From 150c6762866000ce0806095ec01b49cf519286f9 Mon Sep 17 00:00:00 2001 From: mhoffm Date: Wed, 23 Jun 2021 20:30:30 +0200 Subject: [PATCH] add serialization and deserialization --- README.md | 14 +- ...le-cpi-release%ci%terraform%datasources.tf | 39 + ...oracle-cpi-release%ci%terraform%network.tf | 57 ++ ...-oracle-cpi-release%ci%terraform%output.tf | 95 +++ ...acle-cpi-release%ci%terraform%providers.tf | 7 + ...acle-cpi-release%ci%terraform%variables.tf | 32 + ...form-samples%EBusinessSuite%datasources.tf | 57 ++ ...l-terraform-samples%EBusinessSuite%main.tf | 186 +++++ ...ssSuite%modules%bastion%bastion.outputs.tf | 8 + ...%EBusinessSuite%modules%bastion%bastion.tf | 30 + ...inessSuite%modules%bastion%bastion.vars.tf | 38 + ...inessSuite%modules%compute%compute.data.tf | 61 ++ ...ssSuite%modules%compute%compute.outputs.tf | 16 + ...dules%compute%compute.rsync-remote-exec.tf | 61 ++ ...%EBusinessSuite%modules%compute%compute.tf | 36 + ...Suite%modules%compute%compute.variables.tf | 78 ++ ...ples%EBusinessSuite%modules%compute%fss.tf | 53 ++ ...ssSuite%modules%dbsystem%db.datasources.tf | 14 + ...inessSuite%modules%dbsystem%db.dbsystem.tf | 35 + ...nessSuite%modules%dbsystem%db.variables.tf | 70 ++ ...%EBusinessSuite%modules%loadbalancer%lb.tf | 80 +++ ...Suite%modules%loadbalancer%lb.variables.tf | 48 ++ ...modules%network%subnets%subnets.outputs.tf | 12 + ...ssSuite%modules%network%subnets%subnets.tf | 19 + ...dules%network%subnets%subnets.variables.tf | 45 ++ ...inessSuite%modules%network%vcn%vcn.data.tf | 13 + ...ssSuite%modules%network%vcn%vcn.outputs.tf | 29 + ...%EBusinessSuite%modules%network%vcn%vcn.tf | 50 ++ ...inessSuite%modules%network%vcn%vcn.vars.tf | 19 + ...erraform-samples%EBusinessSuite%outputs.tf | 16 + ...rraform-samples%EBusinessSuite%provider.tf | 20 + ...form-samples%EBusinessSuite%routetables.tf | 33 + ...rraform-samples%EBusinessSuite%seclists.tf | 175 +++++ ...rm-samples%EBusinessSuite%terraform.tfvars | 83 +++ ...raform-samples%EBusinessSuite%variables.tf | 151 ++++ ...DEdwards%global%bastion%bastion.outputs.tf | 8 + ...amples%JDEdwards%global%bastion%bastion.tf | 28 + ...dwards%global%bastion%bastion.variables.tf | 35 + ...les%JDEdwards%global%global.datasources.tf | 37 + ...rm-samples%JDEdwards%global%global.main.tf | 157 ++++ ...samples%JDEdwards%global%global.outputs.tf | 63 ++ ...amples%JDEdwards%global%global.provider.tf | 20 + ...les%JDEdwards%global%global.routetables.tf | 37 + ...mples%JDEdwards%global%global.variables.tf | 80 +++ ...s%global%network%subnets%subnets.output.tf | 11 + ...DEdwards%global%network%subnets%subnets.tf | 21 + ...lobal%network%subnets%subnets.variables.tf | 33 + ...s%JDEdwards%global%network%vcn%vcn.data.tf | 13 + ...DEdwards%global%network%vcn%vcn.outputs.tf | 54 ++ ...DEdwards%global%network%vcn%vcn.seclist.tf | 576 +++++++++++++++ ...amples%JDEdwards%global%network%vcn%vcn.tf | 50 ++ ...dwards%global%network%vcn%vcn.variables.tf | 43 ++ ...rm-samples%JDEdwards%modules%app%app.bv.tf | 47 ++ ...-samples%JDEdwards%modules%app%app.init.tf | 70 ++ ...mples%JDEdwards%modules%app%app.outputs.tf | 12 + ...aform-samples%JDEdwards%modules%app%app.tf | 29 + ...les%JDEdwards%modules%app%app.variables.tf | 58 ++ ...amples%JDEdwards%modules%db%db.dbsystem.tf | 34 + ...samples%JDEdwards%modules%db%db.outputs.tf | 8 + ...mples%JDEdwards%modules%db%db.variables.tf | 73 ++ ...s%JDEdwards%modules%dns%dns.datasources.tf | 21 + ...-samples%JDEdwards%modules%dns%dns.main.tf | 37 + ...mples%JDEdwards%modules%dns%dns.outputs.tf | 12 + ...les%JDEdwards%modules%dns%dns.variables.tf | 34 + ...s%JDEdwards%modules%lbaas%lbaas.outputs.tf | 11 + ...m-samples%JDEdwards%modules%lbaas%lbaas.tf | 99 +++ ...JDEdwards%modules%lbaas%lbaas.variables.tf | 41 ++ ...mples%JDEdwards%modules%win%win.outputs.tf | 11 + ...aform-samples%JDEdwards%modules%win%win.tf | 27 + ...les%JDEdwards%modules%win%win.variables.tf | 38 + ...mples%JDEdwards%nonpd%nonpd.datasources.tf | 48 ++ ...form-samples%JDEdwards%nonpd%nonpd.main.tf | 132 ++++ ...m-samples%JDEdwards%nonpd%nonpd.outputs.tf | 48 ++ ...-samples%JDEdwards%nonpd%nonpd.provider.tf | 20 + ...samples%JDEdwards%nonpd%nonpd.variables.tf | 137 ++++ ...orm-samples%JDEdwards%pd%pd.datasources.tf | 55 ++ ...-terraform-samples%JDEdwards%pd%pd.main.tf | 178 +++++ ...rraform-samples%JDEdwards%pd%pd.outputs.tf | 63 ++ ...raform-samples%JDEdwards%pd%pd.provider.tf | 20 + ...aform-samples%JDEdwards%pd%pd.variables.tf | 214 ++++++ ...l-terraform-samples%JDEdwards%pd%web-lb.tf | 238 +++++++ ...erraform-samples%Peoplesoft%datasources.tf | 77 ++ ...ppsul-terraform-samples%Peoplesoft%main.tf | 392 ++++++++++ ...plesoft%modules%bastion%bastion.outputs.tf | 8 + ...ples%Peoplesoft%modules%bastion%bastion.tf | 30 + ...Peoplesoft%modules%bastion%bastion.vars.tf | 35 + ...oft%modules%compute%compute.blockvolume.tf | 46 ++ ...oft%modules%compute%compute.datasources.tf | 10 + ...plesoft%modules%compute%compute.outputs.tf | 21 + ...oft%modules%compute%compute.remote-exec.tf | 54 ++ ...ples%Peoplesoft%modules%compute%compute.tf | 35 + ...esoft%modules%compute%compute.variables.tf | 59 ++ ...plesoft%modules%dbsystem%db.datasources.tf | 14 + ...Peoplesoft%modules%dbsystem%db.dbsystem.tf | 34 + ...eoplesoft%modules%dbsystem%db.variables.tf | 70 ++ ...%Peoplesoft%modules%filesystem%fss.data.tf | 40 ++ ...oplesoft%modules%filesystem%fss.outputs.tf | 19 + ...mples%Peoplesoft%modules%filesystem%fss.tf | 49 ++ ...%Peoplesoft%modules%filesystem%fss.vars.tf | 29 + ...ples%Peoplesoft%modules%loadbalancer%lb.tf | 74 ++ ...Peoplesoft%modules%loadbalancer%lb.vars.tf | 38 + ...%modules%network%subnets%subnets.output.tf | 12 + ...plesoft%modules%network%subnets%subnets.tf | 18 + ...ft%modules%network%subnets%subnets.vars.tf | 42 ++ ...Peoplesoft%modules%network%vcn%vcn.data.tf | 13 + ...plesoft%modules%network%vcn%vcn.outputs.tf | 29 + ...ples%Peoplesoft%modules%network%vcn%vcn.tf | 47 ++ ...Peoplesoft%modules%network%vcn%vcn.vars.tf | 15 + ...ul-terraform-samples%Peoplesoft%outputs.tf | 33 + ...l-terraform-samples%Peoplesoft%provider.tf | 21 + ...erraform-samples%Peoplesoft%routetables.tf | 34 + ...ul-terraform-samples%Peoplesoft%seclist.tf | 297 ++++++++ ...raform-samples%Peoplesoft%terraform.tfvars | 119 ++++ ...-terraform-samples%Peoplesoft%variables.tf | 205 ++++++ ...terraform-samples%SiebelCRM%datasources.tf | 76 ++ ...aform-samples%SiebelCRM%fss-remote-exec.tf | 50 ++ ...appsul-terraform-samples%SiebelCRM%main.tf | 271 +++++++ ...ebelCRM%modules%bastion%bastion.outputs.tf | 8 + ...mples%SiebelCRM%modules%bastion%bastion.tf | 29 + ...%SiebelCRM%modules%bastion%bastion.vars.tf | 38 + ...CRM%modules%compute%compute.blockvolume.tf | 79 +++ ...ebelCRM%modules%compute%compute.outputs.tf | 8 + ...mples%SiebelCRM%modules%compute%compute.tf | 35 + ...elCRM%modules%compute%compute.variables.tf | 71 ++ ...ebelCRM%modules%dbsystem%db.datasources.tf | 68 ++ ...%SiebelCRM%modules%dbsystem%db.dbsystem.tf | 34 + ...SiebelCRM%modules%dbsystem%db.variables.tf | 52 ++ ...s%SiebelCRM%modules%filesystem%fss.data.tf | 38 + ...iebelCRM%modules%filesystem%fss.outputs.tf | 19 + ...amples%SiebelCRM%modules%filesystem%fss.tf | 45 ++ ...s%SiebelCRM%modules%filesystem%fss.vars.tf | 28 + ...mples%SiebelCRM%modules%loadbalancer%lb.tf | 74 ++ ...%SiebelCRM%modules%loadbalancer%lb.vars.tf | 38 + ...%modules%network%subnets%subnets.output.tf | 12 + ...ebelCRM%modules%network%subnets%subnets.tf | 19 + ...RM%modules%network%subnets%subnets.vars.tf | 45 ++ ...%SiebelCRM%modules%network%vcn%vcn.data.tf | 13 + ...ebelCRM%modules%network%vcn%vcn.outputs.tf | 27 + ...mples%SiebelCRM%modules%network%vcn%vcn.tf | 47 ++ ...%SiebelCRM%modules%network%vcn%vcn.vars.tf | 15 + ...sul-terraform-samples%SiebelCRM%outputs.tf | 24 + ...ul-terraform-samples%SiebelCRM%provider.tf | 21 + ...terraform-samples%SiebelCRM%routetables.tf | 33 + ...sul-terraform-samples%SiebelCRM%seclist.tf | 220 ++++++ ...rraform-samples%SiebelCRM%terraform.tfvars | 101 +++ ...l-terraform-samples%SiebelCRM%variables.tf | 175 +++++ ...s-vbcs-sample%terraformScript%createAll.tf | 239 +++++++ ...pDev%wls%automations%wls_image%provider.tf | 22 + ...s%automations%wls_image%stack_subscribe.tf | 140 ++++ ...wls%automations%wls_image%terraform.tfvars | 15 + ...Dev%wls%automations%wls_image%variables.tf | 67 ++ ...mations%wls_nodepool%image_subscription.tf | 86 +++ ...v%wls%automations%wls_nodepool%provider.tf | 22 + ...utomations%wls_nodepool%stack_subscribe.tf | 141 ++++ ...%automations%wls_nodepool%terraform.tfvars | 15 + ...%wls%automations%wls_nodepool%variables.tf | 67 ++ ...pDev%wls%automations%wls_stack%provider.tf | 22 + ...s%automations%wls_stack%stack_subscribe.tf | 140 ++++ ...wls%automations%wls_stack%terraform.tfvars | 10 + ...Dev%wls%automations%wls_stack%variables.tf | 67 ++ ...ive%AppDev%wls%free_tier%terraform%main.tf | 83 +++ ...AppDev%wls%free_tier%terraform%provider.tf | 11 + ...ppDev%wls%free_tier%terraform%variables.tf | 55 ++ ...ration%test_wls_docker_image-stack%main.tf | 24 + ...cker_image-stack%modules%keysgen%keygen.tf | 37 + ...ker_image-stack%modules%keysgen%outputs.tf | 7 + ...dules%wls_docker_host%clouinit-template.tf | 22 + ...e-stack%modules%wls_docker_host%compute.tf | 126 ++++ ...e-stack%modules%wls_docker_host%outputs.tf | 9 + ...stack%modules%wls_docker_host%variables.tf | 54 ++ ...ion%test_wls_docker_image-stack%outputs.tf | 43 ++ ...on%test_wls_docker_image-stack%provider.tf | 5 + ...st_wls_docker_image-stack%terraform.tfvars | 3 + ...n%test_wls_docker_image-stack%variables.tf | 83 +++ ...rraform-stack-v1.0%ad-region-datasource.tf | 18 + ...tplace%terraform-stack-v1.0%add-service.tf | 46 ++ ...-stack-v1.0%add-shard-director-wo-stdby.tf | 70 ++ ...terraform-stack-v1.0%add-shard-director.tf | 70 ++ ...ce%terraform-stack-v1.0%add-shard-group.tf | 44 ++ ...ketplace%terraform-stack-v1.0%add-shard.tf | 71 ++ ...form-stack-v1.0%add-standby-shard-group.tf | 44 ++ ...%terraform-stack-v1.0%add-standby-shard.tf | 47 ++ ...%terraform-stack-v1.0%catalog-dataguard.tf | 86 +++ ...etplace%terraform-stack-v1.0%catalog-db.tf | 84 +++ ...rraform-stack-v1.0%catalog-shard-chunks.tf | 91 +++ ...m-stack-v1.0%catalog-standby-cloud-init.tf | 62 ++ ...rm-stack-v1.0%catalog-standby-configure.tf | 92 +++ ...stack-v1.0%catalog-standby-ee-configure.tf | 47 ++ ...m-stack-v1.0%catalog-standby-tns-ingest.tf | 44 ++ ...terraform-stack-v1.0%catalog-switchover.tf | 61 ++ ...orm-stack-v1.0%catalog-tde-master-shard.tf | 33 + ...k-v1.0%catalog-tde-master-standby-shard.tf | 34 + ...tplace%terraform-stack-v1.0%catalog-tde.tf | 87 +++ ...terraform-stack-v1.0%catalog-tns-ingest.tf | 44 ++ ...marketplace%terraform-stack-v1.0%common.tf | 6 + ...place%terraform-stack-v1.0%demo-monitor.tf | 48 ++ ...form-stack-v1.0%demo-schema-datasources.tf | 14 + ...ace%terraform-stack-v1.0%deploy-invoker.tf | 51 ++ ...ketplace%terraform-stack-v1.0%dg-broker.tf | 60 ++ ...tplace%terraform-stack-v1.0%gsm-compute.tf | 43 ++ ...arketplace%terraform-stack-v1.0%network.tf | 62 ++ ...stack-v1.0%oci-marketplace-subscription.tf | 34 + ...-stack-v1.0%optional-variables.auto.tfvars | 44 ++ ...arketplace%terraform-stack-v1.0%outputs.tf | 4 + ...rketplace%terraform-stack-v1.0%provider.tf | 13 + ...orm-stack-v1.0%shard-catalog-cloud-init.tf | 70 ++ ...1.0%shard-catalog-configure-datasources.tf | 16 + ...stack-v1.0%shard-catalog-configure-main.tf | 176 +++++ ...1.0%shard-data-move-consolidator-config.tf | 53 ++ ...ce%terraform-stack-v1.0%shard-dataguard.tf | 84 +++ ...erraform-stack-v1.0%shard-db-cloud-init.tf | 71 ++ ...form-stack-v1.0%shard-db-configure-main.tf | 140 ++++ ...form-stack-v1.0%shard-db-convert-params.tf | 60 ++ ...rketplace%terraform-stack-v1.0%shard-db.tf | 83 +++ ...1.0%shard-director-aggregate-tns-config.tf | 44 ++ ...rm-stack-v1.0%shard-director-cloud-init.tf | 92 +++ ...tack-v1.0%shard-director-configure-main.tf | 45 ++ ...v1.0%shard-director-install-datasources.tf | 37 + ...-stack-v1.0%shard-director-install-main.tf | 92 +++ ...rm-stack-v1.0%shard-director-tns-ingest.tf | 46 ++ ...erraform-stack-v1.0%shard-env-configure.tf | 32 + ...aform-stack-v1.0%shard-relay-tns-config.tf | 46 ++ ...orm-stack-v1.0%shard-standby-cloud-init.tf | 63 ++ ...form-stack-v1.0%shard-standby-configure.tf | 96 +++ ...m-stack-v1.0%shard-standby-ee-configure.tf | 59 ++ ...%terraform-stack-v1.0%shard-standby-tde.tf | 87 +++ ...orm-stack-v1.0%shard-standby-tns-ingest.tf | 44 ++ ...ketplace%terraform-stack-v1.0%shard-tde.tf | 76 ++ ...e%terraform-stack-v1.0%shard-tns-ingest.tf | 44 ++ ...ketplace%terraform-stack-v1.0%variables.tf | 346 +++++++++ ...rketplace%terraform-stack-v1.0%versions.tf | 9 + ...marketplace%terraform-stack-v1.0%wallet.tf | 91 +++ ...%sdb-terraform-oci%ad-region-datasource.tf | 7 + ...terraform%sdb-terraform-oci%add-service.tf | 45 ++ ...rm%sdb-terraform-oci%add-shard-director.tf | 63 ++ ...aform%sdb-terraform-oci%add-shard-group.tf | 43 ++ ...h-terraform%sdb-terraform-oci%add-shard.tf | 45 ++ ...b-terraform-oci%add-standby-shard-group.tf | 43 ++ ...orm%sdb-terraform-oci%add-standby-shard.tf | 45 ++ ...rraform-oci%catalog-config-consolidator.tf | 24 + ...-terraform-oci%catalog-config-generator.tf | 29 + ...orm%sdb-terraform-oci%catalog-dataguard.tf | 60 ++ ...-terraform%sdb-terraform-oci%catalog-db.tf | 60 ++ ...erraform-oci%catalog-standby-cloud-init.tf | 40 ++ ...terraform-oci%catalog-standby-configure.tf | 63 ++ ...raform-oci%catalog-standby-ee-configure.tf | 54 ++ ...rm%sdb-terraform-oci%catalog-switchover.tf | 58 ++ ...erraform%sdb-terraform-oci%demo-monitor.tf | 47 ++ ...b-terraform-oci%demo-schema-datasources.tf | 14 + ...raform%sdb-terraform-oci%deploy-invoker.tf | 43 ++ ...terraform%sdb-terraform-oci%gsm-compute.tf | 34 + ...th-terraform%sdb-terraform-oci%provider.tf | 11 + ...-terraform-oci%shard-catalog-cloud-init.tf | 41 ++ ...oci%shard-catalog-configure-datasources.tf | 16 + ...raform-oci%shard-catalog-configure-main.tf | 122 ++++ ...terraform-oci%shard-config-consolidator.tf | 25 + ...db-terraform-oci%shard-config-generator.tf | 31 + ...aform%sdb-terraform-oci%shard-dataguard.tf | 52 ++ ...m%sdb-terraform-oci%shard-db-cloud-init.tf | 41 ++ ...b-terraform-oci%shard-db-configure-main.tf | 101 +++ ...th-terraform%sdb-terraform-oci%shard-db.tf | 60 ++ ...terraform-oci%shard-director-cloud-init.tf | 91 +++ ...-oci%shard-director-config-consolidator.tf | 25 + ...orm-oci%shard-director-config-generator.tf | 29 + ...aform-oci%shard-director-configure-main.tf | 45 ++ ...-oci%shard-director-install-datasources.tf | 37 + ...rraform-oci%shard-director-install-main.tf | 98 +++ ...m%sdb-terraform-oci%shard-env-configure.tf | 32 + ...-terraform-oci%shard-standby-cloud-init.tf | 41 ++ ...b-terraform-oci%shard-standby-configure.tf | 68 ++ ...erraform-oci%shard-standby-ee-configure.tf | 67 ++ ...h-terraform%sdb-terraform-oci%variables.tf | 347 +++++++++ ...th-terraform%sdb-terraform-oci%versions.tf | 6 + ...ith-terraform%sdb-terraform-onprem%main.tf | 180 +++++ ...prem%modules%sdb_demo_setup%datasources.tf | 10 + ...rem%modules%sdb_demo_setup%demo-monitor.tf | 46 ++ ...form-onprem%modules%sdb_demo_setup%main.tf | 107 +++ ...m-onprem%modules%sdb_demo_setup%outputs.tf | 6 + ...onprem%modules%sdb_demo_setup%variables.tf | 46 ++ ...m-onprem%modules%sdb_deploy%add-service.tf | 50 ++ ...orm-onprem%modules%sdb_deploy%add-shard.tf | 43 ++ ...ules%sdb_deploy%add-standby-shard-group.tf | 44 ++ ...em%modules%sdb_deploy%add-standby-shard.tf | 43 ++ ...em%modules%sdb_deploy%create-shard-exec.tf | 31 + ...-onprem%modules%sdb_deploy%create-shard.tf | 67 ++ ...es%sdb_deploy%create-standby-shard-exec.tf | 31 + ...modules%sdb_deploy%create-standby-shard.tf | 68 ++ ...m-onprem%modules%sdb_deploy%datasources.tf | 10 + ...raform-onprem%modules%sdb_deploy%deploy.tf | 43 ++ ...erraform-onprem%modules%sdb_deploy%main.tf | 42 ++ ...aform-onprem%modules%sdb_deploy%outputs.tf | 6 + ...orm-onprem%modules%sdb_deploy%variables.tf | 105 +++ ...-onprem%modules%sdb_gc%shard-catalog-gc.tf | 29 + ...modules%sdb_gc%shard-catalog-standby-gc.tf | 30 + ...onprem%modules%sdb_gc%shard-director-gc.tf | 30 + ...erraform-onprem%modules%sdb_gc%shard-gc.tf | 28 + ...-onprem%modules%sdb_gc%shard-standby-gc.tf | 28 + ...rraform-onprem%modules%sdb_gc%variables.tf | 41 ++ ...em%modules%sdb_schema_setup%datasources.tf | 18 + ...rm-onprem%modules%sdb_schema_setup%main.tf | 65 ++ ...onprem%modules%sdb_schema_setup%outputs.tf | 10 + ...prem%modules%sdb_schema_setup%variables.tf | 46 ++ ...onfigure%add-static-dg-listener-catalog.tf | 51 ++ ...onfigure%catalog-configure-with-standby.tf | 93 +++ ...sdb_shard_catalog_configure%datasources.tf | 31 + ..._configure%enable-switchover-relocation.tf | 58 ++ ...catalog_configure%enable-sys-dg-catalog.tf | 43 ++ ...odules%sdb_shard_catalog_configure%main.tf | 69 ++ ...les%sdb_shard_catalog_configure%outputs.tf | 10 + ...alog_configure%setup-data-guard-catalog.tf | 48 ++ ...s%sdb_shard_catalog_configure%variables.tf | 91 +++ ...hard_catalog_db_install%catalog-cleanup.tf | 39 + ...alog_db_install%catalog-standby-cleanup.tf | 46 ++ ...rd_catalog_db_install%create-catalog-db.tf | 662 +++++++++++++++++ ...db_shard_catalog_db_install%datasources.tf | 21 + ...atalog_db_install%install-catalog-db-sw.tf | 57 ++ ...b_install%install-catalog-standby-db-sw.tf | 107 +++ ...dules%sdb_shard_catalog_db_install%main.tf | 71 ++ ...es%sdb_shard_catalog_db_install%outputs.tf | 10 + ...%sdb_shard_catalog_db_install%variables.tf | 79 +++ ...ard_db_configure%add-static-dg-listener.tf | 53 ++ ...ules%sdb_shard_db_configure%datasources.tf | 28 + ...es%sdb_shard_db_configure%enable-sys-dg.tf | 44 ++ ...rem%modules%sdb_shard_db_configure%main.tf | 69 ++ ...%modules%sdb_shard_db_configure%outputs.tf | 10 + ...rd_db_configure%schagent-register-shard.tf | 71 ++ ...nfigure%schagent-register-standby-shard.tf | 71 ++ ...sdb_shard_db_configure%setup-data-guard.tf | 49 ++ ..._shard_db_configure%shard-env-configure.tf | 31 + ...sdb_shard_db_configure%shard-validation.tf | 51 ++ ...b_configure%standby-shard-env-configure.tf | 30 + ...odules%sdb_shard_db_configure%variables.tf | 69 ++ ...%modules%sdb_shard_db_install%create-db.tf | 670 ++++++++++++++++++ ...odules%sdb_shard_db_install%datasources.tf | 21 + ..._shard_db_install%install-db-sw-standby.tf | 124 ++++ ...ules%sdb_shard_db_install%install-db-sw.tf | 80 +++ ...nprem%modules%sdb_shard_db_install%main.tf | 72 ++ ...em%modules%sdb_shard_db_install%outputs.tf | 11 + ...%modules%sdb_shard_db_install%variables.tf | 83 +++ ...irector_configure%add-osuser-credential.tf | 44 ++ ...d_director_configure%add-shard-director.tf | 67 ++ ...db_shard_director_configure%datasources.tf | 10 + ...dules%sdb_shard_director_configure%main.tf | 44 ++ ...es%sdb_shard_director_configure%outputs.tf | 6 + ...%sdb_shard_director_configure%variables.tf | 98 +++ ...%sdb_shard_director_install%datasources.tf | 43 ++ ...modules%sdb_shard_director_install%main.tf | 101 +++ ...ules%sdb_shard_director_install%outputs.tf | 18 + ...es%sdb_shard_director_install%variables.tf | 65 ++ ...-terraform%sdb-terraform-onprem%outputs.tf | 47 ++ ...erraform%sdb-terraform-onprem%variables.tf | 156 ++++ ...loyment%common%compartments%compartment.tf | 100 +++ ...oyment%common%compartments%data_sources.tf | 31 + ...ull-deployment%common%compartments%main.tf | 23 + ...-deployment%common%compartments%outputs.tf | 26 + ...eployment%common%compartments%providers.tf | 20 + ...loyment%common%compartments%terragrunt.hcl | 6 + ...eployment%common%compartments%variables.tf | 65 ++ ...ll-deployment%common%configuration%main.tf | 12 + ...deployment%common%configuration%network.tf | 24 + ...deployment%common%configuration%outputs.tf | 14 + ...oyment%common%configuration%terragrunt.hcl | 3 + ...ployment%common%configuration%variables.tf | 17 + ...ment%management%access%bastion_instance.tf | 23 + ...ployment%management%access%data_sources.tf | 42 ++ ...%full-deployment%management%access%main.tf | 15 + ...-deployment%management%access%providers.tf | 10 + ...eployment%management%access%terragrunt.hcl | 7 + ...-deployment%management%access%variables.tf | 54 ++ ...loyment%management%network%data_sources.tf | 51 ++ ...full-deployment%management%network%main.tf | 23 + ...l-deployment%management%network%network.tf | 53 ++ ...deployment%management%network%providers.tf | 20 + ...ployment%management%network%terragrunt.hcl | 10 + ...deployment%management%network%variables.tf | 59 ++ ...nagement%server_attachment%data_sources.tf | 91 +++ ...yment%management%server_attachment%main.tf | 23 + ...er_attachment%management_rte_attachment.tf | 32 + ...%management%server_attachment%providers.tf | 10 + ...anagement%server_attachment%terragrunt.hcl | 15 + ...%management%server_attachment%variables.tf | 41 ++ ...loyment%management%servers%data_sources.tf | 60 ++ ...full-deployment%management%servers%main.tf | 24 + ...%management%servers%management_instance.tf | 27 + ...deployment%management%servers%providers.tf | 10 + ...ployment%management%servers%terragrunt.hcl | 11 + ...deployment%management%servers%variables.tf | 47 ++ ...deployment%peering%network%data_sources.tf | 51 ++ ...ent%peering%network%instance_principals.tf | 28 + ...es%full-deployment%peering%network%main.tf | 22 + ...full-deployment%peering%network%network.tf | 53 ++ ...ll-deployment%peering%network%providers.tf | 20 + ...-deployment%peering%network%terragrunt.hcl | 11 + ...ll-deployment%peering%network%variables.tf | 47 ++ ...deployment%peering%routing%data_sources.tf | 74 ++ ...es%full-deployment%peering%routing%main.tf | 18 + ...ll-deployment%peering%routing%pacemaker.tf | 58 ++ ...ll-deployment%peering%routing%providers.tf | 10 + ...oyment%peering%routing%routing_instance.tf | 75 ++ ...ployment%peering%routing%routing_routes.tf | 61 ++ ...peering%routing%routing_vnic_attachment.tf | 83 +++ ...-deployment%peering%routing%terragrunt.hcl | 13 + ...ll-deployment%peering%routing%variables.tf | 52 ++ ...-deployment%tenant%network%compartments.tf | 78 ++ ...-deployment%tenant%network%data_sources.tf | 67 ++ ...les%full-deployment%tenant%network%main.tf | 23 + ...%full-deployment%tenant%network%network.tf | 154 ++++ ...ull-deployment%tenant%network%providers.tf | 20 + ...l-deployment%tenant%network%terragrunt.hcl | 11 + ...ull-deployment%tenant%network%variables.tf | 41 ++ ...-deployment%tenant%servers%data_sources.tf | 75 ++ ...les%full-deployment%tenant%servers%main.tf | 22 + ...ull-deployment%tenant%servers%providers.tf | 10 + ...ployment%tenant%servers%tenant_instance.tf | 91 +++ ...l-deployment%tenant%servers%terragrunt.hcl | 11 + ...ull-deployment%tenant%servers%variables.tf | 47 ++ ...on%examples%full-deployment%terragrunt.hcl | 9 + ...lation%examples%network_calculator%main.tf | 32 + ...n%examples%network_calculator%variables.tf | 51 ++ ...isolation%modules%bastion_instance%main.tf | 66 ++ ...lation%modules%bastion_instance%outputs.tf | 7 + ...tion%modules%bastion_instance%variables.tf | 72 ++ ...-vcn-isolation%modules%compartment%main.tf | 25 + ...n-isolation%modules%compartment%outputs.tf | 7 + ...isolation%modules%compartment%variables.tf | 30 + ...vcn-isolation%modules%ip_route_add%main.tf | 42 ++ ...-isolation%modules%ip_route_add%outputs.tf | 6 + ...solation%modules%ip_route_add%variables.tf | 39 + ...lation%modules%management_instance%main.tf | 46 ++ ...ion%modules%management_instance%outputs.tf | 7 + ...n%modules%management_instance%variables.tf | 76 ++ ...olation%modules%management_network%main.tf | 195 +++++ ...tion%modules%management_network%outputs.tf | 32 + ...on%modules%management_network%variables.tf | 134 ++++ ...modules%management_rte_attachement%main.tf | 102 +++ ...ules%management_rte_attachement%outputs.tf | 7 + ...es%management_rte_attachement%variables.tf | 65 ++ ...olation%modules%network_calculator%main.tf | 44 ++ ...tion%modules%network_calculator%outputs.tf | 17 + ...on%modules%network_calculator%variables.tf | 51 ++ ...isolation%modules%pacemaker_config%main.tf | 34 + ...lation%modules%pacemaker_config%outputs.tf | 7 + ...tion%modules%pacemaker_config%variables.tf | 37 + ...-isolation%modules%peering_network%main.tf | 101 +++ ...olation%modules%peering_network%outputs.tf | 17 + ...ation%modules%peering_network%variables.tf | 77 ++ ...isolation%modules%routing_instance%main.tf | 53 ++ ...lation%modules%routing_instance%outputs.tf | 17 + ...tion%modules%routing_instance%variables.tf | 74 ++ ...odules%routing_instance_ha%data_sources.tf | 17 + ...lation%modules%routing_instance_ha%main.tf | 159 +++++ ...ion%modules%routing_instance_ha%outputs.tf | 35 + ...n%modules%routing_instance_ha%pacemaker.tf | 128 ++++ ...n%modules%routing_instance_ha%variables.tf | 97 +++ ...on%modules%routing_vnic_attachment%main.tf | 59 ++ ...modules%routing_vnic_attachment%outputs.tf | 7 + ...dules%routing_vnic_attachment%variables.tf | 67 ++ ...-isolation%modules%tenant_instance%main.tf | 46 ++ ...olation%modules%tenant_instance%outputs.tf | 7 + ...ation%modules%tenant_instance%variables.tf | 76 ++ ...n-isolation%modules%tenant_network%main.tf | 189 +++++ ...solation%modules%tenant_network%outputs.tf | 17 + ...lation%modules%tenant_network%variables.tf | 120 ++++ ...te-postgre-atp%terraform%atp%autonomous.tf | 35 + ...grate-postgre-atp%terraform%atp%outputs.tf | 6 + ...ate-postgre-atp%terraform%atp%variables.tf | 11 + ...stgre-atp%terraform%availability_domain.tf | 8 + ...atp%terraform%block_volume%block_volume.tf | 9 + ...tgre-atp%terraform%block_volume%outputs.tf | 5 + ...re-atp%terraform%block_volume%variables.tf | 10 + ...te%migrate-postgre-atp%terraform%locals.tf | 10 + ...gate%migrate-postgre-atp%terraform%main.tf | 155 ++++ ...postgre-atp%terraform%ogg_micro%compute.tf | 64 ++ ...postgre-atp%terraform%ogg_micro%outputs.tf | 13 + ...stgre-atp%terraform%ogg_micro%variables.tf | 63 ++ ...re-atp%terraform%ogg_microimage%outputs.tf | 5 + ...-atp%terraform%ogg_microimage%variables.tf | 5 + ...tgre-atp%terraform%ogg_pgsql%cloud_init.tf | 21 + ...postgre-atp%terraform%ogg_pgsql%compute.tf | 53 ++ ...postgre-atp%terraform%ogg_pgsql%outputs.tf | 13 + ...stgre-atp%terraform%ogg_pgsql%variables.tf | 47 ++ ...re-atp%terraform%ogg_pgsqlimage%outputs.tf | 5 + ...-atp%terraform%ogg_pgsqlimage%variables.tf | 5 + ...%migrate-postgre-atp%terraform%provider.tf | 3 + ...tgre-atp%terraform%source_db%cloud_init.tf | 13 + ...postgre-atp%terraform%source_db%compute.tf | 21 + ...postgre-atp%terraform%source_db%outputs.tf | 4 + ...stgre-atp%terraform%source_db%variables.tf | 12 + ...rate-postgre-atp%terraform%subscription.tf | 66 ++ ...gate%migrate-postgre-atp%terraform%vars.tf | 313 ++++++++ ...ngate%migrate-postgre-atp%terraform%vcn.tf | 186 +++++ ...Resource_Manager%orm-lbaas-demo%compute.tf | 39 + ...rce_Manager%orm-lbaas-demo%loadbalancer.tf | 71 ++ ...Resource_Manager%orm-lbaas-demo%network.tf | 226 ++++++ ...Resource_Manager%orm-lbaas-demo%outputs.tf | 8 + ...source_Manager%orm-lbaas-demo%variables.tf | 119 ++++ ...ps%Resource_Manager%orm-oci-oke%cluster.tf | 27 + ...esource_Manager%orm-oci-oke%datasources.tf | 44 ++ ...esource_Manager%orm-oci-oke%kube_config.tf | 6 + ...Resource_Manager%orm-oci-oke%networking.tf | 108 +++ ...%Resource_Manager%orm-oci-oke%nodepools.tf | 36 + ...Ops%Resource_Manager%orm-oci-oke%output.tf | 30 + ...s%Resource_Manager%orm-oci-oke%provider.tf | 12 + ...s%Resource_Manager%orm-oci-oke%security.tf | 169 +++++ ...%Resource_Manager%orm-oci-oke%variables.tf | 104 +++ ...AB%Load_Balancer%terraform%loadbalancer.tf | 52 ++ ...-LAB%Load_Balancer%terraform%networking.tf | 193 +++++ ...y%L100-LAB%Load_Balancer%terraform%vars.tf | 14 + ...-LAB%Load_Balancer%terraform%webservers.tf | 59 ++ ...-library%L100-LAB%Terraform%environment.tf | 420 +++++++++++ ...%grabdish%terraform%availability_domain.tf | 14 + ...iven%grabdish%terraform%containerengine.tf | 110 +++ ...ices-datadriven%grabdish%terraform%core.tf | 455 ++++++++++++ ...-datadriven%grabdish%terraform%database.tf | 74 ++ ...-datadriven%grabdish%terraform%main_var.tf | 9 + ...-datadriven%grabdish%terraform%provider.tf | 3 + ...ces-datadriven%grabdish%terraform%repos.tf | 51 ++ ...river%test%integration%terraform%common.tf | 50 ++ ...ver%test%integration%terraform%instance.tf | 99 +++ ...river%test%integration%terraform%volume.tf | 10 + ...ume-driver%test%system%terraform%volume.tf | 48 ++ ...ls%contrib%oracle_virt_manager%instance.tf | 347 +++++++++ ...ests%automation%data%base_instance%data.tf | 7 + ...ests%automation%data%base_instance%main.tf | 192 +++++ ...ts%automation%data%base_instance%output.tf | 16 + ...s%tests%automation%data%test_iscsi%data.tf | 8 + ...s%tests%automation%data%test_iscsi%main.tf | 169 +++++ ...ation%data%test_iscsi%terraform_version.tf | 10 + ...ests%automation%data%test_metadata%data.tf | 8 + ...ests%automation%data%test_metadata%main.tf | 169 +++++ ...on%data%test_metadata%terraform_version.tf | 10 + ...tests%automation%data%test_various%data.tf | 8 + ...tests%automation%data%test_various%main.tf | 259 +++++++ ...ion%data%test_various%terraform_version.tf | 10 + ...provisionning%dev_instance%dev-instance.tf | 110 +++ ...ls%provisionning%test_instance%instance.tf | 268 +++++++ ...rovisioner%test%system%terraform%volume.tf | 61 ++ ...src%test%resources%analysis%hcl%sample.hcl | 81 +++ ...est%resources%analysis%terraform%sample.tf | 215 ++++++ ...b-tools%devops%terraform%ORDS_dbcs%main.tf | 271 +++++++ ...ls%devops%terraform%ORDS_dbcs%variables.tf | 51 ++ ...evops%terraform%vanityURL-ADB%Variables.tf | 47 ++ ...aform%vanityURL-ADB%completeSetupFullVM.tf | 551 ++++++++++++++ ...form%vanityURL-ADB%completeSetupMicroVM.tf | 525 ++++++++++++++ ...vops%terraform%vanityURL-DBCS%Variables.tf | 56 ++ ...ls%devops%terraform%vanityURL-DBCS%main.tf | 521 ++++++++++++++ ...mesten-samples%cloud%ottscaleout%blkvol.tf | 96 +++ ...esten-samples%cloud%ottscaleout%compute.tf | 322 +++++++++ ...esten-samples%cloud%ottscaleout%network.tf | 312 ++++++++ ...-timesten-samples%cloud%ottscaleout%oci.tf | 31 + ...esten-samples%cloud%ottscaleout%outputs.tf | 21 + ...samples%cloud%ottscaleout%system-config.tf | 162 +++++ ...ten-samples%cloud%ottscaleout%variables.tf | 189 +++++ ...rless-saas-erp-dataload%terraform%apigw.tf | 31 + ...less-saas-erp-dataload%terraform%events.tf | 65 ++ ...aas-erp-dataload%terraform%functionsapp.tf | 37 + ...oad%terraform%functionsmodule%functions.tf | 47 ++ ...ess-saas-erp-dataload%terraform%network.tf | 64 ++ ...ess-saas-erp-dataload%terraform%storage.tf | 38 + ...rless-saas-erp-dataload%terraform%topic.tf | 28 + ...s-saas-erp-dataload%terraform%variables.tf | 183 +++++ ...rless-saas-erp-dataload%terraform%vault.tf | 43 ++ ...ss-saas-erp-dataload%terraform%versions.tf | 11 + .../oracle%terraform-ceph-installer%main.tf | 142 ++++ ...ceph-installer%modules%ceph-client%main.tf | 316 +++++++++ ...ph-installer%modules%ceph-client%output.tf | 8 + ...installer%modules%ceph-client%variables.tf | 75 ++ ...ph-installer%modules%ceph-deployer%main.tf | 267 +++++++ ...-installer%modules%ceph-deployer%output.tf | 12 + ...staller%modules%ceph-deployer%variables.tf | 56 ++ ...rm-ceph-installer%modules%ceph-mds%main.tf | 279 ++++++++ ...-ceph-installer%modules%ceph-mds%output.tf | 8 + ...ph-installer%modules%ceph-mds%variables.tf | 73 ++ ...eph-installer%modules%ceph-monitor%main.tf | 270 +++++++ ...h-installer%modules%ceph-monitor%output.tf | 13 + ...nstaller%modules%ceph-monitor%variables.tf | 67 ++ ...rm-ceph-installer%modules%ceph-osd%main.tf | 292 ++++++++ ...-ceph-installer%modules%ceph-osd%output.tf | 12 + ...installer%modules%ceph-osd%storage%main.tf | 37 + ...ller%modules%ceph-osd%storage%variables.tf | 56 ++ ...ph-installer%modules%ceph-osd%variables.tf | 96 +++ ...orm-ceph-installer%modules%network%main.tf | 189 +++++ ...m-ceph-installer%modules%network%output.tf | 16 + ...eph-installer%modules%network%variables.tf | 72 ++ ...eph-installer%modules%network.full%main.tf | 177 +++++ ...h-installer%modules%network.full%output.tf | 24 + ...nstaller%modules%network.full%variables.tf | 72 ++ ...oracle%terraform-ceph-installer%outputs.tf | 48 ++ ...racle%terraform-ceph-installer%provider.tf | 10 + ...onnect_vcns_using_multiple_vnics%bridge.tf | 93 +++ ...t_vcns_using_multiple_vnics%datasources.tf | 62 ++ ...onnect_vcns_using_multiple_vnics%output.tf | 30 + ...nect_vcns_using_multiple_vnics%provider.tf | 11 + ...ect_vcns_using_multiple_vnics%variables.tf | 65 ++ ...%connect_vcns_using_multiple_vnics%vcn1.tf | 142 ++++ ...%connect_vcns_using_multiple_vnics%vcn2.tf | 118 +++ ...ples%opc%bastion-host-provisioning%main.tf | 70 ++ ...st-provisioning%modules%bastion%bastion.tf | 45 ++ ...st-provisioning%modules%bastion%outputs.tf | 22 + ...-provisioning%modules%bastion%variables.tf | 29 + ...c%instance-from-colocated-snapshot%main.tf | 34 + ...tance-from-colocated-snapshot%variables.tf | 7 + ...opc%instance-from-storage-snapshot%main.tf | 33 + ...nstance-from-storage-snapshot%variables.tf | 7 + ...stance-with-persistent-boot-volume%main.tf | 42 ++ ...e-with-persistent-boot-volume%variables.tf | 7 + ...-public-ip-on-ip-network-interface%main.tf | 82 +++ ...ic-ip-on-ip-network-interface%variables.tf | 11 + ...les%examples%opc%instance-with-ssh%main.tf | 50 ++ ...xamples%opc%instance-with-ssh%variables.tf | 12 + ...m-examples%examples%opc%ipnetworks%main.tf | 168 +++++ ...pnetworks%modules%install_ssh_keys%main.tf | 34 + ...mples%examples%opc%ipnetworks%variables.tf | 22 + ...%loadbalancer-classic%certificates%main.tf | 55 ++ ...adbalancer-classic%certificates%outputs.tf | 14 + ...balancer-classic%certificates%variables.tf | 19 + ...loadbalancer-classic%load_balancer%main.tf | 76 ++ ...dbalancer-classic%load_balancer%outputs.tf | 6 + ...alancer-classic%load_balancer%variables.tf | 17 + ...%examples%opc%loadbalancer-classic%main.tf | 70 ++ ...s%opc%loadbalancer-classic%network%main.tf | 7 + ...opc%loadbalancer-classic%network%output.tf | 10 + ...%loadbalancer-classic%network%variables.tf | 5 + ...amples%opc%loadbalancer-classic%outputs.tf | 18 + ...-classic%security_rules%all_egress%main.tf | 17 + ...oadbalancer-classic%security_rules%main.tf | 26 + ...c%loadbalancer-classic%server_pool%main.tf | 59 ++ ...oadbalancer-classic%server_pool%outputs.tf | 22 + ...dbalancer-classic%server_pool%variables.tf | 20 + ...ples%opc%loadbalancer-classic%variables.tf | 13 + ...es%opc%loadbalancer-classic%webapp%main.tf | 37 + ...opc%loadbalancer-classic%webapp%outputs.tf | 6 + ...c%loadbalancer-classic%webapp%variables.tf | 14 + ...amples%opc%marketplace-bitnami-elk%main.tf | 120 ++++ ...examples%opc%orchestrated-instance%main.tf | 61 ++ ...opc%windows-instance-with-rdp%variables.tf | 11 + ...indows-instance-with-rdp%windows-server.tf | 63 ++ ...es%examples%oraclepaas%accs-go-app%main.tf | 58 ++ ...%examples%oraclepaas%accs-java-app%main.tf | 52 ++ ...xamples%oraclepaas%accs-nodejs-app%main.tf | 58 ++ ...paas%accs-nodejs-app-from-git-repo%main.tf | 33 + ...s%examples%oraclepaas%accs-php-app%main.tf | 58 ++ ...xamples%oraclepaas%accs-python-app%main.tf | 58 ++ ...%examples%oraclepaas%accs-ruby-app%main.tf | 52 ++ ...s%oraclepaas%dbcs-instance-classic%main.tf | 43 ++ ...mples%oraclepaas%dbcs-instance-oci%main.tf | 95 +++ ...amples%oraclepaas%dbcs-instance-oci%vcn.tf | 106 +++ ...les%oraclepaas%full-db-jcs-oci%identity.tf | 80 +++ ...xamples%oraclepaas%full-db-jcs-oci%main.tf | 99 +++ ...es%oraclepaas%full-db-jcs-oci%providers.tf | 29 + ...es%oraclepaas%full-db-jcs-oci%variables.tf | 25 + ...aclepaas%full-dbcs-jcs-otd-classic%main.tf | 99 +++ ...es%oraclepaas%jcs-instance-classic%main.tf | 49 ++ ...amples%oraclepaas%jcs-instance-oci%main.tf | 99 +++ ...raclepaas%mysqlcs-instance-classic%main.tf | 101 +++ ...es%oraclepaas%mysqlcs-instance-oci%main.tf | 92 +++ ...rraform-kubernetes-installer%bashsource.tf | 159 +++++ ...raform-kubernetes-installer%datasources.tf | 9 + ...nstaller%identity%cloud_controller_user.tf | 39 + ...etes-installer%identity%flexvolume_user.tf | 45 ++ ...m-kubernetes-installer%identity%outputs.tf | 51 ++ ...-kubernetes-installer%identity%provider.tf | 9 + ...kubernetes-installer%identity%variables.tf | 20 + ...taller%identity%volume_provisioner_user.tf | 35 + ...es-installer%instances%etcd%datasources.tf | 24 + ...ubernetes-installer%instances%etcd%main.tf | 55 ++ ...rnetes-installer%instances%etcd%outputs.tf | 18 + ...etes-installer%instances%etcd%variables.tf | 69 ++ ...staller%instances%k8smaster%datasources.tf | 156 ++++ ...etes-installer%instances%k8smaster%main.tf | 55 ++ ...s-installer%instances%k8smaster%outputs.tf | 11 + ...installer%instances%k8smaster%variables.tf | 102 +++ ...staller%instances%k8sworker%datasources.tf | 96 +++ ...etes-installer%instances%k8sworker%main.tf | 66 ++ ...es-installer%instances%k8sworker%output.tf | 15 + ...installer%instances%k8sworker%variables.tf | 77 ++ ...%terraform-kubernetes-installer%k8s-oci.tf | 483 +++++++++++++ ...taller%kubernetes%kubeconfig%kubeconfig.tf | 22 + ...-installer%kubernetes%kubeconfig%output.tf | 3 + ...staller%kubernetes%kubeconfig%variables.tf | 9 + ...rnetes%oci-cloud-controller%datasources.tf | 22 + ...%kubernetes%oci-cloud-controller%output.tf | 3 + ...bernetes%oci-cloud-controller%variables.tf | 22 + ...netes%oci-flexvolume-driver%datasources.tf | 12 + ...kubernetes%oci-flexvolume-driver%output.tf | 3 + ...ernetes%oci-flexvolume-driver%variables.tf | 8 + ...etes%oci-volume-provisioner%datasources.tf | 13 + ...ubernetes%oci-volume-provisioner%output.tf | 3 + ...rnetes%oci-volume-provisioner%variables.tf | 12 + ...staller%network%loadbalancers%etcd%main.tf | 126 ++++ ...ller%network%loadbalancers%etcd%outputs.tf | 17 + ...er%network%loadbalancers%etcd%variables.tf | 39 + ...er%network%loadbalancers%k8smaster%main.tf | 68 ++ ...network%loadbalancers%k8smaster%outputs.tf | 13 + ...twork%loadbalancers%k8smaster%variables.tf | 40 ++ ...loadbalancers%reverse-proxy%datasources.tf | 25 + ...work%loadbalancers%reverse-proxy%output.tf | 7 + ...rk%loadbalancers%reverse-proxy%variable.tf | 12 + ...netes-installer%network%vcn%datasources.tf | 70 ++ ...netes-installer%network%vcn%natinstance.tf | 80 +++ ...ubernetes-installer%network%vcn%outputs.tf | 113 +++ ...tes-installer%network%vcn%securitylists.tf | 407 +++++++++++ ...ubernetes-installer%network%vcn%subnets.tf | 291 ++++++++ ...ernetes-installer%network%vcn%variables.tf | 174 +++++ ...rm-kubernetes-installer%network%vcn%vcn.tf | 73 ++ ...%terraform-kubernetes-installer%outputs.tf | 163 +++++ ...terraform-kubernetes-installer%provider.tf | 9 + ...ernetes-installer%terraform.example.tfvars | 58 ++ ...ts%resources%configs%public-cluster.tfvars | 31 + ...terraform-kubernetes-installer%tls%main.tf | 95 +++ ...raform-kubernetes-installer%tls%outputs.tf | 27 + ...form-kubernetes-installer%tls%variables.tf | 50 ++ ...erraform-kubernetes-installer%variables.tf | 508 +++++++++++++ .../oracle%terraform-oci-cf-install%block.tf | 13 + ...le%terraform-oci-cf-install%boshclivars.tf | 113 +++ ...oracle%terraform-oci-cf-install%compute.tf | 52 ++ ...le%terraform-oci-cf-install%datasources.tf | 16 + ...racle%terraform-oci-cf-install%identity.tf | 38 + ...oracle%terraform-oci-cf-install%network.tf | 398 +++++++++++ ...oracle%terraform-oci-cf-install%outputs.tf | 11 + ...acle%terraform-oci-cf-install%providers.tf | 8 + ...acle%terraform-oci-cf-install%variables.tf | 109 +++ ...cle%terraform-opc-compute-instance%main.tf | 39 + ...%terraform-opc-compute-instance%outputs.tf | 12 + ...erraform-opc-compute-instance%variables.tf | 78 ++ .../oracle%terraform-opc-ip-networks%main.tf | 16 + ...racle%terraform-opc-ip-networks%outputs.tf | 12 + ...cle%terraform-opc-ip-networks%variables.tf | 28 + ...netes%samples%scripts%terraform%cluster.tf | 62 ++ ...s%samples%scripts%terraform%kube_config.tf | 17 + ...etes%samples%scripts%terraform%provider.tf | 21 + ...%samples%scripts%terraform%template.tfvars | 46 ++ ...ubernetes%samples%scripts%terraform%vcn.tf | 411 +++++++++++ ...m-community-modules%tf_aws_alb%alb%main.tf | 92 +++ ...ommunity-modules%tf_aws_alb%alb%outputs.tf | 19 + ...munity-modules%tf_aws_alb%alb%variables.tf | 102 +++ ...y-modules%tf_aws_alb%test%fixtures%main.tf | 31 + ...odules%tf_aws_alb%test%fixtures%outputs.tf | 11 + ...ules%tf_aws_alb%test%fixtures%variables.tf | 11 + ...aform-community-modules%tf_aws_asg%main.tf | 48 ++ ...rm-community-modules%tf_aws_asg%outputs.tf | 13 + ...-community-modules%tf_aws_asg%variables.tf | 63 ++ ...-modules%tf_aws_asg_elb%example%example.tf | 29 + ...ity-modules%tf_aws_asg_elb%example%vars.tf | 43 ++ ...m-community-modules%tf_aws_asg_elb%main.tf | 42 ++ ...ommunity-modules%tf_aws_asg_elb%outputs.tf | 17 + ...munity-modules%tf_aws_asg_elb%variables.tf | 81 +++ ...orm-community-modules%tf_aws_aurora%kms.tf | 10 + ...rm-community-modules%tf_aws_aurora%main.tf | 97 +++ ...community-modules%tf_aws_aurora%outputs.tf | 15 + ...ty-modules%tf_aws_aurora%security_group.tf | 28 + ...mmunity-modules%tf_aws_aurora%variables.tf | 83 +++ ...ity-modules%tf_aws_bastion_s3_keys%main.tf | 148 ++++ ...-modules%tf_aws_bastion_s3_keys%outputs.tf | 12 + ...ules%tf_aws_bastion_s3_keys%samples%ami.tf | 7 + ...keys%samples%iam_allow_associateaddress.tf | 49 ++ ...bastion_s3_keys%samples%iam_s3_readonly.tf | 48 ++ ...tion_s3_keys%samples%s3_ssh_public_keys.tf | 44 ++ ...odules%tf_aws_bastion_s3_keys%variables.tf | 116 +++ ...modules%tf_aws_bastion_s3_keys%versions.tf | 4 + ...ommunity-modules%tf_aws_cloudfront%main.tf | 158 +++++ ...unity-modules%tf_aws_cloudfront%outputs.tf | 70 ++ ...ity-modules%tf_aws_cloudfront%variables.tf | 81 +++ ...mmunity-modules%tf_aws_customer_gw%main.tf | 65 ++ ...nity-modules%tf_aws_customer_gw%outputs.tf | 11 + ...mmunity-modules%tf_aws_customer_gw%vars.tf | 45 ++ ...munity-modules%tf_aws_ec2_instance%main.tf | 22 + ...ity-modules%tf_aws_ec2_instance%outputs.tf | 4 + ...y-modules%tf_aws_ec2_instance%variables.tf | 35 + ...mmunity-modules%tf_aws_ecs%consul_agent.tf | 57 ++ ...ty-modules%tf_aws_ecs%graceful_shutdown.tf | 10 + ...raform-community-modules%tf_aws_ecs%iam.tf | 119 ++++ ...aform-community-modules%tf_aws_ecs%main.tf | 113 +++ ...rm-community-modules%tf_aws_ecs%outputs.tf | 38 + ...-community-modules%tf_aws_ecs%variables.tf | 169 +++++ ..._ecs_instance_draining_on_scale_in%main.tf | 164 +++++ ...instance_draining_on_scale_in%variables.tf | 22 + ...munity-modules%tf_aws_ecs_pganalyze%iam.tf | 91 +++ ...unity-modules%tf_aws_ecs_pganalyze%main.tf | 48 ++ ...-modules%tf_aws_ecs_pganalyze%variables.tf | 45 ++ ...les%tf_aws_elasticache_redis%cloudwatch.tf | 48 ++ ...y-modules%tf_aws_elasticache_redis%main.tf | 69 ++ ...odules%tf_aws_elasticache_redis%outputs.tf | 23 + ...f_aws_elasticache_redis%security_groups.tf | 28 + ...ules%tf_aws_elasticache_redis%variables.tf | 176 +++++ ...unity-modules%tf_aws_elasticsearch%data.tf | 4 + ...unity-modules%tf_aws_elasticsearch%main.tf | 106 +++ ...y-modules%tf_aws_elasticsearch%main_vpc.tf | 112 +++ ...ty-modules%tf_aws_elasticsearch%outputs.tf | 60 ++ ...-modules%tf_aws_elasticsearch%variables.tf | 153 ++++ ...munity-modules%tf_aws_elb%elb_http%main.tf | 39 + ...ity-modules%tf_aws_elb%elb_http%outputs.tf | 15 + ...y-modules%tf_aws_elb%elb_http%variables.tf | 47 ++ ...unity-modules%tf_aws_elb%elb_https%main.tf | 40 ++ ...ty-modules%tf_aws_elb%elb_https%outputs.tf | 15 + ...-modules%tf_aws_elb%elb_https%variables.tf | 53 ++ ...aform-community-modules%tf_aws_igw%main.tf | 14 + ...ty-modules%tf_aws_lambda_scheduled%main.tf | 65 ++ ...-modules%tf_aws_lambda_scheduled%output.tf | 11 + ...dules%tf_aws_lambda_scheduled%variables.tf | 33 + ...raform-community-modules%tf_aws_nat%iam.tf | 48 ++ ...aform-community-modules%tf_aws_nat%main.tf | 70 ++ ...rm-community-modules%tf_aws_nat%outputs.tf | 11 + ...-community-modules%tf_aws_nat%variables.tf | 60 ++ ...m-community-modules%tf_aws_openvpn%main.tf | 140 ++++ ...ommunity-modules%tf_aws_openvpn%outputs.tf | 15 + ...munity-modules%tf_aws_openvpn%variables.tf | 22 + ...%tf_aws_private_subnet_nat_gateway%main.tf | 93 +++ ...unity-modules%tf_aws_public_subnet%main.tf | 80 +++ ...munity-modules%tf_aws_puppet%agent%main.tf | 21 + ...ity-modules%tf_aws_puppet%agent%outputs.tf | 4 + ...y-modules%tf_aws_puppet%agent%variables.tf | 12 + ...unity-modules%tf_aws_puppet%master%main.tf | 21 + ...ty-modules%tf_aws_puppet%master%outputs.tf | 4 + ...-modules%tf_aws_puppet%master%variables.tf | 11 + ...aform-community-modules%tf_aws_rds%main.tf | 112 +++ ...rm-community-modules%tf_aws_rds%outputs.tf | 28 + ...-community-modules%tf_aws_rds%variables.tf | 159 +++++ ...-community-modules%tf_aws_redshift%main.tf | 100 +++ ...mmunity-modules%tf_aws_redshift%outputs.tf | 28 + ...unity-modules%tf_aws_redshift%variables.tf | 110 +++ ...dules%tf_aws_sg%sg_carbon-relay-ng%main.tf | 80 +++ ...es%tf_aws_sg%sg_carbon-relay-ng%outputs.tf | 4 + ...%tf_aws_sg%sg_carbon-relay-ng%variables.tf | 14 + ...ity-modules%tf_aws_sg%sg_cassandra%main.tf | 50 ++ ...-modules%tf_aws_sg%sg_cassandra%outputs.tf | 4 + ...odules%tf_aws_sg%sg_cassandra%variables.tf | 14 + ...munity-modules%tf_aws_sg%sg_consul%main.tf | 100 +++ ...ity-modules%tf_aws_sg%sg_consul%outputs.tf | 4 + ...y-modules%tf_aws_sg%sg_consul%variables.tf | 14 + ...ity-modules%tf_aws_sg%sg_default%output.tf | 3 + ...modules%tf_aws_sg%sg_default%sg_default.tf | 26 + ...-modules%tf_aws_sg%sg_default%variables.tf | 18 + ...-modules%tf_aws_sg%sg_docker_swarm%main.tf | 60 ++ ...dules%tf_aws_sg%sg_docker_swarm%outputs.tf | 4 + ...les%tf_aws_sg%sg_docker_swarm%variables.tf | 14 + ...modules%tf_aws_sg%sg_elasticsearch%main.tf | 40 ++ ...ules%tf_aws_sg%sg_elasticsearch%outputs.tf | 4 + ...es%tf_aws_sg%sg_elasticsearch%variables.tf | 13 + ...ty-modules%tf_aws_sg%sg_https_only%main.tf | 20 + ...modules%tf_aws_sg%sg_https_only%outputs.tf | 4 + ...dules%tf_aws_sg%sg_https_only%variables.tf | 19 + ...mmunity-modules%tf_aws_sg%sg_kafka%main.tf | 40 ++ ...nity-modules%tf_aws_sg%sg_kafka%outputs.tf | 4 + ...ty-modules%tf_aws_sg%sg_kafka%variables.tf | 14 + ...ommunity-modules%tf_aws_sg%sg_ldap%main.tf | 30 + ...unity-modules%tf_aws_sg%sg_ldap%outputs.tf | 4 + ...ity-modules%tf_aws_sg%sg_ldap%variables.tf | 13 + ...ty-modules%tf_aws_sg%sg_ldaps_only%main.tf | 20 + ...modules%tf_aws_sg%sg_ldaps_only%outputs.tf | 4 + ...dules%tf_aws_sg%sg_ldaps_only%variables.tf | 14 + ...ity-modules%tf_aws_sg%sg_memcached%main.tf | 30 + ...-modules%tf_aws_sg%sg_memcached%outputs.tf | 4 + ...odules%tf_aws_sg%sg_memcached%variables.tf | 13 + ...mmunity-modules%tf_aws_sg%sg_mysql%main.tf | 30 + ...nity-modules%tf_aws_sg%sg_mysql%outputs.tf | 4 + ...ty-modules%tf_aws_sg%sg_mysql%variables.tf | 13 + ...mmunity-modules%tf_aws_sg%sg_nomad%main.tf | 60 ++ ...nity-modules%tf_aws_sg%sg_nomad%outputs.tf | 4 + ...ty-modules%tf_aws_sg%sg_nomad%variables.tf | 14 + ...unity-modules%tf_aws_sg%sg_openvpn%main.tf | 50 ++ ...ty-modules%tf_aws_sg%sg_openvpn%outputs.tf | 4 + ...-modules%tf_aws_sg%sg_openvpn%variables.tf | 13 + ...ty-modules%tf_aws_sg%sg_postgresql%main.tf | 30 + ...modules%tf_aws_sg%sg_postgresql%outputs.tf | 4 + ...dules%tf_aws_sg%sg_postgresql%variables.tf | 13 + ...mmunity-modules%tf_aws_sg%sg_redis%main.tf | 30 + ...nity-modules%tf_aws_sg%sg_redis%outputs.tf | 4 + ...ty-modules%tf_aws_sg%sg_redis%variables.tf | 13 + ...community-modules%tf_aws_sg%sg_ssh%main.tf | 20 + ...munity-modules%tf_aws_sg%sg_ssh%outputs.tf | 4 + ...nity-modules%tf_aws_sg%sg_ssh%variables.tf | 13 + ...mmunity-modules%tf_aws_sg%sg_storm%main.tf | 50 ++ ...nity-modules%tf_aws_sg%sg_storm%outputs.tf | 4 + ...ty-modules%tf_aws_sg%sg_storm%variables.tf | 14 + ...community-modules%tf_aws_sg%sg_web%main.tf | 70 ++ ...munity-modules%tf_aws_sg%sg_web%outputs.tf | 4 + ...nity-modules%tf_aws_sg%sg_web%variables.tf | 13 + ...munity-modules%tf_aws_sg%sg_zipkin%main.tf | 70 ++ ...ity-modules%tf_aws_sg%sg_zipkin%outputs.tf | 4 + ...y-modules%tf_aws_sg%sg_zipkin%variables.tf | 14 + ...ity-modules%tf_aws_sg%sg_zookeeper%main.tf | 60 ++ ...-modules%tf_aws_sg%sg_zookeeper%outputs.tf | 4 + ...odules%tf_aws_sg%sg_zookeeper%variables.tf | 13 + ...nity-modules%tf_aws_ubuntu_ami%ebs%main.tf | 28 + ...s%tf_aws_ubuntu_ami%instance-store%main.tf | 24 + ...ommunity-modules%tf_aws_ubuntu_ami%main.tf | 13 + ...aform-community-modules%tf_aws_vpc%main.tf | 205 ++++++ ...rm-community-modules%tf_aws_vpc%outputs.tf | 71 ++ ...-community-modules%tf_aws_vpc%variables.tf | 126 ++++ src/scanner.cc | 33 +- 891 files changed, 54270 insertions(+), 10 deletions(-) create mode 100644 example/real_world_stuff/oracle/oracle%bosh-oracle-cpi-release%ci%terraform%datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%bosh-oracle-cpi-release%ci%terraform%network.tf create mode 100644 example/real_world_stuff/oracle/oracle%bosh-oracle-cpi-release%ci%terraform%output.tf create mode 100644 example/real_world_stuff/oracle/oracle%bosh-oracle-cpi-release%ci%terraform%providers.tf create mode 100644 example/real_world_stuff/oracle/oracle%bosh-oracle-cpi-release%ci%terraform%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%EBusinessSuite%datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%EBusinessSuite%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%EBusinessSuite%modules%bastion%bastion.outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%EBusinessSuite%modules%bastion%bastion.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%EBusinessSuite%modules%bastion%bastion.vars.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%EBusinessSuite%modules%compute%compute.data.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%EBusinessSuite%modules%compute%compute.outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%EBusinessSuite%modules%compute%compute.rsync-remote-exec.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%EBusinessSuite%modules%compute%compute.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%EBusinessSuite%modules%compute%compute.variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%EBusinessSuite%modules%compute%fss.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%EBusinessSuite%modules%dbsystem%db.datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%EBusinessSuite%modules%dbsystem%db.dbsystem.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%EBusinessSuite%modules%dbsystem%db.variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%EBusinessSuite%modules%loadbalancer%lb.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%EBusinessSuite%modules%loadbalancer%lb.variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%EBusinessSuite%modules%network%subnets%subnets.outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%EBusinessSuite%modules%network%subnets%subnets.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%EBusinessSuite%modules%network%subnets%subnets.variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%EBusinessSuite%modules%network%vcn%vcn.data.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%EBusinessSuite%modules%network%vcn%vcn.outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%EBusinessSuite%modules%network%vcn%vcn.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%EBusinessSuite%modules%network%vcn%vcn.vars.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%EBusinessSuite%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%EBusinessSuite%provider.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%EBusinessSuite%routetables.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%EBusinessSuite%seclists.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%EBusinessSuite%terraform.tfvars create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%EBusinessSuite%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%global%bastion%bastion.outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%global%bastion%bastion.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%global%bastion%bastion.variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%global%global.datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%global%global.main.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%global%global.outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%global%global.provider.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%global%global.routetables.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%global%global.variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%global%network%subnets%subnets.output.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%global%network%subnets%subnets.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%global%network%subnets%subnets.variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%global%network%vcn%vcn.data.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%global%network%vcn%vcn.outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%global%network%vcn%vcn.seclist.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%global%network%vcn%vcn.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%global%network%vcn%vcn.variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%app%app.bv.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%app%app.init.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%app%app.outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%app%app.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%app%app.variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%db%db.dbsystem.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%db%db.outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%db%db.variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%dns%dns.datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%dns%dns.main.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%dns%dns.outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%dns%dns.variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%lbaas%lbaas.outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%lbaas%lbaas.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%lbaas%lbaas.variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%win%win.outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%win%win.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%win%win.variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%nonpd%nonpd.datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%nonpd%nonpd.main.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%nonpd%nonpd.outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%nonpd%nonpd.provider.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%nonpd%nonpd.variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%pd%pd.datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%pd%pd.main.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%pd%pd.outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%pd%pd.provider.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%pd%pd.variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%pd%web-lb.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%bastion%bastion.outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%bastion%bastion.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%bastion%bastion.vars.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%compute%compute.blockvolume.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%compute%compute.datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%compute%compute.outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%compute%compute.remote-exec.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%compute%compute.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%compute%compute.variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%dbsystem%db.datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%dbsystem%db.dbsystem.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%dbsystem%db.variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%filesystem%fss.data.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%filesystem%fss.outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%filesystem%fss.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%filesystem%fss.vars.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%loadbalancer%lb.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%loadbalancer%lb.vars.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%network%subnets%subnets.output.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%network%subnets%subnets.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%network%subnets%subnets.vars.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%network%vcn%vcn.data.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%network%vcn%vcn.outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%network%vcn%vcn.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%network%vcn%vcn.vars.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%provider.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%routetables.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%seclist.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%terraform.tfvars create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%fss-remote-exec.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%bastion%bastion.outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%bastion%bastion.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%bastion%bastion.vars.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%compute%compute.blockvolume.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%compute%compute.outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%compute%compute.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%compute%compute.variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%dbsystem%db.datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%dbsystem%db.dbsystem.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%dbsystem%db.variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%filesystem%fss.data.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%filesystem%fss.outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%filesystem%fss.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%filesystem%fss.vars.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%loadbalancer%lb.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%loadbalancer%lb.vars.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%network%subnets%subnets.output.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%network%subnets%subnets.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%network%subnets%subnets.vars.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%network%vcn%vcn.data.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%network%vcn%vcn.outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%network%vcn%vcn.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%network%vcn%vcn.vars.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%provider.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%routetables.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%seclist.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%terraform.tfvars create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloud-asset-fusion-serverless-vbcs-sample%terraformScript%createAll.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_image%provider.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_image%stack_subscribe.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_image%terraform.tfvars create mode 100644 example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_image%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_nodepool%image_subscription.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_nodepool%provider.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_nodepool%stack_subscribe.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_nodepool%terraform.tfvars create mode 100644 example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_nodepool%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_stack%provider.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_stack%stack_subscribe.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_stack%terraform.tfvars create mode 100644 example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_stack%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%free_tier%terraform%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%free_tier%terraform%provider.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%free_tier%terraform%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%modules%keysgen%keygen.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%modules%keysgen%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%modules%wls_docker_host%clouinit-template.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%modules%wls_docker_host%compute.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%modules%wls_docker_host%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%modules%wls_docker_host%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%provider.tf create mode 100644 example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%terraform.tfvars create mode 100644 example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%ad-region-datasource.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%add-service.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%add-shard-director-wo-stdby.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%add-shard-director.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%add-shard-group.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%add-shard.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%add-standby-shard-group.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%add-standby-shard.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-dataguard.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-db.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-shard-chunks.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-standby-cloud-init.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-standby-configure.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-standby-ee-configure.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-standby-tns-ingest.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-switchover.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-tde-master-shard.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-tde-master-standby-shard.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-tde.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-tns-ingest.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%common.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%demo-monitor.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%demo-schema-datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%deploy-invoker.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%dg-broker.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%gsm-compute.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%network.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%oci-marketplace-subscription.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%optional-variables.auto.tfvars create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%provider.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-catalog-cloud-init.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-catalog-configure-datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-catalog-configure-main.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-data-move-consolidator-config.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-dataguard.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-db-cloud-init.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-db-configure-main.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-db-convert-params.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-db.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-director-aggregate-tns-config.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-director-cloud-init.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-director-configure-main.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-director-install-datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-director-install-main.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-director-tns-ingest.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-env-configure.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-relay-tns-config.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-standby-cloud-init.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-standby-configure.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-standby-ee-configure.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-standby-tde.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-standby-tns-ingest.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-tde.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-tns-ingest.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%versions.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%wallet.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%ad-region-datasource.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%add-service.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%add-shard-director.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%add-shard-group.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%add-shard.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%add-standby-shard-group.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%add-standby-shard.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%catalog-config-consolidator.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%catalog-config-generator.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%catalog-dataguard.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%catalog-db.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%catalog-standby-cloud-init.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%catalog-standby-configure.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%catalog-standby-ee-configure.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%catalog-switchover.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%demo-monitor.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%demo-schema-datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%deploy-invoker.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%gsm-compute.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%provider.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-catalog-cloud-init.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-catalog-configure-datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-catalog-configure-main.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-config-consolidator.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-config-generator.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-dataguard.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-db-cloud-init.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-db-configure-main.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-db.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-director-cloud-init.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-director-config-consolidator.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-director-config-generator.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-director-configure-main.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-director-install-datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-director-install-main.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-env-configure.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-standby-cloud-init.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-standby-configure.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-standby-ee-configure.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%versions.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_demo_setup%datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_demo_setup%demo-monitor.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_demo_setup%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_demo_setup%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_demo_setup%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%add-service.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%add-shard.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%add-standby-shard-group.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%add-standby-shard.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%create-shard-exec.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%create-shard.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%create-standby-shard-exec.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%create-standby-shard.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%deploy.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_gc%shard-catalog-gc.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_gc%shard-catalog-standby-gc.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_gc%shard-director-gc.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_gc%shard-gc.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_gc%shard-standby-gc.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_gc%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_schema_setup%datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_schema_setup%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_schema_setup%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_schema_setup%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_configure%add-static-dg-listener-catalog.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_configure%catalog-configure-with-standby.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_configure%datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_configure%enable-switchover-relocation.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_configure%enable-sys-dg-catalog.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_configure%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_configure%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_configure%setup-data-guard-catalog.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_configure%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_db_install%catalog-cleanup.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_db_install%catalog-standby-cleanup.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_db_install%create-catalog-db.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_db_install%datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_db_install%install-catalog-db-sw.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_db_install%install-catalog-standby-db-sw.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_db_install%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_db_install%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_db_install%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%add-static-dg-listener.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%enable-sys-dg.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%schagent-register-shard.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%schagent-register-standby-shard.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%setup-data-guard.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%shard-env-configure.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%shard-validation.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%standby-shard-env-configure.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_install%create-db.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_install%datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_install%install-db-sw-standby.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_install%install-db-sw.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_install%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_install%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_install%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_director_configure%add-osuser-credential.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_director_configure%add-shard-director.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_director_configure%datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_director_configure%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_director_configure%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_director_configure%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_director_install%datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_director_install%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_director_install%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_director_install%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%compartments%compartment.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%compartments%data_sources.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%compartments%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%compartments%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%compartments%providers.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%compartments%terragrunt.hcl create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%compartments%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%configuration%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%configuration%network.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%configuration%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%configuration%terragrunt.hcl create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%configuration%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%access%bastion_instance.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%access%data_sources.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%access%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%access%providers.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%access%terragrunt.hcl create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%access%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%network%data_sources.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%network%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%network%network.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%network%providers.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%network%terragrunt.hcl create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%network%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%server_attachment%data_sources.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%server_attachment%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%server_attachment%management_rte_attachment.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%server_attachment%providers.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%server_attachment%terragrunt.hcl create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%server_attachment%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%servers%data_sources.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%servers%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%servers%management_instance.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%servers%providers.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%servers%terragrunt.hcl create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%servers%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%network%data_sources.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%network%instance_principals.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%network%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%network%network.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%network%providers.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%network%terragrunt.hcl create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%network%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%routing%data_sources.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%routing%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%routing%pacemaker.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%routing%providers.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%routing%routing_instance.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%routing%routing_routes.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%routing%routing_vnic_attachment.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%routing%terragrunt.hcl create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%routing%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%network%compartments.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%network%data_sources.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%network%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%network%network.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%network%providers.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%network%terragrunt.hcl create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%network%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%servers%data_sources.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%servers%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%servers%providers.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%servers%tenant_instance.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%servers%terragrunt.hcl create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%servers%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%terragrunt.hcl create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%network_calculator%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%network_calculator%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%bastion_instance%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%bastion_instance%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%bastion_instance%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%compartment%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%compartment%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%compartment%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%ip_route_add%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%ip_route_add%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%ip_route_add%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%management_instance%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%management_instance%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%management_instance%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%management_network%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%management_network%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%management_network%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%management_rte_attachement%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%management_rte_attachement%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%management_rte_attachement%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%network_calculator%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%network_calculator%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%network_calculator%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%pacemaker_config%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%pacemaker_config%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%pacemaker_config%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%peering_network%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%peering_network%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%peering_network%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_instance%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_instance%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_instance%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_instance_ha%data_sources.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_instance_ha%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_instance_ha%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_instance_ha%pacemaker.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_instance_ha%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_vnic_attachment%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_vnic_attachment%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_vnic_attachment%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%tenant_instance%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%tenant_instance%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%tenant_instance%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%tenant_network%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%tenant_network%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%tenant_network%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%atp%autonomous.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%atp%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%atp%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%availability_domain.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%block_volume%block_volume.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%block_volume%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%block_volume%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%locals.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_micro%compute.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_micro%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_micro%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_microimage%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_microimage%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_pgsql%cloud_init.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_pgsql%compute.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_pgsql%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_pgsql%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_pgsqlimage%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_pgsqlimage%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%provider.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%source_db%cloud_init.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%source_db%compute.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%source_db%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%source_db%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%subscription.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%vars.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%vcn.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-lbaas-demo%compute.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-lbaas-demo%loadbalancer.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-lbaas-demo%network.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-lbaas-demo%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-lbaas-demo%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-oci-oke%cluster.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-oci-oke%datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-oci-oke%kube_config.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-oci-oke%networking.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-oci-oke%nodepools.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-oci-oke%output.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-oci-oke%provider.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-oci-oke%security.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-oci-oke%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%oci-library%L100-LAB%Load_Balancer%terraform%loadbalancer.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%oci-library%L100-LAB%Load_Balancer%terraform%networking.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%oci-library%L100-LAB%Load_Balancer%terraform%vars.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%oci-library%L100-LAB%Load_Balancer%terraform%webservers.tf create mode 100644 example/real_world_stuff/oracle/oracle%learning-library%oci-library%L100-LAB%Terraform%environment.tf create mode 100644 example/real_world_stuff/oracle/oracle%microservices-datadriven%grabdish%terraform%availability_domain.tf create mode 100644 example/real_world_stuff/oracle/oracle%microservices-datadriven%grabdish%terraform%containerengine.tf create mode 100644 example/real_world_stuff/oracle/oracle%microservices-datadriven%grabdish%terraform%core.tf create mode 100644 example/real_world_stuff/oracle/oracle%microservices-datadriven%grabdish%terraform%database.tf create mode 100644 example/real_world_stuff/oracle/oracle%microservices-datadriven%grabdish%terraform%main_var.tf create mode 100644 example/real_world_stuff/oracle/oracle%microservices-datadriven%grabdish%terraform%provider.tf create mode 100644 example/real_world_stuff/oracle/oracle%microservices-datadriven%grabdish%terraform%repos.tf create mode 100644 example/real_world_stuff/oracle/oracle%oci-flexvolume-driver%test%integration%terraform%common.tf create mode 100644 example/real_world_stuff/oracle/oracle%oci-flexvolume-driver%test%integration%terraform%instance.tf create mode 100644 example/real_world_stuff/oracle/oracle%oci-flexvolume-driver%test%integration%terraform%volume.tf create mode 100644 example/real_world_stuff/oracle/oracle%oci-flexvolume-driver%test%system%terraform%volume.tf create mode 100644 example/real_world_stuff/oracle/oracle%oci-utils%contrib%oracle_virt_manager%instance.tf create mode 100644 example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%base_instance%data.tf create mode 100644 example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%base_instance%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%base_instance%output.tf create mode 100644 example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%test_iscsi%data.tf create mode 100644 example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%test_iscsi%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%test_iscsi%terraform_version.tf create mode 100644 example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%test_metadata%data.tf create mode 100644 example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%test_metadata%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%test_metadata%terraform_version.tf create mode 100644 example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%test_various%data.tf create mode 100644 example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%test_various%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%test_various%terraform_version.tf create mode 100644 example/real_world_stuff/oracle/oracle%oci-utils%tools%provisionning%dev_instance%dev-instance.tf create mode 100644 example/real_world_stuff/oracle/oracle%oci-utils%tools%provisionning%test_instance%instance.tf create mode 100644 example/real_world_stuff/oracle/oracle%oci-volume-provisioner%test%system%terraform%volume.tf create mode 100644 example/real_world_stuff/oracle/oracle%opengrok%opengrok-indexer%src%test%resources%analysis%hcl%sample.hcl create mode 100644 example/real_world_stuff/oracle/oracle%opengrok%opengrok-indexer%src%test%resources%analysis%terraform%sample.tf create mode 100644 example/real_world_stuff/oracle/oracle%oracle-db-tools%devops%terraform%ORDS_dbcs%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%oracle-db-tools%devops%terraform%ORDS_dbcs%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%oracle-db-tools%devops%terraform%vanityURL-ADB%Variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%oracle-db-tools%devops%terraform%vanityURL-ADB%completeSetupFullVM.tf create mode 100644 example/real_world_stuff/oracle/oracle%oracle-db-tools%devops%terraform%vanityURL-ADB%completeSetupMicroVM.tf create mode 100644 example/real_world_stuff/oracle/oracle%oracle-db-tools%devops%terraform%vanityURL-DBCS%Variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%oracle-db-tools%devops%terraform%vanityURL-DBCS%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%oracle-timesten-samples%cloud%ottscaleout%blkvol.tf create mode 100644 example/real_world_stuff/oracle/oracle%oracle-timesten-samples%cloud%ottscaleout%compute.tf create mode 100644 example/real_world_stuff/oracle/oracle%oracle-timesten-samples%cloud%ottscaleout%network.tf create mode 100644 example/real_world_stuff/oracle/oracle%oracle-timesten-samples%cloud%ottscaleout%oci.tf create mode 100644 example/real_world_stuff/oracle/oracle%oracle-timesten-samples%cloud%ottscaleout%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%oracle-timesten-samples%cloud%ottscaleout%system-config.tf create mode 100644 example/real_world_stuff/oracle/oracle%oracle-timesten-samples%cloud%ottscaleout%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%sample-serverless-saas-erp-dataload%terraform%apigw.tf create mode 100644 example/real_world_stuff/oracle/oracle%sample-serverless-saas-erp-dataload%terraform%events.tf create mode 100644 example/real_world_stuff/oracle/oracle%sample-serverless-saas-erp-dataload%terraform%functionsapp.tf create mode 100644 example/real_world_stuff/oracle/oracle%sample-serverless-saas-erp-dataload%terraform%functionsmodule%functions.tf create mode 100644 example/real_world_stuff/oracle/oracle%sample-serverless-saas-erp-dataload%terraform%network.tf create mode 100644 example/real_world_stuff/oracle/oracle%sample-serverless-saas-erp-dataload%terraform%storage.tf create mode 100644 example/real_world_stuff/oracle/oracle%sample-serverless-saas-erp-dataload%terraform%topic.tf create mode 100644 example/real_world_stuff/oracle/oracle%sample-serverless-saas-erp-dataload%terraform%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%sample-serverless-saas-erp-dataload%terraform%vault.tf create mode 100644 example/real_world_stuff/oracle/oracle%sample-serverless-saas-erp-dataload%terraform%versions.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-ceph-installer%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%ceph-client%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%ceph-client%output.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%ceph-client%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%ceph-deployer%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%ceph-deployer%output.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%ceph-deployer%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%ceph-mds%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%ceph-mds%output.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%ceph-mds%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%ceph-monitor%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%ceph-monitor%output.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%ceph-monitor%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%ceph-osd%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%ceph-osd%output.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%ceph-osd%storage%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%ceph-osd%storage%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%ceph-osd%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%network%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%network%output.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%network%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%network.full%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%network.full%output.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%network.full%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-ceph-installer%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-ceph-installer%provider.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%oci%connect_vcns_using_multiple_vnics%bridge.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%oci%connect_vcns_using_multiple_vnics%datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%oci%connect_vcns_using_multiple_vnics%output.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%oci%connect_vcns_using_multiple_vnics%provider.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%oci%connect_vcns_using_multiple_vnics%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%oci%connect_vcns_using_multiple_vnics%vcn1.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%oci%connect_vcns_using_multiple_vnics%vcn2.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%bastion-host-provisioning%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%bastion-host-provisioning%modules%bastion%bastion.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%bastion-host-provisioning%modules%bastion%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%bastion-host-provisioning%modules%bastion%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-from-colocated-snapshot%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-from-colocated-snapshot%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-from-storage-snapshot%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-from-storage-snapshot%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-with-persistent-boot-volume%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-with-persistent-boot-volume%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-with-public-ip-on-ip-network-interface%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-with-public-ip-on-ip-network-interface%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-with-ssh%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-with-ssh%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%ipnetworks%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%ipnetworks%modules%install_ssh_keys%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%ipnetworks%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%certificates%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%certificates%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%certificates%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%load_balancer%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%load_balancer%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%load_balancer%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%network%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%network%output.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%network%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%security_rules%all_egress%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%security_rules%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%server_pool%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%server_pool%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%server_pool%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%webapp%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%webapp%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%webapp%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%marketplace-bitnami-elk%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%orchestrated-instance%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%windows-instance-with-rdp%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%windows-instance-with-rdp%windows-server.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%oraclepaas%accs-go-app%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%oraclepaas%accs-java-app%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%oraclepaas%accs-nodejs-app%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%oraclepaas%accs-nodejs-app-from-git-repo%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%oraclepaas%accs-php-app%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%oraclepaas%accs-python-app%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%oraclepaas%accs-ruby-app%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%oraclepaas%dbcs-instance-classic%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%oraclepaas%dbcs-instance-oci%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%oraclepaas%dbcs-instance-oci%vcn.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%oraclepaas%full-db-jcs-oci%identity.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%oraclepaas%full-db-jcs-oci%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%oraclepaas%full-db-jcs-oci%providers.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%oraclepaas%full-db-jcs-oci%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%oraclepaas%full-dbcs-jcs-otd-classic%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%oraclepaas%jcs-instance-classic%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%oraclepaas%jcs-instance-oci%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%oraclepaas%mysqlcs-instance-classic%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-examples%examples%oraclepaas%mysqlcs-instance-oci%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%bashsource.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%identity%cloud_controller_user.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%identity%flexvolume_user.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%identity%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%identity%provider.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%identity%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%identity%volume_provisioner_user.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%etcd%datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%etcd%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%etcd%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%etcd%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%k8smaster%datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%k8smaster%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%k8smaster%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%k8smaster%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%k8sworker%datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%k8sworker%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%k8sworker%output.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%k8sworker%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%k8s-oci.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%kubernetes%kubeconfig%kubeconfig.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%kubernetes%kubeconfig%output.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%kubernetes%kubeconfig%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%kubernetes%oci-cloud-controller%datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%kubernetes%oci-cloud-controller%output.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%kubernetes%oci-cloud-controller%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%kubernetes%oci-flexvolume-driver%datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%kubernetes%oci-flexvolume-driver%output.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%kubernetes%oci-flexvolume-driver%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%kubernetes%oci-volume-provisioner%datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%kubernetes%oci-volume-provisioner%output.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%kubernetes%oci-volume-provisioner%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%network%loadbalancers%etcd%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%network%loadbalancers%etcd%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%network%loadbalancers%etcd%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%network%loadbalancers%k8smaster%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%network%loadbalancers%k8smaster%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%network%loadbalancers%k8smaster%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%network%loadbalancers%reverse-proxy%datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%network%loadbalancers%reverse-proxy%output.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%network%loadbalancers%reverse-proxy%variable.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%network%vcn%datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%network%vcn%natinstance.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%network%vcn%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%network%vcn%securitylists.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%network%vcn%subnets.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%network%vcn%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%network%vcn%vcn.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%provider.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%terraform.example.tfvars create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%tests%resources%configs%public-cluster.tfvars create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%tls%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%tls%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%tls%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-oci-cf-install%block.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-oci-cf-install%boshclivars.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-oci-cf-install%compute.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-oci-cf-install%datasources.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-oci-cf-install%identity.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-oci-cf-install%network.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-oci-cf-install%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-oci-cf-install%providers.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-oci-cf-install%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-opc-compute-instance%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-opc-compute-instance%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-opc-compute-instance%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-opc-ip-networks%main.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-opc-ip-networks%outputs.tf create mode 100644 example/real_world_stuff/oracle/oracle%terraform-opc-ip-networks%variables.tf create mode 100644 example/real_world_stuff/oracle/oracle%weblogic-kubernetes-operator%kubernetes%samples%scripts%terraform%cluster.tf create mode 100644 example/real_world_stuff/oracle/oracle%weblogic-kubernetes-operator%kubernetes%samples%scripts%terraform%kube_config.tf create mode 100644 example/real_world_stuff/oracle/oracle%weblogic-kubernetes-operator%kubernetes%samples%scripts%terraform%provider.tf create mode 100644 example/real_world_stuff/oracle/oracle%weblogic-kubernetes-operator%kubernetes%samples%scripts%terraform%template.tfvars create mode 100644 example/real_world_stuff/oracle/oracle%weblogic-kubernetes-operator%kubernetes%samples%scripts%terraform%vcn.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_alb%alb%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_alb%alb%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_alb%alb%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_alb%test%fixtures%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_alb%test%fixtures%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_alb%test%fixtures%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_asg%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_asg%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_asg%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_asg_elb%example%example.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_asg_elb%example%vars.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_asg_elb%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_asg_elb%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_asg_elb%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_aurora%kms.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_aurora%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_aurora%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_aurora%security_group.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_aurora%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_bastion_s3_keys%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_bastion_s3_keys%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_bastion_s3_keys%samples%ami.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_bastion_s3_keys%samples%iam_allow_associateaddress.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_bastion_s3_keys%samples%iam_s3_readonly.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_bastion_s3_keys%samples%s3_ssh_public_keys.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_bastion_s3_keys%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_bastion_s3_keys%versions.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_cloudfront%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_cloudfront%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_cloudfront%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_customer_gw%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_customer_gw%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_customer_gw%vars.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_ec2_instance%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_ec2_instance%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_ec2_instance%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_ecs%consul_agent.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_ecs%graceful_shutdown.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_ecs%iam.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_ecs%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_ecs%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_ecs%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_ecs_instance_draining_on_scale_in%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_ecs_instance_draining_on_scale_in%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_ecs_pganalyze%iam.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_ecs_pganalyze%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_ecs_pganalyze%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elasticache_redis%cloudwatch.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elasticache_redis%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elasticache_redis%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elasticache_redis%security_groups.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elasticache_redis%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elasticsearch%data.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elasticsearch%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elasticsearch%main_vpc.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elasticsearch%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elasticsearch%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elb%elb_http%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elb%elb_http%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elb%elb_http%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elb%elb_https%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elb%elb_https%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elb%elb_https%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_igw%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_lambda_scheduled%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_lambda_scheduled%output.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_lambda_scheduled%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_nat%iam.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_nat%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_nat%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_nat%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_openvpn%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_openvpn%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_openvpn%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_private_subnet_nat_gateway%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_public_subnet%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_puppet%agent%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_puppet%agent%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_puppet%agent%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_puppet%master%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_puppet%master%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_puppet%master%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_rds%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_rds%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_rds%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_redshift%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_redshift%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_redshift%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_carbon-relay-ng%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_carbon-relay-ng%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_carbon-relay-ng%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_cassandra%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_cassandra%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_cassandra%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_consul%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_consul%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_consul%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_default%output.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_default%sg_default.