1 data "vault_aws_access_credentials" "creds" {
2 backend = "${var.vault-name}-path"
3 role = "${var.vault-name}-role"
6 resource "aws_vpc" "CSITVPC" {
7 assign_generated_ipv6_cidr_block = true
8 enable_dns_hostnames = false
9 enable_dns_support = true
10 cidr_block = var.vpc_cidr_mgmt
11 instance_tenancy = "default"
14 "Name" = "${var.resources_name_prefix}_${var.testbed_name}-vpc"
15 "Environment" = var.environment_name
19 resource "aws_security_group" "CSITSG" {
23 description = "Allow inbound traffic"
24 name = "${var.resources_name_prefix}_${var.testbed_name}-sg"
25 revoke_rules_on_delete = false
26 vpc_id = aws_vpc.CSITVPC.id
32 cidr_blocks = ["0.0.0.0/0"]
39 ipv6_cidr_blocks = ["::/0"]
47 ipv6_cidr_blocks = ["::/0"]
54 cidr_blocks = ["0.0.0.0/0"]
61 ipv6_cidr_blocks = ["::/0"]
65 "Name" = "${var.resources_name_prefix}_${var.testbed_name}-sg"
66 "Environment" = var.environment_name
70 resource "aws_vpc_ipv4_cidr_block_association" "b" {
74 cidr_block = var.vpc_cidr_b
75 vpc_id = aws_vpc.CSITVPC.id
78 resource "aws_vpc_ipv4_cidr_block_association" "c" {
82 cidr_block = var.vpc_cidr_c
83 vpc_id = aws_vpc.CSITVPC.id
86 resource "aws_vpc_ipv4_cidr_block_association" "d" {
90 cidr_block = var.vpc_cidr_d
91 vpc_id = aws_vpc.CSITVPC.id
95 resource "aws_subnet" "mgmt" {
96 availability_zone = var.avail_zone
97 assign_ipv6_address_on_creation = false
98 cidr_block = var.vpc_cidr_mgmt
102 ipv6_cidr_block = cidrsubnet(aws_vpc.CSITVPC.ipv6_cidr_block, 8, 1)
103 map_public_ip_on_launch = false
104 vpc_id = aws_vpc.CSITVPC.id
107 "Environment" = var.environment_name
111 resource "aws_subnet" "b" {
112 availability_zone = var.avail_zone
113 assign_ipv6_address_on_creation = true
114 cidr_block = var.vpc_cidr_b
117 aws_vpc_ipv4_cidr_block_association.b
119 ipv6_cidr_block = cidrsubnet(aws_vpc.CSITVPC.ipv6_cidr_block, 8, 2)
120 map_public_ip_on_launch = false
121 vpc_id = aws_vpc.CSITVPC.id
124 "Environment" = var.environment_name
128 resource "aws_subnet" "c" {
129 availability_zone = var.avail_zone
130 assign_ipv6_address_on_creation = true
131 cidr_block = var.vpc_cidr_c
134 aws_vpc_ipv4_cidr_block_association.c
136 ipv6_cidr_block = cidrsubnet(aws_vpc.CSITVPC.ipv6_cidr_block, 8, 3)
137 map_public_ip_on_launch = false
138 vpc_id = aws_vpc.CSITVPC.id
141 "Environment" = var.environment_name
145 resource "aws_subnet" "d" {
146 availability_zone = var.avail_zone
147 assign_ipv6_address_on_creation = true
148 cidr_block = var.vpc_cidr_d
151 aws_vpc_ipv4_cidr_block_association.d
153 ipv6_cidr_block = cidrsubnet(aws_vpc.CSITVPC.ipv6_cidr_block, 8, 4)
154 map_public_ip_on_launch = false
155 vpc_id = aws_vpc.CSITVPC.id
158 "Environment" = var.environment_name
162 resource "aws_internet_gateway" "CSITGW" {
166 vpc_id = aws_vpc.CSITVPC.id
169 "Environment" = var.environment_name
174 # Temporary key for provisioning only
175 resource "tls_private_key" "CSITTLS" {
181 resource "aws_key_pair" "CSITKP" {
182 key_name = "${var.resources_name_prefix}_${var.testbed_name}-key"
183 public_key = "${tls_private_key.CSITTLS.public_key_openssh}"
186 resource "aws_placement_group" "CSITPG" {
187 name = "${var.resources_name_prefix}_${var.testbed_name}-pg"
192 resource "aws_network_interface" "dut1_if1" {
198 private_ip = var.dut1_if1_ip
199 private_ips = [var.dut1_if1_ip]
200 security_groups = [aws_security_group.CSITSG.id]
201 source_dest_check = false
202 subnet_id = aws_subnet.b.id
205 instance = aws_instance.dut1.id
210 "Environment" = var.environment_name
214 resource "aws_network_interface" "dut1_if2" {
220 private_ip = var.dut1_if2_ip
221 private_ips = [var.dut1_if2_ip]
222 security_groups = [aws_security_group.CSITSG.id]
223 source_dest_check = false
224 subnet_id = aws_subnet.d.id
227 instance = aws_instance.dut1.id
232 "Environment" = var.environment_name
236 resource "aws_network_interface" "tg_if1" {
242 private_ip = var.tg_if1_ip
243 private_ips = [var.tg_if1_ip]
244 security_groups = [aws_security_group.CSITSG.id]
245 source_dest_check = false
246 subnet_id = aws_subnet.b.id
249 instance = aws_instance.tg.id
254 "Environment" = var.environment_name
258 resource "aws_network_interface" "tg_if2" {
264 private_ip = var.tg_if2_ip
265 private_ips = [var.tg_if2_ip]
266 security_groups = [aws_security_group.CSITSG.id]
267 source_dest_check = false
268 subnet_id = aws_subnet.d.id
271 instance = aws_instance.tg.id
276 "Environment" = var.environment_name
280 data "aws_network_interface" "dut1_if1" {
