From 2fa134ad20d03c50b71637125fc14505c2d6ac5a Mon Sep 17 00:00:00 2001 From: tseed Date: Wed, 26 Oct 2022 19:01:22 +0100 Subject: [PATCH] initial commit --- README.md | 4 + .../01_azure_network/main.tf | 176 +++++++++++++++++ .../01_azure_network/variables.tf | 24 +++ .../02_azure_region/main.tf | 158 +++++++++++++++ .../02_azure_region/variables.tf | 46 +++++ .../03_master_region/main.tf | 181 ++++++++++++++++++ .../03_master_region/variables.tf | 46 +++++ .../README.txt | 19 ++ .../modules/azure_instance/azure_instance.tf | 78 ++++++++ .../modules/azure_instance/variables.tf | 16 ++ .../azure_instance.tf | 86 +++++++++ .../azure_instance_data_disk/variables.tf | 13 ++ .../modules/azure_lb/azure_lb.tf | 61 ++++++ .../modules/azure_lb/variables.tf | 5 + .../modules/azure_nic/azure_nic.tf | 40 ++++ .../modules/azure_nic/variables.tf | 10 + .../modules/azure_pubip/azure_pubip.tf | 15 ++ .../modules/azure_pubip/variables.tf | 4 + .../templates/cf_inventory.tpl | 6 + single_instance/main.tf | 133 +++++++++++++ single_instance/variables.tf | 50 +++++ 21 files changed, 1171 insertions(+) create mode 100644 README.md create mode 100755 multiple_instance_asg_cfme_modules_v2/01_azure_network/main.tf create mode 100755 multiple_instance_asg_cfme_modules_v2/01_azure_network/variables.tf create mode 100755 multiple_instance_asg_cfme_modules_v2/02_azure_region/main.tf create mode 100755 multiple_instance_asg_cfme_modules_v2/02_azure_region/variables.tf create mode 100755 multiple_instance_asg_cfme_modules_v2/03_master_region/main.tf create mode 100755 multiple_instance_asg_cfme_modules_v2/03_master_region/variables.tf create mode 100755 multiple_instance_asg_cfme_modules_v2/README.txt create mode 100755 multiple_instance_asg_cfme_modules_v2/modules/azure_instance/azure_instance.tf create mode 100755 multiple_instance_asg_cfme_modules_v2/modules/azure_instance/variables.tf create mode 100755 multiple_instance_asg_cfme_modules_v2/modules/azure_instance_data_disk/azure_instance.tf create mode 100755 multiple_instance_asg_cfme_modules_v2/modules/azure_instance_data_disk/variables.tf create mode 100755 multiple_instance_asg_cfme_modules_v2/modules/azure_lb/azure_lb.tf create mode 100755 multiple_instance_asg_cfme_modules_v2/modules/azure_lb/variables.tf create mode 100755 multiple_instance_asg_cfme_modules_v2/modules/azure_nic/azure_nic.tf create mode 100755 multiple_instance_asg_cfme_modules_v2/modules/azure_nic/variables.tf create mode 100755 multiple_instance_asg_cfme_modules_v2/modules/azure_pubip/azure_pubip.tf create mode 100755 multiple_instance_asg_cfme_modules_v2/modules/azure_pubip/variables.tf create mode 100755 multiple_instance_asg_cfme_modules_v2/templates/cf_inventory.tpl create mode 100755 single_instance/main.tf create mode 100755 single_instance/variables.tf diff --git a/README.md b/README.md new file mode 100644 index 0000000..6bdef3d --- /dev/null +++ b/README.md @@ -0,0 +1,4 @@ +# What is this? + +Terraform to build Redhat Cloudforms HA set of nodes in Azure. +Redhat Cloudforms dropped Azure, this was never refined/used. diff --git a/multiple_instance_asg_cfme_modules_v2/01_azure_network/main.tf b/multiple_instance_asg_cfme_modules_v2/01_azure_network/main.tf new file mode 100755 index 0000000..40f2b95 --- /dev/null +++ b/multiple_instance_asg_cfme_modules_v2/01_azure_network/main.tf @@ -0,0 +1,176 @@ + +# using local user auth via "azlogin --use-device-code" and suitable rights +provider "azurerm" { + version = "=1.34.0" + skip_provider_registration = true // https://www.terraform.io/docs/providers/azurerm/index.html#skip_provider_registration UON account rights restricted +} + +##### create local variables + +locals { + resource_prefix = "${var.environment}" + } + +##### availability set for virtual machines (ensure vm antifinity rules to hypervisors) + +# resource "azurerm_availability_set" "cfme" { +# name = "${local.resource_prefix}-cfme" +# location = "${var.location}" +# resource_group_name = "${var.resource_group}" +# managed = true // must use as vm with custom disk image used i.e manged disk +# } + +# resource "azurerm_availability_set" "cfdb" { +# name = "${local.resource_prefix}-cfdb" +# location = "${var.location}" +# resource_group_name = "${var.resource_group}" +# managed = true +# } + +##### application security groups + +# network security groups have network security rules attached to them +# network security rules can reference application security groups as sources and destinations +# vms are attached to application security groups +# if application security groups are not used, network security rules must use the ip addresses of vms + +resource "azurerm_application_security_group" "common" { + name = "${local.resource_prefix}-common" + location = "${var.location}" + resource_group_name = "${var.resource_group}" +} + +resource "azurerm_application_security_group" "cfme" { + name = "${local.resource_prefix}-cfme" + location = "${var.location}" + resource_group_name = "${var.resource_group}" +} + +##### network security groups + +resource "azurerm_network_security_group" "common" { + name = "${local.resource_prefix}-common" + location = "${var.location}" + resource_group_name = "${var.resource_group}" +} + +resource "azurerm_network_security_group" "cfme" { + name = "${local.resource_prefix}-cfme" + location = "${var.location}" + resource_group_name = "${var.resource_group}" +} + +##### network security group rules + +#comment block to stop any inbound ssh +resource "azurerm_network_security_rule" "common_any_ssh_inbound" { + name = "${local.resource_prefix}-common-ssh-inbound" + priority = 100 + direction = "Inbound" + access = "Allow" + protocol = "TCP" + source_port_range = "*" + destination_port_range = 22 + source_address_prefix = "*" + destination_application_security_group_ids = ["${azurerm_application_security_group.common.id}"] + resource_group_name = "${var.resource_group}" + network_security_group_name = "${azurerm_network_security_group.common.name}" +} + +resource "azurerm_network_security_rule" "common_any_outbound" { + name = "${local.resource_prefix}-common-any-outbound" + priority = 101 + direction = "Outbound" + access = "Allow" + protocol = "*" + source_port_range = "*" + destination_port_range = "*" + source_application_security_group_ids = ["${azurerm_application_security_group.common.id}"] + destination_address_prefix = "*" + resource_group_name = "${var.resource_group}" + network_security_group_name = "${azurerm_network_security_group.common.name}" +} + +# all vms can any outbound, allow all members of common asg inbound, in effect no firewall between all cf machines +resource "azurerm_network_security_rule" "common_members_inbound" { + name = "${local.resource_prefix}-common-members_inbound" + priority = 102 + direction = "Inbound" + access = "Allow" + protocol = "*" + source_port_range = "*" + destination_port_range = "*" + source_application_security_group_ids = ["${azurerm_application_security_group.common.id}"] + destination_application_security_group_ids = ["${azurerm_application_security_group.common.id}"] + resource_group_name = "${var.resource_group}" + network_security_group_name = "${azurerm_network_security_group.common.name}" +} + +resource "azurerm_network_security_rule" "cfme_web_inbound" { + name = "${local.resource_prefix}-cfme-web-inbound" + priority = 103 // anything after this can be 103, our lowest priority + direction = "Inbound" + access = "Allow" + protocol = "TCP" + source_port_range = "*" + destination_port_ranges = [80,443] + source_address_prefix = "*" + destination_application_security_group_ids = ["${azurerm_application_security_group.cfme.id}"] + resource_group_name = "${var.resource_group}" + network_security_group_name = "${azurerm_network_security_group.cfme.name}" +} + +# admin group for ocf +resource "azurerm_network_security_rule" "common_admin_inbound" { + name = "${local.resource_prefix}-common-ssh-inbound" + priority = 100 + direction = "Inbound" + access = "Allow" + protocol = "TCP" + source_port_range = "*" + destination_port_ranges = [22,80,443,5432] + source_address_prefixes = ["217.155.207.31/32","213.121.193.240/28"] + destination_application_security_group_ids = ["${azurerm_application_security_group.common.id}"] + resource_group_name = "${var.resource_group}" + network_security_group_name = "${azurerm_network_security_group.common.name}" +} + +##### outputs + +# output "availability_set_cfme_id" { +# value = "${azurerm_availability_set.cfme.id}" +# } + +# output "availability_set_cfdb_id" { +# value = "${azurerm_availability_set.cfdb.id}" +# } + +output "asg_common_id" { + value = "${azurerm_application_security_group.common.id}" +} + +output "asg_cfme_id" { + value = "${azurerm_application_security_group.cfme.id}" +} + +data "azurerm_subnet" "subnet_output" { + name = "${var.subnet}" + virtual_network_name = "${var.vnet}" + resource_group_name = "${var.resource_group}" +} + +output "subnet_id" { + value = "${data.azurerm_subnet.subnet_output.id}" +} + +output "location" { + value = "${var.location}" +} + +output "resource_group" { + value = "${var.resource_group}" +} + +output "environment" { + value = "${var.environment}" +} diff --git a/multiple_instance_asg_cfme_modules_v2/01_azure_network/variables.tf b/multiple_instance_asg_cfme_modules_v2/01_azure_network/variables.tf new file mode 100755 index 0000000..0295836 --- /dev/null +++ b/multiple_instance_asg_cfme_modules_v2/01_azure_network/variables.tf @@ -0,0 +1,24 @@ +variable "environment" { + default = "dev" +} + +#az resource list -o table +variable "location" { + default = "uksouth" +} + +#az resource list -o table +variable "resource_group" { + default = "UI-SPP-DEV-001" +} + +#az network vnet list -o table +variable "vnet" { + default = "UI-SPP-DEV-001-vnet" +} + +#az network vnet show -g nottsdemo2 -n nottsdemo2-vnet -o table +#az network vnet subnet list -g nottsdemo2 --vnet-name nottsdemo2-vnet -o table +variable "subnet" { + default = "default" #the default subnet is named default, thus we set the default value of the variable to have value default - confusing +} diff --git a/multiple_instance_asg_cfme_modules_v2/02_azure_region/main.tf b/multiple_instance_asg_cfme_modules_v2/02_azure_region/main.tf new file mode 100755 index 0000000..e1d6b6b --- /dev/null +++ b/multiple_instance_asg_cfme_modules_v2/02_azure_region/main.tf @@ -0,0 +1,158 @@ + +# using local user auth via "azlogin --use-device-code" and suitable rights +provider "azurerm" { + version = "=1.34.0" + skip_provider_registration = true // https://www.terraform.io/docs/providers/azurerm/index.html#skip_provider_registration UON account rights restricted +} + +##### set data object from remote state used to build network + +data "terraform_remote_state" "network" { + backend = "local" + + config = { + path = "../01_azure_network/terraform.tfstate" + } +} + +##### create local variables - using to set a meaningful prefix for vms and to load variables from remote state file used to build network + +locals { + # availability_set_cfme_id = "${data.terraform_remote_state.network.outputs.availability_set_cfme_id}" + # availability_set_cfdb_id = "${data.terraform_remote_state.network.outputs.availability_set_cfdb_id}" + asg_common_id = "${data.terraform_remote_state.network.outputs.asg_common_id}" + asg_cfme_id = "${data.terraform_remote_state.network.outputs.asg_cfme_id}" + subnet_id = "${data.terraform_remote_state.network.outputs.subnet_id}" + location = "${data.terraform_remote_state.network.outputs.location}" + resource_group = "${data.terraform_remote_state.network.outputs.resource_group}" + environment = "${data.terraform_remote_state.network.outputs.environment}" + resource_prefix = "${local.environment}-${var.cf_region}-${var.cf_zone}" + } + +# require image id as we are using our own vhd derived image + +data "azurerm_image" "search_os_image" { + name = "${var.os_image}" + resource_group_name = "${local.resource_group}" +} + +##### virtual machines, nics and public ips + +module "vm_cfme" { + source = "../modules/azure_instance" + resourcecount = "${var.cfme_instance_count}" + prefix = "${local.resource_prefix}-cfme" + location = "${local.location}" + resourcegroup = "${local.resource_group}" + vmsize = "${var.azvm_size}" + imageid = "${data.azurerm_image.search_os_image.id}" + username = "${var.admin_username}" + password = "${var.admin_password}" + sshpubkey = "${var.admin_ssh_pub_key_file}" + subnetid = "${local.subnet_id}" + #applicationsecuritygroupids = ["${azurerm_application_security_group.common.id}","${azurerm_application_security_group.cfme.id}"] + applicationsecuritygroupids = ["${local.asg_common_id}","${local.asg_cfme_id}"] + #availabilitysetid = "${azurerm_availability_set.cfme.id}" + # availabilitysetid = "${local.availability_set_cfme_id}" +} + +module "vm_cfdb_active" { + source = "../modules/azure_instance_data_disk" + resourcecount = "${var.cfdb_instance_count}" + prefix = "${local.resource_prefix}-cfdb-active" + location = "${local.location}" + resourcegroup = "${local.resource_group}" + vmsize = "${var.azvm_size}" + imageid = "${data.azurerm_image.search_os_image.id}" + datadisksizegb = 64 + username = "${var.admin_username}" + password = "${var.admin_password}" + sshpubkey = "${var.admin_ssh_pub_key_file}" + subnetid = "${local.subnet_id}" + #applicationsecuritygroupids = ["${azurerm_application_security_group.common.id}"] + applicationsecuritygroupids = ["${local.asg_common_id}"] + #availabilitysetid = "${azurerm_availability_set.cfdb.id}" + # availabilitysetid = "${local.availability_set_cfdb_id}" +} + +module "vm_cfdb_passive" { + source = "../modules/azure_instance_data_disk" + resourcecount = "${var.cfdb_instance_count}" + prefix = "${local.resource_prefix}-cfdb-passive" + location = "${local.location}" + resourcegroup = "${local.resource_group}" + vmsize = "${var.azvm_size}" + imageid = "${data.azurerm_image.search_os_image.id}" + datadisksizegb = 64 + username = "${var.admin_username}" + password = "${var.admin_password}" + sshpubkey = "${var.admin_ssh_pub_key_file}" + subnetid = "${local.subnet_id}" + #applicationsecuritygroupids = ["${azurerm_application_security_group.common.id}"] + applicationsecuritygroupids = ["${local.asg_common_id}"] + #availabilitysetid = "${azurerm_availability_set.cfdb.id}" + # availabilitysetid = "${local.availability_set_cfdb_id}" +} + +##### outputs after terraform run + +# output "subnet_id" { +# value = "${local.subnet_id}" +# } + +# output "os_image_id" { +# value = "${data.azurerm_image.search_os_image.id}" +# } + +# output "os_image_size" { +# value = "${data.azurerm_image.search_os_image.os_disk}" +# } + +output "cfme_machine_name_list" { + value = "${module.vm_cfme.vmname.*}" +} +output "cfme_private_ip_list" { + value = "${module.vm_cfme.pvtip.*}" +} + +output "cfme_public_ip_list" { + value = "${module.vm_cfme.pubip.*}" +} + +output "cfdb_active_machine_name_list" { + value = "${module.vm_cfdb_active.vmname.*}" +} +output "cfdb_active_private_ip_list" { + value = "${module.vm_cfdb_active.pvtip.*}" +} + +output "cfdb_active_public_ip_list" { + value = "${module.vm_cfdb_active.pubip.*}" +} + +output "cfdb_passive_machine_name_list" { + value = "${module.vm_cfdb_passive.vmname.*}" +} +output "cfdb_passive_private_ip_list" { + value = "${module.vm_cfdb_passive.pvtip.*}" +} + +output "cfdb_passive_public_ip_list" { + value = "${module.vm_cfdb_passive.pubip.*}" +} + +##### render template to create ansible inventory + +data "template_file" "cf_inventory" { + template = "${file("../templates/cf_inventory.tpl")}" + vars = { + cfme = "${join("\n", module.vm_cfme.pubip.*)}" + cfdb_active = "${join("\n", module.vm_cfdb_active.pubip.*)}" + cfdb_passive = "${join("\n", module.vm_cfdb_passive.pubip.*)}" + } +} + +resource "local_file" "cf_inventory" { + content = "${data.template_file.cf_inventory.rendered}" + filename = "../ansible_inventory/inventory-${local.resource_prefix}.ini" +} diff --git a/multiple_instance_asg_cfme_modules_v2/02_azure_region/variables.tf b/multiple_instance_asg_cfme_modules_v2/02_azure_region/variables.tf new file mode 100755 index 0000000..2aebfee --- /dev/null +++ b/multiple_instance_asg_cfme_modules_v2/02_azure_region/variables.tf @@ -0,0 +1,46 @@ +variable "cfme_instance_count" { // active-active cfmes - more can be added for other worker roles + default = 2 +} + +variable "cfdb_instance_count" { // there are two cfdb's we use this count twice, one for active, one for passive - dont change + default = 1 +} + +variable "cf_region" { + default = "rAZ" +} + +variable "cf_zone"{ + default = "zAZ" +} + +#az vm list-skus -l westeurope --size Standard_D -o table +variable "azvm_size" { + #default = "Standard_B1ms" + default = "Standard_D4_v3" +} + +# az storage blob list -c "disk" -o table +variable "os_image" { + #default = "centos7ocf" + default = "cfme-azure-5.10.11.0-1.x86_64" +} + +# set admin user/password/key +variable "admin_username" { + default = "ocfadmin" +} + +variable "admin_password" { + default = "UnHh9PEQnC7gDqvKaYZK" +} + +# string for multiple pub keys "\n" +variable "admin_ssh_pub_key" { + type = "string" + default = "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAm+l9n70tSvow56eOLhDZT8VLCmU9MCjUa7d2v0fH2ix/mdWy+RUo9c24U9WJmBlxpAmMDpSxlFcOpBwk1y+tWC/24YJ+m0/6YGWTzbl84GCjdBfrWcTuV5MFYvkYfq8lx3VESyZrYVmoC9Shwtj825YjfVpWqWvFw2kJznyOHWSGv60j6AJyzoT8rWCt4tSusEVzwup7UWF8TDIB6GXO3hqBZcCo3mfyuWkAswkEbX8SKIXqlNUZWMsxdS5ZpodigG6pj9fIsob8P+PxXF7YQiPo4W1uDHGoh0033oLb2fQULs4VjwqNVUE4dKkruFdNupBNCY3BJWHMT/mDOnUiww==" +} + +variable "admin_ssh_pub_key_file" { + default = "~/keys/toby@TOBY-L19.openssh.pub" +} \ No newline at end of file diff --git a/multiple_instance_asg_cfme_modules_v2/03_master_region/main.tf b/multiple_instance_asg_cfme_modules_v2/03_master_region/main.tf new file mode 100755 index 0000000..1ee2d7c --- /dev/null +++ b/multiple_instance_asg_cfme_modules_v2/03_master_region/main.tf @@ -0,0 +1,181 @@ + +# using local user auth via "azlogin --use-device-code" and suitable rights +provider "azurerm" { + version = "=1.34.0" + skip_provider_registration = true // https://www.terraform.io/docs/providers/azurerm/index.html#skip_provider_registration UON account rights restricted +} + +##### set data object from remote state used to build network + +data "terraform_remote_state" "network" { + backend = "local" + + config = { + path = "../01_azure_network/terraform.tfstate" + } +} + +##### create local variables - using to set a meaningful prefix for vms and to load variables from remote state file used to build network + +locals { + # availability_set_cfme_id = "${data.terraform_remote_state.network.outputs.availability_set_cfme_id}" + # availability_set_cfdb_id = "${data.terraform_remote_state.network.outputs.availability_set_cfdb_id}" + asg_common_id = "${data.terraform_remote_state.network.outputs.asg_common_id}" + asg_cfme_id = "${data.terraform_remote_state.network.outputs.asg_cfme_id}" + subnet_id = "${data.terraform_remote_state.network.outputs.subnet_id}" + location = "${data.terraform_remote_state.network.outputs.location}" + resource_group = "${data.terraform_remote_state.network.outputs.resource_group}" + environment = "${data.terraform_remote_state.network.outputs.environment}" + resource_prefix = "${local.environment}-${var.cf_region}-${var.cf_zone}" + } + +# require image id as we are using our own vhd derived image + +data "azurerm_image" "search_os_image" { + name = "${var.os_image}" + resource_group_name = "${local.resource_group}" +} + +##### loadbalancer -- all needs cfme in name + +module "lb_cfme" { + source = "../modules/azure_lb" + prefix = "${local.resource_prefix}-cfme" + location = "${local.location}" + resourcegroup = "${local.resource_group}" + subnetid = "${local.subnet_id}" + lbport = { + http = ["80", "Tcp", "80"] + https = ["443", "Tcp", "443"] + ssh = ["22", "Tcp", "22"] // to test lb before web services built + } +} + +##### virtual machines, nics and public ips + +module "vm_cfme" { + source = "../modules/azure_instance" + resourcecount = "${var.cfme_instance_count}" + prefix = "${local.resource_prefix}-cfme" + location = "${local.location}" + resourcegroup = "${local.resource_group}" + vmsize = "${var.azvm_size}" + imageid = "${data.azurerm_image.search_os_image.id}" + username = "${var.admin_username}" + password = "${var.admin_password}" + sshpubkey = "${var.admin_ssh_pub_key_file}" + subnetid = "${local.subnet_id}" + applicationsecuritygroupids = ["${local.asg_common_id}","${local.asg_cfme_id}"] + # availabilitysetid = "${local.availability_set_cfme_id}" + loadbalancerbackendaddresspoolsids = ["${module.lb_cfme.loadbalancerbackendaddresspoolsid}"] +} + +module "vm_cfdb_active" { + source = "../modules/azure_instance_data_disk" + resourcecount = "${var.cfdb_instance_count}" + prefix = "${local.resource_prefix}-cfdb-active" + location = "${local.location}" + resourcegroup = "${local.resource_group}" + vmsize = "${var.azvm_size}" + imageid = "${data.azurerm_image.search_os_image.id}" + datadisksizegb = 64 + username = "${var.admin_username}" + password = "${var.admin_password}" + sshpubkey = "${var.admin_ssh_pub_key_file}" + subnetid = "${local.subnet_id}" + applicationsecuritygroupids = ["${local.asg_common_id}"] + # availabilitysetid = "${local.availability_set_cfdb_id}" +} + +module "vm_cfdb_passive" { + source = "../modules/azure_instance_data_disk" + resourcecount = "${var.cfdb_instance_count}" + prefix = "${local.resource_prefix}-cfdb-passive" + location = "${local.location}" + resourcegroup = "${local.resource_group}" + vmsize = "${var.azvm_size}" + imageid = "${data.azurerm_image.search_os_image.id}" + datadisksizegb = 64 + username = "${var.admin_username}" + password = "${var.admin_password}" + sshpubkey = "${var.admin_ssh_pub_key_file}" + subnetid = "${local.subnet_id}" + #applicationsecuritygroupids = ["${azurerm_application_security_group.common.id}"] + applicationsecuritygroupids = ["${local.asg_common_id}"] + #availabilitysetid = "${azurerm_availability_set.cfdb.id}" + #availabilitysetid = "${local.availability_set_cfdb_id}" +} + +##### outputs after terraform run + +# output "subnet_id" { +# value = "${local.subnet_id}" +# } + +# output "os_image_id" { +# value = "${data.azurerm_image.search_os_image.id}" +# } + +# output "os_image_size" { +# value = "${data.azurerm_image.search_os_image.os_disk}" +# } + +output "cfme_machine_name_list" { + value = "${module.vm_cfme.vmname.*}" +} +output "cfme_private_ip_list" { + value = "${module.vm_cfme.pvtip.*}" +} + +output "cfme_public_ip_list" { + value = "${module.vm_cfme.pubip.*}" +} + +output "cfdb_active_machine_name_list" { + value = "${module.vm_cfdb_active.vmname.*}" +} +output "cfdb_active_private_ip_list" { + value = "${module.vm_cfdb_active.pvtip.*}" +} + +output "cfdb_active_public_ip_list" { + value = "${module.vm_cfdb_active.pubip.*}" +} + +output "cfdb_passive_machine_name_list" { + value = "${module.vm_cfdb_passive.vmname.*}" +} +output "cfdb_passive_private_ip_list" { + value = "${module.vm_cfdb_passive.pvtip.*}" +} + +output "cfdb_passive_public_ip_list" { + value = "${module.vm_cfdb_passive.pubip.