aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPeter Mikus <pmikus@cisco.com>2022-03-25 14:15:25 +0100
committerPeter Mikus <pmikus@cisco.com>2022-03-30 13:25:14 +0000
commitad8149cc4fc9f5a703f5cffd5557abc0874d4d50 (patch)
tree3136ab126428772784dac8d822cb72cac5bbd7f2
parent1996a8e398190a1930607acf72c6f5ce16091e6d (diff)
refactor(terraform): 2n_aws_c5n
Signed-off-by: Peter Mikus <pmikus@cisco.com> Change-Id: I5f68fd84a9ea034c5d8ff175807033aa0b60d5a2
-rw-r--r--fdio.infra.ansible/roles/topology/tasks/main.yaml4
-rw-r--r--fdio.infra.ansible/roles/topology/templates/hosts.j22
-rw-r--r--fdio.infra.ansible/roles/topology/templates/topology-2n-aws-c5n.j2 (renamed from fdio.infra.ansible/roles/topology/templates/topology_2n_aws_c5n.j2)0
-rw-r--r--fdio.infra.ansible/roles/topology/templates/topology-3n-aws-c5n.j2 (renamed from fdio.infra.ansible/roles/topology/templates/topology_3n_aws_c5n.j2)0
-rw-r--r--fdio.infra.terraform/.gitignore4
-rw-r--r--fdio.infra.terraform/README.md19
-rw-r--r--fdio.infra.terraform/terraform-aws-2n-aws-c5n/main.tf318
-rw-r--r--fdio.infra.terraform/terraform-aws-2n-aws-c5n/output.tf0
-rw-r--r--fdio.infra.terraform/terraform-aws-2n-aws-c5n/providers.tf11
-rw-r--r--fdio.infra.terraform/terraform-aws-2n-aws-c5n/variables.tf180
-rw-r--r--fdio.infra.terraform/terraform-aws-2n-aws-c5n/versions.tf20
-rw-r--r--fdio.infra.terraform/terraform-aws-subnet/versions.tf2
-rw-r--r--fdio.infra.terraform/terraform-aws-vpc/main.tf12
-rw-r--r--fdio.infra.terraform/terraform-aws-vpc/outputs.tf21
-rw-r--r--fdio.infra.terraform/terraform-aws-vpc/variables.tf9
-rw-r--r--fdio.infra.terraform/terraform-aws-vpc/versions.tf2
-rw-r--r--resources/libraries/bash/function/common.sh4
-rw-r--r--resources/libraries/bash/function/terraform.sh6
18 files changed, 575 insertions, 39 deletions
diff --git a/fdio.infra.ansible/roles/topology/tasks/main.yaml b/fdio.infra.ansible/roles/topology/tasks/main.yaml
index a70107478e..4f94060cad 100644
--- a/fdio.infra.ansible/roles/topology/tasks/main.yaml
+++ b/fdio.infra.ansible/roles/topology/tasks/main.yaml
@@ -3,8 +3,8 @@
- name: Create Topology File
template:
- src: "templates/topology_{{ cloud_topology }}.j2"
- dest: "../topologies/available/{{ cloud_topology }}_{{ testbed_name }}.yaml"
+ src: "templates/topology-{{ cloud_topology }}.j2"
+ dest: "../topologies/available/{{ cloud_topology }}-{{ testbed_name }}.yaml"
tags:
- create-topology-file
diff --git a/fdio.infra.ansible/roles/topology/templates/hosts.j2 b/fdio.infra.ansible/roles/topology/templates/hosts.j2
index 12a992dfec..f02586cc99 100644
--- a/fdio.infra.ansible/roles/topology/templates/hosts.j2
+++ b/fdio.infra.ansible/roles/topology/templates/hosts.j2
@@ -5,5 +5,5 @@ all:
{{ tg_public_ip }}
sut:
hosts:
- {{ dut1_public_ip }}
+ {{ dut1_public_ip | default() }}
{{ dut2_public_ip | default() }}
diff --git a/fdio.infra.ansible/roles/topology/templates/topology_2n_aws_c5n.j2 b/fdio.infra.ansible/roles/topology/templates/topology-2n-aws-c5n.j2
index 1d99a34994..1d99a34994 100644
--- a/fdio.infra.ansible/roles/topology/templates/topology_2n_aws_c5n.j2
+++ b/fdio.infra.ansible/roles/topology/templates/topology-2n-aws-c5n.j2
