1 data "vault_aws_access_credentials" "creds" {
2 backend = "${var.vault-name}-path"
3 role = "${var.vault-name}-role"
6 resource "aws_vpc" "CSITVPC" {
7 cidr_block = var.vpc_cidr_mgmt
10 "Name" = "${var.resources_name_prefix}_${var.testbed_name}-vpc"
11 "Environment" = var.environment_name
15 resource "aws_security_group" "CSITSG" {
16 name = "${var.resources_name_prefix}_${var.testbed_name}-sg"
17 description = "Allow inbound traffic"
18 vpc_id = aws_vpc.CSITVPC.id
19 depends_on = [aws_vpc.CSITVPC]
25 cidr_blocks = ["0.0.0.0/0"]
39 cidr_blocks = ["0.0.0.0/0"]
43 "Name" = "${var.resources_name_prefix}_${var.testbed_name}-sg"
44 "Environment" = var.environment_name
48 resource "aws_vpc_ipv4_cidr_block_association" "b" {
49 vpc_id = aws_vpc.CSITVPC.id
50 cidr_block = var.vpc_cidr_b
51 depends_on = [aws_vpc.CSITVPC]
53 resource "aws_vpc_ipv4_cidr_block_association" "c" {
54 vpc_id = aws_vpc.CSITVPC.id
55 cidr_block = var.vpc_cidr_c
56 depends_on = [aws_vpc.CSITVPC]
58 resource "aws_vpc_ipv4_cidr_block_association" "d" {
59 vpc_id = aws_vpc.CSITVPC.id
60 cidr_block = var.vpc_cidr_d
61 depends_on = [aws_vpc.CSITVPC]
65 resource "aws_subnet" "mgmt" {
66 vpc_id = aws_vpc.CSITVPC.id
67 cidr_block = var.vpc_cidr_mgmt
68 availability_zone = var.avail_zone
69 depends_on = [aws_vpc.CSITVPC]
72 "Environment" = var.environment_name
75 resource "aws_subnet" "b" {
76 vpc_id = aws_vpc.CSITVPC.id
77 cidr_block = var.vpc_cidr_b
78 availability_zone = var.avail_zone
79 depends_on = [aws_vpc.CSITVPC, aws_vpc_ipv4_cidr_block_association.b]
82 "Environment" = var.environment_name
85 resource "aws_subnet" "c" {
86 vpc_id = aws_vpc.CSITVPC.id
87 cidr_block = var.vpc_cidr_c
88 availability_zone = var.avail_zone
89 depends_on = [aws_vpc.CSITVPC, aws_vpc_ipv4_cidr_block_association.c]
92 "Environment" = var.environment_name
95 resource "aws_subnet" "d" {
96 vpc_id = aws_vpc.CSITVPC.id
97 cidr_block = var.vpc_cidr_d
98 availability_zone = var.avail_zone
99 depends_on = [aws_vpc.CSITVPC, aws_vpc_ipv4_cidr_block_association.d]
102 "Environment" = var.environment_name
106 resource "aws_internet_gateway" "CSITGW" {
107 vpc_id = aws_vpc.CSITVPC.id
108 depends_on = [aws_vpc.CSITVPC]
111 "Environment" = var.environment_name
116 # Temporary key for provisioning only
117 resource "tls_private_key" "CSITTLS" {
121 resource "aws_key_pair" "CSITKP" {
122 key_name = "${var.resources_name_prefix}_${var.testbed_name}-key"
123 public_key = tls_private_key.CSITTLS.public_key_openssh
126 resource "aws_placement_group" "CSITPG" {
127 name = "${var.resources_name_prefix}_${var.testbed_name}-pg"
132 resource "aws_network_interface" "dut1_if1" {
133 subnet_id = aws_subnet.b.id
134 source_dest_check = false
135 private_ip = var.dut1_if1_ip
136 private_ips = [var.dut1_if1_ip]
137 security_groups = [aws_security_group.CSITSG.id]
138 depends_on = [aws_vpc.CSITVPC, aws_subnet.b, aws_instance.dut1]
141 instance = aws_instance.dut1.id
146 "Environment" = var.environment_name
150 resource "aws_network_interface" "dut1_if2" {
151 subnet_id = aws_subnet.d.id
152 source_dest_check = false
153 private_ip = var.dut1_if2_ip
154 private_ips = [var.dut1_if2_ip]
155 security_groups = [aws_security_group.CSITSG.id]
156 depends_on = [aws_vpc.CSITVPC, aws_subnet.d, aws_instance.dut1]
159 instance = aws_instance.dut1.id
164 "Environment" = var.environment_name
168 resource "aws_network_interface" "tg_if1" {
169 subnet_id = aws_subnet.b.id
170 source_dest_check = false
171 private_ip = var.tg_if1_ip
172 private_ips = [var.tg_if1_ip]
173 security_groups = [aws_security_group.CSITSG.id]
174 depends_on = [aws_vpc.CSITVPC, aws_subnet.b, aws_instance.tg]
177 instance = aws_instance.tg.id
182 "Environment" = var.environment_name
186 resource "aws_network_interface" "tg_if2" {
187 subnet_id = aws_subnet.d.id
188 source_dest_check = false
189 private_ip = var.tg_if2_ip
190 private_ips = [var.tg_if2_ip]
191 security_groups = [aws_security_group.CSITSG.id]
192 depends_on = [aws_vpc.CSITVPC, aws_subnet.d, aws_instance.tg]
195 instance = aws_instance.tg.id
200 "Environment" = var.environment_name
204 data "aws_network_interface" "dut1_if1" {
205 id = aws_network_interface.dut1_if1.id
208 data "aws_network_interface" "dut1_if2" {
