--- /dev/null
+provider "azurerm" {
+ version = ">= 1.4.0"
+}
+
+# Variables
+
+variable "vpc_addr_space_a" {
+ type = string
+ default = "172.16.0.0/16"
+}
+
+variable "vpc_cidr_a" {
+ type = string
+ default = "172.16.0.0/24"
+}
+
+variable "vpc_cidr_b" {
+ type = string
+ default = "172.16.10.0/24"
+}
+
+variable "vpc_cidr_c" {
+ type = string
+ default = "172.16.200.0/24"
+}
+
+variable "vpc_cidr_d" {
+ type = string
+ default = "172.16.20.0/24"
+}
+
+variable "trex_dummy_cidr_port_0" {
+ type = string
+ default = "172.16.11.0/24"
+}
+
+variable "trex_dummy_cidr_port_1" {
+ type = string
+ default = "172.16.21.0/24"
+}
+
+# Create resource group and resources
+
+resource "azurerm_resource_group" "CSIT" {
+ name = "CSIT"
+ #location = "East US"
+ location = "UK South"
+}
+
+resource "azurerm_virtual_network" "CSIT" {
+ name = "CSIT-network"
+ resource_group_name = azurerm_resource_group.CSIT.name
+ location = azurerm_resource_group.CSIT.location
+ address_space = [ var.vpc_addr_space_a ]
+ depends_on = [ azurerm_resource_group.CSIT ]
+}
+
+resource "azurerm_subnet" "a" {
+ name = "subnet_a"
+ resource_group_name = azurerm_resource_group.CSIT.name
+ virtual_network_name = azurerm_virtual_network.CSIT.name
+ address_prefix = var.vpc_cidr_a
+ depends_on = [ azurerm_resource_group.CSIT ]
+}
+
+resource "azurerm_subnet" "b" {
+ name = "subnet_b"
+ resource_group_name = azurerm_resource_group.CSIT.name
+ virtual_network_name = azurerm_virtual_network.CSIT.name
+ address_prefix = var.vpc_cidr_b
+ depends_on = [ azurerm_resource_group.CSIT ]
+}
+
+resource "azurerm_subnet" "c" {
+ name = "subnet_c"
+ resource_group_name = azurerm_resource_group.CSIT.name
+ virtual_network_name = azurerm_virtual_network.CSIT.name
+ address_prefix = var.vpc_cidr_c
+ depends_on = [ azurerm_resource_group.CSIT ]
+}
+
+resource "azurerm_subnet" "d" {
+ name = "subnet_d"
+ resource_group_name = azurerm_resource_group.CSIT.name
+ virtual_network_name = azurerm_virtual_network.CSIT.name
+ address_prefix = var.vpc_cidr_d
+ depends_on = [ azurerm_resource_group.CSIT ]
+}
+
+# Create a security group of the Kiknos instances
+
+resource "azurerm_network_security_group" "CSIT" {
+ name = "CSIT"
+ resource_group_name = azurerm_resource_group.CSIT.name
+ location = azurerm_resource_group.CSIT.location
+ security_rule {
+ name = "IpSec"
+ priority = 100
+ direction = "Inbound"
+ access = "Allow"
+ protocol = "Udp"
+ source_port_range = "*"
+ destination_port_range = "500"
+ source_address_prefix = "*"
+ destination_address_prefix = "*"
+ }
+ security_rule {
+ name = "IpSec-NAT"
+ priority = 101
+ direction = "Inbound"
+ access = "Allow"
+ protocol = "Udp"
+ source_port_range = "*"
+ destination_port_range = "4500"
+ source_address_prefix = "*"
+ destination_address_prefix = "*"
+ }
+ security_rule {
+ name = "SSH"
+ priority = 102
+ direction = "Inbound"
+ access = "Allow"
+ protocol = "Tcp"
+ source_port_range = "*"
+ destination_port_range = "22"
+ source_address_prefix = "*"
+ destination_address_prefix = "*"
+ }
+ security_rule {
+ name = "InboundAll"
+ priority = 103
+ direction = "Inbound"
+ access = "Allow"
+ protocol = "*"
+ source_port_range = "*"
+ destination_port_range = "*"
+ source_address_prefix = "*"
+ destination_address_prefix = "*"
+ }
+ security_rule {
+ name = "Outbound"
+ priority = 104
