fdio.infra.terraform/3n_azure_fsv2/main.tf

   1 provider "azurerm" {
   2   version = ">= 1.4.0"
   3 }
   4
   5 # Variables
   6
   7 variable "vpc_addr_space_a" {
   8   type = string
   9   default = "172.16.0.0/16"
  10 }
  11
  12 variable "vpc_cidr_a" {
  13   type = string
  14   default = "172.16.0.0/24"
  15 }
  16
  17 variable "vpc_cidr_b" {
  18   type = string
  19   default = "172.16.10.0/24"
  20 }
  21
  22 variable "vpc_cidr_c" {
  23   type = string
  24   default = "172.16.200.0/24"
  25 }
  26
  27 variable "vpc_cidr_d" {
  28   type = string
  29   default = "172.16.20.0/24"
  30 }
  31
  32 variable "trex_dummy_cidr_port_0" {
  33   type = string
  34   default = "172.16.11.0/24"
  35 }
  36
  37 variable "trex_dummy_cidr_port_1" {
  38   type = string
  39   default = "172.16.21.0/24"
  40 }
  41
  42 # Create resource group and resources
  43
  44 resource "azurerm_resource_group" "CSIT" {
  45   name     = "CSIT"
  46   #location = "East US"
  47   location = "UK South"
  48 }
  49
  50 resource "azurerm_virtual_network" "CSIT" {
  51   name                = "CSIT-network"
  52   resource_group_name = azurerm_resource_group.CSIT.name
  53   location            = azurerm_resource_group.CSIT.location
  54   address_space       = [ var.vpc_addr_space_a ]
  55   depends_on          = [ azurerm_resource_group.CSIT ]
  56 }
  57
  58 resource "azurerm_subnet" "a" {
  59   name                 = "subnet_a"
  60   resource_group_name  = azurerm_resource_group.CSIT.name
  61   virtual_network_name = azurerm_virtual_network.CSIT.name
  62   address_prefix       = var.vpc_cidr_a
  63   depends_on           = [ azurerm_resource_group.CSIT ]
  64 }
  65
  66 resource "azurerm_subnet" "b" {
  67   name                 = "subnet_b"
  68   resource_group_name  = azurerm_resource_group.CSIT.name
  69   virtual_network_name = azurerm_virtual_network.CSIT.name
  70   address_prefix       = var.vpc_cidr_b
  71   depends_on           = [ azurerm_resource_group.CSIT ]
  72 }
  73
  74 resource "azurerm_subnet" "c" {
  75   name                 = "subnet_c"
  76   resource_group_name  = azurerm_resource_group.CSIT.name
  77   virtual_network_name = azurerm_virtual_network.CSIT.name
  78   address_prefix       = var.vpc_cidr_c
  79   depends_on           = [ azurerm_resource_group.CSIT ]
  80 }
  81
  82 resource "azurerm_subnet" "d" {
  83   name                 = "subnet_d"
  84   resource_group_name  = azurerm_resource_group.CSIT.name
  85   virtual_network_name = azurerm_virtual_network.CSIT.name
  86   address_prefix       = var.vpc_cidr_d
  87   depends_on           = [ azurerm_resource_group.CSIT ]
  88 }
  89
  90 # Create a security group of the Kiknos instances
  91
  92 resource "azurerm_network_security_group" "CSIT" {
  93   name                = "CSIT"
  94   resource_group_name = azurerm_resource_group.CSIT.name
  95   location            = azurerm_resource_group.CSIT.location
  96   security_rule {
  97     name                       = "IpSec"
  98     priority                   = 100
  99     direction                  = "Inbound"
 100     access                     = "Allow"
 101     protocol                   = "Udp"
 102     source_port_range          = "*"
 103     destination_port_range     = "500"
 104     source_address_prefix      = "*"
 105     destination_address_prefix = "*"
 106   }
 107   security_rule {
 108     name                       = "IpSec-NAT"
 109     priority                   = 101
 110     direction                  = "Inbound"
 111     access                     = "Allow"
 112     protocol                   = "Udp"
 113     source_port_range          = "*"
 114     destination_port_range     = "4500"
 115     source_address_prefix      = "*"
 116     destination_address_prefix = "*"
 117   }
 118   security_rule {
 119     name                       = "SSH"
 120     priority                   = 102
 121     direction                  = "Inbound"
