terraform: Terraform module for AWS (#2503)

2025-12-15 16:09:39 -05:00 · 2023-11-08 19:10:01 +01:00 · 2023-11-08 19:10:01 +01:00 · cea6204b37
commit cea6204b37
parent 0bac72261d
94 changed files with 912 additions and 87 deletions
--- a/terraform/infrastructure/openstack/modules/instance_group/main.tf
+++ b/terraform/infrastructure/openstack/modules/instance_group/main.tf
@ -0,0 +1,65 @@
+terraform {
+  required_providers {
+    openstack = {
+      source  = "terraform-provider-openstack/openstack"
+      version = "1.52.1"
+    }
+  }
+}
+
+locals {
+  tags      = distinct(sort(concat(var.tags, ["constellation-role-${var.role}"], ["constellation-node-group-${var.node_group_name}"])))
+  group_uid = random_id.uid.hex
+  name      = "${var.base_name}-${var.role}-${local.group_uid}"
+}
+
+resource "random_id" "uid" {
+  byte_length = 4
+}
+
+# TODO(malt3): get this API enabled in the test environment
+# resource "openstack_compute_servergroup_v2" "instance_group" {
+#   name = local.name
+#   policies = ["soft-anti-affinity"]
+# }
+
+resource "openstack_compute_instance_v2" "instance_group_member" {
+  name            = "${local.name}-${count.index}"
+  count           = var.initial_count
+  image_id        = var.image_id
+  flavor_id       = var.flavor_id
+  security_groups = var.security_groups
+  tags            = local.tags
+  # TODO(malt3): get this API enabled in the test environment
+  # scheduler_hints {
+  #   group = openstack_compute_servergroup_v2.instance_group.id
+  # }
+  network {
+    uuid = var.network_id
+  }
+  block_device {
+    uuid                  = var.image_id
+    source_type           = "image"
+    destination_type      = "local"
+    boot_index            = 0
+    delete_on_termination = true
+  }
+  block_device {
+    source_type           = "blank"
+    destination_type      = "volume"
+    volume_size           = var.disk_size
+    volume_type           = var.state_disk_type
+    boot_index            = 1
+    delete_on_termination = true
+  }
+  metadata = {
+    constellation-role             = var.role
+    constellation-uid              = var.uid
+    constellation-init-secret-hash = var.init_secret_hash
+    openstack-auth-url             = var.identity_internal_url
+    openstack-username             = var.openstack_username
+    openstack-password             = var.openstack_password
+    openstack-user-domain-name     = var.openstack_user_domain_name
+  }
+  availability_zone_hints = var.availability_zone
+}
--- a/terraform/infrastructure/openstack/modules/instance_group/outputs.tf
+++ b/terraform/infrastructure/openstack/modules/instance_group/outputs.tf
@ -0,0 +1,11 @@
+output "instance_group" {
+  value = local.name
+}
+
+output "ips" {
+  value = openstack_compute_instance_v2.instance_group_member.*.access_ip_v4
+}
+
+output "instance_ids" {
+  value = openstack_compute_instance_v2.instance_group_member.*.id
+}
--- a/terraform/infrastructure/openstack/modules/instance_group/variables.tf
+++ b/terraform/infrastructure/openstack/modules/instance_group/variables.tf
@ -0,0 +1,93 @@
+variable "node_group_name" {
+  type        = string
+  description = "Constellation name for the node group (used for configuration and CSP-independent naming)."
+}
+
+variable "base_name" {
+  type        = string
+  description = "Base name of the instance group."
+}
+
+variable "uid" {
+  type        = string
+  description = "Unique ID of the Constellation."
+}
+
+variable "role" {
+  type        = string
+  description = "The role of the instance group."
+  validation {
+    condition     = contains(["control-plane", "worker"], var.role)
+    error_message = "The role has to be 'control-plane' or 'worker'."
+  }
+}
+
+variable "initial_count" {
+  type        = number
+  description = "Number of instances in the instance group."
+}
+
+variable "image_id" {
+  type        = string
+  description = "Image ID for the nodes."
+}
+
+variable "flavor_id" {
+  type        = string
+  description = "Flavor ID (machine type) to use for the nodes."
+}
+
+variable "security_groups" {
+  type        = list(string)
+  description = "Security groups to place the nodes in."
+}
+
+variable "tags" {
+  type        = list(string)
+  description = "Tags to attach to each node."
+}
+
+variable "disk_size" {
+  type        = number
+  description = "Disk size for the nodes, in GiB."
+}
+
+variable "state_disk_type" {
+  type        = string
+  description = "Disk/volume type to be used."
+}
+
+variable "availability_zone" {
+  type        = string
+  description = "The availability zone to deploy the nodes in."
+}
+
+variable "network_id" {
+  type        = string
+  description = "Network ID to attach each node to."
+}
+
+variable "init_secret_hash" {
+  type        = string
+  description = "Hash of the init secret."
+}
+
+variable "identity_internal_url" {
+  type        = string
+  description = "Internal URL of the Identity service."
+}
+
+variable "openstack_user_domain_name" {
+  type        = string
+  description = "OpenStack user domain name."
+}
+
+variable "openstack_username" {
+  type        = string
+  description = "OpenStack user name."
+}
+
+variable "openstack_password" {
+  type        = string
+  description = "OpenStack password."
+}