provider "azurerm" {
version = ">= 1.4.0"
}
# Variables
variable "vpc_addr_space_a" {
type = string
default = "172.16.0.0/16"
}
variable "vpc_cidr_a" {
type = string
default = "172.16.0.0/24"
}
variable "vpc_cidr_b" {
type = string
default = "172.16.10.0/24"
}
variable "vpc_cidr_c" {
type = string
default = "172.16.200.0/24"
}
variable "vpc_cidr_d" {
type = string
default = "172.16.20.0/24"
}
variable "trex_dummy_cidr_port_0" {
type = string
default = "172.16.11.0/24"
}
variable "trex_dummy_cidr_port_1" {
type = string
default = "172.16.21.0/24"
}
# Create resource group and resources
resource "azurerm_resource_group" "CSIT" {
name = "CSIT"
#location = "East US"
location = "UK South"
}
resource "azurerm_virtual_network" "CSIT" {
name = "CSIT-network"
resource_group_name = azurerm_resource_group.CSIT.name
location = azurerm_resource_group.CSIT.location
address_space = [var.vpc_addr_space_a]
depends_on = [azurerm_resource_group.CSIT]
}
resource "azurerm_subnet" "a" {
name = "subnet_a"
resource_group_name = azurerm_resource_group.CSIT.name
virtual_network_name = azurerm_virtual_network.CSIT.name
address_prefix = var.vpc_cidr_a
depends_on = [azurerm_resource_group.CSIT]
}
resource "azurerm_subnet" "b" {
name = "subnet_b"
resource_group_name = azurerm_resource_group.CSIT.name
virtual_network_name = azurerm_virtual_network.CSIT.name
address_prefix = var.vpc_cidr_b
depends_on = [azurerm_resource_group.CSIT]
}
resource "azurerm_subnet" "c" {
name = "subnet_c"
resource_group_name = azurerm_resource_group.CSIT.name
virtual_network_name = azurerm_virtual_network.CSIT.name
address_prefix = var.vpc_cidr_c
depends_on = [azurerm_resource_group.CSIT]
}
resource "azurerm_subnet" "d" {
name = "subnet_d"
resource_group_name = azurerm_resource_group.CSIT.name
virtual_network_name = azurerm_virtual_network.CSIT.name
address_prefix = var.vpc_cidr_d
depends_on = [azurerm_resource_group.CSIT]
}
# Create a security group of the Kiknos instances
resource "azurerm_network_security_group" "CSIT" {
name = "CSIT"
resource_group_name = azurerm_resource_group.CSIT.name
location = azurerm_resource_group.CSIT.location
security_rule {
name = "IpSec"
priority = 100
direction = "Inbound"
access = "Allow"
protocol = "Udp"
source_port_range = "*"
destination_port_range = "500"
source_address_prefix = "*"
destination_address_prefix = "*"
}
security_rule {
name = "IpSec-NAT"
priority = 101
direction = "Inbound"
access = "Allow"
protocol = "Udp"
source_port_range = "*"
destination_port_range = "4500"
source_address_prefix = "*"
destination_address_prefix = "*"
}
security_rule {
name = "SSH"
priority = 102
direction = "Inbound"
access = "Allow"
protocol = "Tcp"
source_port_range = "*"
destination_port_range = "22"
source_address_prefix = "*"
destination_address_prefix = "*"
}
security_rule {
name = "InboundAll"
priority = 103
direction = "Inbound"
access = "Allow"
protocol = "*"
source_port_range = "*"
destination_port_range = "*"
source_address_prefix = "*"
destination_address_prefix = "*"
}
security_rule {
name = "Outbound"
priority = 104
direction = "Outbound"
access = "Allow"
protocol = "*"
source_port_range = "*"
destination_port_range = "*"
source_address_prefix = "*"
destination_address_prefix = "*"
}
depends_on = [azurerm_virtual_network.CSIT]
}
# Create public IPs
resource "azurerm_public_ip" "tg_public_ip" {
name = "tg_public_ip"
location = azurerm_resource_group.CSIT.location
resource_group_name = azurerm_resource_group.CSIT.name
allocation_method = "Dynamic"
depends_on = [azurerm_resource_group.CSIT]
}
resource "azurerm_public_ip" "dut1_public_ip" {
name = "dut1_public_ip"
location = azurerm_resource_group.CSIT.location
resource_group_name = azurerm_resource_group.CSIT.name
allocation_method = "Dynamic"
depends_on = [azurerm_resource_group.CSIT]
}
resource "azurerm_public_ip" "dut2_public_ip" {
name = "dut2_public_ip"
