---
-# file: roles/topology/tasks/main.yaml
+# file: tasks/main.yaml
- name: Create Topology File
ansible.builtin.template:
--- /dev/null
+---
+metadata:
+ version: 0.1
+ schema:
+ - resources/topology_schemas/1_node_topology.sch.yaml
+ - resources/topology_schemas/topology.sch.yaml
+ tags: [hw, 1-node]
+
+nodes:
+ TG:
+ type: TG
+ subtype: TREX
+ host: "{{ tg_public_ip }}"
+ arch: x86_64
+ port: 22
+ username: testuser
+ password: Csit1234
+ interfaces:
+ port1:
+ # tg_instance/p1 - 100GE port1 on ENA NIC.
+ mac_address: {{ tg_if1_mac }}
+ pci_address: "0000:00:06.0"
+ link: link1
+ model: Amazon-Nitro-100G
+ port2:
+ # tg_instance/p2 - 100GE port2 on ENA NIC.
+ mac_address: {{ tg_if2_mac }}
+ pci_address: "0000:00:07.0"
+ link: link1
+ model: Amazon-Nitro-100G
--- /dev/null
+---
+metadata:
+ version: 0.1
+ schema:
+ - resources/topology_schemas/1_node_topology.sch.yaml
+ - resources/topology_schemas/topology.sch.yaml
+ tags: [hw, 1-node]
+
+nodes:
+ TG:
+ type: TG
+ subtype: TREX
+ host: "{{ tg_public_ip }}"
+ arch: x86_64
+ port: 22
+ username: testuser
+ password: Csit1234
+ interfaces:
+ port1:
+ # tg_instance/p1 - 200GE port1 on ENA NIC.
+ mac_address: {{ tg_if1_mac }}
+ pci_address: "0000:00:06.0"
+ link: link1
+ model: Amazon-Nitro-200G
+ port2:
+ # tg_instance/p2 - 200GE port2 on ENA NIC.
+ mac_address: {{ tg_if2_mac }}
+ pci_address: "0000:00:07.0"
+ link: link1
+ model: Amazon-Nitro-200G
password: Csit1234
interfaces:
port1:
- # tg_instance/p1 - 50GE port1 on ENA NIC.
+ # tg_instance/p1 - 100GE port1 on ENA NIC.
mac_address: {{ tg_if1_mac }}
pci_address: "0000:00:06.0"
link: link1
- model: Amazon-Nitro-50G
+ model: Amazon-Nitro-100G
port2:
- # tg_instance/p2 - 50GE port2 on ENA NIC.
+ # tg_instance/p2 - 100GE port2 on ENA NIC.
mac_address: {{ tg_if2_mac }}
pci_address: "0000:00:07.0"
link: link2
- model: Amazon-Nitro-50G
+ model: Amazon-Nitro-100G
DUT1:
type: DUT
host: "{{ dut1_public_ip }}"
uio_driver: vfio-pci
interfaces:
port1:
- # dut1_instance/p1 - 50GE port1 on ENA NIC.
+ # dut1_instance/p1 - 100GE port1 on ENA NIC.
mac_address: {{ dut1_if1_mac }}
pci_address: "0000:00:06.0"
link: link1
- model: Amazon-Nitro-50G
+ model: Amazon-Nitro-100G
port2:
- # dut1_instance/p2 - 50GE port2 on ENA NIC.
+ # dut1_instance/p2 - 100GE port2 on ENA NIC.
mac_address: {{ dut1_if2_mac }}
pci_address: "0000:00:07.0"
link: link2
- model: Amazon-Nitro-50G
+ model: Amazon-Nitro-100G
--- /dev/null
+---
+metadata:
+ version: 0.1
+ schema:
+ - resources/topology_schemas/2_node_topology.sch.yaml
+ - resources/topology_schemas/topology.sch.yaml
+ tags: [hw, 2-node]
+
+nodes:
+ TG:
+ type: TG
+ subtype: TREX
+ host: "{{ tg_public_ip }}"
+ arch: x86_64
+ port: 22
+ username: testuser
+ password: Csit1234
+ interfaces:
+ port1:
+ # tg_instance/p1 - 200GE port1 on ENA NIC.
+ mac_address: {{ tg_if1_mac }}
+ pci_address: "0000:00:06.0"
+ link: link1
+ model: Amazon-Nitro-200G
+ port2:
+ # tg_instance/p2 - 200GE port2 on ENA NIC.
+ mac_address: {{ tg_if2_mac }}
+ pci_address: "0000:00:07.0"
+ link: link2
+ model: Amazon-Nitro-200G
+ DUT1:
+ type: DUT
+ host: "{{ dut1_public_ip }}"
+ arch: x86_64
+ port: 22
+ username: testuser
+ password: Csit1234
+ uio_driver: vfio-pci
+ interfaces:
+ port1:
+ # dut1_instance/p1 - 200GE port1 on ENA NIC.
+ mac_address: {{ dut1_if1_mac }}
+ pci_address: "0000:00:06.0"
+ link: link1
+ model: Amazon-Nitro-200G
+ port2:
+ # dut1_instance/p2 - 200GE port2 on ENA NIC.
+ mac_address: {{ dut1_if2_mac }}
+ pci_address: "0000:00:07.0"
+ link: link2
+ model: Amazon-Nitro-200G
--- /dev/null
+---
+metadata:
+ version: 0.1
+ schema:
+ - resources/topology_schemas/3_node_topology.sch.yaml
+ - resources/topology_schemas/topology.sch.yaml
+ tags: [hw, 3-node]
+
+nodes:
+ TG:
+ type: TG
+ subtype: TREX
+ host: "{{ tg_public_ip }}"
+ arch: x86_64
+ port: 22
+ username: testuser
+ password: Csit1234
+ interfaces:
+ port1:
+ # tg_instance/p1 - 100GE port1 on ENA NIC.
+ mac_address: {{ tg_if1_mac }}
+ pci_address: "0000:00:06.0"
+ link: link1
+ model: Amazon-Nitro-100G
+ port2:
+ # tg_instance/p2 - 100GE port2 on ENA NIC.
+ mac_address: {{ tg_if2_mac }}
+ pci_address: "0000:00:07.0"
+ link: link2
+ model: Amazon-Nitro-100G
+ DUT1:
+ type: DUT
+ host: "{{ dut1_public_ip }}"
+ arch: x86_64
+ port: 22
+ username: testuser
+ password: Csit1234
+ uio_driver: vfio-pci
+ interfaces:
+ port1:
+ # dut1_instance/p1 - 100GE port1 on ENA NIC.
+ mac_address: {{ dut1_if1_mac }}
+ pci_address: "0000:00:06.0"
+ link: link1
+ model: Amazon-Nitro-100G
+ port2:
+ # dut1_instance/p2 - 100GE port2 on ENA NIC.
+ mac_address: {{ dut1_if2_mac }}
+ pci_address: "0000:00:07.0"
+ link: link21
+ model: Amazon-Nitro-100G
+ DUT2:
+ type: DUT
+ host: "{{ dut2_public_ip }}"
+ arch: x86_64
+ port: 22
+ username: testuser
+ password: Csit1234
+ uio_driver: vfio-pci
+ interfaces:
+ port1:
+ # dut2_instance/p1 - 100GE port1 on ENA NIC.
+ mac_address: {{ dut2_if1_mac }}
+ pci_address: "0000:00:06.0"
+ link: link21
+ model: Amazon-Nitro-100G
+ port2:
+ # dut2_instance/p2 - 100GE port1 on ENA NIC.
+ mac_address: {{ dut2_if2_mac }}
+ pci_address: "0000:00:07.0"
+ link: link2
+ model: Amazon-Nitro-100G
+
--- /dev/null
+---
+metadata:
+ version: 0.1
+ schema:
+ - resources/topology_schemas/3_node_topology.sch.yaml
+ - resources/topology_schemas/topology.sch.yaml
+ tags: [hw, 3-node]
+
+nodes:
+ TG:
+ type: TG
+ subtype: TREX
+ host: "{{ tg_public_ip }}"
+ arch: x86_64
+ port: 22
+ username: testuser
+ password: Csit1234
+ interfaces:
+ port1:
+ # tg_instance/p1 - 200GE port1 on ENA NIC.
+ mac_address: {{ tg_if1_mac }}
+ pci_address: "0000:00:06.0"
+ link: link1
+ model: Amazon-Nitro-200G
+ port2:
+ # tg_instance/p2 - 200GE port2 on ENA NIC.
+ mac_address: {{ tg_if2_mac }}
+ pci_address: "0000:00:07.0"
+ link: link2
+ model: Amazon-Nitro-200G
+ DUT1:
+ type: DUT
+ host: "{{ dut1_public_ip }}"
+ arch: x86_64
+ port: 22
+ username: testuser
+ password: Csit1234
+ uio_driver: vfio-pci
+ interfaces:
+ port1:
+ # dut1_instance/p1 - 200GE port1 on ENA NIC.
+ mac_address: {{ dut1_if1_mac }}
+ pci_address: "0000:00:06.0"
+ link: link1
+ model: Amazon-Nitro-200G
+ port2:
+ # dut1_instance/p2 - 200GE port2 on ENA NIC.
