Add initial set of tarreform plans

canonical · Nov 30, 2023 · 3242199 · 3242199
1 parent 7a732e1
commit 3242199
Show file tree

Hide file tree

Showing 8 changed files with 295 additions and 0 deletions.
diff --git a/openstack/terraform/00-init.tf b/openstack/terraform/00-init.tf
@@ -0,0 +1,18 @@
+terraform {
+  required_version = ">= 0.14.0"
+  required_providers {
+    openstack = {
+      source  = "terraform-provider-openstack/openstack"
+      version = "1.49.0"
+    }
+  }
+}
+
+provider "openstack" {
+  user_name           = var.os_username
+  user_domain_name    = var.os_user_domain_name
+  project_domain_name = var.os_project_domain_name
+  password            = var.os_password
+  auth_url            = var.auth_url
+  region              = "RegionOne"
+}
diff --git a/openstack/terraform/00-variables.tf b/openstack/terraform/00-variables.tf
@@ -0,0 +1,74 @@
+variable "domain_id" {
+  type    = string
+  default = ""
+}
+
+variable "cloud" {
+  type    = string
+  default = ""
+}
+
+variable "nameserver" {
+  type = string
+  default = "10.230.64.2"
+}
+
+variable "swift_ip" {
+  type = string
+  default = "10.230.19.58"
+}
+
+variable "gateway" {
+  type = string
+  defaut = "10.5.0.1"
+}
+
+variable "cidr_ext" {
+  type = string
+  default = "10.5.0.0/16"
+}
+
+variable "fip_start" {
+  type = string
+  default = "10.5.150.0"
+}
+
+variable "fip_end" {
+  type = string
+  default = "10.5.200.254"
+}
+
+variable "cidr_priv" {
+  type = string
+  default = "192.168.21.0/24"
+}
+
+variable "net_type" {
+  type = string
+  default = "vxlan"
+}
+
+variable "os_username" {
+  type = string
+  default = "admin"
+}
+
+variable "os_user_domain_name" {
+  type = string
+  default = "admin_domain"
+}
+
+variable "os_project_name" {
+  type = string
+  default = "admin"
+}
+
+variable "os_project_domain_name" {
+  type = string
+  default = "admin_domain"
+}
+
+variable "os_password" {
+  type = string
+  default = "openstack"
+}
diff --git a/openstack/terraform/01-default-flavors.tf b/openstack/terraform/01-default-flavors.tf
@@ -0,0 +1,71 @@
+resource "openstack_compute_flavor_v2" "m1_tiny" {
+  name      = "m1.tiny"
+  ram       = "512"
+  vcpus     = "1"
+  disk      = "1"
+  flavor_id = "1"
+  is_public = true
+}
+
+resource "openstack_compute_flavor_v2" "m1_small" {
+  name      = "m1.small"
+  ram       = "2048"
+  vcpus     = "1"
+  disk      = "20"
+  flavor_id = "2"
+  is_public = true
+}
+
+resource "openstack_compute_flavor_v2" "m1_medium" {
+  name      = "m1.medium"
+  ram       = "4096"
+  vcpus     = "2"
+  disk      = "20"
+  flavor_id = "3"
+  is_public = true
+}
+
+resource "openstack_compute_flavor_v2" "m1_large" {
+  name      = "m1.large"
+  ram       = "8192"
+  vcpus     = "4"
+  disk      = "20"
+  flavor_id = "4"
+  is_public = true
+}
+
+resource "openstack_compute_flavor_v2" "m1_xlarge" {
+  name      = "m1.xlarge"
+  ram       = "16384"
+  vcpus     = "4"
+  disk      = "20"
+  flavor_id = "5"
+  is_public = true
+}
+
+resource "openstack_compute_flavor_v2" "m1_cirros" {
+  name      = "m1.cirros"
+  ram       = "64"
+  vcpus     = "1"
+  disk      = "1"
+  flavor_id = "6"
+  is_public = true
+}
+
+resource "openstack_compute_flavor_v2" "m1_tempest" {
+  name      = "m1.tempest"
+  ram       = "256"
+  vcpus     = "1"
+  disk      = "0"
+  flavor_id = "7"
+  is_public = true
+}
+
+resource "openstack_compute_flavor_v2" "m2_tempest" {
+  name      = "m2.tempest"
+  ram       = "512"
+  vcpus     = "1"
+  disk      = "0"
+  flavor_id = "8"
+  is_public = true
+}
diff --git a/openstack/terraform/01-default-networks.tf b/openstack/terraform/01-default-networks.tf
@@ -0,0 +1,50 @@
+resource "openstack_networking_network_v2" "ext_net" {
+  name           = "ext_net"
+  admin_state_up = true
+  shared         = true
+  external       = true
+
+  segments {
+    physical_network = "physnet1"
+    network_type     = var.net_type
