fdio.infra.terraform/3n_azure_fsv2/main.tf

   1 provider "azurerm" {
   2   version = ">= 1.4.0"
   3 }
   4
   5 # Variables
   6
   7 variable "vpc_addr_space_a" {
   8   type    = string
   9   default = "172.16.0.0/16"
  10 }
  11
  12 variable "vpc_cidr_a" {
  13   type    = string
  14   default = "172.16.0.0/24"
  15 }
  16
  17 variable "vpc_cidr_b" {
  18   type    = string
  19   default = "172.16.10.0/24"
  20 }
  21
  22 variable "vpc_cidr_c" {
  23   type    = string
  24   default = "172.16.200.0/24"
  25 }
  26
  27 variable "vpc_cidr_d" {
  28   type    = string
  29   default = "172.16.20.0/24"
  30 }
  31
  32 variable "trex_dummy_cidr_port_0" {
  33   type    = string
  34   default = "172.16.11.0/24"
  35 }
  36
  37 variable "trex_dummy_cidr_port_1" {
  38   type    = string
  39   default = "172.16.21.0/24"
  40 }
  41
  42 # Create resource group and resources
  43
  44 resource "azurerm_resource_group" "CSIT" {
  45   name = "CSIT"
  46   #location = "East US"
  47   location = "UK South"
  48 }
  49
  50 resource "azurerm_virtual_network" "CSIT" {
  51   name                = "CSIT-network"
  52   resource_group_name = azurerm_resource_group.CSIT.name
  53   location            = azurerm_resource_group.CSIT.location
  54   address_space       = [var.vpc_addr_space_a]
  55   depends_on          = [azurerm_resource_group.CSIT]
  56 }
  57
  58 resource "azurerm_subnet" "a" {
  59   name                 = "subnet_a"
  60   resource_group_name  = azurerm_resource_group.CSIT.name
  61   virtual_network_name = azurerm_virtual_network.CSIT.name
  62   address_prefix       = var.vpc_cidr_a
  63   depends_on           = [azurerm_resource_group.CSIT]
  64 }
  65
  66 resource "azurerm_subnet" "b" {
  67   name                 = "subnet_b"
  68   resource_group_name  = azurerm_resource_group.CSIT.name
  69   virtual_network_name = azurerm_virtual_network.CSIT.name
  70   address_prefix       = var.vpc_cidr_b
  71   depends_on           = [azurerm_resource_group.CSIT]
  72 }
  73
  74 resource "azurerm_subnet" "c" {
  75   name                 = "subnet_c"
  76   resource_group_name  = azurerm_resource_group.CSIT.name
  77   virtual_network_name = azurerm_virtual_network.CSIT.name
  78   address_prefix       = var.vpc_cidr_c
  79   depends_on           = [azurerm_resource_group.CSIT]
  80 }
  81
  82 resource "azurerm_subnet" "d" {
  83   name                 = "subnet_d"
  84   resource_group_name  = azurerm_resource_group.CSIT.name
  85   virtual_network_name = azurerm_virtual_network.CSIT.name
  86   address_prefix       = var.vpc_cidr_d
  87   depends_on           = [azurerm_resource_group.CSIT]
  88 }
  89
  90 # Create a security group of the Kiknos instances
  91
  92 resource "azurerm_network_security_group" "CSIT" {
  93   name                = "CSIT"
  94   resource_group_name = azurerm_resource_group.CSIT.name
  95   location            = azurerm_resource_group.CSIT.location
  96   security_rule {
  97     name                       = "IpSec"
  98     priority                   = 100
  99     direction                  = "Inbound"
 100     access                     = "Allow"
 101     protocol                   = "Udp"
 102     source_port_range          = "*"
 103     destination_port_range     = "500"
 104     source_address_prefix      = "*"
 105     destination_address_prefix = "*"
 106   }
 107   security_rule {
 108     name                       = "IpSec-NAT"
 109     priority                   = 101
 110     direction                  = "Inbound"
 111     access                     = "Allow"
 112     protocol                   = "Udp"
 113     source_port_range          = "*"
 114     destination_port_range     = "4500"