+ mac_address: {{ dut1_if2_mac }}
+ pci_address: "0000:00:07.0"
+ link: link21
+ model: Amazon-Nitro-200G
+ DUT2:
+ type: DUT
+ host: "{{ dut2_public_ip }}"
+ arch: x86_64
+ port: 22
+ username: testuser
+ password: Csit1234
+ uio_driver: vfio-pci
+ interfaces:
+ port1:
+ # dut2_instance/p1 - 200GE port1 on ENA NIC.
+ mac_address: {{ dut2_if1_mac }}
+ pci_address: "0000:00:06.0"
+ link: link21
+ model: Amazon-Nitro-200G
+ port2:
+ # dut2_instance/p2 - 200GE port1 on ENA NIC.
+ mac_address: {{ dut2_if2_mac }}
+ pci_address: "0000:00:07.0"
+ link: link2
+ model: Amazon-Nitro-200G
+
}
# Create Private Key
-resource "tls_private_key" "private_key" {
- algorithm = var.private_key_algorithm
+module "private_key" {
+ source = "pmikus/private-key/tls"
+ version = "4.0.4"
+
+ private_key_algorithm = var.private_key_algorithm
}
# Create Key Pair
-resource "aws_key_pair" "key_pair" {
- depends_on = [
- tls_private_key.private_key
- ]
- key_name = local.key_pair_key_name
- public_key = tls_private_key.private_key.public_key_openssh
+module "key_pair" {
+ source = "pmikus/key-pair/aws"
+ version = "5.7.0"
+
+ key_pair_key_name = local.key_pair_key_name
+ key_pair_public_key = module.private_key.public_key_openssh
+
+ key_pair_tags = {
+ "Environment" = local.environment
+ }
}
# Create Placement Group
associate_public_ip_address = var.tg_associate_public_ip_address
instance_initiated_shutdown_behavior = var.tg_instance_initiated_shutdown_behavior
instance_type = var.tg_instance_type
- key_name = aws_key_pair.key_pair.key_name
+ key_name = module.key_pair.key_pair_key_name
placement_group = aws_placement_group.placement_group.id
private_ip = var.tg_private_ip
source_dest_check = var.tg_source_dest_check
connection {
user = "ubuntu"
host = aws_instance.tg.public_ip
- private_key = tls_private_key.private_key.private_key_pem
+ private_key = module.private_key.private_key_pem
}
provisioner "remote-exec" {
variable "tg_ami" {
description = "AMI to use for the instance."
type = string
- default = "ami-098a7a7d220d31850"
+ default = "ami-07430bfa17fd4e597"
}
variable "tg_associate_public_ip_address" {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.1.0"
+ version = ">= 5.7.0"
}
null = {
source = "hashicorp/null"
--- /dev/null
+data "vault_aws_access_credentials" "creds" {
+ backend = "${var.vault-name}-path"
+ role = "${var.vault-name}-role"
+}
+
+locals {
+ ansible_python_executable = "/usr/bin/python3"
+ availability_zone = "eu-central-1a"
+ name = "csit-vpc"
+ environment = "csit-vpc-environment"
+ key_pair_key_name = "${var.resource_prefix}-${var.testbed_name}-pk"
+ placement_group_name = "${var.resource_prefix}-${var.testbed_name}-pg"
+ security_group_name = "${var.resource_prefix}-${var.testbed_name}-sg"
+ testbed_name = "testbed1"
+ topology_name = "1n-c6gn"
+ tg_name = "${var.resource_prefix}-${var.testbed_name}-tg"
+ sut1_name = "${var.resource_prefix}-${var.testbed_name}-sut1"
+}
+
+# Create VPC
+module "vpc" {
+ source = "../terraform-aws-vpc"
+ security_group_name = local.security_group_name
+ subnet_availability_zone = local.availability_zone
+ tags_name = local.name
+ tags_environment = local.environment
+}
+
+# Create Subnet
+module "subnet_b" {
+ source = "../terraform-aws-subnet"
+ subnet_cidr_block = "192.168.10.0/24"
+ subnet_ipv6_cidr_block = cidrsubnet(module.vpc.vpc_ipv6_cidr_block, 8, 2)
+ subnet_availability_zone = local.availability_zone
+ tags_name = local.name
+ tags_environment = local.environment
+ subnet_vpc_id = module.vpc.vpc_id
+}
+
+# Create Private Key
+module "private_key" {
+ source = "pmikus/private-key/tls"
+ version = "4.0.4"
+
+ private_key_algorithm = var.private_key_algorithm
+}
+
+# Create Key Pair
+module "key_pair" {
+ source = "pmikus/key-pair/aws"
+ version = "5.7.0"
+
+ key_pair_key_name = local.key_pair_key_name
+ key_pair_public_key = module.private_key.public_key_openssh
+
+ key_pair_tags = {
+ "Environment" = local.environment
+ }
+}
+
+# Create Placement Group
+resource "aws_placement_group" "placement_group" {
+ name = local.placement_group_name
+ strategy = var.placement_group_strategy
+}
+
+# Create Instance
+resource "aws_instance" "tg" {
+ depends_on = [
+ module.vpc,
+ aws_placement_group.placement_group
+ ]
+ ami = var.tg_ami
+ availability_zone = local.availability_zone
+ associate_public_ip_address = var.tg_associate_public_ip_address
+ instance_initiated_shutdown_behavior = var.tg_instance_initiated_shutdown_behavior
+ instance_type = var.tg_instance_type
+ key_name = module.key_pair.key_pair_key_name
+ placement_group = aws_placement_group.placement_group.id
+ private_ip = var.tg_private_ip
+ source_dest_check = var.tg_source_dest_check
+ subnet_id = module.vpc.vpc_subnet_id
+ vpc_security_group_ids = [module.vpc.vpc_security_group_id]
+ # host_id = "1"
+
+ root_block_device {
+ delete_on_termination = true
+ volume_size = 50
+ }
+
+ tags = {
+ "Name" = local.tg_name
+ "Environment" = local.environment
+ }
+}
+
+resource "aws_network_interface" "tg_if1" {
+ depends_on = [
+ module.subnet_b,
+ aws_instance.tg
+ ]
+ private_ips = [var.tg_if1_private_ip]
+ security_groups = [module.vpc.vpc_security_group_id]
+ source_dest_check = var.tg_source_dest_check
+ subnet_id = module.subnet_b.subnet_id
+
+ attachment {
+ instance = aws_instance.tg.id
+ device_index = 1
+ }
+
+ tags = {
+ "Name" = local.tg_name
+ "Environment" = local.environment
+ }
+}
+
+resource "aws_network_interface" "tg_if2" {
+ depends_on = [
+ module.subnet_b,
+ aws_instance.tg
+ ]
+ private_ips = [var.tg_if2_private_ip]
+ security_groups = [module.vpc.vpc_security_group_id]
+ source_dest_check = var.tg_source_dest_check
+ subnet_id = module.subnet_b.subnet_id
+
+ attachment {
+ instance = aws_instance.tg.id
+ device_index = 2
+ }
+
+ tags = {
+ "Name" = local.tg_name
+ "Environment" = local.environment
+ }
+}
+
+data "aws_network_interface" "tg_if1" {
+ id = aws_network_interface.tg_if1.id
+}
+
+data "aws_network_interface" "tg_if2" {
+ id = aws_network_interface.tg_if2.id
+}
+
+resource "aws_route" "route_tg_if1" {
+ depends_on = [
+ aws_instance.tg
+ ]
+ destination_cidr_block = var.destination_cidr_block_tg_if1
+ network_interface_id = aws_instance.tg.primary_network_interface_id
+ route_table_id = module.vpc.vpc_main_route_table_id
+}
+
+resource "aws_route" "route_tg_if2" {
+ depends_on = [
+ aws_instance.tg
+ ]
+ destination_cidr_block = var.destination_cidr_block_tg_if2
+ network_interface_id = aws_instance.tg.primary_network_interface_id
+ route_table_id = module.vpc.vpc_main_route_table_id
+}
+
+resource "null_resource" "deploy_tg" {
+ depends_on = [
+ aws_instance.tg,
+ aws_network_interface.tg_if1,
+ aws_network_interface.tg_if2
+ ]
+
+ connection {
+ user = "ubuntu"
+ host = aws_instance.tg.public_ip
+ private_key = module.private_key.private_key_pem
+ }
+
+ provisioner "remote-exec" {
+ inline = var.first_run_commands
+ }
+}
+
+
+resource "null_resource" "deploy_topology" {
+ depends_on = [
+ aws_instance.tg
+ ]
+
+ provisioner "ansible" {
+ plays {
+ playbook {
+ file_path = var.ansible_topology_path
+ }
+ hosts = ["local"]
+ extra_vars = {
+ ansible_python_interpreter = local.ansible_python_executable
+ testbed_name = local.testbed_name
+ cloud_topology = local.topology_name
+ tg_if1_mac = data.aws_network_interface.tg_if1.mac_address
+ tg_if2_mac = data.aws_network_interface.tg_if2.mac_address
+ tg_public_ip = aws_instance.tg.public_ip
+ public_ip_list = "${aws_instance.tg.public_ip}"
+ }
+ }
+ }
+}
\ No newline at end of file
--- /dev/null
+provider "aws" {
+ region = var.region
+ access_key = data.vault_aws_access_credentials.creds.access_key
+ secret_key = data.vault_aws_access_credentials.creds.secret_key
+}
+
+provider "vault" {
+ address = "http://10.30.51.24:8200"
+ skip_tls_verify = true
+ token = "s.4z5PsufFwV3sHbCzK9Y2Cojd"
+}
\ No newline at end of file
--- /dev/null
+variable "vault-name" {
+ default = "dynamic-aws-creds-vault-fdio-csit-jenkins"
+}
+
+variable "region" {
+ description = "AWS Region."
