feat(tofy): adding first version of the tofu module
This commit is contained in:
parent
454eef7085
commit
1e85cf81ea
@ -2,8 +2,11 @@
|
|||||||
|
|
||||||
source ./credentials
|
source ./credentials
|
||||||
|
|
||||||
refresh_token=$(curl -X POST -H "Content-Type: application/json" -d "{\"username\":\"${username}\", \"password\":\"${password}\"}" 127.0.0.1:8080/login | jq -r .refresh_token)
|
API_PORT=${API_PORT:-8080}
|
||||||
|
|
||||||
|
|
||||||
|
refresh_token=$(curl -X POST -H "Content-Type: application/json" -d "{\"username\":\"${username}\", \"password\":\"${password}\"}" 127.0.0.1:${API_PORT}/login | jq -r .refresh_token)
|
||||||
echo refresh_token: $refresh_token
|
echo refresh_token: $refresh_token
|
||||||
|
|
||||||
token=$(curl -X POST -H "Content-Type: application/json" -d "{\"refresh_token\":\"${refresh_token}\"}" 127.0.0.1:8080/perform-login | jq -r .token)
|
token=$(curl -X POST -H "Content-Type: application/json" -d "{\"refresh_token\":\"${refresh_token}\"}" 127.0.0.1:${API_PORT}/perform-login | jq -r .token)
|
||||||
echo token: $token
|
echo token: $token
|
||||||
|
80
tofu/README.md
Normal file
80
tofu/README.md
Normal file
@ -0,0 +1,80 @@
|
|||||||
|
# How to use pycloud tofu module
|
||||||
|
|
||||||
|
## Step 1
|
||||||
|
|
||||||
|
Create a file named "main.tf" with this basic content :
|
||||||
|
```
|
||||||
|
module "deployment" {
|
||||||
|
source = "./modules/pycloud"
|
||||||
|
|
||||||
|
vra_url = var.vra_url
|
||||||
|
vra_refresh_token = var.vra_refresh_token
|
||||||
|
vra_insecure_ssl = true
|
||||||
|
|
||||||
|
deployments = local.deployments
|
||||||
|
}
|
||||||
|
```
|
||||||
|
Create a file for your "deployments" named as you like deployments.tf for example
|
||||||
|
```
|
||||||
|
locals {
|
||||||
|
deployments = {}
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
## Step 2
|
||||||
|
|
||||||
|
Get a refresh token from VRA (your problem not mine).
|
||||||
|
Or if you are lazy, use pytofu ;)
|
||||||
|
|
||||||
|
## Step 3
|
||||||
|
|
||||||
|
Test your tofu, with pytofu we are lazy
|
||||||
|
|
||||||
|
```
|
||||||
|
$ pytofu -a https://vra-ng-ppd.iaas.in.cloe.education.gouv.fr plan
|
||||||
|
|
||||||
|
```
|
||||||
|
|
||||||
|
## Step 4
|
||||||
|
|
||||||
|
Add some deployments to the deployments.tf file, like ... MonoVM-DEV
|
||||||
|
|
||||||
|
```
|
||||||
|
module "deployment" {
|
||||||
|
source = "./modules/pycloud"
|
||||||
|
|
||||||
|
vra_url = var.vra_url
|
||||||
|
vra_refresh_token = var.vra_refresh_token
|
||||||
|
vra_insecure_ssl = true
|
||||||
|
|
||||||
|
deployments = {
|
||||||
|
"test-pc-vf" = {
|
||||||
|
name = "test-pc-vf"
|
||||||
|
description = "test deployment"
|
||||||
|
catalog_item_name = "MonoVM-Dev"
|
||||||
|
project_name = "GRP-CLOE-TSS-DEV"
|
||||||
|
|
||||||
|
inputs = {
|
||||||
|
MonoVM_cpu = 2
|
||||||
|
MonoVM_memory = 2048
|
||||||
|
MonoVM_securityTag = "DEV-TIER-APP"
|
||||||
|
MonoVM_service = "app"
|
||||||
|
MonoVM_disks = jsonencode([
|
||||||
|
{
|
||||||
|
mountpoint = "/toto",
|
||||||
|
size = 10
|
||||||
|
},
|
||||||
|
{
|
||||||
|
mountpoint = "/titi",
|
||||||
|
size = 20
|
||||||
|
}
|
||||||
|
])
|
||||||
|
MonoVM_image = "DEB10X"
|
||||||
|
MonoVM_instances = 1
|
||||||
|
MonoVM_startOrder = "1"
|
||||||
|
leaseDays = "1"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
```
|
64
tofu/deployments.tf
Normal file
64
tofu/deployments.tf
Normal file
@ -0,0 +1,64 @@
|
|||||||
|
locals {
|
||||||
|
deployments = {
|
||||||
|
"test-pc-vf" = {
|
||||||
|
name = "test-pc-vf"
|
||||||
|
description = "test deployment"
|
||||||
|
catalog_item_name = "MonoVM-Dev"
|
||||||
|
project_name = "GRP-CLOE-TSS-DEV"
|
||||||
|
|
||||||
|
inputs = {
|
||||||
|
MonoVM_cpu = 2
|
||||||
|
MonoVM_memory = 2048
|
||||||
|
MonoVM_securityTag = "DEV-TIER-APP"
|
||||||
|
MonoVM_service = "app"
|
||||||
|
MonoVM_disks = jsonencode([
|
||||||
|
{
|
||||||
|
mountpoint = "/toto",
|
||||||