 122     access                     = "Allow"
 123     protocol                   = "Tcp"
 124     source_port_range          = "*"
 125     destination_port_range     = "22"
 126     source_address_prefix      = "*"
 127     destination_address_prefix = "*"
 128   }
 129   security_rule {
 130     name                       = "InboundAll"
 131     priority                   = 103
 132     direction                  = "Inbound"
 133     access                     = "Allow"
 134     protocol                   = "*"
 135     source_port_range          = "*"
 136     destination_port_range     = "*"
 137     source_address_prefix      = "*"
 138     destination_address_prefix = "*"
 139   }
 140   security_rule {
 141     name                       = "Outbound"
 142     priority                   = 104
 143     direction                  = "Outbound"
 144     access                     = "Allow"
 145     protocol                   = "*"
 146     source_port_range          = "*"
 147     destination_port_range     = "*"
 148     source_address_prefix      = "*"
 149     destination_address_prefix = "*"
 150   }
 151   depends_on = [azurerm_virtual_network.CSIT]
 152 }
 153
 154 # Create public IPs
 155
 156 resource "azurerm_public_ip" "tg_public_ip" {
 157     name                         = "tg_public_ip"
 158     location                     = azurerm_resource_group.CSIT.location
 159     resource_group_name          = azurerm_resource_group.CSIT.name
 160     allocation_method            = "Dynamic"
 161     depends_on                   = [ azurerm_resource_group.CSIT ]
 162 }
 163
 164 resource "azurerm_public_ip" "dut1_public_ip" {
 165     name                         = "dut1_public_ip"
 166     location                     = azurerm_resource_group.CSIT.location
 167     resource_group_name          = azurerm_resource_group.CSIT.name
 168     allocation_method            = "Dynamic"
 169     depends_on                   = [ azurerm_resource_group.CSIT ]
 170 }
 171
 172 resource "azurerm_public_ip" "dut2_public_ip" {
 173     name                         = "dut2_public_ip"
 174     location                     = azurerm_resource_group.CSIT.location
 175     resource_group_name          = azurerm_resource_group.CSIT.name
 176     allocation_method            = "Dynamic"
 177     depends_on                   = [ azurerm_resource_group.CSIT ]
 178 }
 179
 180 # Create network interface
 181
 182 resource "azurerm_network_interface" "tg_mng" {
 183     name                      = "tg_mng"
 184     location                  = azurerm_resource_group.CSIT.location
 185     resource_group_name       = azurerm_resource_group.CSIT.name
 186     network_security_group_id = azurerm_network_security_group.CSIT.id
 187     ip_configuration {
 188         primary                       = "true"
 189         name                          = "tg_mng_ip"
 190         subnet_id                     = azurerm_subnet.a.id
 191         private_ip_address_allocation = "Static"
 192         private_ip_address            = "172.16.0.10"
 193         public_ip_address_id          = azurerm_public_ip.tg_public_ip.id
 194     }
 195     depends_on                = [ azurerm_resource_group.CSIT,
 196                                   azurerm_subnet.a,
 197                                   azurerm_public_ip.tg_public_ip ]
 198 }
 199
 200 resource "azurerm_network_interface" "dut1_mng" {
 201     name                      = "dut1_mng"
 202     location                  = azurerm_resource_group.CSIT.location
 203     resource_group_name       = azurerm_resource_group.CSIT.name
 204     network_security_group_id = azurerm_network_security_group.CSIT.id
 205     ip_configuration {
 206         primary                       = "true"
 207         name                          = "dut1_mng_ip"
 208         subnet_id                     = azurerm_subnet.a.id
 209         private_ip_address_allocation = "Static"
 210         private_ip_address            = "172.16.0.11"