+ type = string
+ default = "eu-central-1"
+}
+
+variable "resource_prefix" {
+ description = "Resources name prefix."
+ type = string
+ default = "csit-1n-c6gn"
+}
+
+variable "testbed_name" {
+ description = "Testbed name."
+ type = string
+ default = "testbed1"
+}
+
+# Variables for Private Key
+variable "private_key_algorithm" {
+ description = "The name of the algorithm to use for the key."
+ type = string
+ default = "ED25519"
+}
+
+# Variables for Placement Group
+variable "placement_group_strategy" {
+ description = "The placement strategy. Can be cluster, partition or spread."
+ type = string
+ default = "cluster"
+}
+
+# Variables for Instance
+variable "tg_ami" {
+ description = "AMI to use for the instance."
+ type = string
+ default = "ami-07430bfa17fd4e597"
+}
+
+variable "tg_associate_public_ip_address" {
+ description = "Whether to associate a public IP address with an instance in a VPC."
+ type = bool
+ default = true
+}
+
+variable "tg_instance_initiated_shutdown_behavior" {
+ description = "Shutdown behavior for the instance."
+ type = string
+ default = "terminate"
+}
+
+variable "tg_instance_type" {
+ description = "The instance type to use for the instance."
+ type = string
+ default = "c6gn.4xlarge"
+}
+
+variable "tg_private_ip" {
+ description = "Private IP address to associate with the instance in a VPC."
+ type = string
+ default = "192.168.0.10"
+}
+
+variable "tg_source_dest_check" {
+ description = "Controls if traffic is routed to the instance when the destination address does not match the instance."
+ type = bool
+ default = false
+}
+
+# Variables for Network Interface
+variable "tg_if1_private_ip" {
+ description = "List of private IPs to assign to the ENI without regard to order."
+ type = string
+ default = "192.168.10.254"
+}
+
+variable "tg_if2_private_ip" {
+ description = "List of private IPs to assign to the ENI without regard to order."
+ type = string
+ default = "192.168.10.11"
+}
+
+variable "destination_cidr_block_tg_if1" {
+ description = "The destination CIDR block."
+ type = string
+ default = "10.0.0.0/16"
+}
+
+variable "destination_cidr_block_tg_if2" {
+ description = "The destination CIDR block."
+ type = string
+ default = "20.0.0.0/16"
+}
+
+# Variables for Null Resource
+variable "first_run_commands" {
+ description = "List of private IPs to assign to the ENI without regard to order."
+ type = list(string)
+ default = [
+ "sudo sed -i 's/^PasswordAuthentication/#PasswordAuthentication/' /etc/ssh/sshd_config",
+ "sudo systemctl restart sshd",
+ "sudo useradd --create-home -s /bin/bash provisionuser",
+ "echo 'provisionuser:Csit1234' | sudo chpasswd",
+ "echo 'provisionuser ALL = (ALL) NOPASSWD: ALL' | sudo tee -a /etc/sudoers",
+ "sudo useradd --create-home -s /bin/bash testuser",
+ "echo 'testuser:Csit1234' | sudo chpasswd",
+ "echo 'testuser ALL = (ALL) NOPASSWD: ALL' | sudo tee -a /etc/sudoers"
+ ]
+}
+
+# Variables for Null Resource
+variable "ansible_topology_path" {
+ description = "Ansible topology path."
+ type = string
+ default = "../../fdio.infra.ansible/cloud_topology.yaml"
+}
--- /dev/null
+terraform {
+ required_providers {
+ aws = {
+ source = "hashicorp/aws"
+ version = ">= 5.7.0"
+ }
+ null = {
+ source = "hashicorp/null"
+ version = ">= 3.2.1"
+ }
+ tls = {
+ source = "hashicorp/tls"
+ version = ">= 4.0.4"
+ }
+ vault = {
+ version = ">= 3.15.2"
+ }
+ }
+ required_version = ">= 1.4.2"
+}
--- /dev/null
+data "vault_aws_access_credentials" "creds" {
+ backend = "${var.vault-name}-path"
+ role = "${var.vault-name}-role"
+}
+
+locals {
+ ansible_python_executable = "/usr/bin/python3"
+ availability_zone = "eu-central-1a"
+ name = "csit-vpc"
+ environment = "csit-vpc-environment"
+ key_pair_key_name = "${var.resource_prefix}-${var.testbed_name}-pk"
+ placement_group_name = "${var.resource_prefix}-${var.testbed_name}-pg"
+ security_group_name = "${var.resource_prefix}-${var.testbed_name}-sg"
+ testbed_name = "testbed1"
+ topology_name = "1n-c6in"
+ tg_name = "${var.resource_prefix}-${var.testbed_name}-tg"
+ sut1_name = "${var.resource_prefix}-${var.testbed_name}-sut1"
+}
+
+# Create VPC
+module "vpc" {
+ source = "../terraform-aws-vpc"
+ security_group_name = local.security_group_name
+ subnet_availability_zone = local.availability_zone
+ tags_name = local.name
+ tags_environment = local.environment
+}
+
+# Create Subnet
+module "subnet_b" {
+ source = "../terraform-aws-subnet"
+ subnet_cidr_block = "192.168.10.0/24"
+ subnet_ipv6_cidr_block = cidrsubnet(module.vpc.vpc_ipv6_cidr_block, 8, 2)
+ subnet_availability_zone = local.availability_zone
+ tags_name = local.name
+ tags_environment = local.environment
+ subnet_vpc_id = module.vpc.vpc_id
+}
+
+# Create Private Key
+module "private_key" {
+ source = "pmikus/private-key/tls"
+ version = "4.0.4"
+
+ private_key_algorithm = var.private_key_algorithm
+}
+
+# Create Key Pair
+module "key_pair" {
+ source = "pmikus/key-pair/aws"
+ version = "5.7.0"
+
+ key_pair_key_name = local.key_pair_key_name
+ key_pair_public_key = module.private_key.public_key_openssh
+
+ key_pair_tags = {
+ "Environment" = local.environment
+ }
+}
+
+# Create Placement Group
+resource "aws_placement_group" "placement_group" {
+ name = local.placement_group_name
+ strategy = var.placement_group_strategy
+}
+
+# Create Instance
+resource "aws_instance" "tg" {
+ depends_on = [
+ module.vpc,
+ aws_placement_group.placement_group
+ ]
+ ami = var.tg_ami
+ availability_zone = local.availability_zone
+ associate_public_ip_address = var.tg_associate_public_ip_address
+ instance_initiated_shutdown_behavior = var.tg_instance_initiated_shutdown_behavior
+ instance_type = var.tg_instance_type
+ key_name = module.key_pair.key_pair_key_name
+ placement_group = aws_placement_group.placement_group.id
+ private_ip = var.tg_private_ip
+ source_dest_check = var.tg_source_dest_check
+ subnet_id = module.vpc.vpc_subnet_id
+ vpc_security_group_ids = [module.vpc.vpc_security_group_id]
+ # host_id = "1"
+
+ root_block_device {
+ delete_on_termination = true
+ volume_size = 50
+ }
+
+ tags = {
+ "Name" = local.tg_name
+ "Environment" = local.environment
+ }
+}
+
+resource "aws_network_interface" "tg_if1" {
+ depends_on = [
+ module.subnet_b,
+ aws_instance.tg
+ ]
+ private_ips = [var.tg_if1_private_ip]
+ security_groups = [module.vpc.vpc_security_group_id]
+ source_dest_check = var.tg_source_dest_check
+ subnet_id = module.subnet_b.subnet_id
+
+ attachment {
+ instance = aws_instance.tg.id
+ device_index = 1
+ }
+
+ tags = {
+ "Name" = local.tg_name
+ "Environment" = local.environment
+ }
+}
+
+resource "aws_network_interface" "tg_if2" {
+ depends_on = [
+ module.subnet_b,
+ aws_instance.tg
+ ]
+ private_ips = [var.tg_if2_private_ip]
+ security_groups = [module.vpc.vpc_security_group_id]
+ source_dest_check = var.tg_source_dest_check
+ subnet_id = module.subnet_b.subnet_id
+
+ attachment {
+ instance = aws_instance.tg.id
+ device_index = 2
+ }
+
+ tags = {
+ "Name" = local.tg_name
+ "Environment" = local.environment
+ }
+}
+
+data "aws_network_interface" "tg_if1" {
+ id = aws_network_interface.tg_if1.id
+}
+
+data "aws_network_interface" "tg_if2" {
+ id = aws_network_interface.tg_if2.id
+}
+
+resource "aws_route" "route_tg_if1" {
+ depends_on = [
+ aws_instance.tg
+ ]
+ destination_cidr_block = var.destination_cidr_block_tg_if1
+ network_interface_id = aws_instance.tg.primary_network_interface_id
+ route_table_id = module.vpc.vpc_main_route_table_id
+}
+
+resource "aws_route" "route_tg_if2" {
+ depends_on = [
+ aws_instance.tg
+ ]
+ destination_cidr_block = var.destination_cidr_block_tg_if2
+ network_interface_id = aws_instance.tg.primary_network_interface_id
+ route_table_id = module.vpc.vpc_main_route_table_id
+}
+
+resource "null_resource" "deploy_tg" {
+ depends_on = [
+ aws_instance.tg,
+ aws_network_interface.tg_if1,
+ aws_network_interface.tg_if2
+ ]
+
+ connection {
+ user = "ubuntu"
+ host = aws_instance.tg.public_ip
+ private_key = module.private_key.private_key_pem
+ }
+
+ provisioner "remote-exec" {
+ inline = var.first_run_commands
+ }
+}
+
+
+resource "null_resource" "deploy_topology" {
+ depends_on = [
+ aws_instance.tg
+ ]
+
+ provisioner "ansible" {
+ plays {
+ playbook {
+ file_path = var.ansible_topology_path
+ }
+ hosts = ["local"]
+ extra_vars = {
+ ansible_python_interpreter = local.ansible_python_executable
+ testbed_name = local.testbed_name
+ cloud_topology = local.topology_name
+ tg_if1_mac = data.aws_network_interface.tg_if1.mac_address
+ tg_if2_mac = data.aws_network_interface.tg_if2.mac_address
+ tg_public_ip = aws_instance.tg.public_ip
+ public_ip_list = "${aws_instance.tg.public_ip}"
+ }
+ }
+ }
+}
\ No newline at end of file
--- /dev/null
+provider "aws" {
+ region = var.region
+ access_key = data.vault_aws_access_credentials.creds.access_key
+ secret_key = data.vault_aws_access_credentials.creds.secret_key
+}
+
+provider "vault" {
+ address = "http://10.30.51.24:8200"
+ skip_tls_verify = true
+ token = "s.4z5PsufFwV3sHbCzK9Y2Cojd"
+}
\ No newline at end of file
--- /dev/null
+variable "vault-name" {
+ default = "dynamic-aws-creds-vault-fdio-csit-jenkins"
+}
+
+variable "region" {
+ description = "AWS Region."