*}" +} + +output "cfme_lb_public_ip" { + value = "${module.lb_cfme.pubip}" +} + +##### render template to create ansible inventory + +data "template_file" "cf_inventory" { + template = "${file("../templates/cf_inventory.tpl")}" + vars = { + cfme = "${join("\n", module.vm_cfme.pubip.*)}" + cfdb_active = "${join("\n", module.vm_cfdb_active.pubip.*)}" + cfdb_passive = "${join("\n", module.vm_cfdb_passive.pubip.*)}" + } +} + +resource "local_file" "cf_inventory" { + content = "${data.template_file.cf_inventory.rendered}" + filename = "../ansible_inventory/inventory-${local.resource_prefix}.ini" +} + + +# TODO + +# put in application-gateway/lbl - leave until we have dns zone + fqdn and certificate +# https://github.com/hashicorp/terraform/issues/18664 +# https://www.terraform.io/docs/providers/azurerm/r/application_gateway.html diff --git a/multiple_instance_asg_cfme_modules_v2/03_master_region/variables.tf b/multiple_instance_asg_cfme_modules_v2/03_master_region/variables.tf new file mode 100755 index 0000000..053a59f --- /dev/null +++ b/multiple_instance_asg_cfme_modules_v2/03_master_region/variables.tf @@ -0,0 +1,46 @@ +variable "cfme_instance_count" { // active-active cfmes - more can be added for other worker roles + default = 2 +} + +variable "cfdb_instance_count" { // there are two cfdb's we use this count twice, one for active, one for passive - dont change + default = 1 +} + +variable "cf_region" { + default = "rMSTR" +} + +variable "cf_zone"{ + default = "zMSTR" +} + +#az vm list-skus -l westeurope --size Standard_D -o table +variable "azvm_size" { + #default = "Standard_B1ms" + default = "Standard_D4_v3" +} + +# az storage blob list -c "disk" -o table +variable "os_image" { + #default = "centos7ocf" + default = "cfme-azure-5.10.11.0-1.x86_64" +} + +# set admin user/password/key +variable "admin_username" { + default = "ocfadmin" +} + +variable "admin_password" { + default = "UnHh9PEQnC7gDqvKaYZK" +} + +# string for multiple pub keys "\n" +variable "admin_ssh_pub_key" { + type = "string" + default = "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAm+l9n70tSvow56eOLhDZT8VLCmU9MCjUa7d2v0fH2ix/mdWy+RUo9c24U9WJmBlxpAmMDpSxlFcOpBwk1y+tWC/24YJ+m0/6YGWTzbl84GCjdBfrWcTuV5MFYvkYfq8lx3VESyZrYVmoC9Shwtj825YjfVpWqWvFw2kJznyOHWSGv60j6AJyzoT8rWCt4tSusEVzwup7UWF8TDIB6GXO3hqBZcCo3mfyuWkAswkEbX8SKIXqlNUZWMsxdS5ZpodigG6pj9fIsob8P+PxXF7YQiPo4W1uDHGoh0033oLb2fQULs4VjwqNVUE4dKkruFdNupBNCY3BJWHMT/mDOnUiww==" +} + +variable "admin_ssh_pub_key_file" { + default = "~/keys/toby@TOBY-L19.openssh.pub" +} diff --git a/multiple_instance_asg_cfme_modules_v2/README.txt b/multiple_instance_asg_cfme_modules_v2/README.txt new file mode 100755 index 0000000..d3b904e --- /dev/null +++ b/multiple_instance_asg_cfme_modules_v2/README.txt @@ -0,0 +1,19 @@ +This uses the cfme image which doesnt have cloud init, but does have azure agent, thus any custom configuration must be performed via the remote-exec inline function, or local-exec invoking ansible. + +Populate the following variables for the target environment, check variables.tf for az cli commands to obtain the required values. + +variable "location" { + default = "westeurope" +} + +variable "resource_group" { + default = "nottsdemo2" +} + +variable "vnet" { + default = "nottsdemo2-vnet" +} + +variable "subnet" { + default = "default" +} diff --git a/multiple_instance_asg_cfme_modules_v2/modules/azure_instance/azure_instance.tf b/multiple_instance_asg_cfme_modules_v2/modules/azure_instance/azure_instance.tf new file mode 100755 index 0000000..30f91ed --- /dev/null +++ b/multiple_instance_asg_cfme_modules_v2/modules/azure_instance/azure_instance.tf @@ -0,0 +1,78 @@ +module "azure_nic" { + source = "../azure_nic" + resourcecount = "${var.resourcecount}" + prefix = "${var.prefix}" + location = "${var.location}" + resourcegroup = "${var.resourcegroup}" + subnetid = "${var.subnetid}" + applicationsecuritygroupids = "${var.applicationsecuritygroupids}" + loadbalancerbackendaddresspoolsids = "${var.loadbalancerbackendaddresspoolsids}" +} + +resource "azurerm_virtual_machine" "vminstance" { + count = "${var.resourcecount}" + name = "${var.prefix}${count.index}" + location = "${var.location}" + resource_group_name = "${var.resourcegroup}" + network_interface_ids = ["${element(module.azure_nic.nicid.*, count.index)}"] + + vm_size = "${var.vmsize}" + availability_set_id = "${var.availabilitysetid}" + + delete_os_disk_on_termination = true + delete_data_disks_on_termination = true + + storage_image_reference { + id = "${var.imageid}" + } + + storage_os_disk { + name = "${var.prefix}${count.index}-os" + caching = "ReadWrite" + create_option = "FromImage" + managed_disk_type = "Standard_LRS" + } + + os_profile { + computer_name = "${var.prefix}${count.index}" + admin_username = "${var.username}" + admin_password = "${var.password}" // not required if azure agent or cloud-init run, a full azure agent populated /etc/sudoers.d/waagent with the admin username + } + + os_profile_linux_config { + disable_password_authentication = true // false to login, when true create a service account and ssh keypair + ssh_keys { + path = "/home/${var.username}/.ssh/authorized_keys" + key_data = "${file("${var.sshpubkey}")}" + // key_data = "${var.sshpubkey}" // if embedding keys in string + } + } + + provisioner "remote-exec" { + connection { + type = "ssh" + host = "${element(module.azure_nic.pubip.*, count.index)}" + user = "${var.username}" + //password = "${var.password}" + private_key = "${file("~/.ssh/id_rsa")}" + } + + // cfme appliance image runs azure agent but not cloud-init, use inline to work around. + inline = [ + "hostname -s;hostname -i;whoami", + ] + } +} + +output "vmname" { + value = "${azurerm_virtual_machine.vminstance.*.name}" +} + +output "pvtip" { + value = "${module.azure_nic.pvtip.