location = azurerm_resource_group.CSIT.location
resource_group_name = azurerm_resource_group.CSIT.name
allocation_method = "Dynamic"
depends_on = [azurerm_resource_group.CSIT]
}
# Create network interface
resource "azurerm_network_interface" "tg_mng" {
name = "tg_mng"
location = azurerm_resource_group.CSIT.location
resource_group_name = azurerm_resource_group.CSIT.name
network_security_group_id = azurerm_network_security_group.CSIT.id
ip_configuration {
primary = "true"
name = "tg_mng_ip"
subnet_id = azurerm_subnet.a.id
private_ip_address_allocation = "Static"
private_ip_address = "172.16.0.10"
public_ip_address_id = azurerm_public_ip.tg_public_ip.id
}
depends_on = [azurerm_resource_group.CSIT,
azurerm_subnet.a,
azurerm_public_ip.tg_public_ip]
}
resource "azurerm_network_interface" "dut1_mng" {
name = "dut1_mng"
location = azurerm_resource_group.CSIT.location
resource_group_name = azurerm_resource_group.CSIT.name
network_security_group_id = azurerm_network_security_group.CSIT.id
ip_configuration {
primary = "true"
name = "dut1_mng_ip"
subnet_id = azurerm_subnet.a.id
private_ip_address_allocation = "Static"
private_ip_address = "172.16.0.11"
public_ip_address_id = azurerm_public_ip.dut1_public_ip.id
}
depends_on = [azurerm_resource_group.CSIT,
azurerm_subnet.a,
azurerm_public_ip.dut1_public_ip]
}
resource "azurerm_network_interface" "dut2_mng" {
name = "dut2_mng"
location = azurerm_resource_group.CSIT.location
resource_group_name = azurerm_resource_group.CSIT.name
network_security_group_id = azurerm_network_security_group.CSIT.id
ip_configuration {
primary = "true"
name = "dut2_mng_ip"
subnet_id = azurerm_subnet.a.id
private_ip_address_allocation = "Static"
private_ip_address = "172.16.0.12"
public_ip_address_id = azurerm_public_ip.dut2_public_ip.id
}
depends_on = [azurerm_resource_group.CSIT,
azurerm_subnet.a,
azurerm_public_ip.dut2_public_ip]
}
resource "azurerm_route_table" "b" {
name = "b"
location = azurerm_resource_group.CSIT.location
resource_group_name = azurerm_resource_group.CSIT.name
depends_on = [azurerm_resource_group.CSIT,
azurerm_subnet.b]
disable_bgp_route_propagation = false
route {
name = "route-10"
address_prefix = var.trex_dummy_cidr_port_0
next_hop_type = "VirtualAppliance"
next_hop_in_ip_address = data.azurerm_network_interface.tg_if1.private_ip_address
}
route {
name = "route-20"
address_prefix = var.trex_dummy_cidr_port_1
next_hop_type = "VirtualAppliance"
next_hop_in_ip_address = data.azurerm_network_interface.dut1_if1.private_ip_address
}
route {
name = "tg2"
address_prefix = var.vpc_cidr_d
next_hop_type = "VirtualAppliance"
next_hop_in_ip_address = data.azurerm_network_interface.dut1_if1.private_ip_address
}
}
resource "azurerm_route_table" "c" {
name = "c"
location = azurerm_resource_group.CSIT.location
resource_group_name = azurerm_resource_group.CSIT.name
depends_on = [azurerm_resource_group.CSIT,
azurerm_subnet.c]
disable_bgp_route_propagation = false
route {
name = "route-10"
address_prefix = var.trex_dummy_cidr_port_0
next_hop_type = "VirtualAppliance"
next_hop_in_ip_address = data.azurerm_network_interface.dut1_if2.private_ip_address
}
route {
name = "route-100"
address_prefix = "100.0.0.0/8"
next_hop_type = "VirtualAppliance"
next_hop_in_ip_address = data.azurerm_network_interface.dut1_if2.private_ip_address
}
route {
name = "route-20"
address_prefix = var.trex_dummy_cidr_port_1
next_hop_type = "VirtualAppliance"
next_hop_in_ip_address = data.azurerm_network_interface.dut2_if1.private_ip_address
}
route {
name = "tg1"
address_prefix = var.vpc_cidr_b
next_hop_type = "VirtualAppliance"
next_hop_in_ip_address = data.azurerm_network_interface.dut1_if2.private_ip_address
}
route {
name = "tg2"
address_prefix = var.vpc_cidr_d
next_hop_type = "VirtualAppliance"
next_hop_in_ip_address = data.azurerm_network_interface.dut2_if1.private_ip_address
}
}
