1 data "vault_aws_access_credentials" "creds" {
2 backend = "${var.vault-name}-path"
3 role = "${var.vault-name}-role"
6 resource "aws_vpc" "CSITVPC" {
7 assign_generated_ipv6_cidr_block = false
8 enable_dns_hostnames = false
9 enable_dns_support = true
10 cidr_block = var.vpc_cidr_mgmt
11 instance_tenancy = "default"
14 "Name" = "${var.resources_name_prefix}_${var.testbed_name}-vpc"
15 "Environment" = var.environment_name
19 resource "aws_security_group" "CSITSG" {
23 description = "Allow inbound traffic"
24 name = "${var.resources_name_prefix}_${var.testbed_name}-sg"
25 revoke_rules_on_delete = false
26 vpc_id = aws_vpc.CSITVPC.id
32 cidr_blocks = ["0.0.0.0/0"]
48 cidr_blocks = ["0.0.0.0/0"]
53 "Name" = "${var.resources_name_prefix}_${var.testbed_name}-sg"
54 "Environment" = var.environment_name
58 resource "aws_vpc_ipv4_cidr_block_association" "b" {
62 cidr_block = var.vpc_cidr_b
63 vpc_id = aws_vpc.CSITVPC.id
66 resource "aws_vpc_ipv4_cidr_block_association" "c" {
70 cidr_block = var.vpc_cidr_c
71 vpc_id = aws_vpc.CSITVPC.id
74 resource "aws_vpc_ipv4_cidr_block_association" "d" {
78 cidr_block = var.vpc_cidr_d
79 vpc_id = aws_vpc.CSITVPC.id
83 resource "aws_subnet" "mgmt" {
84 availability_zone = var.avail_zone
85 assign_ipv6_address_on_creation = false
86 cidr_block = var.vpc_cidr_mgmt
90 map_public_ip_on_launch = false
91 vpc_id = aws_vpc.CSITVPC.id
94 "Environment" = var.environment_name
98 resource "aws_subnet" "b" {
99 availability_zone = var.avail_zone
100 assign_ipv6_address_on_creation = false
101 cidr_block = var.vpc_cidr_b
104 aws_vpc_ipv4_cidr_block_association.b
106 map_public_ip_on_launch = false
107 vpc_id = aws_vpc.CSITVPC.id
110 "Environment" = var.environment_name
114 resource "aws_subnet" "c" {
115 availability_zone = var.avail_zone
116 assign_ipv6_address_on_creation = false
117 cidr_block = var.vpc_cidr_c
120 aws_vpc_ipv4_cidr_block_association.c
122 map_public_ip_on_launch = false
123 vpc_id = aws_vpc.CSITVPC.id
126 "Environment" = var.environment_name
130 resource "aws_subnet" "d" {
131 vpc_id = aws_vpc.CSITVPC.id
132 cidr_block = var.vpc_cidr_d
133 availability_zone = var.avail_zone
134 depends_on = [aws_vpc.CSITVPC, aws_vpc_ipv4_cidr_block_association.d]
137 "Environment" = var.environment_name
141 resource "aws_subnet" "d" {
142 availability_zone = var.avail_zone
143 assign_ipv6_address_on_creation = false
144 cidr_block = var.vpc_cidr_d
147 aws_vpc_ipv4_cidr_block_association.d
149 map_public_ip_on_launch = false
150 vpc_id = aws_vpc.CSITVPC.id
153 "Environment" = var.environment_name
158 # Temporary key for provisioning only
159 resource "tls_private_key" "CSITTLS" {
165 resource "aws_key_pair" "CSITKP" {
166 key_name = "${var.resources_name_prefix}_${var.testbed_name}-key"
167 public_key = "${tls_private_key.CSITTLS.public_key_openssh}"
170 resource "aws_placement_group" "CSITPG" {
171 name = "${var.resources_name_prefix}_${var.testbed_name}-pg"
176 resource "aws_network_interface" "dut1_if1" {
182 private_ip = var.dut1_if1_ip
183 private_ips = [var.dut1_if1_ip]
184 security_groups = [aws_security_group.CSITSG.id]
185 source_dest_check = false
186 subnet_id = aws_subnet.b.id
189 instance = aws_instance.dut1.id
194 "Environment" = var.environment_name
198 resource "aws_network_interface" "dut1_if2" {
204 private_ip = var.dut1_if2_ip
205 private_ips = [var.dut1_if2_ip]
206 security_groups = [aws_security_group.CSITSG.id]
207 source_dest_check = false
208 subnet_id = aws_subnet.c.id
211 instance = aws_instance.dut1.id
216 "Environment" = var.environment_name
220 resource "aws_network_interface" "dut2_if1" {
226 private_ip = var.dut2_if2_ip
227 private_ips = [var.dut2_if2_ip]
228 security_groups = [aws_security_group.CSITSG.id]