 211         public_ip_address_id          = azurerm_public_ip.dut1_public_ip.id
 212     }
 213     depends_on                = [ azurerm_resource_group.CSIT,
 214                                   azurerm_subnet.a,
 215                                   azurerm_public_ip.dut1_public_ip ]
 216 }
 217
 218 resource "azurerm_network_interface" "dut2_mng" {
 219     name                      = "dut2_mng"
 220     location                  = azurerm_resource_group.CSIT.location
 221     resource_group_name       = azurerm_resource_group.CSIT.name
 222     network_security_group_id = azurerm_network_security_group.CSIT.id
 223     ip_configuration {
 224         primary                       = "true"
 225         name                          = "dut2_mng_ip"
 226         subnet_id                     = azurerm_subnet.a.id
 227         private_ip_address_allocation = "Static"
 228         private_ip_address            = "172.16.0.12"
 229         public_ip_address_id          = azurerm_public_ip.dut2_public_ip.id
 230     }
 231     depends_on                = [ azurerm_resource_group.CSIT,
 232                                   azurerm_subnet.a,
 233                                   azurerm_public_ip.dut2_public_ip ]
 234 }
 235
 236 resource "azurerm_route_table" "b" {
 237   name                          = "b"
 238   location                      = azurerm_resource_group.CSIT.location
 239   resource_group_name           = azurerm_resource_group.CSIT.name
 240   depends_on                    = [ azurerm_resource_group.CSIT,
 241                                     azurerm_subnet.b ]
 242   disable_bgp_route_propagation = false
 243   route {
 244     name                    = "route-10"
 245     address_prefix          = var.trex_dummy_cidr_port_0
 246     next_hop_type           = "VirtualAppliance"
 247     next_hop_in_ip_address  = data.azurerm_network_interface.tg_if1.private_ip_address
 248   }
 249   route {
 250     name                    = "route-20"
 251     address_prefix          = var.trex_dummy_cidr_port_1
 252     next_hop_type           = "VirtualAppliance"
 253     next_hop_in_ip_address  = data.azurerm_network_interface.dut1_if1.private_ip_address
 254   }
 255   route {
 256     name                    = "tg2"
 257     address_prefix          = var.vpc_cidr_d
 258     next_hop_type           = "VirtualAppliance"
 259     next_hop_in_ip_address  = data.azurerm_network_interface.dut1_if1.private_ip_address
 260   }
 261 }
 262
 263 resource "azurerm_route_table" "c" {
 264   name                          = "c"
 265   location                      = azurerm_resource_group.CSIT.location
 266   resource_group_name           = azurerm_resource_group.CSIT.name
 267   depends_on                    = [ azurerm_resource_group.CSIT,
 268                                     azurerm_subnet.c ]
 269   disable_bgp_route_propagation = false
 270   route {
 271     name                    = "route-10"
 272     address_prefix          = var.trex_dummy_cidr_port_0
 273     next_hop_type           = "VirtualAppliance"
 274     next_hop_in_ip_address  = data.azurerm_network_interface.dut1_if2.private_ip_address
 275   }
 276   route {
 277     name                    = "route-100"
 278     address_prefix          = "100.0.0.0/8"
 279     next_hop_type           = "VirtualAppliance"
 280     next_hop_in_ip_address  = data.azurerm_network_interface.dut1_if2.private_ip_address
 281   }
 282   route {
 283     name                    = "route-20"
 284     address_prefix          = var.trex_dummy_cidr_port_1
 285     next_hop_type           = "VirtualAppliance"
 286     next_hop_in_ip_address  = data.azurerm_network_interface.dut2_if1.private_ip_address
 287   }
 288   route {
 289     name                    = "tg1"
 290     address_prefix          = var.vpc_cidr_b
 291     next_hop_type           = "VirtualAppliance"
 292     next_hop_in_ip_address  = data.azurerm_network_interface.dut1_if2.private_ip_address
 293   }
