1 data "vault_aws_access_credentials" "creds" {
2 backend = "${var.vault-name}-path"
3 role = "${var.vault-name}-role"
6 resource "aws_vpc" "CSITVPC" {
7 cidr_block = var.vpc_cidr_mgmt
10 "Name" = "${var.resources_name_prefix}_${var.testbed_name}-vpc"
11 "Environment" = var.environment_name
15 resource "aws_security_group" "CSITSG" {
16 name = "${var.resources_name_prefix}_${var.testbed_name}-sg"
17 description = "Allow inbound traffic"
18 vpc_id = aws_vpc.CSITVPC.id
19 depends_on = [aws_vpc.CSITVPC]
25 cidr_blocks = ["0.0.0.0/0"]
39 cidr_blocks = ["0.0.0.0/0"]
43 "Name" = "${var.resources_name_prefix}_${var.testbed_name}-sg"
44 "Environment" = var.environment_name
48 resource "aws_vpc_ipv4_cidr_block_association" "b" {
49 vpc_id = aws_vpc.CSITVPC.id
50 cidr_block = var.vpc_cidr_b
51 depends_on = [aws_vpc.CSITVPC]
53 resource "aws_vpc_ipv4_cidr_block_association" "c" {
54 vpc_id = aws_vpc.CSITVPC.id
55 cidr_block = var.vpc_cidr_c
56 depends_on = [aws_vpc.CSITVPC]
58 resource "aws_vpc_ipv4_cidr_block_association" "d" {
59 vpc_id = aws_vpc.CSITVPC.id
60 cidr_block = var.vpc_cidr_d
61 depends_on = [aws_vpc.CSITVPC]
65 resource "aws_subnet" "mgmt" {
66 vpc_id = aws_vpc.CSITVPC.id
67 cidr_block = var.vpc_cidr_mgmt
68 availability_zone = var.avail_zone
69 depends_on = [aws_vpc.CSITVPC]
72 "Environment" = var.environment_name
75 resource "aws_subnet" "b" {
76 vpc_id = aws_vpc.CSITVPC.id
77 cidr_block = var.vpc_cidr_b
78 availability_zone = var.avail_zone
79 depends_on = [aws_vpc.CSITVPC, aws_vpc_ipv4_cidr_block_association.b]
82 "Environment" = var.environment_name
85 resource "aws_subnet" "c" {
86 vpc_id = aws_vpc.CSITVPC.id
87 cidr_block = var.vpc_cidr_c
88 availability_zone = var.avail_zone
89 depends_on = [aws_vpc.CSITVPC, aws_vpc_ipv4_cidr_block_association.c]
92 "Environment" = var.environment_name
95 resource "aws_subnet" "d" {
96 vpc_id = aws_vpc.CSITVPC.id
97 cidr_block = var.vpc_cidr_d
98 availability_zone = var.avail_zone
99 depends_on = [aws_vpc.CSITVPC, aws_vpc_ipv4_cidr_block_association.d]
102 "Environment" = var.environment_name
106 resource "aws_internet_gateway" "CSITGW" {
107 vpc_id = aws_vpc.CSITVPC.id
108 depends_on = [aws_vpc.CSITVPC]
111 "Environment" = var.environment_name
116 # Temporary key for provisioning only
117 resource "tls_private_key" "CSITTLS" {
121 resource "aws_key_pair" "CSITKP" {
122 key_name = "CSIT_3n_aws_c5n_${var.testbed_name}-key"
123 public_key = tls_private_key.CSITTLS.public_key_openssh
126 resource "aws_placement_group" "CSITPG" {
127 name = "${var.resources_name_prefix}_${var.testbed_name}-pg"
132 resource "aws_network_interface" "dut1_if1" {
133 subnet_id = aws_subnet.b.id
134 source_dest_check = false
135 private_ip = var.dut1_if1_ip
136 private_ips = [var.dut1_if1_ip]
137 security_groups = [aws_security_group.CSITSG.id]
138 depends_on = [aws_vpc.CSITVPC, aws_subnet.b, aws_instance.dut1]
141 instance = aws_instance.dut1.id
146 "Environment" = var.environment_name
150 resource "aws_network_interface" "dut1_if2" {
151 subnet_id = aws_subnet.c.id
152 source_dest_check = false
153 private_ip = var.dut1_if2_ip
154 private_ips = [var.dut1_if2_ip]
155 security_groups = [aws_security_group.CSITSG.id]
156 depends_on = [aws_vpc.CSITVPC, aws_subnet.c, aws_instance.dut1]
159 instance = aws_instance.dut1.id
164 "Environment" = var.environment_name
168 resource "aws_network_interface" "dut2_if1" {
169 subnet_id = aws_subnet.c.id
170 source_dest_check = false
171 private_ip = var.dut2_if1_ip
172 private_ips = [var.dut2_if1_ip]
173 security_groups = [aws_security_group.CSITSG.id]
174 depends_on = [aws_vpc.CSITVPC, aws_subnet.c, aws_instance.dut2]
177 instance = aws_instance.dut2.id
182 "Environment" = var.environment_name
