matrix/matrixtest-IaC
3
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Begin lb deployment

Browse source
This commit is contained in:
Magnus Andersson 2024-02-10 22:27:32 +01:00
parent 4329357ba6
commit aec4e02a57
Signed by: mandersson
GPG key ID: 19CB2C58E1F19B16
4 changed files with 59 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
kube.tf
View file

@ -32,7 +32,7 @@ resource "openstack_blockstorage_volume_v3" "kubevolumesnap" {
# Create instances of kubernetes nodes # Create instances of kubernetes nodes
resource "openstack_compute_instance_v2" "kube" { resource "openstack_compute_instance_v2" "kube" {
name = "kube${count.index + 1}.matrix-test.sunet.se" name = "kube${count.index + 1}.matrix.test.sunet.se"
count = var.kubesize count = var.kubesize
flavor_id = data.openstack_compute_flavor_v2.b2c4r16.id flavor_id = data.openstack_compute_flavor_v2.b2c4r16.id
key_pair = data.openstack_compute_keypair_v2.manderssonpub.id key_pair = data.openstack_compute_keypair_v2.manderssonpub.id

28
lb.tf Normal file
View file

@ -0,0 +1,28 @@
resource "openstack_networking_port_v2" "lbport" {
name = "lb${count.index + 1}-matrix-test-sunet-se-port"
# We create as many ports as there are instances created
count = var.lbsize # Number of loadbalancers
network_id = data.openstack_networking_network_v2.public.id
# A list of security group ID
security_group_ids = [
data.openstack_networking_secgroup_v2.sshfromjumphosts.id,
data.openstack_networking_secgroup_v2.allegress.id,
resource.openstack_networking_secgroup_v2.lbnode.id
]
admin_state_up = "true"
}
resource "openstack_networking_port_v2" "lbvip" {
name = "lb-vip-matrix-test-sunet-se-port"
# We create as many ports as there are instances created
network_id = data.openstack_networking_network_v2.public.id
# A list of security group ID
security_group_ids = [
data.openstack_networking_secgroup_v2.sshfromjumphosts.id,
data.openstack_networking_secgroup_v2.allegress.id,
]
admin_state_up = "false"
}

25
securitygroups.tf
View file

@ -9,6 +9,8 @@ data "openstack_networking_secgroup_v2" "allegress" {
name = "allegress" name = "allegress"
} }
# Resources to define new security groups # Resources to define new security groups
# Securitygroup to allow kubernetes nodes # Securitygroup to allow kubernetes nodes
@ -45,3 +47,26 @@ resource "openstack_networking_secgroup_rule_v2" "kubeegressv6" {
remote_group_id = openstack_networking_secgroup_v2.kubenode.id remote_group_id = openstack_networking_secgroup_v2.kubenode.id
security_group_id = openstack_networking_secgroup_v2.kubenode.id security_group_id = openstack_networking_secgroup_v2.kubenode.id
} }
# Securitygroup to allow vrrp trafic between lb nodes
resource "openstack_networking_secgroup_v2" "lbnode" {
name = "lbnode"
description = "Securitygroup for load balancer nodes"
delete_default_rules = true
}
resource "openstack_networking_secgroup_rule_v2" "vrrpingress" {
direction = "ingress"
ethertype = "IPv4"
protocol = "vrrp"
remote_group_id = openstack_networking_secgroup_v2.lbnode.id
security_group_id = openstack_networking_secgroup_v2.lbnode.id
}
resource "openstack_networking_secgroup_rule_v2" "vrrpingressv6" {
direction = "ingress"
ethertype = "IPv6"
protocol = "vrrp"
remote_group_id = openstack_networking_secgroup_v2.lbnode.id
security_group_id = openstack_networking_secgroup_v2.lbnode.id
}

5
variables.tf
View file

@ -4,3 +4,8 @@ variable "kubesize" {
default = 3 default = 3
} }
variable "lbsize" {
type = number
default = 2
}