From 5ba6e8c8a10c33609825969aea7ee39b3f70f042 Mon Sep 17 00:00:00 2001 From: Andrea Dell'Amico Date: Sat, 22 Mar 2025 13:20:02 +0100 Subject: [PATCH] Configurazione progetto servizi. --- ansible-tf-templates/group_vars/all/all.yml | 6 +- modules/labs_common_variables/variables.tf | 2 +- servizi/main_net_dns_router/main.tf | 16 +- servizi/main_net_dns_router/terraform.tfstate | 167 +++++++----------- 4 files changed, 80 insertions(+), 111 deletions(-) diff --git a/ansible-tf-templates/group_vars/all/all.yml b/ansible-tf-templates/group_vars/all/all.yml index a6735e8..27cb769 100644 --- a/ansible-tf-templates/group_vars/all/all.yml +++ b/ansible-tf-templates/group_vars/all/all.yml @@ -141,9 +141,9 @@ main_net_dns_router_data: - name: servizi cloud_credentials: "ISTI-Cloud" dns_zone_name: servizi - os_project_name: "servizi-proj" - os_project_id: "71d54644c6a7487696c333255f102822" + os_project_name: "servizi-proj-cloud" + os_project_id: "44840807ff40444f94390b22277c4abd" dns_zone_suffix: "{{ default_dns_zone_suffix }}" lab_name: Servizi - net_name: servizi-cloud-main + net_name: servizi-proj-cloud-main subnet_offset: 25 diff --git a/modules/labs_common_variables/variables.tf b/modules/labs_common_variables/variables.tf index 421d883..78293d8 100644 --- a/modules/labs_common_variables/variables.tf +++ b/modules/labs_common_variables/variables.tf @@ -114,7 +114,7 @@ variable "flavor_list" { m2_small = "m2.small" #RAM 8 - VCPUs 2 m2_medium = "m2.medium" #RAM 16 - VCPUs 4 m2_large = "m2.large" #RAM 32 - VCPUs 8 - m3_large = "m3.large" #RAM 64 - VCPUs 16 + m3_large = "m3.large" #RAM 64 - VCPUs 16 } } diff --git a/servizi/main_net_dns_router/main.tf b/servizi/main_net_dns_router/main.tf index bd53b2a..36d6707 100644 --- a/servizi/main_net_dns_router/main.tf +++ b/servizi/main_net_dns_router/main.tf @@ -26,12 +26,12 @@ module "main_private_net_and_dns_zone" { ttl = 8600 } os_project_data = { - name = "servizi-proj" - id = "71d54644c6a7487696c333255f102822" + name = "servizi-proj-cloud" + id = "44840807ff40444f94390b22277c4abd" } main_private_network = { - name = "servizi-cloud-main" + name = "servizi-proj-cloud-main" description = "Servizi private network (use this as the main network)" } main_private_subnet = { @@ -126,7 +126,6 @@ output "external_network_id" { output "floating_ip_pools" { value = module.labs_common_variables.floating_ip_pools - } output "resolvers_ip" { @@ -157,8 +156,8 @@ output "ubuntu_2204" { value = module.labs_common_variables.ubuntu_2204 } -output "centos_7" { - value = module.labs_common_variables.centos_7 +output "ubuntu_2404" { + value = module.labs_common_variables.ubuntu_2204 } output "almalinux_9" { @@ -169,10 +168,11 @@ output "ubuntu2204_data_file" { value = module.labs_common_variables.ubuntu2204_data_file } -output "el7_data_file" { - value = module.labs_common_variables.el7_data_file +output "ubuntu2404_data_file" { + value = module.labs_common_variables.ubuntu2404_data_file } + output "policy_list" { value = module.labs_common_variables.policy_list } diff --git a/servizi/main_net_dns_router/terraform.tfstate b/servizi/main_net_dns_router/terraform.tfstate index 35758ab..a88c8b5 100644 --- a/servizi/main_net_dns_router/terraform.tfstate +++ b/servizi/main_net_dns_router/terraform.tfstate @@ -1,7 +1,7 @@ { "version": 4, - "terraform_version": "1.7.5", - "serial": 14, + "terraform_version": "1.11.0", + "serial": 43, "lineage": "84e1a8c3-3475-25cf-374d-045d4bf3e3fe", "outputs": { "almalinux_9": { @@ -32,17 +32,6 @@ "string" ] }, - "centos_7": { - "value": { - "name": "CentOS-7", - "user_data_file": "../../s2i2s_openstack_vm_data_scripts/el.sh", - "uuid": "f0187a99-64f6-462a-ab5f-ef52fe62f2ca" - }, - "type": [ - "map", - "string" - ] - }, "default_security_group_name": { "value": "default_for_all", "type": "string" @@ -53,10 +42,10 @@ "description": "DNS primary zone for the Servizi project", "disable_status_check": false, "email": "postmaster@isti.cnr.it", - "id": "fd24f432-e42e-4b18-bb2d-6d254ea0eab6", + "id": "ac93d6f0-5908-4611-94b4-3f6712dab6f3", "masters": null, "name": "servizi.cloud.isti.cnr.it.", - "project_id": "71d54644c6a7487696c333255f102822", + "project_id": "44840807ff40444f94390b22277c4abd", "region": "isti_area_pi_1", "timeouts": null, "ttl": 8600, @@ -99,17 +88,13 @@ ] }, "dns_zone_id": { - "value": "fd24f432-e42e-4b18-bb2d-6d254ea0eab6", - "type": "string" - }, - "el7_data_file": { - "value": "../../s2i2s_openstack_vm_data_scripts/el.sh", + "value": "ac93d6f0-5908-4611-94b4-3f6712dab6f3", "type": "string" }, "external_gateway_ip": { "value": [ { - "ip_address": "146.48.30.63", + "ip_address": "146.48.31.86", "subnet_id": "57f87509-4016-46fb-b8c3-25fca7f72ccb" } ], @@ -175,9 +160,9 @@ "description": "Servizi private network (use this as the main network)", "dns_domain": "servizi.cloud.isti.cnr.it.", "external": false, - "id": "172018b1-f109-4377-bd11-70ada8473d03", + "id": "ad2a5cea-ce65-4165-b127-902f5a1dfa42", "mtu": 8942, - "name": "servizi-cloud-main", + "name": "servizi-proj-cloud-main", "port_security_enabled": true, "qos_policy_id": "", "region": "isti_area_pi_1", @@ -185,12 +170,12 @@ { "network_type": "geneve", "physical_network": "", - "segmentation_id": 32168 + "segmentation_id": 15831 } ], "shared": false, "tags": null, - "tenant_id": "71d54644c6a7487696c333255f102822", + "tenant_id": "44840807ff40444f94390b22277c4abd", "timeouts": null, "transparent_vlan": false, "value_specs": null @@ -249,7 +234,7 @@ ] }, "main_private_network_id": { - "value": "172018b1-f109-4377-bd11-70ada8473d03", + "value": "ad2a5cea-ce65-4165-b127-902f5a1dfa42", "type": "string" }, "main_region": { @@ -265,12 +250,6 @@ "start": "10.25.1.1" } ], - "allocation_pools": [ - { - "end": "10.25.7.254", - "start": "10.25.1.1" - } - ], "cidr": "10.25.0.0/21", "description": "Servizi main private subnet", "dns_nameservers": [ @@ -278,22 +257,22 @@ "146.48.29.98", "146.48.29.99" ], + "dns_publish_fixed_ip": false, "enable_dhcp": true, "gateway_ip": "10.25.0.1", - "host_routes": [], - "id": "d392fd25-97dd-40bc-a215-e24898ad7502", + "id": "b9b8a5bb-dd46-4420-9d26-73e85f93a15d", "ip_version": 