valiton · mcpomm · Nov 29, 2024 · Nov 29, 2024 · Nov 29, 2024 · Nov 29, 2024
diff --git a/.gitignore b/.gitignore
@@ -1,2 +1,8 @@
 .terraform*
-terraform.tfstate*
+terraform.tfstate*
+
+*openrc.sh
+
+.terraform
+.DS_Store
+cloud.conf
diff --git a/README.md b/README.md
@@ -1,11 +1,11 @@
-# Terraform Workshop Exercises
+# BWS OpenStack Terraform Workshop Exercises
 
 # Setup
 In order to participate in the hands-on exercises of the workshop, you will need to have some tools installed beforehand. You will need to install the following tools:
 
-* Terraform 0.14.6: [Terraform Program](https://releases.hashicorp.com/terraform/0.14.6/) and [Tutorial](https://learn.hashicorp.com/tutorials/terraform/install-cli) on how to install terraform on different OS
+* Terraform 1.9.3: [Terraform Program](https://releases.hashicorp.com/terraform/1.9.3/) and [Tutorial](https://learn.hashicorp.com/tutorials/terraform/install-cli) on how to install terraform on different OS
 * Terraform extension for e.g. VScode Editor
-* [AWS CLI v2](https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2-mac.html#cliv2-mac-install-cmd)
+* [OpenStack CLI](https://docs.openstack.org/newton/user-guide/common/cli-install-openstack-command-line-clients.html)
 
 The tools are also available in numerous package repositories. You can also manage your versions through [tfenv](https://github.com/tfutils/tfenv) and [tgenv](https://github.com/cunymatthieu/tgenv).
 

diff --git a/basic_10_remote_state/main.tf b/basic_10_remote_state/main.tf
@@ -1,21 +1,8 @@
-terraform {
-  backend "s3" {
-    bucket         = "<YOUR-BUCKET-NAME>"
-    key            = "<PATH/TO/YOUR/STATEFILE>"
-    region         = "eu-central-1"
-    dynamodb_table = "<YOUR-DYNAMODB_TABLE>"
-  }
-}
+module "my_instance" {
+  source = "./modules/compute"
 
-provider "aws" {
-  region = "eu-central-1"
-}
-
-module "my_instances" {
-  source = "./modules/ec2"
-
-  names           = ["Instance-1", "Instance-2"]
-  instance_type   = "t3.micro"
+  names           = ["basic_module_10_1", "basic_module_10_2"]
+  flavor_name     = "BWS-C1-1-2"
   security_groups = [module.http_security_group.security_group_name]
 }
 
@@ -26,3 +13,31 @@ module "http_security_group" {
   from_port = 80
   to_port   = 80
 }
+
+# We can use the Openstack Object store (Ceph S3 compatible object storage) to store the terraform state. For that to work you have to
+# create the container / bucket manually either in the web gui or with the openstack cli. You also have to create openstack ec2 credentials
+
+# 1. via UI see screenshot remote_state_bucket_bws.png or via cli  $ openstack container create <bucket-name>
+# 2. $ openstack ec2 credentials create # Can this also be done in the UI?
+# 3. use  the output credentials of 2. in you terragform init command
+# terraform init -backend-config="access_key=< output access >" -backend-config="secret_key=<output secret>"
+
+terraform {
+  required_providers {
+    openstack = {
+      source  = "terraform-provider-openstack/openstack"
+      version = "~> 1.53.0"
+    }
+  }
+  backend "s3" {
+    bucket                      = "terraform-ws"
+    endpoint                    = "https://s3.bws.burda.com"
+    force_path_style            = true
+    skip_requesting_account_id  = true
+    key                         = "terraform.tfstate"
+    region                      = "default"
+    skip_credentials_validation = true
+    skip_region_validation      = true
+    skip_s3_checksum            = true
+  }
+}
diff --git a/basic_10_remote_state/modules/compute/instance.tf b/basic_10_remote_state/modules/compute/instance.tf
@@ -0,0 +1,48 @@
+data "openstack_images_image_v2" "ubuntu" {
+  name        = "Ubuntu 24.04 GuestAgent"
+  most_recent = true
+
+  properties = {
+    key = "value"
+  }
+}
+
+resource "openstack_compute_instance_v2" "basic_module" {
+  for_each    = var.names
+  name        = each.value
+  flavor_name = var.flavor_name
+
+  security_groups = var.security_groups
+
+  user_data = <<EOF
+#!/bin/bash
+exec > >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1
+  apt update -y
+  apt install -y apache2
+  apt install -y mysql-server
+  apt install -y php php-mysql libapache2-mod-php php-cli
+  ufw allow in "Apache Full"
+  chown -R ubuntu /var/www/html/
+  systemctl enable apache2
+  systemctl start apache2
+  echo "Hello from <?php echo gethostname(); ?>" > /var/www/html/index.php
+EOF
+
+
+  metadata = {
+    Name = "Hello World"
+  }
+
+  network {
+    name = "Public1"
+  }
+
+  block_device {
+    uuid                  = data.openstack_images_image_v2.ubuntu.id
+    source_type           = "image"
+    volume_size           = 10
+    destination_type      = "volume"
+    delete_on_termination = true
+  }
+}
+
diff --git a/basic_10_remote_state/modules/compute/main.tf b/basic_10_remote_state/modules/compute/main.tf
@@ -0,0 +1,10 @@
+terraform {
+  required_version = ">= 1.9.3"
+  required_providers {
+    openstack = {
+      source  = "terraform-provider-openstack/openstack"
+      version = "~> 1.53.0"
+    }
+  }
+}
+
diff --git a/...ort_ec2_instance/modules/ec2/variables.tf → ...remote_state/modules/compute/variables.tf b/...ort_ec2_instance/modules/ec2/variables.tf → ...remote_state/modules/compute/variables.tf
@@ -1,17 +1,18 @@
 variable "names" {
   type        = set(string)
-  description = "The Name tag for the EC2 instance"
+  description = "The Name  for the compute instance"
   default     = null
 }
 
