1 data "vault_aws_access_credentials" "creds" {
2 backend = "${var.vault-name}-path"
3 role = "${var.vault-name}-role"
6 resource "aws_vpc" "CSITVPC" {
7 cidr_block = var.vpc_cidr_mgmt
10 "Name" = "${var.resources_name_prefix}_${var.testbed_name}-vpc"
11 "Environment" = var.environment_name
15 resource "aws_security_group" "CSITSG" {
16 name = "${var.resources_name_prefix}_${var.testbed_name}-sg"
17 description = "Allow inbound traffic"
18 vpc_id = aws_vpc.CSITVPC.id
19 depends_on = [aws_vpc.CSITVPC]
25 cidr_blocks = ["0.0.0.0/0"]
39 cidr_blocks = ["0.0.0.0/0"]
43 "Name" = "${var.resources_name_prefix}_${var.testbed_name}-sg"
44 "Environment" = var.environment_name
48 resource "aws_vpc_ipv4_cidr_block_association" "b" {
49 vpc_id = aws_vpc.CSITVPC.id
50 cidr_block = var.vpc_cidr_b
51 depends_on = [aws_vpc.CSITVPC]
53 resource "aws_vpc_ipv4_cidr_block_association" "c" {
54 vpc_id = aws_vpc.CSITVPC.id
55 cidr_block = var.vpc_cidr_c
56 depends_on = [aws_vpc.CSITVPC]
58 resource "aws_vpc_ipv4_cidr_block_association" "d" {
59 vpc_id = aws_vpc.CSITVPC.id
60 cidr_block = var.vpc_cidr_d
61 depends_on = [aws_vpc.CSITVPC]
65 resource "aws_subnet" "mgmt" {
66 vpc_id = aws_vpc.CSITVPC.id
67 cidr_block = var.vpc_cidr_mgmt
68 availability_zone = var.avail_zone
69 depends_on = [aws_vpc.CSITVPC]
72 "Environment" = var.environment_name
75 resource "aws_subnet" "b" {
76 vpc_id = aws_vpc.CSITVPC.id
77 cidr_block = var.vpc_cidr_b
78 availability_zone = var.avail_zone
79 depends_on = [aws_vpc.CSITVPC, aws_vpc_ipv4_cidr_block_association.b]
82 "Environment" = var.environment_name
85 resource "aws_subnet" "c" {
86 vpc_id = aws_vpc.CSITVPC.id
87 cidr_block = var.vpc_cidr_c
88 availability_zone = var.avail_zone
89 depends_on = [aws_vpc.CSITVPC, aws_vpc_ipv4_cidr_block_association.c]
92 "Environment" = var.environment_name
95 resource "aws_subnet" "d" {
96 vpc_id = aws_vpc.CSITVPC.id
97 cidr_block = var.vpc_cidr_d
98 availability_zone = var.avail_zone
99 depends_on = [aws_vpc.CSITVPC, aws_vpc_ipv4_cidr_block_association.d]
102 "Environment" = var.environment_name
106 resource "aws_internet_gateway" "CSITGW" {
107 vpc_id = aws_vpc.CSITVPC.id
108 depends_on = [aws_vpc.CSITVPC]
111 "Environment" = var.environment_name
116 # Temporary key for provisioning only
117 resource "tls_private_key" "CSITTLS" {
121 resource "aws_key_pair" "CSITKP" {
122 key_name = "CSIT_3n_aws_c5n_${var.testbed_name}-key"
123 public_key = tls_private_key.CSITTLS.public_key_openssh
126 resource "aws_placement_group" "CSITPG" {
127 name = "${var.resources_name_prefix}_${var.testbed_name}-pg"
132 resource "aws_network_interface" "dut1_if1" {
133 subnet_id = aws_subnet.b.id
134 source_dest_check = false
135 private_ip = var.dut1_if1_ip
136 private_ips = [var.dut1_if1_ip]
137 security_groups = [aws_security_group.CSITSG.id]
138 depends_on = [aws_vpc.CSITVPC, aws_subnet.b, aws_instance.dut1]
141 instance = aws_instance.dut1.id
146 "Environment" = var.environment_name
150 resource "aws_network_interface" "dut1_if2" {
151 subnet_id = aws_subnet.c.id
152 source_dest_check = false
153 private_ip = var.dut1_if2_ip
154 private_ips = [var.dut1_if2_ip]
155 security_groups = [aws_security_group.CSITSG.id]
156 depends_on = [aws_vpc.CSITVPC, aws_subnet.c, aws_instance.dut1]
159 instance = aws_instance.dut1.id
164 "Environment" = var.environment_name
168 resource "aws_network_interface" "dut2_if1" {
169 subnet_id = aws_subnet.c.id
170 source_dest_check = false
171 private_ip = var.dut2_if1_ip
172 private_ips = [var.dut2_if1_ip]
173 security_groups = [aws_security_group.CSITSG.id]
174 depends_on = [aws_vpc.CSITVPC, aws_subnet.c, aws_instance.dut2]