+ type = string
+ default = "eu-central-1"
+}
+
+variable "resource_prefix" {
+ description = "Resources name prefix."
+ type = string
+ default = "csit-1n-c6in"
+}
+
+variable "testbed_name" {
+ description = "Testbed name."
+ type = string
+ default = "testbed1"
+}
+
+# Variables for Private Key
+variable "private_key_algorithm" {
+ description = "The name of the algorithm to use for the key."
+ type = string
+ default = "ED25519"
+}
+
+# Variables for Placement Group
+variable "placement_group_strategy" {
+ description = "The placement strategy. Can be cluster, partition or spread."
+ type = string
+ default = "cluster"
+}
+
+# Variables for Instance
+variable "tg_ami" {
+ description = "AMI to use for the instance."
+ type = string
+ default = "ami-07430bfa17fd4e597"
+}
+
+variable "tg_associate_public_ip_address" {
+ description = "Whether to associate a public IP address with an instance in a VPC."
+ type = bool
+ default = true
+}
+
+variable "tg_instance_initiated_shutdown_behavior" {
+ description = "Shutdown behavior for the instance."
+ type = string
+ default = "terminate"
+}
+
+variable "tg_instance_type" {
+ description = "The instance type to use for the instance."
+ type = string
+ default = "c6in.4xlarge"
+}
+
+variable "tg_private_ip" {
+ description = "Private IP address to associate with the instance in a VPC."
+ type = string
+ default = "192.168.0.10"
+}
+
+variable "tg_source_dest_check" {
+ description = "Controls if traffic is routed to the instance when the destination address does not match the instance."
+ type = bool
+ default = false
+}
+
+# Variables for Network Interface
+variable "tg_if1_private_ip" {
+ description = "List of private IPs to assign to the ENI without regard to order."
+ type = string
+ default = "192.168.10.254"
+}
+
+variable "tg_if2_private_ip" {
+ description = "List of private IPs to assign to the ENI without regard to order."
+ type = string
+ default = "192.168.10.11"
+}
+
+variable "destination_cidr_block_tg_if1" {
+ description = "The destination CIDR block."
+ type = string
+ default = "10.0.0.0/16"
+}
+
+variable "destination_cidr_block_tg_if2" {
+ description = "The destination CIDR block."
+ type = string
+ default = "20.0.0.0/16"
+}
+
+# Variables for Null Resource
+variable "first_run_commands" {
+ description = "List of private IPs to assign to the ENI without regard to order."
+ type = list(string)
+ default = [
+ "sudo sed -i 's/^PasswordAuthentication/#PasswordAuthentication/' /etc/ssh/sshd_config",
+ "sudo systemctl restart sshd",
+ "sudo useradd --create-home -s /bin/bash provisionuser",
+ "echo 'provisionuser:Csit1234' | sudo chpasswd",
+ "echo 'provisionuser ALL = (ALL) NOPASSWD: ALL' | sudo tee -a /etc/sudoers",
+ "sudo useradd --create-home -s /bin/bash testuser",
+ "echo 'testuser:Csit1234' | sudo chpasswd",
+ "echo 'testuser ALL = (ALL) NOPASSWD: ALL' | sudo tee -a /etc/sudoers"
+ ]
+}
+
+# Variables for Null Resource
+variable "ansible_topology_path" {
+ description = "Ansible topology path."
+ type = string
+ default = "../../fdio.infra.ansible/cloud_topology.yaml"
+}
--- /dev/null
+terraform {
+ required_providers {
+ aws = {
+ source = "hashicorp/aws"
+ version = ">= 5.7.0"
+ }
+ null = {
+ source = "hashicorp/null"
+ version = ">= 3.2.1"
+ }
+ tls = {
+ source = "hashicorp/tls"
+ version = ">= 4.0.4"
+ }
+ vault = {
+ version = ">= 3.15.2"
+ }
+ }
+ required_version = ">= 1.4.2"
+}
}
# Create Private Key
-resource "tls_private_key" "private_key" {
- algorithm = var.private_key_algorithm
+module "private_key" {
+ source = "pmikus/private-key/tls"
+ version = "4.0.4"
+
+ private_key_algorithm = var.private_key_algorithm
}
# Create Key Pair
-resource "aws_key_pair" "key_pair" {
- depends_on = [
- tls_private_key.private_key
- ]
- key_name = local.key_pair_key_name
- public_key = tls_private_key.private_key.public_key_openssh
+module "key_pair" {
+ source = "pmikus/key-pair/aws"
+ version = "5.7.0"
+
+ key_pair_key_name = local.key_pair_key_name
+ key_pair_public_key = module.private_key.public_key_openssh
+
+ key_pair_tags = {
+ "Environment" = local.environment
+ }
}
# Create Placement Group
associate_public_ip_address = var.tg_associate_public_ip_address
instance_initiated_shutdown_behavior = var.tg_instance_initiated_shutdown_behavior
instance_type = var.tg_instance_type
- key_name = aws_key_pair.key_pair.key_name
+ key_name = module.key_pair.key_pair_key_name
placement_group = aws_placement_group.placement_group.id
private_ip = var.tg_private_ip
source_dest_check = var.tg_source_dest_check
associate_public_ip_address = var.sut1_associate_public_ip_address
instance_initiated_shutdown_behavior = var.sut1_instance_initiated_shutdown_behavior
instance_type = var.sut1_instance_type
- key_name = aws_key_pair.key_pair.key_name
+ key_name = module.key_pair.key_pair_key_name
placement_group = aws_placement_group.placement_group.id
private_ip = var.sut1_private_ip
source_dest_check = var.sut1_source_dest_check
connection {
user = "ubuntu"
host = aws_instance.tg.public_ip
- private_key = tls_private_key.private_key.private_key_pem
+ private_key = module.private_key.private_key_pem
}
provisioner "remote-exec" {
connection {
user = "ubuntu"
host = aws_instance.sut1.public_ip
- private_key = tls_private_key.private_key.private_key_pem
+ private_key = module.private_key.private_key_pem
}
provisioner "remote-exec" {
variable "tg_ami" {
description = "AMI to use for the instance."
type = string
- default = "ami-098a7a7d220d31850"
+ default = "ami-07430bfa17fd4e597"
}
variable "tg_associate_public_ip_address" {
variable "sut1_ami" {
description = "AMI to use for the instance."