*}" // chain (child) module outputs up to the calling tf +} + +output "pubip" { + value = "${module.azure_nic.pubip.*}" // chain (child) module outputs up to the calling tf +} + diff --git a/multiple_instance_asg_cfme_modules_v2/modules/azure_instance/variables.tf b/multiple_instance_asg_cfme_modules_v2/modules/azure_instance/variables.tf new file mode 100755 index 0000000..b146399 --- /dev/null +++ b/multiple_instance_asg_cfme_modules_v2/modules/azure_instance/variables.tf @@ -0,0 +1,16 @@ +variable "resourcecount" {} +variable "prefix" {} +variable "location" {} +variable "resourcegroup" {} +variable "vmsize" {} +variable "imageid" {} +variable "username" {} +variable "password" {} +variable "sshpubkey" {} +variable "subnetid" {} +variable "applicationsecuritygroupids" { type = "list" } +variable "availabilitysetid" { default = "" } +variable "loadbalancerbackendaddresspoolsids" { + type = "list" + default = [] +} \ No newline at end of file diff --git a/multiple_instance_asg_cfme_modules_v2/modules/azure_instance_data_disk/azure_instance.tf b/multiple_instance_asg_cfme_modules_v2/modules/azure_instance_data_disk/azure_instance.tf new file mode 100755 index 0000000..52fb172 --- /dev/null +++ b/multiple_instance_asg_cfme_modules_v2/modules/azure_instance_data_disk/azure_instance.tf @@ -0,0 +1,86 @@ +module "azure_nic" { + source = "../azure_nic" + resourcecount = "${var.resourcecount}" + prefix = "${var.prefix}" + location = "${var.location}" + resourcegroup = "${var.resourcegroup}" + subnetid = "${var.subnetid}" + applicationsecuritygroupids = "${var.applicationsecuritygroupids}" +} + +resource "azurerm_virtual_machine" "vminstance" { + count = "${var.resourcecount}" + name = "${var.prefix}${count.index}" + location = "${var.location}" + resource_group_name = "${var.resourcegroup}" + network_interface_ids = ["${element(module.azure_nic.nicid.*, count.index)}"] + + vm_size = "${var.vmsize}" + availability_set_id = "${var.availabilitysetid}" + + delete_os_disk_on_termination = true + delete_data_disks_on_termination = true + + storage_image_reference { + id = "${var.imageid}" + } + + storage_os_disk { + name = "${var.prefix}${count.index}-os" + caching = "ReadWrite" + create_option = "FromImage" + managed_disk_type = "Standard_LRS" + } + + storage_data_disk { + name = "${var.prefix}${count.index}-data" + caching = "ReadWrite" + create_option = "Empty" + disk_size_gb = "${var.datadisksizegb}" + managed_disk_type = "Standard_LRS" + lun = 0 + } + + os_profile { + computer_name = "${var.prefix}${count.index}" + admin_username = "${var.username}" + admin_password = "${var.password}" // not required if azure agent or cloud-init run, a full azure agent populated /etc/sudoers.d/waagent with the admin username + } + + os_profile_linux_config { + disable_password_authentication = true // false to login, when true create a service account and ssh keypair + ssh_keys { + path = "/home/${var.username}/.ssh/authorized_keys" + key_data = "${file("${var.sshpubkey}")}" + // key_data = "${var.sshpubkey}" // if embedding keys in string + } + } + + provisioner "remote-exec" { + connection { + type = "ssh" + host = "${element(module.azure_nic.pubip.*, count.index)}" + user = "${var.username}" + //password = "${var.password}" + private_key = "${file("~/.ssh/id_rsa")}" + } + + // cfme appliance image runs azure agent but not cloud-init, use inline to work around. + inline = [ + "hostname -s;hostname -i;whoami", + ] + } +} + +output "vmname" { + value = "${azurerm_virtual_machine.vminstance.*.name}" +} + +output "pvtip" { + value = "${module.azure_nic.pvtip.*}" // chain (child) module outputs up to the calling tf +} + +output "pubip" { + value = "${module.azure_nic.pubip.*}" // chain (child) module outputs up to the calling tf +} + diff --git a/multiple_instance_asg_cfme_modules_v2/modules/azure_instance_data_disk/variables.tf b/multiple_instance_asg_cfme_modules_v2/modules/azure_instance_data_disk/variables.tf new file mode 100755 index 0000000..628ff1d --- /dev/null +++ b/multiple_instance_asg_cfme_modules_v2/modules/azure_instance_data_disk/variables.tf @@ -0,0 +1,13 @@ +variable "resourcecount" {} +variable "prefix" {} +variable "location" {} +variable "resourcegroup" {} +variable "vmsize" {} +variable "imageid" {} +variable "datadisksizegb" {} +variable "username" {} +variable "password" {} +variable "sshpubkey" {} +variable "subnetid" {} +variable "applicationsecuritygroupids" { type = "list" } +variable "availabilitysetid" { default = "" } \ No newline at end of file diff --git a/multiple_instance_asg_cfme_modules_v2/modules/azure_lb/azure_lb.tf b/multiple_instance_asg_cfme_modules_v2/modules/azure_lb/azure_lb.tf new file mode 100755 index 0000000..4ae4f5d --- /dev/null +++ b/multiple_instance_asg_cfme_modules_v2/modules/azure_lb/azure_lb.tf @@ -0,0 +1,61 @@ +resource "azurerm_public_ip" "lbpubip" { + name = "${var.prefix}-lb" + location = "${var.location}" + resource_group_name = "${var.resourcegroup}" + allocation_method = "Static" + #domain_name_label = "${var.dns_name}" // add fqdn here +} + +resource "azurerm_lb" "azlb" { + name = "${var.prefix}-lb" + resource_group_name = "${var.resourcegroup}" + location = "${var.location}" + + frontend_ip_configuration { + name = "LoadBalancerFrontEnd" + public_ip_address_id = "${azurerm_public_ip.lbpubip.id}" + } +} + +resource "azurerm_lb_backend_address_pool" "azlb" { + resource_group_name = "${var.resourcegroup}" + loadbalancer_id = "${azurerm_lb.azlb.id}" + name = "BackEndAddressPool" +} + +resource "azurerm_lb_probe" "azlb" { + count = "${length(var.lbport)}" + resource_group_name = "${var.resourcegroup}" + loadbalancer_id = "${azurerm_lb.azlb.id}" + name = "${element(keys(var.lbport), count.index)}" + protocol = "${element(var.lbport["${element(keys(var.lbport), count.index)}"], 