add compute instances, static ip
This commit is contained in:
		| @ -1,5 +1,66 @@ | |||||||
| resource "tls_private_key" "ssh_key" { | resource "tls_private_key" "compute_ssh_key" { | ||||||
|   count = var.compute_ssh_key == null ? 1 : 0 |   count = var.supplied_compute_ssh_public_key == null ? 1 : 0 | ||||||
|  |  | ||||||
|   algorithm = var.created_ssh_key_algorithm |   algorithm = var.created_compute_ssh_key_algorithm | ||||||
|  | } | ||||||
|  |  | ||||||
|  | resource "oci_core_instance" "compute" { | ||||||
|  |   for_each = local.compute_for_each_value | ||||||
|  |  | ||||||
|  |   compartment_id      = oci_identity_compartment.compartment.id | ||||||
|  |   availability_domain = local.compute_availability_domains[each.value.key][0] | ||||||
|  |   display_name        = join("", [var.prefix, each.value.key, each.value.index]) | ||||||
|  |   shape               = local.compute_shapes[each.value.key] | ||||||
|  |   dynamic "shape_config" { | ||||||
|  |     for_each = each.value.key == "flex" ? [1] : [] | ||||||
|  |     content { | ||||||
|  |       memory_in_gbs = 24 | ||||||
|  |       ocpus         = 4 | ||||||
|  |     } | ||||||
|  |   } | ||||||
|  |   create_vnic_details { | ||||||
|  |     assign_ipv6ip  = var.enable_ipv6 | ||||||
|  |     display_name   = join("", [var.prefix, each.value.key, each.value.index]) | ||||||
|  |     hostname_label = join("", [local.compute_dns_labels[each.value.key], each.value.index]) | ||||||
|  |     subnet_id      = oci_core_subnet.public.id | ||||||
|  |     nsg_ids        = [oci_core_network_security_group.default.id] | ||||||
|  |     freeform_tags  = merge(local.freeform_tags, { type = each.value.key }) | ||||||
|  |   } | ||||||
|  |   is_pv_encryption_in_transit_enabled = true # only used on creation | ||||||
|  |   launch_options { | ||||||
|  |     is_pv_encryption_in_transit_enabled = true # only used on update | ||||||
|  |     is_consistent_volume_naming_enabled = true | ||||||
|  |     network_type                        = "PARAVIRTUALIZED" | ||||||
|  |   } | ||||||
|  |   source_details { | ||||||
|  |     source_type                     = "image" | ||||||
|  |     source_id                       = data.oci_core_images.selected[each.value.key].images[0].id | ||||||
|  |     boot_volume_size_in_gbs         = each.value.key == "flex" ? 100 : 50 | ||||||
|  |     boot_volume_vpus_per_gb         = 120 | ||||||
|  |     is_preserve_boot_volume_enabled = false | ||||||
|  |   } | ||||||
|  |   metadata = { | ||||||
|  |     ssh_authorized_keys = local.compute_ssh_key | ||||||
|  |     user_data           = try(file("${path.module}/files/user_data.${each.value.key}.sh"), null) | ||||||
|  |   } | ||||||
|  |   availability_config { | ||||||
|  |     is_live_migration_preferred = true | ||||||
|  |     recovery_action             = "RESTORE_INSTANCE" | ||||||
|  |   } | ||||||
|  |   freeform_tags = merge(local.freeform_tags, { type = each.value.key }) | ||||||
|  |  | ||||||
|  |   lifecycle { | ||||||
|  |     ignore_changes = [ | ||||||
|  |       # don't replace running instances when latest available image changes | ||||||
|  |       source_details.0.source_id | ||||||
|  |     ] | ||||||
|  |   } | ||||||
|  | } | ||||||
|  |  | ||||||
|  | resource "oci_core_public_ip" "static" { | ||||||
|  |   count          = var.create_static_ip ? 1 : 0 | ||||||
|  |   compartment_id = oci_identity_compartment.compartment.id | ||||||
|  |   lifetime       = "RESERVED" | ||||||
|  |   display_name   = join("", [var.prefix, "static-ip"]) | ||||||
|  |   # private_ip_id = var.attach_static_ip_to_flex ? data.oci_core_private_ips.flex.private_ips[0].id : null | ||||||
| } | } | ||||||
|  | |||||||
							