 294   route {
 295     name                    = "tg2"
 296     address_prefix          = var.vpc_cidr_d
 297     next_hop_type           = "VirtualAppliance"
 298     next_hop_in_ip_address  = data.azurerm_network_interface.dut2_if1.private_ip_address
 299   }
 300 }
 301
 302 resource "azurerm_route_table" "d" {
 303   name                          = "d"
 304   location                      = azurerm_resource_group.CSIT.location
 305   resource_group_name           = azurerm_resource_group.CSIT.name
 306   depends_on                    = [ azurerm_resource_group.CSIT,
 307                                     azurerm_subnet.d ]
 308   disable_bgp_route_propagation = false
 309   route {
 310     name                    = "route-10"
 311     address_prefix          = var.trex_dummy_cidr_port_0
 312     next_hop_type           = "VirtualAppliance"
 313     next_hop_in_ip_address  = data.azurerm_network_interface.dut2_if2.private_ip_address
 314   }
 315   route {
 316     name                    = "route-20"
 317     address_prefix          = var.trex_dummy_cidr_port_1
 318     next_hop_type           = "VirtualAppliance"
 319     next_hop_in_ip_address  = data.azurerm_network_interface.tg_if2.private_ip_address
 320   }
 321   route {
 322     name                    = "tg1"
 323     address_prefix          = var.vpc_cidr_b
 324     next_hop_type           = "VirtualAppliance"
 325     next_hop_in_ip_address  = data.azurerm_network_interface.dut2_if2.private_ip_address
 326   }
 327 }
 328
 329 resource "azurerm_subnet_route_table_association" "b" {
 330   subnet_id      = azurerm_subnet.b.id
 331   route_table_id = azurerm_route_table.b.id
 332 }
 333
 334 resource "azurerm_subnet_route_table_association" "c" {
 335   subnet_id      = azurerm_subnet.c.id
 336   route_table_id = azurerm_route_table.c.id
 337 }
 338
 339 resource "azurerm_subnet_route_table_association" "d" {
 340   subnet_id      = azurerm_subnet.d.id
 341   route_table_id = azurerm_route_table.d.id
 342 }
 343
 344 resource "azurerm_virtual_machine" "tg" {
 345     name                             = "tg"
 346     location                         = azurerm_resource_group.CSIT.location
 347     resource_group_name              = azurerm_resource_group.CSIT.name
 348     primary_network_interface_id     = azurerm_network_interface.tg_mng.id
 349     network_interface_ids            = [ azurerm_network_interface.tg_mng.id,
 350                                          azurerm_network_interface.tg_if1.id,
 351                                          azurerm_network_interface.tg_if2.id ]
 352     vm_size                          = "Standard_F32s_v2"
 353     delete_os_disk_on_termination    = true
 354     delete_data_disks_on_termination = true
 355     storage_os_disk {
 356         name              = "OsDiskTG"
 357         caching           = "ReadWrite"
 358         create_option     = "FromImage"
 359         managed_disk_type = "StandardSSD_LRS"
 360     }
 361     storage_image_reference {
 362         publisher = "Canonical"
 363         offer     = "UbuntuServer"
 364         sku       = "18.04-LTS"
 365         version   = "latest"
 366     }
 367     os_profile {
 368         computer_name  = "tg"
 369         admin_username = "ubuntu"
 370     }
 371     os_profile_linux_config {
 372         disable_password_authentication = true
 373         ssh_keys {
 374             path     = "/home/ubuntu/.ssh/authorized_keys"
 375             key_data = file("~/.ssh/id_rsa.pub")
 376         }
 377     }
 378     depends_on          = [ azurerm_resource_group.CSIT,
 379                             azurerm_network_interface.tg_mng ]
 380 }
 381
 382 resource "azurerm_virtual_machine" "dut1" {
 383     name                             = "dut1"
 384     location                         = azurerm_resource_group.CSIT.location
 385     resource_group_name              = azurerm_resource_group.CSIT.name
 386     primary_network_interface_id     = azurerm_network_interface.dut1_mng.id