229 source_dest_check = false
230 subnet_id = aws_subnet.c.id
233 instance = aws_instance.dut2.id
238 "Environment" = var.environment_name
242 resource "aws_network_interface" "dut2_if2" {
248 private_ip = var.dut2_if2_ip
249 private_ips = [var.dut2_if2_ip]
250 security_groups = [aws_security_group.CSITSG.id]
251 source_dest_check = false
252 subnet_id = aws_subnet.d.id
255 instance = aws_instance.dut2.id
260 "Environment" = var.environment_name
264 resource "aws_network_interface" "tg_if1" {
270 private_ip = var.tg_if1_ip
271 private_ips = [var.tg_if1_ip]
272 security_groups = [aws_security_group.CSITSG.id]
273 source_dest_check = false
274 subnet_id = aws_subnet.b.id
277 instance = aws_instance.tg.id
282 "Environment" = var.environment_name
286 resource "aws_network_interface" "tg_if2" {
292 private_ip = var.tg_if2_ip
293 private_ips = [var.tg_if2_ip]
294 security_groups = [aws_security_group.CSITSG.id]
295 source_dest_check = false
296 subnet_id = aws_subnet.d.id
299 instance = aws_instance.tg.id
304 "Environment" = var.environment_name
308 data "aws_network_interface" "dut1_if1" {
309 id = aws_network_interface.dut1_if1.id
312 data "aws_network_interface" "dut1_if2" {
313 id = aws_network_interface.dut1_if2.id
316 data "aws_network_interface" "dut2_if1" {
317 id = aws_network_interface.dut2_if1.id
320 data "aws_network_interface" "dut2_if2" {
321 id = aws_network_interface.dut2_if2.id
324 data "aws_network_interface" "tg_if1" {
325 id = aws_network_interface.tg_if1.id
328 data "aws_network_interface" "tg_if2" {
329 id = aws_network_interface.tg_if2.id
333 resource "aws_instance" "tg" {
336 aws_placement_group.CSITPG,
337 aws_security_group.CSITSG
339 ami = var.ami_image_tg
340 availability_zone = var.avail_zone
341 associate_public_ip_address = true
342 instance_initiated_shutdown_behavior = var.instance_initiated_shutdown_behavior
343 instance_type = var.instance_type
344 key_name = aws_key_pair.CSITKP.key_name
345 placement_group = aws_placement_group.CSITPG.id
346 private_ip = var.tg_mgmt_ip
347 source_dest_check = false
348 subnet_id = aws_subnet.mgmt.id
349 vpc_security_group_ids = [aws_security_group.CSITSG.id]
352 # root_block_device {
357 "Name" = "${var.resources_name_prefix}_${var.testbed_name}-tg"
358 "Environment" = var.environment_name
362 resource "aws_instance" "dut1" {
365 aws_placement_group.CSITPG,
368 ami = var.ami_image_sut
369 availability_zone = var.avail_zone
370 associate_public_ip_address = true
371 instance_initiated_shutdown_behavior = var.instance_initiated_shutdown_behavior
372 instance_type = var.instance_type
373 key_name = aws_key_pair.CSITKP.key_name
374 placement_group = aws_placement_group.CSITPG.id
375 private_ip = var.dut1_mgmt_ip
376 source_dest_check = false
377 subnet_id = aws_subnet.mgmt.id
378 vpc_security_group_ids = [aws_security_group.CSITSG.id]
381 # root_block_device {
386 "Name" = "${var.resources_name_prefix}_${var.testbed_name}-dut1"
387 "Environment" = var.environment_name
391 resource "aws_instance" "dut2" {
394 aws_placement_group.CSITPG,
398 ami = var.ami_image_sut
399 availability_zone = var.avail_zone
400 associate_public_ip_address = true
401 instance_initiated_shutdown_behavior = var.instance_initiated_shutdown_behavior
402 instance_type = var.instance_type
403 key_name = aws_key_pair.CSITKP.key_name
404 placement_group = aws_placement_group.CSITPG.id
405 private_ip = var.dut2_mgmt_ip
406 source_dest_check = false
407 subnet_id = aws_subnet.mgmt.id
408 vpc_security_group_ids = [aws_security_group.CSITSG.id]
411 # root_block_device {
416 "Name" = "${var.resources_name_prefix}_${var.testbed_name}-dut2"
417 "Environment" = var.environment_name
422 resource "aws_route" "CSIT-igw" {
425 aws_internet_gateway.CSITGW
