1 data "vault_aws_access_credentials" "creds" {
2 backend = "${var.vault-name}-path"
3 role = "${var.vault-name}-role"
6 resource "aws_vpc" "CSITVPC" {
7 assign_generated_ipv6_cidr_block = true
8 enable_dns_hostnames = false
9 enable_dns_support = true
10 cidr_block = var.vpc_cidr_mgmt
11 instance_tenancy = "default"
14 "Name" = "${var.resources_name_prefix}_${var.testbed_name}-vpc"
15 "Environment" = var.environment_name
19 resource "aws_security_group" "CSITSG" {
23 description = "Allow inbound traffic"
24 name = "${var.resources_name_prefix}_${var.testbed_name}-sg"
25 revoke_rules_on_delete = false
26 vpc_id = aws_vpc.CSITVPC.id
32 cidr_blocks = ["0.0.0.0/0"]
39 ipv6_cidr_blocks = ["::/0"]
47 ipv6_cidr_blocks = ["::/0"]
54 cidr_blocks = ["0.0.0.0/0"]
61 ipv6_cidr_blocks = ["::/0"]
65 "Name" = "${var.resources_name_prefix}_${var.testbed_name}-sg"
66 "Environment" = var.environment_name
70 resource "aws_vpc_ipv4_cidr_block_association" "b" {
74 cidr_block = var.vpc_cidr_b
75 vpc_id = aws_vpc.CSITVPC.id
78 resource "aws_vpc_ipv4_cidr_block_association" "c" {
82 cidr_block = var.vpc_cidr_c
83 vpc_id = aws_vpc.CSITVPC.id
86 resource "aws_vpc_ipv4_cidr_block_association" "d" {
90 cidr_block = var.vpc_cidr_d
91 vpc_id = aws_vpc.CSITVPC.id
95 resource "aws_subnet" "mgmt" {
96 availability_zone = var.avail_zone
97 assign_ipv6_address_on_creation = false
98 cidr_block = var.vpc_cidr_mgmt
102 ipv6_cidr_block = cidrsubnet(aws_vpc.CSITVPC.ipv6_cidr_block, 8, 1)
103 map_public_ip_on_launch = false
104 vpc_id = aws_vpc.CSITVPC.id
107 "Environment" = var.environment_name
111 resource "aws_subnet" "b" {
112 availability_zone = var.avail_zone
113 assign_ipv6_address_on_creation = false
114 cidr_block = var.vpc_cidr_b
117 aws_vpc_ipv4_cidr_block_association.b
119 ipv6_cidr_block = cidrsubnet(aws_vpc.CSITVPC.ipv6_cidr_block, 8, 2)
120 map_public_ip_on_launch = false
121 vpc_id = aws_vpc.CSITVPC.id
124 "Environment" = var.environment_name
128 resource "aws_subnet" "c" {
129 availability_zone = var.avail_zone
130 assign_ipv6_address_on_creation = false
131 cidr_block = var.vpc_cidr_c
134 aws_vpc_ipv4_cidr_block_association.c
136 ipv6_cidr_block = cidrsubnet(aws_vpc.CSITVPC.ipv6_cidr_block, 8, 3)
137 map_public_ip_on_launch = false
138 vpc_id = aws_vpc.CSITVPC.id
141 "Environment" = var.environment_name
145 resource "aws_subnet" "d" {
146 availability_zone = var.avail_zone
147 assign_ipv6_address_on_creation = false
148 cidr_block = var.vpc_cidr_d
151 aws_vpc_ipv4_cidr_block_association.d
153 ipv6_cidr_block = cidrsubnet(aws_vpc.CSITVPC.ipv6_cidr_block, 8, 4)
154 map_public_ip_on_launch = false
155 vpc_id = aws_vpc.CSITVPC.id
158 "Environment" = var.environment_name
162 resource "aws_internet_gateway" "CSITGW" {
166 vpc_id = aws_vpc.CSITVPC.id
169 "Environment" = var.environment_name
174 # Temporary key for provisioning only
175 resource "tls_private_key" "CSITTLS" {
181 resource "aws_key_pair" "CSITKP" {
182 key_name = "${var.resources_name_prefix}_${var.testbed_name}-key"
183 public_key = "${tls_private_key.CSITTLS.public_key_openssh}"
186 resource "aws_placement_group" "CSITPG" {
187 name = "${var.resources_name_prefix}_${var.testbed_name}-pg"
192 resource "aws_network_interface" "dut1_if1" {
198 private_ip = var.dut1_if1_ip
199 private_ips = [var.dut1_if1_ip]
200 security_groups = [aws_security_group.CSITSG.id]
201 source_dest_check = false
202 subnet_id = aws_subnet.b.id
205 instance = aws_instance.dut1.id
210 "Environment" = var.environment_name
214 resource "aws_network_interface" "dut1_if2" {
220 private_ip = var.dut1_if2_ip
221 private_ips = [var.dut1_if2_ip]
222 security_groups = [aws_security_group.CSITSG.id]
223 source_dest_check = false
224 subnet_id = aws_subnet.c.id
227 instance = aws_instance.dut1.id
232 "Environment" = var.environment_name
236 resource "aws_network_interface" "dut2_if1" {