1)}" + port = "${element(var.lbport["${element(keys(var.lbport), count.index)}"], 2)}" + #interval_in_seconds = "${var.lb_probe_interval}" + #number_of_probes = "${var.lb_probe_unhealthy_threshold}" + interval_in_seconds = 5 + number_of_probes = 2 +} + +resource "azurerm_lb_rule" "azlb" { + count = "${length(var.lbport)}" + resource_group_name = "${var.resourcegroup}" + loadbalancer_id = "${azurerm_lb.azlb.id}" + name = "${element(keys(var.lbport), count.index)}" + protocol = "${element(var.lbport["${element(keys(var.lbport), count.index)}"], 1)}" + frontend_port = "${element(var.lbport["${element(keys(var.lbport), count.index)}"], 0)}" + backend_port = "${element(var.lbport["${element(keys(var.lbport), count.index)}"], 2)}" + frontend_ip_configuration_name = "LoadBalancerFrontEnd" + enable_floating_ip = false + backend_address_pool_id = "${azurerm_lb_backend_address_pool.azlb.id}" + idle_timeout_in_minutes = 5 + probe_id = "${element(azurerm_lb_probe.azlb.*.id,count.index)}" + depends_on = ["azurerm_lb_probe.azlb"] +} + +output "pubip" { + value = "${azurerm_public_ip.lbpubip.*.ip_address}" +} + +output "loadbalancerbackendaddresspoolsid" { + value = "${azurerm_lb_backend_address_pool.azlb.id}" +} \ No newline at end of file diff --git a/multiple_instance_asg_cfme_modules_v2/modules/azure_lb/variables.tf b/multiple_instance_asg_cfme_modules_v2/modules/azure_lb/variables.tf new file mode 100755 index 0000000..da1445e --- /dev/null +++ b/multiple_instance_asg_cfme_modules_v2/modules/azure_lb/variables.tf @@ -0,0 +1,5 @@ +variable "prefix" {} +variable "location" {} +variable "resourcegroup" {} +variable "subnetid" {} +variable "lbport" {} \ No newline at end of file diff --git a/multiple_instance_asg_cfme_modules_v2/modules/azure_nic/azure_nic.tf b/multiple_instance_asg_cfme_modules_v2/modules/azure_nic/azure_nic.tf new file mode 100755 index 0000000..8e73415 --- /dev/null +++ b/multiple_instance_asg_cfme_modules_v2/modules/azure_nic/azure_nic.tf @@ -0,0 +1,40 @@ +module "azure_pubip" { + source = "../azure_pubip" + resourcecount = "${var.resourcecount}" + prefix = "${var.prefix}" + location = "${var.location}" + resourcegroup = "${var.resourcegroup}" +} + +resource "azurerm_network_interface" "nic" { + count = "${var.resourcecount}" + name = "${var.prefix}${count.index}" + location = "${var.location}" + resource_group_name = "${var.resourcegroup}" + + ip_configuration { + name = "${var.prefix}${count.index}" + subnet_id = "${var.subnetid}" + private_ip_address_allocation = "Dynamic" + public_ip_address_id = "${element(module.azure_pubip.pubipid.*, count.index)}" + application_security_group_ids = "${var.applicationsecuritygroupids}" + load_balancer_backend_address_pools_ids = "${var.loadbalancerbackendaddresspoolsids}" + #load_balancer_backend_address_pools_ids = ["${}"] + #loadbalancer = ${var.type == "public" ? 1 : 0} + } +} + + + + +output "nicid" { + value = "${azurerm_network_interface.nic.*.id}" +} + +output "pvtip" { + value = "${azurerm_network_interface.nic.*.private_ip_address}" +} + +output "pubip" { + value = "${module.azure_pubip.pubip.*}" // chain (child) module outputs up to the calling tf +} diff --git a/multiple_instance_asg_cfme_modules_v2/modules/azure_nic/variables.tf b/multiple_instance_asg_cfme_modules_v2/modules/azure_nic/variables.tf new file mode 100755 index 0000000..86ea18c --- /dev/null +++ b/multiple_instance_asg_cfme_modules_v2/modules/azure_nic/variables.tf @@ -0,0 +1,10 @@ +variable "resourcecount" {} +variable "prefix" {} +variable "location" {} +variable "resourcegroup" {} +variable "subnetid" {} +variable "applicationsecuritygroupids" { type = "list" } +variable "loadbalancerbackendaddresspoolsids" { + type = "list" + default = [] +} diff --git a/multiple_instance_asg_cfme_modules_v2/modules/azure_pubip/azure_pubip.tf b/multiple_instance_asg_cfme_modules_v2/modules/azure_pubip/azure_pubip.tf new file mode 100755 index 0000000..bb785bc --- /dev/null +++ b/multiple_instance_asg_cfme_modules_v2/modules/azure_pubip/azure_pubip.tf @@ -0,0 +1,15 @@ +resource "azurerm_public_ip" "pubip" { + count = "${var.resourcecount}" + name = "${var.prefix}${count.index}" + location = "${var.location}" + resource_group_name = "${var.resourcegroup}" + allocation_method = "Static" + #domain_name_label = "${var.dns_name}" // add fqdn here +} + +output "pubipid" { + value = "${azurerm_public_ip.pubip.*.id}" +} +output "pubip" { + value = "${azurerm_public_ip.pubip.*.ip_address}" +} \ No newline at end of file diff --git a/multiple_instance_asg_cfme_modules_v2/modules/azure_pubip/variables.tf b/multiple_instance_asg_cfme_modules_v2/modules/azure_pubip/variables.tf new file mode 100755 index 0000000..e9586fd --- /dev/null +++ b/multiple_instance_asg_cfme_modules_v2/modules/azure_pubip/variables.tf @@ -0,0 +1,4 @@ +variable "resourcecount" {} +variable "prefix" {} +variable "location" {} +variable "resourcegroup" {} diff --git a/multiple_instance_asg_cfme_modules_v2/templates/cf_inventory.tpl b/multiple_instance_asg_cfme_modules_v2/templates/cf_inventory.tpl new file mode 100755 index 0000000..f4b7928 --- /dev/null +++ b/multiple_instance_asg_cfme_modules_v2/templates/cf_inventory.tpl @@ -0,0 +1,6 @@ +[cfme] +${cfme} +[cfdb_active] +${cfdb_active} +[cfdb_passive] +${cfdb_passive} diff --git a/single_instance/main.tf b/single_instance/main.tf new file mode 100755 index 0000000..f87cf07 --- /dev/null +++ b/single_instance/main.tf @@ -0,0 +1,133 @@ +# using service principle - need to create this "service account to use this" +# provider "azurerm" { +# environment = "public" +# subscription_id = "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" +# client_id = "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" +# client_secret = "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" +# tenant_id = "e790ea08-42f3-46fa-8819-aca5c465e424" +# } + +# using local user auth +provider "azurerm" { + version = "=1.34.0" + skip_provider_registration = true // https://www.terraform.io/docs/providers/azurerm/index.html#skip_provider_registration UON account rights restricted +} + +locals { + virtual_machine_pub_ip = "${var.customer}-cfme-pub-ip" + virtual_machine_name = "${var.customer}-cfme" + virtual_machine_nic = "${var.customer}-cfme-nic" + virtual_machine_disk = "${var.customer}-osdisk" +} + +# find image id from image name as we are using our own vhd derived image +data "azurerm_image" "search_os_image" { + name = "${var.os_image}" + resource_group_name = "${var.resource_group}" +} + +# output "os_image_id" { +# value = "${data.azurerm_image.search_os_image.id}" +# } + +resource "azurerm_public_ip" "pubip" { + name = "${local.virtual_machine_pub_ip}" + location = "${var.location}" + resource_group_name = "${var.resource_group}" + allocation_method = "Static" +} + +resource "azurerm_network_interface" "nic" { + name = "${var.customer}-nic" + location = "${var.location}" + resource_group_name = "${var.resource_group}" + + ip_configuration { + name = "${var.customer}-configuration" + subnet_id = "${data.azurerm_subnet.subnet_output.id}" + private_ip_address_allocation = "Dynamic" + public_ip_address_id = "${azurerm_public_ip.pubip.id}" + } +} + +resource "azurerm_virtual_machine" "cfme" { + name = "${local.virtual_machine_name}" + location = "${var.location}" + resource_group_name = "${var.resource_group}" + network_interface_ids = ["${azurerm_network_interface.nic.id}"] + #vm_size = "Standard_B1ms" + vm_size = "Standard_D4_v3" + delete_os_disk_on_termination = true + + # storage_image_reference { + # publisher = "Canonical" + # offer = "UbuntuServer" + # sku = "16.04-LTS" + # version = "latest" + # } + + storage_image_reference { + id = "${data.azurerm_image.search_os_image.id}" + } + + storage_os_disk { + name = "${local.virtual_machine_disk}" + caching = "ReadWrite" + create_option = "FromImage" + managed_disk_type = "Standard_LRS" + } + + os_profile { // use azure agent to setup admin user, this also adds sudoers rule by default + computer_name = "${local.virtual_machine_name}" + admin_username = "${var.admin_username}" + admin_password = "${var.admin_password}" + } + + os_profile_linux_config { // use azure agent to install ssh key + disable_password_authentication = false + ssh_keys { + path = "/home/${var.admin_username}/.ssh/authorized_keys" + #key_data = "${file("~/keys/toby@TOBY-L19.openssh.pub")}" + #key_data = "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAm+l9n70tSvow56eOLhDZT8VLCmU9MCjUa7d2v0fH2ix/mdWy+RUo9c24U9WJmBlxpAmMDpSxlFcOpBwk1y+tWC/24YJ+m0/6YGWTzbl84GCjdBfrWcTuV5MFYvkYfq8lx3VESyZrYVmoC9Shwtj825YjfVpWqWvFw2kJznyOHWSGv60j6AJyzoT8rWCt4tSusEVzwup7UWF8TDIB6GXO3hqBZcCo3mfyuWkAswkEbX8SKIXqlNUZWMsxdS5ZpodigG6pj9fIsob8P+PxXF7YQiPo4W1uDHGoh0033oLb2fQULs4VjwqNVUE4dKkruFdNupBNCY3BJWHMT/mDOnUiww==" + + # either use a local file or use an inline key, maybe required with UON + key_data = "${file("${var.admin_ssh_pub_key_file}")}" + #key_data = "${var.admin_ssh_pub_key}" + } + } + + # remote exec onto host using password + provisioner "remote-exec" { + connection { + type = "ssh" + host = "${azurerm_public_ip.pubip.ip_address}" + user = "${var.admin_username}" + password = "${var.admin_password}" + } + + inline = [ + "ls -la", + ] + } +} + +# lookup subnet id using the subnet name +data "azurerm_subnet" "subnet_output" { + name = "${var.subnet}" + virtual_network_name = "${var.vnet}" + resource_group_name = "${var.resource_group}" +} + +output "subnet_id" { + value = "${data.azurerm_subnet.subnet_output.id}" +} + +# get publlc ip +data "azurerm_public_ip" "output_pub_ip" { + name = "${azurerm_public_ip.pubip.name}" + resource_group_name = "${azurerm_virtual_machine.cfme.resource_group_name}" +} + +output "public_ip_address" { + value = "${data.azurerm_public_ip.output_pub_ip.ip_address}" +} diff --git a/single_instance/variables.tf b/single_instance/variables.tf new file mode 100755 index 0000000..ec6c64f --- /dev/null +++ b/single_instance/variables.tf @@ -0,0 +1,50 @@ +#az resource list -o table +variable "location" { + default = "uksouth" +} + +#az resource list -o table +variable "resource_group" { + default = "UI-SPP-DEV-001" +} + +#az network vnet list -o table +variable "vnet" { + default = "UI-SPP-DEV-001-vnet" +} + +#az network vnet show -g nottsdemo2 -n nottsdemo2-vnet | jq .addressSpace.addressPrefixes +#az network vnet show -g nottsdemo2 -n nottsdemo2-vnet -o table +#az network vnet subnet list -g nottsdemo2 --vnet-name nottsdemo2-vnet -o table +variable "subnet" { + default = "default" #the default subnet is named default, thus we set the default value of the variable to have value default - confusing +} + +# az storage blob list -c "disk" -o table +variable "os_image" { + #default = "centos7ocf" + default = "cfme-azure-5.10.11.0-1.x86_64" +} + +# set admin user/password/key +variable "admin_username" { + default = "ocfadmin" +} + +variable "admin_password" { + default = "Password1234!" +} + +variable "admin_ssh_pub_key" { + type = "string" + default = "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAm+l9n70tSvow56eOLhDZT8VLCmU9MCjUa7d2v0fH2ix/mdWy+RUo9c24U9WJmBlxpAmMDpSxlFcOpBwk1y+tWC/24YJ+m0/6YGWTzbl84GCjdBfrWcTuV5MFYvkYfq8lx3VESyZrYVmoC9Shwtj825YjfVpWqWvFw2kJznyOHWSGv60j6AJyzoT8rWCt4tSusEVzwup7UWF8TDIB6GXO3hqBZcCo3mfyuWkAswkEbX8SKIXqlNUZWMsxdS5ZpodigG6pj9fIsob8P+PxXF7YQiPo4W1uDHGoh0033oLb2fQULs4VjwqNVUE4dKkruFdNupBNCY3BJWHMT/mDOnUiww==" +} + +variable "admin_ssh_pub_key_file" { + default = "~/keys/toby@TOBY-L19.openssh.pub" +} + +# variables to differentiate resource names and environments +variable "customer" { + default = "UONtest" +}