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_default%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_docker_swarm%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_docker_swarm%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_docker_swarm%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_elasticsearch%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_elasticsearch%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_elasticsearch%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_https_only%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_https_only%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_https_only%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_kafka%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_kafka%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_kafka%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_ldap%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_ldap%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_ldap%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_ldaps_only%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_ldaps_only%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_ldaps_only%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_memcached%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_memcached%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_memcached%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_mysql%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_mysql%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_mysql%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_nomad%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_nomad%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_nomad%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_openvpn%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_openvpn%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_openvpn%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_postgresql%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_postgresql%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_postgresql%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_redis%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_redis%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_redis%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_ssh%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_ssh%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_ssh%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_storm%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_storm%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_storm%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_web%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_web%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_web%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_zipkin%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_zipkin%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_zipkin%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_zookeeper%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_zookeeper%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_sg%sg_zookeeper%variables.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_ubuntu_ami%ebs%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_ubuntu_ami%instance-store%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_ubuntu_ami%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_vpc%main.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_vpc%outputs.tf create mode 100644 example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_vpc%variables.tf diff --git a/README.md b/README.md index 1a8eddd..af8c4ed 100644 --- a/README.md +++ b/README.md @@ -18,15 +18,16 @@ To run tests simply run `nix-shell --run 'tree-sitter test'`. ## Compliance -The directory `example/real_world_stuff` contains a corpus of hcl files that I found with the github query `language:HCL` for users `coreos` and `hashicorp` +The directory `example/real_world_stuff` contains a corpus of hcl files that I found with the github query `language:HCL` for users `coreos`, `hashicorp`, `oracle` and `terraform-community-modules`. Given that some language features are still missing ( see TODO ) there are some expected parse errors: ```bash -nix-shell --run 'tree-sitter parse --quiet --stat example/real_world_stuff/*/*' -... -... -Total parses: 1126; successful parses: 1110; failed parses: 16; success percentage: 98.58% +tree-sitter parse --quiet --stat example/real_world_stuff/*/* + +example/real_world_stuff/oracle/oracle%opengrok%opengrok-indexer%src%test%resources%analysis%terraform%sample.tf 1 ms (ERROR [205, 8] - [214, 1]) + +Total parses: 2015; successful parses: 2014; failed parses: 1; success percentage: 99.95% ``` @@ -40,6 +41,5 @@ The aim is to build unit testcases from selected failure classes and slowly get * [x] add quoted templates * [x] add quoted template interpolations * [ ] add quoted template directives - * [WIP] add heredoc templates - * support arbitary markers, at the moment for playground usage its only EOF + * [x] add heredoc templates diff --git a/example/real_world_stuff/oracle/oracle%bosh-oracle-cpi-release%ci%terraform%datasources.tf b/example/real_world_stuff/oracle/oracle%bosh-oracle-cpi-release%ci%terraform%datasources.tf new file mode 100644 index 0000000..b78c322 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%bosh-oracle-cpi-release%ci%terraform%datasources.tf @@ -0,0 +1,39 @@ +# Availability Domain +data "oci_identity_availability_domains" "ADs" { + compartment_id = "${var.oracle_tenancy_ocid}" + filter { + name = "name" + values = ["${var.director_ad}"] + } +} + +data "oci_identity_compartments" "Compartments" { + compartment_id = "${var.oracle_tenancy_ocid}" + filter { + name = "name" + values = ["${var.director_compartment_name}"] + } +} + +data "oci_core_virtual_networks" "VCNs" { + compartment_id = "${data.null_data_source.SetupConfig.inputs.compartment_id}" + filter { + name = "display_name" + values = ["${var.director_vcn}"] + } +} + +data "null_data_source" "SetupConfig" { + inputs = { + ad_name = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[0],"name")}" + compartment_id = "${lookup(data.oci_identity_compartments.Compartments.compartments[0],"id")}" + } +} + +data "null_data_source" "VCN" { + inputs = { + id = "${lookup(data.oci_core_virtual_networks.VCNs.virtual_networks[0], "id")}" + dhcp_options_id = "${lookup(data.oci_core_virtual_networks.VCNs.virtual_networks[0], "default_dhcp_options_id")}" + default_route_table_id = "${lookup(data.oci_core_virtual_networks.VCNs.virtual_networks[0], "default_route_table_id")}" + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%bosh-oracle-cpi-release%ci%terraform%network.tf b/example/real_world_stuff/oracle/oracle%bosh-oracle-cpi-release%ci%terraform%network.tf new file mode 100644 index 0000000..01dd510 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%bosh-oracle-cpi-release%ci%terraform%network.tf @@ -0,0 +1,57 @@ +/* +resource "oci_core_virtual_network" "VCN" { + cidr_block = "${var.vcn_cidr}" + compartment_id = "${data.null_data_source.SetupConfig.outputs["compartment_id"]}" + display_name = "${var.director_vcn}" +} +*/ + +resource "oci_core_security_list" "ci_public_all" { + compartment_id = "${data.null_data_source.SetupConfig.inputs.compartment_id}" + display_name = "ci_public_all" + vcn_id = "${data.null_data_source.VCN.inputs.id}" + egress_security_rules = [{ + protocol = "all" + destination = "0.0.0.0/0" + }] + ingress_security_rules = [{ + protocol = "all" + source = "0.0.0.0/0" + }] +} + +resource "oci_core_subnet" "director_subnet" { + availability_domain = "${data.null_data_source.SetupConfig.inputs.ad_name}" + cidr_block = "${var.director_subnet_cidr}" + display_name = "ci_director_subnet_${replace(data.null_data_source.SetupConfig.inputs.ad_name, "-", "_")}" + dhcp_options_id = "${data.null_data_source.VCN.inputs.dhcp_options_id}" + compartment_id = "${data.null_data_source.SetupConfig.inputs.compartment_id}" + vcn_id = "${data.null_data_source.VCN.inputs.id}" + route_table_id = "${data.null_data_source.VCN.inputs.default_route_table_id}" + security_list_ids = ["${oci_core_security_list.ci_public_all.id}"] + prohibit_public_ip_on_vnic = false +} + +resource "oci_core_subnet" "bats_subnet1" { + availability_domain = "${data.null_data_source.SetupConfig.inputs.ad_name}" + cidr_block = "${var.bats_subnet1_cidr}" + display_name = "ci_bats_subnet1_${replace(data.null_data_source.SetupConfig.inputs.ad_name, "-", "_")}" + dhcp_options_id = "${data.null_data_source.VCN.inputs.dhcp_options_id}" + compartment_id = "${data.null_data_source.SetupConfig.inputs.compartment_id}" + vcn_id = "${data.null_data_source.VCN.inputs.id}" + route_table_id = "${data.null_data_source.VCN.inputs.default_route_table_id}" + security_list_ids = ["${oci_core_security_list.ci_public_all.id}"] + prohibit_public_ip_on_vnic = false +} + +resource "oci_core_subnet" "bats_subnet2" { + availability_domain = "${data.null_data_source.SetupConfig.inputs.ad_name}" + cidr_block = "${var.bats_subnet2_cidr}" + display_name = "ci_bats_subnet2_${replace(data.null_data_source.SetupConfig.inputs.ad_name, "-", "_")}" + dhcp_options_id = "${data.null_data_source.VCN.inputs.dhcp_options_id}" + compartment_id = "${data.null_data_source.SetupConfig.inputs.compartment_id}" + vcn_id = "${data.null_data_source.VCN.inputs.id}" + route_table_id = "${data.null_data_source.VCN.inputs.default_route_table_id}" + security_list_ids = ["${oci_core_security_list.ci_public_all.id}"] + prohibit_public_ip_on_vnic = false +} diff --git a/example/real_world_stuff/oracle/oracle%bosh-oracle-cpi-release%ci%terraform%output.tf b/example/real_world_stuff/oracle/oracle%bosh-oracle-cpi-release%ci%terraform%output.tf new file mode 100644 index 0000000..8d879d5 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%bosh-oracle-cpi-release%ci%terraform%output.tf @@ -0,0 +1,95 @@ +output vcn { + value = "${var.director_vcn}" +} +output subnet_id { + value = "${oci_core_subnet.director_subnet.id}" + +} +output compartment_id { + value = "${oci_core_subnet.director_subnet.compartment_id}" +} + +output ad { + value = "${oci_core_subnet.director_subnet.availability_domain}" +} + +output subnet_name { + value = "${oci_core_subnet.director_subnet.display_name}" +} +output subnet_cidr { + value = "${oci_core_subnet.director_subnet.cidr_block}" +} + +output subnet_gw { + value = "${cidrhost(oci_core_subnet.director_subnet.cidr_block, 1)}" +} + +output subnet_first_ip { + value = "${cidrhost(oci_core_subnet.director_subnet.cidr_block, 2)}" +} + +output bats_subnet1_name { + value = "${oci_core_subnet.bats_subnet1.display_name}" +} + +output bats_subnet1_cidr { + value = "${oci_core_subnet.bats_subnet1.cidr_block}" +} + +output bats_subnet1_gw { + value ="${cidrhost(oci_core_subnet.bats_subnet1.cidr_block, 1)}" +} + +output bats_subnet1_reserved { + value = "${cidrhost(oci_core_subnet.bats_subnet1.cidr_block, 2)} - ${cidrhost(oci_core_subnet.bats_subnet1.cidr_block, 9)}" +} + +output bats_subnet1_static { + value = "${cidrhost(oci_core_subnet.bats_subnet1.cidr_block, 10)} - ${cidrhost(oci_core_subnet.bats_subnet1.cidr_block, 30)}" +} + +output bats_subnet1_static_ip { + value = "${cidrhost(oci_core_subnet.bats_subnet1.cidr_block, 30)}" +} + +output bats_subnet2_name { + value = "${oci_core_subnet.bats_subnet2.display_name}" +} + +output bats_subnet2_cidr { + value = "${oci_core_subnet.bats_subnet2.cidr_block}" +} + +output bats_subnet2_gw { + value ="${cidrhost(oci_core_subnet.bats_subnet2.cidr_block, 1)}" +} + +output bats_subnet2_reserved { + value = "${cidrhost(oci_core_subnet.bats_subnet2.cidr_block, 2)} - ${cidrhost(oci_core_subnet.bats_subnet2.cidr_block, 9)}" +} + +output bats_subnet2_static { + value = "${cidrhost(oci_core_subnet.bats_subnet2.cidr_block, 10)} - ${cidrhost(oci_core_subnet.bats_subnet2.cidr_block, 30)}" +} + +output bats_subnet2_static_ip { + value = "${cidrhost(oci_core_subnet.bats_subnet2.cidr_block, 30)}" +} + +/* +output director_subnet { + value = <> /etc/fstab'", + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%app%app.init.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%app%app.init.tf new file mode 100644 index 0000000..895b956 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%app%app.init.tf @@ -0,0 +1,70 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +resource "null_resource" "remote-exec" { + count = "${var.app_instance_count}" + + depends_on = ["oci_core_instance.jdeapp", + "oci_core_volume.app_block", + "oci_core_volume_attachment.app_block_attach", + ] + provisioner "remote-exec" { + connection { + agent = false + timeout = "30m" + host = "${oci_core_instance.jdeapp.*.private_ip[count.index % var.app_instance_count]}" + user = "opc" + private_key = "${file(var.app_ssh_private_key)}" + bastion_host = "${var.bastion_public_ip}" + bastion_port = "22" + bastion_user = "opc" + bastion_private_key = "${file(var.bastion_ssh_private_key)}" + } + + inline = [ + "sudo mkdir -p /u01/jde_tf/${var.init_dir_name}", + "sudo chmod -R 777 /u01/jde_tf/${var.init_dir_name}", + ] + } + + provisioner "file" { + connection { + agent = false + timeout = "30m" + host = "${oci_core_instance.jdeapp.*.private_ip[count.index % var.app_instance_count]}" + user = "opc" + private_key = "${file(var.app_ssh_private_key)}" + bastion_host = "${var.bastion_public_ip}" + bastion_port = "22" + bastion_user = "opc" + bastion_private_key = "${file(var.bastion_ssh_private_key)}" + } + + source = "../modules/userdata/${var.init_dir_name}/" + destination = "/u01/jde_tf/${var.init_dir_name}" + } + + provisioner "remote-exec" { + connection { + agent = false + timeout = "30m" + host = "${oci_core_instance.jdeapp.*.private_ip[count.index % var.app_instance_count]}" + user = "opc" + private_key = "${file(var.app_ssh_private_key)}" + bastion_host = "${var.bastion_public_ip}" + bastion_port = "22" + bastion_user = "opc" + bastion_private_key = "${file(var.bastion_ssh_private_key)}" + } + + inline = [ + "sudo chmod -R 755 /u01/jde_tf/${var.init_dir_name}", + "sudo setenforce 0", + "sudo cd /u01/jde_tf/${var.init_dir_name}", + "if [ -f /u01/jde_tf/${var.init_dir_name}/JDE_OCProv_*.tgz ]; then sudo tar -xvf /u01/jde_tf/${var.init_dir_name}/JDE_OCProv_*.tgz --directory /u01/; fi", + "sudo chmod 770 /u01", + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%app%app.outputs.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%app%app.outputs.tf new file mode 100644 index 0000000..1450522 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%app%app.outputs.tf @@ -0,0 +1,12 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +output "PrvIPs" { + value = ["${oci_core_instance.jdeapp.*.private_ip}"] +} + +output "HostNames" { + value = ["${oci_core_instance.jdeapp.*.display_name}"] +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%app%app.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%app%app.tf new file mode 100644 index 0000000..aaf41eb --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%app%app.tf @@ -0,0 +1,29 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +resource "oci_core_instance" "jdeapp" { + count = "${var.app_instance_count}" + availability_domain = "${element(var.availability_domain, count.index)}" + compartment_id = "${var.compartment_ocid}" + display_name = "${var.app_hostname_prefix}${count.index+1}" + shape = "${var.app_instance_shape}" + fault_domain = "${element(var.fault_domain, count.index)}" + + create_vnic_details { + subnet_id = "${element(var.app_subnet, count.index)}" + display_name = "${var.app_hostname_prefix}${count.index+1}" + assign_public_ip = false + hostname_label = "${var.app_hostname_prefix}${count.index+1}" + } + + source_details { + source_type = "image" + source_id = "${var.app_image}" + } + + metadata { + ssh_authorized_keys = "${file(var.app_ssh_public_key)}" + } +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%app%app.variables.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%app%app.variables.tf new file mode 100644 index 0000000..4bf4cb8 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%app%app.variables.tf @@ -0,0 +1,58 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +variable "compartment_ocid" { + description = "Compartment name" +} + +variable "app_instance_count" {} + +variable "app_instance_shape" {} + +variable "app_hostname_prefix" { + description = "Host name" +} + +variable "app_image" { + description = "OS Image" +} + +variable "app_ssh_private_key" { + description = "SSH key" +} + +variable "app_ssh_public_key" { + description = "SSH key" +} + +variable "app_subnet" { + type = "list" + description = "subnet" +} + +variable "availability_domain" { + type = "list" +} + +variable "fault_domain" { + description = "Fault Domain" + type = "list" +} + +variable "AD" { + type = "list" +} + +variable "bastion_public_ip" { + type = "string" +} + +variable "bastion_ssh_private_key" {} + +variable "app_block_size" {} + +variable "unix_mount_directory" {} + +variable "init_dir_name" {} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%db%db.dbsystem.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%db%db.dbsystem.tf new file mode 100644 index 0000000..c276f6e --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%db%db.dbsystem.tf @@ -0,0 +1,34 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +resource "oci_database_db_system" "jdedb" { + count = var.db_count + compartment_id = var.compartment_ocid + availability_domain = element(var.availability_domain, count.index) + #cpu_core_count = "${lookup(data.oci_database_db_system_shapes.db_system_shapes.db_system_shapes[0], "minimum_core_count")}" + database_edition = var.db_edition + + db_home { + database = { + "admin_password" = "${var.db_admin_password}" + "db_name" = "${var.db_name}" + "character_set" = "${var.db_characterset}" + "ncharacter_set" = "${var.db_nls_characterset}" + "db_workload" = "${var.db_workload}" + "pdb_name" = "${var.db_pdb_name}" + } + db_version = var.db_version + display_name = var.db_name + } + shape = var.db_instance_shape + node_count = var.db_node_count + data_storage_size_in_gb = var.db_size_in_gb + license_model = var.db_license_model + disk_redundancy = var.db_disk_redundancy + subnet_id = element(var.db_subnet, count.index) + ssh_public_keys = ["${trimspace(file("${var.db_ssh_public_key}"))}"] + display_name = "${var.db_hostname_prefix}${count.index + 1}" + hostname = "${var.db_hostname_prefix}${count.index + 1}" +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%db%db.outputs.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%db%db.outputs.tf new file mode 100644 index 0000000..8bc56eb --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%db%db.outputs.tf @@ -0,0 +1,8 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +output "DBNodeHostname" { + value = ["${oci_database_db_system.jdedb.*.display_name}"] +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%db%db.variables.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%db%db.variables.tf new file mode 100644 index 0000000..ad1d11e --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%db%db.variables.tf @@ -0,0 +1,73 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +variable "compartment_ocid" {} + +variable "db_subnet" { + type="list" +} +variable "availability_domain" { + type = "list" +} + +# DBSystem specific +#variable "db_cpucorecount" {} + +variable "db_edition" {} + +variable "db_admin_password" {} + +variable "db_name" {} + +variable "db_version" {} + +variable "db_disk_redundancy" { + description = "Database disk redundancy for Bare Metal DB System" + default="NORMAL" +} + +variable "db_hostname_prefix" {} +variable "db_instance_shape" {} + +variable "db_ssh_public_key" {} + +variable "db_ssh_private_key" {} + +variable "db_count" {} + +variable "db_nls_characterset" { + default = "AL16UTF16" +} + +variable "db_characterset" { + default = "AL32UTF8" +} + +variable "db_workload" { + default = "OLTP" +} + +variable "db_pdb_name" { + default = "pdbName" +} + +variable "db_size_in_gb" { + default = "256" +} + +variable "db_license_model" { + default = "LICENSE_INCLUDED" +} + +variable "db_node_count" { + default = "1" +} +variable "init_dir_name" {} + +variable "bastion_public_ip" { + type = "string" +} + +variable "bastion_ssh_private_key" {} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%dns%dns.datasources.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%dns%dns.datasources.tf new file mode 100644 index 0000000..afdbc47 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%dns%dns.datasources.tf @@ -0,0 +1,21 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +data "oci_dns_zones" "zs" { + compartment_id = "${var.compartment_ocid}" + name = "${var.dns_server_zone_name}" + #name_contains = "${var.dns_server_zone_name}" + state = "ACTIVE" + sort_by = "name" # name|zoneType|timeCreated + sort_order = "DESC" # ASC|DESC +} + +data "oci_dns_records" "rs" { + zone_name_or_id = "${oci_dns_zone.jde_zone.name}" + + # optional + compartment_id = "${var.compartment_ocid}" + domain = "${var.dns_server_zone_name}" +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%dns%dns.main.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%dns%dns.main.tf new file mode 100644 index 0000000..09a1eb5 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%dns%dns.main.tf @@ -0,0 +1,37 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +resource "oci_dns_zone" "jde_zone" { + compartment_id = "${var.compartment_ocid}" + name = "${var.dns_server_zone_name}" + zone_type = "PRIMARY" +} + +resource "oci_dns_record" "batch_alias" { + count = "2" + zone_name_or_id = "${oci_dns_zone.jde_zone.name}" + domain = "${var.batch_alias}.${oci_dns_zone.jde_zone.name}" + rtype = "A" + rdata = "${element(flatten(var.batch_rdata), count.index)}" + ttl = 300 +} + +resource "oci_dns_record" "logic_alias" { + count = "2" + zone_name_or_id = "${oci_dns_zone.jde_zone.name}" + domain = "${var.logic_alias}.${oci_dns_zone.jde_zone.name}" + rtype = "A" + rdata = "${element(flatten(var.logic_rdata), count.index)}" + ttl = 300 +} + +resource "oci_dns_record" "web_alias" { + count = "2" + zone_name_or_id = "${var.dns_server_zone_name}" + domain = "${var.web_alias}.${oci_dns_zone.jde_zone.name}" + rtype = "A" + rdata = "${element(flatten(var.web_rdata), count.index)}" + ttl = 300 +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%dns%dns.outputs.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%dns%dns.outputs.tf new file mode 100644 index 0000000..961ac56 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%dns%dns.outputs.tf @@ -0,0 +1,12 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +output "zones" { + value = "${data.oci_dns_zones.zs.zones}" +} + +output "records" { + value = "${data.oci_dns_records.rs.records}" +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%dns%dns.variables.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%dns%dns.variables.tf new file mode 100644 index 0000000..e5ffb0b --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%dns%dns.variables.tf @@ -0,0 +1,34 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +variable "compartment_ocid" { +} + +variable "dns_server_zone_name" { +} + +variable "batch_alias" { + default = "batch" +} + +variable "logic_alias" { + default = "logic" +} + +variable "web_alias" { + default = "web" +} + +variable "batch_rdata" { + type = "list" +} + +variable "logic_rdata" { + type = "list" +} + +variable "web_rdata" { + type = "list" +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%lbaas%lbaas.outputs.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%lbaas%lbaas.outputs.tf new file mode 100644 index 0000000..e512652 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%lbaas%lbaas.outputs.tf @@ -0,0 +1,11 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +output "lb_private_ip" { + value = ["${oci_load_balancer.lb.*.ip_addresses}"] +} +output "lb_id" { + value = ["${oci_load_balancer.lb.*.id}"] +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%lbaas%lbaas.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%lbaas%lbaas.tf new file mode 100644 index 0000000..57e8dd2 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%lbaas%lbaas.tf @@ -0,0 +1,99 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + + +/* Load Balancer */ +resource "oci_load_balancer" "lb" { + shape = "100Mbps" + count = "${length(var.load_balancer_subnet)}" + compartment_id = "${var.compartment_ocid}" + subnet_ids = ["${element(var.load_balancer_subnet, count.index)}"] + display_name = "${var.load_balancer_name}${count.index+1}" + is_private = "True" +} + +resource "oci_load_balancer_backend_set" "lb1-bes" { + count = "${length(var.load_balancer_listen_port)}" + name = "lb1-bes${count.index + 1}" + load_balancer_id = "${element(oci_load_balancer.lb.*.id, 0)}" + policy = "ROUND_ROBIN" + + health_checker { + port = "0" + protocol = "TCP" + response_body_regex = ".*" + } + session_persistence_configuration { + cookie_name = "*" + #disable_fallback = true + } +} + +resource "oci_load_balancer_backend_set" "lb2-bes" { + count = "${length(var.load_balancer_listen_port)}" + name = "lb2-bes${count.index + 1}" + load_balancer_id = "${element(oci_load_balancer.lb.*.id, 1)}" + policy = "ROUND_ROBIN" + + health_checker { + port = "0" + protocol = "TCP" + response_body_regex = ".*" + } + session_persistence_configuration { + cookie_name = "*" + #disable_fallback = true + } +} + +# Backends for LB 1. +resource "oci_load_balancer_backend" "lb1-be" { + count = "${var.app_instance_count * length(var.load_balancer_listen_port)}" + load_balancer_id = "${element(oci_load_balancer.lb.*.id, 0)}" + backendset_name = "${element(oci_load_balancer_backend_set.lb1-bes.*.name, count.index % length(var.load_balancer_listen_port))}" + ip_address = "${element(var.be1_ip_address1, count.index / length(var.load_balancer_listen_port))}" + port = "${element(var.load_balancer_listen_port, count.index % length(var.load_balancer_listen_port))}" + backup = false + drain = false + offline = false + weight = 1 +} + +# Backends for LB 2 +resource "oci_load_balancer_backend" "lb2-be" { + count = "${var.app_instance_count * length(var.load_balancer_listen_port)}" + load_balancer_id = "${element(oci_load_balancer.lb.*.id, 1)}" + backendset_name = "${element(oci_load_balancer_backend_set.lb2-bes.*.name, count.index % length(var.load_balancer_listen_port))}" + ip_address = "${element(var.be1_ip_address1, count.index / length(var.load_balancer_listen_port))}" + port = "${element(var.load_balancer_listen_port, count.index % length(var.load_balancer_listen_port))}" + backup = false + drain = false + offline = false + weight = 1 +} + +resource "oci_load_balancer_listener" "jdelb-listener1" { + count = "${length(var.load_balancer_listen_port)}" + load_balancer_id = "${element(oci_load_balancer.lb.*.id, 0)}" + name = "${var.load_balancer_name}-lsnr${count.index + 1}" + default_backend_set_name = "${element(oci_load_balancer_backend_set.lb1-bes.*.name, count.index)}" + port = "${element(var.load_balancer_listen_port, count.index)}" + protocol = "${var.load_balancer_protocol}" + connection_configuration { + idle_timeout_in_seconds = "300" + } +} + +resource "oci_load_balancer_listener" "jdelb-listener2" { + count = "${length(var.load_balancer_listen_port)}" + load_balancer_id = "${element(oci_load_balancer.lb.*.id, 1)}" + name = "${var.load_balancer_name}-lsnr${count.index + 1}" + default_backend_set_name = "${element(oci_load_balancer_backend_set.lb2-bes.*.name, count.index)}" + port = "${element(var.load_balancer_listen_port, count.index)}" + protocol = "${var.load_balancer_protocol}" + connection_configuration { + idle_timeout_in_seconds = "300" + } +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%lbaas%lbaas.variables.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%lbaas%lbaas.variables.tf new file mode 100644 index 0000000..7f5e848 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%lbaas%lbaas.variables.tf @@ -0,0 +1,41 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +variable "compartment_ocid" {} + +variable "be1_ip_address1" { + type="list" +} + +variable "app_instance_count" {} + +variable "load_balancer_count" {} + +variable "load_balancer_private" { + default = "True" +} + +variable "load_balancer_name" { +} + +variable "load_balancer_shape" { + default = "100Mbps" +} + +variable "load_balancer_protocol" {} + +variable "load_balancer_subnet" { + type = "list" +} + +variable "load_balancer_listen_port" { + type = "list" + default= ["6017", "6018", "6019", "6020", "6021", "6022"] +} + +variable "app_instance_listen_port" { + type = "list" + default= ["6017", "6018", "6019", "6020", "6021", "6022"] +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%win%win.outputs.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%win%win.outputs.tf new file mode 100644 index 0000000..e94764f --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%win%win.outputs.tf @@ -0,0 +1,11 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + +output "PrvIPs" { + value = ["${oci_core_instance.jdeapp.*.private_ip}"] +} + +output "HostNames" { + value = ["${oci_core_instance.jdeapp.*.display_name}"] +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%win%win.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%win%win.tf new file mode 100644 index 0000000..6d74fd9 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%win%win.tf @@ -0,0 +1,27 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +resource "oci_core_instance" "jdeapp" { + count = "${var.app_instance_count}" + availability_domain = "${element(var.availability_domain, count.index)}" + compartment_id = "${var.compartment_ocid}" + display_name = "${var.app_hostname_prefix}${count.index+1}" + shape = "${var.app_instance_shape}" + fault_domain = "${element(var.fault_domain, count.index)}" + + create_vnic_details { + subnet_id = "${element(var.app_subnet, count.index)}" + display_name = "${var.app_hostname_prefix}${count.index+1}" + assign_public_ip = false + hostname_label = "${var.app_hostname_prefix}${count.index+1}" + } + + source_details { + source_type = "image" + source_id = "${var.app_image}" + } + + metadata {} +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%win%win.variables.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%win%win.variables.tf new file mode 100644 index 0000000..ee57742 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%modules%win%win.variables.tf @@ -0,0 +1,38 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +variable "compartment_ocid" { + description = "Compartment name" +} + +variable "app_instance_count" {} + +variable "app_instance_shape" {} + +variable "app_hostname_prefix" { + description = "Host name" +} + +variable "app_image" { + description = "OS Image" +} + +variable "app_subnet" { + type = "list" + description = "subnet" +} + +variable "availability_domain" { + type = "list" +} + +variable "fault_domain" { + description = "Fault Domain" + type = "list" +} + +variable "AD" { + type = "list" +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%nonpd%nonpd.datasources.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%nonpd%nonpd.datasources.tf new file mode 100644 index 0000000..6153698 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%nonpd%nonpd.datasources.tf @@ -0,0 +1,48 @@ +# Gets a list of Availability Domains +data "oci_identity_availability_domains" "ADs" { + compartment_id = "${var.tenancy_ocid}" +} + +# Gets a list of all Oracle Linux 6.9 images that support a given Instance shape +data "oci_core_images" "InstanceImageOCID" { + compartment_id = "${var.tenancy_ocid}" + operating_system = "${var.InstanceOS}" + operating_system_version = "${var.linux_os_version}" + filter { + name = "display_name" + values = ["^.*Oracle[^G]*$"] + regex = true + } +} + +data "oci_core_images" "WinInstanceImageOCID" { + compartment_id = "${var.tenancy_ocid}" + operating_system = "${var.WinInstanceOS}" + operating_system_version = "${var.WinInstanceOSVersion}" +} + +data "template_file" "user_ad" { + count = "${length(var.AD)}" + template = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[var.AD[count.index] - 1], "name")}" +} + +# Gets name of Fault Domains + +data "oci_identity_fault_domains" "fds" { + count = "${length(var.AD)}" + availability_domain = "${element(data.template_file.user_ad.*.rendered, count.index)}" + compartment_id = "${var.compartment_ocid}" +} + +locals { + fds = "${flatten(concat(data.oci_identity_fault_domains.fds.*.fault_domains))}" + fd_per_ad = 3 +} + +data "template_file" "deployment_fd" { + template = "$${name}" + count = "${length(var.AD) * (local.fd_per_ad) }" + vars = { + name = "${lookup(local.fds[count.index], "name")}" + } +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%nonpd%nonpd.main.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%nonpd%nonpd.main.tf new file mode 100644 index 0000000..8768a8f --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%nonpd%nonpd.main.tf @@ -0,0 +1,132 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +module "create_wls" { + source = "../modules/app" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.user_ad.*.rendered}"] + fault_domain = ["${sort(data.template_file.deployment_fd.*.rendered)}"] + app_instance_count = "${var.wls_instance_count}" + app_hostname_prefix = "${var.env_prefix}wls" + app_image = "${data.oci_core_images.InstanceImageOCID.images.0.id}" + app_instance_shape = "${var.wls_instance_shape}" + app_subnet = ["${var.psntsubid}"] + app_ssh_public_key = "${var.ssh_public_key}" + app_ssh_private_key = "${var.ssh_private_key}" + bastion_ssh_private_key = "${var.bastion_ssh_private_key}" + bastion_public_ip = "${var.bastion_public_ip}" + unix_mount_directory = "${var.unix_mount_directory}" + init_dir_name = "web" + app_block_size = "${var.wls_bv_size}" +} + +module "create_logic" { + source = "../modules/app" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.user_ad.*.rendered}"] + fault_domain = ["${sort(data.template_file.deployment_fd.*.rendered)}"] + app_instance_count = "${var.logic_instance_count}" + app_hostname_prefix = "${var.env_prefix}es" + app_image = "${data.oci_core_images.InstanceImageOCID.images.0.id}" + app_instance_shape = "${var.logic_instance_shape}" + app_subnet = ["${var.midsubid}"] + app_ssh_public_key = "${var.ssh_public_key}" + app_ssh_private_key = "${var.ssh_private_key}" + bastion_public_ip = "${var.bastion_public_ip}" + bastion_ssh_private_key = "${var.bastion_ssh_private_key}" + unix_mount_directory = "${var.unix_mount_directory}" + init_dir_name = "ent" + app_block_size = "${var.logic_bv_size}" +} + +module "create_batch" { + source = "../modules/app" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.user_ad.*.rendered}"] + fault_domain = ["${sort(data.template_file.deployment_fd.*.rendered)}"] + app_instance_count = "${var.batch_instance_count}" + app_hostname_prefix = "${var.env_prefix}batch" + app_image = "${data.oci_core_images.InstanceImageOCID.images.0.id}" + app_instance_shape = "${var.batch_instance_shape}" + app_subnet = ["${var.midsubid}"] + app_ssh_public_key = "${var.ssh_public_key}" + app_ssh_private_key = "${var.ssh_private_key}" + bastion_public_ip = "${var.bastion_public_ip}" + bastion_ssh_private_key = "${var.bastion_ssh_private_key}" + unix_mount_directory = "${var.unix_mount_directory}" + init_dir_name = "ent" + app_block_size = "${var.batch_bv_size}" +} + +module "create_sm" { + source = "../modules/app" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.user_ad.*.rendered}"] + fault_domain = ["${sort(data.template_file.deployment_fd.*.rendered)}"] + app_instance_count = "${var.sm_instance_count}" + app_hostname_prefix = "${var.env_prefix}smc" + app_image = "${data.oci_core_images.InstanceImageOCID.images.0.id}" + app_instance_shape = "${var.sm_instance_shape}" + app_subnet = ["${var.adminsubid}"] + app_ssh_public_key = "${var.ssh_public_key}" + app_ssh_private_key = "${var.ssh_private_key}" + bastion_public_ip = "${var.bastion_public_ip}" + bastion_ssh_private_key = "${var.bastion_ssh_private_key}" + unix_mount_directory = "${var.unix_mount_directory}" + init_dir_name = "sm" + app_block_size = "${var.sm_bv_size}" +} + +module "create_depsvr" { + source = "../modules/win" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.user_ad.*.rendered}"] + fault_domain = ["${sort(data.template_file.deployment_fd.*.rendered)}"] + app_instance_count = "${var.dep_instance_count}" + app_hostname_prefix = "${var.env_prefix}dep" + app_image = "${data.oci_core_images.WinInstanceImageOCID.images.0.id}" + app_instance_shape = "${var.dep_instance_shape}" + app_subnet = ["${var.adminsubid}"] +} + +# Module to create Database +module "create_db" { + source = "../modules/db" + + compartment_ocid = "${var.compartment_ocid}" + availability_domain = ["${data.template_file.user_ad.*.rendered}"] + db_count = "${var.db_count}" + #db_cpucorecount = "${var.db_cpucorecount}" + db_edition = "${var.db_edition}" + db_instance_shape = "${var.db_instance_shape}" + db_node_count = "${var.db_node_count}" + db_hostname_prefix = "${var.env_prefix}db" + db_size_in_gb = "${var.db_size_in_gb}" + db_license_model = "${var.db_license_model}" + db_subnet = ["${var.dbsubid}"] + db_ssh_public_key = "${var.ssh_public_key}" + db_admin_password = "${var.db_admin_password}" + db_name = "${var.db_name}" + db_characterset = "${var.db_characterset}" + db_nls_characterset = "${var.db_nls_characterset}" + #db_workload = "${var.db_workload}" + db_version = "${var.db_version}" + #db_disk_redundancy = "${var.db_disk_redundancy}" + db_pdb_name = "${var.db_pdb_name}" + init_dir_name = "db" + db_ssh_private_key = "${var.ssh_private_key}" + bastion_public_ip = "${var.bastion_public_ip}" + bastion_ssh_private_key = "${var.bastion_ssh_private_key}" +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%nonpd%nonpd.outputs.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%nonpd%nonpd.outputs.tf new file mode 100644 index 0000000..aecc1c6 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%nonpd%nonpd.outputs.tf @@ -0,0 +1,48 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +output "WLShostNames" { +value = ["${module.create_wls.HostNames}"] +} + +output "WLSPrivateIPs" { +value = ["${module.create_wls.PrvIPs}"] +} + +output "LogicPrivateIPs" { +value = ["${module.create_logic.PrvIPs}"] +} + +output "LogichostNames" { +value = ["${module.create_logic.HostNames}"] +} + +output "BatchPrivateIPs" { +value = ["${module.create_batch.PrvIPs}"] +} + +output "BatchhostNames" { +value = ["${module.create_batch.HostNames}"] +} + +output "SMPrivateIPs" { +value = ["${module.create_sm.PrvIPs}"] +} + +output "SMhostNames" { +value = ["${module.create_sm.HostNames}"] +} + +output "DepPrivateIP" { +value = ["${module.create_depsvr.PrvIPs}"] +} + +output "DephostName" { +value = ["${module.create_depsvr.HostNames}"] +} + +output "DBhostNames" { +value = ["${module.create_db.DBNodeHostname}"] +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%nonpd%nonpd.provider.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%nonpd%nonpd.provider.tf new file mode 100644 index 0000000..b2e39ec --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%nonpd%nonpd.provider.tf @@ -0,0 +1,20 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + +# Terraform version + +terraform { + required_version = ">= 0.11.8" +} + +# Oracle Cloud Infrastructure (OCI) Provider + +provider "oci" { + version = "=3.5.0" + tenancy_ocid = "${var.tenancy_ocid}" + user_ocid = "${var.user_ocid}" + fingerprint = "${var.fingerprint}" + private_key_path = "${var.private_key_path}" + region = "${var.region}" + } \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%nonpd%nonpd.variables.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%nonpd%nonpd.variables.tf new file mode 100644 index 0000000..7ba5165 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%nonpd%nonpd.variables.tf @@ -0,0 +1,137 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +variable "tenancy_ocid" {} + +variable "region" {} + +variable "compartment_ocid" {} + +variable "AD" { + type = "list" +} + +variable "user_ocid" {} + +variable "fingerprint" {} + +variable "private_key_path" {} + +variable "ssh_public_key" {} + +variable "ssh_private_key" {} + +variable "bastion_ssh_private_key" {} + +variable "InstanceOS" { + description = "Operating system for compute instances" + default = "Oracle Linux" +} + +variable "linux_os_version" { + description = "Operating system version for all compute instances except NAT" + default = "7.5" +} + +variable "WinInstanceOS" { + description = "Operating system for compute instances" + default = "Windows" +} + +variable "WinInstanceOSVersion" { + description = "Operating system version for all compute instances except NAT" + default = "Server 2016 Standard" +} + +# JDE DB Server Specfic +variable "db_count" {} + +#variable "db_cpucorecount" {} + +variable "db_edition" {} + +variable "db_instance_shape" {} + +variable "db_node_count" {} + + +variable "db_size_in_gb" { + default = "256" +} + +variable "db_license_model" {} + +variable "db_admin_password" {} + +variable "db_name" {} + +variable "db_characterset" {} + +variable "db_nls_characterset" {} + +variable "db_workload" { + default="OLTP" +} + +variable "db_version" {} + +variable "db_pdb_name" {} + +variable "db_disk_redundancy" { + default="NORMAL" +} + +variable "env_prefix" { +} + +variable "unix_mount_directory" { + default = "//u01" +} + +variable "logic_instance_count" {} + +variable "logic_instance_shape" {} + +variable "batch_instance_count" {} + +variable "batch_instance_shape" {} + +variable "wls_instance_count" {} + +variable "wls_instance_shape" {} + +variable "sm_instance_shape" {} + +variable "sm_instance_count" {} + +variable "dep_instance_shape" {} + +variable "dep_instance_count" {} + +variable "psntsubid" { + type= "list" +} + +variable "midsubid" { + type= "list" +} + +variable "adminsubid" { + type= "list" +} + +variable "dbsubid" { + type= "list" +} + +variable "bastion_public_ip" {} + +variable "wls_bv_size" {} + +variable "logic_bv_size" {} + +variable "batch_bv_size" {} + +variable "sm_bv_size" {} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%pd%pd.datasources.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%pd%pd.datasources.tf new file mode 100644 index 0000000..73e83ab --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%pd%pd.datasources.tf @@ -0,0 +1,55 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +# Get list of Availability Domains +data "oci_identity_availability_domains" "ADs" { + compartment_id = "${var.tenancy_ocid}" +} + +# Get name of Availability Domains +data "template_file" "deployment_ad" { + count = "${length(var.AD)}" + template = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[var.AD[count.index] - 1], "name")}" +} + +# Get list of Fault Domains +data "oci_identity_fault_domains" "fds" { + count = "${length(var.AD)}" + availability_domain = "${element(data.template_file.deployment_ad.*.rendered, count.index)}" + compartment_id = "${var.compartment_ocid}" +} + +locals { + fds = "${flatten(concat(data.oci_identity_fault_domains.fds.*.fault_domains))}" + faultdomains_per_ad = 3 +} + +# Get name of Fault Domains +data "template_file" "deployment_fd" { + template = "$${name}" + count = "${length(var.AD) * (local.faultdomains_per_ad) }" + vars = { + name = "${lookup(local.fds[count.index], "name")}" + } +} + +# Get latest Oracle Linux image +data "oci_core_images" "InstanceImageOCID" { + compartment_id = "${var.tenancy_ocid}" + operating_system = "${var.InstanceOS}" + operating_system_version = "${var.linux_os_version}" + filter { + name = "display_name" + values = ["^.*Oracle[^G]*$"] + regex = true + } +} + +# Get latest Windows image +data "oci_core_images" "WinInstanceImageOCID" { + compartment_id = "${var.tenancy_ocid}" + operating_system = "${var.WinInstanceOS}" + operating_system_version = "${var.WinInstanceOSVersion}" +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%pd%pd.main.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%pd%pd.main.tf new file mode 100644 index 0000000..c1d088c --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%pd%pd.main.tf @@ -0,0 +1,178 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +module "create_wls" { + source = "../modules/app" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.deployment_ad.*.rendered}"] + fault_domain = ["${sort(data.template_file.deployment_fd.*.rendered)}"] + app_instance_count = "${var.wls_instance_count}" + app_hostname_prefix = "${var.env_prefix}wls" #"${substr(var.region, 3, 3)}" + app_image = "${data.oci_core_images.InstanceImageOCID.images.0.id}" + app_instance_shape = "${var.wls_instance_shape}" + app_subnet = ["${var.psntsubid}"] + app_ssh_public_key = "${var.ssh_public_key}" + app_ssh_private_key = "${var.ssh_private_key}" + bastion_ssh_private_key = "${var.bastion_ssh_private_key}" + bastion_public_ip = "${var.bastion_public_ip}" + unix_mount_directory = "${var.unix_mount_directory}" + init_dir_name = "web" + app_block_size = "${var.wls_bv_size}" +} + +module "create_logic" { + source = "../modules/app" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.deployment_ad.*.rendered}"] + fault_domain = ["${sort(data.template_file.deployment_fd.*.rendered)}"] + app_instance_count = "${var.logic_instance_count}" + app_hostname_prefix = "${var.env_prefix}logic"#"${substr(var.region, 3, 3)}" + app_image = "${data.oci_core_images.InstanceImageOCID.images.0.id}" + app_instance_shape = "${var.logic_instance_shape}" + app_subnet = ["${var.midsubid}"] + app_ssh_public_key = "${var.ssh_public_key}" + app_ssh_private_key = "${var.ssh_private_key}" + bastion_public_ip = "${var.bastion_public_ip}" + bastion_ssh_private_key = "${var.bastion_ssh_private_key}" + unix_mount_directory = "${var.unix_mount_directory}" + init_dir_name = "ent" + app_block_size = "${var.logic_bv_size}" +} + +module "create_batch" { + source = "../modules/app" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.deployment_ad.*.rendered}"] + fault_domain = ["${sort(data.template_file.deployment_fd.*.rendered)}"] + app_instance_count = "${var.batch_instance_count}" + app_hostname_prefix = "${var.env_prefix}batch"#"${substr(var.region, 3, 3)}" + app_image = "${data.oci_core_images.InstanceImageOCID.images.0.id}" + app_instance_shape = "${var.batch_instance_shape}" + app_subnet = ["${var.midsubid}"] + app_ssh_public_key = "${var.ssh_public_key}" + app_ssh_private_key = "${var.ssh_private_key}" + bastion_public_ip = "${var.bastion_public_ip}" + bastion_ssh_private_key = "${var.bastion_ssh_private_key}" + unix_mount_directory = "${var.unix_mount_directory}" + init_dir_name = "ent" + app_block_size = "${var.batch_bv_size}" +} + +module "create_sm" { + source = "../modules/app" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.deployment_ad.*.rendered}"] + fault_domain = ["${sort(data.template_file.deployment_fd.*.rendered)}"] + app_instance_count = "${var.sm_instance_count}" + app_hostname_prefix = "${var.env_prefix}smc"#"${substr(var.region, 3, 3)}" + app_image = "${data.oci_core_images.InstanceImageOCID.images.0.id}" + app_instance_shape = "${var.sm_instance_shape}" + app_subnet = ["${var.adminsubid}"] + app_ssh_public_key = "${var.ssh_public_key}" + app_ssh_private_key = "${var.ssh_private_key}" + bastion_public_ip = "${var.bastion_public_ip}" + bastion_ssh_private_key = "${var.bastion_ssh_private_key}" + unix_mount_directory = "${var.unix_mount_directory}" + init_dir_name = "sm" + app_block_size = "${var.sm_bv_size}" +} + +module "create_depsvr" { + source = "../modules/win" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.deployment_ad.*.rendered}"] + fault_domain = ["${sort(data.template_file.deployment_fd.*.rendered)}"] + app_instance_count = "${var.dep_instance_count}" + app_hostname_prefix = "${var.env_prefix}dep"#"${substr(var.region, 3, 3)}" + app_image = "${data.oci_core_images.WinInstanceImageOCID.images.0.id}" + app_instance_shape = "${var.dep_instance_shape}" + app_subnet = ["${var.adminsubid}"] +} + +# Module to create Database +module "create_db" { + source = "../modules/db" + + compartment_ocid = "${var.compartment_ocid}" + availability_domain = ["${data.template_file.deployment_ad.*.rendered}"] + db_count = "${var.db_count}" + db_edition = "${var.db_edition}" + db_instance_shape = "${var.db_instance_shape}" + db_node_count = "${var.db_node_count}" + db_hostname_prefix = "${var.env_prefix}db"#"${substr(var.region, 3, 3)}" + db_size_in_gb = "${var.db_size_in_gb}" + db_license_model = "${var.db_license_model}" + db_subnet = ["${var.dbsubid}"] + db_ssh_public_key = "${var.ssh_public_key}" + db_admin_password = "${var.db_admin_password}" + db_name = "${var.db_name}" + db_characterset = "${var.db_characterset}" + db_nls_characterset = "${var.db_nls_characterset}" + #db_workload = "${var.db_workload}" + db_version = "${var.db_version}" + #db_disk_redundancy = "${var.db_disk_redundancy}" + db_pdb_name = "${var.db_pdb_name}" + init_dir_name = "db" + db_ssh_private_key = "${var.ssh_private_key}" + bastion_public_ip = "${var.bastion_public_ip}" + bastion_ssh_private_key = "${var.bastion_ssh_private_key}" +} + +## Module to create Load Balancer +module "create_batch_lb" { + source = "../modules/lbaas" + + compartment_ocid = "${var.compartment_ocid}" + load_balancer_count = "${var.batch_load_balancer_count}" + load_balancer_shape = "${var.load_balancer_shape}" + load_balancer_subnet = ["${var.lbsubid}"] + load_balancer_name = "${var.env_prefix}batchlb${substr(var.region, 3, 3)}" + #load_balancer_hostname = "${var.load_balancer_hostname}" + load_balancer_protocol = "TCP" + load_balancer_listen_port = "${var.load_balancer_listen_port}" + app_instance_listen_port = "${var.app_instance_listen_port}" + app_instance_count = "${var.batch_instance_count}" + be1_ip_address1 = ["${module.create_batch.PrvIPs}"] +} + +module "create_logic_lb" { + source = "../modules/lbaas" + + compartment_ocid = "${var.compartment_ocid}" + load_balancer_count = "${var.logic_load_balancer_count}" + load_balancer_shape = "${var.load_balancer_shape}" + load_balancer_subnet = ["${var.lbsubid}"] + load_balancer_name = "${var.env_prefix}logiclb${substr(var.region, 3, 3)}" + #load_balancer_hostname = "${var.load_balancer_hostname}" + load_balancer_listen_port = ["${var.load_balancer_listen_port}"] + load_balancer_protocol = "TCP" + app_instance_listen_port = ["${var.app_instance_listen_port}"] + app_instance_count = "${var.logic_instance_count}" + be1_ip_address1 = ["${module.create_logic.PrvIPs}"] +} + +#Module to configure DNS entries of LB Private IPs. +module "create_dns" { + source = "../modules/dns" + + compartment_ocid = "${var.compartment_ocid}" + dns_server_zone_name = "${var.dns_server_zone_name}" + batch_alias = "${var.load_balancer_batch_alias_name}" + logic_alias = "${var.load_balancer_logic_alias_name}" + web_alias = "${var.load_balancer_web_alias_name}" + batch_rdata = ["${module.create_batch_lb.lb_private_ip}"] + logic_rdata = ["${module.create_logic_lb.lb_private_ip}"] + web_rdata = ["${module.create_logic_lb.lb_private_ip}"] +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%pd%pd.outputs.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%pd%pd.outputs.tf new file mode 100644 index 0000000..e9b30ef --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%pd%pd.outputs.tf @@ -0,0 +1,63 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +output "WLShostNames" { + value = ["${module.create_wls.HostNames}"] +} +output "WLSPrivateIPs" { + value = ["${module.create_wls.PrvIPs}"] +} + +output "LogicPrivateIPs" { + value = ["${module.create_logic.PrvIPs}"] +} + +output "LogichostNames" { + value = ["${module.create_logic.HostNames}"] +} + +output "BatchPrivateIPs" { + value = ["${module.create_batch.PrvIPs}"] +} + +output "BatchhostNames" { + value = ["${module.create_batch.HostNames}"] +} + +output "SMPrivateIPs" { + value = ["${module.create_sm.PrvIPs}"] +} + +output "SMhostNames" { + value = ["${module.create_sm.HostNames}"] +} + +output "DepPrivateIP" { + value = ["${module.create_depsvr.PrvIPs}"] +} + +output "DephostName" { + value = ["${module.create_depsvr.HostNames}"] +} + +output "DBhostNames" { + value = ["${module.create_db.DBNodeHostname}"] +} + +output "LogicLBPrivateIPs" { + value = ["${module.create_logic_lb.lb_private_ip}"] +} + +output "BatchLBPrivateIPs" { + value = ["${module.create_batch_lb.lb_private_ip}"] +} + +output "DNS_Zone" { + value = "${module.create_dns.zones}" +} + +output "DNS_Records" { + value = "${module.create_dns.records}" +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%pd%pd.provider.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%pd%pd.provider.tf new file mode 100644 index 0000000..b2e39ec --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%pd%pd.provider.tf @@ -0,0 +1,20 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + +# Terraform version + +terraform { + required_version = ">= 0.11.8" +} + +# Oracle Cloud Infrastructure (OCI) Provider + +provider "oci" { + version = "=3.5.0" + tenancy_ocid = "${var.tenancy_ocid}" + user_ocid = "${var.user_ocid}" + fingerprint = "${var.fingerprint}" + private_key_path = "${var.private_key_path}" + region = "${var.region}" + } \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%pd%pd.variables.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%pd%pd.variables.tf new file mode 100644 index 0000000..2eb2319 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%pd%pd.variables.tf @@ -0,0 +1,214 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +variable "tenancy_ocid" {} + +variable "region" {} + +variable "compartment_ocid" {} + +variable "AD" { + type = "list" +} + +variable "user_ocid" {} + +variable "fingerprint" {} + +variable "private_key_path" {} + +variable "ssh_public_key" {} + +variable "ssh_private_key" {} + +variable "bastion_ssh_private_key" {} + +variable "InstanceOS" { + description = "Operating system for compute instances" + default = "Oracle Linux" +} + +variable "linux_os_version" { + description = "Operating system version for all compute instances except NAT" + default = "7.5" +} + + + +variable "WinInstanceOS" { + description = "Operating system for compute instances" + default = "Windows" +} + +variable "WinInstanceOSVersion" { + description = "Operating system version for all compute instances except NAT" + default = "Server 2016 Standard" +} + +# JDE DBS Specfic +variable "db_count" {} + +#variable "db_cpucorecount" {} + +variable "db_edition" {} + +variable "db_instance_shape" {} + +variable "db_node_count" {} + +variable "db_size_in_gb" { + default = "256" +} + +variable "db_license_model" {} + +variable "db_admin_password" {} + +variable "db_name" {} + +variable "db_characterset" {} + +variable "db_nls_characterset" {} + +variable "db_workload" { + default = "OLTP" +} + +variable "db_version" {} + +variable "db_pdb_name" {} + +#variable "db_disk_redundancy" {} + +#JDE LBaaS Specific +variable "logic_load_balancer_count" { + default = "2" +} + +variable "batch_load_balancer_count" { + default = "2" +} + +variable "load_balancer_name" { + default = "jdelb" +} + +variable "load_balancer_shape" { + default = "100Mbps" +} + +variable "load_balancer_listen_port" { + type = "list" + default= ["6017", "6018", "6019", "6020", "6021", "6022"] +} + +variable "app_instance_listen_port" { + type = "list" + default= ["6017", "6018", "6019", "6020", "6021", "6022"] +} + +variable "lbaas_listen_port_standalone_html"{ + default = "9001" +} + +variable "lbaas_listen_port_html"{ + default = "9002" +} + +variable "lbaas_listen_port_ais"{ + default = "9003" +} + +variable "listen_port_range_standalone_html"{ + type = "list" + default = ["8001", "8004"] +} + +variable "listen_port_range_html"{ + type = "list" + default = ["8005", "8088"] +} + +variable "listen_port_range_ais"{ + type = "list" + default = ["8010", "8014"] +} + +variable "load_balancer_certificate_name" {} + +variable "load_balancer_ca_certificate" {} + +variable "load_balancer_certificate_passphrase" {} + +variable "load_balancer_certificate_private_key" {} + +variable "load_balancer_certificate_public_certificate" {} + + +variable "env_prefix" { + default = "myenv" +} + +variable "unix_mount_directory" { + default = "//u01" +} + +variable "logic_instance_count" {} + +variable "logic_instance_shape" {} + +variable "batch_instance_count" {} + +variable "batch_instance_shape" {} + +variable "wls_instance_count" {} + +variable "wls_instance_shape" {} + +variable "sm_instance_shape" {} + +variable "sm_instance_count" {} + +variable "dep_instance_shape" {} + +variable "dep_instance_count" {} + +variable "psntsubid" { + type= "list" +} +variable "midsubid" { + type= "list" +} + +variable "adminsubid" { + type= "list" +} + +variable "dbsubid" { + type= "list" +} + +variable "lbsubid" { + type= "list" +} + +variable "bastion_public_ip" {} + +variable "wls_bv_size" {} + +variable "logic_bv_size" {} + +variable "batch_bv_size" {} + +variable "sm_bv_size" {} + +#DNS specific variables +variable "dns_server_zone_name" {} + +variable "load_balancer_logic_alias_name" {} + +variable "load_balancer_batch_alias_name" {} + +variable "load_balancer_web_alias_name" {} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%pd%web-lb.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%pd%web-lb.tf new file mode 100644 index 0000000..46b259b --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%JDEdwards%pd%web-lb.tf @@ -0,0 +1,238 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +locals { + lb_ids = "${module.create_logic_lb.lb_id}" #Use OCID of Logic LB. + web_be1_ip_address1 = "${module.create_wls.PrvIPs}" #Use IP addresses of WLS instances. + web_backendset_counts = "3" +} + +resource "oci_load_balancer_backend_set" "lb1-webbes" { + depends_on = ["module.create_logic_lb"] + count = "${local.web_backendset_counts}" + name = "lb1-webbes${count.index + 1}" + load_balancer_id = "${element(local.lb_ids, 0)}" + policy = "ROUND_ROBIN" + + health_checker { + port = "0" + protocol = "HTTP" + response_body_regex = ".*" + url_path = "${count.index != "2" ? "/jde/E1Menu.maf" : "/jderest/defaultconfig"}" + } + session_persistence_configuration { + #cookie_name = "*" + cookie_name = "JSESSIONID" + #disable_fallback = true + } + ssl_configuration { + certificate_name = "${oci_load_balancer_certificate.jdelb-cert1.0.certificate_name}" + verify_peer_certificate = false + } +} + +resource "oci_load_balancer_backend_set" "lb2-webbes" { + depends_on = ["module.create_logic_lb"] + count = "${local.web_backendset_counts}" + name = "lb2-webbes${count.index + 1}" + load_balancer_id = "${element(local.lb_ids, 1)}" + policy = "ROUND_ROBIN" + + health_checker { + port = "0" + protocol = "HTTP" + response_body_regex = ".*" + url_path = "${count.index != "2" ? "/jde/E1Menu.maf" : "/jderest/defaultconfig"}" + } + session_persistence_configuration { + #cookie_name = "*" + cookie_name = "JSESSIONID" + #disable_fallback = true + } + ssl_configuration { + certificate_name = "${oci_load_balancer_certificate.jdelb-cert1.1.certificate_name}" + verify_peer_certificate = false + } +} + +# Backends for LB 1. +resource "oci_load_balancer_backend" "lb1-webbes1" { + count = "${var.wls_instance_count * length(var.listen_port_range_standalone_html)}" + load_balancer_id = "${element(local.lb_ids, 0)}" + backendset_name = "${element(oci_load_balancer_backend_set.lb1-webbes.*.name, 0)}" + ip_address = "${element(local.web_be1_ip_address1, count.index / length(var.listen_port_range_standalone_html))}" + port = "${element(var.listen_port_range_standalone_html, count.index % length(var.listen_port_range_standalone_html))}" + backup = false + drain = false + offline = false + weight = 1 +} + +resource "oci_load_balancer_backend" "lb1-webbes2" { + count = "${var.wls_instance_count * length(var.listen_port_range_html)}" + load_balancer_id = "${element(local.lb_ids, 0)}" + backendset_name = "${element(oci_load_balancer_backend_set.lb1-webbes.*.name, 1)}" + ip_address = "${element(local.web_be1_ip_address1, count.index / length(var.listen_port_range_html))}" + port = "${element(var.listen_port_range_html, count.index % length(var.listen_port_range_html))}" + backup = false + drain = false + offline = false + weight = 1 +} + +resource "oci_load_balancer_backend" "lb1-webbes3" { + count = "${var.wls_instance_count * length(var.listen_port_range_ais)}" + load_balancer_id = "${element(local.lb_ids, 0)}" + backendset_name = "${element(oci_load_balancer_backend_set.lb1-webbes.*.name, 2)}" + ip_address = "${element(local.web_be1_ip_address1, count.index / length(var.listen_port_range_ais))}" + port = "${element(var.listen_port_range_ais, count.index % length(var.listen_port_range_ais))}" + backup = false + drain = false + offline = false + weight = 1 +} + + +# Backends for LB 2 + +resource "oci_load_balancer_backend" "lb2-webbes1" { + count = "${var.wls_instance_count * length(var.listen_port_range_standalone_html)}" + load_balancer_id = "${element(local.lb_ids, 1)}" + backendset_name = "${element(oci_load_balancer_backend_set.lb2-webbes.*.name, 0)}" + ip_address = "${element(local.web_be1_ip_address1, count.index / length(var.listen_port_range_standalone_html))}" + port = "${element(var.listen_port_range_standalone_html, count.index % length(var.listen_port_range_standalone_html))}" + backup = false + drain = false + offline = false + weight = 1 +} + +resource "oci_load_balancer_backend" "lb2-webbes2" { + count = "${var.wls_instance_count * length(var.listen_port_range_html)}" + load_balancer_id = "${element(local.lb_ids, 1)}" + backendset_name = "${element(oci_load_balancer_backend_set.lb2-webbes.*.name, 1)}" + ip_address = "${element(local.web_be1_ip_address1, count.index / length(var.listen_port_range_html))}" + port = "${element(var.listen_port_range_html, count.index % length(var.listen_port_range_html))}" + backup = false + drain = false + offline = false + weight = 1 +} + +resource "oci_load_balancer_backend" "lb2-webbes3" { + count = "${var.wls_instance_count * length(var.listen_port_range_ais)}" + load_balancer_id = "${element(local.lb_ids, 1)}" + backendset_name = "${element(oci_load_balancer_backend_set.lb2-webbes.*.name, 2)}" + ip_address = "${element(local.web_be1_ip_address1, count.index / length(var.listen_port_range_ais))}" + port = "${element(var.listen_port_range_ais, count.index % length(var.listen_port_range_ais))}" + backup = false + drain = false + offline = false + weight = 1 +} + +resource "oci_load_balancer_listener" "jdelb1-weblistener1" { + load_balancer_id = "${element(local.lb_ids, 0)}" + name = "${var.load_balancer_name}-weblsnr1" + default_backend_set_name = "${element(oci_load_balancer_backend_set.lb1-webbes.*.name, 0)}" + port = "${var.lbaas_listen_port_standalone_html}" + protocol = "HTTP" + ssl_configuration { + certificate_name = "${oci_load_balancer_certificate.jdelb-cert1.0.certificate_name}" + verify_peer_certificate = false + } + connection_configuration { + idle_timeout_in_seconds = "180" + } +} + +resource "oci_load_balancer_listener" "jdelb1-weblistener2" { + load_balancer_id = "${element(local.lb_ids, 0)}" + name = "${var.load_balancer_name}-weblsnr2" + default_backend_set_name = "${element(oci_load_balancer_backend_set.lb1-webbes.*.name, 1)}" + port = "${var.lbaas_listen_port_html}" + protocol = "HTTP" + ssl_configuration { + certificate_name = "${oci_load_balancer_certificate.jdelb-cert1.0.certificate_name}" + verify_peer_certificate = false + } + connection_configuration { + idle_timeout_in_seconds = "180" + } +} + +resource "oci_load_balancer_listener" "jdelb1-weblistener3" { + load_balancer_id = "${element(local.lb_ids, 0)}" + name = "${var.load_balancer_name}-weblsnr3" + default_backend_set_name = "${element(oci_load_balancer_backend_set.lb1-webbes.*.name, 2)}" + port = "${var.lbaas_listen_port_ais}" + protocol = "HTTP" + ssl_configuration { + certificate_name = "${oci_load_balancer_certificate.jdelb-cert1.0.certificate_name}" + verify_peer_certificate = false + } + connection_configuration { + idle_timeout_in_seconds = "180" + } +} + +resource "oci_load_balancer_listener" "jdelb2-weblistener1" { + load_balancer_id = "${element(local.lb_ids, 1)}" + name = "${var.load_balancer_name}-weblsnr1" + default_backend_set_name = "${element(oci_load_balancer_backend_set.lb2-webbes.*.name, 0)}" + port = "${var.lbaas_listen_port_standalone_html}" + protocol = "HTTP" + ssl_configuration { + certificate_name = "${oci_load_balancer_certificate.jdelb-cert1.1.certificate_name}" + verify_peer_certificate = false + } + connection_configuration { + idle_timeout_in_seconds = "180" + } +} + +resource "oci_load_balancer_listener" "jdelb2-weblistener2" { + load_balancer_id = "${element(local.lb_ids, 1)}" + name = "${var.load_balancer_name}-weblsnr2" + default_backend_set_name = "${element(oci_load_balancer_backend_set.lb2-webbes.*.name, 1)}" + port = "${var.lbaas_listen_port_html}" + protocol = "HTTP" + ssl_configuration { + certificate_name = "${oci_load_balancer_certificate.jdelb-cert1.1.certificate_name}" + verify_peer_certificate = false + } + connection_configuration { + idle_timeout_in_seconds = "180" + } +} + +resource "oci_load_balancer_listener" "jdelb2-weblistener3" { + load_balancer_id = "${element(local.lb_ids, 1)}" + name = "${var.load_balancer_name}-weblsnr3" + default_backend_set_name = "${element(oci_load_balancer_backend_set.lb2-webbes.*.name, 2)}" + port = "${var.lbaas_listen_port_ais}" + protocol = "HTTP" + ssl_configuration { + certificate_name = "${oci_load_balancer_certificate.jdelb-cert1.1.certificate_name}" + verify_peer_certificate = false + } + connection_configuration { + idle_timeout_in_seconds = "180" + } +} + +resource "oci_load_balancer_certificate" "jdelb-cert1" { + count = 2 + load_balancer_id = "${element(local.lb_ids,count.index)}" + certificate_name = "${var.load_balancer_certificate_name}" + ca_certificate = "${var.load_balancer_ca_certificate}" + passphrase = "${var.load_balancer_certificate_passphrase}" + private_key = "${var.load_balancer_certificate_private_key}" + public_certificate = "${var.load_balancer_certificate_public_certificate}" + + lifecycle { + create_before_destroy = true + } +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%datasources.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%datasources.tf new file mode 100644 index 0000000..d5f07c3 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%datasources.tf @@ -0,0 +1,77 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +# Get list of Availability Domains +data "oci_identity_availability_domains" "ADs" { + compartment_id = "${var.tenancy_ocid}" +} + +# Get name of Availability Domains +data "template_file" "deployment_ad" { + count = "${length(var.AD)}" + template = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[var.AD[count.index] - 1], "name")}" +} + + +# Get list of Fault Domains +data "oci_identity_fault_domains" "fds" { + count = "${length(var.AD)}" + availability_domain = "${element(data.template_file.deployment_ad.*.rendered, count.index)}" + compartment_id = "${var.compartment_ocid}" +} + +locals { + fault_domains = "${flatten(concat(data.oci_identity_fault_domains.fds.*.fault_domains))}" + faultdomains_per_ad = 3 +} + +# Get name of Fault Domains +data "template_file" "deployment_fd" { + template = "$${name}" + count = "${length(var.AD) * (local.faultdomains_per_ad) }" + vars = { + name = "${lookup(local.fault_domains[count.index], "name")}" + } +} + +# Get latest Oracle Linux image +data "oci_core_images" "InstanceImageOCID" { + compartment_id = "${var.tenancy_ocid}" + operating_system = "${var.instance_os}" + operating_system_version = "${var.linux_os_version}" + + filter { + name = "display_name" + values = ["^.*Oracle[^G]*$"] + regex = true + } +} + +# Get Windows image +data "oci_core_images" "WinInstanceImageOCID" { + compartment_id = "${var.tenancy_ocid}" + operating_system = "${var.WinInstanceOS}" + operating_system_version = "${var.WinInstanceOSVersion}" +} + +# Get swift object storage name for Service Gateway +data "oci_core_services" "svcgtw_services" { + filter { + name = "name" + values = [".*Object.*Storage"] + regex = true + } +} + +# Render inputs for mounting Filesystem storage service +data "template_file" "bootstrap" { + template = "${file("${path.module}/userdata/bootstrap.tpl")}" + vars { + timezone = "${var.timezone}" + fss_mount_path = "${var.psft_stage_filesystem_path}/" + fss_export_path = "${element(module.create_fss.FilesystemExports, 0)}" + fss_mount_target_private_ip = "${element(module.create_fss.FilesystemPrivateIPs, 0)}" + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%main.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%main.tf new file mode 100644 index 0000000..e176530 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%main.tf @@ -0,0 +1,392 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +locals { + // VCN is /16 + db_subnet_prefix = "${cidrsubnet("${var.vcn_cidr}", 6, 0)}" + tools_subnet_prefix = "${cidrsubnet("${var.vcn_cidr}", 6, 1)}" + es_subnet_prefix = "${cidrsubnet("${var.vcn_cidr}", 6, 2)}" + app_subnet_prefix = "${cidrsubnet("${var.vcn_cidr}", 6, 3)}" + fss_subnet_prefix = "${cidrsubnet("${var.vcn_cidr}", 6, 4)}" + web_subnet_prefix = "${cidrsubnet("${var.vcn_cidr}", 6, 5)}" + lb_subnet_prefix = "${cidrsubnet("${var.vcn_cidr}", 6, 6)}" + bastion_subnet_prefix = "${cidrsubnet("${var.vcn_cidr}", 6, 7)}" +} + +# Create Virtual Cloud Network (VCN) +module "create_vcn" { + source = "./modules/network/vcn" + + compartment_ocid = "${var.compartment_ocid}" + vcn_cidr = "${var.vcn_cidr}" + vcn_dns_label = "${var.vcn_dns_label}" +} + +# Create bastion host subnet +module "bastion_subnet" { + source = "./modules/network/subnets" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.deployment_ad.*.rendered}"] + vcn_id = "${module.create_vcn.vcnid}" + vcn_subnet_cidr = [ + "${cidrsubnet(local.bastion_subnet_prefix, 2, 0)}", + "${cidrsubnet(local.bastion_subnet_prefix, 2, 1)}", + "${cidrsubnet(local.bastion_subnet_prefix, 2, 2)}", + ] + dns_label = "bassubad" + dhcp_options_id = "${module.create_vcn.default_dhcp_id}" + route_table_id = "${oci_core_route_table.PublicRT.id}" + security_list_ids = ["${oci_core_security_list.BastionSecList.id}"] + private_subnet = "False" +} + +# Create Load Balancer subnet +module "lb_subnet" { + source = "./modules/network/subnets" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.deployment_ad.*.rendered}"] + vcn_id = "${module.create_vcn.vcnid}" + vcn_subnet_cidr = [ + "${cidrsubnet(local.lb_subnet_prefix, 2, 0)}", + "${cidrsubnet(local.lb_subnet_prefix, 2, 1)}", + "${cidrsubnet(local.lb_subnet_prefix, 2, 2)}", + ] + dns_label = "lbsubad" + dhcp_options_id = "${module.create_vcn.default_dhcp_id}" + route_table_id = "${oci_core_route_table.PrivateRT.id}" + security_list_ids = ["${oci_core_security_list.LBSecList.id}"] + private_subnet = "True" +} + +# Create web subnet +module "web_subnet" { + source = "./modules/network/subnets" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.deployment_ad.*.rendered}"] + vcn_id = "${module.create_vcn.vcnid}" + vcn_subnet_cidr = [ + "${cidrsubnet(local.web_subnet_prefix, 2, 0)}", + "${cidrsubnet(local.web_subnet_prefix, 2, 1)}", + "${cidrsubnet(local.web_subnet_prefix, 2, 2)}", + ] + dns_label = "websubad" + dhcp_options_id = "${module.create_vcn.default_dhcp_id}" + route_table_id = "${oci_core_route_table.PrivateRT.id}" + security_list_ids = ["${oci_core_security_list.WebSecList.id}"] + private_subnet = "True" +} + + +# Create application subnet +module "app_subnet" { + source = "./modules/network/subnets" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.deployment_ad.*.rendered}"] + vcn_id = "${module.create_vcn.vcnid}" + vcn_subnet_cidr = [ + "${cidrsubnet(local.app_subnet_prefix, 2, 0)}", + "${cidrsubnet(local.app_subnet_prefix, 2, 1)}", + "${cidrsubnet(local.app_subnet_prefix, 2, 2)}", + ] + dns_label = "appsubad" + dhcp_options_id = "${module.create_vcn.default_dhcp_id}" + route_table_id = "${oci_core_route_table.PrivateRT.id}" + security_list_ids = ["${oci_core_security_list.AppSecList.id}"] + private_subnet = "True" +} + +# Create File Storage Service subnet +module "fss_subnet" { + source = "./modules/network/subnets" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.deployment_ad.*.rendered}"] + vcn_id = "${module.create_vcn.vcnid}" + vcn_subnet_cidr = [ + "${cidrsubnet(local.fss_subnet_prefix, 2, 0)}", + "${cidrsubnet(local.fss_subnet_prefix, 2, 1)}", + "${cidrsubnet(local.fss_subnet_prefix, 2, 2)}", + ] + dns_label = "fsssubad" + dhcp_options_id = "${module.create_vcn.default_dhcp_id}" + route_table_id = "${oci_core_route_table.PrivateRT.id}" + security_list_ids = ["${oci_core_security_list.FSSSecList.id}"] + private_subnet = "True" +} + +# Create Database system subnet +module "db_subnet" { + source = "./modules/network/subnets" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.deployment_ad.*.rendered}"] + vcn_id = "${module.create_vcn.vcnid}" + vcn_subnet_cidr = [ + "${cidrsubnet(local.db_subnet_prefix, 2, 0)}", + "${cidrsubnet(local.db_subnet_prefix, 2, 1)}", + "${cidrsubnet(local.db_subnet_prefix, 2, 2)}", + ] + dns_label = "dbsubad" + dhcp_options_id = "${module.create_vcn.default_dhcp_id}" + route_table_id = "${oci_core_route_table.PrivateRT.id}" + security_list_ids = ["${oci_core_security_list.DBSecList.id}"] + private_subnet = "True" +} + +# Create Elastic Search subnet +module "els_subnet" { + source = "./modules/network/subnets" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.deployment_ad.*.rendered}"] + vcn_id = "${module.create_vcn.vcnid}" + vcn_subnet_cidr = [ + "${cidrsubnet(local.es_subnet_prefix, 2, 0)}", + "${cidrsubnet(local.es_subnet_prefix, 2, 1)}", + "${cidrsubnet(local.es_subnet_prefix, 2, 2)}", + ] + dns_label = "essubad" + dhcp_options_id = "${module.create_vcn.default_dhcp_id}" + route_table_id = "${oci_core_route_table.PrivateRT.id}" + security_list_ids = ["${oci_core_security_list.ESSecList.id}"] + private_subnet = "True" +} + +# Create Peoplesoft Tools subnet +module "ptools_subnet" { + source = "./modules/network/subnets" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.deployment_ad.*.rendered}"] + vcn_id = "${module.create_vcn.vcnid}" + vcn_subnet_cidr = [ + "${cidrsubnet(local.tools_subnet_prefix, 2, 0)}", + "${cidrsubnet(local.tools_subnet_prefix, 2, 1)}", + "${cidrsubnet(local.tools_subnet_prefix, 2, 2)}", + ] + dns_label = "ptoolssubad" + dhcp_options_id = "${module.create_vcn.default_dhcp_id}" + route_table_id = "${oci_core_route_table.PrivateRT.id}" + security_list_ids = ["${oci_core_security_list.PToolsSecList.id}"] + private_subnet = "True" +} + + + +# Create bastion host +module "create_bastion" { + source = "./modules/bastion" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.deployment_ad.*.rendered}"] + bastion_hostname_prefix = "${var.psft_env_prefix}bas${substr(var.region, 3, 3)}" + bastion_image = "${data.oci_core_images.InstanceImageOCID.images.0.id}" + bastion_instance_shape = "${var.bastion_instance_shape}" + bastion_subnet = ["${module.bastion_subnet.subnetid}"] + bastion_ssh_public_key = "${var.bastion_ssh_public_key}" + } + +# Create application server +module "create_app" { + source = "./modules/compute" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.deployment_ad.*.rendered}"] + fault_domain = ["${sort(data.template_file.deployment_fd.*.rendered)}"] + compute_instance_count = "${var.psft_app_instance_count}" + compute_platform = "linux" + compute_hostname_prefix = "${var.psft_env_prefix}app${substr(var.region, 3, 3)}" + compute_boot_volume_size_in_gb = "${var.compute_boot_volume_size_in_gb}" + compute_block_volume_size_in_gb = "${var.compute_block_volume_size_in_gb}" + compute_image = "${data.oci_core_images.InstanceImageOCID.images.0.id}" + compute_instance_shape = "${var.psft_app_instance_shape}" + compute_subnet = ["${module.app_subnet.subnetid}"] + compute_ssh_public_key = "${var.ssh_public_key}" + compute_ssh_private_key = "${var.ssh_private_key}" + bastion_ssh_private_key = "${var.bastion_ssh_private_key}" + bastion_public_ip = "${module.create_bastion.Bastion_Public_IPs[0]}" + compute_instance_user = "${var.compute_instance_user}" + bastion_user = "${var.bastion_user}" + timezone = "${var.timezone}" + user_data = "${data.template_file.bootstrap.rendered}" + remote_exec_script = "" #Optional +} + +# Create Elastic search server +module "create_elastic_search" { + source = "./modules/compute" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.deployment_ad.*.rendered}"] + fault_domain = ["${sort(data.template_file.deployment_fd.*.rendered)}"] + compute_instance_count = "${var.psft_es_instance_count}" + compute_platform = "linux" + compute_hostname_prefix = "${var.psft_env_prefix}es${substr(var.region, 3, 3)}" + compute_boot_volume_size_in_gb = "${var.compute_boot_volume_size_in_gb}" + compute_block_volume_size_in_gb = "${var.compute_block_volume_size_in_gb}" + compute_image = "${data.oci_core_images.InstanceImageOCID.images.0.id}" + compute_instance_shape = "${var.psft_es_instance_shape}" + compute_subnet = ["${module.els_subnet.subnetid}"] + compute_ssh_public_key = "${var.ssh_public_key}" + compute_ssh_private_key = "${var.ssh_private_key}" + bastion_ssh_private_key = "${var.bastion_ssh_private_key}" + bastion_public_ip = "${module.create_bastion.Bastion_Public_IPs[0]}" + compute_instance_user = "${var.compute_instance_user}" + bastion_user = "${var.bastion_user}" + timezone = "${var.timezone}" + user_data = "${data.template_file.bootstrap.rendered}" + remote_exec_script = "" #Optional +} + +# Create process scheduler server +module "create_process_schd" { + source = "./modules/compute" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.deployment_ad.*.rendered}"] + fault_domain = ["${sort(data.template_file.deployment_fd.*.rendered)}"] + compute_platform = "linux" + compute_instance_count = "${var.psft_es_instance_count}" + compute_hostname_prefix = "${var.psft_env_prefix}ps${substr(var.region, 3, 3)}" + compute_boot_volume_size_in_gb = "${var.compute_boot_volume_size_in_gb}" + compute_block_volume_size_in_gb = "${var.compute_block_volume_size_in_gb}" + compute_image = "${data.oci_core_images.InstanceImageOCID.images.0.id}" + compute_instance_shape = "${var.psft_ps_instance_shape}" + compute_subnet = ["${module.app_subnet.subnetid}"] + compute_ssh_public_key = "${var.ssh_public_key}" + compute_ssh_private_key = "${var.ssh_private_key}" + bastion_ssh_private_key = "${var.bastion_ssh_private_key}" + bastion_public_ip = "${module.create_bastion.Bastion_Public_IPs[0]}" + compute_instance_user = "${var.compute_instance_user}" + bastion_user = "${var.bastion_user}" + timezone = "${var.timezone}" + user_data = "${data.template_file.bootstrap.rendered}" + remote_exec_script = "" #Optional +} + +# Create Web server +module "create_web" { + source = "./modules/compute" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.deployment_ad.*.rendered}"] + fault_domain = ["${sort(data.template_file.deployment_fd.*.rendered)}"] + compute_instance_count = "${var.psft_web_instance_count}" + compute_platform = "linux" + compute_hostname_prefix = "${var.psft_env_prefix}web${substr(var.region, 3, 3)}" + compute_boot_volume_size_in_gb = "${var.compute_boot_volume_size_in_gb}" + compute_block_volume_size_in_gb = "${var.compute_block_volume_size_in_gb}" + compute_image = "${data.oci_core_images.InstanceImageOCID.images.0.id}" + compute_instance_shape = "${var.psft_web_instance_shape}" + compute_subnet = ["${module.web_subnet.subnetid}"] + compute_ssh_public_key = "${var.ssh_public_key}" + compute_ssh_private_key = "${var.ssh_private_key}" + bastion_ssh_private_key = "${var.bastion_ssh_private_key}" + bastion_public_ip = "${module.create_bastion.Bastion_Public_IPs[0]}" + compute_instance_user = "${var.compute_instance_user}" + bastion_user = "${var.bastion_user}" + timezone = "${var.timezone}" + user_data = "${data.template_file.bootstrap.rendered}" + remote_exec_script = "" #Optional +} + +# Create Peoplesoft tools server +module "create_ptools" { + source = "./modules/compute" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.deployment_ad.*.rendered}"] + fault_domain = ["${sort(data.template_file.deployment_fd.*.rendered)}"] + compute_instance_count = "${length(var.AD)}" + compute_platform = "windows" + compute_hostname_prefix = "${var.psft_env_prefix}tls${substr(var.region, 3, 3)}" + compute_image = "${data.oci_core_images.WinInstanceImageOCID.images.3.id}" + compute_instance_shape = "${var.psft_tls_instance_shape}" + compute_subnet = ["${module.ptools_subnet.subnetid}"] + compute_boot_volume_size_in_gb = "256" + compute_block_volume_size_in_gb = "${var.compute_block_volume_size_in_gb}" + compute_ssh_public_key = "${var.ssh_public_key}" + compute_ssh_private_key = "${var.ssh_private_key}" + bastion_ssh_private_key = "${var.bastion_ssh_private_key}" + bastion_public_ip = "${module.create_bastion.Bastion_Public_IPs[0]}" + compute_instance_user = "${var.compute_instance_user}" + bastion_user = "${var.bastion_user}" + timezone = "${var.timezone}" + user_data = "${data.template_file.bootstrap.rendered}" + remote_exec_script = "" #Optional +} + +# Create File system service +module "create_fss" { + source = "./modules/filesystem" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.deployment_ad.*.rendered}"] + fss_instance_prefix = "${var.psft_env_prefix}fss${substr(var.region, 3, 3)}" + fss_subnet = ["${module.fss_subnet.subnetid}"] + fss_limit_size_in_gb = "${var.psft_stage_filesystem_size_limit_in_gb}" + fss_count = "1" +} + + +# create Database system + + module "create_db" { + source = "./modules/dbsystem" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.deployment_ad.*.rendered}"] + db_edition = "${var.db_edition}" + db_instance_shape = "${var.db_instance_shape}" + db_node_count = "${var.db_node_count}" + db_hostname_prefix = "${var.psft_env_prefix}db${substr(var.region, 3, 3)}" + db_size_in_gb = "${var.db_size_in_gb}" + db_license_model = "${var.db_license_model}" + db_subnet = ["${module.db_subnet.subnetid}"] + db_ssh_public_key = "${var.ssh_public_key}" + db_admin_password = "${var.db_admin_password}" + db_name = "${var.db_name}" + db_characterset = "${var.db_characterset}" + db_nls_characterset = "${var.db_nls_characterset}" + db_version = "${var.db_version}" + db_pdb_name = "${var.db_pdb_name}" +} + +# Create Load Balancer +module "create_lb" { + source = "./modules/loadbalancer" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.deployment_ad.*.rendered}"] + load_balancer_shape = "${var.load_balancer_shape}" + load_balancer_subnet = ["${module.lb_subnet.subnetid}"] + load_balancer_name = "${var.psft_env_prefix}lb${substr(var.region, 3, 3)}" + load_balancer_hostname = "${var.load_balancer_hostname}" + load_balancer_listen_port = "${var.load_balancer_listen_port}" + web_instance_listen_port = "${var.psft_web_instance_listen_port}" + web_instance_count = "${var.psft_web_instance_count}" + be_ip_addresses = ["${module.create_web.ComputePrivateIPs}"] +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%bastion%bastion.outputs.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%bastion%bastion.outputs.tf new file mode 100644 index 0000000..b25314c --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%bastion%bastion.outputs.tf @@ -0,0 +1,8 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +output "Bastion_Public_IPs" { + value = ["${oci_core_instance.bastion.*.public_ip}"] +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%bastion%bastion.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%bastion%bastion.tf new file mode 100644 index 0000000..cb8c7f2 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%bastion%bastion.tf @@ -0,0 +1,30 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +resource "oci_core_instance" "bastion" { + compartment_id = var.compartment_ocid + count = length(var.availability_domain) + availability_domain = element(var.availability_domain, count.index) + display_name = "${var.bastion_hostname_prefix}${element(var.AD, count.index)}${count.index + 1}" + shape = var.bastion_instance_shape + + create_vnic_details { + subnet_id = element(var.bastion_subnet, count.index) + display_name = "${var.bastion_hostname_prefix}${element(var.AD, count.index)}${count.index + 1}" + assign_public_ip = true + hostname_label = "${var.bastion_hostname_prefix}${element(var.AD, count.index)}${count.index + 1}" + } + + source_details { + source_type = "image" + source_id = var.bastion_image + boot_volume_size_in_gbs = "60" + } + + metadata { + ssh_authorized_keys = trimspace(file("${var.bastion_ssh_public_key}")) + } +} + diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%bastion%bastion.vars.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%bastion%bastion.vars.tf new file mode 100644 index 0000000..89e5088 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%bastion%bastion.vars.tf @@ -0,0 +1,35 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +variable "compartment_ocid" { + description = "Compartment name" +} +variable "availability_domain" { + description = "Availability domain" + type = "list" +} + +variable "AD" { + description = "Availability domain" + type= "list" +} +#Bastion host variables +variable "bastion_hostname_prefix" { + description = "Prefix for bastion hostname" +} + +variable "bastion_instance_shape" { + description = "Instance shape of bastion host" +} +variable "bastion_subnet" { + description = "Subnet for Bastion host" + type = "list" +} +variable "bastion_image" { +description ="OS Image" +} +variable "bastion_ssh_public_key" { +description = "Bastion Host SSH public key" +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%compute%compute.blockvolume.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%compute%compute.blockvolume.tf new file mode 100644 index 0000000..9a04d69 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%compute%compute.blockvolume.tf @@ -0,0 +1,46 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +resource "oci_core_volume" "blockvolume" { + #count = "${var.compute_instance_count}" + count = "${var.compute_platform == "linux" ? var.compute_instance_count : 0}" + availability_domain = "${element(var.availability_domain, count.index)}" + compartment_id = "${var.compartment_ocid}" + display_name = "${var.compute_hostname_prefix}vol${count.index+1}" + size_in_gbs = "${var.compute_block_volume_size_in_gb}" +} + +resource "oci_core_volume_attachment" "blockvolume_attach" { + attachment_type = "iscsi" + #count = "${var.compute_instance_count}" + count = "${var.compute_platform == "linux" ? var.compute_instance_count : 0}" + compartment_id = "${var.compartment_ocid}" + instance_id = "${element(oci_core_instance.compute.*.id, count.index)}" + volume_id = "${element(oci_core_volume.blockvolume.*.id, count.index)}" + + provisioner "remote-exec" { + connection { + agent = false + timeout = "30m" + host = "${element(oci_core_instance.compute.*.private_ip, count.index)}" + user = "${var.compute_instance_user}" + private_key = "${file("${var.compute_ssh_private_key}")}" + bastion_host = "${var.bastion_public_ip}" + bastion_port = "22" + bastion_user = "${var.bastion_user}" + bastion_private_key = "${file("${var.bastion_ssh_private_key}")}" + } + + inline = [ + "sudo -s bash -c 'iscsiadm -m node -o new -T ${self.iqn} -p ${self.ipv4}:${self.port}'", + "sudo -s bash -c 'iscsiadm -m node -o update -T ${self.iqn} -n node.startup -v automatic '", + "sudo -s bash -c 'iscsiadm -m node -T ${self.iqn} -p ${self.ipv4}:${self.port} -l '", + "sudo -s bash -c 'mkfs.ext4 -F /dev/sdb'", + "sudo -s bash -c 'mkdir -p /u01'", + "sudo -s bash -c 'mount -t ext4 /dev/sdb /u01'", + "sudo -s bash -c 'echo \"/dev/sdb /u01 ext4 defaults,noatime,_netdev,nofail 0 2\" >> /etc/fstab'", + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%compute%compute.datasources.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%compute%compute.datasources.tf new file mode 100644 index 0000000..4565f45 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%compute%compute.datasources.tf @@ -0,0 +1,10 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +# Fetch Windows instance credemtials +data "oci_core_instance_credentials" "win" { + count = "${var.compute_platform != "linux" ? var.compute_instance_count : 0}" + instance_id = "${oci_core_instance.compute.*.id[count.index]}" +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%compute%compute.outputs.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%compute%compute.outputs.tf new file mode 100644 index 0000000..4c613d1 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%compute%compute.outputs.tf @@ -0,0 +1,21 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +output "ComputePrivateIPs" { +value = ["${oci_core_instance.compute.*.private_ip}"] +} + +output "ComputeWinHostNames" { + value = ["${oci_core_instance.compute.*.display_name}"] +} + +output "ComputeWinusers" { +value = ["${data.oci_core_instance_credentials.win.*.username}"] +} + +output "ComputeWincreds" { +value = ["${data.oci_core_instance_credentials.win.*.password}"] +} + diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%compute%compute.remote-exec.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%compute%compute.remote-exec.tf new file mode 100644 index 0000000..cecf9fe --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%compute%compute.remote-exec.tf @@ -0,0 +1,54 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +resource "random_integer" "rand" { + min = 1000000000 + max = 9999999999 +} + +locals { + remote_exec_script_enabled = "${var.remote_exec_script != "" ? 1 : 0}" +} + +resource "null_resource" "initlnx" { + depends_on = ["oci_core_instance.compute", "oci_core_volume_attachment.blockvolume_attach"] + count = "${local.remote_exec_script_enabled && var.compute_platform == "linux" ? var.compute_instance_count : 0}" + + provisioner "file" { + connection { + agent = false + timeout = "${var.timeout}" + host = "${oci_core_instance.compute.*.private_ip[count.index % var.compute_instance_count]}" + user = "${var.compute_instance_user}" + private_key = "${file("${var.compute_ssh_private_key}")}" + + bastion_host = "${var.bastion_public_ip}" + bastion_user = "${var.bastion_user}" + bastion_private_key = "${file("${var.bastion_ssh_private_key}")}" + } + source = "userdata/${var.remote_exec_script}" + #content = "${file("${var.remote_exec_script}")}" + destination = "/tmp/init_${random_integer.rand.result}.sh" + } + + provisioner "remote-exec" { + connection { + agent = false + timeout = "${var.timeout}" + host = "${oci_core_instance.compute.*.private_ip[count.index % var.compute_instance_count]}" + user = "${var.compute_instance_user}" + private_key = "${file("${var.compute_ssh_private_key}")}" + + bastion_host = "${var.bastion_public_ip}" + bastion_user = "${var.bastion_user}" + bastion_private_key = "${file("${var.bastion_ssh_private_key}")}" + } + + inline = [ + "chmod +x /tmp/init_${random_integer.rand.result}.sh", + "while [ ! -f /tmp/init.done ]; do /tmp/init_${random_integer.rand.result}.sh; sleep 10; done", + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%compute%compute.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%compute%compute.tf new file mode 100644 index 0000000..f83fe10 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%compute%compute.tf @@ -0,0 +1,35 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +resource "oci_core_instance" "compute" { + count = var.compute_instance_count + availability_domain = element(var.availability_domain, count.index) + display_name = "${var.compute_hostname_prefix}${element(var.AD, count.index)}${count.index + 1}" + fault_domain = element(var.fault_domain, count.index) + compartment_id = var.compartment_ocid + shape = var.compute_instance_shape + + create_vnic_details { + subnet_id = element(var.compute_subnet, count.index) + display_name = "${var.compute_hostname_prefix}${element(var.AD, count.index)}${count.index + 1}" + assign_public_ip = false + hostname_label = "${var.compute_hostname_prefix}${element(var.AD, count.index)}${count.index + 1}" + } + + source_details { + source_type = "image" + source_id = var.compute_image + boot_volume_size_in_gbs = var.compute_boot_volume_size_in_gb + } + + metadata { + ssh_authorized_keys = trimspace(file("${var.compute_ssh_public_key}")) + user_data = base64encode(var.user_data) + } + + timeouts { + create = var.timeout + } +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%compute%compute.variables.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%compute%compute.variables.tf new file mode 100644 index 0000000..23ddffe --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%compute%compute.variables.tf @@ -0,0 +1,59 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +variable "compartment_ocid" { + description = "Compartment name" +} + +variable "fault_domain" { + description = "Fault Domainr" + type = "list" +} +variable "compute_instance_count" {} +variable "compute_instance_shape" {} + +variable "compute_hostname_prefix" { +description = "Host name" +} +variable "compute_image" { +description ="OS Image" +} + +variable "compute_ssh_private_key" { +description = "SSH key" +} +variable "compute_ssh_public_key" { +description = "SSH key" +} +variable "bastion_ssh_private_key" { +description = "SSH key" +} +variable "compute_subnet" { +type = "list" +description = "subnet" +} +variable "availability_domain" { + type = "list" +} +variable "AD" { + type = "list" +} + +variable "bastion_public_ip" { + type="string" +} + +variable "compute_boot_volume_size_in_gb" {} +variable "compute_block_volume_size_in_gb" {} +variable "timeout" { + description = "Timeout setting for resource creation " + default = "10m" +} +variable timezone {} +variable bastion_user {} +variable compute_instance_user {} +variable user_data {} +variable remote_exec_script {} +variable compute_platform {} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%dbsystem%db.datasources.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%dbsystem%db.datasources.tf new file mode 100644 index 0000000..791e95b --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%dbsystem%db.datasources.tf @@ -0,0 +1,14 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +# Get CPU and node and node count for a db shape +data "oci_database_db_system_shapes" "db_system_shapes" { + availability_domain = "${element(var.availability_domain, count.index)}" + compartment_id = "${var.compartment_ocid}" + filter { + name = "name" + values = ["${var.db_instance_shape}"] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%dbsystem%db.dbsystem.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%dbsystem%db.dbsystem.tf new file mode 100644 index 0000000..ef047cb --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%dbsystem%db.dbsystem.tf @@ -0,0 +1,34 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +resource "oci_database_db_system" "database" { + count = length(var.availability_domain) + compartment_id = var.compartment_ocid + availability_domain = element(var.availability_domain, count.index) + cpu_core_count = lookup(data.oci_database_db_system_shapes.db_system_shapes.db_system_shapes[0], "minimum_core_count") + database_edition = var.db_edition + db_home { + database = { + "admin_password" = "${var.db_admin_password}" + "db_name" = "${var.db_name}" + "character_set" = "${var.db_characterset}" + "ncharacter_set" = "${var.db_nls_characterset}" + "db_workload" = "${var.db_workload}" + "pdb_name" = "${var.db_pdb_name}" + } + db_version = var.db_version + display_name = var.db_name + } + shape = var.db_instance_shape + node_count = var.db_node_count + data_storage_size_in_gb = var.db_size_in_gb + #data_storage_percentage = "40" + license_model = var.db_license_model + disk_redundancy = var.db_disk_redundancy + subnet_id = element(var.db_subnet, count.index) + ssh_public_keys = ["${trimspace(file("${var.db_ssh_public_key}"))}"] + display_name = "${var.db_hostname_prefix}${element(var.AD, count.index)}${count.index + 1}" + hostname = "${var.db_hostname_prefix}${element(var.AD, count.index)}${count.index + 1}" +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%dbsystem%db.variables.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%dbsystem%db.variables.tf new file mode 100644 index 0000000..29d4a0e --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%dbsystem%db.variables.tf @@ -0,0 +1,70 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +variable "compartment_ocid" { + description = "Compartment name" +} +variable "availability_domain" { + description = "Availability domain" + type = "list" +} +variable "AD" { + description = "Availability domain" + type= "list" +} +variable "db_subnet" { + description = "Subnet for Bastion host" + type = "list" +} +# Database System variables +variable "db_edition" { + description = "Database Edition" +} +variable "db_version" { + description = "Database version" +} +variable "db_admin_password" { + description = "Database admin password" +} +variable "db_name" { + description = "Database Name" +} +variable "db_disk_redundancy" { + description = "Database disk redundancy for Bare Metal DB System" + default="NORMAL" +} +variable "db_hostname_prefix" { + description = "Database hostname prefix" +} +variable "db_instance_shape" { + description = "Database system shape" + +} +variable "db_ssh_public_key" { + description = "Database public ssh key" +} + +variable "db_characterset" { + description = "Database characterset" +} +variable "db_nls_characterset" { + description = "Database National characterset" +} +variable "db_workload" { + description = "Database Workload" + default = "OLTP" +} +variable "db_pdb_name" { +} +variable "db_size_in_gb" { + description = "Database size in gb" +} + +variable "db_license_model" { + description = "Database License Model" +} +variable "db_node_count" { + description = "Database Node count" +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%filesystem%fss.data.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%filesystem%fss.data.tf new file mode 100644 index 0000000..601cec3 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%filesystem%fss.data.tf @@ -0,0 +1,40 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +locals { + fss_private_ips = "${flatten(concat(data.oci_core_private_ips.ip_mount_target.*.private_ips))}" +} + +locals { + fss_exports = [ + "${oci_file_storage_export.fss_export.*.path}", + ] + fss_fstabs = "${formatlist("%s:%s", data.template_file.fss_ips.*.rendered, oci_file_storage_export.fss_export.*.path)}" +} + + +# Get private IP of Filesystem Storage Service + +data "oci_core_private_ips" "ip_mount_target" { + #count = "${length(var.availability_domain)}" + count = "${var.fss_count}" + subnet_id = "${element(oci_file_storage_mount_target.fss_mt.*.subnet_id, count.index)}" + + filter { + name = "id" + values = ["${element(flatten(oci_file_storage_mount_target.fss_mt.*.private_ip_ids), count.index)}"] + } +} + +data "template_file" "fss_ips" { + template = "$${ip_address}" + #count = "${length(var.availability_domain)}" + count = "${var.fss_count}" + + vars = { + ip_address = "${lookup(local.fss_private_ips[count.index], "ip_address")}" + } +} + diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%filesystem%fss.outputs.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%filesystem%fss.outputs.tf new file mode 100644 index 0000000..2b62576 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%filesystem%fss.outputs.tf @@ -0,0 +1,19 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +output "FilesystemPrivateIPs" { + description = "FSS Private IPs" + value = "${data.template_file.fss_ips.*.rendered}" +} + +output "FilesystemExports" { + description = "FSS Exports" + value = "${local.fss_exports}" +} + +output "FilesystemFstabs" { + description = "FSS /etc/fstab Entries" + value = "${local.fss_fstabs}" +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%filesystem%fss.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%filesystem%fss.tf new file mode 100644 index 0000000..e81a74a --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%filesystem%fss.tf @@ -0,0 +1,49 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +resource "oci_file_storage_file_system" "fss" { + compartment_id = "${var.compartment_ocid}" + #count = "${length(var.availability_domain)}" + count = "${var.fss_count}" + availability_domain = "${element(var.availability_domain, count.index)}" + display_name = "${var.fss_instance_prefix}${var.AD[count.index]}" +} + +resource "oci_file_storage_mount_target" "fss_mt" { + depends_on = ["oci_file_storage_file_system.fss"] + compartment_id = "${var.compartment_ocid}" + #count = "${length(var.availability_domain)}" + count = "${var.fss_count}" + availability_domain = "${element(var.availability_domain, count.index)}" + hostname_label = "${var.fss_instance_prefix}${var.AD[count.index]}" + subnet_id = "${element(var.fss_subnet, count.index)}" + display_name = "${var.fss_instance_prefix}${var.AD[count.index]}_mt" +} + +resource "oci_file_storage_export_set" "fss_export_set" { + #count = "${length(var.availability_domain)}" + count = "${var.fss_count}" + mount_target_id = "${element(oci_file_storage_mount_target.fss_mt.*.id, count.index)}" + max_fs_stat_bytes = "${(var.fss_limit_size_in_gb * 1024 * 1024 * 1024)}" +} +resource "oci_file_storage_export" "fss_export" { + #count = "${length(var.availability_domain)}" + count = "${var.fss_count}" + export_set_id = "${element(oci_file_storage_mount_target.fss_mt.*.export_set_id,count.index)}" + file_system_id = "${element(oci_file_storage_file_system.fss.*.id, count.index)}" + path = "/${var.fss_instance_prefix}${var.AD[count.index]}" + + export_options = [ + { + source = "0.0.0.0/0" + access = "READ_WRITE" + identity_squash = "NONE" + require_privileged_source_port = false + }, + ] +} + + + diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%filesystem%fss.vars.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%filesystem%fss.vars.tf new file mode 100644 index 0000000..544312c --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%filesystem%fss.vars.tf @@ -0,0 +1,29 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +variable "compartment_ocid" { +description = "Compartment name" +} + +variable "availability_domain" { + type = "list" +} +variable "AD" { + type = "list" +} +variable "fss_instance_prefix" {} +variable "fss_subnet" { + type = "list" +} +variable "export_path_fs1_mt1" { + default = "/stage/software" +} + +variable "fss_limit_size_in_gb" { +} + +variable fss_count {} + + diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%loadbalancer%lb.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%loadbalancer%lb.tf new file mode 100644 index 0000000..6da97e7 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%loadbalancer%lb.tf @@ -0,0 +1,74 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +resource "oci_load_balancer" "lb" { + shape = "${var.load_balancer_shape}" + count = "${length(var.availability_domain)}" + compartment_id = "${var.compartment_ocid}" + subnet_ids = ["${element(var.load_balancer_subnet, count.index)}"] + display_name = "${var.load_balancer_name}${element(var.AD,count.index)}${count.index+1}" + is_private = "${var.load_balancer_private}" +} + +resource "oci_load_balancer_backend_set" "lb-bset" { + count = "${length(var.availability_domain)}" + name = "${var.load_balancer_name}${element(var.AD,count.index)}-bes${count.index + 1}" + load_balancer_id = "${element(oci_load_balancer.lb.*.id, count.index)}" + policy = "ROUND_ROBIN" + + health_checker { + port = "${var.web_instance_listen_port}" + protocol = "HTTP" + response_body_regex = ".*" + url_path = "/" + } + session_persistence_configuration { + cookie_name = "lb-session1" + disable_fallback = true + } + lifecycle { + ignore_changes = ["availability_domain"] + } +} + +resource "oci_load_balancer_backend" "lb-bset-be" { + count = "${var.web_instance_count}" + load_balancer_id = "${element(oci_load_balancer.lb.*.id, count.index)}" + backendset_name = "${element(oci_load_balancer_backend_set.lb-bset.*.name, count.index)}" + ip_address = "${element(var.be_ip_addresses, count.index)}" + port = "${var.web_instance_listen_port}" + backup = false + drain = false + offline = false + weight = 1 + + lifecycle { + ignore_changes = ["availability_domain"] + } +} + +resource "oci_load_balancer_hostname" "hostname" { + count = "${length(var.availability_domain)}" + hostname = "${var.load_balancer_hostname}" + load_balancer_id = "${element(oci_load_balancer.lb.*.id, count.index)}" + name = "hostname${count.index + 1}" +} + +resource "oci_load_balancer_listener" "lb-listener" { + depends_on = ["oci_load_balancer_hostname.hostname"] + count = "${length(var.availability_domain)}" + load_balancer_id = "${element(oci_load_balancer.lb.*.id, count.index)}" + name = "${var.load_balancer_name}${element(var.AD,count.index)}-lsnr${count.index + 1}" + default_backend_set_name = "${element(oci_load_balancer_backend_set.lb-bset.*.name, count.index)}" + hostname_names = ["${element(oci_load_balancer_hostname.hostname.*.name, count.index)}"] + port = "${var.load_balancer_listen_port}" + protocol = "HTTP" + connection_configuration { + idle_timeout_in_seconds = "2" + } + } + + + diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%loadbalancer%lb.vars.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%loadbalancer%lb.vars.tf new file mode 100644 index 0000000..78d79a1 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%loadbalancer%lb.vars.tf @@ -0,0 +1,38 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +variable load_balancer_subnet { + type = "list" +} + +variable "availability_domain" { + type = "list" + description = "Availability domain" +} + +variable "AD" { + type= "list" +} +variable load_balancer_name {} +variable compartment_ocid {} +variable load_balancer_shape {} +variable load_balancer_private { + default = "True" +} +/*variable be1_ip_address1 { + type="string" +} +*/ + + +variable be_ip_addresses { + type="list" +} +variable load_balancer_hostname {} + +variable web_instance_listen_port {} +variable load_balancer_listen_port {} + +variable web_instance_count {} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%network%subnets%subnets.output.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%network%subnets%subnets.output.tf new file mode 100644 index 0000000..bce9d43 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%network%subnets%subnets.output.tf @@ -0,0 +1,12 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +output "subnetid" { + value = ["${oci_core_subnet.subnet.*.id}"] +} + +output "cidr_block" { + value = ["${oci_core_subnet.subnet.*.cidr_block}"] +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%network%subnets%subnets.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%network%subnets%subnets.tf new file mode 100644 index 0000000..396e2b3 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%network%subnets%subnets.tf @@ -0,0 +1,18 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + +# Module to create subnet +resource "oci_core_subnet" "subnet" { + count = "${length(var.availability_domain)}" + availability_domain = "${element(var.availability_domain, count.index)}" + compartment_id = "${var.compartment_ocid}" + vcn_id = "${var.vcn_id}" + cidr_block = "${var.vcn_subnet_cidr[count.index]}" + display_name = "${var.dns_label}${var.AD[count.index]}" + dns_label = "${var.dns_label}${var.AD[count.index]}" + dhcp_options_id = "${var.dhcp_options_id}" + route_table_id = "${var.route_table_id}" + security_list_ids = ["${var.security_list_ids}"] + prohibit_public_ip_on_vnic = "${var.private_subnet}" +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%network%subnets%subnets.vars.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%network%subnets%subnets.vars.tf new file mode 100644 index 0000000..8170e85 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%network%subnets%subnets.vars.tf @@ -0,0 +1,42 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +variable "compartment_ocid" { + description = "Compartment name" +} +variable "availability_domain" { + description = "Availability domain" + type = "list" +} +variable "AD" { + description = "Availability domain" + type = "list" +} + +# Virtual Cloud Network (VCN) variables +variable "vcn_id" { + description = "VCN OCID" +} +variable "route_table_id" { + description = "VCN Route Table OCID" +} + +variable "dhcp_options_id" { + description = "VCN DHCP options OCID" +} +variable "vcn_subnet_cidr" { + description = "CIDR for VCN subnet" + type = "list" +} +variable "security_list_ids" { + description = "Security List OCID" + type = "list" +} +variable "dns_label" { + description = "VCN DNS Label" +} +variable "private_subnet" { + description = "Whether private or public subnet" +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%network%vcn%vcn.data.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%network%vcn%vcn.data.tf new file mode 100644 index 0000000..947238f --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%network%vcn%vcn.data.tf @@ -0,0 +1,13 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +# Get name of object storage +data "oci_core_services" "svcgtw_services" { + filter { + name = "name" + values = [".*Object.*Storage"] + regex = true + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%network%vcn%vcn.outputs.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%network%vcn%vcn.outputs.tf new file mode 100644 index 0000000..e8397b0 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%network%vcn%vcn.outputs.tf @@ -0,0 +1,29 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +output "vcnid" { + description = "ocid of VCN" + value = "${oci_core_virtual_network.vcn.id}" +} +output "default_dhcp_id" { + description = "ocid of default DHCP options" + value = "${oci_core_virtual_network.vcn.default_dhcp_options_id}" +} + +output "igw_id" { + description = "ocid of internet gateway" + value = "${oci_core_internet_gateway.igw.id}" +} + +output "natgtw_id" { + description = "ocid of service gateway" + value = "${oci_core_nat_gateway.natgtw.id}" +} +output "svcgtw_id" { + description = "ocid of service gateway" + value = "${oci_core_service_gateway.svcgtw.id}" +} + + diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%network%vcn%vcn.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%network%vcn%vcn.tf new file mode 100644 index 0000000..7480ee0 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%network%vcn%vcn.tf @@ -0,0 +1,47 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +# Virtual Cloud Network (VCN) +resource "oci_core_virtual_network" "vcn" { + compartment_id = "${var.compartment_ocid}" + cidr_block = "${var.vcn_cidr}" + dns_label = "${var.vcn_dns_label}" + display_name = "${var.vcn_dns_label}" +} + +# Internet Gateway +resource "oci_core_internet_gateway" "igw" { + compartment_id = "${var.compartment_ocid}" + display_name = "${var.vcn_dns_label}igw" + vcn_id = "${oci_core_virtual_network.vcn.id}" +} + +# NAT (Network Address Translation) Gateway +resource "oci_core_nat_gateway" "natgtw" { + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_virtual_network.vcn.id}" + display_name = "${var.vcn_dns_label}natgtw" +} + +# Service Gateway +resource "oci_core_service_gateway" "svcgtw" { + compartment_id = "${var.compartment_ocid}" + services { + service_id = "${lookup(data.oci_core_services.svcgtw_services.services[0], "id")}" + } + vcn_id = "${oci_core_virtual_network.vcn.id}" + display_name = "${var.vcn_dns_label}svcgtw" +} + +# Dynamic Routing Gateway (DRG) +resource "oci_core_drg" "drg" { + compartment_id = "${var.compartment_ocid}" + display_name = "${var.vcn_dns_label}drg" +} +resource "oci_core_drg_attachment" "drg_attachment" { + drg_id = "${oci_core_drg.drg.id}" + vcn_id = "${oci_core_virtual_network.vcn.id}" + display_name = "${var.vcn_dns_label}drgattch" +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%network%vcn%vcn.vars.