1 data "vault_aws_access_credentials" "creds" {
2 backend = "${var.vault-name}-path"
3 role = "${var.vault-name}-role"
6 resource "aws_vpc" "CSITVPC" {
7 cidr_block = var.vpc_cidr_mgmt
10 "Name" = "${var.resources_name_prefix}_${var.testbed_name}-vpc"
11 "Environment" = var.environment_name
15 resource "aws_security_group" "CSITSG" {
16 name = "${var.resources_name_prefix}_${var.testbed_name}-sg"
17 description = "Allow inbound traffic"
18 vpc_id = aws_vpc.CSITVPC.id
19 depends_on = [aws_vpc.CSITVPC]
25 cidr_blocks = ["0.0.0.0/0"]
39 cidr_blocks = ["0.0.0.0/0"]
43 "Name" = "${var.resources_name_prefix}_${var.testbed_name}-sg"
44 "Environment" = var.environment_name
48 resource "aws_vpc_ipv4_cidr_block_association" "b" {
49 vpc_id = aws_vpc.CSITVPC.id
50 cidr_block = var.vpc_cidr_b
51 depends_on = [aws_vpc.CSITVPC]
53 resource "aws_vpc_ipv4_cidr_block_association" "c" {
54 vpc_id = aws_vpc.CSITVPC.id
55 cidr_block = var.vpc_cidr_c
56 depends_on = [aws_vpc.CSITVPC]
58 resource "aws_vpc_ipv4_cidr_block_association" "d" {
59 vpc_id = aws_vpc.CSITVPC.id
60 cidr_block = var.vpc_cidr_d
61 depends_on = [aws_vpc.CSITVPC]
65 resource "aws_subnet" "mgmt" {
66 vpc_id = aws_vpc.CSITVPC.id
67 cidr_block = var.vpc_cidr_mgmt
68 availability_zone = var.avail_zone
69 depends_on = [aws_vpc.CSITVPC]
72 "Environment" = var.environment_name
75 resource "aws_subnet" "b" {
76 vpc_id = aws_vpc.CSITVPC.id
77 cidr_block = var.vpc_cidr_b
78 availability_zone = var.avail_zone
79 depends_on = [aws_vpc.CSITVPC, aws_vpc_ipv4_cidr_block_association.b]
82 "Environment" = var.environment_name
85 resource "aws_subnet" "c" {
86 vpc_id = aws_vpc.CSITVPC.id
87 cidr_block = var.vpc_cidr_c
88 availability_zone = var.avail_zone
89 depends_on = [aws_vpc.CSITVPC, aws_vpc_ipv4_cidr_block_association.c]
92 "Environment" = var.environment_name
95 resource "aws_subnet" "d" {
96 vpc_id = aws_vpc.CSITVPC.id
97 cidr_block = var.vpc_cidr_d
98 availability_zone = var.avail_zone
99 depends_on = [aws_vpc.CSITVPC, aws_vpc_ipv4_cidr_block_association.d]
102 "Environment" = var.environment_name
106 resource "aws_internet_gateway" "CSITGW" {
107 vpc_id = aws_vpc.CSITVPC.id
108 depends_on = [aws_vpc.CSITVPC]
111 "Environment" = var.environment_name
116 # Temporary key for provisioning only
117 resource "tls_private_key" "CSITTLS" {
121 resource "aws_key_pair" "CSITKP" {
122 key_name = "${var.resources_name_prefix}_${var.testbed_name}-key"
123 public_key = tls_private_key.CSITTLS.public_key_openssh
126 resource "aws_placement_group" "CSITPG" {
127 name = "${var.resources_name_prefix}_${var.testbed_name}-pg"
132 resource "aws_network_interface" "dut1_if1" {
133 subnet_id = aws_subnet.b.id
134 source_dest_check = false
135 private_ip = var.dut1_if1_ip
136 private_ips = [var.dut1_if1_ip]
137 security_groups = [aws_security_group.CSITSG.id]
138 depends_on = [aws_vpc.CSITVPC, aws_subnet.b, aws_instance.dut1]
141 instance = aws_instance.dut1.id
146 "Environment" = var.environment_name
150 resource "aws_network_interface" "dut1_if2" {
151 subnet_id = aws_subnet.d.id
152 source_dest_check = false
153 private_ip = var.dut1_if2_ip
154 private_ips = [var.dut1_if2_ip]
155 security_groups = [aws_security_group.CSITSG.id]
156 depends_on = [aws_vpc.CSITVPC, aws_subnet.d, aws_instance.dut1]
159 instance = aws_instance.dut1.id
164 "Environment" = var.environment_name
168 resource "aws_network_interface" "tg_if1" {
169 subnet_id = aws_subnet.b.id
170 source_dest_check = false
171 private_ip = var.tg_if1_ip
172 private_ips = [var.tg_if1_ip]
173 security_groups = [aws_security_group.CSITSG.id]
174 depends_on = [aws_vpc.CSITVPC, aws_subnet.b, aws_instance.tg]
177 instance = aws_instance.tg.id
182 "Environment" = var.environment_name
186 resource "aws_network_interface" "tg_if2" {
187 subnet_id = aws_subnet.d.id
188 source_dest_check = false
189 private_ip = var.tg_if2_ip
190 private_ips = [var.tg_if2_ip]
191 security_groups = [aws_security_group.CSITSG.id]
192 depends_on = [aws_vpc.CSITVPC, aws_subnet.d, aws_instance.tg]
195 instance = aws_instance.tg.id
200 "Environment" = var.environment_name
204 data "aws_network_interface" "dut1_if1" {
205 id = aws_network_interface.dut1_if1.id
208 data "aws_network_interface" "dut1_if2" {
209 id = aws_network_interface.dut1_if2.id
212 data "aws_network_interface" "tg_if1" {
213 id = aws_network_interface.tg_if1.id
