--- /dev/null
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+.terraform.lock.hcl
+.terraform.tfstate.lock.info
+
+# Crash log files
+crash.log
+
+# Exclude all .tfvars files, which are likely to contain sentitive data, such as
+# password, private keys, and other secrets. These should not be part of version
+# control as they are data points which are potentially sensitive and subject
+# to change depending on the environment.
+#
+*.tfvars
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Include override files you do wish to add to version control using negated pattern
+#
+# !example_override.tf
+
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+# example: *tfplan*
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc
\ No newline at end of file
}
resource "aws_vpc" "CSITVPC" {
- assign_generated_ipv6_cidr_block = false
+ assign_generated_ipv6_cidr_block = true
enable_dns_hostnames = false
enable_dns_support = true
cidr_block = var.vpc_cidr_mgmt
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
- ipv6_cidr_blocks = []
+ }
+
+ ingress {
+ from_port = 22
+ to_port = 22
+ protocol = "tcp"
+ ipv6_cidr_blocks = ["::/0"]
}
ingress {
to_port = 0
protocol = -1
self = true
- ipv6_cidr_blocks = []
+ ipv6_cidr_blocks = ["::/0"]
}
egress {
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
- ipv6_cidr_blocks = []
+ }
+
+ egress {
+ from_port = 0
+ to_port = 0
+ protocol = "-1"
+ ipv6_cidr_blocks = ["::/0"]
}
tags = {
depends_on = [
aws_vpc.CSITVPC
]
+ ipv6_cidr_block = cidrsubnet(aws_vpc.CSITVPC.ipv6_cidr_block, 8, 1)
map_public_ip_on_launch = false
vpc_id = aws_vpc.CSITVPC.id
resource "aws_subnet" "b" {
availability_zone = var.avail_zone
- assign_ipv6_address_on_creation = false
+ assign_ipv6_address_on_creation = true
cidr_block = var.vpc_cidr_b
depends_on = [
aws_vpc.CSITVPC,
aws_vpc_ipv4_cidr_block_association.b
]
+ ipv6_cidr_block = cidrsubnet(aws_vpc.CSITVPC.ipv6_cidr_block, 8, 2)
map_public_ip_on_launch = false
vpc_id = aws_vpc.CSITVPC.id
resource "aws_subnet" "c" {
availability_zone = var.avail_zone
- assign_ipv6_address_on_creation = false
+ assign_ipv6_address_on_creation = true
cidr_block = var.vpc_cidr_c
depends_on = [
aws_vpc.CSITVPC,
aws_vpc_ipv4_cidr_block_association.c
]
+ ipv6_cidr_block = cidrsubnet(aws_vpc.CSITVPC.ipv6_cidr_block, 8, 3)
map_public_ip_on_launch = false
vpc_id = aws_vpc.CSITVPC.id
resource "aws_subnet" "d" {
availability_zone = var.avail_zone
- assign_ipv6_address_on_creation = false
+ assign_ipv6_address_on_creation = true
cidr_block = var.vpc_cidr_d
depends_on = [
aws_vpc.CSITVPC,
aws_vpc_ipv4_cidr_block_association.d
]
+ ipv6_cidr_block = cidrsubnet(aws_vpc.CSITVPC.ipv6_cidr_block, 8, 4)
map_public_ip_on_launch = false
vpc_id = aws_vpc.CSITVPC.id
vpc_security_group_ids = [aws_security_group.CSITSG.id]
# host_id = "1"
-# root_block_device {
-# volume_size = 50
-# }
+ root_block_device {
+ delete_on_termination = true
+ volume_size = 50
+ }
tags = {
"Name" = "${var.resources_name_prefix}_${var.testbed_name}-tg"
vpc_security_group_ids = [aws_security_group.CSITSG.id]
# host_id = "2"
-# root_block_device {
-# volume_size = 50
-# }
+ root_block_device {
+ delete_on_termination = true
+ volume_size = 50
+ }
tags = {
"Name" = "${var.resources_name_prefix}_${var.testbed_name}-dut1"
aws_vpc.CSITVPC,
aws_internet_gateway.CSITGW
]
- destination_cidr_block = "0.0.0.0/0"
- gateway_id = aws_internet_gateway.CSITGW.id
- route_table_id = aws_vpc.CSITVPC.main_route_table_id
+ destination_cidr_block = "0.0.0.0/0"
+ destination_ipv6_cidr_block = "::/0"
+ gateway_id = aws_internet_gateway.CSITGW.id
+ route_table_id = aws_vpc.CSITVPC.main_route_table_id
}
resource "aws_route" "dummy-trex-port-0" {
type = string
default = "192.168.0.0/24"
}
+
variable "vpc_cidr_b" {
description = "CIDR block B"
type = string
default = "192.168.10.0/24"
}
+
variable "vpc_cidr_c" {
description = "CIDR block C"
type = string
default = "200.0.0.0/24"
}
+
variable "vpc_cidr_d" {
description = "CIDR block D"
type = string
type = string
default = "10.0.0.0/24"
}
+
variable "trex_dummy_cidr_port_1" {
description = "TREX dummy CIDR"
type = string
type = string
default = "192.168.10.254"
}
+
variable "tg_if2_ip" {
description = "TG IP on interface 2"
type = string
default = "192.168.20.254"
}
+
variable "dut1_if1_ip" {
description = "DUT IP on interface 1"
type = string
default = "192.168.10.11"
}
+
variable "dut1_if2_ip" {
description = "DUT IP on interface 1"
type = string
default = "192.168.20.11"
}
+
variable "tg_mgmt_ip" {
description = "TG management interface IP"
type = string
default = "192.168.0.10"
}
+
variable "dut1_mgmt_ip" {
description = "DUT management interface IP"
type = string
dut1_if1_ip = "192.168.10.11"
dut1_if2_ip = "192.168.20.11"
- trex_dummy_cidr_port_0 = "10.0.0.0/24"
- trex_dummy_cidr_port_1 = "20.0.0.0/24"
+ trex_dummy_cidr_port_0 = "10.0.0.0/16"
+ trex_dummy_cidr_port_1 = "20.0.0.0/16"
# Ansible
ansible_python_executable = "/usr/bin/python3"
--- /dev/null
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+.terraform.lock.hcl
+.terraform.tfstate.lock.info
+
+# Crash log files
+crash.log
+
+# Exclude all .tfvars files, which are likely to contain sentitive data, such as
+# password, private keys, and other secrets. These should not be part of version
+# control as they are data points which are potentially sensitive and subject
+# to change depending on the environment.