diff --git a/fdio.infra.ansible/roles/topology/templates/topology_3n_aws_c5n.j2 b/fdio.infra.ansible/roles/topology/templates/topology-3n-aws-c5n.j2
index 631b0be63b..631b0be63b 100644
--- a/fdio.infra.ansible/roles/topology/templates/topology_3n_aws_c5n.j2
+++ b/fdio.infra.ansible/roles/topology/templates/topology-3n-aws-c5n.j2
diff --git a/fdio.infra.terraform/.gitignore b/fdio.infra.terraform/.gitignore
index 7e3a831173..223f2ec48c 100644
--- a/fdio.infra.terraform/.gitignore
+++ b/fdio.infra.terraform/.gitignore
@@ -2,8 +2,8 @@
**/.terraform/*
# .tfstate files
-#*.tfstate
-#*.tfstate.*
+*.tfstate
+*.tfstate.*
.terraform.lock.hcl
.terraform.tfstate.lock.info
diff --git a/fdio.infra.terraform/README.md b/fdio.infra.terraform/README.md
deleted file mode 100644
index 7bad380b1e..0000000000
--- a/fdio.infra.terraform/README.md
+++ /dev/null
@@ -1,19 +0,0 @@
-# Terraform CI Infra
-
-This folder contains configuration for terraform based deployments.
-
-## Nomad
-
-Application orchestration - Nomad
-- ./1n_nmd/
-
-## AWS
-
-Testbed deployment - Amazon AWS
-- ./2n_aws_c5n/
-- ./3n_aws_c5n/
-
-## Azure
-
-Testbed deployment - Microsoft Azure
-- ./3n_azure_fsv2/
diff --git a/fdio.infra.terraform/terraform-aws-2n-aws-c5n/main.tf b/fdio.infra.terraform/terraform-aws-2n-aws-c5n/main.tf
new file mode 100644
index 0000000000..a2ea1389bc
--- /dev/null
+++ b/fdio.infra.terraform/terraform-aws-2n-aws-c5n/main.tf
@@ -0,0 +1,318 @@
+data "vault_aws_access_credentials" "creds" {
+ backend = "${var.vault-name}-path"
+ role = "${var.vault-name}-role"
+}
+
+locals {
+ ansible_python_executable = "/usr/bin/python3"
+ availability_zone = "eu-central-1a"
+ name = "csit-vpc"
+ environment = "csit-vpc-environment"
+ key_pair_key_name = "${var.resource_prefix}-${var.testbed_name}-pk"
+ placement_group_name = "${var.resource_prefix}-${var.testbed_name}-pg"
+ security_group_name = "${var.resource_prefix}-${var.testbed_name}-sg"
+ testbed_name = "testbed1"
+ topology_name = "2n-aws-c5n"
+ tg_name = "${var.resource_prefix}-${var.testbed_name}-tg"
+ sut1_name = "${var.resource_prefix}-${var.testbed_name}-sut1"
+}
+
+# Create VPC
+module "vpc" {
+ source = "../terraform-aws-vpc"
+ security_group_name = local.security_group_name
+ subnet_availability_zone = local.availability_zone
+ tags_name = local.name
+ tags_environment = local.environment
+}
+
+# Create Subnet
+module "subnet_b" {
+ source = "../terraform-aws-subnet"
+ subnet_cidr_block = "192.168.10.0/24"
+ subnet_ipv6_cidr_block = cidrsubnet(module.vpc.vpc_ipv6_cidr_block, 8, 2)
+ subnet_availability_zone = local.availability_zone
+ tags_name = local.name
+ tags_environment = local.environment
+ subnet_vpc_id = module.vpc.vpc_id
+}
+
+module "subnet_d" {
+ source = "../terraform-aws-subnet"
+ subnet_cidr_block = "192.168.20.0/24"
+ subnet_ipv6_cidr_block = cidrsubnet(module.vpc.vpc_ipv6_cidr_block, 8, 4)
+ subnet_availability_zone = local.availability_zone
+ tags_name = local.name
+ tags_environment = local.environment
+ subnet_vpc_id = module.vpc.vpc_id
+}
+
+# Create Private Key
+resource "tls_private_key" "private_key" {
