1 Terraform-aws-csit modules
2 --------------------------
4 Terraform-aws-csit module is IaaC - infrastructure as a code. Module uses the
5 Amazon Web Services (AWS) provider to interact with resources provided by AWS
6 to orchestrate virtual environment for running CSIT tests.
8 - `aws <https://registry.terraform.io/providers/hashicorp/aws/latest/>`_.
13 +-----------+----------------+
14 | Software | OSS Version |
15 +===========+================+
16 | Terraform | 1.0.3 or newer |
17 +-----------+----------------+
18 | Vault | 1.8.4 or newer |
19 +-----------+----------------+
24 Required modules and provider
25 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
27 - `aws <https://registry.terraform.io/providers/hashicorp/aws/latest>`_.
28 - `null <https://registry.terraform.io/providers/hashicorp/null/latest>`_.
29 - `tls <https://registry.terraform.io/providers/hashicorp/tls>`_.
30 - `vault <https://registry.terraform.io/providers/hashicorp/vault>`_.
35 - `Vault <https://releases.hashicorp.com/vault/>`_ service available on
41 - OPTIONAL: Enable logging
42 Terraform does not have logging enabled by default, to enable logging
43 to stderr, set up TF_LOG variable with specified loglevel:
44 Available loglevels: TRACE, DEBUG, INFO, WARN, ERROR
48 export TF_LOG="LOGLEVEL"
50 It is also possible to store logged output to a file by setting up
55 export TF_LOG_PATH="path/to/logfile"
57 - Run Terraform in a given root module folder depending on chosen testbed
58 topology. Terraform will deploy and configure instances and other resources,
59 all of these resources can be later identified on AWS via Environment tag.
60 By default, Environment tag "CSIT-AWS" is used.
65 cd fdio.infra.terraform/2n_aws_c5n/
70 This will deploy environment with default values, you can check the defaults
71 in ./2n_aws_c5n/main.tf and ./2n_aws_c5n/variables.tf files
73 If you would like to change some of these values, you can:
75 1. Set up TF_VAR_* environment variables prior to running 'terraform apply':
79 export TF_VAR_testbed_name="testbed1"
81 2. Use '-var=varname=value' flag when running 'terraform apply':
85 terraform apply -var=testbed_name=testbed1
88 Only variables defined in variables.tf file of the root module can be
89 changed using these methods.
91 - To clean up the AWS environment and remove all used resources, run:
100 These are the default values for the AWS modules. The following example is
101 2n topology (3n topology variant is very similar). Few variables are defined in
102 a `variable.tf` file.
109 # Parameters starting with var. can be set using "TF_VAR_*" environment
110 # variables or -var parameter when running "terraform apply", for default
111 # values see ./variables.tf
112 testbed_name = var.testbed_name
113 topology_name = var.topology_name
114 environment_name = var.environment_name
115 resources_name_prefix = var.resources_name_prefix
119 avail_zone = var.avail_zone
120 instance_type = var.instance_type
121 ami_image_tg = var.ami_image_tg
122 ami_image_sut = var.ami_image_sut
125 vpc_cidr_mgmt = "192.168.0.0/24"
126 vpc_cidr_b = "192.168.10.0/24"
127 vpc_cidr_c = "200.0.0.0/24"
128 vpc_cidr_d = "192.168.20.0/24"
130 tg_mgmt_ip = "192.168.0.10"
131 dut1_mgmt_ip = "192.168.0.11"
133 tg_if1_ip = "192.168.10.254"
134 tg_if2_ip = "192.168.20.254"
135 dut1_if1_ip = "192.168.10.11"
136 dut1_if2_ip = "192.168.20.11"
138 trex_dummy_cidr_port_0 = "10.0.0.0/24"
139 trex_dummy_cidr_port_1 = "20.0.0.0/24"
142 ansible_python_executable = "/usr/bin/python3"
143 ansible_file_path = "../../fdio.infra.ansible/site.yaml"
144 ansible_topology_path = "../../fdio.infra.ansible/cloud_topology.yaml"
145 ansible_provision_pwd = "Csit1234"
148 first_run_commands = [
149 "sudo sed -i 's/^PasswordAuthentication/#PasswordAuthentication/' /etc/ssh/sshd_config",
150 "sudo systemctl restart sshd",
151 "sudo useradd --create-home -s /bin/bash provisionuser",
152 "echo 'provisionuser:Csit1234' | sudo chpasswd",
153 "echo 'provisionuser ALL = (ALL) NOPASSWD: ALL' | sudo tee -a /etc/sudoers",
154 "sudo useradd --create-home -s /bin/bash testuser",
155 "echo 'testuser:Csit1234' | sudo chpasswd",
156 "echo 'testuser ALL = (ALL) NOPASSWD: ALL' | sudo tee -a /etc/sudoers"
160 Secrets & Credentials
161 ~~~~~~~~~~~~~~~~~~~~~
163 Set credentials manually
164 ^^^^^^^^^^^^^^^^^^^^^^^^
166 To set the credentials manually you first need to tell the module to not fetch
167 credentials from Vault. To do that, set `provider "aws"` `access_key` and
168 `secret_key` to custom value or use credentials file as a source.
174 access_key = data.vault_aws_access_credentials.creds.access_key
175 secret_key = data.vault_aws_access_credentials.creds.secret_key