resources/tools/terraform/aws/main.tf

   1 provider "aws" {
   2   region = "eu-central-1"
   3 }
   4
   5 variable "avail_zone" {
   6   type = string
   7   default = "eu-central-1a"
   8 }
   9 # Base VPC CIDRs
  10 variable "vpc_cidr_mgmt" {
  11   type = string
  12   default = "192.168.0.0/24"
  13 }
  14 variable "vpc_cidr_b" {
  15   type = string
  16   default = "192.168.10.0/24"
  17 }
  18 variable "vpc_cidr_c" {
  19   type = string
  20   default = "200.0.0.0/24"
  21 }
  22 variable "vpc_cidr_d" {
  23   type = string
  24   default = "192.168.20.0/24"
  25 }
  26
  27 # Trex Dummy CIDRs
  28 variable "trex_dummy_cidr_port_0" {
  29   type = string
  30   default = "10.0.0.0/24"
  31 }
  32 variable "trex_dummy_cidr_port_1" {
  33   type = string
  34   default = "20.0.0.0/24"
  35 }
  36
  37 # IPs
  38 variable "tg_if1_ip" {
  39   type = string
  40   default = "192.168.10.254"
  41 }
  42 variable "tg_if2_ip" {
  43   type = string
  44   default = "192.168.20.254"
  45 }
  46 variable "dut1_if1_ip" {
  47   type = string
  48   default = "192.168.10.11"
  49 }
  50 variable "dut1_if2_ip" {
  51   type = string
  52   default = "200.0.0.101"
  53 }
  54 variable "dut2_if1_ip" {
  55   type = string
  56   default = "200.0.0.102"
  57 }
  58 variable "dut2_if2_ip" {
  59   type = string
  60   default = "192.168.20.11"
  61 }
  62 variable "tg_mgmt_ip" {
  63   type = string
  64   default = "192.168.0.10"
  65 }
  66 variable "dut1_mgmt_ip" {
  67   type = string
  68   default = "192.168.0.11"
  69 }
  70 variable "dut2_mgmt_ip" {
  71   type = string
  72   default = "192.168.0.12"
  73 }
  74
  75 # Instance Type
  76 variable "instance_type" {
  77   type = string
  78   default = "c5n.9xlarge"
  79 }
  80
  81 resource "aws_vpc" "CSIT" {
  82   cidr_block = var.vpc_cidr_mgmt
  83 }
  84
  85 resource "aws_security_group" "CSIT" {
  86   name        = "CSIT"
  87   description = "Allow inbound traffic"
  88   vpc_id = aws_vpc.CSIT.id
  89
  90   ingress {
  91     from_port = 22
  92     to_port = 22
  93     protocol = "tcp"
  94     cidr_blocks = ["0.0.0.0/0"]
  95   }
  96
  97   ingress {
  98     from_port = 0
  99     to_port = 0
 100     protocol = -1
 101     self = true
 102   }
 103
 104   egress {
 105     from_port = 0
 106     to_port = 0
 107     protocol = "-1"
 108     cidr_blocks = ["0.0.0.0/0"]
 109   }
 110
 111   depends_on = [aws_vpc.CSIT]
 112 }
 113
 114 resource "aws_vpc_ipv4_cidr_block_association" "b" {
 115   vpc_id = aws_vpc.CSIT.id
 116   cidr_block = var.vpc_cidr_b
 117   depends_on = [aws_vpc.CSIT]
 118 }
 119 resource "aws_vpc_ipv4_cidr_block_association" "c" {
 120   vpc_id = aws_vpc.CSIT.id
 121   cidr_block = var.vpc_cidr_c
 122   depends_on = [aws_vpc.CSIT]
 123 }
 124 resource "aws_vpc_ipv4_cidr_block_association" "d" {
 125   vpc_id = aws_vpc.CSIT.id
 126   cidr_block = var.vpc_cidr_d
 127   depends_on = [aws_vpc.CSIT]
 128 }
 129
 130 resource "aws_subnet" "mgmt" {
 131   vpc_id = aws_vpc.CSIT.id
 132   cidr_block = var.vpc_cidr_mgmt
 133   availability_zone = var.avail_zone
 134   depends_on = [aws_vpc.CSIT]
 135 }
 136
 137 resource "aws_subnet" "b" {
 138   vpc_id = aws_vpc.CSIT.id
 139   cidr_block = var.vpc_cidr_b
 140   availability_zone = var.avail_zone
 141   depends_on = [aws_vpc.CSIT, aws_vpc_ipv4_cidr_block_association.b]
 142 }
 143
 144 resource "aws_subnet" "c" {