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%network%vcn%vcn.vars.tf new file mode 100644 index 0000000..d3f2623 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%modules%network%vcn%vcn.vars.tf @@ -0,0 +1,15 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +variable "compartment_ocid" { + description = "Compartment OCID" +} +# VCN Variables +variable "vcn_cidr" { + description = "VCN CIDR" +} +variable "vcn_dns_label" { + description = "VCN DNS Label" +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%outputs.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%outputs.tf new file mode 100644 index 0000000..8776125 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%outputs.tf @@ -0,0 +1,33 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + +output "BastionPublicIPs" { + value = ["${module.create_bastion.Bastion_Public_IPs}"] +} + +output "PsftAppServerPrivateIPs" { + value = ["${module.create_app.ComputePrivateIPs}"] +} + +output "PsftWebServerPrivateIPs" { + value = ["${module.create_web.ComputePrivateIPs}"] +} + +output "PsftProcSchdServerPrivateIPs" { + value = ["${module.create_process_schd.ComputePrivateIPs}"] +} + +output "PsftElasticSrchServerPrivateIPs" { + value = ["${module.create_elastic_search.ComputePrivateIPs}"] +} + +output "PsftToolsServerDetails" { + value = "${formatlist("%s:%s:%s: %s ", module.create_ptools.ComputePrivateIPs, module.create_ptools.ComputeWinHostNames, module.create_ptools.ComputeWinusers, module.create_ptools.ComputeWincreds)}" +} + +output "PsftFilesystemFstabs" { + value = ["${module.create_fss.FilesystemFstabs}"] +} + + diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%provider.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%provider.tf new file mode 100644 index 0000000..fb203d9 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%provider.tf @@ -0,0 +1,21 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +# Terraform version + +terraform { + required_version = ">= 0.11.8" +} + +# Oracle Cloud Infrastructure (OCI) Provider + +provider "oci" { + version = "=3.5.0" + tenancy_ocid = "${var.tenancy_ocid}" + user_ocid = "${var.user_ocid}" + fingerprint = "${var.fingerprint}" + private_key_path = "${var.private_key_path}" + region = "${var.region}" + } \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%routetables.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%routetables.tf new file mode 100644 index 0000000..c9c0bb3 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%routetables.tf @@ -0,0 +1,34 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +# Public Route Table +resource "oci_core_route_table" "PublicRT" { + compartment_id = var.compartment_ocid + vcn_id = module.create_vcn.vcnid + display_name = "${var.vcn_dns_label}pubrt" + + route_rules { + destination = local.anywhere + network_entity_id = module.create_vcn.igw_id + } +} + +# Private Route Table +resource "oci_core_route_table" "PrivateRT" { + compartment_id = var.compartment_ocid + vcn_id = module.create_vcn.vcnid + display_name = "${var.vcn_dns_label}pvtrt" + + route_rules { + destination = lookup(data.oci_core_services.svcgtw_services.services[0], "cidr_block") + destination_type = "SERVICE_CIDR_BLOCK" + network_entity_id = module.create_vcn.svcgtw_id + } + route_rules { + destination = local.anywhere + destination_type = "CIDR_BLOCK" + network_entity_id = module.create_vcn.natgtw_id + } +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%seclist.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%seclist.tf new file mode 100644 index 0000000..9b50a34 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%seclist.tf @@ -0,0 +1,297 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +locals { + tcp_protocol = "6" + udp_protocol = "17" + all_protocols = "all" + anywhere = "0.0.0.0/0" + db_port = "1521" + ssh_port = "22" + rdp_port = "3389" + winrm_port = "5986" + fss_ports = ["2048", "2050", "111"] +} + +# Bastion Security List +resource "oci_core_security_list" "BastionSecList" { + compartment_id = var.compartment_ocid + display_name = "BastionSecList" + vcn_id = module.create_vcn.vcnid + + egress_security_rules = [ + { + protocol = "${local.tcp_protocol}" + destination = "${local.anywhere}" + }, + ] + + ingress_security_rules = [ + { + tcp_options = { + "min" = "${local.ssh_port}" + "max" = "${local.ssh_port}" + } + + protocol = "${local.tcp_protocol}" + source = "${local.anywhere}" + }, + ] +} + + +# Database System Security List +resource "oci_core_security_list" "DBSecList" { + compartment_id = var.compartment_ocid + display_name = "DBSecList" + vcn_id = module.create_vcn.vcnid + + egress_security_rules = [ + { + protocol = "${local.tcp_protocol}" + destination = "${local.anywhere}" + }, + ] + + ingress_security_rules = [ + { + tcp_options = { + "min" = "${local.ssh_port}" + "max" = "${local.ssh_port}" + } + + protocol = "${local.tcp_protocol}" + source = "${var.vcn_cidr}" + }, + { + tcp_options = { + "min" = "${local.db_port}" + "max" = "${local.db_port}" + } + + protocol = "${local.tcp_protocol}" + source = "${var.vcn_cidr}" + }, + ] +} + +# Application Server Security List +resource "oci_core_security_list" "AppSecList" { + compartment_id = var.compartment_ocid + display_name = "AppSecList" + vcn_id = module.create_vcn.vcnid + + egress_security_rules = [ + { + protocol = "${local.tcp_protocol}" + destination = "${local.anywhere}" + }, + ] + + ingress_security_rules = [ + { + tcp_options = { + "min" = "${local.ssh_port}" + "max" = "${local.ssh_port}" + } + + protocol = "${local.tcp_protocol}" + source = "${var.vcn_cidr}" + }, + { + tcp_options = { + "min" = "${var.psft_app_instance_listen_port_range[0]}" + "max" = "${var.psft_app_instance_listen_port_range[1]}" + } + + protocol = "${local.tcp_protocol}" + source = "${var.vcn_cidr}" + }, + ] +} + +# Web Server Security List +resource "oci_core_security_list" "WebSecList" { + compartment_id = var.compartment_ocid + display_name = "WebSecList" + vcn_id = module.create_vcn.vcnid + + egress_security_rules = [ + { + protocol = "${local.tcp_protocol}" + destination = "${local.anywhere}" + }, + ] + + ingress_security_rules = [ + { + tcp_options = { + "min" = "${local.ssh_port}" + "max" = "${local.ssh_port}" + } + + protocol = "${local.tcp_protocol}" + source = "${var.vcn_cidr}" + }, + { + tcp_options = { + "min" = "${var.psft_web_instance_listen_port}" + "max" = "${var.psft_web_instance_listen_port}" + } + + protocol = "${local.tcp_protocol}" + source = "${var.vcn_cidr}" + }, + ] +} + +# Load Balancer Security List +resource "oci_core_security_list" "LBSecList" { + compartment_id = var.compartment_ocid + display_name = "LBSecList" + vcn_id = module.create_vcn.vcnid + + egress_security_rules = [ + { + protocol = "${local.tcp_protocol}" + destination = "${local.anywhere}" + }, + ] + + ingress_security_rules = [ + { + tcp_options = { + "min" = "${var.load_balancer_listen_port}" + "max" = "${var.load_balancer_listen_port}" + } + + protocol = "${local.tcp_protocol}" + source = "${var.vcn_cidr}" + }, + ] +} + +# Elastic Search Server Security List +resource "oci_core_security_list" "ESSecList" { + compartment_id = var.compartment_ocid + display_name = "ESSecList" + vcn_id = module.create_vcn.vcnid + + egress_security_rules = [ + { + protocol = "${local.tcp_protocol}" + destination = "${local.anywhere}" + }, + ] + + ingress_security_rules = [ + { + tcp_options = { + "min" = "${local.ssh_port}" + "max" = "${local.ssh_port}" + } + + protocol = "${local.tcp_protocol}" + source = "${var.vcn_cidr}" + }, + { + tcp_options = { + "min" = "${var.psft_es_instance_listen_port}" + "max" = "${var.psft_es_instance_listen_port}" + } + + protocol = "${local.tcp_protocol}" + source = "${var.vcn_cidr}" + }, + ] +} + +# Peoplesoft Tools Security List +resource "oci_core_security_list" "PToolsSecList" { + compartment_id = var.compartment_ocid + display_name = "PToolsSecList" + vcn_id = module.create_vcn.vcnid + + egress_security_rules = [ + { + protocol = "${local.tcp_protocol}" + destination = "${local.anywhere}" + }, + ] + + ingress_security_rules = [ + { + tcp_options = { + "min" = "${local.rdp_port}" + "max" = "${local.rdp_port}" + } + + protocol = "${local.tcp_protocol}" + source = "${var.vcn_cidr}" + }, + { + tcp_options = { + "min" = "${local.winrm_port}" + "max" = "${local.winrm_port}" + } + + protocol = "${local.tcp_protocol}" + source = "${var.vcn_cidr}" + }, + ] +} + +# File Storage Service Security List +resource "oci_core_security_list" "FSSSecList" { + compartment_id = var.compartment_ocid + display_name = "FSSSecList" + vcn_id = module.create_vcn.vcnid + + egress_security_rules = [ + { + protocol = "${local.tcp_protocol}" + destination = "${local.anywhere}" + }, + ] + + ingress_security_rules = [ + { + tcp_options = { + "min" = "${local.fss_ports[0]}" + "max" = "${local.fss_ports[1]}" + } + + protocol = "${local.tcp_protocol}" + source = "${var.vcn_cidr}" + }, + { + tcp_options = { + "min" = "${local.fss_ports[2]}" + "max" = "${local.fss_ports[2]}" + } + + protocol = "${local.tcp_protocol}" + source = "${var.vcn_cidr}" + }, + { + udp_options = { + "min" = "${local.fss_ports[0]}" + "max" = "${local.fss_ports[0]}" + } + + protocol = "${local.udp_protocol}" + source = "${var.vcn_cidr}" + }, + { + udp_options = { + "min" = "${local.fss_ports[2]}" + "max" = "${local.fss_ports[2]}" + } + + protocol = "${local.udp_protocol}" + source = "${var.vcn_cidr}" + }, + ] +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%terraform.tfvars b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%terraform.tfvars new file mode 100644 index 0000000..6810734 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%terraform.tfvars @@ -0,0 +1,119 @@ +# AD (Availability Domain to use for creating Peoplesoft infrastructure) +AD = "[]" + +# CIDR block of VCN to be created +vcn_cidr = "" + +# DNS label of VCN to be created +vcn_dns_label = "" + +# Operating system version to be used for compute instances +linux_os_version = "" + +# Size of boot volume (in gb) of compute instances +compute_boot_volume_size_in_gb = "" + +# Size of block volume (in gb) of compute instances +compute_block_volume_size_in_gb = "" + +# Login user for compute instance +compute_instance_user = "" + +# Login user for bastion host +bastion_user = "" + +# Timezone of compute instance +timezone = "" + +#Environment prefix to define name of resources +psft_env_prefix = "" + +# Number of application instances to be created +psft_app_instance_count = "" + +# Shape of app instance +psft_app_instance_shape = "" + +# Listen port range of the application instance +psft_app_instance_listen_port_range = "[]" + +# Number of process scheduler instances to be created +psft_ps_instance_count = "" + +# Shape of process scheduler instance +psft_ps_instance_shape = "" + +# Listen port range of the process scheduler instance +psft_ps_instance_listen_port_range = "[]" + +# Number of elastic search instances to be created +psft_es_instance_count = "" + +# Shape of elastic search instance +psft_es_instance_shape = "" + +# Listen port of the elastic search instance +psft_es_instance_listen_port = "" + +# Shape of tools instance +psft_tls_instance_shape = "" + +# Listen port range of the tools instance +psft_tls_instance_listen_port_range = "[]" + +# Number of web instances to be created +psft_web_instance_count = "" + +# Shape of web instance +psft_web_instance_shape = "" + +# Listen port of the web instance +psft_web_instance_listen_port = "" + +# Mount path for software stage filesystem +psft_stage_filesystem_path = "" + +# Set software stage filesystem limit +psft_stage_filesystem_size_limit_in_gb = "" + +# Datbase Edition +db_edition = "" + +# Licensing model for database +db_license_model = "" + +# Database version +db_version = "" + +# Number of database nodes +db_node_count = "" + +#Shape of Database nodes +db_instance_shape = "" + +#Database name +db_name = "" + +#Size of Database +db_size_in_gb = "" + +# Database administration (sys) password +db_admin_password = "" + +# Characterset of database +db_characterset = "" + +# National Characterset of database +db_nls_characterset = "" + +# Pluggable database name +db_pdb_name = "" + +# Hostname of Load Balancer +load_balancer_hostname = "" + +# Shape of Load Balancer +load_balancer_shape = "" + +#Listen port of load balancer +load_balancer_listen_port = "" \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%variables.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%variables.tf new file mode 100644 index 0000000..b130e56 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%Peoplesoft%variables.tf @@ -0,0 +1,205 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +variable "tenancy_ocid" {} +variable "region" {} + +variable "compartment_ocid" {} + +variable "AD" { + type= "list" +} +variable "user_ocid" {} +variable "fingerprint" {} +variable "private_key_path" {} +variable "ssh_public_key" { + description = "SSH public key for instances" +} +variable "ssh_private_key" { + description = "SSH private key for instances" +} + +variable "bastion_ssh_public_key" { + description = "SSH public key for bastion instance" +} +variable "bastion_ssh_private_key" { + description = "SSH private key for bastion_instance" +} +variable "instance_os" { + description = "Operating system for compute instances" + default = "Oracle Linux" +} +variable "linux_os_version" { + description = "Operating system version for compute instances except NAT" + default = "6.10" +} + +variable "WinInstanceOS" { + description = "Operating system for compute instances" + default = "Windows" +} + +variable "WinInstanceOSVersion" { + description = "Operating system version for all compute instances except NAT" + default = "Server 2012 R2 Standard" +} + +# VCN variables +variable "vcn_cidr" { + description = "CIDR for Virtual Cloud Network (VCN)" +} +variable "vcn_dns_label" { + description = "DNS label for Virtual Cloud Network (VCN)" +} + +# Bastion host variables +variable "bastion_instance_shape" { + description = "Instance shape of bastion host" + default = "VM.Standard2.1" +} + +# Application Server variables +variable "psft_env_prefix" {} + +variable "psft_app_instance_count" { + description = "Application Server count" +} + +variable "psft_app_instance_shape" { + description = "Application Instance shape" +} +variable "psft_app_instance_listen_port_range" { + description = "Application instance listen port" + type = "list" +} + +variable "psft_es_instance_count" { + description = "Application Server count" +} + +variable "psft_es_instance_shape" { + description = "Application Instance shape" +} +variable "psft_es_instance_listen_port" { + description = "Application instance listen port" +} + +variable "psft_ps_instance_count" { + description = "Application Server count" +} + +variable "psft_ps_instance_shape" { + description = "Application Instance shape" +} +variable "psft_ps_instance_listen_port_range" { + description = "Application instance listen port" + type = "list" +} + +variable "psft_tls_instance_shape" { + description = "Application Instance shape" +} +variable "psft_tls_instance_listen_port_range" { + description = "Application instance listen port" + type = "list" +} + +variable "psft_web_instance_count" { + description = "Application Server count" +} + +variable "psft_web_instance_shape" { + description = "Application Instance shape" +} +variable "psft_web_instance_listen_port" { + description = "Application instance listen port" + # type = "list" +} + +variable "compute_boot_volume_size_in_gb" { + description = "Boot volume size of application servers" +} + +variable "compute_block_volume_size_in_gb" { + description = "Boot volume size of application servers" +} + +variable "compute_instance_user" { + description = "Boot volume size of application servers" +} + + +variable "timezone" { + description = "Set timezone for servers" +} + +# Database variables +variable "db_edition" { + description = "DB Edition" + default = "ENTERPRISE_EDITION_EXTREME_PERFORMANCE" +} + +variable "db_instance_shape" { + description = "DB Instance shape" +} + +variable "db_node_count" { + description = "Number of DB Nodes" +} +variable "db_size_in_gb" { + description = "Size of database in GB" +} +variable "db_license_model" { + description = "Database License model" +} + +variable "db_admin_password" { + description = "Database Admin password" +} +variable "db_name" { + description = "Database Name" +} +variable "db_characterset" { + description = "Database Characterset" +} +variable "db_nls_characterset" { + description = "Database National Characterset" +} + +variable "db_version" { + description = "Database version" +} +variable "db_pdb_name" { + description = "Pluggable database Name" +} + + +variable load_balancer_shape { + description = "Load Balancer shape" +} +variable load_balancer_private { + description = "Whether private Load balancer" + default = true +} +variable load_balancer_hostname { + description = "Load Balancer hostname" +} + +variable load_balancer_listen_port { + description = "Load balancer listen port" +} + +variable "timeout" { + description = "Timeout setting for resource creation" + default = "10m" +} + + +variable "bastion_user" { + description = "Login user for bastion host" +} + +variable psft_stage_filesystem_path {} +variable psft_stage_filesystem_size_limit_in_gb {} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%datasources.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%datasources.tf new file mode 100644 index 0000000..7806047 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%datasources.tf @@ -0,0 +1,76 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +# Get list of Availability Domains +data "oci_identity_availability_domains" "ADs" { + compartment_id = "${var.tenancy_ocid}" +} + +# Get name of Availability Domains +data "template_file" "deployment_ad" { + count = "${length(var.AD)}" + template = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[var.AD[count.index] - 1], "name")}" +} + +# Get list of Fault Domains +data "oci_identity_fault_domains" "fds" { + count = "${length(var.AD)}" + availability_domain = "${element(data.template_file.deployment_ad.*.rendered, count.index)}" + compartment_id = "${var.compartment_ocid}" +} + +locals { + fds = "${flatten(concat(data.oci_identity_fault_domains.fds.*.fault_domains))}" + faultdomains_per_ad = 3 +} + +# Get name of Fault Domains +data "template_file" "deployment_fd" { + template = "$${name}" + count = "${length(var.AD) * (local.faultdomains_per_ad) }" + vars = { + name = "${lookup(local.fds[count.index], "name")}" + } +} + +# Get latest Oracle Linux image +data "oci_core_images" "InstanceImageOCID" { + compartment_id = "${var.tenancy_ocid}" + operating_system = "${var.InstanceOS}" + operating_system_version = "${var.linux_os_version}" + filter { + name = "display_name" + values = ["^.*Oracle[^G]*$"] + regex = true + } +} + +# Gets swift object storage name for Service Gateway +data "oci_core_services" "svcgtw_services" { + filter { + name = "name" + values = [".*Object.*Storage"] + regex = true + } +} + + +# Render inputs for mounting Filesystem storage service +data "template_file" "mountfss" { + template = "${file("${path.module}/userdata/mountfss.sh")}" + + vars { + fss_mount_path = "${var.siebel_filesystem_path}/" + fss_export_path = "${element(module.create_fss.FilesystemExports, 0)}" + fss_mount_target_private_ip = "${element(module.create_fss.FilesystemPrivateIPs, 0)}" + } +} + +data "template_file" "bootstrap" { + template = "${file("${path.module}/userdata/bootstrap.tpl")}" + vars { + timezone = "${var.timezone}" + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%fss-remote-exec.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%fss-remote-exec.tf new file mode 100644 index 0000000..4bf4e4c --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%fss-remote-exec.tf @@ -0,0 +1,50 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +resource "random_integer" "rand" { + min = 1000000000 + max = 9999999999 +} + +resource "null_resource" "mountfss" { + count = "${var.siebel_server_instance_count}" + provisioner "local-exec" { + command = "sleep 120" # Wait + } + provisioner "file" { + connection { + agent = false + timeout = "${var.timeout}" + host = "${module.create_app.ComputePrivateIPs[count.index % var.siebel_server_instance_count]}" + user = "${var.compute_instance_user}" + private_key = "${file("${var.ssh_private_key}")}" + + bastion_host = "${module.create_bastion.Bastion_Public_IPs[0]}" + bastion_user = "${var.bastion_user}" + bastion_private_key = "${file("${var.bastion_ssh_private_key}")}" + } + content = "${data.template_file.mountfss.rendered}" + destination = "/tmp/fssmount_${random_integer.rand.result}.sh" + } + + provisioner "remote-exec" { + connection { + agent = false + timeout = "${var.timeout}" + host = "${module.create_app.ComputePrivateIPs[count.index % var.siebel_server_instance_count]}" + user = "${var.compute_instance_user}" + private_key = "${file("${var.ssh_private_key}")}" + + bastion_host = "${module.create_bastion.Bastion_Public_IPs[0]}" + bastion_user = "${var.bastion_user}" + bastion_private_key = "${file("${var.bastion_ssh_private_key}")}" + } + + inline = [ + "chmod +x /tmp/fssmount_${random_integer.rand.result}.sh", + "while [ ! -f /tmp/fss.mounted ]; do /tmp/fssmount_${random_integer.rand.result}.sh; sleep 10; done", + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%main.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%main.tf new file mode 100644 index 0000000..2ca59ad --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%main.tf @@ -0,0 +1,271 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +locals { + // VCN is /16 + bastion_subnet_prefix = "${cidrsubnet("${var.vcn_cidr}", 6, 0)}" + lb_subnet_prefix = "${cidrsubnet("${var.vcn_cidr}", 6, 1)}" + web_subnet_prefix = "${cidrsubnet("${var.vcn_cidr}", 6, 2)}" + app_subnet_prefix = "${cidrsubnet("${var.vcn_cidr}", 6, 3)}" + db_subnet_prefix = "${cidrsubnet("${var.vcn_cidr}", 6, 4)}" +} + +# Create Virtual Cloud Network (VCN) +module "create_vcn" { + source = "./modules/network/vcn" + + compartment_ocid = "${var.compartment_ocid}" + vcn_cidr = "${var.vcn_cidr}" + vcn_dns_label = "${var.vcn_dns_label}" +} + +# Create bastion host subnet +module "bastion_subnet" { + source = "./modules/network/subnets" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.deployment_ad.*.rendered}"] + vcn_id = "${module.create_vcn.vcnid}" + vcn_subnet_cidr = [ + "${cidrsubnet(local.bastion_subnet_prefix, 2, 0)}", + "${cidrsubnet(local.bastion_subnet_prefix, 2, 1)}", + "${cidrsubnet(local.bastion_subnet_prefix, 2, 2)}", + ] + dns_label = "bassubad" + dhcp_options_id = "${module.create_vcn.default_dhcp_id}" + route_table_id = "${oci_core_route_table.PublicRT.id}" + security_list_ids = ["${oci_core_security_list.BastionSecList.id}"] + private_subnet = "False" +} + +# Create Load Balancer subnet +module "lb_subnet" { + source = "./modules/network/subnets" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.deployment_ad.*.rendered}"] + vcn_id = "${module.create_vcn.vcnid}" + vcn_subnet_cidr = [ + "${cidrsubnet(local.lb_subnet_prefix, 2, 0)}", + "${cidrsubnet(local.lb_subnet_prefix, 2, 1)}", + "${cidrsubnet(local.lb_subnet_prefix, 2, 2)}", + ] + dns_label = "lbsubad" + dhcp_options_id = "${module.create_vcn.default_dhcp_id}" + route_table_id = "${oci_core_route_table.PrivateRT.id}" + security_list_ids = ["${oci_core_security_list.LBSecList.id}"] + private_subnet = "True" +} + +# Create web subnet +module "web_subnet" { + source = "./modules/network/subnets" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.deployment_ad.*.rendered}"] + vcn_id = "${module.create_vcn.vcnid}" + vcn_subnet_cidr = [ + "${cidrsubnet(local.web_subnet_prefix, 2, 0)}", + "${cidrsubnet(local.web_subnet_prefix, 2, 1)}", + "${cidrsubnet(local.web_subnet_prefix, 2, 2)}", + ] + dns_label = "websubad" + dhcp_options_id = "${module.create_vcn.default_dhcp_id}" + route_table_id = "${oci_core_route_table.PrivateRT.id}" + security_list_ids = ["${oci_core_security_list.WebSecList.id}"] + private_subnet = "True" +} + +# Create application subnet +module "app_subnet" { + source = "./modules/network/subnets" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.deployment_ad.*.rendered}"] + vcn_id = "${module.create_vcn.vcnid}" + vcn_subnet_cidr = [ + "${cidrsubnet(local.app_subnet_prefix, 2, 0)}", + "${cidrsubnet(local.app_subnet_prefix, 2, 1)}", + "${cidrsubnet(local.app_subnet_prefix, 2, 2)}", + ] + dns_label = "appsubad" + dhcp_options_id = "${module.create_vcn.default_dhcp_id}" + route_table_id = "${oci_core_route_table.PrivateRT.id}" + security_list_ids = ["${oci_core_security_list.AppSecList.id}"] + private_subnet = "True" +} + + + +# Create Database system subnet +module "db_subnet" { + source = "./modules/network/subnets" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.deployment_ad.*.rendered}"] + vcn_id = "${module.create_vcn.vcnid}" + vcn_subnet_cidr = [ + "${cidrsubnet(local.db_subnet_prefix, 2, 0)}", + "${cidrsubnet(local.db_subnet_prefix, 2, 1)}", + "${cidrsubnet(local.db_subnet_prefix, 2, 2)}", + ] + dns_label = "dbsubad" + dhcp_options_id = "${module.create_vcn.default_dhcp_id}" + route_table_id = "${oci_core_route_table.PrivateRT.id}" + security_list_ids = ["${oci_core_security_list.DBSecList.id}"] + private_subnet = "True" +} + +# Create bastion host +module "create_bastion" { + source = "./modules/bastion" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.deployment_ad.*.rendered}"] + bastion_hostname_prefix = "${var.siebel_env_prefix}bas${substr(var.region, 3, 3)}" + bastion_image = "${data.oci_core_images.InstanceImageOCID.images.0.id}" + bastion_instance_shape = "${var.bastion_instance_shape}" + bastion_subnet = ["${module.bastion_subnet.subnetid}"] + bastion_ssh_public_key = "${var.bastion_ssh_public_key}" + } + +# Create siebel server +module "create_app" { + source = "./modules/compute" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.deployment_ad.*.rendered}"] + fault_domain = ["${sort(data.template_file.deployment_fd.*.rendered)}"] + compute_instance_count = "${var.siebel_server_instance_count}" + compute_hostname_prefix = "${var.siebel_env_prefix}app${substr(var.region, 3, 3)}" + compute_boot_volume_size_in_gb = "${var.compute_boot_volume_size_in_gb}" + compute_block_volume_size_in_gb = "${var.compute_block_volume_size_in_gb}" + compute_subnet = ["${module.app_subnet.subnetid}"] + compute_image = "${data.oci_core_images.InstanceImageOCID.images.0.id}" + compute_instance_shape = "${var.siebel_server_instance_shape}" + compute_ssh_public_key = "${var.ssh_public_key}" + compute_ssh_private_key = "${var.ssh_private_key}" + bastion_ssh_private_key = "${var.bastion_ssh_private_key}" + bastion_public_ip = "${module.create_bastion.Bastion_Public_IPs[0]}" + compute_instance_user = "${var.compute_instance_user}" + bastion_user = "${var.bastion_user}" + timezone = "${var.timezone}" + user_data = "${data.template_file.bootstrap.rendered}" +} + + +# Create siebel gateway server +module "create_app_gateway" { + source = "./modules/compute" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.deployment_ad.*.rendered}"] + fault_domain = ["${sort(data.template_file.deployment_fd.*.rendered)}"] + compute_instance_count = "${var.siebel_gateway_instance_count}" + compute_hostname_prefix = "${var.siebel_env_prefix}gtw${substr(var.region, 3, 3)}" + compute_boot_volume_size_in_gb = "${var.compute_boot_volume_size_in_gb}" + compute_block_volume_size_in_gb = "${var.compute_block_volume_size_in_gb}" + compute_image = "${data.oci_core_images.InstanceImageOCID.images.0.id}" + compute_instance_shape = "${var.siebel_gateway_instance_shape}" + compute_subnet = ["${module.app_subnet.subnetid}"] + compute_ssh_public_key = "${var.ssh_public_key}" + compute_ssh_private_key = "${var.ssh_private_key}" + bastion_ssh_private_key = "${var.bastion_ssh_private_key}" + bastion_public_ip = "${module.create_bastion.Bastion_Public_IPs[0]}" + compute_instance_user = "${var.compute_instance_user}" + bastion_user = "${var.bastion_user}" + timezone = "${var.timezone}" + user_data = "${data.template_file.bootstrap.rendered}" +} + + +# Create siebel web server +module "create_web" { + source = "./modules/compute" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.deployment_ad.*.rendered}"] + fault_domain = ["${sort(data.template_file.deployment_fd.*.rendered)}"] + compute_instance_count = "${var.siebel_web_instance_count}" + compute_hostname_prefix = "${var.siebel_env_prefix}web${substr(var.region, 3, 3)}" + compute_boot_volume_size_in_gb = "${var.compute_boot_volume_size_in_gb}" + compute_block_volume_size_in_gb = "${var.compute_block_volume_size_in_gb}" + compute_image = "${data.oci_core_images.InstanceImageOCID.images.0.id}" + compute_instance_shape = "${var.siebel_web_instance_shape}" + compute_subnet = ["${module.web_subnet.subnetid}"] + compute_ssh_public_key = "${var.ssh_public_key}" + compute_ssh_private_key = "${var.ssh_private_key}" + bastion_ssh_private_key = "${var.bastion_ssh_private_key}" + bastion_public_ip = "${module.create_bastion.Bastion_Public_IPs[0]}" + compute_instance_user = "${var.compute_instance_user}" + bastion_user = "${var.bastion_user}" + timezone = "${var.timezone}" + user_data = "${data.template_file.bootstrap.rendered}" +} + + +# Create siebel filsystem +module "create_fss" { + source = "./modules/filesystem" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.deployment_ad.*.rendered}"] + fss_instance_prefix = "${var.siebel_env_prefix}fss${substr(var.region, 3, 3)}" + fss_subnet = ["${module.app_subnet.subnetid}"] + fss_limit_size_in_gb = "${var.siebel_filesystem_size_limit_in_gb}" +} + + +# Create database system + module "create_db" { + source = "./modules/dbsystem" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.deployment_ad.*.rendered}"] + db_edition = "${var.db_edition}" + db_instance_shape = "${var.db_instance_shape}" + db_node_count = "${var.db_node_count}" + db_hostname_prefix = "${var.siebel_env_prefix}db${substr(var.region, 3, 3)}" + db_size_in_gb = "${var.db_size_in_gb}" + db_license_model = "${var.db_license_model}" + db_subnet = ["${module.db_subnet.subnetid}"] + db_ssh_public_key = "${var.ssh_public_key}" + db_admin_password = "${var.db_admin_password}" + db_name = "${var.db_name}" + db_characterset = "${var.db_characterset}" + db_nls_characterset = "${var.db_nls_characterset}" + db_version = "${var.db_version}" + db_pdb_name = "${var.db_pdb_name}" +} + +# Create Load Balancer +module "create_lb" { + source = "./modules/loadbalancer" + + compartment_ocid = "${var.compartment_ocid}" + AD = "${var.AD}" + availability_domain = ["${data.template_file.deployment_ad.*.rendered}"] + load_balancer_shape = "${var.load_balancer_shape}" + load_balancer_subnet = ["${module.lb_subnet.subnetid}"] + load_balancer_name = "${var.siebel_env_prefix}lb${substr(var.region, 3, 3)}" + load_balancer_hostname = "${var.load_balancer_hostname}" + load_balancer_listen_port = "${var.load_balancer_listen_port}" + app_instance_listen_port = "${var.siebel_web_instance_listen_port}" + app_instance_count = "${var.siebel_web_instance_count}" + be_ip_addresses = ["${module.create_web.ComputePrivateIPs}"] +} + + diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%bastion%bastion.outputs.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%bastion%bastion.outputs.tf new file mode 100644 index 0000000..b25314c --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%bastion%bastion.outputs.tf @@ -0,0 +1,8 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +output "Bastion_Public_IPs" { + value = ["${oci_core_instance.bastion.*.public_ip}"] +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%bastion%bastion.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%bastion%bastion.tf new file mode 100644 index 0000000..14e11d4 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%bastion%bastion.tf @@ -0,0 +1,29 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +resource "oci_core_instance" "bastion" { + compartment_id = "${var.compartment_ocid}" + count = "${length(var.availability_domain)}" + availability_domain = "${element(var.availability_domain, count.index)}" + display_name = "${var.bastion_hostname_prefix}${element(var.AD,count.index)}${count.index+1}" + shape = "${var.bastion_instance_shape}" + + create_vnic_details { + subnet_id = "${element(var.bastion_subnet, count.index)}" + display_name = "${var.bastion_hostname_prefix}${element(var.AD,count.index)}${count.index+1}" + assign_public_ip = true + hostname_label = "${var.bastion_hostname_prefix}${element(var.AD,count.index)}${count.index+1}" + } + + source_details { + source_type = "image" + source_id = "${var.bastion_image}" + boot_volume_size_in_gbs = "60" + } + + metadata { + ssh_authorized_keys = "${trimspace(file("${var.bastion_ssh_public_key}"))}" + } +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%bastion%bastion.vars.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%bastion%bastion.vars.tf new file mode 100644 index 0000000..14a6569 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%bastion%bastion.vars.tf @@ -0,0 +1,38 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +variable "compartment_ocid" { + description = "Compartment name" +} +variable "availability_domain" { + description = "Availability domain" + type = "list" +} + +variable "AD" { + description = "Availability domain" + type= "list" +} + +# Bastion host variables +variable "bastion_hostname_prefix" { + description = "Prefix for bastion hostname" +} + +variable "bastion_instance_shape" { + description = "Instance shape of bastion host" +} + +variable "bastion_subnet" { + description = "Subnet for Bastion host" + type = "list" +} + +variable "bastion_image" { + description ="Bation Operating System Image" +} +variable "bastion_ssh_public_key" { + description = "Bastion Host SSH public key" +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%compute%compute.blockvolume.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%compute%compute.blockvolume.tf new file mode 100644 index 0000000..907dc0f --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%compute%compute.blockvolume.tf @@ -0,0 +1,79 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +resource "oci_core_volume" "blockvolume" { + count = "${var.compute_instance_count}" + availability_domain = "${element(var.availability_domain, count.index)}" + compartment_id = "${var.compartment_ocid}" + display_name = "${var.compute_hostname_prefix}vol${count.index+1}" + size_in_gbs = "${var.compute_block_volume_size_in_gb}" +} + +resource "oci_core_volume_attachment" "blockvolume_attach" { + attachment_type = "iscsi" + count = "${var.compute_instance_count}" + compartment_id = "${var.compartment_ocid}" + instance_id = "${element(oci_core_instance.compute.*.id, count.index)}" + volume_id = "${element(oci_core_volume.blockvolume.*.id, count.index)}" + + + + provisioner "remote-exec" { + connection { + agent = false + timeout = "30m" + host = "${element(oci_core_instance.compute.*.private_ip, count.index)}" + user = "${var.compute_instance_user}" + private_key = "${file("${var.compute_ssh_private_key}")}" + bastion_host = "${var.bastion_public_ip}" + bastion_port = "22" + bastion_user = "${var.bastion_user}" + bastion_private_key = "${file("${var.bastion_ssh_private_key}")}" + } + + inline = [ + "sudo -s bash -c 'iscsiadm -m node -o new -T ${self.iqn} -p ${self.ipv4}:${self.port}'", + "sudo -s bash -c 'iscsiadm -m node -o update -T ${self.iqn} -n node.startup -v automatic '", + "sudo -s bash -c 'iscsiadm -m node -T ${self.iqn} -p ${self.ipv4}:${self.port} -l '", + "sudo -s bash -c 'mkfs.ext4 -F /dev/sdb'", + "sudo -s bash -c 'mkdir -p /u01'", + "sudo -s bash -c 'mount -t ext4 /dev/sdb /u01'", + "sudo -s bash -c 'echo \"/dev/sdb /u01 ext4 defaults,noatime,_netdev,nofail 0 2\" >> /etc/fstab'", + ] + } +} + +/* +resource "null_resource" "remote-exec" { + depends_on = ["oci_core_instance.compute", "oci_core_volume_attachment.blockvolume_attach"] + count = "${var.compute_instance_count}" + + provisioner "remote-exec" { + connection { + agent = false + timeout = "30m" + host = "${oci_core_instance.compute.*.private_ip[count.index % var.compute_instance_count]}" + user = "${var.app_instance_user}" + private_key = "${file(var.app_ssh_private_key)}" + bastion_host = "${var.bastion_public_ip}" + bastion_port = "22" + bastion_user = "${var.bastion_user}" + bastion_private_key = "${file(var.bastion_ssh_private_key)}" + } + + inline = [ + "touch ~/IMadeAFile.Right.Here", + "sudo mkdir /u01", + "sudo service iscsi reload", + "sudo iscsiadm -m node -o new -T ${oci_core_volume_attachment.blockvolume_attach.*.iqn[count.index]} -p ${oci_core_volume_attachment.blockvolume_attach.*.ipv4[count.index]}:${oci_core_volume_attachment.blockvolume_attach.*.port[count.index]}", + "sudo iscsiadm -m node -o update -T ${oci_core_volume_attachment.blockvolume_attach.*.iqn[count.index]} -n node.startup -v automatic", + "echo sudo iscsiadm -m node -T ${oci_core_volume_attachment.blockvolume_attach.*.iqn[count.index]} -p ${oci_core_volume_attachment.blockvolume_attach.*.ipv4[count.index]}:${oci_core_volume_attachment.blockvolume_attach.*.port[count.index]} -l >> ~/.bashrc", + "sudo -s bash -c 'mkfs.ext4 -F /dev/sdb'", + "sudo -s bash -c 'mount -t ext4 /dev/sdb /u01'", + "sudo -s bash -c 'echo \"/dev/sdb /u01 ext4 defaults,noatime,_netdev,nofail 0 2\" >> /etc/fstab'", + ] + } +} +*/ \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%compute%compute.outputs.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%compute%compute.outputs.tf new file mode 100644 index 0000000..9b20d49 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%compute%compute.outputs.tf @@ -0,0 +1,8 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +output "ComputePrivateIPs" { +value = ["${oci_core_instance.compute.*.private_ip}"] +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%compute%compute.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%compute%compute.tf new file mode 100644 index 0000000..ebb54d0 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%compute%compute.tf @@ -0,0 +1,35 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +resource "oci_core_instance" "compute" { + count = "${var.compute_instance_count}" + availability_domain = "${element(var.availability_domain, count.index)}" + display_name = "${var.compute_hostname_prefix}${element(var.AD,count.index)}${count.index + 1}" + fault_domain = "${element(var.fault_domain, count.index)}" + compartment_id = "${var.compartment_ocid}" + shape = "${var.compute_instance_shape}" + + create_vnic_details { + subnet_id = "${element(var.compute_subnet, count.index)}" + display_name = "${var.compute_hostname_prefix}${element(var.AD,count.index)}${count.index + 1}" + assign_public_ip = false + hostname_label = "${var.compute_hostname_prefix}${element(var.AD,count.index)}${count.index + 1}" + } + + source_details { + source_type = "image" + source_id = "${var.compute_image}" + boot_volume_size_in_gbs = "${var.compute_boot_volume_size_in_gb}" + } + + metadata { + ssh_authorized_keys = "${trimspace(file("${var.compute_ssh_public_key}"))}" + user_data = "${base64encode(var.user_data)}" + } + + timeouts { + create = "${var.timeout}" + } +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%compute%compute.variables.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%compute%compute.variables.tf new file mode 100644 index 0000000..0b39e16 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%compute%compute.variables.tf @@ -0,0 +1,71 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +variable "compartment_ocid" { +description = "Compartment name" +} + +variable "fault_domain" { + description = "Fault Domainr" + type = "list" +} +variable "compute_instance_count" {} +variable "compute_instance_shape" {} +variable "compute_hostname_prefix" { +description = "Host name" +} +variable "compute_image" { +description ="OS Image" +} + +variable "compute_ssh_private_key" { +description = "SSH key" +} +variable "compute_ssh_public_key" { +description = "SSH key" +} +variable "bastion_ssh_private_key" { +description = "SSH key" +} +variable "compute_subnet" { +type = "list" +description = "subnet" +} +variable "availability_domain" { + type = "list" +} +variable "AD" { + type = "list" +} +/*variable "fss_instance_prefix" {} +variable "fss_subnet" { + type = "list" +} +variable "export_path_fs1_mt1" { + default = "/sieblelfs" +} +*/ +variable "bastion_public_ip" { + type="string" +} + + +variable "compute_boot_volume_size_in_gb" {} +variable "compute_block_volume_size_in_gb" {} + + +variable "timeout" { + description = "Timeout setting for resource creation " + default = "10m" +} + + +variable timezone {} +variable bastion_user {} + +variable compute_instance_user {} + + +variable user_data {} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%dbsystem%db.datasources.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%dbsystem%db.datasources.tf new file mode 100644 index 0000000..4c70f6e --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%dbsystem%db.datasources.tf @@ -0,0 +1,68 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +# Get a list of Availability Domains + +data "oci_database_db_system_shapes" "db_system_shapes" { + availability_domain = "${element(var.availability_domain, count.index)}" + compartment_id = "${var.compartment_ocid}" + filter { + name = "shape" + values = ["${var.db_instance_shape}"] + } +} + +data "oci_database_db_nodes" "DBNodeList" { + compartment_id = "${var.compartment_ocid}" + count = "${length(var.availability_domain)}" + #count = "${length(var.availability_domain)}" + #db_system_id = "${oci_database_db_system.ebsdb.0.id}" + db_system_id ="${element(flatten(oci_database_db_system.database.*.id), count.index)}" + /*filter { + name = "id" + #values = ["${oci_file_storage_mount_target.ebsappfss_mt1.*.private_ip_ids[count.index]}"] + values = ["${element(flatten(oci_database_db_system.ebsdb.*.db_nodes), count.index)}"] + }*/ +} +/* +data "oci_database_db_node" "db_node_details" { + #count = "${length(var.availability_domain) * var.db_node_count}" + count = "${length(var.availability_domain) * (var.db_node_count)}" + #db_node_id = "${lookup(data.oci_database_db_nodes.db_nodes.db_nodes[0], "id")}" + db_node_id = "${element(data.oci_database_db_nodes.DBNodeList.*.db_nodes, count.index)}" +}*/ +/* +data "oci_core_private_ips" "DBNodeIPs" { + count = "${length(var.availability_domain) * var.db_node_count}" + #subnet_id= "${oci_file_storage_mount_target.ebsappfss_mt1.*.subnet_id[count.index]}" + vnic_id= "${lookup(data.oci_database_db_nodes.DBNodeList.*.db_nodes, count.index)}" + + filter { + name = "id" + #values = ["${oci_file_storage_mount_target.ebsappfss_mt1.*.private_ip_ids[count.index]}"] + values = ["${element(flatten(data.oci_database_db_nodes.DBNodeList.*.vnic_id), count.index)}"] + #values = ["${element(flatten(oci_file_storage_mount_target.ebsappfss_mt1.*.private_ip_ids), count.index)}"] + } +} + +*/ + + +/* +locals { + fss-private-ips = "${flatten(concat(data.oci_core_private_ips.ip_mount_target.*.private_ips))}" +} + +data "template_file" "fss-ips" { + template = "$${ip_address}" + count = "${length(var.availability_domain)}" + + vars = { + ip_address = "${lookup(local.fss-private-ips[count.index], "ip_address")}" + } +} + +*/ + diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%dbsystem%db.dbsystem.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%dbsystem%db.dbsystem.tf new file mode 100644 index 0000000..c1ce9b1 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%dbsystem%db.dbsystem.tf @@ -0,0 +1,34 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +resource "oci_database_db_system" "database" { + count = "${length(var.availability_domain)}" + compartment_id = "${var.compartment_ocid}" + availability_domain = "${element(var.availability_domain, count.index)}" + cpu_core_count = "${lookup(data.oci_database_db_system_shapes.db_system_shapes.db_system_shapes[0], "minimum_core_count")}" + database_edition = "${var.db_edition}" + db_home { + database = { + "admin_password" = "${var.db_admin_password}" + "db_name" = "${var.db_name}" + "character_set" = "${var.db_characterset}" + "ncharacter_set" = "${var.db_nls_characterset}" + "db_workload" = "${var.db_workload}" + "pdb_name" = "${var.db_pdb_name}" + } + db_version = "${var.db_version}" + display_name = "${var.db_name}" + } + shape = "${var.db_instance_shape}" + node_count = "${var.db_node_count}" + data_storage_size_in_gb = "${var.db_size_in_gb}" + #data_storage_percentage = "40" + license_model = "${var.db_license_model}" + disk_redundancy = "${var.db_disk_redundancy}" + subnet_id = "${element(var.db_subnet, count.index)}" + ssh_public_keys = ["${trimspace(file("${var.db_ssh_public_key}"))}"] + display_name = "${var.db_hostname_prefix}${element(var.AD,count.index)}${count.index + 1}" + hostname = "${var.db_hostname_prefix}${element(var.AD,count.index)}${count.index + 1}" +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%dbsystem%db.variables.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%dbsystem%db.variables.tf new file mode 100644 index 0000000..6461dfe --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%dbsystem%db.variables.tf @@ -0,0 +1,52 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +variable "compartment_ocid" {} + +variable "db_subnet" { + type="list" +} +variable "availability_domain" { + type = "list" +} + +variable "AD" { + type= "list" +} + +# DBSystem specific +variable "db_edition" {} + +variable "db_admin_password" {} + +variable "db_name" {} + +variable "db_version" {} + +variable "db_disk_redundancy" { + default="NORMAL" +} + +variable "db_hostname_prefix" {} +variable "db_instance_shape" {} + +variable "db_ssh_public_key" {} + +variable "db_nls_characterset" { +} +variable "db_characterset" { +} +variable "db_workload" { + default = "OLTP" +} +variable "db_pdb_name" { +} +variable "db_size_in_gb" { +} + +variable "db_license_model" { +} +variable "db_node_count" { +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%filesystem%fss.data.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%filesystem%fss.data.tf new file mode 100644 index 0000000..65ad44f --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%filesystem%fss.data.tf @@ -0,0 +1,38 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +locals { + fss_private_ips = "${flatten(concat(data.oci_core_private_ips.ip_mount_target.*.private_ips))}" +} + +locals { + fss_exports = [ + "${oci_file_storage_export.fss_export.*.path}", + ] + fss_fstabs = "${formatlist("%s:%s", data.template_file.fss_ips.*.rendered, oci_file_storage_export.fss_export.*.path)}" +} + + +# Get private IP of Filesystem Storage Service + +data "oci_core_private_ips" "ip_mount_target" { + count = "${length(var.availability_domain)}" + subnet_id = "${element(oci_file_storage_mount_target.fss_mt.*.subnet_id, count.index)}" + + filter { + name = "id" + values = ["${element(flatten(oci_file_storage_mount_target.fss_mt.*.private_ip_ids), count.index)}"] + } +} + +data "template_file" "fss_ips" { + template = "$${ip_address}" + count = "${length(var.availability_domain)}" + + vars = { + ip_address = "${lookup(local.fss_private_ips[count.index], "ip_address")}" + } +} + diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%filesystem%fss.outputs.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%filesystem%fss.outputs.tf new file mode 100644 index 0000000..2b62576 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%filesystem%fss.outputs.tf @@ -0,0 +1,19 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +output "FilesystemPrivateIPs" { + description = "FSS Private IPs" + value = "${data.template_file.fss_ips.*.rendered}" +} + +output "FilesystemExports" { + description = "FSS Exports" + value = "${local.fss_exports}" +} + +output "FilesystemFstabs" { + description = "FSS /etc/fstab Entries" + value = "${local.fss_fstabs}" +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%filesystem%fss.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%filesystem%fss.tf new file mode 100644 index 0000000..54f2043 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%filesystem%fss.tf @@ -0,0 +1,45 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +resource "oci_file_storage_file_system" "fss" { + compartment_id = "${var.compartment_ocid}" + count = "${length(var.availability_domain)}" + availability_domain = "${element(var.availability_domain, count.index)}" + display_name = "${var.fss_instance_prefix}${var.AD[count.index]}" +} + +resource "oci_file_storage_mount_target" "fss_mt" { + depends_on = ["oci_file_storage_file_system.fss"] + compartment_id = "${var.compartment_ocid}" + count = "${length(var.availability_domain)}" + availability_domain = "${element(var.availability_domain, count.index)}" + hostname_label = "${var.fss_instance_prefix}${var.AD[count.index]}" + subnet_id = "${element(var.fss_subnet, count.index)}" + display_name = "${var.fss_instance_prefix}${var.AD[count.index]}_mt" +} + +resource "oci_file_storage_export_set" "fss_export_set" { + count = "${length(var.availability_domain)}" + mount_target_id = "${element(oci_file_storage_mount_target.fss_mt.*.id, count.index)}" + max_fs_stat_bytes = "${(var.fss_limit_size_in_gb * 1024 * 1024 * 1024)}" +} +resource "oci_file_storage_export" "fss_export" { + count = "${length(var.availability_domain)}" + export_set_id = "${element(oci_file_storage_mount_target.fss_mt.*.export_set_id,count.index)}" + file_system_id = "${element(oci_file_storage_file_system.fss.*.id, count.index)}" + path = "/${var.fss_instance_prefix}${var.AD[count.index]}" + + export_options = [ + { + source = "0.0.0.0/0" + access = "READ_WRITE" + identity_squash = "NONE" + require_privileged_source_port = true + }, + ] +} + + + diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%filesystem%fss.vars.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%filesystem%fss.vars.tf new file mode 100644 index 0000000..7140d91 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%filesystem%fss.vars.tf @@ -0,0 +1,28 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +variable "compartment_ocid" { +description = "Compartment name" +} + +variable "availability_domain" { + type = "list" +} +variable "AD" { + type = "list" +} +variable "fss_instance_prefix" {} +variable "fss_subnet" { + type = "list" +} +variable "export_path_fs1_mt1" { + default = "/sieblelfs" +} + +variable "fss_limit_size_in_gb" { +} + + + diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%loadbalancer%lb.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%loadbalancer%lb.tf new file mode 100644 index 0000000..a39a81f --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%loadbalancer%lb.tf @@ -0,0 +1,74 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +resource "oci_load_balancer" "lb" { + shape = "${var.load_balancer_shape}" + count = "${length(var.availability_domain)}" + compartment_id = "${var.compartment_ocid}" + subnet_ids = ["${element(var.load_balancer_subnet, count.index)}"] + display_name = "${var.load_balancer_name}${element(var.AD,count.index)}${count.index+1}" + is_private = "${var.load_balancer_private}" +} + +resource "oci_load_balancer_backend_set" "lb-bset" { + count = "${length(var.availability_domain)}" + name = "${var.load_balancer_name}${element(var.AD,count.index)}-bes${count.index + 1}" + load_balancer_id = "${element(oci_load_balancer.lb.*.id, count.index)}" + policy = "ROUND_ROBIN" + + health_checker { + port = "${var.app_instance_listen_port}" + protocol = "HTTP" + response_body_regex = ".*" + url_path = "/" + } + session_persistence_configuration { + cookie_name = "lb-session1" + disable_fallback = true + } + lifecycle { + ignore_changes = ["availability_domain"] + } +} + +resource "oci_load_balancer_backend" "lb-bset-be" { + count = "${var.app_instance_count}" + load_balancer_id = "${element(oci_load_balancer.lb.*.id, count.index)}" + backendset_name = "${element(oci_load_balancer_backend_set.lb-bset.*.name, count.index)}" + ip_address = "${element(var.be_ip_addresses, count.index)}" + port = "${var.app_instance_listen_port}" + backup = false + drain = false + offline = false + weight = 1 + + lifecycle { + ignore_changes = ["availability_domain"] + } +} + +resource "oci_load_balancer_hostname" "hostname" { + count = "${length(var.availability_domain)}" + hostname = "${var.load_balancer_hostname}" + load_balancer_id = "${element(oci_load_balancer.lb.*.id, count.index)}" + name = "hostname${count.index + 1}" +} + +resource "oci_load_balancer_listener" "lb-listener" { + depends_on = ["oci_load_balancer_hostname.hostname"] + count = "${length(var.availability_domain)}" + load_balancer_id = "${element(oci_load_balancer.lb.*.id, count.index)}" + name = "${var.load_balancer_name}${element(var.AD,count.index)}-lsnr${count.index + 1}" + default_backend_set_name = "${element(oci_load_balancer_backend_set.lb-bset.*.name, count.index)}" + hostname_names = ["${element(oci_load_balancer_hostname.hostname.*.name, count.index)}"] + port = "${var.load_balancer_listen_port}" + protocol = "HTTP" + connection_configuration { + idle_timeout_in_seconds = "2" + } + } + + + diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%loadbalancer%lb.vars.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%loadbalancer%lb.vars.tf new file mode 100644 index 0000000..29a78b0 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%loadbalancer%lb.vars.tf @@ -0,0 +1,38 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +variable load_balancer_subnet { + type = "list" +} + +variable "availability_domain" { + type = "list" + description = "Availability domain" +} + +variable "AD" { + type= "list" +} +variable load_balancer_name {} +variable compartment_ocid {} +variable load_balancer_shape {} +variable load_balancer_private { + default = "True" +} +/*variable be1_ip_address1 { + type="string" +} +*/ + + +variable be_ip_addresses { + type="list" +} +variable load_balancer_hostname {} + +variable app_instance_listen_port {} +variable load_balancer_listen_port {} + +variable app_instance_count {} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%network%subnets%subnets.output.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%network%subnets%subnets.output.tf new file mode 100644 index 0000000..bce9d43 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%network%subnets%subnets.output.tf @@ -0,0 +1,12 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +output "subnetid" { + value = ["${oci_core_subnet.subnet.*.id}"] +} + +output "cidr_block" { + value = ["${oci_core_subnet.subnet.*.cidr_block}"] +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%network%subnets%subnets.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%network%subnets%subnets.tf new file mode 100644 index 0000000..080fc9f --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%network%subnets%subnets.tf @@ -0,0 +1,19 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +# Create subnet +resource "oci_core_subnet" "subnet" { + count = "${length(var.availability_domain)}" + availability_domain = "${element(var.availability_domain, count.index)}" + compartment_id = "${var.compartment_ocid}" + vcn_id = "${var.vcn_id}" + cidr_block = "${var.vcn_subnet_cidr[count.index]}" + display_name = "${var.dns_label}${var.AD[count.index]}" + dns_label = "${var.dns_label}${var.AD[count.index]}" + dhcp_options_id = "${var.dhcp_options_id}" + route_table_id = "${var.route_table_id}" + security_list_ids = ["${var.security_list_ids}"] + prohibit_public_ip_on_vnic = "${var.private_subnet}" +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%network%subnets%subnets.vars.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%network%subnets%subnets.vars.tf new file mode 100644 index 0000000..c64cae8 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%network%subnets%subnets.vars.tf @@ -0,0 +1,45 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + +/* +variable "tenancy_ocid" { + description = "OCI Tenancy OCID" +}*/ +variable "compartment_ocid" { + description = "Compartment name" +} +variable "availability_domain" { + description = "Availability domain" + type = "list" +} +variable "AD" { + description = "Availability domain" + type = "list" +} + +# Virtual Cloud Network (VCN) variables +variable "vcn_id" { + description = "VCN OCID" +} +variable "route_table_id" { + description = "VCN Route Table OCID" +} + +variable "dhcp_options_id" { + description = "VCN DHCP options OCID" +} +variable "vcn_subnet_cidr" { + description = "CIDR for VCN subnet" + type = "list" +} +variable "security_list_ids" { + description = "Security List OCID" + type = "list" +} +variable "dns_label" { + description = "VCN DNS Label" +} +variable "private_subnet" { + description = "Whether private or public subnet" +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%network%vcn%vcn.data.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%network%vcn%vcn.data.tf new file mode 100644 index 0000000..947238f --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%network%vcn%vcn.data.tf @@ -0,0 +1,13 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +# Get name of object storage +data "oci_core_services" "svcgtw_services" { + filter { + name = "name" + values = [".*Object.*Storage"] + regex = true + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%network%vcn%vcn.outputs.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%network%vcn%vcn.outputs.tf new file mode 100644 index 0000000..00568f3 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%network%vcn%vcn.outputs.tf @@ -0,0 +1,27 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +output "vcnid" { + description = "ocid of VCN" + value = "${oci_core_virtual_network.vcn.id}" +} +output "default_dhcp_id" { + description = "ocid of default DHCP options" + value = "${oci_core_virtual_network.vcn.default_dhcp_options_id}" +} + +output "igw_id" { + description = "ocid of internet gateway" + value = "${oci_core_internet_gateway.igw.id}" +} + +output "natgtw_id" { + description = "ocid of service gateway" + value = "${oci_core_nat_gateway.natgtw.id}" +} +output "svcgtw_id" { + description = "ocid of service gateway" + value = "${oci_core_service_gateway.svcgtw.id}" +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%network%vcn%vcn.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%network%vcn%vcn.tf new file mode 100644 index 0000000..7480ee0 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%network%vcn%vcn.tf @@ -0,0 +1,47 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +# Virtual Cloud Network (VCN) +resource "oci_core_virtual_network" "vcn" { + compartment_id = "${var.compartment_ocid}" + cidr_block = "${var.vcn_cidr}" + dns_label = "${var.vcn_dns_label}" + display_name = "${var.vcn_dns_label}" +} + +# Internet Gateway +resource "oci_core_internet_gateway" "igw" { + compartment_id = "${var.compartment_ocid}" + display_name = "${var.vcn_dns_label}igw" + vcn_id = "${oci_core_virtual_network.vcn.id}" +} + +# NAT (Network Address Translation) Gateway +resource "oci_core_nat_gateway" "natgtw" { + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_virtual_network.vcn.id}" + display_name = "${var.vcn_dns_label}natgtw" +} + +# Service Gateway +resource "oci_core_service_gateway" "svcgtw" { + compartment_id = "${var.compartment_ocid}" + services { + service_id = "${lookup(data.oci_core_services.svcgtw_services.services[0], "id")}" + } + vcn_id = "${oci_core_virtual_network.vcn.id}" + display_name = "${var.vcn_dns_label}svcgtw" +} + +# Dynamic Routing Gateway (DRG) +resource "oci_core_drg" "drg" { + compartment_id = "${var.compartment_ocid}" + display_name = "${var.vcn_dns_label}drg" +} +resource "oci_core_drg_attachment" "drg_attachment" { + drg_id = "${oci_core_drg.drg.id}" + vcn_id = "${oci_core_virtual_network.vcn.id}" + display_name = "${var.vcn_dns_label}drgattch" +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%network%vcn%vcn.vars.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%network%vcn%vcn.vars.tf new file mode 100644 index 0000000..d3f2623 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%modules%network%vcn%vcn.vars.tf @@ -0,0 +1,15 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +variable "compartment_ocid" { + description = "Compartment OCID" +} +# VCN Variables +variable "vcn_cidr" { + description = "VCN CIDR" +} +variable "vcn_dns_label" { + description = "VCN DNS Label" +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%outputs.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%outputs.tf new file mode 100644 index 0000000..8e569d4 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%outputs.tf @@ -0,0 +1,24 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +output "BastionPublicIPs" { + value = ["${module.create_bastion.Bastion_Public_IPs}"] +} + +output "SiebelServerPrivateIPs" { + value = ["${module.create_app.ComputePrivateIPs}"] +} + +output "SiebelWebServerPrivateIPs" { + value = ["${module.create_web.ComputePrivateIPs}"] +} + +output "SiebelGatewayServerPrivateIPs" { + value = ["${module.create_app_gateway.ComputePrivateIPs}"] +} + +output "SiebelFilesystemFstabs" { + value = ["${module.create_fss.FilesystemFstabs}"] +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%provider.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%provider.tf new file mode 100644 index 0000000..fb203d9 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%provider.tf @@ -0,0 +1,21 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +# Terraform version + +terraform { + required_version = ">= 0.11.8" +} + +# Oracle Cloud Infrastructure (OCI) Provider + +provider "oci" { + version = "=3.5.0" + tenancy_ocid = "${var.tenancy_ocid}" + user_ocid = "${var.user_ocid}" + fingerprint = "${var.fingerprint}" + private_key_path = "${var.private_key_path}" + region = "${var.region}" + } \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%routetables.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%routetables.tf new file mode 100644 index 0000000..01f0fb6 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%routetables.tf @@ -0,0 +1,33 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + +# Public Route Table +resource "oci_core_route_table" "PublicRT" { + compartment_id = "${var.compartment_ocid}" + vcn_id = "${module.create_vcn.vcnid}" + display_name = "${var.vcn_dns_label}pubrt" + + route_rules { + destination = "${local.anywhere}" + network_entity_id = "${module.create_vcn.igw_id}" + } +} + +# Private Route Table +resource "oci_core_route_table" "PrivateRT" { + compartment_id = "${var.compartment_ocid}" + vcn_id = "${module.create_vcn.vcnid}" + display_name = "${var.vcn_dns_label}pvtrt" + + route_rules { + destination = "${lookup(data.oci_core_services.svcgtw_services.services[0], "cidr_block")}" + destination_type = "SERVICE_CIDR_BLOCK" + network_entity_id = "${module.create_vcn.svcgtw_id}" + } + route_rules { + destination = "${local.anywhere}" + destination_type = "CIDR_BLOCK" + network_entity_id = "${module.create_vcn.natgtw_id}" + } +} diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%seclist.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%seclist.tf new file mode 100644 index 0000000..394dd28 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%seclist.tf @@ -0,0 +1,220 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +locals { + tcp_protocol = "6" + udp_protocol = "17" + all_protocols = "all" + anywhere = "0.0.0.0/0" + db_port = "1521" + ssh_port = "22" + fss_ports = ["2048","2050","111"] +} +# Bastion Security List +resource "oci_core_security_list" "BastionSecList" { + compartment_id = "${var.compartment_ocid}" + display_name = "BastionSecList" + vcn_id = "${module.create_vcn.vcnid}" + + egress_security_rules = [ + { + protocol = "${local.tcp_protocol}" + destination = "${local.anywhere}" + + /*tcp_options = { + "min" = "${local.ssh_port}" + "max" = "${local.ssh_port}" + }*/ + }, + ] + + ingress_security_rules = [ + { + tcp_options = { + "min" = "${local.ssh_port}" + "max" = "${local.ssh_port}" + } + + protocol = "${local.tcp_protocol}" + source = "${local.anywhere}" + }, + ] +} + + +# Database System Security List +resource "oci_core_security_list" "DBSecList" { + compartment_id = "${var.compartment_ocid}" + display_name = "DBSecList" + vcn_id = "${module.create_vcn.vcnid}" + + egress_security_rules = [ + { + protocol = "${local.tcp_protocol}" + destination = "${local.anywhere}" + }, + ] + + ingress_security_rules = [ + { + tcp_options = { + "min" = "${local.ssh_port}" + "max" = "${local.ssh_port}" + } + + protocol = "${local.tcp_protocol}" + source = "${var.vcn_cidr}" + }, + { + tcp_options = { + "min" = "${local.db_port}" + "max" = "${local.db_port}" + } + + protocol = "${local.tcp_protocol}" + source = "${var.vcn_cidr}" + }, + ] +} + +resource "oci_core_security_list" "AppSecList" { + compartment_id = "${var.compartment_ocid}" + display_name = "AppSecList" + vcn_id = "${module.create_vcn.vcnid}" + + egress_security_rules = [ + { + protocol = "${local.tcp_protocol}" + destination = "${local.anywhere}" + }, + ] + + ingress_security_rules = [ + { + tcp_options = { + "min" = "${local.ssh_port}" + "max" = "${local.ssh_port}" + } + + protocol = "${local.tcp_protocol}" + source = "${var.vcn_cidr}" + }, + { + tcp_options = { + "min" = "${var.siebel_server_instance_listen_port[0]}" + "max" = "${var.siebel_server_instance_listen_port[0]}" + } + + protocol = "${local.tcp_protocol}" + source = "${var.vcn_cidr}" + }, + { + tcp_options = { + "min" = "${var.siebel_server_instance_listen_port[1]}" + "max" = "${var.siebel_server_instance_listen_port[1]}" + } + + protocol = "${local.tcp_protocol}" + source = "${var.vcn_cidr}" + }, + { + tcp_options = { + "min" = "${local.fss_ports[0]}" + "max" = "${local.fss_ports[1]}" + } + + protocol = "${local.tcp_protocol}" + source = "${var.vcn_cidr}" + }, + { + tcp_options = { + "min" = "${local.fss_ports[2]}" + "max" = "${local.fss_ports[2]}" + } + + protocol = "${local.tcp_protocol}" + source = "${var.vcn_cidr}" + }, + { + udp_options = { + "min" = "${local.fss_ports[0]}" + "max" = "${local.fss_ports[0]}" + } + + protocol = "${local.udp_protocol}" + source = "${var.vcn_cidr}" + }, + { + udp_options = { + "min" = "${local.fss_ports[2]}" + "max" = "${local.fss_ports[2]}" + } + + protocol = "${local.udp_protocol}" + source = "${var.vcn_cidr}" + }, + ] +} + +resource "oci_core_security_list" "WebSecList" { + compartment_id = "${var.compartment_ocid}" + display_name = "WebSecList" + vcn_id = "${module.create_vcn.vcnid}" + + egress_security_rules = [ + { + protocol = "${local.tcp_protocol}" + destination = "${local.anywhere}" + }, + ] + + ingress_security_rules = [ + { + tcp_options = { + "min" = "${local.ssh_port}" + "max" = "${local.ssh_port}" + } + + protocol = "${local.tcp_protocol}" + source = "${var.vcn_cidr}" + }, + { + tcp_options = { + "min" = "${var.load_balancer_listen_port}" + "max" = "${var.load_balancer_listen_port}" + } + + protocol = "${local.tcp_protocol}" + source = "${var.vcn_cidr}" + }, + ] +} + +# Load Balancer Security List +resource "oci_core_security_list" "LBSecList" { + compartment_id = "${var.compartment_ocid}" + display_name = "LBSecList" + vcn_id = "${module.create_vcn.vcnid}" + + egress_security_rules = [ + { + protocol = "${local.tcp_protocol}" + destination = "${local.anywhere}" + }, + ] + + ingress_security_rules = [ + { + tcp_options = { + "min" = "${var.load_balancer_listen_port}" + "max" = "${var.load_balancer_listen_port}" + } + + protocol = "${local.tcp_protocol}" + source = "${local.anywhere}" + }, + ] +} + diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%terraform.tfvars b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%terraform.tfvars new file mode 100644 index 0000000..7f580d3 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%terraform.tfvars @@ -0,0 +1,101 @@ +# AD (Availability Domain to use for creating Siebel infrastructure) +AD = "[]" + +# CIDR block of VCN to be created +vcn_cidr = "" + +# DNS label of VCN to be created +vcn_dns_label = "" + +# Operating system version to be used for application instances +linux_os_version = "" + +# Timezone of compute instance +timezone = "" + +# Login user for bastion host +bastion_user = "" + +# Size of boot volume (in gb) of application instances +compute_boot_volume_size_in_gb = "" + +# Size of block volume (in gb) of application instances +compute_block_volume_size_in_gb = "" + +# Login user for compute instance +compute_instance_user = "" + +#Environment prefix to define name of resources +siebel_env_prefix = "" + +# Number of application instances to be created +siebel_server_instance_count = "" + +# Shape of app instance +siebel_server_instance_shape = "" + +# Listen port of the application instance +siebel_server_instance_listen_port = "[]" + +# Mount path for application filesystem +siebel_filesystem_path = "" + +# Set filesystem limit +siebel_filesystem_size_limit_in_gb = "" + +# Number of application instances to be created +siebel_web_instance_count ="" + +# Shape of app instance +siebel_web_instance_shape = "" + +# Listen port of the application instance +siebel_web_instance_listen_port = "" + +# Number of application instances to be created +siebel_gateway_instance_count = "" + +# Shape of app instance +siebel_gateway_instance_shape = "" + +# Database Edition +db_edition = "" + +# Licensing model for database +db_license_model = "" + +# Database version +db_version = "" + +# Number of database nodes +db_node_count = "" + +#Shape of Database nodes +db_instance_shape = "" + +#Database name +db_name = "" + +#Size of Database +db_size_in_gb = "" + +# Database administration (sys) password +db_admin_password = "" + +# Characterset of database +db_characterset = "" + +# National Characterset of database +db_nls_characterset = "" + +# Pluggable database name +db_pdb_name = "" + +# Hostname of Load Balancer +load_balancer_hostname = "" + +# Shape of Load Balancer +load_balancer_shape = "" + +#Listen port of load balancer +load_balancer_listen_port = "" \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%variables.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%variables.tf new file mode 100644 index 0000000..52de66d --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-appsul-terraform-samples%SiebelCRM%variables.tf @@ -0,0 +1,175 @@ +/*Copyright © 2018, Oracle and/or its affiliates. All rights reserved. + +The Universal Permissive License (UPL), Version 1.0*/ + + +variable "tenancy_ocid" {} +variable "region" {} + +variable "compartment_ocid" {} + +variable "AD" { + type= "list" +} +variable "user_ocid" {} +variable "fingerprint" {} +variable "private_key_path" {} +variable "ssh_public_key" { + description = "SSH public key for instances" +} +variable "ssh_private_key" { + description = "SSH private key for instances" +} + +variable "bastion_ssh_public_key" { + description = "SSH public key for bastion instance" +} +variable "bastion_ssh_private_key" { + description = "SSH private key for bastion_instance" +} +variable "InstanceOS" { + description = "Operating system for compute instances" + default = "Oracle Linux" +} +variable "linux_os_version" { + description = "Operating system version for compute instances except NAT" + default = "7.5" +} + + +# VCN variables +variable "vcn_cidr" { + description = "CIDR for Virtual Cloud Network (VCN)" +} +variable "vcn_dns_label" { + description = "DNS label for Virtual Cloud Network (VCN)" +} + +# Bastion host variables +variable "bastion_instance_shape" { + description = "Instance shape of bastion host" + default = "VM.Standard2.1" +} + +# Application Server variables +variable "siebel_env_prefix" {} + +variable "siebel_server_instance_count" { + description = "Application Server count" +} + +variable "siebel_server_instance_shape" { + description = "Application Instance shape" +} +variable "siebel_server_instance_listen_port" { + description = "Application instance listen port" + type = "list" +} + +variable "siebel_filesystem_path" { + description = "Path to mount Siebel fileystem" +} + +variable "siebel_filesystem_size_limit_in_gb" { + description = "Path to mount Siebel fileystem" +} + +# Web Server variables +variable "siebel_web_instance_count" { + description = "Web Server count" +} + +variable "siebel_web_instance_shape" { + description = "Web Instance shape" +} + +variable siebel_web_instance_listen_port { + description = "Web Instance listen port" +} +variable "siebel_gateway_instance_count" { + description = "Siebel Gateway Server count" +} + +variable "siebel_gateway_instance_shape" { + description = "Siebel Gateway Instance shape" +} +variable "compute_boot_volume_size_in_gb" { + description = "Boot volume size of application servers" +} + +variable "compute_block_volume_size_in_gb" { + description = "Block volume size of application servers" +} + +variable "timezone" { + description = "Set timezone for servers" +} + +# Database variables +variable "db_edition" { + description = "DB Edition" + default = "ENTERPRISE_EDITION_EXTREME_PERFORMANCE" +} + +variable "db_instance_shape" { + description = "DB Instance shape" +} + +variable "db_node_count" { + description = "Number of DB Nodes" +} +variable "db_size_in_gb" { + description = "Size of database in GB" +} +variable "db_license_model" { + description = "Database License model" +} + +variable "db_admin_password" { + description = "Database Admin password" +} +variable "db_name" { + description = "Database Name" +} +variable "db_characterset" { + description = "Database Characterset" +} +variable "db_nls_characterset" { + description = "Database National Characterset" +} + +variable "db_version" { + description = "Database version" +} +variable "db_pdb_name" { + description = "Pluggable database Name" +} + + +variable load_balancer_shape { + description = "Load Balancer shape" +} +variable load_balancer_private { + description = "Whether private Load balancer" + default = true +} +variable load_balancer_hostname { + description = "Load Balancer hostname" +} + +variable load_balancer_listen_port { + description = "Load balancer listen port" +} + +variable "timeout" { + description = "Timeout setting for resource creation" + default = "10m" +} + +variable "compute_instance_user" { + description = "Login user for application instance" +} + +variable "bastion_user" { + description = "Login user for bastion host" +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloud-asset-fusion-serverless-vbcs-sample%terraformScript%createAll.tf b/example/real_world_stuff/oracle/oracle%cloud-asset-fusion-serverless-vbcs-sample%terraformScript%createAll.tf new file mode 100644 index 0000000..c92cfa0 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloud-asset-fusion-serverless-vbcs-sample%terraformScript%createAll.tf @@ -0,0 +1,239 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. +// + + +variable "tenancy_ocid" {} +variable "user_ocid" {} +variable "fingerprint" {} +variable "private_key_path" {} +variable "compartment_ocid" {} +variable "region" {} +variable "region_code" {} +variable "tenancy_namespace" {} +variable "repos_name" {} +variable "fusion_hostname" {} +variable "idcs_app_url" {} +variable "idcs_app_scopeid" {} +variable "idcs_app_clientid" {} +variable "idcs_app_secret" {} +variable "debug_level" {} +variable "gtw_uri_base" {} + +variable "name_prefix" {} + +provider "oci" { + tenancy_ocid = "${var.tenancy_ocid}" + user_ocid = "${var.user_ocid}" + fingerprint = "${var.fingerprint}" + private_key_path = "${var.private_key_path}" + region = "${var.region}" +} + + +resource "oci_core_internet_gateway" "test_network_entity" { + compartment_id = var.compartment_ocid + vcn_id = oci_core_vcn.test_vcn.id + display_name = "${var.name_prefix}_cloudnativesaas-internet-gateway" +} + +resource "oci_core_default_route_table" "test_route_table" { + manage_default_resource_id = "${oci_core_vcn.test_vcn.default_route_table_id}" + + route_rules { + cidr_block = "0.0.0.0/0" + network_entity_id = oci_core_internet_gateway.test_network_entity.id + } + +} + +resource "oci_core_default_security_list" "test_sec_list" { + manage_default_resource_id = "${oci_core_vcn.test_vcn.default_security_list_id}" + + egress_security_rules { + protocol = "all" + destination = "0.0.0.0/0" + stateless = false + } + + // allow inbound ssh traffic + ingress_security_rules { + protocol = "6" // tcp + source = "0.0.0.0/0" + stateless = false + + tcp_options { + // These values correspond to the destination port range. + min = 22 + max = 22 + } + } + + // allow inbound icmp traffic of a specific type + ingress_security_rules { + protocol = 1 + source = "0.0.0.0/0" + stateless = false + + icmp_options { + type = 3 + code = 4 + } + } + + // allow inbound icmp traffic of a specific type + ingress_security_rules { + protocol = 1 + source = "${oci_core_vcn.test_vcn.cidr_block}" + stateless = false + + icmp_options { + type = 3 + } + } + + ingress_security_rules { + protocol = "6" // tcp + source = "0.0.0.0/0" + stateless = false + + tcp_options { + min = 443 + max = 443 + } + } + +} + +resource "oci_core_subnet" "test_subnet" { + cidr_block = "10.11.0.0/16" + compartment_id = var.compartment_ocid + display_name = "${var.name_prefix}_cloudnativesaas-subnet" + vcn_id = oci_core_vcn.test_vcn.id +} + + +resource "oci_core_vcn" "test_vcn" { + cidr_block = "10.11.0.0/16" + compartment_id = "${var.compartment_ocid}" + display_name = "${var.name_prefix}_cloudnativesaas_vcn" +} + +resource "oci_functions_application" "test_application" { + #Required + compartment_id = "${var.compartment_ocid}" + display_name = "${var.name_prefix}_cloudnativesaas-application" + subnet_ids = ["${oci_core_subnet.test_subnet.id}"] + config = { + "fusion_hostname" = "${var.fusion_hostname}", + "idcs_app_url" = "${var.idcs_app_url}" + "idcs_app_scopeid" = "${var.idcs_app_scopeid}" + "idcs_app_clientid" = "${var.idcs_app_clientid}" + "idcs_app_secret" = "${oci_kms_encrypted_data.test_encrypted_data.ciphertext}" + "debug_level" = "${var.debug_level}" + "gtw_uri_base" = "${var.gtw_uri_base}" + "kms_endpoint" = "${oci_kms_vault.test_vault.crypto_endpoint}" + "kms_idcs_secret_key" = "${oci_kms_key.test_key.id}" + } +} + +resource "oci_kms_vault" "test_vault" { + compartment_id = "${var.compartment_ocid}" + display_name = "${var.name_prefix}_cloudnativesaas_vault" + vault_type = "DEFAULT" +} + +resource "oci_kms_key" "test_key" { + compartment_id = "${var.compartment_ocid}" + display_name = "${var.name_prefix}_cloudnativesaas_key" + management_endpoint = "${oci_kms_vault.test_vault.management_endpoint}" + + key_shape { + algorithm = "AES" + length = "16" + } +} + +resource "oci_kms_encrypted_data" "test_encrypted_data" { + crypto_endpoint = "${oci_kms_vault.test_vault.crypto_endpoint}" + key_id = "${oci_kms_key.test_key.id}" + plaintext = base64encode("${var.idcs_app_secret}") +} + +resource "oci_functions_function" "auth_function" { + application_id = "${oci_functions_application.test_application.id}" + display_name = "idcs_ocigw" + image = "${var.region_code}.ocir.io/${var.tenancy_namespace}/${var.repos_name}/idcs_ocigw:0.0.80" + memory_in_mbs = "128" + timeout_in_seconds = "90" +} + +resource "oci_functions_function" "test_function" { + application_id = "${oci_functions_application.test_application.id}" + display_name = "gwauthtest" + image = "${var.region_code}.ocir.io/${var.tenancy_namespace}/${var.repos_name}/gwauthtest:0.0.45" + memory_in_mbs = "128" + timeout_in_seconds = "30" +} + +resource "oci_functions_function" "saas_function" { + application_id = "${oci_functions_application.test_application.id}" + display_name = "saasopportunitiesfn" + image = "${var.region_code}.ocir.io/${var.tenancy_namespace}/${var.repos_name}/saasopportunitiesfn:0.0.139" + memory_in_mbs = "128" + timeout_in_seconds = "30" +} + +resource "oci_apigateway_gateway" "test_gateway" { + compartment_id = "${var.compartment_ocid}" + endpoint_type = "PUBLIC" + subnet_id = "${oci_core_subnet.test_subnet.id}" + display_name = "${var.name_prefix}_cloudnativesaas_api_gw" +} + +resource "oci_apigateway_deployment" "test_deployment" { + compartment_id = "${var.compartment_ocid}" + gateway_id = "${oci_apigateway_gateway.test_gateway.id}" + path_prefix = "/cloudnativesaas" + + specification { + request_policies { + authentication { + function_id = "${oci_functions_function.auth_function.id}" + type = "CUSTOM_AUTHENTICATION" + token_header = "Authorization" + } + } + + routes { + backend { + type = "ORACLE_FUNCTIONS_BACKEND" + function_id = "${oci_functions_function.saas_function.id}" + } + path = "/opportunities" + methods = ["GET"] + } + + routes { + backend { + type = "ORACLE_FUNCTIONS_BACKEND" + function_id = "${oci_functions_function.saas_function.id}" + } + path = "/opportunities/{optyid}" + methods = ["GET","PATCH"] + } + + routes { + backend { + type = "ORACLE_FUNCTIONS_BACKEND" + function_id = "${oci_functions_function.test_function.id}" + } + path = "/gwauthtest" + methods = ["GET"] + } + + } + display_name = "${var.name_prefix}_cloudnativesaas_deployment" + } + + diff --git a/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_image%provider.tf b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_image%provider.tf new file mode 100644 index 0000000..7b0323e --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_image%provider.tf @@ -0,0 +1,22 @@ +provider "oci" { + version = ">= 3.27.0" + tenancy_ocid = var.tenancy_ocid + user_ocid = var.user_ocid + fingerprint = var.fingerprint + private_key_path = var.private_key_path + private_key_password = var.private_key_password + region = var.region + disable_auto_retries = var.disable_auto_retries +} + +# Get a list of Availability Domains +data "oci_identity_availability_domains" "ads" { + compartment_id = var.tenancy_ocid +} + + +# Get a list of subdomains +data "oci_core_subnets" "mysubnets" { + compartment_id = var.compartment_ocid + vcn_id = var.VM_vcn_id +} diff --git a/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_image%stack_subscribe.tf b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_image%stack_subscribe.tf new file mode 100644 index 0000000..229b12b --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_image%stack_subscribe.tf @@ -0,0 +1,140 @@ +// Copyright (c) 2019, 2020 Oracle and/or its affiliates. All rights reserved. +/* +* This is an example of a marketplace agreement +*/ + + + +# DATA 1 - Get a list of element in Marketplace, using filters, eg name of the stack +data "oci_marketplace_listings" "test_listings" { + name = ["Oracle WebLogic Server Enterprise Edition UCM"] + #name = ["Oracle Cloud Developer Image"] + compartment_id = var.compartment_ocid +} + +# DATA 2 - Get details cf the specific listing you are interested in and which you obtained through generic listing +data "oci_marketplace_listing" "test_listing" { + listing_id = data.oci_marketplace_listings.test_listings.listings[0].id + compartment_id = var.compartment_ocid +} + +# DATA 3 - Get the list of versions for the specific entry (11.3, 12.2.1, ....) +data "oci_marketplace_listing_packages" "test_listing_packages" { + #Required + listing_id = data.oci_marketplace_listing.test_listing.id + + #Optional + compartment_id = var.compartment_ocid + + #package_version = "WLS 10.3.6.0.200714.05(11.1.1.7)" + package_version = data.oci_marketplace_listing.test_listing.default_package_version +} + +# DATA 4 - Get details about a specfic version +data "oci_marketplace_listing_package" "test_listing_package" { + #Required + listing_id = data.oci_marketplace_listing.test_listing.id + package_version = data.oci_marketplace_listing_packages.test_listing_packages.package_version + + #Optional + compartment_id = var.compartment_ocid +} + +# DATA 5 - agreement for a specific version +data "oci_marketplace_listing_package_agreements" "test_listing_package_agreements" { + #Required + listing_id = data.oci_marketplace_listing.test_listing.id + package_version = data.oci_marketplace_listing_packages.test_listing_packages.package_version + + #Optional + compartment_id = var.compartment_ocid +} + + + +# RESOURCE 1 - agreement for a specific version +resource "oci_marketplace_listing_package_agreement" "test_listing_package_agreement" { + #Required + agreement_id = data.oci_marketplace_listing_package_agreements.test_listing_package_agreements.agreements[0].id + listing_id = data.oci_marketplace_listing.test_listing.id + package_version = data.oci_marketplace_listing_packages.test_listing_packages.package_version +} + +# RESOURCE 2 - Accepted agreement +resource "oci_marketplace_accepted_agreement" "test_accepted_agreement" { + #Required + agreement_id = oci_marketplace_listing_package_agreement.test_listing_package_agreement.agreement_id + compartment_id = var.compartment_ocid + listing_id = data.oci_marketplace_listing.test_listing.id + package_version = data.oci_marketplace_listing_packages.test_listing_packages.package_version + signature = oci_marketplace_listing_package_agreement.test_listing_package_agreement.signature +} + + + + +# DATA 1 : list of entry in Marketplace +output "data_1_oci_marketplace_listings" { + sensitive = false + value = [ + # For debugging, show full data field + # data.oci_marketplace_listings.test_listings, + format("Listing name: %s", data.oci_marketplace_listings.test_listings.listings[0].name), + format("Package Type: %s", data.oci_marketplace_listings.test_listings.listings[0].package_type) + ] +} + + +# DATA 2 : single entry in Marketplace (wls EE UCM) +output "data_2_oci_marketplace_listing" { + sensitive = false + value = [ + # For debugging, show full data field + # data.oci_marketplace_listing.test_listing, + format("Listing name: %s", data.oci_marketplace_listing.test_listing.name), + format("Default version: %s", data.oci_marketplace_listing.test_listing.default_package_version) + ] +} + + +# DATA 4 : Single version of an entry (11g) +output "DATA_4_oci_marketplace_listing_package" { + sensitive = false + value = [ + # For debugging, show full data field + # data.oci_marketplace_listing_package.test_listing_package, + format("Resource Link: %s", data.oci_marketplace_listing_package.test_listing_package.resource_link), + format("Version: %s", data.oci_marketplace_listing_package.test_listing_package.version) + ] +} + +output "DATA_5_oci_marketplace_listing_package_agreements" { + sensitive = false + value = [ + # For debugging, show full data field + # data.oci_marketplace_listing_package_agreements.test_listing_package_agreements, + format("Package Version: %s", data.oci_marketplace_listing_package_agreements.test_listing_package_agreements.package_version) + ] +} + + +output "RESOURCE_1_oci_marketplace_listing_package_agreement" { + sensitive = false + value = [ + # For debugging, show full data field + # oci_marketplace_listing_package_agreement.test_listing_package_agreement, + format("Package Version: %s", oci_marketplace_listing_package_agreement.test_listing_package_agreement.package_version), + format("Author: %s", oci_marketplace_listing_package_agreement.test_listing_package_agreement.author) + ] +} + + +output "RESOURCE_2_oci_marketplace_accepted_agreement" { + sensitive = false + value = [ + # For debugging, show full data field + # oci_marketplace_accepted_agreement.test_accepted_agreement, + format("Package Version: %s", oci_marketplace_accepted_agreement.test_accepted_agreement.package_version), + format("Date Accepted: %s", oci_marketplace_accepted_agreement.test_accepted_agreement.time_accepted) + ] +} diff --git a/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_image%terraform.tfvars b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_image%terraform.tfvars new file mode 100644 index 0000000..321b10a --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_image%terraform.tfvars @@ -0,0 +1,15 @@ +# OCI authentication + +tenancy_ocid = "ocid1.tenancy.oc1..your_ocid" +compartment_ocid = "ocid1.compartment.oc1..your_ocid" + +fingerprint = "69:your_fingerprint:02" +private_key_path = "/Users/your_local_private_key.pem" +user_ocid = "ocid1.user.oc1..your_ocid" +region = "eu-frankfurt-1" + +# Compute Shape of the VM's +compute_shape = "VM.Standard2.1" + +# Virtual Network to use - OCID to be provided +VM_vcn_id = "ocid1.vcn.oc1.eu-frankfurt-1.your_ocid" diff --git a/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_image%variables.tf b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_image%variables.tf new file mode 100644 index 0000000..7ad5f54 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_image%variables.tf @@ -0,0 +1,67 @@ +# OCI Service +variable "tenancy_ocid" { +} + +variable "compartment_ocid" { +} + +variable "user_count" { + default = 1 +} + +variable "availability_domain_count" { + default = 3 +} + +variable "gold_image_ocid" { + default = "na" +} + +variable "vm_subnet_id1" { + default = "na" +} + +variable "vm_subnet_id2" { + default = "na" +} + +variable "vm_subnet_id3" { + default = "na" +} + +variable "vm_subnet_id" { + default = ["na1","na2", "na3"] +} + +variable "ssh_public_key" { + default = "keys/atpkey.pub" +} + +variable "user_ocid" { +} + +variable "fingerprint" { +} + +variable "private_key_path" { +} + +variable "region" { + default = "eu-frankfurt-1" +} + +variable "disable_auto_retries" { + default = "false" +} + +variable "private_key_password" { + default = "" +} + +variable "compute_shape" { + default = "VM.Standard2.1" +} + +variable "VM_vcn_id" { + default = "" +} diff --git a/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_nodepool%image_subscription.tf b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_nodepool%image_subscription.tf new file mode 100644 index 0000000..1728a93 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_nodepool%image_subscription.tf @@ -0,0 +1,86 @@ + +# Hard coded, and to be copied out of the Stack Definition downloaded in step 1 +variable "instance_image_id" { +default = "ocid1.image.oc1..ocid_to_copy_from_stack" +} + +# Hard coded, and to be copied out of the Stack Definition downloaded in step 1 +variable "mp_listing_id" { +default = "ocid1.appcataloglisting.oc1..ocid_to_copy_from_stack" +} + +# Hard coded, and to be copied out of the Stack Definition downloaded in step 1 +variable "mp_listing_resource_version" { +default = "version_to_copy_from_stack" +} + + +#Get Image Agreement +resource "oci_core_app_catalog_listing_resource_version_agreement" "mp_image_agreement" { + listing_id = var.mp_listing_id + listing_resource_version = var.mp_listing_resource_version +} + +#Accept Terms and Subscribe to the image, placing the image in a particular compartment +resource "oci_core_app_catalog_subscription" "mp_image_subscription" { + compartment_id = var.compartment_ocid + eula_link = oci_core_app_catalog_listing_resource_version_agreement.mp_image_agreement.eula_link + listing_id = oci_core_app_catalog_listing_resource_version_agreement.mp_image_agreement.listing_id + listing_resource_version = oci_core_app_catalog_listing_resource_version_agreement.mp_image_agreement.listing_resource_version + oracle_terms_of_use_link = oci_core_app_catalog_listing_resource_version_agreement.mp_image_agreement.oracle_terms_of_use_link + signature = oci_core_app_catalog_listing_resource_version_agreement.mp_image_agreement.signature + time_retrieved = oci_core_app_catalog_listing_resource_version_agreement.mp_image_agreement.time_retrieved + + timeouts { + create = "20m" + } +} + +data "oci_core_app_catalog_listing_resource_version" "test_catalog_listing" { + listing_id = oci_core_app_catalog_listing_resource_version_agreement.mp_image_agreement.listing_id + resource_version = oci_core_app_catalog_listing_resource_version_agreement.mp_image_agreement.listing_resource_version +} + +# Gets the partner image subscription +data "oci_core_app_catalog_subscriptions" "mp_image_subscription" { + compartment_id = var.compartment_ocid + listing_id = var.mp_listing_id + filter { + name = "listing_resource_version" + values = [var.mp_listing_resource_version] + } +} + + +locals { + ad_nums2 = [ + for ad_key in range(length(data.oci_identity_availability_domains.ads.availability_domains)) : + lookup(data.oci_identity_availability_domains.ads.availability_domains[ad_key],"name") + ] + oke_id = "ocid1.cluster.oc1.eu-frankfurt-1.your_OKE_ocid" + subnet_id = "ocid1.subnet.oc1.eu-frankfurt-1.your_subnet_ocid" + + } + +resource "oci_containerengine_node_pool" "K8S_pool1" { + cluster_id = local.oke_id + compartment_id = var.compartment_ocid + kubernetes_version = "v1.18.10" + name = "wls_uc_pool" + node_shape = var.compute_shape + node_config_details { + dynamic "placement_configs" { + for_each = local.ad_nums2 + + content { + availability_domain = placement_configs.value + subnet_id = local.subnet_id + } + } + size = 1 + } + node_source_details { + image_id = data.oci_core_app_catalog_listing_resource_version.test_catalog_listing.listing_resource_id + source_type = "IMAGE" + } +} diff --git a/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_nodepool%provider.tf b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_nodepool%provider.tf new file mode 100644 index 0000000..7b0323e --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_nodepool%provider.tf @@ -0,0 +1,22 @@ +provider "oci" { + version = ">= 3.27.0" + tenancy_ocid = var.tenancy_ocid + user_ocid = var.user_ocid + fingerprint = var.fingerprint + private_key_path = var.private_key_path + private_key_password = var.private_key_password + region = var.region + disable_auto_retries = var.disable_auto_retries +} + +# Get a list of Availability Domains +data "oci_identity_availability_domains" "ads" { + compartment_id = var.tenancy_ocid +} + + +# Get a list of subdomains +data "oci_core_subnets" "mysubnets" { + compartment_id = var.compartment_ocid + vcn_id = var.VM_vcn_id +} diff --git a/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_nodepool%stack_subscribe.tf b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_nodepool%stack_subscribe.tf new file mode 100644 index 0000000..765902d --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_nodepool%stack_subscribe.tf @@ -0,0 +1,141 @@ +// Copyright (c) 2019, 2020 Oracle and/or its affiliates. All rights reserved. +/* +* This is an example of a marketplace agreement +*/ + + + +# DATA 1 - Get a list of element in Marketplace, using filters, eg name of the stack +data "oci_marketplace_listings" "test_listings" { + name = ["Oracle WebLogic Server Enterprise Edition for OKE UCM"] + # name = ["Oracle WebLogic Server Enterprise Edition UCM"] + # name = ["Oracle Cloud Developer Image"] + compartment_id = var.compartment_ocid +} + +# DATA 2 - Get details cf the specific listing you are interested in and which you obtained through generic listing +data "oci_marketplace_listing" "test_listing" { + listing_id = data.oci_marketplace_listings.test_listings.listings[0].id + compartment_id = var.compartment_ocid +} + +# DATA 3 - Get the list of versions for the specific entry (11.3, 12.2.1, ....) +data "oci_marketplace_listing_packages" "test_listing_packages" { + #Required + listing_id = data.oci_marketplace_listing.test_listing.id + + #Optional + compartment_id = var.compartment_ocid + + #package_version = "WLS 10.3.6.0.200714.05(11.1.1.7)" + package_version = data.oci_marketplace_listing.test_listing.default_package_version +} + +# DATA 4 - Get details about a specfic version +data "oci_marketplace_listing_package" "test_listing_package" { + #Required + listing_id = data.oci_marketplace_listing.test_listing.id + package_version = data.oci_marketplace_listing_packages.test_listing_packages.package_version + + #Optional + compartment_id = var.compartment_ocid +} + +# DATA 5 - agreement for a specific version +data "oci_marketplace_listing_package_agreements" "test_listing_package_agreements" { + #Required + listing_id = data.oci_marketplace_listing.test_listing.id + package_version = data.oci_marketplace_listing_packages.test_listing_packages.package_version + + #Optional + compartment_id = var.compartment_ocid +} + + + +# RESOURCE 1 - agreement for a specific version +resource "oci_marketplace_listing_package_agreement" "test_listing_package_agreement" { + #Required + agreement_id = data.oci_marketplace_listing_package_agreements.test_listing_package_agreements.agreements[0].id + listing_id = data.oci_marketplace_listing.test_listing.id + package_version = data.oci_marketplace_listing_packages.test_listing_packages.package_version +} + +# RESOURCE 2 - Accepted agreement +resource "oci_marketplace_accepted_agreement" "test_accepted_agreement" { + #Required + agreement_id = oci_marketplace_listing_package_agreement.test_listing_package_agreement.agreement_id + compartment_id = var.compartment_ocid + listing_id = data.oci_marketplace_listing.test_listing.id + package_version = data.oci_marketplace_listing_packages.test_listing_packages.package_version + signature = oci_marketplace_listing_package_agreement.test_listing_package_agreement.signature +} + + + + +# DATA 1 : list of entry in Marketplace +output "data_1_oci_marketplace_listings" { + sensitive = false + value = [ + # For debugging, show full data field + data.oci_marketplace_listings.test_listings, + format("Listing name: %s", data.oci_marketplace_listings.test_listings.listings[0].name), + format("Package Type: %s", data.oci_marketplace_listings.test_listings.listings[0].package_type) + ] +} + + +# DATA 2 : single entry in Marketplace (wls EE UCM) +output "data_2_oci_marketplace_listing" { + sensitive = false + value = [ + # For debugging, show full data field + # data.oci_marketplace_listing.test_listing, + format("Listing name: %s", data.oci_marketplace_listing.test_listing.name), + format("Default version: %s", data.oci_marketplace_listing.test_listing.default_package_version) + ] +} + + +# DATA 4 : Single version of an entry (11g) +output "DATA_4_oci_marketplace_listing_package" { + sensitive = false + value = [ + # For debugging, show full data field + # data.oci_marketplace_listing_package.test_listing_package, + format("Resource Link: %s", data.oci_marketplace_listing_package.test_listing_package.resource_link), + format("Version: %s", data.oci_marketplace_listing_package.test_listing_package.version) + ] +} + +output "DATA_5_oci_marketplace_listing_package_agreements" { + sensitive = false + value = [ + # For debugging, show full data field + # data.oci_marketplace_listing_package_agreements.test_listing_package_agreements, + format("Package Version: %s", data.oci_marketplace_listing_package_agreements.test_listing_package_agreements.package_version) + ] +} + + +output "RESOURCE_1_oci_marketplace_listing_package_agreement" { + sensitive = false + value = [ + # For debugging, show full data field + # oci_marketplace_listing_package_agreement.test_listing_package_agreement, + format("Package Version: %s", oci_marketplace_listing_package_agreement.test_listing_package_agreement.package_version), + format("Author: %s", oci_marketplace_listing_package_agreement.test_listing_package_agreement.author) + ] +} + + +output "RESOURCE_2_oci_marketplace_accepted_agreement" { + sensitive = false + value = [ + # For debugging, show full data field + # oci_marketplace_accepted_agreement.test_accepted_agreement, + format("Package Version: %s", oci_marketplace_accepted_agreement.test_accepted_agreement.package_version), + format("Date Accepted: %s", oci_marketplace_accepted_agreement.test_accepted_agreement.time_accepted) + ] +} diff --git a/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_nodepool%terraform.tfvars b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_nodepool%terraform.tfvars new file mode 100644 index 0000000..321b10a --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_nodepool%terraform.tfvars @@ -0,0 +1,15 @@ +# OCI authentication + +tenancy_ocid = "ocid1.tenancy.oc1..your_ocid" +compartment_ocid = "ocid1.compartment.oc1..your_ocid" + +fingerprint = "69:your_fingerprint:02" +private_key_path = "/Users/your_local_private_key.pem" +user_ocid = "ocid1.user.oc1..your_ocid" +region = "eu-frankfurt-1" + +# Compute Shape of the VM's +compute_shape = "VM.Standard2.1" + +# Virtual Network to use - OCID to be provided +VM_vcn_id = "ocid1.vcn.oc1.eu-frankfurt-1.your_ocid" diff --git a/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_nodepool%variables.tf b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_nodepool%variables.tf new file mode 100644 index 0000000..7ad5f54 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_nodepool%variables.tf @@ -0,0 +1,67 @@ +# OCI Service +variable "tenancy_ocid" { +} + +variable "compartment_ocid" { +} + +variable "user_count" { + default = 1 +} + +variable "availability_domain_count" { + default = 3 +} + +variable "gold_image_ocid" { + default = "na" +} + +variable "vm_subnet_id1" { + default = "na" +} + +variable "vm_subnet_id2" { + default = "na" +} + +variable "vm_subnet_id3" { + default = "na" +} + +variable "vm_subnet_id" { + default = ["na1","na2", "na3"] +} + +variable "ssh_public_key" { + default = "keys/atpkey.pub" +} + +variable "user_ocid" { +} + +variable "fingerprint" { +} + +variable "private_key_path" { +} + +variable "region" { + default = "eu-frankfurt-1" +} + +variable "disable_auto_retries" { + default = "false" +} + +variable "private_key_password" { + default = "" +} + +variable "compute_shape" { + default = "VM.Standard2.1" +} + +variable "VM_vcn_id" { + default = "" +} diff --git a/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_stack%provider.tf b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_stack%provider.tf new file mode 100644 index 0000000..7b0323e --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_stack%provider.tf @@ -0,0 +1,22 @@ +provider "oci" { + version = ">= 3.27.0" + tenancy_ocid = var.tenancy_ocid + user_ocid = var.user_ocid + fingerprint = var.fingerprint + private_key_path = var.private_key_path + private_key_password = var.private_key_password + region = var.region + disable_auto_retries = var.disable_auto_retries +} + +# Get a list of Availability Domains +data "oci_identity_availability_domains" "ads" { + compartment_id = var.tenancy_ocid +} + + +# Get a list of subdomains +data "oci_core_subnets" "mysubnets" { + compartment_id = var.compartment_ocid + vcn_id = var.VM_vcn_id +} diff --git a/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_stack%stack_subscribe.tf b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_stack%stack_subscribe.tf new file mode 100644 index 0000000..229b12b --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_stack%stack_subscribe.tf @@ -0,0 +1,140 @@ +// Copyright (c) 2019, 2020 Oracle and/or its affiliates. All rights reserved. +/* +* This is an example of a marketplace agreement +*/ + + + +# DATA 1 - Get a list of element in Marketplace, using filters, eg name of the stack +data "oci_marketplace_listings" "test_listings" { + name = ["Oracle WebLogic Server Enterprise Edition UCM"] + #name = ["Oracle Cloud Developer Image"] + compartment_id = var.compartment_ocid +} + +# DATA 2 - Get details cf the specific listing you are interested in and which you obtained through generic listing +data "oci_marketplace_listing" "test_listing" { + listing_id = data.oci_marketplace_listings.test_listings.listings[0].id + compartment_id = var.compartment_ocid +} + +# DATA 3 - Get the list of versions for the specific entry (11.3, 12.2.1, ....) +data "oci_marketplace_listing_packages" "test_listing_packages" { + #Required + listing_id = data.oci_marketplace_listing.test_listing.id + + #Optional + compartment_id = var.compartment_ocid + + #package_version = "WLS 10.3.6.0.200714.05(11.1.1.7)" + package_version = data.oci_marketplace_listing.test_listing.default_package_version +} + +# DATA 4 - Get details about a specfic version +data "oci_marketplace_listing_package" "test_listing_package" { + #Required + listing_id = data.oci_marketplace_listing.test_listing.id + package_version = data.oci_marketplace_listing_packages.test_listing_packages.package_version + + #Optional + compartment_id = var.compartment_ocid +} + +# DATA 5 - agreement for a specific version +data "oci_marketplace_listing_package_agreements" "test_listing_package_agreements" { + #Required + listing_id = data.oci_marketplace_listing.test_listing.id + package_version = data.oci_marketplace_listing_packages.test_listing_packages.package_version + + #Optional + compartment_id = var.compartment_ocid +} + + + +# RESOURCE 1 - agreement for a specific version +resource "oci_marketplace_listing_package_agreement" "test_listing_package_agreement" { + #Required + agreement_id = data.oci_marketplace_listing_package_agreements.test_listing_package_agreements.agreements[0].id + listing_id = data.oci_marketplace_listing.test_listing.id + package_version = data.oci_marketplace_listing_packages.test_listing_packages.package_version +} + +# RESOURCE 2 - Accepted agreement +resource "oci_marketplace_accepted_agreement" "test_accepted_agreement" { + #Required + agreement_id = oci_marketplace_listing_package_agreement.test_listing_package_agreement.agreement_id + compartment_id = var.compartment_ocid + listing_id = data.oci_marketplace_listing.test_listing.id + package_version = data.oci_marketplace_listing_packages.test_listing_packages.package_version + signature = oci_marketplace_listing_package_agreement.test_listing_package_agreement.signature +} + + + + +# DATA 1 : list of entry in Marketplace +output "data_1_oci_marketplace_listings" { + sensitive = false + value = [ + # For debugging, show full data field + # data.oci_marketplace_listings.test_listings, + format("Listing name: %s", data.oci_marketplace_listings.test_listings.listings[0].name), + format("Package Type: %s", data.oci_marketplace_listings.test_listings.listings[0].package_type) + ] +} + + +# DATA 2 : single entry in Marketplace (wls EE UCM) +output "data_2_oci_marketplace_listing" { + sensitive = false + value = [ + # For debugging, show full data field + # data.oci_marketplace_listing.test_listing, + format("Listing name: %s", data.oci_marketplace_listing.test_listing.name), + format("Default version: %s", data.oci_marketplace_listing.test_listing.default_package_version) + ] +} + + +# DATA 4 : Single version of an entry (11g) +output "DATA_4_oci_marketplace_listing_package" { + sensitive = false + value = [ + # For debugging, show full data field + # data.oci_marketplace_listing_package.test_listing_package, + format("Resource Link: %s", data.oci_marketplace_listing_package.test_listing_package.resource_link), + format("Version: %s", data.oci_marketplace_listing_package.test_listing_package.version) + ] +} + +output "DATA_5_oci_marketplace_listing_package_agreements" { + sensitive = false + value = [ + # For debugging, show full data field + # data.oci_marketplace_listing_package_agreements.test_listing_package_agreements, + format("Package Version: %s", data.oci_marketplace_listing_package_agreements.test_listing_package_agreements.package_version) + ] +} + + +output "RESOURCE_1_oci_marketplace_listing_package_agreement" { + sensitive = false + value = [ + # For debugging, show full data field + # oci_marketplace_listing_package_agreement.test_listing_package_agreement, + format("Package Version: %s", oci_marketplace_listing_package_agreement.test_listing_package_agreement.package_version), + format("Author: %s", oci_marketplace_listing_package_agreement.test_listing_package_agreement.author) + ] +} + + +output "RESOURCE_2_oci_marketplace_accepted_agreement" { + sensitive = false + value = [ + # For debugging, show full data field + # oci_marketplace_accepted_agreement.test_accepted_agreement, + format("Package Version: %s", oci_marketplace_accepted_agreement.test_accepted_agreement.package_version), + format("Date Accepted: %s", oci_marketplace_accepted_agreement.test_accepted_agreement.time_accepted) + ] +} diff --git a/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_stack%terraform.tfvars b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_stack%terraform.tfvars new file mode 100644 index 0000000..101b7a6 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_stack%terraform.tfvars @@ -0,0 +1,10 @@ +# OCI authentication + +tenancy_ocid = "ocid1.tenancy.oc1..your_tenancy_ocid" +compartment_ocid = "ocid1.compartment.oc1..your_compartment_ocid" + + +fingerprint = "69:your_fingerprint:02" +private_key_path = "/Users/your_local_path_to_private_key" +user_ocid = "ocid1.user.oc1..your_user_ocid" +region = "eu-frankfurt-1" diff --git a/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_stack%variables.tf b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_stack%variables.tf new file mode 100644 index 0000000..7ad5f54 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%automations%wls_stack%variables.tf @@ -0,0 +1,67 @@ +# OCI Service +variable "tenancy_ocid" { +} + +variable "compartment_ocid" { +} + +variable "user_count" { + default = 1 +} + +variable "availability_domain_count" { + default = 3 +} + +variable "gold_image_ocid" { + default = "na" +} + +variable "vm_subnet_id1" { + default = "na" +} + +variable "vm_subnet_id2" { + default = "na" +} + +variable "vm_subnet_id3" { + default = "na" +} + +variable "vm_subnet_id" { + default = ["na1","na2", "na3"] +} + +variable "ssh_public_key" { + default = "keys/atpkey.pub" +} + +variable "user_ocid" { +} + +variable "fingerprint" { +} + +variable "private_key_path" { +} + +variable "region" { + default = "eu-frankfurt-1" +} + +variable "disable_auto_retries" { + default = "false" +} + +variable "private_key_password" { + default = "" +} + +variable "compute_shape" { + default = "VM.Standard2.1" +} + +variable "VM_vcn_id" { + default = "" +} diff --git a/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%free_tier%terraform%main.tf b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%free_tier%terraform%main.tf new file mode 100644 index 0000000..0e80cc0 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%free_tier%terraform%main.tf @@ -0,0 +1,83 @@ +# Create a Compartment + +resource "oci_identity_compartment" "WLS_Compartment" { + name = var.Compartment_name + description = "Compartment for WLS resources created by terraform" + compartment_id = var.oci_base_identity.compartment_id + enable_delete = false // true will cause this compartment to be deleted when running `terrafrom destroy` +} + + +# Create a Dynamic Group + +locals { + rule1 = "ALL {instance.compartment.id = '" + rule2 = oci_identity_compartment.WLS_Compartment.id + rule3 = "'}" + } + + resource "oci_identity_dynamic_group" "WLS_Dynamic_Group" { + #Required + compartment_id = var.oci_base_identity.tenancy_id + description = "WLS Resource Group" + matching_rule = "${local.rule1}${local.rule2}${local.rule3}" + name = var.Dynamic_Group_name +} + + +#Create Policies for the Dynamic Group + +resource "oci_identity_policy" "WLS_Policy" { + #Required + compartment_id = oci_identity_compartment.WLS_Compartment.id + description = "Required for WebLogic Cloud provisioning" + name = var.Policy_name + statements = ["Allow dynamic-group WLS_Dynamic_Group to use keys in compartment WLS_Compartment"] +} + + +# Create a Virtual Vault and a Key + +resource "oci_kms_vault" "WLS_Vault" { + #Required + compartment_id = oci_identity_compartment.WLS_Compartment.id + display_name = var.Vault_name + vault_type = "VIRTUAL" +} + +resource "oci_kms_key" "WLS_Key" { + #Required + compartment_id = oci_identity_compartment.WLS_Compartment.id + display_name = var.Key_name + key_shape { + #Required + algorithm = "AES" + length = "16" + } + management_endpoint = oci_kms_vault.WLS_Vault.management_endpoint +} + + +# Encrypt Your Weblogic Password + +resource "oci_kms_encrypted_data" "WLS_Encrypted_Data" { + #Required + crypto_endpoint = oci_kms_vault.WLS_Vault.crypto_endpoint + key_id = oci_kms_key.WLS_Key.id + plaintext = var.Base64_Password +} + + +# Outputs to be used for the Stack Creation + +output "cryptographic_endpoint" { + value = oci_kms_vault.WLS_Vault.crypto_endpoint +} + +output "key_OCID" { + value = oci_kms_key.WLS_Key.id +} + +output "Encrypted_data" { + value = oci_kms_encrypted_data.WLS_Encrypted_Data.ciphertext +} diff --git a/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%free_tier%terraform%provider.tf b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%free_tier%terraform%provider.tf new file mode 100644 index 0000000..07b7d43 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%free_tier%terraform%provider.tf @@ -0,0 +1,11 @@ +provider "oci" { + version = ">= 3.0.0" + tenancy_ocid = var.oci_base_identity.tenancy_id + user_ocid = var.oci_base_identity.user_id + fingerprint = var.oci_base_identity.api_fingerprint + private_key_path = var.oci_base_identity.api_private_key_path + private_key_password = var.oci_base_identity.api_private_key_password + region = var.oci_base_general.region + disable_auto_retries = false +} + diff --git a/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%free_tier%terraform%variables.tf b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%free_tier%terraform%variables.tf new file mode 100644 index 0000000..4a25e12 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%free_tier%terraform%variables.tf @@ -0,0 +1,55 @@ +# Identity and access parameters + +variable "oci_base_identity" { + type = object({ + api_fingerprint = string + api_private_key_path = string + api_private_key_password = string + compartment_id = string + tenancy_id = string + user_id = string + }) + description = "identity and provider parameters" +} + + +# General oci parameters + +variable "oci_base_general" { + type = object({ + label_prefix = string + region = string + }) + description = "general oci parameters" + default = { + label_prefix = "base" + region = "" + } +} + + +# Base 64 encrypted password + +variable "Base64_Password" { + type = string +} + + +# Infrastructe parameters + +variable "Compartment_name" { + type = string +} +variable "Dynamic_Group_name" { + type = string +} +variable "Policy_name" { + type = string +} +variable "Vault_name" { + type = string +} +variable "Key_name" { + type = string +} + diff --git a/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%main.tf b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%main.tf new file mode 100644 index 0000000..64991c6 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%main.tf @@ -0,0 +1,24 @@ +### + + +module "compute-keygen" { + source = "./modules/keysgen" +} + + +module "wls_docker_host" { + ## depends_on = [module.keygen] + source = "./modules/wls_docker_host" + tenancy_ocid = var.tenancy_ocid + compartment_ocid = var.compartment_ocid + region = var.region +## fingerprint = var.fingerprint +## private_key_path = var.private_key_path +## user_ocid = var.user_ocid + + ssh_public_key = var.ssh_public_key + + opc_key = module.compute-keygen.OPCPrivateKey + oracle_key = module.compute-keygen.OraclePrivateKey +} + diff --git a/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%modules%keysgen%keygen.tf b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%modules%keysgen%keygen.tf new file mode 100644 index 0000000..06b07d7 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%modules%keysgen%keygen.tf @@ -0,0 +1,37 @@ + +# TEMP WAY OF CREATING ORACLE SSH KEY +resource "tls_private_key" "oracle_key" { + algorithm = "RSA" + rsa_bits = 4096 +} + +# Creating OPC key for script copy +resource "tls_private_key" "opc_key" { + algorithm = "RSA" + rsa_bits = 4096 +} + + +resource "local_file" "oracle_key_private_key_pem" { + filename = "keys/oracle_key.private_key_pem" + file_permission = "600" + content = tls_private_key.oracle_key.private_key_pem +} + +resource "local_file" "oracle_key" { + filename = "keys/oracle_key.public_key_openssh" + file_permission = "600" + content = tls_private_key.oracle_key.public_key_openssh +} + +resource "local_file" "opc_key_private_key_pem" { + filename = "keys/opc_key.private_key_pem" + file_permission= "600" + content = tls_private_key.opc_key.private_key_pem +} + +resource "local_file" "opc_key" { + filename = "keys/opc_key.public_key_openssh" + file_permission = "600" + content = tls_private_key.opc_key.public_key_openssh +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%modules%keysgen%outputs.tf b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%modules%keysgen%outputs.tf new file mode 100644 index 0000000..8d3b508 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%modules%keysgen%outputs.tf @@ -0,0 +1,7 @@ +output "OPCPrivateKey" { + value = "${map("public_key_openssh", tls_private_key.opc_key.public_key_openssh, "private_key_pem", tls_private_key.opc_key.private_key_pem)}" +} + +output "OraclePrivateKey" { + value = "${map("public_key_openssh", tls_private_key.oracle_key.public_key_openssh, "private_key_pem", tls_private_key.oracle_key.private_key_pem)}" +} diff --git a/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%modules%wls_docker_host%clouinit-template.tf b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%modules%wls_docker_host%clouinit-template.tf new file mode 100644 index 0000000..9e28469 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%modules%wls_docker_host%clouinit-template.tf @@ -0,0 +1,22 @@ + +data "template_cloudinit_config" "wls-config" { + gzip = true + base64_encode = true + + # cloud-config configuration file. + # /var/lib/cloud/instance/scripts/* + + part { + filename = "ainit.sh" + content_type = "text/x-shellscript" + content = file("${path.module}/userdata/before-bootstrap") + } + + part { + filename = "binit.sh" + content_type = "text/x-shellscript" + content = file("${path.module}/userdata/bootstrap") + } + + +} diff --git a/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%modules%wls_docker_host%compute.tf b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%modules%wls_docker_host%compute.tf new file mode 100644 index 0000000..17ef00c --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%modules%wls_docker_host%compute.tf @@ -0,0 +1,126 @@ + +provider "oci" { + tenancy_ocid = var.tenancy_ocid +## user_ocid = var.user_ocid +## fingerprint = var.fingerprint +## private_key_path = var.private_key_path + region = var.region +} + +data "oci_core_images" "oracle_linux7_images" { + compartment_id = var.compartment_ocid + operating_system = "Oracle Linux" + operating_system_version = "7.8" + shape = "VM.Standard.E3.Flex" ####local.instance_shape + sort_by = "TIMECREATED" +} + + +locals { +public_keys = format("%s\n%s%s", var.ssh_public_key, + var.opc_key.public_key_openssh, + var.oracle_key.public_key_openssh) +} + + + + +resource "oci_core_instance" "test_instance" { + availability_domain = data.oci_identity_availability_domain.ad.name + compartment_id = var.compartment_ocid + display_name = "wls_toolkit_wdt_server" + shape = var.instance_shape + + shape_config { + ocpus = "${var.instance_ocpus}" + memory_in_gbs = "${var.instance_shape_config_memory_in_gbs}" + } + + create_vnic_details { + subnet_id = oci_core_subnet.test_subnet.id + display_name = "Primaryvnic" + assign_public_ip = true + hostname_label = "wlswdttoolkit" + } + + source_details { + source_type = "image" + source_id = data.oci_core_images.oracle_linux7_images.images.0.id + } + + metadata = { + ssh_authorized_keys = local.public_keys + user_data = data.template_cloudinit_config.wls-config.rendered ##base64encode(file("${path.module}/userdata/before-bootstrap")) + } + timeouts { + create = "60m" + } +} + + + +resource "oci_core_vcn" "test_vcn" { + cidr_block = "10.0.0.0/16" + compartment_id = var.compartment_ocid + display_name = "wdt_toolkit_Vcn" + dns_label = "wdttoolkitvcn" +} + +resource "oci_core_internet_gateway" "test_internet_gateway" { + compartment_id = var.compartment_ocid + display_name = "toolkit_InternetGateway" + vcn_id = oci_core_vcn.test_vcn.id +} + +resource "oci_core_default_route_table" "default_route_table" { + manage_default_resource_id = oci_core_vcn.test_vcn.default_route_table_id + display_name = "DefaultRouteTable" + + route_rules { + destination = "0.0.0.0/0" + destination_type = "CIDR_BLOCK" + network_entity_id = oci_core_internet_gateway.test_internet_gateway.id + } +} + +resource "oci_core_default_security_list" "default_core_security_list" { + display_name = "Default Security List" + + + // allow outbound tcp traffic on all ports + egress_security_rules { + destination = "0.0.0.0/0" + protocol = "6" + } + + ingress_security_rules { + description = "open all ports for the lab" + #icmp_options = + protocol = "6" + source = "0.0.0.0/0" + source_type = "CIDR_BLOCK" + stateless = "false" + #udp_options = <> + } + +manage_default_resource_id = oci_core_vcn.test_vcn.default_security_list_id + +} + +resource "oci_core_subnet" "test_subnet" { +## availability_domain = data.oci_identity_availability_domain.ad.name + cidr_block = "10.0.0.0/24" + display_name = "wls_wdt_toolkit_Subnet" + dns_label = "toolkitsubnet" + security_list_ids = [oci_core_vcn.test_vcn.default_security_list_id] + compartment_id = var.compartment_ocid + vcn_id = oci_core_vcn.test_vcn.id + route_table_id = oci_core_vcn.test_vcn.default_route_table_id + dhcp_options_id = oci_core_vcn.test_vcn.default_dhcp_options_id +} + +data "oci_identity_availability_domain" "ad" { + compartment_id = var.tenancy_ocid + ad_number = 1 +} + diff --git a/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%modules%wls_docker_host%outputs.tf b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%modules%wls_docker_host%outputs.tf new file mode 100644 index 0000000..b493de7 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%modules%wls_docker_host%outputs.tf @@ -0,0 +1,9 @@ +# Output the private and public IPs of the instance + +output "instance_private_ips" { + value = [oci_core_instance.test_instance.