|
size = 10
|
||||||
|
},
|
||||||
|
{
|
||||||
|
mountpoint = "/titi",
|
||||||
|
size = 20
|
||||||
|
}
|
||||||
|
])
|
||||||
|
MonoVM_image = "DEB10X"
|
||||||
|
MonoVM_instances = 1
|
||||||
|
MonoVM_startOrder = "1"
|
||||||
|
leaseDays = "1"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"test-pc-vf-3-tiers" = {
|
||||||
|
name = "test-pc-vf-3-tiers"
|
||||||
|
description = "test 3 tiers Dev"
|
||||||
|
catalog_item_name = "3-tiers-Dev"
|
||||||
|
project_name = "GRP-CLOE-TST-DEV"
|
||||||
|
|
||||||
|
inputs = {
|
||||||
|
leaseDays = "1"
|
||||||
|
DB_service = "db2"
|
||||||
|
DB_disks = jsonencode([
|
||||||
|
{
|
||||||
|
mountpoint = "/toto",
|
||||||
|
size = 50
|
||||||
|
}
|
||||||
|
])
|
||||||
|
WEB_service = "web"
|
||||||
|
WEB_ansibleJob = ""
|
||||||
|
WEB_disks = jsonencode([
|
||||||
|
{
|
||||||
|
mountpoint = "/toto",
|
||||||
|
size = 50
|
||||||
|
}
|
||||||
|
])
|
||||||
|
APP_service = "app"
|
||||||
|
APP_disks = jsonencode([
|
||||||
|
{
|
||||||
|
mountpoint = "/toto",
|
||||||
|
size = 50
|
||||||
|
}
|
||||||
|
])
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
17
tofu/main.tf
Normal file
17
tofu/main.tf
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
variable "vra_url" {
|
||||||
|
type = string
|
||||||
|
}
|
||||||
|
variable "vra_refresh_token" {
|
||||||
|
type = string
|
||||||
|
sensitive = true
|
||||||
|
}
|
||||||
|
|
||||||
|
module "deployment" {
|
||||||
|
source = "./modules/pycloud"
|
||||||
|
|
||||||
|
vra_url = var.vra_url
|
||||||
|
vra_refresh_token = var.vra_refresh_token
|
||||||
|
vra_insecure_ssl = true
|
||||||
|
|
||||||
|
deployments = local.deployments
|
||||||
|
}
|
30
tofu/modules/pycloud/main.tf
Normal file
30
tofu/modules/pycloud/main.tf
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
data "vra_project" "projects" {
|
||||||
|
for_each = { for deployment in var.deployments : deployment.project_name => deployment }
|
||||||
|
name = each.key
|
||||||
|
}
|
||||||
|
|
||||||
|
data "vra_catalog_item" "catalog" {
|
||||||
|
for_each = { for deployment in var.deployments : deployment.catalog_item_name => deployment }
|
||||||
|
|
||||||
|
name = each.key
|
||||||
|
expand_versions = true
|
||||||
|
expand_projects = true
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "vra_deployment" "deployments" {
|
||||||
|
for_each = var.deployments
|
||||||
|
name = each.value.name
|
||||||
|
description = each.value.description
|
||||||
|
|
||||||
|
catalog_item_id = data.vra_catalog_item.catalog[each.value.catalog_item_name].id
|
||||||
|
catalog_item_version = data.vra_catalog_item.catalog[each.value.catalog_item_name].versions.*.id[0]
|
||||||
|
project_id = data.vra_project.projects[each.value.project_name].id
|
||||||
|
|
||||||
|
inputs = each.value.inputs
|
||||||
|
|
||||||
|
timeouts {
|
||||||
|
create = var.create_timeout
|
||||||
|
delete = var.delete_timeout
|
||||||
|
update = var.update_timeout
|
||||||
|
}
|
||||||
|
}
|
14
tofu/modules/pycloud/output.tf
Normal file
14
tofu/modules/pycloud/output.tf
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
output "catalog" {
|
||||||
|
description = "debug"
|
||||||
|
value = data.vra_catalog_item.catalog
|
||||||
|
}
|
||||||
|
|
||||||
|
output "deployments" {
|
||||||
|
description = "debug2"
|
||||||
|
value = resource.vra_deployment.deployments
|
||||||
|
}
|
||||||
|
|
||||||
|
output "projects" {
|
||||||
|
description = "test"
|
||||||
|
value = data.vra_project.projects
|
||||||
|
}
|
14
tofu/modules/pycloud/providers.tf
Normal file
14
tofu/modules/pycloud/providers.tf
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
terraform {
|
||||||
|
required_providers {
|
||||||
|
vra = {
|
||||||
|
source = "vmware/vra"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
required_version = ">= 0.13"
|
||||||
|
}
|
||||||
|
|
||||||
|
provider "vra" {
|
||||||
|
url = var.vra_url
|
||||||
|
refresh_token = var.vra_refresh_token
