# VM used as jump proxy. A floating IP is required # Port in the main private network resource "openstack_networking_port_v2" "ssh_jump_proxy_port" { name = "${local.ssh_jump_proxy.name}-port" admin_state_up = true network_id = local.main_private_network_id security_group_ids = [ openstack_networking_secgroup_v2.default.id, openstack_networking_secgroup_v2.access_to_the_jump_proxy.id ] fixed_ip { subnet_id = local.main_private_subnet_id ip_address = local.basic_services_ip.ssh_jump } } resource "openstack_compute_instance_v2" "ssh_jump_proxy" { name = local.ssh_jump_proxy.name availability_zone_hints = local.availability_zones_names.availability_zone_no_gpu flavor_name = local.ssh_jump_proxy.flavor key_pair = module.ssh_settings.ssh_key_name block_device { uuid = local.ubuntu_2404.uuid source_type = "image" volume_size = 30 boot_index = 0 destination_type = "volume" delete_on_termination = false } network { port = openstack_networking_port_v2.ssh_jump_proxy_port.id } user_data = file("${local.ubuntu2404_data_file}") # Do not replace the instance when the ssh key changes lifecycle { ignore_changes = [ key_pair, user_data, network ] } } # Floating IP and DNS record resource "openstack_networking_floatingip_v2" "ssh_jump_proxy_ip" { pool = local.floating_ip_pools.main_public_ip_pool description = "SSH Proxy Jump Server" } resource "openstack_networking_floatingip_associate_v2" "ssh_jump_proxy" { floating_ip = openstack_networking_floatingip_v2.ssh_jump_proxy_ip.address port_id = openstack_networking_port_v2.ssh_jump_proxy_port.id } locals { ssh_recordset_name = "${local.ssh_jump_proxy.name}.${local.dns_zone.name}" } resource "openstack_dns_recordset_v2" "ssh_jump_proxy_recordset" { zone_id = local.dns_zone_id name = local.ssh_recordset_name description = "Public IP address of the SSH Proxy Jump server" ttl = 8600 type = "A" records = [openstack_networking_floatingip_v2.ssh_jump_proxy_ip.address] }