+ algorithm = var.private_key_algorithm
+ ecdsa_curve = var.private_key_ecdsa_curve
+ rsa_bits = var.private_key_rsa_bits
+}
+
+# Create Key Pair
+resource "aws_key_pair" "key_pair" {
+ depends_on = [
+ tls_private_key.private_key
+ ]
+ key_name = local.key_pair_key_name
+ public_key = tls_private_key.private_key.public_key_openssh
+}
+
+# Create Placement Group
+resource "aws_placement_group" "placement_group" {
+ name = local.placement_group_name
+ strategy = var.placement_group_strategy
+}
+
+# Create Instance
+resource "aws_instance" "tg" {
+ depends_on = [
+ module.vpc,
+ aws_placement_group.placement_group
+ ]
+ ami = var.tg_ami
+ availability_zone = local.availability_zone
+ associate_public_ip_address = var.tg_associate_public_ip_address
+ instance_initiated_shutdown_behavior = var.tg_instance_initiated_shutdown_behavior
+ instance_type = var.tg_instance_type
+ key_name = aws_key_pair.key_pair.key_name
+ placement_group = aws_placement_group.placement_group.id
+ private_ip = var.tg_private_ip
+ source_dest_check = var.tg_source_dest_check
+ subnet_id = module.vpc.vpc_subnet_id
+ vpc_security_group_ids = [module.vpc.vpc_security_group_id]
+ # host_id = "1"
+
+ root_block_device {
+ delete_on_termination = true
+ volume_size = 50
+ }
+
+ tags = {
+ "Name" = local.tg_name
+ "Environment" = local.environment
+ }
+}
+
+resource "aws_network_interface" "tg_if1" {
+ depends_on = [
+ module.subnet_b,
+ aws_instance.tg
+ ]
+ private_ip = var.tg_if1_private_ip
+ private_ips = [var.tg_if1_private_ip]
+ security_groups = [module.vpc.vpc_security_group_id]
+ source_dest_check = var.tg_source_dest_check
+ subnet_id = module.subnet_b.subnet_id
+
+ attachment {
+ instance = aws_instance.tg.id
+ device_index = 1
+ }
+
+ tags = {
+ "Name" = local.tg_name
+ "Environment" = local.environment
+ }
+}
+
+resource "aws_network_interface" "tg_if2" {
+ depends_on = [
+ module.subnet_d,
+ aws_instance.tg
+ ]
+ private_ips = [var.tg_if2_private_ip]
+ security_groups = [module.vpc.vpc_security_group_id]
+ source_dest_check = var.tg_source_dest_check
+ subnet_id = module.subnet_d.subnet_id
+
+ attachment {
+ instance = aws_instance.tg.id
+ device_index = 2
+ }
+
+ tags = {
+ "Name" = local.tg_name
+ "Environment" = local.environment
+ }
+}
+
+data "aws_network_interface" "tg_if1" {
+ id = aws_network_interface.tg_if1.id
+}
+
+data "aws_network_interface" "tg_if2" {
+ id = aws_network_interface.tg_if2.id
+}
+
+resource "aws_route" "route_tg_if1" {
+ depends_on = [
+ aws_instance.tg
+ ]
+ destination_cidr_block = var.destination_cidr_block_tg_if1
+ network_interface_id = aws_instance.tg.primary_network_interface_id
+ route_table_id = module.vpc.vpc_main_route_table_id
+}
+
+resource "aws_route" "route_tg_if2" {
+ depends_on = [
+ aws_instance.tg
+ ]
+ destination_cidr_block = var.destination_cidr_block_tg_if2
+ network_interface_id = aws_instance.tg.primary_network_interface_id
+ route_table_id = module.vpc.vpc_main_route_table_id
+}
+
+resource "aws_instance" "sut1" {
+ depends_on = [
+ module.vpc,
+ aws_placement_group.placement_group
+ ]
+ ami = var.sut1_ami
+ availability_zone = local.availability_zone