 115     source_address_prefix      = "*"
 116     destination_address_prefix = "*"
 117   }
 118   security_rule {
 119     name                       = "SSH"
 120     priority                   = 102
 121     direction                  = "Inbound"
 122     access                     = "Allow"
 123     protocol                   = "Tcp"
 124     source_port_range          = "*"
 125     destination_port_range     = "22"
 126     source_address_prefix      = "*"
 127     destination_address_prefix = "*"
 128   }
 129   security_rule {
 130     name                       = "InboundAll"
 131     priority                   = 103
 132     direction                  = "Inbound"
 133     access                     = "Allow"
 134     protocol                   = "*"
 135     source_port_range          = "*"
 136     destination_port_range     = "*"
 137     source_address_prefix      = "*"
 138     destination_address_prefix = "*"
 139   }
 140   security_rule {
 141     name                       = "Outbound"
 142     priority                   = 104
 143     direction                  = "Outbound"
 144     access                     = "Allow"
 145     protocol                   = "*"
 146     source_port_range          = "*"
 147     destination_port_range     = "*"
 148     source_address_prefix      = "*"
 149     destination_address_prefix = "*"
 150   }
 151   depends_on = [azurerm_virtual_network.CSIT]
 152 }
 153
 154 # Create public IPs
 155
 156 resource "azurerm_public_ip" "tg_public_ip" {
 157   name                = "tg_public_ip"
 158   location            = azurerm_resource_group.CSIT.location
 159   resource_group_name = azurerm_resource_group.CSIT.name
 160   allocation_method   = "Dynamic"
 161   depends_on          = [azurerm_resource_group.CSIT]
 162 }
 163
 164 resource "azurerm_public_ip" "dut1_public_ip" {
 165   name                = "dut1_public_ip"
 166   location            = azurerm_resource_group.CSIT.location
 167   resource_group_name = azurerm_resource_group.CSIT.name
 168   allocation_method   = "Dynamic"
 169   depends_on          = [azurerm_resource_group.CSIT]
 170 }
 171
 172 resource "azurerm_public_ip" "dut2_public_ip" {
 173   name                = "dut2_public_ip"
 174   location            = azurerm_resource_group.CSIT.location
 175   resource_group_name = azurerm_resource_group.CSIT.name
 176   allocation_method   = "Dynamic"
 177   depends_on          = [azurerm_resource_group.CSIT]
 178 }
 179
 180 # Create network interface
 181
 182 resource "azurerm_network_interface" "tg_mng" {
 183   name                      = "tg_mng"
 184   location                  = azurerm_resource_group.CSIT.location
 185   resource_group_name       = azurerm_resource_group.CSIT.name
 186   network_security_group_id = azurerm_network_security_group.CSIT.id
 187   ip_configuration {
 188     primary                       = "true"
 189     name                          = "tg_mng_ip"
 190     subnet_id                     = azurerm_subnet.a.id
 191     private_ip_address_allocation = "Static"
 192     private_ip_address            = "172.16.0.10"
 193     public_ip_address_id          = azurerm_public_ip.tg_public_ip.id
 194   }
 195   depends_on = [azurerm_resource_group.CSIT,
 196     azurerm_subnet.a,
 197   azurerm_public_ip.tg_public_ip]
 198 }
 199
 200 resource "azurerm_network_interface" "dut1_mng" {
 201   name                      = "dut1_mng"
 202   location                  = azurerm_resource_group.CSIT.location
 203   resource_group_name       = azurerm_resource_group.CSIT.name
 204   network_security_group_id = azurerm_network_security_group.CSIT.id
 205   ip_configuration {
 206     primary                       = "true"
 207     name                          = "dut1_mng_ip"
