diff --git a/openstack/terraform/00-init.tf b/openstack/terraform/00-init.tf new file mode 100644 index 00000000..fb686072 --- /dev/null +++ b/openstack/terraform/00-init.tf @@ -0,0 +1,18 @@ +terraform { + required_version = ">= 0.14.0" + required_providers { + openstack = { + source = "terraform-provider-openstack/openstack" + version = "1.49.0" + } + } +} + +provider "openstack" { + user_name = var.os_username + user_domain_name = var.os_user_domain_name + project_domain_name = var.os_project_domain_name + password = var.os_password + auth_url = var.auth_url + region = "RegionOne" +} diff --git a/openstack/terraform/00-variables.tf b/openstack/terraform/00-variables.tf new file mode 100644 index 00000000..ab0e5571 --- /dev/null +++ b/openstack/terraform/00-variables.tf @@ -0,0 +1,74 @@ +variable "domain_id" { + type = string + default = "" +} + +variable "cloud" { + type = string + default = "" +} + +variable "nameserver" { + type = string + default = "10.230.64.2" +} + +variable "swift_ip" { + type = string + default = "10.230.19.58" +} + +variable "gateway" { + type = string + defaut = "10.5.0.1" +} + +variable "cidr_ext" { + type = string + default = "10.5.0.0/16" +} + +variable "fip_start" { + type = string + default = "10.5.150.0" +} + +variable "fip_end" { + type = string + default = "10.5.200.254" +} + +variable "cidr_priv" { + type = string + default = "192.168.21.0/24" +} + +variable "net_type" { + type = string + default = "vxlan" +} + +variable "os_username" { + type = string + default = "admin" +} + +variable "os_user_domain_name" { + type = string + default = "admin_domain" +} + +variable "os_project_name" { + type = string + default = "admin" +} + +variable "os_project_domain_name" { + type = string + default = "admin_domain" +} + +variable "os_password" { + type = string + default = "openstack" +} diff --git a/openstack/terraform/01-default-flavors.tf b/openstack/terraform/01-default-flavors.tf new file mode 100644 index 00000000..1ebb2fb8 --- /dev/null +++ b/openstack/terraform/01-default-flavors.tf @@ -0,0 +1,71 @@ +resource "openstack_compute_flavor_v2" "m1_tiny" { + name = "m1.tiny" + ram = "512" + vcpus = "1" + disk = "1" + flavor_id = "1" + is_public = true +} + +resource "openstack_compute_flavor_v2" "m1_small" { + name = "m1.small" + ram = "2048" + vcpus = "1" + disk = "20" + flavor_id = "2" + is_public = true +} + +resource "openstack_compute_flavor_v2" "m1_medium" { + name = "m1.medium" + ram = "4096" + vcpus = "2" + disk = "20" + flavor_id = "3" + is_public = true +} + +resource "openstack_compute_flavor_v2" "m1_large" { + name = "m1.large" + ram = "8192" + vcpus = "4" + disk = "20" + flavor_id = "4" + is_public = true +} + +resource "openstack_compute_flavor_v2" "m1_xlarge" { + name = "m1.xlarge" + ram = "16384" + vcpus = "4" + disk = "20" + flavor_id = "5" + is_public = true +} + +resource "openstack_compute_flavor_v2" "m1_cirros" { + name = "m1.cirros" + ram = "64" + vcpus = "1" + disk = "1" + flavor_id = "6" + is_public = true +} + +resource "openstack_compute_flavor_v2" "m1_tempest" { + name = "m1.tempest" + ram = "256" + vcpus = "1" + disk = "0" + flavor_id = "7" + is_public = true +} + +resource "openstack_compute_flavor_v2" "m2_tempest" { + name = "m2.tempest" + ram = "512" + vcpus = "1" + disk = "0" + flavor_id = "8" + is_public = true +} diff --git a/openstack/terraform/01-default-networks.tf b/openstack/terraform/01-default-networks.tf new file mode 100644 index 00000000..55bb023b --- /dev/null +++ b/openstack/terraform/01-default-networks.tf @@ -0,0 +1,50 @@ +resource "openstack_networking_network_v2" "ext_net" { + name = "ext_net" + admin_state_up = true + shared = true + external = true + + segments { + physical_network = "physnet1" + network_type = var.net_type + } +} + +resource "openstack_networking_subnet_v2" "ext_net_subnet" { + name = "ext_net_subnet" + network_id = openstack_networking_network_v2.ext_net.id + cidr = var.cidr_ext" + gateway_ip = var.gateway + enable_dhcp = false + ip_version = 4 + + dns_nameservers = [ var.nameserver ] + + allocation_pool { + start = var.fip_start + end = var.fip_end + } +} + +resource "openstack_networking_router_v2" "provider-router" { + name = "provider-router" + admin_state_up = true + external_network_id = openstack_networking_network_v2.ext_net.id +} + +resource "openstack_networking_network_v2" "private" { + name = "private" + admin_state_up = "true" +} + +resource "openstack_networking_subnet_v2" "private_subnet" { + name = "private_subnet" + network_id = openstack_networking_network_v2.private.id + cidr = var.cidr_priv + +} + +resource "openstack_networking_router_interface_v2" "private_ext_route" { + router_id = openstack_networking_router_v2.provider-router.id + subnet_id = openstack_networking_subnet_v2.private_subnet.id +} diff --git a/openstack/terraform/01-default-roles.tf b/openstack/terraform/01-default-roles.tf new file mode 100644 index 00000000..aec72c71 --- /dev/null +++ b/openstack/terraform/01-default-roles.tf @@ -0,0 +1,12 @@ +data "openstack_identity_role_v3" "admin"{ + name = "admin" +} + +data "openstack_identity_role_v3" "Member" { + name = "Member" +} + +resource "openstack_identity_role_v3" "ResellerAdmin" { + name = "ResellerAdmin" +} + diff --git a/openstack/terraform/01-heat-roles.tf b/openstack/terraform/01-heat-roles.tf new file mode 100644 index 00000000..6bdb38e5 --- /dev/null +++ b/openstack/terraform/01-heat-roles.tf @@ -0,0 +1,23 @@ +resource "openstack_identity_project_v3" "heat_domain" { + name = "heat" + description = "Stack projects and users" + enabled = true + is_domain = true +} + +resource "openstack_identity_user_v3" "heat_domain_admin" { + domain_id = openstack_identity_project_v3.heat_domain.id + name = "heat_domain_admin" + + password = file("heat-domain-admin-passwd") +} + +resource "openstack_identity_role_assignment_v3" "heat_admin_role_assignment" { + domain_id = openstack_identity_project_v3.heat_domain.id + user_id = openstack_identity_user_v3.heat_domain_admin.id + role_id = data.openstack_identity_role_v3.admin.id +} + +resource "openstack_identity_role_v3" "heat_stack_user" { + name = "heat_stack_user" +} diff --git a/openstack/terraform/01-test-creds.tf b/openstack/terraform/01-test-creds.tf new file mode 100644 index 00000000..631bee2b --- /dev/null +++ b/openstack/terraform/01-test-creds.tf @@ -0,0 +1,46 @@ + +resource "openstack_identity_project_v3" "demo" { + name = "demo" + domain_id = var.domain_id +} + +resource "openstack_identity_project_v3" "alt_demo" { + name = "alt_demo" + domain_id = var.domain_id +} + +resource "openstack_identity_user_v3" "demo" { + default_project_id = openstack_identity_project_v3.demo.id + name = "demo" + domain_id = var.domain_id + password = "pass" + enabled = true + + extra = { + email = "demo@dev.null" + } +} + +resource "openstack_identity_user_v3" "alt_demo" { + default_project_id = openstack_identity_project_v3.alt_demo.id + name = "alt_demo" + domain_id = var.domain_id + password = "secret" + enabled = true + + extra = { + email = "alt_demo@dev.null" + } +} + +resource "openstack_identity_role_assignment_v3" "demo_user_role_member" { + user_id = openstack_identity_user_v3.demo.id + project_id = openstack_identity_project_v3.demo.id + role_id = data.openstack_identity_role_v3.Member.id +} + +resource "openstack_identity_role_assignment_v3" "alt_demo_user_role_member" { + user_id = openstack_identity_user_v3.alt_demo.id + project_id = openstack_identity_project_v3.alt_demo.id + role_id = data.openstack_identity_role_v3.Member.id +} diff --git a/openstack/terraform/heat-domain-admin-passwd b/openstack/terraform/heat-domain-admin-passwd new file mode 100644 index 00000000..583f14f9 --- /dev/null +++ b/openstack/terraform/heat-domain-admin-passwd @@ -0,0 +1 @@ +Ht8NdKTGdpJjRsS4V33tsVW4mSztgZMs