								
								
									
										34
									
								
								oci.data.tf
									
									
									
									
									
								
							
							
						
						
									
										34
									
								
								oci.data.tf
									
									
									
									
									
								
							| @ -1,3 +1,37 @@ | |||||||
| data "oci_identity_tenancy" "tenancy" { | data "oci_identity_tenancy" "tenancy" { | ||||||
|   tenancy_id = var.tenancy_id |   tenancy_id = var.tenancy_id | ||||||
| } | } | ||||||
|  |  | ||||||
|  | data "oci_identity_availability_domains" "available" { | ||||||
|  |   compartment_id = oci_identity_compartment.compartment.id | ||||||
|  | } | ||||||
|  |  | ||||||
|  | data "oci_core_shapes" "available" { | ||||||
|  |   for_each = { | ||||||
|  |     for item in data.oci_identity_availability_domains.available.availability_domains : | ||||||
|  |     item.name => item | ||||||
|  |   } | ||||||
|  |  | ||||||
|  |   availability_domain = each.key | ||||||
|  |   compartment_id      = oci_identity_compartment.compartment.id | ||||||
|  | } | ||||||
|  |  | ||||||
|  | data "oci_core_images" "selected" { | ||||||
|  |   for_each         = try(local.compute_shapes, {}) | ||||||
|  |   compartment_id   = oci_identity_compartment.compartment.id | ||||||
|  |   operating_system = "Canonical Ubuntu" | ||||||
|  |   shape            = each.value | ||||||
|  |   state            = "available" | ||||||
|  |   filter { | ||||||
|  |     name   = "display_name" | ||||||
|  |     values = ["^Canonical-Ubuntu-\\d{1,2}\\.\\d{1,2}-(aarch64-)?[\\.0-9-]+$"] | ||||||
|  |     regex  = true | ||||||
|  |   } | ||||||
|  | } | ||||||
|  |  | ||||||
|  | # data "oci_core_private_ips" "flex" { | ||||||
|  | #   count = (var.create_static_ip && var.attach_static_ip_to_flex) ? 1 : 0 | ||||||
|  | # | ||||||
|  | #   ip_address = oci_core_instance.compute["flex_1"].private_ip | ||||||
|  | #   subnet_id  = oci_core_subnet.public.id | ||||||
|  | # } | ||||||
|  | |||||||
| @ -5,7 +5,48 @@ locals { | |||||||
|     "iac/source"    = var.iac_project_source |     "iac/source"    = var.iac_project_source | ||||||
|     "iac/component" = var.iac_project_name |     "iac/component" = var.iac_project_name | ||||||
|   } |   } | ||||||
|   # vcn dns label must be only alphanumeric and max 15 chars |   # dns label must be only alphanumeric and max 15 chars | ||||||
|   vcn_dns_label = substr(replace(join("", [var.prefix, "vcn"]), "/(?i)[^0-9a-z]/", ""), 0, 15) |   vcn_dns_label = substr(replace(join("", [var.prefix, "vcn"]), "/(?i)[^0-9a-z]/", ""), 0, 15) | ||||||
|   compute_ssh_key = coalesce(var.compute_ssh_key, trimspace(tls_private_key.ssh_key[0].public_key_openssh)) |   compute_dns_labels = { | ||||||
|  |     # reduce 1 from max length because an index suffix gets added later | ||||||
|  |     micro = substr(replace(join("", [var.prefix, "micro"]), "/(?i)[^0-9a-z]/", ""), 0, 14) | ||||||
|  |     flex  = substr(replace(join("", [var.prefix, "flex"]), "/(?i)[^0-9a-z]/", ""), 0, 14) | ||||||
|  |   } | ||||||
|  |   compute_ssh_key = coalesce( | ||||||
|  |     var.supplied_compute_ssh_public_key, | ||||||
|  |     trimspace(tls_private_key.compute_ssh_key[0].public_key_openssh) | ||||||
|  |   ) | ||||||
|  |  | ||||||
|  |   compute_shapes = { | ||||||
|  |     micro = "VM.Standard.E2.1.Micro" | ||||||
|  |     flex  = "VM.Standard.A1.Flex" | ||||||
|  |   } | ||||||
|  |  | ||||||
|  |   compute_counts = { | ||||||
|  |     micro = var.create_instances.micro ? 2 : 0 | ||||||
|  |     flex  = var.create_instances.flex ? 1 : 0 | ||||||