+ direction = "Outbound"
+ access = "Allow"
+ protocol = "*"
+ source_port_range = "*"
+ destination_port_range = "*"
+ source_address_prefix = "*"
+ destination_address_prefix = "*"
+ }
+ depends_on = [azurerm_virtual_network.CSIT]
+}
+
+# Create public IPs
+
+resource "azurerm_public_ip" "tg_public_ip" {
+ name = "tg_public_ip"
+ location = azurerm_resource_group.CSIT.location
+ resource_group_name = azurerm_resource_group.CSIT.name
+ allocation_method = "Dynamic"
+ depends_on = [ azurerm_resource_group.CSIT ]
+}
+
+resource "azurerm_public_ip" "dut1_public_ip" {
+ name = "dut1_public_ip"
+ location = azurerm_resource_group.CSIT.location
+ resource_group_name = azurerm_resource_group.CSIT.name
+ allocation_method = "Dynamic"
+ depends_on = [ azurerm_resource_group.CSIT ]
+}
+
+resource "azurerm_public_ip" "dut2_public_ip" {
+ name = "dut2_public_ip"
+ location = azurerm_resource_group.CSIT.location
+ resource_group_name = azurerm_resource_group.CSIT.name
+ allocation_method = "Dynamic"
+ depends_on = [ azurerm_resource_group.CSIT ]
+}
+
+# Create network interface
+
+resource "azurerm_network_interface" "tg_mng" {
+ name = "tg_mng"
+ location = azurerm_resource_group.CSIT.location
+ resource_group_name = azurerm_resource_group.CSIT.name
+ network_security_group_id = azurerm_network_security_group.CSIT.id
+ ip_configuration {
+ primary = "true"
+ name = "tg_mng_ip"
+ subnet_id = azurerm_subnet.a.id
+ private_ip_address_allocation = "Static"
+ private_ip_address = "172.16.0.10"
+ public_ip_address_id = azurerm_public_ip.tg_public_ip.id
+ }
+ depends_on = [ azurerm_resource_group.CSIT,
+ azurerm_subnet.a,
+ azurerm_public_ip.tg_public_ip ]
+}
+
+resource "azurerm_network_interface" "dut1_mng" {
+ name = "dut1_mng"
+ location = azurerm_resource_group.CSIT.location
+ resource_group_name = azurerm_resource_group.CSIT.name
+ network_security_group_id = azurerm_network_security_group.CSIT.id
+ ip_configuration {
+ primary = "true"
+ name = "dut1_mng_ip"
+ subnet_id = azurerm_subnet.a.id
+ private_ip_address_allocation = "Static"
+ private_ip_address = "172.16.0.11"
+ public_ip_address_id = azurerm_public_ip.dut1_public_ip.id
+ }
+ depends_on = [ azurerm_resource_group.CSIT,
+ azurerm_subnet.a,
+ azurerm_public_ip.dut1_public_ip ]
+}
+
+resource "azurerm_network_interface" "dut2_mng" {
+ name = "dut2_mng"
+ location = azurerm_resource_group.CSIT.location
+ resource_group_name = azurerm_resource_group.CSIT.name
+ network_security_group_id = azurerm_network_security_group.CSIT.id
+ ip_configuration {
+ primary = "true"
+ name = "dut2_mng_ip"
+ subnet_id = azurerm_subnet.a.id
+ private_ip_address_allocation = "Static"
+ private_ip_address = "172.16.0.12"
+ public_ip_address_id = azurerm_public_ip.dut2_public_ip.id
+ }
+ depends_on = [ azurerm_resource_group.CSIT,
+ azurerm_subnet.a,
+ azurerm_public_ip.dut2_public_ip ]
+}
+
+resource "azurerm_route_table" "b" {
+ name = "b"
+ location = azurerm_resource_group.CSIT.location
+ resource_group_name = azurerm_resource_group.CSIT.name
+ depends_on = [ azurerm_resource_group.CSIT,
+ azurerm_subnet.b ]
+ disable_bgp_route_propagation = false
+ route {
+ name = "route-10"
+ address_prefix = var.trex_dummy_cidr_port_0
+ next_hop_type = "VirtualAppliance"
+ next_hop_in_ip_address = data.azurerm_network_interface.tg_if1.private_ip_address