-variable "instance_type" {
+variable "flavor_name" {
   type        = string
-  description = "The instance type to use with the EC2 instance"
-  default     = "t3.nano"
+  description = "The flavour to use with the compute instance"
+  default     = "BWS-C1-1-2" #BWS-C1-1-2
 }
 
 variable "security_groups" {
   type        = list(string)
   description = "Names of security groups to attach to this instance"
   default     = null
 }
+
diff --git a/basic_10_remote_state/modules/ec2/main.tf b/basic_10_remote_state/modules/ec2/main.tf
diff --git a/basic_10_remote_state/modules/security_group/main.tf b/basic_10_remote_state/modules/security_group/main.tf
@@ -1,17 +1,9 @@
-resource "aws_security_group" "group" {
-  name = var.name
-
-  ingress {
-    from_port   = var.from_port
-    to_port     = var.to_port
-    protocol    = "tcp"
-    cidr_blocks = ["0.0.0.0/0"]
-  }
-
-  egress {
-    from_port   = 0
-    to_port     = 0
-    protocol    = "-1"
-    cidr_blocks = ["0.0.0.0/0"]
+terraform {
+  required_version = ">= 1.9.3"
+  required_providers {
+    openstack = {
+      source  = "terraform-provider-openstack/openstack"
+      version = "~> 1.53.0"
+    }
   }
 }
diff --git a/basic_10_remote_state/modules/security_group/outputs.tf b/basic_10_remote_state/modules/security_group/outputs.tf
@@ -1,3 +1,3 @@
 output "security_group_name" {
-  value = aws_security_group.group.name
+  value = openstack_networking_secgroup_v2.allow_http.name
 }
diff --git a/basic_10_remote_state/modules/security_group/security_group.tf b/basic_10_remote_state/modules/security_group/security_group.tf
@@ -0,0 +1,24 @@
+resource "openstack_networking_secgroup_v2" "allow_http" {
+  name                 = var.name
+  description          = "Allow http inbound traffic to ${var.name}"
+  delete_default_rules = true
+}
+
+resource "openstack_networking_secgroup_rule_v2" "allow_http_egress" {
+  direction         = "egress"
+  ethertype         = "IPv4"
+  port_range_min    = 0
+  port_range_max    = 0
+  remote_ip_prefix  = "0.0.0.0/0"
+  security_group_id = openstack_networking_secgroup_v2.allow_http.id
+}
+
+resource "openstack_networking_secgroup_rule_v2" "allow_http_ingress" {
+  direction         = "ingress"
+  ethertype         = "IPv4"
+  protocol          = "tcp"
+  port_range_min    = var.from_port
+  port_range_max    = var.to_port
+  remote_ip_prefix  = "0.0.0.0/0"
+  security_group_id = openstack_networking_secgroup_v2.allow_http.id
+}
diff --git a/basic_10_remote_state/modules/security_group/variables.tf b/basic_10_remote_state/modules/security_group/variables.tf
@@ -1,14 +1,14 @@
 variable "name" {
-  type = string
+  type        = string
   description = "Name of the security group"
 }
 
