This Terraform script deploys a SNS EVA high availability cluster on Outscale in a single availability zone in an existing VPC.
- Terraform
- Outscale Terraform Provider
- Outscale VPC with 3 subnets, an Internet Gateway, a default route table with a default route
- SNS version 4.7.1 or greater
- Edit the variable template terraform.tfvars.example
$ cp terraform.tfvars.example terraform.tfvars
- Add your Outscale access key/secret and key pair name to terraform.tfvars
- Configure the three subnets:
- Public : Internet facing subnet
- Private: subnet with the assets to protect
- Sync: subnet dedicated to appliances synchronisation
- Configure the ip addresses according to the subnet networks
$ terraform apply
$ terraform apply
Note: The two apply commands are necessary for the source/dest check parameter.
Terraform outputs the main EIP of the cluster and the temporary EIP for the second EVA VM.
- Connect to both VM web gui to install licences/init kit.
- Create the HA cluster on the first EVA VM
> CONFIG HA CREATE ifname=sync password=<secretpassword> Unicast=1 SynchronizeMacAddress=0
100 code=00101e00 msg="Success"
> CONFIG HA activate
100 code=00a00100 msg="Ok"
-
For firmware version lesser than 4.7.1, the
UnicastandSynchronizeMacAddressoptions don't exist. It is necessary to delete the forced mac address from the configuration. Via SSH access edit/usr/Firewall/ConfigFiles/networkfile and delete or comment theMacAddresstokens of theethernet0andethernet2sections. -
Connect to the second EVA VM via the web gui and join the cluster on EVA2
> CONFIG HA JOIN ip=10.0.2.11 password=<secretpassword>
100 code=00101e00 msg="Success"
> CONFIG HA Activate
103 code=00102700 msg="rebooting..."
Leaving client...
-
Delete the temporary EIP for EVA2 which is no longer used
-
Connect to the cluster IP via https, the high availability monitoring will update the cluster status after the second VM reboot.
To remove all deployed ressources:
$ terraform destroy