312 lines
8.6 KiB
HCL
312 lines
8.6 KiB
HCL
variable "region" {
|
|
description = "Region for the STACKIT Cloud"
|
|
type = string
|
|
default = "eu01"
|
|
}
|
|
|
|
variable "project_id" {
|
|
description = "STACKIT Cloud project ID"
|
|
type = string
|
|
default = null
|
|
}
|
|
|
|
variable "service_account_token" {
|
|
description = "Service account token for authentication"
|
|
sensitive = true
|
|
type = string
|
|
default = null
|
|
}
|
|
|
|
# SNA & Projects variables
|
|
|
|
variable "organization_id" {
|
|
description = "Die Container-ID deiner STACKIT Organisation."
|
|
type = string
|
|
}
|
|
|
|
variable "service_account_key_path" {
|
|
type = string
|
|
default = "/users/schlenz/.stackit/sa.json"
|
|
}
|
|
|
|
variable "default_region" {
|
|
type = string
|
|
default = "eu01"
|
|
}
|
|
|
|
variable "SNA_name" {
|
|
description = "Name der zu erstellenden Service Network Area."
|
|
type = string
|
|
}
|
|
|
|
variable "SNA_network_ranges" {
|
|
description = "Liste der Netzwerk-CIDRs für die SNA."
|
|
type = list(object({ prefix = string }))
|
|
}
|
|
|
|
variable "SNA_transfer_network" {
|
|
description = "Das Transfer-Netzwerk für die SNA (z.B. 172.16.9.0/24)."
|
|
type = string
|
|
}
|
|
|
|
variable "Projects_map" {
|
|
description = "Eine Map von Projekten, die erstellt werden sollen."
|
|
type = map(object({
|
|
name = string
|
|
owner_email = string
|
|
}))
|
|
}
|
|
|
|
variable "labels" {
|
|
type = map(string)
|
|
default = {}
|
|
}
|
|
|
|
variable "security_groups" {
|
|
type = map(object({
|
|
name = optional(string)
|
|
project_key = string
|
|
description = optional(string)
|
|
rules = list(object({
|
|
direction = string
|
|
description = optional(string)
|
|
ether_type = optional(string)
|
|
icmp_parameters = optional(object({
|
|
type = optional(number)
|
|
code = optional(number)
|
|
}))
|
|
ip_range = optional(string)
|
|
port_range = optional(object({
|
|
min = number
|
|
max = number
|
|
}))
|
|
protocol = optional(object({
|
|
name = optional(string)
|
|
number = optional(number)
|
|
}))
|
|
remote_security_group_id = optional(string)
|
|
}))
|
|
}))
|
|
}
|
|
|
|
variable "postgres_instances" {
|
|
type = map(object({
|
|
name = string
|
|
project_key = string
|
|
version = number
|
|
flavor = object({ cpu = number, ram = number })
|
|
storage = object({ class = string, size = number })
|
|
replicas = number
|
|
acl = list(string)
|
|
backup_schedule = string
|
|
users = list(object({
|
|
username = string
|
|
roles = set(string)
|
|
}))
|
|
databases = list(object({
|
|
name = string
|
|
owner = string
|
|
}))
|
|
}))
|
|
}
|
|
|
|
# Network definition map
|
|
variable "networks" {
|
|
type = map(object({
|
|
name = string
|
|
project_key = string
|
|
# IPv4 settings
|
|
ipv4_gateway = optional(string)
|
|
ipv4_nameservers = optional(list(string))
|
|
ipv4_prefix = optional(string)
|
|
ipv4_prefix_length = optional(number)
|
|
|
|
# IPv6 settings
|
|
ipv6_gateway = optional(string)
|
|
ipv6_nameservers = optional(list(string))
|
|
ipv6_prefix = optional(string)
|
|
ipv6_prefix_length = optional(number)
|
|
|
|
# Flags & labels
|
|
labels = optional(map(string))
|
|
no_ipv4_gateway = optional(bool)
|
|
no_ipv6_gateway = optional(bool)
|
|
routed = optional(bool)
|
|
|
|
# NIC-specific options
|
|
nics = optional(map(object({
|
|
nic_ipv4 = optional(string)
|
|
nic_name = string
|
|
nic_allowed_addresses = optional(list(string))
|
|
nic_labels = optional(map(string))
|
|
nic_security = optional(bool)
|
|
nic_security_group_ids = optional(list(string))
|
|
nic_security_group_names = optional(list(string))
|
|
})))
|
|
}))
|
|
|
|
default = {}
|
|
}
|
|
|
|
variable "ske_clusters" {
|
|
description = "Eine Map von SKE-Clustern"
|
|
type = map(object({
|
|
|
|
name = string
|
|
project_key = string
|
|
network_id = string
|
|
|
|
kubernetes_version_min = optional(string)
|
|
hibernations = optional(list(object({
|
|
start = string
|
|
end = string
|
|
timezone = optional(string)
|
|
})))
|
|
maintenance = optional(object({
|
|