+ associate_public_ip_address = var.sut1_associate_public_ip_address
+ instance_initiated_shutdown_behavior = var.sut1_instance_initiated_shutdown_behavior
+ instance_type = var.sut1_instance_type
+ key_name = aws_key_pair.key_pair.key_name
+ placement_group = aws_placement_group.placement_group.id
+ private_ip = var.sut1_private_ip
+ source_dest_check = var.sut1_source_dest_check
+ subnet_id = module.vpc.vpc_subnet_id
+ vpc_security_group_ids = [module.vpc.vpc_security_group_id]
+ # host_id = "2"
+
+ root_block_device {
+ delete_on_termination = true
+ volume_size = 50
+ }
+
+ tags = {
+ "Name" = local.sut1_name
+ "Environment" = local.environment
+ }
+}
+
+resource "aws_network_interface" "sut1_if1" {
+ depends_on = [
+ module.subnet_b,
+ aws_instance.sut1
+ ]
+ private_ips = [var.sut1_if1_private_ip]
+ security_groups = [module.vpc.vpc_security_group_id]
+ source_dest_check = var.sut1_source_dest_check
+ subnet_id = module.subnet_b.subnet_id
+
+ attachment {
+ instance = aws_instance.sut1.id
+ device_index = 1
+ }
+
+ tags = {
+ "Name" = local.sut1_name
+ "Environment" = local.environment
+ }
+}
+
+resource "aws_network_interface" "sut1_if2" {
+ depends_on = [
+ module.subnet_d,
+ aws_instance.sut1
+ ]
+ private_ips = [var.sut1_if2_private_ip]
+ security_groups = [module.vpc.vpc_security_group_id]
+ source_dest_check = var.sut1_source_dest_check
+ subnet_id = module.subnet_d.subnet_id
+
+ attachment {
+ instance = aws_instance.sut1.id
+ device_index = 2
+ }
+
+ tags = {
+ "Name" = local.sut1_name
+ "Environment" = local.environment
+ }
+}
+
+data "aws_network_interface" "sut1_if1" {
+ id = aws_network_interface.sut1_if1.id
+}
+
+data "aws_network_interface" "sut1_if2" {
+ id = aws_network_interface.sut1_if2.id
+}
+
+resource "null_resource" "deploy_tg" {
+ depends_on = [
+ aws_instance.tg,
+ aws_network_interface.tg_if1,
+ aws_network_interface.tg_if2,
+ aws_instance.sut1,
+ aws_network_interface.sut1_if1,
+ aws_network_interface.sut1_if2
+ ]
+
+ connection {
+ user = "ubuntu"
+ host = aws_instance.tg.public_ip
+ private_key = tls_private_key.private_key.private_key_pem
+ }
+
+ provisioner "remote-exec" {
+ inline = var.first_run_commands
+ }
+}
+
+resource "null_resource" "deploy_sut1" {
+ depends_on = [
+ aws_instance.tg,
+ aws_network_interface.tg_if1,
+ aws_network_interface.tg_if2,
+ aws_instance.sut1,
+ aws_network_interface.sut1_if1,
+ aws_network_interface.sut1_if2
+ ]
+
+ connection {
+ user = "ubuntu"
+ host = aws_instance.sut1.public_ip
+ private_key = tls_private_key.private_key.private_key_pem
+ }
+
+ provisioner "remote-exec" {
+ inline = var.first_run_commands
+ }
+}
+
+resource "null_resource" "deploy_topology" {
+ depends_on = [
+ aws_instance.tg,
+ aws_instance.sut1
+ ]
+
+ provisioner "ansible" {
+ plays {
+ playbook {
+ file_path = var.ansible_topology_path
+ }
+ hosts = ["local"]
+ extra_vars = {
+ ansible_python_interpreter = local.ansible_python_executable
+ testbed_name = local.testbed_name
+ cloud_topology = local.topology_name
+ tg_if1_mac = data.aws_network_interface.tg_if1.mac_address
+ tg_if2_mac = data.aws_network_interface.tg_if2.mac_address