|  |   } | ||||||
|  |  | ||||||
|  |   compute_availability_domains = { | ||||||
|  |     micro = !var.create_instances.micro ? [] : [ | ||||||
|  |       for domain, value in data.oci_core_shapes.available : | ||||||
|  |       domain if contains(value.shapes.*.name, local.compute_shapes.micro) | ||||||
|  |     ] | ||||||
|  |     flex = !var.create_instances.flex ? [] : [ | ||||||
|  |       for domain, value in data.oci_core_shapes.available : | ||||||
|  |       domain if contains(value.shapes.*.name, local.compute_shapes.flex) | ||||||
|  |     ] | ||||||
|  |   } | ||||||
|  |  | ||||||
|  |   # { micro_1 = micro, micro_2 = micro, flex_1 = flex } | ||||||
|  |   compute_for_each_value = { | ||||||
|  |     for item in toset(flatten([ | ||||||
|  |       for shape in keys(local.compute_shapes) : [ | ||||||
|  |         for n in range(local.compute_counts[shape]) : "${shape}_${n + 1}" | ||||||
|  |     ]])) : | ||||||
|  |     item => { | ||||||
|  |       key   = split("_", item)[0] | ||||||
|  |       index = split("_", item)[1] | ||||||
|  |     } | ||||||
|  |   } | ||||||
| } | } | ||||||
|  | |||||||
| @ -89,6 +89,26 @@ output "ssh_key_public" { | |||||||
|  |  | ||||||
| output "ssh_key_private" { | output "ssh_key_private" { | ||||||
|   description = "The created SSH private key for the compute instances" |   description = "The created SSH private key for the compute instances" | ||||||
|   value       = try(tls_private_key.ssh_key[0].private_key_pem, null) |   value       = try(trimspace(tls_private_key.compute_ssh_key[0].private_key_pem), null) | ||||||
|   sensitive   = true |   sensitive   = true | ||||||
| } | } | ||||||
|  |  | ||||||
|  | output "reserved_ip" { | ||||||
|  |   description = "The reserved public IP address" | ||||||
|  |   value       = oci_core_public_ip.static[0].ip_address | ||||||
|  | } | ||||||
|  |  | ||||||
|  | output "instance_ips" { | ||||||
|  |   description = "The public IP addresses of the instances" | ||||||
|  |   value       = { for k, v in oci_core_instance.compute : k => v.public_ip } | ||||||
|  | } | ||||||
|  |  | ||||||
|  | output "instance_availability_domains" { | ||||||
|  |   description = "The availability domains of the instances" | ||||||
|  |   value       = { for k, v in oci_core_instance.compute : k => v.availability_domain } | ||||||
|  | } | ||||||
|  |  | ||||||
|  | output "instance_selected_images" { | ||||||
|  |   description = "The selected images for each instance shape" | ||||||
|  |   value       = { for k, v in data.oci_core_images.selected : k => v.images[0].display_name } | ||||||
|  | } | ||||||
|  | |||||||
| @ -81,13 +81,13 @@ variable "use_vault" { | |||||||
|   } |   } | ||||||
| } | } | ||||||
|  |  | ||||||
| variable "compute_ssh_key" { | variable "supplied_compute_ssh_public_key" { | ||||||
|   description = "A pre-created public SSH key for the compute instances" |   description = "A pre-created public SSH key for the compute instances" | ||||||
|   type        = string |   type        = string | ||||||
|   default     = null |   default     = null | ||||||
| } | } | ||||||
|  |  | ||||||
| variable "created_ssh_key_algorithm" { | variable "created_compute_ssh_key_algorithm" { | ||||||
|   description = "The algorithm for the created SSH key if no key is provided" |   description = "The algorithm for the created SSH key if no key is provided" | ||||||
|   type        = string |   type        = string | ||||||
|   default     = "ED25519" |   default     = "ED25519" | ||||||
|  | |||||||
		Reference in New Issue
	
	Block a user