mirror of
https://github.com/edgelesssys/constellation.git
synced 2025-01-28 08:17:10 -05:00
90 lines
2.9 KiB
HCL
90 lines
2.9 KiB
HCL
terraform {
|
|
required_providers {
|
|
openstack = {
|
|
source = "terraform-provider-openstack/openstack"
|
|
version = "1.54.1"
|
|
}
|
|
}
|
|
}
|
|
|
|
locals {
|
|
tags = distinct(sort(concat(var.tags, ["constellation-role-${var.role}"], ["constellation-node-group-${var.node_group_name}"])))
|
|
group_uid = random_id.uid.hex
|
|
name = "${var.base_name}-${var.role}-${local.group_uid}"
|
|
flavor_id_is_uuid = length(var.flavor_id) == 36 && length(regexall("^[[:xdigit:]]{8}-[[:xdigit:]]{4}-[[:xdigit:]]{4}-[[:xdigit:]]{4}-[[:xdigit:]]{12}$", var.flavor_id)) == 1
|
|
}
|
|
|
|
resource "random_id" "uid" {
|
|
byte_length = 4
|
|
}
|
|
|
|
resource "openstack_networking_port_v2" "port" {
|
|
name = "${local.name}-${count.index}"
|
|
count = var.initial_count
|
|
admin_state_up = "true"
|
|
|
|
network_id = var.network_id
|
|
fixed_ip {
|
|
subnet_id = var.subnet_id
|
|
}
|
|
|
|
security_group_ids = var.security_groups
|
|
}
|
|
|
|
# TODO(malt3): get this API enabled in the test environment
|
|
# resource "openstack_compute_servergroup_v2" "instance_group" {
|
|
# name = local.name
|
|
# policies = ["soft-anti-affinity"]
|
|
# }
|
|
|
|
data "openstack_compute_flavor_v2" "flavor" {
|
|
flavor_id = local.flavor_id_is_uuid ? var.flavor_id : null
|
|
name = local.flavor_id_is_uuid ? null : var.flavor_id
|
|
}
|
|
|
|
resource "openstack_compute_instance_v2" "instance_group_member" {
|
|
name = "${local.name}-${count.index}"
|
|
count = var.initial_count
|
|
flavor_id = data.openstack_compute_flavor_v2.flavor.id
|
|
tags = local.tags
|
|
# TODO(malt3): get this API enabled in the test environment
|
|
# scheduler_hints {
|
|
# group = openstack_compute_servergroup_v2.instance_group.id
|
|
# }
|
|
network {
|
|
port = openstack_networking_port_v2.port[count.index].id
|
|
}
|
|
block_device {
|
|
uuid = var.image_id
|
|
source_type = "image"
|
|
destination_type = "volume"
|
|
volume_size = "5"
|
|
boot_index = 0
|
|
delete_on_termination = true
|
|
}
|
|
block_device {
|
|
source_type = "blank"
|
|
destination_type = "volume"
|
|
volume_size = var.disk_size
|
|
volume_type = var.state_disk_type
|
|
boot_index = 1
|
|
delete_on_termination = true
|
|
}
|
|
metadata = {
|
|
constellation-role = var.role
|
|
constellation-uid = var.uid
|
|
constellation-init-secret-hash = var.init_secret_hash
|
|
}
|
|
user_data = jsonencode({
|
|
openstack-auth-url = var.identity_internal_url
|
|
openstack-username = var.openstack_username
|
|
openstack-password = var.openstack_password
|
|
openstack-user-domain-name = var.openstack_user_domain_name
|
|
openstack-load-balancer-endpoint = var.openstack_load_balancer_endpoint
|
|
})
|
|
availability_zone_hints = length(var.availability_zone) > 0 ? var.availability_zone : null
|
|
lifecycle {
|
|
ignore_changes = [block_device] # block device contains current image, which can be updated from inside the cluster
|
|
}
|
|
}
|