organization_id = "03a34540-3c1a-4794-b2c6-7111ecf824ef" Projects_map = { "projekt-alpha" = { name = "tf_modules_test_3_max" owner_email = "maximilian.schlenz@stackit.cloud" }, "projekt-beta" = { name = "tf_modules_test_4_max" owner_email = "maximilian.schlenz@stackit.cloud" } } SNA_name = "sna-tf_modules_test" SNA_network_ranges = [ { prefix = "192.168.10.0/24" } ] SNA_transfer_network = "172.16.0.0/24" security_groups = { ssh_ingress_group = { name = "ssh-ingress-group" project_key = "projekt-alpha" description = "ALLOW SSH ingress" rules = [ { description = "SSH RULE 1" direction = "ingress" ether_type = "IPv4" ip_range = "0.0.0.0/0" protocol = { name = "tcp" } port_range = { min = 22 max = 22 } }, ] }, web_traffic_group = { name = "web-traffic-group" project_key = "projekt-alpha" description = "ALLOW WEB TRAFFIC ingress" rules = [ { description = "ALLOW ALL 80" direction = "ingress" ether_type = "IPv4" ip_range = "0.0.0.0/0" protocol = { name = "tcp" } port_range = { min = 80 max = 80 } }, { description = "ALLOW ALL 443" direction = "ingress" ether_type = "IPv4" ip_range = "0.0.0.0/0" protocol = { name = "tcp" } port_range = { min = 443 max = 443 } }, ] }, } postgres_instances = { dev = { name = "pg-test-instance" project_key = "projekt-alpha" version = 17 flavor = { cpu = 2, ram = 4 } storage = { class = "premium-perf6-stackit", size = 20 } replicas = 1 acl = ["0.0.0.0/0"] backup_schedule = "00 00 * * *" users = [ { username = "adminusr", roles = ["login", "createdb"] }, { username = "testusr", roles = ["login"] } ] databases = [ { name = "testdb", owner = "admin" } ] } } networks = { wan_network = { name = "wan_network" project_key = "projekt-alpha" ipv4_nameservers = ["1.1.1.1", "8.8.8.8"] ipv4_prefix_length = 24 ipv4_prefix = "192.168.10.0/27" routed = true } lan_network1 = { name = "lan_network1" project_key = "projekt-alpha" ipv4_nameservers = ["1.1.1.1", "8.8.8.8"] ipv4_prefix_length = 24 ipv4_prefix = "192.168.10.32/27" routed = true nics = { p2_lan1 = { nic_name = "P2LAN1" nic_ipv4 = "192.168.10.33" nic_security = true nic_security_group_names = ["ssh-ingress-group"] } } } lan_network2 = { name = "lan_network2" project_key = "projekt-alpha" ipv4_nameservers = ["1.1.1.1", "8.8.8.8"] ipv4_prefix_length = 24 ipv4_prefix = "192.168.10.64/27" routed = true } lan_network3 = { name = "lan_network3" project_key = "projekt-alpha" ipv4_nameservers = ["1.1.1.1", "8.8.8.8"] ipv4_prefix_length = 24 ipv4_prefix = "192.168.10.96/27" routed = true } wan = { name = "MGMT" project_key = "projekt-alpha" ipv4_nameservers = ["1.1.1.1", "8.8.8.8"] ipv4_prefix_length = 24 ipv4_prefix = "192.168.10.128/27" nic_ipv4 = "192.168.10.254" } db = { name = "db-net" project_key = "projekt-alpha" ipv4_nameservers = ["1.1.1.1", "8.8.8.8"] nic_ipv4 = "192.168.10.161" nic_security = true } } observability_instances = { test = { # Required name = "test-observability" project_key = "projekt-alpha" plan_name = "Observability-Large-EU01" # Optional instance settings acl = ["192.168.100.10/32", "203.0.113.5/32"] metrics_retention_days = 30 metrics_retention_days_5m_downsampling = 10 metrics_retention_days_1h_downsampling = 5 # parameters = { # "custom_param" = "value" # } # Credentials create_credentials = true credentials_count = 2 # alert‑groups alertgroups = { test_group = { name = "example-alert-group" interval = "60s" rules = [ { alert = "example-alert-name" expression = "kube_node_status_condition{condition=\"Ready\", status=\"false\"} > 0" for = "60s" labels = { severity = "critical" } annotations = { summary = "example summary" description = "example description" } }, { alert = "example-alert-name-2" expression = "kube_node_status_condition{condition=\"Ready\", status=\"false\"} > 0" for = "1m" labels = { severity = "critical" } annotations = { summary = "example summary" description = "example description" } }, ] } } # log‑alert‑groups logalertgroups = { example_log = { name = "example-log-alert-group" interval = "60m" rules = [ { alert = "example-log-alert-name" expression = "sum(rate({namespace=\"example\", pod=\"logger\"} |= \"Simulated error message\" [1m])) > 0" for = "60s" labels = { severity = "critical" } annotations = { summary = "example summary" description = "example description" } }, { alert = "example-log-alert-name-2" expression = "sum(rate({namespace=\"example\", pod=\"logger\"} |= \"Another error message\" [1m])) > 0" for = "60s" labels = { severity = "critical" } annotations = { summary = "example summary" description = "example description" } }, ] } } # scrapeconfigs scrapeconfigs = { example_job = { name = "example-job" metrics_path = "/my-metrics" saml2 = { enable_url_parameters = true } targets = [ { urls = ["url1", "urls2"] labels = { "url1" = "dev" } } ] } } } } ske_clusters = { "prod-cluster" = { name = "clusterprod" project_key = "projekt-alpha" network_id = "53917a75-0014-49b0-a4d6-e62934ab479f" # WICHTIG: Hier die Netzwerk-ID connecten kubernetes_version_min = "1.32.5" node_pools = [ { name = "defaulpool" machine_type = "c1.2" availability_zones = ["eu01-1"] minimum = 1 maximum = 2 cri = "containerd" volume_type = "storage_premium_perf1" volume_size = 21 labels = { "worker" = "default" } taints = [{ effect = "NoSchedule" key = "app" value = "database" }] } ] hibernations = [ { start = "00 18 * * 1-5" # Mo-Fr um 18:00 Uhr end = "00 08 * * 1-5" # Mo-Fr um 08:00 Uhr timezone = "Europe/Berlin" } ] maintenance = { enable_kubernetes_version_updates = true enable_machine_image_version_updates = true start = "01:00:00Z" end = "03:00:00Z" } extensions = { acl = { enabled = true allowed_cidrs = ["0.0.0.0/0"] } } }, "dev-cluster" = { name = "clusterdev" kubernetes_version_min = "1.32.5" project_key = "projekt-beta" network_id = "bedfc709-9285-4078-93ab-8e8a1c0be6bd" # WICHTIG: Hier die Netzwerk-ID connecten node_pools = [ { name = "devpool" machine_type = "c1.2" availability_zones = ["eu01-2"] minimum = 1 maximum = 2 volume_size = 21 } ] } }