|
||||||
|
insecure = var.vra_insecure_ssl
|
||||||
|
}
|
48
tofu/modules/pycloud/variables.tf
Normal file
48
tofu/modules/pycloud/variables.tf
Normal file
@ -0,0 +1,48 @@
|
|||||||
|
variable "vra_url" {
|
||||||
|
description = "VRA Service URL"
|
||||||
|
type = string
|
||||||
|
default = ""
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "vra_refresh_token" {
|
||||||
|
description = "VRA user refresh token"
|
||||||
|
type = string
|
||||||
|
sensitive = true
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "vra_insecure_ssl" {
|
||||||
|
description = "Validate VRA servie SSL Certificate"
|
||||||
|
type = bool
|
||||||
|
default = false
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "create_timeout" {
|
||||||
|
description = "Creation timeout"
|
||||||
|
type = string
|
||||||
|
default = "30m"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "delete_timeout" {
|
||||||
|
description = "Delete timeout"
|
||||||
|
type = string
|
||||||
|
default = "30m"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "update_timeout" {
|
||||||
|
description = "Update timeout"
|
||||||
|
type = string
|
||||||
|
default = "30m"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "deployments" {
|
||||||
|
description = "Definition of what the user need to deploy"
|
||||||
|
type = map(object({
|
||||||
|
name = string
|
||||||
|
description = string
|
||||||
|
|
||||||
|
catalog_item_name = string
|
||||||
|
project_name = string
|
||||||
|
|
||||||
|
inputs = map(string)
|
||||||
|
}))
|
||||||
|
}
|
81
tofu/pytofu
Executable file
81
tofu/pytofu
Executable file
@ -0,0 +1,81 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
refresh_token=""
|
||||||
|
service_url=""
|
||||||
|
username=""
|
||||||
|
password=""
|
||||||
|
TOKENRC="${HOME}/.vratokenrc"
|
||||||
|
|
||||||
|
while getopts "h:u:p:a:" arg; do
|
||||||
|
case $arg in
|
||||||
|
h)
|
||||||
|
echo "usage"
|
||||||
|
;;
|
||||||
|
u)
|
||||||
|
username="${OPTARG}"
|
||||||
|
;;
|
||||||
|
p)
|
||||||
|
password="${OPTARG}"
|
||||||
|
;;
|
||||||
|
a)
|
||||||
|
service_url="${OPTARG}"
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
|
||||||
|
login_uri="csp/gateway/am/api/login?access_token"
|
||||||
|
|
||||||
|
if [ -f ${TOKENRC} ]; then
|
||||||
|
source ${TOKENRC}
|
||||||
|
else
|
||||||
|
if [ -z "${service_url}" ]; then
|
||||||
|
echo "Missing VRA service url, use option -a"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -z ${username} ]; then
|
||||||
|
echo -n "Username: "
|
||||||
|
read -r username
|
||||||
|
echo
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -z ${password} ]; then
|
||||||
|
echo -n "Password: "
|
||||||
|
read -s password
|
||||||
|
echo
|
||||||
|
fi
|
||||||
|
|
||||||
|
token_request=$(curl -s --insecure -X POST \
|
||||||
|
"$service_url/${login_uri}" \
|
||||||
|
-H 'Content-Type: application/json' \
|
||||||
|
-d '{
|
||||||
|
"username": "'"$username"'",
|
||||||
|
"password": "'"$password"'"
|
||||||
|
}'| jq )
|
||||||
|
|
||||||
|
refresh_token=$(echo ${token_request} | jq -r .refresh_token)
|
||||||
|
if [ ${refresh_token} = "null" ]; then
|
||||||
|
status=$(echo "${token_request}" | jq -r .status)
|
||||||
|
if [ "${status}" != "200" ];then
|
||||||
|
echo ${token_request} | jq -r .serverMessage
|
||||||
|
exit 4
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
if [ ! -f "${TOKENRC}" ]; then
|
||||||
|
echo "service_url=${service_url}" >> "${TOKENRC}"
|
||||||
|
echo "refresh_token=${refresh_token}" >> "${TOKENRC}"
|
||||||
|
chmod 600 ${TOKENRC}
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ ${?} -ne 0 ];then
|
||||||
|
echo "Error login to ${service_url} failed"
|
||||||
|
exit 3
|
||||||
|
fi
|
||||||
|
|
||||||
|
ARG1=${@:$OPTIND:1}
|
||||||
|
|
||||||
|
export TF_VAR_vra_url="${service_url}"
|
||||||
|
export TF_VAR_vra_refresh_token="${refresh_token}"
|
||||||
|
tofu ${ARG1}
|
Loading…
Reference in New Issue
Block a user