209 id = aws_network_interface.dut1_if2.id
212 data "aws_network_interface" "tg_if1" {
213 id = aws_network_interface.tg_if1.id
216 data "aws_network_interface" "tg_if2" {
217 id = aws_network_interface.tg_if2.id
221 resource "aws_instance" "tg" {
222 depends_on = [aws_vpc.CSITVPC, aws_placement_group.CSITPG]
224 availability_zone = var.avail_zone
225 instance_type = var.instance_type
226 key_name = aws_key_pair.CSITKP.key_name
227 associate_public_ip_address = true
228 subnet_id = aws_subnet.mgmt.id
229 private_ip = var.tg_mgmt_ip
230 vpc_security_group_ids = [aws_security_group.CSITSG.id]
231 placement_group = aws_placement_group.CSITPG.id
232 source_dest_check = false
240 "Name" = "${var.resources_name_prefix}_${var.testbed_name}-tg"
241 "Environment" = var.environment_name
245 resource "aws_instance" "dut1" {
246 depends_on = [aws_vpc.CSITVPC, aws_placement_group.CSITPG, aws_instance.tg]
248 availability_zone = var.avail_zone
249 instance_type = var.instance_type
250 key_name = aws_key_pair.CSITKP.key_name
251 associate_public_ip_address = true
252 subnet_id = aws_subnet.mgmt.id
253 private_ip = var.dut1_mgmt_ip
254 vpc_security_group_ids = [aws_security_group.CSITSG.id]
255 placement_group = aws_placement_group.CSITPG.id
256 source_dest_check = false
264 "Name" = "${var.resources_name_prefix}_${var.testbed_name}-dut1"
265 "Environment" = var.environment_name
270 resource "aws_route" "CSIT-igw" {
271 route_table_id = aws_vpc.CSITVPC.main_route_table_id
272 gateway_id = aws_internet_gateway.CSITGW.id
273 destination_cidr_block = "0.0.0.0/0"
274 depends_on = [aws_vpc.CSITVPC, aws_internet_gateway.CSITGW]
277 resource "aws_route" "dummy-trex-port-0" {
278 route_table_id = aws_vpc.CSITVPC.main_route_table_id
279 network_interface_id = aws_instance.tg.primary_network_interface_id
280 destination_cidr_block = var.trex_dummy_cidr_port_0
281 depends_on = [aws_vpc.CSITVPC, aws_instance.dut1]
284 resource "aws_route" "dummy-trex-port-1" {
285 route_table_id = aws_vpc.CSITVPC.main_route_table_id
286 network_interface_id = aws_instance.tg.primary_network_interface_id
287 destination_cidr_block = var.trex_dummy_cidr_port_1
288 depends_on = [aws_vpc.CSITVPC, aws_instance.dut1]
292 resource "null_resource" "deploy_tg" {
295 aws_network_interface.tg_if1,
296 aws_network_interface.tg_if2,
298 aws_network_interface.dut1_if1,
299 aws_network_interface.dut1_if2
304 host = aws_instance.tg.public_ip
305 private_key = tls_private_key.CSITTLS.private_key_pem
308 provisioner "remote-exec" {
309 inline = var.first_run_commands
312 provisioner "ansible" {
315 file_path = var.ansible_file_path
316 force_handlers = true
320 ansible_ssh_pass = var.ansible_provision_pwd
321 ansible_python_interpreter = var.ansible_python_executable
327 provisioner "remote-exec" {
328 on_failure = continue
329 inline = ["sudo reboot"]
333 resource "null_resource" "deploy_dut1" {
336 aws_network_interface.tg_if1,
337 aws_network_interface.tg_if2,
339 aws_network_interface.dut1_if1,
340 aws_network_interface.dut1_if2
345 host = aws_instance.dut1.public_ip
346 private_key = tls_private_key.CSITTLS.private_key_pem
349 provisioner "remote-exec" {
350 inline = var.first_run_commands
353 provisioner "ansible" {
356 file_path = var.ansible_file_path
357 force_handlers = true
361 ansible_ssh_pass = var.ansible_provision_pwd
362 ansible_python_interpreter = var.ansible_python_executable
368 provisioner "remote-exec" {
369 on_failure = continue
370 inline = ["sudo reboot"]
374 resource "null_resource" "deploy_topology" {
375 depends_on = [ aws_instance.tg, aws_instance.dut1 ]
377 provisioner "ansible" {
380 file_path = var.ansible_topology_path
384 ansible_python_interpreter = var.ansible_python_executable
385 testbed_name = var.testbed_name
386 cloud_topology = var.topology_name
387 tg_if1_mac = data.aws_network_interface.tg_if1.mac_address
388 tg_if2_mac = data.aws_network_interface.tg_if2.mac_address
389 dut1_if1_mac = data.aws_network_interface.dut1_if1.mac_address
390 dut1_if2_mac = data.aws_network_interface.dut1_if2.mac_address
391 tg_public_ip = aws_instance.tg.public_ip
392 dut1_public_ip = aws_instance.dut1.public_ip
393 public_ip_list = "${aws_instance.tg.public_ip},${aws_instance.dut1.public_ip}"