+ dut1_if1_mac = data.aws_network_interface.sut1_if1.mac_address
+ dut1_if2_mac = data.aws_network_interface.sut1_if2.mac_address
+ tg_public_ip = aws_instance.tg.public_ip
+ dut1_public_ip = aws_instance.sut1.public_ip
+ public_ip_list = "${aws_instance.tg.public_ip},${aws_instance.sut1.public_ip}"
+ }
+ }
+ }
+} \ No newline at end of file
diff --git a/fdio.infra.terraform/terraform-aws-2n-aws-c5n/output.tf b/fdio.infra.terraform/terraform-aws-2n-aws-c5n/output.tf
new file mode 100644
index 0000000000..e69de29bb2
--- /dev/null
+++ b/fdio.infra.terraform/terraform-aws-2n-aws-c5n/output.tf
diff --git a/fdio.infra.terraform/terraform-aws-2n-aws-c5n/providers.tf b/fdio.infra.terraform/terraform-aws-2n-aws-c5n/providers.tf
new file mode 100644
index 0000000000..38244af0bd
--- /dev/null
+++ b/fdio.infra.terraform/terraform-aws-2n-aws-c5n/providers.tf
@@ -0,0 +1,11 @@
+provider "aws" {
+ region = var.region
+ access_key = data.vault_aws_access_credentials.creds.access_key
+ secret_key = data.vault_aws_access_credentials.creds.secret_key
+}
+
+provider "vault" {
+ address = "http://10.30.51.28:8200"
+ skip_tls_verify = true
+ token = "s.4z5PsufFwV3sHbCzK9Y2Cojd"
+} \ No newline at end of file
diff --git a/fdio.infra.terraform/terraform-aws-2n-aws-c5n/variables.tf b/fdio.infra.terraform/terraform-aws-2n-aws-c5n/variables.tf
new file mode 100644
index 0000000000..104c0a1612
--- /dev/null
+++ b/fdio.infra.terraform/terraform-aws-2n-aws-c5n/variables.tf
@@ -0,0 +1,180 @@
+variable "vault-name" {
+ default = "dynamic-aws-creds-vault-fdio"
+}
+
+variable "region" {
+ description = "AWS Region."
+ type = string
+ default = "eu-central-1"
+}
+
+variable "resource_prefix" {
+ description = "Resources name prefix."
+ type = string
+ default = "csit-2n-aws-c5n"
+}
+
+variable "testbed_name" {
+ description = "Testbed name."
+ type = string
+ default = "testbed1"
+}
+
+# Variables for Private Key
+variable "private_key_algorithm" {
+ description = "The name of the algorithm to use for the key."
+ type = string
+ default = "RSA"
+}
+
+variable "private_key_ecdsa_curve" {
+ description = "When algorithm is ECDSA, the name of the elliptic curve to use."
+ type = string
+ default = "P521"
+}
+
+variable "private_key_rsa_bits" {
+ description = "When algorithm is RSA, the size of the generated RSA key in bits."
+ type = number
+ default = 4096
+}
+
+# Variables for Placement Group
+variable "placement_group_strategy" {
+ description = "The placement strategy. Can be cluster, partition or spread."
+ type = string
+ default = "cluster"
+}
+
+# Variables for Instance
+variable "tg_ami" {
+ description = "AMI to use for the instance."
+ type = string
+ default = "ami-0c2d02d48236a23dd"
+}
+
+variable "tg_associate_public_ip_address" {
+ description = "Whether to associate a public IP address with an instance in a VPC."
+ type = bool
+ default = true
+}
+
+variable "tg_instance_initiated_shutdown_behavior" {
+ description = "Shutdown behavior for the instance."
+ type = string
+ default = "terminate"
+}
+
+variable "tg_instance_type" {
+ description = "The instance type to use for the instance."