*.private_ip] +} + +output "instance_public_ips" { + value = [oci_core_instance.test_instance.*.public_ip] +} diff --git a/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%modules%wls_docker_host%variables.tf b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%modules%wls_docker_host%variables.tf new file mode 100644 index 0000000..e552e83 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%modules%wls_docker_host%variables.tf @@ -0,0 +1,54 @@ + +variable "tenancy_ocid" { +} +/* +variable "user_ocid" { +} + +variable "fingerprint" { +} + +variable "private_key_path" { +} +*/ +variable "region" { +} + +variable "compartment_ocid" { +} + +variable "ssh_public_key" { +} + + + +variable "instance_shape" { + default = "VM.Standard.E3.Flex" +} + +variable "instance_ocpus" { + default = 1 +} + +variable "instance_shape_config_memory_in_gbs" { + default = 16 +} + + +variable "db_size" { + default = "50" # size in GBs +} + + +variable "opc_key" { + type = map + ## opc_key.public_key_openssh + ## opc_key.private_key_pem +} + +variable "oracle_key" { + type = map + ## oracle_key.public_key_openssh + ## oracle_key.private_key_pem + +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%outputs.tf b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%outputs.tf new file mode 100644 index 0000000..7cb36dd --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%outputs.tf @@ -0,0 +1,43 @@ +# Output the private and public IPs of the instance + +output "instance_private_ips" { + value = [module.wls_docker_host.instance_private_ips] +} + +output "instance_public_ips" { + value = [module.wls_docker_host.instance_public_ips] +} + + +output "OPCPrivateKey" { + value = [module.compute-keygen.OPCPrivateKey.private_key_pem] + } + +output "OPCPublicKey" { + value = [module.compute-keygen.OPCPrivateKey.public_key_openssh] + } + + +output "OraclePrivateKey" { + value = [module.compute-keygen.OraclePrivateKey.private_key_pem] + } + +output "OraclePublicKey" { + value = [module.compute-keygen.OraclePrivateKey.public_key_openssh] + } + + +/* + var.opc_key.public_key_openssh, + var.oracle_key.public_key_openssh + + + + + value = "${map("public_key_openssh", tls_private_key.opc_key.public_key_openssh, "private_key_pem", tls_private_key.opc_key.private_key_pem)}" +} + +output "OraclePrivateKey" { + value = "${map("public_key_openssh", tls_private_key.oracle_key.public_key_openssh, "private_key_pem", tls_private_key.oracle_key.private_key_pem)}" +} +*/ diff --git a/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%provider.tf b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%provider.tf new file mode 100644 index 0000000..304378b --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%provider.tf @@ -0,0 +1,5 @@ + +provider "oci" { + tenancy_ocid = var.tenancy_ocid + region = var.region +} diff --git a/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%terraform.tfvars b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%terraform.tfvars new file mode 100644 index 0000000..680d5c3 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%terraform.tfvars @@ -0,0 +1,3 @@ +### +### +###vcn_use_existing = false \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%variables.tf b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%variables.tf new file mode 100644 index 0000000..6569819 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%cloudtestdrive%AppDev%wls%ll-wls-migration%test_wls_docker_image-stack%variables.tf @@ -0,0 +1,83 @@ +##### V1 eugene.simos@oracle.com +##### simple RM stack to deploy a wls wld/tooling vm + vcn network +##### + +variable "tenancy_ocid" { + type = string + description = "tenancy id" +} + + + +variable "region" { + type = string + description = "tenancy id" + default = "" +} + + +variable "compartment_ocid" { + type = string + description = "compartment for weblogic instances" +} + +// Note: This is the opc user's SSH public key text and not the key file path. +variable "ssh_public_key" { + type = string + description = "public key for ssh access to weblogic instances" +## default = "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAt9LIaTOzZ53jUYWmWLYPYakXx39BkJPYzgrXCL+1haFXM4drNapwWiJaJ4d/4mTfLBOA4QiZ4DyiRGfhOwontPsU/XjPyVAw59S3LDaWZx5tS3KX5UUlEL6yFbwdE7O8ovpYxkaFzCKnkSshlPXITBMMID8nelomiyGsEf2ea0EOT25xhf7iW7Q/tlM74QxdI/N5ea3Pqiu4H3yjotC+/ozl+OYNRVLKr/TtTMvlGMkk7uDdQVUTG1Vzm96Eu8bbjTNVYqHLqx0U131UI/xKkTJa+65iRf9NMLzvuNqzR8mt5OGSjTFyXi5xNepRSiRPSuGPV1IIBYl4iB6cxcFolQ== rsa-key-20200601" + default = "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAtcUXIMzcK9tGupINHokVcsNlV21KD7RTJUAL3rKDGRlCR4xwyQ61xsUIcsTf9tIsc8g1UqBc8NrVuCEXopzNTDSGKg9t0d/zkBocaVxJN5EawZAqW5+lNJidrGPGsEA7O+LjvJeCZhhhQJbNxV8yra9r5UceZKjQTGUUXn5cTST6Vy5UyDZTVG8cVmk8QGTfGwsgzardCa1ho/VMJHgCB1dmWEUpEOfc4ou61s7tHMarxXxkgysWYoUtddg/FRUTf0ehf0h2D1v10tc/THNwtpuVmYO2cbLP5BZYYKHmWdymIRFkr33dXqJSu2lipZoFZVL2Rtd+PmEZ03u+uD7Jfw== rsa-key-20201110" +} + + +##### +##### below vars for future usage +##### var for running the scripts locally +##### +/* +variable "vcn_use_existing" { + default = "" +} + +variable "vnc_id" { +default ="" +} + +variable "vnc_public_subnet_id" { +default ="" +} + +variable "user_ocid" { +default = "" + } + +variable "fingerprint" { +default = "" + } + +variable "private_key_path" { +default = "" + } + +*/ + + + + + + + + + + + + + + + + + + + + + diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%ad-region-datasource.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%ad-region-datasource.tf new file mode 100644 index 0000000..fdbe4bc --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%ad-region-datasource.tf @@ -0,0 +1,18 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +data "oci_core_subnet" "shardgroup_subnet" { + #Required + subnet_id = var.create_new_network ? join("", oci_core_subnet.subnet.*.id) : var.subnet_id +} + +data "oci_identity_availability_domains" "ADs" { + compartment_id = var.tenancy_ocid +} + +data "oci_identity_fault_domains" "FDs" { + count = local.num_of_ads + #Required + availability_domain = data.oci_identity_availability_domains.ADs.availability_domains[count.index].name + compartment_id = var.tenancy_ocid +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%add-service.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%add-service.tf new file mode 100644 index 0000000..c020df5 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%add-service.tf @@ -0,0 +1,46 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_add_service" { + depends_on = ["null_resource.sdb_shard_tde", "null_resource.sdb_shard_standby_tde", "null_resource.sdb_shard_catalog_tde", "null_resource.sdb_deploy_invoker"] + count = "${var.demo_setup == "false" ? 0 : length(var.global_services)}" + + #creates ssh connection to gsm host + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${oci_core_instance.gsm_vm[0].public_ip}" + agent = false + timeout = "${var.ssh_timeout}" + } + + # copying + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${var.oracle_base}/shard-director.sh + gdsctl add service -service ${lookup(var.global_services[element(keys(var.global_services), count.index)], "service_name")} -role ${lookup(var.global_services[element(keys(var.global_services), count.index)], "role")} + gdsctl start service -service ${lookup(var.global_services[element(keys(var.global_services), count.index)], "service_name")} + gdsctl config + EOF + destination = "${local.gsm_home_full_path}/add-service-config-setup-for-${lookup(var.global_services[element(keys(var.global_services), count.index)], "service_name")}.sh" + } + + #shard director config setup + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.gsm_home_full_path}/add-service-config-setup-for-${lookup(var.global_services[element(keys(var.global_services), count.index)], "service_name")}.sh", + "${local.gsm_home_full_path}/add-service-config-setup-for-${lookup(var.global_services[element(keys(var.global_services), count.index)], "service_name")}.sh", + "rm -f ${local.gsm_home_full_path}/add-service-config-setup-for-${lookup(var.global_services[element(keys(var.global_services), count.index)], "service_name")}.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${local.gsm_home_full_path}/add-service-config-setup-for-${lookup(var.global_services[element(keys(var.global_services), count.index)], "service_name")}.sh", + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%add-shard-director-wo-stdby.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%add-shard-director-wo-stdby.tf new file mode 100644 index 0000000..22e8271 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%add-shard-director-wo-stdby.tf @@ -0,0 +1,70 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_add_shard_director_wo_stdby" { + depends_on = ["null_resource.sdb_shard_director_install_main", "null_resource.sdb_shard_director_configure"] + count = "${(var.num_of_shard_groups > 1) ? 0 : var.num_of_gsm}" + + #creates ssh connection to gsm host + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${oci_core_instance.gsm_vm[count.index].public_ip}" + agent = false + timeout = "${var.ssh_timeout}" + } + + # copying + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${var.oracle_base}/shard-director.sh + gdsctl add gsm -gsm ${join("", [var.sharded_database_name, var.gsm_name_prefix, count.index])} -pwd sd${random_string.gsmcatuser_pass.result} -catalog ${data.oci_core_vnic.catalog_db_node_vnic[0].public_ip_address}:${oci_database_db_system.catalog_db[0].listener_port}/${data.oci_database_database.catalog_database[0].pdb_name}.${oci_database_db_system.catalog_db[0].domain} -region ${replace(var.region, "-", "")} + gdsctl start gsm -gsm ${join("", [var.sharded_database_name, var.gsm_name_prefix, count.index])} + gdsctl add invitednode ${data.oci_core_vnic.catalog_db_node_vnic[0].public_ip_address} + gdsctl add invitednode ${data.oci_core_vnic.catalog_db_node_vnic[0].private_ip_address} + gdsctl config + EOF + destination = "${local.gsm_home_full_path}/add-shard-director-config-setup.sh" + } + + # add shard director config setup + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.gsm_home_full_path}/add-shard-director-config-setup.sh", + "${local.gsm_home_full_path}/add-shard-director-config-setup.sh", + "rm -f ${local.gsm_home_full_path}/add-shard-director-config-setup.sh" + ] + } + + # connect gsmcatuser/sd${random_string.gsmcatuser_pass.result}@${data.oci_core_vnic.catalog_db_node_vnic[0].public_ip_address}:${oci_database_db_system.catalog_db[0].listener_port}/${data.oci_database_database.catalog_database[0].pdb_name}.${oci_database_db_system.catalog_db[0].domain} + # + + #teardown config copy + provisioner "file" { + when = "destroy" + content = <<-EOF + #! /bin/bash + source ${var.oracle_base}/shard-director.sh + ${count.index > 0 ? "gdsctl stop gsm" : "echo first gsm, so not stopping it."} + ${count.index > 0 ? "sleep 240" : "echo skipping noop"} + ${count.index > 0 ? "gdsctl stop gsm" : "echo first gsm, so not stopping it again."} + ${count.index > 0 ? "gdsctl remove gsm -gsm ${join("", [var.sharded_database_name, var.gsm_name_prefix, count.index])}" : "echo First gsm so not removing gsm."} + ${count.index > 0 ? "sleep 240" : "echo skipping noop"} + gdsctl config + rm -f ${local.gsm_home_full_path}/add-shard-director-config-setup.sh + EOF + destination = "${local.gsm_home_full_path}/teardown-add-shard-director-config-setup.sh" + } + + #teardown add shard director config setup + provisioner "remote-exec" { + when = "destroy" + inline = [ + "chmod 700 ${local.gsm_home_full_path}/teardown-add-shard-director-config-setup.sh", + "${local.gsm_home_full_path}/teardown-add-shard-director-config-setup.sh", + "rm -f ${local.gsm_home_full_path}/teardown-add-shard-director-config-setup.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%add-shard-director.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%add-shard-director.tf new file mode 100644 index 0000000..862f8d3 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%add-shard-director.tf @@ -0,0 +1,70 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_add_shard_director" { + depends_on = ["null_resource.sdb_shard_director_install_main", "null_resource.sdb_add_shard_director_wo_stdby", "null_resource.sdb_shard_director_configure"] + count = "${(var.num_of_shard_groups > 1) ? var.num_of_gsm : 0}" + + #creates ssh connection to gsm host + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${oci_core_instance.gsm_vm[count.index].public_ip}" + agent = false + timeout = "${var.ssh_timeout}" + } + + # copying + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${var.oracle_base}/shard-director.sh + gdsctl add gsm -gsm ${join("", [var.sharded_database_name, var.gsm_name_prefix, count.index])} -pwd sd${random_string.gsmcatuser_pass.result} -catalog ${data.oci_core_vnic.catalog_db_node_vnic[0].public_ip_address}:${oci_database_db_system.catalog_db[0].listener_port}/${data.oci_database_database.catalog_database[0].pdb_name}.${oci_database_db_system.catalog_db[0].domain} -region ${replace(var.region, "-", "")} -trace_level 16 + gdsctl start gsm -gsm ${join("", [var.sharded_database_name, var.gsm_name_prefix, count.index])} + gdsctl add invitednode ${data.oci_core_vnic.catalog_db_node_vnic[0].public_ip_address} + gdsctl add invitednode ${data.oci_core_vnic.catalog_db_node_vnic[0].private_ip_address} + gdsctl add invitednode ${data.oci_core_vnic.catalog_stby_db_node_vnic[0].public_ip_address} + gdsctl add invitednode ${data.oci_core_vnic.catalog_stby_db_node_vnic[0].private_ip_address} + gdsctl config + EOF + destination = "${local.gsm_home_full_path}/add-shard-director-config-setup.sh" + } + + # add shard director config setup + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.gsm_home_full_path}/add-shard-director-config-setup.sh", + "${local.gsm_home_full_path}/add-shard-director-config-setup.sh", + "rm -f ${local.gsm_home_full_path}/add-shard-director-config-setup.sh" + ] + } + + + #teardown config copy + provisioner "file" { + when = "destroy" + content = <<-EOF + #! /bin/bash + source ${var.oracle_base}/shard-director.sh + ${count.index > 0 ? "gdsctl stop gsm" : "echo first gsm, so not stopping it."} + ${count.index > 0 ? "sleep 240" : "echo skipping noop"} + ${count.index > 0 ? "gdsctl stop gsm" : "echo first gsm, so not stopping it again."} + ${count.index > 0 ? "gdsctl remove gsm -gsm ${join("", [var.sharded_database_name, var.gsm_name_prefix, count.index])}" : "echo First gsm so not removing gsm."} + ${count.index > 0 ? "sleep 240" : "echo skipping noop"} + gdsctl config + rm -f ${local.gsm_home_full_path}/add-shard-director-config-setup.sh + EOF + destination = "${local.gsm_home_full_path}/teardown-add-shard-director-config-setup.sh" + } + + #teardown add shard director config setup + provisioner "remote-exec" { + when = "destroy" + inline = [ + "chmod 700 ${local.gsm_home_full_path}/teardown-add-shard-director-config-setup.sh", + "${local.gsm_home_full_path}/teardown-add-shard-director-config-setup.sh", + "rm -f ${local.gsm_home_full_path}/teardown-add-shard-director-config-setup.sh" + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%add-shard-group.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%add-shard-group.tf new file mode 100644 index 0000000..8405dd3 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%add-shard-group.tf @@ -0,0 +1,44 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_add_shard_group" { + depends_on = ["null_resource.sdb_catalog_switchover", "null_resource.sdb_add_shard_director_wo_stdby"] + count = "${(var.num_of_shard_groups >= 1) ? 1 : 0}" + + #creates ssh connection to gsm host + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${oci_core_instance.gsm_vm[0].public_ip}" + agent = false + timeout = "${var.ssh_timeout}" + } + + # copying + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${var.oracle_base}/shard-director.sh + gdsctl add shardgroup -shardgroup ${join("", [var.shardgroup_name_prefix, count.index])} -deploy_as primary -region ${replace(var.region, "-", "")} + EOF + destination = "${local.gsm_home_full_path}/shard-group-config-setup-for-${join("", [var.shardgroup_name_prefix, count.index])}.sh" + } + + #shard director config setup + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.gsm_home_full_path}/shard-group-config-setup-for-${join("", [var.shardgroup_name_prefix, count.index])}.sh", + "${local.gsm_home_full_path}/shard-group-config-setup-for-${join("", [var.shardgroup_name_prefix, count.index])}.sh", + "rm -f ${local.gsm_home_full_path}/shard-group-config-setup-for-${join("", [var.shardgroup_name_prefix, count.index])}.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${local.gsm_home_full_path}/shard-group-config-setup-for-${join("", [var.shardgroup_name_prefix, count.index])}.sh" + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%add-shard.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%add-shard.tf new file mode 100644 index 0000000..f5d8bcb --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%add-shard.tf @@ -0,0 +1,71 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_add_shard" { + depends_on = ["null_resource.sdb_add_standby_shard_group", "null_resource.sdb_add_shard_group", "null_resource.sdb_shard_db_configure", "null_resource.sdb_shard_data_move_consolidator_config"] + count = "${var.num_of_shards}" + + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${oci_core_instance.gsm_vm[0].public_ip}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${var.oracle_base}/shard-director.sh + cd ${local.gsm_home_full_path} + gdsctl add cdb -connect ${data.oci_core_vnic.shard_db_node_vnic[count.index].public_ip_address}:${oci_database_db_system.shard_db[count.index].listener_port}/${data.oci_database_database.shard_database[count.index].db_unique_name}.${oci_database_db_system.shard_db[count.index].domain} -pwd sd${random_string.gsmrootuser_pass.result} + gdsctl add invitednode ${data.oci_core_vnic.shard_db_node_vnic[count.index].public_ip_address} + gdsctl add invitednode ${data.oci_core_vnic.shard_db_node_vnic[count.index].private_ip_address} + gdsctl add shard -cdb ${data.oci_database_database.shard_database[count.index].db_unique_name} -shardgroup ${join("", [var.shardgroup_name_prefix, floor(count.index / var.num_of_shards)])} -connect ${data.oci_core_vnic.shard_db_node_vnic[count.index].public_ip_address}:${oci_database_db_system.shard_db[count.index].listener_port}/${data.oci_database_database.shard_database[count.index].pdb_name}.${oci_database_db_system.shard_db[count.index].domain} -pwd sd${random_string.gsmuser_pass.result} + echo "${tls_private_key.public_private_key_pair.private_key_pem}" > ikey-fsfo + chmod 600 ikey-fsfo + EOF + destination = "${local.gsm_home_full_path}/add-shard-config-setup-for-${join("", [var.sharded_database_name, var.shard_name_prefix, count.index])}.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.gsm_home_full_path}/add-shard-config-setup-for-${join("", [var.sharded_database_name, var.shard_name_prefix, count.index])}.sh", + "${local.gsm_home_full_path}/add-shard-config-setup-for-${join("", [var.sharded_database_name, var.shard_name_prefix, count.index])}.sh", + "rm -f ${local.gsm_home_full_path}/add-shard-config-setup-for-${join("", [var.sharded_database_name, var.shard_name_prefix, count.index])}.sh" + ] + } + + provisioner "file" { + content = <<-EOF + echo "chunk move starting for ${data.oci_database_database.shard_database[count.index].db_unique_name}_${data.oci_database_database.shard_database[count.index].pdb_name}" + ${count.index > 0 ? join("", [join("_", [join("", ["gdsctl move chunk -chunk $(head -n 1 chunks_${data.oci_database_database.shard_database[count.index].db_unique_name}_${data.oci_database_database.shard_database[count.index].pdb_name}) -source ", data.oci_database_database.shard_database[count.index].db_unique_name]), data.oci_database_database.shard_database[count.index].pdb_name]), " -target ${data.oci_database_database.shard_database[0].db_unique_name}_${data.oci_database_database.shard_database[0].pdb_name}"]) : "echo move chunk will not be executed for shard : ${data.oci_database_database.shard_database[count.index].db_unique_name} as it is the last remaining shard. The shard will be force removed now."} + sleep 240 + echo "chunk move with wait completed for ${data.oci_database_database.shard_database[count.index].db_unique_name}_${data.oci_database_database.shard_database[count.index].pdb_name}" + ${count.index > 0 ? join("", [join("_", [join("", ["gdsctl remove shard -shard ", data.oci_database_database.shard_database[count.index].db_unique_name]), data.oci_database_database.shard_database[count.index].pdb_name]), ""]) : join("", [join("_", [join("", ["gdsctl remove shard -force -shard ", data.oci_database_database.shard_database[count.index].db_unique_name]), data.oci_database_database.shard_database[count.index].pdb_name]), ""])} + #sleep 120 + echo "Remove Shard with wait completed for ${data.oci_database_database.shard_database[count.index].db_unique_name}_${data.oci_database_database.shard_database[count.index].pdb_name}" + gdsctl remove invitednode ${data.oci_core_vnic.shard_db_node_vnic[count.index].public_ip_address} + gdsctl remove invitednode ${data.oci_core_vnic.shard_db_node_vnic[count.index].private_ip_address} + #sleep 120 + echo "Remove Invited node with wait completed for ${data.oci_database_database.shard_database[count.index].db_unique_name}_${data.oci_database_database.shard_database[count.index].pdb_name}" + ${count.index > 0 ? join("", ["gdsctl remove cdb -cdb ", data.oci_database_database.shard_database[count.index].db_unique_name]) : join("", ["gdsctl remove cdb -force -cdb ", data.oci_database_database.shard_database[count.index].db_unique_name])} + #sleep 120 + echo "Remove CDB with wait completed for ${data.oci_database_database.shard_database[count.index].db_unique_name}" + EOF + destination = "${local.gsm_home_full_path}/remove-shard-config-for-${var.shard_name_prefix}${count.index}.tfconfig" + } + + provisioner "remote-exec" { + when = "destroy" + inline = [ + "mv ${local.gsm_home_full_path}/remove-shard-config-for-${var.shard_name_prefix}${count.index}.tfconfig ${local.gsm_home_full_path}/tfconfig-remove-shard-config-for-${var.shard_name_prefix}${count.index}.tfconfig", + "echo Checking whether FSFO is enabled on shard${count.index}", + "[ -e ${local.gsm_home_full_path}/shard-dg-fsfo-config-disable-${count.index}.sh ] && chmod 700 ${local.gsm_home_full_path}/shard-dg-fsfo-config-disable-${count.index}.sh || echo no-op", + "[ -e ${local.gsm_home_full_path}/shard-dg-fsfo-config-disable-${count.index}.sh ] && ${local.gsm_home_full_path}/shard-dg-fsfo-config-disable-${count.index}.sh || echo no-op", + "[ -e ${local.gsm_home_full_path}/shard-dg-fsfo-config-disable-${count.index}.sh ] && rm -f ${local.gsm_home_full_path}/shard-dg-fsfo-config-disable-${count.index}.sh || echo Primary only setup. Hence fsfo cannot be disabled.", + "echo FSFO was disabled on shard${count.index} if it was enabled." + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%add-standby-shard-group.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%add-standby-shard-group.tf new file mode 100644 index 0000000..0564a5f --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%add-standby-shard-group.tf @@ -0,0 +1,44 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_add_standby_shard_group" { + depends_on = ["null_resource.sdb_add_shard_group"] + count = "${(var.num_of_shard_groups - 1)}" + + #creates ssh connection to gsm host + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${oci_core_instance.gsm_vm[0].public_ip}" + agent = false + timeout = "${var.ssh_timeout}" + } + + # copying + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${var.oracle_base}/shard-director.sh + gdsctl add shardgroup -shardgroup ${join("", [var.shardgroup_name_prefix, count.index + 1])} -deploy_as active_standby -region ${replace(var.region, "-", "")} + EOF + destination = "${local.gsm_home_full_path}/shard-group-config-setup-for-${join("", [var.shardgroup_name_prefix, count.index + 1])}.sh" + } + + #shard director config setup + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.gsm_home_full_path}/shard-group-config-setup-for-${join("", [var.shardgroup_name_prefix, count.index + 1])}.sh", + "${local.gsm_home_full_path}/shard-group-config-setup-for-${join("", [var.shardgroup_name_prefix, count.index + 1])}.sh", + "rm -f ${local.gsm_home_full_path}/shard-group-config-setup-for-${join("", [var.shardgroup_name_prefix, count.index + 1])}.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${local.gsm_home_full_path}/shard-group-config-setup-for-${join("", [var.shardgroup_name_prefix, count.index + 1])}.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%add-standby-shard.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%add-standby-shard.tf new file mode 100644 index 0000000..e258822 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%add-standby-shard.tf @@ -0,0 +1,47 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_add_standby_shard" { + depends_on = ["null_resource.sdb_add_standby_shard_group", "null_resource.sdb_shard_standby_configure"] + count = "${var.num_of_shards * (var.num_of_shard_groups - 1)}" + + #creates ssh connection to gsm host + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${oci_core_instance.gsm_vm[0].public_ip}" + agent = false + timeout = "${var.ssh_timeout}" + } + + # copying + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${var.oracle_base}/shard-director.sh + gdsctl add cdb -connect ${data.oci_core_vnic.shard_stby_db_node_vnic[count.index].public_ip_address}:${oci_database_db_system.shard_db[count.index % var.num_of_shards].listener_port}/${data.oci_database_database.stdby_shard_database[count.index].db_unique_name}.${data.oci_core_subnet.shardgroup_subnet.subnet_domain_name} -pwd sd${random_string.gsmrootuser_pass.result} + gdsctl add invitednode ${data.oci_core_vnic.shard_stby_db_node_vnic[count.index].public_ip_address} + gdsctl add invitednode ${data.oci_core_vnic.shard_stby_db_node_vnic[count.index].private_ip_address} + gdsctl add shard -cdb ${data.oci_database_database.stdby_shard_database[count.index].db_unique_name} -shardgroup ${join("", [var.shardgroup_name_prefix, floor(count.index / var.num_of_shards) + 1])} -connect ${data.oci_core_vnic.shard_stby_db_node_vnic[count.index].public_ip_address}:${oci_database_db_system.shard_db[count.index % var.num_of_shards].listener_port}/${data.oci_database_database.shard_database[count.index % var.num_of_shards].pdb_name}.${data.oci_core_subnet.shardgroup_subnet.subnet_domain_name} -pwd sd${random_string.gsmuser_pass.result} + EOF + destination = "${local.gsm_home_full_path}/add-standby-shard-${count.index}-config-setup.sh" + } + + #shard director config setup + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.gsm_home_full_path}/add-standby-shard-${count.index}-config-setup.sh", + "${local.gsm_home_full_path}/add-standby-shard-${count.index}-config-setup.sh", + "rm -f ${local.gsm_home_full_path}/add-standby-shard-${count.index}-config-setup.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${local.gsm_home_full_path}/add-standby-shard-${count.index}-config-setup.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-dataguard.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-dataguard.tf new file mode 100644 index 0000000..8e750ae --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-dataguard.tf @@ -0,0 +1,86 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "oci_database_data_guard_association" "catalog_data_guard_association" { + depends_on = ["null_resource.sdb_shard_catalog_configure"] + count = "${var.num_of_shard_catalogs * (var.num_of_shard_groups - 1)}" + + #Required + creation_type = "NewDbSystem" + database_admin_password = "sd${random_string.sys_pass.result}" + database_id = "${data.oci_database_databases.primary_databases[0].databases.0.id}" + protection_mode = "${var.protection_mode}" + transport_type = "${var.transport_type}" + + #required for NewDbSystem creation_type + display_name = join("", [var.sharded_database_name, var.standby_catalog_name_prefix, count.index]) + subnet_id = var.create_new_network ? join("", oci_core_subnet.subnet.*.id) : var.subnet_id + availability_domain = data.oci_identity_availability_domains.ADs.availability_domains[(count.index + 1) % local.num_of_ads].name + hostname = join("", [var.sharded_database_name, var.standby_catalog_name_prefix, count.index]) + delete_standby_db_home_on_delete = "${var.delete_standby_db_home_on_delete}" + +} + +data "oci_database_db_systems" "catalog_stdby_db_systems" { + depends_on = ["oci_database_data_guard_association.catalog_data_guard_association"] + + count = "${var.num_of_shard_catalogs * (var.num_of_shard_groups - 1)}" + #Required + compartment_id = "${var.compartment_ocid}" + + #Optional + display_name = join("", [var.sharded_database_name, var.standby_catalog_name_prefix, count.index]) +} + +data "oci_database_db_nodes" "catalog_stby_db_nodes" { + depends_on = ["oci_database_data_guard_association.catalog_data_guard_association"] + count = var.num_of_shard_catalogs * (var.num_of_shard_groups - 1) + compartment_id = var.compartment_ocid + db_system_id = lookup(data.oci_database_db_systems.catalog_stdby_db_systems[count.index].db_systems[0], "id") +} + +# Get DB node details +data "oci_database_db_node" "catalog_stby_db_node_details" { + count = "${var.num_of_shard_catalogs * (var.num_of_shard_groups - 1)}" + db_node_id = "${lookup(data.oci_database_db_nodes.catalog_stby_db_nodes[count.index].db_nodes[0], "id")}" +} + +# Gets the OCID of the first (default) vNIC +data "oci_core_vnic" "catalog_stby_db_node_vnic" { + count = "${var.num_of_shard_catalogs * (var.num_of_shard_groups - 1)}" + vnic_id = "${data.oci_database_db_node.catalog_stby_db_node_details[count.index].vnic_id}" +} + +output "shard_catalog_standby_public_ip" { + value = ["${data.oci_core_vnic.catalog_stby_db_node_vnic.*.public_ip_address}"] +} + +# data "oci_database_database" "stdby_catalog_database" { +# depends_on = ["oci_database_data_guard_association.catalog_data_guard_association"] +# count = "${var.num_of_shard_catalogs * (var.num_of_shard_groups - 1)}" +# database_id = "${oci_database_data_guard_association.catalog_data_guard_association[count.index].peer_database_id}" +# } + +# output "stdby_catalog_db_dataguard_association_id" { +# value = ["${oci_database_data_guard_association.catalog_data_guard_association.*.id}"] +# } + +# output "stdby_catalog_db_dataguard_association_peer_db_id" { +# value = ["${oci_database_data_guard_association.catalog_data_guard_association.*.peer_database_id}"] +# } + +# output "stdby_catalog_db_dataguard_association_db_id" { +# value = ["${oci_database_data_guard_association.catalog_data_guard_association.*.database_id}"] +# } + +# output "stdby_catalog_db_dataguard_association_peer_db_home_id" { +# value = ["${oci_database_data_guard_association.catalog_data_guard_association.*.peer_db_home_id}"] +# } + +# output "stdby_catalog_db_dataguard_association_peer_db_system_id" { +# value = ["${oci_database_data_guard_association.catalog_data_guard_association.*.peer_db_system_id}"] +# } + +# output "stdby_catalog_db_dataguard_association_peer_role" { +# value = ["${oci_database_data_guard_association.catalog_data_guard_association.*.peer_role}"] +# } \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-db.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-db.tf new file mode 100644 index 0000000..fb2a306 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-db.tf @@ -0,0 +1,84 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "oci_database_db_system" "catalog_db" { + depends_on = ["tls_private_key.public_private_key_pair"] + count = var.num_of_shard_catalogs + availability_domain = data.oci_identity_availability_domains.ADs.availability_domains[count.index % local.num_of_ads].name + compartment_id = var.compartment_ocid + database_edition = var.database_edition + + db_home { + database { + admin_password = "sd${random_string.sys_pass.result}" + db_name = join("", [var.sharded_database_name, var.catalog_name_prefix, count.index]) + character_set = "AL32UTF8" + ncharacter_set = "AL16UTF16" + db_workload = "OLTP" + pdb_name = "${var.pdb_name}" + + db_backup_config { + auto_backup_enabled = false + } + } + db_version = "${var.db_version}.0" + display_name = join("", [var.sharded_database_name, var.catalog_name_prefix, count.index]) + } + + db_system_options { + storage_management = "LVM" + } + disk_redundancy = "NORMAL" + shape = "${var.catalog_db_shape}" + subnet_id = var.create_new_network ? join("", oci_core_subnet.subnet.*.id) : var.subnet_id + ssh_public_keys = ["${tls_private_key.public_private_key_pair.public_key_openssh}", "${var.ssh_public_key}"] + display_name = join("", [var.sharded_database_name, var.catalog_name_prefix, count.index]) + hostname = join("", [var.sharded_database_name, var.catalog_name_prefix, count.index]) + data_storage_size_in_gb = var.catalog_data_storage_size_in_gb + license_model = var.license_type + node_count = 1 + fault_domains = ["${data.oci_identity_fault_domains.FDs[count.index % local.num_of_ads].fault_domains[floor(count.index / length(data.oci_identity_fault_domains.FDs[count.index % local.num_of_ads].fault_domains))].name}"] +} + +# output "db_system_id" { +# value = ["${oci_database_db_system.catalog_db.*.id}"] +# } + +data "oci_database_db_homes" "primary_db_homes" { + count = var.num_of_shard_catalogs + compartment_id = "${var.compartment_ocid}" + db_system_id = element(oci_database_db_system.catalog_db.*.id, count.index) +} + +data "oci_database_databases" "primary_databases" { + count = "${var.num_of_shard_catalogs}" + compartment_id = "${var.compartment_ocid}" + db_home_id = "${data.oci_database_db_homes.primary_db_homes[count.index].db_homes.0.id}" +} + +data "oci_database_database" "catalog_database" { + count = "${var.num_of_shard_catalogs}" + database_id = "${data.oci_database_databases.primary_databases[count.index].databases.0.id}" +} + +data "oci_database_db_nodes" "catalog_db_nodes" { + count = var.num_of_shard_catalogs + compartment_id = "${var.compartment_ocid}" + db_system_id = element(oci_database_db_system.catalog_db.*.id, count.index) +} + +# Get DB node details +data "oci_database_db_node" "catalog_db_node_details" { + count = var.num_of_shard_catalogs + db_node_id = "${lookup(data.oci_database_db_nodes.catalog_db_nodes[count.index].db_nodes[0], "id")}" +} + +# Gets the OCID of the first (default) vNIC +data "oci_core_vnic" "catalog_db_node_vnic" { + count = var.num_of_shard_catalogs + vnic_id = "${data.oci_database_db_node.catalog_db_node_details[count.index].vnic_id}" +} + +output "shard_catalog_public_ip" { + value = ["${data.oci_core_vnic.catalog_db_node_vnic.*.public_ip_address}"] +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-shard-chunks.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-shard-chunks.tf new file mode 100644 index 0000000..f78fecd --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-shard-chunks.tf @@ -0,0 +1,91 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_catalog_shard_chunks" { + depends_on = ["null_resource.sdb_deploy_invoker", "null_resource.sdb_add_shard"] + count = "${var.num_of_shards}" + + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${data.oci_core_vnic.catalog_db_node_vnic[0].public_ip_address}" + agent = false + timeout = "${var.ssh_timeout}" + } + + # copying + provisioner "file" { + content = <<-EOF + #! /bin/bash + cd ${var.oracle_base} + echo "Resource sdb_catalog_shard_chunks creation provisioner." + EOF + destination = "${local.db_home_path}/resource-creation-provisioner-chunks-for-${join("", [var.sharded_database_name, var.shard_name_prefix, count.index])}.sh" + } + + provisioner "file" { + content = <<-EOF + alter session set container=${data.oci_database_database.catalog_database[0].pdb_name}; + SPOOL ${var.oracle_base}/chunks_${data.oci_database_database.shard_database[count.index].db_unique_name}_${data.oci_database_database.shard_database[count.index].pdb_name}.lst + select LISTAGG(chunk_number, ',') from gsmadmin_internal.chunk_loc c, gsmadmin_internal.database d where d.database_num = c.database_num and d.name = '${data.oci_database_database.shard_database[count.index].db_unique_name}_${data.oci_database_database.shard_database[count.index].pdb_name}'; + SPOOL OFF + exit + EOF + destination = "${local.db_home_path}/chunks_for_${join("", [var.sharded_database_name, var.shard_name_prefix, count.index])}_config.sql" + } + + # copying + provisioner "file" { + content = <<-EOF + #! /bin/bash + cd ${var.oracle_base} + echo "${tls_private_key.public_private_key_pair.private_key_pem}" > ${var.oracle_base}/ikey_chunks_${data.oci_database_database.shard_database[count.index].db_unique_name}_${data.oci_database_database.shard_database[count.index].pdb_name} + chmod 600 ikey_chunks_${data.oci_database_database.shard_database[count.index].db_unique_name}_${data.oci_database_database.shard_database[count.index].pdb_name} + sed -n '4,$ p' ${var.oracle_base}/chunks_${data.oci_database_database.shard_database[count.index].db_unique_name}_${data.oci_database_database.shard_database[count.index].pdb_name}.lst | tr -d '\n' | tr -d '[:space:]' > ${var.oracle_base}/chunks_${data.oci_database_database.shard_database[count.index].db_unique_name}_${data.oci_database_database.shard_database[count.index].pdb_name} + chmod 600 ${var.oracle_base}/chunks_${data.oci_database_database.shard_database[count.index].db_unique_name}_${data.oci_database_database.shard_database[count.index].pdb_name} + EOF + destination = "${local.db_home_path}/ikey_chunks_for_${join("", [var.sharded_database_name, var.shard_name_prefix, count.index])}.sh" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${local.db_home_path}/shardcat.sh + sqlplus / as sysdba @${local.db_home_path}/chunks_for_${join("", [var.sharded_database_name, var.shard_name_prefix, count.index])}_config.sql + EOF + destination = "${local.db_home_path}/chunks_${join("", [var.sharded_database_name, var.shard_name_prefix, count.index])}_setup.sh" + } + + #Catalog chunk config + provisioner "remote-exec" { + when = "destroy" + inline = [ + "chmod 700 ${local.db_home_path}/chunks_${join("", [var.sharded_database_name, var.shard_name_prefix, count.index])}_setup.sh", + "${local.db_home_path}/chunks_${join("", [var.sharded_database_name, var.shard_name_prefix, count.index])}_setup.sh", + "chmod 700 ${local.db_home_path}/ikey_chunks_for_${join("", [var.sharded_database_name, var.shard_name_prefix, count.index])}.sh", + "${local.db_home_path}/ikey_chunks_for_${join("", [var.sharded_database_name, var.shard_name_prefix, count.index])}.sh", + "rm -f ${local.db_home_path}/chunks_for_${join("", [var.sharded_database_name, var.shard_name_prefix, count.index])}_config.sql", + "rm -f ${local.db_home_path}/chunks_${join("", [var.sharded_database_name, var.shard_name_prefix, count.index])}_setup.sh", + "rm -f ${local.db_home_path}/ikey_chunks_for_${join("", [var.sharded_database_name, var.shard_name_prefix, count.index])}.sh" + ] + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + cd ${var.oracle_base} + scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i ikey_chunks_${data.oci_database_database.shard_database[count.index].db_unique_name}_${data.oci_database_database.shard_database[count.index].pdb_name} ${var.oracle_base}/chunks_${data.oci_database_database.shard_database[count.index].db_unique_name}_${data.oci_database_database.shard_database[count.index].pdb_name} oracle@${oci_core_instance.gsm_vm[0].public_ip}:${local.gsm_home_full_path}/ + EOF + destination = "${local.db_home_path}/scp_chunks_${join("", [var.sharded_database_name, var.shard_name_prefix, count.index])}.sh" + } + + provisioner "remote-exec" { + when = "destroy" + inline = [ + "chmod 700 ${local.db_home_path}/scp_chunks_${join("", [var.sharded_database_name, var.shard_name_prefix, count.index])}.sh", + "${local.db_home_path}/scp_chunks_${join("", [var.sharded_database_name, var.shard_name_prefix, count.index])}.sh", + "rm -f ${local.db_home_path}/scp_chunks_${join("", [var.sharded_database_name, var.shard_name_prefix, count.index])}.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-standby-cloud-init.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-standby-cloud-init.tf new file mode 100644 index 0000000..1f7ca35 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-standby-cloud-init.tf @@ -0,0 +1,62 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_catalog_standby_cloud_init" { + depends_on = ["oci_database_data_guard_association.catalog_data_guard_association"] + count = "${var.num_of_shard_catalogs * (var.num_of_shard_groups - 1)}" + + connection { + type = "ssh" + user = "${var.opc_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${data.oci_core_vnic.catalog_stby_db_node_vnic[count.index].public_ip_address}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + sudo usermod --password $(echo sd${random_string.sudo_pass.result} | openssl passwd -1 -stdin) ${var.os_user} + sudo cp ~/.ssh/authorized_keys /home/${var.os_user}/.ssh/authorized_keys + EOF + destination = "~/shard-cat-standby-cloud-sdb-init-starter.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod +x ~/shard-cat-standby-cloud-sdb-init-starter.sh", + "~/shard-cat-standby-cloud-sdb-init-starter.sh > shard-cat-standby-cloud-sdb-init-starter.log", + "rm -f ~/shard-cat-standby-cloud-sdb-init-starter.sh" + ] + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + echo "search ${oci_database_db_system.catalog_db[count.index].domain}" >> /etc/resolv.conf + cat /etc/resolv.conf + EOF + destination = "~/search-term.sh" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + cd ~ + sudo chown root.root search-term.sh + sudo chmod 4755 search-term.sh + sudo ./search-term.sh + sudo rm -f search-term.sh + EOF + destination = "~/search-term-apply.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod +x ~/search-term-apply.sh", + "~/search-term-apply.sh > search-term-apply.log", + "rm -f ~/search-term-apply.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-standby-configure.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-standby-configure.tf new file mode 100644 index 0000000..724ef55 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-standby-configure.tf @@ -0,0 +1,92 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_catalog_standby_configure" { + depends_on = ["null_resource.sdb_catalog_standby_cloud_init"] + count = "${var.database_edition == local.ee_xp ? var.num_of_shard_catalogs * (var.num_of_shard_groups - 1) : 0}" + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${data.oci_core_vnic.catalog_stby_db_node_vnic[count.index].public_ip_address}" + agent = false + timeout = "${var.ssh_timeout}" + } + + # copying + provisioner "file" { + content = <<-EOF + #! /bin/bash + export ORACLE_BASE="${var.oracle_base}" + export ORACLE_HOME="${local.db_home_path}" + export LD_LIBRARY_PATH=$ORACLE_HOME/lib + export PATH=$PATH:$ORACLE_HOME/bin + export TNS_ADMIN=$ORACLE_HOME/network/admin + EOF + destination = "${local.db_home_path}/shardcat.sh" + } + + # provisioner "file" { + # content = <<-EOF + # SPOOL ${var.oracle_base}/pdbguid.lst + # select guid from v$pdbs where name='${upper(data.oci_database_database.catalog_database[0].pdb_name)}'; + # SPOOL OFF + # exit + # EOF + # destination = "${local.db_home_path}/pdbguid-config.sql" + # } + + # provisioner "file" { + # content = <<-EOF + # #! /bin/bash + # source ${local.db_home_path}/shardcat.sh + # sqlplus / as sysdba @${local.db_home_path}/pdbguid-config.sql + # cd ${var.oracle_base} + # sed '4q;d' pdbguid.lst > pdbguid + # chmod 600 pdbguid + # echo "alter system set db_file_name_convert='*','/u02/app/oracle/oradata/${data.oci_database_database.catalog_database[count.index].db_unique_name}/${upper(data.oci_database_database.catalog_database[count.index].db_unique_name)}/$(head -n 1 pdbguid | tr -d '[:space:]')/datafile/' scope=spfile;" >> ${local.db_home_path}/convert-params.sql + # echo "alter system set log_file_name_convert='*','/u03/app/oracle/redo/${upper(data.oci_database_database.catalog_database[count.index].db_unique_name)}/onlinelog/' scope=spfile;" >> ${local.db_home_path}/convert-params.sql + # echo "exit" >> ${local.db_home_path}/convert-params.sql + # sqlplus / as sysdba @${local.db_home_path}/convert-params.sql + # EOF + # destination = "${local.db_home_path}/convertparams-pdbguid-interpolated.sh" + # } + + # provisioner "remote-exec" { + # inline = [ + # "chmod 700 ${local.db_home_path}/convertparams-pdbguid-interpolated.sh", + # "${local.db_home_path}/convertparams-pdbguid-interpolated.sh" + # ] + # } + + provisioner "file" { + content = <<-EOF + alter system set db_files=64000 scope=spfile; + shutdown immediate + startup + ALTER PLUGGABLE DATABASE ${var.pdb_name} OPEN READ ONLY; + exit + EOF + destination = "${local.db_home_path}/shard-standby-config.sql" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${local.db_home_path}/shardcat.sh + sqlplus / as sysdba @${local.db_home_path}/shard-standby-config.sql + sed 's/SQLNET.ENCRYPTION_TYPES_SERVER=(AES256,AES192,AES128)/SQLNET.ENCRYPTION_TYPES_SERVER=(AES256,AES192,AES128,RC4_256)/' $TNS_ADMIN/sqlnet.ora > $TNS_ADMIN/sqlnet-temp.ora + mv $TNS_ADMIN/sqlnet-temp.ora $TNS_ADMIN/sqlnet.ora + EOF + destination = "~/shard-standby-configure.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod +x ~/shard-standby-configure.sh", + "~/shard-standby-configure.sh > shard-standby-configure.log", + "rm -f ~/shard-standby-configure.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-standby-ee-configure.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-standby-ee-configure.tf new file mode 100644 index 0000000..58fba53 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-standby-ee-configure.tf @@ -0,0 +1,47 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_catalog_standby_ee_configure" { + depends_on = ["null_resource.sdb_catalog_standby_cloud_init"] + count = "${var.database_edition == local.ee ? var.num_of_shard_catalogs * (var.num_of_shard_groups - 1) : 0}" + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${data.oci_core_vnic.catalog_stby_db_node_vnic[count.index].public_ip_address}" + agent = false + timeout = "${var.ssh_timeout}" + } + + # copying + provisioner "file" { + content = <<-EOF + #! /bin/bash + export ORACLE_BASE="${var.oracle_base}" + export ORACLE_HOME="${local.db_home_path}" + export LD_LIBRARY_PATH=$ORACLE_HOME/lib + export PATH=$PATH:$ORACLE_HOME/bin + export TNS_ADMIN=$ORACLE_HOME/network/admin + EOF + destination = "${local.db_home_path}/shardcat.sh" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${local.db_home_path}/shardcat.sh + sed 's/SQLNET.ENCRYPTION_TYPES_SERVER=(AES256,AES192,AES128)/SQLNET.ENCRYPTION_TYPES_SERVER=(AES256,AES192,AES128,RC4_256)/' $TNS_ADMIN/sqlnet.ora > $TNS_ADMIN/sqlnet-temp.ora + mv $TNS_ADMIN/sqlnet-temp.ora $TNS_ADMIN/sqlnet.ora + EOF + destination = "~/shard-standby-configure.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod +x ~/shard-standby-configure.sh", + "~/shard-standby-configure.sh > shard-standby-configure.log", + "rm -f ~/shard-standby-configure.sh" + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-standby-tns-ingest.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-standby-tns-ingest.tf new file mode 100644 index 0000000..277594f --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-standby-tns-ingest.tf @@ -0,0 +1,44 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_catalog_standby_tns_ingest" { + depends_on = ["null_resource.sdb_shard_relay_tns_config", "null_resource.sdb_shard_director_aggregate_tns_config", "null_resource.sdb_shard_env_configure", "null_resource.sdb_shard_standby_configure", "null_resource.sdb_catalog_standby_configure", "null_resource.sdb_shard_director_install_main"] + count = "${var.num_of_shard_catalogs * (var.num_of_shard_groups - 1)}" + + triggers = { + shard_db_ids = "${join(",", oci_database_db_system.shard_db.*.id)}" + shard_stdby_db_ips = "${join(",", data.oci_core_vnic.shard_stby_db_node_vnic.*.public_ip_address)}" + shard_catalog_standby_ips = "${join(",", data.oci_core_vnic.catalog_stby_db_node_vnic.*.public_ip_address)}" + } + + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${data.oci_core_vnic.catalog_stby_db_node_vnic[count.index].public_ip_address}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${local.db_home_path}/shardcat.sh + cd ${var.oracle_base} + echo "${tls_private_key.public_private_key_pair.private_key_pem}" > ikey-ingest + chmod 600 ikey-ingest + scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i ikey-ingest oracle@${oci_core_instance.gsm_vm[0].public_ip}:${var.oracle_base}/mesh-tnsnames ${var.oracle_base}/ + cat mesh-tnsnames >> $TNS_ADMIN/tnsnames.ora + rm -f ikey-ingest + EOF + destination = "${var.oracle_base}/catalog_standby_tns_ingest.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${var.oracle_base}/catalog_standby_tns_ingest.sh", + "${var.oracle_base}/catalog_standby_tns_ingest.sh", + "rm -f ${var.oracle_base}/catalog_standby_tns_ingest.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-switchover.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-switchover.tf new file mode 100644 index 0000000..f8fa9cc --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-switchover.tf @@ -0,0 +1,61 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_catalog_switchover" { + depends_on = ["null_resource.sdb_add_shard_director"] + count = "${(var.num_of_shard_groups > 1) ? var.num_of_gsm : 0}" + + #creates ssh connection to gsm host + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${oci_core_instance.gsm_vm[count.index].public_ip}" + agent = false + timeout = "${var.ssh_timeout}" + } + + #mv $TNS_ADMIN/tnsnames.ora $TNS_ADMIN/tnsname-ora-backup-"${timestamp()}" + + provisioner "file" { + content = <<-EOF + #!/bin/bash + source ${var.oracle_base}/shard-director.sh + echo "${upper(join("", [var.sharded_database_name, var.gsm_name_prefix, count.index]))}_CATALOG = + (DESCRIPTION = + (ADDRESS_LIST= + (address = (protocol = tcp)(host = ${data.oci_core_vnic.catalog_db_node_vnic[0].public_ip_address})(port = ${oci_database_db_system.catalog_db[0].listener_port})) + (address = (protocol = tcp)(host = ${data.oci_core_vnic.catalog_stby_db_node_vnic[0].public_ip_address})(port = ${data.oci_database_db_systems.catalog_stdby_db_systems[0].db_systems.0.listener_port})) + ) + (CONNECT_DATA = + (SERVICE_NAME = GDS\$CATALOG.oradbcloud) + ) + ) + +${upper(join("", [var.sharded_database_name, var.gsm_name_prefix, count.index]))} = + (DESCRIPTION = + (ADDRESS = (HOST = ${oci_core_instance.gsm_vm[count.index].public_ip})(PORT = ${var.shard_director_port})(PROTOCOL = tcp)) + (CONNECT_DATA = + (SERVICE_NAME = GDS\$CATALOG.oradbcloud) + ) + )" >> $TNS_ADMIN/tnsnames.ora + EOF + destination = "${local.gsm_home_full_path}/enable-switchover-relocation-for-catalog.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.gsm_home_full_path}/enable-switchover-relocation-for-catalog.sh", + "${local.gsm_home_full_path}/enable-switchover-relocation-for-catalog.sh", + "rm -f ${local.gsm_home_full_path}/enable-switchover-relocation-for-catalog.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${local.gsm_home_full_path}/enable-switchover-relocation-for-catalog.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-tde-master-shard.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-tde-master-shard.tf new file mode 100644 index 0000000..9d6d0bd --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-tde-master-shard.tf @@ -0,0 +1,33 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_catalog_tde_master_shard" { + depends_on = ["null_resource.sdb_shard_catalog_tde", "null_resource.sdb_deploy_invoker"] + count = var.num_of_shards + + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${data.oci_core_vnic.catalog_db_node_vnic[0].public_ip_address}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + cd ${var.oracle_base} + scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i ikey ${var.oracle_base}/cat_pdb_tde.key ${var.oracle_base}/catkey oracle@${data.oci_core_vnic.shard_db_node_vnic[count.index].public_ip_address}:${var.oracle_base}/ + EOF + destination = "${local.db_home_path}/catalog-tde-master-shard-setup-${count.index}.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.db_home_path}/catalog-tde-master-shard-setup-${count.index}.sh", + "${local.db_home_path}/catalog-tde-master-shard-setup-${count.index}.sh", + "rm -f ${local.db_home_path}/catalog-tde-master-shard-setup-${count.index}.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-tde-master-standby-shard.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-tde-master-standby-shard.tf new file mode 100644 index 0000000..08be4bf --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-tde-master-standby-shard.tf @@ -0,0 +1,34 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_catalog_tde_master_standby_shard" { + depends_on = ["null_resource.sdb_shard_catalog_tde", "null_resource.sdb_deploy_invoker"] + count = "${var.num_of_shards * (var.num_of_shard_groups - 1)}" + + #creates ssh connection to gsm host + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${data.oci_core_vnic.catalog_db_node_vnic[0].public_ip_address}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + cd ${var.oracle_base} + scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i ikey ${var.oracle_base}/cat_pdb_tde.key ${var.oracle_base}/catkey oracle@${data.oci_core_vnic.shard_stby_db_node_vnic[count.index].public_ip_address}:${var.oracle_base}/ + EOF + destination = "${local.db_home_path}/catalog-tde-master-stdby-shard-setup-${count.index}.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.db_home_path}/catalog-tde-master-stdby-shard-setup-${count.index}.sh", + "${local.db_home_path}/catalog-tde-master-stdby-shard-setup-${count.index}.sh", + "rm -f ${local.db_home_path}/catalog-tde-master-stdby-shard-setup-${count.index}.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-tde.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-tde.tf new file mode 100644 index 0000000..9864bb0 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-tde.tf @@ -0,0 +1,87 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_catalog_tde" { + depends_on = ["null_resource.sdb_catalog_shard_chunks", "null_resource.sdb_deploy_invoker"] + count = var.num_of_shard_catalogs + + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${data.oci_core_vnic.catalog_db_node_vnic[count.index].public_ip_address}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + alter session set container=${data.oci_database_database.catalog_database[count.index].pdb_name}; + ADMINISTER KEY MANAGEMENT EXPORT ENCRYPTION KEYS WITH SECRET "sd${random_string.tde_encryption_key_export_passwd.result}" TO '${var.oracle_base}/cat_pdb_tde.key' FORCE KEYSTORE IDENTIFIED BY sd${random_string.sys_pass.result}; + SPOOL ${var.oracle_base}/catkey.lst + SELECT KEY_ID FROM V$ENCRYPTION_KEYS WHERE ACTIVATION_TIME =(SELECT MAX(ACTIVATION_TIME) FROM V$ENCRYPTION_KEYS WHERE ACTIVATING_DBID = (SELECT DBID FROM V$DATABASE)); + SPOOL OFF + exit + EOF + destination = "${local.db_home_path}/catalog-tde-config.sql" + } + + # copying + provisioner "file" { + content = <<-EOF + #! /bin/bash + cd ${var.oracle_base} + echo "${tls_private_key.public_private_key_pair.private_key_pem}" > ikey + chmod 600 ikey + sed '4q;d' catkey.lst > catkey + chmod 600 catkey + EOF + destination = "${local.db_home_path}/ikey.sh" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${local.db_home_path}/shardcat.sh + sqlplus / as sysdba @${local.db_home_path}/catalog-tde-config.sql + EOF + destination = "${local.db_home_path}/catalog-tde-setup.sh" + } + + #Catalog config + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.db_home_path}/catalog-tde-setup.sh", + "${local.db_home_path}/catalog-tde-setup.sh", + "chmod 700 ${local.db_home_path}/ikey.sh", + "${local.db_home_path}/ikey.sh", + "rm -f ${local.db_home_path}/catalog-tde-config.sql", + "rm -f ${local.db_home_path}/catalog-tde-setup.sh", + "rm -f ${local.db_home_path}/ikey.sh" + ] + } + + provisioner "file" { + when = "destroy" + content = <<-EOF + #! /bin/bash + rm -f ${local.db_home_path}/catalog-tde-config.sql + rm -f ${local.db_home_path}/catalog-tde-setup.sh + rm -f ${local.db_home_path}/ikey.sh + rm -f ${var.oracle_base}/ikey + rm -f ${var.oracle_base}/cat_pdb_tde.key + EOF + destination = "${local.db_home_path}/catalog-tde-config-teardown.sh" + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "chmod 700 ${local.db_home_path}/catalog-tde-config-teardown.sh", + "${local.db_home_path}/catalog-tde-config-teardown.sh", + "rm -f ${local.db_home_path}/catalog-tde-config-teardown.sh" + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-tns-ingest.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-tns-ingest.tf new file mode 100644 index 0000000..fd73559 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%catalog-tns-ingest.tf @@ -0,0 +1,44 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_catalog_tns_ingest" { + depends_on = ["null_resource.sdb_shard_relay_tns_config", "null_resource.sdb_shard_director_aggregate_tns_config", "null_resource.sdb_shard_env_configure", "null_resource.sdb_shard_standby_configure", "null_resource.sdb_catalog_standby_configure", "null_resource.sdb_shard_director_install_main"] + count = var.num_of_shard_catalogs + + triggers = { + shard_db_ids = "${join(",", oci_database_db_system.shard_db.*.id)}" + shard_stdby_db_ips = "${join(",", data.oci_core_vnic.shard_stby_db_node_vnic.*.public_ip_address)}" + shard_catalog_standby_ips = "${join(",", data.oci_core_vnic.catalog_stby_db_node_vnic.*.public_ip_address)}" + } + + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${data.oci_core_vnic.catalog_db_node_vnic[count.index].public_ip_address}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${local.db_home_path}/shardcat.sh + cd ${var.oracle_base} + echo "${tls_private_key.public_private_key_pair.private_key_pem}" > ikey-ingest + chmod 600 ikey-ingest + scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i ikey-ingest oracle@${oci_core_instance.gsm_vm[0].public_ip}:${var.oracle_base}/mesh-tnsnames ${var.oracle_base}/ + cat mesh-tnsnames >> $TNS_ADMIN/tnsnames.ora + rm -f ikey-ingest + EOF + destination = "${var.oracle_base}/catalog_tns_ingest.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${var.oracle_base}/catalog_tns_ingest.sh", + "${var.oracle_base}/catalog_tns_ingest.sh", + "rm -f ${var.oracle_base}/catalog_tns_ingest.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%common.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%common.tf new file mode 100644 index 0000000..c2abc9e --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%common.tf @@ -0,0 +1,6 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "tls_private_key" "public_private_key_pair" { + algorithm = "RSA" +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%demo-monitor.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%demo-monitor.tf new file mode 100644 index 0000000..7db66a7 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%demo-monitor.tf @@ -0,0 +1,48 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_demo_monitor" { + depends_on = ["null_resource.sdb_demo_setup"] + count = "${var.demo_setup == "false" ? 0 : local.sharding_methods[var.sharding_method] == local.system_sharding ? 1 : 0}" + + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${data.oci_core_vnic.catalog_db_node_vnic[0].public_ip_address}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + cd ${local.db_home_path}/${local.sdb_demo_dir} + source ${local.db_home_path}/shardcat.sh + chmod 700 ${local.db_home_path}/${local.sdb_demo_dir}/run.sh + cd ${local.db_home_path}/${local.sdb_demo_dir} + nohup ./run.sh monitor >> nohup-run-monitor.out 2>&1 & + sleep 6 + EOF + destination = "${local.db_home_path}/run-monitor.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.db_home_path}/run-monitor.sh", + "${local.db_home_path}/run-monitor.sh", + "echo The E-commerce sharding application demo has been successfully deployed." + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "kill $(ps aux | grep '[o]racle.monitor.Main' | awk '{print $2}')", + "rm -f ${local.db_home_path}/run-monitor.sh", + "rm -rf ${local.db_home_path}/__MACOSX" + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%demo-schema-datasources.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%demo-schema-datasources.tf new file mode 100644 index 0000000..d38913e --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%demo-schema-datasources.tf @@ -0,0 +1,14 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +data "template_file" "system_sharding_schema_setup_template" { + template = "${file("demo-schema-sql/system-sharding-schema-setup.template.ql")}" + + vars = { + oracle_home = "${local.db_home_path}" + cat_pdb_name = "${data.oci_database_database.catalog_database[0].pdb_name}" + catalog_host_name = "${data.oci_core_vnic.catalog_db_node_vnic[0].public_ip_address}" + catalog_domain_name = "${oci_database_db_system.catalog_db[0].domain}" + catalog_port = "${oci_database_db_system.catalog_db[0].listener_port}" + } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%deploy-invoker.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%deploy-invoker.tf new file mode 100644 index 0000000..3302c1d --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%deploy-invoker.tf @@ -0,0 +1,51 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_deploy_invoker" { + + depends_on = ["null_resource.sdb_add_shard", "null_resource.sdb_add_standby_shard", "null_resource.sdb_catalog_tns_ingest", "null_resource.sdb_catalog_standby_tns_ingest", "null_resource.sdb_shard_director_tns_ingest", "null_resource.sdb_shard_tns_ingest", "null_resource.sdb_shard_standby_tns_ingest"] + + triggers = { + shard_db_ids = "${join(",", oci_database_db_system.shard_db.*.id)}" + shard_stdby_db_ips = "${join(",", data.oci_core_vnic.shard_stby_db_node_vnic.*.public_ip_address)}" + shard_catalog_standby_ips = "${join(",", data.oci_core_vnic.catalog_stby_db_node_vnic.*.public_ip_address)}" + } + + #creates ssh connection to gsm host + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${oci_core_instance.gsm_vm[0].public_ip}" + agent = false + timeout = "${var.ssh_timeout}" + } + + # copying + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${var.oracle_base}/shard-director.sh + gdsctl deploy + echo "Oracle sharded database shards are now deployed." + EOF + destination = "${local.gsm_home_full_path}/sdb-deploy.sh" + } + + #shard deploy config setup + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.gsm_home_full_path}/sdb-deploy.sh", + "${local.gsm_home_full_path}/sdb-deploy.sh", + "rm -f ${local.gsm_home_full_path}/sdb-deploy.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${local.gsm_home_full_path}/sdb-deploy.sh" + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%dg-broker.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%dg-broker.tf new file mode 100644 index 0000000..8822abb --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%dg-broker.tf @@ -0,0 +1,60 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_dg_broker" { + depends_on = ["null_resource.sdb_shard_db_convert_params"] + count = "${(var.num_of_shard_groups > 1) ? var.num_of_shards : 0}" + + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${data.oci_core_vnic.shard_db_node_vnic[count.index].public_ip_address}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${local.db_home_path}/shard.sh + echo sd${random_string.sys_pass.result} | dgmgrl sys/ "DISABLE FAST_START FAILOVER" + EOF + destination = "${local.db_home_path}/shard-dg-fsfo-config-setup.sh" + } + + #rm -f ikey-fsfo + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${var.oracle_base}/shard-director.sh + cd ${local.gsm_home_full_path} + ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i ikey-fsfo oracle@${data.oci_core_vnic.shard_db_node_vnic[count.index].public_ip_address} ${local.db_home_path}/shard-dg-fsfo-config-setup.sh + EOF + destination = "${local.db_home_path}/shard-dg-fsfo-config-disable-${count.index}.sh" + } + + + #rm -f ikey-fsfo-sh + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${local.db_home_path}/shard.sh + cd ${local.db_home_path} + echo "${tls_private_key.public_private_key_pair.private_key_pem}" > ikey-fsfo-sh + chmod 600 ikey-fsfo-sh + scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i ikey-fsfo-sh shard-dg-fsfo-config-disable-${count.index}.sh oracle@${oci_core_instance.gsm_vm[0].public_ip}:${local.gsm_home_full_path}/ + EOF + destination = "${local.db_home_path}/shard_fsfo.sh" + } + + #"rm -f ${local.db_home_path}/shard_fsfo.sh" + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.db_home_path}/shard-dg-fsfo-config-setup.sh", + "chmod 700 ${local.db_home_path}/shard_fsfo.sh", + "${local.db_home_path}/shard_fsfo.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%gsm-compute.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%gsm-compute.tf new file mode 100644 index 0000000..45dc349 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%gsm-compute.tf @@ -0,0 +1,43 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "oci_core_instance" "gsm_vm" { + depends_on = ["tls_private_key.public_private_key_pair"] + count = var.num_of_gsm + compartment_id = var.compartment_ocid + display_name = join("", [var.sharded_database_name, var.gsm_name_prefix, count.index]) + availability_domain = data.oci_identity_availability_domains.ADs.availability_domains[count.index % local.num_of_ads].name + shape = var.compute_shape + + create_vnic_details { + subnet_id = var.create_new_network ? join("", oci_core_subnet.subnet.*.id) : var.subnet_id + display_name = "Primary-vnic" + assign_public_ip = var.assign_public_ip + hostname_label = join("", [var.sharded_database_name, var.gsm_name_prefix, count.index]) + } + + fault_domain = data.oci_identity_fault_domains.FDs[count.index % local.num_of_ads].fault_domains[floor(count.index / length(data.oci_identity_fault_domains.FDs[count.index % local.num_of_ads].fault_domains))].name + + source_details { + source_type = "image" + source_id = local.mp_listing_resource_id + } + + metadata = { + ssh_authorized_keys = join( + "\n", + [ + var.ssh_public_key, + tls_private_key.public_private_key_pair.public_key_openssh + ] + ) + } + + timeouts { + create = "60m" + } +} + +output "shard_directors_public_ip" { + value = [oci_core_instance.gsm_vm.*.public_ip] +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%network.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%network.tf new file mode 100644 index 0000000..e96896a --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%network.tf @@ -0,0 +1,62 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + + +resource "oci_core_vcn" "vcn" { + count = "${var.create_new_network ? 1 : 0}" + cidr_block = "${var.vcn_cidr_block}" + compartment_id = "${var.vcn_compartment_id}" + display_name = "${var.display_name} VCN" + dns_label = "${var.vcn_dns_label}" +} + +data "oci_core_vcn" "vcn" { + vcn_id = "${var.create_new_network ? join(",", oci_core_vcn.vcn.*.id) : var.vcn_id}" +} + +resource "oci_core_security_list" "security_list" { + count = "${var.create_new_network ? 1 : 0}" + compartment_id = "${var.vcn_compartment_id}" + vcn_id = "${oci_core_vcn.vcn.0.id}" + display_name = "${var.display_name} Allow ssh" + + ingress_security_rules { + protocol = "all" + source = "0.0.0.0/0" + stateless = false + } +} + +resource "oci_core_internet_gateway" "igw" { + count = "${! var.create_new_network || ! var.assign_public_ip ? 0 : 1}" + compartment_id = "${var.vcn_compartment_id}" + vcn_id = "${oci_core_vcn.vcn.0.id}" + display_name = "${var.display_name} Gateway" +} + +resource "oci_core_route_table" "route_table" { + count = "${! var.create_new_network || ! var.assign_public_ip ? 0 : 1}" + compartment_id = "${var.vcn_compartment_id}" + vcn_id = "${oci_core_vcn.vcn.0.id}" + display_name = "${var.display_name} Route Table" + + route_rules { + destination = "0.0.0.0/0" + network_entity_id = "${oci_core_internet_gateway.igw.0.id}" + } +} + +resource "oci_core_subnet" "subnet" { + count = "${var.create_new_network ? 1 : 0}" + vcn_id = "${oci_core_vcn.vcn.0.id}" + cidr_block = "${var.subnet_cidr_block}" + display_name = "${var.display_name} Subnet" + dns_label = "${var.subnet_dns_label}" + compartment_id = "${var.subnet_compartment_id}" + security_list_ids = ["${data.oci_core_vcn.vcn.default_security_list_id}", "${join(",", oci_core_security_list.security_list.*.id)}"] + route_table_id = "${join(",", oci_core_route_table.route_table.*.id)}" +} + +output "subnet_id" { + value = "${var.create_new_network ? join("", oci_core_subnet.subnet.*.id) : var.subnet_id}" +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%oci-marketplace-subscription.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%oci-marketplace-subscription.tf new file mode 100644 index 0000000..01d9659 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%oci-marketplace-subscription.tf @@ -0,0 +1,34 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +# Get Image Agreement +resource "oci_core_app_catalog_listing_resource_version_agreement" "mp_image_agreement" { + listing_id = "${local.mp_listing_id}" + listing_resource_version = "${local.mp_listing_resource_version}" +} + +# Accept Terms and Subscribe to the image, placing the image TC in a particular compartment (same as the instance) +resource "oci_core_app_catalog_subscription" "mp_image_subscription" { + compartment_id = "${var.compartment_ocid}" + eula_link = "${oci_core_app_catalog_listing_resource_version_agreement.mp_image_agreement.eula_link}" + listing_id = "${oci_core_app_catalog_listing_resource_version_agreement.mp_image_agreement.listing_id}" + listing_resource_version = "${oci_core_app_catalog_listing_resource_version_agreement.mp_image_agreement.listing_resource_version}" + oracle_terms_of_use_link = "${oci_core_app_catalog_listing_resource_version_agreement.mp_image_agreement.oracle_terms_of_use_link}" + signature = "${oci_core_app_catalog_listing_resource_version_agreement.mp_image_agreement.signature}" + time_retrieved = "${oci_core_app_catalog_listing_resource_version_agreement.mp_image_agreement.time_retrieved}" + + timeouts { + create = "20m" + } +} + +# Gets the partner image subscription +data "oci_core_app_catalog_subscriptions" "mp_image_subscription" { + compartment_id = "${var.compartment_ocid}" + listing_id = "${local.mp_listing_id}" + + filter { + name = "listing_resource_version" + values = ["${local.mp_listing_resource_version}"] + } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%optional-variables.auto.tfvars b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%optional-variables.auto.tfvars new file mode 100644 index 0000000..e0f30f2 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%optional-variables.auto.tfvars @@ -0,0 +1,44 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +# Optional OCI vars - User may choose to override these variable values + +# database_edition = "ENTERPRISE_EDITION" - Enable if Standby only mode is needed for DR purposes +database_edition = "ENTERPRISE_EDITION_EXTREME_PERFORMANCE" # - Enable if Active Standby mode is needed for both DR & for active read workloads +ssh_timeout = "10m" + +# Optional sharding specific vars - User may choose to override these variable values +opc_user = "opc" +os_user = "oracle" +base_install_dir = "/u01" +oracle_base = "/u01/app/oracle" +ora_inventory_location = "/u01/app/oraInventory" +unix_group_name = "oinstall" +sdb_admin_username = "mysdbadmin" + +global_services = { + "oltp_rw" = { + service_name = "oltp_rw_srvc" + role = "primary" + }, + "oltp_ro" = { + service_name = "oltp_ro_srvc" + role = "physical_standby" + } +} + +replication_protection_mode = "MAXPERFORMANCE" +protection_mode = "MAXIMUM_PERFORMANCE" +transport_type = "ASYNC" +delete_standby_db_home_on_delete = "true" + +gsm_name_prefix = "sd" +catalog_name_prefix = "sc" +standby_catalog_name_prefix = "cs" +shard_name_prefix = "sh" +standby_shard_name_prefix = "ss" +shardgroup_name_prefix = "shardgroup" +pdb_name = "sdbpdb" + +num_of_shard_catalogs_str = "1" +chunks = 120 \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%outputs.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%outputs.tf new file mode 100644 index 0000000..4872069 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%outputs.tf @@ -0,0 +1,4 @@ +output "connection_string" { + description = "The Sharded database connect string for application instances." + value = "(DESCRIPTION = (ADDRESS = (HOST = ${oci_core_instance.gsm_vm[0].public_ip})(PORT = ${var.shard_director_port})(PROTOCOL = tcp))(CONNECT_DATA = (SERVICE_NAME = GDS$CATALOG.oradbcloud)))" +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%provider.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%provider.tf new file mode 100644 index 0000000..04ffe0c --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%provider.tf @@ -0,0 +1,13 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +provider "oci" { + tenancy_ocid = var.tenancy_ocid + region = var.region + # user_ocid = var.user_ocid + # fingerprint = var.fingerprint + # private_key_path = var.private_key_path +} + +provider "random" { +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-catalog-cloud-init.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-catalog-cloud-init.tf new file mode 100644 index 0000000..a8adf62 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-catalog-cloud-init.tf @@ -0,0 +1,70 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_catalog_cloud_init" { + depends_on = ["oci_database_db_system.catalog_db"] + count = var.num_of_shard_catalogs + + connection { + type = "ssh" + user = "${var.opc_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${data.oci_core_vnic.catalog_db_node_vnic[count.index].public_ip_address}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + sudo usermod --password $(echo sd${random_string.sudo_pass.result} | openssl passwd -1 -stdin) ${var.os_user} + sudo cp ~/.ssh/authorized_keys /home/${var.os_user}/.ssh/authorized_keys + EOF + destination = "~/shard-catalog-cloud-sdb-init-starter.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod +x ~/shard-catalog-cloud-sdb-init-starter.sh", + "~/shard-catalog-cloud-sdb-init-starter.sh > shard-catalog-cloud-sdb-init-starter.log", + "rm -f ~/shard-catalog-cloud-sdb-init-starter.sh" + ] + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + echo "search ${oci_database_db_system.catalog_db[count.index].domain}" >> /etc/resolv.conf + cat /etc/resolv.conf + EOF + destination = "~/search-term.sh" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + cd ~ + sudo chown root.root search-term.sh + sudo chmod 4755 search-term.sh + sudo ./search-term.sh + sudo rm -f search-term.sh + EOF + destination = "~/search-term-apply.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod +x ~/search-term-apply.sh", + "~/search-term-apply.sh > search-term-apply.log", + "rm -f ~/search-term-apply.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ~/shard-catalog-cloud-sdb-init-starter.sh" + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-catalog-configure-datasources.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-catalog-configure-datasources.tf new file mode 100644 index 0000000..aa1d603 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-catalog-configure-datasources.tf @@ -0,0 +1,16 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +data "template_file" "shard_catalog_config_template" { + template = "${file("shard-catalog-config-sql/shard-catalog-config.template.ql")}" + + vars = { + oradata = "${local.oradata}" + gsmcatuser_pass = "sd${random_string.gsmcatuser_pass.result}" + sdb_admin_username = "${var.sdb_admin_username}" + sdb_admin_pass = "sd${random_string.sdb_admin_pass.result}" + total_num_of_shards = "${var.num_of_shards * var.num_of_shard_groups}" + catalog_host = "${data.oci_core_vnic.catalog_db_node_vnic[0].public_ip_address}" + catalog_port = "${oci_database_db_system.catalog_db[0].listener_port}" + } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-catalog-configure-main.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-catalog-configure-main.tf new file mode 100644 index 0000000..c2a811d --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-catalog-configure-main.tf @@ -0,0 +1,176 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_catalog_configure" { + depends_on = ["null_resource.sdb_shard_catalog_cloud_init"] + count = var.num_of_shard_catalogs + + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${data.oci_core_vnic.catalog_db_node_vnic[count.index].public_ip_address}" + agent = false + timeout = "${var.ssh_timeout}" + } + + # alter system set open_links=${var.num_of_shards * var.num_of_shard_groups} scope=spfile; + # alter system set open_links_per_instance=${var.num_of_shards * var.num_of_shard_groups} scope=spfile; + + provisioner "file" { + content = <<-EOF + alter system set open_links=255 scope=spfile; + alter system set open_links_per_instance=255 scope=spfile; + alter system set db_files=64000 scope=spfile; + shutdown immediate + startup + set echo on + set termout on + spool setup_grants_privs.lst + alter user gsmcatuser account unlock; + alter user gsmcatuser identified by sd${random_string.gsmcatuser_pass.result}; + spool off + alter system set local_listener='${oci_database_db_system.catalog_db[count.index].hostname}.${oci_database_db_system.catalog_db[count.index].domain}:${oci_database_db_system.catalog_db[count.index].listener_port}' scope=both; + alter system register reconnect; + exit + EOF + destination = "${local.db_home_path}/catalog-config.sql" + } + + # alter system set db_file_name_convert='*','/u02/app/oracle/oradata/' scope=spfile; + # alter system set log_file_name_convert='*','/u03/app/oracle/redo/' scope=spfile; + + provisioner "file" { + content = <<-EOF + SHUTDOWN IMMEDIATE + STARTUP MOUNT + ALTER DATABASE ARCHIVELOG; + ALTER DATABASE OPEN; + ARCHIVE LOG LIST; + alter database flashback on; + -- ALTER DATABASE FORCE LOGGING; + + alter user gsmuser account unlock; + alter user gsmuser identified by sd${random_string.gsmuser_pass.result}; + grant debug connect session to gsmuser; + + alter user GSMROOTUSER account unlock; + alter user GSMROOTUSER identified by sd${random_string.gsmrootuser_pass.result}; + grant sysdg, sysbackup, gsmrootuser_role to gsmrootuser; + + ALTER SYSTEM SET DG_BROKER_START=TRUE scope=both sid='*'; + + -- Create DATA_PUMP_DIR (for chunk migration) + create or replace directory data_pump_dir as '??/oradata'; + select DIRECTORY_PATH from dba_directories where DIRECTORY_NAME='DATA_PUMP_DIR'; + + -- PDB ops + alter session set container=${data.oci_database_database.catalog_database[count.index].pdb_name}; + grant sysdg, sysbackup, gsmuser_role to gsmuser; + grant read,write on directory DATA_PUMP_DIR to gsmadmin_internal; + grant read,write on directory DATA_PUMP_DIR to gsmuser; + + set serveroutput on + execute DBMS_GSM_FIX.validateShard + exit + EOF + destination = "${local.db_home_path}/catalog-db-config.sql" + } + + + # copying + provisioner "file" { + content = <<-EOF + #! /bin/bash + export ORACLE_SID="${join("", [var.sharded_database_name, var.catalog_name_prefix, count.index])}" + export ORACLE_BASE="${var.oracle_base}" + export ORACLE_HOME="${local.db_home_path}" + export LD_LIBRARY_PATH=$ORACLE_HOME/lib + export PATH=$PATH:$ORACLE_HOME/bin + export TNS_ADMIN=$ORACLE_HOME/network/admin + EOF + destination = "${local.db_home_path}/shardcat.sh" + } + + # provisioner "file" { + # content = <<-EOF + # SPOOL ${var.oracle_base}/pdbguid.lst + # select guid from v$pdbs where name='${upper(data.oci_database_database.catalog_database[count.index].pdb_name)}'; + # SPOOL OFF + # exit + # EOF + # destination = "${local.db_home_path}/pdbguid-config.sql" + # } + + # provisioner "file" { + # content = <<-EOF + # #! /bin/bash + # source ${local.db_home_path}/shardcat.sh + # sqlplus / as sysdba @${local.db_home_path}/pdbguid-config.sql + # cd ${var.oracle_base} + # sed '4q;d' pdbguid.lst > pdbguid + # chmod 600 pdbguid + # echo "alter system set db_file_name_convert='*','/u02/app/oracle/oradata/${data.oci_database_database.catalog_database[count.index].db_unique_name}/${upper(data.oci_database_database.catalog_database[count.index].db_unique_name)}/$(head -n 1 pdbguid | tr -d '[:space:]')/datafile/' scope=spfile;" >> ${local.db_home_path}/convert-params.sql + # echo "alter system set log_file_name_convert='*','/u03/app/oracle/redo/${upper(data.oci_database_database.catalog_database[count.index].db_unique_name)}/onlinelog/' scope=spfile;" >> ${local.db_home_path}/convert-params.sql + # echo "exit" >> ${local.db_home_path}/convert-params.sql + # sqlplus / as sysdba @${local.db_home_path}/convert-params.sql + # EOF + # destination = "${local.db_home_path}/convertparams-pdbguid-interpolated.sh" + # } + + # provisioner "remote-exec" { + # inline = [ + # "chmod 700 ${local.db_home_path}/convertparams-pdbguid-interpolated.sh", + # "${local.db_home_path}/convertparams-pdbguid-interpolated.sh" + # ] + # } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${local.db_home_path}/shardcat.sh + lsnrctl start + sqlplus / as sysdba @${local.db_home_path}/catalog-config.sql + sqlplus / as sysdba @${local.db_home_path}/catalog-db-config.sql + sed 's/SQLNET.ENCRYPTION_TYPES_SERVER=(AES256,AES192,AES128)/SQLNET.ENCRYPTION_TYPES_SERVER=(AES256,AES192,AES128,RC4_256)/' $TNS_ADMIN/sqlnet.ora > $TNS_ADMIN/sqlnet-temp.ora + mv $TNS_ADMIN/sqlnet-temp.ora $TNS_ADMIN/sqlnet.ora + EOF + destination = "${local.db_home_path}/catalog-config-setup.sh" + } + + #Catalog config + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.db_home_path}/catalog-config-setup.sh", + "${local.db_home_path}/catalog-config-setup.sh", + "rm -f ${local.db_home_path}/catalog-config.sql", + "rm -f ${local.db_home_path}/catalog-db-config.sql", + "rm -f ${local.db_home_path}/catalog-config-setup.sh" + ] + } + + + provisioner "file" { + when = "destroy" + content = <<-EOF + #! /bin/bash + source ${local.db_home_path}/shardcat.sh + lsnrctl stop + rm -f ${local.db_home_path}/catalog-config.sql + rm -f ${local.db_home_path}/catalog-db-config.sql + rm -f ${local.db_home_path}/catalog-config-setup.sh + EOF + destination = "${local.db_home_path}/catalog-config-teardown.sh" + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "chmod 700 ${local.db_home_path}/catalog-config-teardown.sh", + "${local.db_home_path}/catalog-config-teardown.sh", + "rm -f ${local.db_home_path}/catalog-config-teardown.sh" + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-data-move-consolidator-config.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-data-move-consolidator-config.tf new file mode 100644 index 0000000..95ad88b --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-data-move-consolidator-config.tf @@ -0,0 +1,53 @@ +resource "null_resource" "sdb_shard_data_move_consolidator_config" { + depends_on = ["null_resource.sdb_add_shard_group", "null_resource.sdb_shard_db_configure", "null_resource.sdb_shard_standby_configure", "null_resource.sdb_shard_standby_ee_configure"] + + # Add trigger for shards. + + triggers = { + shard_db_ids = "${join(",", oci_database_db_system.shard_db.*.id)}" + } + + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${oci_core_instance.gsm_vm[0].public_ip}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "remote-exec" { + inline = [ + "echo registering the sdb_shard_data_move_consolidator_config resource to create a destroy hook for data move of shards for scale-in user requests" + ] + } + + provisioner "file" { + when = "destroy" + content = <<-EOF + #! /bin/bash + rm -f ${local.gsm_home_full_path}/tfconfig-remove-shard-config-consolidated.sh + echo "#! /bin/bash" >> ${local.gsm_home_full_path}/tfconfig-remove-shard-config-consolidated.sh + echo "source ${var.oracle_base}/shard-director.sh" >> ${local.gsm_home_full_path}/tfconfig-remove-shard-config-consolidated.sh + echo "cd ${local.gsm_home_full_path}" >> ${local.gsm_home_full_path}/tfconfig-remove-shard-config-consolidated.sh + echo "gdsctl configure -timeout 604800 -save_config" >> ${local.gsm_home_full_path}/tfconfig-remove-shard-config-consolidated.sh + cat ${local.gsm_home_full_path}/tfconfig-remove-shard-config-for-${var.shard_name_prefix}{9999..0}.tfconfig >> ${local.gsm_home_full_path}/tfconfig-remove-shard-config-consolidated.sh 2>/dev/null + echo "rm -f tfconfig-remove-shard-config-for-${var.shard_name_prefix}*.tfconfig" >> ${local.gsm_home_full_path}/tfconfig-remove-shard-config-consolidated.sh + EOF + destination = "${local.gsm_home_full_path}/shard-data-move-consolidator-config.sh" + } + + #"cat ${local.gsm_home_full_path}/tfconfig-remove-shard-config-consolidated.sh", + + provisioner "remote-exec" { + when = "destroy" + inline = [ + "chmod 700 ${local.gsm_home_full_path}/shard-data-move-consolidator-config.sh", + "${local.gsm_home_full_path}/shard-data-move-consolidator-config.sh", + "rm -f ${local.gsm_home_full_path}/shard-data-move-consolidator-config.sh", + "chmod 700 ${local.gsm_home_full_path}/tfconfig-remove-shard-config-consolidated.sh", + "${local.gsm_home_full_path}/tfconfig-remove-shard-config-consolidated.sh", + "rm -f ${local.gsm_home_full_path}/tfconfig-remove-shard-config-consolidated.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-dataguard.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-dataguard.tf new file mode 100644 index 0000000..5d335dc --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-dataguard.tf @@ -0,0 +1,84 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "oci_database_data_guard_association" "shard_data_guard_association" { + depends_on = ["null_resource.sdb_shard_db_configure"] + count = "${var.num_of_shards * (var.num_of_shard_groups - 1)}" + + #Required + creation_type = "NewDbSystem" + database_admin_password = "sd${random_string.sys_pass.result}" + database_id = "${data.oci_database_databases.shard_primary_databases[count.index % var.num_of_shards].databases.0.id}" + protection_mode = "${var.protection_mode}" + transport_type = "${var.transport_type}" + + #required for NewDbSystem creation_type + display_name = join("", [var.sharded_database_name, var.standby_shard_name_prefix, count.index]) + subnet_id = var.create_new_network ? join("", oci_core_subnet.subnet.*.id) : var.subnet_id + availability_domain = "${data.oci_identity_availability_domains.ADs.availability_domains[(count.index + 1) % local.num_of_ads].name}" + hostname = join("", [var.sharded_database_name, var.standby_shard_name_prefix, count.index]) + delete_standby_db_home_on_delete = "${var.delete_standby_db_home_on_delete}" + +} + +data "oci_database_db_systems" "shard_stdby_db_systems" { + depends_on = ["oci_database_data_guard_association.shard_data_guard_association"] + count = "${var.num_of_shards * (var.num_of_shard_groups - 1)}" + #Required + compartment_id = "${var.compartment_ocid}" + #Optional + display_name = join("", [var.sharded_database_name, var.standby_shard_name_prefix, count.index]) +} + +data "oci_database_db_nodes" "shard_stby_db_nodes" { + depends_on = ["oci_database_data_guard_association.shard_data_guard_association"] + count = var.num_of_shards * (var.num_of_shard_groups - 1) + compartment_id = var.compartment_ocid + db_system_id = lookup(data.oci_database_db_systems.shard_stdby_db_systems[count.index].db_systems[0], "id") +} + +# Get DB node details +data "oci_database_db_node" "shard_stby_db_node_details" { + count = "${var.num_of_shards * (var.num_of_shard_groups - 1)}" + db_node_id = "${lookup(data.oci_database_db_nodes.shard_stby_db_nodes[count.index].db_nodes[0], "id")}" +} + +# Gets the OCID of the first (default) vNIC +data "oci_core_vnic" "shard_stby_db_node_vnic" { + count = "${var.num_of_shards * (var.num_of_shard_groups - 1)}" + vnic_id = "${data.oci_database_db_node.shard_stby_db_node_details[count.index].vnic_id}" +} + +output "shard_standby_public_ip" { + value = ["${data.oci_core_vnic.shard_stby_db_node_vnic.*.public_ip_address}"] +} + +data "oci_database_database" "stdby_shard_database" { + count = "${var.num_of_shards * (var.num_of_shard_groups - 1)}" + database_id = "${oci_database_data_guard_association.shard_data_guard_association[count.index].peer_database_id}" +} + +# output "stdby_shard_db_dataguard_association_id" { +# value = ["${oci_database_data_guard_association.shard_data_guard_association.*.id}"] +# } + +# output "stdby_shard_db_dataguard_association_peer_db_id" { +# value = ["${oci_database_data_guard_association.shard_data_guard_association.*.peer_database_id}"] +# } + +# output "stdby_shard_db_dataguard_association_db_id" { +# value = ["${oci_database_data_guard_association.shard_data_guard_association.*.database_id}"] +# } + +# output "stdby_shard_db_dataguard_association_peer_db_home_id" { +# value = ["${oci_database_data_guard_association.shard_data_guard_association.*.peer_db_home_id}"] +# } + +# output "stdby_shard_db_dataguard_association_peer_db_system_id" { +# value = ["${oci_database_data_guard_association.shard_data_guard_association.*.peer_db_system_id}"] +# } + +# output "stdby_shard_db_dataguard_association_peer_role" { +# value = ["${oci_database_data_guard_association.shard_data_guard_association.*.peer_role}"] +# } + diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-db-cloud-init.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-db-cloud-init.tf new file mode 100644 index 0000000..400cdc3 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-db-cloud-init.tf @@ -0,0 +1,71 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_cloud_init" { + depends_on = ["oci_database_db_system.shard_db"] + count = var.num_of_shards + + connection { + type = "ssh" + user = "${var.opc_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${data.oci_core_vnic.shard_db_node_vnic[count.index].public_ip_address}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + sudo usermod --password $(echo sd${random_string.sudo_pass.result} | openssl passwd -1 -stdin) ${var.os_user} + sudo cp ~/.ssh/authorized_keys /home/${var.os_user}/.ssh/authorized_keys + EOF + destination = "~/shard-cloud-sdb-init-starter.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod +x ~/shard-cloud-sdb-init-starter.sh", + "~/shard-cloud-sdb-init-starter.sh > shard-cloud-sdb-init-starter.log", + "rm -f ~/shard-cloud-sdb-init-starter.sh" + ] + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + echo "search ${oci_database_db_system.shard_db[count.index].domain}" >> /etc/resolv.conf + cat /etc/resolv.conf + EOF + destination = "~/search-term.sh" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + cd ~ + sudo chown root.root search-term.sh + sudo chmod 4755 search-term.sh + sudo ./search-term.sh + sudo rm -f search-term.sh + EOF + destination = "~/search-term-apply.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod +x ~/search-term-apply.sh", + "~/search-term-apply.sh > search-term-apply.log", + "rm -f ~/search-term-apply.sh" + ] + } + + + # destroying + # provisioner "remote-exec" { + # when = "destroy" + # inline = [ + # "rm -f ~/shard-cloud-sdb-init-starter.sh" + # ] + # } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-db-configure-main.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-db-configure-main.tf new file mode 100644 index 0000000..96ccca3 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-db-configure-main.tf @@ -0,0 +1,140 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_db_configure" { + depends_on = ["null_resource.sdb_shard_env_configure"] + count = var.num_of_shards + + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${data.oci_core_vnic.shard_db_node_vnic[count.index].public_ip_address}" + agent = false + timeout = "${var.ssh_timeout}" + } + + # provisioner "file" { + # content = <<-EOF + # SPOOL ${var.oracle_base}/pdbguid.lst + # select guid from v$pdbs where name='${upper(data.oci_database_database.shard_database[count.index].pdb_name)}'; + # SPOOL OFF + # exit + # EOF + # destination = "${local.db_home_path}/pdbguid-config.sql" + # } + + # provisioner "file" { + # content = <<-EOF + # #! /bin/bash + # source ${local.db_home_path}/shard.sh + # sqlplus / as sysdba @${local.db_home_path}/pdbguid-config.sql + # cd ${var.oracle_base} + # sed '4q;d' pdbguid.lst > pdbguid + # chmod 600 pdbguid + # echo "alter system set db_file_name_convert='*','/u02/app/oracle/oradata/${data.oci_database_database.shard_database[count.index].db_unique_name}/${upper(data.oci_database_database.shard_database[count.index].db_unique_name)}/$(head -n 1 pdbguid | tr -d '[:space:]')/datafile/' scope=spfile;" >> ${local.db_home_path}/convert-params.sql + # echo "alter system set log_file_name_convert='*','/u03/app/oracle/redo/${upper(data.oci_database_database.shard_database[count.index].db_unique_name)}/onlinelog/' scope=spfile;" >> ${local.db_home_path}/convert-params.sql + # echo "exit" >> ${local.db_home_path}/convert-params.sql + # sqlplus / as sysdba @${local.db_home_path}/convert-params.sql + # EOF + # destination = "${local.db_home_path}/convertparams-pdbguid-interpolated.sh" + # } + + # provisioner "remote-exec" { + # inline = [ + # "chmod 700 ${local.db_home_path}/convertparams-pdbguid-interpolated.sh", + # "${local.db_home_path}/convertparams-pdbguid-interpolated.sh" + # ] + # } + + + # alter system set db_file_name_convert='*','/u02/app/oracle/oradata/' scope=spfile; + # alter system set log_file_name_convert='*','/u03/app/oracle/redo/' scope=spfile; + + provisioner "file" { + content = <<-EOF + ALTER SYSTEM SET EVENT='10798 trace name context forever, level 7' SCOPE=spfile; + alter system set db_files=64000 scope=spfile; + SHUTDOWN IMMEDIATE + STARTUP MOUNT + ALTER DATABASE ARCHIVELOG; + ALTER DATABASE OPEN; + ARCHIVE LOG LIST; + alter database flashback on; + -- ALTER DATABASE FORCE LOGGING; + + alter user gsmuser account unlock; + alter user gsmuser identified by sd${random_string.gsmuser_pass.result}; + grant debug connect session to gsmuser; + + alter user GSMROOTUSER account unlock; + alter user GSMROOTUSER identified by sd${random_string.gsmrootuser_pass.result}; + grant sysdg, sysbackup, gsmrootuser_role to gsmrootuser; + + ALTER SYSTEM SET DG_BROKER_START=TRUE scope=both sid='*'; + + -- Create DATA_PUMP_DIR (for chunk migration) + create or replace directory data_pump_dir as '/u01/app/oracle/oradata'; + select DIRECTORY_PATH from dba_directories where DIRECTORY_NAME='DATA_PUMP_DIR'; + + -- PDB ops + alter session set container=${data.oci_database_database.shard_database[count.index].pdb_name}; + grant sysdg, sysbackup, gsmuser_role to gsmuser; + grant read,write on directory DATA_PUMP_DIR to gsmadmin_internal; + grant read,write on directory DATA_PUMP_DIR to gsmuser; + + set serveroutput on + execute DBMS_GSM_FIX.validateShard + alter system set events 'immediate trace name GWM_TRACE level 7'; + exit + EOF + destination = "${local.db_home_path}/shard-db-config.sql" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${local.db_home_path}/shard.sh + lsnrctl start + sqlplus / as sysdba @${local.db_home_path}/shard-db-config.sql + sed 's/SQLNET.ENCRYPTION_TYPES_SERVER=(AES256,AES192,AES128)/SQLNET.ENCRYPTION_TYPES_SERVER=(AES256,AES192,AES128,RC4_256)/' $TNS_ADMIN/sqlnet.ora > $TNS_ADMIN/sqlnet-temp.ora + mv $TNS_ADMIN/sqlnet-temp.ora $TNS_ADMIN/sqlnet.ora + EOF + destination = "${local.db_home_path}/shard-db-config-setup.sh" + } + + + + #Shard db config setup + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.db_home_path}/shard-db-config-setup.sh", + "${local.db_home_path}/shard-db-config-setup.sh", + "rm -f ${local.db_home_path}/shard-db-config.sql", + "rm -f ${local.db_home_path}/shard-db-config-setup.sh" + ] + } + + + # provisioner "file" { + # content = <<-EOF + # #! /bin/bash + # source ${local.db_home_path}/shard.sh + # lsnrctl stop + # rm -f ${local.db_home_path}/shard-db-config.sql + # rm -f ${local.db_home_path}/shard-db-config-setup.sh + # EOF + # destination = "${local.db_home_path}/shard-db-config-teardown.sh" + # } + + # # destroying + # provisioner "remote-exec" { + # when = "destroy" + # inline = [ + # "chmod 700 ${local.db_home_path}/shard-db-config-teardown.sh", + # "${local.db_home_path}/shard-db-config-teardown.sh", + # "rm -f ${local.db_home_path}/shard-db-config-teardown.sh" + # ] + # } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-db-convert-params.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-db-convert-params.tf new file mode 100644 index 0000000..8869b04 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-db-convert-params.tf @@ -0,0 +1,60 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_db_convert_params" { + depends_on = ["null_resource.sdb_shard_standby_cloud_init"] + count = "${(var.num_of_shard_groups > 1) ? var.num_of_shards : 0}" + + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${data.oci_core_vnic.shard_db_node_vnic[count.index].public_ip_address}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + SPOOL ${var.oracle_base}/pdbguid.lst + select guid from v$pdbs where name='${upper(data.oci_database_database.shard_database[count.index].pdb_name)}'; + SPOOL OFF + exit + EOF + destination = "${local.db_home_path}/pdbguid-config.sql" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${local.db_home_path}/shard.sh + sqlplus / as sysdba @${local.db_home_path}/pdbguid-config.sql + cd ${var.oracle_base} + sed '4q;d' pdbguid.lst > pdbguid + chmod 600 pdbguid + echo "alter system set db_file_name_convert='*','/u02/app/oracle/oradata/${data.oci_database_database.shard_database[count.index].db_unique_name}/${upper(data.oci_database_database.shard_database[count.index].db_unique_name)}/$(head -n 1 pdbguid | tr -d '[:space:]')/datafile/' scope=spfile;" >> ${local.db_home_path}/convert-params.sql + echo "alter system set log_file_name_convert='*','/u03/app/oracle/redo/${upper(data.oci_database_database.shard_database[count.index].db_unique_name)}/onlinelog/' scope=spfile;" >> ${local.db_home_path}/convert-params.sql + echo "shutdown immediate" >> ${local.db_home_path}/convert-params.sql + echo "startup" >> ${local.db_home_path}/convert-params.sql + echo "exit" >> ${local.db_home_path}/convert-params.sql + sqlplus / as sysdba @${local.db_home_path}/convert-params.sql + EOF + destination = "${local.db_home_path}/convertparams-pdbguid-interpolated.