 208     subnet_id                     = azurerm_subnet.a.id
 209     private_ip_address_allocation = "Static"
 210     private_ip_address            = "172.16.0.11"
 211     public_ip_address_id          = azurerm_public_ip.dut1_public_ip.id
 212   }
 213   depends_on = [azurerm_resource_group.CSIT,
 214     azurerm_subnet.a,
 215   azurerm_public_ip.dut1_public_ip]
 216 }
 217
 218 resource "azurerm_network_interface" "dut2_mng" {
 219   name                      = "dut2_mng"
 220   location                  = azurerm_resource_group.CSIT.location
 221   resource_group_name       = azurerm_resource_group.CSIT.name
 222   network_security_group_id = azurerm_network_security_group.CSIT.id
 223   ip_configuration {
 224     primary                       = "true"
 225     name                          = "dut2_mng_ip"
 226     subnet_id                     = azurerm_subnet.a.id
 227     private_ip_address_allocation = "Static"
 228     private_ip_address            = "172.16.0.12"
 229     public_ip_address_id          = azurerm_public_ip.dut2_public_ip.id
 230   }
 231   depends_on = [azurerm_resource_group.CSIT,
 232     azurerm_subnet.a,
 233   azurerm_public_ip.dut2_public_ip]
 234 }
 235
 236 resource "azurerm_route_table" "b" {
 237   name                = "b"
 238   location            = azurerm_resource_group.CSIT.location
 239   resource_group_name = azurerm_resource_group.CSIT.name
 240   depends_on = [azurerm_resource_group.CSIT,
 241   azurerm_subnet.b]
 242   disable_bgp_route_propagation = false
 243   route {
 244     name                   = "route-10"
 245     address_prefix         = var.trex_dummy_cidr_port_0
 246     next_hop_type          = "VirtualAppliance"
 247     next_hop_in_ip_address = data.azurerm_network_interface.tg_if1.private_ip_address
 248   }
 249   route {
 250     name                   = "route-20"
 251     address_prefix         = var.trex_dummy_cidr_port_1
 252     next_hop_type          = "VirtualAppliance"
 253     next_hop_in_ip_address = data.azurerm_network_interface.dut1_if1.private_ip_address
 254   }
 255   route {
 256     name                   = "tg2"
 257     address_prefix         = var.vpc_cidr_d
 258     next_hop_type          = "VirtualAppliance"
 259     next_hop_in_ip_address = data.azurerm_network_interface.dut1_if1.private_ip_address
 260   }
 261 }
 262
 263 resource "azurerm_route_table" "c" {
 264   name                = "c"
 265   location            = azurerm_resource_group.CSIT.location
 266   resource_group_name = azurerm_resource_group.CSIT.name
 267   depends_on = [azurerm_resource_group.CSIT,
 268   azurerm_subnet.c]
 269   disable_bgp_route_propagation = false
 270   route {
 271     name                   = "route-10"
 272     address_prefix         = var.trex_dummy_cidr_port_0
 273     next_hop_type          = "VirtualAppliance"
 274     next_hop_in_ip_address = data.azurerm_network_interface.dut1_if2.private_ip_address
 275   }
 276   route {
 277     name                   = "route-100"
 278     address_prefix         = "100.0.0.0/8"
 279     next_hop_type          = "VirtualAppliance"
 280     next_hop_in_ip_address = data.azurerm_network_interface.dut1_if2.private_ip_address
 281   }
 282   route {
 283     name                   = "route-20"
 284     address_prefix         = var.trex_dummy_cidr_port_1
 285     next_hop_type          = "VirtualAppliance"
 286     next_hop_in_ip_address = data.azurerm_network_interface.dut2_if1.private_ip_address
 287   }
 288   route {
 289     name                   = "tg1"
 290     address_prefix         = var.vpc_cidr_b
 291     next_hop_type          = "VirtualAppliance"
 292     next_hop_in_ip_address = data.azurerm_network_interface.dut1_if2.private_ip_address
