diff --git a/.gitignore b/.gitignore index a82a349..51c975f 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,8 @@ .terraform* -terraform.tfstate* \ No newline at end of file +terraform.tfstate* + +*openrc.sh + +.terraform +.DS_Store +cloud.conf diff --git a/README.md b/README.md index 5ebb5bd..bbd7c67 100644 --- a/README.md +++ b/README.md @@ -1,11 +1,11 @@ -# Terraform Workshop Exercises +# BWS OpenStack Terraform Workshop Exercises # Setup In order to participate in the hands-on exercises of the workshop, you will need to have some tools installed beforehand. You will need to install the following tools: -* Terraform 0.14.6: [Terraform Program](https://releases.hashicorp.com/terraform/0.14.6/) and [Tutorial](https://learn.hashicorp.com/tutorials/terraform/install-cli) on how to install terraform on different OS +* Terraform 1.9.3: [Terraform Program](https://releases.hashicorp.com/terraform/1.9.3/) and [Tutorial](https://learn.hashicorp.com/tutorials/terraform/install-cli) on how to install terraform on different OS * Terraform extension for e.g. VScode Editor -* [AWS CLI v2](https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2-mac.html#cliv2-mac-install-cmd) +* [OpenStack CLI](https://docs.openstack.org/newton/user-guide/common/cli-install-openstack-command-line-clients.html) The tools are also available in numerous package repositories. You can also manage your versions through [tfenv](https://github.com/tfutils/tfenv) and [tgenv](https://github.com/cunymatthieu/tgenv). diff --git a/basic_10_remote_state/main.tf b/basic_10_remote_state/main.tf index b7158e5..82b2896 100755 --- a/basic_10_remote_state/main.tf +++ b/basic_10_remote_state/main.tf @@ -1,21 +1,8 @@ -terraform { - backend "s3" { - bucket = "" - key = "" - region = "eu-central-1" - dynamodb_table = "" - } -} +module "my_instance" { + source = "./modules/compute" -provider "aws" { - region = "eu-central-1" -} - -module "my_instances" { - source = "./modules/ec2" - - names = ["Instance-1", "Instance-2"] - instance_type = "t3.micro" + names = ["basic_module_10_1", "basic_module_10_2"] + flavor_name = "BWS-C1-1-2" security_groups = [module.http_security_group.security_group_name] } @@ -26,3 +13,31 @@ module "http_security_group" { from_port = 80 to_port = 80 } + +# We can use the Openstack Object store (Ceph S3 compatible object storage) to store the terraform state. For that to work you have to +# create the container / bucket manually either in the web gui or with the openstack cli. You also have to create openstack ec2 credentials + +# 1. via UI see screenshot remote_state_bucket_bws.png or via cli $ openstack container create +# 2. $ openstack ec2 credentials create # Can this also be done in the UI? +# 3. use the output credentials of 2. in you terragform init command +# terraform init -backend-config="access_key=< output access >" -backend-config="secret_key=" + +terraform { + required_providers { + openstack = { + source = "terraform-provider-openstack/openstack" + version = "~> 1.53.0" + } + } + backend "s3" { + bucket = "terraform-ws" + endpoint = "https://s3.bws.burda.com" + force_path_style = true + skip_requesting_account_id = true + key = "terraform.tfstate" + region = "default" + skip_credentials_validation = true + skip_region_validation = true + skip_s3_checksum = true + } +} diff --git a/basic_10_remote_state/modules/compute/instance.tf b/basic_10_remote_state/modules/compute/instance.tf new file mode 100755 index 0000000..f4d27af --- /dev/null +++ b/basic_10_remote_state/modules/compute/instance.tf @@ -0,0 +1,48 @@ +data "openstack_images_image_v2" "ubuntu" { + name = "Ubuntu 24.04 GuestAgent" + most_recent = true + + properties = { + key = "value" + } +} + +resource "openstack_compute_instance_v2" "basic_module" { + for_each = var.names + name = each.value + flavor_name = var.flavor_name + + security_groups = var.security_groups + + user_data = < >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1 + apt update -y + apt install -y apache2 + apt install -y mysql-server + apt install -y php php-mysql libapache2-mod-php php-cli + ufw allow in "Apache Full" + chown -R ubuntu /var/www/html/ + systemctl enable apache2 + systemctl start apache2 + echo "Hello from " > /var/www/html/index.php +EOF + + + metadata = { + Name = "Hello World" + } + + network { + name = "Public1" + } + + block_device { + uuid = data.openstack_images_image_v2.ubuntu.id + source_type = "image" + volume_size = 10 + destination_type = "volume" + delete_on_termination = true + } +} + diff --git a/basic_10_remote_state/modules/compute/main.tf b/basic_10_remote_state/modules/compute/main.tf new file mode 100755 index 0000000..63b7bac --- /dev/null +++ b/basic_10_remote_state/modules/compute/main.tf @@ -0,0 +1,10 @@ +terraform { + required_version = ">= 1.9.3" + required_providers { + openstack = { + source = "terraform-provider-openstack/openstack" + version = "~> 1.53.0" + } + } +} + diff --git a/basic_11_import_ec2_instance/modules/ec2/variables.tf b/basic_10_remote_state/modules/compute/variables.tf similarity index 57% rename from basic_11_import_ec2_instance/modules/ec2/variables.tf rename to basic_10_remote_state/modules/compute/variables.tf index a438adb..076a8ee 100755 --- a/basic_11_import_ec2_instance/modules/ec2/variables.tf +++ b/basic_10_remote_state/modules/compute/variables.tf @@ -1,13 +1,13 @@ variable "names" { type = set(string) - description = "The Name tag for the EC2 instance" + description = "The Name for the compute instance" default = null } -variable "instance_type" { +variable "flavor_name" { type = string - description = "The instance type to use with the EC2 instance" - default = "t3.nano" + description = "The flavour to use with the compute instance" + default = "BWS-C1-1-2" #BWS-C1-1-2 } variable "security_groups" { @@ -15,3 +15,4 @@ variable "security_groups" { description = "Names of security groups to attach to this instance" default = null } + diff --git a/basic_10_remote_state/modules/ec2/main.tf b/basic_10_remote_state/modules/ec2/main.tf deleted file mode 100755 index 5759f14..0000000 --- a/basic_10_remote_state/modules/ec2/main.tf +++ /dev/null @@ -1,41 +0,0 @@ -resource "aws_instance" "foo" { - for_each = var.names - ami = data.aws_ami.amazon_ecs_optimized.id - instance_type = var.instance_type - security_groups = var.security_groups - user_data = <" > /var/www/html/index.php -EOF - - tags = { - Name = each.value - } -} - -resource "aws_eip" "ip" { - for_each = aws_instance.foo - - instance = each.value.id - vpc = true -} - -data "aws_ami" "amazon_ecs_optimized" { - most_recent = true - owners = ["amazon"] - - filter { - name = "name" - values = ["amzn2-ami-ecs*"] - } -} diff --git a/basic_10_remote_state/modules/security_group/main.tf b/basic_10_remote_state/modules/security_group/main.tf index e453f82..7ba59d2 100755 --- a/basic_10_remote_state/modules/security_group/main.tf +++ b/basic_10_remote_state/modules/security_group/main.tf @@ -1,17 +1,9 @@ -resource "aws_security_group" "group" { - name = var.name - - ingress { - from_port = var.from_port - to_port = var.to_port - protocol = "tcp" - cidr_blocks = ["0.0.0.0/0"] - } - - egress { - from_port = 0 - to_port = 0 - protocol = "-1" - cidr_blocks = ["0.0.0.0/0"] +terraform { + required_version = ">= 1.9.3" + required_providers { + openstack = { + source = "terraform-provider-openstack/openstack" + version = "~> 1.53.0" + } } } diff --git a/basic_10_remote_state/modules/security_group/outputs.tf b/basic_10_remote_state/modules/security_group/outputs.tf index a376564..bc1d7b2 100755 --- a/basic_10_remote_state/modules/security_group/outputs.tf +++ b/basic_10_remote_state/modules/security_group/outputs.tf @@ -1,3 +1,3 @@ output "security_group_name" { - value = aws_security_group.group.name + value = openstack_networking_secgroup_v2.allow_http.name } diff --git a/basic_10_remote_state/modules/security_group/security_group.tf b/basic_10_remote_state/modules/security_group/security_group.tf new file mode 100644 index 0000000..2fe8f4f --- /dev/null +++ b/basic_10_remote_state/modules/security_group/security_group.tf @@ -0,0 +1,24 @@ +resource "openstack_networking_secgroup_v2" "allow_http" { + name = var.name + description = "Allow http inbound traffic to ${var.name}" + delete_default_rules = true +} + +resource "openstack_networking_secgroup_rule_v2" "allow_http_egress" { + direction = "egress" + ethertype = "IPv4" + port_range_min = 0 + port_range_max = 0 + remote_ip_prefix = "0.0.0.0/0" + security_group_id = openstack_networking_secgroup_v2.allow_http.id +} + +resource "openstack_networking_secgroup_rule_v2" "allow_http_ingress" { + direction = "ingress" + ethertype = "IPv4" + protocol = "tcp" + port_range_min = var.from_port + port_range_max = var.to_port + remote_ip_prefix = "0.0.0.0/0" + security_group_id = openstack_networking_secgroup_v2.allow_http.id +} diff --git a/basic_10_remote_state/modules/security_group/variables.tf b/basic_10_remote_state/modules/security_group/variables.tf index ae55b5c..766fad9 100755 --- a/basic_10_remote_state/modules/security_group/variables.tf +++ b/basic_10_remote_state/modules/security_group/variables.tf @@ -1,14 +1,14 @@ variable "name" { - type = string + type = string description = "Name of the security group" } variable "from_port" { - type = number + type = number description = "First port in range to open" } variable "to_port" { - type = number + type = number description = "Last port in range to open" } \ No newline at end of file diff --git a/basic_10_remote_state/remote_state_bucket_bws.png b/basic_10_remote_state/remote_state_bucket_bws.png new file mode 100644 index 0000000..ad0d2ab Binary files /dev/null and b/basic_10_remote_state/remote_state_bucket_bws.png differ diff --git a/basic_11_import_compute_instance/create_compute_instance_01.png b/basic_11_import_compute_instance/create_compute_instance_01.png new file mode 100644 index 0000000..91d10d3 Binary files /dev/null and b/basic_11_import_compute_instance/create_compute_instance_01.png differ diff --git a/basic_11_import_compute_instance/create_compute_instance_02.png b/basic_11_import_compute_instance/create_compute_instance_02.png new file mode 100644 index 0000000..15d209d Binary files /dev/null and b/basic_11_import_compute_instance/create_compute_instance_02.png differ diff --git a/basic_11_import_compute_instance/main.tf b/basic_11_import_compute_instance/main.tf new file mode 100755 index 0000000..47aa743 --- /dev/null +++ b/basic_11_import_compute_instance/main.tf @@ -0,0 +1,66 @@ +module "my_instance" { + source = "./modules/compute" + + names = ["basic_module_11_1", "basic_module_11_2"] + flavor_name = "BWS-C1-1-2" + security_groups = [module.http_security_group.security_group_name] +} + +module "http_security_group" { + source = "./modules/security_group" + + name = "http_access" + from_port = 80 + to_port = 80 +} + + +//Create a compute instance manually in the UI. See screenshots. +// Can be imported with "terraform import openstack_compute_instance_v2.legacy xxxxxxxx-xxxx-xxxx-xxxxxxxxxxxx" +resource "openstack_compute_instance_v2" "legacy" { + name = "imported_basic_11" + flavor_name = "BWS-T1-2-2" + security_groups = ["default"] + + key_pair = "terraform_ws" + + block_device { + uuid = "508c8c73-dd30-49fd-9679-c57365a699d1" + source_type = "image" + volume_size = 10 + destination_type = "volume" + delete_on_termination = true + } + + network { + name = "Public1" + } +} + +# We can use the Openstack Object store (Ceph S3 compatible object storage) to store the terraform state. For that to work you have to +# create the container / bucket manually either in the web gui or with the openstack cli. You also have to create openstack ec2 credentials + +# 1. via UI see screenshot remote_state_bucket_bws.png or via cli $ openstack container create +# 2. $ openstack ec2 credentials create # Can this also be done in the UI? +# 3. use the output credentials of 2. in you terragform init command +# terraform init -backend-config="access_key=< output access >" -backend-config="secret_key=" + +terraform { + required_providers { + openstack = { + source = "terraform-provider-openstack/openstack" + version = "~> 1.53.0" + } + } + backend "s3" { + bucket = "terraform-ws" + endpoint = "https://s3.bws.burda.com" + force_path_style = true + skip_requesting_account_id = true + key = "terraform.tfstate" + region = "default" + skip_credentials_validation = true + skip_region_validation = true + skip_s3_checksum = true + } +} diff --git a/basic_11_import_compute_instance/modules/compute/instance.tf b/basic_11_import_compute_instance/modules/compute/instance.tf new file mode 100755 index 0000000..f4d27af --- /dev/null +++ b/basic_11_import_compute_instance/modules/compute/instance.tf @@ -0,0 +1,48 @@ +data "openstack_images_image_v2" "ubuntu" { + name = "Ubuntu 24.04 GuestAgent" + most_recent = true + + properties = { + key = "value" + } +} + +resource "openstack_compute_instance_v2" "basic_module" { + for_each = var.names + name = each.value + flavor_name = var.flavor_name + + security_groups = var.security_groups + + user_data = < >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1 + apt update -y + apt install -y apache2 + apt install -y mysql-server + apt install -y php php-mysql libapache2-mod-php php-cli + ufw allow in "Apache Full" + chown -R ubuntu /var/www/html/ + systemctl enable apache2 + systemctl start apache2 + echo "Hello from " > /var/www/html/index.php +EOF + + + metadata = { + Name = "Hello World" + } + + network { + name = "Public1" + } + + block_device { + uuid = data.openstack_images_image_v2.ubuntu.id + source_type = "image" + volume_size = 10 + destination_type = "volume" + delete_on_termination = true + } +} + diff --git a/basic_11_import_compute_instance/modules/compute/main.tf b/basic_11_import_compute_instance/modules/compute/main.tf new file mode 100755 index 0000000..63b7bac --- /dev/null +++ b/basic_11_import_compute_instance/modules/compute/main.tf @@ -0,0 +1,10 @@ +terraform { + required_version = ">= 1.9.3" + required_providers { + openstack = { + source = "terraform-provider-openstack/openstack" + version = "~> 1.53.0" + } + } +} + diff --git a/basic_10_remote_state/modules/ec2/variables.tf b/basic_11_import_compute_instance/modules/compute/variables.tf similarity index 57% rename from basic_10_remote_state/modules/ec2/variables.tf rename to basic_11_import_compute_instance/modules/compute/variables.tf index a438adb..076a8ee 100755 --- a/basic_10_remote_state/modules/ec2/variables.tf +++ b/basic_11_import_compute_instance/modules/compute/variables.tf @@ -1,13 +1,13 @@ variable "names" { type = set(string) - description = "The Name tag for the EC2 instance" + description = "The Name for the compute instance" default = null } -variable "instance_type" { +variable "flavor_name" { type = string - description = "The instance type to use with the EC2 instance" - default = "t3.nano" + description = "The flavour to use with the compute instance" + default = "BWS-C1-1-2" #BWS-C1-1-2 } variable "security_groups" { @@ -15,3 +15,4 @@ variable "security_groups" { description = "Names of security groups to attach to this instance" default = null } + diff --git a/basic_11_import_compute_instance/modules/security_group/main.tf b/basic_11_import_compute_instance/modules/security_group/main.tf new file mode 100755 index 0000000..7ba59d2 --- /dev/null +++ b/basic_11_import_compute_instance/modules/security_group/main.tf @@ -0,0 +1,9 @@ +terraform { + required_version = ">= 1.9.3" + required_providers { + openstack = { + source = "terraform-provider-openstack/openstack" + version = "~> 1.53.0" + } + } +} diff --git a/basic_11_import_compute_instance/modules/security_group/outputs.tf b/basic_11_import_compute_instance/modules/security_group/outputs.tf new file mode 100755 index 0000000..bc1d7b2 --- /dev/null +++ b/basic_11_import_compute_instance/modules/security_group/outputs.tf @@ -0,0 +1,3 @@ +output "security_group_name" { + value = openstack_networking_secgroup_v2.allow_http.name +} diff --git a/basic_11_import_compute_instance/modules/security_group/security_group.tf b/basic_11_import_compute_instance/modules/security_group/security_group.tf new file mode 100644 index 0000000..2fe8f4f --- /dev/null +++ b/basic_11_import_compute_instance/modules/security_group/security_group.tf @@ -0,0 +1,24 @@ +resource "openstack_networking_secgroup_v2" "allow_http" { + name = var.name + description = "Allow http inbound traffic to ${var.name}" + delete_default_rules = true +} + +resource "openstack_networking_secgroup_rule_v2" "allow_http_egress" { + direction = "egress" + ethertype = "IPv4" + port_range_min = 0 + port_range_max = 0 + remote_ip_prefix = "0.0.0.0/0" + security_group_id = openstack_networking_secgroup_v2.allow_http.id +} + +resource "openstack_networking_secgroup_rule_v2" "allow_http_ingress" { + direction = "ingress" + ethertype = "IPv4" + protocol = "tcp" + port_range_min = var.from_port + port_range_max = var.to_port + remote_ip_prefix = "0.0.0.0/0" + security_group_id = openstack_networking_secgroup_v2.allow_http.id +} diff --git a/basic_11_import_ec2_instance/modules/security_group/variables.tf b/basic_11_import_compute_instance/modules/security_group/variables.tf similarity index 74% rename from basic_11_import_ec2_instance/modules/security_group/variables.tf rename to basic_11_import_compute_instance/modules/security_group/variables.tf index ae55b5c..766fad9 100755 --- a/basic_11_import_ec2_instance/modules/security_group/variables.tf +++ b/basic_11_import_compute_instance/modules/security_group/variables.tf @@ -1,14 +1,14 @@ variable "name" { - type = string + type = string description = "Name of the security group" } variable "from_port" { - type = number + type = number description = "First port in range to open" } variable "to_port" { - type = number + type = number description = "Last port in range to open" } \ No newline at end of file diff --git a/basic_11_import_ec2_instance/main.tf b/basic_11_import_ec2_instance/main.tf deleted file mode 100755 index 757b098..0000000 --- a/basic_11_import_ec2_instance/main.tf +++ /dev/null @@ -1,38 +0,0 @@ -terraform { - backend "s3" { - bucket = "" - key = "" - region = "eu-central-1" - dynamodb_table = "" - } -} - -provider "aws" { - region = "eu-central-1" -} - -module "my_instances" { - source = "./modules/ec2" - - names = ["Instance-1", "Instance-2"] - instance_type = "t3.micro" - security_groups = [module.http_security_group.security_group_name] -} - -module "http_security_group" { - source = "./modules/security_group" - - name = "http_access" - from_port = 80 - to_port = 80 -} - -// Can be imported with "terraform import aws_instance.legacy i-1234567890" -resource "aws_instance" "legacy" { - ami = "ami-0c115dbd34c69a004" # insert ami of used instance - instance_type = "t2.micro" - - tags = { - Name = "LegacyInstance" - } -} diff --git a/basic_11_import_ec2_instance/modules/ec2/main.tf b/basic_11_import_ec2_instance/modules/ec2/main.tf deleted file mode 100755 index 5759f14..0000000 --- a/basic_11_import_ec2_instance/modules/ec2/main.tf +++ /dev/null @@ -1,41 +0,0 @@ -resource "aws_instance" "foo" { - for_each = var.names - ami = data.aws_ami.amazon_ecs_optimized.id - instance_type = var.instance_type - security_groups = var.security_groups - user_data = <" > /var/www/html/index.php -EOF - - tags = { - Name = each.value - } -} - -resource "aws_eip" "ip" { - for_each = aws_instance.foo - - instance = each.value.id - vpc = true -} - -data "aws_ami" "amazon_ecs_optimized" { - most_recent = true - owners = ["amazon"] - - filter { - name = "name" - values = ["amzn2-ami-ecs*"] - } -} diff --git a/basic_11_import_ec2_instance/modules/security_group/main.tf b/basic_11_import_ec2_instance/modules/security_group/main.tf deleted file mode 100755 index e453f82..0000000 --- a/basic_11_import_ec2_instance/modules/security_group/main.tf +++ /dev/null @@ -1,17 +0,0 @@ -resource "aws_security_group" "group" { - name = var.name - - ingress { - from_port = var.from_port - to_port = var.to_port - protocol = "tcp" - cidr_blocks = ["0.0.0.0/0"] - } - - egress { - from_port = 0 - to_port = 0 - protocol = "-1" - cidr_blocks = ["0.0.0.0/0"] - } -} diff --git a/basic_11_import_ec2_instance/modules/security_group/outputs.tf b/basic_11_import_ec2_instance/modules/security_group/outputs.tf deleted file mode 100755 index a376564..0000000 --- a/basic_11_import_ec2_instance/modules/security_group/outputs.tf +++ /dev/null @@ -1,3 +0,0 @@ -output "security_group_name" { - value = aws_security_group.group.name -} diff --git a/basic_12_workspaces/create_compute_instance_01.png b/basic_12_workspaces/create_compute_instance_01.png new file mode 100644 index 0000000..91d10d3 Binary files /dev/null and b/basic_12_workspaces/create_compute_instance_01.png differ diff --git a/basic_12_workspaces/create_compute_instance_02.png b/basic_12_workspaces/create_compute_instance_02.png new file mode 100644 index 0000000..15d209d Binary files /dev/null and b/basic_12_workspaces/create_compute_instance_02.png differ diff --git a/basic_12_workspaces/main.tf b/basic_12_workspaces/main.tf index 6d4f98a..307c841 100755 --- a/basic_12_workspaces/main.tf +++ b/basic_12_workspaces/main.tf @@ -1,21 +1,8 @@ -terraform { - backend "s3" { - bucket = "" - key = "" - region = "eu-central-1" - dynamodb_table = "" - } -} - -provider "aws" { - region = "eu-central-1" -} - -module "my_instances" { - source = "./modules/ec2" +module "my_instance" { + source = "./modules/compute" - names = ["Instance-1-${terraform.workspace}", "Instance-2-${terraform.workspace}"] - instance_type = "t3.micro" + names = ["basic_module_12_1-${terraform.workspace}", "basic_module_12_2-${terraform.workspace}"] + flavor_name = "BWS-C1-1-2" security_groups = [module.http_security_group.security_group_name] } @@ -27,12 +14,53 @@ module "http_security_group" { to_port = 80 } -// Can be imported with "terraform import aws_instance.legacy i-1234567890" -resource "aws_instance" "legacy" { - ami = "ami-0c115dbd34c69a004" # insert ami of used instance - instance_type = "t2.micro" - tags = { - Name = "LegacyInstance-${terraform.workspace}" +//Create a compute instance manually in the UI. See screenshots. +// Can be imported with "terraform import openstack_compute_instance_v2.legacy xxxxxxxx-xxxx-xxxx-xxxxxxxxxxxx" +resource "openstack_compute_instance_v2" "legacy" { + name = "imported_basic_12-${terraform.workspace}" + flavor_name = "BWS-T1-2-2" + security_groups = ["default"] + + key_pair = "terraform_ws" + + block_device { + uuid = "508c8c73-dd30-49fd-9679-c57365a699d1" + source_type = "image" + volume_size = 10 + destination_type = "volume" + delete_on_termination = true + } + + network { + name = "Public1" + } +} + +# We can use the Openstack Object store (Ceph S3 compatible object storage) to store the terraform state. For that to work you have to +# create the container / bucket manually either in the web gui or with the openstack cli. You also have to create openstack ec2 credentials + +# 1. via UI see screenshot remote_state_bucket_bws.png or via cli $ openstack container create +# 2. $ openstack ec2 credentials create # Can this also be done in the UI? +# 3. use the output credentials of 2. in you terragform init command +# terraform init -backend-config="access_key=< output access >" -backend-config="secret_key=" + +terraform { + required_providers { + openstack = { + source = "terraform-provider-openstack/openstack" + version = "~> 1.53.0" + } + } + backend "s3" { + bucket = "terraform-ws" + endpoint = "https://s3.bws.burda.com" + force_path_style = true + skip_requesting_account_id = true + key = "terraform.tfstate" + region = "default" + skip_credentials_validation = true + skip_region_validation = true + skip_s3_checksum = true } } diff --git a/basic_12_workspaces/modules/compute/instance.tf b/basic_12_workspaces/modules/compute/instance.tf new file mode 100755 index 0000000..f4d27af --- /dev/null +++ b/basic_12_workspaces/modules/compute/instance.tf @@ -0,0 +1,48 @@ +data "openstack_images_image_v2" "ubuntu" { + name = "Ubuntu 24.04 GuestAgent" + most_recent = true + + properties = { + key = "value" + } +} + +resource "openstack_compute_instance_v2" "basic_module" { + for_each = var.names + name = each.value + flavor_name = var.flavor_name + + security_groups = var.security_groups + + user_data = < >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1 + apt update -y + apt install -y apache2 + apt install -y mysql-server + apt install -y php php-mysql libapache2-mod-php php-cli + ufw allow in "Apache Full" + chown -R ubuntu /var/www/html/ + systemctl enable apache2 + systemctl start apache2 + echo "Hello from " > /var/www/html/index.php +EOF + + + metadata = { + Name = "Hello World" + } + + network { + name = "Public1" + } + + block_device { + uuid = data.openstack_images_image_v2.ubuntu.id + source_type = "image" + volume_size = 10 + destination_type = "volume" + delete_on_termination = true + } +} + diff --git a/basic_12_workspaces/modules/compute/main.tf b/basic_12_workspaces/modules/compute/main.tf new file mode 100755 index 0000000..63b7bac --- /dev/null +++ b/basic_12_workspaces/modules/compute/main.tf @@ -0,0 +1,10 @@ +terraform { + required_version = ">= 1.9.3" + required_providers { + openstack = { + source = "terraform-provider-openstack/openstack" + version = "~> 1.53.0" + } + } +} + diff --git a/basic_12_workspaces/modules/ec2/variables.tf b/basic_12_workspaces/modules/compute/variables.tf similarity index 57% rename from basic_12_workspaces/modules/ec2/variables.tf rename to basic_12_workspaces/modules/compute/variables.tf index a438adb..076a8ee 100755 --- a/basic_12_workspaces/modules/ec2/variables.tf +++ b/basic_12_workspaces/modules/compute/variables.tf @@ -1,13 +1,13 @@ variable "names" { type = set(string) - description = "The Name tag for the EC2 instance" + description = "The Name for the compute instance" default = null } -variable "instance_type" { +variable "flavor_name" { type = string - description = "The instance type to use with the EC2 instance" - default = "t3.nano" + description = "The flavour to use with the compute instance" + default = "BWS-C1-1-2" #BWS-C1-1-2 } variable "security_groups" { @@ -15,3 +15,4 @@ variable "security_groups" { description = "Names of security groups to attach to this instance" default = null } + diff --git a/basic_12_workspaces/modules/ec2/main.tf b/basic_12_workspaces/modules/ec2/main.tf deleted file mode 100755 index 5759f14..0000000 --- a/basic_12_workspaces/modules/ec2/main.tf +++ /dev/null @@ -1,41 +0,0 @@ -resource "aws_instance" "foo" { - for_each = var.names - ami = data.aws_ami.amazon_ecs_optimized.id - instance_type = var.instance_type - security_groups = var.security_groups - user_data = <" > /var/www/html/index.php -EOF - - tags = { - Name = each.value - } -} - -resource "aws_eip" "ip" { - for_each = aws_instance.foo - - instance = each.value.id - vpc = true -} - -data "aws_ami" "amazon_ecs_optimized" { - most_recent = true - owners = ["amazon"] - - filter { - name = "name" - values = ["amzn2-ami-ecs*"] - } -} diff --git a/basic_12_workspaces/modules/security_group/main.tf b/basic_12_workspaces/modules/security_group/main.tf index e453f82..7ba59d2 100755 --- a/basic_12_workspaces/modules/security_group/main.tf +++ b/basic_12_workspaces/modules/security_group/main.tf @@ -1,17 +1,9 @@ -resource "aws_security_group" "group" { - name = var.name - - ingress { - from_port = var.from_port - to_port = var.to_port - protocol = "tcp" - cidr_blocks = ["0.0.0.0/0"] - } - - egress { - from_port = 0 - to_port = 0 - protocol = "-1" - cidr_blocks = ["0.0.0.0/0"] +terraform { + required_version = ">= 1.9.3" + required_providers { + openstack = { + source = "terraform-provider-openstack/openstack" + version = "~> 1.53.0" + } } } diff --git a/basic_12_workspaces/modules/security_group/outputs.tf b/basic_12_workspaces/modules/security_group/outputs.tf index a376564..bc1d7b2 100755 --- a/basic_12_workspaces/modules/security_group/outputs.tf +++ b/basic_12_workspaces/modules/security_group/outputs.tf @@ -1,3 +1,3 @@ output "security_group_name" { - value = aws_security_group.group.name + value = openstack_networking_secgroup_v2.allow_http.name } diff --git a/basic_12_workspaces/modules/security_group/security_group.tf b/basic_12_workspaces/modules/security_group/security_group.tf new file mode 100644 index 0000000..2fe8f4f --- /dev/null +++ b/basic_12_workspaces/modules/security_group/security_group.tf @@ -0,0 +1,24 @@ +resource "openstack_networking_secgroup_v2" "allow_http" { + name = var.name + description = "Allow http inbound traffic to ${var.name}" + delete_default_rules = true +} + +resource "openstack_networking_secgroup_rule_v2" "allow_http_egress" { + direction = "egress" + ethertype = "IPv4" + port_range_min = 0 + port_range_max = 0 + remote_ip_prefix = "0.0.0.0/0" + security_group_id = openstack_networking_secgroup_v2.allow_http.id +} + +resource "openstack_networking_secgroup_rule_v2" "allow_http_ingress" { + direction = "ingress" + ethertype = "IPv4" + protocol = "tcp" + port_range_min = var.from_port + port_range_max = var.to_port + remote_ip_prefix = "0.0.0.0/0" + security_group_id = openstack_networking_secgroup_v2.allow_http.id +} diff --git a/basic_12_workspaces/modules/security_group/variables.tf b/basic_12_workspaces/modules/security_group/variables.tf index ae55b5c..766fad9 100755 --- a/basic_12_workspaces/modules/security_group/variables.tf +++ b/basic_12_workspaces/modules/security_group/variables.tf @@ -1,14 +1,14 @@ variable "name" { - type = string + type = string description = "Name of the security group" } variable "from_port" { - type = number + type = number description = "First port in range to open" } variable "to_port" { - type = number + type = number description = "Last port in range to open" } \ No newline at end of file diff --git a/basic_1_syntax/instance.tf b/basic_1_syntax/instance.tf new file mode 100644 index 0000000..e8b494e --- /dev/null +++ b/basic_1_syntax/instance.tf @@ -0,0 +1,20 @@ +resource "openstack_compute_instance_v2" "basic_1" { + name = "basic_1" + flavor_name = "BWS-C1-1-2" + + metadata = { + Name = "Hello World" + } + + network { + name = "Public1" + } + + block_device { + uuid = "11cfeaed-62a6-4a2c-8840-1e400f8cd772" + source_type = "image" + volume_size = 10 + destination_type = "volume" + delete_on_termination = true + } +} diff --git a/basic_1_syntax/main.tf b/basic_1_syntax/main.tf index 7790cdb..63b7bac 100755 --- a/basic_1_syntax/main.tf +++ b/basic_1_syntax/main.tf @@ -1,12 +1,10 @@ -provider "aws" { - region = "eu-central-1" +terraform { + required_version = ">= 1.9.3" + required_providers { + openstack = { + source = "terraform-provider-openstack/openstack" + version = "~> 1.53.0" + } + } } -resource "aws_instance" "web" { - ami = "ami-0c115dbd34c69a004" - instance_type = "t3.micro" - - tags = { - Name = "Hello World" - } -} \ No newline at end of file diff --git a/basic_2_terraform_state/instance.tf b/basic_2_terraform_state/instance.tf new file mode 100755 index 0000000..ea77741 --- /dev/null +++ b/basic_2_terraform_state/instance.tf @@ -0,0 +1,20 @@ +resource "openstack_compute_instance_v2" "basic_2" { + name = "basic_2" + flavor_name = "BWS-C1-1-2" + + metadata = { + Name = "Hello World" + } + + network { + name = "Public1" + } + + block_device { + uuid = "11cfeaed-62a6-4a2c-8840-1e400f8cd772" + source_type = "image" + volume_size = 10 + destination_type = "volume" + delete_on_termination = true + } +} diff --git a/basic_2_terraform_state/main.tf b/basic_2_terraform_state/main.tf index d44470c..63b7bac 100755 --- a/basic_2_terraform_state/main.tf +++ b/basic_2_terraform_state/main.tf @@ -1,12 +1,10 @@ -provider "aws" { - region = "eu-central-1" +terraform { + required_version = ">= 1.9.3" + required_providers { + openstack = { + source = "terraform-provider-openstack/openstack" + version = "~> 1.53.0" + } + } } -resource "aws_instance" "bar" { - ami = "ami-0c115dbd34c69a004" - instance_type = "t3.micro" - - tags = { - Name = "foo" - } -} \ No newline at end of file diff --git a/basic_3_resource_dependencies/instance.tf b/basic_3_resource_dependencies/instance.tf new file mode 100755 index 0000000..f8dcfca --- /dev/null +++ b/basic_3_resource_dependencies/instance.tf @@ -0,0 +1,26 @@ +resource "openstack_blockstorage_volume_v3" "basic_3" { + size = 10 + name = "basic_3" + image_id = "11cfeaed-62a6-4a2c-8840-1e400f8cd772" +} + +resource "openstack_compute_instance_v2" "basic_3" { + name = "basic_3" + flavor_name = "BWS-C1-1-2" + + metadata = { + Name = "Hello World" + } + + network { + name = "Public1" + } + + block_device { + uuid = openstack_blockstorage_volume_v3.basic_3.id + source_type = "volume" + destination_type = "volume" + delete_on_termination = true + } +} + diff --git a/basic_3_resource_dependencies/main.tf b/basic_3_resource_dependencies/main.tf index ef52d09..63b7bac 100755 --- a/basic_3_resource_dependencies/main.tf +++ b/basic_3_resource_dependencies/main.tf @@ -1,17 +1,10 @@ -provider "aws" { - region = "eu-central-1" -} - -resource "aws_instance" "foo" { - ami = "ami-0c115dbd34c69a004" - instance_type = "t3.micro" - - tags = { - Name = "bar" +terraform { + required_version = ">= 1.9.3" + required_providers { + openstack = { + source = "terraform-provider-openstack/openstack" + version = "~> 1.53.0" + } } } -resource "aws_eip" "ip" { - instance = aws_instance.foo.id - vpc = true -} \ No newline at end of file diff --git a/basic_4_working_with_documentation/instance.tf b/basic_4_working_with_documentation/instance.tf new file mode 100755 index 0000000..203b592 --- /dev/null +++ b/basic_4_working_with_documentation/instance.tf @@ -0,0 +1,53 @@ +resource "openstack_blockstorage_volume_v3" "basic_4" { + size = 10 + name = "basic_4" + image_id = "11cfeaed-62a6-4a2c-8840-1e400f8cd772" +} + +resource "openstack_compute_instance_v2" "basic_4" { + name = "basic_4" + flavor_name = "BWS-C1-1-2" + + security_groups = ["allow_http"] + + + metadata = { + Name = "Hello World" + } + + network { + name = "Public1" + } + + block_device { + uuid = openstack_blockstorage_volume_v3.basic_4.id + source_type = "volume" + destination_type = "volume" + delete_on_termination = true + } +} + +resource "openstack_networking_secgroup_v2" "allow_http" { + name = "allow_http" + description = "Allow http inbound traffic" + delete_default_rules = true +} + +resource "openstack_networking_secgroup_rule_v2" "allow_http_egress" { + direction = "egress" + ethertype = "IPv4" + port_range_min = 0 + port_range_max = 0 + remote_ip_prefix = "0.0.0.0/0" + security_group_id = openstack_networking_secgroup_v2.allow_http.id +} + +resource "openstack_networking_secgroup_rule_v2" "allow_http_ingress" { + direction = "ingress" + ethertype = "IPv4" + protocol = "tcp" + port_range_min = 80 + port_range_max = 80 + remote_ip_prefix = "0.0.0.0/0" + security_group_id = openstack_networking_secgroup_v2.allow_http.id +} diff --git a/basic_4_working_with_documentation/main.tf b/basic_4_working_with_documentation/main.tf index d526322..63b7bac 100755 --- a/basic_4_working_with_documentation/main.tf +++ b/basic_4_working_with_documentation/main.tf @@ -1,38 +1,10 @@ -provider "aws" { - region = "eu-central-1" -} - -resource "aws_instance" "foo" { - ami = "ami-0c115dbd34c69a004" - instance_type = "t3.micro" - security_groups = [aws_security_group.allow_http.name] - - tags = { - Name = "bar" +terraform { + required_version = ">= 1.9.3" + required_providers { + openstack = { + source = "terraform-provider-openstack/openstack" + version = "~> 1.53.0" + } } } -resource "aws_eip" "ip" { - instance = aws_instance.foo.id - vpc = true -} - -resource "aws_security_group" "allow_http" { - name = "allow_http" - description = "Allow http inbound traffic" - - ingress { - description = "allow http traffic from anywhere" - from_port = 80 - to_port = 80 - protocol = "tcp" - cidr_blocks = ["0.0.0.0/0"] - } - - egress { - from_port = 0 - to_port = 0 - protocol = "-1" - cidr_blocks = ["0.0.0.0/0"] - } -} \ No newline at end of file diff --git a/basic_5_data_sources/instance.tf b/basic_5_data_sources/instance.tf new file mode 100755 index 0000000..d3d27e2 --- /dev/null +++ b/basic_5_data_sources/instance.tf @@ -0,0 +1,62 @@ +data "openstack_images_image_v2" "ubuntu" { + name = "Ubuntu 24.04" + most_recent = true + + properties = { + key = "value" + } +} + +resource "openstack_blockstorage_volume_v3" "basic_5" { + size = 10 + name = "basic_5" + image_id = data.openstack_images_image_v2.ubuntu.id +} + +resource "openstack_compute_instance_v2" "basic_5" { + name = "basic_5" + flavor_name = "BWS-C1-1-2" + + security_groups = ["allow_http"] + + + metadata = { + Name = "Hello World" + } + + network { + name = "Public1" + } + + block_device { + uuid = openstack_blockstorage_volume_v3.basic_5.id + source_type = "volume" + destination_type = "volume" + delete_on_termination = true + } +} + +resource "openstack_networking_secgroup_v2" "allow_http" { + name = "allow_http" + description = "Allow http inbound traffic" + delete_default_rules = true +} + +resource "openstack_networking_secgroup_rule_v2" "allow_http_egress" { + direction = "egress" + ethertype = "IPv4" + port_range_min = 0 + port_range_max = 0 + remote_ip_prefix = "0.0.0.0/0" + security_group_id = openstack_networking_secgroup_v2.allow_http.id +} + +resource "openstack_networking_secgroup_rule_v2" "allow_http_ingress" { + direction = "ingress" + ethertype = "IPv4" + protocol = "tcp" + port_range_min = 80 + port_range_max = 80 + remote_ip_prefix = "0.0.0.0/0" + security_group_id = openstack_networking_secgroup_v2.allow_http.id +} diff --git a/basic_5_data_sources/main.tf b/basic_5_data_sources/main.tf index abbf355..63b7bac 100755 --- a/basic_5_data_sources/main.tf +++ b/basic_5_data_sources/main.tf @@ -1,49 +1,10 @@ -provider "aws" { - region = "eu-central-1" -} - -resource "aws_instance" "foo" { - ami = data.aws_ami.amazon_ecs_optimized.id - instance_type = "t3.micro" - security_groups = [aws_security_group.allow_http.name] - - tags = { - Name = "bar" - } -} - -resource "aws_eip" "ip" { - instance = aws_instance.foo.id - vpc = true -} - -resource "aws_security_group" "allow_http" { - name = "allow_http" - description = "Allow http inbound traffic" - - ingress { - description = "allow http traffic from anywhere" - from_port = 80 - to_port = 80 - protocol = "tcp" - cidr_blocks = ["0.0.0.0/0"] - } - - egress { - from_port = 0 - to_port = 0 - protocol = "-1" - cidr_blocks = ["0.0.0.0/0"] +terraform { + required_version = ">= 1.9.3" + required_providers { + openstack = { + source = "terraform-provider-openstack/openstack" + version = "~> 1.53.0" + } } } -data "aws_ami" "amazon_ecs_optimized" { - most_recent = true - owners = ["amazon"] - - filter { - name = "name" - values = ["amzn2-ami-ecs*"] - } - -} \ No newline at end of file diff --git a/basic_6_modules_and_variables/main.tf b/basic_6_modules_and_variables/main.tf index a2e5f14..12145ab 100755 --- a/basic_6_modules_and_variables/main.tf +++ b/basic_6_modules_and_variables/main.tf @@ -1,13 +1,15 @@ module "instance_one" { - source = "./modules/ec2" + source = "./modules/compute" - name = "my-instance-1" - instance_type = "t3.micro" + name = "basic_module_1" + image_name = "Ubuntu 24.04" + flavor_name = "BWS-C1-1-2" } module "instance_two" { - source = "./modules/ec2" + source = "./modules/compute" - name = "my-instance-2" - instance_type = "t3.micro" + name = "basic_module_2" + image_name = "Rocky 9" + flavor_name = "BWS-T1-2-4" } diff --git a/basic_6_modules_and_variables/modules/compute/instance.tf b/basic_6_modules_and_variables/modules/compute/instance.tf new file mode 100755 index 0000000..2e2fa78 --- /dev/null +++ b/basic_6_modules_and_variables/modules/compute/instance.tf @@ -0,0 +1,62 @@ +data "openstack_images_image_v2" "ubuntu" { + name = var.image_name + most_recent = true + + properties = { + key = "value" + } +} + +resource "openstack_blockstorage_volume_v3" "basic_module" { + size = 10 + name = var.name + image_id = data.openstack_images_image_v2.ubuntu.id +} + +resource "openstack_compute_instance_v2" "basic_module" { + name = var.name + flavor_name = var.flavor_name + + security_groups = ["allow_http"] + + + metadata = { + Name = "Hello World" + } + + network { + name = "Public1" + } + + block_device { + uuid = openstack_blockstorage_volume_v3.basic_module.id + source_type = "volume" + destination_type = "volume" + delete_on_termination = true + } +} + +resource "openstack_networking_secgroup_v2" "allow_http" { + name = var.name + description = "Allow http inbound traffic to ${var.name}" + delete_default_rules = true +} + +resource "openstack_networking_secgroup_rule_v2" "allow_http_egress" { + direction = "egress" + ethertype = "IPv4" + port_range_min = 0 + port_range_max = 0 + remote_ip_prefix = "0.0.0.0/0" + security_group_id = openstack_networking_secgroup_v2.allow_http.id +} + +resource "openstack_networking_secgroup_rule_v2" "allow_http_ingress" { + direction = "ingress" + ethertype = "IPv4" + protocol = "tcp" + port_range_min = 80 + port_range_max = 80 + remote_ip_prefix = "0.0.0.0/0" + security_group_id = openstack_networking_secgroup_v2.allow_http.id +} diff --git a/basic_6_modules_and_variables/modules/compute/main.tf b/basic_6_modules_and_variables/modules/compute/main.tf new file mode 100755 index 0000000..63b7bac --- /dev/null +++ b/basic_6_modules_and_variables/modules/compute/main.tf @@ -0,0 +1,10 @@ +terraform { + required_version = ">= 1.9.3" + required_providers { + openstack = { + source = "terraform-provider-openstack/openstack" + version = "~> 1.53.0" + } + } +} + diff --git a/basic_6_modules_and_variables/modules/compute/variables.tf b/basic_6_modules_and_variables/modules/compute/variables.tf new file mode 100755 index 0000000..424c7ac --- /dev/null +++ b/basic_6_modules_and_variables/modules/compute/variables.tf @@ -0,0 +1,16 @@ +variable "name" { + type = string + description = "The Name tag for the comute instance" +} + +variable "image_name" { + type = string + description = "The image name to use with the compute instance" + default = "Debian 12" +} + +variable "flavor_name" { + type = string + description = "The flavour to use with the compute instance" + default = "BWS-C1-1-2" #BWS-C1-1-2 +} diff --git a/basic_6_modules_and_variables/modules/ec2/main.tf b/basic_6_modules_and_variables/modules/ec2/main.tf deleted file mode 100755 index 11f9502..0000000 --- a/basic_6_modules_and_variables/modules/ec2/main.tf +++ /dev/null @@ -1,48 +0,0 @@ -provider "aws" { - region = "eu-central-1" -} - -resource "aws_instance" "foo" { - ami = data.aws_ami.amazon_ecs_optimized.id - instance_type = var.instance_type - security_groups = [aws_security_group.allow_http.name] - - tags = { - Name = var.name - } -} - -resource "aws_eip" "ip" { - instance = aws_instance.foo.id - vpc = true -} - -resource "aws_security_group" "allow_http" { - name = var.name - description = "Allow http inbound traffic" - - ingress { - description = "allow http traffic from anywhere" - from_port = 80 - to_port = 80 - protocol = "tcp" - cidr_blocks = ["0.0.0.0/0"] - } - - egress { - from_port = 0 - to_port = 0 - protocol = "-1" - cidr_blocks = ["0.0.0.0/0"] - } -} - -data "aws_ami" "amazon_ecs_optimized" { - most_recent = true - owners = ["amazon"] - - filter { - name = "name" - values = ["amzn2-ami-ecs*"] - } -} diff --git a/basic_6_modules_and_variables/modules/ec2/variables.tf b/basic_6_modules_and_variables/modules/ec2/variables.tf deleted file mode 100755 index 93a5bee..0000000 --- a/basic_6_modules_and_variables/modules/ec2/variables.tf +++ /dev/null @@ -1,10 +0,0 @@ -variable "name" { - type = string - description = "The Name tag for the EC2 instance" -} - -variable "instance_type" { - type = string - description = "The instance type to use with the EC2 instance" - default = "t3.nano" -} diff --git a/basic_7_module_outputs/main.tf b/basic_7_module_outputs/main.tf index cff494f..b5519ab 100755 --- a/basic_7_module_outputs/main.tf +++ b/basic_7_module_outputs/main.tf @@ -1,27 +1,25 @@ -provider "aws" { - region = "eu-central-1" -} - module "instance_one" { - source = "./modules/ec2" + source = "./modules/compute" - name = "my-instance-1" - instance_type = "t3.micro" - security_groups = [module.ssh_security_group.security_group_name] + name = "basic_module_7_1" + image_name = "Ubuntu 24.04" + flavor_name = "BWS-C1-1-2" + security_groups = [module.http_security_group.security_group_name] } module "instance_two" { - source = "./modules/ec2" + source = "./modules/compute" - name = "my-instance-2" - instance_type = "t3.micro" - security_groups = [module.ssh_security_group.security_group_name] + name = "basic_module_7_2" + image_name = "Rocky 9" + flavor_name = "BWS-T1-2-4" + security_groups = [module.http_security_group.security_group_name] } -module "ssh_security_group" { +module "http_security_group" { source = "./modules/security_group" - name = "internal_access" - from_port = 22 - to_port = 22 + name = "http_access" + from_port = 80 + to_port = 80 } diff --git a/basic_7_module_outputs/modules/compute/instance.tf b/basic_7_module_outputs/modules/compute/instance.tf new file mode 100755 index 0000000..8597351 --- /dev/null +++ b/basic_7_module_outputs/modules/compute/instance.tf @@ -0,0 +1,38 @@ +data "openstack_images_image_v2" "ubuntu" { + name = var.image_name + most_recent = true + + properties = { + key = "value" + } +} + +resource "openstack_blockstorage_volume_v3" "basic_module" { + size = 10 + name = var.name + image_id = data.openstack_images_image_v2.ubuntu.id +} + +resource "openstack_compute_instance_v2" "basic_module" { + name = var.name + flavor_name = var.flavor_name + + security_groups = var.security_groups + + + metadata = { + Name = "Hello World" + } + + network { + name = "Public1" + } + + block_device { + uuid = openstack_blockstorage_volume_v3.basic_module.id + source_type = "volume" + destination_type = "volume" + delete_on_termination = true + } +} + diff --git a/basic_7_module_outputs/modules/compute/main.tf b/basic_7_module_outputs/modules/compute/main.tf new file mode 100755 index 0000000..63b7bac --- /dev/null +++ b/basic_7_module_outputs/modules/compute/main.tf @@ -0,0 +1,10 @@ +terraform { + required_version = ">= 1.9.3" + required_providers { + openstack = { + source = "terraform-provider-openstack/openstack" + version = "~> 1.53.0" + } + } +} + diff --git a/basic_7_module_outputs/modules/compute/variables.tf b/basic_7_module_outputs/modules/compute/variables.tf new file mode 100755 index 0000000..3290413 --- /dev/null +++ b/basic_7_module_outputs/modules/compute/variables.tf @@ -0,0 +1,23 @@ +variable "name" { + type = string + description = "The Name tag for the comute instance" +} + +variable "image_name" { + type = string + description = "The image name to use with the compute instance" + default = "Debian 12" +} + +variable "flavor_name" { + type = string + description = "The flavour to use with the compute instance" + default = "BWS-C1-1-2" #BWS-C1-1-2 +} + +variable "security_groups" { + type = list(string) + description = "Names of security groups to attach to this instance" + default = null +} + diff --git a/basic_7_module_outputs/modules/ec2/main.tf b/basic_7_module_outputs/modules/ec2/main.tf deleted file mode 100755 index 66c96cc..0000000 --- a/basic_7_module_outputs/modules/ec2/main.tf +++ /dev/null @@ -1,24 +0,0 @@ -resource "aws_instance" "foo" { - ami = data.aws_ami.amazon_ecs_optimized.id - instance_type = var.instance_type - security_groups = var.security_groups - - tags = { - Name = var.name - } -} - -resource "aws_eip" "ip" { - instance = aws_instance.foo.id - vpc = true -} - -data "aws_ami" "amazon_ecs_optimized" { - most_recent = true - owners = ["amazon"] - - filter { - name = "name" - values = ["amzn2-ami-ecs*"] - } -} diff --git a/basic_7_module_outputs/modules/ec2/variables.tf b/basic_7_module_outputs/modules/ec2/variables.tf deleted file mode 100755 index aba533a..0000000 --- a/basic_7_module_outputs/modules/ec2/variables.tf +++ /dev/null @@ -1,17 +0,0 @@ -variable "name" { - type = string - description = "The Name tag for the EC2 instance" - default = "My-Instance" -} - -variable "instance_type" { - type = string - description = "The instance type to use with the EC2 instance" - default = "t3.nano" -} - -variable "security_groups" { - type = list(string) - description = "Names of security groups to attach to this instance" - default = null -} diff --git a/basic_7_module_outputs/modules/security_group/main.tf b/basic_7_module_outputs/modules/security_group/main.tf index e453f82..7ba59d2 100755 --- a/basic_7_module_outputs/modules/security_group/main.tf +++ b/basic_7_module_outputs/modules/security_group/main.tf @@ -1,17 +1,9 @@ -resource "aws_security_group" "group" { - name = var.name - - ingress { - from_port = var.from_port - to_port = var.to_port - protocol = "tcp" - cidr_blocks = ["0.0.0.0/0"] - } - - egress { - from_port = 0 - to_port = 0 - protocol = "-1" - cidr_blocks = ["0.0.0.0/0"] +terraform { + required_version = ">= 1.9.3" + required_providers { + openstack = { + source = "terraform-provider-openstack/openstack" + version = "~> 1.53.0" + } } } diff --git a/basic_7_module_outputs/modules/security_group/outputs.tf b/basic_7_module_outputs/modules/security_group/outputs.tf index a376564..bc1d7b2 100755 --- a/basic_7_module_outputs/modules/security_group/outputs.tf +++ b/basic_7_module_outputs/modules/security_group/outputs.tf @@ -1,3 +1,3 @@ output "security_group_name" { - value = aws_security_group.group.name + value = openstack_networking_secgroup_v2.allow_http.name } diff --git a/basic_7_module_outputs/modules/security_group/security_group.tf b/basic_7_module_outputs/modules/security_group/security_group.tf