 145   vpc_id = aws_vpc.CSIT.id
 146   cidr_block = var.vpc_cidr_c
 147   availability_zone = var.avail_zone
 148   depends_on = [aws_vpc.CSIT, aws_vpc_ipv4_cidr_block_association.c]
 149 }
 150
 151 resource "aws_subnet" "d" {
 152   vpc_id = aws_vpc.CSIT.id
 153   cidr_block = var.vpc_cidr_d
 154   availability_zone = var.avail_zone
 155   depends_on = [aws_vpc.CSIT, aws_vpc_ipv4_cidr_block_association.d]
 156 }
 157
 158 resource "aws_internet_gateway" "CSIT" {
 159   vpc_id = aws_vpc.CSIT.id
 160   depends_on = [aws_vpc.CSIT]
 161 }
 162
 163 resource "aws_key_pair" "CSIT" {
 164   key_name = "CSIT"
 165   public_key = file("~/.ssh/id_rsa.pub")
 166 }
 167
 168 data "aws_ami" "ubuntu" {
 169   most_recent = true
 170
 171   filter {
 172     name = "name"
 173     values = ["*hvm-ssd/ubuntu-bionic-18.04-amd64*"]
 174   }
 175
 176   filter {
 177     name = "virtualization-type"
 178     values = ["hvm"]
 179   }
 180
 181   owners = ["099720109477"] # Canonical
 182 }
 183
 184 resource "aws_placement_group" "CSIT" {
 185   name = "CSIT"
 186   strategy = "cluster"
 187 }
 188
 189 resource "aws_instance" "tg" {
 190   ami = data.aws_ami.ubuntu.id
 191   instance_type = var.instance_type
 192 #  cpu_threads_per_core = 1
 193 #  cpu_core_count = 18
 194   key_name = aws_key_pair.CSIT.key_name
 195   associate_public_ip_address = true
 196   subnet_id = aws_subnet.mgmt.id
 197   private_ip = var.tg_mgmt_ip
 198   vpc_security_group_ids = [aws_security_group.CSIT.id]
 199   depends_on = [aws_vpc.CSIT, aws_placement_group.CSIT]
 200   placement_group = aws_placement_group.CSIT.id
 201   source_dest_check = false
 202 }
 203
 204 resource "aws_instance" "dut1" {
 205   ami = data.aws_ami.ubuntu.id
 206 #  cpu_threads_per_core = 1
 207 #  cpu_core_count = 18
 208   instance_type = var.instance_type
 209   key_name = aws_key_pair.CSIT.key_name
 210   associate_public_ip_address = true
 211   subnet_id = aws_subnet.mgmt.id
 212   private_ip = var.dut1_mgmt_ip
 213   vpc_security_group_ids = [aws_security_group.CSIT.id]
 214   depends_on = [aws_vpc.CSIT, aws_placement_group.CSIT]
 215   placement_group = aws_placement_group.CSIT.id
 216   source_dest_check = false
 217 }
 218
 219 resource "aws_instance" "dut2" {
 220   ami = data.aws_ami.ubuntu.id
 221 #  cpu_threads_per_core = 1
 222 #  cpu_core_count = 18
 223   instance_type = var.instance_type
 224   key_name = aws_key_pair.CSIT.key_name
 225   associate_public_ip_address = true
 226   subnet_id = aws_subnet.mgmt.id
 227   private_ip = var.dut2_mgmt_ip
 228   vpc_security_group_ids = [aws_security_group.CSIT.id]
 229   depends_on = [aws_vpc.CSIT, aws_placement_group.CSIT]
 230   placement_group = aws_placement_group.CSIT.id
 231   source_dest_check = false
 232 }
 233
 234 resource "aws_route" "CSIT-igw" {
 235   route_table_id = aws_vpc.CSIT.main_route_table_id
 236   gateway_id = aws_internet_gateway.CSIT.id
 237   destination_cidr_block = "0.0.0.0/0"
 238   depends_on = [aws_vpc.CSIT, aws_internet_gateway.CSIT]
 239 }
 240 resource "aws_route" "dummy-trex-port-0" {
 241   route_table_id = aws_vpc.CSIT.main_route_table_id
 242   network_interface_id = aws_instance.tg.primary_network_interface_id
 243   destination_cidr_block = var.trex_dummy_cidr_port_0
 244   depends_on = [aws_vpc.CSIT, aws_instance.dut1]
 245 }
 246 resource "aws_route" "dummy-trex-port-1" {