177 instance = aws_instance.dut2.id
182 "Environment" = var.environment_name
186 resource "aws_network_interface" "dut2_if2" {
187 subnet_id = aws_subnet.d.id
188 source_dest_check = false
189 private_ip = var.dut2_if2_ip
190 private_ips = [var.dut2_if2_ip]
191 security_groups = [aws_security_group.CSITSG.id]
192 depends_on = [aws_vpc.CSITVPC, aws_subnet.d, aws_instance.dut2]
195 instance = aws_instance.dut2.id
200 "Environment" = var.environment_name
204 resource "aws_network_interface" "tg_if1" {
205 subnet_id = aws_subnet.b.id
206 source_dest_check = false
207 private_ip = var.tg_if1_ip
208 private_ips = [var.tg_if1_ip]
209 security_groups = [aws_security_group.CSITSG.id]
210 depends_on = [aws_vpc.CSITVPC, aws_subnet.b, aws_instance.tg]
213 instance = aws_instance.tg.id
218 "Environment" = var.environment_name
222 resource "aws_network_interface" "tg_if2" {
223 subnet_id = aws_subnet.d.id
224 source_dest_check = false
225 private_ip = var.tg_if2_ip
226 private_ips = [var.tg_if2_ip]
227 security_groups = [aws_security_group.CSITSG.id]
228 depends_on = [aws_vpc.CSITVPC, aws_subnet.d, aws_instance.tg]
231 instance = aws_instance.tg.id
236 "Environment" = var.environment_name
240 data "aws_network_interface" "dut1_if1" {
241 id = aws_network_interface.dut1_if1.id
244 data "aws_network_interface" "dut1_if2" {
245 id = aws_network_interface.dut1_if2.id
248 data "aws_network_interface" "dut2_if1" {
249 id = aws_network_interface.dut2_if1.id
252 data "aws_network_interface" "dut2_if2" {
253 id = aws_network_interface.dut2_if2.id
256 data "aws_network_interface" "tg_if1" {
257 id = aws_network_interface.tg_if1.id
260 data "aws_network_interface" "tg_if2" {
261 id = aws_network_interface.tg_if2.id
265 resource "aws_instance" "tg" {
267 availability_zone = var.avail_zone
268 instance_type = var.instance_type
269 key_name = aws_key_pair.CSITKP.key_name
270 associate_public_ip_address = true
271 subnet_id = aws_subnet.mgmt.id
272 private_ip = var.tg_mgmt_ip
273 vpc_security_group_ids = [aws_security_group.CSITSG.id]
274 placement_group = aws_placement_group.CSITPG.id
275 source_dest_check = false
280 aws_placement_group.CSITPG,
288 "Name" = "${var.resources_name_prefix}_${var.testbed_name}-tg"
289 "Environment" = var.environment_name
293 resource "aws_instance" "dut1" {
295 availability_zone = var.avail_zone
296 instance_type = var.instance_type
297 key_name = aws_key_pair.CSITKP.key_name
298 associate_public_ip_address = true
299 subnet_id = aws_subnet.mgmt.id
300 private_ip = var.dut1_mgmt_ip
301 vpc_security_group_ids = [aws_security_group.CSITSG.id]
302 placement_group = aws_placement_group.CSITPG.id
303 source_dest_check = false
308 aws_placement_group.CSITPG,
317 "Name" = "${var.resources_name_prefix}_${var.testbed_name}-dut1"
318 "Environment" = var.environment_name
322 resource "aws_instance" "dut2" {
324 availability_zone = var.avail_zone
325 instance_type = var.instance_type
326 key_name = aws_key_pair.CSITKP.key_name
327 associate_public_ip_address = true
328 subnet_id = aws_subnet.mgmt.id
329 private_ip = var.dut2_mgmt_ip
330 vpc_security_group_ids = [aws_security_group.CSITSG.id]
331 placement_group = aws_placement_group.CSITPG.id
332 source_dest_check = false
337 aws_placement_group.CSITPG,
347 "Name" = "${var.resources_name_prefix}_${var.testbed_name}-dut2"
348 "Environment" = var.environment_name
353 resource "aws_route" "CSIT-igw" {
354 route_table_id = aws_vpc.CSITVPC.main_route_table_id
355 gateway_id = aws_internet_gateway.CSITGW.id
356 destination_cidr_block = "0.0.0.0/0"
357 depends_on = [aws_vpc.CSITVPC, aws_internet_gateway.CSITGW]
359 resource "aws_route" "dummy-trex-port-0" {
