From 7aba48cdc371a20cb5a2296290d78cec18c8e60a Mon Sep 17 00:00:00 2001 From: Andrea Dell'Amico Date: Tue, 3 Feb 2026 15:54:49 +0100 Subject: [PATCH] Fix the s2i2s-proj-cloud project. --- s2i2s/main_net_dns_router/main.tf | 4 +- s2i2s/main_net_dns_router/terraform.tfstate | 160 +- s2i2s/project-setup/terraform.tfstate | 3123 +++++++++++++++++++ 3 files changed, 3201 insertions(+), 86 deletions(-) diff --git a/s2i2s/main_net_dns_router/main.tf b/s2i2s/main_net_dns_router/main.tf index 1536525..ae269f9 100644 --- a/s2i2s/main_net_dns_router/main.tf +++ b/s2i2s/main_net_dns_router/main.tf @@ -31,8 +31,8 @@ module "main_private_net_and_dns_zone" { ttl = 8600 } os_project_data = { - name = "s2i2s-proj" - id = "d58ff441b31d4d0daf4a3e64d5332082" + name = "s2i2s-proj-cloud" + id = "d0dcc2b7f3004c9a81b87ab60ec3c0d3" } main_private_network = { diff --git a/s2i2s/main_net_dns_router/terraform.tfstate b/s2i2s/main_net_dns_router/terraform.tfstate index 97b8795..c9d1e3a 100644 --- a/s2i2s/main_net_dns_router/terraform.tfstate +++ b/s2i2s/main_net_dns_router/terraform.tfstate @@ -1,7 +1,7 @@ { "version": 4, - "terraform_version": "1.6.6", - "serial": 20, + "terraform_version": "1.14.3", + "serial": 57, "lineage": "bad36b1d-a210-1782-e7b2-e07bde71f6be", "outputs": { "almalinux_9": { @@ -53,10 +53,10 @@ "description": "DNS primary zone for the S2I2S project", "disable_status_check": false, "email": "postmaster@isti.cnr.it", - "id": "f668696a-cedb-4554-8f81-cf7dc1db773b", + "id": "e826e777-0196-4f63-b2a9-df07f70e618f", "masters": [], "name": "s2i2s.cloud.isti.cnr.it.", - "project_id": "d58ff441b31d4d0daf4a3e64d5332082", + "project_id": "d0dcc2b7f3004c9a81b87ab60ec3c0d3", "region": "isti_area_pi_1", "timeouts": null, "ttl": 8600, @@ -99,7 +99,7 @@ ] }, "dns_zone_id": { - "value": "f668696a-cedb-4554-8f81-cf7dc1db773b", + "value": "e826e777-0196-4f63-b2a9-df07f70e618f", "type": "string" }, "el7_data_file": { @@ -109,7 +109,7 @@ "external_gateway_ip": { "value": [ { - "ip_address": "146.48.31.101", + "ip_address": "146.48.30.6", "subnet_id": "57f87509-4016-46fb-b8c3-25fca7f72ccb" } ], @@ -175,7 +175,7 @@ "description": "S2I2S private network (use this as the main network)", "dns_domain": "s2i2s.cloud.isti.cnr.it.", "external": false, - "id": "9b3cd2d7-f9f0-4d4a-ae0b-29c8ceb055f4", + "id": "f371c239-6d5d-4ac8-a17e-af607752d82c", "mtu": 8942, "name": "s2i2s-proj-main", "port_security_enabled": true, @@ -185,12 +185,12 @@ { "network_type": "geneve", "physical_network": "", - "segmentation_id": 55270 + "segmentation_id": 47850 } ], "shared": false, - "tags": [], - "tenant_id": "d58ff441b31d4d0daf4a3e64d5332082", + "tags": null, + "tenant_id": "d0dcc2b7f3004c9a81b87ab60ec3c0d3", "timeouts": null, "transparent_vlan": false, "value_specs": null @@ -249,7 +249,7 @@ ] }, "main_private_network_id": { - "value": "9b3cd2d7-f9f0-4d4a-ae0b-29c8ceb055f4", + "value": "f371c239-6d5d-4ac8-a17e-af607752d82c", "type": "string" }, "main_region": { @@ -265,12 +265,6 @@ "start": "10.10.1.1" } ], - "allocation_pools": [ - { - "end": "10.10.7.254", - "start": "10.10.1.1" - } - ], "cidr": "10.10.0.0/21", "description": "S2I2S main private subnet", "dns_nameservers": [ @@ -278,22 +272,23 @@ "146.48.29.98", "146.48.29.99" ], + "dns_publish_fixed_ip": false, "enable_dhcp": true, "gateway_ip": "10.10.0.1", - "host_routes": [], - "id": "0a5dd0f6-e23d-469e-982c-7bb280221c12", + "id": "19c649ee-96ea-438b-ac0c-512afdf5046d", "ip_version": 4, "ipv6_address_mode": "", "ipv6_ra_mode": "", "name": "s2i2s-proj-main-subnet", - "network_id": "9b3cd2d7-f9f0-4d4a-ae0b-29c8ceb055f4", + "network_id": "f371c239-6d5d-4ac8-a17e-af607752d82c", "no_gateway": false, "prefix_length": null, "region": "isti_area_pi_1", + "segment_id": "", "service_types": [], "subnetpool_id": "", - "tags": [], - "tenant_id": "d58ff441b31d4d0daf4a3e64d5332082", + "tags": null, + "tenant_id": "d0dcc2b7f3004c9a81b87ab60ec3c0d3", "timeouts": null, "value_specs": null }, @@ -314,34 +309,15 @@ } ] ], - "allocation_pools": [ - "list", - [ - "object", - { - "end": "string", - "start": "string" - } - ] - ], "cidr": "string", "description": "string", "dns_nameservers": [ "list", "string" ], + "dns_publish_fixed_ip": "bool", "enable_dhcp": "bool", "gateway_ip": "string", - "host_routes": [ - "list", - [ - "object", - { - "destination_cidr": "string", - "next_hop": "string" - } - ] - ], "id": "string", "ip_version": "number", "ipv6_address_mode": "string", @@ -351,6 +327,7 @@ "no_gateway": "bool", "prefix_length": "number", "region": "string", + "segment_id": "string", "service_types": [ "list", "string" @@ -376,7 +353,7 @@ ] }, "main_subnet_network_id": { - "value": "0a5dd0f6-e23d-469e-982c-7bb280221c12", + "value": "19c649ee-96ea-438b-ac0c-512afdf5046d", "type": "string" }, "mtu_size": { @@ -385,8 +362,8 @@ }, "os_project_data": { "value": { - "id": "d58ff441b31d4d0daf4a3e64d5332082", - "name": "s2i2s-proj" + "id": "d0dcc2b7f3004c9a81b87ab60ec3c0d3", + "name": "s2i2s-proj-cloud" }, "type": [ "map", @@ -418,6 +395,8 @@ }, "ssh_sources": { "value": { + "d4s_vpn_1_cidr": "146.48.122.27/32", + "d4s_vpn_2_cidr": "146.48.122.49/32", "infrascience_net_cidr": "146.48.122.0/23", "isti_net_cidr": "146.48.80.0/21", "isti_vpn_gw1": "146.48.80.101/32", @@ -425,7 +404,8 @@ "isti_vpn_gw3": "146.48.80.103/32", "s2i2s_net_cidr": "146.48.28.0/22", "s2i2s_vpn_1_cidr": "146.48.28.10/32", - "s2i2s_vpn_2_cidr": "146.48.28.11/32" + "s2i2s_vpn_2_cidr": "146.48.28.11/32", + "shell_d4s_cidr": "146.48.122.95/32" }, "type": [ "map", @@ -463,10 +443,10 @@ "description": "DNS primary zone for the S2I2S project", "disable_status_check": false, "email": "postmaster@isti.cnr.it", - "id": "f668696a-cedb-4554-8f81-cf7dc1db773b", + "id": "e826e777-0196-4f63-b2a9-df07f70e618f", "masters": [], "name": "s2i2s.cloud.isti.cnr.it.", - "project_id": "d58ff441b31d4d0daf4a3e64d5332082", + "project_id": "d0dcc2b7f3004c9a81b87ab60ec3c0d3", "region": "isti_area_pi_1", "timeouts": null, "ttl": 8600, @@ -474,6 +454,7 @@ "value_specs": null }, "sensitive_attributes": [], + "identity_schema_version": 0, "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19" } ] @@ -494,7 +475,7 @@ "description": "S2I2S private network (use this as the main network)", "dns_domain": "s2i2s.cloud.isti.cnr.it.", "external": false, - "id": "9b3cd2d7-f9f0-4d4a-ae0b-29c8ceb055f4", + "id": "f371c239-6d5d-4ac8-a17e-af607752d82c", "mtu": 8942, "name": "s2i2s-proj-main", "port_security_enabled": true, @@ -504,17 +485,18 @@ { "network_type": "geneve", "physical_network": "", - "segmentation_id": 55270 + "segmentation_id": 47850 } ], "shared": false, - "tags": [], - "tenant_id": "d58ff441b31d4d0daf4a3e64d5332082", + "tags": null, + "tenant_id": "d0dcc2b7f3004c9a81b87ab60ec3c0d3", "timeouts": null, "transparent_vlan": false, "value_specs": null }, "sensitive_attributes": [], + "identity_schema_version": 0, "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=" } ] @@ -530,14 +512,15 @@ "schema_version": 0, "attributes": { "force_destroy": false, - "id": "bb511b0d-629a-425e-8054-f7ac2e4f2793", - "port_id": "bb511b0d-629a-425e-8054-f7ac2e4f2793", + "id": "7dc0b90c-cfdf-408e-9597-50cd98cc1dc0", + "port_id": "7dc0b90c-cfdf-408e-9597-50cd98cc1dc0", "region": "isti_area_pi_1", - "router_id": "bca61b05-e34d-4d1c-8400-860e8ea66406", - "subnet_id": "0a5dd0f6-e23d-469e-982c-7bb280221c12", + "router_id": "7cd0ade5-1d49-48c5-bb9e-1a567d253011", + "subnet_id": "19c649ee-96ea-438b-ac0c-512afdf5046d", "timeouts": null }, "sensitive_attributes": [], + "identity_schema_version": 0, "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=", "dependencies": [ "module.main_private_net_and_dns_zone.openstack_networking_network_v2.main-private-network", @@ -565,18 +548,18 @@ "enable_snat": true, "external_fixed_ip": [ { - "ip_address": "146.48.31.101", + "ip_address": "146.48.30.6", "subnet_id": "57f87509-4016-46fb-b8c3-25fca7f72ccb" } ], - "external_gateway": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b", "external_network_id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b", + "external_qos_policy_id": null, "external_subnet_ids": null, - "id": "bca61b05-e34d-4d1c-8400-860e8ea66406", + "id": "7cd0ade5-1d49-48c5-bb9e-1a567d253011", "name": "s2i2s-proj-external-router", "region": "isti_area_pi_1", - "tags": [], - "tenant_id": "d58ff441b31d4d0daf4a3e64d5332082", + "tags": null, + "tenant_id": "d0dcc2b7f3004c9a81b87ab60ec3c0d3", "timeouts": null, "value_specs": null, "vendor_options": [ @@ -586,6 +569,7 @@ ] }, "sensitive_attributes": [], + "identity_schema_version": 0, "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=" } ] @@ -604,18 +588,20 @@ "description": "SSH from the S2I2S VPN 1", "direction": "ingress", "ethertype": "IPv4", - "id": "7b3b3ba7-130e-4d5e-8504-9d716dbdef41", + "id": "da38b746-dc67-408e-923f-a0c78b02789f", "port_range_max": 22, "port_range_min": 22, "protocol": "tcp", "region": "isti_area_pi_1", + "remote_address_group_id": "", "remote_group_id": "", "remote_ip_prefix": "146.48.28.10/32", - "security_group_id": "a330ab7b-7e10-4085-b0f4-c8a4b80a4586", + "security_group_id": "a0518da1-1e56-4aa0-ba86-55cb54d597e0", "tenant_id": "d3c30d05b2524faead8fabf0b511622e", "timeouts": null }, "sensitive_attributes": [], + "identity_schema_version": 0, "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", "dependencies": [ "module.main_private_net_and_dns_zone.openstack_networking_secgroup_v2.default" @@ -628,18 +614,20 @@ "description": "SSH from the S2I2S VPN 2", "direction": "ingress", "ethertype": "IPv4", - "id": "da40d77e-ea28-4e6e-88f1-b4e1f2ae7aa0", + "id": "ec77c5bd-b436-4e00-98ed-4a7a8b1c13c2", "port_range_max": 22, "port_range_min": 22, "protocol": "tcp", "region": "isti_area_pi_1", + "remote_address_group_id": "", "remote_group_id": "", "remote_ip_prefix": "146.48.28.11/32", - "security_group_id": "a330ab7b-7e10-4085-b0f4-c8a4b80a4586", + "security_group_id": "a0518da1-1e56-4aa0-ba86-55cb54d597e0", "tenant_id": "d3c30d05b2524faead8fabf0b511622e", "timeouts": null }, "sensitive_attributes": [], + "identity_schema_version": 0, "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", "dependencies": [ "module.main_private_net_and_dns_zone.openstack_networking_secgroup_v2.default" @@ -652,18 +640,20 @@ "description": "SSH from the S2I2S VPN 1", "direction": "ingress", "ethertype": "IPv4", - "id": "848ba8fc-1636-4a8b-a9fc-e41b06ed1d04", + "id": "87699b14-f66f-41b4-8dd6-452b9617a72c", "port_range_max": 22, "port_range_min": 22, "protocol": "tcp", "region": "isti_area_pi_1", + "remote_address_group_id": "", "remote_group_id": "", "remote_ip_prefix": "10.10.0.5/32", - "security_group_id": "a330ab7b-7e10-4085-b0f4-c8a4b80a4586", + "security_group_id": "a0518da1-1e56-4aa0-ba86-55cb54d597e0", "tenant_id": "d3c30d05b2524faead8fabf0b511622e", "timeouts": null }, "sensitive_attributes": [], + "identity_schema_version": 0, "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", "dependencies": [ "module.main_private_net_and_dns_zone.openstack_networking_secgroup_v2.default" @@ -684,18 +674,20 @@ "description": "Allow all the egress traffic", "direction": "egress", "ethertype": "IPv4", - "id": "f10cb159-233b-4fca-800d-24a071b4e27a", + "id": "159505fc-72da-4cd2-9f6c-f7a53a34f841", "port_range_max": 0, "port_range_min": 0, "protocol": "", "region": "isti_area_pi_1", + "remote_address_group_id": "", "remote_group_id": "", "remote_ip_prefix": "", - "security_group_id": "a330ab7b-7e10-4085-b0f4-c8a4b80a4586", + "security_group_id": "a0518da1-1e56-4aa0-ba86-55cb54d597e0", "tenant_id": "d3c30d05b2524faead8fabf0b511622e", "timeouts": null }, "sensitive_attributes": [], + "identity_schema_version": 0, "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", "dependencies": [ "module.main_private_net_and_dns_zone.openstack_networking_secgroup_v2.default" @@ -716,18 +708,20 @@ "description": "Allow ICMP from remote", "direction": "ingress", "ethertype": "IPv4", - "id": "5b380756-8cc2-4642-ac2d-33540126dcbf", + "id": "0e3cd570-eb67-46e5-aca3-a4822f4ed495", "port_range_max": 0, "port_range_min": 0, "protocol": "icmp", "region": "isti_area_pi_1", + "remote_address_group_id": "", "remote_group_id": "", "remote_ip_prefix": "0.0.0.0/0", - "security_group_id": "a330ab7b-7e10-4085-b0f4-c8a4b80a4586", + "security_group_id": "a0518da1-1e56-4aa0-ba86-55cb54d597e0", "tenant_id": "d3c30d05b2524faead8fabf0b511622e", "timeouts": null }, "sensitive_attributes": [], + "identity_schema_version": 0, "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", "dependencies": [ "module.main_private_net_and_dns_zone.openstack_networking_secgroup_v2.default" @@ -748,14 +742,16 @@ "all_tags": [], "delete_default_rules": true, "description": "Default security group with rules that allow ssh access from the ISTI networks, http, https", - "id": "a330ab7b-7e10-4085-b0f4-c8a4b80a4586", + "id": "a0518da1-1e56-4aa0-ba86-55cb54d597e0", "name": "default_for_all", "region": "isti_area_pi_1", + "stateful": false, "tags": [], - "tenant_id": "d58ff441b31d4d0daf4a3e64d5332082", + "tenant_id": "d0dcc2b7f3004c9a81b87ab60ec3c0d3", "timeouts": null }, "sensitive_attributes": [], + "identity_schema_version": 0, "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==" } ] @@ -777,12 +773,6 @@ "start": "10.10.1.1" } ], - "allocation_pools": [ - { - "end": "10.10.7.254", - "start": "10.10.1.1" - } - ], "cidr": "10.10.0.0/21", "description": "S2I2S main private subnet", "dns_nameservers": [ @@ -790,26 +780,28 @@ "146.48.29.98", "146.48.29.99" ], + "dns_publish_fixed_ip": false, "enable_dhcp": true, "gateway_ip": "10.10.0.1", - "host_routes": [], - "id": "0a5dd0f6-e23d-469e-982c-7bb280221c12", + "id": "19c649ee-96ea-438b-ac0c-512afdf5046d", "ip_version": 4, "ipv6_address_mode": "", "ipv6_ra_mode": "", "name": "s2i2s-proj-main-subnet", - "network_id": "9b3cd2d7-f9f0-4d4a-ae0b-29c8ceb055f4", + "network_id": "f371c239-6d5d-4ac8-a17e-af607752d82c", "no_gateway": false, "prefix_length": null, "region": "isti_area_pi_1", + "segment_id": "", "service_types": [], "subnetpool_id": "", - "tags": [], - "tenant_id": "d58ff441b31d4d0daf4a3e64d5332082", + "tags": null, + "tenant_id": "d0dcc2b7f3004c9a81b87ab60ec3c0d3", "timeouts": null, "value_specs": null }, "sensitive_attributes": [], + "identity_schema_version": 0, "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=", "dependencies": [ "module.main_private_net_and_dns_zone.openstack_networking_network_v2.main-private-network" diff --git a/s2i2s/project-setup/terraform.tfstate b/s2i2s/project-setup/terraform.tfstate index e69de29..7e751be 100644 --- a/s2i2s/project-setup/terraform.tfstate +++ b/s2i2s/project-setup/terraform.tfstate @@ -0,0 +1,3123 @@ +{ + "version": 4, + "terraform_version": "1.14.3", + "serial": 72, + "lineage": "63543f0d-4b49-2066-95b6-653706374703", + "outputs": { + "access_to_the_jump_proxy": { + "value": { + "all_tags": [], + "delete_default_rules": true, + "description": "Security group that allows SSH access to the jump node from a limited set of sources", + "id": "0f52158e-c767-4baf-9d6d-1986ca886dd0", + "name": "ssh_access_to_the_jump_node", + "region": "isti_area_pi_1", + "tags": null, + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "type": [ + "object", + { + "all_tags": [ + "set", + "string" + ], + "delete_default_rules": "bool", + "description": "string", + "id": "string", + "name": "string", + "region": "string", + "tags": [ + "set", + "string" + ], + "tenant_id": "string", + "timeouts": [ + "object", + { + "delete": "string" + } + ] + } + ] + }, + "availability_zones_names": { + "value": { + "availability_zone_no_gpu": "cnr-isti-nova-a", + "availability_zone_with_gpu": "cnr-isti-nova-gpu-a" + }, + "type": [ + "map", + "string" + ] + }, + "basic_services_ip": { + "value": { + "ca": "10.10.0.4", + "ca_cidr": "10.10.0.4/32", + "haproxy_l7_1": "10.10.0.11", + "haproxy_l7_1_cidr": "10.10.0.11/32", + "haproxy_l7_2": "10.10.0.12", + "haproxy_l7_2_cidr": "10.10.0.12/32", + "octavia_main": "10.10.0.20", + "octavia_main_cidr": "10.10.0.20/32", + "prometheus": "10.10.0.10", + "prometheus_cidr": "10.10.0.10/32", + "ssh_jump": "10.10.0.5", + "ssh_jump_cidr": "10.10.0.5/32" + }, + "type": [ + "map", + "string" + ] + }, + "debugging": { + "value": { + "all_tags": [], + "delete_default_rules": true, + "description": "Security group that allows web app debugging via tunnel from the ssh jump node", + "id": "9e217f67-497f-4e4c-98fc-8ba9bdfb29c9", + "name": "debugging_from_jump_node", + "region": "isti_area_pi_1", + "tags": null, + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "type": [ + "object", + { + "all_tags": [ + "set", + "string" + ], + "delete_default_rules": "bool", + "description": "string", + "id": "string", + "name": "string", + "region": "string", + "tags": [ + "set", + "string" + ], + "tenant_id": "string", + "timeouts": [ + "object", + { + "delete": "string" + } + ] + } + ] + }, + "default_security_group": { + "value": { + "all_tags": [], + "delete_default_rules": true, + "description": "Default security group with rules for ssh access via jump proxy, prometheus scraping", + "id": "c4a3a99c-83e0-46b6-9a28-62d742b6ec0e", + "name": "default_for_all", + "region": "isti_area_pi_1", + "tags": null, + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "type": [ + "object", + { + "all_tags": [ + "set", + "string" + ], + "delete_default_rules": "bool", + "description": "string", + "id": "string", + "name": "string", + "region": "string", + "tags": [ + "set", + "string" + ], + "tenant_id": "string", + "timeouts": [ + "object", + { + "delete": "string" + } + ] + } + ] + }, + "default_security_group_id": { + "value": "c4a3a99c-83e0-46b6-9a28-62d742b6ec0e", + "type": "string" + }, + "default_security_group_name": { + "value": "default_for_all", + "type": "string" + }, + "dns_zone": { + "value": { + "attributes": {}, + "description": "DNS primary zone for the S2I2S project", + "disable_status_check": false, + "email": "postmaster@isti.cnr.it", + "id": "f668696a-cedb-4554-8f81-cf7dc1db773b", + "masters": [], + "name": "s2i2s.cloud.isti.cnr.it.", + "project_id": "d58ff441b31d4d0daf4a3e64d5332082", + "region": "isti_area_pi_1", + "timeouts": null, + "ttl": 8600, + "type": "PRIMARY", + "value_specs": null + }, + "type": [ + "object", + { + "attributes": [ + "map", + "string" + ], + "description": "string", + "disable_status_check": "bool", + "email": "string", + "id": "string", + "masters": [ + "set", + "string" + ], + "name": "string", + "project_id": "string", + "region": "string", + "timeouts": [ + "object", + { + "create": "string", + "delete": "string", + "update": "string" + } + ], + "ttl": "number", + "type": "string", + "value_specs": [ + "map", + "string" + ] + } + ] + }, + "dns_zone_id": { + "value": "f668696a-cedb-4554-8f81-cf7dc1db773b", + "type": "string" + }, + "floating_ip_pools": { + "value": { + "main_public_ip_pool": "external-network" + }, + "type": [ + "map", + "string" + ] + }, + "haproxy_l7_data": { + "value": { + "flavor": "m1.medium", + "name": "main-haproxy-l7", + "vm_count": "2" + }, + "type": [ + "map", + "string" + ] + }, + "internal_ca_data": { + "value": { + "flavor": "m1.small", + "name": "ca" + }, + "type": [ + "map", + "string" + ] + }, + "main_haproxy_l7_ip": { + "value": [ + "10.10.0.11", + "10.10.0.12" + ], + "type": [ + "list", + "string" + ] + }, + "main_lb_to_haproxy_l7_security_group": { + "value": { + "all_tags": [], + "delete_default_rules": true, + "description": "Traffic coming from the main L4 lb directed to the haproxy l7 servers", + "id": "68966027-d706-441f-8540-499cd44034af", + "name": "traffic_from_main_lb_to_haproxy_l7", + "region": "isti_area_pi_1", + "tags": null, + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "type": [ + "object", + { + "all_tags": [ + "set", + "string" + ], + "delete_default_rules": "bool", + "description": "string", + "id": "string", + "name": "string", + "region": "string", + "tags": [ + "set", + "string" + ], + "tenant_id": "string", + "timeouts": [ + "object", + { + "delete": "string" + } + ] + } + ] + }, + "main_loadbalancer_hostname": { + "value": "octavia-main-lb.s2i2s.cloud.isti.cnr.it.", + "type": "string" + }, + "main_loadbalancer_id": { + "value": "fac5939a-0329-4bcb-8fd9-d2d5716b0e84", + "type": "string" + }, + "main_loadbalancer_ip": { + "value": "10.10.0.20", + "type": "string" + }, + "main_loadbalancer_public_ip": { + "value": "146.48.30.162", + "type": "string" + }, + "main_private_network": { + "value": { + "admin_state_up": true, + "all_tags": [], + "availability_zone_hints": [], + "description": "S2I2S private network (use this as the main network)", + "dns_domain": "s2i2s.cloud.isti.cnr.it.", + "external": false, + "id": "9b3cd2d7-f9f0-4d4a-ae0b-29c8ceb055f4", + "mtu": 8942, + "name": "s2i2s-proj-main", + "port_security_enabled": true, + "qos_policy_id": "", + "region": "isti_area_pi_1", + "segments": [ + { + "network_type": "geneve", + "physical_network": "", + "segmentation_id": 55270 + } + ], + "shared": false, + "tags": [], + "tenant_id": "d58ff441b31d4d0daf4a3e64d5332082", + "timeouts": null, + "transparent_vlan": false, + "value_specs": null + }, + "type": [ + "object", + { + "admin_state_up": "bool", + "all_tags": [ + "set", + "string" + ], + "availability_zone_hints": [ + "set", + "string" + ], + "description": "string", + "dns_domain": "string", + "external": "bool", + "id": "string", + "mtu": "number", + "name": "string", + "port_security_enabled": "bool", + "qos_policy_id": "string", + "region": "string", + "segments": [ + "set", + [ + "object", + { + "network_type": "string", + "physical_network": "string", + "segmentation_id": "number" + } + ] + ], + "shared": "bool", + "tags": [ + "set", + "string" + ], + "tenant_id": "string", + "timeouts": [ + "object", + { + "create": "string", + "delete": "string" + } + ], + "transparent_vlan": "bool", + "value_specs": [ + "map", + "string" + ] + } + ] + }, + "main_private_subnet": { + "value": { + "all_tags": [], + "allocation_pool": [ + { + "end": "10.10.7.254", + "start": "10.10.1.1" + } + ], + "allocation_pools": [ + { + "end": "10.10.7.254", + "start": "10.10.1.1" + } + ], + "cidr": "10.10.0.0/21", + "description": "S2I2S main private subnet", + "dns_nameservers": [ + "146.48.29.97", + "146.48.29.98", + "146.48.29.99" + ], + "enable_dhcp": true, + "gateway_ip": "10.10.0.1", + "host_routes": [], + "id": "0a5dd0f6-e23d-469e-982c-7bb280221c12", + "ip_version": 4, + "ipv6_address_mode": "", + "ipv6_ra_mode": "", + "name": "s2i2s-proj-main-subnet", + "network_id": "9b3cd2d7-f9f0-4d4a-ae0b-29c8ceb055f4", + "no_gateway": false, + "prefix_length": null, + "region": "isti_area_pi_1", + "service_types": [], + "subnetpool_id": "", + "tags": [], + "tenant_id": "d58ff441b31d4d0daf4a3e64d5332082", + "timeouts": null, + "value_specs": null + }, + "type": [ + "object", + { + "all_tags": [ + "set", + "string" + ], + "allocation_pool": [ + "set", + [ + "object", + { + "end": "string", + "start": "string" + } + ] + ], + "allocation_pools": [ + "list", + [ + "object", + { + "end": "string", + "start": "string" + } + ] + ], + "cidr": "string", + "description": "string", + "dns_nameservers": [ + "list", + "string" + ], + "enable_dhcp": "bool", + "gateway_ip": "string", + "host_routes": [ + "list", + [ + "object", + { + "destination_cidr": "string", + "next_hop": "string" + } + ] + ], + "id": "string", + "ip_version": "number", + "ipv6_address_mode": "string", + "ipv6_ra_mode": "string", + "name": "string", + "network_id": "string", + "no_gateway": "bool", + "prefix_length": "number", + "region": "string", + "service_types": [ + "list", + "string" + ], + "subnetpool_id": "string", + "tags": [ + "set", + "string" + ], + "tenant_id": "string", + "timeouts": [ + "object", + { + "create": "string", + "delete": "string" + } + ], + "value_specs": [ + "map", + "string" + ] + } + ] + }, + "main_region": { + "value": "isti_area_pi_1", + "type": "string" + }, + "main_subnet_network_id": { + "value": "0a5dd0f6-e23d-469e-982c-7bb280221c12", + "type": "string" + }, + "mtu_size": { + "value": 8942, + "type": "number" + }, + "os_project_data": { + "value": { + "id": "d58ff441b31d4d0daf4a3e64d5332082", + "name": "s2i2s-proj" + }, + "type": [ + "map", + "string" + ] + }, + "prometheus_access_from_grafana": { + "value": { + "all_tags": [], + "delete_default_rules": true, + "description": "The public grafana server must be able to get data from Prometheus", + "id": "91492d1d-06dc-48e9-91f8-567c3c77d7d5", + "name": "prometheus_access_from_grafana", + "region": "isti_area_pi_1", + "tags": null, + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "type": [ + "object", + { + "all_tags": [ + "set", + "string" + ], + "delete_default_rules": "bool", + "description": "string", + "id": "string", + "name": "string", + "region": "string", + "tags": [ + "set", + "string" + ], + "tenant_id": "string", + "timeouts": [ + "object", + { + "delete": "string" + } + ] + } + ] + }, + "prometheus_hostname": { + "value": "prometheus.s2i2s.cloud.isti.cnr.it.", + "type": "string" + }, + "prometheus_public_ip": { + "value": "146.48.31.149", + "type": "string" + }, + "prometheus_server_data": { + "value": { + "flavor": "m1.medium", + "name": "prometheus", + "public_grafana_server_cidr": "146.48.28.103/32", + "vol_data_device": "/dev/vdb", + "vol_data_name": "prometheus-data", + "vol_data_size": "100" + }, + "type": [ + "map", + "string" + ] + }, + "public_web": { + "value": { + "all_tags": [], + "delete_default_rules": true, + "description": "Security group that allows HTTPS and HTTP from everywhere, for the services that are not behind any load balancer", + "id": "c0ec12e4-9a8f-4534-bfd2-d6892a1d6cc0", + "name": "public_web_service", + "region": "isti_area_pi_1", + "tags": null, + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "type": [ + "object", + { + "all_tags": [ + "set", + "string" + ], + "delete_default_rules": "bool", + "description": "string", + "id": "string", + "name": "string", + "region": "string", + "tags": [ + "set", + "string" + ], + "tenant_id": "string", + "timeouts": [ + "object", + { + "delete": "string" + } + ] + } + ] + }, + "resolvers_ip": { + "value": [ + "146.48.29.97", + "146.48.29.98", + "146.48.29.99" + ], + "type": [ + "list", + "string" + ] + }, + "restricted_web": { + "value": { + "all_tags": [], + "delete_default_rules": true, + "description": "Security group that restricts HTTPS sources to the VPN nodes and shell.d4science.org. HTTP is open to all, because letsencrypt", + "id": "54be0898-6c08-400b-9503-9d9dce935371", + "name": "restricted_web_service", + "region": "isti_area_pi_1", + "tags": null, + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "type": [ + "object", + { + "all_tags": [ + "set", + "string" + ], + "delete_default_rules": "bool", + "description": "string", + "id": "string", + "name": "string", + "region": "string", + "tags": [ + "set", + "string" + ], + "tenant_id": "string", + "timeouts": [ + "object", + { + "delete": "string" + } + ] + } + ] + }, + "ssh_jump_proxy": { + "value": { + "flavor": "m2.small", + "name": "ssh-jump-proxy" + }, + "type": [ + "map", + "string" + ] + }, + "ssh_jump_proxy_hostname": { + "value": "ssh-jump-proxy.s2i2s.cloud.isti.cnr.it.", + "type": "string" + }, + "ssh_jump_proxy_public_ip": { + "value": "146.48.30.179", + "type": "string" + }, + "ssh_sources": { + "value": { + "d4s_vpn_1_cidr": "146.48.122.27/32", + "d4s_vpn_2_cidr": "146.48.122.49/32", + "infrascience_net_cidr": "146.48.122.0/23", + "isti_net_cidr": "146.48.80.0/21", + "isti_vpn_gw1": "146.48.80.101/32", + "isti_vpn_gw2": "146.48.80.102/32", + "isti_vpn_gw3": "146.48.80.103/32", + "s2i2s_net_cidr": "146.48.28.0/22", + "s2i2s_vpn_1_cidr": "146.48.28.10/32", + "s2i2s_vpn_2_cidr": "146.48.28.11/32", + "shell_d4s_cidr": "146.48.122.95/32" + }, + "type": [ + "map", + "string" + ] + }, + "traffic_from_main_haproxy": { + "value": { + "all_tags": [], + "delete_default_rules": true, + "description": "Allow traffic from the main L7 HAPROXY load balancers", + "id": "1556ed52-f8d4-4f80-acbf-5b62c47b20bb", + "name": "traffic_from_the_main_load_balancers", + "region": "isti_area_pi_1", + "tags": null, + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "type": [ + "object", + { + "all_tags": [ + "set", + "string" + ], + "delete_default_rules": "bool", + "description": "string", + "id": "string", + "name": "string", + "region": "string", + "tags": [ + "set", + "string" + ], + "tenant_id": "string", + "timeouts": [ + "object", + { + "delete": "string" + } + ] + } + ] + }, + "ubuntu2204_data_file": { + "value": "../../s2i2s_openstack_vm_data_scripts/ubuntu2204.sh", + "type": "string" + }, + "ubuntu_2204": { + "value": { + "name": "Ubuntu-Jammy-22.04", + "user_data_file": "../../s2i2s_openstack_vm_data_scripts/ubuntu2204.sh", + "uuid": "54768889-8556-4be4-a2eb-82a4d9b34627" + }, + "type": [ + "map", + "string" + ] + } + }, + "resources": [ + { + "mode": "data", + "type": "terraform_remote_state", + "name": "privnet_dns_router", + "provider": "provider[\"terraform.io/builtin/terraform\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "backend": "local", + "config": { + "value": { + "path": "../main_net_dns_router/terraform.tfstate" + }, + "type": [ + "object", + { + "path": "string" + } + ] + }, + "defaults": null, + "outputs": { + "value": { + "almalinux_9": { + "name": "AlmaLinux-9.0-20220718", + "uuid": "541650fc-dd19-4f38-bb1d-7333ed9dd688" + }, + "availability_zone_no_gpu_name": "cnr-isti-nova-a", + "availability_zone_with_gpu_name": "cnr-isti-nova-gpu-a", + "availability_zones_names": { + "availability_zone_no_gpu": "cnr-isti-nova-a", + "availability_zone_with_gpu": "cnr-isti-nova-gpu-a" + }, + "centos_7": { + "name": "CentOS-7", + "user_data_file": "../../s2i2s_openstack_vm_data_scripts/el.sh", + "uuid": "f0187a99-64f6-462a-ab5f-ef52fe62f2ca" + }, + "default_security_group_name": "default_for_all", + "dns_zone": { + "attributes": {}, + "description": "DNS primary zone for the S2I2S project", + "disable_status_check": false, + "email": "postmaster@isti.cnr.it", + "id": "f668696a-cedb-4554-8f81-cf7dc1db773b", + "masters": [], + "name": "s2i2s.cloud.isti.cnr.it.", + "project_id": "d58ff441b31d4d0daf4a3e64d5332082", + "region": "isti_area_pi_1", + "timeouts": null, + "ttl": 8600, + "type": "PRIMARY", + "value_specs": null + }, + "dns_zone_id": "f668696a-cedb-4554-8f81-cf7dc1db773b", + "el7_data_file": "../../s2i2s_openstack_vm_data_scripts/el.sh", + "external_gateway_ip": [ + { + "ip_address": "146.48.31.101", + "subnet_id": "57f87509-4016-46fb-b8c3-25fca7f72ccb" + } + ], + "external_network": { + "id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b", + "name": "external-network" + }, + "external_network_id": "1d2ff137-6ff7-4017-be2b-0d6c4af2353b", + "flavor_list": { + "c1_large": "c1.large", + "c1_medium": "c1.medium", + "c1_small": "c1.small", + "c2_large": "c2.large", + "m1_large": "m1.large", + "m1_medium": "m1.medium", + "m1_xlarge": "m1.xlarge", + "m1_xxl": "m1.xxl", + "m2_large": "m2.large", + "m2_medium": "m2.medium", + "m2_small": "m2.small", + "m3_large": "m3.large" + }, + "floating_ip_pools": { + "main_public_ip_pool": "external-network" + }, + "main_private_network": { + "admin_state_up": true, + "all_tags": [], + "availability_zone_hints": [], + "description": "S2I2S private network (use this as the main network)", + "dns_domain": "s2i2s.cloud.isti.cnr.it.", + "external": false, + "id": "9b3cd2d7-f9f0-4d4a-ae0b-29c8ceb055f4", + "mtu": 8942, + "name": "s2i2s-proj-main", + "port_security_enabled": true, + "qos_policy_id": "", + "region": "isti_area_pi_1", + "segments": [ + { + "network_type": "geneve", + "physical_network": "", + "segmentation_id": 55270 + } + ], + "shared": false, + "tags": [], + "tenant_id": "d58ff441b31d4d0daf4a3e64d5332082", + "timeouts": null, + "transparent_vlan": false, + "value_specs": null + }, + "main_private_network_id": "9b3cd2d7-f9f0-4d4a-ae0b-29c8ceb055f4", + "main_region": "isti_area_pi_1", + "main_subnet_network": { + "all_tags": [], + "allocation_pool": [ + { + "end": "10.10.7.254", + "start": "10.10.1.1" + } + ], + "allocation_pools": [ + { + "end": "10.10.7.254", + "start": "10.10.1.1" + } + ], + "cidr": "10.10.0.0/21", + "description": "S2I2S main private subnet", + "dns_nameservers": [ + "146.48.29.97", + "146.48.29.98", + "146.48.29.99" + ], + "enable_dhcp": true, + "gateway_ip": "10.10.0.1", + "host_routes": [], + "id": "0a5dd0f6-e23d-469e-982c-7bb280221c12", + "ip_version": 4, + "ipv6_address_mode": "", + "ipv6_ra_mode": "", + "name": "s2i2s-proj-main-subnet", + "network_id": "9b3cd2d7-f9f0-4d4a-ae0b-29c8ceb055f4", + "no_gateway": false, + "prefix_length": null, + "region": "isti_area_pi_1", + "service_types": [], + "subnetpool_id": "", + "tags": [], + "tenant_id": "d58ff441b31d4d0daf4a3e64d5332082", + "timeouts": null, + "value_specs": null + }, + "main_subnet_network_id": "0a5dd0f6-e23d-469e-982c-7bb280221c12", + "mtu_size": 8942, + "os_project_data": { + "id": "d58ff441b31d4d0daf4a3e64d5332082", + "name": "s2i2s-proj" + }, + "policy_list": { + "affinity": "affinity", + "anti_affinity": "anti-affinity", + "soft_affinity": "soft-affinity", + "soft_anti_affinity": "soft-anti-affinity" + }, + "resolvers_ip": [ + "146.48.29.97", + "146.48.29.98", + "146.48.29.99" + ], + "ssh_sources": { + "infrascience_net_cidr": "146.48.122.0/23", + "isti_net_cidr": "146.48.80.0/21", + "isti_vpn_gw1": "146.48.80.101/32", + "isti_vpn_gw2": "146.48.80.102/32", + "isti_vpn_gw3": "146.48.80.103/32", + "s2i2s_net_cidr": "146.48.28.0/22", + "s2i2s_vpn_1_cidr": "146.48.28.10/32", + "s2i2s_vpn_2_cidr": "146.48.28.11/32" + }, + "ubuntu2204_data_file": "../../s2i2s_openstack_vm_data_scripts/ubuntu2204.sh", + "ubuntu_2204": { + "name": "Ubuntu-Jammy-22.04", + "user_data_file": "../../s2i2s_openstack_vm_data_scripts/ubuntu2204.sh", + "uuid": "54768889-8556-4be4-a2eb-82a4d9b34627" + } + }, + "type": [ + "object", + { + "almalinux_9": [ + "map", + "string" + ], + "availability_zone_no_gpu_name": "string", + "availability_zone_with_gpu_name": "string", + "availability_zones_names": [ + "map", + "string" + ], + "centos_7": [ + "map", + "string" + ], + "default_security_group_name": "string", + "dns_zone": [ + "object", + { + "attributes": [ + "map", + "string" + ], + "description": "string", + "disable_status_check": "bool", + "email": "string", + "id": "string", + "masters": [ + "set", + "string" + ], + "name": "string", + "project_id": "string", + "region": "string", + "timeouts": [ + "object", + { + "create": "string", + "delete": "string", + "update": "string" + } + ], + "ttl": "number", + "type": "string", + "value_specs": [ + "map", + "string" + ] + } + ], + "dns_zone_id": "string", + "el7_data_file": "string", + "external_gateway_ip": [ + "list", + [ + "object", + { + "ip_address": "string", + "subnet_id": "string" + } + ] + ], + "external_network": [ + "map", + "string" + ], + "external_network_id": "string", + "flavor_list": [ + "map", + "string" + ], + "floating_ip_pools": [ + "map", + "string" + ], + "main_private_network": [ + "object", + { + "admin_state_up": "bool", + "all_tags": [ + "set", + "string" + ], + "availability_zone_hints": [ + "set", + "string" + ], + "description": "string", + "dns_domain": "string", + "external": "bool", + "id": "string", + "mtu": "number", + "name": "string", + "port_security_enabled": "bool", + "qos_policy_id": "string", + "region": "string", + "segments": [ + "set", + [ + "object", + { + "network_type": "string", + "physical_network": "string", + "segmentation_id": "number" + } + ] + ], + "shared": "bool", + "tags": [ + "set", + "string" + ], + "tenant_id": "string", + "timeouts": [ + "object", + { + "create": "string", + "delete": "string" + } + ], + "transparent_vlan": "bool", + "value_specs": [ + "map", + "string" + ] + } + ], + "main_private_network_id": "string", + "main_region": "string", + "main_subnet_network": [ + "object", + { + "all_tags": [ + "set", + "string" + ], + "allocation_pool": [ + "set", + [ + "object", + { + "end": "string", + "start": "string" + } + ] + ], + "allocation_pools": [ + "list", + [ + "object", + { + "end": "string", + "start": "string" + } + ] + ], + "cidr": "string", + "description": "string", + "dns_nameservers": [ + "list", + "string" + ], + "enable_dhcp": "bool", + "gateway_ip": "string", + "host_routes": [ + "list", + [ + "object", + { + "destination_cidr": "string", + "next_hop": "string" + } + ] + ], + "id": "string", + "ip_version": "number", + "ipv6_address_mode": "string", + "ipv6_ra_mode": "string", + "name": "string", + "network_id": "string", + "no_gateway": "bool", + "prefix_length": "number", + "region": "string", + "service_types": [ + "list", + "string" + ], + "subnetpool_id": "string", + "tags": [ + "set", + "string" + ], + "tenant_id": "string", + "timeouts": [ + "object", + { + "create": "string", + "delete": "string" + } + ], + "value_specs": [ + "map", + "string" + ] + } + ], + "main_subnet_network_id": "string", + "mtu_size": "number", + "os_project_data": [ + "map", + "string" + ], + "policy_list": [ + "map", + "string" + ], + "resolvers_ip": [ + "list", + "string" + ], + "ssh_sources": [ + "map", + "string" + ], + "ubuntu2204_data_file": "string", + "ubuntu_2204": [ + "map", + "string" + ] + } + ] + }, + "workspace": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + } + ] + }, + { + "mode": "managed", + "type": "openstack_blockstorage_volume_v3", + "name": "prometheus_data_vol", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "attachment": [], + "availability_zone": "nova", + "consistency_group_id": null, + "description": "", + "enable_online_resize": true, + "id": "a5f16ebf-8c08-4d8e-b5ee-2e6a4d229408", + "image_id": null, + "metadata": {}, + "multiattach": null, + "name": "prometheus-data", + "region": "isti_area_pi_1", + "scheduler_hints": [], + "size": 100, + "snapshot_id": "", + "source_replica": null, + "source_vol_id": "", + "timeouts": null, + "volume_type": "CephSSD" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=" + } + ] + }, + { + "mode": "managed", + "type": "openstack_compute_servergroup_v2", + "name": "main_haproxy_l7", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "e71f9dcb-d071-4afa-93ad-3b833f54ced7", + "members": [], + "name": "main_haproxy_l7", + "policies": [ + "anti-affinity" + ], + "region": "isti_area_pi_1", + "rules": [ + { + "max_server_per_host": 0 + } + ], + "value_specs": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==" + } + ] + }, + { + "mode": "managed", + "type": "openstack_lb_listener_v2", + "name": "main_haproxy_http_listener", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "admin_state_up": true, + "allowed_cidrs": null, + "connection_limit": -1, + "default_pool_id": "", + "default_tls_container_ref": "", + "description": "HTTP listener of the main HAPROXY instances", + "id": "1b635beb-b8db-48eb-81ed-52b4d9996f99", + "insert_headers": null, + "loadbalancer_id": "fac5939a-0329-4bcb-8fd9-d2d5716b0e84", + "name": "main_haproxy_http_listener", + "protocol": "TCP", + "protocol_port": 80, + "region": "isti_area_pi_1", + "sni_container_refs": null, + "tags": null, + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeout_client_data": 50000, + "timeout_member_connect": 5000, + "timeout_member_data": 50000, + "timeout_tcp_inspect": 0, + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19", + "dependencies": [ + "data.terraform_remote_state.privnet_dns_router", + "openstack_lb_loadbalancer_v2.main_lb" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_lb_listener_v2", + "name": "main_haproxy_https_listener", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "admin_state_up": true, + "allowed_cidrs": null, + "connection_limit": -1, + "default_pool_id": "", + "default_tls_container_ref": "", + "description": "HTTPS listener of the main HAPROXY instances", + "id": "c91aeff4-0091-4f25-a6e0-aa3945bb833f", + "insert_headers": null, + "loadbalancer_id": "fac5939a-0329-4bcb-8fd9-d2d5716b0e84", + "name": "main_haproxy_https_listener", + "protocol": "TCP", + "protocol_port": 443, + "region": "isti_area_pi_1", + "sni_container_refs": null, + "tags": null, + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeout_client_data": 3600000, + "timeout_member_connect": 10000, + "timeout_member_data": 7200000, + "timeout_tcp_inspect": 0, + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19", + "dependencies": [ + "data.terraform_remote_state.privnet_dns_router", + "openstack_lb_loadbalancer_v2.main_lb" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_lb_loadbalancer_v2", + "name": "main_lb", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "admin_state_up": true, + "availability_zone": "", + "description": "Main L4 load balancer for the S2I2S services", + "flavor_id": "", + "id": "fac5939a-0329-4bcb-8fd9-d2d5716b0e84", + "loadbalancer_provider": "ovn", + "name": "s2i2s-cloud-l4-load-balancer", + "region": "isti_area_pi_1", + "security_group_ids": [ + "41031df4-e33b-4e26-bbbc-a4320eff6f4c" + ], + "tags": null, + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null, + "vip_address": "10.10.0.20", + "vip_network_id": "9b3cd2d7-f9f0-4d4a-ae0b-29c8ceb055f4", + "vip_port_id": "da981c5e-30a8-47d7-9451-6c2568943286", + "vip_subnet_id": "0a5dd0f6-e23d-469e-982c-7bb280221c12" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19", + "dependencies": [ + "data.terraform_remote_state.privnet_dns_router" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_floatingip_associate_v2", + "name": "main_lb", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "fixed_ip": "10.10.0.20", + "floating_ip": "146.48.30.162", + "id": "96b66bce-e1bb-4bad-89ff-e6511d2b0068", + "port_id": "da981c5e-30a8-47d7-9451-6c2568943286", + "region": "isti_area_pi_1" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "data.terraform_remote_state.privnet_dns_router", + "openstack_lb_loadbalancer_v2.main_lb", + "openstack_networking_floatingip_v2.main_lb_ip" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_floatingip_associate_v2", + "name": "prometheus_server", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "fixed_ip": "10.10.0.10", + "floating_ip": "146.48.31.149", + "id": "78e69528-4763-47e4-bb76-263871866f64", + "port_id": "14f4c125-725c-4a54-bb0e-d442f2dbc65a", + "region": "isti_area_pi_1" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "data.terraform_remote_state.privnet_dns_router", + "openstack_networking_floatingip_v2.prometheus_server_ip", + "openstack_networking_port_v2.prometheus_server_port", + "openstack_networking_secgroup_v2.default", + "openstack_networking_secgroup_v2.prometheus_access_from_grafana", + "openstack_networking_secgroup_v2.restricted_web" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_floatingip_associate_v2", + "name": "ssh_jump_proxy", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "fixed_ip": "10.10.0.5", + "floating_ip": "146.48.30.179", + "id": "b5fbccf0-fcd1-4402-924f-3a3624f5e265", + "port_id": "e1cf6d34-a286-4a19-aea2-100c8d087d41", + "region": "isti_area_pi_1" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "data.terraform_remote_state.privnet_dns_router", + "openstack_networking_floatingip_v2.ssh_jump_proxy_ip", + "openstack_networking_port_v2.ssh_jump_proxy_port", + "openstack_networking_secgroup_v2.access_to_the_jump_proxy", + "openstack_networking_secgroup_v2.default" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_floatingip_v2", + "name": "main_lb_ip", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "address": "146.48.30.162", + "all_tags": [], + "description": "Main L4 load balancer for the S2I2S services", + "dns_domain": "", + "dns_name": "", + "fixed_ip": "", + "id": "96b66bce-e1bb-4bad-89ff-e6511d2b0068", + "pool": "external-network", + "port_id": "", + "region": "isti_area_pi_1", + "subnet_id": null, + "subnet_ids": null, + "tags": null, + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null, + "value_specs": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=" + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_floatingip_v2", + "name": "prometheus_server_ip", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "address": "146.48.31.149", + "all_tags": [], + "description": "Prometheus server", + "dns_domain": "", + "dns_name": "", + "fixed_ip": "", + "id": "78e69528-4763-47e4-bb76-263871866f64", + "pool": "external-network", + "port_id": "", + "region": "isti_area_pi_1", + "subnet_id": null, + "subnet_ids": null, + "tags": null, + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null, + "value_specs": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=" + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_floatingip_v2", + "name": "ssh_jump_proxy_ip", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "address": "146.48.30.179", + "all_tags": [], + "description": "SSH Proxy Jump Server", + "dns_domain": "", + "dns_name": "", + "fixed_ip": "", + "id": "b5fbccf0-fcd1-4402-924f-3a3624f5e265", + "pool": "external-network", + "port_id": "", + "region": "isti_area_pi_1", + "subnet_id": null, + "subnet_ids": null, + "tags": null, + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null, + "value_specs": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=" + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_port_v2", + "name": "internal_ca_port", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "admin_state_up": true, + "all_fixed_ips": [ + "10.10.0.4" + ], + "all_security_group_ids": [ + "c4a3a99c-83e0-46b6-9a28-62d742b6ec0e" + ], + "all_tags": [], + "allowed_address_pairs": [], + "binding": [ + { + "host_id": "", + "profile": "{}", + "vif_details": {}, + "vif_type": "unbound", + "vnic_type": "normal" + } + ], + "description": "", + "device_id": "", + "device_owner": "", + "dns_assignment": [ + { + "fqdn": "host-10-10-0-4.internal-cloud.isti.cnr.it.", + "hostname": "host-10-10-0-4", + "ip_address": "10.10.0.4" + } + ], + "dns_name": "", + "extra_dhcp_option": [], + "fixed_ip": [ + { + "ip_address": "10.10.0.4", + "subnet_id": "0a5dd0f6-e23d-469e-982c-7bb280221c12" + } + ], + "id": "8fafcb49-0b9b-49df-9c1b-fa7c377f7975", + "mac_address": "fa:16:3e:24:37:3f", + "name": "ca-port", + "network_id": "9b3cd2d7-f9f0-4d4a-ae0b-29c8ceb055f4", + "no_fixed_ip": null, + "no_security_groups": null, + "port_security_enabled": true, + "qos_policy_id": "", + "region": "isti_area_pi_1", + "security_group_ids": [ + "c4a3a99c-83e0-46b6-9a28-62d742b6ec0e" + ], + "tags": null, + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null, + "value_specs": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "data.terraform_remote_state.privnet_dns_router", + "openstack_networking_secgroup_v2.default" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_port_v2", + "name": "main_haproxy_l7_port", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "admin_state_up": true, + "all_fixed_ips": [ + "10.10.0.11" + ], + "all_security_group_ids": [ + "68966027-d706-441f-8540-499cd44034af", + "c4a3a99c-83e0-46b6-9a28-62d742b6ec0e" + ], + "all_tags": [], + "allowed_address_pairs": [], + "binding": [ + { + "host_id": "", + "profile": "{}", + "vif_details": {}, + "vif_type": "unbound", + "vnic_type": "normal" + } + ], + "description": "", + "device_id": "", + "device_owner": "", + "dns_assignment": [ + { + "fqdn": "host-10-10-0-11.internal-cloud.isti.cnr.it.", + "hostname": "host-10-10-0-11", + "ip_address": "10.10.0.11" + } + ], + "dns_name": "", + "extra_dhcp_option": [], + "fixed_ip": [ + { + "ip_address": "10.10.0.11", + "subnet_id": "0a5dd0f6-e23d-469e-982c-7bb280221c12" + } + ], + "id": "e96b8b2c-1e4f-490d-9db8-398f7a0e3f4a", + "mac_address": "fa:16:3e:c5:68:fb", + "name": "main-haproxy-l7-01-port", + "network_id": "9b3cd2d7-f9f0-4d4a-ae0b-29c8ceb055f4", + "no_fixed_ip": null, + "no_security_groups": null, + "port_security_enabled": true, + "qos_policy_id": "", + "region": "isti_area_pi_1", + "security_group_ids": [ + "68966027-d706-441f-8540-499cd44034af", + "c4a3a99c-83e0-46b6-9a28-62d742b6ec0e" + ], + "tags": null, + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null, + "value_specs": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "data.terraform_remote_state.privnet_dns_router", + "openstack_networking_secgroup_v2.default", + "openstack_networking_secgroup_v2.main_lb_to_haproxy_l7" + ] + }, + { + "index_key": 1, + "schema_version": 0, + "attributes": { + "admin_state_up": true, + "all_fixed_ips": [ + "10.10.0.12" + ], + "all_security_group_ids": [ + "68966027-d706-441f-8540-499cd44034af", + "c4a3a99c-83e0-46b6-9a28-62d742b6ec0e" + ], + "all_tags": [], + "allowed_address_pairs": [], + "binding": [ + { + "host_id": "", + "profile": "{}", + "vif_details": {}, + "vif_type": "unbound", + "vnic_type": "normal" + } + ], + "description": "", + "device_id": "", + "device_owner": "", + "dns_assignment": [ + { + "fqdn": "host-10-10-0-12.internal-cloud.isti.cnr.it.", + "hostname": "host-10-10-0-12", + "ip_address": "10.10.0.12" + } + ], + "dns_name": "", + "extra_dhcp_option": [], + "fixed_ip": [ + { + "ip_address": "10.10.0.12", + "subnet_id": "0a5dd0f6-e23d-469e-982c-7bb280221c12" + } + ], + "id": "162ae928-c2e4-449e-9521-835ad03e339d", + "mac_address": "fa:16:3e:9d:d6:e4", + "name": "main-haproxy-l7-02-port", + "network_id": "9b3cd2d7-f9f0-4d4a-ae0b-29c8ceb055f4", + "no_fixed_ip": null, + "no_security_groups": null, + "port_security_enabled": true, + "qos_policy_id": "", + "region": "isti_area_pi_1", + "security_group_ids": [ + "68966027-d706-441f-8540-499cd44034af", + "c4a3a99c-83e0-46b6-9a28-62d742b6ec0e" + ], + "tags": null, + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null, + "value_specs": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "data.terraform_remote_state.privnet_dns_router", + "openstack_networking_secgroup_v2.default", + "openstack_networking_secgroup_v2.main_lb_to_haproxy_l7" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_port_v2", + "name": "prometheus_server_port", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "admin_state_up": true, + "all_fixed_ips": [ + "10.10.0.10" + ], + "all_security_group_ids": [ + "54be0898-6c08-400b-9503-9d9dce935371", + "91492d1d-06dc-48e9-91f8-567c3c77d7d5", + "c4a3a99c-83e0-46b6-9a28-62d742b6ec0e" + ], + "all_tags": [], + "allowed_address_pairs": [], + "binding": [ + { + "host_id": "", + "profile": "{}", + "vif_details": {}, + "vif_type": "unbound", + "vnic_type": "normal" + } + ], + "description": "", + "device_id": "", + "device_owner": "", + "dns_assignment": [ + { + "fqdn": "host-10-10-0-10.internal-cloud.isti.cnr.it.", + "hostname": "host-10-10-0-10", + "ip_address": "10.10.0.10" + } + ], + "dns_name": "", + "extra_dhcp_option": [], + "fixed_ip": [ + { + "ip_address": "10.10.0.10", + "subnet_id": "0a5dd0f6-e23d-469e-982c-7bb280221c12" + } + ], + "id": "14f4c125-725c-4a54-bb0e-d442f2dbc65a", + "mac_address": "fa:16:3e:e1:d2:19", + "name": "prometheus-port", + "network_id": "9b3cd2d7-f9f0-4d4a-ae0b-29c8ceb055f4", + "no_fixed_ip": null, + "no_security_groups": null, + "port_security_enabled": true, + "qos_policy_id": "", + "region": "isti_area_pi_1", + "security_group_ids": [ + "54be0898-6c08-400b-9503-9d9dce935371", + "91492d1d-06dc-48e9-91f8-567c3c77d7d5", + "c4a3a99c-83e0-46b6-9a28-62d742b6ec0e" + ], + "tags": null, + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null, + "value_specs": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "data.terraform_remote_state.privnet_dns_router", + "openstack_networking_secgroup_v2.default", + "openstack_networking_secgroup_v2.prometheus_access_from_grafana", + "openstack_networking_secgroup_v2.restricted_web" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_port_v2", + "name": "ssh_jump_proxy_port", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "admin_state_up": true, + "all_fixed_ips": [ + "10.10.0.5" + ], + "all_security_group_ids": [ + "0f52158e-c767-4baf-9d6d-1986ca886dd0", + "c4a3a99c-83e0-46b6-9a28-62d742b6ec0e" + ], + "all_tags": [], + "allowed_address_pairs": [], + "binding": [ + { + "host_id": "", + "profile": "{}", + "vif_details": {}, + "vif_type": "unbound", + "vnic_type": "normal" + } + ], + "description": "", + "device_id": "", + "device_owner": "", + "dns_assignment": [ + { + "fqdn": "host-10-10-0-5.internal-cloud.isti.cnr.it.", + "hostname": "host-10-10-0-5", + "ip_address": "10.10.0.5" + } + ], + "dns_name": "", + "extra_dhcp_option": [], + "fixed_ip": [ + { + "ip_address": "10.10.0.5", + "subnet_id": "0a5dd0f6-e23d-469e-982c-7bb280221c12" + } + ], + "id": "e1cf6d34-a286-4a19-aea2-100c8d087d41", + "mac_address": "fa:16:3e:36:7c:5c", + "name": "ssh-jump-proxy-port", + "network_id": "9b3cd2d7-f9f0-4d4a-ae0b-29c8ceb055f4", + "no_fixed_ip": null, + "no_security_groups": null, + "port_security_enabled": true, + "qos_policy_id": "", + "region": "isti_area_pi_1", + "security_group_ids": [ + "0f52158e-c767-4baf-9d6d-1986ca886dd0", + "c4a3a99c-83e0-46b6-9a28-62d742b6ec0e" + ], + "tags": null, + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null, + "value_specs": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "data.terraform_remote_state.privnet_dns_router", + "openstack_networking_secgroup_v2.access_to_the_jump_proxy", + "openstack_networking_secgroup_v2.default" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "egress-ipv4", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "", + "direction": "egress", + "ethertype": "IPv4", + "id": "414f9a17-37a2-4149-9654-037ca7bc102e", + "port_range_max": 0, + "port_range_min": 0, + "protocol": "", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "", + "security_group_id": "c4a3a99c-83e0-46b6-9a28-62d742b6ec0e", + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.default" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "grafana_d4s", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "Allow HTTPS from grafana.d4science.org", + "direction": "ingress", + "ethertype": "IPv4", + "id": "5e39f441-ea00-4953-a02c-0212757783f8", + "port_range_max": 443, + "port_range_min": 443, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "146.48.28.103/32", + "security_group_id": "91492d1d-06dc-48e9-91f8-567c3c77d7d5", + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.prometheus_access_from_grafana" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "haproxy-l7-1-443", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "HTTPS traffic from HAPROXY L7 1", + "direction": "ingress", + "ethertype": "IPv4", + "id": "80d8b03b-7630-4283-ad02-c75e1f8cef6d", + "port_range_max": 443, + "port_range_min": 443, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "10.10.0.11/32", + "security_group_id": "1556ed52-f8d4-4f80-acbf-5b62c47b20bb", + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.traffic_from_main_haproxy" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "haproxy-l7-1-80", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "HTTP traffic from HAPROXY L7 1", + "direction": "ingress", + "ethertype": "IPv4", + "id": "558f252b-f799-4b95-8b12-8a4d7bd9e47d", + "port_range_max": 80, + "port_range_min": 80, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "10.10.0.11/32", + "security_group_id": "1556ed52-f8d4-4f80-acbf-5b62c47b20bb", + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.traffic_from_main_haproxy" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "haproxy-l7-1-8080", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "HTTP traffic from HAPROXY L7 1", + "direction": "ingress", + "ethertype": "IPv4", + "id": "84034709-9cae-494f-b7a0-fd49afae8783", + "port_range_max": 8080, + "port_range_min": 8080, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "10.10.0.11/32", + "security_group_id": "1556ed52-f8d4-4f80-acbf-5b62c47b20bb", + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.traffic_from_main_haproxy" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "haproxy-l7-1-8888", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "HTTP traffic from HAPROXY L7 1", + "direction": "ingress", + "ethertype": "IPv4", + "id": "c379f3c4-866e-43d3-a76a-ba7b3a51c6b9", + "port_range_max": 8888, + "port_range_min": 8888, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "10.10.0.11/32", + "security_group_id": "1556ed52-f8d4-4f80-acbf-5b62c47b20bb", + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.traffic_from_main_haproxy" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "haproxy-l7-2-443", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "HTTPS traffic from HAPROXY L7 2", + "direction": "ingress", + "ethertype": "IPv4", + "id": "b26ef85e-5760-4467-9d63-28d1e522c1d1", + "port_range_max": 443, + "port_range_min": 443, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "10.10.0.12/32", + "security_group_id": "1556ed52-f8d4-4f80-acbf-5b62c47b20bb", + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.traffic_from_main_haproxy" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "haproxy-l7-2-80", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "HTTP traffic from HAPROXY L7 2", + "direction": "ingress", + "ethertype": "IPv4", + "id": "07eefd95-b2a0-445a-83b7-65e3df680fdc", + "port_range_max": 80, + "port_range_min": 80, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "10.10.0.12/32", + "security_group_id": "1556ed52-f8d4-4f80-acbf-5b62c47b20bb", + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.traffic_from_main_haproxy" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "haproxy-l7-2-8080", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "HTTP traffic from HAPROXY L7 2", + "direction": "ingress", + "ethertype": "IPv4", + "id": "a0db70d8-dccc-413b-a06c-abf85fb9f0bc", + "port_range_max": 8080, + "port_range_min": 8080, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "10.10.0.12/32", + "security_group_id": "1556ed52-f8d4-4f80-acbf-5b62c47b20bb", + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.traffic_from_main_haproxy" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "haproxy-l7-2-8888", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "HTTP traffic from HAPROXY L7 2", + "direction": "ingress", + "ethertype": "IPv4", + "id": "73b6f584-c824-4957-b9a3-3630b9e24863", + "port_range_max": 8888, + "port_range_min": 8888, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "10.10.0.12/32", + "security_group_id": "1556ed52-f8d4-4f80-acbf-5b62c47b20bb", + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.traffic_from_main_haproxy" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "http_from_everywhere", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "Allow HTTP from everywhere", + "direction": "ingress", + "ethertype": "IPv4", + "id": "330f6f9f-ed8a-4261-b0dc-0a3708d251c7", + "port_range_max": 80, + "port_range_min": 80, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "0.0.0.0/0", + "security_group_id": "54be0898-6c08-400b-9503-9d9dce935371", + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.restricted_web" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "https_from_d4s_vpn_1", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "Allow HTTPS from D4Science VPN 1", + "direction": "ingress", + "ethertype": "IPv4", + "id": "4381df2b-f45f-4d9e-8f59-9b93472be73b", + "port_range_max": 443, + "port_range_min": 443, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "146.48.122.27/32", + "security_group_id": "54be0898-6c08-400b-9503-9d9dce935371", + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.restricted_web" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "https_from_d4s_vpn_2", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "Allow HTTPS from D4Science VPN 2", + "direction": "ingress", + "ethertype": "IPv4", + "id": "20941d5a-e371-4eea-9ca0-24b71d2c8239", + "port_range_max": 443, + "port_range_min": 443, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "146.48.122.49/32", + "security_group_id": "54be0898-6c08-400b-9503-9d9dce935371", + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.restricted_web" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "https_from_s2i2s_vpn_1", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "Allow HTTPS from S2I2S VPN 1", + "direction": "ingress", + "ethertype": "IPv4", + "id": "79287b9b-cbc2-41eb-aa32-d1b44c3b2080", + "port_range_max": 443, + "port_range_min": 443, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "146.48.28.10/32", + "security_group_id": "54be0898-6c08-400b-9503-9d9dce935371", + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.restricted_web" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "https_from_s2i2s_vpn_2", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "Allow HTTPS from S2I2S VPN 2", + "direction": "ingress", + "ethertype": "IPv4", + "id": "1370c330-ae0f-444e-8f9c-f4428b4412c6", + "port_range_max": 443, + "port_range_min": 443, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "146.48.28.11/32", + "security_group_id": "54be0898-6c08-400b-9503-9d9dce935371", + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.restricted_web" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "https_from_shell_d4s", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "Allow HTTPS from shell.d4science.org", + "direction": "ingress", + "ethertype": "IPv4", + "id": "f5ffc1f1-1e95-4a15-99ad-b5e3dc2d9032", + "port_range_max": 443, + "port_range_min": 443, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "146.48.122.95/32", + "security_group_id": "54be0898-6c08-400b-9503-9d9dce935371", + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.restricted_web" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "ingress-icmp", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "Allow ICMP from remote", + "direction": "ingress", + "ethertype": "IPv4", + "id": "945e9b59-37f5-41f5-af7d-040c97145b24", + "port_range_max": 0, + "port_range_min": 0, + "protocol": "icmp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "0.0.0.0/0", + "security_group_id": "c4a3a99c-83e0-46b6-9a28-62d742b6ec0e", + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.default" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "octavia_to_haproxy_l7_8880", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "Traffic from the octavia lb instance to HAPROXY l7 port 8880", + "direction": "ingress", + "ethertype": "IPv4", + "id": "ff4620b9-1c81-46f7-b2be-bb94adbe07af", + "port_range_max": 8880, + "port_range_min": 8880, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "10.10.0.0/21", + "security_group_id": "68966027-d706-441f-8540-499cd44034af", + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "data.terraform_remote_state.privnet_dns_router", + "openstack_networking_secgroup_v2.main_lb_to_haproxy_l7" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "prometheus-node", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "Prometheus access to the node exporter", + "direction": "ingress", + "ethertype": "IPv4", + "id": "8bd92fdb-683f-42cd-8e77-7906e4a5922d", + "port_range_max": 9100, + "port_range_min": 9100, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "10.10.0.10/32", + "security_group_id": "c4a3a99c-83e0-46b6-9a28-62d742b6ec0e", + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.default" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "public_http", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "Allow HTTP from everywhere", + "direction": "ingress", + "ethertype": "IPv4", + "id": "99eb7104-e65c-47a3-82d9-16f33134f297", + "port_range_max": 80, + "port_range_min": 80, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "0.0.0.0/0", + "security_group_id": "c0ec12e4-9a8f-4534-bfd2-d6892a1d6cc0", + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.public_web" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "public_https", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "Allow HTTPS from everywhere", + "direction": "ingress", + "ethertype": "IPv4", + "id": "c537450d-693b-45ef-b461-2b76b872a1ba", + "port_range_max": 443, + "port_range_min": 443, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "0.0.0.0/0", + "security_group_id": "c0ec12e4-9a8f-4534-bfd2-d6892a1d6cc0", + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.public_web" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "shell_443", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "https debug port 443 from the shell jump