 247   route_table_id = aws_vpc.CSIT.main_route_table_id
 248   network_interface_id = aws_instance.tg.primary_network_interface_id
 249   destination_cidr_block = var.trex_dummy_cidr_port_1
 250   depends_on = [aws_vpc.CSIT, aws_instance.dut2]
 251 }
 252
 253 resource "null_resource" "deploy_tg" {
 254   depends_on = [ aws_instance.tg ]
 255   connection {
 256     user = "ubuntu"
 257     host = aws_instance.tg.public_ip
 258     private_key = file("~/.ssh/id_rsa")
 259   }
 260   provisioner "ansible" {
 261     plays {
 262       playbook {
 263         file_path = "../../testbed-setup/ansible/site_aws.yaml"
 264         force_handlers = true
 265       }
 266       hosts = ["tg"]
 267       extra_vars = {
 268         ansible_python_interpreter = "/usr/bin/python3"
 269         aws = true
 270       }
 271     }
 272   }
 273 }
 274 resource "null_resource" "deploy_dut1" {
 275   depends_on = [ aws_instance.dut1 ]
 276   connection {
 277     user = "ubuntu"
 278     host = aws_instance.dut1.public_ip
 279     private_key = file("~/.ssh/id_rsa")
 280   }
 281   provisioner "ansible" {
 282     plays {
 283       playbook {
 284         file_path = "../../testbed-setup/ansible/site_aws.yaml"
 285         force_handlers = true
 286       }
 287       hosts = ["sut"]
 288       extra_vars = {
 289         ansible_python_interpreter = "/usr/bin/python3"
 290         aws = true
 291       }
 292     }
 293   }
 294 }
 295 resource "null_resource" "deploy_dut2" {
 296   depends_on = [ aws_instance.dut2 ]
 297   connection {
 298     user = "ubuntu"
 299     host = aws_instance.dut2.public_ip
 300     private_key = file("~/.ssh/id_rsa")
 301   }
 302   provisioner "ansible" {
 303     plays {
 304       playbook {
 305         file_path = "../../testbed-setup/ansible/site_aws.yaml"
 306         force_handlers = true
 307       }
 308       hosts = ["sut"]
 309       extra_vars = {
 310         ansible_python_interpreter = "/usr/bin/python3"
 311         aws = true
 312       }
 313     }
 314   }
 315 }
 316
 317 resource "null_resource" "deploy_topology" {
 318   depends_on = [ aws_instance.tg, aws_instance.dut1, aws_instance.dut2 ]
 319   provisioner "ansible" {
 320     plays {
 321       playbook {
 322         file_path = "../../testbed-setup/ansible/cloud_topology.yaml"
 323       }
 324       hosts = ["local"]
 325       extra_vars = {
 326         ansible_python_interpreter = "/usr/bin/python3"
 327         cloud_topology = "aws"
 328         tg_if1_mac = data.aws_network_interface.tg_if1.mac_address
 329         tg_if2_mac = data.aws_network_interface.tg_if2.mac_address
 330         dut1_if1_mac = data.aws_network_interface.dut1_if1.mac_address
 331         dut1_if2_mac = data.aws_network_interface.dut1_if2.mac_address
 332         dut2_if1_mac = data.aws_network_interface.dut2_if1.mac_address
 333         dut2_if2_mac = data.aws_network_interface.dut2_if2.mac_address
 334         tg_public_ip = aws_instance.tg.public_ip
 335         dut1_public_ip = aws_instance.dut1.public_ip
 336         dut2_public_ip = aws_instance.dut2.public_ip
 337       }
 338     }
 339   }
 340 }
 341
 342 output "dbg_tg" {
 343   value = "TG IP: ${aws_instance.tg.public_ip}"
 344 }
 345
 346 output "dbg_dut1" {
 347   value = "DUT1 IP: ${aws_instance.dut1.public_ip}"
 348 }
 349
 350 output "dbg_dut2" {
 351   value = "DUT2 IP: ${aws_instance.dut2.public_ip}"
 352 }