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.db_home_path}/convertparams-pdbguid-interpolated.sh", + "${local.db_home_path}/convertparams-pdbguid-interpolated.sh" + ] + } + # provisioner "remote-exec" { + # when = "destroy" + # inline = [ + # "chmod 700 ${local.db_home_path}/shard-dg-fsfo-config-setup.sh", + # "${local.db_home_path}/shard-dg-fsfo-config-setup.sh", + # "rm -f ${local.db_home_path}/shard-dg-fsfo-config-setup.sh" + # ] + # } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-db.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-db.tf new file mode 100644 index 0000000..17189ff --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-db.tf @@ -0,0 +1,83 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "oci_database_db_system" "shard_db" { + depends_on = ["tls_private_key.public_private_key_pair"] + count = "${var.num_of_shards}" + availability_domain = "${data.oci_identity_availability_domains.ADs.availability_domains[count.index % local.num_of_ads].name}" + compartment_id = "${var.compartment_ocid}" + database_edition = "${var.database_edition}" + + db_home { + database { + admin_password = "sd${random_string.sys_pass.result}" + db_name = join("", [var.sharded_database_name, var.shard_name_prefix, count.index]) + character_set = "AL32UTF8" + ncharacter_set = "AL16UTF16" + db_workload = "OLTP" + pdb_name = "${var.pdb_name}" + + db_backup_config { + auto_backup_enabled = false + } + } + db_version = "${var.db_version}.0" + display_name = join("", [var.sharded_database_name, var.shard_name_prefix, count.index]) + } + + db_system_options { + storage_management = "LVM" + } + disk_redundancy = "NORMAL" + shape = "${var.db_shape}" + subnet_id = var.create_new_network ? join("", oci_core_subnet.subnet.*.id) : var.subnet_id + ssh_public_keys = ["${tls_private_key.public_private_key_pair.public_key_openssh}", "${var.ssh_public_key}"] + display_name = join("", [var.sharded_database_name, var.shard_name_prefix, count.index]) + hostname = join("", [var.sharded_database_name, var.shard_name_prefix, count.index]) + data_storage_size_in_gb = "${var.data_storage_size_in_gb}" + license_model = var.license_type + node_count = 1 + fault_domains = ["${data.oci_identity_fault_domains.FDs[count.index % local.num_of_ads].fault_domains[floor(count.index / length(data.oci_identity_fault_domains.FDs[count.index % local.num_of_ads].fault_domains))].name}"] +} + +# output "shard_db_system_id" { +# value = ["${oci_database_db_system.shard_db.*.id}"] +# } + +data "oci_database_db_homes" "shard_primary_db_homes" { + count = "${var.num_of_shards}" + compartment_id = "${var.compartment_ocid}" + db_system_id = "${element(oci_database_db_system.shard_db.*.id, count.index)}" +} + +data "oci_database_databases" "shard_primary_databases" { + count = "${var.num_of_shards}" + compartment_id = "${var.compartment_ocid}" + db_home_id = "${data.oci_database_db_homes.shard_primary_db_homes[count.index].db_homes.0.id}" +} +data "oci_database_database" "shard_database" { + count = "${var.num_of_shards}" + database_id = "${data.oci_database_databases.shard_primary_databases[count.index].databases.0.id}" +} + +data "oci_database_db_nodes" "shard_db_nodes" { + count = "${var.num_of_shards}" + compartment_id = "${var.compartment_ocid}" + db_system_id = "${element(oci_database_db_system.shard_db.*.id, count.index)}" +} + +# Get DB node details +data "oci_database_db_node" "shard_db_node_details" { + count = "${var.num_of_shards}" + db_node_id = "${lookup(data.oci_database_db_nodes.shard_db_nodes[count.index].db_nodes[0], "id")}" +} + +# Gets the OCID of the first (default) vNIC +data "oci_core_vnic" "shard_db_node_vnic" { + count = "${var.num_of_shards}" + vnic_id = "${data.oci_database_db_node.shard_db_node_details[count.index].vnic_id}" +} + +output "shards_public_ip" { + value = ["${data.oci_core_vnic.shard_db_node_vnic.*.public_ip_address}"] +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-director-aggregate-tns-config.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-director-aggregate-tns-config.tf new file mode 100644 index 0000000..4b25217 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-director-aggregate-tns-config.tf @@ -0,0 +1,44 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_director_aggregate_tns_config" { + depends_on = ["null_resource.sdb_shard_relay_tns_config", "null_resource.sdb_shard_env_configure", "null_resource.sdb_shard_standby_configure", "null_resource.sdb_catalog_standby_configure", "null_resource.sdb_shard_director_install_main"] + + triggers = { + shard_db_ids = "${join(",", oci_database_db_system.shard_db.*.id)}" + shard_stdby_db_ips = "${join(",", data.oci_core_vnic.shard_stby_db_node_vnic.*.public_ip_address)}" + shard_catalog_standby_ips = "${join(",", data.oci_core_vnic.catalog_stby_db_node_vnic.*.public_ip_address)}" + } + + #creates ssh connection to gsm host + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${oci_core_instance.gsm_vm[0].public_ip}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${var.oracle_base}/shard-director.sh + cd ${var.oracle_base} + rm -f mesh-tnsnames + cat tns_sh*.tnscfg >> mesh-tnsnames + rm -f *.tnscfg + cp $TNS_ADMIN/tnsnames.ora $TNS_ADMIN/tnsnames-ora-bkup-"${timestamp()}" + cat mesh-tnsnames >> $TNS_ADMIN/tnsnames.ora + EOF + destination = "${var.oracle_base}/shard_director_aggregate_tns_config.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${var.oracle_base}/shard_director_aggregate_tns_config.sh", + "${var.oracle_base}/shard_director_aggregate_tns_config.sh", + "rm -f ${var.oracle_base}/shard_director_aggregate_tns_config.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-director-cloud-init.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-director-cloud-init.tf new file mode 100644 index 0000000..c6d31ab --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-director-cloud-init.tf @@ -0,0 +1,92 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_director_cloud_init" { + depends_on = ["oci_core_instance.gsm_vm"] + count = var.num_of_gsm + + connection { + type = "ssh" + user = "${var.opc_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${oci_core_instance.gsm_vm[count.index].public_ip}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + ${var.enable_http_proxy == "true" ? local.export_http_proxy_addr : "echo http proxy configuration is not enabled"} + ${var.enable_https_proxy == "true" ? local.export_https_proxy_addr : "echo https proxy configuration is not enabled"} + > /etc/yum/vars/ociregion + yum-config-manager --disable ol7_ksplice + yum-config-manager --disable ol7_oci_included + echo "assumeyes=1" >> /etc/yum.conf + + yum update + yum install compat-libcap1 + yum install libstdc++-devel + yum install ksh + yum install glibc-devel + + service firewalld stop + + mkdir -p ${var.base_install_dir} + EOF + destination = "~/shard-director-cloud-sdb-sw-init.sh" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + cd ~ + sudo chown root.root shard-director-cloud-sdb-sw-init.sh + sudo chmod 4755 shard-director-cloud-sdb-sw-init.sh + sudo ./shard-director-cloud-sdb-sw-init.sh + # Remove the s/w init script + sudo rm -f shard-director-cloud-sdb-sw-init.sh + + # Add install group and user + sudo /usr/sbin/groupadd ${var.unix_group_name} + sudo useradd -r -m -g ${var.unix_group_name} -G ${var.unix_group_name},opc,adm,wheel,systemd-journal ${var.os_user} + sudo usermod --password $(echo sd${random_string.sudo_pass.result} | openssl passwd -1 -stdin) ${var.os_user} + + # setup ssh for the install user + sudo mkdir -p /home/${var.os_user}/.ssh + sudo cp ~/.ssh/authorized_keys /home/${var.os_user}/.ssh/authorized_keys + sudo chown -R ${var.os_user}:${var.unix_group_name} /home/${var.os_user}/.ssh + sudo chmod u=rwx,go= /home/${var.os_user}/.ssh + + sudo chmod g+w -R ${var.base_install_dir} + sudo chown -R ${var.os_user} ${var.base_install_dir} + sudo mkdir -p ${var.oracle_base} + sudo cp ~/${var.gsm_zip_name}-${var.gsm_version}.zip ${var.oracle_base}/${var.gsm_zip_name}.zip + sudo chown -R ${var.os_user}:${var.unix_group_name} ${var.oracle_base} + + sudo mkdir -p ${var.ora_inventory_location} + sudo chown -R ${var.os_user}:${var.unix_group_name} ${var.ora_inventory_location} + sudo chmod -R 755 ${var.ora_inventory_location} + + EOF + destination = "~/shard-director-cloud-sdb-init-starter.sh" + } + + provisioner "remote-exec" { + inline = [ + "sleep 50", + "chmod +x ~/shard-director-cloud-sdb-init-starter.sh", + "~/shard-director-cloud-sdb-init-starter.sh > shard-director-cloud-sdb-init-starter.log", + "rm -f ~/shard-director-cloud-sdb-init-starter.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ~/shard-director-cloud-sdb-sw-init.sh", + "rm -f ~/shard-director-cloud-sdb-init-starter.sh" + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-director-configure-main.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-director-configure-main.tf new file mode 100644 index 0000000..b4575f6 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-director-configure-main.tf @@ -0,0 +1,45 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_director_configure" { + + depends_on = ["null_resource.sdb_shard_director_install_main", "null_resource.sdb_catalog_standby_configure", "null_resource.sdb_catalog_standby_ee_configure", "null_resource.sdb_shard_standby_configure", "null_resource.sdb_shard_standby_ee_configure", "null_resource.sdb_shard_catalog_configure", "null_resource.sdb_shard_db_configure"] + + #creates ssh connection to gsm host + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${oci_core_instance.gsm_vm[0].public_ip}" + agent = false + timeout = "${var.ssh_timeout}" + } + + # copying + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${var.oracle_base}/shard-director.sh + gdsctl create shardcatalog -autovncr OFF -database ${data.oci_core_vnic.catalog_db_node_vnic[0].public_ip_address}:${oci_database_db_system.catalog_db[0].listener_port}/${data.oci_database_database.catalog_database[0].pdb_name}.${oci_database_db_system.catalog_db[0].domain} -sharding ${local.sharding_methods[var.sharding_method]} -user gsmcatuser/sd${random_string.gsmcatuser_pass.result} -sdb ${var.sharded_database_name} -protectmode ${var.replication_protection_mode} -region ${replace(var.region, "-", "")} -chunks ${var.chunks} + EOF + destination = "${local.gsm_home_full_path}/shard-director-config-setup.sh" + } + + #shard director config setup + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.gsm_home_full_path}/shard-director-config-setup.sh", + "${local.gsm_home_full_path}/shard-director-config-setup.sh", + "rm -f ${local.gsm_home_full_path}/shard-director-config-setup.sh" + ] + } + + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${local.gsm_home_full_path}/shard-director-config-setup.sh" + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-director-install-datasources.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-director-install-datasources.tf new file mode 100644 index 0000000..8127e88 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-director-install-datasources.tf @@ -0,0 +1,37 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +data "template_file" "shard_director_env_template" { + template = "${file("shard-director-install-scripts/shard-director-env.template.sh")}" + + vars = { + gsm_home_path = "${local.gsm_home_full_path}" + oracle_base_path = "${var.oracle_base}" + } +} + +data "template_file" "shard_director_worker_template" { + template = "${file("shard-director-install-scripts/shard-director-worker.template.sh")}" + + vars = { + gsm_home_path = "${local.gsm_home_full_path}" + oracle_base_path = "${var.oracle_base}" + gsm_zip_name = "${var.gsm_zip_name}" + gsm_install_folder_name = "${local.gsm_install_folder_name}" + sudo_pass = "sd${random_string.sudo_pass.result}" + ora_inventory_location = "${var.ora_inventory_location}" + } +} + +data "template_file" "shard_director_rsp_template" { + template = "${file("shard-director-install-rsps/shard-director-rsp.template.rsp")}" + + vars = { + unix_group_name = "${var.unix_group_name}" + ora_inventory_location = "${var.ora_inventory_location}" + oracle_base_path = "${var.oracle_base}" + gsm_home_path = "${local.gsm_home_full_path}" + gsm_major_version = "${local.gsm_major_version}" + } +} + diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-director-install-main.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-director-install-main.tf new file mode 100644 index 0000000..6d2be5b --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-director-install-main.tf @@ -0,0 +1,92 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_director_install_main" { + depends_on = ["null_resource.sdb_shard_director_cloud_init"] + count = var.num_of_gsm + + #creates ssh connection to gsm host + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${oci_core_instance.gsm_vm[count.index].public_ip}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "remote-exec" { + inline = [ + "mkdir -p ${var.oracle_base}" + ] + } + + # copying + provisioner "file" { + content = "${data.template_file.shard_director_env_template.rendered}" + destination = "${var.oracle_base}/shard-director.sh" + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${var.oracle_base}/shard-director.sh" + ] + } + + # copying + provisioner "file" { + content = "${data.template_file.shard_director_worker_template.rendered}" + destination = "${var.oracle_base}/shard-director-worker.sh" + } + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${var.oracle_base}/shard-director-worker.sh" + ] + } + # copying + provisioner "file" { + content = "${data.template_file.shard_director_rsp_template.rendered}" + destination = "${var.oracle_base}/gsm_install.rsp" + } + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${var.oracle_base}/gsm_install.rsp" + ] + } + + #Creating + provisioner "remote-exec" { + inline = [ + "chmod 700 ${var.oracle_base}/shard-director-worker.sh", + "cd ${var.oracle_base}", + "./shard-director-worker.sh", + "rm -f ${var.oracle_base}/shard-director-worker.sh" + ] + } + + + #Destroying + # provisioner "remote-exec" { + # when = "destroy" + # inline = [ + # "mkdir -p ${var.oracle_base}/deinstall-gsm", + # "cd ${local.gsm_home_full_path}/deinstall", + # "./deinstall -tmpdir ${var.oracle_base} -silent -checkonly -o ${var.oracle_base}/deinstall-gsm/", + # "./deinstall -tmpdir ${var.oracle_base} -silent -paramfile ${var.oracle_base}/deinstall-gsm/deinstall_OraGSM${local.gsm_major_version}Home1.rsp", + # "cd ${var.oracle_base}", + # "rm -f ${var.oracle_base}/${var.gsm_zip_name}.zip", + # "rm -rf ${local.gsm_install_folder_name}", + # "rm -rf ${local.gsm_home_full_path}", + # "rm -rf ${var.oracle_base}/deinstall-gsm", + # "rm -rf ${var.ora_inventory_location}", + # "echo sd${random_string.sudo_pass.result} | sudo -S rm -rf /etc/oraInst.loc", + # "echo sd${random_string.sudo_pass.result} | sudo -S rm -rf /etc/oratab" + # ] + # } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-director-tns-ingest.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-director-tns-ingest.tf new file mode 100644 index 0000000..4cf0d2a --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-director-tns-ingest.tf @@ -0,0 +1,46 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_director_tns_ingest" { + depends_on = ["null_resource.sdb_shard_relay_tns_config", "null_resource.sdb_shard_director_aggregate_tns_config", "null_resource.sdb_shard_env_configure", "null_resource.sdb_shard_standby_configure", "null_resource.sdb_catalog_standby_configure", "null_resource.sdb_shard_director_install_main"] + + count = "${var.num_of_gsm}" + + triggers = { + shard_db_ids = "${join(",", oci_database_db_system.shard_db.*.id)}" + shard_stdby_db_ips = "${join(",", data.oci_core_vnic.shard_stby_db_node_vnic.*.public_ip_address)}" + shard_catalog_standby_ips = "${join(",", data.oci_core_vnic.catalog_stby_db_node_vnic.*.public_ip_address)}" + } + + #creates ssh connection to gsm host + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${oci_core_instance.gsm_vm[count.index].public_ip}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${var.oracle_base}/shard-director.sh + cd ${var.oracle_base} + echo "${tls_private_key.public_private_key_pair.private_key_pem}" > ikey-ingest + chmod 600 ikey-ingest + ${count.index == 0 ? "scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i ikey-ingest oracle@${oci_core_instance.gsm_vm[0].public_ip}:${var.oracle_base}/mesh-tnsnames ${var.oracle_base}/" : "Skipping TNS ingest for base shard director as it has been ingested already."} + cat mesh-tnsnames >> $TNS_ADMIN/tnsnames.ora + rm -f ikey-ingest + EOF + destination = "${var.oracle_base}/shard_director_tns_ingest.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${var.oracle_base}/shard_director_tns_ingest.sh", + "${var.oracle_base}/shard_director_tns_ingest.sh", + "rm -f ${var.oracle_base}/shard_director_tns_ingest.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-env-configure.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-env-configure.tf new file mode 100644 index 0000000..45579f8 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-env-configure.tf @@ -0,0 +1,32 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_env_configure" { + depends_on = ["null_resource.sdb_shard_cloud_init"] + count = var.num_of_shards + + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${data.oci_core_vnic.shard_db_node_vnic[count.index].public_ip_address}" + agent = false + timeout = "${var.ssh_timeout}" + } + + # copying + provisioner "file" { + + content = <<-EOF + #! /bin/bash + export ORACLE_SID="${join("", [var.sharded_database_name, var.shard_name_prefix, count.index])}" + export ORACLE_BASE="${var.oracle_base}" + export ORACLE_HOME="${local.db_home_path}" + export LD_LIBRARY_PATH=$ORACLE_HOME/lib + export PATH=$PATH:$ORACLE_HOME/bin + export TNS_ADMIN=$ORACLE_HOME/network/admin + EOF + destination = "${local.db_home_path}/shard.sh" + } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-relay-tns-config.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-relay-tns-config.tf new file mode 100644 index 0000000..7f69cde --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-relay-tns-config.tf @@ -0,0 +1,46 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_relay_tns_config" { + depends_on = ["null_resource.sdb_shard_director_configure", "null_resource.sdb_shard_env_configure", "null_resource.sdb_shard_standby_configure", "null_resource.sdb_catalog_standby_configure", "null_resource.sdb_shard_director_install_main"] + count = var.num_of_shards + + triggers = { + shard_db_ids = "${join(",", oci_database_db_system.shard_db.*.id)}" + shard_stdby_db_ips = "${join(",", data.oci_core_vnic.shard_stby_db_node_vnic.*.public_ip_address)}" + shard_catalog_standby_ips = "${join(",", data.oci_core_vnic.catalog_stby_db_node_vnic.*.public_ip_address)}" + } + + #creates ssh connection to gsm host + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${data.oci_core_vnic.shard_db_node_vnic[count.index].public_ip_address}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${local.db_home_path}/shard.sh + cp $TNS_ADMIN/tnsnames.ora $TNS_ADMIN/tnsnames-ora-bkup-"${timestamp()}" + cp $TNS_ADMIN/tnsnames.ora $ORACLE_HOME/tns_sh${count.index}.tnscfg + cd ${var.oracle_base} + echo "${tls_private_key.public_private_key_pair.private_key_pem}" > ikey-relay + chmod 600 ikey-relay + scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i ikey-relay $ORACLE_HOME/tns_sh${count.index}.tnscfg oracle@${oci_core_instance.gsm_vm[0].public_ip}:${var.oracle_base}/ + rm -f ikey-relay + EOF + destination = "${local.db_home_path}/shard_relay_tns_config.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.db_home_path}/shard_relay_tns_config.sh", + "${local.db_home_path}/shard_relay_tns_config.sh", + "rm -f ${local.db_home_path}/shard_relay_tns_config.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-standby-cloud-init.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-standby-cloud-init.tf new file mode 100644 index 0000000..0bbd8ec --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-standby-cloud-init.tf @@ -0,0 +1,63 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl +resource "null_resource" "sdb_shard_standby_cloud_init" { + depends_on = ["oci_database_data_guard_association.shard_data_guard_association"] + count = "${var.num_of_shards * (var.num_of_shard_groups - 1)}" + + connection { + type = "ssh" + user = "${var.opc_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${data.oci_core_vnic.shard_stby_db_node_vnic[count.index].public_ip_address}" + agent = false + timeout = "${var.ssh_timeout}" + } + + + provisioner "file" { + content = <<-EOF + #! /bin/bash + sudo usermod --password $(echo sd${random_string.sudo_pass.result} | openssl passwd -1 -stdin) ${var.os_user} + sudo cp ~/.ssh/authorized_keys /home/${var.os_user}/.ssh/authorized_keys + EOF + destination = "~/shard-standby-cloud-sdb-init-starter.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod +x ~/shard-standby-cloud-sdb-init-starter.sh", + "~/shard-standby-cloud-sdb-init-starter.sh > shard-standby-cloud-sdb-init-starter.log", + "rm -f ~/shard-standby-cloud-sdb-init-starter.sh" + ] + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + echo "search ${oci_database_db_system.shard_db[count.index].domain}" >> /etc/resolv.conf + cat /etc/resolv.conf + EOF + destination = "~/search-term.sh" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + cd ~ + sudo chown root.root search-term.sh + sudo chmod 4755 search-term.sh + sudo ./search-term.sh + sudo rm -f search-term.sh + EOF + destination = "~/search-term-apply.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod +x ~/search-term-apply.sh", + "~/search-term-apply.sh > search-term-apply.log", + "rm -f ~/search-term-apply.sh" + ] + } + +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-standby-configure.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-standby-configure.tf new file mode 100644 index 0000000..4bf0758 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-standby-configure.tf @@ -0,0 +1,96 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl +resource "null_resource" "sdb_shard_standby_configure" { + # depends_on = ["null_resource.sdb_shard_standby_cloud_init", "null_resource.sdb_dg_broker", "null_resource.sdb_shard_db_convert_params"] + depends_on = ["null_resource.sdb_dg_broker"] + count = "${var.database_edition == local.ee_xp ? var.num_of_shards * (var.num_of_shard_groups - 1) : 0}" + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${data.oci_core_vnic.shard_stby_db_node_vnic[count.index].public_ip_address}" + agent = false + timeout = "${var.ssh_timeout}" + } + + # copying + provisioner "file" { + content = <<-EOF + #! /bin/bash + export ORACLE_BASE="${var.oracle_base}" + export ORACLE_HOME="${local.db_home_path}" + export LD_LIBRARY_PATH=$ORACLE_HOME/lib + export PATH=$PATH:$ORACLE_HOME/bin + export TNS_ADMIN=$ORACLE_HOME/network/admin + EOF + destination = "${local.db_home_path}/shard.sh" + } + + provisioner "file" { + content = <<-EOF + SPOOL ${var.oracle_base}/pdbguid.lst + select guid from v$pdbs where name='${upper(data.oci_database_database.shard_database[count.index % var.num_of_shards].pdb_name)}'; + SPOOL OFF + exit + EOF + destination = "${local.db_home_path}/pdbguid-config.sql" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${local.db_home_path}/shard.sh + sqlplus / as sysdba @${local.db_home_path}/pdbguid-config.sql + cd ${var.oracle_base} + sed '4q;d' pdbguid.lst > pdbguid + chmod 600 pdbguid + echo "alter system set db_file_name_convert='*','/u02/app/oracle/oradata/${data.oci_database_database.stdby_shard_database[count.index].db_unique_name}/${upper(data.oci_database_database.stdby_shard_database[count.index].db_unique_name)}/$(head -n 1 pdbguid | tr -d '[:space:]')/datafile/' scope=spfile;" >> ${local.db_home_path}/convert-params.sql + echo "alter system set log_file_name_convert='*','/u03/app/oracle/redo/${upper(data.oci_database_database.stdby_shard_database[count.index].db_unique_name)}/onlinelog/' scope=spfile;" >> ${local.db_home_path}/convert-params.sql + echo "exit" >> ${local.db_home_path}/convert-params.sql + sqlplus / as sysdba @${local.db_home_path}/convert-params.sql + EOF + destination = "${local.db_home_path}/convertparams-pdbguid-interpolated.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.db_home_path}/convertparams-pdbguid-interpolated.sh", + "${local.db_home_path}/convertparams-pdbguid-interpolated.sh" + ] + } + + # alter system set log_file_name_convert='*','/u03/app/oracle/redo/' scope=spfile; + # alter system set db_file_name_convert='*','/u02/app/oracle/oradata/' scope=spfile; + provisioner "file" { + content = <<-EOF + ALTER SYSTEM SET EVENT='10798 trace name context forever, level 7' SCOPE=spfile; + alter system set db_files=64000 scope=spfile; + SHUTDOWN IMMEDIATE + STARTUP + ALTER PLUGGABLE DATABASE ${var.pdb_name} OPEN READ ONLY; + alter system set events 'immediate trace name GWM_TRACE level 7'; + exit + EOF + destination = "${local.db_home_path}/shard-standby-config.sql" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${local.db_home_path}/shard.sh + sqlplus / as sysdba @${local.db_home_path}/shard-standby-config.sql + sed 's/SQLNET.ENCRYPTION_TYPES_SERVER=(AES256,AES192,AES128)/SQLNET.ENCRYPTION_TYPES_SERVER=(AES256,AES192,AES128,RC4_256)/' $TNS_ADMIN/sqlnet.ora > $TNS_ADMIN/sqlnet-temp.ora + mv $TNS_ADMIN/sqlnet-temp.ora $TNS_ADMIN/sqlnet.ora + EOF + destination = "~/shard-standby-configure.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod +x ~/shard-standby-configure.sh", + "~/shard-standby-configure.sh > shard-standby-configure.log", + "rm -f ~/shard-standby-configure.sh" + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-standby-ee-configure.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-standby-ee-configure.tf new file mode 100644 index 0000000..7235394 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-standby-ee-configure.tf @@ -0,0 +1,59 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl +resource "null_resource" "sdb_shard_standby_ee_configure" { + depends_on = ["null_resource.sdb_shard_standby_configure"] + # depends_on = ["null_resource.sdb_shard_standby_cloud_init", "null_resource.sdb_dg_broker", "null_resource.sdb_shard_db_convert_params"] + count = "${var.database_edition == local.ee ? var.num_of_shards * (var.num_of_shard_groups - 1) : 0}" + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${data.oci_core_vnic.shard_stby_db_node_vnic[count.index].public_ip_address}" + agent = false + timeout = "${var.ssh_timeout}" + } + + # copying + provisioner "file" { + content = <<-EOF + #! /bin/bash + export ORACLE_BASE="${var.oracle_base}" + export ORACLE_HOME="${local.db_home_path}" + export LD_LIBRARY_PATH=$ORACLE_HOME/lib + export PATH=$PATH:$ORACLE_HOME/bin + export TNS_ADMIN=$ORACLE_HOME/network/admin + EOF + destination = "${local.db_home_path}/shard.sh" + } + + provisioner "file" { + content = <<-EOF + ALTER SYSTEM SET EVENT='10798 trace name context forever, level 7' SCOPE=spfile; + SHUTDOWN IMMEDIATE + STARTUP + alter system set events 'immediate trace name GWM_TRACE level 7'; + exit + EOF + destination = "${local.db_home_path}/shard-standby-config.sql" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${local.db_home_path}/shard.sh + sqlplus / as sysdba @${local.db_home_path}/shard-standby-config.sql + sed 's/SQLNET.ENCRYPTION_TYPES_SERVER=(AES256,AES192,AES128)/SQLNET.ENCRYPTION_TYPES_SERVER=(AES256,AES192,AES128,RC4_256)/' $TNS_ADMIN/sqlnet.ora > $TNS_ADMIN/sqlnet-temp.ora + mv $TNS_ADMIN/sqlnet-temp.ora $TNS_ADMIN/sqlnet.ora + EOF + destination = "~/shard-standby-configure.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod +x ~/shard-standby-configure.sh", + "~/shard-standby-configure.sh > shard-standby-configure.log", + "rm -f ~/shard-standby-configure.sh" + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-standby-tde.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-standby-tde.tf new file mode 100644 index 0000000..ba45eb9 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-standby-tde.tf @@ -0,0 +1,87 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_standby_tde" { + depends_on = ["null_resource.sdb_shard_tde", "null_resource.sdb_catalog_tde_master_shard", "null_resource.sdb_shard_catalog_tde", "null_resource.sdb_deploy_invoker"] + count = "${var.num_of_shards * (var.num_of_shard_groups - 1)}" + + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${data.oci_core_vnic.shard_stby_db_node_vnic[count.index].public_ip_address}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + administer key management set keystore close; + select KEY_ID from V$ENCRYPTION_KEYS; + alter session set container=${data.oci_database_database.shard_database[count.index % var.num_of_shards].pdb_name}; + SELECT KEY_ID FROM V$ENCRYPTION_KEYS WHERE ACTIVATION_TIME =(SELECT MAX(ACTIVATION_TIME) FROM V$ENCRYPTION_KEYS WHERE ACTIVATING_DBID = (SELECT DBID FROM V$DATABASE)); + exit + EOF + destination = "${local.db_home_path}/shard_standby_tde_wallet.sql" + } + + + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${local.db_home_path}/shard.sh + cd /opt/oracle/dcs/commonstore/wallets/tde/${data.oci_database_database.stdby_shard_database[count.index].db_unique_name} + echo "${tls_private_key.public_private_key_pair.private_key_pem}" > ikey + chmod 600 ikey + scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i ikey oracle@${data.oci_core_vnic.shard_db_node_vnic[count.index % var.num_of_shards].public_ip_address}:${var.oracle_base}/tde-wallet.zip /opt/oracle/dcs/commonstore/wallets/tde/${data.oci_database_database.stdby_shard_database[count.index].db_unique_name}/ + mv cwallet.sso cwallet-sso-backup-${timestamp()} + mv ewallet.p12 ewallet-p12-backup-${timestamp()} + unzip tde-wallet.zip + rm -f ikey + sqlplus / as sysdba @${local.db_home_path}/shard_standby_tde_wallet.sql + EOF + destination = "${local.db_home_path}/shard_standby_tde_wallet.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.db_home_path}/shard_standby_tde_wallet.sh", + "${local.db_home_path}/shard_standby_tde_wallet.sh", + "rm -f ${local.db_home_path}/shard_standby_tde_wallet.sql", + "rm -f ${local.db_home_path}/shard_standby_tde_wallet.sh", + "echo Oracle Sharded Database provisioning or update is now complete." + ] + } + + + # provisioner "file" { + # content = <<-EOF + # alter session set container=${data.oci_database_database.shard_database[count.index % var.num_of_shards].pdb_name}; + # ADMINISTER KEY MANAGEMENT IMPORT ENCRYPTION KEYS WITH SECRET sd${random_string.tde_encryption_key_export_passwd.result} FROM '${var.oracle_base}/cat_pdb_tde.key' FORCE KEYSTORE IDENTIFIED BY sd${random_string.sys_pass.result} WITH BACKUP; + # EOF + # destination = "${local.db_home_path}/shard-standby-tde-config.sql" + # } + + + # provisioner "file" { + # content = <<-EOF + # #! /bin/bash + # source ${local.db_home_path}/shard.sh + # cd ${var.oracle_base} + # echo "ADMINISTER KEY MANAGEMENT USE KEY '$(head -n 1 catkey | tr -d '[:space:]')' FORCE KEYSTORE IDENTIFIED BY sd${random_string.sys_pass.result} WITH BACKUP;" >> ${local.db_home_path}/shard-standby-tde-config.sql + # echo "SELECT KEY_ID FROM V\$ENCRYPTION_KEYS WHERE ACTIVATION_TIME =(SELECT MAX(ACTIVATION_TIME) FROM V\$ENCRYPTION_KEYS WHERE ACTIVATING_DBID = (SELECT DBID FROM V\$DATABASE));" >> ${local.db_home_path}/shard-standby-tde-config.sql + # echo "exit" >> ${local.db_home_path}/shard-standby-tde-config.sql + # sqlplus / as sysdba @${local.db_home_path}/shard-standby-tde-config.sql + # EOF + # destination = "${local.db_home_path}/shard-standby-tde-setup.sh" + # } + + # provisioner "remote-exec" { + # inline = [ + # "chmod 700 ${local.db_home_path}/shard-standby-tde-setup.sh", + # "${local.db_home_path}/shard-standby-tde-setup.sh", + # "rm -f ${local.db_home_path}/shard-standby-tde-config.sql", + # "rm -f ${local.db_home_path}/shard-standby-tde-setup.sh" + # ] + # } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-standby-tns-ingest.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-standby-tns-ingest.tf new file mode 100644 index 0000000..077e253 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-standby-tns-ingest.tf @@ -0,0 +1,44 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_standby_tns_ingest" { + depends_on = ["null_resource.sdb_shard_relay_tns_config", "null_resource.sdb_shard_director_aggregate_tns_config", "null_resource.sdb_shard_env_configure", "null_resource.sdb_shard_standby_configure", "null_resource.sdb_catalog_standby_configure", "null_resource.sdb_shard_director_install_main"] + count = "${var.num_of_shards * (var.num_of_shard_groups - 1)}" + + triggers = { + shard_db_ids = "${join(",", oci_database_db_system.shard_db.*.id)}" + shard_stdby_db_ips = "${join(",", data.oci_core_vnic.shard_stby_db_node_vnic.*.public_ip_address)}" + shard_catalog_standby_ips = "${join(",", data.oci_core_vnic.catalog_stby_db_node_vnic.*.public_ip_address)}" + } + + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${data.oci_core_vnic.shard_stby_db_node_vnic[count.index].public_ip_address}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${local.db_home_path}/shard.sh + cd ${var.oracle_base} + echo "${tls_private_key.public_private_key_pair.private_key_pem}" > ikey-ingest + chmod 600 ikey-ingest + scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i ikey-ingest oracle@${oci_core_instance.gsm_vm[0].public_ip}:${var.oracle_base}/mesh-tnsnames ${var.oracle_base}/ + cat mesh-tnsnames >> $TNS_ADMIN/tnsnames.ora + rm -f ikey-ingest + EOF + destination = "${var.oracle_base}/shard_standby_tns_ingest.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${var.oracle_base}/shard_standby_tns_ingest.sh", + "${var.oracle_base}/shard_standby_tns_ingest.sh", + "rm -f ${var.oracle_base}/shard_standby_tns_ingest.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-tde.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-tde.tf new file mode 100644 index 0000000..6498797 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-tde.tf @@ -0,0 +1,76 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_tde" { + depends_on = ["null_resource.sdb_catalog_tde_master_shard", "null_resource.sdb_shard_catalog_tde", "null_resource.sdb_deploy_invoker"] + count = var.num_of_shards + + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${data.oci_core_vnic.shard_db_node_vnic[count.index].public_ip_address}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + alter session set container=${data.oci_database_database.shard_database[count.index].pdb_name}; + ADMINISTER KEY MANAGEMENT IMPORT ENCRYPTION KEYS WITH SECRET sd${random_string.tde_encryption_key_export_passwd.result} FROM '${var.oracle_base}/cat_pdb_tde.key' FORCE KEYSTORE IDENTIFIED BY sd${random_string.sys_pass.result} WITH BACKUP; + EOF + destination = "${local.db_home_path}/shard-tde-config.sql" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${local.db_home_path}/shard.sh + cd ${var.oracle_base} + echo "ADMINISTER KEY MANAGEMENT USE KEY '$(head -n 1 catkey | tr -d '[:space:]')' FORCE KEYSTORE IDENTIFIED BY sd${random_string.sys_pass.result} WITH BACKUP;" >> ${local.db_home_path}/shard-tde-config.sql + echo "SELECT KEY_ID FROM V\$ENCRYPTION_KEYS WHERE ACTIVATION_TIME =(SELECT MAX(ACTIVATION_TIME) FROM V\$ENCRYPTION_KEYS WHERE ACTIVATING_DBID = (SELECT DBID FROM V\$DATABASE));" >> ${local.db_home_path}/shard-tde-config.sql + echo "exit" >> ${local.db_home_path}/shard-tde-config.sql + sqlplus / as sysdba @${local.db_home_path}/shard-tde-config.sql + EOF + destination = "${local.db_home_path}/shard-tde-setup.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.db_home_path}/shard-tde-setup.sh", + "${local.db_home_path}/shard-tde-setup.sh", + "rm -f ${local.db_home_path}/shard-tde-config.sql", + "rm -f ${local.db_home_path}/shard-tde-setup.sh" + ] + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${local.db_home_path}/shard.sh + cd /opt/oracle/dcs/commonstore/wallets/tde/${data.oci_database_database.shard_database[count.index].db_unique_name} + zip tde-wallet.zip ewallet.p12 cwallet.sso + mv tde-wallet.zip $ORACLE_BASE/ + EOF + destination = "${local.db_home_path}/prep-tde-wallet.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.db_home_path}/prep-tde-wallet.sh", + "${local.db_home_path}/prep-tde-wallet.sh", + "rm -f ${local.db_home_path}/prep-tde-wallet.sh", + "echo Oracle Sharded Database provisioning or update is now complete." + ] + } + + # # destroying + # provisioner "remote-exec" { + # when = "destroy" + # inline = [ + # "[ -e ${local.db_home_path}/shard-dg-fsfo-config-setup.sh ] && chmod 700 ${local.db_home_path}/shard-dg-fsfo-config-setup.sh || echo no-op", + # "[ -e ${local.db_home_path}/shard-dg-fsfo-config-setup.sh ] && ${local.db_home_path}/shard-dg-fsfo-config-setup.sh || echo no-op", + # "[ -e ${local.db_home_path}/shard-dg-fsfo-config-setup.sh ] && rm -f ${local.db_home_path}/shard-dg-fsfo-config-setup.sh || echo Primary only setup. Hence fsfo cannot be disabled." + # ] + # } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-tns-ingest.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-tns-ingest.tf new file mode 100644 index 0000000..a92956f --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%shard-tns-ingest.tf @@ -0,0 +1,44 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_tns_ingest" { + depends_on = ["null_resource.sdb_shard_relay_tns_config", "null_resource.sdb_shard_director_aggregate_tns_config", "null_resource.sdb_shard_env_configure", "null_resource.sdb_shard_standby_configure", "null_resource.sdb_catalog_standby_configure", "null_resource.sdb_shard_director_install_main"] + count = var.num_of_shards + + triggers = { + shard_db_ids = "${join(",", oci_database_db_system.shard_db.*.id)}" + shard_stdby_db_ips = "${join(",", data.oci_core_vnic.shard_stby_db_node_vnic.*.public_ip_address)}" + shard_catalog_standby_ips = "${join(",", data.oci_core_vnic.catalog_stby_db_node_vnic.*.public_ip_address)}" + } + + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${tls_private_key.public_private_key_pair.private_key_pem}" + host = "${data.oci_core_vnic.shard_db_node_vnic[count.index].public_ip_address}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${local.db_home_path}/shard.sh + cd ${var.oracle_base} + echo "${tls_private_key.public_private_key_pair.private_key_pem}" > ikey-ingest + chmod 600 ikey-ingest + scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i ikey-ingest oracle@${oci_core_instance.gsm_vm[0].public_ip}:${var.oracle_base}/mesh-tnsnames ${var.oracle_base}/ + cat mesh-tnsnames >> $TNS_ADMIN/tnsnames.ora + rm -f ikey-ingest + EOF + destination = "${var.oracle_base}/shard_tns_ingest.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${var.oracle_base}/shard_tns_ingest.sh", + "${var.oracle_base}/shard_tns_ingest.sh", + "rm -f ${var.oracle_base}/shard_tns_ingest.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%variables.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%variables.tf new file mode 100644 index 0000000..08ff7ae --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%variables.tf @@ -0,0 +1,346 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +locals { + export_http_proxy_addr = "export http_proxy=${var.http_proxy_address}" + + export_https_proxy_addr = "export https_proxy=${var.https_proxy_address}" + + sdb_demo_dir = "sdb_demo_app" + + system_sharding = "system" + + user_defined_sharding = "user" + + composite_sharding = "composite" + + gsmhome_postfix = "gsmhome_1" + + gsm_home_full_path = "${var.oracle_base}/product/${var.gsm_version}/${local.gsmhome_postfix}" + + gsm_relative_path_from_base = "product/${var.gsm_version}/${local.gsmhome_postfix}" + + gsm_installer_location = "${var.oracle_base}" + + gsm_install_folder_name = "gsm" + + gsm_major_version = "${element(split(".", var.gsm_version), 0)}" + + gsm_zip_name = "gsm" + + oradata = "${var.oracle_base}/oradata" + + cat_pdb_name = "${data.oci_database_database.catalog_database[0].pdb_name}" + + #total_shards = "${var.num_of_shards} + ${length(var.standby_shards)}" + + catalog_host = "${data.oci_core_vnic.catalog_db_node_vnic[0].public_ip_address}" + + catalog_port = "${oci_database_db_system.catalog_db[0].listener_port}" + + #shard_catalog_regions = "${join(", ", var.gds_regions)}" + + shard_catalog_pdb_fqdn = "${data.oci_database_database.catalog_database[0].pdb_name}.${oci_database_db_system.catalog_db[0].domain}" + + db_home_path = "/u01/app/oracle/product/${var.db_version}/dbhome_1" + + shard_standby_config_sql = "sqlplus / as sysdba @${local.db_home_path}/shard-standby-config.sql" + + active_standby_mode = "active_standby" + + ee_xp = "ENTERPRISE_EDITION_EXTREME_PERFORMANCE" + + ee = "ENTERPRISE_EDITION" + + ee_hp = "ENTERPRISE_EDITION_HIGH_PERFORMANCE" + + num_of_ads = length(data.oci_identity_availability_domains.ADs.availability_domains) + + mp_listing_id = "ocid1.appcataloglisting.oc1..aaaaaaaarcfzjqmzha56sse6ctb7uryquew6vzjdrdxklcvigh6perp5dtlq" + + mp_listing_resource_id = "ocid1.image.oc1..aaaaaaaas56soyh5sfrau5o6vihmlrlccjh7qrep6sxsgehfx5no245nyjia" + + mp_listing_resource_version = "1.0-042220200455" + + sharding_methods = { + system-managed = "system" + user-defined = "user-defined" + composite = "composite" + } + +} + +variable "ssh_public_key" { + description = "public key for securely logging into sharded database machines after deployment" +} + +variable "ssh_timeout" { + description = "ssh timeout" + default = "3m" +} + +variable "os_user" { + description = "os user name" +} + +variable "opc_user" { + description = "Oracle public cloud user" +} + +variable "shard_directors" { + description = "Map of user-friendly name of a shard director to the shard director config information" + type = map + default = {} +} + +variable "oracle_base" { + description = "Oracle Base" +} + +variable "gsm_version" { + default = "19.3.0" +} + +variable "db_version" { + default = "19.0.0" +} + +variable "gsm_zip_name" { + description = "The name of the gsm binary zip file (excluding zip extension)" + default = "gsm" +} + +variable "ora_inventory_location" { + description = "The full path to the ora inventory location" +} + +variable "unix_group_name" { + description = "Unix group to be set for the inventory directory" +} + +variable "shards" { + description = "Map of user-friendly name of a shard to the shard config information" + type = map + default = {} +} + +variable "shard_catalogs" { + description = "Map of user-friendly name of a shard catalog to the shard catalog config information" + type = map + default = {} +} + +variable "num_of_shard_catalogs" { + description = "Number of shard catalog databases. The total number of Shard catalog databases is determined by the value of replication factor chosen." + type = number + default = 1 +} + +variable "shard_catalog_standbys" { + description = "Map of user-friendly name of a shard catalog standby to the shard catalog standby config information" + type = map + default = {} +} + +variable "sdb_admin_username" { + description = "username of the sharded database administrator" +} + +variable "shard_groups" { + description = "Map of user-friendly name of shard_groups including primary and standby shardgroups" + type = map + default = {} +} + +variable "global_services" { + description = "Map of user-friendly name of a global service to the global service config information" + type = map +} + +variable "standby_shards" { + description = "Map of user-friendly name of a standby shard to the standby shard config information" + type = map + default = {} +} + +variable "enable_http_proxy" { + description = "enable HTTP proxy or not" + default = "false" +} + +variable "enable_https_proxy" { + description = "enable HTTPS proxy or not" + default = "false" +} + +variable "http_proxy_address" { + description = "HTTP proxy address" + default = "localhost:80" +} + +variable "https_proxy_address" { + description = "HTTPS proxy address" + default = "localhost:80" +} + +variable "base_install_dir" { + description = "base install directory like /u01" + default = "/scratch" +} + +variable "tenancy_ocid" { +} + +variable "region" { +} + +variable "compartment_ocid" { +} + +# variable "compute_image_source_ocid" { +# description = "Represents latest Oracle Linux image OCID" +# } + +variable "database_edition" { + default = "ENTERPRISE_EDITION" +} + +variable "assign_public_ip" { + default = true +} + +variable "db_shape" {} + +variable "catalog_db_shape" {} + + +variable "compute_shape" {} + +variable "sdb_demo_binary_file_path" { + default = "/tmp/sdb_demo_app.zip" +} + +variable "num_of_shards" {} + +# variable "gds_regions" { +# type = list(string) +# } + +variable "demo_setup" { + description = "A demo inventory application with sample sharded data is setup on the sharded database if selected. The demo will only be setup if the sharding method selected above is system." + default = "false" +} + +variable "sharding_method" { + description = "Type of sharding" + default = "system" +} + +variable "replication_type" { + default = "DG" +} + +variable "replication_protection_mode" { + default = "MAXPERFORMANCE" +} + +variable "replication_factor" { + default = 1 +} + +variable "protection_mode" { + default = "MAXIMUM_PERFORMANCE" +} + +variable "transport_type" { + default = "ASYNC" +} + +variable "delete_standby_db_home_on_delete" { + default = "true" +} + +variable "catalog_name_prefix" { +} + +variable "standby_catalog_name_prefix" { +} + +variable "shard_name_prefix" { +} + +variable "standby_shard_name_prefix" { +} + +variable "pdb_name" { + default = "sdbpdb" +} + +variable "data_storage_size_in_gb" {} + +variable "catalog_data_storage_size_in_gb" {} + +variable "gsm_name_prefix" {} + +variable "num_of_gsm" {} + +variable "shard_director_port" { + default = "1522" +} + + +variable "sharded_database_name" { + description = "A unique name for the sharded database in your regional subnet" +} + +variable "vcn_compartment_id" { +} +variable "subnet_compartment_id" { +} + +variable "display_name" { + default = "Oracle sharded database" +} +variable "vcn_cidr_block" { + default = "10.2.0.0/16" +} +variable "subnet_cidr_block" { + default = "10.2.1.0/24" +} + +variable "vcn_dns_label" { + default = "vcn" +} +variable "subnet_dns_label" { + default = "subnet" +} + +// Use existing network +variable "create_new_network" { + default = true +} + +variable "vcn_id" { + default = "" +} + +variable "subnet_id" { + default = "" +} + +variable "num_of_shard_groups" {} + +variable "shardgroup_name_prefix" {} + +variable "num_of_shard_catalogs_str" { + default = "1" +} +variable "license_type" { + default = "LICENSE_INCLUDED" +} + +variable "chunks" { + description = "Number of chunks per shard" + type = number + default = 120 +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%versions.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%versions.tf new file mode 100644 index 0000000..415aad6 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%versions.tf @@ -0,0 +1,9 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl +terraform { + required_version = "= 0.12.29" + + required_providers { + # random = ">= 2.2.0" + } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%wallet.tf b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%wallet.tf new file mode 100644 index 0000000..71d6382 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%database-sharding-on-oci-marketplace%terraform-stack-v1.0%wallet.tf @@ -0,0 +1,91 @@ +# Copyright 2020 Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "random_string" "sudo_pass" { + length = 18 + min_upper = 2 + min_lower = 1 + min_numeric = 3 + min_special = 3 + override_special = "_" +} + +resource "random_string" "sys_pass" { + length = 17 + min_upper = 2 + min_lower = 1 + min_numeric = 3 + min_special = 2 + override_special = "_" +} + +resource "random_string" "sdb_admin_pass" { + length = 22 + min_upper = 2 + min_lower = 1 + min_numeric = 4 + min_special = 2 + override_special = "_" +} + +resource "random_string" "gsmcatuser_pass" { + length = 22 + min_upper = 2 + min_lower = 1 + min_numeric = 4 + min_special = 2 + override_special = "_" +} + +resource "random_string" "gsmuser_pass" { + length = 11 + min_upper = 2 + min_lower = 1 + min_numeric = 4 + min_special = 2 + override_special = "_" +} + +resource "random_string" "gsmrootuser_pass" { + length = 18 + min_upper = 2 + min_lower = 1 + min_numeric = 4 + min_special = 2 + override_special = "_" +} + +resource "random_string" "tde_encryption_key_export_passwd" { + length = 6 + special = false + number = false +} + +output "sys_user_password" { + description = "The sys password for logging in to the shard databases and catalogs databases." + value = "sd${random_string.sys_pass.result}" + sensitive = true +} + +# output "sdb_admin_pass" { +# description = "The sharded database administration password." +# value = "sd${random_string.sdb_admin_pass.result}" +# } + +output "gsm_catalog_user_password" { + description = "The GSM catalog user password." + value = "sd${random_string.gsmcatuser_pass.result}" + sensitive = true +} + +output "gsm_user_password" { + description = "The GSM user password." + value = "sd${random_string.gsmuser_pass.result}" + sensitive = true +} + +output "gsm_root_user_password" { + description = "The GSM root user password." + value = "sd${random_string.gsmrootuser_pass.result}" + sensitive = true +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%ad-region-datasource.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%ad-region-datasource.tf new file mode 100644 index 0000000..d8edf0f --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%ad-region-datasource.tf @@ -0,0 +1,7 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl +data "oci_core_subnet" "shardgroup_subnet" { + count = "${length(var.shard_groups)}" + #Required + subnet_id = "${lookup(var.shard_groups[element(keys(var.shard_groups), count.index)], "subnet_id")}" +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%add-service.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%add-service.tf new file mode 100644 index 0000000..87a19ff --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%add-service.tf @@ -0,0 +1,45 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + resource "null_resource" "sdb_add_service" { + depends_on = ["null_resource.sdb_deploy_invoker"] + count = "${var.demo_setup=="false"?0:length(var.global_services)}" + + #creates ssh connection to gsm host + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${oci_core_instance.gsm_vm[0].private_ip}" + agent = false + timeout = "${var.ssh_timeout}" + } + + # copying + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${var.oracle_base}/shard-director.sh + gdsctl add service -service ${lookup(var.global_services[element(keys(var.global_services), count.index)], "service_name")} -role ${lookup(var.global_services[element(keys(var.global_services), count.index)], "role")} + gdsctl start service -service ${lookup(var.global_services[element(keys(var.global_services), count.index)], "service_name")} + gdsctl config + EOF + destination = "${local.gsm_home_full_path}/add-service-config-setup-for-${lookup(var.global_services[element(keys(var.global_services), count.index)], "service_name")}.sh" + } + + #shard director config setup + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.gsm_home_full_path}/add-service-config-setup-for-${lookup(var.global_services[element(keys(var.global_services), count.index)], "service_name")}.sh", + "${local.gsm_home_full_path}/add-service-config-setup-for-${lookup(var.global_services[element(keys(var.global_services), count.index)], "service_name")}.sh", + "rm -f ${local.gsm_home_full_path}/add-service-config-setup-for-${lookup(var.global_services[element(keys(var.global_services), count.index)], "service_name")}.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${local.gsm_home_full_path}/add-service-config-setup-for-${lookup(var.global_services[element(keys(var.global_services), count.index)], "service_name")}.sh", + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%add-shard-director.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%add-shard-director.tf new file mode 100644 index 0000000..8e36537 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%add-shard-director.tf @@ -0,0 +1,63 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_add_shard_director" { + depends_on = ["null_resource.sdb_shard_director_configure"] + count = "${length(var.shard_directors)}" + + #creates ssh connection to gsm host + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${oci_core_instance.gsm_vm[count.index].private_ip}" + agent = false + timeout = "${var.ssh_timeout}" + } + + # copying + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${var.oracle_base}/shard-director.sh + # gdsctl add gsm -gsm ${lookup(var.shard_directors[element(keys(var.shard_directors), count.index)], "name")} -pwd ${var.gsmcatuser_pass} -catalog ${oci_database_db_system.catalog_db[0].hostname}.${oci_database_db_system.catalog_db[0].domain}:${oci_database_db_system.catalog_db[0].listener_port}/${data.oci_database_database.catalog_database[0].pdb_name}.${oci_database_db_system.catalog_db[0].domain} -region ${lookup(var.shard_directors[element(keys(var.shard_directors), count.index)], "gds_region")} -trace_level 16 + gdsctl add gsm -gsm ${lookup(var.shard_directors[element(keys(var.shard_directors), count.index)], "name")} -pwd ${var.gsmcatuser_pass} -catalog ${oci_database_db_system.catalog_db[0].hostname}.${oci_database_db_system.catalog_db[0].domain}:${oci_database_db_system.catalog_db[0].listener_port}/${data.oci_database_database.catalog_database[0].pdb_name}.${oci_database_db_system.catalog_db[0].domain} -region ${lookup(var.shard_directors[element(keys(var.shard_directors), count.index)], "gds_region")} + gdsctl start gsm -gsm ${lookup(var.shard_directors[element(keys(var.shard_directors), count.index)], "name")} + gdsctl add invitednode ${oci_database_db_system.catalog_db[0].hostname}.${oci_database_db_system.catalog_db[0].domain} + gdsctl add invitednode ${data.oci_database_db_systems.catalog_stdby_db_systems[0].db_systems.0.hostname}.${data.oci_database_db_systems.catalog_stdby_db_systems[0].db_systems.0.domain} + EOF + destination = "${local.gsm_home_full_path}/add-shard-director-config-setup.sh" + } + + # add shard director config setup + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.gsm_home_full_path}/add-shard-director-config-setup.sh", + "${local.gsm_home_full_path}/add-shard-director-config-setup.sh", + "rm -f ${local.gsm_home_full_path}/add-shard-director-config-setup.sh" + ] + } + + + #teardown config copy + provisioner "file" { + when = "destroy" + content = <<-EOF + #! /bin/bash + source ${var.oracle_base}/shard-director.sh + gdsctl stop gsm + rm -f ${local.gsm_home_full_path}/add-shard-director-config-setup.sh + EOF + destination = "${local.gsm_home_full_path}/teardown-add-shard-director-config-setup.sh" + } + + #teardown add shard director config setup + provisioner "remote-exec" { + when = "destroy" + inline = [ + "chmod 700 ${local.gsm_home_full_path}/teardown-add-shard-director-config-setup.sh", + "${local.gsm_home_full_path}/teardown-add-shard-director-config-setup.sh", + "rm -f ${local.gsm_home_full_path}/teardown-add-shard-director-config-setup.sh" + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%add-shard-group.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%add-shard-group.tf new file mode 100644 index 0000000..4078875 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%add-shard-group.tf @@ -0,0 +1,43 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl +resource "null_resource" "sdb_add_shard_group" { + depends_on = ["null_resource.sdb_catalog_switchover"] + count = "${(length(var.shard_groups)>=1)?1:0}" + + #creates ssh connection to gsm host + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${oci_core_instance.gsm_vm[0].private_ip}" + agent = false + timeout = "${var.ssh_timeout}" + } + + # copying + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${var.oracle_base}/shard-director.sh + gdsctl add shardgroup -shardgroup ${lookup(var.shard_groups[element(keys(var.shard_groups), count.index)], "name")} -deploy_as primary -region ${element(var.gds_regions, count.index)} + EOF + destination = "${local.gsm_home_full_path}/shard-group-config-setup-for-${lookup(var.shard_groups[element(keys(var.shard_groups), count.index)], "name")}.sh" + } + + #shard director config setup + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.gsm_home_full_path}/shard-group-config-setup-for-${lookup(var.shard_groups[element(keys(var.shard_groups), count.index)], "name")}.sh", + "${local.gsm_home_full_path}/shard-group-config-setup-for-${lookup(var.shard_groups[element(keys(var.shard_groups), count.index)], "name")}.sh", + "rm -f ${local.gsm_home_full_path}/shard-group-config-setup-for-${lookup(var.shard_groups[element(keys(var.shard_groups), count.index)], "name")}.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${local.gsm_home_full_path}/shard-group-config-setup-for-${lookup(var.shard_groups[element(keys(var.shard_groups), count.index)], "name")}.sh" + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%add-shard.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%add-shard.tf new file mode 100644 index 0000000..c76efef --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%add-shard.tf @@ -0,0 +1,45 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl +resource "null_resource" "sdb_add_shard" { + depends_on = ["null_resource.sdb_add_standby_shard_group"] + count = "${length(var.shards)}" + + #creates ssh connection to gsm host + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${oci_core_instance.gsm_vm[0].private_ip}" + agent = false + timeout = "${var.ssh_timeout}" + } + + # copying + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${var.oracle_base}/shard-director.sh + gdsctl add cdb -connect ${lookup(data.oci_database_database.shard_database[count.index].connection_strings[0],"cdb_default")} -pwd ${var.gsmrootuser_pass} + gdsctl add invitednode ${oci_database_db_system.shard_db[count.index].hostname}.${oci_database_db_system.shard_db[count.index].domain} + gdsctl add shard -cdb ${data.oci_database_database.shard_database[count.index].db_unique_name} -shardgroup ${lookup(var.shards[element(keys(var.shards), count.index)], "shard_group")} -connect ${oci_database_db_system.shard_db[count.index].hostname}.${oci_database_db_system.shard_db[count.index].domain}:${oci_database_db_system.shard_db[count.index].listener_port}/${data.oci_database_database.shard_database[count.index].pdb_name}.${oci_database_db_system.shard_db[count.index].domain} -pwd ${var.gsmuser_pass} + EOF + destination = "${local.gsm_home_full_path}/add-shard-config-setup-for-${lookup(var.shards[element(keys(var.shards), count.index)], "db_name")}.sh" + } + + #shard director config setup + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.gsm_home_full_path}/add-shard-config-setup-for-${lookup(var.shards[element(keys(var.shards), count.index)], "db_name")}.sh", + "${local.gsm_home_full_path}/add-shard-config-setup-for-${lookup(var.shards[element(keys(var.shards), count.index)], "db_name")}.sh", + "rm -f ${local.gsm_home_full_path}/add-shard-config-setup-for-${lookup(var.shards[element(keys(var.shards), count.index)], "db_name")}.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${local.gsm_home_full_path}/add-shard-config-setup-for-${lookup(var.shards[element(keys(var.shards), count.index)], "db_name")}.sh" + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%add-standby-shard-group.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%add-standby-shard-group.tf new file mode 100644 index 0000000..db670b9 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%add-standby-shard-group.tf @@ -0,0 +1,43 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl +resource "null_resource" "sdb_add_standby_shard_group" { + depends_on = ["null_resource.sdb_add_shard_group"] + count = "${(length(var.shard_groups) - 1)}" + + #creates ssh connection to gsm host + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${oci_core_instance.gsm_vm[0].private_ip}" + agent = false + timeout = "${var.ssh_timeout}" + } + + # copying + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${var.oracle_base}/shard-director.sh + gdsctl add shardgroup -shardgroup ${lookup(var.shard_groups[element(keys(var.shard_groups), count.index+1)], "name")} -deploy_as ${lookup(var.shard_groups[element(keys(var.shard_groups), count.index+1)], "deploy_as")} -region ${element(var.gds_regions, count.index+1)} + EOF + destination = "${local.gsm_home_full_path}/shard-group-config-setup-for-${lookup(var.shard_groups[element(keys(var.shard_groups), count.index+1)], "name")}.sh" + } + + #shard director config setup + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.gsm_home_full_path}/shard-group-config-setup-for-${lookup(var.shard_groups[element(keys(var.shard_groups), count.index+1)], "name")}.sh", + "${local.gsm_home_full_path}/shard-group-config-setup-for-${lookup(var.shard_groups[element(keys(var.shard_groups), count.index+1)], "name")}.sh", + "rm -f ${local.gsm_home_full_path}/shard-group-config-setup-for-${lookup(var.shard_groups[element(keys(var.shard_groups), count.index+1)], "name")}.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${local.gsm_home_full_path}/shard-group-config-setup-for-${lookup(var.shard_groups[element(keys(var.shard_groups), count.index+1)], "name")}.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%add-standby-shard.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%add-standby-shard.tf new file mode 100644 index 0000000..8351915 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%add-standby-shard.tf @@ -0,0 +1,45 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl +resource "null_resource" "sdb_add_standby_shard" { + depends_on = ["null_resource.sdb_add_standby_shard_group"] + count = "${length(var.shards) * (length(var.shard_groups) - 1)}" + + #creates ssh connection to gsm host + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${oci_core_instance.gsm_vm[0].private_ip}" + agent = false + timeout = "${var.ssh_timeout}" + } + + # copying + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${var.oracle_base}/shard-director.sh + gdsctl add cdb -connect ${lookup(data.oci_database_database.stdby_shard_database[count.index].connection_strings[0],"cdb_default")} -pwd ${var.gsmrootuser_pass} + gdsctl add invitednode ${var.standby_shard_name_prefix}${count.index}.${lookup(data.oci_core_subnet.shardgroup_subnet[floor(count.index/length(var.shards)) + 1],"subnet_domain_name")} + gdsctl add shard -cdb ${data.oci_database_database.stdby_shard_database[count.index].db_unique_name} -shardgroup ${lookup(var.shard_groups[element(keys(var.shard_groups), floor(count.index/length(var.shards)) + 1)], "name")} -connect ${var.standby_shard_name_prefix}${count.index}.${lookup(data.oci_core_subnet.shardgroup_subnet[floor(count.index/length(var.shards)) + 1],"subnet_domain_name")}:${oci_database_db_system.shard_db[count.index%length(var.shards)].listener_port}/${data.oci_database_database.shard_database[count.index%length(var.shards)].pdb_name}.${lookup(data.oci_core_subnet.shardgroup_subnet[floor(count.index/length(var.shards)) + 1],"subnet_domain_name")} -pwd ${var.gsmuser_pass} + EOF + destination = "${local.gsm_home_full_path}/add-standby-shard-${count.index}-config-setup.sh" + } + + #shard director config setup + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.gsm_home_full_path}/add-standby-shard-${count.index}-config-setup.sh", + "${local.gsm_home_full_path}/add-standby-shard-${count.index}-config-setup.sh", + "rm -f ${local.gsm_home_full_path}/add-standby-shard-${count.index}-config-setup.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${local.gsm_home_full_path}/add-standby-shard-${count.index}-config-setup.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%catalog-config-consolidator.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%catalog-config-consolidator.tf new file mode 100644 index 0000000..ae2b587 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%catalog-config-consolidator.tf @@ -0,0 +1,24 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl +resource "null_resource" "catalog_config_consolidator" { + depends_on = ["null_resource.catalog_config_generator"] + #creates ssh connection + connection { + type = "ssh" + user = "${var.local_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "localhost" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "remote-exec" { + inline = [ + "rm -f ${abspath(path.root)}/shard-catalogs.auto.tfvars", + "echo shard_catalogs = { >> ${abspath(path.root)}/shard-catalogs.auto.tfvars", + "cat ${abspath(path.root)}/shard-catalogs-*.pvars >> ${abspath(path.root)}/shard-catalogs.auto.tfvars", + "echo } >> ${abspath(path.root)}/shard-catalogs.auto.tfvars", + "rm -f ${abspath(path.root)}/shard-catalogs-*.pvars" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%catalog-config-generator.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%catalog-config-generator.tf new file mode 100644 index 0000000..a42558f --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%catalog-config-generator.tf @@ -0,0 +1,29 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl +resource "null_resource" "catalog_config_generator" { + count = 1 + #creates ssh connection + connection { + type = "ssh" + user = "${var.local_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "localhost" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + "shard-catalog-${count.index}" = { + host = "${var.catalog_name_prefix}${count.index}" + availability_domain = "${lookup(data.oci_core_subnet.shardgroup_subnet[0],"availability_domain")}" + subnet_id = "${lookup(var.shard_groups[element(keys(var.shard_groups), 0)], "subnet_id")}" # OCI mandatory var + db_name = "${var.catalog_name_prefix}${count.index}" + pdb_name = "${var.pdb_name}" + sharding_method = "${var.sharding_method}" + data_storage_size_in_gb = "${var.data_storage_size_in_gb}" + } + EOF + destination = "${abspath(path.root)}/shard-catalogs-${count.index}.pvars" + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%catalog-dataguard.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%catalog-dataguard.tf new file mode 100644 index 0000000..2324923 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%catalog-dataguard.tf @@ -0,0 +1,60 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl +resource "oci_database_data_guard_association" "catalog_data_guard_association" { + depends_on = ["null_resource.sdb_shard_catalog_configure"] + count = "${length(var.shard_catalogs) * (length(var.shard_groups) - 1)}" + + #Required + creation_type = "NewDbSystem" + database_admin_password = "${var.sys_pass}" + database_id = "${data.oci_database_databases.primary_databases[0].databases.0.id}" + protection_mode = "${var.protection_mode}" + transport_type = "${var.transport_type}" + + #required for NewDbSystem creation_type + display_name = "${var.standby_catalog_name_prefix}${count.index}" + subnet_id = "${lookup(data.oci_core_subnet.shardgroup_subnet[floor(count.index/length(var.shard_catalogs)) + 1],"id")}" + availability_domain = "${lookup(data.oci_core_subnet.shardgroup_subnet[floor(count.index/length(var.shard_catalogs)) + 1],"availability_domain")}" + hostname = "${var.standby_catalog_name_prefix}${count.index}" + delete_standby_db_home_on_delete = "${var.delete_standby_db_home_on_delete}" + +} + +data "oci_database_db_systems" "catalog_stdby_db_systems" { + count = "${length(var.shard_catalogs) * (length(var.shard_groups) - 1)}" + #Required + compartment_id = "${var.compartment_ocid}" + + #Optional + display_name = "${var.standby_catalog_name_prefix}${count.index}" +} + +data "oci_database_database" "stdby_catalog_database" { + count = "${length(var.shard_catalogs) * (length(var.shard_groups) - 1)}" + database_id = "${oci_database_data_guard_association.catalog_data_guard_association[count.index].peer_database_id}" +} + +output "stdby_catalog_db_dataguard_association_id" { + value = ["${oci_database_data_guard_association.catalog_data_guard_association.*.id}"] +} + +output "stdby_catalog_db_dataguard_association_peer_db_id" { + value = ["${oci_database_data_guard_association.catalog_data_guard_association.*.peer_database_id}"] +} + +output "stdby_catalog_db_dataguard_association_db_id" { + value = ["${oci_database_data_guard_association.catalog_data_guard_association.*.database_id}"] +} + +output "stdby_catalog_db_dataguard_association_peer_db_home_id" { + value = ["${oci_database_data_guard_association.catalog_data_guard_association.*.peer_db_home_id}"] +} + +output "stdby_catalog_db_dataguard_association_peer_db_system_id" { + value = ["${oci_database_data_guard_association.catalog_data_guard_association.*.peer_db_system_id}"] +} + +output "stdby_catalog_db_dataguard_association_peer_role" { + value = ["${oci_database_data_guard_association.catalog_data_guard_association.*.peer_role}"] +} + diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%catalog-db.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%catalog-db.tf new file mode 100644 index 0000000..db6aa43 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%catalog-db.tf @@ -0,0 +1,60 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "oci_database_db_system" "catalog_db" { + depends_on = ["null_resource.catalog_config_consolidator"] + count = "${length(var.shard_catalogs)}" + availability_domain = "${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), count.index)], "availability_domain")}" + compartment_id = "${var.compartment_ocid}" + database_edition = "${var.database_edition}" + + db_home { + database { + admin_password = "${var.sys_pass}" + db_name = "${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), count.index)], "db_name")}" + character_set = "AL32UTF8" + ncharacter_set = "AL16UTF16" + db_workload = "OLTP" + pdb_name = "${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), count.index)], "pdb_name")}" + + db_backup_config { + auto_backup_enabled = false + } + } + db_version = "${var.db_version}.0" + display_name = "${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), count.index)], "db_name")}" + } + + db_system_options { + storage_management = "LVM" + } + disk_redundancy = "NORMAL" + shape = "${var.db_shape}" + subnet_id = "${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), count.index)], "subnet_id")}" + ssh_public_keys = ["${file(var.ssh_public_key_path)}"] + display_name = "${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), count.index)], "db_name")}" + hostname = "${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), count.index)], "host")}" + data_storage_size_in_gb = "${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), count.index)], "data_storage_size_in_gb")}" + license_model = "LICENSE_INCLUDED" + node_count = 1 +} + +output "db_system_id" { + value = ["${oci_database_db_system.catalog_db.*.id}"] +} + +data "oci_database_db_homes" "primary_db_homes" { + count = length(var.shard_catalogs) + compartment_id = "${var.compartment_ocid}" + db_system_id = element(oci_database_db_system.catalog_db.*.id, count.index) +} + +data "oci_database_databases" "primary_databases" { + count = "${length(var.shard_catalogs)}" + compartment_id = "${var.compartment_ocid}" + db_home_id = "${data.oci_database_db_homes.primary_db_homes[count.index].db_homes.0.id}" +} +data "oci_database_database" "catalog_database" { + count = "${length(var.shard_catalogs)}" + database_id = "${data.oci_database_databases.primary_databases[count.index].databases.0.id}" +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%catalog-standby-cloud-init.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%catalog-standby-cloud-init.tf new file mode 100644 index 0000000..eb6fb86 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%catalog-standby-cloud-init.tf @@ -0,0 +1,40 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl +resource "null_resource" "sdb_catalog_standby_cloud_init" { + depends_on = ["oci_database_data_guard_association.catalog_data_guard_association"] + count = "${length(var.shard_catalogs) * (length(var.shard_groups) - 1)}" + + connection { + type = "ssh" + user = "${var.opc_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${var.standby_catalog_name_prefix}${count.index}.${lookup(data.oci_core_subnet.shardgroup_subnet[floor(count.index/length(var.shard_catalogs)) + 1],"subnet_domain_name")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + sudo usermod --password $(echo ${var.sudo_pass} | openssl passwd -1 -stdin) ${var.os_user} + sudo cp ~/.ssh/authorized_keys /home/${var.os_user}/.ssh/authorized_keys + EOF + destination = "~/shard-cat-standby-cloud-sdb-init-starter.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod +x ~/shard-cat-standby-cloud-sdb-init-starter.sh", + "~/shard-cat-standby-cloud-sdb-init-starter.sh > shard-cat-standby-cloud-sdb-init-starter.log", + "rm -f ~/shard-cat-standby-cloud-sdb-init-starter.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ~/shard-cat-standby-cloud-sdb-init-starter.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%catalog-standby-configure.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%catalog-standby-configure.tf new file mode 100644 index 0000000..87021a1 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%catalog-standby-configure.tf @@ -0,0 +1,63 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl +resource "null_resource" "sdb_catalog_standby_configure" { +depends_on = ["null_resource.sdb_catalog_standby_cloud_init"] + count = "${var.database_edition==local.ee_xp?length(var.shard_catalogs) * (length(var.shard_groups) - 1):0}" + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${var.standby_catalog_name_prefix}${count.index}.${lookup(data.oci_core_subnet.shardgroup_subnet[floor(count.index/length(var.shard_catalogs)) + 1],"subnet_domain_name")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + # copying + provisioner "file" { + content = <<-EOF + #! /bin/bash + export ORACLE_BASE="${var.oracle_base}" + export ORACLE_HOME="${local.db_home_path}" + export LD_LIBRARY_PATH=$ORACLE_HOME/lib + export PATH=$PATH:$ORACLE_HOME/bin + export TNS_ADMIN=$ORACLE_HOME/network/admin + EOF + destination = "${local.db_home_path}/shardcat.sh" + } + + provisioner "file" { + content = <<-EOF + ALTER PLUGGABLE DATABASE ${var.pdb_name} OPEN READ ONLY; + exit + EOF + destination = "${local.db_home_path}/shard-standby-config.sql" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${local.db_home_path}/shardcat.sh + sqlplus / as sysdba @${local.db_home_path}/shard-standby-config.sql + sed 's/SQLNET.ENCRYPTION_TYPES_SERVER=(AES256,AES192,AES128)/SQLNET.ENCRYPTION_TYPES_SERVER=(AES256,AES192,AES128,RC4_256)/' $TNS_ADMIN/sqlnet.ora > $TNS_ADMIN/sqlnet-temp.ora + mv $TNS_ADMIN/sqlnet-temp.ora $TNS_ADMIN/sqlnet.ora + EOF + destination = "~/shard-standby-configure.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod +x ~/shard-standby-configure.sh", + "~/shard-standby-configure.sh > shard-standby-configure.log", + "rm -f ~/shard-standby-configure.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ~/shard-standby-configure.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%catalog-standby-ee-configure.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%catalog-standby-ee-configure.tf new file mode 100644 index 0000000..c90690f --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%catalog-standby-ee-configure.tf @@ -0,0 +1,54 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl +resource "null_resource" "sdb_catalog_standby_ee_configure" { +depends_on = ["null_resource.sdb_catalog_standby_cloud_init"] + count = "${var.database_edition==local.ee?length(var.shard_catalogs) * (length(var.shard_groups) - 1):0}" + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${var.standby_catalog_name_prefix}${count.index}.${lookup(data.oci_core_subnet.shardgroup_subnet[floor(count.index/length(var.shard_catalogs)) + 1],"subnet_domain_name")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + # copying + provisioner "file" { + content = <<-EOF + #! /bin/bash + export ORACLE_BASE="${var.oracle_base}" + export ORACLE_HOME="${local.db_home_path}" + export LD_LIBRARY_PATH=$ORACLE_HOME/lib + export PATH=$PATH:$ORACLE_HOME/bin + export TNS_ADMIN=$ORACLE_HOME/network/admin + EOF + destination = "${local.db_home_path}/shardcat.sh" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${local.db_home_path}/shardcat.sh + sed 's/SQLNET.ENCRYPTION_TYPES_SERVER=(AES256,AES192,AES128)/SQLNET.ENCRYPTION_TYPES_SERVER=(AES256,AES192,AES128,RC4_256)/' $TNS_ADMIN/sqlnet.ora > $TNS_ADMIN/sqlnet-temp.ora + mv $TNS_ADMIN/sqlnet-temp.ora $TNS_ADMIN/sqlnet.ora + EOF + destination = "~/shard-standby-configure.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod +x ~/shard-standby-configure.sh", + "~/shard-standby-configure.sh > shard-standby-configure.log", + "rm -f ~/shard-standby-configure.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ~/shard-standby-configure.sh" + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%catalog-switchover.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%catalog-switchover.tf new file mode 100644 index 0000000..0fbd2c5 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%catalog-switchover.tf @@ -0,0 +1,58 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl +resource "null_resource" "sdb_catalog_switchover" { + depends_on = ["null_resource.sdb_add_shard_director"] + count = "${(length(var.shard_groups)>1)?length(var.shard_directors):0}" + + #creates ssh connection to gsm host + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${oci_core_instance.gsm_vm[count.index].private_ip}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + #!/bin/bash + source ${var.oracle_base}/shard-director.sh + mv $TNS_ADMIN/tnsnames.ora $TNS_ADMIN/tnsname-ora-backup + echo "${upper(lookup(var.shard_directors[element(keys(var.shard_directors), count.index)], "name"))}_CATALOG = + (DESCRIPTION = + (ADDRESS_LIST= + (address = (protocol = tcp)(host = ${oci_database_db_system.catalog_db[0].hostname}.${oci_database_db_system.catalog_db[0].domain})(port = ${oci_database_db_system.catalog_db[0].listener_port})) + (address = (protocol = tcp)(host = ${data.oci_database_db_systems.catalog_stdby_db_systems[0].db_systems.0.hostname}.${data.oci_database_db_systems.catalog_stdby_db_systems[0].db_systems.0.domain})(port = ${data.oci_database_db_systems.catalog_stdby_db_systems[0].db_systems.0.listener_port})) + ) + (CONNECT_DATA = + (SERVICE_NAME = GDS\$CATALOG.oradbcloud) + ) + ) + +${upper(lookup(var.shard_directors[element(keys(var.shard_directors), count.index)], "name"))} = + (DESCRIPTION = + (ADDRESS = (HOST = ${lookup(var.shard_directors[element(keys(var.shard_directors), count.index)], "host")}.${lookup(data.oci_core_subnet.shardgroup_subnet[floor(count.index/var.num_of_gsm_per_ad)],"subnet_domain_name")})(PORT = ${lookup(var.shard_directors[element(keys(var.shard_directors), count.index)], "port")})(PROTOCOL = tcp)) + (CONNECT_DATA = + (SERVICE_NAME = GDS\$CATALOG.oradbcloud) + ) + )" >> $TNS_ADMIN/tnsnames.ora + EOF + destination = "${local.gsm_home_full_path}/enable-switchover-relocation-for-catalog.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.gsm_home_full_path}/enable-switchover-relocation-for-catalog.sh", + "${local.gsm_home_full_path}/enable-switchover-relocation-for-catalog.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${local.gsm_home_full_path}/enable-switchover-relocation-for-catalog.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%demo-monitor.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%demo-monitor.tf new file mode 100644 index 0000000..7571265 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%demo-monitor.tf @@ -0,0 +1,47 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl +resource "null_resource" "sdb_demo_monitor" { + depends_on = ["null_resource.sdb_demo_setup"] + count = "${var.demo_setup=="false"?0:var.sharding_method==local.system_sharding?1:0}" + + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${oci_database_db_system.catalog_db[0].hostname}.${oci_database_db_system.catalog_db[0].domain}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + cd ${local.db_home_path}/${local.sdb_demo_dir} + source ${local.db_home_path}/shardcat.sh + chmod 700 ${local.db_home_path}/${local.sdb_demo_dir}/run.sh + cd ${local.db_home_path}/${local.sdb_demo_dir} + nohup ./run.sh monitor >> nohup-run-monitor.out 2>&1 & + sleep 6 + EOF + destination = "${local.db_home_path}/run-monitor.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.db_home_path}/run-monitor.sh", + "${local.db_home_path}/run-monitor.sh", + "echo !!! SDB deployment completed !!!" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "kill $(ps aux | grep '[o]racle.monitor.Main' | awk '{print $2}')", + "rm -f ${local.db_home_path}/run-monitor.sh", + "rm -rf ${local.db_home_path}/__MACOSX" + ] + } + } diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%demo-schema-datasources.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%demo-schema-datasources.tf new file mode 100644 index 0000000..b5c4bc3 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%demo-schema-datasources.tf @@ -0,0 +1,14 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +data "template_file" "system_sharding_schema_setup_template" { + template = "${file("demo-schema-sql/system-sharding-schema-setup.template.ql")}" + + vars = { + oracle_home = "${local.db_home_path}" + cat_pdb_name = "${data.oci_database_database.catalog_database[0].pdb_name}" + catalog_host_name="${oci_database_db_system.catalog_db[0].hostname}" + catalog_domain_name="${oci_database_db_system.catalog_db[0].domain}" + catalog_port= "${oci_database_db_system.catalog_db[0].listener_port}" + } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%deploy-invoker.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%deploy-invoker.tf new file mode 100644 index 0000000..792f6ce --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%deploy-invoker.tf @@ -0,0 +1,43 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_deploy_invoker" { + + depends_on = ["null_resource.sdb_add_shard", "null_resource.sdb_add_standby_shard"] + #creates ssh connection to gsm host + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${oci_core_instance.gsm_vm[0].private_ip}" + agent = false + timeout = "${var.ssh_timeout}" + } + + # copying + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${var.oracle_base}/shard-director.sh + gdsctl deploy + EOF + destination = "${local.gsm_home_full_path}/sdb-deploy.sh" + } + + #shard deploy config setup + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.gsm_home_full_path}/sdb-deploy.sh", + "${local.gsm_home_full_path}/sdb-deploy.sh", + "rm -f ${local.gsm_home_full_path}/sdb-deploy.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${local.gsm_home_full_path}/sdb-deploy.sh" + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%gsm-compute.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%gsm-compute.tf new file mode 100644 index 0000000..e924afb --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%gsm-compute.tf @@ -0,0 +1,34 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "oci_core_instance" "gsm_vm" { + depends_on = ["null_resource.shard_director_config_consolidator"] + count = length(var.shard_directors) + compartment_id = var.compartment_ocid + display_name = var.shard_directors[element(keys(var.shard_directors), count.index)]["name"] + availability_domain = var.shard_directors[element(keys(var.shard_directors), count.index)]["availability_domain"] + shape = var.compute_shape + + create_vnic_details { + subnet_id = var.shard_directors[element(keys(var.shard_directors), count.index)]["subnet_id"] + display_name = "Primary-vnic" + assign_public_ip = var.assign_public_ip + hostname_label = var.shard_directors[element(keys(var.shard_directors), count.index)]["host"] + } + + source_details { + source_type = "image" + source_id = var.compute_image_source_ocid + } + + metadata = { + ssh_authorized_keys = file(var.ssh_public_key_path) + } + timeouts { + create = "60m" + } +} + +output "gsm_instance_private_ips" { + value = [oci_core_instance.gsm_vm.*.private_ip] +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%provider.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%provider.tf new file mode 100644 index 0000000..657dc05 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%provider.tf @@ -0,0 +1,11 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +provider "oci" { + tenancy_ocid = var.tenancy_ocid + user_ocid = var.user_ocid + fingerprint = var.fingerprint + private_key_path = var.private_key_path + region = var.region +} + diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-catalog-cloud-init.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-catalog-cloud-init.tf new file mode 100644 index 0000000..f433ced --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-catalog-cloud-init.tf @@ -0,0 +1,41 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_catalog_cloud_init" { + depends_on = ["oci_database_db_system.catalog_db"] + count = "${length(var.shard_catalogs)}" + + connection { + type = "ssh" + user = "${var.opc_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${oci_database_db_system.catalog_db[count.index].hostname}.${oci_database_db_system.catalog_db[count.index].domain}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + sudo usermod --password $(echo ${var.sudo_pass} | openssl passwd -1 -stdin) ${var.os_user} + sudo cp ~/.ssh/authorized_keys /home/${var.os_user}/.ssh/authorized_keys + EOF + destination = "~/shard-catalog-cloud-sdb-init-starter.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod +x ~/shard-catalog-cloud-sdb-init-starter.sh", + "~/shard-catalog-cloud-sdb-init-starter.sh > shard-catalog-cloud-sdb-init-starter.log", + "rm -f ~/shard-catalog-cloud-sdb-init-starter.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ~/shard-catalog-cloud-sdb-init-starter.sh" + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-catalog-configure-datasources.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-catalog-configure-datasources.tf new file mode 100644 index 0000000..3da1ab2 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-catalog-configure-datasources.tf @@ -0,0 +1,16 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +data "template_file" "shard_catalog_config_template" { + template = "${file("shard-catalog-config-sql/shard-catalog-config.template.ql")}" + + vars = { + oradata = "${local.oradata}" + gsmcatuser_pass = "${var.gsmcatuser_pass}" + sdb_admin_username = "${var.sdb_admin_username}" + sdb_admin_pass = "${var.sdb_admin_pass}" + total_num_of_shards = "${length(local.total_shards)}" + catalog_host = "${oci_database_db_system.catalog_db[0].hostname}.${oci_database_db_system.catalog_db[0].domain}" + catalog_port = "${oci_database_db_system.catalog_db[0].listener_port}" + } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-catalog-configure-main.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-catalog-configure-main.tf new file mode 100644 index 0000000..6207c98 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-catalog-configure-main.tf @@ -0,0 +1,122 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_catalog_configure" { + depends_on = ["null_resource.sdb_shard_catalog_cloud_init"] + count = "${length(var.shard_catalogs)}" + + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${oci_database_db_system.catalog_db[count.index].hostname}.${oci_database_db_system.catalog_db[count.index].domain}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = "${data.template_file.shard_catalog_config_template.rendered}" + destination = "${local.db_home_path}/catalog-config.sql" + } + + provisioner "file" { + content = <<-EOF + SHUTDOWN IMMEDIATE + STARTUP MOUNT + ALTER DATABASE ARCHIVELOG; + ALTER DATABASE OPEN; + ARCHIVE LOG LIST; + alter database flashback on; + ALTER DATABASE FORCE LOGGING; + + alter user gsmuser account unlock; + alter user gsmuser identified by ${var.gsmuser_pass}; + grant debug connect session to gsmuser; + + alter user GSMROOTUSER account unlock; + alter user GSMROOTUSER identified by ${var.gsmrootuser_pass}; + grant sysdg, sysbackup, gsmrootuser_role to gsmrootuser; + + ALTER SYSTEM SET DG_BROKER_START=TRUE scope=both sid='*'; + + -- Create DATA_PUMP_DIR (for chunk migration) + create or replace directory data_pump_dir as '??/oradata'; + select DIRECTORY_PATH from dba_directories where DIRECTORY_NAME='DATA_PUMP_DIR'; + + -- PDB ops + alter session set container=${data.oci_database_database.catalog_database[count.index].pdb_name}; + grant sysdg, sysbackup, gsmuser_role to gsmuser; + grant read,write on directory DATA_PUMP_DIR to gsmadmin_internal; + grant read,write on directory DATA_PUMP_DIR to gsmuser; + + set serveroutput on + execute DBMS_GSM_FIX.validateShard + exit + EOF + destination = "${local.db_home_path}/catalog-db-config.sql" + } + + + # copying + provisioner "file" { + content = <<-EOF + #! /bin/bash + export ORACLE_SID="${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), count.index)], "db_name")}" + export ORACLE_BASE="${var.oracle_base}" + export ORACLE_HOME="${local.db_home_path}" + export LD_LIBRARY_PATH=$ORACLE_HOME/lib + export PATH=$PATH:$ORACLE_HOME/bin + export TNS_ADMIN=$ORACLE_HOME/network/admin + EOF + destination = "${local.db_home_path}/shardcat.sh" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${local.db_home_path}/shardcat.sh + lsnrctl start + sqlplus / as sysdba @${local.db_home_path}/catalog-config.sql + sqlplus / as sysdba @${local.db_home_path}/catalog-db-config.sql + sed 's/SQLNET.ENCRYPTION_TYPES_SERVER=(AES256,AES192,AES128)/SQLNET.ENCRYPTION_TYPES_SERVER=(AES256,AES192,AES128,RC4_256)/' $TNS_ADMIN/sqlnet.ora > $TNS_ADMIN/sqlnet-temp.ora + mv $TNS_ADMIN/sqlnet-temp.ora $TNS_ADMIN/sqlnet.ora + EOF + destination = "${local.db_home_path}/catalog-config-setup.sh" + } + + #Catalog config + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.db_home_path}/catalog-config-setup.sh", + "${local.db_home_path}/catalog-config-setup.sh", + "rm -f ${local.db_home_path}/catalog-config.sql", + "rm -f ${local.db_home_path}/catalog-db-config.sql", + "rm -f ${local.db_home_path}/catalog-config-setup.sh" + ] + } + + + provisioner "file" { + when = "destroy" + content = <<-EOF + #! /bin/bash + source ${local.db_home_path}/shardcat.sh + lsnrctl stop + rm -f ${local.db_home_path}/catalog-config.sql + rm -f ${local.db_home_path}/catalog-db-config.sql + rm -f ${local.db_home_path}/catalog-config-setup.sh + EOF + destination = "${local.db_home_path}/catalog-config-teardown.sh" + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "chmod 700 ${local.db_home_path}/catalog-config-teardown.sh", + "${local.db_home_path}/catalog-config-teardown.sh", + "rm -f ${local.db_home_path}/catalog-config-teardown.sh" + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-config-consolidator.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-config-consolidator.tf new file mode 100644 index 0000000..f74a3fa --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-config-consolidator.tf @@ -0,0 +1,25 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "shard_config_consolidator" { + depends_on = ["null_resource.shard_config_generator"] + #creates ssh connection + connection { + type = "ssh" + user = "${var.local_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "localhost" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "remote-exec" { + inline = [ + "rm -f ${abspath(path.root)}/primary-shards.auto.tfvars", + "echo shards = { >> ${abspath(path.root)}/primary-shards.auto.tfvars", + "cat ${abspath(path.root)}/primary-shards-*.pvars >> ${abspath(path.root)}/primary-shards.auto.tfvars", + "echo } >> ${abspath(path.root)}/primary-shards.auto.tfvars", + "rm -f ${abspath(path.root)}/primary-shards-*.pvars" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-config-generator.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-config-generator.tf new file mode 100644 index 0000000..fc4d713 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-config-generator.tf @@ -0,0 +1,31 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "shard_config_generator" { + count = "${var.num_of_shards}" + #creates ssh connection + connection { + type = "ssh" + user = "${var.local_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "localhost" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + "shard-${count.index}" = { + host = "${var.shard_name_prefix}${count.index}" + db_name = "${var.shard_name_prefix}${count.index}" + availability_domain = "${lookup(data.oci_core_subnet.shardgroup_subnet[0],"availability_domain")}" + subnet_id = "${lookup(var.shard_groups[element(keys(var.shard_groups), 0)], "subnet_id")}" # OCI mandatory var + shard_group = "${lookup(var.shard_groups[element(keys(var.shard_groups), 0)], "name")}" + pdb_name = "${var.pdb_name}" + data_storage_size_in_gb = "${var.data_storage_size_in_gb}" + } + EOF + destination = "${abspath(path.root)}/primary-shards-${count.index}.pvars" + } +} + \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-dataguard.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-dataguard.tf new file mode 100644 index 0000000..d0c61cd --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-dataguard.tf @@ -0,0 +1,52 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "oci_database_data_guard_association" "shard_data_guard_association" { + depends_on = ["null_resource.sdb_shard_db_configure"] + count = "${length(var.shards) * (length(var.shard_groups) - 1)}" + + #Required + creation_type = "NewDbSystem" + database_admin_password = "${var.sys_pass}" + database_id = "${data.oci_database_databases.shard_primary_databases[count.index%length(var.shards)].databases.0.id}" + protection_mode = "${var.protection_mode}" + transport_type = "${var.transport_type}" + + #required for NewDbSystem creation_type + display_name = "${var.standby_shard_name_prefix}${count.index}" + subnet_id = "${lookup(data.oci_core_subnet.shardgroup_subnet[floor(count.index/length(var.shards)) + 1],"id")}" + availability_domain = "${lookup(data.oci_core_subnet.shardgroup_subnet[floor(count.index/length(var.shards)) + 1],"availability_domain")}" + hostname = "${var.standby_shard_name_prefix}${count.index}" + delete_standby_db_home_on_delete = "${var.delete_standby_db_home_on_delete}" + +} + +data "oci_database_database" "stdby_shard_database" { + count = "${length(var.shards) * (length(var.shard_groups) - 1)}" + database_id = "${oci_database_data_guard_association.shard_data_guard_association[count.index].peer_database_id}" +} + +output "stdby_shard_db_dataguard_association_id" { + value = ["${oci_database_data_guard_association.shard_data_guard_association.*.id}"] +} + +output "stdby_shard_db_dataguard_association_peer_db_id" { + value = ["${oci_database_data_guard_association.shard_data_guard_association.*.peer_database_id}"] +} + +output "stdby_shard_db_dataguard_association_db_id" { + value = ["${oci_database_data_guard_association.shard_data_guard_association.*.database_id}"] +} + +output "stdby_shard_db_dataguard_association_peer_db_home_id" { + value = ["${oci_database_data_guard_association.shard_data_guard_association.*.peer_db_home_id}"] +} + +output "stdby_shard_db_dataguard_association_peer_db_system_id" { + value = ["${oci_database_data_guard_association.shard_data_guard_association.*.peer_db_system_id}"] +} + +output "stdby_shard_db_dataguard_association_peer_role" { + value = ["${oci_database_data_guard_association.shard_data_guard_association.*.peer_role}"] +} + diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-db-cloud-init.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-db-cloud-init.tf new file mode 100644 index 0000000..0ccbe6d --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-db-cloud-init.tf @@ -0,0 +1,41 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_cloud_init" { + depends_on = ["oci_database_db_system.shard_db"] + count = "${length(var.shards)}" + + connection { + type = "ssh" + user = "${var.opc_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${oci_database_db_system.shard_db[count.index].hostname}.${oci_database_db_system.shard_db[count.index].domain}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + sudo usermod --password $(echo ${var.sudo_pass} | openssl passwd -1 -stdin) ${var.os_user} + sudo cp ~/.ssh/authorized_keys /home/${var.os_user}/.ssh/authorized_keys + EOF + destination = "~/shard-cloud-sdb-init-starter.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod +x ~/shard-cloud-sdb-init-starter.sh", + "~/shard-cloud-sdb-init-starter.sh > shard-cloud-sdb-init-starter.log", + "rm -f ~/shard-cloud-sdb-init-starter.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ~/shard-cloud-sdb-init-starter.sh" + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-db-configure-main.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-db-configure-main.tf new file mode 100644 index 0000000..77ee7c0 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-db-configure-main.tf @@ -0,0 +1,101 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_db_configure" { + depends_on = ["null_resource.sdb_shard_env_configure"] + count = "${length(var.shards)}" + + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${oci_database_db_system.shard_db[count.index].hostname}.${oci_database_db_system.shard_db[count.index].domain}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + ALTER SYSTEM SET EVENT='10798 trace name context forever, level 7' SCOPE=spfile; + SHUTDOWN IMMEDIATE + STARTUP MOUNT + ALTER DATABASE ARCHIVELOG; + ALTER DATABASE OPEN; + ARCHIVE LOG LIST; + alter database flashback on; + ALTER DATABASE FORCE LOGGING; + + alter user gsmuser account unlock; + alter user gsmuser identified by ${var.gsmuser_pass}; + grant debug connect session to gsmuser; + + alter user GSMROOTUSER account unlock; + alter user GSMROOTUSER identified by ${var.gsmrootuser_pass}; + grant sysdg, sysbackup, gsmrootuser_role to gsmrootuser; + + ALTER SYSTEM SET DG_BROKER_START=TRUE scope=both sid='*'; + + -- Create DATA_PUMP_DIR (for chunk migration) + create or replace directory data_pump_dir as '??/oradata'; + select DIRECTORY_PATH from dba_directories where DIRECTORY_NAME='DATA_PUMP_DIR'; + + -- PDB ops + alter session set container=${data.oci_database_database.shard_database[count.index].pdb_name}; + grant sysdg, sysbackup, gsmuser_role to gsmuser; + grant read,write on directory DATA_PUMP_DIR to gsmadmin_internal; + grant read,write on directory DATA_PUMP_DIR to gsmuser; + + set serveroutput on + execute DBMS_GSM_FIX.validateShard + -- alter system set events 'immediate trace name GWM_TRACE level 7'; + exit + EOF + destination = "${local.db_home_path}/shard-db-config.sql" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${local.db_home_path}/shard.sh + sqlplus / as sysdba @${local.db_home_path}/shard-db-config.sql + sed 's/SQLNET.ENCRYPTION_TYPES_SERVER=(AES256,AES192,AES128)/SQLNET.ENCRYPTION_TYPES_SERVER=(AES256,AES192,AES128,RC4_256)/' $TNS_ADMIN/sqlnet.ora > $TNS_ADMIN/sqlnet-temp.ora + mv $TNS_ADMIN/sqlnet-temp.ora $TNS_ADMIN/sqlnet.ora + EOF + destination = "${local.db_home_path}/shard-db-config-setup.sh" + } + + + + #Shard db config setup + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.db_home_path}/shard-db-config-setup.sh", + "${local.db_home_path}/shard-db-config-setup.sh", + "rm -f ${local.db_home_path}/shard-db-config.sql", + "rm -f ${local.db_home_path}/shard-db-config-setup.sh" + ] + } + + + provisioner "file" { + when = "destroy" + content = <<-EOF + #! /bin/bash + source ${local.db_home_path}/shard.sh + rm -f ${local.db_home_path}/shard-db-config.sql + rm -f ${local.db_home_path}/shard-db-config-setup.sh + EOF + destination = "${local.db_home_path}/shard-db-config-teardown.sh" + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "chmod 700 ${local.db_home_path}/shard-db-config-teardown.sh", + "${local.db_home_path}/shard-db-config-teardown.sh", + "rm -f ${local.db_home_path}/shard-db-config-teardown.sh" + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-db.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-db.tf new file mode 100644 index 0000000..1e84988 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-db.tf @@ -0,0 +1,60 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "oci_database_db_system" "shard_db" { + depends_on = ["null_resource.shard_config_consolidator"] + count = "${length(var.shards)}" + availability_domain = "${lookup(var.shards[element(keys(var.shards), count.index)], "availability_domain")}" + compartment_id = "${var.compartment_ocid}" + database_edition = "${var.database_edition}" + + db_home { + database { + admin_password = "${var.sys_pass}" + db_name = "${lookup(var.shards[element(keys(var.shards), count.index)], "db_name")}" + character_set = "AL32UTF8" + ncharacter_set = "AL16UTF16" + db_workload = "OLTP" + pdb_name = "${lookup(var.shards[element(keys(var.shards), count.index)], "pdb_name")}" + + db_backup_config { + auto_backup_enabled = false + } + } + db_version = "${var.db_version}.0" + display_name = "${lookup(var.shards[element(keys(var.shards), count.index)], "db_name")}" + } + + db_system_options { + storage_management = "LVM" + } + disk_redundancy = "NORMAL" + shape = "${var.db_shape}" + subnet_id = "${lookup(var.shards[element(keys(var.shards), count.index)], "subnet_id")}" + ssh_public_keys = ["${file(var.ssh_public_key_path)}"] + display_name = "${lookup(var.shards[element(keys(var.shards), count.index)], "db_name")}" + hostname = "${lookup(var.shards[element(keys(var.shards), count.index)], "host")}" + data_storage_size_in_gb = "${lookup(var.shards[element(keys(var.shards), count.index)], "data_storage_size_in_gb")}" + license_model = "LICENSE_INCLUDED" + node_count = 1 +} + +output "shard_db_system_id" { + value = ["${oci_database_db_system.shard_db.*.id}"] +} + +data "oci_database_db_homes" "shard_primary_db_homes" { + count = length(var.shards) + compartment_id = "${var.compartment_ocid}" + db_system_id = element(oci_database_db_system.shard_db.*.id, count.index) +} + +data "oci_database_databases" "shard_primary_databases" { + count = "${length(var.shards)}" + compartment_id = "${var.compartment_ocid}" + db_home_id = "${data.oci_database_db_homes.shard_primary_db_homes[count.index].db_homes.0.id}" +} +data "oci_database_database" "shard_database" { + count = "${length(var.shards)}" + database_id = "${data.oci_database_databases.shard_primary_databases[count.index].databases.0.id}" +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-director-cloud-init.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-director-cloud-init.tf new file mode 100644 index 0000000..5cb2b44 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-director-cloud-init.tf @@ -0,0 +1,91 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_director_cloud_init" { + depends_on = ["oci_core_instance.gsm_vm"] + count = "${length(var.shard_directors)}" + + connection { + type = "ssh" + user = "${var.opc_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${oci_core_instance.gsm_vm[count.index].private_ip}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + ${var.enable_http_proxy == "true" ? local.export_http_proxy_addr : "echo http proxy configuration is not enabled"} + ${var.enable_https_proxy == "true" ? local.export_https_proxy_addr : "echo https proxy configuration is not enabled"} + > /etc/yum/vars/ociregion + yum-config-manager --disable ol7_ksplice + yum-config-manager --disable ol7_oci_included + echo "assumeyes=1" >> /etc/yum.conf + + yum update + yum install compat-libcap1 + yum install libstdc++-devel + yum install ksh + yum install glibc-devel + + service firewalld stop + + mkdir -p ${var.base_install_dir} + EOF + destination = "~/shard-director-cloud-sdb-sw-init.sh" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + cd ~ + sudo chown root.root shard-director-cloud-sdb-sw-init.sh + sudo chmod 4755 shard-director-cloud-sdb-sw-init.sh + sudo ./shard-director-cloud-sdb-sw-init.sh + # Remove the s/w init script + # sudo rm -f shard-director-cloud-sdb-sw-init.sh + + # Add install group and user + sudo /usr/sbin/groupadd ${var.unix_group_name} + sudo useradd -r -m -g ${var.unix_group_name} -G ${var.unix_group_name},opc,adm,wheel,systemd-journal ${var.os_user} + sudo usermod --password $(echo ${var.sudo_pass} | openssl passwd -1 -stdin) ${var.os_user} + + # setup ssh for the install user + sudo mkdir -p /home/${var.os_user}/.ssh + sudo cp ~/.ssh/authorized_keys /home/${var.os_user}/.ssh/authorized_keys + sudo chown -R ${var.os_user}:${var.unix_group_name} /home/${var.os_user}/.ssh + sudo chmod u=rwx,go= /home/${var.os_user}/.ssh + + sudo chmod g+w -R ${var.base_install_dir} + sudo chown -R ${var.os_user} ${var.base_install_dir} + sudo mkdir -p ${var.oracle_base} + sudo chown -R ${var.os_user}:${var.unix_group_name} ${var.oracle_base} + + sudo mkdir -p ${var.ora_inventory_location} + sudo chown -R ${var.os_user}:${var.unix_group_name} ${var.ora_inventory_location} + sudo chmod -R 755 ${var.ora_inventory_location} + + EOF + destination = "~/shard-director-cloud-sdb-init-starter.sh" + } + + provisioner "remote-exec" { + inline = [ + "sleep 50", + "chmod +x ~/shard-director-cloud-sdb-init-starter.sh", + "~/shard-director-cloud-sdb-init-starter.sh > shard-director-cloud-sdb-init-starter.log" + ] + } + + # "rm -f ~/shard-director-cloud-sdb-init-starter.sh" + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ~/shard-director-cloud-sdb-sw-init.sh", + "rm -f ~/shard-director-cloud-sdb-init-starter.sh" + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-director-config-consolidator.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-director-config-consolidator.tf new file mode 100644 index 0000000..2720052 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-director-config-consolidator.tf @@ -0,0 +1,25 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "shard_director_config_consolidator" { + depends_on = ["null_resource.shard_director_config_generator"] + #creates ssh connection + connection { + type = "ssh" + user = "${var.local_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "localhost" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "remote-exec" { + inline = [ + "rm -f ${abspath(path.root)}/shard-directors.auto.tfvars", + "echo shard_directors = { >> ${abspath(path.root)}/shard-directors.auto.tfvars", + "cat ${abspath(path.root)}/shard-directors-*.pvars >> ${abspath(path.root)}/shard-directors.auto.tfvars", + "echo } >> ${abspath(path.root)}/shard-directors.auto.tfvars", + "rm -f ${abspath(path.root)}/shard-directors-*.pvars" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-director-config-generator.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-director-config-generator.tf new file mode 100644 index 0000000..7f750ac --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-director-config-generator.tf @@ -0,0 +1,29 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "shard_director_config_generator" { + count = "${length(var.shard_groups) * var.num_of_gsm_per_ad}" + #creates ssh connection + connection { + type = "ssh" + user = "${var.local_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "localhost" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + "shard-director-${count.index}" = { + name = "${var.gsm_name_prefix}${count.index}" + host = "${var.gsm_name_prefix}${count.index}" + port = "1522" + availability_domain = "${lookup(data.oci_core_subnet.shardgroup_subnet[floor(count.index/var.num_of_gsm_per_ad)],"availability_domain")}" + subnet_id = "${lookup(var.shard_groups[element(keys(var.shard_groups), floor(count.index/var.num_of_gsm_per_ad))], "subnet_id")}" # OCI mandatory var + gds_region = "${element(var.gds_regions, floor(count.index/var.num_of_gsm_per_ad))}" + } + EOF + destination = "${abspath(path.root)}/shard-directors-${count.index}.pvars" + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-director-configure-main.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-director-configure-main.tf new file mode 100644 index 0000000..fc5fd89 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-director-configure-main.tf @@ -0,0 +1,45 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_director_configure" { + + depends_on = ["null_resource.sdb_catalog_standby_configure", "null_resource.sdb_catalog_standby_ee_configure", "null_resource.sdb_shard_standby_configure","null_resource.sdb_shard_standby_ee_configure","null_resource.sdb_shard_director_install_main"] + + #creates ssh connection to gsm host + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${oci_core_instance.gsm_vm[0].private_ip}" + agent = false + timeout = "${var.ssh_timeout}" + } + + # copying + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${var.oracle_base}/shard-director.sh + gdsctl create shardcatalog -autovncr OFF -database ${oci_database_db_system.catalog_db[0].hostname}.${oci_database_db_system.catalog_db[0].domain}:${oci_database_db_system.catalog_db[0].listener_port}/${data.oci_database_database.catalog_database[0].pdb_name}.${oci_database_db_system.catalog_db[0].domain} -sharding ${var.sharding_method} -user gsmcatuser/${var.gsmcatuser_pass} -sdb ${local.shard_catalog_sdb_name} -protectmode ${var.replication_protection_mode} -region ${local.shard_catalog_regions} + EOF + destination = "${local.gsm_home_full_path}/shard-director-config-setup.sh" + } + + #shard director config setup + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.gsm_home_full_path}/shard-director-config-setup.sh", + "${local.gsm_home_full_path}/shard-director-config-setup.sh", + "rm -f ${local.gsm_home_full_path}/shard-director-config-setup.sh" + ] + } + + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${local.gsm_home_full_path}/shard-director-config-setup.sh" + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-director-install-datasources.