186 resource "aws_network_interface" "dut2_if2" {
187 subnet_id = aws_subnet.d.id
188 source_dest_check = false
189 private_ip = var.dut2_if2_ip
190 private_ips = [var.dut2_if2_ip]
191 security_groups = [aws_security_group.CSITSG.id]
192 depends_on = [aws_vpc.CSITVPC, aws_subnet.d, aws_instance.dut2]
195 instance = aws_instance.dut2.id
200 "Environment" = var.environment_name
204 resource "aws_network_interface" "tg_if1" {
205 subnet_id = aws_subnet.b.id
206 source_dest_check = false
207 private_ip = var.tg_if1_ip
208 private_ips = [var.tg_if1_ip]
209 security_groups = [aws_security_group.CSITSG.id]
210 depends_on = [aws_vpc.CSITVPC, aws_subnet.b, aws_instance.tg]
213 instance = aws_instance.tg.id
218 "Environment" = var.environment_name
222 resource "aws_network_interface" "tg_if2" {
223 subnet_id = aws_subnet.d.id
224 source_dest_check = false
225 private_ip = var.tg_if2_ip
226 private_ips = [var.tg_if2_ip]
227 security_groups = [aws_security_group.CSITSG.id]
228 depends_on = [aws_vpc.CSITVPC, aws_subnet.d, aws_instance.tg]
231 instance = aws_instance.tg.id
236 "Environment" = var.environment_name
240 data "aws_network_interface" "dut1_if1" {
241 id = aws_network_interface.dut1_if1.id
244 data "aws_network_interface" "dut1_if2" {
245 id = aws_network_interface.dut1_if2.id
248 data "aws_network_interface" "dut2_if1" {
249 id = aws_network_interface.dut2_if1.id
252 data "aws_network_interface" "dut2_if2" {
253 id = aws_network_interface.dut2_if2.id
256 data "aws_network_interface" "tg_if1" {
257 id = aws_network_interface.tg_if1.id
260 data "aws_network_interface" "tg_if2" {
261 id = aws_network_interface.tg_if2.id
265 resource "aws_instance" "tg" {
267 availability_zone = var.avail_zone
268 instance_initiated_shutdown_behavior = var.instance_initiated_shutdown_behavior
269 instance_type = var.instance_type
270 key_name = aws_key_pair.CSITKP.key_name
271 associate_public_ip_address = true
272 subnet_id = aws_subnet.mgmt.id
273 private_ip = var.tg_mgmt_ip
274 vpc_security_group_ids = [aws_security_group.CSITSG.id]
275 placement_group = aws_placement_group.CSITPG.id
276 source_dest_check = false
281 aws_placement_group.CSITPG,
289 "Name" = "${var.resources_name_prefix}_${var.testbed_name}-tg"
290 "Environment" = var.environment_name
294 resource "aws_instance" "dut1" {
296 availability_zone = var.avail_zone
297 instance_initiated_shutdown_behavior = var.instance_initiated_shutdown_behavior
298 instance_type = var.instance_type
299 key_name = aws_key_pair.CSITKP.key_name
300 associate_public_ip_address = true
301 subnet_id = aws_subnet.mgmt.id
302 private_ip = var.dut1_mgmt_ip
303 vpc_security_group_ids = [aws_security_group.CSITSG.id]
304 placement_group = aws_placement_group.CSITPG.id
305 source_dest_check = false
310 aws_placement_group.CSITPG,
319 "Name" = "${var.resources_name_prefix}_${var.testbed_name}-dut1"
320 "Environment" = var.environment_name
324 resource "aws_instance" "dut2" {
326 availability_zone = var.avail_zone
327 instance_type = var.instance_type
328 key_name = aws_key_pair.CSITKP.key_name
329 associate_public_ip_address = true
330 subnet_id = aws_subnet.mgmt.id
331 private_ip = var.dut2_mgmt_ip
332 vpc_security_group_ids = [aws_security_group.CSITSG.id]
333 placement_group = aws_placement_group.CSITPG.id
334 source_dest_check = false
339 aws_placement_group.CSITPG,
349 "Name" = "${var.resources_name_prefix}_${var.testbed_name}-dut2"
350 "Environment" = var.environment_name
355 resource "aws_route" "CSIT-igw" {
356 route_table_id = aws_vpc.CSITVPC.main_route_table_id
357 gateway_id = aws_internet_gateway.CSITGW.id
358 destination_cidr_block = "0.0.0.0/0"
359 depends_on = [aws_vpc.CSITVPC, aws_internet_gateway.CSITGW]