+ }
+ route {
+ name = "route-20"
+ address_prefix = var.trex_dummy_cidr_port_1
+ next_hop_type = "VirtualAppliance"
+ next_hop_in_ip_address = data.azurerm_network_interface.dut1_if1.private_ip_address
+ }
+ route {
+ name = "tg2"
+ address_prefix = var.vpc_cidr_d
+ next_hop_type = "VirtualAppliance"
+ next_hop_in_ip_address = data.azurerm_network_interface.dut1_if1.private_ip_address
+ }
+}
+
+resource "azurerm_route_table" "c" {
+ name = "c"
+ location = azurerm_resource_group.CSIT.location
+ resource_group_name = azurerm_resource_group.CSIT.name
+ depends_on = [ azurerm_resource_group.CSIT,
+ azurerm_subnet.c ]
+ disable_bgp_route_propagation = false
+ route {
+ name = "route-10"
+ address_prefix = var.trex_dummy_cidr_port_0
+ next_hop_type = "VirtualAppliance"
+ next_hop_in_ip_address = data.azurerm_network_interface.dut1_if2.private_ip_address
+ }
+ route {
+ name = "route-100"
+ address_prefix = "100.0.0.0/8"
+ next_hop_type = "VirtualAppliance"
+ next_hop_in_ip_address = data.azurerm_network_interface.dut1_if2.private_ip_address
+ }
+ route {
+ name = "route-20"
+ address_prefix = var.trex_dummy_cidr_port_1
+ next_hop_type = "VirtualAppliance"
+ next_hop_in_ip_address = data.azurerm_network_interface.dut2_if1.private_ip_address
+ }
+ route {
+ name = "tg1"
+ address_prefix = var.vpc_cidr_b
+ next_hop_type = "VirtualAppliance"
+ next_hop_in_ip_address = data.azurerm_network_interface.dut1_if2.private_ip_address
+ }
+ route {
+ name = "tg2"
+ address_prefix = var.vpc_cidr_d
+ next_hop_type = "VirtualAppliance"
+ next_hop_in_ip_address = data.azurerm_network_interface.dut2_if1.private_ip_address
+ }
+}
+
+resource "azurerm_route_table" "d" {
+ name = "d"
+ location = azurerm_resource_group.CSIT.location
+ resource_group_name = azurerm_resource_group.CSIT.name
+ depends_on = [ azurerm_resource_group.CSIT,
+ azurerm_subnet.d ]
+ disable_bgp_route_propagation = false
+ route {
+ name = "route-10"
+ address_prefix = var.trex_dummy_cidr_port_0
+ next_hop_type = "VirtualAppliance"
+ next_hop_in_ip_address = data.azurerm_network_interface.dut2_if2.private_ip_address
+ }
+ route {
+ name = "route-20"
+ address_prefix = var.trex_dummy_cidr_port_1
+ next_hop_type = "VirtualAppliance"
+ next_hop_in_ip_address = data.azurerm_network_interface.tg_if2.private_ip_address
+ }
+ route {
+ name = "tg1"
+ address_prefix = var.vpc_cidr_b
+ next_hop_type = "VirtualAppliance"
+ next_hop_in_ip_address = data.azurerm_network_interface.dut2_if2.private_ip_address
+ }
+}
+
+resource "azurerm_subnet_route_table_association" "b" {
+ subnet_id = azurerm_subnet.b.id
+ route_table_id = azurerm_route_table.b.id
+}
+
+resource "azurerm_subnet_route_table_association" "c" {
+ subnet_id = azurerm_subnet.c.id
+ route_table_id = azurerm_route_table.c.id
+}
+
+resource "azurerm_subnet_route_table_association" "d" {
+ subnet_id = azurerm_subnet.d.id
+ route_table_id = azurerm_route_table.d.id
+}
+
+resource "azurerm_virtual_machine" "tg" {
+ name = "tg"
+ location = azurerm_resource_group.CSIT.location
+ resource_group_name = azurerm_resource_group.CSIT.name
+ primary_network_interface_id = azurerm_network_interface.tg_mng.id
+ network_interface_ids = [ azurerm_network_interface.tg_mng.id,
+ azurerm_network_interface.tg_if1.id,
+ azurerm_network_interface.tg_if2.id ]
+ vm_size = "Standard_F32s_v2"