4, "ipv6_address_mode": "", "ipv6_ra_mode": "", "name": "servizi-cloud-main-subnet", - "network_id": "172018b1-f109-4377-bd11-70ada8473d03", + "network_id": "ad2a5cea-ce65-4165-b127-902f5a1dfa42", "no_gateway": false, "prefix_length": null, "region": "isti_area_pi_1", "service_types": [], "subnetpool_id": "", "tags": null, - "tenant_id": "71d54644c6a7487696c333255f102822", + "tenant_id": "44840807ff40444f94390b22277c4abd", "timeouts": null, "value_specs": null }, @@ -314,34 +293,15 @@ } ] ], - "allocation_pools": [ - "list", - [ - "object", - { - "end": "string", - "start": "string" - } - ] - ], "cidr": "string", "description": "string", "dns_nameservers": [ "list", "string" ], + "dns_publish_fixed_ip": "bool", "enable_dhcp": "bool", "gateway_ip": "string", - "host_routes": [ - "list", - [ - "object", - { - "destination_cidr": "string", - "next_hop": "string" - } - ] - ], "id": "string", "ip_version": "number", "ipv6_address_mode": "string", @@ -376,7 +336,7 @@ ] }, "main_subnet_network_id": { - "value": "d392fd25-97dd-40bc-a215-e24898ad7502", + "value": "b9b8a5bb-dd46-4420-9d26-73e85f93a15d", "type": "string" }, "mtu_size": { @@ -385,8 +345,8 @@ }, "os_project_data": { "value": { - "id": "71d54644c6a7487696c333255f102822", - "name": "servizi-proj" + "id": "44840807ff40444f94390b22277c4abd", + "name": "servizi-proj-cloud" }, "type": [ "map", @@ -436,6 +396,10 @@ "value": "../../s2i2s_openstack_vm_data_scripts/ubuntu2204.sh", "type": "string" }, + "ubuntu2404_data_file": { + "value": "../../s2i2s_openstack_vm_data_scripts/ubuntu2404.sh", + "type": "string" + }, "ubuntu_2204": { "value": { "name": "Ubuntu-Jammy-22.04", @@ -446,6 +410,17 @@ "map", "string" ] + }, + "ubuntu_2404": { + "value": { + "name": "Ubuntu-Jammy-22.04", + "user_data_file": "../../s2i2s_openstack_vm_data_scripts/ubuntu2204.sh", + "uuid": "54768889-8556-4be4-a2eb-82a4d9b34627" + }, + "type": [ + "map", + "string" + ] } }, "resources": [ @@ -463,10 +438,10 @@ "description": "DNS primary zone for the Servizi project", "disable_status_check": false, "email": "postmaster@isti.cnr.it", - "id": "fd24f432-e42e-4b18-bb2d-6d254ea0eab6", + "id": "ac93d6f0-5908-4611-94b4-3f6712dab6f3", "masters": null, "name": "servizi.cloud.isti.cnr.it.", - "project_id": "71d54644c6a7487696c333255f102822", + "project_id": "44840807ff40444f94390b22277c4abd", "region": "isti_area_pi_1", "timeouts": null, "ttl": 8600, @@ -494,9 +469,9 @@ "description": "Servizi private network (use this as the main network)", "dns_domain": "servizi.cloud.isti.cnr.it.", "external": false, - "id": "172018b1-f109-4377-bd11-70ada8473d03", + "id": "ad2a5cea-ce65-4165-b127-902f5a1dfa42", "mtu": 8942, - "name": "servizi-cloud-main", + "name": "servizi-proj-cloud-main", "port_security_enabled": true, "qos_policy_id": "", "region": "isti_area_pi_1", @@ -504,12 +479,12 @@ { "network_type": "geneve", "physical_network": "", - "segmentation_id": 32168 + "segmentation_id": 15831 } ], "shared": false, "tags": null, - "tenant_id": "71d54644c6a7487696c333255f102822", + "tenant_id": "44840807ff40444f94390b22277c4abd", "timeouts": null, "transparent_vlan": false, "value_specs": null @@ -530,11 +505,11 @@ "schema_version": 