 387     network_interface_ids            = [ azurerm_network_interface.dut1_mng.id,
 388                                          azurerm_network_interface.dut1_if1.id,
 389                                          azurerm_network_interface.dut1_if2.id ]
 390     vm_size                          = "Standard_F32s_v2"
 391     delete_os_disk_on_termination    = true
 392     delete_data_disks_on_termination = true
 393     storage_os_disk {
 394         name              = "OsDiskDUT1"
 395         caching           = "ReadWrite"
 396         create_option     = "FromImage"
 397         managed_disk_type = "StandardSSD_LRS"
 398     }
 399     storage_image_reference {
 400         publisher = "Canonical"
 401         offer     = "UbuntuServer"
 402         sku       = "18.04-LTS"
 403         version   = "latest"
 404     }
 405     os_profile {
 406         computer_name  = "dut1"
 407         admin_username = "ubuntu"
 408     }
 409     os_profile_linux_config {
 410         disable_password_authentication = true
 411         ssh_keys {
 412             path     = "/home/ubuntu/.ssh/authorized_keys"
 413             key_data = file("~/.ssh/id_rsa.pub")
 414         }
 415     }
 416     depends_on          = [ azurerm_resource_group.CSIT,
 417                             azurerm_network_interface.dut1_mng ]
 418 }
 419
 420 resource "azurerm_virtual_machine" "dut2" {
 421     name                             = "dut2"
 422     location                         = azurerm_resource_group.CSIT.location
 423     resource_group_name              = azurerm_resource_group.CSIT.name
 424     primary_network_interface_id     = azurerm_network_interface.dut2_mng.id
 425     network_interface_ids            = [ azurerm_network_interface.dut2_mng.id,
 426                                          azurerm_network_interface.dut2_if1.id,
 427                                          azurerm_network_interface.dut2_if2.id ]
 428     vm_size                          = "Standard_F32s_v2"
 429     delete_os_disk_on_termination    = true
 430     delete_data_disks_on_termination = true
 431     storage_os_disk {
 432         name              = "OsDiskDUT2"
 433         caching           = "ReadWrite"
 434         create_option     = "FromImage"
 435         managed_disk_type = "StandardSSD_LRS"
 436     }
 437     storage_image_reference {
 438         publisher = "Canonical"
 439         offer     = "UbuntuServer"
 440         sku       = "18.04-LTS"
 441         version   = "latest"
 442     }
 443     os_profile {
 444         computer_name  = "dut2"
 445         admin_username = "ubuntu"
 446     }
 447     os_profile_linux_config {
 448         disable_password_authentication = true
 449         ssh_keys {
 450             path     = "/home/ubuntu/.ssh/authorized_keys"
 451             key_data = file("~/.ssh/id_rsa.pub")
 452         }
 453     }
 454     depends_on          = [ azurerm_resource_group.CSIT,
 455                             azurerm_network_interface.dut2_mng ]
 456 }
 457
 458 data "azurerm_public_ip" "tg_public_ip" {
 459   name                = "tg_public_ip"
 460   resource_group_name = azurerm_resource_group.CSIT.name
 461   depends_on          = [ azurerm_virtual_machine.tg ]
 462 }
 463
 464 data "azurerm_public_ip" "dut1_public_ip" {
 465   name                = "dut1_public_ip"
 466   resource_group_name = azurerm_resource_group.CSIT.name
 467   depends_on          = [ azurerm_virtual_machine.dut1 ]
 468 }
 469
 470 data "azurerm_public_ip" "dut2_public_ip" {
 471   name                = "dut2_public_ip"
 472   resource_group_name = azurerm_resource_group.CSIT.name
 473   depends_on          = [ azurerm_virtual_machine.dut2 ]
 474 }
 475
 476 # Provisioning
 477
 478 resource "null_resource" "deploy_tg" {
 479   depends_on = [ azurerm_virtual_machine.tg,
 480                  azurerm_network_interface.tg_if1,
 481                  azurerm_network_interface.tg_if2 ]