new file mode 100644 index 0000000..2fe8f4f --- /dev/null +++ b/basic_7_module_outputs/modules/security_group/security_group.tf @@ -0,0 +1,24 @@ +resource "openstack_networking_secgroup_v2" "allow_http" { + name = var.name + description = "Allow http inbound traffic to ${var.name}" + delete_default_rules = true +} + +resource "openstack_networking_secgroup_rule_v2" "allow_http_egress" { + direction = "egress" + ethertype = "IPv4" + port_range_min = 0 + port_range_max = 0 + remote_ip_prefix = "0.0.0.0/0" + security_group_id = openstack_networking_secgroup_v2.allow_http.id +} + +resource "openstack_networking_secgroup_rule_v2" "allow_http_ingress" { + direction = "ingress" + ethertype = "IPv4" + protocol = "tcp" + port_range_min = var.from_port + port_range_max = var.to_port + remote_ip_prefix = "0.0.0.0/0" + security_group_id = openstack_networking_secgroup_v2.allow_http.id +} diff --git a/basic_7_module_outputs/modules/security_group/variables.tf b/basic_7_module_outputs/modules/security_group/variables.tf index ae55b5c..766fad9 100755 --- a/basic_7_module_outputs/modules/security_group/variables.tf +++ b/basic_7_module_outputs/modules/security_group/variables.tf @@ -1,14 +1,14 @@ variable "name" { - type = string + type = string description = "Name of the security group" } variable "from_port" { - type = number + type = number description = "First port in range to open" } variable "to_port" { - type = number + type = number description = "Last port in range to open" } \ No newline at end of file diff --git a/basic_8_user_data/main.tf b/basic_8_user_data/main.tf index faa50a7..992dbb5 100755 --- a/basic_8_user_data/main.tf +++ b/basic_8_user_data/main.tf @@ -1,21 +1,17 @@ -provider "aws" { - region = "eu-central-1" -} - module "instance_one" { - source = "./modules/ec2" + source = "./modules/compute" - name = "my-instance-1" - instance_type = "t3.micro" - security_groups = [module.http_security_group.security_group_name] + name = "basic_module_8_1" + flavor_name = "BWS-C1-1-2" + security_groups = [module.http_security_group.security_group_name, module.ssh_security_group.security_group_name] } module "instance_two" { - source = "./modules/ec2" + source = "./modules/compute" - name = "my-instance-2" - instance_type = "t3.micro" - security_groups = [module.http_security_group.security_group_name] + name = "basic_module_8_2" + flavor_name = "BWS-T1-2-4" + security_groups = [module.http_security_group.security_group_name, module.ssh_security_group.security_group_name] } module "http_security_group" { @@ -25,3 +21,11 @@ module "http_security_group" { from_port = 80 to_port = 80 } + +module "ssh_security_group" { + source = "./modules/security_group" + + name = "ssl_access" + from_port = 22 + to_port = 22 +} diff --git a/basic_8_user_data/modules/compute/instance.tf b/basic_8_user_data/modules/compute/instance.tf new file mode 100755 index 0000000..7be1801 --- /dev/null +++ b/basic_8_user_data/modules/compute/instance.tf @@ -0,0 +1,54 @@ +data "openstack_images_image_v2" "ubuntu" { + name = "Ubuntu 24.04 GuestAgent" + most_recent = true + + properties = { + key = "value" + } +} + +resource "openstack_blockstorage_volume_v3" "basic_module" { + size = 10 + name = var.name + image_id = data.openstack_images_image_v2.ubuntu.id +} + +resource "openstack_compute_instance_v2" "basic_module" { + name = var.name + flavor_name = var.flavor_name + + key_pair = "mwe" + + security_groups = var.security_groups + + user_data = < >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1 + apt update -y + apt install -y apache2 + apt install -y mysql-server + apt install -y php php-mysql libapache2-mod-php php-cli + ufw allow in "Apache Full" + chown -R ubuntu /var/www/html/ + systemctl enable apache2 + systemctl start apache2 + echo "Hello from " > /var/www/html/index.php +EOF + + + metadata = { + Name = "Hello World" + } + + network { + name = "Public1" + } + + block_device { + uuid = openstack_blockstorage_volume_v3.basic_module.id + source_type = "volume" + destination_type = "volume" + delete_on_termination = true + } +} + diff --git a/basic_8_user_data/modules/compute/main.tf b/basic_8_user_data/modules/compute/main.tf new file mode 100755 index 0000000..63b7bac --- /dev/null +++ b/basic_8_user_data/modules/compute/main.tf @@ -0,0 +1,10 @@ +terraform { + required_version = ">= 1.9.3" + required_providers { + openstack = { + source = "terraform-provider-openstack/openstack" + version = "~> 1.53.0" + } + } +} + diff --git a/basic_8_user_data/modules/ec2/variables.tf b/basic_8_user_data/modules/compute/variables.tf similarity index 52% rename from basic_8_user_data/modules/ec2/variables.tf rename to basic_8_user_data/modules/compute/variables.tf index aba533a..d48f082 100755 --- a/basic_8_user_data/modules/ec2/variables.tf +++ b/basic_8_user_data/modules/compute/variables.tf @@ -1,13 +1,12 @@ variable "name" { type = string - description = "The Name tag for the EC2 instance" - default = "My-Instance" + description = "The Name tag for the comute instance" } -variable "instance_type" { +variable "flavor_name" { type = string - description = "The instance type to use with the EC2 instance" - default = "t3.nano" + description = "The flavour to use with the compute instance" + default = "BWS-C1-1-2" #BWS-C1-1-2 } variable "security_groups" { @@ -15,3 +14,4 @@ variable "security_groups" { description = "Names of security groups to attach to this instance" default = null } + diff --git a/basic_8_user_data/modules/ec2/main.tf b/basic_8_user_data/modules/ec2/main.tf deleted file mode 100755 index 366517b..0000000 --- a/basic_8_user_data/modules/ec2/main.tf +++ /dev/null @@ -1,38 +0,0 @@ -resource "aws_instance" "foo" { - ami = data.aws_ami.amazon_ecs_optimized.id - instance_type = var.instance_type - security_groups = var.security_groups - user_data = <" > /var/www/html/index.php -EOF - - tags = { - Name = var.name - } -} - -resource "aws_eip" "ip" { - instance = aws_instance.foo.id - vpc = true -} - -data "aws_ami" "amazon_ecs_optimized" { - most_recent = true - owners = ["amazon"] - - filter { - name = "name" - values = ["amzn2-ami-ecs*"] - } -} diff --git a/basic_8_user_data/modules/security_group/main.tf b/basic_8_user_data/modules/security_group/main.tf index e453f82..7ba59d2 100755 --- a/basic_8_user_data/modules/security_group/main.tf +++ b/basic_8_user_data/modules/security_group/main.tf @@ -1,17 +1,9 @@ -resource "aws_security_group" "group" { - name = var.name - - ingress { - from_port = var.from_port - to_port = var.to_port - protocol = "tcp" - cidr_blocks = ["0.0.0.0/0"] - } - - egress { - from_port = 0 - to_port = 0 - protocol = "-1" - cidr_blocks = ["0.0.0.0/0"] +terraform { + required_version = ">= 1.9.3" + required_providers { + openstack = { + source = "terraform-provider-openstack/openstack" + version = "~> 1.53.0" + } } } diff --git a/basic_8_user_data/modules/security_group/outputs.tf b/basic_8_user_data/modules/security_group/outputs.tf index a376564..bc1d7b2 100755 --- a/basic_8_user_data/modules/security_group/outputs.tf +++ b/basic_8_user_data/modules/security_group/outputs.tf @@ -1,3 +1,3 @@ output "security_group_name" { - value = aws_security_group.group.name + value = openstack_networking_secgroup_v2.allow_http.name } diff --git a/basic_8_user_data/modules/security_group/security_group.tf b/basic_8_user_data/modules/security_group/security_group.tf new file mode 100644 index 0000000..2fe8f4f --- /dev/null +++ b/basic_8_user_data/modules/security_group/security_group.tf @@ -0,0 +1,24 @@ +resource "openstack_networking_secgroup_v2" "allow_http" { + name = var.name + description = "Allow http inbound traffic to ${var.name}" + delete_default_rules = true +} + +resource "openstack_networking_secgroup_rule_v2" "allow_http_egress" { + direction = "egress" + ethertype = "IPv4" + port_range_min = 0 + port_range_max = 0 + remote_ip_prefix = "0.0.0.0/0" + security_group_id = openstack_networking_secgroup_v2.allow_http.id +} + +resource "openstack_networking_secgroup_rule_v2" "allow_http_ingress" { + direction = "ingress" + ethertype = "IPv4" + protocol = "tcp" + port_range_min = var.from_port + port_range_max = var.to_port + remote_ip_prefix = "0.0.0.0/0" + security_group_id = openstack_networking_secgroup_v2.allow_http.id +} diff --git