281 id = aws_network_interface.dut1_if1.id
284 data "aws_network_interface" "dut1_if2" {
285 id = aws_network_interface.dut1_if2.id
288 data "aws_network_interface" "tg_if1" {
289 id = aws_network_interface.tg_if1.id
292 data "aws_network_interface" "tg_if2" {
293 id = aws_network_interface.tg_if2.id
297 resource "aws_instance" "tg" {
300 aws_placement_group.CSITPG,
301 aws_security_group.CSITSG
303 ami = var.ami_image_tg
304 availability_zone = var.avail_zone
305 associate_public_ip_address = true
306 instance_initiated_shutdown_behavior = var.instance_initiated_shutdown_behavior
307 instance_type = var.instance_type
308 key_name = aws_key_pair.CSITKP.key_name
309 placement_group = aws_placement_group.CSITPG.id
310 private_ip = var.tg_mgmt_ip
311 source_dest_check = false
312 subnet_id = aws_subnet.mgmt.id
313 vpc_security_group_ids = [aws_security_group.CSITSG.id]
317 delete_on_termination = true
322 "Name" = "${var.resources_name_prefix}_${var.testbed_name}-tg"
323 "Environment" = var.environment_name
327 resource "aws_instance" "dut1" {
330 aws_placement_group.CSITPG,
331 aws_security_group.CSITSG,
334 ami = var.ami_image_sut
335 availability_zone = var.avail_zone
336 associate_public_ip_address = true
337 instance_initiated_shutdown_behavior = var.instance_initiated_shutdown_behavior
338 instance_type = var.instance_type
339 key_name = aws_key_pair.CSITKP.key_name
340 placement_group = aws_placement_group.CSITPG.id
341 private_ip = var.dut1_mgmt_ip
342 source_dest_check = false
343 subnet_id = aws_subnet.mgmt.id
344 vpc_security_group_ids = [aws_security_group.CSITSG.id]
348 delete_on_termination = true
353 "Name" = "${var.resources_name_prefix}_${var.testbed_name}-dut1"
354 "Environment" = var.environment_name
359 resource "aws_route" "CSIT-igw" {
362 aws_internet_gateway.CSITGW
364 destination_cidr_block = "0.0.0.0/0"
365 destination_ipv6_cidr_block = "::/0"
366 gateway_id = aws_internet_gateway.CSITGW.id
367 route_table_id = aws_vpc.CSITVPC.main_route_table_id
370 resource "aws_route" "dummy-trex-port-0" {
375 destination_cidr_block = var.trex_dummy_cidr_port_0
376 network_interface_id = aws_instance.tg.primary_network_interface_id
377 route_table_id = aws_vpc.CSITVPC.main_route_table_id
380 resource "aws_route" "dummy-trex-port-1" {
385 destination_cidr_block = var.trex_dummy_cidr_port_1
386 network_interface_id = aws_instance.tg.primary_network_interface_id
387 route_table_id = aws_vpc.CSITVPC.main_route_table_id
391 resource "null_resource" "deploy_tg" {
394 aws_network_interface.tg_if1,
395 aws_network_interface.tg_if2,
397 aws_network_interface.dut1_if1,
398 aws_network_interface.dut1_if2
403 host = aws_instance.tg.public_ip
404 private_key = tls_private_key.CSITTLS.private_key_pem
407 provisioner "remote-exec" {
408 inline = var.first_run_commands
411 # provisioner "ansible" {
414 # file_path = var.ansible_file_path
415 # force_handlers = true
419 # ansible_ssh_pass = var.ansible_provision_pwd
420 # ansible_python_interpreter = var.ansible_python_executable
426 # provisioner "remote-exec" {
427 # on_failure = continue
428 # inline = ["sudo reboot"]
432 resource "null_resource" "deploy_dut1" {
435 aws_network_interface.tg_if1,
436 aws_network_interface.tg_if2,
438 aws_network_interface.dut1_if1,
439 aws_network_interface.dut1_if2
444 host = aws_instance.dut1.public_ip
445 private_key = tls_private_key.CSITTLS.private_key_pem
448 provisioner "remote-exec" {
449 inline = var.first_run_commands
452 # provisioner "ansible" {
455 # file_path = var.ansible_file_path
456 # force_handlers = true
458 # hosts = ["sut_aws"]
460 # ansible_ssh_pass = var.ansible_provision_pwd
461 # ansible_python_interpreter = var.ansible_python_executable
467 # provisioner "remote-exec" {
468 # on_failure = continue
469 # inline = ["sudo reboot"]
473 resource "null_resource" "deploy_topology" {
479 provisioner "ansible" {
482 file_path = var.ansible_topology_path
486 ansible_python_interpreter = var.ansible_python_executable
487 testbed_name = var.testbed_name
488 cloud_topology = var.topology_name
489 tg_if1_mac = data.aws_network_interface.tg_if1.mac_address
490 tg_if2_mac = data.aws_network_interface.tg_if2.mac_address
491 dut1_if1_mac = data.aws_network_interface.dut1_if1.mac_address
492 dut1_if2_mac = data.aws_network_interface.dut1_if2.mac_address
493 tg_public_ip = aws_instance.tg.public_ip
494 dut1_public_ip = aws_instance.dut1.public_ip
495 public_ip_list = "${aws_instance.tg.public_ip},${aws_instance.dut1.public_ip}"