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-director-install-datasources.tf new file mode 100644 index 0000000..e449fa5 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-director-install-datasources.tf @@ -0,0 +1,37 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +data "template_file" "shard_director_env_template" { + template = "${file("shard-director-install-scripts/shard-director-env.template.sh")}" + + vars = { + gsm_home_path = "${local.gsm_home_full_path}" + oracle_base_path = "${var.oracle_base}" + } +} + +data "template_file" "shard_director_worker_template" { + template = "${file("shard-director-install-scripts/shard-director-worker.template.sh")}" + + vars = { + gsm_home_path = "${local.gsm_home_full_path}" + oracle_base_path = "${var.oracle_base}" + gsm_zip_name = "${var.gsm_zip_name}" + gsm_install_folder_name = "${local.gsm_install_folder_name}" + sudo_pass = "${var.sudo_pass}" + ora_inventory_location = "${var.ora_inventory_location}" + } +} + +data "template_file" "shard_director_rsp_template" { + template = "${file("shard-director-install-rsps/shard-director-rsp.template.rsp")}" + + vars = { + unix_group_name = "${var.unix_group_name}" + ora_inventory_location = "${var.ora_inventory_location}" + oracle_base_path = "${var.oracle_base}" + gsm_home_path = "${local.gsm_home_full_path}" + gsm_major_version = "${local.gsm_major_version}" + } +} + diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-director-install-main.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-director-install-main.tf new file mode 100644 index 0000000..bda6277 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-director-install-main.tf @@ -0,0 +1,98 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_director_install_main" { + depends_on = ["null_resource.sdb_shard_director_cloud_init"] + count = "${length(var.shard_directors)}" + + #creates ssh connection to gsm host + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${oci_core_instance.gsm_vm[count.index].private_ip}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "remote-exec" { + inline = [ + "mkdir -p ${var.oracle_base}" + ] + } + + #copying a file over + provisioner "file" { + source = "${var.gsm_zip_location}" + destination = "${var.oracle_base}/${var.gsm_zip_name}.zip" + } + + # copying + provisioner "file" { + content = "${data.template_file.shard_director_env_template.rendered}" + destination = "${var.oracle_base}/shard-director.sh" + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${var.oracle_base}/shard-director.sh" + ] + } + + # copying + provisioner "file" { + content = "${data.template_file.shard_director_worker_template.rendered}" + destination = "${var.oracle_base}/shard-director-worker.sh" + } + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${var.oracle_base}/shard-director-worker.sh" + ] + } + # copying + provisioner "file" { + content = "${data.template_file.shard_director_rsp_template.rendered}" + destination = "${var.oracle_base}/gsm_install.rsp" + } + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${var.oracle_base}/gsm_install.rsp" + ] + } + + #Creating + provisioner "remote-exec" { + inline = [ + "chmod 700 ${var.oracle_base}/shard-director-worker.sh", + "cd ${var.oracle_base}", + "./shard-director-worker.sh", + "rm -f ${var.oracle_base}/shard-director-worker.sh" + ] + } + + + #Destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "mkdir -p ${var.oracle_base}/deinstall-gsm", + "cd ${local.gsm_home_full_path}/deinstall", + "./deinstall -tmpdir ${var.oracle_base} -silent -checkonly -o ${var.oracle_base}/deinstall-gsm/", + "./deinstall -tmpdir ${var.oracle_base} -silent -paramfile ${var.oracle_base}/deinstall-gsm/deinstall_OraGSM${local.gsm_major_version}Home1.rsp", + "cd ${var.oracle_base}", + "rm -f ${var.oracle_base}/${var.gsm_zip_name}.zip", + "rm -rf ${local.gsm_install_folder_name}", + "rm -rf ${local.gsm_home_full_path}", + "rm -rf ${var.oracle_base}/deinstall-gsm", + "rm -rf ${var.ora_inventory_location}", + "echo ${var.sudo_pass} | sudo -S rm -rf /etc/oraInst.loc", + "echo ${var.sudo_pass} | sudo -S rm -rf /etc/oratab" + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-env-configure.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-env-configure.tf new file mode 100644 index 0000000..dd6e52b --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-env-configure.tf @@ -0,0 +1,32 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_env_configure" { + depends_on = ["null_resource.sdb_shard_cloud_init"] + count = "${length(var.shards)}" + + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${oci_database_db_system.shard_db[count.index].hostname}.${oci_database_db_system.shard_db[count.index].domain}" + agent = false + timeout = "${var.ssh_timeout}" + } + + # copying + provisioner "file" { + + content = <<-EOF + #! /bin/bash + export ORACLE_SID="${lookup(var.shards[element(keys(var.shards), count.index)], "db_name")}" + export ORACLE_BASE="${var.oracle_base}" + export ORACLE_HOME="${local.db_home_path}" + export LD_LIBRARY_PATH=$ORACLE_HOME/lib + export PATH=$PATH:$ORACLE_HOME/bin + export TNS_ADMIN=$ORACLE_HOME/network/admin + EOF + destination = "${local.db_home_path}/shard.sh" + } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-standby-cloud-init.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-standby-cloud-init.tf new file mode 100644 index 0000000..53f00f8 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-standby-cloud-init.tf @@ -0,0 +1,41 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_standby_cloud_init" { + depends_on = ["oci_database_data_guard_association.shard_data_guard_association"] + count = "${length(var.shards) * (length(var.shard_groups) - 1)}" + + connection { + type = "ssh" + user = "${var.opc_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${var.standby_shard_name_prefix}${count.index}.${lookup(data.oci_core_subnet.shardgroup_subnet[floor(count.index/length(var.shards)) + 1],"subnet_domain_name")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + sudo usermod --password $(echo ${var.sudo_pass} | openssl passwd -1 -stdin) ${var.os_user} + sudo cp ~/.ssh/authorized_keys /home/${var.os_user}/.ssh/authorized_keys + EOF + destination = "~/shard-standby-cloud-sdb-init-starter.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod +x ~/shard-standby-cloud-sdb-init-starter.sh", + "~/shard-standby-cloud-sdb-init-starter.sh > shard-standby-cloud-sdb-init-starter.log", + "rm -f ~/shard-standby-cloud-sdb-init-starter.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ~/shard-standby-cloud-sdb-init-starter.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-standby-configure.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-standby-configure.tf new file mode 100644 index 0000000..1158abc --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-standby-configure.tf @@ -0,0 +1,68 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_standby_configure" { +depends_on = ["null_resource.sdb_shard_standby_cloud_init"] + count = "${var.database_edition==local.ee_xp?length(var.shards) * (length(var.shard_groups) - 1):0}" + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${var.standby_shard_name_prefix}${count.index}.${lookup(data.oci_core_subnet.shardgroup_subnet[floor(count.index/length(var.shards)) + 1],"subnet_domain_name")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + # copying + provisioner "file" { + content = <<-EOF + #! /bin/bash + export ORACLE_BASE="${var.oracle_base}" + export ORACLE_HOME="${local.db_home_path}" + export LD_LIBRARY_PATH=$ORACLE_HOME/lib + export PATH=$PATH:$ORACLE_HOME/bin + export TNS_ADMIN=$ORACLE_HOME/network/admin + EOF + destination = "${local.db_home_path}/shard.sh" + } + + provisioner "file" { + content = <<-EOF + -- ALTER SYSTEM SET EVENT='10798 trace name context forever, level 7' SCOPE=spfile; + -- SHUTDOWN IMMEDIATE + -- STARTUP + ALTER PLUGGABLE DATABASE ${var.pdb_name} OPEN READ ONLY; + -- alter system set events 'immediate trace name GWM_TRACE level 7'; + exit + EOF + destination = "${local.db_home_path}/shard-standby-config.sql" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${local.db_home_path}/shard.sh + sqlplus / as sysdba @${local.db_home_path}/shard-standby-config.sql + sed 's/SQLNET.ENCRYPTION_TYPES_SERVER=(AES256,AES192,AES128)/SQLNET.ENCRYPTION_TYPES_SERVER=(AES256,AES192,AES128,RC4_256)/' $TNS_ADMIN/sqlnet.ora > $TNS_ADMIN/sqlnet-temp.ora + mv $TNS_ADMIN/sqlnet-temp.ora $TNS_ADMIN/sqlnet.ora + EOF + destination = "~/shard-standby-configure.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod +x ~/shard-standby-configure.sh", + "~/shard-standby-configure.sh > shard-standby-configure.log", + "rm -f ~/shard-standby-configure.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ~/shard-standby-configure.sh" + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-standby-ee-configure.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-standby-ee-configure.tf new file mode 100644 index 0000000..9e21403 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%shard-standby-ee-configure.tf @@ -0,0 +1,67 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_standby_ee_configure" { +depends_on = ["null_resource.sdb_shard_standby_cloud_init"] + count = "${var.database_edition==local.ee?length(var.shards) * (length(var.shard_groups) - 1):0}" + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${var.standby_shard_name_prefix}${count.index}.${lookup(data.oci_core_subnet.shardgroup_subnet[floor(count.index/length(var.shards)) + 1],"subnet_domain_name")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + # copying + provisioner "file" { + content = <<-EOF + #! /bin/bash + export ORACLE_BASE="${var.oracle_base}" + export ORACLE_HOME="${local.db_home_path}" + export LD_LIBRARY_PATH=$ORACLE_HOME/lib + export PATH=$PATH:$ORACLE_HOME/bin + export TNS_ADMIN=$ORACLE_HOME/network/admin + EOF + destination = "${local.db_home_path}/shard.sh" + } + + provisioner "file" { + content = <<-EOF + -- ALTER SYSTEM SET EVENT='10798 trace name context forever, level 7' SCOPE=spfile; + -- SHUTDOWN IMMEDIATE + -- STARTUP + -- alter system set events 'immediate trace name GWM_TRACE level 7'; + exit + EOF + destination = "${local.db_home_path}/shard-standby-config.sql" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${local.db_home_path}/shard.sh + # sqlplus / as sysdba @${local.db_home_path}/shard-standby-config.sql + sed 's/SQLNET.ENCRYPTION_TYPES_SERVER=(AES256,AES192,AES128)/SQLNET.ENCRYPTION_TYPES_SERVER=(AES256,AES192,AES128,RC4_256)/' $TNS_ADMIN/sqlnet.ora > $TNS_ADMIN/sqlnet-temp.ora + mv $TNS_ADMIN/sqlnet-temp.ora $TNS_ADMIN/sqlnet.ora + EOF + destination = "~/shard-standby-configure.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod +x ~/shard-standby-configure.sh", + "~/shard-standby-configure.sh > shard-standby-configure.log", + "rm -f ~/shard-standby-configure.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ~/shard-standby-configure.sh" + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%variables.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%variables.tf new file mode 100644 index 0000000..45701d1 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%variables.tf @@ -0,0 +1,347 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +locals { + export_http_proxy_addr = "export http_proxy=${var.http_proxy_address}" + + export_https_proxy_addr = "export https_proxy=${var.https_proxy_address}" + + sdb_demo_dir = "sdb_demo_app" + + system_sharding = "system" + + user_defined_sharding = "user" + + composite_sharding = "composite" + + gsmhome_postfix = "gsmhome_1" + + gsm_home_full_path = "${var.oracle_base}/product/${var.gsm_version}/${local.gsmhome_postfix}" + + gsm_relative_path_from_base = "product/${var.gsm_version}/${local.gsmhome_postfix}" + + gsm_installer_location = "${var.oracle_base}" + + gsm_install_folder_name = "gsm" + + gsm_major_version = "${element(split(".", var.gsm_version),0)}" + + gsm_zip_name = "gsm" + + oradata = "${var.oracle_base}/oradata" + + cat_pdb_name = "${data.oci_database_database.catalog_database[0].pdb_name}" + + total_shards = "${length(var.shards)} + ${length(var.standby_shards)}" + + catalog_host = "${oci_database_db_system.catalog_db[0].hostname}.${oci_database_db_system.catalog_db[0].domain}" + + catalog_port = "${oci_database_db_system.catalog_db[0].listener_port}" + + shard_catalog_sdb_name = "cust_sdb" + + shard_catalog_regions = "${join(", ", var.gds_regions)}" + + shard_catalog_pdb_fqdn = "${data.oci_database_database.catalog_database[0].pdb_name}.${oci_database_db_system.catalog_db[0].domain}" + + db_home_path = "/u01/app/oracle/product/${var.db_version}/dbhome_1" + + shard_standby_config_sql = "sqlplus / as sysdba @${local.db_home_path}/shard-standby-config.sql" + + active_standby_mode = "active_standby" + + ee_xp = "ENTERPRISE_EDITION_EXTREME_PERFORMANCE" + + ee = "ENTERPRISE_EDITION" + + ee_hp = "ENTERPRISE_EDITION_HIGH_PERFORMANCE" + +} + +# ssh keys +variable "ssh_private_key_path" { + description = "path to ssh private key on the current machine" + default = "~/.ssh/id_rsa" +} + +variable "ssh_public_key_path" { + description = "path to ssh public key on the current machine" + default = "~/.ssh/id_rsa.pub" +} + +variable "ssh_timeout" { + description = "ssh timeout" + default = "3m" +} + +variable "os_user" { + description = "os user name" +} + +variable "opc_user" { + description = "Oracle public cloud user" +} + +variable "sudo_pass" { + description = "os user sudo password." +} + +variable "shard_directors" { + description = "Map of user-friendly name of a shard director to the shard director config information" + type = map + default = {} +} + +variable "oracle_base" { + description = "Oracle Base" +} + +variable "gsm_version" { + description = "Oracle GSM version" +} + +variable "db_version" { + description = "Oracle database version" +} + +variable "gsm_zip_location" { + description = "The full path of the gsm binary zip file including the filename and zip extension" +} + +variable "gsm_zip_name" { + description = "The name of the gsm binary zip file (excluding zip extension)" + default = "gsm" +} + +variable "ora_inventory_location" { + description = "The full path to the ora inventory location" +} + +variable "unix_group_name" { + description = "Unix group to be set for the inventory directory" +} + +variable "shards" { + description = "Map of user-friendly name of a shard to the shard config information" + type = map + default = {} +} + +variable "sys_pass" { + description = "Password for SYS user" +} + +variable "system_pass" { + description = "Password for SYSTEM user" +} + +variable "shard_catalogs" { + description = "Map of user-friendly name of a shard catalog to the shard catalog config information" + type = map + default = {} +} + +variable "shard_catalog_standbys" { + description = "Map of user-friendly name of a shard catalog standby to the shard catalog standby config information" + type = map + default = {} +} + +variable "gsmcatuser_pass" { + description = "GSM catalog user password" +} + +variable "sdb_admin_username" { + description = "username of the sharded database administrator" +} + +variable "sdb_admin_pass" { + description = "password of the sharded database administrator" +} + +variable "gsmuser_pass" { + description = "password of the gsm user" +} + +variable "shard_groups" { + description = "Map of user-friendly name of shard_groups including primary and standby shardgroups" + type = map + default = {} +} + +variable "global_services" { + description = "Map of user-friendly name of a global service to the global service config information" + type = map +} + +variable "standby_shards" { + description = "Map of user-friendly name of a standby shard to the standby shard config information" + type = map + default = {} +} + +variable "setup_mode" { + description = "represents the setup mode either from scratch or from existing dbs" + default = "from_existing_databases" +} + +variable "use_dbparamfile" { + description = "Use True as the value to specify the path to the file name on the local machine running terraform, containing database Configuration Assistant (DBCA) parameters to use during database creation on the remote machine. Otherwise, to disable this option and use the defaults, please specify false as the value" + default = "false" +} + +variable "use_dbtemplatefile" { + description = "Use True as the value to specify the path to the file name on the local machine running terraform, containing Database Configuration Assistant (DBCA) database template information to use during database creation on the remote machine. Otherwise, to disable this option and use the defaults, please specify false as the value" + default = "false" +} + +variable "use_netparamfile" { + description = "Use True as the value to specify the path to the file name on the local machine running terraform, containing Net Configuration Assistant (NETCA) parameters to use during network listener setup on the remote machine. Otherwise, to disable this option and use the defaults, please specify false as the value" + default = "false" +} + +variable "enable_http_proxy" { + description = "enable HTTP proxy or not" + default = "false" +} + +variable "enable_https_proxy" { + description = "enable HTTPS proxy or not" + default = "false" +} + +variable "http_proxy_address" { + description = "HTTP proxy address" + default = "localhost:80" +} + +variable "https_proxy_address" { + description = "HTTPS proxy address" + default = "localhost:80" +} + +variable "base_install_dir" { + description = "base install directory like /u01" + default = "/scratch" +} + +variable "gsmrootuser_pass" { + description = "password of the gsm root user" +} + + +variable "tenancy_ocid" { +} + +variable "user_ocid" { +} + +variable "fingerprint" { +} + +variable "private_key_path" { +} + +variable "region" { +} + +variable "compartment_ocid" { +} + +variable "compute_image_source_ocid" { + description = "Represents latest Oracle Linux image OCID" +} + +variable "database_edition" { + default = "ENTERPRISE_EDITION" +} + +variable "assign_public_ip" { + default = false +} + +variable "db_shape" {} + +variable "compute_shape" {} + +variable "sdb_demo_binary_file_path" { + default = "/tmp/sdb_demo_app.zip" +} + +variable "num_of_shards" { + description = "number of primary shards" +} + +variable "gds_regions" { + type = list(string) +} + +variable "demo_setup" { + description = "sdb demo is setup if true" + default = "false" +} + +variable "local_user" { + description = "local user who will invoke terraform commands" +} + +variable "sharding_method" { + description = "Type of sharding" + default = "system" +} + +variable "replication_type" { + default = "DG" +} + +variable "replication_protection_mode" { + default = "MAXPERFORMANCE" +} + +variable "replication_factor" { + default = 1 +} + +variable "protection_mode" { + default ="MAXIMUM_PERFORMANCE" +} + +variable "transport_type" { + default="ASYNC" +} + +variable "delete_standby_db_home_on_delete" { + default ="true" +} + +variable "catalog_name_prefix" { + default="cat" +} + +variable "standby_catalog_name_prefix" { + default="stdby-cat" +} + +variable "shard_name_prefix" { + default="sh" +} + +variable "standby_shard_name_prefix" { + default="stdby-sh" +} + +variable "pdb_name" { + default="sdbpdb" +} + +variable "data_storage_size_in_gb" { + default=256 +} + +variable "gsm_name_prefix" { + default="gsm" +} + +variable "num_of_gsm_per_ad" { + default=1 +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%versions.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%versions.tf new file mode 100644 index 0000000..1f1fcf1 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-oci%versions.tf @@ -0,0 +1,6 @@ +# Copyright 2020, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +terraform { + required_version = ">= 0.12" +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%main.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%main.tf new file mode 100644 index 0000000..8f4a560 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%main.tf @@ -0,0 +1,180 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +terraform { + required_version = "0.11.13" +} +module "sdb_shard_director_install" { + source = "./modules/sdb_shard_director_install" + os_user = "${var.os_user}" + ssh_private_key_path = "${var.ssh_private_key_path}" + sudo_pass = "${var.sudo_pass}" + shard_directors = "${var.shard_directors}" + ssh_timeout = "${var.ssh_timeout}" + oracle_base = "${var.oracle_base}" + gsm_version = "${var.gsm_version}" + gsm_zip_location = "${var.gsm_zip_location}" + gsm_zip_name = "${var.gsm_zip_name}" + ora_inventory_location = "${var.ora_inventory_location}" + unix_group_name = "${var.unix_group_name}" +} + +module "sdb_shard_db_install" { + source = "./modules/sdb_shard_db_install" + os_user = "${var.os_user}" + ssh_private_key_path = "${var.ssh_private_key_path}" + sudo_pass = "${var.sudo_pass}" + shards = "${var.shards}" + ssh_timeout = "${var.ssh_timeout}" + oracle_base = "${var.oracle_base}" + db_version = "${var.db_version}" + db_zip_location = "${var.db_zip_location}" + db_zip_name = "${var.db_zip_name}" + db_home_path = "${var.db_home_path}" + ora_inventory_location = "${var.ora_inventory_location}" + unix_group_name = "${var.unix_group_name}" + sys_pass = "${var.sys_pass}" + system_pass = "${var.system_pass}" + standby_shards = "${var.standby_shards}" + setup_mode = "${var.setup_mode}" + sdb_shard_director_install_deps_check = "${module.sdb_shard_director_install.rendered_deps_check}" +} + +module "sdb_shard_catalog_db_install" { + source = "./modules/sdb_shard_catalog_db_install" + os_user = "${var.os_user}" + ssh_private_key_path = "${var.ssh_private_key_path}" + sudo_pass = "${var.sudo_pass}" + shard_catalogs = "${var.shard_catalogs}" + ssh_timeout = "${var.ssh_timeout}" + oracle_base = "${var.oracle_base}" + db_version = "${var.db_version}" + db_zip_location = "${var.db_zip_location}" + db_zip_name = "${var.db_zip_name}" + db_home_path = "${var.db_home_path}" + ora_inventory_location = "${var.ora_inventory_location}" + unix_group_name = "${var.unix_group_name}" + sys_pass = "${var.sys_pass}" + system_pass = "${var.system_pass}" + shard_catalog_standbys = "${var.shard_catalog_standbys}" + sdb_shard_db_install_deps_check = "${module.sdb_shard_db_install.rendered_deps_check}" +} + +module "sdb_shard_catalog_configure" { + source = "./modules/sdb_shard_catalog_configure" + os_user = "${var.os_user}" + ssh_private_key_path = "${var.ssh_private_key_path}" + shard_catalogs = "${var.shard_catalogs}" + ssh_timeout = "${var.ssh_timeout}" + oracle_base = "${var.oracle_base}" + db_home_path = "${var.db_home_path}" + gsmcatuser_pass = "${var.gsmcatuser_pass}" + sdb_admin_username = "${var.sdb_admin_username}" + sdb_admin_pass = "${var.sdb_admin_pass}" + shards = "${var.shards}" + standby_shards = "${var.standby_shards}" + gsmuser_pass = "${var.gsmuser_pass}" + gsm_version = "${var.gsm_version}" + shard_catalog_standbys = "${var.shard_catalog_standbys}" + shard_directors = "${var.shard_directors}" + sys_pass = "${var.sys_pass}" + sdb_shard_catalog_create_deps_check = "${module.sdb_shard_catalog_db_install.rendered_sdb_shard_catalog_create_deps_check}" +} + +module "sdb_shard_director_configure" { + source = "./modules/sdb_shard_director_configure" + os_user = "${var.os_user}" + sys_pass = "${var.sys_pass}" + ssh_private_key_path = "${var.ssh_private_key_path}" + shard_directors = "${var.shard_directors}" + shard_catalogs = "${var.shard_catalogs}" + ssh_timeout = "${var.ssh_timeout}" + oracle_base = "${var.oracle_base}" + gsm_version = "${var.gsm_version}" + gsmcatuser_pass = "${var.gsmcatuser_pass}" + sdb_admin_username = "${var.sdb_admin_username}" + sdb_admin_pass = "${var.sdb_admin_pass}" + setup_mode = "${var.setup_mode}" + sudo_pass = "${var.sudo_pass}" + scheduler_agent_pass = "${var.scheduler_agent_pass}" + sdb_shard_catalog_configure_deps_check = "${module.sdb_shard_catalog_configure.rendered_sdb_shard_catalog_configure_deps_check}" +} + + +module "sdb_shard_db_configure" { + source = "./modules/sdb_shard_db_configure" + os_user = "${var.os_user}" + ssh_private_key_path = "${var.ssh_private_key_path}" + shards = "${var.shards}" + ssh_timeout = "${var.ssh_timeout}" + oracle_base = "${var.oracle_base}" + db_home_path = "${var.db_home_path}" + gsmuser_pass = "${var.gsmuser_pass}" + sys_pass = "${var.sys_pass}" + standby_shards = "${var.standby_shards}" + setup_mode = "${var.setup_mode}" + scheduler_agent_pass = "${var.scheduler_agent_pass}" + shard_catalogs = "${var.shard_catalogs}" + sdb_shard_director_configure_deps_check = "${module.sdb_shard_director_configure.rendered_deps_check}" +} + +module "sdb_deploy" { + source = "./modules/sdb_deploy" + os_user = "${var.os_user}" + ssh_private_key_path = "${var.ssh_private_key_path}" + shards = "${var.shards}" + shard_directors = "${var.shard_directors}" + primary_shard_groups = "${var.primary_shard_groups}" + standby_shard_groups = "${var.standby_shard_groups}" + ssh_timeout = "${var.ssh_timeout}" + gsm_version = "${var.gsm_version}" + oracle_base = "${var.oracle_base}" + gsmuser_pass = "${var.gsmuser_pass}" + sdb_admin_username = "${var.sdb_admin_username}" + sdb_admin_pass = "${var.sdb_admin_pass}" + global_services = "${var.global_services}" + standby_shards = "${var.standby_shards}" + setup_mode = "${var.setup_mode}" + sys_pass = "${var.sys_pass}" + use_dbparamfile = "${var.use_dbparamfile}" + use_dbtemplatefile = "${var.use_dbtemplatefile}" + use_netparamfile = "${var.use_netparamfile}" + db_home_path = "${var.db_home_path}" + sdb_shard_db_configure_deps_check = "${module.sdb_shard_db_configure.rendered_deps_check}" +} + +module "sdb_schema_setup" { + source = "./modules/sdb_schema_setup" + os_user = "${var.os_user}" + ssh_private_key_path = "${var.ssh_private_key_path}" + shard_catalogs = "${var.shard_catalogs}" + ssh_timeout = "${var.ssh_timeout}" + oracle_base = "${var.oracle_base}" + db_home_path = "${var.db_home_path}" + sdb_deploy_deps_check = "${module.sdb_deploy.rendered_deps_check}" +} + +module "sdb_demo_setup" { + source = "./modules/sdb_demo_setup" + os_user = "${var.os_user}" + ssh_private_key_path = "${var.ssh_private_key_path}" + shard_catalogs = "${var.shard_catalogs}" + ssh_timeout = "${var.ssh_timeout}" + oracle_base = "${var.oracle_base}" + db_home_path = "${var.db_home_path}" + shard_directors = "${var.shard_directors}" + sdb_schema_setup_deps_check = "${module.sdb_schema_setup.rendered_deps_check}" +} + +module "sdb_gc"{ + source = "./modules/sdb_gc" + os_user = "${var.os_user}" + ssh_private_key_path = "${var.ssh_private_key_path}" + ssh_timeout = "${var.ssh_timeout}" + shard_directors = "${var.shard_directors}" + shard_catalogs = "${var.shard_catalogs}" + shards = "${var.shards}" + standby_shards = "${var.standby_shards}" + shard_catalog_standbys = "${var.shard_catalog_standbys}" +} + diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_demo_setup%datasources.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_demo_setup%datasources.tf new file mode 100644 index 0000000..e438501 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_demo_setup%datasources.tf @@ -0,0 +1,10 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +data "template_file" "deps_check_template" { + template = "${file("${path.module}/scripts/deps_check.template.sh")}" + + vars = { + oracle_base = "${var.oracle_base}" + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_demo_setup%demo-monitor.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_demo_setup%demo-monitor.tf new file mode 100644 index 0000000..17726f5 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_demo_setup%demo-monitor.tf @@ -0,0 +1,46 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + + resource "null_resource" "sdb_demo_monitor" { + count = "${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), 0)], "sharding_method") == local.system_sharding ? 1 : 0}" + + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), 0)], "host")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + cd ${var.db_home_path}/${local.sdb_demo_dir} + source ${var.db_home_path}/shardcat.sh + chmod 700 ${var.db_home_path}/${local.sdb_demo_dir}/run.sh + cd ${var.db_home_path}/${local.sdb_demo_dir} + nohup ./run.sh monitor >> nohup-run-monitor.out 2>&1 & + sleep 6 + EOF + destination = "${var.db_home_path}/run-monitor.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${var.db_home_path}/run-monitor.sh", + "${var.db_home_path}/run-monitor.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "kill $(ps aux | grep '[o]racle.monitor.Main' | awk '{print $2}')", + "rm -f ${var.db_home_path}/run-monitor.sh", + "rm -rf ${var.db_home_path}/__MACOSX" + ] + } + } \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_demo_setup%main.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_demo_setup%main.tf new file mode 100644 index 0000000..fb3f0ff --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_demo_setup%main.tf @@ -0,0 +1,107 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_demo_setup" { + count = "${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), 0)], "sharding_method") == local.system_sharding ? 1 : 0}" + + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), 0)], "host")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "remote-exec" { + inline = [ + "mkdir -p ${var.db_home_path}" + ] + } + + # copying sdb demo binary over + provisioner "file" { + source = "${path.module}/demo-binaries/${local.sdb_demo_dir}.zip" + destination = "${var.db_home_path}/${local.sdb_demo_dir}.zip" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + echo ${var.sdb_schema_setup_deps_check} + cd ${var.db_home_path} + source ${var.db_home_path}/shardcat.sh + chmod 700 ${local.sdb_demo_dir}.zip + unzip -o ${local.sdb_demo_dir}.zip + cd ${local.sdb_demo_dir}/sql + sqlplus / as sysdba @demo_app_ext.sql + exit + EOF + destination = "${var.db_home_path}/demo-additional-objects-setup.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${var.db_home_path}/demo-additional-objects-setup.sh", + "${var.db_home_path}/demo-additional-objects-setup.sh" + ] + } + + provisioner "file" { + content = <> nohup-run-demo.out 2>&1 & + sleep 6 + EOF + destination = "${var.db_home_path}/run-demo.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${var.db_home_path}/run-demo.sh", + "${var.db_home_path}/run-demo.sh" + ] + } + + + provisioner "file" { + content = "${data.template_file.deps_check_template.rendered}" + destination = "${var.db_home_path}/sdb-demo-setup-deps-check.sh" + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "kill $(ps aux | grep '[o]racle.demo.Main' | awk '{print $2}')", + "rm -f ${var.db_home_path}/sdb-demo-setup-deps-check.sh", + "rm -f ${var.db_home_path}/run-monitor.sh", + "rm -f ${var.db_home_path}/run-demo.sh", + "rm -f ${var.db_home_path}/demo-additional-objects-setup.sh", + "rm -f ${var.db_home_path}/${local.sdb_demo_dir}.zip", + "rm -rf ${var.db_home_path}/${local.sdb_demo_dir}", + "rm -rf ${var.db_home_path}/__MACOSX" + ] + } +} + diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_demo_setup%outputs.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_demo_setup%outputs.tf new file mode 100644 index 0000000..c8b3fd3 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_demo_setup%outputs.tf @@ -0,0 +1,6 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +output "rendered_deps_check" { + value = "${data.template_file.deps_check_template.rendered}" +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_demo_setup%variables.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_demo_setup%variables.tf new file mode 100644 index 0000000..8ffe38e --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_demo_setup%variables.tf @@ -0,0 +1,46 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +locals { + module_prefix = "setup_sdb_demo" + + system_sharding = "system" + + sdb_demo_dir = "sdb_demo_app" +} + +variable "ssh_private_key_path" { + description = "path to ssh private key on the current machine" + default = "~/.ssh/id_rsa" +} + +variable "ssh_timeout" { + description = "ssh timeout" + default = "3m" +} + +variable "os_user" { + description = "os user name" +} + +variable "oracle_base" { + description = "Oracle Base" +} + +variable "db_home_path" { + description = "The location for oracle db home" +} + +variable "shard_catalogs" { + description = "Map of user-friendly name of a shard catalog to the shard catalog config information" + type = "map" +} + +variable "shard_directors" { + description = "Map of user-friendly name of a shard director to the shard director config information" + type = "map" +} + +variable "sdb_schema_setup_deps_check" { + description = "internal dependency check variable for sdb_schema_setup module" +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%add-service.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%add-service.tf new file mode 100644 index 0000000..d91c180 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%add-service.tf @@ -0,0 +1,50 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + + resource "null_resource" "sdb_add_service" { + # depends_on = ["null_resource.sdb_deploy_invoker"] + count = "${length(var.global_services)}" + + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${lookup(var.shard_directors[element(keys(var.shard_directors), 0)], "host")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${var.oracle_base}/shard-director.sh + gdsctl connect ${var.sdb_admin_username}/${var.sdb_admin_pass} + gdsctl add service -service ${lookup(var.global_services[element(keys(var.global_services), count.index)], "service_name")} -role ${lookup(var.global_services[element(keys(var.global_services), count.index)], "role")} + gdsctl start service -service ${lookup(var.global_services[element(keys(var.global_services), count.index)], "service_name")} + gdsctl config + EOF + destination = "${local.gsm_home_full_path}/add-service-config-setup-for-${lookup(var.global_services[element(keys(var.global_services), count.index)], "service_name")}.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.gsm_home_full_path}/add-service-config-setup-for-${lookup(var.global_services[element(keys(var.global_services), count.index)], "service_name")}.sh", + "${local.gsm_home_full_path}/add-service-config-setup-for-${lookup(var.global_services[element(keys(var.global_services), count.index)], "service_name")}.sh", + "rm -f ${local.gsm_home_full_path}/add-service-config-setup-for-${lookup(var.global_services[element(keys(var.global_services), count.index)], "service_name")}.sh" + ] + } + + provisioner "file" { + content = "${data.template_file.deps_check_template.rendered}" + destination = "${local.gsm_home_full_path}/deps-check.sh" + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${local.gsm_home_full_path}/add-service-config-setup-for-${lookup(var.global_services[element(keys(var.global_services), count.index)], "service_name")}.sh", + "rm -f ${local.gsm_home_full_path}/deps-check.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%add-shard.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%add-shard.tf new file mode 100644 index 0000000..2d08ff9 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%add-shard.tf @@ -0,0 +1,43 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + + resource "null_resource" "sdb_add_shard" { + # depends_on = ["null_resource.sdb_add_standby_shard_group"] + count = "${var.setup_mode == "new_install" ? 0 : length(var.shards)}" + + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${lookup(var.shard_directors[element(keys(var.shard_directors), 0)], "host")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${var.oracle_base}/shard-director.sh + gdsctl connect ${var.sdb_admin_username}/${var.sdb_admin_pass} + gdsctl add invitednode ${lookup(var.shards[element(keys(var.shards), count.index)], "host")} + gdsctl add shard -shardgroup ${lookup(var.shards[element(keys(var.shards), count.index)], "shard_group")} -connect ${lookup(var.shards[element(keys(var.shards), count.index)], "host")}:${lookup(var.shards[element(keys(var.shards), count.index)], "port")}/${lookup(var.shards[element(keys(var.shards), count.index)], "globalDBName")} -pwd ${var.gsmuser_pass} + EOF + destination = "${local.gsm_home_full_path}/add-shard-config-setup-for-${lookup(var.shards[element(keys(var.shards), count.index)], "sid")}.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.gsm_home_full_path}/add-shard-config-setup-for-${lookup(var.shards[element(keys(var.shards), count.index)], "sid")}.sh", + "${local.gsm_home_full_path}/add-shard-config-setup-for-${lookup(var.shards[element(keys(var.shards), count.index)], "sid")}.sh", + "rm -f ${local.gsm_home_full_path}/add-shard-config-setup-for-${lookup(var.shards[element(keys(var.shards), count.index)], "sid")}.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${local.gsm_home_full_path}/add-shard-config-setup-for-${lookup(var.shards[element(keys(var.shards), count.index)], "sid")}.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%add-standby-shard-group.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%add-standby-shard-group.tf new file mode 100644 index 0000000..e7ef3f6 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%add-standby-shard-group.tf @@ -0,0 +1,44 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_add_standby_shard_group" { + # depends_on = ["null_resource.sdb_add_shard_group"] + count = "${length(var.standby_shard_groups)}" + + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${lookup(var.shard_directors[element(keys(var.shard_directors), 0)], "host")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + echo ${var.sdb_shard_db_configure_deps_check} + source ${var.oracle_base}/shard-director.sh + gdsctl connect ${var.sdb_admin_username}/${var.sdb_admin_pass} + gdsctl add shardgroup -shardgroup ${lookup(var.standby_shard_groups[element(keys(var.standby_shard_groups), count.index)], "name")} -deploy_as ${lookup(var.standby_shard_groups[element(keys(var.standby_shard_groups), count.index)], "deploy_as")} -region ${lookup(var.standby_shard_groups[element(keys(var.standby_shard_groups), count.index)], "region")} + EOF + destination = "${local.gsm_home_full_path}/shard-group-config-setup-for-${lookup(var.standby_shard_groups[element(keys(var.standby_shard_groups), count.index)], "name")}.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.gsm_home_full_path}/shard-group-config-setup-for-${lookup(var.standby_shard_groups[element(keys(var.standby_shard_groups), count.index)], "name")}.sh", + "${local.gsm_home_full_path}/shard-group-config-setup-for-${lookup(var.standby_shard_groups[element(keys(var.standby_shard_groups), count.index)], "name")}.sh", + "rm -f ${local.gsm_home_full_path}/shard-group-config-setup-for-${lookup(var.standby_shard_groups[element(keys(var.standby_shard_groups), count.index)], "name")}.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${local.gsm_home_full_path}/shard-group-config-setup-for-${lookup(var.standby_shard_groups[element(keys(var.standby_shard_groups), count.index)], "name")}.sh" + ] + } +} + diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%add-standby-shard.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%add-standby-shard.tf new file mode 100644 index 0000000..e779d8f --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%add-standby-shard.tf @@ -0,0 +1,43 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + + resource "null_resource" "sdb_add_standby_shard" { + # depends_on = ["null_resource.sdb_add_shard"] + count = "${var.setup_mode == "new_install" ? 0 : length(var.standby_shards)}" + + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${lookup(var.shard_directors[element(keys(var.shard_directors), 0)], "host")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${var.oracle_base}/shard-director.sh + gdsctl connect ${var.sdb_admin_username}/${var.sdb_admin_pass} + gdsctl add invitednode ${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "host")} + gdsctl add shard -shardgroup ${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "shard_group")} -connect ${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "host")}:${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "port")}/${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "globalDBName")} -pwd ${var.gsmuser_pass} + EOF + destination = "${local.gsm_home_full_path}/add-shard-config-setup-for-${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "sid")}.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.gsm_home_full_path}/add-shard-config-setup-for-${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "sid")}.sh", + "${local.gsm_home_full_path}/add-shard-config-setup-for-${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "sid")}.sh", + "rm -f ${local.gsm_home_full_path}/add-shard-config-setup-for-${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "sid")}.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${local.gsm_home_full_path}/add-shard-config-setup-for-${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "sid")}.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%create-shard-exec.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%create-shard-exec.tf new file mode 100644 index 0000000..876707e --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%create-shard-exec.tf @@ -0,0 +1,31 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + + resource "null_resource" "sdb_create_shard_exec" { + count = "${var.setup_mode == "new_install" ? 1 : 0}" + + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${lookup(var.shard_directors[element(keys(var.shard_directors), 0)], "host")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.gsm_home_full_path}/create-shard-config-setup-for-shards.sh", + "${local.gsm_home_full_path}/create-shard-config-setup-for-shards.sh", + "rm -f ${local.gsm_home_full_path}/create-shard-config-setup-for-shards.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${local.gsm_home_full_path}/create-shard-config-setup-for-shards.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%create-shard.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%create-shard.tf new file mode 100644 index 0000000..cbcf937 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%create-shard.tf @@ -0,0 +1,67 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + + resource "null_resource" "sdb_create_shard" { + # depends_on = ["null_resource.sdb_add_standby_shard_group"] + count = "${var.setup_mode == "new_install" ? length(var.shards) : 0}" + + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${lookup(var.shard_directors[element(keys(var.shard_directors), 0)], "host")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + # copying dbparamfile + provisioner "file" { + source = "${var.use_dbparamfile != "false" ? "${lookup(var.shards[element(keys(var.shards), count.index)], "dbparamfile")}" : "/etc/hosts"}" + destination = "${local.gsm_home_full_path}/dbparamfile-for-${lookup(var.shards[element(keys(var.shards), count.index)], "sid")}" + } + + # copying dbtemplatefile + provisioner "file" { + source = "${var.use_dbtemplatefile != "false" ? "${lookup(var.shards[element(keys(var.shards), count.index)], "dbtemplatefile")}" : "/etc/hosts"}" + destination = "${local.gsm_home_full_path}/dbtemplatefile-for-${lookup(var.shards[element(keys(var.shards), count.index)], "sid")}.dbt" + } + + # copying netparamfile + provisioner "file" { + source = "${var.use_netparamfile != "false" ? "${lookup(var.shards[element(keys(var.shards), count.index)], "netparamfile")}" : "/etc/hosts"}" + destination = "${local.gsm_home_full_path}/netparamfile-for-${lookup(var.shards[element(keys(var.shards), count.index)], "sid")}.rsp" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + echo "#! /bin/bash + source ${var.oracle_base}/shard-director.sh + gdsctl connect ${var.sdb_admin_username}/${var.sdb_admin_pass} + gdsctl add invitednode ${lookup(var.shards[element(keys(var.shards), count.index)], "host")} + gdsctl create shard -shardgroup ${lookup(var.shards[element(keys(var.shards), count.index)], "shard_group")} -destination ${replace(element(split(".", lookup(var.shards[element(keys(var.shards), count.index)], "host")),0), "-", "_")} -credential oracle_cred -sys_password ${var.sys_pass} ${var.use_dbparamfile != "false" ? "-dbparamfile ${local.gsm_home_full_path}/dbparamfile-for-${lookup(var.shards[element(keys(var.shards), count.index)], "sid")}" : ""} ${var.use_dbtemplatefile != "false" ? "-dbtemplatefile ${local.gsm_home_full_path}/dbtemplatefile-for-${lookup(var.shards[element(keys(var.shards), count.index)], "sid")}.dbt" : ""} ${var.use_netparamfile != "false" ? "-netparamfile ${local.gsm_home_full_path}/netparamfile-for-${lookup(var.shards[element(keys(var.shards), count.index)], "sid")}.rsp" : ""} + " >> "${local.gsm_home_full_path}/create-shard-config-setup-for-shards.sh" + EOF + destination = "${local.gsm_home_full_path}/create-shard-config-setup-for-${lookup(var.shards[element(keys(var.shards), count.index)], "sid")}.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.gsm_home_full_path}/create-shard-config-setup-for-${lookup(var.shards[element(keys(var.shards), count.index)], "sid")}.sh", + "${local.gsm_home_full_path}/create-shard-config-setup-for-${lookup(var.shards[element(keys(var.shards), count.index)], "sid")}.sh", + "rm -f ${local.gsm_home_full_path}/create-shard-config-setup-for-${lookup(var.shards[element(keys(var.shards), count.index)], "sid")}.sh" + ] + } + + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${local.gsm_home_full_path}/create-shard-config-setup-for-${lookup(var.shards[element(keys(var.shards), count.index)], "sid")}.sh", + "rm -f ${local.gsm_home_full_path}/dbparamfile-for-${lookup(var.shards[element(keys(var.shards), count.index)], "sid")}", + "rm -f ${local.gsm_home_full_path}/dbtemplatefile-for-${lookup(var.shards[element(keys(var.shards), count.index)], "sid")}.dbt", + "rm -f ${local.gsm_home_full_path}/netparamfile-for-${lookup(var.shards[element(keys(var.shards), count.index)], "sid")}.rsp" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%create-standby-shard-exec.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%create-standby-shard-exec.tf new file mode 100644 index 0000000..09a22bf --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%create-standby-shard-exec.tf @@ -0,0 +1,31 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + + resource "null_resource" "sdb_create_standby_shard_exec" { + count = "${var.setup_mode == "new_install" ? 1 : 0}" + + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${lookup(var.shard_directors[element(keys(var.shard_directors), 0)], "host")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.gsm_home_full_path}/create-standby-shard-config-setup-for-shards.sh", + "${local.gsm_home_full_path}/create-standby-shard-config-setup-for-shards.sh", + "rm -f ${local.gsm_home_full_path}/create-standby-shard-config-setup-for-shards.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${local.gsm_home_full_path}/create-standby-shard-config-setup-for-shards.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%create-standby-shard.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%create-standby-shard.tf new file mode 100644 index 0000000..d15896a --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%create-standby-shard.tf @@ -0,0 +1,68 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + + resource "null_resource" "sdb_create_standby_shard" { + # depends_on = ["null_resource.sdb_create_shard"] + count = "${var.setup_mode == "new_install" ? length(var.standby_shards) : 0}" + + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${lookup(var.shard_directors[element(keys(var.shard_directors), 0)], "host")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + # copying dbparamfile + provisioner "file" { + source = "${var.use_dbparamfile != "false" ? "${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "dbparamfile")}" : "/etc/hosts"}" + destination = "${local.gsm_home_full_path}/dbparamfile-for-${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "sid")}" + } + + # copying dbtemplatefile + provisioner "file" { + source = "${var.use_dbtemplatefile != "false" ? "${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "dbtemplatefile")}" : "/etc/hosts"}" + destination = "${local.gsm_home_full_path}/dbtemplatefile-for-${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "sid")}.dbt" + } + + # copying netparamfile + provisioner "file" { + source = "${var.use_netparamfile != "false" ? "${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "netparamfile")}" : "/etc/hosts"}" + destination = "${local.gsm_home_full_path}/netparamfile-for-${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "sid")}.rsp" + } + + +provisioner "file" { + content = <<-EOF + #! /bin/bash + echo "#! /bin/bash + source ${var.oracle_base}/shard-director.sh + gdsctl connect ${var.sdb_admin_username}/${var.sdb_admin_pass} + gdsctl add invitednode ${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "host")} + gdsctl create shard -shardgroup ${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "shard_group")} -destination ${replace(element(split(".", lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "host")),0), "-", "_")} -credential oracle_cred -sys_password ${var.sys_pass} ${var.use_dbparamfile != "false" ? "-dbparamfile ${local.gsm_home_full_path}/dbparamfile-for-${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "sid")}" : ""} ${var.use_dbtemplatefile != "false" ? "-dbtemplatefile ${local.gsm_home_full_path}/dbtemplatefile-for-${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "sid")}.dbt" : ""} ${var.use_netparamfile != "false" ? "-netparamfile ${local.gsm_home_full_path}/netparamfile-for-${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "sid")}.rsp" : ""} + " >> "${local.gsm_home_full_path}/create-standby-shard-config-setup-for-shards.sh" + EOF + destination = "${local.gsm_home_full_path}/create-standby-shard-config-setup-for-${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "sid")}.sh" + } + + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.gsm_home_full_path}/create-standby-shard-config-setup-for-${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "sid")}.sh", + "${local.gsm_home_full_path}/create-standby-shard-config-setup-for-${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "sid")}.sh", + "rm -f ${local.gsm_home_full_path}/create-standby-shard-config-setup-for-${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "sid")}.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${local.gsm_home_full_path}/create-standby-shard-config-setup-for-${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "sid")}.sh", + "rm -f ${local.gsm_home_full_path}/dbparamfile-for-${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "sid")}", + "rm -f ${local.gsm_home_full_path}/dbtemplatefile-for-${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "sid")}.dbt", + "rm -f ${local.gsm_home_full_path}/netparamfile-for-${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "sid")}.rsp" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%datasources.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%datasources.tf new file mode 100644 index 0000000..e438501 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%datasources.tf @@ -0,0 +1,10 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +data "template_file" "deps_check_template" { + template = "${file("${path.module}/scripts/deps_check.template.sh")}" + + vars = { + oracle_base = "${var.oracle_base}" + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%deploy.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%deploy.tf new file mode 100644 index 0000000..ddd6271 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%deploy.tf @@ -0,0 +1,43 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_deploy_invoker" { + # depends_on = ["null_resource.sdb_create_standby_shard"] + + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${lookup(var.shard_directors[element(keys(var.shard_directors), 0)], "host")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${var.oracle_base}/shard-director.sh + gdsctl connect ${var.sdb_admin_username}/${var.sdb_admin_pass} + gdsctl deploy + EOF + destination = "${local.gsm_home_full_path}/sdb-deploy.sh" + } + + #shard deploy config setup + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.gsm_home_full_path}/sdb-deploy.sh", + "${local.gsm_home_full_path}/sdb-deploy.sh", + "rm -f ${local.gsm_home_full_path}/sdb-deploy.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${local.gsm_home_full_path}/sdb-deploy.sh" + ] + } +} + diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%main.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%main.tf new file mode 100644 index 0000000..e8608ce --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%main.tf @@ -0,0 +1,42 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_add_shard_group" { + count = "${length(var.primary_shard_groups)}" + + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${lookup(var.shard_directors[element(keys(var.shard_directors), 0)], "host")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + echo ${var.sdb_shard_db_configure_deps_check} + source ${var.oracle_base}/shard-director.sh + gdsctl connect ${var.sdb_admin_username}/${var.sdb_admin_pass} + gdsctl add shardgroup -shardgroup ${lookup(var.primary_shard_groups[element(keys(var.primary_shard_groups), count.index)], "name")} -deploy_as ${lookup(var.primary_shard_groups[element(keys(var.primary_shard_groups), count.index)], "deploy_as")} -region ${lookup(var.primary_shard_groups[element(keys(var.primary_shard_groups), count.index)], "region")} + EOF + destination = "${local.gsm_home_full_path}/shard-group-config-setup-for-${lookup(var.primary_shard_groups[element(keys(var.primary_shard_groups), count.index)], "name")}.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.gsm_home_full_path}/shard-group-config-setup-for-${lookup(var.primary_shard_groups[element(keys(var.primary_shard_groups), count.index)], "name")}.sh", + "${local.gsm_home_full_path}/shard-group-config-setup-for-${lookup(var.primary_shard_groups[element(keys(var.primary_shard_groups), count.index)], "name")}.sh", + "rm -f ${local.gsm_home_full_path}/shard-group-config-setup-for-${lookup(var.primary_shard_groups[element(keys(var.primary_shard_groups), count.index)], "name")}.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${local.gsm_home_full_path}/shard-group-config-setup-for-${lookup(var.primary_shard_groups[element(keys(var.primary_shard_groups), count.index)], "name")}.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%outputs.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%outputs.tf new file mode 100644 index 0000000..c8b3fd3 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%outputs.tf @@ -0,0 +1,6 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +output "rendered_deps_check" { + value = "${data.template_file.deps_check_template.rendered}" +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%variables.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%variables.tf new file mode 100644 index 0000000..2c1f652 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_deploy%variables.tf @@ -0,0 +1,105 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +locals { + module_prefix = "sdb_deploy" + + gsmhome_postfix = "gsmhome_1" + + gsm_home_full_path = "${var.oracle_base}/product/${var.gsm_version}/${local.gsmhome_postfix}" +} + +variable "ssh_private_key_path" { + description = "path to ssh private key on the current machine" + default = "~/.ssh/id_rsa" +} + +variable "ssh_timeout" { + description = "ssh timeout" + default = "3m" +} + +variable "os_user" { + description = "os user name" +} + +variable "oracle_base" { + description = "Oracle Base" +} + +variable "shards" { + description = "Map of nick name of a shard to the host name or ip of the shard" + type = "map" +} + +variable "sdb_shard_db_configure_deps_check" { + description = "internal dependency check variable for sdb_shard_db_configure module" +} + +variable "gsmuser_pass" { + description = "password of the gsm user" +} + +variable "primary_shard_groups" { + description = "Map of user-friendly name of a primary_shard_group to the primary_shard_group config information" + type = "map" +} + +variable "standby_shard_groups" { + description = "Map of user-friendly name of a standby_shard_group to the standby_shard_group config information" + type = "map" +} + +variable "shard_directors" { + description = "Map of user-friendly name of a shard director to the shard director config information" + type = "map" +} + +variable "sdb_admin_username" { + description = "username of the sharded database administrator" +} + +variable "sdb_admin_pass" { + description = "password of the sharded database administrator" +} + +variable "gsm_version" { + description = "Oracle GSM version" +} + +variable "global_services" { + description = "Map of user-friendly name of a global service to the global service config information" + type = "map" +} + +variable "standby_shards" { + description = "Map of user-friendly name of a standby shard to the standby shard config information" + type = "map" +} + +variable "sys_pass" { + description = "Password for SYS user" +} + +variable "setup_mode" { + description = "represents the setup mode either new install mode or from existing dbs mode" +} + +variable "use_dbparamfile" { + description = "Use True as the value to specify the path to the file name on the local machine running terraform, containing database Configuration Assistant (DBCA) parameters to use during database creation on the remote machine. Otherwise, to disable this option and use the defaults, please specify false as the value" + default = "false" +} + +variable "use_dbtemplatefile" { + description = "Use True as the value to specify the path to the file name on the local machine running terraform, containing Database Configuration Assistant (DBCA) database template information to use during database creation on the remote machine. Otherwise, to disable this option and use the defaults, please specify false as the value" + default = "false" +} + +variable "use_netparamfile" { + description = "Use True as the value to specify the path to the file name on the local machine running terraform, containing Net Configuration Assistant (NETCA) parameters to use during network listener setup on the remote machine. Otherwise, to disable this option and use the defaults, please specify false as the value" + default = "false" +} + +variable "db_home_path" { + description = "The location for oracle db home" +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_gc%shard-catalog-gc.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_gc%shard-catalog-gc.tf new file mode 100644 index 0000000..e6b1eb1 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_gc%shard-catalog-gc.tf @@ -0,0 +1,29 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl +resource "null_resource" "sdb_shard_catalog_gc" { + + count = "${length(var.shard_catalogs)}" + + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), count.index)], "host")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "remote-exec" { + inline = [ + "rm -rf /tmp/terraform_*" + ] + } + + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -rf /tmp/terraform_*" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_gc%shard-catalog-standby-gc.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_gc%shard-catalog-standby-gc.tf new file mode 100644 index 0000000..98b8c9c --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_gc%shard-catalog-standby-gc.tf @@ -0,0 +1,30 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_catalog_standby_gc" { + count = "${length(var.shard_catalog_standbys)}" + + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${lookup(var.shard_catalog_standbys[element(keys(var.shard_catalog_standbys), count.index)], "host")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + + provisioner "remote-exec" { + inline = [ + "rm -rf /tmp/terraform_*" + ] + } + + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -rf /tmp/terraform_*" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_gc%shard-director-gc.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_gc%shard-director-gc.tf new file mode 100644 index 0000000..943929f --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_gc%shard-director-gc.tf @@ -0,0 +1,30 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_director_gc" { + + count = "${length(var.shard_directors)}" + + #creates ssh connection to gsm host + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${lookup(var.shard_directors[element(keys(var.shard_directors), count.index)], "host")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "remote-exec" { + inline = [ + "rm -rf /tmp/terraform_*" + ] + } + + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -rf /tmp/terraform_*" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_gc%shard-gc.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_gc%shard-gc.tf new file mode 100644 index 0000000..8c5489e --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_gc%shard-gc.tf @@ -0,0 +1,28 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl +resource "null_resource" "sdb_shard_gc" { + count = "${length(var.shards)}" + + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${lookup(var.shards[element(keys(var.shards), count.index)], "host")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "remote-exec" { + inline = [ + "rm -rf /tmp/terraform_*" + ] + } + + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -rf /tmp/terraform_*" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_gc%shard-standby-gc.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_gc%shard-standby-gc.tf new file mode 100644 index 0000000..8c9265c --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_gc%shard-standby-gc.tf @@ -0,0 +1,28 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl +resource "null_resource" "sdb_shard_standby_gc" { + count = "${length(var.standby_shards)}" + + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "host")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "remote-exec" { + inline = [ + "rm -rf /tmp/terraform_*" + ] + } + + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -rf /tmp/terraform_*" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_gc%variables.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_gc%variables.tf new file mode 100644 index 0000000..ff30a68 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_gc%variables.tf @@ -0,0 +1,41 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +variable "ssh_private_key_path" { + description = "path to ssh private key on the current machine" + default = "~/.ssh/id_rsa" +} + +variable "ssh_timeout" { + description = "ssh timeout" + default = "3m" +} + +variable "os_user" { + description = "os user name" +} + +variable "shard_catalogs" { + description = "Map of user-friendly name of a shard catalog to the shard catalog config information" + type = "map" +} + +variable "shards" { + description = "Map of user-friendly name of a shard to the shard config information" + type = "map" +} + +variable "standby_shards" { + description = "Map of user-friendly name of a standby shard to the standby shard config information" + type = "map" +} + +variable "shard_catalog_standbys" { + description = "Map of user-friendly name of a shard catalog standby to the shard catalog standby config information" + type = "map" +} + +variable "shard_directors" { + description = "Map of nick name of a shard director to the shard director config information" + type = "map" +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_schema_setup%datasources.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_schema_setup%datasources.tf new file mode 100644 index 0000000..8a78b21 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_schema_setup%datasources.tf @@ -0,0 +1,18 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +data "template_file" "system_sharding_schema_setup_template" { + template = "${file("${path.module}/sql/system-sharding-schema-setup.template.ql")}" + + vars = { + oracle_home = "${var.db_home_path}" + } +} + +data "template_file" "deps_check_template" { + template = "${file("${path.module}/scripts/deps_check.template.sh")}" + + vars = { + oracle_base = "${var.oracle_base}" + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_schema_setup%main.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_schema_setup%main.tf new file mode 100644 index 0000000..09901ee --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_schema_setup%main.tf @@ -0,0 +1,65 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_schema_setup" { + count = "${length(var.shard_catalogs)}" + + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), count.index)], "host")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = "${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), count.index)], "sharding_method")} == ${local.system_sharding}?${data.template_file.system_sharding_schema_setup_template.rendered}:${local.not_supported_phantom}" + destination = "${var.db_home_path}/sharding-schema.sql" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + echo ${var.sdb_deploy_deps_check} + source ${var.db_home_path}/shardcat.sh + sqlplus / as sysdba @${var.db_home_path}/sharding-schema.sql + EOF + destination = "${var.db_home_path}/sharding-schema-setup.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${var.db_home_path}/sharding-schema-setup.sh", + "${var.db_home_path}/sharding-schema-setup.sh" + ] + } + + provisioner "file" { + content = "${data.template_file.deps_check_template.rendered}" + destination = "${var.db_home_path}/sdb-schema-setup-deps-check.sh" + } + + provisioner "file" { + when = "destroy" + content = <<-EOF + #! /bin/bash + source ${var.db_home_path}/shardcat.sh + rm -f ${var.db_home_path}/sharding-schema.sql + EOF + destination = "${var.db_home_path}/sharding-schema-teardown.sh" + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "chmod 700 ${var.db_home_path}/sharding-schema-teardown.sh", + "${var.db_home_path}/sharding-schema-teardown.sh", + "rm -f ${var.db_home_path}/sharding-schema-teardown.sh", + "rm -f ${var.db_home_path}/sdb-schema-setup-deps-check.sh" + ] + } +} + diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_schema_setup%outputs.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_schema_setup%outputs.tf new file mode 100644 index 0000000..8c6ffd8 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_schema_setup%outputs.tf @@ -0,0 +1,10 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +output "rendered_system_sharding_schema_setup_template" { + value = "${data.template_file.system_sharding_schema_setup_template.rendered}" +} + +output "rendered_deps_check" { + value = "${data.template_file.deps_check_template.rendered}" +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_schema_setup%variables.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_schema_setup%variables.tf new file mode 100644 index 0000000..8e5f476 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_schema_setup%variables.tf @@ -0,0 +1,46 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +locals { + module_prefix = "setup_sdb_schema" + + system_sharding = "system" + + user_defined_sharding = "user" + + composite_sharding = "composite" + + not_supported_phantom = "SELECT 'sharding method you passed is not yet supported via terraform setup' FROM DUAL" + +} + +variable "ssh_private_key_path" { + description = "path to ssh private key on the current machine" + default = "~/.ssh/id_rsa" +} + +variable "ssh_timeout" { + description = "ssh timeout" + default = "3m" +} + +variable "os_user" { + description = "os user name" +} + +variable "oracle_base" { + description = "Oracle Base" +} + +variable "db_home_path" { + description = "The location for oracle db home" +} + +variable "shard_catalogs" { + description = "Map of user-friendly name of a shard catalog to the shard catalog config information" + type = "map" +} + +variable "sdb_deploy_deps_check" { + description = "internal dependency check variable for sdb_deploy module" +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_configure%add-static-dg-listener-catalog.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_configure%add-static-dg-listener-catalog.tf new file mode 100644 index 0000000..495fb5d --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_configure%add-static-dg-listener-catalog.tf @@ -0,0 +1,51 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_add_static_dg_listener_catalog" { + count = "${length(var.shard_catalogs)}" + + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), count.index)], "host")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + #!/bin/bash + source ${var.db_home_path}/shardcat.sh + echo "SID_LIST_LISTENER = + (SID_LIST = + (SID_DESC = + (GLOBAL_DBNAME = ${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), count.index)], "globalDBName")}_DGMGRL) + (ORACLE_HOME = ${var.db_home_path}) + (SID_NAME = ${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), count.index)], "sid")}) + ) + )" >> $TNS_ADMIN/listener.ora + + lsnrctl stop + lsnrctl start + EOF + destination = "${var.db_home_path}/add-static-dg-listener.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${var.db_home_path}/add-static-dg-listener.sh", + "${var.db_home_path}/add-static-dg-listener.sh", + "rm -f ${var.db_home_path}/add-static-dg-listener.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${var.db_home_path}/add-static-dg-listener.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_configure%catalog-configure-with-standby.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_configure%catalog-configure-with-standby.tf new file mode 100644 index 0000000..8cb3ee9 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_configure%catalog-configure-with-standby.tf @@ -0,0 +1,93 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_catalog_configure_with_standby" { + count = "${length(var.shard_catalogs)}" + + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), count.index)], "host")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = "${data.template_file.shard_catalog_config_template.rendered}" + destination = "${var.db_home_path}/catalog-config.sql" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + echo ${var.sdb_shard_catalog_create_deps_check} + source ${var.db_home_path}/shardcat.sh + sqlplus / as sysdba @${var.db_home_path}/catalog-config.sql + EOF + destination = "${var.db_home_path}/catalog-config-setup.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${var.db_home_path}/catalog-config-setup.sh", + "${var.db_home_path}/catalog-config-setup.sh", + "rm -f ${var.db_home_path}/catalog-config.sql", + "rm -f ${var.db_home_path}/catalog-config-setup.sh" + ] + } + + provisioner "file" { + content = "${data.template_file.shard_db_config_template.rendered}" + destination = "${var.db_home_path}/shard-db-config.sql" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${var.db_home_path}/shardcat.sh + sqlplus / as sysdba @${var.db_home_path}/shard-db-config.sql + EOF + destination = "${var.db_home_path}/shard-db-config-setup.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${var.db_home_path}/shard-db-config-setup.sh", + "${var.db_home_path}/shard-db-config-setup.sh", + "rm -f ${var.db_home_path}/shard-db-config.sql", + "rm -f ${var.db_home_path}/shard-db-config-setup.sh" + ] + } + + provisioner "file" { + content = "${data.template_file.shard_catalog_configure_deps_check_template.rendered}" + destination = "${var.db_home_path}/shard-catalog-configure-deps-check.sh" + } + + + provisioner "file" { + when = "destroy" + content = <<-EOF + #! /bin/bash + source ${var.db_home_path}/shardcat.sh + lsnrctl stop + rm -f ${var.db_home_path}/catalog-config.sql + rm -f ${var.db_home_path}/shard-db-config.sql + rm -f ${var.db_home_path}/shard-db-config-setup.sh + rm -f ${var.db_home_path}/catalog-config-setup.sh + EOF + destination = "${var.db_home_path}/catalog-config-teardown.sh" + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "chmod 700 ${var.db_home_path}/catalog-config-teardown.sh", + "${var.db_home_path}/catalog-config-teardown.sh", + "rm -f ${var.db_home_path}/catalog-config-teardown.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_configure%datasources.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_configure%datasources.tf new file mode 100644 index 0000000..d2401e6 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_configure%datasources.tf @@ -0,0 +1,31 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +data "template_file" "shard_catalog_config_template" { + template = "${file("${path.module}/sql/shard-catalog-config.template.ql")}" + + vars = { + oradata = "${local.oradata}" + gsmcatuser_pass = "${var.gsmcatuser_pass}" + sdb_admin_username = "${var.sdb_admin_username}" + sdb_admin_pass = "${var.sdb_admin_pass}" + total_num_of_shards = "${length(local.total_shards)}" + } +} + +data "template_file" "shard_db_config_template" { + template = "${file("${path.module}/sql/shard-db-config.template.ql")}" + + vars = { + oradata = "${local.oradata}" + gsmuser_pass = "${var.gsmuser_pass}" + } +} + +data "template_file" "shard_catalog_configure_deps_check_template" { + template = "${file("${path.module}/scripts/shard_catalog_configure_deps_check.template.sh")}" + + vars = { + oracle_base = "${var.oracle_base}" + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_configure%enable-switchover-relocation.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_configure%enable-switchover-relocation.tf new file mode 100644 index 0000000..33e7032 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_configure%enable-switchover-relocation.tf @@ -0,0 +1,58 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_enable_switchover_relocation_catalog" { + count = "${length(var.shard_directors)}" + + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${lookup(var.shard_directors[element(keys(var.shard_directors), count.index)], "host")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + #!/bin/bash + source ${var.oracle_base}/shard-director.sh + mv $TNS_ADMIN/tnsnames.ora $TNS_ADMIN/tnsname-ora-backup + echo "${upper(lookup(var.shard_directors[element(keys(var.shard_directors), count.index)], "name"))}_CATALOG = + (DESCRIPTION = + (ADDRESS_LIST= + (address = (protocol = tcp)(host = ${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), 0)], "host")})(port = ${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), 0)], "port")})) + (address = (protocol = tcp)(host = ${lookup(var.shard_catalog_standbys[element(keys(var.shard_catalog_standbys), 0)], "host")})(port = ${lookup(var.shard_catalog_standbys[element(keys(var.shard_catalog_standbys), 0)], "port")})) + ) + (CONNECT_DATA = + (SERVICE_NAME = GDS\$CATALOG.oradbcloud) + ) + ) + +${upper(lookup(var.shard_directors[element(keys(var.shard_directors), count.index)], "name"))} = + (DESCRIPTION = + (ADDRESS = (HOST = ${lookup(var.shard_directors[element(keys(var.shard_directors), count.index)], "host")})(PORT = ${lookup(var.shard_directors[element(keys(var.shard_directors), count.index)], "port")})(PROTOCOL = tcp)) + (CONNECT_DATA = + (SERVICE_NAME = GDS\$CATALOG.oradbcloud) + ) + )" >> $TNS_ADMIN/tnsnames.ora + EOF + destination = "${local.gsm_home_full_path}/enable-switchover-relocation-for-catalog.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${local.gsm_home_full_path}/enable-switchover-relocation-for-catalog.sh", + "${local.gsm_home_full_path}/enable-switchover-relocation-for-catalog.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${local.gsm_home_full_path}/enable-switchover-relocation-for-catalog.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_configure%enable-sys-dg-catalog.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_configure%enable-sys-dg-catalog.tf new file mode 100644 index 0000000..1e69d4a --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_configure%enable-sys-dg-catalog.tf @@ -0,0 +1,43 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_enable_sys_dg_catalog" { + count = "${length(var.shard_catalogs)}" + + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), count.index)], "host")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + #!/bin/bash + source ${var.db_home_path}/shardcat.sh + cd ${var.db_home_path}/dbs/ + mv orapw${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), count.index)], "sid")} orapw${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), count.index)], "sid")}.bak + echo ${var.sys_pass} | orapwd file=orapw${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), count.index)], "sid")} password=${var.sys_pass} sysdg=y + EOF + destination = "${var.db_home_path}/enable-sys-dg.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${var.db_home_path}/enable-sys-dg.sh", + "${var.db_home_path}/enable-sys-dg.sh", + "rm -f ${var.db_home_path}/enable-sys-dg.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${var.db_home_path}/enable-sys-dg.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_configure%main.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_configure%main.tf new file mode 100644 index 0000000..6268f06 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_configure%main.tf @@ -0,0 +1,69 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_catalog_configure" { + count = "${length(var.shard_catalogs)}" + + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), count.index)], "host")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = "${data.template_file.shard_catalog_config_template.rendered}" + destination = "${var.db_home_path}/catalog-config.sql" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + echo ${var.sdb_shard_catalog_create_deps_check} + source ${var.db_home_path}/shardcat.sh + lsnrctl start + sqlplus / as sysdba @${var.db_home_path}/catalog-config.sql + EOF + destination = "${var.db_home_path}/catalog-config-setup.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${var.db_home_path}/catalog-config-setup.sh", + "${var.db_home_path}/catalog-config-setup.sh", + "rm -f ${var.db_home_path}/catalog-config.sql", + "rm -f ${var.db_home_path}/catalog-config-setup.sh" + ] + } + + provisioner "file" { + content = "${data.template_file.shard_catalog_configure_deps_check_template.rendered}" + destination = "${var.db_home_path}/shard-catalog-configure-deps-check.sh" + } + + + provisioner "file" { + when = "destroy" + content = <<-EOF + #! /bin/bash + source ${var.db_home_path}/shardcat.sh + lsnrctl stop + rm -f ${var.db_home_path}/catalog-config.sql + rm -f ${var.db_home_path}/catalog-config-setup.sh + EOF + destination = "${var.db_home_path}/catalog-config-teardown.sh" + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "chmod 700 ${var.db_home_path}/catalog-config-teardown.sh", + "${var.db_home_path}/catalog-config-teardown.sh", + "rm -f ${var.db_home_path}/catalog-config-teardown.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_configure%outputs.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_configure%outputs.tf new file mode 100644 index 0000000..6c861b5 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_configure%outputs.tf @@ -0,0 +1,10 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +output "rendered_sdb_shard_catalog_config_template" { + value = "${data.template_file.shard_catalog_config_template.rendered}" +} + +output "rendered_sdb_shard_catalog_configure_deps_check" { + value = "${data.template_file.shard_catalog_configure_deps_check_template.rendered}" +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_configure%setup-data-guard-catalog.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_configure%setup-data-guard-catalog.tf new file mode 100644 index 0000000..f0bc404 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_configure%setup-data-guard-catalog.tf @@ -0,0 +1,48 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_setup_data_guard_catalog" { + count = "${length(var.shard_catalog_standbys)}" + + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${lookup(var.shard_catalog_standbys[element(keys(var.shard_catalog_standbys), count.index)], "host")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + source = "${path.module}/scripts/setup-adg.sh" + destination = "${var.db_home_path}/setup-adg.sh" + } + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${var.db_home_path}/shardcat.sh + cd ${var.db_home_path} + ./setup-adg.sh -l sys/${var.sys_pass}@${lookup(var.shard_catalog_standbys[element(keys(var.shard_catalog_standbys), count.index)], "primary_host")}:${lookup(var.shard_catalog_standbys[element(keys(var.shard_catalog_standbys), count.index)], "primary_port")}/${lookup(var.shard_catalog_standbys[element(keys(var.shard_catalog_standbys), count.index)], "primary_sid")} -d ${lookup(var.shard_catalog_standbys[element(keys(var.shard_catalog_standbys), count.index)], "sid")} + EOF + destination = "${var.db_home_path}/invoke-adg-setup.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${var.db_home_path}/invoke-adg-setup.sh", + "chmod 700 ${var.db_home_path}/setup-adg.sh", + "${var.db_home_path}/invoke-adg-setup.sh", + "rm -f ${var.db_home_path}/invoke-adg-setup.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${var.db_home_path}/setup-adg.sh", + "rm -f ${var.db_home_path}/invoke-adg-setup.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_configure%variables.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_configure%variables.tf new file mode 100644 index 0000000..ba54bd4 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_configure%variables.tf @@ -0,0 +1,91 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +locals { + module_prefix = "configure_shard_catalog_db" + + oradata = "${var.oracle_base}/oradata" + + total_shards = "${length(var.shards)} + ${length(var.standby_shards)}" + + gsmhome_postfix = "gsmhome_1" + + gsm_home_full_path = "${var.oracle_base}/product/${var.gsm_version}/${local.gsmhome_postfix}" + +} + +variable "gsm_version" { + description = "Oracle GSM version" +} + +variable "ssh_private_key_path" { + description = "path to ssh private key on the current machine" + default = "~/.ssh/id_rsa" +} + +variable "ssh_timeout" { + description = "ssh timeout" + default = "3m" +} + +variable "os_user" { + description = "os user name" +} + +variable "oracle_base" { + description = "Oracle Base" +} + +variable "db_home_path" { + description = "The location for oracle db home" +} + +variable "shard_catalogs" { + description = "Map of user-friendly name of a shard catalog to the shard catalog config information" + type = "map" +} + +variable "gsmcatuser_pass" { + description = "GSM catalog user password" +} + +variable "sdb_admin_username" { + description = "username of the sharded database administrator" +} + +variable "sdb_admin_pass" { + description = "password of the sharded database administrator" +} + +variable "sdb_shard_catalog_create_deps_check" { + description = "internal dependency check variable for sdb_shard_catalog_db_install module" +} + +variable "shards" { + description = "Map of user-friendly name of a shard to the shard config information" + type = "map" +} + +variable "standby_shards" { + description = "Map of user-friendly name of a standby shard to the standby shard config information" + type = "map" +} + +variable "gsmuser_pass" { + description = "password of the gsm user" +} + +variable "shard_catalog_standbys" { + description = "Map of user-friendly name of a shard catalog standby to the shard catalog standby config information" + type = "map" +} + +variable "shard_directors" { + description = "Map of nick name of a shard director to the shard director config information" + type = "map" +} + +variable "sys_pass" { + description = "Password for SYS user" +} + diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_db_install%catalog-cleanup.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_db_install%catalog-cleanup.tf new file mode 100644 index 0000000..175f411 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_db_install%catalog-cleanup.tf @@ -0,0 +1,39 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_catalog_cleanup" { + count = "${length(var.shard_catalogs)}" + + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), count.index)], "host")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = "catalog-cleanup-zero-byte-file" + destination = "${var.db_home_path}/catalog-cleanup.lock" + } + + provisioner "remote-exec" { + inline = [ + "rm -f ${var.db_home_path}/catalog-cleanup.lock" + ] + } + + #Destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${var.db_home_path}/catalog-cleanup.lock", + "rm -rf ${var.ora_inventory_location}", + "echo ${var.sudo_pass} | sudo -S rm -rf /etc/oraInst.loc", + "echo ${var.sudo_pass} | sudo -S rm -rf /etc/oratab", + "echo ${var.sudo_pass} | sudo -S rm -rf /opt/ORCLfmap" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_db_install%catalog-standby-cleanup.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_db_install%catalog-standby-cleanup.tf new file mode 100644 index 0000000..033e3e4 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_db_install%catalog-standby-cleanup.tf @@ -0,0 +1,46 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_catalog_standby_cleanup" { + count = "${length(var.shard_catalog_standbys)}" + + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${lookup(var.shard_catalog_standbys[element(keys(var.shard_catalog_standbys), count.index)], "host")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = "catalog-stdby-cleanup-zero-byte-file" + destination = "${var.db_home_path}/catalog-stdby-cleanup.lock" + } + + provisioner "remote-exec" { + inline = [ + "rm -f ${var.db_home_path}/catalog-stdby-cleanup.lock" + ] + } + + + #Destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${var.db_home_path}/catalog-stdby-cleanup.lock", + "rm -f ${var.oracle_base}/*.log", + "rm -rf ${var.oracle_base}/admin", + "rm -rf ${var.oracle_base}/oradata", + "rm -rf ${var.oracle_base}/audit", + "rm -rf ${var.oracle_base}/diag", + "rm -rf ${var.ora_inventory_location}", + "echo ${var.sudo_pass} | sudo -S rm -rf /etc/oraInst.loc", + "echo ${var.sudo_pass} | sudo -S rm -rf /etc/oratab", + "echo ${var.sudo_pass} | sudo -S rm -rf /opt/ORCLfmap", + "rm -rf ${var.db_home_path}" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_db_install%create-catalog-db.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_db_install%create-catalog-db.tf new file mode 100644 index 0000000..66bd8e7 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_catalog_db_install%create-catalog-db.tf @@ -0,0 +1,662 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl +resource "null_resource" "sdb_shard_catalog_db_create" { + # depends_on = ["null_resource.sdb_shard_catalog_db_install_sw"] + count = "${length(var.shard_catalogs)}" + + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), count.index)], "host")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + +provisioner "file" { + content = <. - when database domain isn't NULL +# - when database domain is NULL +# Default value : None +# Mandatory : Yes +#----------------------------------------------------------------------------- +gdbName=${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), count.index)], "globalDBName")} + +#----------------------------------------------------------------------------- +# Name : sid +# Datatype : String +# Description : System identifier (SID) of the database +# Valid values : Check Oracle12c Administrator's Guide +# Default value : specified in GDBNAME +# Mandatory : No +#----------------------------------------------------------------------------- +sid=${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), count.index)], "sid")} + +#----------------------------------------------------------------------------- +# Name : databaseConfigType +# Datatype : String +# Description : database conf type as Single Instance, Real Application Cluster or Real Application Cluster One Nodes database +# Valid values : SI\RAC\RACONENODE +# Default value : SI +# Mandatory : No +#----------------------------------------------------------------------------- +databaseConfigType=SI + +#----------------------------------------------------------------------------- +# Name : RACOneNodeServiceName +# Datatype : String +# Description : Service is required by application to connect to RAC One +# Node Database +# Valid values : Service Name +# Default value : None +# Mandatory : No [required in case DATABASECONFTYPE is set to RACONENODE ] +#----------------------------------------------------------------------------- +RACOneNodeServiceName= + +#----------------------------------------------------------------------------- +# Name : policyManaged +# Datatype : Boolean +# Description : Set to true if Database is policy managed and +# set to false if Database is admin managed +# Valid values : TRUE\FALSE +# Default value : FALSE +# Mandatory : No +#----------------------------------------------------------------------------- +policyManaged=false + + +#----------------------------------------------------------------------------- +# Name : createServerPool +# Datatype : Boolean +# Description : Set to true if new server pool need to be created for database +# if this option is specified then the newly created database +# will use this newly created serverpool. +# Multiple serverpoolname can not be specified for database +# Valid values : TRUE\FALSE +# Default value : FALSE +# Mandatory : No +#----------------------------------------------------------------------------- +createServerPool=false + +#----------------------------------------------------------------------------- +# Name : serverPoolName +# Datatype : String +# Description : Only one serverpool name need to be specified +# if Create Server Pool option is specified. +# Comma-separated list of Serverpool names if db need to use +# multiple Server pool +# Valid values : ServerPool name + +# Default value : None +# Mandatory : No [required in case of RAC service centric database] +#----------------------------------------------------------------------------- +serverPoolName= + +#----------------------------------------------------------------------------- +# Name : cardinality +# Datatype : Number +# Description : Specify Cardinality for create server pool operation + +# Valid values : any positive Integer value +# Default value : Number of qualified nodes on cluster +# Mandatory : No [Required when a new serverpool need to be created] +#----------------------------------------------------------------------------- +cardinality= + +#----------------------------------------------------------------------------- +# Name : force +# Datatype : Boolean +# Description : Set to true if new server pool need to be created by force +# if this option is specified then the newly created serverpool +# will be assigned server even if no free servers are available. +# This may affect already running database. +# This flag can be specified for Admin managed as well as policy managed db. +# Valid values : TRUE\FALSE +# Default value : FALSE +# Mandatory : No +#----------------------------------------------------------------------------- +force=false + +#----------------------------------------------------------------------------- +# Name : pqPoolName +# Datatype : String +# Description : Only one serverpool name needs to be specified +# if create server pool option is specified. +# Comma-separated list of serverpool names if use +# server pool. This is required to +# create Parallel Query (PQ) database. Applicable to Big Cluster +# Valid values : Parallel Query (PQ) pool name +# Default value : None +# Mandatory : No [required in case of RAC service centric database] +#----------------------------------------------------------------------------- +pqPoolName= + +#----------------------------------------------------------------------------- +# Name : pqCardinality +# Datatype : Number +# Description : Specify Cardinality for create server pool operation. +# Applicable to Big Cluster +# Valid values : any positive Integer value +# Default value : Number of qualified nodes on cluster +# Mandatory : No [Required when a new serverpool need to be created] +#----------------------------------------------------------------------------- +pqCardinality= + +#----------------------------------------------------------------------------- +# Name : createAsContainerDatabase +# Datatype : boolean +# Description : flag to create database as container database +# Valid values : Check Oracle12c Administrator's Guide +# Default value : false +# Mandatory : No +#----------------------------------------------------------------------------- +createAsContainerDatabase=false + +#----------------------------------------------------------------------------- +# Name : numberOfPDBs +# Datatype : Number +# Description : Specify the number of pdb to be created +# Valid values : 0 to 252 +# Default value : 0 +# Mandatory : No +#----------------------------------------------------------------------------- +numberOfPDBs=0 + +#----------------------------------------------------------------------------- +# Name : pdbName +# Datatype : String +# Description : Specify the pdbname/pdbanme prefix if one or more pdb need to be created +# Valid values : Check Oracle12c Administrator's Guide +# Default value : None +# Mandatory : No +#----------------------------------------------------------------------------- +pdbName= + +#----------------------------------------------------------------------------- +# Name : useLocalUndoForPDBs +# Datatype : boolean +# Description : Flag to create local undo tablespace for all PDB's. +# Valid values : TRUE\FALSE +# Default value : TRUE +# Mandatory : No +#----------------------------------------------------------------------------- +useLocalUndoForPDBs=true + +#----------------------------------------------------------------------------- +# Name : pdbAdminPassword +# Datatype : String +# Description : PDB Administrator user password +# Valid values : Check Oracle12c Administrator's Guide +# Default value : None +# Mandatory : No +#----------------------------------------------------------------------------- + +pdbAdminPassword= + +#----------------------------------------------------------------------------- +# Name : nodelist +# Datatype : String +# Description : Comma-separated list of cluster nodes +# Valid values : Cluster node names +# Default value : None +# Mandatory : No (Yes for RAC database-centric database ) +#----------------------------------------------------------------------------- +nodelist= + +#----------------------------------------------------------------------------- +# Name : templateName +# Datatype : String +# Description : Name of the template +# Valid values : Template file name +# Default value : None +# Mandatory : Yes +#----------------------------------------------------------------------------- +templateName=${var.db_home_path}/assistants/dbca/templates/General_Purpose.dbc + +#----------------------------------------------------------------------------- +# Name : sysPassword +# Datatype : String +# Description : Password for SYS user +# Valid values : Check Oracle12c Administrator's Guide +# Default value : None +# Mandatory : Yes +#----------------------------------------------------------------------------- +sysPassword=${var.sys_pass} + +#----------------------------------------------------------------------------- +# Name : systemPassword +# Datatype : String +# Description : Password for SYSTEM user +# Valid values : Check Oracle12c Administrator's Guide +# Default value : None +# Mandatory : Yes +#----------------------------------------------------------------------------- +systemPassword=${var.system_pass} + +#----------------------------------------------------------------------------- +# Name : serviceUserPassword +# Datatype : String +# Description : Password for Windows Service user +# Default value : None +# Mandatory : If Oracle home is installed with windows service user +#----------------------------------------------------------------------------- +serviceUserPassword= + +#----------------------------------------------------------------------------- +# Name : emConfiguration +# Datatype : String +# Description : Enterprise Manager Configuration Type +# Valid values : CENTRAL|DBEXPRESS|BOTH|NONE +# Default value : NONE +# Mandatory : No +#----------------------------------------------------------------------------- +emConfiguration= + +#----------------------------------------------------------------------------- +# Name : emExpressPort +# Datatype : Number +# Description : Enterprise Manager Configuration Type +# Valid values : Check Oracle12c Administrator's Guide +# Default value : NONE +# Mandatory : No, will be picked up from DBEXPRESS_HTTPS_PORT env variable +# or auto generates a free port between 5500 and 5599 +#----------------------------------------------------------------------------- +emExpressPort=5500 + +#----------------------------------------------------------------------------- +# Name : runCVUChecks +# Datatype : Boolean +# Description : Specify whether to run Cluster Verification Utility checks +# periodically in Cluster environment +# Valid values : TRUE\FALSE +# Default value : FALSE +# Mandatory : No +#----------------------------------------------------------------------------- +runCVUChecks=FALSE + +#----------------------------------------------------------------------------- +# Name : dbsnmpPassword +# Datatype : String +# Description : Password for DBSNMP user +# Valid values : Check Oracle12c Administrator's Guide +# Default value : None +# Mandatory : Yes, if emConfiguration is specified or +# the value of runCVUChecks is TRUE +#----------------------------------------------------------------------------- +dbsnmpPassword= + +#----------------------------------------------------------------------------- +# Name : omsHost +# Datatype : String +# Description : EM management server host name +# Default value : None +# Mandatory : Yes, if CENTRAL is specified for emConfiguration +#----------------------------------------------------------------------------- +omsHost= + +#----------------------------------------------------------------------------- +# Name : omsPort +# Datatype : Number +# Description : EM management server port number +# Default value : None +# Mandatory : Yes, if CENTRAL is specified for emConfiguration +#----------------------------------------------------------------------------- +omsPort=0 + +#----------------------------------------------------------------------------- +# Name : emUser +# Datatype : String +# Description : EM Admin username to add or modify targets +# Default value : None +# Mandatory : Yes, if CENTRAL is specified for emConfiguration +#----------------------------------------------------------------------------- +emUser= + +#----------------------------------------------------------------------------- +# Name : emPassword +# Datatype : String +# Description : EM Admin user password +# Default value : None +# Mandatory : Yes, if CENTRAL is specified for emConfiguration +#----------------------------------------------------------------------------- +emPassword= + +#----------------------------------------------------------------------------- +# Name : dvConfiguration +# Datatype : Boolean +# Description : Specify "True" to configure and enable Oracle Database vault +# Valid values : True/False +# Default value : False +# Mandatory : No +#----------------------------------------------------------------------------- +dvConfiguration=false + +#----------------------------------------------------------------------------- +# Name : dvUserName +# Datatype : String +# Description : DataVault Owner +# Valid values : Check Oracle12c Administrator's Guide +# Default value : None +# Mandatory : Yes, if DataVault option is chosen +#----------------------------------------------------------------------------- +dvUserName= + +#----------------------------------------------------------------------------- +# Name : dvUserPassword +# Datatype : String +# Description : Password for DataVault Owner +# Valid values : Check Oracle12c Administrator's Guide +# Default value : None +# Mandatory : Yes, if DataVault option is chosen +#----------------------------------------------------------------------------- +dvUserPassword= + +#----------------------------------------------------------------------------- +# Name : dvAccountManagerName +# Datatype : String +# Description : DataVault Account Manager +# Valid values : Check Oracle12c Administrator's Guide +# Default value : None +# Mandatory : No +#----------------------------------------------------------------------------- +dvAccountManagerName= + +#----------------------------------------------------------------------------- +# Name : dvAccountManagerPassword +# Datatype : String +# Description : Password for DataVault Account Manager +# Valid values : Check Oracle12c Administrator's Guide +# Default value : None +# Mandatory : No +#----------------------------------------------------------------------------- +dvAccountManagerPassword= + +#----------------------------------------------------------------------------- +# Name : olsConfiguration +# Datatype : Boolean +# Description : Specify "True" to configure and enable Oracle Label Security +# Valid values : True/False +# Default value : False +# Mandatory : No +#----------------------------------------------------------------------------- +olsConfiguration=false + +#----------------------------------------------------------------------------- +# Name : datafileJarLocation +# Datatype : String +# Description : Location of the data file jar +# Valid values : Directory containing compressed datafile jar +# Default value : None +# Mandatory : No +#----------------------------------------------------------------------------- +datafileJarLocation={ORACLE_HOME}/assistants/dbca/templates/ + +#----------------------------------------------------------------------------- +# Name : datafileDestination +# Datatype : String +# Description : Location of the data file's +# Valid values : Directory for all the database files +# Default value : $ORACLE_BASE/oradata +# Mandatory : No +#----------------------------------------------------------------------------- +datafileDestination={ORACLE_BASE}/oradata/{DB_UNIQUE_NAME}/ + +#----------------------------------------------------------------------------- +# Name : recoveryAreaDestination +# Datatype : String +# Description : Location of the data file's +# Valid values : Recovery Area location +# Default value : $ORACLE_BASE/flash_recovery_area +# Mandatory : No +#----------------------------------------------------------------------------- +recoveryAreaDestination={ORACLE_BASE}/fast_recovery_area/{DB_UNIQUE_NAME} + +#----------------------------------------------------------------------------- +# Name : storageType +# Datatype : String +# Description : Specifies the storage on which the database is to be created +# Valid values : FS (CFS for RAC), ASM +# Default value : FS +# Mandatory : No +#----------------------------------------------------------------------------- +storageType=FS + +#----------------------------------------------------------------------------- +# Name : diskGroupName +# Datatype : String +# Description : Specifies the disk group name for the storage +# Default value : DATA +# Mandatory : No +#----------------------------------------------------------------------------- +diskGroupName= + +#----------------------------------------------------------------------------- +# Name : asmsnmpPassword +# Datatype : String +# Description : Password for ASM Monitoring +# Default value : None +# Mandatory : No +#----------------------------------------------------------------------------- +asmsnmpPassword= + +#----------------------------------------------------------------------------- +# Name : recoveryGroupName +# Datatype : String +# Description : Specifies the disk group name for the recovery area +# Default value : RECOVERY +# Mandatory : No +#----------------------------------------------------------------------------- +recoveryGroupName= + +#----------------------------------------------------------------------------- +# Name : characterSet +# Datatype : String +# Description : Character set of the database +# Valid values : Check Oracle12c National Language Support Guide +# Default value : "US7ASCII" +# Mandatory : NO +#----------------------------------------------------------------------------- +characterSet=AL32UTF8 + +#----------------------------------------------------------------------------- +# Name : nationalCharacterSet +# Datatype : String +# Description : National Character set of the database +# Valid values : "UTF8" or "AL16UTF16". For details, check Oracle12c National Language Support Guide +# Default value : "AL16UTF16" +# Mandatory : No +#----------------------------------------------------------------------------- +nationalCharacterSet=AL16UTF16 + +#----------------------------------------------------------------------------- +# Name : registerWithDirService +# Datatype : Boolean +# Description : Specifies whether to register with Directory Service. +# Valid values : TRUE \ FALSE +# Default value : FALSE +# Mandatory : No +#----------------------------------------------------------------------------- +registerWithDirService=false + + +#----------------------------------------------------------------------------- +# Name : dirServiceUserName +# Datatype : String +# Description : Specifies the name of the directory service user +# Mandatory : YES, if the value of registerWithDirService is TRUE +#----------------------------------------------------------------------------- +dirServiceUserName= + +#----------------------------------------------------------------------------- +# Name : dirServicePassword +# Datatype : String +# Description : The password of the directory service user. +# You can also specify the password at the command prompt instead of here. +# Mandatory : YES, if the value of registerWithDirService is TRUE +#----------------------------------------------------------------------------- +dirServicePassword= + +#----------------------------------------------------------------------------- +# Name : walletPassword +# Datatype : String +# Description : The password for wallet to created or modified. +# You can also specify the password at the command prompt instead of here. +# Mandatory : YES, if the value of registerWithDirService is TRUE +#----------------------------------------------------------------------------- +walletPassword= + +#----------------------------------------------------------------------------- +# Name : listeners +# Datatype : String +# Description : Specifies list of listeners to register the database with. +# By default the database is configured for all the listeners specified in the +# $ORACLE_HOME/network/admin/listener.ora +# Valid values : The list should be comma separated like "listener1,listener2". +# Mandatory : NO +#----------------------------------------------------------------------------- +listeners= + +#----------------------------------------------------------------------------- +# Name : variablesFile +# Datatype : String +# Description : Location of the file containing variable value pair +# Valid values : A valid file-system file. The variable value pair format in this file +# is =. Each pair should be in a new line. +# Default value : None +# Mandatory : NO +#----------------------------------------------------------------------------- +variablesFile= + +#----------------------------------------------------------------------------- +# Name : variables +# Datatype : String +# Description : comma separated list of name=value pairs. Overrides variables defined in variablefile and templates +# Default value : None +# Mandatory : NO +#----------------------------------------------------------------------------- +variables=ORACLE_BASE_HOME=${var.db_home_path},DB_UNIQUE_NAME=${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), count.index)], "sid")},ORACLE_BASE=${var.oracle_base},PDB_NAME=,DB_NAME=${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), count.index)], "sid")},ORACLE_HOME=${var.db_home_path},SID=${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), count.index)], "sid")} + +#----------------------------------------------------------------------------- +# Name : initParams +# Datatype : String +# Description : comma separated list of name=value pairs. Overrides initialization parameters defined in templates +# Default value : None +# Mandatory : NO +#----------------------------------------------------------------------------- +initParams=undo_tablespace=UNDOTBS1,sga_target=4569MB,db_block_size=8192BYTES,nls_language=AMERICAN,dispatchers=(PROTOCOL=TCP) (SERVICE=sh2XDB),diagnostic_dest={ORACLE_BASE},remote_login_passwordfile=EXCLUSIVE,db_create_file_dest={ORACLE_BASE}/oradata/{DB_UNIQUE_NAME}/,audit_file_dest={ORACLE_BASE}/admin/{DB_UNIQUE_NAME}/adump,processes=320,pga_aggregate_target=1524MB,nls_territory=AMERICA,local_listener=LISTENER_SHARDCAT,db_recovery_file_dest_size=8256MB,open_cursors=300,log_archive_format=%t_%s_%r.dbf,compatible=${local.db_major_version}.0.0,db_name=${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), count.index)], "sid")},db_recovery_file_dest={ORACLE_BASE}/fast_recovery_area/{DB_UNIQUE_NAME},audit_trail=db + +#----------------------------------------------------------------------------- +# Name : sampleSchema +# Datatype : Boolean +# Description : Specifies whether or not to add the Sample Schemas to your database +# Valid values : TRUE \ FALSE +# Default value : FASLE +# Mandatory : No +#----------------------------------------------------------------------------- +sampleSchema=false + +#----------------------------------------------------------------------------- +# Name : memoryPercentage +# Datatype : String +# Description : percentage of physical memory for Oracle +# Default value : None +# Mandatory : NO +#----------------------------------------------------------------------------- +memoryPercentage=40 + +#----------------------------------------------------------------------------- +# Name : databaseType +# Datatype : String +# Description : used for memory distribution when memoryPercentage specified +# Valid values : MULTIPURPOSE|DATA_WAREHOUSING|OLTP +# Default value : MULTIPURPOSE +# Mandatory : NO +#----------------------------------------------------------------------------- +databaseType=MULTIPURPOSE + +#----------------------------------------------------------------------------- +# Name : automaticMemoryManagement +# Datatype : Boolean +# Description : flag to indicate Automatic Memory Management is used +# Valid values : TRUE/FALSE +# Default value : TRUE +# Mandatory : NO +#----------------------------------------------------------------------------- +automaticMemoryManagement=false + +#----------------------------------------------------------------------------- +# Name : totalMemory +# Datatype : String +# Description : total memory in MB to allocate to Oracle +# Valid values : +# Default value : +# Mandatory : NO +#----------------------------------------------------------------------------- +totalMemory=0 +EOF + destination = "${var.db_home_path}/dbca.rsp" +} + + + # db install + provisioner "remote-exec" { + inline = [ <> $TNS_ADMIN/listener.ora + + lsnrctl stop + lsnrctl start + EOF + destination = "${var.db_home_path}/add-static-dg-listener.