proxy", + "direction": "ingress", + "ethertype": "IPv4", + "id": "0060b542-b01e-48c5-95b1-99a7f24423b1", + "port_range_max": 443, + "port_range_min": 443, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "10.10.0.5/32", + "security_group_id": "9e217f67-497f-4e4c-98fc-8ba9bdfb29c9", + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.debugging" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "shell_80", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "http debug port 80 from the shell jump proxy", + "direction": "ingress", + "ethertype": "IPv4", + "id": "52efb525-7933-441a-b6bc-4eb351ff8f6a", + "port_range_max": 80, + "port_range_min": 80, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "10.10.0.5/32", + "security_group_id": "9e217f67-497f-4e4c-98fc-8ba9bdfb29c9", + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.debugging" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "shell_8100", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "Tomcat debug on port 8100 from the shell jump proxy", + "direction": "ingress", + "ethertype": "IPv4", + "id": "557e734f-ed4e-4834-845d-f5671e99f16e", + "port_range_max": 8100, + "port_range_min": 8100, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "10.10.0.5/32", + "security_group_id": "9e217f67-497f-4e4c-98fc-8ba9bdfb29c9", + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.debugging" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "ssh-d4s-vpn-1", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "SSH traffic from D4Science VPN 1", + "direction": "ingress", + "ethertype": "IPv4", + "id": "abe6773f-24b8-45cc-8903-cd9f15973746", + "port_range_max": 22, + "port_range_min": 22, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "146.48.122.27/32", + "security_group_id": "0f52158e-c767-4baf-9d6d-1986ca886dd0", + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.access_to_the_jump_proxy" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "ssh-d4s-vpn-2", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "SSH traffic from D4Science VPN 2", + "direction": "ingress", + "ethertype": "IPv4", + "id": "d756951e-6973-474c-b72c-8b9b93f7ce23", + "port_range_max": 22, + "port_range_min": 22, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "146.48.122.49/32", + "security_group_id": "0f52158e-c767-4baf-9d6d-1986ca886dd0", + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.access_to_the_jump_proxy" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "ssh-infrascience-net", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "SSH traffic from the InfraScience network", + "direction": "ingress", + "ethertype": "IPv4", + "id": "6ac4707b-92fc-4937-8dcc-8399b6d1b3fe", + "port_range_max": 22, + "port_range_min": 22, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "146.48.122.0/23", + "security_group_id": "0f52158e-c767-4baf-9d6d-1986ca886dd0", + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.access_to_the_jump_proxy" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "ssh-jump-proxy", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "SSH traffic from the jump proxy", + "direction": "ingress", + "ethertype": "IPv4", + "id": "25c5c1fc-b41d-42b6-8b80-39c6bc7966d4", + "port_range_max": 22, + "port_range_min": 22, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "10.10.0.5/32", + "security_group_id": "c4a3a99c-83e0-46b6-9a28-62d742b6ec0e", + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.default" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "ssh-s2i2s-vpn-1", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "SSH traffic from S2I2S VPN 1", + "direction": "ingress", + "ethertype": "IPv4", + "id": "ef6e1012-da47-48ba-9101-841b59cbbfea", + "port_range_max": 22, + "port_range_min": 22, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "146.48.28.10/32", + "security_group_id": "0f52158e-c767-4baf-9d6d-1986ca886dd0", + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.access_to_the_jump_proxy" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "ssh-s2i2s-vpn-2", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "SSH traffic from S2I2S VPN 2", + "direction": "ingress", + "ethertype": "IPv4", + "id": "9f49d053-e4aa-44b6-8dfe-926e3c87567f", + "port_range_max": 22, + "port_range_min": 22, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "146.48.28.11/32", + "security_group_id": "0f52158e-c767-4baf-9d6d-1986ca886dd0", + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.access_to_the_jump_proxy" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_rule_v2", + "name": "ssh-shell-d4s", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "description": "SSH traffic from shell.d4science.org", + "direction": "ingress", + "ethertype": "IPv4", + "id": "b5855fc9-b5ee-489f-97bd-8fec48fefe07", + "port_range_max": 22, + "port_range_min": 22, + "protocol": "tcp", + "region": "isti_area_pi_1", + "remote_group_id": "", + "remote_ip_prefix": "146.48.122.95/32", + "security_group_id": "0f52158e-c767-4baf-9d6d-1986ca886dd0", + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "openstack_networking_secgroup_v2.access_to_the_jump_proxy" + ] + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_v2", + "name": "access_to_the_jump_proxy", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "all_tags": [], + "delete_default_rules": true, + "description": "Security group that allows SSH access to the jump node from a limited set of sources", + "id": "0f52158e-c767-4baf-9d6d-1986ca886dd0", + "name": "ssh_access_to_the_jump_node", + "region": "isti_area_pi_1", + "tags": null, + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==" + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_v2", + "name": "debugging", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "all_tags": [], + "delete_default_rules": true, + "description": "Security group that allows web app debugging via tunnel from the ssh jump node", + "id": "9e217f67-497f-4e4c-98fc-8ba9bdfb29c9", + "name": "debugging_from_jump_node", + "region": "isti_area_pi_1", + "tags": null, + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==" + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_v2", + "name": "default", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "all_tags": [], + "delete_default_rules": true, + "description": "Default security group with rules for ssh access via jump proxy, prometheus scraping", + "id": "c4a3a99c-83e0-46b6-9a28-62d742b6ec0e", + "name": "default_for_all", + "region": "isti_area_pi_1", + "tags": null, + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==" + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_v2", + "name": "main_lb_to_haproxy_l7", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "all_tags": [], + "delete_default_rules": true, + "description": "Traffic coming from the main L4 lb directed to the haproxy l7 servers", + "id": "68966027-d706-441f-8540-499cd44034af", + "name": "traffic_from_main_lb_to_haproxy_l7", + "region": "isti_area_pi_1", + "tags": null, + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==" + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_v2", + "name": "prometheus_access_from_grafana", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "all_tags": [], + "delete_default_rules": true, + "description": "The public grafana server must be able to get data from Prometheus", + "id": "91492d1d-06dc-48e9-91f8-567c3c77d7d5", + "name": "prometheus_access_from_grafana", + "region": "isti_area_pi_1", + "tags": null, + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==" + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_v2", + "name": "public_web", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "all_tags": [], + "delete_default_rules": true, + "description": "Security group that allows HTTPS and HTTP from everywhere, for the services that are not behind any load balancer", + "id": "c0ec12e4-9a8f-4534-bfd2-d6892a1d6cc0", + "name": "public_web_service", + "region": "isti_area_pi_1", + "tags": null, + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==" + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_v2", + "name": "restricted_web", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "all_tags": [], + "delete_default_rules": true, + "description": "Security group that restricts HTTPS sources to the VPN nodes and shell.d4science.org. HTTP is open to all, because letsencrypt", + "id": "54be0898-6c08-400b-9503-9d9dce935371", + "name": "restricted_web_service", + "region": "isti_area_pi_1", + "tags": null, + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==" + } + ] + }, + { + "mode": "managed", + "type": "openstack_networking_secgroup_v2", + "name": "traffic_from_main_haproxy", + "provider": "provider[\"registry.terraform.io/terraform-provider-openstack/openstack\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "all_tags": [], + "delete_default_rules": true, + "description": "Allow traffic from the main L7 HAPROXY load balancers", + "id": "1556ed52-f8d4-4f80-acbf-5b62c47b20bb", + "name": "traffic_from_the_main_load_balancers", + "region": "isti_area_pi_1", + "tags": null, + "tenant_id": "d3c30d05b2524faead8fabf0b511622e", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==" + } + ] + } + ], + "check_results": null +}