+  }
+}
+
+resource "openstack_networking_subnet_v2" "ext_net_subnet" {
+  name        = "ext_net_subnet"
+  network_id  = openstack_networking_network_v2.ext_net.id
+  cidr        = var.cidr_ext"
+  gateway_ip  = var.gateway
+  enable_dhcp = false
+  ip_version  = 4
+
+  dns_nameservers = [ var.nameserver ]
+
+  allocation_pool {
+    start = var.fip_start
+    end   = var.fip_end
+  }
+}
+
+resource "openstack_networking_router_v2" "provider-router" {
+  name                = "provider-router"
+  admin_state_up      = true
+  external_network_id = openstack_networking_network_v2.ext_net.id
+}
+
+resource "openstack_networking_network_v2" "private" {
+  name           = "private"
+  admin_state_up = "true"
+}
+
+resource "openstack_networking_subnet_v2" "private_subnet" {
+  name       = "private_subnet"
+  network_id = openstack_networking_network_v2.private.id
+  cidr       = var.cidr_priv
+
+}
+
+resource "openstack_networking_router_interface_v2" "private_ext_route" {
+  router_id = openstack_networking_router_v2.provider-router.id
+  subnet_id = openstack_networking_subnet_v2.private_subnet.id
+}
diff --git a/openstack/terraform/01-default-roles.tf b/openstack/terraform/01-default-roles.tf
@@ -0,0 +1,12 @@
+data "openstack_identity_role_v3" "admin"{
+  name = "admin"
+}
+
+data "openstack_identity_role_v3" "Member" {
+  name = "Member"
+}
+
+resource "openstack_identity_role_v3" "ResellerAdmin" {
+  name = "ResellerAdmin"
+}
+
diff --git a/openstack/terraform/01-heat-roles.tf b/openstack/terraform/01-heat-roles.tf
@@ -0,0 +1,23 @@
+resource "openstack_identity_project_v3" "heat_domain" {
+    name          = "heat"
+    description   = "Stack projects and users"
+    enabled       = true
+    is_domain     = true
+}
+
+resource "openstack_identity_user_v3" "heat_domain_admin" {
+  domain_id = openstack_identity_project_v3.heat_domain.id
+  name = "heat_domain_admin"
+
+  password = file("heat-domain-admin-passwd")
+}
+
+resource "openstack_identity_role_assignment_v3" "heat_admin_role_assignment" {
+  domain_id  = openstack_identity_project_v3.heat_domain.id
+  user_id    = openstack_identity_user_v3.heat_domain_admin.id
+  role_id    = data.openstack_identity_role_v3.admin.id
+}
+
+resource "openstack_identity_role_v3" "heat_stack_user" {
+  name = "heat_stack_user"
+}
diff --git a/openstack/terraform/01-test-creds.tf b/openstack/terraform/01-test-creds.tf
@@ -0,0 +1,46 @@
+
+resource "openstack_identity_project_v3" "demo" {
+  name        = "demo"
+  domain_id   = var.domain_id
+}
+
+resource "openstack_identity_project_v3" "alt_demo" {
+  name        = "alt_demo"
+  domain_id   = var.domain_id
+}
+
+resource "openstack_identity_user_v3" "demo" {
+  default_project_id = openstack_identity_project_v3.demo.id
+  name               = "demo"
+  domain_id          = var.domain_id
+  password           = "pass"
+  enabled            = true
+
+  extra = {
+    email = "[email protected]"
+  }
+}
+
+resource "openstack_identity_user_v3" "alt_demo" {
+  default_project_id = openstack_identity_project_v3.alt_demo.id
+  name               = "alt_demo"
+  domain_id          = var.domain_id
+  password           = "secret"
+  enabled            = true
+
+  extra = {
+    email = "[email protected]"
+  }
+}
+
+resource "openstack_identity_role_assignment_v3" "demo_user_role_member" {
+  user_id    = openstack_identity_user_v3.demo.id
+  project_id = openstack_identity_project_v3.demo.id
+  role_id    = data.openstack_identity_role_v3.Member.id
+}
+
+resource "openstack_identity_role_assignment_v3" "alt_demo_user_role_member" {
+  user_id    = openstack_identity_user_v3.alt_demo.id
+  project_id = openstack_identity_project_v3.alt_demo.id
+  role_id    = data.openstack_identity_role_v3.Member.id
+}
diff --git a/openstack/terraform/heat-domain-admin-passwd b/openstack/terraform/heat-domain-admin-passwd
@@ -0,0 +1 @@
+Ht8NdKTGdpJjRsS4V33tsVW4mSztgZMs