4 CSIT performance testbed deployments in AWS rely on
5 Infrastructure-as-a-C (IaaC) Terraform AWS providers. Terraform
6 providers specified in CSIT interact with resources provided by AWS to
7 orchestrate virtual environment for running CSIT performance tests.
12 +-----------+----------------+
13 | Software | OSS Version |
14 +===========+================+
15 | Terraform | 1.0.3 or newer |
16 +-----------+----------------+
17 | Vault | 1.8.4 or newer |
18 +-----------+----------------+
23 - Required Modules and Providers
25 - `Terraform Registry aws <https://registry.terraform.io/providers/hashicorp/aws/latest>`_.
26 - `Terraform Registry null <https://registry.terraform.io/providers/hashicorp/null/latest>`_.
27 - `Terraform Registry tls <https://registry.terraform.io/providers/hashicorp/tls>`_.
28 - `Terraform Registry vault <https://registry.terraform.io/providers/hashicorp/vault>`_.
32 - `Vault <https://releases.hashicorp.com/vault/>`_ service available
38 Following is an example of a
39 `Terraform deploy module <https://git.fd.io/csit/tree/fdio.infra.terraform/2n_aws_c5n/main.tf>`_
40 for a CSIT 2-Node testbed topology with AWS variables set to default
41 values. A number of variables is also defined in a
42 `separate Terraform variable file <https://git.fd.io/csit/tree/fdio.infra.terraform/2n_aws_c5n/variables.tf>`_.
49 # Parameters starting with var. can be set using "TF_VAR_*" environment
50 # variables or -var parameter when running "terraform apply", for default
51 # values see ./variables.tf
52 testbed_name = var.testbed_name
53 topology_name = var.topology_name
54 environment_name = var.environment_name
55 resources_name_prefix = var.resources_name_prefix
59 avail_zone = var.avail_zone
60 instance_type = var.instance_type
61 ami_image_tg = var.ami_image_tg
62 ami_image_sut = var.ami_image_sut
65 vpc_cidr_mgmt = "192.168.0.0/24"
66 vpc_cidr_b = "192.168.10.0/24"
67 vpc_cidr_c = "200.0.0.0/24"
68 vpc_cidr_d = "192.168.20.0/24"
70 tg_mgmt_ip = "192.168.0.10"
71 dut1_mgmt_ip = "192.168.0.11"
73 tg_if1_ip = "192.168.10.254"
74 tg_if2_ip = "192.168.20.254"
75 dut1_if1_ip = "192.168.10.11"
76 dut1_if2_ip = "192.168.20.11"
78 trex_dummy_cidr_port_0 = "10.0.0.0/24"
79 trex_dummy_cidr_port_1 = "20.0.0.0/24"
82 ansible_python_executable = "/usr/bin/python3"
83 ansible_file_path = "../../fdio.infra.ansible/site.yaml"
84 ansible_topology_path = "../../fdio.infra.ansible/cloud_topology.yaml"
85 ansible_provision_pwd = "Csit1234"
88 first_run_commands = [
89 "sudo sed -i 's/^PasswordAuthentication/#PasswordAuthentication/' /etc/ssh/sshd_config",
90 "sudo systemctl restart sshd",
91 "sudo useradd --create-home -s /bin/bash provisionuser",
92 "echo 'provisionuser:Csit1234' | sudo chpasswd",
93 "echo 'provisionuser ALL = (ALL) NOPASSWD: ALL' | sudo tee -a /etc/sudoers",
94 "sudo useradd --create-home -s /bin/bash testuser",
95 "echo 'testuser:Csit1234' | sudo chpasswd",
96 "echo 'testuser ALL = (ALL) NOPASSWD: ALL' | sudo tee -a /etc/sudoers"
100 Secrets & Credentials
101 ~~~~~~~~~~~~~~~~~~~~~
103 Set credentials manually
104 ^^^^^^^^^^^^^^^^^^^^^^^^
106 To set the credentials manually you first need to tell the module to not
107 fetch credentials from Vault. To do that, set `provider "aws"`
108 `access_key` and `secret_key` to custom value or use credentials file
115 access_key = data.vault_aws_access_credentials.creds.access_key
116 secret_key = data.vault_aws_access_credentials.creds.secret_key