type = string
- default = "ami-08f78d81d21cdaf14"
+ default = "ami-0a890555652963ec2"
}
variable "sut1_associate_public_ip_address" {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.1.0"
+ version = ">= 5.7.0"
}
null = {
source = "hashicorp/null"
placement_group_name = "${var.resource_prefix}-${var.testbed_name}-pg"
security_group_name = "${var.resource_prefix}-${var.testbed_name}-sg"
testbed_name = "testbed1"
- topology_name = "2n-aws-c6gn"
+ topology_name = "2n-c6gn"
tg_name = "${var.resource_prefix}-${var.testbed_name}-tg"
sut1_name = "${var.resource_prefix}-${var.testbed_name}-sut1"
}
}
# Create Private Key
-resource "tls_private_key" "private_key" {
- algorithm = var.private_key_algorithm
- ecdsa_curve = var.private_key_ecdsa_curve
- rsa_bits = var.private_key_rsa_bits
+module "private_key" {
+ source = "pmikus/private-key/tls"
+ version = "4.0.4"
+
+ private_key_algorithm = var.private_key_algorithm
}
# Create Key Pair
-resource "aws_key_pair" "key_pair" {
- depends_on = [
- tls_private_key.private_key
- ]
- key_name = local.key_pair_key_name
- public_key = tls_private_key.private_key.public_key_openssh
+module "key_pair" {
+ source = "pmikus/key-pair/aws"
+ version = "5.7.0"
+
+ key_pair_key_name = local.key_pair_key_name
+ key_pair_public_key = module.private_key.public_key_openssh
+
+ key_pair_tags = {
+ "Environment" = local.environment
+ }
}
# Create Placement Group
associate_public_ip_address = var.tg_associate_public_ip_address
instance_initiated_shutdown_behavior = var.tg_instance_initiated_shutdown_behavior
instance_type = var.tg_instance_type
- key_name = aws_key_pair.key_pair.key_name
+ key_name = module.key_pair.key_pair_key_name
placement_group = aws_placement_group.placement_group.id
private_ip = var.tg_private_ip
source_dest_check = var.tg_source_dest_check
associate_public_ip_address = var.sut1_associate_public_ip_address
instance_initiated_shutdown_behavior = var.sut1_instance_initiated_shutdown_behavior
instance_type = var.sut1_instance_type
- key_name = aws_key_pair.key_pair.key_name
+ key_name = module.key_pair.key_pair_key_name
placement_group = aws_placement_group.placement_group.id
private_ip = var.sut1_private_ip
source_dest_check = var.sut1_source_dest_check
connection {
user = "ubuntu"
host = aws_instance.tg.public_ip
- private_key = tls_private_key.private_key.private_key_pem
+ private_key = module.private_key.private_key_pem
}
provisioner "remote-exec" {
connection {
user = "ubuntu"
host = aws_instance.sut1.public_ip
- private_key = tls_private_key.private_key.private_key_pem
+ private_key = module.private_key.private_key_pem
}
provisioner "remote-exec" {
}
}
}
-}
\ No newline at end of file
+}
variable "resource_prefix" {
description = "Resources name prefix."
type = string
- default = "csit-2n-aws-c6gn"
+ default = "csit-2n-c6gn"
}
variable "testbed_name" {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.1.0"
+ version = ">= 5.7.0"
}
null = {
source = "hashicorp/null"
--- /dev/null
+data "vault_aws_access_credentials" "creds" {
+ backend = "${var.vault-name}-path"
+ role = "${var.vault-name}-role"
+}
+
+locals {
+ ansible_python_executable = "/usr/bin/python3"
+ availability_zone = "eu-central-1a"
+ name = "csit-vpc"
+ environment = "csit-vpc-environment"
+ key_pair_key_name = "${var.resource_prefix}-${var.testbed_name}-pk"
+ placement_group_name = "${var.resource_prefix}-${var.testbed_name}-pg"
+ security_group_name = "${var.resource_prefix}-${var.testbed_name}-sg"
+ testbed_name = "testbed1"
+ topology_name = "2n-c6in"
+ tg_name = "${var.resource_prefix}-${var.testbed_name}-tg"
+ sut1_name = "${var.resource_prefix}-${var.testbed_name}-sut1"
+}
+
+# Create VPC
+module "vpc" {
+ source = "../terraform-aws-vpc"
+ security_group_name = local.security_group_name
+ subnet_availability_zone = local.availability_zone
+ tags_name = local.name
+ tags_environment = local.environment
+ vpc_enable_dns_hostnames = false
+}
+
+# Create Subnet
+module "subnet_b" {
+ source = "../terraform-aws-subnet"
+ subnet_cidr_block = "192.168.10.0/24"
+ subnet_ipv6_cidr_block = cidrsubnet(module.vpc.vpc_ipv6_cidr_block, 8, 2)
+ subnet_availability_zone = local.availability_zone
+ tags_name = local.name
+ tags_environment = local.environment
+ subnet_vpc_id = module.vpc.vpc_id
+}
+
+module "subnet_d" {
+ source = "../terraform-aws-subnet"
+ subnet_cidr_block = "192.168.20.0/24"
+ subnet_ipv6_cidr_block = cidrsubnet(module.vpc.vpc_ipv6_cidr_block, 8, 4)
+ subnet_availability_zone = local.availability_zone
+ tags_name = local.name
+ tags_environment = local.environment
+ subnet_vpc_id = module.vpc.vpc_id
+}
+
+# Create Private Key
+module "private_key" {
+ source = "pmikus/private-key/tls"
+ version = "4.0.4"
+
+ private_key_algorithm = var.private_key_algorithm
+}
+
+# Create Key Pair
+module "key_pair" {
+ source = "pmikus/key-pair/aws"
+ version = "5.7.0"
+
+ key_pair_key_name = local.key_pair_key_name
+ key_pair_public_key = module.private_key.public_key_openssh
+
+ key_pair_tags = {
+ "Environment" = local.environment
+ }
+}
+
+# Create Placement Group
+resource "aws_placement_group" "placement_group" {
+ name = local.placement_group_name
+ strategy = var.placement_group_strategy
+}
+
+# Create Instance
+resource "aws_instance" "tg" {
+ depends_on = [
+ module.vpc,
+ aws_placement_group.placement_group
+ ]
+ ami = var.tg_ami
+ availability_zone = local.availability_zone
+ associate_public_ip_address = var.tg_associate_public_ip_address
+ instance_initiated_shutdown_behavior = var.tg_instance_initiated_shutdown_behavior
+ instance_type = var.tg_instance_type
+ key_name = module.key_pair.key_pair_key_name
+ placement_group = aws_placement_group.placement_group.id
+ private_ip = var.tg_private_ip
+ source_dest_check = var.tg_source_dest_check
+ subnet_id = module.vpc.vpc_subnet_id
+ vpc_security_group_ids = [module.vpc.vpc_security_group_id]
+ # host_id = "1"
+
+ root_block_device {
+ delete_on_termination = true
+ volume_size = 50
+ }
+
+ tags = {
+ "Name" = local.tg_name
+ "Environment" = local.environment
+ }
+}
+
+resource "aws_network_interface" "tg_if1" {
+ depends_on = [
+ module.subnet_b,
+ aws_instance.tg
+ ]
+ private_ip = var.tg_if1_private_ip
+ private_ips = [var.tg_if1_private_ip]
+ security_groups = [module.vpc.vpc_security_group_id]
+ source_dest_check = var.tg_source_dest_check
+ subnet_id = module.subnet_b.subnet_id
+
+ attachment {
+ instance = aws_instance.tg.id
+ device_index = 1
+ }
+
+ tags = {
+ "Name" = local.tg_name
+ "Environment" = local.environment
+ }
+}
+
+resource "aws_network_interface" "tg_if2" {
+ depends_on = [
+ module.subnet_d,
+ aws_instance.tg
+ ]
+ private_ip = var.tg_if2_private_ip
+ private_ips = [var.tg_if2_private_ip]
+ security_groups = [module.vpc.vpc_security_group_id]
+ source_dest_check = var.tg_source_dest_check
+ subnet_id = module.subnet_d.subnet_id
+
+ attachment {
+ instance = aws_instance.tg.id
+ device_index = 2
+ }
+
+ tags = {
+ "Name" = local.tg_name
+ "Environment" = local.environment
+ }
+}
+
+data "aws_network_interface" "tg_if1" {
+ id = aws_network_interface.tg_if1.id
+}
+
+data "aws_network_interface" "tg_if2" {
+ id = aws_network_interface.tg_if2.id
+}
+
+resource "aws_route" "route_tg_if1" {
+ depends_on = [
+ aws_instance.tg
+ ]
+ destination_cidr_block = var.destination_cidr_block_tg_if1
+ network_interface_id = aws_instance.tg.primary_network_interface_id
+ route_table_id = module.vpc.vpc_main_route_table_id
+}
+
+resource "aws_route" "route_tg_if2" {
+ depends_on = [
+ aws_instance.tg
+ ]
+ destination_cidr_block = var.destination_cidr_block_tg_if2
+ network_interface_id = aws_instance.tg.primary_network_interface_id
+ route_table_id = module.vpc.vpc_main_route_table_id
+}
+
+resource "aws_instance" "sut1" {
+ depends_on = [
+ module.vpc,
+ aws_placement_group.placement_group
+ ]
+ ami = var.sut1_ami
+ availability_zone = local.availability_zone
+ associate_public_ip_address = var.sut1_associate_public_ip_address
+ instance_initiated_shutdown_behavior = var.sut1_instance_initiated_shutdown_behavior
+ instance_type = var.sut1_instance_type
+ key_name = module.key_pair.key_pair_key_name
+ placement_group = aws_placement_group.placement_group.id
+ private_ip = var.sut1_private_ip
+ source_dest_check = var.sut1_source_dest_check