216 data "aws_network_interface" "tg_if2" {
217 id = aws_network_interface.tg_if2.id
221 resource "aws_instance" "tg" {
222 depends_on = [aws_vpc.CSITVPC, aws_placement_group.CSITPG]
223 ami = var.ami_image_tg
224 availability_zone = var.avail_zone
225 instance_initiated_shutdown_behavior = var.instance_initiated_shutdown_behavior
226 instance_type = var.instance_type
227 key_name = aws_key_pair.CSITKP.key_name
228 associate_public_ip_address = true
229 subnet_id = aws_subnet.mgmt.id
230 private_ip = var.tg_mgmt_ip
231 vpc_security_group_ids = [aws_security_group.CSITSG.id]
232 placement_group = aws_placement_group.CSITPG.id
233 source_dest_check = false
241 "Name" = "${var.resources_name_prefix}_${var.testbed_name}-tg"
242 "Environment" = var.environment_name
246 resource "aws_instance" "dut1" {
247 depends_on = [aws_vpc.CSITVPC, aws_placement_group.CSITPG, aws_instance.tg]
248 ami = var.ami_image_sut
249 availability_zone = var.avail_zone
250 instance_initiated_shutdown_behavior = var.instance_initiated_shutdown_behavior
251 instance_type = var.instance_type
252 key_name = aws_key_pair.CSITKP.key_name
253 associate_public_ip_address = true
254 subnet_id = aws_subnet.mgmt.id
255 private_ip = var.dut1_mgmt_ip
256 vpc_security_group_ids = [aws_security_group.CSITSG.id]
257 placement_group = aws_placement_group.CSITPG.id
258 source_dest_check = false
266 "Name" = "${var.resources_name_prefix}_${var.testbed_name}-dut1"
267 "Environment" = var.environment_name
272 resource "aws_route" "CSIT-igw" {
273 route_table_id = aws_vpc.CSITVPC.main_route_table_id
274 gateway_id = aws_internet_gateway.CSITGW.id
275 destination_cidr_block = "0.0.0.0/0"
276 depends_on = [aws_vpc.CSITVPC, aws_internet_gateway.CSITGW]
279 resource "aws_route" "dummy-trex-port-0" {
280 route_table_id = aws_vpc.CSITVPC.main_route_table_id
281 network_interface_id = aws_instance.tg.primary_network_interface_id
282 destination_cidr_block = var.trex_dummy_cidr_port_0
283 depends_on = [aws_vpc.CSITVPC, aws_instance.dut1]
286 resource "aws_route" "dummy-trex-port-1" {
287 route_table_id = aws_vpc.CSITVPC.main_route_table_id
288 network_interface_id = aws_instance.tg.primary_network_interface_id
289 destination_cidr_block = var.trex_dummy_cidr_port_1
290 depends_on = [aws_vpc.CSITVPC, aws_instance.dut1]
294 resource "null_resource" "deploy_tg" {
297 aws_network_interface.tg_if1,
298 aws_network_interface.tg_if2,
300 aws_network_interface.dut1_if1,
301 aws_network_interface.dut1_if2
306 host = aws_instance.tg.public_ip
307 private_key = tls_private_key.CSITTLS.private_key_pem
310 # provisioner "remote-exec" {
311 # inline = var.first_run_commands
314 # provisioner "ansible" {
317 # file_path = var.ansible_file_path
318 # force_handlers = true
322 # ansible_ssh_pass = var.ansible_provision_pwd
323 # ansible_python_interpreter = var.ansible_python_executable
329 # provisioner "remote-exec" {
330 # on_failure = continue
331 # inline = ["sudo reboot"]
335 resource "null_resource" "deploy_dut1" {
338 aws_network_interface.tg_if1,
339 aws_network_interface.tg_if2,
341 aws_network_interface.dut1_if1,
342 aws_network_interface.dut1_if2
347 host = aws_instance.dut1.public_ip
348 private_key = tls_private_key.CSITTLS.private_key_pem
351 # provisioner "remote-exec" {
352 # inline = var.first_run_commands
355 # provisioner "ansible" {
358 # file_path = var.ansible_file_path
359 # force_handlers = true
361 # hosts = ["sut_aws"]
363 # ansible_ssh_pass = var.ansible_provision_pwd
364 # ansible_python_interpreter = var.ansible_python_executable
370 # provisioner "remote-exec" {
371 # on_failure = continue
372 # inline = ["sudo reboot"]
376 resource "null_resource" "deploy_topology" {
377 depends_on = [aws_instance.tg, aws_instance.dut1]
379 provisioner "ansible" {
382 file_path = var.ansible_topology_path
386 ansible_python_interpreter = var.ansible_python_executable
387 testbed_name = var.testbed_name
388 cloud_topology = var.topology_name
389 tg_if1_mac = data.aws_network_interface.tg_if1.mac_address
390 tg_if2_mac = data.aws_network_interface.tg_if2.mac_address
391 dut1_if1_mac = data.aws_network_interface.dut1_if1.mac_address
392 dut1_if2_mac = data.aws_network_interface.dut1_if2.mac_address
393 tg_public_ip = aws_instance.tg.public_ip
394 dut1_public_ip = aws_instance.dut1.public_ip
395 public_ip_list = "${aws_instance.tg.public_ip},${aws_instance.dut1.public_ip}"