resource "azurerm_route_table" "d" {
name = "d"
location = azurerm_resource_group.CSIT.location
resource_group_name = azurerm_resource_group.CSIT.name
depends_on = [azurerm_resource_group.CSIT,
azurerm_subnet.d]
disable_bgp_route_propagation = false
route {
name = "route-10"
address_prefix = var.trex_dummy_cidr_port_0
next_hop_type = "VirtualAppliance"
next_hop_in_ip_address = data.azurerm_network_interface.dut2_if2.private_ip_address
}
route {
name = "route-20"
address_prefix = var.trex_dummy_cidr_port_1
next_hop_type = "VirtualAppliance"
next_hop_in_ip_address = data.azurerm_network_interface.tg_if2.private_ip_address
}
route {
name = "tg1"
address_prefix = var.vpc_cidr_b
next_hop_type = "VirtualAppliance"
next_hop_in_ip_address = data.azurerm_network_interface.dut2_if2.private_ip_address
}
}
resource "azurerm_subnet_route_table_association" "b" {
subnet_id = azurerm_subnet.b.id
route_table_id = azurerm_route_table.b.id
}
resource "azurerm_subnet_route_table_association" "c" {
subnet_id = azurerm_subnet.c.id
route_table_id = azurerm_route_table.c.id
}
resource "azurerm_subnet_route_table_association" "d" {
subnet_id = azurerm_subnet.d.id
route_table_id = azurerm_route_table.d.id
}
resource "azurerm_virtual_machine" "tg" {
name = "tg"
location = azurerm_resource_group.CSIT.location
resource_group_name = azurerm_resource_group.CSIT.name
primary_network_interface_id = azurerm_network_interface.tg_mng.id
network_interface_ids = [azurerm_network_interface.tg_mng.id,
azurerm_network_interface.tg_if1.id,
azurerm_network_interface.tg_if2.id]
vm_size = "Standard_F32s_v2"
delete_os_disk_on_termination = true
delete_data_disks_on_termination = true
storage_os_disk {
name = "OsDiskTG"
caching = "ReadWrite"
create_option = "FromImage"
managed_disk_type = "StandardSSD_LRS"
}
storage_image_reference {
publisher = "Canonical"
offer = "UbuntuServer"
sku = "18.04-LTS"
version = "latest"
}
os_profile {
computer_name = "tg"
admin_username = "ubuntu"
}
os_profile_linux_config {
disable_password_authentication = true
ssh_keys {
path = "/home/ubuntu/.ssh/authorized_keys"
key_data = file("~/.ssh/id_rsa.pub")
}
}
depends_on = [azurerm_resource_group.CSIT,
azurerm_network_interface.tg_mng]
}
resource "azurerm_virtual_machine" "dut1" {
name = "dut1"
location = azurerm_resource_group.CSIT.location
resource_group_name = azurerm_resource_group.CSIT.name
primary_network_interface_id = azurerm_network_interface.dut1_mng.id
network_interface_ids = [azurerm_network_interface.dut1_mng.id,
azurerm_network_interface.dut1_if1.id,
azurerm_network_interface.dut1_if2.id]
vm_size = "Standard_F32s_v2"
delete_os_disk_on_termination = true
delete_data_disks_on_termination = true
storage_os_disk {
name = "OsDiskDUT1"
caching = "ReadWrite"
create_option = "FromImage"
managed_disk_type = "StandardSSD_LRS"
}
storage_image_reference {
publisher = "Canonical"
offer = "UbuntuServer"
sku = "18.04-LTS"
version = "latest"
}
os_profile {
computer_name = "dut1"
admin_username = "ubuntu"
}
os_profile_linux_config {
disable_password_authentication = true
ssh_keys {
path = "/home/ubuntu/.ssh/authorized_keys"
key_data = file("~/.ssh/id_rsa.pub")
}
}
depends_on = [azurerm_resource_group.CSIT,
azurerm_network_interface.dut1_mng]
}
resource "azurerm_virtual_machine" "dut2" {
name = "dut2"
location = azurerm_resource_group.CSIT.location
resource_group_name = azurerm_resource_group.CSIT.name
primary_network_interface_id = azurerm_network_interface.dut2_mng.id
network_interface_ids = [azurerm_network_interface.dut2_mng.id,
azurerm_network_interface.dut2_if1.id,
azurerm_network_interface.dut2_if2.id]
vm_size = "Standard_F32s_v2"
delete_os_disk_on_termination = true
delete_data_disks_on_termination = true
storage_os_disk {
name = "OsDiskDUT2"
caching = "ReadWrite"
create_option = "FromImage"
managed_disk_type = "StandardSSD_LRS"
}
storage_image_reference {