+#
+*.tfvars
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Include override files you do wish to add to version control using negated pattern
+#
+# !example_override.tf
+
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+# example: *tfplan*
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc
\ No newline at end of file
}
resource "aws_vpc" "CSITVPC" {
- assign_generated_ipv6_cidr_block = false
+ assign_generated_ipv6_cidr_block = true
enable_dns_hostnames = false
enable_dns_support = true
cidr_block = var.vpc_cidr_mgmt
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
- ipv6_cidr_blocks = []
+ }
+
+ ingress {
+ from_port = 22
+ to_port = 22
+ protocol = "tcp"
+ ipv6_cidr_blocks = ["::/0"]
}
ingress {
to_port = 0
protocol = -1
self = true
- ipv6_cidr_blocks = []
+ ipv6_cidr_blocks = ["::/0"]
}
egress {
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
- ipv6_cidr_blocks = []
+ }
+
+ egress {
+ from_port = 0
+ to_port = 0
+ protocol = "-1"
+ ipv6_cidr_blocks = ["::/0"]
}
tags = {
depends_on = [
aws_vpc.CSITVPC
]
+ ipv6_cidr_block = cidrsubnet(aws_vpc.CSITVPC.ipv6_cidr_block, 8, 1)
map_public_ip_on_launch = false
vpc_id = aws_vpc.CSITVPC.id
aws_vpc.CSITVPC,
aws_vpc_ipv4_cidr_block_association.b
]
+ ipv6_cidr_block = cidrsubnet(aws_vpc.CSITVPC.ipv6_cidr_block, 8, 2)
map_public_ip_on_launch = false
vpc_id = aws_vpc.CSITVPC.id
aws_vpc.CSITVPC,
aws_vpc_ipv4_cidr_block_association.c
]
+ ipv6_cidr_block = cidrsubnet(aws_vpc.CSITVPC.ipv6_cidr_block, 8, 3)
map_public_ip_on_launch = false
vpc_id = aws_vpc.CSITVPC.id
aws_vpc.CSITVPC,
aws_vpc_ipv4_cidr_block_association.d
]
+ ipv6_cidr_block = cidrsubnet(aws_vpc.CSITVPC.ipv6_cidr_block, 8, 4)
map_public_ip_on_launch = false
vpc_id = aws_vpc.CSITVPC.id
aws_vpc.CSITVPC,
aws_internet_gateway.CSITGW
]
- destination_cidr_block = "0.0.0.0/0"
- gateway_id = aws_internet_gateway.CSITGW.id
- route_table_id = aws_vpc.CSITVPC.main_route_table_id
+ destination_cidr_block = "0.0.0.0/0"
+ destination_ipv6_cidr_block = "::/0"
+ gateway_id = aws_internet_gateway.CSITGW.id
+ route_table_id = aws_vpc.CSITVPC.main_route_table_id
}
resource "aws_route" "dummy-trex-port-0" {
type = string
default = "192.168.0.0/24"
}
+
variable "vpc_cidr_b" {
description = "CIDR block B"
type = string
default = "192.168.10.0/24"
}
+
variable "vpc_cidr_c" {
description = "CIDR block C"
type = string
default = "200.0.0.0/24"
}
+
variable "vpc_cidr_d" {
description = "CIDR block D"
type = string
type = string
default = "10.0.0.0/24"
}
+
variable "trex_dummy_cidr_port_1" {
description = "TREX dummy CIDR"
type = string
type = string
default = "192.168.10.254"
}
+
variable "tg_if2_ip" {
description = "TG IP on interface 2"
type = string
default = "192.168.20.254"
}
+
variable "dut1_if1_ip" {
description = "DUT IP on interface 1"
type = string
default = "192.168.10.11"
}
+
variable "dut1_if2_ip" {
description = "DUT IP on interface 2"
type = string
default = "200.0.0.101"
}
+
variable "dut2_if1_ip" {
description = "DUT2 IP on interface 1"
type = string
default = "200.0.0.102"
}
+
variable "dut2_if2_ip" {
description = "DUT2 IP on interface 2"
type = string
default = "192.168.20.11"
}
+
variable "tg_mgmt_ip" {
description = "TG management interface IP"
type = string
default = "192.168.0.10"
}
+
variable "dut1_mgmt_ip" {
description = "DUT1 management interface IP"
type = string
default = "192.168.0.11"
}
+
variable "dut2_mgmt_ip" {
description = "DUT2 management interface IP"
type = string
dut2_if1_ip = "200.0.0.102"
dut2_if2_ip = "192.168.20.11"
- trex_dummy_cidr_port_0 = "10.0.0.0/24"
- trex_dummy_cidr_port_1 = "20.0.0.0/24"
+ trex_dummy_cidr_port_0 = "10.0.0.0/16"
+ trex_dummy_cidr_port_1 = "20.0.0.0/16"
# Ansible
ansible_python_executable = "/usr/bin/python3"
Code Review / csit.git / commitdiff