From 308b47d847d0e9479fc00cda758846d115dd2088 Mon Sep 17 00:00:00 2001
From: Magnus Andersson <mandersson@sunet.se>
Date: Mon, 29 Apr 2024 16:42:39 +0200
Subject: [PATCH] Create instances for dogtag-ca and dogtag-cadb

---
 .gitignore       |  1 +
 dtca.tf          | 73 ++++++++++++++++++++++++++++++++++++++++++++----
 flavors.tf       |  4 +++
 images.tf        |  4 +++
 key.tf           |  3 ++
 terraform.tfvars |  6 ++--
 vars.tf          |  8 ++++++
 7 files changed, 92 insertions(+), 7 deletions(-)
 create mode 100644 flavors.tf
 create mode 100644 images.tf
 create mode 100644 key.tf

diff --git a/.gitignore b/.gitignore
index e79eb23..5dfe310 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
 .terraform*
+terraform.tfstate*
diff --git a/dtca.tf b/dtca.tf
index 4eb7d1b..9f74516 100644
--- a/dtca.tf
+++ b/dtca.tf
@@ -1,3 +1,6 @@
+
+# Create network ports
+
 resource "openstack_networking_port_v2" "dtcaport" {
   name                = "${var.caname}-sunet-se-port"
   network_id          = data.openstack_networking_network_v2.public.id
@@ -7,9 +10,9 @@ resource "openstack_networking_port_v2" "dtcaport" {
                           data.openstack_networking_secgroup_v2.allegress.id
                         ]
   admin_state_up      = "true"
-  lifecycle {
-    prevent_destroy = true
-  }
+  #lifecycle {
+  #  prevent_destroy = true
+  #}
 }
 
 
@@ -22,7 +25,67 @@ resource "openstack_networking_port_v2" "dtcadbport" {
                           data.openstack_networking_secgroup_v2.allegress.id
                         ]
   admin_state_up      = "true"
-  lifecycle {
-    prevent_destroy = true
+  #lifecycle {
+  #  prevent_destroy = true
+  #}
+}
+
+# Create volumes
+
+resource "openstack_blockstorage_volume_v3" "cavolumeboot" {
+  name                 = "${var.caname}-sunet-se-vol"
+  description          = "OS volume for ${var.caname}"
+  size                 = 100
+  image_id             = data.openstack_images_image_v2.caimage.id
+  enable_online_resize = true # Allow us to resize volume while attached.
+}
+
+resource "openstack_blockstorage_volume_v3" "cadbvolumeboot" {
+  name                 = "${var.cadbname}-sunet-se-vol"
+  description          = "OS volume for ${var.cadbname}"
+  size                 = 100
+  image_id             = data.openstack_images_image_v2.caimage.id
+  enable_online_resize = true # Allow us to resize volume while attached.
+}
+
+# Create ca instance
+resource "openstack_compute_instance_v2" "dtca" {
+  name            = "${var.caname}.sunet.se"
+  flavor_id       = data.openstack_compute_flavor_v2.b2c2r4.id
+  key_pair        = data.openstack_compute_keypair_v2.manderssonpub.id
+  security_groups = [ 
+                      data.openstack_networking_secgroup_v2.sshfromjumphosts.name, 
+                      data.openstack_networking_secgroup_v2.allegress.name
+                    ]
+
+  network {
+    port   = resource.openstack_networking_port_v2.dtcaport.id
+  }
+
+  block_device {
+  uuid             = resource.openstack_blockstorage_volume_v3.cavolumeboot.id
+  source_type      = "volume"
+  destination_type = "volume"
+  }
+}
+
+# Create cadb instance
+resource "openstack_compute_instance_v2" "dtcadb" {
+  name            = "${var.cadbname}.sunet.se"
+  flavor_id       = data.openstack_compute_flavor_v2.b2c2r4.id
+  key_pair        = data.openstack_compute_keypair_v2.manderssonpub.id
+  security_groups = [
+                      data.openstack_networking_secgroup_v2.sshfromjumphosts.name,
+                      data.openstack_networking_secgroup_v2.allegress.name
+                    ]
+
+  network {
+    port   = resource.openstack_networking_port_v2.dtcadbport.id
+  }
+
+  block_device {
+  uuid             = resource.openstack_blockstorage_volume_v3.cadbvolumeboot.id
+  source_type      = "volume"
+  destination_type = "volume"
   }
 }
diff --git a/flavors.tf b/flavors.tf
new file mode 100644
index 0000000..483f2db
--- /dev/null
+++ b/flavors.tf
@@ -0,0 +1,4 @@
+data "openstack_compute_flavor_v2" "b2c2r4" {
+  name = "b2.c2r4" 
+}
+
diff --git a/images.tf b/images.tf
new file mode 100644
index 0000000..9b4b1ce
--- /dev/null
+++ b/images.tf
@@ -0,0 +1,4 @@
+data "openstack_images_image_v2" "caimage" {
+  name        = "${var.imagename}"
+  most_recent = true
+}
diff --git a/key.tf b/key.tf
new file mode 100644
index 0000000..5bb36c6
--- /dev/null
+++ b/key.tf
@@ -0,0 +1,3 @@
+data "openstack_compute_keypair_v2" "manderssonpub" {
+  name = "${var.keyname}"
+}
diff --git a/terraform.tfvars b/terraform.tfvars
index 47955e4..0b51a20 100644
--- a/terraform.tfvars
+++ b/terraform.tfvars
@@ -1,2 +1,4 @@
-caname = "dtca-test"
-cadbname = "dtcadb-test"
+caname    = "dtca-test"
+cadbname  = "dtcadb-test"
+keyname   = "mandersson-pub"
+imagename = "almalinux-9"
diff --git a/vars.tf b/vars.tf
index 7592b0b..9c7c2c5 100644
--- a/vars.tf
+++ b/vars.tf
@@ -5,3 +5,11 @@ variable "caname" {
 variable "cadbname" {
   type = string
 }
+
+variable "keyname" {
+  type = string
+}
+
+variable "imagename" {
+  type = string
+}