427 destination_cidr_block = "0.0.0.0/0"
428 gateway_id = aws_internet_gateway.CSITGW.id
429 route_table_id = aws_vpc.CSITVPC.main_route_table_id
432 resource "aws_route" "dummy-trex-port-0" {
437 destination_cidr_block = var.trex_dummy_cidr_port_0
438 network_interface_id = aws_instance.tg.primary_network_interface_id
439 route_table_id = aws_vpc.CSITVPC.main_route_table_id
442 resource "aws_route" "dummy-trex-port-1" {
447 destination_cidr_block = var.trex_dummy_cidr_port_1
448 network_interface_id = aws_instance.tg.primary_network_interface_id
449 route_table_id = aws_vpc.CSITVPC.main_route_table_id
453 resource "null_resource" "deploy_tg" {
456 aws_network_interface.tg_if1,
457 aws_network_interface.tg_if2,
459 aws_network_interface.dut1_if1,
460 aws_network_interface.dut1_if2,
462 aws_network_interface.dut2_if1,
463 aws_network_interface.dut2_if2
468 host = aws_instance.tg.public_ip
469 private_key = tls_private_key.CSITTLS.private_key_pem
472 provisioner "remote-exec" {
473 inline = var.first_run_commands
476 # provisioner "ansible" {
479 # file_path = var.ansible_file_path
480 # force_handlers = true
484 # ansible_ssh_pass = var.ansible_provision_pwd
485 # ansible_python_interpreter = var.ansible_python_executable
491 # provisioner "remote-exec" {
492 # on_failure = continue
493 # inline = ["sudo reboot"]
497 resource "null_resource" "deploy_dut1" {
500 aws_network_interface.tg_if1,
501 aws_network_interface.tg_if2,
503 aws_network_interface.dut1_if1,
504 aws_network_interface.dut1_if2,
506 aws_network_interface.dut2_if1,
507 aws_network_interface.dut2_if2
512 host = aws_instance.dut1.public_ip
513 private_key = tls_private_key.CSITTLS.private_key_pem
516 provisioner "remote-exec" {
517 inline = var.first_run_commands
520 # provisioner "ansible" {
523 # file_path = var.ansible_file_path
524 # force_handlers = true
526 # hosts = ["sut_aws"]
528 # ansible_ssh_pass = var.ansible_provision_pwd
529 # ansible_python_interpreter = var.ansible_python_executable
535 # provisioner "remote-exec" {
536 # on_failure = continue
537 # inline = ["sudo reboot"]
541 resource "null_resource" "deploy_dut2" {
544 aws_network_interface.tg_if1,
545 aws_network_interface.tg_if2,
547 aws_network_interface.dut1_if1,
548 aws_network_interface.dut1_if2,
550 aws_network_interface.dut2_if1,
551 aws_network_interface.dut2_if2
556 host = aws_instance.dut2.public_ip
557 private_key = tls_private_key.CSITTLS.private_key_pem
560 provisioner "remote-exec" {
561 inline = var.first_run_commands
564 # provisioner "ansible" {
567 # file_path = var.ansible_file_path
568 # force_handlers = true
570 # hosts = ["sut_aws"]
572 # ansible_ssh_pass = var.ansible_provision_pwd
573 # ansible_python_interpreter = var.ansible_python_executable
579 # provisioner "remote-exec" {
580 # on_failure = continue
581 # inline = ["sudo reboot"]
585 resource "null_resource" "deploy_topology" {
592 provisioner "ansible" {
595 file_path = var.ansible_topology_path
599 ansible_python_interpreter = var.ansible_python_executable
600 testbed_name = var.testbed_name
601 cloud_topology = var.topology_name
602 tg_if1_mac = data.aws_network_interface.tg_if1.mac_address
603 tg_if2_mac = data.aws_network_interface.tg_if2.mac_address
604 dut1_if1_mac = data.aws_network_interface.dut1_if1.mac_address
605 dut1_if2_mac = data.aws_network_interface.dut1_if2.mac_address
606 dut2_if1_mac = data.aws_network_interface.dut2_if1.mac_address
607 dut2_if2_mac = data.aws_network_interface.dut2_if2.mac_address
608 tg_public_ip = aws_instance.tg.public_ip
609 dut1_public_ip = aws_instance.dut1.public_ip
610 dut2_public_ip = aws_instance.dut2.public_ip
611 public_ip_list = "${aws_instance.tg.public_ip},${aws_instance.dut1.public_ip},${aws_instance.dut2.public_ip}"