 482   connection {
 483     user = "ubuntu"
 484     host = data.azurerm_public_ip.tg_public_ip.ip_address
 485     private_key = file("~/.ssh/id_rsa")
 486   }
 487   provisioner "ansible" {
 488     plays {
 489       playbook {
 490         file_path = "../../testbed-setup/ansible/site.yaml"
 491         force_handlers = true
 492       }
 493       hosts = ["tg_azure"]
 494       extra_vars = {
 495         ansible_python_interpreter = "/usr/bin/python3"
 496         azure = true
 497       }
 498     }
 499   }
 500 }
 501
 502 resource "null_resource" "deploy_dut1" {
 503   depends_on = [ azurerm_virtual_machine.dut1,
 504                  azurerm_network_interface.dut1_if1,
 505                  azurerm_network_interface.dut1_if2 ]
 506   connection {
 507     user = "ubuntu"
 508     host = data.azurerm_public_ip.dut1_public_ip.ip_address
 509     private_key = file("~/.ssh/id_rsa")
 510   }
 511   provisioner "ansible" {
 512     plays {
 513       playbook {
 514         file_path = "../../testbed-setup/ansible/site.yaml"
 515         force_handlers = true
 516       }
 517       hosts = ["sut_azure"]
 518       extra_vars = {
 519         ansible_python_interpreter = "/usr/bin/python3"
 520         azure = true
 521       }
 522     }
 523   }
 524 }
 525
 526 resource "null_resource" "deploy_dut2" {
 527   depends_on = [ azurerm_virtual_machine.dut2,
 528                  azurerm_network_interface.dut2_if1,
 529                  azurerm_network_interface.dut2_if2 ]
 530   connection {
 531     user = "ubuntu"
 532     host = data.azurerm_public_ip.dut2_public_ip.ip_address
 533     private_key = file("~/.ssh/id_rsa")
 534   }
 535   provisioner "ansible" {
 536     plays {
 537       playbook {
 538         file_path = "../../testbed-setup/ansible/site.yaml"
 539         force_handlers = true
 540       }
 541       hosts = ["sut_azure"]
 542       extra_vars = {
 543         ansible_python_interpreter = "/usr/bin/python3"
 544         azure = true
 545       }
 546     }
 547   }
 548 }
 549
 550 resource "null_resource" "deploy_topology" {
 551   depends_on = [ azurerm_virtual_machine.tg,
 552                  azurerm_network_interface.tg_if1,
 553                  azurerm_network_interface.tg_if2,
 554                  azurerm_virtual_machine.dut1,
 555                  azurerm_network_interface.dut1_if1,
 556                  azurerm_network_interface.dut1_if2,
 557                  azurerm_virtual_machine.dut2,
 558                  azurerm_network_interface.dut2_if1,
 559                  azurerm_network_interface.dut2_if2 ]
 560   provisioner "ansible" {
 561     plays {
 562       playbook {
 563         file_path = "../../testbed-setup/ansible/cloud_topology.yaml"
 564       }
 565       hosts = ["local"]
 566       extra_vars = {
 567         ansible_python_interpreter = "/usr/bin/python3"
 568         cloud_topology = "3n_azure_Fsv2"
 569         tg_if1_mac = data.azurerm_network_interface.tg_if1.mac_address
 570         tg_if2_mac = data.azurerm_network_interface.tg_if2.mac_address
 571         dut1_if1_mac = data.azurerm_network_interface.dut1_if1.mac_address
 572         dut1_if2_mac = data.azurerm_network_interface.dut1_if2.mac_address
 573         dut2_if1_mac = data.azurerm_network_interface.dut2_if1.mac_address
 574         dut2_if2_mac = data.azurerm_network_interface.dut2_if2.mac_address
 575         tg_public_ip = data.azurerm_public_ip.tg_public_ip.ip_address
 576         dut1_public_ip = data.azurerm_public_ip.dut1_public_ip.ip_address
 577         dut2_public_ip = data.azurerm_public_ip.dut2_public_ip.ip_address
 578       }
 579     }
 580   }
 581 }
 582
 583 output "dbg_tg" {
 584   value = "TG IP: ${data.azurerm_public_ip.tg_public_ip.ip_address}"
 585 }
 586
 587 output "dbg_dut1" {
 588   value = "DUT1 IP: ${data.azurerm_public_ip.dut1_public_ip.ip_address}"
 589 }
 590
 591 output "dbg_dut2" {
 592   value = "DUT2 IP: ${data.azurerm_public_ip.dut2_public_ip.ip_address}"
 593 }