publisher = "Canonical"
offer = "UbuntuServer"
sku = "18.04-LTS"
version = "latest"
}
os_profile {
computer_name = "dut2"
admin_username = "ubuntu"
}
os_profile_linux_config {
disable_password_authentication = true
ssh_keys {
path = "/home/ubuntu/.ssh/authorized_keys"
key_data = file("~/.ssh/id_rsa.pub")
}
}
depends_on = [azurerm_resource_group.CSIT,
azurerm_network_interface.dut2_mng]
}
data "azurerm_public_ip" "tg_public_ip" {
name = "tg_public_ip"
resource_group_name = azurerm_resource_group.CSIT.name
depends_on = [azurerm_virtual_machine.tg]
}
data "azurerm_public_ip" "dut1_public_ip" {
name = "dut1_public_ip"
resource_group_name = azurerm_resource_group.CSIT.name
depends_on = [azurerm_virtual_machine.dut1]
}
data "azurerm_public_ip" "dut2_public_ip" {
name = "dut2_public_ip"
resource_group_name = azurerm_resource_group.CSIT.name
depends_on = [azurerm_virtual_machine.dut2]
}
# Provisioning
resource "null_resource" "deploy_tg" {
depends_on = [azurerm_virtual_machine.tg,
azurerm_network_interface.tg_if1,
azurerm_network_interface.tg_if2]
connection {
user = "ubuntu"
host = data.azurerm_public_ip.tg_public_ip.ip_address
private_key = file("~/.ssh/id_rsa")
}
provisioner "ansible" {
plays {
playbook {
file_path = "../../testbed-setup/ansible/site.yaml"
force_handlers = true
}
hosts = ["tg_azure"]
extra_vars = {
ansible_python_interpreter = "/usr/bin/python3"
azure = true
}
}
}
}
resource "null_resource" "deploy_dut1" {
depends_on = [azurerm_virtual_machine.dut1,
azurerm_network_interface.dut1_if1,
azurerm_network_interface.dut1_if2]
connection {
user = "ubuntu"
host = data.azurerm_public_ip.dut1_public_ip.ip_address
private_key = file("~/.ssh/id_rsa")
}
provisioner "ansible" {
plays {
playbook {
file_path = "../../testbed-setup/ansible/site.yaml"
force_handlers = true
}
hosts = ["sut_azure"]
extra_vars = {
ansible_python_interpreter = "/usr/bin/python3"
azure = true
}
}
}
}
resource "null_resource" "deploy_dut2" {
depends_on = [azurerm_virtual_machine.dut2,
azurerm_network_interface.dut2_if1,
azurerm_network_interface.dut2_if2]
connection {
user = "ubuntu"
host = data.azurerm_public_ip.dut2_public_ip.ip_address
private_key = file("~/.ssh/id_rsa")
}
provisioner "ansible" {
plays {
playbook {
file_path = "../../testbed-setup/ansible/site.yaml"
force_handlers = true
}
hosts = ["sut_azure"]
extra_vars = {
ansible_python_interpreter = "/usr/bin/python3"
azure = true
}
}
}
}
resource "null_resource" "deploy_topology" {
depends_on = [azurerm_virtual_machine.tg,
azurerm_network_interface.tg_if1,
azurerm_network_interface.tg_if2,
azurerm_virtual_machine.dut1,
azurerm_network_interface.dut1_if1,
azurerm_network_interface.dut1_if2,
azurerm_virtual_machine.dut2,
azurerm_network_interface.dut2_if1,
azurerm_network_interface.dut2_if2]
provisioner "ansible" {
plays {
playbook {
file_path = "../../testbed-setup/ansible/cloud_topology.yaml"
}
hosts = ["local"]
extra_vars = {
ansible_python_interpreter = "/usr/bin/python3"
cloud_topology = "3n_azure_Fsv2"
tg_if1_mac = data.azurerm_network_interface.tg_if1.mac_address
tg_if2_mac = data.azurerm_network_interface.tg_if2.mac_address
dut1_if1_mac = data.azurerm_network_interface.dut1_if1.mac_address
dut1_if2_mac = data.azurerm_network_interface.dut1_if2.mac_address
dut2_if1_mac = data.azurerm_network_interface.dut2_if1.mac_address
dut2_if2_mac = data.azurerm_network_interface.dut2_if2.mac_address
tg_public_ip = data.azurerm_public_ip.tg_public_ip.ip_address
dut1_public_ip = data.azurerm_public_ip.dut1_public_ip.ip_address
dut2_public_ip = data.azurerm_public_ip.dut2_public_ip.ip_address
}
}
}
}
output "dbg_tg" {
value = "TG IP: ${data.azurerm_public_ip.tg_public_ip.ip_address}"
}
output "dbg_dut1" {
value = "DUT1 IP: ${data.azurerm_public_ip.dut1_public_ip.ip_address}"
}
output "dbg_dut2" {
value = "DUT2 IP: ${data.azurerm_public_ip.dut2_public_ip.ip_address}"
}