0, "attributes": { "force_destroy": false, - "id": "4f46ea4a-471d-4ef4-989b-fecf72f51ed5", - "port_id": "4f46ea4a-471d-4ef4-989b-fecf72f51ed5", + "id": "2bc29802-7d96-4b8c-83e8-3eed0f6eb8be", + "port_id": "2bc29802-7d96-4b8c-83e8-3eed0f6eb8be", "region": "isti_area_pi_1", - "router_id": "49cbdb62-725a-473c-95ac-d95f1fe3a964", - "subnet_id": "d392fd25-97dd-40bc-a215-e24898ad7502", + "router_id": "0c14c15e-8e94-4de7-9244-7a7b55648429", + "subnet_id": "b9b8a5bb-dd46-4420-9d26-73e85f93a15d", "timeouts": null }, "sensitive_attributes": [], @@ -565,18 +540,17 @@ "enable_snat": true, "external_fixed_ip": [ { - "ip_address": "146.48.30.63", + "ip_address": "146.48.31.86", "subnet_id": "57f87509-4016-46fb-b8c3-25fca7f72ccb" } ], - "external_gateway": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b", "external_network_id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b", "external_subnet_ids": null, - "id": "49cbdb62-725a-473c-95ac-d95f1fe3a964", + "id": "0c14c15e-8e94-4de7-9244-7a7b55648429", "name": "servizi-proj-external-router", "region": "isti_area_pi_1", "tags": null, - "tenant_id": "71d54644c6a7487696c333255f102822", + "tenant_id": "44840807ff40444f94390b22277c4abd", "timeouts": null, "value_specs": null, "vendor_options": [ @@ -604,14 +578,14 @@ "description": "HTTP from everywhere", "direction": "ingress", "ethertype": "IPv4", - "id": "d2ebd6a2-4c97-4604-901e-a5c3e8f16cee", + "id": "869dd4f2-619e-43ba-91d2-c1d12287c727", "port_range_max": 80, "port_range_min": 80, "protocol": "tcp", "region": "isti_area_pi_1", "remote_group_id": "", "remote_ip_prefix": "0.0.0.0/0", - "security_group_id": "bb843991-aaa4-4df4-884a-1b84cd165fe8", + "security_group_id": "7c559346-6f0e-4662-876d-dab5fa1aca3b", "tenant_id": "d3c30d05b2524faead8fabf0b511622e", "timeouts": null }, @@ -628,14 +602,14 @@ "description": "HTTPS from everywhere", "direction": "ingress", "ethertype": "IPv4", - "id": "d60ee1b2-648d-4c49-9662-af0d313297ab", + "id": "85c95bfd-4f45-4fd9-94d8-477b314989c8", "port_range_max": 443, "port_range_min": 443, "protocol": "tcp", "region": "isti_area_pi_1", "remote_group_id": "", "remote_ip_prefix": "0.0.0.0/0", - "security_group_id": "bb843991-aaa4-4df4-884a-1b84cd165fe8", + "security_group_id": "7c559346-6f0e-4662-876d-dab5fa1aca3b", "tenant_id": "d3c30d05b2524faead8fabf0b511622e", "timeouts": null }, @@ -652,14 +626,14 @@ "description": "SSH from the ISTI network", "direction": "ingress", "ethertype": "IPv4", - "id": "e1528787-ef13-4ee7-802f-b9322f20f858", + "id": "02b33fa7-2e3e-4f67-b24a-04e4557db846", "port_range_max": 22, "port_range_min": 22, "protocol": "tcp", "region": "isti_area_pi_1", "remote_group_id": "", "remote_ip_prefix": "146.48.80.0/21", - "security_group_id": "bb843991-aaa4-4df4-884a-1b84cd165fe8", + "security_group_id": "7c559346-6f0e-4662-876d-dab5fa1aca3b", "tenant_id": "d3c30d05b2524faead8fabf0b511622e", "timeouts": null }, @@ -676,14 +650,14 @@ "description": "SSH from the S2I2S VPN 1", "direction": "ingress", "ethertype": "IPv4", - "id": "5020fc44-4c66-4ec7-8b0e-654c2ac06aee", + "id": "4503d4d9-14b7-4a82-bb19-f735b2694093", "port_range_max": 22, "port_range_min": 22, "protocol": "tcp", "region": "isti_area_pi_1", "remote_group_id": "", "remote_ip_prefix": "146.48.28.10/32", - "security_group_id": "bb843991-aaa4-4df4-884a-1b84cd165fe8", + "security_group_id": "7c559346-6f0e-4662-876d-dab5fa1aca3b", "tenant_id": "d3c30d05b2524faead8fabf0b511622e", "timeouts": null }, @@ -700,14 +674,14 @@ "description": "SSH from the S2I2S VPN 2", "direction": "ingress", "ethertype": "IPv4", - "id": "d110bb53-f76f-4ee3-a0af-5c8ca0afefb4", + "id": "d8ead72f-201e-45f9-b298-530f6d60b985", "port_range_max": 22, "port_range_min": 22, "protocol": "tcp", "region": "isti_area_pi_1", "remote_group_id": "", "remote_ip_prefix": "146.48.28.11/32", - "security_group_id": "bb843991-aaa4-4df4-884a-1b84cd165fe8", + "security_group_id": "7c559346-6f0e-4662-876d-dab5fa1aca3b", "tenant_id": "d3c30d05b2524faead8fabf0b511622e", "timeouts": null }, @@ -732,14 +706,14 @@ "description": "Allow all the egress traffic", "direction": "egress", "ethertype": "IPv4", - "id": "bb53e124-14ee-474d-8a3b-29fb3eb23f28", + "id": "7c92f057-e380-4e52-ae9f-a3085b618ed3", "port_range_max": 0, "port_range_min": 0, "protocol": "", "region": "isti_area_pi_1", "remote_group_id": "", "remote_ip_prefix": "", - "security_group_id": "bb843991-aaa4-4df4-884a-1b84cd165fe8", + "security_group_id": "7c559346-6f0e-4662-876d-dab5fa1aca3b", "tenant_id": "d3c30d05b2524faead8fabf0b511622e", "timeouts": null }, @@ -764,14 +738,14 @@ "description": "Allow ICMP from remote", "direction": "ingress", "ethertype": "IPv4", - "id": "56cca79f-6902-4190-ab92-bae76202374f", + "id": "8d716892-a444-4763-bf1d-d78bbcd12860", "port_range_max": 0, "port_range_min": 0, "protocol": "icmp", "region": "isti_area_pi_1", "remote_group_id": "", "remote_ip_prefix": "0.0.0.0/0", - "security_group_id": "bb843991-aaa4-4df4-884a-1b84cd165fe8", + "security_group_id": "7c559346-6f0e-4662-876d-dab5fa1aca3b", "tenant_id": "d3c30d05b2524faead8fabf0b511622e", "timeouts": null }, @@ -796,11 +770,12 @@ "all_tags": [], "delete_default_rules": true, "description": "Default security group with rules that allow ssh access from the ISTI networks, http, https", - "id": "bb843991-aaa4-4df4-884a-1b84cd165fe8", + "id": "7c559346-6f0e-4662-876d-dab5fa1aca3b", "name": "default_for_all", "region": "isti_area_pi_1", + "stateful": false, "tags": null, - "tenant_id": "71d54644c6a7487696c333255f102822", + "tenant_id": "44840807ff40444f94390b22277c4abd", "timeouts": null }, "sensitive_attributes": [], @@ -825,12 +800,6 @@ "start": "10.25.1.1" } ], - "allocation_pools": [ - { - "end": "10.25.7.254", - "start": "10.25.1.1" - } - ], "cidr": "10.25.0.0/21", "description": "Servizi main private subnet", "dns_nameservers": [ @@ -838,22 +807,22 @@ "146.48.29.98", "146.48.29.99" ], + "dns_publish_fixed_ip": false, "enable_dhcp": true, "gateway_ip": "10.25.0.1", - "host_routes": [], - "id": "d392fd25-97dd-40bc-a215-e24898ad7502", + "id": "b9b8a5bb-dd46-4420-9d26-73e85f93a15d", "ip_version": 4, "ipv6_address_mode": "", "ipv6_ra_mode": "", "name": "servizi-cloud-main-subnet", - "network_id": "172018b1-f109-4377-bd11-70ada8473d03", + "network_id": "ad2a5cea-ce65-4165-b127-902f5a1dfa42", "no_gateway": false, "prefix_length": null, "region": "isti_area_pi_1", "service_types": [], "subnetpool_id": "", "tags": null, - "tenant_id": "71d54644c6a7487696c333255f102822", + "tenant_id": "44840807ff40444f94390b22277c4abd", "timeouts": null, "value_specs": null },