diff options
author | Maros Mullner <mamullne@cisco.com> | 2020-02-13 10:57:02 +0100 |
---|---|---|
committer | Peter Mikus <pmikus@cisco.com> | 2020-02-17 08:06:13 +0000 |
commit | 6bc0123c235171918a6193b1551ed4d4d82c2fec (patch) | |
tree | f21b0f8fa6d3ab765bb7c9acc7b549e1e64acc71 /resources/tools/terraform/aws | |
parent | 997a634a6658d3d07ff84fc54e156ebd805fec74 (diff) |
AWS terraform automation scripts
Change-Id: I050fe466dd006d330d1bb29cc6ccba8ae4681f01
Signed-off-by: Maros Mullner <maros.mullner@pantheon.tech>
Diffstat (limited to 'resources/tools/terraform/aws')
-rw-r--r-- | resources/tools/terraform/aws/.gitignore | 4 | ||||
-rw-r--r-- | resources/tools/terraform/aws/main.tf | 368 | ||||
-rw-r--r-- | resources/tools/terraform/aws/nic.tf | 101 |
3 files changed, 473 insertions, 0 deletions
diff --git a/resources/tools/terraform/aws/.gitignore b/resources/tools/terraform/aws/.gitignore new file mode 100644 index 0000000000..fc64f0039f --- /dev/null +++ b/resources/tools/terraform/aws/.gitignore @@ -0,0 +1,4 @@ +.terraform/ +.terraform.tfstate.lock.info +terraform.tfstate +terraform.tfstate.backup diff --git a/resources/tools/terraform/aws/main.tf b/resources/tools/terraform/aws/main.tf new file mode 100644 index 0000000000..74baa12419 --- /dev/null +++ b/resources/tools/terraform/aws/main.tf @@ -0,0 +1,368 @@ +provider "aws" { + region = "eu-central-1" +} + +variable "avail_zone" { + type = string + default = "eu-central-1a" +} +# Base VPC CIDRs +variable "vpc_cidr_mgmt" { + type = string + default = "192.168.0.0/24" +} +variable "vpc_cidr_b" { + type = string + default = "192.168.10.0/24" +} +variable "vpc_cidr_c" { + type = string + default = "200.0.0.0/24" +} +variable "vpc_cidr_d" { + type = string + default = "192.168.20.0/24" +} + +# Trex Dummy CIDRs +variable "trex_dummy_cidr_port_0" { + type = string + default = "10.0.0.0/24" +} +variable "trex_dummy_cidr_port_1" { + type = string + default = "20.0.0.0/24" +} + +# IPs +variable "a_gateway" { + type = string + default = "192.168.0.1" +} +variable "b_gateway" { + type = string + default = "192.168.10.1" +} +variable "c_gateway" { + type = string + default = "200.0.0.1" +} +variable "d_gateway" { + type = string + default = "192.168.20.1" +} +variable "tg_if1_ip" { + type = string + default = "192.168.10.254" +} +variable "tg_if2_ip" { + type = string + default = "192.168.20.254" +} +variable "dut1_if1_ip" { + type = string + default = "192.168.10.11" +} +variable "dut1_if2_ip" { + type = string + default = "200.0.0.101" +} +variable "dut2_if1_ip" { + type = string + default = "200.0.0.102" +} +variable "dut2_if2_ip" { + type = string + default = "192.168.20.11" +} +variable "tg_mgmt_ip" { + type = string + default = "192.168.0.10" +} +variable "dut1_mgmt_ip" { + type = string + default = "192.168.0.11" +} +variable "dut2_mgmt_ip" { + type = string + default = "192.168.0.12" +} + +# Instance Type +variable "instance_type" { + type = string + default = "c5n.9xlarge" +} + +resource "aws_vpc" "CSIT" { + cidr_block = var.vpc_cidr_mgmt +} + +resource "aws_security_group" "CSIT" { + name = "CSIT" + description = "Allow inbound