+ type = string
+ default = "c5n.4xlarge"
+}
+
+variable "tg_private_ip" {
+ description = "Private IP address to associate with the instance in a VPC."
+ type = string
+ default = "192.168.0.10"
+}
+
+variable "tg_source_dest_check" {
+ description = "Controls if traffic is routed to the instance when the destination address does not match the instance."
+ type = bool
+ default = false
+}
+
+variable "sut1_ami" {
+ description = "AMI to use for the instance."
+ type = string
+ default = "ami-0c2d02d48236a23dd"
+}
+
+variable "sut1_associate_public_ip_address" {
+ description = "Whether to associate a public IP address with an instance in a VPC."
+ type = bool
+ default = true
+}
+
+variable "sut1_instance_initiated_shutdown_behavior" {
+ description = "Shutdown behavior for the instance."
+ type = string
+ default = "terminate"
+}
+
+variable "sut1_instance_type" {
+ description = "The instance type to use for the instance."
+ type = string
+ default = "c5n.4xlarge"
+}
+
+variable "sut1_private_ip" {
+ description = "Private IP address to associate with the instance in a VPC."
+ type = string
+ default = "192.168.0.11"
+}
+
+variable "sut1_source_dest_check" {
+ description = "Controls if traffic is routed to the instance when the destination address does not match the instance."
+ type = bool
+ default = false
+}
+
+# Variables for Network Interface
+variable "tg_if1_private_ip" {
+ description = "List of private IPs to assign to the ENI without regard to order."
+ type = string
+ default = "192.168.10.254"
+}
+
+variable "tg_if2_private_ip" {
+ description = "List of private IPs to assign to the ENI without regard to order."
+ type = string
+ default = "192.168.20.254"
+}
+
+variable "destination_cidr_block_tg_if1" {
+ description = "The destination CIDR block."
+ type = string
+ default = "10.0.0.0/16"
+}
+
+variable "destination_cidr_block_tg_if2" {
+ description = "The destination CIDR block."
+ type = string
+ default = "20.0.0.0/16"
+}
+
+variable "sut1_if1_private_ip" {
+ description = "List of private IPs to assign to the ENI without regard to order."
+ type = string
+ default = "192.168.10.11"
+}
+
+variable "sut1_if2_private_ip" {
+ description = "List of private IPs to assign to the ENI without regard to order."
+ type = string
+ default = "192.168.20.11"
+}
+
+# Variables for Null Resource
+variable "first_run_commands" {
+ description = "List of private IPs to assign to the ENI without regard to order."
+ type = list(string)
+ default = [
+ "sudo sed -i 's/^PasswordAuthentication/#PasswordAuthentication/' /etc/ssh/sshd_config",
+ "sudo systemctl restart sshd",
+ "sudo useradd --create-home -s /bin/bash provisionuser",
+ "echo 'provisionuser:Csit1234' | sudo chpasswd",
+ "echo 'provisionuser ALL = (ALL) NOPASSWD: ALL' | sudo tee -a /etc/sudoers",
+ "sudo useradd --create-home -s /bin/bash testuser",
+ "echo 'testuser:Csit1234' | sudo chpasswd",
+ "echo 'testuser ALL = (ALL) NOPASSWD: ALL' | sudo tee -a /etc/sudoers"
+ ]
+}
+
+# Variables for Null Resource
+variable "ansible_topology_path" {
+ description = "Ansible topology path."