enable_kubernetes_version_updates = bool
|
|
enable_machine_image_version_updates = bool
|
|
start = string
|
|
end = string
|
|
}))
|
|
extensions = optional(object({
|
|
acl = optional(object({
|
|
enabled = bool
|
|
allowed_cidrs = list(string)
|
|
}))
|
|
argus = optional(object({
|
|
enabled = bool
|
|
argus_instance_id = string
|
|
}))
|
|
}))
|
|
|
|
node_pools = list(object({
|
|
|
|
name = string
|
|
machine_type = string
|
|
availability_zones = list(string)
|
|
minimum = number
|
|
maximum = number
|
|
|
|
allow_system_components = optional(bool)
|
|
cri = optional(string)
|
|
labels = optional(map(string))
|
|
max_surge = optional(number)
|
|
max_unavailable = optional(number)
|
|
os_name = optional(string)
|
|
os_version_min = optional(string)
|
|
volume_size = optional(number)
|
|
volume_type = optional(string)
|
|
taints = optional(list(object({
|
|
effect = string
|
|
key = string
|
|
value = optional(string)
|
|
})))
|
|
}))
|
|
}))
|
|
default = {}
|
|
}
|
|
|
|
variable "observability_instances" {
|
|
description = "Map of Observability instances to create"
|
|
type = map(object({
|
|
# Required
|
|
name = string
|
|
project_key = string
|
|
plan_name = string
|
|
|
|
# Optional instance settings
|
|
acl = optional(list(string))
|
|
metrics_retention_days = optional(number)
|
|
metrics_retention_days_5m_downsampling = optional(number)
|
|
metrics_retention_days_1h_downsampling = optional(number)
|
|
alert_config = optional(any)
|
|
parameters = optional(map(string))
|
|
|
|
# Control credential creation
|
|
create_credentials = optional(bool, true)
|
|
credentials_count = optional(number, 1)
|
|
|
|
# alert-groups
|
|
alertgroups = optional(map(object({
|
|
name = string
|
|
interval = optional(string)
|
|
rules = list(object({
|
|
alert = string
|
|
expression = string
|
|
for = optional(string)
|
|
labels = optional(map(string))
|
|
annotations = optional(map(string))
|
|
}))
|
|
})), {})
|
|
|
|
# log-alert-groups
|
|
logalertgroups = optional(map(object({
|
|
name = string
|
|
interval = optional(string)
|
|
rules = list(object({
|
|
alert = string
|
|
expression = string
|
|
for = optional(string)
|
|
labels = optional(map(string))
|
|
annotations = optional(map(string))
|
|
}))
|
|
})), {})
|
|
|
|
# scrape-configs
|
|
scrapeconfigs = optional(map(object({
|
|
name = string
|
|
metrics_path = string
|
|
targets = list(object({
|
|
urls = list(string)
|
|
labels = optional(map(string))
|
|
}))
|
|
basic_auth = optional(object({
|
|
username = string
|
|
password = string
|
|
}))
|
|
saml2 = optional(object({
|
|
enable_url_parameters = optional(bool)
|
|
}))
|
|
sample_limit = optional(number)
|
|
scheme = optional(string)
|
|
scrape_interval = optional(string)
|
|
scrape_timeout = optional(string)
|
|
})), {})
|
|
}))
|
|
default = {}
|
|
validation {
|
|
condition = alltrue([
|
|
for k, v in var.observability_instances :
|
|
contains([
|
|
"Observability-Medium-EU01",
|
|
"Observability-Monitoring-XL-EU01",
|
|
"Observability-Large-EU01",
|
|
"Observability-Monitoring-Basic-EU01",
|
|
"Observability-Monitoring-Large-EU01",
|
|
"Observability-Basic-EU01",
|
|
"Observability-Monitoring-Medium-EU01",
|
|
"Observability-Monitoring-XXL-EU01",
|
|
"Observability-Metrics-Endpoint-100k-EU01",
|
|
"Observability-Frontend-Starter-EU01",
|
|
"Observability-Monitoring-Starter-EU01",
|
|
"Observability-Starter-EU01",
|
|
], v.plan_name)
|
|
])
|
|
error_message = <<-EOM
|
|
One or more observability_instances specify an invalid plan_name.
|
|
See the provider error output for the list of supported plans. Allowed values:
|
|
Observability-Medium-EU01
|
|
Observability-Monitoring-XL-EU01
|
|
Observability-Large-EU01
|
|
Observability-Monitoring-Basic-EU01
|
|
Observability-Monitoring-Large-EU01
|
|
Observability-Basic-EU01
|
|
Observability-Monitoring-Medium-EU01
|
|
Observability-Monitoring-XXL-EU01
|
|
Observability-Metrics-Endpoint-100k-EU01
|
|
Observability-Frontend-Starter-EU01
|
|
Observability-Monitoring-Starter-EU01
|
|
Observability-Starter-EU01
|
|
EOM
|
|
}
|
|
}
|