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${var.db_home_path}/add-static-dg-listener.sh", + "${var.db_home_path}/add-static-dg-listener.sh", + "rm -f ${var.db_home_path}/add-static-dg-listener.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${var.db_home_path}/add-static-dg-listener.sh" + ] + } + +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%datasources.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%datasources.tf new file mode 100644 index 0000000..c3c0326 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%datasources.tf @@ -0,0 +1,28 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +data "template_file" "shard_db_config_template" { + template = "${file("${path.module}/sql/shard-db-config.template.ql")}" + + vars = { + oradata = "${local.oradata}" + gsmuser_pass = "${var.gsmuser_pass}" + } +} + +data "template_file" "shard_validation_template" { + template = "${file("${path.module}/sql/shard-validation.template.ql")}" + + vars = { + oradata = "${local.oradata}" + gsmuser_pass = "${var.gsmuser_pass}" + } +} + +data "template_file" "deps_check_template" { + template = "${file("${path.module}/scripts/deps_check.template.sh")}" + + vars = { + oracle_base = "${var.oracle_base}" + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%enable-sys-dg.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%enable-sys-dg.tf new file mode 100644 index 0000000..896a3e5 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%enable-sys-dg.tf @@ -0,0 +1,44 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_enable_sys_dg" { + # depends_on = ["null_resource.sdb_shard_db_configure"] + count = "${var.setup_mode == "new_install" ? 0 : length(var.shards)}" + + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${lookup(var.shards[element(keys(var.shards), count.index)], "host")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + #!/bin/bash + source ${var.db_home_path}/shard.sh + cd ${var.db_home_path}/dbs/ + mv orapw${lookup(var.shards[element(keys(var.shards), count.index)], "sid")} orapw${lookup(var.shards[element(keys(var.shards), count.index)], "sid")}.bak + echo ${var.sys_pass} | orapwd file=orapw${lookup(var.shards[element(keys(var.shards), count.index)], "sid")} password=${var.sys_pass} sysdg=y + EOF + destination = "${var.db_home_path}/enable-sys-dg.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${var.db_home_path}/enable-sys-dg.sh", + "${var.db_home_path}/enable-sys-dg.sh", + "rm -f ${var.db_home_path}/enable-sys-dg.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${var.db_home_path}/enable-sys-dg.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%main.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%main.tf new file mode 100644 index 0000000..c59cdc8 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%main.tf @@ -0,0 +1,69 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_db_configure" { + count = "${var.setup_mode == "new_install" ? 0 : length(var.shards)}" + + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${lookup(var.shards[element(keys(var.shards), count.index)], "host")}" + agent = false + timeout = "${var.ssh_timeout}" + } + provisioner "file" { + content = "${data.template_file.shard_db_config_template.rendered}" + destination = "${var.db_home_path}/shard-db-config.sql" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + echo ${var.sdb_shard_director_configure_deps_check} + source ${var.db_home_path}/shard.sh + sqlplus / as sysdba @${var.db_home_path}/shard-db-config.sql + EOF + destination = "${var.db_home_path}/shard-db-config-setup.sh" + } + + #Shard db config setup + provisioner "remote-exec" { + inline = [ + "chmod 700 ${var.db_home_path}/shard-db-config-setup.sh", + "${var.db_home_path}/shard-db-config-setup.sh", + "rm -f ${var.db_home_path}/shard-db-config.sql", + "rm -f ${var.db_home_path}/shard-db-config-setup.sh" + ] + } + + provisioner "file" { + content = "${data.template_file.deps_check_template.rendered}" + destination = "${var.db_home_path}/deps-check.sh" + } + + + provisioner "file" { + when = "destroy" + content = <<-EOF + #! /bin/bash + source ${var.db_home_path}/shard.sh + rm -f ${var.db_home_path}/shard-db-config.sql + rm -f ${var.db_home_path}/deps-check.sh, + rm -f ${var.db_home_path}/shard-db-config-setup.sh + EOF + destination = "${var.db_home_path}/shard-db-config-teardown.sh" + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "chmod 700 ${var.db_home_path}/shard-db-config-teardown.sh", + "${var.db_home_path}/shard-db-config-teardown.sh", + "rm -f ${var.db_home_path}/shard-db-config-teardown.sh" + ] + } +} + diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%outputs.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%outputs.tf new file mode 100644 index 0000000..ad66ef9 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%outputs.tf @@ -0,0 +1,10 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +output "rendered_sdb_shard_db_config_template" { + value = "${data.template_file.shard_db_config_template.rendered}" +} + +output "rendered_deps_check" { + value = "${data.template_file.deps_check_template.rendered}" +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%schagent-register-shard.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%schagent-register-shard.tf new file mode 100644 index 0000000..a77ba73 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%schagent-register-shard.tf @@ -0,0 +1,71 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_schagent_register_shard" { + # depends_on = ["null_resource.sdb_shard_validation"] + count = "${var.setup_mode == "new_install" ? length(var.shards) : 0}" + + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${lookup(var.shards[element(keys(var.shards), count.index)], "host")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${var.db_home_path}/shard.sh + mkdir -p ${var.oracle_base}/oradata + mkdir -p ${var.oracle_base}/fast_recovery_area + echo ${var.scheduler_agent_pass} | schagent -registerdatabase ${local.shard_catalog_host} ${local.scheduler_agent_port} + sleep 10 + nohup schagent -start + # sleep 10 + schagent -status + EOF + destination = "${var.db_home_path}/schagent-register-shard.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${var.db_home_path}/schagent-register-shard.sh", + "${var.db_home_path}/schagent-register-shard.sh", + "rm -f ${var.db_home_path}/schagent-register-shard.sh" + ] + } + + provisioner "file" { + when = "destroy" + content = <<-EOF + #! /bin/bash + source ${var.db_home_path}/shard.sh + schagent -status + schagent -stop + sleep 10 + schagent -status + EOF + destination = "${var.db_home_path}/schagent-teardown.sh" + } + + provisioner "remote-exec" { + when = "destroy" + inline = [ + "chmod 700 ${var.db_home_path}/schagent-teardown.sh", + "${var.db_home_path}/schagent-teardown.sh", + "rm -f ${var.db_home_path}/schagent-register-shard.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${var.db_home_path}/schagent-register-shard.sh", + "rm -f ${var.db_home_path}/schagent-teardown.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%schagent-register-standby-shard.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%schagent-register-standby-shard.tf new file mode 100644 index 0000000..bd8968c --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%schagent-register-standby-shard.tf @@ -0,0 +1,71 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_schagent_register_standby_shard" { + # depends_on = ["null_resource.schagent_register_shard"] + count = "${var.setup_mode == "new_install" ? length(var.standby_shards) : 0}" + + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "host")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${var.db_home_path}/shard.sh + mkdir -p ${var.oracle_base}/oradata + mkdir -p ${var.oracle_base}/fast_recovery_area + echo ${var.scheduler_agent_pass} | schagent -registerdatabase ${local.shard_catalog_host} ${local.scheduler_agent_port} + sleep 10 + nohup schagent -start + # sleep 10 + schagent -status + EOF + destination = "${var.db_home_path}/schagent-register-shard.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${var.db_home_path}/schagent-register-shard.sh", + "${var.db_home_path}/schagent-register-shard.sh", + "rm -f ${var.db_home_path}/schagent-register-shard.sh" + ] + } + + provisioner "file" { + when = "destroy" + content = <<-EOF + #! /bin/bash + source ${var.db_home_path}/shard.sh + schagent -status + schagent -stop + sleep 10 + schagent -status + EOF + destination = "${var.db_home_path}/schagent-teardown.sh" + } + + provisioner "remote-exec" { + when = "destroy" + inline = [ + "chmod 700 ${var.db_home_path}/schagent-teardown.sh", + "${var.db_home_path}/schagent-teardown.sh" + ] + } + + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${var.db_home_path}/schagent-register-shard.sh", + "rm -f ${var.db_home_path}/schagent-teardown.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%setup-data-guard.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%setup-data-guard.tf new file mode 100644 index 0000000..bdbf44f --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%setup-data-guard.tf @@ -0,0 +1,49 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_setup_data_guard" { + # depends_on = ["null_resource.sdb_enable_sys_dg"] + count = "${var.setup_mode == "new_install" ? 0 : length(var.standby_shards)}" + + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "host")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + source = "${path.module}/scripts/setup-adg.sh" + destination = "${var.db_home_path}/setup-adg.sh" + } + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${var.db_home_path}/shard.sh + cd ${var.db_home_path} + ./setup-adg.sh -l sys/${var.sys_pass}@${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "primary_host")}:${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "primary_port")}/${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "primary_sid")} -d ${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "sid")} + EOF + destination = "${var.db_home_path}/invoke-adg-setup.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod 700 ${var.db_home_path}/invoke-adg-setup.sh", + "chmod 700 ${var.db_home_path}/setup-adg.sh", + "${var.db_home_path}/invoke-adg-setup.sh", + "rm -f ${var.db_home_path}/invoke-adg-setup.sh" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${var.db_home_path}/setup-adg.sh", + "rm -f ${var.db_home_path}/invoke-adg-setup.sh" + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%shard-env-configure.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%shard-env-configure.tf new file mode 100644 index 0000000..bd9f8b6 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%shard-env-configure.tf @@ -0,0 +1,31 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_env_configure" { + count = "${var.setup_mode == "new_install" ? 0 : length(var.shards)}" + + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${lookup(var.shards[element(keys(var.shards), count.index)], "host")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + # copying env + provisioner "file" { + + content = <<-EOF + #! /bin/bash + export ORACLE_SID="${lookup(var.shards[element(keys(var.shards), count.index)], "sid")}" + export ORACLE_BASE="${var.oracle_base}" + export ORACLE_HOME="${var.db_home_path}" + export LD_LIBRARY_PATH=$ORACLE_HOME/lib + export PATH=$PATH:$ORACLE_HOME/bin + export TNS_ADMIN=$ORACLE_HOME/network/admin + EOF + destination = "${var.db_home_path}/shard.sh" + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%shard-validation.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%shard-validation.tf new file mode 100644 index 0000000..4ca97fd --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%shard-validation.tf @@ -0,0 +1,51 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_validation" { + # depends_on = ["null_resource.sdb_add_static_dg_listener"] + count = "${var.setup_mode == "new_install" ? 0 : length(var.shards)}" + + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${lookup(var.shards[element(keys(var.shards), count.index)], "host")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + provisioner "file" { + content = "${data.template_file.shard_validation_template.rendered}" + destination = "${var.db_home_path}/shard-validation.sql" + } + + provisioner "file" { + content = <<-EOF + #! /bin/bash + source ${var.db_home_path}/shard.sh + sqlplus / as sysdba @${var.db_home_path}/shard-validation.sql + EOF + destination = "${var.db_home_path}/shard-validation.sh" + } + + #Shard validation + provisioner "remote-exec" { + inline = [ + "chmod 700 ${var.db_home_path}/shard-validation.sh", + "${var.db_home_path}/shard-validation.sh", + "rm -f ${var.db_home_path}/shard-validation.sh", + "rm -f ${var.db_home_path}/shard-validation.sql" + ] + } + + # destroying + provisioner "remote-exec" { + when = "destroy" + inline = [ + "rm -f ${var.db_home_path}/shard-validation.sh", + "rm -f ${var.db_home_path}/shard-validation.sql" + ] + } + +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%standby-shard-env-configure.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%standby-shard-env-configure.tf new file mode 100644 index 0000000..07b1404 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%standby-shard-env-configure.tf @@ -0,0 +1,30 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_standby_shard_env_configure" { + count = "${var.setup_mode == "new_install" ? 0 : length(var.standby_shards)}" + + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "host")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + # copying env + provisioner "file" { + content = <<-EOF + #! /bin/bash + export ORACLE_SID="${lookup(var.standby_shards[element(keys(var.standby_shards), count.index)], "sid")}" + export ORACLE_BASE="${var.oracle_base}" + export ORACLE_HOME="${var.db_home_path}" + export LD_LIBRARY_PATH=$ORACLE_HOME/lib + export PATH=$PATH:$ORACLE_HOME/bin + export TNS_ADMIN=$ORACLE_HOME/network/admin + EOF + destination = "${var.db_home_path}/shard.sh" + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%variables.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%variables.tf new file mode 100644 index 0000000..a747241 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_configure%variables.tf @@ -0,0 +1,69 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +locals { + module_prefix = "configure_shard_db" + + oradata = "${var.oracle_base}/oradata" + + shard_catalog_host = "${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), 0)], "host")}" + + scheduler_agent_port = "${lookup(var.shard_catalogs[element(keys(var.shard_catalogs), 0)], "scheduler_agent_port", "8080")}" +} + +variable "ssh_private_key_path" { + description = "path to ssh private key on the current machine" + default = "~/.ssh/id_rsa" +} + +variable "ssh_timeout" { + description = "ssh timeout" + default = "3m" +} + +variable "os_user" { + description = "os user name" +} + +variable "oracle_base" { + description = "Oracle Base" +} + +variable "db_home_path" { + description = "The location for oracle db home" +} + +variable "shards" { + description = "Map of nick name of a shard to the host name or ip of the shard" + type = "map" +} + +variable "sdb_shard_director_configure_deps_check" { + description = "internal dependency check variable for sdb_shard_director_configure module" +} + +variable "gsmuser_pass" { + description = "password of the gsm user" +} + +variable "sys_pass" { + description = "Password for SYS user" +} + +variable "standby_shards" { + description = "Map of user-friendly name of a standby shard to the standby shard config information" + type = "map" +} + +variable "setup_mode" { + description = "represents the setup mode either new install mode or from existing dbs mode" +} + +variable "scheduler_agent_pass" { + description = "scheduler agent password" +} + +variable "shard_catalogs" { + description = "Map of user-friendly name of a shard catalog to the shard catalog config information" + type = "map" +} diff --git a/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_install%create-db.tf b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_install%create-db.tf new file mode 100644 index 0000000..13ce78f --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%db-sharding%deployment-with-terraform%sdb-terraform-onprem%modules%sdb_shard_db_install%create-db.tf @@ -0,0 +1,670 @@ +# Copyright 2017, 2019, Oracle Corporation and/or affiliates. All rights reserved. +# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl + +resource "null_resource" "sdb_shard_db_create" { + # depends_on = ["null_resource.sdb_shard_db_install_sw"] + count = "${var.setup_mode == "new_install" ? 0 : length(var.shards)}" + + #creates ssh connection + connection { + type = "ssh" + user = "${var.os_user}" + private_key = "${file(var.ssh_private_key_path)}" + host = "${lookup(var.shards[element(keys(var.shards), count.index)], "host")}" + agent = false + timeout = "${var.ssh_timeout}" + } + + # Creating db install and tns listener + provisioner "remote-exec" { + inline = [ <. - when database domain isn't NULL +# - when database domain is NULL +# Default value : None +# Mandatory : Yes +#----------------------------------------------------------------------------- +gdbName=${lookup(var.shards[element(keys(var.shards), count.index)], "globalDBName")} + +#----------------------------------------------------------------------------- +# Name : sid +# Datatype : String +# Description : System identifier (SID) of the database +# Valid values : Check Oracle12c Administrator's Guide +# Default value : specified in GDBNAME +# Mandatory : No +#----------------------------------------------------------------------------- +sid=${lookup(var.shards[element(keys(var.shards), count.index)], "sid")} + +#----------------------------------------------------------------------------- +# Name : databaseConfigType +# Datatype : String +# Description : database conf type as Single Instance, Real Application Cluster or Real Application Cluster One Nodes database +# Valid values : SI\RAC\RACONENODE +# Default value : SI +# Mandatory : No +#----------------------------------------------------------------------------- +databaseConfigType=SI + +#----------------------------------------------------------------------------- +# Name : RACOneNodeServiceName +# Datatype : String +# Description : Service is required by application to connect to RAC One +# Node Database +# Valid values : Service Name +# Default value : None +# Mandatory : No [required in case DATABASECONFTYPE is set to RACONENODE ] +#----------------------------------------------------------------------------- +RACOneNodeServiceName= + +#----------------------------------------------------------------------------- +# Name : policyManaged +# Datatype : Boolean +# Description : Set to true if Database is policy managed and +# set to false if Database is admin managed +# Valid values : TRUE\FALSE +# Default value : FALSE +# Mandatory : No +#----------------------------------------------------------------------------- +policyManaged=false + + +#----------------------------------------------------------------------------- +# Name : createServerPool +# Datatype : Boolean +# Description : Set to true if new server pool need to be created for database +# if this option is specified then the newly created database +# will use this newly created serverpool. +# Multiple serverpoolname can not be specified for database +# Valid values : TRUE\FALSE +# Default value : FALSE +# Mandatory : No +#----------------------------------------------------------------------------- +createServerPool=false + +#----------------------------------------------------------------------------- +# Name : serverPoolName +# Datatype : String +# Description : Only one serverpool name need to be specified +# if Create Server Pool option is specified. +# Comma-separated list of Serverpool names if db need to use +# multiple Server pool +# Valid values : ServerPool name + +# Default value : None +# Mandatory : No [required in case of RAC service centric database] +#----------------------------------------------------------------------------- +serverPoolName= + +#----------------------------------------------------------------------------- +# Name : cardinality +# Datatype : Number +# Description : Specify Cardinality for create server pool operation + +# Valid values : any positive Integer value +# Default value : Number of qualified nodes on cluster +# Mandatory : No [Required when a new serverpool need to be created] +#----------------------------------------------------------------------------- +cardinality= + +#----------------------------------------------------------------------------- +# Name : force +# Datatype : Boolean +# Description : Set to true if new server pool need to be created by force +# if this option is specified then the newly created serverpool +# will be assigned server even if no free servers are available. +# This may affect already running database. +# This flag can be specified for Admin managed as well as policy managed db. +# Valid values : TRUE\FALSE +# Default value : FALSE +# Mandatory : No +#----------------------------------------------------------------------------- +force=false + +#----------------------------------------------------------------------------- +# Name : pqPoolName +# Datatype : String +# Description : Only one serverpool name needs to be specified +# if create server pool option is specified. +# Comma-separated list of serverpool names if use +# server pool. This is required to +# create Parallel Query (PQ) database. Applicable to Big Cluster +# Valid values : Parallel Query (PQ) pool name +# Default value : None +# Mandatory : No [required in case of RAC service centric database] +#----------------------------------------------------------------------------- +pqPoolName= + +#----------------------------------------------------------------------------- +# Name : pqCardinality +# Datatype : Number +# Description : Specify Cardinality for create server pool operation. +# Applicable to Big Cluster +# Valid values : any positive Integer value +# Default value : Number of qualified nodes on cluster +# Mandatory : No [Required when a new serverpool need to be created] +#----------------------------------------------------------------------------- +pqCardinality= + +#----------------------------------------------------------------------------- +# Name : createAsContainerDatabase +# Datatype : boolean +# Description : flag to create database as container database +# Valid values : Check Oracle12c Administrator's Guide +# Default value : false +# Mandatory : No +#----------------------------------------------------------------------------- +createAsContainerDatabase=false + +#----------------------------------------------------------------------------- +# Name : numberOfPDBs +# Datatype : Number +# Description : Specify the number of pdb to be created +# Valid values : 0 to 252 +# Default value : 0 +# Mandatory : No +#----------------------------------------------------------------------------- +numberOfPDBs=0 + +#----------------------------------------------------------------------------- +# Name : pdbName +# Datatype : String +# Description : Specify the pdbname/pdbanme prefix if one or more pdb need to be created +# Valid values : Check Oracle12c Administrator's Guide +# Default value : None +# Mandatory : No +#----------------------------------------------------------------------------- +pdbName= + +#----------------------------------------------------------------------------- +# Name : useLocalUndoForPDBs +# Datatype : boolean +# Description : Flag to create local undo tablespace for all PDB's. +# Valid values : TRUE\FALSE +# Default value : TRUE +# Mandatory : No +#----------------------------------------------------------------------------- +useLocalUndoForPDBs=true + +#----------------------------------------------------------------------------- +# Name : pdbAdminPassword +# Datatype : String +# Description : PDB Administrator user password +# Valid values : Check Oracle12c Administrator's Guide +# Default value : None +# Mandatory : No +#----------------------------------------------------------------------------- + +pdbAdminPassword= + +#----------------------------------------------------------------------------- +# Name : nodelist +# Datatype : String +# Description : Comma-separated list of cluster nodes +# Valid values : Cluster node names +# Default value : None +# Mandatory : No (Yes for RAC database-centric database ) +#----------------------------------------------------------------------------- +nodelist= + +#----------------------------------------------------------------------------- +# Name : templateName +# Datatype : String +# Description : Name of the template +# Valid values : Template file name +# Default value : None +# Mandatory : Yes +#----------------------------------------------------------------------------- +templateName=${var.db_home_path}/assistants/dbca/templates/General_Purpose.dbc + +#----------------------------------------------------------------------------- +# Name : sysPassword +# Datatype : String +# Description : Password for SYS user +# Valid values : Check Oracle12c Administrator's Guide +# Default value : None +# Mandatory : Yes +#----------------------------------------------------------------------------- +sysPassword=${var.sys_pass} + +#----------------------------------------------------------------------------- +# Name : systemPassword +# Datatype : String +# Description : Password for SYSTEM user +# Valid values : Check Oracle12c Administrator's Guide +# Default value : None +# Mandatory : Yes +#----------------------------------------------------------------------------- +systemPassword=${var.system_pass} + +#----------------------------------------------------------------------------- +# Name : serviceUserPassword +# Datatype : String +# Description : Password for Windows Service user +# Default value : None +# Mandatory : If Oracle home is installed with windows service user +#----------------------------------------------------------------------------- +serviceUserPassword= + +#----------------------------------------------------------------------------- +# Name : emConfiguration +# Datatype : String +# Description : Enterprise Manager Configuration Type +# Valid values : CENTRAL|DBEXPRESS|BOTH|NONE +# Default value : NONE +# Mandatory : No +#----------------------------------------------------------------------------- +emConfiguration= + +#----------------------------------------------------------------------------- +# Name : emExpressPort +# Datatype : Number +# Description : Enterprise Manager Configuration Type +# Valid values : Check Oracle12c Administrator's Guide +# Default value : NONE +# Mandatory : No, will be picked up from DBEXPRESS_HTTPS_PORT env variable +# or auto generates a free port between 5500 and 5599 +#----------------------------------------------------------------------------- +emExpressPort=5500 + +#----------------------------------------------------------------------------- +# Name : runCVUChecks +# Datatype : Boolean +# Description : Specify whether to run Cluster Verification Utility checks +# periodically in Cluster environment +# Valid values : TRUE\FALSE +# Default value : FALSE +# Mandatory : No +#----------------------------------------------------------------------------- +runCVUChecks=FALSE + +#----------------------------------------------------------------------------- +# Name : dbsnmpPassword +# Datatype : String +# Description : Password for DBSNMP user +# Valid values : Check Oracle12c Administrator's Guide +# Default value : None +# Mandatory : Yes, if emConfiguration is specified or +# the value of runCVUChecks is TRUE +#----------------------------------------------------------------------------- +dbsnmpPassword= + +#----------------------------------------------------------------------------- +# Name : omsHost +# Datatype : String +# Description : EM management server host name +# Default value : None +# Mandatory : Yes, if CENTRAL is specified for emConfiguration +#----------------------------------------------------------------------------- +omsHost= + +#----------------------------------------------------------------------------- +# Name : omsPort +# Datatype : Number +# Description : EM management server port number +# Default value : None +# Mandatory : Yes, if CENTRAL is specified for emConfiguration +#----------------------------------------------------------------------------- +omsPort=0 + +#----------------------------------------------------------------------------- +# Name : emUser +# Datatype : String +# Description : EM Admin username to add or modify targets +# Default value : None +# Mandatory : Yes, if CENTRAL is specified for emConfiguration +#----------------------------------------------------------------------------- +emUser= + +#----------------------------------------------------------------------------- +# Name : emPassword +# Datatype : String +# Description : EM Admin user password +# Default value : None +# Mandatory : Yes, if CENTRAL is specified for emConfiguration +#----------------------------------------------------------------------------- +emPassword= + +#----------------------------------------------------------------------------- +# Name : dvConfiguration +# Datatype : Boolean +# Description : Specify "True" to configure and enable Oracle Database vault +# Valid values : True/False +# Default value : False +# Mandatory : No +#----------------------------------------------------------------------------- +dvConfiguration=false + +#----------------------------------------------------------------------------- +# Name : dvUserName +# Datatype : String +# Description : DataVault Owner +# Valid values : Check Oracle12c Administrator's Guide +# Default value : None +# Mandatory : Yes, if DataVault option is chosen +#----------------------------------------------------------------------------- +dvUserName= + +#----------------------------------------------------------------------------- +# Name : dvUserPassword +# Datatype : String +# Description : Password for DataVault Owner +# Valid values : Check Oracle12c Administrator's Guide +# Default value : None +# Mandatory : Yes, if DataVault option is chosen +#----------------------------------------------------------------------------- +dvUserPassword= + +#----------------------------------------------------------------------------- +# Name : dvAccountManagerName +# Datatype : String +# Description : DataVault Account Manager +# Valid values : Check Oracle12c Administrator's Guide +# Default value : None +# Mandatory : No +#----------------------------------------------------------------------------- +dvAccountManagerName= + +#----------------------------------------------------------------------------- +# Name : dvAccountManagerPassword +# Datatype : String +# Description : Password for DataVault Account Manager +# Valid values : Check Oracle12c Administrator's Guide +# Default value : None +# Mandatory : No +#----------------------------------------------------------------------------- +dvAccountManagerPassword= + +#----------------------------------------------------------------------------- +# Name : olsConfiguration +# Datatype : Boolean +# Description : Specify "True" to configure and enable Oracle Label Security +# Valid values : True/False +# Default value : False +# Mandatory : No +#----------------------------------------------------------------------------- +olsConfiguration=false + +#----------------------------------------------------------------------------- +# Name : datafileJarLocation +# Datatype : String +# Description : Location of the data file jar +# Valid values : Directory containing compressed datafile jar +# Default value : None +# Mandatory : No +#----------------------------------------------------------------------------- +datafileJarLocation={ORACLE_HOME}/assistants/dbca/templates/ + +#----------------------------------------------------------------------------- +# Name : datafileDestination +# Datatype : String +# Description : Location of the data file's +# Valid values : Directory for all the database files +# Default value : $ORACLE_BASE/oradata +# Mandatory : No +#----------------------------------------------------------------------------- +datafileDestination={ORACLE_BASE}/oradata/{DB_UNIQUE_NAME}/ + +#----------------------------------------------------------------------------- +# Name : recoveryAreaDestination +# Datatype : String +# Description : Location of the data file's +# Valid values : Recovery Area location +# Default value : $ORACLE_BASE/flash_recovery_area +# Mandatory : No +#----------------------------------------------------------------------------- +recoveryAreaDestination={ORACLE_BASE}/fast_recovery_area/{DB_UNIQUE_NAME} + +#----------------------------------------------------------------------------- +# Name : storageType +# Datatype : String +# Description : Specifies the storage on which the database is to be created +# Valid values : FS (CFS for RAC), ASM +# Default value : FS +# Mandatory : No +#----------------------------------------------------------------------------- +storageType=FS + +#----------------------------------------------------------------------------- +# Name : diskGroupName +# Datatype : String +# Description : Specifies the disk group name for the storage +# Default value : DATA +# Mandatory : No +#----------------------------------------------------------------------------- +diskGroupName= + +#----------------------------------------------------------------------------- +# Name : asmsnmpPassword +# Datatype : String +# Description : Password for ASM Monitoring +# Default value : None +# Mandatory : No +#----------------------------------------------------------------------------- +asmsnmpPassword= + +#----------------------------------------------------------------------------- +# Name : recoveryGroupName +# Datatype : String +# Description : Specifies the disk group name for the recovery area +# Default value : RECOVERY +# Mandatory : No +#----------------------------------------------------------------------------- +recoveryGroupName= + +#----------------------------------------------------------------------------- +# Name : characterSet +# Datatype : String +# Description : Character set of the database +# Valid values : Check Oracle12c National Language Support Guide +# Default value : "US7ASCII" +# Mandatory : NO +#----------------------------------------------------------------------------- +characterSet=AL32UTF8 + +#----------------------------------------------------------------------------- +# Name : nationalCharacterSet +# Datatype : String +# Description : National Character set of the database +# Valid values : "UTF8" or "AL16UTF16". For details, check Oracle12c National Language Support Guide +# Default value : "AL16UTF16" +# Mandatory : No +#----------------------------------------------------------------------------- +nationalCharacterSet=AL16UTF16 + +#----------------------------------------------------------------------------- +# Name : registerWithDirService +# Datatype : Boolean +# Description : Specifies whether to register with Directory Service. +# Valid values : TRUE \ FALSE +# Default value : FALSE +# Mandatory : No +#----------------------------------------------------------------------------- +registerWithDirService=false + + +#----------------------------------------------------------------------------- +# Name : dirServiceUserName +# Datatype : String +# Description : Specifies the name of the directory service user +# Mandatory : YES, if the value of registerWithDirService is TRUE +#----------------------------------------------------------------------------- +dirServiceUserName= + +#----------------------------------------------------------------------------- +# Name : dirServicePassword +# Datatype : String +# Description : The password of the directory service user. +# You can also specify the password at the command prompt instead of here. +# Mandatory : YES, if the value of registerWithDirService is TRUE +#----------------------------------------------------------------------------- +dirServicePassword= + +#----------------------------------------------------------------------------- +# Name : walletPassword +# Datatype : String +# Description : The password for wallet to created or modified. +# You can also specify the password at the command prompt instead of here. +# Mandatory : YES, if the value of registerWithDirService is TRUE +#----------------------------------------------------------------------------- +walletPassword= + +#----------------------------------------------------------------------------- +# Name : listeners +# Datatype : String +# Description : Specifies list of listeners to register the database with. +# By default the database is configured for all the listeners specified in the +# $ORACLE_HOME/network/admin/listener.ora +# Valid values : The list should be comma separated like "listener1,listener2". +# Mandatory : NO +#----------------------------------------------------------------------------- +listeners= + +#----------------------------------------------------------------------------- +# Name : variablesFile +# Datatype : String +# Description : Location of the file containing variable value pair +# Valid values : A valid file-system file. The variable value pair format in this file +# is =. Each pair should be in a new line. +# Default value : None +# Mandatory : NO +#----------------------------------------------------------------------------- +variablesFile= + +#----------------------------------------------------------------------------- +# Name : variables +# Datatype : String +# Description : comma separated list of name=value pairs. Overrides variables defined in variablefile and templates +# Default value : None +# Mandatory : NO +#----------------------------------------------------------------------------- +variables=ORACLE_BASE_HOME=${var.db_home_path},DB_UNIQUE_NAME=${lookup(var.shards[element(keys(var.shards), count.index)], "sid")},ORACLE_BASE=${var.oracle_base},PDB_NAME=,DB_NAME=${lookup(var.shards[element(keys(var.shards), count.index)], "sid")},ORACLE_HOME=${var.db_home_path},SID=${lookup(var.shards[element(keys(var.shards), count.index)], "sid")} + +#----------------------------------------------------------------------------- +# Name : initParams +# Datatype : String +# Description : comma separated list of name=value pairs. Overrides initialization parameters defined in templates +# Default value : None +# Mandatory : NO +#----------------------------------------------------------------------------- +initParams=undo_tablespace=UNDOTBS1,sga_target=4569MB,db_block_size=8192BYTES,nls_language=AMERICAN,dispatchers=(PROTOCOL=TCP) (SERVICE=sh2XDB),diagnostic_dest={ORACLE_BASE},remote_login_passwordfile=EXCLUSIVE,db_create_file_dest={ORACLE_BASE}/oradata/{DB_UNIQUE_NAME}/,audit_file_dest={ORACLE_BASE}/admin/{DB_UNIQUE_NAME}/adump,processes=320,pga_aggregate_target=1524MB,nls_territory=AMERICA,local_listener=LISTENER_SHARDCAT,db_recovery_file_dest_size=8256MB,open_cursors=300,log_archive_format=%t_%s_%r.dbf,compatible=${local.db_major_version}.0.0,db_name=${lookup(var.shards[element(keys(var.shards), count.index)], "sid")},db_recovery_file_dest={ORACLE_BASE}/fast_recovery_area/{DB_UNIQUE_NAME},audit_trail=db + +#----------------------------------------------------------------------------- +# Name : sampleSchema +# Datatype : Boolean +# Description : Specifies whether or not to add the Sample Schemas to your database +# Valid values : TRUE \ FALSE +# Default value : FASLE +# Mandatory : No +#----------------------------------------------------------------------------- +sampleSchema=false + +#----------------------------------------------------------------------------- +# Name : memoryPercentage +# Datatype : String +# Description : percentage of physical memory for Oracle +# Default value : None +# Mandatory : NO +#----------------------------------------------------------------------------- +memoryPercentage=40 + +#----------------------------------------------------------------------------- +# Name : databaseType +# Datatype : String +# Description : used for memory distribution when memoryPercentage specified +# Valid values : MULTIPURPOSE|DATA_WAREHOUSING|OLTP +# Default value : MULTIPURPOSE +# Mandatory : NO +#----------------------------------------------------------------------------- +databaseType=MULTIPURPOSE + +#----------------------------------------------------------------------------- +# Name : automaticMemoryManagement +# Datatype : Boolean +# Description : flag to indicate Automatic Memory Management is used +# Valid values : TRUE/FALSE +# Default value : TRUE +# Mandatory : NO +#----------------------------------------------------------------------------- +automaticMemoryManagement=false + +#----------------------------------------------------------------------------- +# Name : totalMemory +# Datatype : String +# Description : total memory in MB to allocate to Oracle +# Valid values : +# Default value : +# Mandatory : NO +#----------------------------------------------------------------------------- +totalMemory=0 +EOF + destination = "${var.db_home_path}/dbca.rsp" +} + + # db install + provisioner "remote-exec" { + inline = [ < r.name + } + + home_region = lookup(local.region_map, data.oci_identity_tenancy.tenancy.home_region_key) + availability_domain = lookup(data.oci_identity_availability_domains.ADs.availability_domains[0], "name") + + root_compartment_id = var.compartment_ocid +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%compartments%outputs.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%compartments%outputs.tf new file mode 100644 index 0000000..4aedd8e --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%compartments%outputs.tf @@ -0,0 +1,26 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +output "management_compartment_id" { + value = module.management_compartment.compartment_id +} + +output "peering_compartment_id" { + value = module.peering_compartment.compartment_id +} + +output "tenant_1_compartment_id" { + value = module.tenant_1_compartment.compartment_id +} + +output "tenant_2_compartment_id" { + value = module.tenant_2_compartment.compartment_id +} + +output "tenant_3_compartment_id" { + value = module.tenant_3_compartment.compartment_id +} + +output "tenant_4_compartment_id" { + value = module.tenant_4_compartment.compartment_id +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%compartments%providers.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%compartments%providers.tf new file mode 100644 index 0000000..2cfa99a --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%compartments%providers.tf @@ -0,0 +1,20 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +provider oci { + tenancy_ocid = var.tenancy_ocid + user_ocid = var.user_ocid + fingerprint = var.fingerprint + private_key_path = var.private_key_path + region = var.region +} + +// provider for home region for IAM resource provisioning +provider oci { + alias = "home" + tenancy_ocid = var.tenancy_ocid + user_ocid = var.user_ocid + fingerprint = var.fingerprint + private_key_path = var.private_key_path + region = local.home_region +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%compartments%terragrunt.hcl b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%compartments%terragrunt.hcl new file mode 100644 index 0000000..9f8bb13 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%compartments%terragrunt.hcl @@ -0,0 +1,6 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +include { + path = find_in_parent_folders() +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%compartments%variables.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%compartments%variables.tf new file mode 100644 index 0000000..35a6cd3 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%compartments%variables.tf @@ -0,0 +1,65 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +# OCI Provider variables +variable "tenancy_ocid" {} +variable "user_ocid" {} +variable "fingerprint" {} +variable "private_key_path" {} +variable "region" {} + +# Deployment variables +variable "compartment_ocid" { + type = string + description = "ocid of the compartment to deploy the resources in" +} + +variable "management_compartment_name" { + type = string + description = "compartment name for management resources" + default = "management" +} + +variable "peering_compartment_name" { + type = string + description = "compartment name for peering resources" + default = "peering" +} + +variable "tenant1_compartment_name" { + type = string + description = "compartment name for tenant1 resources" + default = "tenant1" +} + +variable "tenant2_compartment_name" { + type = string + description = "compartment name for tenant2 resources" + default = "tenant2" +} + +variable "tenant3_compartment_name" { + type = string + description = "compartment name for tenant3 resources" + default = "tenant3" +} + +variable "tenant4_compartment_name" { + type = string + description = "compartment name for tenant4 resources" + default = "tenant4" +} + +variable "freeform_tags" { + type = map + description = "map of freeform tags to apply to all resources" + default = { + "Environment" = "Management" + } +} + +variable "defined_tags" { + type = map + description = "map of defined tags to apply to all resources" + default = {} +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%configuration%main.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%configuration%main.tf new file mode 100644 index 0000000..f9508f6 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%configuration%main.tf @@ -0,0 +1,12 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +terraform { + required_version = ">= 0.12.0" + + backend "local" { + path = "../state/common/configuration/terraform.tfstate" + } + +} + diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%configuration%network.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%configuration%network.tf new file mode 100644 index 0000000..add7b19 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%configuration%network.tf @@ -0,0 +1,24 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +/* + * Calculate the peering and tenant network cidr ranges for this deployment + */ + +module network_topology { + source = "../../../../modules/network_calculator" + + number_of_tenants = 4 + + routing_instances_subnet_cidr = "10.254.100.0/24" + + tenant_peering_vcn_meta_cidr = "10.253.0.0/16" + tenant_peering_vcn_mask = 29 + + tenant_vcn_meta_cidr = "10.0.0.0/8" + tenant_vcn_mask = 16 + tenant_vcn_starting_block = 1 # first tenant is 10.1.0.0/16 + + peering_vcns_per_routing_instance = 1 + local_peering_gateways_per_tenany_peering_vcn = 2 +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%configuration%outputs.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%configuration%outputs.tf new file mode 100644 index 0000000..9e20dda --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%configuration%outputs.tf @@ -0,0 +1,14 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +output "tenant_vcns" { + value = module.network_topology.tenant_vcns +} + +output "peering_vcns" { + value = module.network_topology.peering_vcns +} + +output "tenant_vcns_per_peering_vcn" { + value = module.network_topology.tenant_vcns_per_peering_vcn +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%configuration%terragrunt.hcl b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%configuration%terragrunt.hcl new file mode 100644 index 0000000..3e1f65a --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%configuration%terragrunt.hcl @@ -0,0 +1,3 @@ +include { + path = find_in_parent_folders() +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%configuration%variables.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%configuration%variables.tf new file mode 100644 index 0000000..853f85a --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%common%configuration%variables.tf @@ -0,0 +1,17 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +# dummy variables +# these aren't needed but are declared suppress the terragrunt warnings + +variable "tenancy_ocid" { default = null } +variable "user_ocid" { default = null } +variable "fingerprint" { default = null } +variable "private_key_path" { default = null } +variable "region" { default = null } +variable "compartment_ocid" { default = null } + +variable "bastion_ssh_private_key_file" { default = null } +variable "bastion_ssh_public_key_file" { default = null } +variable "remote_ssh_public_key_file" { default = null } +variable "remote_ssh_private_key_file" { default = null } diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%access%bastion_instance.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%access%bastion_instance.tf new file mode 100644 index 0000000..ea6de45 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%access%bastion_instance.tf @@ -0,0 +1,23 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +module bastion_instance { + source = "../../../../modules/bastion_instance" + + compartment_id = data.terraform_remote_state.compartments.outputs.management_compartment_id + source_id = data.oci_core_images.oraclelinux.images.0.id + subnet_id = data.terraform_remote_state.management_network.outputs.access_subnet_id + availability_domain = local.availability_domain + + bastion_ssh_public_key_file = var.bastion_ssh_public_key_file + bastion_ssh_private_key_file = var.bastion_ssh_private_key_file + remote_ssh_public_key_file = var.remote_ssh_public_key_file + remote_ssh_private_key_file = var.remote_ssh_private_key_file + + freeform_tags = var.freeform_tags + defined_tags = var.defined_tags +} + +output "bastion_ip" { + value = module.bastion_instance.instance_ip +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%access%data_sources.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%access%data_sources.tf new file mode 100644 index 0000000..3f5cb5d --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%access%data_sources.tf @@ -0,0 +1,42 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +# Availability Domains +data oci_identity_availability_domains ADs { + compartment_id = var.tenancy_ocid +} + +# Oracle Linux VM Image +data oci_core_images oraclelinux { + compartment_id = var.compartment_ocid + + operating_system = "Oracle Linux" + operating_system_version = "7.7" + + # exclude GPU specific images + filter { + name = "display_name" + values = ["^Oracle-Linux-7.7-([\\.0-9]+)-([\\.0-9-]+)$"] + regex = true + } +} + +/* + * Remote State Dependencies + */ + +data "terraform_remote_state" "management_network" { + backend = "local" + + config = { + path = "../state/management/network/terraform.tfstate" + } +} + +data "terraform_remote_state" "compartments" { + backend = "local" + + config = { + path = "../../common/state/common/compartments/terraform.tfstate" + } +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%access%main.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%access%main.tf new file mode 100644 index 0000000..11fdbab --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%access%main.tf @@ -0,0 +1,15 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +terraform { + required_version = ">= 0.12.0" + + backend "local" { + path = "../state/management/access/terraform.tfstate" + } +} + +locals { + availability_domain = lookup(data.oci_identity_availability_domains.ADs.availability_domains[0], "name") +} + diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%access%providers.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%access%providers.tf new file mode 100644 index 0000000..bfe8a96 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%access%providers.tf @@ -0,0 +1,10 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +provider oci { + tenancy_ocid = var.tenancy_ocid + user_ocid = var.user_ocid + fingerprint = var.fingerprint + private_key_path = var.private_key_path + region = var.region +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%access%terragrunt.hcl b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%access%terragrunt.hcl new file mode 100644 index 0000000..df36e5e --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%access%terragrunt.hcl @@ -0,0 +1,7 @@ +include { + path = find_in_parent_folders() +} + +dependencies { + paths = ["../../management/network"] +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%access%variables.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%access%variables.tf new file mode 100644 index 0000000..236961d --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%access%variables.tf @@ -0,0 +1,54 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +# OCI Provider variables +variable "tenancy_ocid" {} +variable "user_ocid" {} +variable "fingerprint" {} +variable "private_key_path" {} +variable "region" {} + +# Deployment variables +variable "compartment_ocid" { + type = string + description = "ocid of the compartment to deploy the bastion host in" +} + +variable "bastion_ssh_public_key_file" { + type = string + description = "path to public ssh key to set as the authorized key on the bastion host" + default = "~/.ssh/id_rsa.pub" +} + +variable "bastion_ssh_private_key_file" { + type = string + description = "path to private ssh key to access the bastion host" + default = "~/.ssh/id_rsa" +} + +variable "remote_ssh_public_key_file" { + type = string + description = "path to public ssh key for all instances deployed in the environment" + default = "~/.ssh/id_rsa.pub" +} + +variable "remote_ssh_private_key_file" { + type = string + description = "path to private ssh key to acccess all instance in the deployed environment" + default = "~/.ssh/id_rsa" +} + +variable "freeform_tags" { + type = map + description = "map of freeform tags to apply to all resources" + default = { + "Environment" = "Management" + } +} + +variable "defined_tags" { + type = map + description = "map of defined tags to apply to all resources" + default = {} +} + diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%network%data_sources.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%network%data_sources.tf new file mode 100644 index 0000000..690ed04 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%network%data_sources.tf @@ -0,0 +1,51 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +# COMMON DATA SOURCES + +data oci_identity_tenancy tenancy { + tenancy_id = var.tenancy_ocid +} + +data oci_identity_regions regions { +} + +# Availability Domains +data oci_identity_availability_domains ADs { + compartment_id = var.tenancy_ocid +} + +# Oracle Linux VM Image +data oci_core_images oraclelinux { + compartment_id = var.compartment_ocid + + operating_system = "Oracle Linux" + operating_system_version = "7.7" + + # exclude GPU specific images + filter { + name = "display_name" + values = ["^Oracle-Linux-7.7-([\\.0-9]+)-([\\.0-9-]+)$"] + regex = true + } +} + +/* + * Remote State Dependencies + */ + +data "terraform_remote_state" "configuration" { + backend = "local" + + config = { + path = "../../common/state/common/configuration/terraform.tfstate" + } +} + +data "terraform_remote_state" "compartments" { + backend = "local" + + config = { + path = "../../common/state/common/compartments/terraform.tfstate" + } +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%network%main.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%network%main.tf new file mode 100644 index 0000000..fd5207d --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%network%main.tf @@ -0,0 +1,23 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +terraform { + required_version = ">= 0.12.0" + + backend "local" { + path = "../state/management/network/terraform.tfstate" + } + +} + +locals { + region_map = { + for r in data.oci_identity_regions.regions.regions : + r.key => r.name + } + + home_region = lookup(local.region_map, data.oci_identity_tenancy.tenancy.home_region_key) + availability_domain = lookup(data.oci_identity_availability_domains.ADs.availability_domains[0], "name") + + root_compartment_id = var.compartment_ocid +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%network%network.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%network%network.tf new file mode 100644 index 0000000..0d6302b --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%network%network.tf @@ -0,0 +1,53 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +/* + * Configure the management network + */ + +module management_network { + source = "../../../../modules/management_network" + + compartment_id = data.terraform_remote_state.compartments.outputs.management_compartment_id + peering_compartment_id = data.terraform_remote_state.compartments.outputs.peering_compartment_id + vcn_name = "isv management" + dns_label = "isv" + vcn_cidr_block = var.vcn_cidr_block + management_subnet_cidr = var.management_subnet_cidr + access_subnet_cidr = var.access_subnet_cidr + peering_subnet_cidr = var.peering_subnet_cidr + freeform_tags = var.freeform_tags + defined_tags = var.defined_tags +} + +output "management_vcn_id" { + value = module.management_network.vcn.id +} + +output "management_subnet_id" { + value = module.management_network.management_subnet.id +} + +output "management_nat_id" { + value = module.management_network.nat_id +} + +output "management_igw_id" { + value = module.management_network.igw_id +} + +output "access_subnet_id" { + value = module.management_network.access_subnet.id +} + +output "peering_subnet_id" { + value = module.management_network.peering_subnet.id +} + +output "peering_subnet_cidr" { + value = module.management_network.peering_subnet.cidr_block +} + +output "management_subnet_cidr" { + value = module.management_network.management_subnet.cidr_block +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%network%providers.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%network%providers.tf new file mode 100644 index 0000000..480134e --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%network%providers.tf @@ -0,0 +1,20 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +provider oci { + tenancy_ocid = var.tenancy_ocid + user_ocid = var.user_ocid + fingerprint = var.fingerprint + private_key_path = var.private_key_path + region = var.region +} + +// provider for home region for IAM resource provisioning +provider oci { + alias = "home" + tenancy_ocid = var.tenancy_ocid + user_ocid = var.user_ocid + fingerprint = var.fingerprint + private_key_path = var.private_key_path + region = local.home_region +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%network%terragrunt.hcl b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%network%terragrunt.hcl new file mode 100644 index 0000000..e98c533 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%network%terragrunt.hcl @@ -0,0 +1,10 @@ +include { + path = find_in_parent_folders() +} + +dependencies { + paths = [ + "../../common/configuration", + "../../common/compartments" + ] +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%network%variables.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%network%variables.tf new file mode 100644 index 0000000..a312b66 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%network%variables.tf @@ -0,0 +1,59 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +# OCI Provider variables +variable "tenancy_ocid" {} +variable "user_ocid" {} +variable "fingerprint" {} +variable "private_key_path" {} +variable "region" {} + +# Deployment variables +variable "compartment_ocid" { + type = string + description = "ocid of the compartment to deploy the resources in" +} + +variable "compartment_name" { + type = string + description = "compartment name for management resources" + default = "management" +} + +variable "vcn_cidr_block" { + type = string + description = "ISV vcn cidr block" + default = "10.254.0.0/16" +} + +variable "management_subnet_cidr" { + type = string + description = "ISV management subnet idr block" + default = "10.254.100.0/24" +} + +variable "access_subnet_cidr" { + type = string + description = "ISV access subnet idr block" + default = "10.254.99.0/24" +} + +variable "peering_subnet_cidr" { + type = string + description = "ISV peering subnet idr block" + default = "10.254.254.0/24" +} + +variable "freeform_tags" { + type = map + description = "map of freeform tags to apply to all resources" + default = { + "Environment" = "Management" + } +} + +variable "defined_tags" { + type = map + description = "map of defined tags to apply to all resources" + default = {} +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%server_attachment%data_sources.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%server_attachment%data_sources.tf new file mode 100644 index 0000000..c29d6a4 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%server_attachment%data_sources.tf @@ -0,0 +1,91 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +# COMMON DATA SOURCES + +data oci_identity_tenancy tenancy { + tenancy_id = var.tenancy_ocid +} + +data oci_identity_regions regions { +} + +# Availability Domains +data oci_identity_availability_domains ADs { + compartment_id = var.tenancy_ocid +} + +# Oracle Linux VM Image +data oci_core_images oraclelinux { + compartment_id = var.compartment_ocid + + operating_system = "Oracle Linux" + operating_system_version = "7.7" + + # exclude GPU specific images + filter { + name = "display_name" + values = ["^Oracle-Linux-7.7-([\\.0-9]+)-([\\.0-9-]+)$"] + regex = true + } +} + +/* + * Remote State Dependencies + */ + +data "terraform_remote_state" "compartments" { + backend = "local" + + config = { + path = "../../common/state/common/compartments/terraform.tfstate" + } +} + +data "terraform_remote_state" "configuration" { + backend = "local" + + config = { + path = "../../common/state/common/configuration/terraform.tfstate" + } +} + +data "terraform_remote_state" "management_network" { + backend = "local" + + config = { + path = "../../management/state/management/network/terraform.tfstate" + } +} + +data "terraform_remote_state" "tenant_network" { + backend = "local" + + config = { + path = "../../tenant/state/tenant/network/terraform.tfstate" + } +} + +data "terraform_remote_state" "peering_network" { + backend = "local" + + config = { + path = "../../peering/state/peering/network/terraform.tfstate" + } +} + +data "terraform_remote_state" "management_servers" { + backend = "local" + + config = { + path = "../../management/state/management/servers/terraform.tfstate" + } +} + +data "terraform_remote_state" "peering_servers" { + backend = "local" + + config = { + path = "../../peering/state/peering/routing/terraform.tfstate" + } +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%server_attachment%main.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%server_attachment%main.tf new file mode 100644 index 0000000..8d286c2 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%server_attachment%main.tf @@ -0,0 +1,23 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +terraform { + required_version = ">= 0.12.0" + + backend "local" { + path = "../state/management/server_attachment/terraform.tfstate" + } +} + +locals { + region_map = { + for r in data.oci_identity_regions.regions.regions : + r.key => r.name + } + + home_region = lookup(local.region_map, data.oci_identity_tenancy.tenancy.home_region_key) + availability_domain = lookup(data.oci_identity_availability_domains.ADs.availability_domains[0], "name") + + root_compartment_id = var.compartment_ocid +} + diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%server_attachment%management_rte_attachment.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%server_attachment%management_rte_attachment.tf new file mode 100644 index 0000000..61761fd --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%server_attachment%management_rte_attachment.tf @@ -0,0 +1,32 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +/* + * Configure the routing for the peering routing instances + */ + +module management_rte_attachement { + source = "../../../../modules/management_rte_attachement" + + compartment_id = data.terraform_remote_state.compartments.outputs.management_compartment_id + + routing_ip_ids = [ + data.terraform_remote_state.peering_servers.outputs.routing_instance_1_ip_id, + data.terraform_remote_state.peering_servers.outputs.routing_instance_2_ip_id, + ] + + tenant_vcn_cidr_blocks = data.terraform_remote_state.configuration.outputs.tenant_vcns + + management_vcn_id = data.terraform_remote_state.management_network.outputs.management_vcn_id + management_subnet_id = data.terraform_remote_state.management_network.outputs.management_subnet_id + management_nat_id = data.terraform_remote_state.management_network.outputs.management_nat_id + management_igw_id = data.terraform_remote_state.management_network.outputs.management_igw_id + access_subnet_id = data.terraform_remote_state.management_network.outputs.access_subnet_id + + freeform_tags = var.freeform_tags + defined_tags = var.defined_tags +} + +output routing_id { + value = module.management_rte_attachement.routing_id +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%server_attachment%providers.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%server_attachment%providers.tf new file mode 100644 index 0000000..323feb2 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%server_attachment%providers.tf @@ -0,0 +1,10 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +provider oci { + tenancy_ocid = var.tenancy_ocid + user_ocid = var.user_ocid + fingerprint = var.fingerprint + private_key_path = var.private_key_path + region = var.region +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%server_attachment%terragrunt.hcl b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%server_attachment%terragrunt.hcl new file mode 100644 index 0000000..056ccfe --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%server_attachment%terragrunt.hcl @@ -0,0 +1,15 @@ +include { + path = find_in_parent_folders() +} + +dependencies { + paths = [ + "../../common/configuration", + "../../management/access", + "../../management/network", + "../../management/servers", + "../../peering/network", + "../../peering/routing", + "../../tenant/network", + ] +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%server_attachment%variables.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%server_attachment%variables.tf new file mode 100644 index 0000000..652cca8 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%server_attachment%variables.tf @@ -0,0 +1,41 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +# OCI Provider variables +variable "tenancy_ocid" {} +variable "user_ocid" {} +variable "fingerprint" {} +variable "private_key_path" {} +variable "region" {} + +# Deployment variables +variable "compartment_ocid" { + type = string + description = "ocid of the compartment to deploy the resources in" +} + +variable "bastion_ssh_private_key_file" { + type = string + description = "path to private ssh key to access the bastion host" + default = "~/.ssh/id_rsa" +} + +variable "remote_ssh_private_key_file" { + type = string + description = "path to private ssh key to acccess all instance in the deployed environment" + default = "~/.ssh/id_rsa" +} + +variable "freeform_tags" { + type = map + description = "map of freeform tags to apply to all resources" + default = { + "Environment" = "Management" + } +} + +variable "defined_tags" { + type = map + description = "map of defined tags to apply to all resources" + default = {} +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%servers%data_sources.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%servers%data_sources.tf new file mode 100644 index 0000000..64ef8f1 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%servers%data_sources.tf @@ -0,0 +1,60 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +# COMMON DATA SOURCES + +data oci_identity_tenancy tenancy { + tenancy_id = var.tenancy_ocid +} + +data oci_identity_regions regions { +} + +# Availability Domains +data oci_identity_availability_domains ADs { + compartment_id = var.tenancy_ocid +} + +# Oracle Linux VM Image +data oci_core_images oraclelinux { + compartment_id = var.compartment_ocid + + operating_system = "Oracle Linux" + operating_system_version = "7.7" + + # exclude GPU specific images + filter { + name = "display_name" + values = ["^Oracle-Linux-7.7-([\\.0-9]+)-([\\.0-9-]+)$"] + regex = true + } +} + +/* + * Remote State Dependencies + */ + +data "terraform_remote_state" "compartments" { + backend = "local" + + config = { + path = "../../common/state/common/compartments/terraform.tfstate" + } +} + +data "terraform_remote_state" "management_network" { + backend = "local" + + config = { + path = "../state/management/network/terraform.tfstate" + } +} + +data "terraform_remote_state" "access" { + backend = "local" + + config = { + path = "../state/management/access/terraform.tfstate" + } +} + diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%servers%main.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%servers%main.tf new file mode 100644 index 0000000..42aaab9 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%servers%main.tf @@ -0,0 +1,24 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +terraform { + required_version = ">= 0.12.0" + + backend "local" { + path = "../state/management/servers/terraform.tfstate" + } +} + +locals { + region_map = { + for r in data.oci_identity_regions.regions.regions : + r.key => r.name + } + + home_region = lookup(local.region_map, data.oci_identity_tenancy.tenancy.home_region_key) + availability_domain = lookup(data.oci_identity_availability_domains.ADs.availability_domains[0], "name") + + root_compartment_id = var.compartment_ocid + + bastion_ip = data.terraform_remote_state.access.outputs.bastion_ip +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%servers%management_instance.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%servers%management_instance.tf new file mode 100644 index 0000000..7423b56 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%servers%management_instance.tf @@ -0,0 +1,27 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +/* + * Create the management server instance + */ + +module management_instance { + source = "../../../../modules/management_instance" + + compartment_id = data.terraform_remote_state.compartments.outputs.management_compartment_id + source_id = data.oci_core_images.oraclelinux.images.0.id + subnet_id = data.terraform_remote_state.management_network.outputs.management_subnet_id + availability_domain = local.availability_domain + bastion_ip = local.bastion_ip + + bastion_ssh_private_key_file = var.bastion_ssh_private_key_file + remote_ssh_public_key_file = var.remote_ssh_public_key_file + remote_ssh_private_key_file = var.remote_ssh_private_key_file + + freeform_tags = var.freeform_tags + defined_tags = var.defined_tags +} + +output "management_ip" { + value = module.management_instance.instance_ip +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%servers%providers.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%servers%providers.tf new file mode 100644 index 0000000..bfe8a96 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%servers%providers.tf @@ -0,0 +1,10 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +provider oci { + tenancy_ocid = var.tenancy_ocid + user_ocid = var.user_ocid + fingerprint = var.fingerprint + private_key_path = var.private_key_path + region = var.region +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%servers%terragrunt.hcl b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%servers%terragrunt.hcl new file mode 100644 index 0000000..5fb6126 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%servers%terragrunt.hcl @@ -0,0 +1,11 @@ +include { + path = find_in_parent_folders() +} + +dependencies { + paths = [ + "../../management/access", + "../../management/network", + "../../peering/network", + ] +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%servers%variables.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%servers%variables.tf new file mode 100644 index 0000000..bbb4de1 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%management%servers%variables.tf @@ -0,0 +1,47 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +# OCI Provider variables +variable "tenancy_ocid" {} +variable "user_ocid" {} +variable "fingerprint" {} +variable "private_key_path" {} +variable "region" {} + +# Deployment variables +variable "compartment_ocid" { + type = string + description = "ocid of the compartment to deploy the resources in" +} + +variable "bastion_ssh_private_key_file" { + type = string + description = "path to private ssh key to access the bastion host" + default = "~/.ssh/id_rsa" +} + +variable "remote_ssh_public_key_file" { + type = string + description = "path to public ssh key for all instances deployed in the environment" + default = "~/.ssh/id_rsa.pub" +} + +variable "remote_ssh_private_key_file" { + type = string + description = "path to private ssh key to acccess all instance in the deployed environment" + default = "~/.ssh/id_rsa" +} + +variable "freeform_tags" { + type = map + description = "map of freeform tags to apply to all resources" + default = { + "Environment" = "Management" + } +} + +variable "defined_tags" { + type = map + description = "map of defined tags to apply to all resources" + default = {} +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%network%data_sources.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%network%data_sources.tf new file mode 100644 index 0000000..690ed04 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%network%data_sources.tf @@ -0,0 +1,51 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +# COMMON DATA SOURCES + +data oci_identity_tenancy tenancy { + tenancy_id = var.tenancy_ocid +} + +data oci_identity_regions regions { +} + +# Availability Domains +data oci_identity_availability_domains ADs { + compartment_id = var.tenancy_ocid +} + +# Oracle Linux VM Image +data oci_core_images oraclelinux { + compartment_id = var.compartment_ocid + + operating_system = "Oracle Linux" + operating_system_version = "7.7" + + # exclude GPU specific images + filter { + name = "display_name" + values = ["^Oracle-Linux-7.7-([\\.0-9]+)-([\\.0-9-]+)$"] + regex = true + } +} + +/* + * Remote State Dependencies + */ + +data "terraform_remote_state" "configuration" { + backend = "local" + + config = { + path = "../../common/state/common/configuration/terraform.tfstate" + } +} + +data "terraform_remote_state" "compartments" { + backend = "local" + + config = { + path = "../../common/state/common/compartments/terraform.tfstate" + } +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%network%instance_principals.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%network%instance_principals.tf new file mode 100644 index 0000000..3f6a583 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%network%instance_principals.tf @@ -0,0 +1,28 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +/* + * Configure and enable instance principles to modify routing rules + */ + +resource "oci_identity_dynamic_group" "routing" { + provider = "oci.home" + compartment_id = var.tenancy_ocid # dynamic groups must be in the root compartment + name = "routing_instances" + description = "Dynamic Group for Routing Instance Principles" + # include all instances in the peering compartment + matching_rule = "ANY {instance.compartment.id = '${data.terraform_remote_state.compartments.outputs.peering_compartment_id}'}" + +} + +resource "oci_identity_policy" "routing" { + provider = "oci.home" + compartment_id = var.compartment_ocid # place in the parent compartment + description = "Policy for Routing Instance Principles" + name = "routing_instances" + statements = [ + # only allow permission to modify vnics + "Allow dynamic-group ${oci_identity_dynamic_group.routing.name} to use vnics in compartment ${var.compartment_name}", + "Allow dynamic-group ${oci_identity_dynamic_group.routing.name} to use private-ips in compartment ${var.compartment_name}", + ] +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%network%main.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%network%main.tf new file mode 100644 index 0000000..986787f --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%network%main.tf @@ -0,0 +1,22 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +terraform { + required_version = ">= 0.12.0" + + backend "local" { + path = "../state/peering/network/terraform.tfstate" + } +} + +locals { + region_map = { + for r in data.oci_identity_regions.regions.regions : + r.key => r.name + } + + home_region = lookup(local.region_map, data.oci_identity_tenancy.tenancy.home_region_key) + availability_domain = lookup(data.oci_identity_availability_domains.ADs.availability_domains[0], "name") + + root_compartment_id = var.compartment_ocid +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%network%network.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%network%network.tf new file mode 100644 index 0000000..7b62835 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%network%network.tf @@ -0,0 +1,53 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + + +/* + * Configure all of the peering networks + * + * TODO: dynamically create required number of peering networks + */ + +# Peering Network 1 +module peering_1_network { + source = "../../../../modules/peering_network" + + compartment_id = data.terraform_remote_state.compartments.outputs.peering_compartment_id + vcn_name = "peering01" + dns_label = "peering01" + + local_peering_gateways_per_vcn = 2 + + vcn_cidr_block = data.terraform_remote_state.configuration.outputs.peering_vcns[0] + peering_subnet_cidr = data.terraform_remote_state.configuration.outputs.peering_vcns[0] + tenant_vcn_cidr_blocks = data.terraform_remote_state.configuration.outputs.tenant_vcns_per_peering_vcn[0] + + freeform_tags = var.freeform_tags + defined_tags = var.defined_tags +} + +output "peering_1_network" { + value = module.peering_1_network +} + +# Peering Network 2 +module peering_2_network { + source = "../../../../modules/peering_network" + + compartment_id = data.terraform_remote_state.compartments.outputs.peering_compartment_id + vcn_name = "peering02" + dns_label = "peering02" + + local_peering_gateways_per_vcn = 2 + + vcn_cidr_block = data.terraform_remote_state.configuration.outputs.peering_vcns[1] + peering_subnet_cidr = data.terraform_remote_state.configuration.outputs.peering_vcns[1] + tenant_vcn_cidr_blocks = data.terraform_remote_state.configuration.outputs.tenant_vcns_per_peering_vcn[1] + + freeform_tags = var.freeform_tags + defined_tags = var.defined_tags +} + +output "peering_2_network" { + value = module.peering_2_network +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%network%providers.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%network%providers.tf new file mode 100644 index 0000000..480134e --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%network%providers.tf @@ -0,0 +1,20 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +provider oci { + tenancy_ocid = var.tenancy_ocid + user_ocid = var.user_ocid + fingerprint = var.fingerprint + private_key_path = var.private_key_path + region = var.region +} + +// provider for home region for IAM resource provisioning +provider oci { + alias = "home" + tenancy_ocid = var.tenancy_ocid + user_ocid = var.user_ocid + fingerprint = var.fingerprint + private_key_path = var.private_key_path + region = local.home_region +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%network%terragrunt.hcl b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%network%terragrunt.hcl new file mode 100644 index 0000000..95fb824 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%network%terragrunt.hcl @@ -0,0 +1,11 @@ +include { + path = find_in_parent_folders() +} + +dependencies { + paths = [ + "../../common/configuration", + "../../common/compartments", + "../../management/network" + ] +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%network%variables.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%network%variables.tf new file mode 100644 index 0000000..db966c3 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%network%variables.tf @@ -0,0 +1,47 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +# OCI Provider variables +variable "tenancy_ocid" {} +variable "user_ocid" {} +variable "fingerprint" {} +variable "private_key_path" {} +variable "region" {} + +# Deployment variables +variable "compartment_ocid" { + type = string + description = "ocid of the compartment to deploy the resources in" +} + +variable "compartment_name" { + type = string + description = "compartment name for peering resources" + default = "peering" +} + +variable "bastion_ssh_private_key_file" { + type = string + description = "path to private ssh key to access the bastion host" + default = "~/.ssh/id_rsa" +} + +variable "remote_ssh_private_key_file" { + type = string + description = "path to private ssh key to acccess all instance in the deployed environment" + default = "~/.ssh/id_rsa" +} + +variable "freeform_tags" { + type = map + description = "map of freeform tags to apply to all resources" + default = { + "Environment" = "Management" + } +} + +variable "defined_tags" { + type = map + description = "map of defined tags to apply to all resources" + default = {} +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%routing%data_sources.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%routing%data_sources.tf new file mode 100644 index 0000000..6f24884 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%routing%data_sources.tf @@ -0,0 +1,74 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +# Availability Domains +data oci_identity_availability_domains ADs { + compartment_id = var.tenancy_ocid +} + +# Oracle Linux VM Image +data oci_core_images oraclelinux { + compartment_id = var.compartment_ocid + + operating_system = "Oracle Linux" + operating_system_version = "7.7" + + # exclude GPU specific images + filter { + name = "display_name" + values = ["^Oracle-Linux-7.7-([\\.0-9]+)-([\\.0-9-]+)$"] + regex = true + } +} + +/* + * Remote State Dependencies + */ + +data "terraform_remote_state" "configuration" { + backend = "local" + + config = { + path = "../../common/state/common/configuration/terraform.tfstate" + } +} + +data "terraform_remote_state" "compartments" { + backend = "local" + + config = { + path = "../../common/state/common/compartments/terraform.tfstate" + } +} + +data "terraform_remote_state" "management_network" { + backend = "local" + + config = { + path = "../../management/state/management/network/terraform.tfstate" + } +} + +data "terraform_remote_state" "peering_network" { + backend = "local" + + config = { + path = "../../peering/state/peering/network/terraform.tfstate" + } +} + +data "terraform_remote_state" "tenant_network" { + backend = "local" + + config = { + path = "../../tenant/state/tenant/network/terraform.tfstate" + } +} + +data "terraform_remote_state" "access" { + backend = "local" + + config = { + path = "../../management/state/management/access/terraform.tfstate" + } +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%routing%main.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%routing%main.tf new file mode 100644 index 0000000..7ea7a5b --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%routing%main.tf @@ -0,0 +1,18 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +terraform { + required_version = ">= 0.12.0" + + backend "local" { + path = "../state/peering/routing/terraform.tfstate" + } +} + +locals { + availability_domain = lookup(data.oci_identity_availability_domains.ADs.availability_domains[0], "name") + + compartment_id = data.terraform_remote_state.compartments.outputs.peering_compartment_id + + bastion_ip = data.terraform_remote_state.access.outputs.bastion_ip +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%routing%pacemaker.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%routing%pacemaker.tf new file mode 100644 index 0000000..1cab9d8 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%routing%pacemaker.tf @@ -0,0 +1,58 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +/* + * Configure the HA routing instances with Pacemaker + */ + +locals { + # TODO dynamically get the list of routing instances + instances = [ + module.routing_instance_1.instance_a.private_ip, + module.routing_instance_1.instance_b.private_ip, + ] +} + +# Routing Instance 1 + +module router_instance_1_pacemaker_config { + source = "../../../../modules/pacemaker_config" + hostname = "gateway1" + instance_a_primary_vnic_id = module.routing_instance_1.instance_vnics[0] + instance_a_secondary_vnic_id = module.routing_instance_1_peering_1_vnic_attachement.routing_secondary_vnic_id + instance_b_primary_vnic_id = module.routing_instance_1.instance_vnics[1] + instance_b_secondary_vnic_id = module.routing_instance_1b_peering_1_vnic_attachement.routing_secondary_vnic_id + floating_ip = module.routing_instance_1.routing_ip.ip_address + floating_secondary_ip = oci_core_private_ip.routing_instance_1_peering_1_floating_ip.ip_address +} + + +# configure the fail-over actions +resource null_resource pacemaker_config { + # TODO use for_each? + count = length(local.instances) + + triggers = { + instance_a_primary_vnic_id = module.routing_instance_1.instance_vnics[0] + instance_a_secondary_vnic_id = module.routing_instance_1_peering_1_vnic_attachement.routing_secondary_vnic_id + instance_b_primary_vnic_id = module.routing_instance_1.instance_vnics[1] + instance_b_secondary_vnic_id = module.routing_instance_1b_peering_1_vnic_attachement.routing_secondary_vnic_id + floating_ip = module.routing_instance_1.routing_ip.ip_address + floating_secondary_ip = oci_core_private_ip.routing_instance_1_peering_1_floating_ip.ip_address + } + + connection { + type = "ssh" + host = local.instances[count.index] + user = "opc" + private_key = file(var.remote_ssh_private_key_file) # TODO + + bastion_host = local.bastion_ip + bastion_user = "opc" + bastion_private_key = file(var.bastion_ssh_private_key_file) #TODO + } + + provisioner remote-exec { + inline = module.router_instance_1_pacemaker_config.config + } +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%routing%providers.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%routing%providers.tf new file mode 100644 index 0000000..bfe8a96 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%routing%providers.tf @@ -0,0 +1,10 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +provider oci { + tenancy_ocid = var.tenancy_ocid + user_ocid = var.user_ocid + fingerprint = var.fingerprint + private_key_path = var.private_key_path + region = var.region +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%routing%routing_instance.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%routing%routing_instance.tf new file mode 100644 index 0000000..20ec632 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%routing%routing_instance.tf @@ -0,0 +1,75 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +/* + * Create the routing instances to route throught peering networks + */ + +# Routing Instance 1 +# HA ROUTING INSTANCE +module routing_instance_1 { + source = "../../../../modules/routing_instance_ha" + + hostname_label = "gateway1" + display_name = "gateway1" + + compartment_id = local.compartment_id + source_id = data.oci_core_images.oraclelinux.images.0.id + subnet_id = data.terraform_remote_state.management_network.outputs.peering_subnet_id + availability_domain = local.availability_domain + bastion_ip = local.bastion_ip + + tenancy_id = var.tenancy_ocid + region = var.region + + bastion_ssh_private_key_file = var.bastion_ssh_private_key_file + remote_ssh_public_key_file = var.remote_ssh_public_key_file + remote_ssh_private_key_file = var.remote_ssh_private_key_file + + shape = "VM.Standard1.4" # TODO + + hacluster_password = var.hacluster_password + + freeform_tags = var.freeform_tags + defined_tags = var.defined_tags +} + +output "routing_instance_1_ip" { + value = module.routing_instance_1.routing_ip.ip_address +} + +output "routing_instance_1_ip_id" { + value = module.routing_instance_1.routing_ip.id +} + + +# Routing Instance 2 +# SINGLE ROUTING INSTANCE +module routing_instance_2 { + source = "../../../../modules/routing_instance" + + hostname_label = "gateway2" + display_name = "gateway2" + + compartment_id = local.compartment_id + source_id = data.oci_core_images.oraclelinux.images.0.id + subnet_id = data.terraform_remote_state.management_network.outputs.peering_subnet_id + availability_domain = local.availability_domain + bastion_ip = local.bastion_ip + + shape = "VM.Standard1.4" # TODO + bastion_ssh_private_key_file = var.bastion_ssh_private_key_file + remote_ssh_public_key_file = var.remote_ssh_public_key_file + remote_ssh_private_key_file = var.remote_ssh_private_key_file + + freeform_tags = var.freeform_tags + defined_tags = var.defined_tags +} + +output "routing_instance_2_ip" { + value = module.routing_instance_2.routing_ip.ip_address +} + +output "routing_instance_2_ip_id" { + value = module.routing_instance_2.routing_ip.id +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%routing%routing_routes.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%routing%routing_routes.tf new file mode 100644 index 0000000..d9fa081 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%routing%routing_routes.tf @@ -0,0 +1,61 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +/* + * Add the ip route rules to each routing instance. + */ + +# Routing Instance 1 +# HA ROUTING INSTANCE +module routing_instance_1_peering_1_routes { + source = "../../../../modules/ip_route_add" + + vnic_id = module.routing_instance_1_peering_1_vnic_attachement.routing_secondary_vnic_id + + peering_subnet_cidr = data.terraform_remote_state.configuration.outputs.peering_vcns[0] + tenant_vcn_cidrs = data.terraform_remote_state.configuration.outputs.tenant_vcns_per_peering_vcn[0] + + bastion_host = local.bastion_ip + ssh_host = module.routing_instance_1.instance.private_ip + + bastion_ssh_private_key_file = var.bastion_ssh_private_key_file + remote_ssh_private_key_file = var.remote_ssh_private_key_file +} + +module routing_instance_1b_peering_1_routes { + source = "../../../../modules/ip_route_add" + + vnic_id = module.routing_instance_1b_peering_1_vnic_attachement.routing_secondary_vnic_id + + peering_subnet_cidr = data.terraform_remote_state.configuration.outputs.peering_vcns[0] + tenant_vcn_cidrs = data.terraform_remote_state.configuration.outputs.tenant_vcns_per_peering_vcn[0] + + bastion_host = local.bastion_ip + ssh_host = module.routing_instance_1.instance_b.private_ip + + bastion_ssh_private_key_file = var.bastion_ssh_private_key_file + remote_ssh_private_key_file = var.remote_ssh_private_key_file +} + + + +# Routing Instance 2 +# SINGLE ROUTING INSTANCE +module routing_instance_2_peering_1_routes { + source = "../../../../modules/ip_route_add" + + vnic_id = module.routing_instance_2_peering_1_vnic_attachement.routing_secondary_vnic_id + + peering_subnet_cidr = data.terraform_remote_state.configuration.outputs.peering_vcns[1] + tenant_vcn_cidrs = data.terraform_remote_state.configuration.outputs.tenant_vcns_per_peering_vcn[1] + + bastion_host = local.bastion_ip + ssh_host = module.routing_instance_2.instance.private_ip + + bastion_ssh_private_key_file = var.bastion_ssh_private_key_file + remote_ssh_private_key_file = var.remote_ssh_private_key_file +} + +output ip_route_add_status { + value = "IP Route Add successfull" +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%routing%routing_vnic_attachment.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%routing%routing_vnic_attachment.tf new file mode 100644 index 0000000..cc21d65 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%routing%routing_vnic_attachment.tf @@ -0,0 +1,83 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +/* + * Create the secondary vNICs for routing through the peering subnets + */ + +# Routing Instance 1 +# HA ROUTING INSTANCE - two vNIC attachments and floating IP +module routing_instance_1_peering_1_vnic_attachement { + source = "../../../../modules/routing_vnic_attachment" + hostname_label = "${module.routing_instance_1.instance.hostname_label}" + display_name = "${module.routing_instance_1.instance.hostname_label} peering interface 1" + compartment_id = local.compartment_id + + instance_id = module.routing_instance_1.instance.id + subnet_id = data.terraform_remote_state.peering_network.outputs.peering_1_network.peering_subnet.id + + ssh_host = module.routing_instance_1.instance.private_ip + bastion_host = local.bastion_ip + + bastion_ssh_private_key_file = var.bastion_ssh_private_key_file + remote_ssh_private_key_file = var.remote_ssh_private_key_file + + freeform_tags = var.freeform_tags + defined_tags = var.defined_tags +} + +module routing_instance_1b_peering_1_vnic_attachement { + source = "../../../../modules/routing_vnic_attachment" + hostname_label = "${module.routing_instance_1.instance_b.hostname_label}" + display_name = "${module.routing_instance_1.instance_b.hostname_label} peering interface 1" + compartment_id = local.compartment_id + + instance_id = module.routing_instance_1.instance_b.id + subnet_id = data.terraform_remote_state.peering_network.outputs.peering_1_network.peering_subnet.id + + ssh_host = module.routing_instance_1.instance_b.private_ip + bastion_host = local.bastion_ip + + bastion_ssh_private_key_file = var.bastion_ssh_private_key_file + remote_ssh_private_key_file = var.remote_ssh_private_key_file + + freeform_tags = var.freeform_tags + defined_tags = var.defined_tags +} + +resource oci_core_private_ip routing_instance_1_peering_1_floating_ip { + vnic_id = module.routing_instance_1_peering_1_vnic_attachement.routing_secondary_vnic_id + hostname_label = "gateway1" + + lifecycle { + ignore_changes = [ + # ignore changes to vnic_id as it can be moved dynamically for HA failover + vnic_id, + ] + } +} + +# TODO add additional interface on routing instance +# - disabled for now, using VM.Standard2.1 shape for testing with just one secondary vnic + + +# Routing Instance 2 +# SINGLE ROUTING INSTANCE - single vNIC +module routing_instance_2_peering_1_vnic_attachement { + source = "../../../../modules/routing_vnic_attachment" + hostname_label = "${module.routing_instance_2.instance.hostname_label}" + display_name = "${module.routing_instance_2.instance.hostname_label} peering interface 1" + compartment_id = local.compartment_id + + instance_id = module.routing_instance_2.instance.id + subnet_id = data.terraform_remote_state.peering_network.outputs.peering_2_network.peering_subnet.id + + ssh_host = module.routing_instance_2.instance.private_ip + bastion_host = local.bastion_ip + + bastion_ssh_private_key_file = var.bastion_ssh_private_key_file + remote_ssh_private_key_file = var.remote_ssh_private_key_file + + freeform_tags = var.freeform_tags + defined_tags = var.defined_tags +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%routing%terragrunt.hcl b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%routing%terragrunt.hcl new file mode 100644 index 0000000..0bc2513 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%routing%terragrunt.hcl @@ -0,0 +1,13 @@ +include { + path = find_in_parent_folders() +} + +dependencies { + paths = [ + "../../common/configuration", + "../../management/access", + "../../management/network", + "../../peering/network", + "../../tenant/network", + ] +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%routing%variables.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%routing%variables.tf new file mode 100644 index 0000000..b69d1f0 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%peering%routing%variables.tf @@ -0,0 +1,52 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +# OCI Provider variables +variable "tenancy_ocid" {} +variable "user_ocid" {} +variable "fingerprint" {} +variable "private_key_path" {} +variable "region" {} + +# Deployment variables +variable "compartment_ocid" { + type = string + description = "ocid of the compartment to deploy the resources in" +} + +variable "bastion_ssh_private_key_file" { + type = string + description = "path to private ssh key to access the bastion host" + default = "~/.ssh/id_rsa" +} + +variable "remote_ssh_public_key_file" { + type = string + description = "path to public ssh key for all instances deployed in the environment" + default = "~/.ssh/id_rsa.pub" +} + +variable "remote_ssh_private_key_file" { + type = string + description = "path to private ssh key to acccess all instance in the deployed environment" + default = "~/.ssh/id_rsa" +} + +variable hacluster_password { + type = string + description = "password for the routing instance HA cluster (must be at least 8 characters containing uppercase, lowercase, digits, and non-alphanumeric characters)" +} + +variable "freeform_tags" { + type = map + description = "map of freeform tags to apply to all resources" + default = { + "Environment" = "Management" + } +} + +variable "defined_tags" { + type = map + description = "map of defined tags to apply to all resources" + default = {} +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%network%compartments.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%network%compartments.tf new file mode 100644 index 0000000..5dd91fd --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%network%compartments.tf @@ -0,0 +1,78 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +/* + * Configure the tenant compartments + */ + +# Tenant 1 +module tenant_1_compartment { + source = "../../../../modules/compartment" + + providers = { + oci.home = "oci.home" + } + + root_compartment_id = local.root_compartment_id + compartment_name = "tenant1" + freeform_tags = var.freeform_tags + defined_tags = var.defined_tags +} + +output "tenant_1_compartment_id" { + value = module.tenant_1_compartment.compartment_id +} + +# Tenant 2 +module tenant_2_compartment { + source = "../../../../modules/compartment" + + providers = { + oci.home = "oci.home" + } + + root_compartment_id = local.root_compartment_id + compartment_name = "tenant2" + freeform_tags = var.freeform_tags + defined_tags = var.defined_tags +} + +output "tenant_2_compartment_id" { + value = module.tenant_2_compartment.compartment_id +} + +# Tenant 3 +module tenant_3_compartment { + source = "../../../../modules/compartment" + + providers = { + oci.home = "oci.home" + } + + root_compartment_id = local.root_compartment_id + compartment_name = "tenant3" + freeform_tags = var.freeform_tags + defined_tags = var.defined_tags +} + +output "tenant_3_compartment_id" { + value = module.tenant_3_compartment.compartment_id +} + +# Tenant 4 +module tenant_4_compartment { + source = "../../../../modules/compartment" + + providers = { + oci.home = "oci.home" + } + + root_compartment_id = local.root_compartment_id + compartment_name = "tenant4" + freeform_tags = var.freeform_tags + defined_tags = var.defined_tags +} + +output "tenant_4_compartment_id" { + value = module.tenant_4_compartment.compartment_id +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%network%data_sources.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%network%data_sources.tf new file mode 100644 index 0000000..48f6f29 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%network%data_sources.tf @@ -0,0 +1,67 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +# COMMON DATA SOURCES + +data oci_identity_tenancy tenancy { + tenancy_id = var.tenancy_ocid +} + +data oci_identity_regions regions { +} + +# Availability Domains +data oci_identity_availability_domains ADs { + compartment_id = var.tenancy_ocid +} + +# Oracle Linux VM Image +data oci_core_images oraclelinux { + compartment_id = var.compartment_ocid + + operating_system = "Oracle Linux" + operating_system_version = "7.7" + + # exclude GPU specific images + filter { + name = "display_name" + values = ["^Oracle-Linux-7.7-([\\.0-9]+)-([\\.0-9-]+)$"] + regex = true + } +} + +/* + * Remote State Dependencies + */ + +data "terraform_remote_state" "configuration" { + backend = "local" + + config = { + path = "../../common/state/common/configuration/terraform.tfstate" + } +} + +data "terraform_remote_state" "compartments" { + backend = "local" + + config = { + path = "../../common/state/common/compartments/terraform.tfstate" + } +} + +data "terraform_remote_state" "peering_network" { + backend = "local" + + config = { + path = "../../peering/state/peering/network/terraform.tfstate" + } +} + +data "terraform_remote_state" "mgmt_network" { + backend = "local" + + config = { + path = "../../management/state/management/network/terraform.tfstate" + } +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%network%main.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%network%main.tf new file mode 100644 index 0000000..ac64353 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%network%main.tf @@ -0,0 +1,23 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +terraform { + required_version = ">= 0.12.0" + + + backend "local" { + path = "../state/tenant/network/terraform.tfstate" + } +} + +locals { + region_map = { + for r in data.oci_identity_regions.regions.regions : + r.key => r.name + } + + home_region = lookup(local.region_map, data.oci_identity_tenancy.tenancy.home_region_key) + availability_domain = lookup(data.oci_identity_availability_domains.ADs.availability_domains[0], "name") + + root_compartment_id = var.compartment_ocid +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%network%network.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%network%network.tf new file mode 100644 index 0000000..775a8f2 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%network%network.tf @@ -0,0 +1,154 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +/* + * Configure the tenant networks + */ + +# Tenant 1 +module tenant_1_network { + source = "../../../../modules/tenant_network" + + compartment_id = data.terraform_remote_state.compartments.outputs.tenant_1_compartment_id + vcn_name = "tenant1" + dns_label = "tenant1" + vcn_cidr_block = data.terraform_remote_state.configuration.outputs.tenant_vcns[0] + + tenant_public_subnet_cidr = "${cidrsubnet(data.terraform_remote_state.configuration.outputs.tenant_vcns[0], 8, 0)}" + tenant_private_subnet_cidr = "${cidrsubnet(data.terraform_remote_state.configuration.outputs.tenant_vcns[0], 8, 1)}" + + tenant_peering_subnet_cidr = data.terraform_remote_state.configuration.outputs.peering_vcns[0] + management_peering_subnet_cidr = data.terraform_remote_state.mgmt_network.outputs.management_subnet_cidr + + # TODO calculate index + peering_lpg_id = (length(data.terraform_remote_state.peering_network.outputs) == 0 ? null : data.terraform_remote_state.peering_network.outputs.peering_1_network.peering_gateway_ids[0]) + freeform_tags = var.freeform_tags + defined_tags = var.defined_tags +} + +output "tenant_1_vcn_id" { + value = module.tenant_1_network.tenant_vcn.id +} + +output "tenant_1_private_subnet_id" { + value = module.tenant_1_network.tenant_private_subnet.id +} + +output "tenant_1_vcn_cidr" { + value = module.tenant_1_network.tenant_vcn.cidr_block +} + +output "tenant_1_private_subnet_cidr" { + value = module.tenant_1_network.tenant_private_subnet.cidr_block +} + +# Tenant 2 +module tenant_2_network { + source = "../../../../modules/tenant_network" + + compartment_id = data.terraform_remote_state.compartments.outputs.tenant_2_compartment_id + vcn_name = "tenant2" + dns_label = "tenant2" + vcn_cidr_block = data.terraform_remote_state.configuration.outputs.tenant_vcns[1] + + tenant_public_subnet_cidr = "${cidrsubnet(data.terraform_remote_state.configuration.outputs.tenant_vcns[1], 8, 0)}" + tenant_private_subnet_cidr = "${cidrsubnet(data.terraform_remote_state.configuration.outputs.tenant_vcns[1], 8, 1)}" + + tenant_peering_subnet_cidr = data.terraform_remote_state.configuration.outputs.peering_vcns[0] + management_peering_subnet_cidr = data.terraform_remote_state.mgmt_network.outputs.management_subnet_cidr + + # TODO calculate index + peering_lpg_id = (length(data.terraform_remote_state.peering_network.outputs) == 0 ? null : data.terraform_remote_state.peering_network.outputs.peering_1_network.peering_gateway_ids[1]) + freeform_tags = var.freeform_tags + defined_tags = var.defined_tags +} + +output "tenant_2_vcn_id" { + value = module.tenant_2_network.tenant_vcn.id +} + +output "tenant_2_private_subnet_id" { + value = module.tenant_2_network.tenant_private_subnet.id +} + +output "tenant_2_vcn_cidr" { + value = module.tenant_2_network.tenant_vcn.cidr_block +} + +output "tenant_2_private_subnet_cidr" { + value = module.tenant_2_network.tenant_private_subnet.cidr_block +} + +# Tenant 3 +module tenant_3_network { + source = "../../../../modules/tenant_network" + + compartment_id = data.terraform_remote_state.compartments.outputs.tenant_3_compartment_id + vcn_name = "tenant3" + dns_label = "tenant3" + vcn_cidr_block = data.terraform_remote_state.configuration.outputs.tenant_vcns[2] + + tenant_public_subnet_cidr = "${cidrsubnet(data.terraform_remote_state.configuration.outputs.tenant_vcns[2], 8, 0)}" + tenant_private_subnet_cidr = "${cidrsubnet(data.terraform_remote_state.configuration.outputs.tenant_vcns[2], 8, 1)}" + + tenant_peering_subnet_cidr = data.terraform_remote_state.configuration.outputs.peering_vcns[1] + management_peering_subnet_cidr = data.terraform_remote_state.mgmt_network.outputs.management_subnet_cidr + + # TODO calculate index + peering_lpg_id = (length(data.terraform_remote_state.peering_network.outputs) == 0 ? null : data.terraform_remote_state.peering_network.outputs.peering_2_network.peering_gateway_ids[0]) + freeform_tags = var.freeform_tags + defined_tags = var.defined_tags +} + +output "tenant_3_vcn_id" { + value = module.tenant_3_network.tenant_vcn.id +} + +output "tenant_3_private_subnet_id" { + value = module.tenant_3_network.tenant_private_subnet.id +} + +output "tenant_3_vcn_cidr" { + value = module.tenant_3_network.tenant_vcn.cidr_block +} + +output "tenant_3_private_subnet_cidr" { + value = module.tenant_3_network.tenant_private_subnet.cidr_block +} + +# Tenant 4 +module tenant_4_network { + source = "../../../../modules/tenant_network" + + compartment_id = data.terraform_remote_state.compartments.outputs.tenant_4_compartment_id + vcn_name = "tenant4" + dns_label = "tenant4" + vcn_cidr_block = data.terraform_remote_state.configuration.outputs.tenant_vcns[3] + + tenant_public_subnet_cidr = "${cidrsubnet(data.terraform_remote_state.configuration.outputs.tenant_vcns[3], 8, 0)}" + tenant_private_subnet_cidr = "${cidrsubnet(data.terraform_remote_state.configuration.outputs.tenant_vcns[3], 8, 1)}" + + tenant_peering_subnet_cidr = data.terraform_remote_state.configuration.outputs.peering_vcns[1] + management_peering_subnet_cidr = data.terraform_remote_state.mgmt_network.outputs.management_subnet_cidr + + # TODO calculate index + peering_lpg_id = (length(data.terraform_remote_state.peering_network.outputs) == 0 ? null : data.terraform_remote_state.peering_network.outputs.peering_2_network.peering_gateway_ids[1]) + freeform_tags = var.freeform_tags + defined_tags = var.defined_tags +} + +output "tenant_4_vcn_id" { + value = module.tenant_4_network.tenant_vcn.id +} + +output "tenant_4_private_subnet_id" { + value = module.tenant_4_network.tenant_private_subnet.id +} + +output "tenant_4_vcn_cidr" { + value = module.tenant_4_network.tenant_vcn.cidr_block +} + +output "tenant_4_private_subnet_cidr" { + value = module.tenant_4_network.tenant_private_subnet.cidr_block +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%network%providers.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%network%providers.tf new file mode 100644 index 0000000..480134e --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%network%providers.tf @@ -0,0 +1,20 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +provider oci { + tenancy_ocid = var.tenancy_ocid + user_ocid = var.user_ocid + fingerprint = var.fingerprint + private_key_path = var.private_key_path + region = var.region +} + +// provider for home region for IAM resource provisioning +provider oci { + alias = "home" + tenancy_ocid = var.tenancy_ocid + user_ocid = var.user_ocid + fingerprint = var.fingerprint + private_key_path = var.private_key_path + region = local.home_region +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%network%terragrunt.hcl b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%network%terragrunt.hcl new file mode 100644 index 0000000..a1f9652 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%network%terragrunt.hcl @@ -0,0 +1,11 @@ +include { + path = find_in_parent_folders() +} + +dependencies { + paths = [ + "../../common/configuration", + "../../management/network", + "../../peering/network", + ] +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%network%variables.