a/basic_8_user_data/modules/security_group/variables.tf b/basic_8_user_data/modules/security_group/variables.tf index ae55b5c..766fad9 100755 --- a/basic_8_user_data/modules/security_group/variables.tf +++ b/basic_8_user_data/modules/security_group/variables.tf @@ -1,14 +1,14 @@ variable "name" { - type = string + type = string description = "Name of the security group" } variable "from_port" { - type = number + type = number description = "First port in range to open" } variable "to_port" { - type = number + type = number description = "Last port in range to open" } \ No newline at end of file diff --git a/basic_9_loops/main.tf b/basic_9_loops/main.tf index a39bdb6..5913565 100755 --- a/basic_9_loops/main.tf +++ b/basic_9_loops/main.tf @@ -1,12 +1,8 @@ -provider "aws" { - region = "eu-central-1" -} - -module "my_instances" { - source = "./modules/ec2" +module "my_instance" { + source = "./modules/compute" - names = ["Instance-1", "Instance-2"] - instance_type = "t3.micro" + names = ["basic_module_9_1", "basic_module_9_2"] + flavor_name = "BWS-C1-1-2" security_groups = [module.http_security_group.security_group_name] } @@ -17,3 +13,4 @@ module "http_security_group" { from_port = 80 to_port = 80 } + diff --git a/basic_9_loops/modules/compute/instance.tf b/basic_9_loops/modules/compute/instance.tf new file mode 100755 index 0000000..f4d27af --- /dev/null +++ b/basic_9_loops/modules/compute/instance.tf @@ -0,0 +1,48 @@ +data "openstack_images_image_v2" "ubuntu" { + name = "Ubuntu 24.04 GuestAgent" + most_recent = true + + properties = { + key = "value" + } +} + +resource "openstack_compute_instance_v2" "basic_module" { + for_each = var.names + name = each.value + flavor_name = var.flavor_name + + security_groups = var.security_groups + + user_data = < >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1 + apt update -y + apt install -y apache2 + apt install -y mysql-server + apt install -y php php-mysql libapache2-mod-php php-cli + ufw allow in "Apache Full" + chown -R ubuntu /var/www/html/ + systemctl enable apache2 + systemctl start apache2 + echo "Hello from " > /var/www/html/index.php +EOF + + + metadata = { + Name = "Hello World" + } + + network { + name = "Public1" + } + + block_device { + uuid = data.openstack_images_image_v2.ubuntu.id + source_type = "image" + volume_size = 10 + destination_type = "volume" + delete_on_termination = true + } +} + diff --git a/basic_9_loops/modules/compute/main.tf b/basic_9_loops/modules/compute/main.tf new file mode 100755 index 0000000..63b7bac --- /dev/null +++ b/basic_9_loops/modules/compute/main.tf @@ -0,0 +1,10 @@ +terraform { + required_version = ">= 1.9.3" + required_providers { + openstack = { + source = "terraform-provider-openstack/openstack" + version = "~> 1.53.0" + } + } +} + diff --git a/basic_9_loops/modules/ec2/variables.tf b/basic_9_loops/modules/compute/variables.tf similarity index 57% rename from basic_9_loops/modules/ec2/variables.tf rename to basic_9_loops/modules/compute/variables.tf index a438adb..076a8ee 100755 --- a/basic_9_loops/modules/ec2/variables.tf +++ b/basic_9_loops/modules/compute/variables.tf @@ -1,13 +1,13 @@ variable "names" { type = set(string) - description = "The Name tag for the EC2 instance" + description = "The Name for the compute instance" default = null } -variable "instance_type" { +variable "flavor_name" { type = string - description = "The instance type to use with the EC2 instance" - default = "t3.nano" + description = "The flavour to use with the compute instance" + default = "BWS-C1-1-2" #BWS-C1-1-2 } variable "security_groups" { @@ -15,3 +15,4 @@ variable "security_groups" { description = "Names of security groups to attach to this instance" default = null } + diff --git a/basic_9_loops/modules/ec2/main.tf b/basic_9_loops/modules/ec2/main.tf deleted file mode 100755 index 5759f14..0000000 --- a/basic_9_loops/modules/ec2/main.tf +++ /dev/null @@ -1,41 +0,0 @@ -resource "aws_instance" "foo" { - for_each = var.names - ami = data.aws_ami.amazon_ecs_optimized.id - instance_type = var.instance_type - security_groups = var.security_groups - user_data = <" > /var/www/html/index.php -EOF - - tags = { - Name = each.value - } -} - -resource "aws_eip" "ip" { - for_each = aws_instance.foo - - instance = each.value.id - vpc = true -} - -data "aws_ami" "amazon_ecs_optimized" { - most_recent = true - owners = ["amazon"] - - filter { - name = "name" - values = ["amzn2-ami-ecs*"] - } -} diff --git a/basic_9_loops/modules/security_group/main.tf b/basic_9_loops/modules/security_group/main.tf index e453f82..7ba59d2 100755 --- a/basic_9_loops/modules/security_group/main.tf +++ b/basic_9_loops/modules/security_group/main.tf @@ -1,17 +1,9 @@ -resource "aws_security_group" "group" { - name = var.name - - ingress { - from_port = var.from_port - to_port = var.to_port - protocol = "tcp" - cidr_blocks = ["0.0.0.0/0"] - } - - egress { - from_port = 0 - to_port = 0 - protocol = "-1" - cidr_blocks = ["0.0.0.0/0"] +terraform { + required_version = ">= 1.9.3" + required_providers { + openstack = { + source = "terraform-provider-openstack/openstack" + version = "~> 1.53.0" + } } } diff --git a/basic_9_loops/modules/security_group/outputs.tf b/basic_9_loops/modules/security_group/outputs.tf index a376564..bc1d7b2 100755 --- a/basic_9_loops/modules/security_group/outputs.tf +++ b/basic_9_loops/modules/security_group/outputs.tf @@ -1,3 +1,3 @@ output "security_group_name" { - value = aws_security_group.group.name + value = openstack_networking_secgroup_v2.allow_http.name } diff --git a/basic_9_loops/modules/security_group/security_group.tf b/basic_9_loops/modules/security_group/security_group.tf new file mode 100644 index 0000000..2fe8f4f --- /dev/null +++ b/basic_9_loops/modules/security_group/security_group.tf @@ -0,0 +1,24 @@ +resource "openstack_networking_secgroup_v2" "allow_http" { + name = var.name + description = "Allow http inbound traffic to ${var.name}" + delete_default_rules = true +} + +resource "openstack_networking_secgroup_rule_v2" "allow_http_egress" { + direction = "egress" + ethertype = "IPv4" + port_range_min = 0 + port_range_max = 0 + remote_ip_prefix = "0.0.0.0/0" + security_group_id = openstack_networking_secgroup_v2.allow_http.id +} + +resource "openstack_networking_secgroup_rule_v2" "allow_http_ingress" { + direction = "ingress" + ethertype = "IPv4" + protocol = "tcp" + port_range_min = var.from_port + port_range_max = var.to_port + remote_ip_prefix = "0.0.0.0/0" + security_group_id = openstack_networking_secgroup_v2.allow_http.id +} diff --git a/basic_9_loops/modules/security_group/variables.tf b/basic_9_loops/modules/security_group/variables.tf index ae55b5c..766fad9 100755 --- a/basic_9_loops/modules/security_group/variables.tf +++ b/basic_9_loops/modules/security_group/variables.tf @@ -1,14 +1,14 @@ variable "name" { - type = string + type = string description = "Name of the security group" } variable "from_port" { - type = number + type = number description = "First port in range to open" } variable "to_port" { - type = number + type = number description = "Last port in range to open" } \ No newline at end of file diff --git a/openstack-connect.sh.example b/openstack-connect.sh.example new file mode 100644 index 0000000..c6bd626 --- /dev/null +++ b/openstack-connect.sh.example @@ -0,0 +1,21 @@ +#!/usr/bin/env bash +# To use an OpenStack cloud you need to authenticate against the Identity +# service named keystone, which returns a **Token** and **Service Catalog**. +# The catalog contains the endpoints for all services the user/tenant has +# access to - such as Compute, Image Service, Identity, Object Storage, Block +# Storage, and Networking (code-named nova, glance, keystone, swift, +# cinder, and neutron). +# +# *NOTE*: Using the 3 *Identity API* does not necessarily mean any other +# OpenStack API is version 3. For example, your cloud provider may implement +# Image API v1.1, Block Storage API v2, and Compute API v2.0. OS_AUTH_URL is +# only for the Identity API served through keystone. + +export OS_AUTH_TYPE=v3applicationcredential +export OS_AUTH_URL=https://dashboard.bws.burda.com:5000 +export OS_IDENTITY_API_VERSION=3 +export OS_REGION_NAME="DE-OFG" +export OS_INTERFACE=public +export OS_APPLICATION_CREDENTIAL_ID= +export OS_APPLICATION_CREDENTIAL_SECRET= +