242 private_ip = var.dut2_if1_ip
243 private_ips = [var.dut2_if1_ip]
244 security_groups = [aws_security_group.CSITSG.id]
245 source_dest_check = false
246 subnet_id = aws_subnet.c.id
249 instance = aws_instance.dut2.id
254 "Environment" = var.environment_name
258 resource "aws_network_interface" "dut2_if2" {
264 private_ip = var.dut2_if2_ip
265 private_ips = [var.dut2_if2_ip]
266 security_groups = [aws_security_group.CSITSG.id]
267 source_dest_check = false
268 subnet_id = aws_subnet.d.id
271 instance = aws_instance.dut2.id
276 "Environment" = var.environment_name
280 resource "aws_network_interface" "tg_if1" {
286 private_ip = var.tg_if1_ip
287 private_ips = [var.tg_if1_ip]
288 security_groups = [aws_security_group.CSITSG.id]
289 source_dest_check = false
290 subnet_id = aws_subnet.b.id
293 instance = aws_instance.tg.id
298 "Environment" = var.environment_name
302 resource "aws_network_interface" "tg_if2" {
308 private_ip = var.tg_if2_ip
309 private_ips = [var.tg_if2_ip]
310 security_groups = [aws_security_group.CSITSG.id]
311 source_dest_check = false
312 subnet_id = aws_subnet.d.id
315 instance = aws_instance.tg.id
320 "Environment" = var.environment_name
324 data "aws_network_interface" "dut1_if1" {
325 id = aws_network_interface.dut1_if1.id
328 data "aws_network_interface" "dut1_if2" {
329 id = aws_network_interface.dut1_if2.id
332 data "aws_network_interface" "dut2_if1" {
333 id = aws_network_interface.dut2_if1.id
336 data "aws_network_interface" "dut2_if2" {
337 id = aws_network_interface.dut2_if2.id
340 data "aws_network_interface" "tg_if1" {
341 id = aws_network_interface.tg_if1.id
344 data "aws_network_interface" "tg_if2" {
345 id = aws_network_interface.tg_if2.id
349 resource "aws_instance" "tg" {
352 aws_placement_group.CSITPG,
353 aws_security_group.CSITSG
355 ami = var.ami_image_tg
356 availability_zone = var.avail_zone
357 associate_public_ip_address = true
358 instance_initiated_shutdown_behavior = var.instance_initiated_shutdown_behavior
359 instance_type = var.instance_type
360 key_name = aws_key_pair.CSITKP.key_name
361 placement_group = aws_placement_group.CSITPG.id
362 private_ip = var.tg_mgmt_ip
363 source_dest_check = false
364 subnet_id = aws_subnet.mgmt.id
365 vpc_security_group_ids = [aws_security_group.CSITSG.id]
368 # root_block_device {
373 "Name" = "${var.resources_name_prefix}_${var.testbed_name}-tg"
374 "Environment" = var.environment_name
378 resource "aws_instance" "dut1" {
381 aws_placement_group.CSITPG,
384 ami = var.ami_image_sut
385 availability_zone = var.avail_zone
386 associate_public_ip_address = true
387 instance_initiated_shutdown_behavior = var.instance_initiated_shutdown_behavior
388 instance_type = var.instance_type
389 key_name = aws_key_pair.CSITKP.key_name
390 placement_group = aws_placement_group.CSITPG.id
391 private_ip = var.dut1_mgmt_ip
392 source_dest_check = false
393 subnet_id = aws_subnet.mgmt.id
394 vpc_security_group_ids = [aws_security_group.CSITSG.id]
397 # root_block_device {
402 "Name" = "${var.resources_name_prefix}_${var.testbed_name}-dut1"
403 "Environment" = var.environment_name
407 resource "aws_instance" "dut2" {
410 aws_placement_group.CSITPG,
414 ami = var.ami_image_sut
415 availability_zone = var.avail_zone
416 associate_public_ip_address = true
417 instance_initiated_shutdown_behavior = var.instance_initiated_shutdown_behavior
418 instance_type = var.instance_type
419 key_name = aws_key_pair.CSITKP.key_name
420 placement_group = aws_placement_group.CSITPG.id
421 private_ip = var.dut2_mgmt_ip
422 source_dest_check = false
423 subnet_id = aws_subnet.mgmt.id
424 vpc_security_group_ids = [aws_security_group.CSITSG.id]
427 # root_block_device {
432 "Name" = "${var.resources_name_prefix}_${var.testbed_name}-dut2"
433 "Environment" = var.environment_name
438 resource "aws_route" "CSIT-igw" {