traffic" + vpc_id = aws_vpc.CSIT.id + + ingress { + from_port = 22 + to_port = 22 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + ingress { + from_port = 0 + to_port = 0 + protocol = -1 + self = true + } + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } + + depends_on = [aws_vpc.CSIT] +} + +resource "aws_vpc_ipv4_cidr_block_association" "b" { + vpc_id = aws_vpc.CSIT.id + cidr_block = var.vpc_cidr_b + depends_on = [aws_vpc.CSIT] +} +resource "aws_vpc_ipv4_cidr_block_association" "c" { + vpc_id = aws_vpc.CSIT.id + cidr_block = var.vpc_cidr_c + depends_on = [aws_vpc.CSIT] +} +resource "aws_vpc_ipv4_cidr_block_association" "d" { + vpc_id = aws_vpc.CSIT.id + cidr_block = var.vpc_cidr_d + depends_on = [aws_vpc.CSIT] +} + +resource "aws_subnet" "mgmt" { + vpc_id = aws_vpc.CSIT.id + cidr_block = var.vpc_cidr_mgmt + availability_zone = var.avail_zone + depends_on = [aws_vpc.CSIT] +} + +resource "aws_subnet" "b" { + vpc_id = aws_vpc.CSIT.id + cidr_block = var.vpc_cidr_b + availability_zone = var.avail_zone + depends_on = [aws_vpc.CSIT, aws_vpc_ipv4_cidr_block_association.b] +} + +resource "aws_subnet" "c" { + vpc_id = aws_vpc.CSIT.id + cidr_block = var.vpc_cidr_c + availability_zone = var.avail_zone + depends_on = [aws_vpc.CSIT, aws_vpc_ipv4_cidr_block_association.c] +} + +resource "aws_subnet" "d" { + vpc_id = aws_vpc.CSIT.id + cidr_block = var.vpc_cidr_d + availability_zone = var.avail_zone + depends_on = [aws_vpc.CSIT, aws_vpc_ipv4_cidr_block_association.d] +} + +resource "aws_internet_gateway" "CSIT" { + vpc_id = aws_vpc.CSIT.id + depends_on = [aws_vpc.CSIT] +} + +resource "aws_key_pair" "CSIT" { + key_name = "CSIT" + public_key = file("~/.ssh/id_rsa.pub") +} + +data "aws_ami" "ubuntu" { + most_recent = true + + filter { + name = "name" + values = ["*hvm-ssd/ubuntu-bionic-18.04-amd64*"] + } + + filter { + name = "virtualization-type" + values = ["hvm"] + } + + owners = ["099720109477"] # Canonical +} + +resource "aws_placement_group" "CSIT" { + name = "CSIT" + strategy = "cluster" +} + +resource "aws_instance" "tg" { + ami = data.aws_ami.ubuntu.id + instance_type = var.instance_type +# cpu_threads_per_core = 1 +# cpu_core_count = 18 + key_name = aws_key_pair.CSIT.key_name + associate_public_ip_address = true + subnet_id = aws_subnet.mgmt.id + private_ip = var.tg_mgmt_ip + vpc_security_group_ids = [aws_security_group.CSIT.id] + depends_on = [aws_vpc.CSIT, aws_placement_group.CSIT] + placement_group = aws_placement_group.CSIT.id + source_dest_check = false +} + +resource "aws_instance" "dut1" { + ami = data.aws_ami.ubuntu.id +# cpu_threads_per_core = 1 +# cpu_core_count = 18 + instance_type = var.instance_type + key_name = aws_key_pair.CSIT.key_name + associate_public_ip_address = true + subnet_id = aws_subnet.mgmt.id + private_ip = var.dut1_mgmt_ip + vpc_security_group_ids = [aws_security_group.CSIT.id] + depends_on = [aws_vpc.CSIT, aws_placement_group.CSIT] + placement_group = aws_placement_group.CSIT.id + source_dest_check = false +} + +resource "aws_instance" "dut2" { + ami = data.aws_ami.ubuntu.id +# cpu_threads_per_core = 1 +# cpu_core_count = 18 + instance_type = var.instance_type + key_name = aws_key_pair.CSIT.key_name + associate_public_ip_address = true + subnet_id = aws_subnet.mgmt.id + private_ip = var.dut2_mgmt_ip + vpc_security_group_ids = [aws_security_group.CSIT.id] + depends_on = [aws_vpc.CSIT, aws_placement_group.CSIT] + placement_group = aws_placement_group.CSIT.id + source_dest_check = false +} + +resource "aws_route" "CSIT-igw" { + route_table_id = aws_vpc.CSIT.main_route_table_id + gateway_id = aws_internet_gateway.CSIT.id + destination_cidr_block = "0.0.0.0/0" + depends_on = [aws_vpc.CSIT, aws_internet_gateway.CSIT] +} +resource "aws_route" "dummy-trex-port-0" { + route_table_id = aws_vpc.CSIT.main_route_table_id + network_interface_id = aws_instance.tg.primary_network_interface_id + destination_cidr_block = var.trex_dummy_cidr_port_0 + depends_on = [aws_vpc.CSIT, aws_instance.dut1] +} +resource "aws_route" "dummy-trex-port-1" { + route_table_id = aws_vpc.CSIT.main_route_table_id + network_interface_id = aws_instance.tg.primary_network_interface_id + destination_cidr_block = var.trex_dummy_cidr_port_1 + depends_on = [aws_vpc.CSIT, aws_instance.dut2] +} + +resource "null_resource" "deploy_tg" { + depends_on = [ aws_instance.tg ] + connection { + user = "ubuntu" + host = aws_instance.tg.public_ip + private_key = file("~/.ssh/id_rsa") + } + provisioner "ansible" { + plays { + playbook { + file_path = "../../testbed-setup/ansible/site_aws.yaml" + force_handlers = true + } + hosts = ["tg"] + extra_vars = { + ansible_python_interpreter = "/usr/bin/python3" + aws = true + } + } + } +} +resource "null_resource" "deploy_dut1" { + depends_on = [ aws_instance.dut1 ] + connection { + user = "ubuntu" + host = aws_instance.dut1.public_ip + private_key = file("~/.ssh/id_rsa") + } + provisioner "ansible" { + plays { + playbook { + file_path = "../../testbed-setup/ansible/site_aws.yaml" + force_handlers = true + } + hosts = ["sut"] + extra_vars = { + ansible_python_interpreter = "/usr/bin/python3" + aws = true + } + } + } +} +resource "null_resource" "deploy_dut2" { + depends_on = [ aws_instance.dut2 ] + connection { + user = "ubuntu" + host = aws_instance.dut2.public_ip + private_key = file("~/.ssh/id_rsa") + } + provisioner "ansible" { + plays { + playbook { + file_path = "../../testbed-setup/ansible/site_aws.yaml" + force_handlers = true + } + hosts = ["sut"] + extra_vars = { + ansible_python_interpreter = "/usr/bin/python3" + aws = true + } + } + } +} + +resource "null_resource" "deploy_topology" { + depends_on = [ aws_instance.tg, aws_instance.dut1, aws_instance.dut2 ] + provisioner "ansible" { + plays { + playbook { + file_path = "../../testbed-setup/ansible/cloud_topology.yaml" + } + hosts = ["local"] + extra_vars = { + ansible_python_interpreter = "/usr/bin/python3" + cloud_topology = "aws" + tg_if1_mac = data.aws_network_interface.tg_if1.mac_address + tg_if2_mac = data.aws_network_interface.tg_if2.mac_address + dut1_if1_mac = data.aws_network_interface.dut1_if1.mac_address + dut1_if2_mac = data.aws_network_interface.dut1_if2.mac_address + dut2_if1_mac = data.aws_network_interface.dut2_if1.mac_address + dut2_if2_mac = data.aws_network_interface.dut2_if2.mac_address + tg_public_ip = aws_instance.tg.public_ip + dut1_public_ip = aws_instance.dut1.public_ip + dut2_public_ip = aws_instance.dut2.public_ip + } + } + } +} + +output "dbg_tg" { + value = "TG IP: ${aws_instance.tg.public_ip}" +} + +output "dbg_dut1" { + value = "DUT1 IP: ${aws_instance.dut1.public_ip}" +} + +output "dbg_dut2" { + value = "DUT2 IP: ${aws_instance.dut2.public_ip}" +} diff --git a/resources/tools/terraform/aws/nic.tf b/resources/tools/terraform/aws/nic.tf new file mode 100644 index 0000000000..31926e4abd --- /dev/null +++ b/resources/tools/terraform/aws/nic.tf @@ -0,0 +1,101 @@ +resource "aws_network_interface" "dut1_if2" { + subnet_id = aws_subnet.c.id + source_dest_check = false + private_ip = var.dut1_if2_ip + private_ips = [var.dut1_if2_ip] + security_groups = [aws_security_group.CSIT.id] + attachment { + instance = aws_instance.dut1.id + device_index = 1 + } + depends_on = [aws_vpc.CSIT] +} + +data "aws_network_interface" "dut1_if2" { + id = aws_network_interface.dut1_if2.id +} + +resource "aws_network_interface" "dut1_if1" { + subnet_id = aws_subnet.b.id + source_dest_check = false + private_ip = var.dut1_if1_ip + private_ips = [var.dut1_if1_ip] + security_groups = [aws_security_group.CSIT.id] + attachment { + instance = aws_instance.dut1.id + device_index = 2 + } + depends_on = [aws_vpc.CSIT, aws_subnet.b] +} + +data "aws_network_interface" "dut1_if1" { + id = aws_network_interface.dut1_if1.id +} + +resource "aws_network_interface" "dut2_if1" { + subnet_id = aws_subnet.c.id + source_dest_check = false + private_ip = var.dut2_if1_ip + private_ips = [var.dut2_if1_ip] + security_groups = [aws_security_group.CSIT.id] + attachment { + instance = aws_instance.dut2.id + device_index = 1 + } + depends_on = [aws_vpc.CSIT, aws_subnet.c] +} + +data "aws_network_interface" "dut2_if1" { + id = aws_network_interface.dut2_if1.id +} + +resource "aws_network_interface" "dut2_if2" { + subnet_id = aws_subnet.d.id + source_dest_check = false + private_ip = var.dut2_if2_ip + private_ips = [var.dut2_if2_ip] + security_groups = [aws_security_group.CSIT.id] + attachment { + instance = aws_instance.dut2.id + device_index = 2 + } + depends_on = [aws_vpc.CSIT, aws_subnet.d] +} + +data "aws_network_interface" "dut2_if2" { + id = aws_network_interface.dut2_if2.id +} + +resource "aws_network_interface" "tg_if1" { + subnet_id = aws_subnet.b.id + source_dest_check = false + private_ip = var.tg_if1_ip + private_ips = [var.tg_if1_ip] + security_groups = [aws_security_group.CSIT.id] + attachment { + instance = aws_instance.tg.id + device_index = 1 + } + depends_on = [aws_vpc.CSIT, aws_subnet.b] +} + +data "aws_network_interface" "tg_if1" { + id = aws_network_interface.tg_if1.id +} + +resource "aws_network_interface" "tg_if2" { + subnet_id = aws_subnet.d.id + source_dest_check = false + private_ip = var.tg_if2_ip + private_ips = [var.tg_if2_ip] + security_groups = [aws_security_group.CSIT.id] + attachment { + instance = aws_instance.tg.id + device_index = 2 + } + depends_on = [aws_vpc.CSIT, aws_subnet.d] +} + +data "aws_network_interface" "tg_if2" { + id = aws_network_interface.tg_if2.id +} |