+ type = string
+ default = "../../fdio.infra.ansible/cloud_topology.yaml"
+}
diff --git a/fdio.infra.terraform/terraform-aws-2n-aws-c5n/versions.tf b/fdio.infra.terraform/terraform-aws-2n-aws-c5n/versions.tf
new file mode 100644
index 0000000000..2592550224
--- /dev/null
+++ b/fdio.infra.terraform/terraform-aws-2n-aws-c5n/versions.tf
@@ -0,0 +1,20 @@
+terraform {
+ required_providers {
+ aws = {
+ source = "hashicorp/aws"
+ version = ">= 4.3.0"
+ }
+ null = {
+ source = "hashicorp/null"
+ version = "~> 3.1.0"
+ }
+ tls = {
+ source = "hashicorp/tls"
+ version = "~> 3.1.0"
+ }
+ vault = {
+ version = ">=2.22.1"
+ }
+ }
+ required_version = ">= 1.1.4"
+}
diff --git a/fdio.infra.terraform/terraform-aws-subnet/versions.tf b/fdio.infra.terraform/terraform-aws-subnet/versions.tf
index 66b9c17f9b..eed543f20a 100644
--- a/fdio.infra.terraform/terraform-aws-subnet/versions.tf
+++ b/fdio.infra.terraform/terraform-aws-subnet/versions.tf
@@ -5,5 +5,5 @@ terraform {
version = "~> 4.3.0"
}
}
- required_version = ">= 1.1.4"
+ required_version = ">= 1.0.4"
}
diff --git a/fdio.infra.terraform/terraform-aws-vpc/main.tf b/fdio.infra.terraform/terraform-aws-vpc/main.tf
index 59ac63663d..fb51a7b385 100644
--- a/fdio.infra.terraform/terraform-aws-vpc/main.tf
+++ b/fdio.infra.terraform/terraform-aws-vpc/main.tf
@@ -32,6 +32,7 @@ resource "aws_security_group" "security_group" {
from_port = lookup(ingress.value, "from_port", null)
to_port = lookup(ingress.value, "to_port", null)
protocol = lookup(ingress.value, "protocol", null)
+ self = lookup(ingress.value, "self", null)
cidr_blocks = lookup(ingress.value, "cidr_blocks", null)
ipv6_cidr_blocks = lookup(ingress.value, "ipv6_cidr_blocks", null)
}
@@ -39,11 +40,12 @@ resource "aws_security_group" "security_group" {
dynamic "egress" {
for_each = var.security_group_egress
content {
- from_port = lookup(ingress.value, "from_port", null)
- to_port = lookup(ingress.value, "to_port", null)
- protocol = lookup(ingress.value, "protocol", null)
- cidr_blocks = lookup(ingress.value, "cidr_blocks", null)
- ipv6_cidr_blocks = lookup(ingress.value, "ipv6_cidr_blocks", null)
+ from_port = lookup(egress.value, "from_port", null)
+ to_port = lookup(egress.value, "to_port", null)
+ protocol = lookup(egress.value, "protocol", null)
+ self = lookup(egress.value, "self", null)
+ cidr_blocks = lookup(egress.value, "cidr_blocks", null)
+ ipv6_cidr_blocks = lookup(egress.value, "ipv6_cidr_blocks", null)
}
}
}
diff --git a/fdio.infra.terraform/terraform-aws-vpc/outputs.tf b/fdio.infra.terraform/terraform-aws-vpc/outputs.tf
index e1072a6b16..b58963917b 100644
--- a/fdio.infra.terraform/terraform-aws-vpc/outputs.tf
+++ b/fdio.infra.terraform/terraform-aws-vpc/outputs.tf
@@ -1,9 +1,24 @@
output "vpc_id" {
value = aws_vpc.vpc.id
- description = "The ID of the VPC"
+ description = "The ID of the VPC."
}
output "vpc_ipv6_cidr_block" {
value = aws_vpc.vpc.ipv6_cidr_block
- description = "IPv6 CIDR block"
-} \ No newline at end of file
+ description = "IPv6 CIDR block."
+}
+
+output "vpc_main_route_table_id" {
+ value = aws_vpc.vpc.main_route_table_id
+ description = "The ID of the Main Route Table."
+}
+
+output "vpc_subnet_id" {
+ value = aws_subnet.subnet.id
+ description = "The ID of the Subnet."
+}
+
+output "vpc_security_group_id" {
+ value = aws_security_group.security_group.id
+ description = "The ID of the Security Group."