361 resource "aws_route" "dummy-trex-port-0" {
362 route_table_id = aws_vpc.CSITVPC.main_route_table_id
363 network_interface_id = aws_instance.tg.primary_network_interface_id
364 destination_cidr_block = var.trex_dummy_cidr_port_0
365 depends_on = [aws_vpc.CSITVPC, aws_instance.dut1]
367 resource "aws_route" "dummy-trex-port-1" {
368 route_table_id = aws_vpc.CSITVPC.main_route_table_id
369 network_interface_id = aws_instance.tg.primary_network_interface_id
370 destination_cidr_block = var.trex_dummy_cidr_port_1
371 depends_on = [aws_vpc.CSITVPC, aws_instance.dut1]
375 resource "null_resource" "deploy_tg" {
378 aws_network_interface.tg_if1,
379 aws_network_interface.tg_if2,
381 aws_network_interface.dut1_if1,
382 aws_network_interface.dut1_if2,
384 aws_network_interface.dut2_if1,
385 aws_network_interface.dut2_if2
390 host = aws_instance.tg.public_ip
391 private_key = tls_private_key.CSITTLS.private_key_pem
394 provisioner "remote-exec" {
395 inline = var.first_run_commands
398 provisioner "ansible" {
401 file_path = var.ansible_file_path
402 force_handlers = true
406 ansible_ssh_pass = var.ansible_provision_pwd
407 ansible_python_interpreter = var.ansible_python_executable
413 provisioner "remote-exec" {
414 on_failure = continue
415 inline = ["sudo reboot"]
419 resource "null_resource" "deploy_dut1" {
422 aws_network_interface.tg_if1,
423 aws_network_interface.tg_if2,
425 aws_network_interface.dut1_if1,
426 aws_network_interface.dut1_if2,
428 aws_network_interface.dut2_if1,
429 aws_network_interface.dut2_if2
434 host = aws_instance.dut1.public_ip
435 private_key = tls_private_key.CSITTLS.private_key_pem
438 provisioner "remote-exec" {
439 inline = var.first_run_commands
442 provisioner "ansible" {
445 file_path = var.ansible_file_path
446 force_handlers = true
450 ansible_ssh_pass = var.ansible_provision_pwd
451 ansible_python_interpreter = var.ansible_python_executable
457 provisioner "remote-exec" {
458 on_failure = continue
459 inline = ["sudo reboot"]
463 resource "null_resource" "deploy_dut2" {
466 aws_network_interface.tg_if1,
467 aws_network_interface.tg_if2,
469 aws_network_interface.dut1_if1,
470 aws_network_interface.dut1_if2,
472 aws_network_interface.dut2_if1,
473 aws_network_interface.dut2_if2
478 host = aws_instance.dut2.public_ip
479 private_key = tls_private_key.CSITTLS.private_key_pem
482 provisioner "remote-exec" {
483 inline = var.first_run_commands
486 provisioner "ansible" {
489 file_path = var.ansible_file_path
490 force_handlers = true
494 ansible_ssh_pass = var.ansible_provision_pwd
495 ansible_python_interpreter = var.ansible_python_executable
501 provisioner "remote-exec" {
502 on_failure = continue
503 inline = ["sudo reboot"]
507 resource "null_resource" "deploy_topology" {
508 depends_on = [ aws_instance.tg, aws_instance.dut1, aws_instance.dut2 ]
510 provisioner "ansible" {
513 file_path = var.ansible_topology_path
517 ansible_python_interpreter = var.ansible_python_executable
518 testbed_name = var.testbed_name
519 cloud_topology = var.topology_name
520 tg_if1_mac = data.aws_network_interface.tg_if1.mac_address
521 tg_if2_mac = data.aws_network_interface.tg_if2.mac_address
522 dut1_if1_mac = data.aws_network_interface.dut1_if1.mac_address
523 dut1_if2_mac = data.aws_network_interface.dut1_if2.mac_address
524 dut2_if1_mac = data.aws_network_interface.dut2_if1.mac_address
525 dut2_if2_mac = data.aws_network_interface.dut2_if2.mac_address
526 tg_public_ip = aws_instance.tg.public_ip
527 dut1_public_ip = aws_instance.dut1.public_ip
528 dut2_public_ip = aws_instance.dut2.public_ip
529 public_ip_list = "${aws_instance.tg.public_ip},${aws_instance.dut1.public_ip},${aws_instance.dut2.public_ip}"