 293   }
 294   route {
 295     name                   = "tg2"
 296     address_prefix         = var.vpc_cidr_d
 297     next_hop_type          = "VirtualAppliance"
 298     next_hop_in_ip_address = data.azurerm_network_interface.dut2_if1.private_ip_address
 299   }
 300 }
 301
 302 resource "azurerm_route_table" "d" {
 303   name                = "d"
 304   location            = azurerm_resource_group.CSIT.location
 305   resource_group_name = azurerm_resource_group.CSIT.name
 306   depends_on = [azurerm_resource_group.CSIT,
 307   azurerm_subnet.d]
 308   disable_bgp_route_propagation = false
 309   route {
 310     name                   = "route-10"
 311     address_prefix         = var.trex_dummy_cidr_port_0
 312     next_hop_type          = "VirtualAppliance"
 313     next_hop_in_ip_address = data.azurerm_network_interface.dut2_if2.private_ip_address
 314   }
 315   route {
 316     name                   = "route-20"
 317     address_prefix         = var.trex_dummy_cidr_port_1
 318     next_hop_type          = "VirtualAppliance"
 319     next_hop_in_ip_address = data.azurerm_network_interface.tg_if2.private_ip_address
 320   }
 321   route {
 322     name                   = "tg1"
 323     address_prefix         = var.vpc_cidr_b
 324     next_hop_type          = "VirtualAppliance"
 325     next_hop_in_ip_address = data.azurerm_network_interface.dut2_if2.private_ip_address
 326   }
 327 }
 328
 329 resource "azurerm_subnet_route_table_association" "b" {
 330   subnet_id      = azurerm_subnet.b.id
 331   route_table_id = azurerm_route_table.b.id
 332 }
 333
 334 resource "azurerm_subnet_route_table_association" "c" {
 335   subnet_id      = azurerm_subnet.c.id
 336   route_table_id = azurerm_route_table.c.id
 337 }
 338
 339 resource "azurerm_subnet_route_table_association" "d" {
 340   subnet_id      = azurerm_subnet.d.id
 341   route_table_id = azurerm_route_table.d.id
 342 }
 343
 344 resource "azurerm_virtual_machine" "tg" {
 345   name                         = "tg"
 346   location                     = azurerm_resource_group.CSIT.location
 347   resource_group_name          = azurerm_resource_group.CSIT.name
 348   primary_network_interface_id = azurerm_network_interface.tg_mng.id
 349   network_interface_ids = [azurerm_network_interface.tg_mng.id,
 350     azurerm_network_interface.tg_if1.id,
 351   azurerm_network_interface.tg_if2.id]
 352   vm_size                          = "Standard_F32s_v2"
 353   delete_os_disk_on_termination    = true
 354   delete_data_disks_on_termination = true
 355   storage_os_disk {
 356     name              = "OsDiskTG"
 357     caching           = "ReadWrite"
 358     create_option     = "FromImage"
 359     managed_disk_type = "StandardSSD_LRS"
 360   }
 361   storage_image_reference {
 362     publisher = "Canonical"
 363     offer     = "UbuntuServer"
 364     sku       = "18.04-LTS"
 365     version   = "latest"
 366   }
 367   os_profile {
 368     computer_name  = "tg"
 369     admin_username = "ubuntu"
 370   }
 371   os_profile_linux_config {
 372     disable_password_authentication = true
 373     ssh_keys {
 374       path     = "/home/ubuntu/.ssh/authorized_keys"
 375       key_data = file("~/.ssh/id_rsa.pub")
 376     }
 377   }
 378   depends_on = [azurerm_resource_group.CSIT,
 379   azurerm_network_interface.tg_mng]
 380 }
 381
 382 resource "azurerm_virtual_machine" "dut1" {
 383   name                         = "dut1"
 384   location                     = azurerm_resource_group.CSIT.location
 385   resource_group_name          = azurerm_resource_group.CSIT.name
 386   primary_network_interface_id = azurerm_network_interface.dut1_mng.id
 387   network_interface_ids = [azurerm_network_interface.dut1_mng.id,
