "db-router" + } + + application { + name = juju_application.mysql-innodb-cluster.name + endpoint = "db-router" + } +} diff --git a/juju/home-maas/terraform.tfvars b/juju/home-maas/terraform.tfvars index 5d4ae39..f5547c2 100644 --- a/juju/home-maas/terraform.tfvars +++ b/juju/home-maas/terraform.tfvars @@ -22,3 +22,8 @@ osd-devices = "/dev/sdb /dev/sdc" data-port = "br-data:ens9" bridge-mappings = "physnet1:br-data" dns-servers = "192.168.1.13" +nagios-context = "arif-nc01" + +#vips = [ +# {vault=10.0.1.222} +#] diff --git a/juju/init.tf b/juju/init.tf index f0bbd73..e54deec 100644 --- a/juju/init.tf +++ b/juju/init.tf @@ -2,7 +2,8 @@ terraform { required_providers { juju = { version = "~> 0.12.0" - source = "juju/juju" + #source = "juju/juju" + source = "terraform.local/juju/juju" } } }