+ subnet_id = module.vpc.vpc_subnet_id
+ vpc_security_group_ids = [module.vpc.vpc_security_group_id]
+ # host_id = "2"
+
+ root_block_device {
+ delete_on_termination = true
+ volume_size = 50
+ }
+
+ tags = {
+ "Name" = local.sut1_name
+ "Environment" = local.environment
+ }
+}
+
+resource "aws_network_interface" "sut1_if1" {
+ depends_on = [
+ module.subnet_b,
+ aws_instance.sut1
+ ]
+ private_ip = var.sut1_if1_private_ip
+ private_ips = [var.sut1_if1_private_ip]
+ security_groups = [module.vpc.vpc_security_group_id]
+ source_dest_check = var.sut1_source_dest_check
+ subnet_id = module.subnet_b.subnet_id
+
+ attachment {
+ instance = aws_instance.sut1.id
+ device_index = 1
+ }
+
+ tags = {
+ "Name" = local.sut1_name
+ "Environment" = local.environment
+ }
+}
+
+resource "aws_network_interface" "sut1_if2" {
+ depends_on = [
+ module.subnet_d,
+ aws_instance.sut1
+ ]
+ private_ip = var.sut1_if2_private_ip
+ private_ips = [var.sut1_if2_private_ip]
+ security_groups = [module.vpc.vpc_security_group_id]
+ source_dest_check = var.sut1_source_dest_check
+ subnet_id = module.subnet_d.subnet_id
+
+ attachment {
+ instance = aws_instance.sut1.id
+ device_index = 2
+ }
+
+ tags = {
+ "Name" = local.sut1_name
+ "Environment" = local.environment
+ }
+}
+
+data "aws_network_interface" "sut1_if1" {
+ id = aws_network_interface.sut1_if1.id
+}
+
+data "aws_network_interface" "sut1_if2" {
+ id = aws_network_interface.sut1_if2.id
+}
+
+resource "null_resource" "deploy_tg" {
+ depends_on = [
+ aws_instance.tg,
+ aws_network_interface.tg_if1,
+ aws_network_interface.tg_if2,
+ aws_instance.sut1,
+ aws_network_interface.sut1_if1,
+ aws_network_interface.sut1_if2
+ ]
+
+ connection {
+ user = "ubuntu"
+ host = aws_instance.tg.public_ip
+ private_key = module.private_key.private_key_pem
+ }
+
+ provisioner "remote-exec" {
+ inline = var.first_run_commands
+ }
+}
+
+resource "null_resource" "deploy_sut1" {
+ depends_on = [
+ aws_instance.tg,
+ aws_network_interface.tg_if1,
+ aws_network_interface.tg_if2,
+ aws_instance.sut1,
+ aws_network_interface.sut1_if1,
+ aws_network_interface.sut1_if2
+ ]
+
+ connection {
+ user = "ubuntu"
+ host = aws_instance.sut1.public_ip
+ private_key = module.private_key.private_key_pem
+ }
+
+ provisioner "remote-exec" {
+ inline = var.first_run_commands
+ }
+}
+
+resource "null_resource" "deploy_topology" {
+ depends_on = [
+ aws_instance.tg,
+ aws_instance.sut1
+ ]
+
+ provisioner "ansible" {
+ plays {
+ playbook {
+ file_path = var.ansible_topology_path
+ }
+ hosts = ["local"]
+ extra_vars = {
+ ansible_python_interpreter = local.ansible_python_executable
+ testbed_name = local.testbed_name
+ cloud_topology = local.topology_name
+ tg_if1_mac = data.aws_network_interface.tg_if1.mac_address
+ tg_if2_mac = data.aws_network_interface.tg_if2.mac_address
+ dut1_if1_mac = data.aws_network_interface.sut1_if1.mac_address
+ dut1_if2_mac = data.aws_network_interface.sut1_if2.mac_address
+ tg_public_ip = aws_instance.tg.public_ip
+ dut1_public_ip = aws_instance.sut1.public_ip
+ public_ip_list = "${aws_instance.tg.public_ip},${aws_instance.sut1.public_ip}"
+ }
+ }
+ }
+}
--- /dev/null
+provider "aws" {
+ region = var.region
+ access_key = data.vault_aws_access_credentials.creds.access_key
+ secret_key = data.vault_aws_access_credentials.creds.secret_key
+}
+
+provider "vault" {
+ address = "http://vault.service.consul:8200"
+ skip_tls_verify = true
+ token = "s.4z5PsufFwV3sHbCzK9Y2Cojd"
+}
\ No newline at end of file
--- /dev/null
+variable "vault-name" {
+ default = "dynamic-aws-creds-vault-fdio-csit-jenkins"
+}
+
+variable "region" {
+ description = "AWS Region."
+ type = string
+ default = "eu-central-1"
+}
+
+variable "resource_prefix" {
+ description = "Resources name prefix."
+ type = string
+ default = "csit-2n-c6gn"
+}
+
+variable "testbed_name" {
+ description = "Testbed name."
+ type = string
+ default = "testbed1"
+}
+
+# Variables for Private Key
+variable "private_key_algorithm" {
+ description = "The name of the algorithm to use for the key."
+ type = string
+ default = "RSA"
+}
+
+variable "private_key_ecdsa_curve" {
+ description = "When algorithm is ECDSA, the name of the elliptic curve to use."
+ type = string
+ default = "P521"
+}
+
+variable "private_key_rsa_bits" {
+ description = "When algorithm is RSA, the size of the generated RSA key in bits."
+ type = number
+ default = 4096
+}
+
+# Variables for Placement Group
+variable "placement_group_strategy" {
+ description = "The placement strategy. Can be cluster, partition or spread."
+ type = string
+ default = "cluster"
+}
+
+# Variables for Instance
+variable "tg_ami" {
+ description = "AMI to use for the instance."
+ type = string
+ default = "ami-07430bfa17fd4e597"
+}
+
+variable "tg_associate_public_ip_address" {
+ description = "Whether to associate a public IP address with an instance in a VPC."
+ type = bool
+ default = true
+}
+
+variable "tg_instance_initiated_shutdown_behavior" {
+ description = "Shutdown behavior for the instance."
+ type = string
+ default = "terminate"
+}
+
+variable "tg_instance_type" {
+ description = "The instance type to use for the instance."
+ type = string
+ default = "c6in.4xlarge"
+}
+
+variable "tg_private_ip" {
+ description = "Private IP address to associate with the instance in a VPC."
+ type = string
+ default = "192.168.0.10"
+}
+
+variable "tg_source_dest_check" {
+ description = "Controls if traffic is routed to the instance when the destination address does not match the instance."
+ type = bool
+ default = false
+}
+
+variable "sut1_ami" {
+ description = "AMI to use for the instance."
+ type = string
+ default = "ami-0a890555652963ec2"
+}
+
+variable "sut1_associate_public_ip_address" {
+ description = "Whether to associate a public IP address with an instance in a VPC."
+ type = bool
+ default = true
+}
+
+variable "sut1_instance_initiated_shutdown_behavior" {
+ description = "Shutdown behavior for the instance."
+ type = string
+ default = "terminate"
+}
+
+variable "sut1_instance_type" {
+ description = "The instance type to use for the instance."
+ type = string
+ default = "c6in.4xlarge"
+}
+
+variable "sut1_private_ip" {
+ description = "Private IP address to associate with the instance in a VPC."
+ type = string
+ default = "192.168.0.11"
+}
+
+variable "sut1_source_dest_check" {
+ description = "Controls if traffic is routed to the instance when the destination address does not match the instance."
+ type = bool
+ default = false
+}
+
+# Variables for Network Interface
+variable "tg_if1_private_ip" {
+ description = "List of private IPs to assign to the ENI without regard to order."
+ type = string
+ default = "192.168.10.254"
+}
+
+variable "tg_if2_private_ip" {
+ description = "List of private IPs to assign to the ENI without regard to order."
+ type = string
+ default = "192.168.20.254"
+}
+
+variable "destination_cidr_block_tg_if1" {
+ description = "The destination CIDR block."
+ type = string
+ default = "10.0.0.0/24"
+}
+
+variable "destination_cidr_block_tg_if2" {
+ description = "The destination CIDR block."
+ type = string
+ default = "20.0.0.0/24"
+}
+
+variable "sut1_if1_private_ip" {
+ description = "List of private IPs to assign to the ENI without regard to order."
+ type = string
+ default = "192.168.10.11"
+}
+
+variable "sut1_if2_private_ip" {
+ description = "List of private IPs to assign to the ENI without regard to order."
+ type = string
+ default = "192.168.20.11"
+}
+
+# Variables for Null Resource
+variable "first_run_commands" {
+ description = "List of private IPs to assign to the ENI without regard to order."
+ type = list(string)
+ default = [
+ "sudo sed -i 's/^PasswordAuthentication/#PasswordAuthentication/' /etc/ssh/sshd_config",
+ "sudo systemctl restart sshd",
+ "sudo useradd --create-home -s /bin/bash provisionuser",
+ "echo 'provisionuser:Csit1234' | sudo chpasswd",
+ "echo 'provisionuser ALL = (ALL) NOPASSWD: ALL' | sudo tee -a /etc/sudoers",
+ "sudo useradd --create-home -s /bin/bash testuser",
+ "echo 'testuser:Csit1234' | sudo chpasswd",
+ "echo 'testuser ALL = (ALL) NOPASSWD: ALL' | sudo tee -a /etc/sudoers"
+ ]
+}
+
+# Variables for Null Resource
+variable "ansible_topology_path" {
+ description = "Ansible topology path."