 388     azurerm_network_interface.dut1_if1.id,
 389   azurerm_network_interface.dut1_if2.id]
 390   vm_size                          = "Standard_F32s_v2"
 391   delete_os_disk_on_termination    = true
 392   delete_data_disks_on_termination = true
 393   storage_os_disk {
 394     name              = "OsDiskDUT1"
 395     caching           = "ReadWrite"
 396     create_option     = "FromImage"
 397     managed_disk_type = "StandardSSD_LRS"
 398   }
 399   storage_image_reference {
 400     publisher = "Canonical"
 401     offer     = "UbuntuServer"
 402     sku       = "18.04-LTS"
 403     version   = "latest"
 404   }
 405   os_profile {
 406     computer_name  = "dut1"
 407     admin_username = "ubuntu"
 408   }
 409   os_profile_linux_config {
 410     disable_password_authentication = true
 411     ssh_keys {
 412       path     = "/home/ubuntu/.ssh/authorized_keys"
 413       key_data = file("~/.ssh/id_rsa.pub")
 414     }
 415   }
 416   depends_on = [azurerm_resource_group.CSIT,
 417   azurerm_network_interface.dut1_mng]
 418 }
 419
 420 resource "azurerm_virtual_machine" "dut2" {
 421   name                         = "dut2"
 422   location                     = azurerm_resource_group.CSIT.location
 423   resource_group_name          = azurerm_resource_group.CSIT.name
 424   primary_network_interface_id = azurerm_network_interface.dut2_mng.id
 425   network_interface_ids = [azurerm_network_interface.dut2_mng.id,
 426     azurerm_network_interface.dut2_if1.id,
 427   azurerm_network_interface.dut2_if2.id]
 428   vm_size                          = "Standard_F32s_v2"
 429   delete_os_disk_on_termination    = true
 430   delete_data_disks_on_termination = true
 431   storage_os_disk {
 432     name              = "OsDiskDUT2"
 433     caching           = "ReadWrite"
 434     create_option     = "FromImage"
 435     managed_disk_type = "StandardSSD_LRS"
 436   }
 437   storage_image_reference {
 438     publisher = "Canonical"
 439     offer     = "UbuntuServer"
 440     sku       = "18.04-LTS"
 441     version   = "latest"
 442   }
 443   os_profile {
 444     computer_name  = "dut2"
 445     admin_username = "ubuntu"
 446   }
 447   os_profile_linux_config {
 448     disable_password_authentication = true
 449     ssh_keys {
 450       path     = "/home/ubuntu/.ssh/authorized_keys"
 451       key_data = file("~/.ssh/id_rsa.pub")
 452     }
 453   }
 454   depends_on = [azurerm_resource_group.CSIT,
 455   azurerm_network_interface.dut2_mng]
 456 }
 457
 458 data "azurerm_public_ip" "tg_public_ip" {
 459   name                = "tg_public_ip"
 460   resource_group_name = azurerm_resource_group.CSIT.name
 461   depends_on          = [azurerm_virtual_machine.tg]
 462 }
 463
 464 data "azurerm_public_ip" "dut1_public_ip" {
 465   name                = "dut1_public_ip"
 466   resource_group_name = azurerm_resource_group.CSIT.name
 467   depends_on          = [azurerm_virtual_machine.dut1]
 468 }
 469
 470 data "azurerm_public_ip" "dut2_public_ip" {
 471   name                = "dut2_public_ip"
 472   resource_group_name = azurerm_resource_group.CSIT.name
 473   depends_on          = [azurerm_virtual_machine.dut2]
 474 }
 475
 476 # Provisioning
 477
 478 resource "null_resource" "deploy_tg" {
 479   depends_on = [azurerm_virtual_machine.tg,
 480     azurerm_network_interface.tg_if1,
 481   azurerm_network_interface.tg_if2]
 482   connection {
 483     user        = "ubuntu"
 484     host        = data.azurerm_public_ip.tg_public_ip.ip_address
 485     private_key = file("~/.ssh/id_rsa")
 486   }
 487   provisioner "ansible" {
 488     plays {
 489       playbook {
 490         file_path      = "../../testbed-setup/ansible/site.yaml"
 491         force_handlers = true