 variable "from_port" {
-  type = number
+  type        = number
   description = "First port in range to open"
 }
 
 variable "to_port" {
-  type = number
+  type        = number
   description = "Last port in range to open"
 }
diff --git a/basic_10_remote_state/remote_state_bucket_bws.png b/basic_10_remote_state/remote_state_bucket_bws.png
diff --git a/basic_11_import_compute_instance/create_compute_instance_01.png b/basic_11_import_compute_instance/create_compute_instance_01.png
diff --git a/basic_11_import_compute_instance/create_compute_instance_02.png b/basic_11_import_compute_instance/create_compute_instance_02.png
diff --git a/basic_11_import_compute_instance/main.tf b/basic_11_import_compute_instance/main.tf
@@ -0,0 +1,66 @@
+module "my_instance" {
+  source = "./modules/compute"
+
+  names           = ["basic_module_11_1", "basic_module_11_2"]
+  flavor_name     = "BWS-C1-1-2"
+  security_groups = [module.http_security_group.security_group_name]
+}
+
+module "http_security_group" {
+  source = "./modules/security_group"
+
+  name      = "http_access"
+  from_port = 80
+  to_port   = 80
+}
+
+
+//Create a compute instance manually in the UI. See screenshots.
+// Can be imported with "terraform import openstack_compute_instance_v2.legacy xxxxxxxx-xxxx-xxxx-xxxxxxxxxxxx"
+resource "openstack_compute_instance_v2" "legacy" {
+  name            = "imported_basic_11"
+  flavor_name     = "BWS-T1-2-2"
+  security_groups = ["default"]
+
+  key_pair = "terraform_ws"
+
+  block_device {
+    uuid                  = "508c8c73-dd30-49fd-9679-c57365a699d1"
+    source_type           = "image"
+    volume_size           = 10
+    destination_type      = "volume"
+    delete_on_termination = true
+  }
+
+  network {
+    name = "Public1"
+  }
+}
+
+# We can use the Openstack Object store (Ceph S3 compatible object storage) to store the terraform state. For that to work you have to
+# create the container / bucket manually either in the web gui or with the openstack cli. You also have to create openstack ec2 credentials
+
+# 1. via UI see screenshot remote_state_bucket_bws.png or via cli  $ openstack container create <bucket-name>
+# 2. $ openstack ec2 credentials create # Can this also be done in the UI?
+# 3. use  the output credentials of 2. in you terragform init command
+# terraform init -backend-config="access_key=< output access >" -backend-config="secret_key=<output secret>"
+
+terraform {
+  required_providers {
+    openstack = {
+      source  = "terraform-provider-openstack/openstack"
+      version = "~> 1.53.0"
+    }
+  }
+  backend "s3" {
+    bucket                      = "terraform-ws"
+    endpoint                    = "https://s3.bws.burda.com"
+    force_path_style            = true
+    skip_requesting_account_id  = true
+    key                         = "terraform.tfstate"
+    region                      = "default"
+    skip_credentials_validation = true
+    skip_region_validation      = true
+    skip_s3_checksum            = true
+  }
+}
diff --git a/basic_11_import_compute_instance/modules/compute/instance.tf b/basic_11_import_compute_instance/modules/compute/instance.tf
@@ -0,0 +1,48 @@
+data "openstack_images_image_v2" "ubuntu" {
+  name        = "Ubuntu 24.04 GuestAgent"
+  most_recent = true
+
+  properties = {
+    key = "value"
+  }
+}
+
+resource "openstack_compute_instance_v2" "basic_module" {
+  for_each    = var.names
+  name        = each.value
+  flavor_name = var.flavor_name
+
+  security_groups = var.security_groups
+
+  user_data = <<EOF
+#!/bin/bash
+exec > >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1
+  apt update -y
+  apt install -y apache2
+  apt install -y mysql-server
+  apt install -y php php-mysql libapache2-mod-php php-cli
+  ufw allow in "Apache Full"
+  chown -R ubuntu /var/www/html/
+  systemctl enable apache2
+  systemctl start apache2
+  echo "Hello from <?php echo gethostname(); ?>" > /var/www/html/index.php
+EOF
+
+
+  metadata = {
+    Name = "Hello World"
+  }
+
+  network {
+    name = "Public1"
+  }
+
+  block_device {
+    uuid                  = data.openstack_images_image_v2.ubuntu.id
+    source_type           = "image"
+    volume_size           = 10
+    destination_type      = "volume"
+    delete_on_termination = true
+  }
+}
+