+ type = string
+ default = "../../fdio.infra.ansible/cloud_topology.yaml"
+}
--- /dev/null
+terraform {
+ required_providers {
+ aws = {
+ source = "hashicorp/aws"
+ version = ">= 5.7.0"
+ }
+ null = {
+ source = "hashicorp/null"
+ version = ">= 3.2.1"
+ }
+ tls = {
+ source = "hashicorp/tls"
+ version = ">= 4.0.4"
+ }
+ vault = {
+ version = ">= 3.15.2"
+ }
+ }
+ required_version = ">= 1.4.2"
+}
\ No newline at end of file
}
# Create Private Key
-resource "tls_private_key" "private_key" {
- algorithm = var.private_key_algorithm
+module "private_key" {
+ source = "pmikus/private-key/tls"
+ version = "4.0.4"
+
+ private_key_algorithm = var.private_key_algorithm
}
# Create Key Pair
-resource "aws_key_pair" "key_pair" {
- depends_on = [
- tls_private_key.private_key
- ]
- key_name = local.key_pair_key_name
- public_key = tls_private_key.private_key.public_key_openssh
+module "key_pair" {
+ source = "pmikus/key-pair/aws"
+ version = "5.7.0"
+
+ key_pair_key_name = local.key_pair_key_name
+ key_pair_public_key = module.private_key.public_key_openssh
+
+ key_pair_tags = {
+ "Environment" = local.environment
+ }
}
# Create Placement Group
associate_public_ip_address = var.tg_associate_public_ip_address
instance_initiated_shutdown_behavior = var.tg_instance_initiated_shutdown_behavior
instance_type = var.tg_instance_type
- key_name = aws_key_pair.key_pair.key_name
+ key_name = module.key_pair.key_pair_key_name
placement_group = aws_placement_group.placement_group.id
private_ip = var.tg_private_ip
source_dest_check = var.tg_source_dest_check
associate_public_ip_address = var.sut1_associate_public_ip_address
instance_initiated_shutdown_behavior = var.sut1_instance_initiated_shutdown_behavior
instance_type = var.sut1_instance_type
- key_name = aws_key_pair.key_pair.key_name
+ key_name = module.key_pair.key_pair_key_name
placement_group = aws_placement_group.placement_group.id
private_ip = var.sut1_private_ip
source_dest_check = var.sut1_source_dest_check
associate_public_ip_address = var.sut2_associate_public_ip_address
instance_initiated_shutdown_behavior = var.sut2_instance_initiated_shutdown_behavior
instance_type = var.sut2_instance_type
- key_name = aws_key_pair.key_pair.key_name
+ key_name = module.key_pair.key_pair_key_name
placement_group = aws_placement_group.placement_group.id
private_ip = var.sut2_private_ip
source_dest_check = var.sut2_source_dest_check
connection {
user = "ubuntu"
host = aws_instance.tg.public_ip
- private_key = tls_private_key.private_key.private_key_pem
+ private_key = module.private_key.private_key_pem
}
provisioner "remote-exec" {
connection {
user = "ubuntu"
host = aws_instance.sut1.public_ip
- private_key = tls_private_key.private_key.private_key_pem
+ private_key = module.private_key.private_key_pem
}
provisioner "remote-exec" {
connection {
user = "ubuntu"
host = aws_instance.sut2.public_ip
- private_key = tls_private_key.private_key.private_key_pem
+ private_key = module.private_key.private_key_pem
}
provisioner "remote-exec" {
variable "tg_ami" {
description = "AMI to use for the instance."
type = string
- default = "ami-098a7a7d220d31850"
+ default = "ami-07430bfa17fd4e597"
}
variable "tg_associate_public_ip_address" {
variable "sut1_ami" {
description = "AMI to use for the instance."
type = string
- default = "ami-08f78d81d21cdaf14"
+ default = "ami-0a890555652963ec2"
}
variable "sut1_associate_public_ip_address" {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.1.0"
+ version = ">= 5.7.0"
}
null = {
source = "hashicorp/null"
NODENESS="3n"
FLAVOR="aws"
;;
+ *"1n-c6gn"*)
+ NODENESS="1n"
+ FLAVOR="c6gn"
+ ;;
+ *"2n-c6gn"*)
+ NODENESS="2n"
+ FLAVOR="c6gn"
+ ;;
+ *"3n-c6gn"*)
+ NODENESS="3n"
+ FLAVOR="c6gn"
+ ;;
+ *"1n-c6in"*)
+ NODENESS="1n"
+ FLAVOR="c6in"
+ ;;
+ *"2n-c6in"*)
+ NODENESS="2n"
+ FLAVOR="c6in"
+ ;;
+ *"3n-c6in"*)
+ NODENESS="3n"
+ FLAVOR="c6in"
+ ;;
*"2n-zn2"*)
NODENESS="2n"
FLAVOR="zn2"
}
terraform_apply || die "Failed to call terraform apply."
;;
+ "1n_c6gn" | "2n_c6gn" | "3n_c6gn")
+ export TF_VAR_testbed_name="${TEST_CODE}"
+ TERRAFORM_MODULE_DIR="terraform-aws-${NODENESS}-c6gn"
+ terraform_init || die "Failed to call terraform init."
+ trap "terraform_destroy" ERR EXIT || {
+ die "Trap attempt failed, please cleanup manually. Aborting!"
+ }
+ terraform_apply || die "Failed to call terraform apply."
+ ;;
+ "1n_c6in" | "2n_c6in" | "3n_c6in")
+ export TF_VAR_testbed_name="${TEST_CODE}"
+ TERRAFORM_MODULE_DIR="terraform-aws-${NODENESS}-c6in"
+ terraform_init || die "Failed to call terraform init."
+ trap "terraform_destroy" ERR EXIT || {
+ die "Trap attempt failed, please cleanup manually. Aborting!"
+ }
+ terraform_apply || die "Failed to call terraform apply."
+ ;;
esac
}
# NIC SELECTION
case "${TEST_CODE}" in
- *"1n-aws"*)
+ *"1n-aws"* | *"1n-c6gn"* | *"1n-c6in"*)
start_pattern='^ SUT:'
;;
*)
*"1n-aws"* | *"2n-aws"* | *"3n-aws"*)
default_nic="nic_amazon-nitro-50g"
;;
+ *"1n-c6gn"* | *"2n-c6gn"* | *"3n-c6gn"*)
+ default_nic="nic_amazon-nitro-100g"
+ ;;
+ *"1n-c6in"* | *"2n-c6in"* | *"3n-c6in"*)
+ default_nic="nic_amazon-nitro-200g"
+ ;;
*)
default_nic="nic_intel-x710"
;;
awk_nics_sub_cmd+='gsub("vic1227","10ge2p1vic1227");'
awk_nics_sub_cmd+='gsub("vic1385","40ge2p1vic1385");'
awk_nics_sub_cmd+='gsub("nitro-50g","50ge1p1ENA");'
+ awk_nics_sub_cmd+='gsub("nitro-100g","100ge1p1ENA");'
+ awk_nics_sub_cmd+='gsub("nitro-200g","200ge1p1ENA");'
awk_nics_sub_cmd+='if ($9 =="drv_avf") drv="avf-";'
awk_nics_sub_cmd+='else if ($9 =="drv_rdma_core") drv ="rdma-";'
awk_nics_sub_cmd+='else if ($9 =="drv_mlx5_core") drv ="mlx5-";'
*"1n-aws"* | *"2n-aws"* | *"3n-aws"*)
test_tag_array+=("!ipsechw")
;;
+ *"1n-c6gn"* | *"2n-c6gn"* | *"3n-c6gn"*)
+ test_tag_array+=("!ipsechw")
+ ;;
+ *"1n-c6in"* | *"2n-c6in"* | *"3n-c6in"*)
+ test_tag_array+=("!ipsechw")
+ ;;
esac
# We will add excluded NICs.
TOPOLOGIES=( "${TOPOLOGIES_DIR}"/*3n-aws*.yaml )
TOPOLOGIES_TAGS="3_node_single_link_topo"
;;
+ "1n_c6gn")
+ TOPOLOGIES=( "${TOPOLOGIES_DIR}"/*1n-c6gn*.yaml )
+ TOPOLOGIES_TAGS="1_node_single_link_topo"
+ ;;
+ "2n_c6gn")
+ TOPOLOGIES=( "${TOPOLOGIES_DIR}"/*2n-c6gn*.yaml )
+ TOPOLOGIES_TAGS="2_node_single_link_topo"
+ ;;
+ "3n_c6gn")
+ TOPOLOGIES=( "${TOPOLOGIES_DIR}"/*3n-c6gn*.yaml )
+ TOPOLOGIES_TAGS="3_node_single_link_topo"
+ ;;
+ "1n_c6in")
+ TOPOLOGIES=( "${TOPOLOGIES_DIR}"/*1n-c6in*.yaml )
+ TOPOLOGIES_TAGS="1_node_single_link_topo"
+ ;;
+ "2n_c6in")
+ TOPOLOGIES=( "${TOPOLOGIES_DIR}"/*2n-c6in*.yaml )
+ TOPOLOGIES_TAGS="2_node_single_link_topo"
+ ;;
+ "3n_c6in")
+ TOPOLOGIES=( "${TOPOLOGIES_DIR}"/*3n-c6in*.yaml )
+ TOPOLOGIES_TAGS="3_node_single_link_topo"
+ ;;
*)
# No falling back to default, that should have been done
# by the function which has set NODENESS and FLAVOR.
case "${TEST_CODE}" in
*"1n-aws"* | *"2n-aws"* | *"3n-aws"*)
- # T-Rex 2.88+ workaround for ENA NICs.
+ export TREX_RX_DESCRIPTORS_COUNT=1024
+ export TREX_EXTRA_CMDLINE="--mbuf-factor 19"
+ export TREX_CORE_COUNT=6
+ # Settings to prevent duration stretching.