+ delete_os_disk_on_termination = true
+ delete_data_disks_on_termination = true
+ storage_os_disk {
+ name = "OsDiskTG"
+ caching = "ReadWrite"
+ create_option = "FromImage"
+ managed_disk_type = "StandardSSD_LRS"
+ }
+ storage_image_reference {
+ publisher = "Canonical"
+ offer = "UbuntuServer"
+ sku = "18.04-LTS"
+ version = "latest"
+ }
+ os_profile {
+ computer_name = "tg"
+ admin_username = "ubuntu"
+ }
+ os_profile_linux_config {
+ disable_password_authentication = true
+ ssh_keys {
+ path = "/home/ubuntu/.ssh/authorized_keys"
+ key_data = file("~/.ssh/id_rsa.pub")
+ }
+ }
+ depends_on = [ azurerm_resource_group.CSIT,
+ azurerm_network_interface.tg_mng ]
+}
+
+resource "azurerm_virtual_machine" "dut1" {
+ name = "dut1"
+ location = azurerm_resource_group.CSIT.location
+ resource_group_name = azurerm_resource_group.CSIT.name
+ primary_network_interface_id = azurerm_network_interface.dut1_mng.id
+ network_interface_ids = [ azurerm_network_interface.dut1_mng.id,
+ azurerm_network_interface.dut1_if1.id,
+ azurerm_network_interface.dut1_if2.id ]
+ vm_size = "Standard_F32s_v2"
+ delete_os_disk_on_termination = true
+ delete_data_disks_on_termination = true
+ storage_os_disk {
+ name = "OsDiskDUT1"
+ caching = "ReadWrite"
+ create_option = "FromImage"
+ managed_disk_type = "StandardSSD_LRS"
+ }
+ storage_image_reference {
+ publisher = "Canonical"
+ offer = "UbuntuServer"
+ sku = "18.04-LTS"
+ version = "latest"
+ }
+ os_profile {
+ computer_name = "dut1"
+ admin_username = "ubuntu"
+ }
+ os_profile_linux_config {
+ disable_password_authentication = true
+ ssh_keys {
+ path = "/home/ubuntu/.ssh/authorized_keys"
+ key_data = file("~/.ssh/id_rsa.pub")
+ }
+ }
+ depends_on = [ azurerm_resource_group.CSIT,
+ azurerm_network_interface.dut1_mng ]
+}
+
+resource "azurerm_virtual_machine" "dut2" {
+ name = "dut2"
+ location = azurerm_resource_group.CSIT.location
+ resource_group_name = azurerm_resource_group.CSIT.name
+ primary_network_interface_id = azurerm_network_interface.dut2_mng.id
+ network_interface_ids = [ azurerm_network_interface.dut2_mng.id,
+ azurerm_network_interface.dut2_if1.id,
+ azurerm_network_interface.dut2_if2.id ]
+ vm_size = "Standard_F32s_v2"
+ delete_os_disk_on_termination = true
+ delete_data_disks_on_termination = true
+ storage_os_disk {
+ name = "OsDiskDUT2"
+ caching = "ReadWrite"
+ create_option = "FromImage"
+ managed_disk_type = "StandardSSD_LRS"
+ }
+ storage_image_reference {
+ publisher = "Canonical"
+ offer = "UbuntuServer"
+ sku = "18.04-LTS"
+ version = "latest"
+ }
+ os_profile {
+ computer_name = "dut2"
+ admin_username = "ubuntu"
+ }
+ os_profile_linux_config {
+ disable_password_authentication = true
+ ssh_keys {
+ path = "/home/ubuntu/.ssh/authorized_keys"
+ key_data = file("~/.ssh/id_rsa.pub")
+ }
+ }
+ depends_on = [ azurerm_resource_group.CSIT,
+ azurerm_network_interface.dut2_mng ]
+}
+
+data "azurerm_public_ip" "tg_public_ip" {
+ name = "tg_public_ip"
+ resource_group_name = azurerm_resource_group.CSIT.name
+ depends_on = [ azurerm_virtual_machine.tg ]
+}
+
+data "azurerm_public_ip" "dut1_public_ip" {
+ name = "dut1_public_ip"
+ resource_group_name = azurerm_resource_group.CSIT.name
+ depends_on = [ azurerm_virtual_machine.dut1 ]
+}
+
+data "azurerm_public_ip" "dut2_public_ip" {
+ name = "dut2_public_ip"