360 route_table_id = aws_vpc.CSITVPC.main_route_table_id
361 network_interface_id = aws_instance.tg.primary_network_interface_id
362 destination_cidr_block = var.trex_dummy_cidr_port_0
363 depends_on = [aws_vpc.CSITVPC, aws_instance.dut1]
365 resource "aws_route" "dummy-trex-port-1" {
366 route_table_id = aws_vpc.CSITVPC.main_route_table_id
367 network_interface_id = aws_instance.tg.primary_network_interface_id
368 destination_cidr_block = var.trex_dummy_cidr_port_1
369 depends_on = [aws_vpc.CSITVPC, aws_instance.dut1]
373 resource "null_resource" "deploy_tg" {
376 aws_network_interface.tg_if1,
377 aws_network_interface.tg_if2,
379 aws_network_interface.dut1_if1,
380 aws_network_interface.dut1_if2,
382 aws_network_interface.dut2_if1,
383 aws_network_interface.dut2_if2
388 host = aws_instance.tg.public_ip
389 private_key = tls_private_key.CSITTLS.private_key_pem
392 provisioner "remote-exec" {
393 inline = var.first_run_commands
396 provisioner "ansible" {
399 file_path = var.ansible_file_path
400 force_handlers = true
404 ansible_ssh_pass = var.ansible_provision_pwd
405 ansible_python_interpreter = var.ansible_python_executable
411 provisioner "remote-exec" {
412 on_failure = continue
413 inline = ["sudo reboot"]
417 resource "null_resource" "deploy_dut1" {
420 aws_network_interface.tg_if1,
421 aws_network_interface.tg_if2,
423 aws_network_interface.dut1_if1,
424 aws_network_interface.dut1_if2,
426 aws_network_interface.dut2_if1,
427 aws_network_interface.dut2_if2
432 host = aws_instance.dut1.public_ip
433 private_key = tls_private_key.CSITTLS.private_key_pem
436 provisioner "remote-exec" {
437 inline = var.first_run_commands
440 provisioner "ansible" {
443 file_path = var.ansible_file_path
444 force_handlers = true
448 ansible_ssh_pass = var.ansible_provision_pwd
449 ansible_python_interpreter = var.ansible_python_executable
455 provisioner "remote-exec" {
456 on_failure = continue
457 inline = ["sudo reboot"]
461 resource "null_resource" "deploy_dut2" {
464 aws_network_interface.tg_if1,
465 aws_network_interface.tg_if2,
467 aws_network_interface.dut1_if1,
468 aws_network_interface.dut1_if2,
470 aws_network_interface.dut2_if1,
471 aws_network_interface.dut2_if2
476 host = aws_instance.dut2.public_ip
477 private_key = tls_private_key.CSITTLS.private_key_pem
480 provisioner "remote-exec" {
481 inline = var.first_run_commands
484 provisioner "ansible" {
487 file_path = var.ansible_file_path
488 force_handlers = true
492 ansible_ssh_pass = var.ansible_provision_pwd
493 ansible_python_interpreter = var.ansible_python_executable
499 provisioner "remote-exec" {
500 on_failure = continue
501 inline = ["sudo reboot"]
505 resource "null_resource" "deploy_topology" {
506 depends_on = [ aws_instance.tg, aws_instance.dut1, aws_instance.dut2 ]
508 provisioner "ansible" {
511 file_path = var.ansible_topology_path
515 ansible_python_interpreter = var.ansible_python_executable
516 testbed_name = var.testbed_name
517 cloud_topology = var.topology_name
518 tg_if1_mac = data.aws_network_interface.tg_if1.mac_address
519 tg_if2_mac = data.aws_network_interface.tg_if2.mac_address
520 dut1_if1_mac = data.aws_network_interface.dut1_if1.mac_address
521 dut1_if2_mac = data.aws_network_interface.dut1_if2.mac_address
522 dut2_if1_mac = data.aws_network_interface.dut2_if1.mac_address
523 dut2_if2_mac = data.aws_network_interface.dut2_if2.mac_address
524 tg_public_ip = aws_instance.tg.public_ip
525 dut1_public_ip = aws_instance.dut1.public_ip
526 dut2_public_ip = aws_instance.dut2.public_ip
527 public_ip_list = "${aws_instance.tg.public_ip},${aws_instance.dut1.public_ip},${aws_instance.dut2.public_ip}"