 492       }
 493       hosts = ["tg_azure"]
 494       extra_vars = {
 495         ansible_python_interpreter = "/usr/bin/python3"
 496         azure                      = true
 497       }
 498     }
 499   }
 500 }
 501
 502 resource "null_resource" "deploy_dut1" {
 503   depends_on = [azurerm_virtual_machine.dut1,
 504     azurerm_network_interface.dut1_if1,
 505   azurerm_network_interface.dut1_if2]
 506   connection {
 507     user        = "ubuntu"
 508     host        = data.azurerm_public_ip.dut1_public_ip.ip_address
 509     private_key = file("~/.ssh/id_rsa")
 510   }
 511   provisioner "ansible" {
 512     plays {
 513       playbook {
 514         file_path      = "../../testbed-setup/ansible/site.yaml"
 515         force_handlers = true
 516       }
 517       hosts = ["sut_azure"]
 518       extra_vars = {
 519         ansible_python_interpreter = "/usr/bin/python3"
 520         azure                      = true
 521       }
 522     }
 523   }
 524 }
 525
 526 resource "null_resource" "deploy_dut2" {
 527   depends_on = [azurerm_virtual_machine.dut2,
 528     azurerm_network_interface.dut2_if1,
 529   azurerm_network_interface.dut2_if2]
 530   connection {
 531     user        = "ubuntu"
 532     host        = data.azurerm_public_ip.dut2_public_ip.ip_address
 533     private_key = file("~/.ssh/id_rsa")
 534   }
 535   provisioner "ansible" {
 536     plays {
 537       playbook {
 538         file_path      = "../../testbed-setup/ansible/site.yaml"
 539         force_handlers = true
 540       }
 541       hosts = ["sut_azure"]
 542       extra_vars = {
 543         ansible_python_interpreter = "/usr/bin/python3"
 544         azure                      = true
 545       }
 546     }
 547   }
 548 }
 549
 550 resource "null_resource" "deploy_topology" {
 551   depends_on = [azurerm_virtual_machine.tg,
 552     azurerm_network_interface.tg_if1,
 553     azurerm_network_interface.tg_if2,
 554     azurerm_virtual_machine.dut1,
 555     azurerm_network_interface.dut1_if1,
 556     azurerm_network_interface.dut1_if2,
 557     azurerm_virtual_machine.dut2,
 558     azurerm_network_interface.dut2_if1,
 559   azurerm_network_interface.dut2_if2]
 560   provisioner "ansible" {
 561     plays {
 562       playbook {
 563         file_path = "../../testbed-setup/ansible/cloud_topology.yaml"
 564       }
 565       hosts = ["local"]
 566       extra_vars = {
 567         ansible_python_interpreter = "/usr/bin/python3"
 568         cloud_topology             = "3n_azure_Fsv2"
 569         tg_if1_mac                 = data.azurerm_network_interface.tg_if1.mac_address
 570         tg_if2_mac                 = data.azurerm_network_interface.tg_if2.mac_address
 571         dut1_if1_mac               = data.azurerm_network_interface.dut1_if1.mac_address
 572         dut1_if2_mac               = data.azurerm_network_interface.dut1_if2.mac_address
 573         dut2_if1_mac               = data.azurerm_network_interface.dut2_if1.mac_address
 574         dut2_if2_mac               = data.azurerm_network_interface.dut2_if2.mac_address
 575         tg_public_ip               = data.azurerm_public_ip.tg_public_ip.ip_address
 576         dut1_public_ip             = data.azurerm_public_ip.dut1_public_ip.ip_address
 577         dut2_public_ip             = data.azurerm_public_ip.dut2_public_ip.ip_address
 578       }
 579     }
 580   }
 581 }
 582
 583 output "dbg_tg" {
 584   value = "TG IP: ${data.azurerm_public_ip.tg_public_ip.ip_address}"
 585 }
 586
 587 output "dbg_dut1" {
 588   value = "DUT1 IP: ${data.azurerm_public_ip.dut1_public_ip.ip_address}"
 589 }
 590
 591 output "dbg_dut2" {
 592   value = "DUT2 IP: ${data.azurerm_public_ip.dut2_public_ip.ip_address}"
 593 }