+ resource_group_name = azurerm_resource_group.CSIT.name
+ depends_on = [ azurerm_virtual_machine.dut2 ]
+}
+
+# Provisioning
+
+resource "null_resource" "deploy_tg" {
+ depends_on = [ azurerm_virtual_machine.tg,
+ azurerm_network_interface.tg_if1,
+ azurerm_network_interface.tg_if2 ]
+ connection {
+ user = "ubuntu"
+ host = data.azurerm_public_ip.tg_public_ip.ip_address
+ private_key = file("~/.ssh/id_rsa")
+ }
+ provisioner "ansible" {
+ plays {
+ playbook {
+ file_path = "../../testbed-setup/ansible/site.yaml"
+ force_handlers = true
+ }
+ hosts = ["tg_azure"]
+ extra_vars = {
+ ansible_python_interpreter = "/usr/bin/python3"
+ azure = true
+ }
+ }
+ }
+}
+
+resource "null_resource" "deploy_dut1" {
+ depends_on = [ azurerm_virtual_machine.dut1,
+ azurerm_network_interface.dut1_if1,
+ azurerm_network_interface.dut1_if2 ]
+ connection {
+ user = "ubuntu"
+ host = data.azurerm_public_ip.dut1_public_ip.ip_address
+ private_key = file("~/.ssh/id_rsa")
+ }
+ provisioner "ansible" {
+ plays {
+ playbook {
+ file_path = "../../testbed-setup/ansible/site.yaml"
+ force_handlers = true
+ }
+ hosts = ["sut_azure"]
+ extra_vars = {
+ ansible_python_interpreter = "/usr/bin/python3"
+ azure = true
+ }
+ }
+ }
+}
+
+resource "null_resource" "deploy_dut2" {
+ depends_on = [ azurerm_virtual_machine.dut2,
+ azurerm_network_interface.dut2_if1,
+ azurerm_network_interface.dut2_if2 ]
+ connection {
+ user = "ubuntu"
+ host = data.azurerm_public_ip.dut2_public_ip.ip_address
+ private_key = file("~/.ssh/id_rsa")
+ }
+ provisioner "ansible" {
+ plays {
+ playbook {
+ file_path = "../../testbed-setup/ansible/site.yaml"
+ force_handlers = true
+ }
+ hosts = ["sut_azure"]
+ extra_vars = {
+ ansible_python_interpreter = "/usr/bin/python3"
+ azure = true
+ }
+ }
+ }
+}
+
+resource "null_resource" "deploy_topology" {
+ depends_on = [ azurerm_virtual_machine.tg,
+ azurerm_network_interface.tg_if1,
+ azurerm_network_interface.tg_if2,
+ azurerm_virtual_machine.dut1,
+ azurerm_network_interface.dut1_if1,
+ azurerm_network_interface.dut1_if2,
+ azurerm_virtual_machine.dut2,
+ azurerm_network_interface.dut2_if1,
+ azurerm_network_interface.dut2_if2 ]
+ provisioner "ansible" {
+ plays {
+ playbook {
+ file_path = "../../testbed-setup/ansible/cloud_topology.yaml"
+ }
+ hosts = ["local"]
+ extra_vars = {
+ ansible_python_interpreter = "/usr/bin/python3"
+ cloud_topology = "3n_azure_Fsv2"
+ tg_if1_mac = data.azurerm_network_interface.tg_if1.mac_address
+ tg_if2_mac = data.azurerm_network_interface.tg_if2.mac_address
+ dut1_if1_mac = data.azurerm_network_interface.dut1_if1.mac_address
+ dut1_if2_mac = data.azurerm_network_interface.dut1_if2.mac_address
+ dut2_if1_mac = data.azurerm_network_interface.dut2_if1.mac_address
+ dut2_if2_mac = data.azurerm_network_interface.dut2_if2.mac_address
+ tg_public_ip = data.azurerm_public_ip.tg_public_ip.ip_address
+ dut1_public_ip = data.azurerm_public_ip.dut1_public_ip.ip_address
+ dut2_public_ip = data.azurerm_public_ip.dut2_public_ip.ip_address
+ }
+ }
+ }
+}
+
+output "dbg_tg" {
+ value = "TG IP: ${data.azurerm_public_ip.tg_public_ip.ip_address}"
+}
+
+output "dbg_dut1" {
+ value = "DUT1 IP: ${data.azurerm_public_ip.dut1_public_ip.ip_address}"
+}
+
+output "dbg_dut2" {
+ value = "DUT2 IP: ${data.azurerm_public_ip.dut2_public_ip.ip_address}"
+}
Code Review / csit.git / blobdiff