441 aws_internet_gateway.CSITGW
443 destination_cidr_block = "0.0.0.0/0"
444 destination_ipv6_cidr_block = "::/0"
445 gateway_id = aws_internet_gateway.CSITGW.id
446 route_table_id = aws_vpc.CSITVPC.main_route_table_id
449 resource "aws_route" "dummy-trex-port-0" {
454 destination_cidr_block = var.trex_dummy_cidr_port_0
455 network_interface_id = aws_instance.tg.primary_network_interface_id
456 route_table_id = aws_vpc.CSITVPC.main_route_table_id
459 resource "aws_route" "dummy-trex-port-1" {
464 destination_cidr_block = var.trex_dummy_cidr_port_1
465 network_interface_id = aws_instance.tg.primary_network_interface_id
466 route_table_id = aws_vpc.CSITVPC.main_route_table_id
470 resource "null_resource" "deploy_tg" {
473 aws_network_interface.tg_if1,
474 aws_network_interface.tg_if2,
476 aws_network_interface.dut1_if1,
477 aws_network_interface.dut1_if2,
479 aws_network_interface.dut2_if1,
480 aws_network_interface.dut2_if2
485 host = aws_instance.tg.public_ip
486 private_key = tls_private_key.CSITTLS.private_key_pem
489 provisioner "remote-exec" {
490 inline = var.first_run_commands
493 # provisioner "ansible" {
496 # file_path = var.ansible_file_path
497 # force_handlers = true
501 # ansible_ssh_pass = var.ansible_provision_pwd
502 # ansible_python_interpreter = var.ansible_python_executable
508 # provisioner "remote-exec" {
509 # on_failure = continue
510 # inline = ["sudo reboot"]
514 resource "null_resource" "deploy_dut1" {
517 aws_network_interface.tg_if1,
518 aws_network_interface.tg_if2,
520 aws_network_interface.dut1_if1,
521 aws_network_interface.dut1_if2,
523 aws_network_interface.dut2_if1,
524 aws_network_interface.dut2_if2
529 host = aws_instance.dut1.public_ip
530 private_key = tls_private_key.CSITTLS.private_key_pem
533 provisioner "remote-exec" {
534 inline = var.first_run_commands
537 # provisioner "ansible" {
540 # file_path = var.ansible_file_path
541 # force_handlers = true
543 # hosts = ["sut_aws"]
545 # ansible_ssh_pass = var.ansible_provision_pwd
546 # ansible_python_interpreter = var.ansible_python_executable
552 # provisioner "remote-exec" {
553 # on_failure = continue
554 # inline = ["sudo reboot"]
558 resource "null_resource" "deploy_dut2" {
561 aws_network_interface.tg_if1,
562 aws_network_interface.tg_if2,
564 aws_network_interface.dut1_if1,
565 aws_network_interface.dut1_if2,
567 aws_network_interface.dut2_if1,
568 aws_network_interface.dut2_if2
573 host = aws_instance.dut2.public_ip
574 private_key = tls_private_key.CSITTLS.private_key_pem
577 provisioner "remote-exec" {
578 inline = var.first_run_commands
581 # provisioner "ansible" {
584 # file_path = var.ansible_file_path
585 # force_handlers = true
587 # hosts = ["sut_aws"]
589 # ansible_ssh_pass = var.ansible_provision_pwd
590 # ansible_python_interpreter = var.ansible_python_executable
596 # provisioner "remote-exec" {
597 # on_failure = continue
598 # inline = ["sudo reboot"]
602 resource "null_resource" "deploy_topology" {
609 provisioner "ansible" {
612 file_path = var.ansible_topology_path
616 ansible_python_interpreter = var.ansible_python_executable
617 testbed_name = var.testbed_name
618 cloud_topology = var.topology_name
619 tg_if1_mac = data.aws_network_interface.tg_if1.mac_address
620 tg_if2_mac = data.aws_network_interface.tg_if2.mac_address
621 dut1_if1_mac = data.aws_network_interface.dut1_if1.mac_address
622 dut1_if2_mac = data.aws_network_interface.dut1_if2.mac_address
623 dut2_if1_mac = data.aws_network_interface.dut2_if1.mac_address
624 dut2_if2_mac = data.aws_network_interface.dut2_if2.mac_address
625 tg_public_ip = aws_instance.tg.public_ip
626 dut1_public_ip = aws_instance.dut1.public_ip
627 dut2_public_ip = aws_instance.dut2.public_ip
628 public_ip_list = "${aws_instance.tg.public_ip},${aws_instance.dut1.public_ip},${aws_instance.dut2.public_ip}"