diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..5941a3b --- /dev/null +++ b/.gitignore @@ -0,0 +1,3 @@ +*.qcow2 +.terraform* +terraform* diff --git a/00-provider.tf b/00-provider.tf new file mode 100644 index 0000000..0745928 --- /dev/null +++ b/00-provider.tf @@ -0,0 +1,23 @@ + +terraform { + required_providers { + stackit = { + source = "stackitcloud/stackit" + version = ">=0.50.0" + } + } +} + +# Authentication +# Key flow (using path) + + +provider "stackit" { + default_region = var.default_region + service_account_key_path = var.service_account_key_path + enable_beta_resources = true +} + +module "project" { + source = "./project" # Der Pfad zum Modul-Verzeichnis +} diff --git a/01-network.tf b/01-network.tf new file mode 100644 index 0000000..3e85cd0 --- /dev/null +++ b/01-network.tf @@ -0,0 +1,398 @@ + +resource "stackit_network" "mgmt_network" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + name = "mgmt_network" + ipv4_nameservers = ["1.1.1.1", "8.8.8.8"] + ipv4_prefix_length = 24 + ipv4_prefix = "10.220.129.0/24" + routed = true +} + +resource "stackit_network" "ha_network" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + name = "ha_network" + ipv4_prefix_length = 24 + ipv4_prefix = "10.220.254.0/24" + routed = false +} + +resource "stackit_network" "wan_network" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + name = "wan_network" + ipv4_nameservers = ["1.1.1.1", "8.8.8.8"] + ipv4_prefix_length = 24 + ipv4_prefix = "10.220.131.0/24" + routed = true +} + + +resource "stackit_network" "lan_network" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + name = "lan_network" + ipv4_prefix_length = 24 + ipv4_prefix = "10.220.0.0/24" + routed = false +} + +resource "stackit_network" "lan_network1" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + name = "lan_network1" + ipv4_prefix_length = 24 + ipv4_prefix = "10.220.1.0/24" + routed = false +} + +resource "stackit_network" "lan_network2" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + name = "lan_network2" + ipv4_prefix_length = 24 + ipv4_prefix = "10.220.2.0/24" + routed = false +} + +resource "stackit_network" "lan_network3" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + name = "lan_network3" + ipv4_prefix_length = 24 + ipv4_prefix = "10.220.3.0/24" + routed = false +} + +resource "stackit_network" "lan_network4" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + name = "lan_network4" + ipv4_prefix_length = 24 + ipv4_prefix = "10.220.4.0/24" + routed = false +} + +resource "stackit_network" "lan_network5" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + name = "lan_network5" + ipv4_prefix_length = 24 + ipv4_prefix = "10.220.5.0/24" + routed = false +} + +resource "stackit_network" "lan_network6" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + name = "lan_network6" + ipv4_prefix_length = 24 + ipv4_prefix = "10.220.6.0/24" + routed = false +} + +resource "stackit_network" "lan_network7" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + name = "lan_network7" + ipv4_prefix_length = 24 + ipv4_prefix = "10.220.7.0/24" + routed = false +} + +resource "stackit_network" "lan_network8" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + name = "lan_network8" + ipv4_prefix_length = 24 + ipv4_prefix = "10.220.8.0/24" + routed = false +} + +resource "stackit_network" "lan_network9" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + name = "lan_network9" + ipv4_prefix_length = 24 + ipv4_prefix = "10.220.9.0/24" + routed = false +} + +resource "stackit_network" "lan_network10" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + name = "lan_network10" + ipv4_prefix_length = 24 + ipv4_prefix = "10.220.10.0/24" + routed = false +} + +resource "stackit_network" "lan_network11" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + name = "lan_network11" + ipv4_prefix_length = 24 + ipv4_prefix = "10.220.11.0/24" + routed = false +} + +resource "stackit_network_interface" "mgmt" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_id = stackit_network.mgmt_network.network_id + security = false + name = "MGMT" + ipv4 = "10.220.129.17" +} + +resource "stackit_network_interface" "ha" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_id = stackit_network.ha_network.network_id + security = false + name = "HA" + ipv4 = "10.220.254.100" +} +resource "stackit_network_interface" "wan" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_id = stackit_network.wan_network.network_id + security = true + name = "MGMT" + ipv4 = "10.220.131.10" + allowed_addresses = ["10.220.131.30/32"] + security_group_ids = ["2d7c21fc-16af-4dda-91b3-15d98f895c1e"] + +} + +resource "stackit_network_interface" "mgmt2" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_id = stackit_network.mgmt_network.network_id + security = false + name = "MGMT2" + ipv4 = "10.220.129.18" +} + +resource "stackit_network_interface" "ha2" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_id = stackit_network.ha_network.network_id + security = false + name = "HA2" + ipv4 = "10.220.254.200" +} +resource "stackit_network_interface" "wan2" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_id = stackit_network.wan_network.network_id + security = true + name = "WAN2" + ipv4 = "10.220.131.20" + allowed_addresses = ["10.220.131.30/32"] + security_group_ids = ["2d7c21fc-16af-4dda-91b3-15d98f895c1e"] +} + +resource "stackit_network_interface" "wan3" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_id = stackit_network.wan_network.network_id + security = false + name = "WAN3" + ipv4 = "10.220.131.30" +} + +resource "stackit_network_interface" "lan" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_id = stackit_network.lan_network.network_id + security = false + name = "LAN" +} +resource "stackit_network_interface" "lan_2" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_id = stackit_network.lan_network.network_id + security = false + name = "LAN" +} + +resource "stackit_network_interface" "lan1" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_id = stackit_network.lan_network1.network_id + security = false + name = "LAN1" +} +resource "stackit_network_interface" "lan1_2" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_id = stackit_network.lan_network1.network_id + security = false + name = "LAN1" +} + +resource "stackit_network_interface" "lan2" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_id = stackit_network.lan_network2.network_id + security = false + name = "LAN2" +} +resource "stackit_network_interface" "lan2_2" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_id = stackit_network.lan_network2.network_id + security = false + name = "LAN2" +} + +resource "stackit_network_interface" "lan3" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_id = stackit_network.lan_network3.network_id + security = false + name = "LAN3" +} +resource "stackit_network_interface" "lan3_2" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_id = stackit_network.lan_network3.network_id + security = false + name = "LAN3_2" +} + +resource "stackit_network_interface" "lan4" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_id = stackit_network.lan_network4.network_id + security = false + name = "LAN4" +} +resource "stackit_network_interface" "lan4_2" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_id = stackit_network.lan_network4.network_id + security = false + name = "LAN4_2" +} + +resource "stackit_network_interface" "lan5" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_id = stackit_network.lan_network5.network_id + security = false + name = "LAN5" +} +resource "stackit_network_interface" "lan5_2" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_id = stackit_network.lan_network5.network_id + security = false + name = "LAN5_2" +} + +resource "stackit_network_interface" "lan6" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_id = stackit_network.lan_network6.network_id + security = false + name = "LAN6" +} +resource "stackit_network_interface" "lan6_2" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_id = stackit_network.lan_network6.network_id + security = false + name = "LAN6_2" +} + +resource "stackit_network_interface" "lan7" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_id = stackit_network.lan_network7.network_id + security = false + name = "LAN7" +} +resource "stackit_network_interface" "lan7_2" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_id = stackit_network.lan_network7.network_id + security = false + name = "LAN7_2" +} + +resource "stackit_network_interface" "lan8" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_id = stackit_network.lan_network8.network_id + security = false + name = "LAN8" +} +resource "stackit_network_interface" "lan8_2" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_id = stackit_network.lan_network8.network_id + security = false + name = "LAN8_2" +} + +resource "stackit_network_interface" "lan9" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_id = stackit_network.lan_network9.network_id + security = false + name = "LAN9" +} +resource "stackit_network_interface" "lan9_2" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_id = stackit_network.lan_network9.network_id + security = false + name = "LAN9_2" +} + +resource "stackit_network_interface" "lan10" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_id = stackit_network.lan_network10.network_id + security = false + name = "LAN10" +} +resource "stackit_network_interface" "lan10_2" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_id = stackit_network.lan_network10.network_id + security = false + name = "LAN10_2" +} + +resource "stackit_network_interface" "lan11" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_id = stackit_network.lan_network11.network_id + security = false + name = "LAN11" +} +resource "stackit_network_interface" "lan11_2" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_id = stackit_network.lan_network11.network_id + security = false + name = "LAN11_2" +} + +resource "stackit_network_interface" "lan_mgmt" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_id = stackit_network.mgmt_network.network_id + security = false + name = "LANMGMT" + ipv4 = "10.220.129.200" +} +resource "stackit_network_interface" "lan_mgmt_2" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_id = stackit_network.mgmt_network.network_id + security = false + name = "LANMGMT2" + ipv4 = "10.220.129.210" +} + +resource "stackit_network_interface" "lan_mgmt_vip" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_id = stackit_network.mgmt_network.network_id + security = false + name = "LANMGMTVIP" + ipv4 = "10.220.129.30" +} + +resource "stackit_public_ip" "mgmt_ip" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_interface_id = stackit_network_interface.mgmt.network_interface_id +} + +resource "stackit_public_ip" "wan_ip" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_interface_id = stackit_network_interface.wan.network_interface_id +} + + +resource "stackit_public_ip" "mgmt2_ip" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_interface_id = stackit_network_interface.mgmt2.network_interface_id +} + +resource "stackit_public_ip" "wan2_ip" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_interface_id = stackit_network_interface.wan2.network_interface_id +} + +resource "stackit_public_ip" "wan3_ip" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + network_interface_id = stackit_network_interface.wan3.network_interface_id +} + +output "public_ips" { + value = { + "mgmt_ip" = stackit_public_ip.mgmt_ip.ip + "wan_ip" = stackit_public_ip.wan_ip.ip + "mgmt2_ip" = stackit_public_ip.mgmt2_ip.ip + "wan2_ip" = stackit_public_ip.wan2_ip.ip + "VIP" = stackit_public_ip.wan3_ip.ip + } +} + diff --git a/02-paloalto-image.tf b/02-paloalto-image.tf new file mode 100644 index 0000000..aa5e652 --- /dev/null +++ b/02-paloalto-image.tf @@ -0,0 +1,13 @@ +// Upload VPN Appliance Image to STACKIT +resource "stackit_image" "paloalto" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + name = "PA-VM-KVM-11.2.5-root" + local_file_path = "./PA-VM-KVM-11.2.5.qcow2" + disk_format = "qcow2" + min_disk_size = 80 + min_ram = 8 + config = { + uefi = false + } +} + diff --git a/03-paloalto_appliance.tf b/03-paloalto_appliance.tf new file mode 100644 index 0000000..f24e8c5 --- /dev/null +++ b/03-paloalto_appliance.tf @@ -0,0 +1,48 @@ +resource "stackit_volume" "paloalto_vol" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + name = "PA-VM-KVM-11.2.5-root" + availability_zone = var.region_az1 + size = 100 + performance_class = "storage_premium_perf2" + source = { + id = stackit_image.paloalto.image_id + type = "image" + } +} + +resource "stackit_server" "paloalto_server" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + name = "paloAlto" + boot_volume = { + source_type = "volume" + source_id = stackit_volume.paloalto_vol.volume_id + } + availability_zone = var.region_az1 + machine_type = var.flavor + network_interfaces = [stackit_network_interface.mgmt.network_interface_id, stackit_network_interface.ha.network_interface_id, stackit_network_interface.wan.network_interface_id] +} + +resource "stackit_volume" "paloalto_vol_2" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + name = "PA-VM-KVM-11.2.5-root2" + availability_zone = var.region_az2 + size = 100 + performance_class = "storage_premium_perf2" + source = { + id = stackit_image.paloalto.image_id + type = "image" + } +} + +resource "stackit_server" "paloalto_server_2" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + name = "paloAlto2" + boot_volume = { + source_type = "volume" + source_id = stackit_volume.paloalto_vol_2.volume_id + } + availability_zone = var.region_az2 + machine_type = var.flavor + network_interfaces = [stackit_network_interface.mgmt2.network_interface_id, stackit_network_interface.ha2.network_interface_id, stackit_network_interface.wan2.network_interface_id] +} + diff --git a/99-variables.tf b/99-variables.tf new file mode 100644 index 0000000..2ba66a1 --- /dev/null +++ b/99-variables.tf @@ -0,0 +1,35 @@ +# -- network variables +variable "organization_id" { + default = "f11f166b-ecd8-4a73-8022-208700ad5aec" +} + +variable "service_account_key_path" { + default = "./key.json" +} + +variable "default_region" { + default ="eu01" +} + +variable "region_az1" { + default = "eu01-1" +} + +variable "region_az2" { + default = "eu01-2" +} + +variable "region_az3" { + default = "eu01-3" +} + +variable "region_metro" { + default = "eu01-m" +} + +variable "flavor" { + type = string + description = "" + default = "m1.2" +} + diff --git a/README.md b/README.md index dc10a05..090aa07 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,12 @@ -# terraform-paloalto-ha +1. terraform files for deploying the hengeler project +2. terraform files for add a palo alto fw +3. currently splitted because of 2 internal bugs in stackit cli and terraform but should be fixed now .... so code can be changed. + +Todo: + +- activate the project module that you only need one terraform run and one set of terraform state files +- the state files must be secured and backuped to an S3 Object Store. +- + + diff --git a/attachment.tf b/attachment.tf new file mode 100644 index 0000000..7d4b33d --- /dev/null +++ b/attachment.tf @@ -0,0 +1,159 @@ + +resource "stackit_server_network_interface_attach" "nic-attachment1" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + server_id = stackit_server.paloalto_server.server_id + network_interface_id = stackit_network_interface.lan.network_interface_id +} + +resource "stackit_server_network_interface_attach" "nic-attachment-lan1_2" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + server_id = stackit_server.paloalto_server.server_id + network_interface_id = stackit_network_interface.lan1.network_interface_id + depends_on = [ stackit_server_network_interface_attach.nic-attachment1 ] +} +resource "stackit_server_network_interface_attach" "nic-attachment-lan1_21398" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + server_id = stackit_server.paloalto_server.server_id + network_interface_id = stackit_network_interface.lan2.network_interface_id + depends_on = [ stackit_server_network_interface_attach.nic-attachment-lan1_2 ] +} +resource "stackit_server_network_interface_attach" "nic-attachment-lan1_2978" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + server_id = stackit_server.paloalto_server.server_id + network_interface_id = stackit_network_interface.lan3.network_interface_id + depends_on = [ stackit_server_network_interface_attach.nic-attachment-lan1_21398 ] +} +resource "stackit_server_network_interface_attach" "nic-attachment-lan1_29" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + server_id = stackit_server.paloalto_server.server_id + network_interface_id = stackit_network_interface.lan4.network_interface_id + depends_on = [ stackit_server_network_interface_attach.nic-attachment-lan1_2978 ] +} +resource "stackit_server_network_interface_attach" "nic-attachment-lan1_28" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + server_id = stackit_server.paloalto_server.server_id + network_interface_id = stackit_network_interface.lan5.network_interface_id + depends_on = [ stackit_server_network_interface_attach.nic-attachment-lan1_29 ] +} +resource "stackit_server_network_interface_attach" "nic-attachment-lan1_27" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + server_id = stackit_server.paloalto_server.server_id + network_interface_id = stackit_network_interface.lan6.network_interface_id + depends_on = [ stackit_server_network_interface_attach.nic-attachment-lan1_28 ] +} +resource "stackit_server_network_interface_attach" "nic-attachment-lan1_26" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + server_id = stackit_server.paloalto_server.server_id + network_interface_id = stackit_network_interface.lan7.network_interface_id + depends_on = [ stackit_server_network_interface_attach.nic-attachment-lan1_27 ] +} +resource "stackit_server_network_interface_attach" "nic-attachment-lan1_25" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + server_id = stackit_server.paloalto_server.server_id + network_interface_id = stackit_network_interface.lan8.network_interface_id + depends_on = [ stackit_server_network_interface_attach.nic-attachment-lan1_26 ] +} +resource "stackit_server_network_interface_attach" "nic-attachment-lan1_24" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + server_id = stackit_server.paloalto_server.server_id + network_interface_id = stackit_network_interface.lan9.network_interface_id + depends_on = [ stackit_server_network_interface_attach.nic-attachment-lan1_25 ] +} +resource "stackit_server_network_interface_attach" "nic-attachment-lan1_32" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + server_id = stackit_server.paloalto_server.server_id + network_interface_id = stackit_network_interface.lan10.network_interface_id + depends_on = [ stackit_server_network_interface_attach.nic-attachment-lan1_24 ] +} +resource "stackit_server_network_interface_attach" "nic-attachment-lan1_22" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + server_id = stackit_server.paloalto_server.server_id + network_interface_id = stackit_network_interface.lan11.network_interface_id + depends_on = [ stackit_server_network_interface_attach.nic-attachment-lan1_32 ] +} +resource "stackit_server_network_interface_attach" "nic-attachment-lan1_200" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + server_id = stackit_server.paloalto_server.server_id + network_interface_id = stackit_network_interface.lan_mgmt.network_interface_id + depends_on = [ stackit_server_network_interface_attach.nic-attachment-lan1_22 ] +} + +resource "stackit_server_network_interface_attach" "nic-attachment-60" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + server_id = stackit_server.paloalto_server_2.server_id + network_interface_id = stackit_network_interface.lan_2.network_interface_id + depends_on = [ stackit_server_network_interface_attach.nic-attachment-lan1_200 ] +} + +resource "stackit_server_network_interface_attach" "nic-attachment-lan61" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + server_id = stackit_server.paloalto_server_2.server_id + network_interface_id = stackit_network_interface.lan1_2.network_interface_id + depends_on = [ stackit_server_network_interface_attach.nic-attachment-60 ] +} +resource "stackit_server_network_interface_attach" "nic-attachment-lan62" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + server_id = stackit_server.paloalto_server_2.server_id + network_interface_id = stackit_network_interface.lan2_2.network_interface_id + depends_on = [ stackit_server_network_interface_attach.nic-attachment-lan61 ] +} +resource "stackit_server_network_interface_attach" "nic-attachment-lan63" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + server_id = stackit_server.paloalto_server_2.server_id + network_interface_id = stackit_network_interface.lan3_2.network_interface_id + depends_on = [ stackit_server_network_interface_attach.nic-attachment-lan62 ] +} +resource "stackit_server_network_interface_attach" "nic-attachment-lan83" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + server_id = stackit_server.paloalto_server_2.server_id + network_interface_id = stackit_network_interface.lan4_2.network_interface_id + depends_on = [ stackit_server_network_interface_attach.nic-attachment-lan63 ] +} +resource "stackit_server_network_interface_attach" "nic-attachment-lan91" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + server_id = stackit_server.paloalto_server_2.server_id + network_interface_id = stackit_network_interface.lan5_2.network_interface_id + depends_on = [ stackit_server_network_interface_attach.nic-attachment-lan83 ] +} +resource "stackit_server_network_interface_attach" "nic-attachment-lan98" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + server_id = stackit_server.paloalto_server_2.server_id + network_interface_id = stackit_network_interface.lan6_2.network_interface_id + depends_on = [ stackit_server_network_interface_attach.nic-attachment-lan91 ] +} +resource "stackit_server_network_interface_attach" "nic-attachment-lan78" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + server_id = stackit_server.paloalto_server_2.server_id + network_interface_id = stackit_network_interface.lan7_2.network_interface_id + depends_on = [ stackit_server_network_interface_attach.nic-attachment-lan98 ] +} +resource "stackit_server_network_interface_attach" "nic-attachment-lan66" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + server_id = stackit_server.paloalto_server_2.server_id + network_interface_id = stackit_network_interface.lan8_2.network_interface_id + depends_on = [ stackit_server_network_interface_attach.nic-attachment-lan78 ] +} +resource "stackit_server_network_interface_attach" "nic-attachment-lan17" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + server_id = stackit_server.paloalto_server_2.server_id + network_interface_id = stackit_network_interface.lan9_2.network_interface_id + depends_on = [ stackit_server_network_interface_attach.nic-attachment-lan66 ] +} +resource "stackit_server_network_interface_attach" "nic-attachment-lan19" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + server_id = stackit_server.paloalto_server_2.server_id + network_interface_id = stackit_network_interface.lan10_2.network_interface_id + depends_on = [ stackit_server_network_interface_attach.nic-attachment-lan17 ] +} +resource "stackit_server_network_interface_attach" "nic-attachment-lan71" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + server_id = stackit_server.paloalto_server_2.server_id + network_interface_id = stackit_network_interface.lan11_2.network_interface_id + depends_on = [ stackit_server_network_interface_attach.nic-attachment-lan19 ] +} +resource "stackit_server_network_interface_attach" "nic-attachment-lan100" { + project_id = "ed2f4ab0-5f50-4860-9942-4773cf0bc34a" + server_id = stackit_server.paloalto_server_2.server_id + network_interface_id = stackit_network_interface.lan_mgmt_2.network_interface_id + depends_on = [ stackit_server_network_interface_attach.nic-attachment-lan71 ] +} diff --git a/project/00-provider.tf b/project/00-provider.tf new file mode 100644 index 0000000..c4d763b --- /dev/null +++ b/project/00-provider.tf @@ -0,0 +1,18 @@ + +terraform { + required_providers { + stackit = { + source = "stackitcloud/stackit" + version = ">=0.50.0" + } + } +} + +# Authentication +# Key flow (using path) + +provider "stackit" { + default_region = var.default_region + service_account_key_path = var.service_account_key_path + enable_beta_resources = true +} diff --git a/project/01-sna.tf b/project/01-sna.tf new file mode 100644 index 0000000..86e96c8 --- /dev/null +++ b/project/01-sna.tf @@ -0,0 +1,15 @@ +resource "time_sleep" "wait_before_destroy" { + destroy_duration = "10s" +} + +resource "stackit_network_area" "sna" { + organization_id = var.organization_id + name = "connectivity" + network_ranges = [ + { + prefix = "10.0.0.0/8" + } + ] + transfer_network = "192.168.254.0/24" + depends_on = [time_sleep.wait_before_destroy] +} diff --git a/project/02-project.tf b/project/02-project.tf new file mode 100644 index 0000000..4341837 --- /dev/null +++ b/project/02-project.tf @@ -0,0 +1,21 @@ +resource "stackit_resourcemanager_project" "hmnuix" { + parent_container_id = var.organization_id + name = "connectivity" + owner_email = "michael.sodan@stackit.cloud" + labels = { + "networkArea" = stackit_network_area.sna.network_area_id + } +} + +data "stackit_resourcemanager_project" "hmnuix" { + project_id = stackit_resourcemanager_project.hmnuix.project_id + container_id = stackit_resourcemanager_project.hmnuix.container_id +} + +output "project_info" { + value = { + project_id = data.stackit_resourcemanager_project.hmnuix.project_id + container_id = data.stackit_resourcemanager_project.hmnuix.container_id + } +} + diff --git a/project/99-variables.tf b/project/99-variables.tf new file mode 100644 index 0000000..914f292 --- /dev/null +++ b/project/99-variables.tf @@ -0,0 +1,35 @@ +# -- network variables +variable "organization_id" { + default = "f11f166b-ecd8-4a73-8022-208700ad5aec" +} + +variable "service_account_key_path" { + default = "../key.json" +} + +variable "default_region" { + default ="eu01" +} + +variable "region_az1" { + default = "eu01-1" +} + +variable "region_az2" { + default = "eu01-2" +} + +variable "region_az3" { + default = "eu01-3" +} + +variable "region_metro" { + default = "eu01-m" +} + +variable "flavor" { + type = string + description = "" + default = "c1.2" +} +