## load provider terraform { required_version = ">= 0.14.0" required_providers { openstack = { source = "terraform-provider-openstack/openstack" version = "~> 1.48.0" } } } ## configure provider provider "openstack" { auth_url = "${var.provider_config["auth_url"]}" user_name = "${var.provider_config["auth_user"]}" password = "${var.provider_config["auth_pass"]}" tenant_name = "${var.provider_config["project"]}" region = "RegionOne" } ## vars variable "dns" { type = list(string) default = ["1.1.1.1", "8.8.8.8"] } variable "subnet1" { type = map(string) default = { subnet_name = "subnet1" cidr = "172.16.10.0/24" instance_count = "2" } } variable "subnet2" { type = map(string) default = { subnet_name = "subnet2" cidr = "172.16.11.0/24" instance_count = "1" } } ## data sources data "openstack_networking_network_v2" "exnetname" { network_id = "${var.extnetid}" } #output "exnet_name" { # value = "${data.openstack_networking_network_v2.exnetname.name}" #} ## resources # router resource "openstack_networking_router_v2" "router" { name = "router_${local.project}" admin_state_up = true external_network_id = var.extnetid } # network1 resource "openstack_networking_network_v2" "network1" { name = "network1_${local.project}" } # network2 resource "openstack_networking_network_v2" "network2" { name = "network2_${local.project}" } # subnet1 resource "openstack_networking_subnet_v2" "subnet1" { name = "${var.subnet1["subnet_name"]}_${local.project}" network_id = openstack_networking_network_v2.network1.id cidr = var.subnet1["cidr"] dns_nameservers = var.dns } # subnet2 resource "openstack_networking_subnet_v2" "subnet2" { name = "${var.subnet2["subnet_name"]}_${local.project}" network_id = openstack_networking_network_v2.network2.id cidr = var.subnet2["cidr"] dns_nameservers = var.dns } # router interface subnet1 resource "openstack_networking_router_interface_v2" "interface1" { router_id = openstack_networking_router_v2.router.id subnet_id = openstack_networking_subnet_v2.subnet1.id } # router interface subnet2 resource "openstack_networking_router_interface_v2" "interface2" { router_id = openstack_networking_router_v2.router.id subnet_id = openstack_networking_subnet_v2.subnet2.id } # security group resource "openstack_compute_secgroup_v2" "ingress" { name = "${local.project}" description = "ingress rules" rule { from_port = 22 to_port = 22 ip_protocol = "tcp" cidr = "192.168.140.0/24" } rule { from_port = -1 to_port = -1 ip_protocol = "icmp" cidr = "192.168.140.0/24" } rule { from_port = 22 to_port = 22 ip_protocol = "tcp" self = true } rule { from_port = -1 to_port = -1 ip_protocol = "icmp" self = true } } # floating ip instance_subnet1 resource "openstack_compute_floatingip_v2" "instance_subnet1_fip" { count = "${var.subnet1["instance_count"]}" pool = "${data.openstack_networking_network_v2.exnetname.name}" #depends_on = ["openstack_networking_router_interface_v2.router"] } # floating ip instance_subnet2 resource "openstack_compute_floatingip_v2" "instance_subnet2_fip" { count = "${var.subnet2["instance_count"]}" pool = "${data.openstack_networking_network_v2.exnetname.name}" #depends_on = ["openstack_networking_router_interface_v2.router"] } # subnet1 instances resource "openstack_compute_instance_v2" "instance_subnet1" { count = "${var.subnet1["instance_count"]}" name = "${var.subnet1["subnet_name"]}_${local.project}${count.index}" image_id = var.image flavor_id = var.flavor user_data = templatefile("user_data.sh", { pubkey = local.pubkey } ) #network { # uuid = var.extnetid #} network { uuid = openstack_networking_network_v2.network1.id } security_groups = [ "${openstack_compute_secgroup_v2.ingress.name}" ] depends_on = [ openstack_networking_subnet_v2.subnet1 ] } # subnet2 instances resource "openstack_compute_instance_v2" "instance_subnet2" { count = "${var.subnet2["instance_count"]}" name = "${var.subnet2["subnet_name"]}_${local.project}${count.index}" image_id = var.image flavor_id = var.flavor user_data = templatefile("user_data.sh", { pubkey = local.pubkey } ) network { uuid = openstack_networking_network_v2.network2.id } security_groups = [ "${openstack_compute_secgroup_v2.ingress.name}" ] depends_on = [ openstack_networking_subnet_v2.subnet2 ] } # subnet1 floating ips resource "openstack_compute_floatingip_associate_v2" "fip_subnet1" { count = "${var.subnet1["instance_count"]}" floating_ip = "${openstack_compute_floatingip_v2.instance_subnet1_fip[count.index].address}" instance_id = "${openstack_compute_instance_v2.instance_subnet1[count.index].id}" } # subnet2 floating ips resource "openstack_compute_floatingip_associate_v2" "fip_subnet2" { count = "${var.subnet2["instance_count"]}" floating_ip = "${openstack_compute_floatingip_v2.instance_subnet2_fip[count.index].address}" instance_id = "${openstack_compute_instance_v2.instance_subnet2[count.index].id}" } # ansible inventory resource "local_file" "ansible_inventory" { content = templatefile("inventory.tmpl", { user = "openstack" password = "Password0" subnet1_instance_name = openstack_compute_instance_v2.instance_subnet1[*].name subnet1_instance_address = openstack_compute_floatingip_v2.instance_subnet1_fip[*].address subnet2_instance_name = openstack_compute_instance_v2.instance_subnet2[*].name subnet2_instance_address = openstack_compute_floatingip_v2.instance_subnet2_fip[*].address } ) filename = "ansible_inventory" } # cheat, no until connection - wait for nodes to boot and start ssh resource "time_sleep" "loitering" { create_duration = "120s" } # check ansible instance connectivity resource "null_resource" "ansible_floating_ip_ping" { provisioner "local-exec" { command = "ansible -i ansible_inventory all -m ping" } depends_on = [ time_sleep.loitering ] } # check ansible inter-instance connectivity resource "null_resource" "ansible_private_net_ping" { provisioner "local-exec" { command = "ansible-playbook -i ansible_inventory ping_test.yml" } depends_on = [ null_resource.ansible_floating_ip_ping ] }