+ export PERF_TRIAL_STL_DELAY=0.1
+ ;;
+ *"1n-c6gn"* | *"2n-c6gn"* | *"3n-c6gn"*)
+ export TREX_RX_DESCRIPTORS_COUNT=1024
+ export TREX_EXTRA_CMDLINE="--mbuf-factor 19"
+ export TREX_CORE_COUNT=6
+ # Settings to prevent duration stretching.
+ export PERF_TRIAL_STL_DELAY=0.1
+ ;;
+ *"1n-c6in"* | *"2n-c6in"* | *"3n-c6in"*)
export TREX_RX_DESCRIPTORS_COUNT=1024
export TREX_EXTRA_CMDLINE="--mbuf-factor 19"
export TREX_CORE_COUNT=6
TERRAFORM_MODULE_DIR="terraform-aws-${NODENESS}-${FLAVOR}-c5n"
terraform_destroy || die "Failed to call terraform destroy."
;;
+ *"1n-c6gn"* | *"2n-c6gn"* | *"3n-c6gn"*)
+ TERRAFORM_MODULE_DIR="terraform-aws-${NODENESS}-${FLAVOR}"
+ terraform_destroy || die "Failed to call terraform destroy."
+ ;;
+ *"1n-c6in"* | *"2n-c6in"* | *"3n-c6in"*)
+ TERRAFORM_MODULE_DIR="terraform-aws-${NODENESS}-${FLAVOR}"
+ terraform_destroy || die "Failed to call terraform destroy."
+ ;;
*)
;;
esac
u"Mellanox-CX6DX": 100000000000,
u"Mellanox-CX7VEAT": 200000000000,
u"Amazon-Nitro-50G": 10000000000,
+ u"Amazon-Nitro-100G": 10000000000,
+ u"Amazon-Nitro-200G": 20000000000,
u"virtual": 100000000,
}
u"Mellanox-CX556A": 148809523,
u"Mellanox-CX6DX": 148809523,
u"Mellanox-CX7VEAT": 297619046,
- u"Amazon-Nitro-50G": 1200000,
+ u"Amazon-Nitro-50G": 1500000,
+ u"Amazon-Nitro-100G": 3000000,
+ u"Amazon-Nitro-200G": 6000000,
u"virtual": 14880952,
}
u"Intel-E822CQ": u"25ge2p1e822cq",
u"Intel-E810CQ": u"100ge2p1e810cq",
u"Amazon-Nitro-50G": u"50ge1p1ena",
+ u"Amazon-Nitro-100G": u"100ge1p1ena",
+ u"Amazon-Nitro-200G": u"200ge1p1ena",
u"Mellanox-CX556A": u"100ge2p1cx556a",
u"Mellanox-CX6DX": u"100ge2p1cx6dx",
u"Mellanox-CX7VEAT": u"200ge2p1cx7veat",
u"25ge2p1e822cq": u"e822cq",
u"100ge2p1e810cq": u"e810cq",
u"50ge1p1ena": u"ena",
+ u"100ge1p1ena": u"ena100",
+ u"200ge1p1ena": u"ena200",
u"100ge2p1cx556a": u"cx556a",
u"100ge2p1cx6dx": u"cx6dx",
u"200ge2p1cx7veat": u"cx7veat",
u"Intel-E822CQ": [u"vfio-pci", u"avf", u"af_xdp"],
u"Intel-E810CQ": [u"vfio-pci", u"avf", u"af_xdp"],
u"Amazon-Nitro-50G": [u"vfio-pci"],
+ u"Amazon-Nitro-100G": [u"vfio-pci"],
+ u"Amazon-Nitro-200G": [u"vfio-pci"],
u"Mellanox-CX556A": [u"rdma-core", u"mlx5_core", u"af_xdp"],
u"Mellanox-CX6DX": [u"rdma-core", u"mlx5_core", u"af_xdp"],
u"Mellanox-CX7VEAT": [u"rdma-core", u"mlx5_core", u"af_xdp"],
u"Intel-E822CQ": [u"vfio-pci"],
u"Intel-E810CQ": [u"vfio-pci"],
u"Amazon-Nitro-50G": [u"vfio-pci"],
+ u"Amazon-Nitro-100G": [u"vfio-pci"],
+ u"Amazon-Nitro-200G": [u"vfio-pci"],
u"Mellanox-CX556A": [u"mlx5_core"],
u"Mellanox-CX6DX": [u"mlx5_core"],
u"Mellanox-CX7VEAT": [u"mlx5_core"],
--- /dev/null
+---
+metadata:
+ version: 0.1
+ schema:
+ - resources/topology_schemas/3_node_topology.sch.yaml
+ - resources/topology_schemas/topology.sch.yaml
+ tags: [hw, 3-node]
+
+nodes:
+ TG:
+ type: TG
+ subtype: TREX
+ host: "{{ tg_public_ip }}"
+ arch: x86_64
+ port: 22
+ username: testuser
+ password: Csit1234
+ interfaces:
+ port1:
+ # tg_instance/p1 - 100GE port1 on ENA NIC.
+ mac_address: {{ tg_if1_mac }}
+ pci_address: "0000:00:06.0"
+ link: link1
+ model: Amazon-Nitro-100G
+ port2:
+ # tg_instance/p2 - 100GE port2 on ENA NIC.
+ mac_address: {{ tg_if2_mac }}
+ pci_address: "0000:00:07.0"
+ link: link2
+ model: Amazon-Nitro-100G
+ DUT1:
+ type: DUT
+ host: "{{ dut1_public_ip }}"
+ arch: x86_64
+ port: 22
+ username: testuser
+ password: Csit1234
+ uio_driver: vfio-pci
+ honeycomb:
+ user: admin
+ passwd: admin
+ port: 8183
+ netconf_port: 2831
+ interfaces:
+ port1:
+ # dut1_instance/p1 - 100GE port1 on ENA NIC.
+ mac_address: {{ dut1_if1_mac }}
+ pci_address: "0000:00:06.0"
+ link: link1
+ model: Amazon-Nitro-100G
+ port2:
+ # dut1_instance/p2 - 100GE port2 on ENA NIC.
+ mac_address: {{ dut1_if2_mac }}
+ pci_address: "0000:00:07.0"
+ link: link21
+ model: Amazon-Nitro-100G
+ DUT2:
+ type: DUT
+ host: "{{ dut2_public_ip }}"
+ arch: x86_64
+ port: 22
+ username: testuser
+ password: Csit1234
+ uio_driver: vfio-pci
+ interfaces:
+ port1:
+ # dut2_instance/p1 - 100GE port1 on ENA NIC.
+ mac_address: {{ dut2_if1_mac }}
+ pci_address: "0000:00:06.0"
+ link: link21
+ model: Amazon-Nitro-100G
+ port2:
+ # dut2_instance/p2 - 100GE port1 on ENA NIC.
+ mac_address: {{ dut2_if2_mac }}
+ pci_address: "0000:00:07.0"
+ link: link2
+ model: Amazon-Nitro-100G
+
--- /dev/null
+---
+metadata:
+ version: 0.1
+ schema:
+ - resources/topology_schemas/3_node_topology.sch.yaml
+ - resources/topology_schemas/topology.sch.yaml
+ tags: [hw, 3-node]
+
+nodes:
+ TG:
+ type: TG
+ subtype: TREX
+ host: "{{ tg_public_ip }}"
+ arch: x86_64
+ port: 22
+ username: testuser
+ password: Csit1234
+ interfaces:
+ port1:
+ # tg_instance/p1 - 200GE port1 on ENA NIC.
+ mac_address: {{ tg_if1_mac }}
+ pci_address: "0000:00:06.0"
+ link: link1
+ model: Amazon-Nitro-200G
+ port2:
+ # tg_instance/p2 - 200GE port2 on ENA NIC.
+ mac_address: {{ tg_if2_mac }}
+ pci_address: "0000:00:07.0"
+ link: link2
+ model: Amazon-Nitro-200G
+ DUT1:
+ type: DUT
+ host: "{{ dut1_public_ip }}"
+ arch: x86_64
+ port: 22
+ username: testuser
+ password: Csit1234
+ uio_driver: vfio-pci
+ honeycomb:
+ user: admin
+ passwd: admin
+ port: 8183
+ netconf_port: 2831
+ interfaces:
+ port1:
+ # dut1_instance/p1 - 200GE port1 on ENA NIC.
+ mac_address: {{ dut1_if1_mac }}
+ pci_address: "0000:00:06.0"
+ link: link1
+ model: Amazon-Nitro-200G
+ port2:
+ # dut1_instance/p2 - 200GE port2 on ENA NIC.
+ mac_address: {{ dut1_if2_mac }}
+ pci_address: "0000:00:07.0"
+ link: link21
+ model: Amazon-Nitro-200G
+ DUT2:
+ type: DUT
+ host: "{{ dut2_public_ip }}"
+ arch: x86_64
+ port: 22
+ username: testuser
+ password: Csit1234
+ uio_driver: vfio-pci
+ interfaces:
+ port1:
+ # dut2_instance/p1 - 200GE port1 on ENA NIC.
+ mac_address: {{ dut2_if1_mac }}
+ pci_address: "0000:00:06.0"
+ link: link21
+ model: Amazon-Nitro-200G
+ port2:
+ # dut2_instance/p2 - 200GE port1 on ENA NIC.
+ mac_address: {{ dut2_if2_mac }}
+ pci_address: "0000:00:07.0"
+ link: link2
+ model: Amazon-Nitro-200G
+
Code Review / csit.git / commitdiff