+}
diff --git a/fdio.infra.terraform/terraform-aws-vpc/variables.tf b/fdio.infra.terraform/terraform-aws-vpc/variables.tf
index 1e883eda78..5c7c8dc79a 100644
--- a/fdio.infra.terraform/terraform-aws-vpc/variables.tf
+++ b/fdio.infra.terraform/terraform-aws-vpc/variables.tf
@@ -67,6 +67,15 @@ variable "security_group_ingress" {
from_port = 22
to_port = 22
protocol = "tcp"
+ self = false
+ cidr_blocks = ["0.0.0.0/0"]
+ ipv6_cidr_blocks = ["::/0"]
+ },
+ {
+ from_port = 0
+ to_port = 0
+ protocol = -1
+ self = true
cidr_blocks = ["0.0.0.0/0"]
ipv6_cidr_blocks = ["::/0"]
},
diff --git a/fdio.infra.terraform/terraform-aws-vpc/versions.tf b/fdio.infra.terraform/terraform-aws-vpc/versions.tf
index 66b9c17f9b..eed543f20a 100644
--- a/fdio.infra.terraform/terraform-aws-vpc/versions.tf
+++ b/fdio.infra.terraform/terraform-aws-vpc/versions.tf
@@ -5,5 +5,5 @@ terraform {
version = "~> 4.3.0"
}
}
- required_version = ">= 1.1.4"
+ required_version = ">= 1.0.4"
}
diff --git a/resources/libraries/bash/function/common.sh b/resources/libraries/bash/function/common.sh
index 39b2be4608..7595f172e7 100644
--- a/resources/libraries/bash/function/common.sh
+++ b/resources/libraries/bash/function/common.sh
@@ -1145,11 +1145,11 @@ function select_topology () {
TOPOLOGIES_TAGS="2_node_single_link_topo"
;;
"2n_aws")
- TOPOLOGIES=( "${TOPOLOGIES_DIR}"/*2n_aws*.yaml )
+ TOPOLOGIES=( "${TOPOLOGIES_DIR}"/*2n-aws*.yaml )
TOPOLOGIES_TAGS="2_node_single_link_topo"
;;
"3n_aws")
- TOPOLOGIES=( "${TOPOLOGIES_DIR}"/*3n_aws*.yaml )
+ TOPOLOGIES=( "${TOPOLOGIES_DIR}"/*3n-aws*.yaml )
TOPOLOGIES_TAGS="3_node_single_link_topo"
;;
*)
diff --git a/resources/libraries/bash/function/terraform.sh b/resources/libraries/bash/function/terraform.sh
index ed3bda32aa..1766381f75 100644
--- a/resources/libraries/bash/function/terraform.sh
+++ b/resources/libraries/bash/function/terraform.sh
@@ -32,7 +32,7 @@ function terraform_apply () {
fi
pushd "${CSIT_DIR}"/fdio.infra.terraform || die "Pushd failed!"
- pushd "${NODENESS}_${FLAVOR}_c5n" || die "Pushd failed!"
+ pushd "terraform-aws-${NODENESS}-${FLAVOR}-c5n" || die "Pushd failed!"
export TF_LOG=INFO
trap 'terraform_destroy' ERR || {
die "Trap attempt failed, please cleanup manually. Aborting!"
@@ -58,7 +58,7 @@ function terraform_destroy () {
fi
pushd "${CSIT_DIR}"/fdio.infra.terraform || die "Pushd failed!"
- pushd "${NODENESS}_${FLAVOR}_c5n" || die "Pushd failed!"
+ pushd "terraform-aws-${NODENESS}-${FLAVOR}-c5n" || die "Pushd failed!"
export TF_LOG=INFO
terraform destroy -auto-approve -no-color || die "Terraform destroy failed!"
popd || die "Popd failed!"
@@ -88,7 +88,7 @@ function terraform_init () {
fi
pushd "${CSIT_DIR}"/fdio.infra.terraform || die "Pushd failed!"
- pushd "${NODENESS}_${FLAVOR}_c5n" || die "Pushd failed!"
+ pushd "terraform-aws-${NODENESS}-${FLAVOR}-c5n" || die "Pushd failed!"
plugin_url="https://github.com/radekg/terraform-provisioner-ansible/"
plugin_url+="releases/download/v2.5.0/"