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%network%variables.tf new file mode 100644 index 0000000..45a74a3 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%network%variables.tf @@ -0,0 +1,41 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +# OCI Provider variables +variable "tenancy_ocid" {} +variable "user_ocid" {} +variable "fingerprint" {} +variable "private_key_path" {} +variable "region" {} + +# Deployment variables +variable "compartment_ocid" { + type = string + description = "ocid of the compartment to deploy the resources in" +} + +variable "bastion_ssh_private_key_file" { + type = string + description = "path to private ssh key to access the bastion host" + default = "~/.ssh/id_rsa" +} + +variable "remote_ssh_private_key_file" { + type = string + description = "path to private ssh key to acccess all instance in the deployed environment" + default = "~/.ssh/id_rsa" +} + +variable "freeform_tags" { + type = map + description = "map of freeform tags to apply to all resources" + default = { + "Environment" = "Tenant" + } +} + +variable "defined_tags" { + type = map + description = "map of defined tags to apply to all resources" + default = {} +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%servers%data_sources.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%servers%data_sources.tf new file mode 100644 index 0000000..3b99220 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%servers%data_sources.tf @@ -0,0 +1,75 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +# COMMON DATA SOURCES + +data oci_identity_tenancy tenancy { + tenancy_id = var.tenancy_ocid +} + +data oci_identity_regions regions { +} + +# Availability Domains +data oci_identity_availability_domains ADs { + compartment_id = var.tenancy_ocid +} + +# Oracle Linux VM Image +data oci_core_images oraclelinux { + compartment_id = var.compartment_ocid + + operating_system = "Oracle Linux" + operating_system_version = "7.7" + + # exclude GPU specific images + filter { + name = "display_name" + values = ["^Oracle-Linux-7.7-([\\.0-9]+)-([\\.0-9-]+)$"] + regex = true + } +} + +/* + * Remote State Dependencies + */ + +data "terraform_remote_state" "configuration" { + backend = "local" + + config = { + path = "../../common/state/common/configuration/terraform.tfstate" + } +} + +data "terraform_remote_state" "compartments" { + backend = "local" + + config = { + path = "../../common/state/common/compartments/terraform.tfstate" + } +} + +data "terraform_remote_state" "tenant_network" { + backend = "local" + + config = { + path = "../state/tenant/network/terraform.tfstate" + } +} + +data "terraform_remote_state" "mgmt_servers" { + backend = "local" + + config = { + path = "../../management/state/management/servers/terraform.tfstate" + } +} + +data "terraform_remote_state" "access" { + backend = "local" + + config = { + path = "../../management/state/management/access/terraform.tfstate" + } +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%servers%main.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%servers%main.tf new file mode 100644 index 0000000..4cb3a19 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%servers%main.tf @@ -0,0 +1,22 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +terraform { + required_version = ">= 0.12.0" + + backend "local" { + path = "../state/tenant/servers/terraform.tfstate" + } +} + +locals { + region_map = { + for r in data.oci_identity_regions.regions.regions : + r.key => r.name + } + + home_region = lookup(local.region_map, data.oci_identity_tenancy.tenancy.home_region_key) + availability_domain = lookup(data.oci_identity_availability_domains.ADs.availability_domains[0], "name") + + root_compartment_id = var.compartment_ocid +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%servers%providers.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%servers%providers.tf new file mode 100644 index 0000000..323feb2 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%servers%providers.tf @@ -0,0 +1,10 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +provider oci { + tenancy_ocid = var.tenancy_ocid + user_ocid = var.user_ocid + fingerprint = var.fingerprint + private_key_path = var.private_key_path + region = var.region +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%servers%tenant_instance.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%servers%tenant_instance.tf new file mode 100644 index 0000000..322da10 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%servers%tenant_instance.tf @@ -0,0 +1,91 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +/* + * Create the tenant server instances + */ + +# Tenant 1 +module tenant_instance_1 { + source = "../../../../modules/tenant_instance" + + compartment_id = data.terraform_remote_state.compartments.outputs.tenant_1_compartment_id + source_id = data.oci_core_images.oraclelinux.images.0.id + subnet_id = data.terraform_remote_state.tenant_network.outputs.tenant_1_private_subnet_id + availability_domain = local.availability_domain + bastion_ip = data.terraform_remote_state.access.outputs.bastion_ip + + bastion_ssh_private_key_file = var.bastion_ssh_private_key_file + remote_ssh_public_key_file = var.remote_ssh_public_key_file + remote_ssh_private_key_file = var.remote_ssh_private_key_file + freeform_tags = var.freeform_tags + defined_tags = var.defined_tags +} + +output "tenant_1_private_ip" { + value = module.tenant_instance_1.instance_ip +} + +# Tenant 2 +module tenant_instance_2 { + source = "../../../../modules/tenant_instance" + + compartment_id = data.terraform_remote_state.compartments.outputs.tenant_2_compartment_id + source_id = data.oci_core_images.oraclelinux.images.0.id + subnet_id = data.terraform_remote_state.tenant_network.outputs.tenant_2_private_subnet_id + availability_domain = local.availability_domain + bastion_ip = data.terraform_remote_state.access.outputs.bastion_ip + + bastion_ssh_private_key_file = var.bastion_ssh_private_key_file + remote_ssh_public_key_file = var.remote_ssh_public_key_file + remote_ssh_private_key_file = var.remote_ssh_private_key_file + freeform_tags = var.freeform_tags + defined_tags = var.defined_tags +} + +output "tenant_2_private_ip" { + value = module.tenant_instance_2.instance_ip +} + +# Tenant 3 +module tenant_instance_3 { + source = "../../../../modules/tenant_instance" + + compartment_id = data.terraform_remote_state.compartments.outputs.tenant_3_compartment_id + source_id = data.oci_core_images.oraclelinux.images.0.id + subnet_id = data.terraform_remote_state.tenant_network.outputs.tenant_3_private_subnet_id + availability_domain = local.availability_domain + bastion_ip = data.terraform_remote_state.access.outputs.bastion_ip + + bastion_ssh_private_key_file = var.bastion_ssh_private_key_file + remote_ssh_public_key_file = var.remote_ssh_public_key_file + remote_ssh_private_key_file = var.remote_ssh_private_key_file + freeform_tags = var.freeform_tags + defined_tags = var.defined_tags +} + +output "tenant_3_private_ip" { + value = module.tenant_instance_3.instance_ip +} + + +# Tenant 4 +module tenant_instance_4 { + source = "../../../../modules/tenant_instance" + + compartment_id = data.terraform_remote_state.compartments.outputs.tenant_4_compartment_id + source_id = data.oci_core_images.oraclelinux.images.0.id + subnet_id = data.terraform_remote_state.tenant_network.outputs.tenant_4_private_subnet_id + availability_domain = local.availability_domain + bastion_ip = data.terraform_remote_state.access.outputs.bastion_ip + + bastion_ssh_private_key_file = var.bastion_ssh_private_key_file + remote_ssh_public_key_file = var.remote_ssh_public_key_file + remote_ssh_private_key_file = var.remote_ssh_private_key_file + freeform_tags = var.freeform_tags + defined_tags = var.defined_tags +} + +output "tenant_4_private_ip" { + value = module.tenant_instance_4.instance_ip +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%servers%terragrunt.hcl b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%servers%terragrunt.hcl new file mode 100644 index 0000000..435a306 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%servers%terragrunt.hcl @@ -0,0 +1,11 @@ +include { + path = find_in_parent_folders() +} + +dependencies { + paths = [ + "../../management/access", + "../../management/servers", + "../../tenant/network", + ] +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%servers%variables.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%servers%variables.tf new file mode 100644 index 0000000..dfdf2b1 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%tenant%servers%variables.tf @@ -0,0 +1,47 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +# OCI Provider variables +variable "tenancy_ocid" {} +variable "user_ocid" {} +variable "fingerprint" {} +variable "private_key_path" {} +variable "region" {} + +# Deployment variables +variable "compartment_ocid" { + type = string + description = "ocid of the compartment to deploy the resources in" +} + +variable "bastion_ssh_private_key_file" { + type = string + description = "path to private ssh key to access the bastion host" + default = "~/.ssh/id_rsa" +} + +variable "remote_ssh_public_key_file" { + type = string + description = "path to public ssh key for all instances deployed in the environment" + default = "~/.ssh/id_rsa.pub" +} + +variable "remote_ssh_private_key_file" { + type = string + description = "path to private ssh key to acccess all instance in the deployed environment" + default = "~/.ssh/id_rsa" +} + +variable "freeform_tags" { + type = map + description = "map of freeform tags to apply to all resources" + default = { + "Environment" = "Tenant" + } +} + +variable "defined_tags" { + type = map + description = "map of defined tags to apply to all resources" + default = {} +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%terragrunt.hcl b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%terragrunt.hcl new file mode 100644 index 0000000..179fb9a --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%full-deployment%terragrunt.hcl @@ -0,0 +1,9 @@ +terraform { + extra_arguments "common_vars" { + commands = ["plan", "apply", "destroy"] + + arguments = [ + "-var-file=../../terraform.tfvars", + ] + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%network_calculator%main.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%network_calculator%main.tf new file mode 100644 index 0000000..0435394 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%network_calculator%main.tf @@ -0,0 +1,32 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +module network_topology { + source = "../../modules/network_calculator" + + number_of_tenants = var.number_of_tenants + + routing_instances_subnet_cidr = var.routing_instances_subnet_cidr + + tenant_peering_vcn_meta_cidr = var.tenant_peering_vcn_meta_cidr + tenant_peering_vcn_mask = var.tenant_peering_vcn_mask + + tenant_vcn_meta_cidr = var.tenant_vcn_meta_cidr + tenant_vcn_mask = var.tenant_vcn_mask + + peering_vcns_per_routing_instance = var.peering_vcns_per_routing_instance + local_peering_gateways_per_tenany_peering_vcn = var.local_peering_gateways_per_tenany_peering_vcn + +} + +output "tenant_vcns" { + value = module.network_topology.tenant_vcns +} + +output "peering_vcns" { + value = module.network_topology.peering_vcns +} + +output "tenant_vcns_per_peering_vcn" { + value = module.network_topology.tenant_vcns_per_peering_vcn +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%network_calculator%variables.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%network_calculator%variables.tf new file mode 100644 index 0000000..0d48396 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%examples%network_calculator%variables.tf @@ -0,0 +1,51 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +# variables +variable "number_of_tenants" { + type = string + description = "number of tenants" + default = "30" +} + +variable "routing_instances_subnet_cidr" { + type = string + description = "routing instances subnet cidr block" + default = "10.254.100.0/24" +} + +variable "tenant_peering_vcn_meta_cidr" { + type = string + description = "tenant peering vcn meta cidr" + default = "10.253.0.0/16" +} + +variable "tenant_peering_vcn_mask" { + type = string + description = "tenant peering vcn mask" + default = "29" +} + +variable "tenant_vcn_meta_cidr" { + type = string + description = "tenant vcn meta cidr" + default = "10.1.0.0/16" +} + +variable "tenant_vcn_mask" { + type = string + description = "tenant vcn mask" + default = "29" +} + +variable "peering_vcns_per_routing_instance" { + type = string + description = "peering vcns per routing instance" + default = "3" +} + +variable "local_peering_gateways_per_tenany_peering_vcn" { + type = string + description = "local peering gateways per tenany peering vcn" + default = "10" +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%bastion_instance%main.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%bastion_instance%main.tf new file mode 100644 index 0000000..c27e2cc --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%bastion_instance%main.tf @@ -0,0 +1,66 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +/* + * Creates a bastion host instance and copies the provided public and private ssh keys + * to the instance to access to the remove instances through the bastion + */ + +locals { + # extract key name from the keypath + private_key = element(reverse(split("/", var.remote_ssh_private_key_file)), 0) + public_key = element(reverse(split("/", var.remote_ssh_public_key_file)), 0) +} + +resource oci_core_instance bastion_server { + availability_domain = var.availability_domain + compartment_id = var.compartment_id + display_name = var.display_name + hostname_label = var.hostname_label + + source_details { + source_type = "image" + source_id = var.source_id + } + + shape = var.shape + + metadata = { + ssh_authorized_keys = file(var.bastion_ssh_public_key_file) + } + + create_vnic_details { + subnet_id = var.subnet_id + assign_public_ip = true + hostname_label = var.hostname_label + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags + } + + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags + + connection { + type = "ssh" + host = oci_core_instance.bastion_server.public_ip + user = "opc" + private_key = file(var.bastion_ssh_private_key_file) + } + + # upload the SSH keys used to access remote instances + provisioner file { + source = var.remote_ssh_private_key_file + destination = ".ssh/${local.private_key}" + } + + provisioner file { + source = var.remote_ssh_public_key_file + destination = ".ssh/${local.public_key}" + } + + provisioner remote-exec { + inline = [ + "chmod go-rwx .ssh/${local.private_key}", + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%bastion_instance%outputs.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%bastion_instance%outputs.tf new file mode 100644 index 0000000..61b9307 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%bastion_instance%outputs.tf @@ -0,0 +1,7 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +output instance_ip { + description = "the public ip address of the bastion host instance" + value = oci_core_instance.bastion_server.public_ip +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%bastion_instance%variables.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%bastion_instance%variables.tf new file mode 100644 index 0000000..459c5d6 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%bastion_instance%variables.tf @@ -0,0 +1,72 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +variable display_name { + type = string + description = "root compartment for the individual tenant compartments" + default = "bastion" +} + +variable hostname_label { + type = string + description = "compartment name" + default = "bastion" +} + +variable freeform_tags { + type = map + description = "map of freeform tags to apply to all resources created by this module" + default = {} +} + +variable defined_tags { + type = map + description = "map of defined tags to apply to all resources created by this module" + default = {} +} + +variable compartment_id { + type = string + description = "ocid of the compartment to provision the resources in" +} + +variable source_id { + type = string + description = "ocid of the image to provistion the bastion instance with" +} + +variable subnet_id { + type = string + description = "ocid of the subnet to provision the bastion instance in" +} + +variable availability_domain { + type = string + description = "the availability downmain to provision the bastion instance in" +} + +variable bastion_ssh_private_key_file { + type = string + description = "the private ssh key file to access the bastion instance" +} + +variable bastion_ssh_public_key_file { + type = string + description = "the public ssh key file to be added to the bastion instance ssh_authorized_keys" +} + +variable remote_ssh_private_key_file { + type = string + description = "the private ssh key to provision on the bastion host for access to remote instances" +} + +variable remote_ssh_public_key_file { + type = string + description = "the public ssh key to provision on the bastion host for access to remote instances" +} + +variable shape { + type = string + description = "oci instance shape for the bastion instance" + default = "VM.Standard1.4" +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%compartment%main.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%compartment%main.tf new file mode 100644 index 0000000..5d19e01 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%compartment%main.tf @@ -0,0 +1,25 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +/* + * Createa a compartment. + * The oci provider for the home region must be configured using the `home` provider alias. + */ + +provider oci { + alias = "home" +} + +/* + * Create a compartment. + */ +resource oci_identity_compartment compartment { + provider = oci.home + + compartment_id = var.root_compartment_id + name = var.compartment_name + description = "${var.compartment_name} compartment" + enable_delete = var.enable_delete + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%compartment%outputs.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%compartment%outputs.tf new file mode 100644 index 0000000..a95bb1e --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%compartment%outputs.tf @@ -0,0 +1,7 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +output compartment_id { + value = oci_identity_compartment.compartment.id + description = "the ocid of the compartment" +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%compartment%variables.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%compartment%variables.tf new file mode 100644 index 0000000..f898098 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%compartment%variables.tf @@ -0,0 +1,30 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +variable root_compartment_id { + type = string + description = "parent compartment for the new compartment to be created in" +} + +variable compartment_name { + type = string + description = "compartment name" +} + +variable freeform_tags { + type = map + description = "map of freeform tags to apply to all resources created by this module" + default = {} +} + +variable defined_tags { + type = map + description = "map of defined tags to apply to all resources created by this module" + default = {} +} + +variable enable_delete { + type = bool + description = "fully delete the compartment on destroy, by default compartments as retained for reuse" + default = false +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%ip_route_add%main.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%ip_route_add%main.tf new file mode 100644 index 0000000..9038067 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%ip_route_add%main.tf @@ -0,0 +1,42 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +/* + * Adds IP routea to the target instance to route traffic via the seconardy vNIC + */ + +locals { + # generate an ip route provisioning command for each target network + route_command = var.peering_subnet_cidr == null ? [] : formatlist("%s via ${cidrhost(var.peering_subnet_cidr, 1)}", var.tenant_vcn_cidrs) + add_route_commands = var.peering_subnet_cidr == null ? [] : formatlist("sudo ip route add %s", local.route_command) + route_config_entry = var.peering_subnet_cidr == null ? [] : formatlist("echo %s | sudo tee -a /etc/sysconfig/network-scripts/route-spp", local.route_command) +} + +resource null_resource ip_route_add { + + triggers = { + vnic_id = var.vnic_id + } + + connection { + type = "ssh" + host = var.ssh_host + user = "opc" + private_key = file(var.remote_ssh_private_key_file) + + bastion_host = var.bastion_host + bastion_user = "opc" + bastion_private_key = file(var.bastion_ssh_private_key_file) + } + + provisioner remote-exec { + inline = flatten([[ + "set -x", + "# add a route to the tenant network via the peer vnic", + ], local.add_route_commands, + local.route_config_entry, + "interface_name=`sudo /home/opc/secondary_vnic_all_configure.sh | grep \"${var.vnic_id}\" | tr -s \" \" | cut -d' ' -f8`", + "sudo mv /etc/sysconfig/network-scripts/route-spp /etc/sysconfig/network-scripts/route-$interface_name" + ]) + } +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%ip_route_add%outputs.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%ip_route_add%outputs.tf new file mode 100644 index 0000000..36a6f09 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%ip_route_add%outputs.tf @@ -0,0 +1,6 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +output ip_route_add_status { + value = "IP Route Add successfull" +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%ip_route_add%variables.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%ip_route_add%variables.tf new file mode 100644 index 0000000..1871e6f --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%ip_route_add%variables.tf @@ -0,0 +1,39 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +variable vnic_id { + type = string + description = "ocid of the vNIC the route is configured for" +} + +variable peering_subnet_cidr { + type = string + description = "the peering network cidr to route through" +} + +variable tenant_vcn_cidrs { + type = list + description = "list of network cidrs accessable through this route" +} + +variable bastion_host { + type = string + description = "host name or ip address of the bastion host for provisioning" +} + +variable bastion_ssh_private_key_file { + type = string + description = "the private ssh key file to access the bastion instance" + default = "~/.ssh/id_rsa" +} + +variable remote_ssh_private_key_file { + type = string + description = "the private ssh key to provision on the bastion host for access to remote instances" + default = "~/.ssh/id_rsa" +} + +variable ssh_host { + type = string + description = "host name or ip address of the instance to provision the ip route on" +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%management_instance%main.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%management_instance%main.tf new file mode 100644 index 0000000..8f02c40 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%management_instance%main.tf @@ -0,0 +1,46 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +/* + * Create an example management server instance + */ + +resource oci_core_instance management_server { + availability_domain = var.availability_domain + compartment_id = var.compartment_id + display_name = var.display_name + hostname_label = var.hostname_label + + source_details { + source_type = "image" + source_id = var.source_id + } + + shape = var.shape + + metadata = { + ssh_authorized_keys = file(var.remote_ssh_public_key_file) + } + + create_vnic_details { + subnet_id = var.subnet_id + assign_public_ip = false + hostname_label = var.hostname_label + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags + } + + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags + + connection { + type = "ssh" + host = oci_core_instance.management_server.private_ip + user = "opc" + private_key = file(var.remote_ssh_private_key_file) + + bastion_host = var.bastion_ip + bastion_user = "opc" + bastion_private_key = file(var.bastion_ssh_private_key_file) + } +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%management_instance%outputs.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%management_instance%outputs.tf new file mode 100644 index 0000000..d000669 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%management_instance%outputs.tf @@ -0,0 +1,7 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +output instance_ip { + description = "the private ip of the instance" + value = oci_core_instance.management_server.private_ip +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%management_instance%variables.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%management_instance%variables.tf new file mode 100644 index 0000000..fdb5b86 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%management_instance%variables.tf @@ -0,0 +1,76 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +variable display_name { + type = string + description = "name of management instance" + default = "management" +} + +variable hostname_label { + type = string + description = "hostname label" + default = "management" +} + +variable freeform_tags { + type = map + description = "map of freeform tags to apply to all resources created by this module" + default = {} +} + +variable defined_tags { + type = map + description = "map of defined tags to apply to all resources created by this module" + default = {} +} + +variable compartment_id { + type = string + description = "ocid of the compartment to provision the resources in" +} + +variable source_id { + type = string + description = "ocid of the image to provistion the management instance with" +} + +variable subnet_id { + type = string + description = "ocid of the subnet to provision the management instance in" +} + +variable availability_domain { + type = string + description = "the availability downmain to provision the management instance in" +} + +# TODO rename to `bastion_host` for consistency +variable bastion_ip { + type = string + description = "host name or ip address of the bastion host for provisioning" +} + +variable shape { + type = string + description = "oci shape for the instance" + default = "VM.Standard1.4" +} + +variable bastion_ssh_private_key_file { + type = string + description = "the private ssh key file to access the bastion instance" + default = "~/.ssh/id_rsa" +} + +variable remote_ssh_private_key_file { + type = string + description = "the private ssh key to provision on the bastion host for access to remote instances" + default = "~/.ssh/id_rsa" +} + +variable remote_ssh_public_key_file { + type = string + description = "the public ssh key to provision on the bastion host for access to remote instances" + default = "~/.ssh/id_rsa.pub" +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%management_network%main.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%management_network%main.tf new file mode 100644 index 0000000..ef32ffe --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%management_network%main.tf @@ -0,0 +1,195 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +/* + * Create the ISV management VCN and related resources. + */ + +# VCN +resource oci_core_vcn isv_vcn { + compartment_id = var.compartment_id + display_name = var.vcn_name + dns_label = var.dns_label + cidr_block = var.vcn_cidr_block + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags +} + +# Internet Gateway +resource oci_core_internet_gateway management_igw { + compartment_id = var.compartment_id + vcn_id = oci_core_vcn.isv_vcn.id + display_name = var.igw_name + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags +} + +# NAT Gateway +resource oci_core_nat_gateway management_nat { + compartment_id = var.compartment_id + vcn_id = oci_core_vcn.isv_vcn.id + display_name = var.nat_name + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags +} + +# Default Route Table +resource oci_core_default_route_table isv_default_rte_table { + manage_default_resource_id = oci_core_vcn.isv_vcn.default_route_table_id + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags + + route_rules { + destination = "0.0.0.0/0" + network_entity_id = oci_core_internet_gateway.management_igw.id + } +} + +# Route Table for the private subnet with NAT +resource oci_core_route_table private_route_table { + compartment_id = var.compartment_id + vcn_id = oci_core_vcn.isv_vcn.id + display_name = var.private_rte_name + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags + + route_rules { + destination = "0.0.0.0/0" + network_entity_id = oci_core_nat_gateway.management_nat.id + } +} + +# Network Security List for the Management Subnet +resource oci_core_security_list management_security_list { + compartment_id = var.compartment_id + vcn_id = oci_core_vcn.isv_vcn.id + display_name = var.management_sec_list + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags + + // allow outbound tcp traffic on all ports + egress_security_rules { + destination = "0.0.0.0/0" + protocol = "6" + } + + // allow inbound icmp traffic of a specific type + ingress_security_rules { + protocol = 1 + source = var.access_subnet_cidr + } + + // allow inbound http traffic + ingress_security_rules { + tcp_options { + min = "80" + max = "80" + } + protocol = "6" + source = var.access_subnet_cidr + } +} + +# Network Security List for the Peering Subnet +resource oci_core_security_list peering_security_list { + compartment_id = var.peering_compartment_id + vcn_id = oci_core_vcn.isv_vcn.id + display_name = var.peering_sec_list + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags + + // allow outbound tcp traffic on all ports + egress_security_rules { + destination = "0.0.0.0/0" + protocol = "6" + } + + // allow inbound icmp traffic of a specific type + ingress_security_rules { + protocol = 1 + source = "0.0.0.0/0" + } + + // allow inbound NRPE traffic + ingress_security_rules { + tcp_options { + min = "5666" + max = "5666" + } + protocol = "6" + source = "0.0.0.0/0" + } +} + +# Network Security List for the Access (bastion) Subnet +resource oci_core_security_list access_security_list { + compartment_id = var.compartment_id + vcn_id = oci_core_vcn.isv_vcn.id + display_name = "access_security_list" + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags + + // allow outbound tcp traffic on all ports + egress_security_rules { + destination = "0.0.0.0/0" + protocol = "6" + } + + // allow inbound icmp traffic of a specific type + ingress_security_rules { + protocol = 1 + source = "0.0.0.0/0" + } +} + +/* + * SUBNETS + */ + +# Access (bastion) Subnet +resource oci_core_subnet access_subnet { + compartment_id = var.compartment_id + vcn_id = oci_core_vcn.isv_vcn.id + display_name = var.access_subnet_name + dns_label = var.access_subnet_dns_label + cidr_block = var.access_subnet_cidr + security_list_ids = [ + oci_core_vcn.isv_vcn.default_security_list_id, + oci_core_security_list.access_security_list.id + ] + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags +} + +# Peering Subnet +resource oci_core_subnet peering_subnet { + compartment_id = var.peering_compartment_id + vcn_id = oci_core_vcn.isv_vcn.id + display_name = var.peering_subnet_name + dns_label = var.peering_subnet_dns_label + cidr_block = var.peering_subnet_cidr + route_table_id = oci_core_route_table.private_route_table.id + security_list_ids = [ + oci_core_vcn.isv_vcn.default_security_list_id, + oci_core_security_list.peering_security_list.id + ] + prohibit_public_ip_on_vnic = true + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags +} + +# Management Subnet +resource oci_core_subnet management_subnet { + compartment_id = var.compartment_id + vcn_id = oci_core_vcn.isv_vcn.id + display_name = var.management_subnet_name + dns_label = var.management_subnet_dns_label + cidr_block = var.management_subnet_cidr + security_list_ids = [ + oci_core_vcn.isv_vcn.default_security_list_id, + oci_core_security_list.management_security_list.id + ] + prohibit_public_ip_on_vnic = true + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%management_network%outputs.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%management_network%outputs.tf new file mode 100644 index 0000000..86e5c38 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%management_network%outputs.tf @@ -0,0 +1,32 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +output vcn { + description = "the `oci_core_vcn` resource" + value = oci_core_vcn.isv_vcn +} + +output management_subnet { + description = "the management subnet `oci_core_subnet` resource" + value = oci_core_subnet.management_subnet +} + +output access_subnet { + description = "the access subnet `oci_core_subnet` resource" + value = oci_core_subnet.access_subnet +} + +output peering_subnet { + description = "the peering subnet `oci_core_subnet` resource" + value = oci_core_subnet.peering_subnet +} + +output nat_id { + description = "ocid of the nat gateway" + value = oci_core_nat_gateway.management_nat.id +} + +output igw_id { + description = "ocid of the internet gateway" + value = oci_core_internet_gateway.management_igw.id +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%management_network%variables.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%management_network%variables.tf new file mode 100644 index 0000000..ccb1542 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%management_network%variables.tf @@ -0,0 +1,134 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +variable compartment_id { + type = string + description = "compartment for the management resources" +} + +variable peering_compartment_id { + type = string + description = "compartment for the peering subnet" +} + +variable vcn_name { + type = string + description = "CIDR range for the management VCN" +} + +variable dns_label { + type = string + description = "CIDR range for the management VCN" + default = "" +} + +variable vcn_cidr_block { + type = string + description = "CIDR range for the management VCN" +} + +variable freeform_tags { + type = map + description = "map of freeform tags to apply to all resources created by this module" + default = {} +} + +variable defined_tags { + type = map + description = "map of defined tags to apply to all resources created by this module" + default = {} +} + +variable igw_name { + type = string + description = "Internet gateway name for management VCN" + default = "igw" +} + +variable nat_name { + type = string + description = "NAT gateway name for management VCN" + default = "nat" +} + +variable public_rte_name { + type = string + description = "route table namefor public subnet" + default = "public_rte" +} + +variable private_rte_name { + type = string + description = "route table namefor private subnet" + default = "private_rte" +} + +variable management_sec_list { + type = string + description = "seclist to open ports 80/443 to allow access to nagios server" + default = "management_sec_list" +} + +variable peering_sec_list { + type = string + description = "seclist to open ICMP ports" + default = "peering_sec_list" +} + +variable access_sec_list { + type = string + description = "seclist to open ports 80/443 to allow load balancer traffic" + default = "access_sec_list" +} + +variable access_subnet_name { + type = string + description = "Access Subnet display name" + default = "access subnet" +} + +variable access_subnet_dns_label { + type = string + description = "Access Subnet display name" + default = "access" +} + +variable access_subnet_cidr { + type = string + description = "CIDR range for the peering subnet" +} + +variable peering_subnet_name { + type = string + description = "Access Subnet display name" + default = "peering subnet" +} + +variable peering_subnet_dns_label { + type = string + description = "Access Subnet display name" + default = "peering" +} + +variable peering_subnet_cidr { + type = string + description = "CIDR range for the peering subnet" +} + +variable management_subnet_name { + type = string + description = "Management Subnet display name" + default = "management subnet" +} + +variable management_subnet_dns_label { + type = string + description = "Management Subnet display name" + default = "management" +} + +variable management_subnet_cidr { + type = string + description = "CIDR range for the management subnet" +} + diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%management_rte_attachement%main.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%management_rte_attachement%main.tf new file mode 100644 index 0000000..991f882 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%management_rte_attachement%main.tf @@ -0,0 +1,102 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +/* + * Create new route tables for access fo the tenant VCNs and attach the new route + * tables to the management and access subnets for connectivity through to the tenant + * networks. + * + * NOTE: route table attachment replaces the use of the default route table configured + * for the access and management subets on initial creation. + * + * TODO: addition of new tenants currently requires manual update to the route table config below. + * could be more dynamic. + */ + +#private route table attachment +resource oci_core_route_table management_private_rt_table { + compartment_id = var.compartment_id + vcn_id = var.management_vcn_id + display_name = var.display_name + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags + + route_rules { + destination = "0.0.0.0/0" + network_entity_id = var.management_nat_id + } + + # TODO using dynamic for_each + route_rules { + destination_type = "CIDR_BLOCK" + destination = var.tenant_vcn_cidr_blocks[0] + network_entity_id = var.routing_ip_ids[0] + } + + route_rules { + destination_type = "CIDR_BLOCK" + destination = var.tenant_vcn_cidr_blocks[1] + network_entity_id = var.routing_ip_ids[0] + } + + route_rules { + destination_type = "CIDR_BLOCK" + destination = var.tenant_vcn_cidr_blocks[2] + network_entity_id = var.routing_ip_ids[1] + } + + route_rules { + destination_type = "CIDR_BLOCK" + destination = var.tenant_vcn_cidr_blocks[3] + network_entity_id = var.routing_ip_ids[1] + } +} + +resource "oci_core_route_table_attachment" "management_route_table_attachment" { + subnet_id = var.management_subnet_id + route_table_id = oci_core_route_table.management_private_rt_table.id +} + +#public route table attachment +resource oci_core_route_table access_public_rt_table { + compartment_id = var.compartment_id + vcn_id = var.management_vcn_id + display_name = var.display_name_public + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags + + route_rules { + destination = "0.0.0.0/0" + network_entity_id = var.management_igw_id + } + + # TODO using dynamic for_each + route_rules { + destination_type = "CIDR_BLOCK" + destination = var.tenant_vcn_cidr_blocks[0] + network_entity_id = var.routing_ip_ids[0] + } + + route_rules { + destination_type = "CIDR_BLOCK" + destination = var.tenant_vcn_cidr_blocks[1] + network_entity_id = var.routing_ip_ids[0] + } + + route_rules { + destination_type = "CIDR_BLOCK" + destination = var.tenant_vcn_cidr_blocks[2] + network_entity_id = var.routing_ip_ids[1] + } + + route_rules { + destination_type = "CIDR_BLOCK" + destination = var.tenant_vcn_cidr_blocks[3] + network_entity_id = var.routing_ip_ids[1] + } +} + +resource "oci_core_route_table_attachment" "access_route_table_attachment" { + subnet_id = var.access_subnet_id + route_table_id = oci_core_route_table.access_public_rt_table.id +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%management_rte_attachement%outputs.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%management_rte_attachement%outputs.tf new file mode 100644 index 0000000..6452a89 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%management_rte_attachement%outputs.tf @@ -0,0 +1,7 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +output routing_id { + description = "ocid of the new route table for the management subnet" + value = oci_core_route_table_attachment.management_route_table_attachment.id +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%management_rte_attachement%variables.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%management_rte_attachement%variables.tf new file mode 100644 index 0000000..f650814 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%management_rte_attachement%variables.tf @@ -0,0 +1,65 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +variable display_name { + type = string + description = "name of routing instance" + default = "private_tenant_rte_table" +} + +variable display_name_public { + type = string + description = "name of routing instance" + default = "public_tenant_rte_table" +} + +variable freeform_tags { + type = map + description = "map of freeform tags to apply to all resources created by this module" + default = {} +} + +variable defined_tags { + type = map + description = "map of defined tags to apply to all resources created by this module" + default = {} +} + +variable compartment_id { + type = string + description = "ocid of the compartment to provision the resources in" +} + +variable management_vcn_id { + type = string + description = "ocid of the management vcn" +} + +variable management_subnet_id { + type = string + description = "ocid of the management subnet" +} + +variable access_subnet_id { + type = string + description = "ocid of the access subnet" +} + +variable management_nat_id { + type = string + description = "ocid of the nat gateway" +} + +variable management_igw_id { + type = string + description = "ocid of the internet gateway" +} + +variable routing_ip_ids { + description = "ordered list of private ip address resource ocids for the routing instances" + type = list(string) +} + +variable tenant_vcn_cidr_blocks { + type = list(string) +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%network_calculator%main.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%network_calculator%main.tf new file mode 100644 index 0000000..06ee5a8 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%network_calculator%main.tf @@ -0,0 +1,44 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +/* + * Helper module to calculate the network CIDRs for the tenant and peering VCNs. + */ + +locals { + + # calculate the total number of peering vcns needed for the number of tenants + number_of_peering_vcns = var.number_of_tenants / var.local_peering_gateways_per_tenany_peering_vcn + + # calculate the difference between the meta cidr netmask and the desired vnc netmask + # e.g. if /24 tenant vcns are allocated from /16 range then the newbits will be 8 + # this value is then used in the `cidrsubnet()` function + tenant_peering_vcn_newbits = var.tenant_peering_vcn_mask - tonumber(split("/", var.tenant_peering_vcn_meta_cidr)[1]) + tenant_vcn_newbits = var.tenant_vcn_mask - tonumber(split("/", var.tenant_vcn_meta_cidr)[1]) + + # calculate the list of all peering vcn cidr ranges + peering_vcns = [for n in null_resource.peering_vcns : n.triggers.network_cidr] + + # calculate the list of all tenant vcn cidr ranges + tenant_vcns = [for n in null_resource.tenant_vcns : n.triggers.network_cidr] + + # calculate list of list groups tenanct vcns by peering vcn index + tenant_vcns_per_peering_vcn = chunklist(local.tenant_vcns, var.local_peering_gateways_per_tenany_peering_vcn) +} + +resource null_resource "peering_vcns" { + count = local.number_of_peering_vcns + + triggers = { + network_cidr = cidrsubnet(var.tenant_peering_vcn_meta_cidr, local.tenant_peering_vcn_newbits, count.index) + } +} + +resource null_resource "tenant_vcns" { + count = var.number_of_tenants + + triggers = { + network_cidr = cidrsubnet(var.tenant_vcn_meta_cidr, local.tenant_vcn_newbits, var.tenant_vcn_starting_block + count.index) + } +} + diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%network_calculator%outputs.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%network_calculator%outputs.tf new file mode 100644 index 0000000..b3e8ab1 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%network_calculator%outputs.tf @@ -0,0 +1,17 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +output peering_vcns { + description = "list of peering vcn network cidrs" + value = local.peering_vcns +} + +output tenant_vcns { + description = "list of tenant vcn network cidrs" + value = local.tenant_vcns +} + +output tenant_vcns_per_peering_vcn { + description = "list tenant vcn network cidrs grouped by peering vcn index" + value = local.tenant_vcns_per_peering_vcn +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%network_calculator%variables.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%network_calculator%variables.tf new file mode 100644 index 0000000..5197fb5 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%network_calculator%variables.tf @@ -0,0 +1,51 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +variable routing_instances_subnet_cidr { + type = string + description = "subnet cidr for the routing instances" +} + +variable tenant_peering_vcn_meta_cidr { + type = string + description = "netork cidr for that al tenant peering vcn must bee within" +} + +variable tenant_peering_vcn_mask { + type = number + description = "a minimum of /29 is needed for HA deployments" + default = 29 +} + +variable tenant_vcn_meta_cidr { + type = string + description = "network cidr that all tenant vcns must be within" +} + +variable tenant_vcn_mask { + type = number + description = "network mask for each tenant vcn" +} + +variable tenant_vcn_starting_block { + type = number + description = "first subnet cidr block in the meta range to allocate" + default = 0 +} + +variable peering_vcns_per_routing_instance { + type = number + description = "number of tenany peering VCNs per routing instance. i.e. number of secondard vnic attachments per instance" + default = 1 +} + +variable local_peering_gateways_per_tenany_peering_vcn { + type = number + description = "number of local peering gateways per tanenct peering vcn." + default = 10 +} + +variable number_of_tenants { + type = number + description = "number of tenant vcns to peer" +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%pacemaker_config%main.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%pacemaker_config%main.tf new file mode 100644 index 0000000..456efdd --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%pacemaker_config%main.tf @@ -0,0 +1,34 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +/* + * Generate Pacemaker configuration file modifiction commands + * + * TODO: module should support dynamic addition of extra secondary vNICs + */ + +locals { + pacemaker_config = [ + # TODO there is probably a cleaner way to do this, may need to create a standalone config file. + # this and error prone if the source file changes and doesn't support config changes + # + # inserts the following to `/usr/lib/ocf/resource.d/heartbeat/IPaddr2` starting at line 64 + "sudo sed -i '64i\\##### OCI vNIC variables\\' /usr/lib/ocf/resource.d/heartbeat/IPaddr2", + "sudo sed -i '65i\\server=\"`hostname -s`\"\\' /usr/lib/ocf/resource.d/heartbeat/IPaddr2", + "sudo sed -i '66i\\vrouter1vnic=\"${var.instance_a_primary_vnic_id}\"\\' /usr/lib/ocf/resource.d/heartbeat/IPaddr2", + "sudo sed -i '67i\\vrouter1vnicpod1=\"${var.instance_a_secondary_vnic_id}\"\\' /usr/lib/ocf/resource.d/heartbeat/IPaddr2", + "sudo sed -i '68i\\vrouter2vnic=\"${var.instance_b_primary_vnic_id}\"\\' /usr/lib/ocf/resource.d/heartbeat/IPaddr2", + "sudo sed -i '69i\\vrouter2vnicpod1=\"${var.instance_b_secondary_vnic_id}\"\\' /usr/lib/ocf/resource.d/heartbeat/IPaddr2", + "sudo sed -i '70i\\vnicip=\"${var.floating_ip}\"\\' /usr/lib/ocf/resource.d/heartbeat/IPaddr2", + "sudo sed -i '71i\\vnicippod1=\"${var.floating_secondary_ip}\"\\' /usr/lib/ocf/resource.d/heartbeat/IPaddr2", + + "sudo sed -i '614i\\##### OCI/IPaddr Integration\\' /usr/lib/ocf/resource.d/heartbeat/IPaddr2", + "sudo sed -i '615i\\ if [ $server = \"${var.hostname}a\" ]; then\\' /usr/lib/ocf/resource.d/heartbeat/IPaddr2", + "sudo sed -i '616i\\ /home/opc/bin/oci network vnic assign-private-ip --unassign-if-already-assigned --vnic-id $vrouter1vnic --ip-address $vnicip --auth instance_principal\\' /usr/lib/ocf/resource.d/heartbeat/IPaddr2", + "sudo sed -i '617i\\ /home/opc/bin/oci network vnic assign-private-ip --unassign-if-already-assigned --vnic-id $vrouter1vnicpod1 --ip-address $vnicippod1 --auth instance_principal\\' /usr/lib/ocf/resource.d/heartbeat/IPaddr2", + "sudo sed -i '618i\\ else \\' /usr/lib/ocf/resource.d/heartbeat/IPaddr2", + "sudo sed -i '619i\\ /home/opc/bin/oci network vnic assign-private-ip --unassign-if-already-assigned --vnic-id $vrouter2vnic --ip-address $vnicip --auth instance_principal\\' /usr/lib/ocf/resource.d/heartbeat/IPaddr2", + "sudo sed -i '620i\\ /home/opc/bin/oci network vnic assign-private-ip --unassign-if-already-assigned --vnic-id $vrouter2vnicpod1 --ip-address $vnicippod1 --auth instance_principal\\' /usr/lib/ocf/resource.d/heartbeat/IPaddr2", + "sudo sed -i '621i\\ fi \\' /usr/lib/ocf/resource.d/heartbeat/IPaddr2", + ] +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%pacemaker_config%outputs.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%pacemaker_config%outputs.tf new file mode 100644 index 0000000..7d67c1e --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%pacemaker_config%outputs.tf @@ -0,0 +1,7 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +output config { + description = "list of commands to update the pacemaker config file" + value = local.pacemaker_config +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%pacemaker_config%variables.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%pacemaker_config%variables.tf new file mode 100644 index 0000000..df71f86 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%pacemaker_config%variables.tf @@ -0,0 +1,37 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +variable hostname { + type = string + description = "the HA hostname, i.e the hostname of the floating ip " +} + +variable instance_a_primary_vnic_id { + type = string + description = "ocid of the primary vnic of the first instance in the cluster" +} + +variable instance_a_secondary_vnic_id { + type = string + description = "ocid of the secondary vnic of the first instance in the cluster" +} + +variable instance_b_primary_vnic_id { + type = string + description = "ocid of the primary vnic of the second instance in the cluster" +} + +variable instance_b_secondary_vnic_id { + type = string + description = "ocid of the secondary vnic of the second instance in the cluster" +} + +variable floating_ip { + type = string + description = "the floating ip for the primary vnics" +} + +variable floating_secondary_ip { + type = string + description = "the floating ip for the secondary vnics" +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%peering_network%main.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%peering_network%main.tf new file mode 100644 index 0000000..979e5de --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%peering_network%main.tf @@ -0,0 +1,101 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +/* + * Create a tenant peering network used for routing between the management VCN and + * the locally peering tenant VCNs + */ + +# Peering VCN +resource oci_core_vcn peering_vcn { + compartment_id = var.compartment_id + display_name = var.vcn_name + dns_label = var.dns_label + cidr_block = var.vcn_cidr_block + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags +} + +# Local Peering Gateways (one per peering Tenant VCN) +resource oci_core_local_peering_gateway peering_gateways { + count = var.local_peering_gateways_per_vcn + compartment_id = var.compartment_id + vcn_id = oci_core_vcn.peering_vcn.id + display_name = "${var.vcn_name} local peering gateway ${count.index + 1}" + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags +} + +# Peering Route Table +resource oci_core_route_table peering_route_table { + compartment_id = var.compartment_id + vcn_id = oci_core_vcn.peering_vcn.id + display_name = var.peering_rte_name + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags + + # TODO use dynamic nested block with for_each to create route_rules + route_rules { + destination_type = "CIDR_BLOCK" + destination = var.tenant_vcn_cidr_blocks[0] + network_entity_id = oci_core_local_peering_gateway.peering_gateways[0].id + } + + route_rules { + destination_type = "CIDR_BLOCK" + destination = var.tenant_vcn_cidr_blocks[1] + network_entity_id = oci_core_local_peering_gateway.peering_gateways[1].id + } +} + +# Peering Network Security List +resource oci_core_security_list peering_security_list { + compartment_id = var.compartment_id + vcn_id = oci_core_vcn.peering_vcn.id + display_name = var.peering_sec_list + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags + + // allow outbound tcp traffic on all ports + egress_security_rules { + destination = "0.0.0.0/0" + protocol = "6" + } + + // allow inbound icmp traffic of a specific type + ingress_security_rules { + protocol = 1 + source = "0.0.0.0/0" + } + + // allow inbound nagios traffic + # TODO move to a nagios network security group + ingress_security_rules { + tcp_options { + min = "5666" + max = "5666" + } + protocol = "6" + source = "0.0.0.0/0" + } +} + +/* + * SUBNETS + */ + +# Peering Subnet +resource oci_core_subnet peering_subnet { + compartment_id = var.compartment_id + vcn_id = oci_core_vcn.peering_vcn.id + display_name = var.peering_subnet_name + dns_label = var.peering_subnet_dns_label + cidr_block = var.peering_subnet_cidr + route_table_id = oci_core_route_table.peering_route_table.id + security_list_ids = [ + oci_core_vcn.peering_vcn.default_security_list_id, + oci_core_security_list.peering_security_list.id + ] + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%peering_network%outputs.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%peering_network%outputs.tf new file mode 100644 index 0000000..6e901f3 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%peering_network%outputs.tf @@ -0,0 +1,17 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +output peering_vcn { + description = "the peering vcn `oci_core_vcn` resource" + value = oci_core_vcn.peering_vcn +} + +output peering_subnet { + description = "the peering subnet `oci_core_subnet` resource" + value = oci_core_subnet.peering_subnet +} + +output peering_gateway_ids { + description = "list of local peering gateway ocids" + value = [for lpg in oci_core_local_peering_gateway.peering_gateways : lpg.id] +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%peering_network%variables.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%peering_network%variables.tf new file mode 100644 index 0000000..68dc32a --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%peering_network%variables.tf @@ -0,0 +1,77 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +variable compartment_id { + type = string + description = "compartment for the peering network resources" +} + +variable vcn_name { + type = string + description = "name of the peering vcn" +} + +variable dns_label { + type = string + description = "dns label for the peering vcn" + default = null +} + +variable vcn_cidr_block { + type = string + description = "network cidr for the peering VCN" +} + +variable freeform_tags { + type = map + description = "map of freeform tags to apply to all resources created by this module" + default = {} +} + +variable defined_tags { + type = map + description = "map of defined tags to apply to all resources created by this module" + default = {} +} + +variable peering_rte_name { + type = string + description = "display name for the peering route table" + default = "peering_rte" +} + +variable peering_sec_list { + type = string + description = "display name for the peering network security list" + default = "peering_sec_list" +} + +variable tenant_vcn_cidr_blocks { + type = list + description = "list of tenant vcn cidr blocks" +} + +variable peering_subnet_name { + type = string + description = "display name for the peering route table" + default = "peering subnet" +} + +variable peering_subnet_dns_label { + type = string + description = "dns label for the peering subnet" + default = "peering" +} + +variable peering_subnet_cidr { + type = string + description = "network cidr range for the peering subnet" +} + +variable local_peering_gateways_per_vcn { + type = number + description = "number of local peering gateways per peering vcn" + default = 10 +} + + diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_instance%main.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_instance%main.tf new file mode 100644 index 0000000..faea5ae --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_instance%main.tf @@ -0,0 +1,53 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +/* + * Create a single (non HA) routing instance used to route traffic between the management + * and tenant peering networks + */ + +resource oci_core_instance routing_server { + availability_domain = var.availability_domain + compartment_id = var.compartment_id + display_name = var.display_name + hostname_label = var.hostname_label + + source_details { + source_type = "image" + source_id = var.source_id + } + + shape = var.shape + + metadata = { + ssh_authorized_keys = file(var.remote_ssh_public_key_file) + } + + create_vnic_details { + subnet_id = var.subnet_id + assign_public_ip = false + hostname_label = var.hostname_label + skip_source_dest_check = true + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags + } + + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags + + connection { + type = "ssh" + host = oci_core_instance.routing_server.private_ip + user = "opc" + private_key = file(var.remote_ssh_private_key_file) + + bastion_host = var.bastion_ip + bastion_user = "opc" + bastion_private_key = file(var.bastion_ssh_private_key_file) + } +} + +data "oci_core_private_ips" "routing_ip" { + ip_address = oci_core_instance.routing_server.private_ip + subnet_id = var.subnet_id +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_instance%outputs.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_instance%outputs.tf new file mode 100644 index 0000000..88e815d --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_instance%outputs.tf @@ -0,0 +1,17 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +output instance { + description = "the instance `oci_core_instance` resource" + value = oci_core_instance.routing_server +} + +output routing_ip { + description = "the routing instance ip address" + value = data.oci_core_private_ips.routing_ip.private_ips[0] +} + +output hostname_label { + description = "the routing instance hostname" + value = var.hostname_label +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_instance%variables.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_instance%variables.tf new file mode 100644 index 0000000..43bbad1 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_instance%variables.tf @@ -0,0 +1,74 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +variable display_name { + type = string + description = "name of routing instance" +} + +variable hostname_label { + type = string + description = "hostname label" +} + +variable freeform_tags { + type = map + description = "map of freeform tags to apply to all resources created by this module" + default = {} +} + +variable defined_tags { + type = map + description = "map of defined tags to apply to all resources created by this module" + default = {} +} + +variable compartment_id { + type = string + description = "ocid of the compartment to provision the resources in" +} + +variable source_id { + type = string + description = "ocid of the image to provision the routing instance with" +} + +variable subnet_id { + type = string + description = "ocid of the subnet to provision the routing instance in" +} + +variable availability_domain { + type = string + description = "the availability downmain to provision the routing instance in" +} + +# TODO rename to `bastion_host` for consistency +variable bastion_ip { + type = string + description = "host name or ip address of the bastion host for provisioning" +} + +variable shape { + type = string + description = "oci instance shape" + default = "VM.Standard1.4" +} + +variable bastion_ssh_private_key_file { + type = string + description = "the private ssh key file to access the bastion instance" + default = "~/.ssh/id_rsa" +} + +variable remote_ssh_private_key_file { + type = string + description = "the private ssh key to provision on the bastion host for access to remote instances" + default = "~/.ssh/id_rsa" +} + +variable remote_ssh_public_key_file { + type = string + description = "the public ssh key to provision on the bastion host for access to remote instances" + default = "~/.ssh/id_rsa.pub" +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_instance_ha%data_sources.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_instance_ha%data_sources.tf new file mode 100644 index 0000000..c0a109d --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_instance_ha%data_sources.tf @@ -0,0 +1,17 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +data oci_core_subnet subnet { + subnet_id = var.subnet_id +} + +data "oci_identity_fault_domains" "fault_domains" { + availability_domain = var.availability_domain + compartment_id = var.compartment_id +} + +locals { + vcn_id = data.oci_core_subnet.subnet.vcn_id + cidr_netmask = split("/", data.oci_core_subnet.subnet.cidr_block)[1] +} + diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_instance_ha%main.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_instance_ha%main.tf new file mode 100644 index 0000000..accd736 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_instance_ha%main.tf @@ -0,0 +1,159 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +/* + * Create a highly available routing instance cluster used to route traffic between the management + * and tenant peering networks with two instances and a floating ip. Pacemaker and Corosync are + * used for clustering and failover. + * + * The instance requires instance principles policy to enable routes to be updated using the oci cli + */ + +locals { + # commands to install and configure the OCI cli on the instances + oci_cli_install = [ + "curl -L https://raw.githubusercontent.com/oracle/oci-cli/master/scripts/install/install.sh | bash -s -- --accept-all-defaults", + "sudo ln ~/bin/oci /usr/local/bin/oci", + "mkdir ~/.oci", + "echo '[DEFAULT]' > ~/.oci/config", + "echo 'tenancy=${var.tenancy_id}' >> ~/.oci/config", + "echo 'region=${var.region}' >> ~/.oci/config", + "chmod 600 ~/.oci/config", + ] +} + +data "oci_core_private_ips" "routing_server_a_private_ip" { + ip_address = oci_core_instance.routing_server_a.create_vnic_details[0].private_ip + subnet_id = oci_core_instance.routing_server_a.create_vnic_details[0].subnet_id +} + +data "oci_core_private_ips" "routing_server_b_private_ip" { + ip_address = oci_core_instance.routing_server_b.create_vnic_details[0].private_ip + subnet_id = oci_core_instance.routing_server_b.create_vnic_details[0].subnet_id +} + +# floating ip assigned to the cluster +resource "oci_core_private_ip" "floating_ip" { + vnic_id = data.oci_core_private_ips.routing_server_a_private_ip.private_ips[0].vnic_id + hostname_label = var.hostname_label + + lifecycle { + ignore_changes = [ + # ignore changes to vnic_id as it can be moved dynamically for HA failover + vnic_id, + ] + } +} + +# the first instance in the HA cluster +resource oci_core_instance routing_server_a { + availability_domain = var.availability_domain + compartment_id = var.compartment_id + display_name = "${var.display_name}a" + + source_details { + source_type = "image" + source_id = var.source_id + } + + shape = var.shape + fault_domain = data.oci_identity_fault_domains.fault_domains.fault_domains[0].name + + metadata = { + ssh_authorized_keys = file(var.remote_ssh_public_key_file) + } + + create_vnic_details { + subnet_id = var.subnet_id + assign_public_ip = false + hostname_label = "${var.hostname_label}a" + skip_source_dest_check = true + + nsg_ids = [ + oci_core_network_security_group.pacemaker.id + ] + + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags + } + + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags + + connection { + type = "ssh" + host = self.private_ip + user = "opc" + private_key = file(var.remote_ssh_private_key_file) + + bastion_host = var.bastion_ip + bastion_user = "opc" + bastion_private_key = file(var.bastion_ssh_private_key_file) + } + + # install and configure oci cli tool + provisioner remote-exec { + inline = local.oci_cli_install + } + + # install pacemaker + provisioner remote-exec { + inline = local.pacemaker_install + } +} + +# the second instance in the HA cluster +resource oci_core_instance routing_server_b { + availability_domain = var.availability_domain + compartment_id = var.compartment_id + display_name = "${var.display_name}b" + + source_details { + source_type = "image" + source_id = var.source_id + } + + shape = var.shape + fault_domain = data.oci_identity_fault_domains.fault_domains.fault_domains[1].name + + metadata = { + ssh_authorized_keys = file(var.remote_ssh_public_key_file) + } + + create_vnic_details { + subnet_id = var.subnet_id + assign_public_ip = false + hostname_label = "${var.hostname_label}b" + skip_source_dest_check = true + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags + + nsg_ids = [ + oci_core_network_security_group.pacemaker.id + ] + } + + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags + + connection { + type = "ssh" + host = self.private_ip + user = "opc" + private_key = file(var.remote_ssh_private_key_file) + + bastion_host = var.bastion_ip + bastion_user = "opc" + bastion_private_key = file(var.bastion_ssh_private_key_file) + } + + # install and configure oci cli tool + provisioner remote-exec { + inline = local.oci_cli_install + } + + # install pacemaker + provisioner remote-exec { + inline = local.pacemaker_install + } +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_instance_ha%outputs.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_instance_ha%outputs.tf new file mode 100644 index 0000000..41411ea --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_instance_ha%outputs.tf @@ -0,0 +1,35 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +output instance { + description = "the instanace `oci_core_instance` resource of the initial active instance in the HA cluster" + value = oci_core_instance.routing_server_a +} + +output instance_a { + description = "the instanace `oci_core_instance` resource of the first instance" + value = oci_core_instance.routing_server_a +} + +output instance_b { + description = "the instanace `oci_core_instance` resource of the second instance" + value = oci_core_instance.routing_server_b +} + +output routing_ip { + description = "the floating ip for the routing HA cluster" + value = oci_core_private_ip.floating_ip +} + +output instance_vnics { + description = "the list primary vnics for the routing instances" + value = [ + data.oci_core_private_ips.routing_server_a_private_ip.private_ips[0].vnic_id, + data.oci_core_private_ips.routing_server_b_private_ip.private_ips[0].vnic_id, + ] +} + +output hostname_label { + description = "the common hostname for the floating ip" + value = var.hostname_label +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_instance_ha%pacemaker.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_instance_ha%pacemaker.tf new file mode 100644 index 0000000..917818c --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_instance_ha%pacemaker.tf @@ -0,0 +1,128 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +locals { + # commands to be run on all nodes in the cluster + pacemaker_install = [ + "set -x", + "sudo yum -y install pacemaker pcs resource-agents", + "sudo systemctl start pcsd.service", + "sudo systemctl enable pcsd.service", + "sudo systemctl enable pacemaker", + "sudo systemctl enable corosync", + "echo '${var.hacluster_password}' | sudo passwd --stdin hacluster", + "sudo firewall-cmd --permanent --add-service=high-availability", + "sudo firewall-cmd --reload", + ] +} + +# bootstrap the cluster on the primary node +resource null_resource pacemaker_bootstrap { + + triggers = { + primary_host_id = oci_core_instance.routing_server_a.id + secondary_host_id = oci_core_instance.routing_server_b.id + hostname_label = var.hostname_label + hacluster_password = var.hacluster_password + ip_address = oci_core_private_ip.floating_ip.ip_address + monitor_interval = var.monitor_interval + } + + connection { + type = "ssh" + host = oci_core_instance.routing_server_a.private_ip + user = "opc" + private_key = file(var.remote_ssh_private_key_file) + + bastion_host = var.bastion_ip + bastion_user = "opc" + bastion_private_key = file(var.bastion_ssh_private_key_file) + } + + provisioner remote-exec { + inline = [ + "set -x", + "sudo pcs cluster auth ${var.hostname_label}a ${var.hostname_label}b -u hacluster -p '${var.hacluster_password}' --force", + "sudo pcs cluster setup --force --name pacemaker1 ${var.hostname_label}a ${var.hostname_label}b", + "sudo pcs cluster start --all", + "sudo pcs property set stonith-enabled=false", + "sudo pcs property set no-quorum-policy=ignore", + "sudo pcs resource defaults migration-threshold=1", + "sudo pcs resource create Cluster_VIP ocf:heartbeat:IPaddr2 ip=${oci_core_private_ip.floating_ip.ip_address} cidr_netmask=${local.cidr_netmask} op monitor interval=${var.monitor_interval}s", + ] + } +} + + +# TODO: NSG only needs to be created once for the VCN + +# Pacemaker uses: TCP ports 2224, 3121, and 21064, and UDP port 5405 +resource oci_core_network_security_group pacemaker { + compartment_id = var.compartment_id + vcn_id = local.vcn_id + display_name = "Pacemaker" +} + +resource "oci_core_network_security_group_security_rule" "tcp2224" { + network_security_group_id = oci_core_network_security_group.pacemaker.id + + description = "Pacemaker TCP 2224" + direction = "INGRESS" + protocol = 6 + source_type = "NETWORK_SECURITY_GROUP" + source = oci_core_network_security_group.pacemaker.id + tcp_options { + destination_port_range { + min = 2224 + max = 2224 + } + } +} + +resource "oci_core_network_security_group_security_rule" "tcp3121" { + network_security_group_id = oci_core_network_security_group.pacemaker.id + + description = "Pacemaker TCP 3121" + direction = "INGRESS" + protocol = 6 + source_type = "NETWORK_SECURITY_GROUP" + source = oci_core_network_security_group.pacemaker.id + tcp_options { + destination_port_range { + min = 3121 + max = 3121 + } + } +} + +resource "oci_core_network_security_group_security_rule" "tcp21064" { + network_security_group_id = oci_core_network_security_group.pacemaker.id + + description = "Pacemaker TCP 21064" + direction = "INGRESS" + protocol = 6 + source_type = "NETWORK_SECURITY_GROUP" + source = oci_core_network_security_group.pacemaker.id + tcp_options { + destination_port_range { + min = 21064 + max = 21064 + } + } +} + +resource "oci_core_network_security_group_security_rule" "udp5405" { + network_security_group_id = oci_core_network_security_group.pacemaker.id + + description = "Pacemaker UDP 5405" + direction = "INGRESS" + protocol = 17 + source_type = "NETWORK_SECURITY_GROUP" + source = oci_core_network_security_group.pacemaker.id + udp_options { + destination_port_range { + min = 5405 + max = 5405 + } + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_instance_ha%variables.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_instance_ha%variables.tf new file mode 100644 index 0000000..254f54b --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_instance_ha%variables.tf @@ -0,0 +1,97 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +variable display_name { + type = string + description = "name of routing instance" +} + +variable hostname_label { + type = string + description = "hostname label" +} + +variable freeform_tags { + type = map + description = "map of freeform tags to apply to all resources created by this module" + default = {} +} + +variable defined_tags { + type = map + description = "map of defined tags to apply to all resources created by this module" + default = {} +} + +variable tenancy_id { + type = string + description = "oci tenancy ocid" +} + +variable region { + type = string + description = "oci region" +} + +variable compartment_id { + type = string + description = "ocid of the compartment to provision the resources in" +} + +variable source_id { + type = string + description = "ocid of the image to provision the routing instance with" +} + +variable subnet_id { + type = string + description = "ocid of the subnet to provision the routing instance in" +} + +variable availability_domain { + type = string + description = "the availability downmain to provision the routing instance in" +} + +# TODO rename to `bastion_host` for consistency +variable bastion_ip { + type = string + description = "host name or ip address of the bastion host for provisioning" +} + +variable shape { + type = string + description = "oci instance shape" + default = "VM.Standard2.1" +} + +variable bastion_ssh_private_key_file { + type = string + description = "the private ssh key file to access the bastion instance" + default = "~/.ssh/id_rsa" +} + +variable remote_ssh_private_key_file { + type = string + description = "the private ssh key to provision on the bastion host for access to remote instances" + default = "~/.ssh/id_rsa" +} + +variable remote_ssh_public_key_file { + type = string + description = "the public ssh key to provision on the bastion host for access to remote instances" + default = "~/.ssh/id_rsa.pub" +} + +variable hacluster_password { + type = string + description = "password for the HA cluster (must be at least 8 characters containing uppercase, lowercase, digits, and non-alphanumeric characters)" + # values that do not meet the required password criteria will generate the following error during provisioning: + # `passwd: Have exhausted maximum number of retries for service` +} + +variable monitor_interval { + type = number + description = "cluster monitor interval in seconds" + default = 20 +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_vnic_attachment%main.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_vnic_attachment%main.tf new file mode 100644 index 0000000..d4d33a6 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_vnic_attachment%main.tf @@ -0,0 +1,59 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +/* + * Create a vNIC attachment and run the required vNIC configuration commands on the instance. + */ + +resource oci_core_vnic_attachment routing_vnic_attachmment { + instance_id = var.instance_id + + create_vnic_details { + subnet_id = var.subnet_id + display_name = var.display_name + hostname_label = var.hostname_label + + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags + + assign_public_ip = false + skip_source_dest_check = true + } + + connection { + type = "ssh" + host = var.ssh_host + user = "opc" + private_key = file(var.remote_ssh_private_key_file) + + bastion_host = var.bastion_host + bastion_user = "opc" + bastion_private_key = file(var.bastion_ssh_private_key_file) + } + + provisioner remote-exec { + inline = [ + "set -x", + "# run the vnic configuration script", + "curl -o secondary_vnic_all_configure.sh ${var.secondary_vnic_configuration_script_url}", + "chmod a+x secondary_vnic_all_configure.sh", + "while [ \"$(curl --silent -L http://169.254.169.254/opc/v1/vnics | jq '.[] | select(.vnicId==\"${self.vnic_id}\") != null')\" != \"true\" ]", + "do", + " echo waiting for interface to be ready", + " sleep 1", + "done", + "sudo ./secondary_vnic_all_configure.sh -c", + "# ENABLE IP FORWARDING", + "echo 'net.ipv4.ip_forward = 1' | sudo tee /etc/sysctl.d/98-ip-forward.conf", + "sudo sysctl -p /etc/sysctl.d/98-ip-forward.conf", + "#configure for persisting on reboot", + "ifacename=`sudo /home/opc/secondary_vnic_all_configure.sh | grep \"${self.vnic_id}\" | tr -s \" \" | cut -d' ' -f8`", + "var.secondary_iface_name=$ifacename", + "ifaceipaddr=`sudo /home/opc/secondary_vnic_all_configure.sh | grep \"${self.vnic_id}\" | tr -s \" \" | cut -d' ' -f2`", + "echo -e \"DEVICE=$ifacename\nBOOTPROTO=static\nIPADDR=$ifaceipaddr\nNETMASK=255.255.255.248\nONBOOT=yes\n\" | sudo tee /etc/sysconfig/network-scripts/ifcfg-$ifacename", + "# ENABLE NAT", + "sudo firewall-offline-cmd --add-masquerade", + "sudo systemctl restart firewalld", + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_vnic_attachment%outputs.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_vnic_attachment%outputs.tf new file mode 100644 index 0000000..3297d4f --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_vnic_attachment%outputs.tf @@ -0,0 +1,7 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +output routing_secondary_vnic_id { + description = "ocid of the vnic attachment" + value = oci_core_vnic_attachment.routing_vnic_attachmment.vnic_id +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_vnic_attachment%variables.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_vnic_attachment%variables.tf new file mode 100644 index 0000000..1757852 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%routing_vnic_attachment%variables.tf @@ -0,0 +1,67 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +variable compartment_id { + type = string + description = "ocid of the compartment to provision the resources in" +} + +variable display_name { + type = string + description = "name of routing vnic attachment" +} + +variable hostname_label { + type = string + description = "hostname label to assign to the vnic, must be unique within the subnet" +} + +variable bastion_host { + type = string + description = "host name or ip address of the bastion host for provisioning" +} + +variable bastion_ssh_private_key_file { + type = string + description = "the private ssh key file to access the bastion instance" + default = "~/.ssh/id_rsa" +} + +variable remote_ssh_private_key_file { + type = string + description = "the private ssh key to provision on the bastion host for access to remote instances" + default = "~/.ssh/id_rsa" +} + +variable ssh_host { + type = string + description = "host name or ip address of the instance to configure" +} + +variable subnet_id { + type = string + description = "the subnet to attach the vnic to" +} +variable instance_id { + type = string + description = "the instance to attach the vnic to" +} + +variable secondary_vnic_configuration_script_url { + type = string + description = "location of the secondary_vnic_all_configure.sh script to be run when attaching a new secondary vnic to an instance" + default = "https://docs.cloud.oracle.com/iaas/Content/Resources/Assets/secondary_vnic_all_configure.sh" + # see https://docs.cloud.oracle.com/iaas/Content/Network/Tasks/managingVNICs.htm#linux +} + +variable freeform_tags { + type = map + description = "map of freeform tags to apply to all resources created by this module" + default = {} +} + +variable defined_tags { + type = map + description = "map of defined tags to apply to all resources created by this module" + default = {} +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%tenant_instance%main.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%tenant_instance%main.tf new file mode 100644 index 0000000..e367a4b --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%tenant_instance%main.tf @@ -0,0 +1,46 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +/* + * Example tenant application instance + */ + +resource oci_core_instance tenant_appserver { + availability_domain = var.availability_domain + compartment_id = var.compartment_id + display_name = var.display_name + hostname_label = var.hostname_label + + source_details { + source_type = "image" + source_id = var.source_id + } + + shape = var.shape + + metadata = { + ssh_authorized_keys = file(var.remote_ssh_public_key_file) + } + + create_vnic_details { + subnet_id = var.subnet_id + assign_public_ip = false + hostname_label = var.hostname_label + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags + } + + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags + + connection { + type = "ssh" + host = oci_core_instance.routing_server.private_ip + user = "opc" + private_key = file(var.remote_ssh_private_key_file) + + bastion_host = var.bastion_ip + bastion_user = "opc" + bastion_private_key = file(var.bastion_ssh_private_key_file) + } +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%tenant_instance%outputs.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%tenant_instance%outputs.tf new file mode 100644 index 0000000..9d0f2da --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%tenant_instance%outputs.tf @@ -0,0 +1,7 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +output instance_ip { + description = "ip address of the tenant application instance" + value = oci_core_instance.tenant_appserver.private_ip +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%tenant_instance%variables.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%tenant_instance%variables.tf new file mode 100644 index 0000000..6e68444 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%tenant_instance%variables.tf @@ -0,0 +1,76 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +variable display_name { + type = string + description = "root compartment for the individual tenant compartments" + default = "appserver" +} + +variable hostname_label { + type = string + description = "compartment name" + default = "appserver" +} + +variable freeform_tags { + type = map + description = "map of freeform tags to apply to all resources created by this module" + default = {} +} + +variable defined_tags { + type = map + description = "map of defined tags to apply to all resources created by this module" + default = {} +} + +variable compartment_id { + type = string + description = "ocid of the compartment to provision the resources in" +} + +variable source_id { + type = string + description = "ocid of the image to provision the tenant instance with" +} + +variable subnet_id { + type = string + description = "ocid of the subnet to provision the tenant instance in" +} + +variable availability_domain { + type = string + description = "the availability downmain to provision the tenant instance in" +} + +# TODO rename to `bastion_host` for consistency +variable bastion_ip { + type = string + description = "host name or ip address of the bastion host for provisioning" +} + +variable shape { + type = string + description = "oci instance shape" + default = "VM.Standard1.4" +} + +variable bastion_ssh_private_key_file { + type = string + description = "the private ssh key file to access the bastion instance" + default = "~/.ssh/id_rsa" +} + +variable remote_ssh_private_key_file { + type = string + description = "the private ssh key to provision on the bastion host for access to remote instances" + default = "~/.ssh/id_rsa" +} + +variable remote_ssh_public_key_file { + type = string + description = "the public ssh key to provision on the bastion host for access to remote instances" + default = "~/.ssh/id_rsa.pub" +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%tenant_network%main.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%tenant_network%main.tf new file mode 100644 index 0000000..924d7ff --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%tenant_network%main.tf @@ -0,0 +1,189 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +/* + * Create a VCN and related resources for tenant deployments + */ + +# Tenant VCN +resource oci_core_vcn tenant_vcn { + compartment_id = var.compartment_id + display_name = var.vcn_name + dns_label = var.dns_label + cidr_block = var.vcn_cidr_block + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags +} + +# Internet Gateway +resource oci_core_internet_gateway tenant_igw { + compartment_id = var.compartment_id + vcn_id = oci_core_vcn.tenant_vcn.id + display_name = var.igw_name + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags +} + +# NAT Gateway +resource oci_core_nat_gateway tenant_nat { + compartment_id = var.compartment_id + vcn_id = oci_core_vcn.tenant_vcn.id + display_name = var.nat_name + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags +} + +# Local Peering Gateway +resource oci_core_local_peering_gateway tenant_peering_gateway { + compartment_id = var.compartment_id + vcn_id = oci_core_vcn.tenant_vcn.id + peer_id = var.peering_lpg_id + display_name = var.vcn_name + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags +} + +# Public Subnet Route Table +resource oci_core_route_table public_route_table { + compartment_id = var.compartment_id + vcn_id = oci_core_vcn.tenant_vcn.id + display_name = var.public_rte_name + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags + + // internet access through internet gateway + route_rules { + destination = "0.0.0.0/0" + network_entity_id = oci_core_internet_gateway.tenant_igw.id + } + + // route to peering network + route_rules { + destination_type = "CIDR_BLOCK" + destination = var.tenant_peering_subnet_cidr + network_entity_id = oci_core_local_peering_gateway.tenant_peering_gateway.id + } + + // route to management network + route_rules { + destination_type = "CIDR_BLOCK" + destination = var.management_peering_subnet_cidr + network_entity_id = oci_core_local_peering_gateway.tenant_peering_gateway.id + } +} + +# Private Subnet Route Table +resource oci_core_route_table private_route_table { + compartment_id = var.compartment_id + vcn_id = oci_core_vcn.tenant_vcn.id + display_name = var.private_rte_name + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags + // internet access through nat gateway + route_rules { + destination = "0.0.0.0/0" + network_entity_id = oci_core_nat_gateway.tenant_nat.id + } + + // route to peering network + route_rules { + destination_type = "CIDR_BLOCK" + destination = var.tenant_peering_subnet_cidr + network_entity_id = oci_core_local_peering_gateway.tenant_peering_gateway.id + } + + // route to management network + route_rules { + destination_type = "CIDR_BLOCK" + destination = var.management_peering_subnet_cidr + network_entity_id = oci_core_local_peering_gateway.tenant_peering_gateway.id + } +} + +# Public Subnet Network Security List +resource oci_core_security_list public_security_list { + compartment_id = var.compartment_id + vcn_id = oci_core_vcn.tenant_vcn.id + display_name = var.tenant_public_sec_list + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags + + // allow outbound tcp traffic on all ports + egress_security_rules { + destination = "0.0.0.0/0" + protocol = "6" + } + + // allow inbound icmp traffic of a specific type + ingress_security_rules { + protocol = 1 + source = "0.0.0.0/0" + } +} + +# Private Subnet Network Security List +resource oci_core_security_list private_security_list { + compartment_id = var.compartment_id + vcn_id = oci_core_vcn.tenant_vcn.id + display_name = var.tenant_private_sec_list + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags + // allow outbound tcp traffic on all ports + egress_security_rules { + destination = "0.0.0.0/0" + protocol = "6" + } + + // allow inbound icmp traffic of a specific type + ingress_security_rules { + protocol = 1 + source = "0.0.0.0/0" + } + + // allow inbound NRPE traffic + ingress_security_rules { + tcp_options { + min = "5666" + max = "5666" + } + protocol = "6" + source = "0.0.0.0/0" + } +} + +/* + * SUBNETS + */ + +# Public Subnet +resource oci_core_subnet public_subnet { + compartment_id = var.compartment_id + vcn_id = oci_core_vcn.tenant_vcn.id + display_name = var.tenant_public_subnet_name + dns_label = var.tenant_public_subnet_dns_label + cidr_block = var.tenant_public_subnet_cidr + route_table_id = oci_core_route_table.public_route_table.id + security_list_ids = [ + oci_core_vcn.tenant_vcn.default_security_list_id, + oci_core_security_list.public_security_list.id + ] + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags +} + +# Private Subnet +resource oci_core_subnet private_subnet { + compartment_id = var.compartment_id + vcn_id = oci_core_vcn.tenant_vcn.id + display_name = var.tenant_private_subnet_name + dns_label = var.tenant_private_subnet_dns_label + cidr_block = var.tenant_private_subnet_cidr + route_table_id = oci_core_route_table.private_route_table.id + security_list_ids = [ + oci_core_vcn.tenant_vcn.default_security_list_id, + oci_core_security_list.private_security_list.id + ] + prohibit_public_ip_on_vnic = true + defined_tags = var.defined_tags + freeform_tags = var.freeform_tags +} diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%tenant_network%outputs.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%tenant_network%outputs.tf new file mode 100644 index 0000000..eb81b64 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%tenant_network%outputs.tf @@ -0,0 +1,17 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +output tenant_vcn { + description = "tenant vcn `oci_core_vcn` resource" + value = oci_core_vcn.tenant_vcn +} + +output tenant_private_subnet { + description = "tenant private subnet `oci_core_subnet` resource" + value = oci_core_subnet.private_subnet +} + +output tenant_public_subnet { + description = "tenant public subnet `oci_core_subnet` resource" + value = oci_core_subnet.public_subnet +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%tenant_network%variables.tf b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%tenant_network%variables.tf new file mode 100644 index 0000000..c437040 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%isv-single-tenant-vcn-isolation%modules%tenant_network%variables.tf @@ -0,0 +1,120 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +variable compartment_id { + type = string + description = "compartment for the tenant resources" +} + +variable vcn_name { + type = string + description = "display name for the tenant vcn" +} + +variable dns_label { + type = string + description = "dns label for the tenant vcn" +} + +variable vcn_cidr_block { + type = string + description = "network cidr for the tenant vcn" +} + +variable freeform_tags { + type = map + description = "map of freeform tags to apply to all resources created by this module" + default = {} +} + +variable defined_tags { + type = map + description = "map of defined tags to apply to all resources created by this module" + default = {} +} + +variable peering_lpg_id { + type = string + description = "ocid of the local peering gatewate in the peering vcn" +} + +variable igw_name { + type = string + description = "display name for the internet gateway" + default = "igw" +} + +variable nat_name { + type = string + description = "display name for the nat gateway" + default = "nat" +} + +variable public_rte_name { + type = string + description = "display name for public subnet route table" + default = "public_rte" +} + +variable private_rte_name { + type = string + description = "display name for private subnet route table" + default = "private_rte" +} + +variable tenant_public_sec_list { + type = string + description = "display name for the public subnet security list" + default = "tenant_public_sec_list" +} + +variable tenant_private_sec_list { + type = string + description = "display name for the public subnet security list" + default = "tenant_private_sec_list" +} + +variable tenant_public_subnet_name { + type = string + description = "display name for the public subnet" + default = "public subnet" +} + +variable tenant_public_subnet_dns_label { + type = string + description = "dns label for the public subnet " + default = "public" +} + +variable tenant_public_subnet_cidr { + type = string + description = "network cidr for the public subnet" +} + +variable tenant_private_subnet_name { + type = string + description = "display name for the private subnet" + default = "private subnet" +} + +variable tenant_private_subnet_dns_label { + type = string + description = "dns label for the private subnet" + default = "private" +} + +variable tenant_private_subnet_cidr { + type = string + description = "network cidr for the private subnet" +} + +variable management_peering_subnet_cidr { + type = string + description = "network cidr for the management peering subnet" +} + +variable tenant_peering_subnet_cidr { + type = string + description = "network cidr for the tenant peering subnet" +} + diff --git a/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%atp%autonomous.tf b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%atp%autonomous.tf new file mode 100644 index 0000000..768b0ab --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%atp%autonomous.tf @@ -0,0 +1,35 @@ +## Autonomous database +## Autonomous database +resource "oci_database_autonomous_database" "target_atp" { + compartment_id = var.compartment_id + display_name = var.display_name + db_name = var.db_name + db_workload = var.db_workload + is_free_tier = var.is_free_tier + db_version = var.db_version + cpu_core_count = var.cpu_core_count + data_storage_size_in_tbs = var.data_storage_size_in_tbs + admin_password = random_string.atp_admin_password.result + license_model = var.license_model +} + +resource "random_string" "atp_admin_password" { + length = 16 + min_upper = 1 + min_lower = 1 + min_numeric = 1 + min_special = 1 + override_special = "-%._" +} + +## ATP Wallet +resource "oci_database_autonomous_database_wallet" "wallet" { + autonomous_database_id = oci_database_autonomous_database.target_atp.id + password = random_string.atp_admin_password.result + base64_encode_content = true +} + +resource "local_file" "atp_wallet_file" { + content_base64 = oci_database_autonomous_database_wallet.wallet.content + filename = "${path.module}/atp_wallet.zip" +} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%atp%outputs.tf b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%atp%outputs.tf new file mode 100644 index 0000000..5fdddc5 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%atp%outputs.tf @@ -0,0 +1,6 @@ +output "ATP_generated_password" { + value = random_string.atp_admin_password.result +} +output "wallet" { + value = oci_database_autonomous_database_wallet.wallet.content +} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%atp%variables.tf b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%atp%variables.tf new file mode 100644 index 0000000..1ef39ea --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%atp%variables.tf @@ -0,0 +1,11 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +variable "compartment_id" {} +variable "display_name" {} +variable "db_name" {} +variable "db_workload" {} +variable "is_free_tier" {} +variable "db_version" {} +variable "cpu_core_count" {} +variable "data_storage_size_in_tbs" {} +variable "license_model" {} +variable "generate_type" {} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%availability_domain.tf b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%availability_domain.tf new file mode 100644 index 0000000..8057388 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%availability_domain.tf @@ -0,0 +1,8 @@ +data "oci_identity_availability_domains" "ads" { + compartment_id = var.compartment_ocid +} + +data "oci_identity_fault_domains" "fault_domains" { + availability_domain = data.oci_identity_availability_domains.ads.availability_domains[0].name + compartment_id = var.compartment_ocid +} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%block_volume%block_volume.tf b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%block_volume%block_volume.tf new file mode 100644 index 0000000..9d665e7 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%block_volume%block_volume.tf @@ -0,0 +1,9 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. + +resource "oci_core_volume" "block_volume" { + count = var.existing_volume_id != "" ? 0 : 1 + compartment_id = var.compartment_ocid + availability_domain = var.availability_domain + display_name = var.display_name + size_in_gbs = var.size_in_gbs +} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%block_volume%outputs.tf b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%block_volume%outputs.tf new file mode 100644 index 0000000..f54abe4 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%block_volume%outputs.tf @@ -0,0 +1,5 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. + +output "volume_id" { + value = "${var.existing_volume_id == "" ? join("", oci_core_volume.block_volume.*.id) : var.existing_volume_id}" +} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%block_volume%variables.tf b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%block_volume%variables.tf new file mode 100644 index 0000000..ae0e5e1 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%block_volume%variables.tf @@ -0,0 +1,10 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. + +variable "compartment_ocid" {} +variable "availability_domain" {} +variable "display_name" {} +variable "size_in_gbs" {} + +variable "existing_volume_id" { + default = "" +} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%locals.tf b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%locals.tf new file mode 100644 index 0000000..fca7fe4 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%locals.tf @@ -0,0 +1,10 @@ +// Copyright (c) 2020, Oracle and/or its affiliates. All rights reserved. + +locals { + mp_listing_id = "ocid1.appcataloglisting.oc1..aaaaaaaaink245czjbcjy6kauwcswrejh3zj6vhmuxsvasm3ymukxkugksaa" + mp_listing_resource_id = "ocid1.image.oc1..aaaaaaaaftlazxgiid6munx5yvxza7gi2nogs45wvbivsthzlwpekzsikmwq" + mp_listing_resource_version = "19.1.0.0.201013_v1.0" + mp_listing_id2 = "ocid1.appcataloglisting.oc1..aaaaaaaapvdqgl3dgkhmxdcdcxfa7jrmeq5vni6dmv3zhhmqwsnj2qwdy6fa" + mp_listing_resource_id2 = "ocid1.image.oc1..aaaaaaaay65ebdc7zge3z3fimpktuso35fdsgx6aoyk5rmu7za3oe7zf3cnq" + mp_listing_resource_version2 = "Oracle_GoldenGate_Microservices_Edition_19.1.0.0.201013_v1.1" +} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%main.tf b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%main.tf new file mode 100644 index 0000000..4e96694 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%main.tf @@ -0,0 +1,155 @@ +// Migrate Postgresql to ATP lab materials + +module "ogg_pgsql_swap_block_volume" { + source = "./block_volume" + compartment_ocid = "${var.compartment_ocid}" + availability_domain = data.oci_identity_availability_domains.ads.availability_domains[0].name + size_in_gbs = "${var.ogg_pgsql_swap_size_in_gbs}" + display_name = "${var.ogg_pgsql_bv_display_name} (Swap)" +} +module "ogg_pgsql_trails_block_volume" { + source = "./block_volume" + compartment_ocid = "${var.compartment_ocid}" + availability_domain = data.oci_identity_availability_domains.ads.availability_domains[0].name + size_in_gbs = "${var.ogg_pgsql_trails_size_in_gbs}" + display_name = "${var.ogg_pgsql_bv_display_name} (Trails)" + existing_volume_id = "${var.ogg_pgsql_trails_volume_id}" +} +module "ogg_pgsql_deployments_block_volume" { + source = "./block_volume" + compartment_ocid = "${var.compartment_ocid}" + availability_domain = data.oci_identity_availability_domains.ads.availability_domains[0].name + size_in_gbs = "${var.ogg_pgsql_deployments_size_in_gbs}" + display_name = "${var.ogg_pgsql_bv_display_name} (Deployments)" + existing_volume_id = "${var.ogg_pgsql_deployments_volume_id}" +} +module "ogg_pgsql_image" { + source = "./ogg_pgsqlimage" + compartment_ocid = "${var.image_compartment_id}" + market_image_id = "${local.mp_listing_resource_id}" + custom_image_name = "ogg-${var.ogg_pgsql_version}-${var.ogg_pgsql_edition}-${var.ogg_pgsql_dbms}" +} +module "source_pgsql" { + source = "./source_db" + compartment_id = "${var.compartment_ocid}" + availability_domain = data.oci_identity_availability_domains.ads.availability_domains[0].name + ssh_public_key = file("~/.ssh/oci.pub") + boot_size_in_gbs = "${var.source_pgsql_boot_size_in_gbs}" + display_name = "${var.source_pgsql_display_name}" + hostname_label = "${var.source_pgsql_hostname_label}" + compute_shape = "${var.source_pgsql_compute_shape}" + image_id = "${var.source_postgre_image_ocid[var.region]}" + subnet_id = oci_core_subnet.holvcn_public_subnet.id + assign_public_ip = "${var.source_pgsql_assign_public_ip}" +} + +module "ogg_pgsql_compute" { + source = "./ogg_pgsql" + compartment_id = "${var.compartment_ocid}" + availability_domain = data.oci_identity_availability_domains.ads.availability_domains[0].name + ssh_public_key = file("~/.ssh/oci.pub") + boot_size_in_gbs = "${var.ogg_pgsql_boot_size_in_gbs}" + display_name = "${var.ogg_pgsql_display_name}" + hostname_label = "${var.ogg_pgsql_hostname_label}" + compute_shape = "${var.ogg_pgsql_compute_shape}" + image_id = "${module.ogg_pgsql_image.image_id}" + swap_volume_id = "${module.ogg_pgsql_swap_block_volume.volume_id}" + trails_volume_id = "${module.ogg_pgsql_trails_block_volume.volume_id}" + deployments_volume_id = "${module.ogg_pgsql_deployments_block_volume.volume_id}" + subnet_id = oci_core_subnet.holvcn_public_subnet.id + assign_public_ip = "${var.ogg_pgsql_assign_public_ip}" + source_db = "${module.source_pgsql.Source_PGSQLDB_Public_ip}" +} + +module "ogg_micro_swap_block_volume" { + source = "./block_volume" + compartment_ocid = "${var.compartment_ocid}" + availability_domain = data.oci_identity_availability_domains.ads.availability_domains[0].name + size_in_gbs = "${var.ogg_micro_swap_size_in_gbs}" + display_name = "${var.ogg_micro_bv_display_name} (Swap)" +} + +module "ogg_micro_trails_block_volume" { + source = "./block_volume" + compartment_ocid = "${var.compartment_ocid}" + availability_domain = data.oci_identity_availability_domains.ads.availability_domains[0].name + size_in_gbs = "${var.ogg_micro_trails_size_in_gbs}" + display_name = "${var.ogg_micro_bv_display_name} (Trails)" + existing_volume_id = "${var.ogg_micro_trails_volume_id}" +} + +module "ogg_micro_deployments_block_volume" { + source = "./block_volume" + compartment_ocid = "${var.compartment_ocid}" + availability_domain = data.oci_identity_availability_domains.ads.availability_domains[0].name + size_in_gbs = "${var.ogg_micro_deployments_size_in_gbs}" + display_name = "${var.ogg_micro_bv_display_name} (Deployments)" + existing_volume_id = "${var.ogg_micro_deployments_volume_id}" +} + +module "ogg_micro_cacheManager_block_volume" { + source = "./block_volume" + compartment_ocid = "${var.compartment_ocid}" + availability_domain = data.oci_identity_availability_domains.ads.availability_domains[0].name + size_in_gbs = "${var.ogg_micro_cacheManager_size_in_gbs}" + display_name = "${var.ogg_micro_bv_display_name} (Cache Manager)" + existing_volume_id = "${var.ogg_micro_cacheManager_volume_id}" +} +module "ogg_micro_image" { + source = "./ogg_microimage" + compartment_id = "${var.image_compartment_id}" + market_image_id = "${local.mp_listing_resource_id2}" + custom_image_name = "ogg-${var.ogg_micro_version}-${var.ogg_micro_edition}-${var.ogg_micro_dbms}" +} +module "atp" { + source = "./atp" + compartment_id = "${var.compartment_ocid}" + display_name = "${var.atp_display_name}" + db_name = "${var.atp_db_name}" + db_workload = "${var.atp_workload}" + is_free_tier = "${var.atp_is_free_tier}" + db_version = "${var.atp_db_version}" + cpu_core_count = "${var.atp_ocpu_count}" + data_storage_size_in_tbs = "${var.atp_storage_size}" + license_model = "${var.atp_license_model}" + generate_type = "${var.atp_wallet_generate_type}" +} +module "ogg_compute" { + depends_on = [module.atp] + source = "./ogg_micro" + deployments = "${var.deployments_json != "" ? var.deployments_json + : var.deployment_2_name != "" && var.deployment_2_dbms != "" ? "[ {\"name\":\"${var.deployment_1_name}\",\"dbms\":\"${var.deployment_1_dbms}\"}, {\"name\":\"${var.deployment_2_name}\",\"dbms\":\"${var.deployment_2_dbms}\"} ]" + : "[ {\"name\":\"${var.deployment_1_name}\",\"dbms\":\"${var.deployment_1_dbms}\"} ]"}" + + deployment_2_wallet = "${module.atp.wallet}" + compartment_id = "${var.compartment_ocid}" + availability_domain = data.oci_identity_availability_domains.ads.availability_domains[0].name + ssh_public_key = file("~/.ssh/oci.pub") + boot_size_in_gbs = "${var.ogg_micro_boot_size_in_gbs}" + display_name = "${var.ogg_micro_display_name}" + hostname_label = "${var.ogg_micro_hostname_label}" + compute_shape = "${var.ogg_micro_compute_shape}" + image_id = "${module.ogg_micro_image.image_id}" + swap_volume_id = "${module.ogg_micro_swap_block_volume.volume_id}" + trails_volume_id = "${module.ogg_micro_trails_block_volume.volume_id}" + deployments_volume_id = "${module.ogg_micro_deployments_block_volume.volume_id}" + cacheManager_volume_id = "${module.ogg_micro_cacheManager_block_volume.volume_id}" + subnet_id = oci_core_subnet.holvcn_public_subnet.id + assign_public_ip = "${var.ogg_micro_assign_public_ip}" +} + +output "Source_PGSQLDB_Public_ip" { + value = module.source_pgsql.Source_PGSQLDB_Public_ip +} + +output "ATP_generated_password" { + value = module.atp.ATP_generated_password +} +output "OGG_Microservices_Public_ip" { + value = module.ogg_compute.OGG_Microservices_Public_ip +} +output "OGG_PGSQL_Public_ip" { + value = module.ogg_pgsql_compute.OGG_PGSQL_Public_ip +} + + diff --git a/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_micro%compute.tf b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_micro%compute.tf new file mode 100644 index 0000000..b92afc5 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_micro%compute.tf @@ -0,0 +1,64 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. + +resource "oci_core_instance" "vm2" { + availability_domain = var.availability_domain + compartment_id = var.compartment_id + display_name = var.display_name + shape = var.compute_shape + create_vnic_details { + subnet_id = var.subnet_id + display_name = var.display_name + assign_public_ip = var.assign_public_ip + hostname_label = var.hostname_label + } + source_details { + source_type = "image" + source_id = var.image_id + boot_volume_size_in_gbs = var.boot_size_in_gbs + } + metadata = { + ssh_authorized_keys = var.ssh_public_key + } + extended_metadata = { + installations_directory = var.installations_directory + swap_device = var.swap_device + trails_device = var.trails_device + trails_directory = var.trails_directory + deployments_device = var.deployments_device + deployments_directory = var.deployments_directory + deployments = var.deployments + deployment_1_wallet = var.deployment_1_wallet + deployment_2_wallet = var.deployment_2_wallet + cacheManager_device = var.cacheManager_device + cacheManager_directory = var.cacheManager_directory + } +} + +resource "oci_core_volume_attachment" "swap_volume_attachment" { + + attachment_type = "paravirtualized" + instance_id = oci_core_instance.vm2.id + volume_id = var.swap_volume_id + device = var.swap_device +} + +resource "oci_core_volume_attachment" "trails_volume_attachment" { + attachment_type = "paravirtualized" + instance_id = oci_core_instance.vm2.id + volume_id = var.trails_volume_id + device = var.trails_device +} + +resource "oci_core_volume_attachment" "deployments_volume_attachment" { + attachment_type = "paravirtualized" + instance_id = oci_core_instance.vm2.id + volume_id = var.deployments_volume_id + device = var.deployments_device +} + +resource "oci_core_volume_attachment" "cacheManager_volume_attachment" { + attachment_type = "paravirtualized" + instance_id = oci_core_instance.vm2.id + volume_id = var.cacheManager_volume_id + device = var.cacheManager_device +} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_micro%outputs.tf b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_micro%outputs.tf new file mode 100644 index 0000000..d14a0fc --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_micro%outputs.tf @@ -0,0 +1,13 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. + +output "image_id" { + value = "${oci_core_instance.vm2.source_details.0.source_id}" +} + +output "instance_id" { + value = "${oci_core_instance.vm2.id}" +} + +output "OGG_Microservices_Public_ip" { + value = oci_core_instance.vm2.public_ip +} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_micro%variables.tf b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_micro%variables.tf new file mode 100644 index 0000000..e42fb8b --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_micro%variables.tf @@ -0,0 +1,63 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. + +variable "compartment_id" {} +variable "availability_domain" {} +variable "image_id" {} +variable "compute_shape" {} +variable "ssh_public_key" {} +variable "boot_size_in_gbs" {} +variable "display_name" {} +variable "hostname_label" {} + +variable "installations_directory" { + default = "/u01/app/ogg" +} + +variable "swap_volume_id" {} + +variable "swap_device" { + default = "/dev/oracleoci/oraclevdb" +} + +variable "trails_volume_id" {} + +variable "trails_device" { + default = "/dev/oracleoci/oraclevdc" +} + +variable "trails_directory" { + default = "/u02/trails" +} + +variable "deployments_volume_id" {} + +variable "deployments_device" { + default = "/dev/oracleoci/oraclevdd" +} + +variable "deployments_directory" { + default = "/u02/deployments" +} + +variable "deployments" { + default = "" +} +variable "deployment_1_wallet" { + default = "" +} +variable "deployment_2_wallet" { + default = "" +} + +variable "cacheManager_volume_id" {} + +variable "cacheManager_device" { + default = "/dev/oracleoci/oraclevde" +} + +variable "cacheManager_directory" { + default = "/u02/cacheManager" +} + +variable "subnet_id" {} +variable "assign_public_ip" {} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_microimage%outputs.tf b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_microimage%outputs.tf new file mode 100644 index 0000000..77bd618 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_microimage%outputs.tf @@ -0,0 +1,5 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. + +output "image_id" { + value = "${var.market_image_id}" +} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_microimage%variables.tf b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_microimage%variables.tf new file mode 100644 index 0000000..49590b4 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_microimage%variables.tf @@ -0,0 +1,5 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. + +variable "compartment_id" {} +variable "market_image_id" {} +variable "custom_image_name" {} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_pgsql%cloud_init.tf b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_pgsql%cloud_init.tf new file mode 100644 index 0000000..330488d --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_pgsql%cloud_init.tf @@ -0,0 +1,21 @@ + +data "template_file" "ogg_postgre_script" { + template = file("ogg_pgsql/postgre.tpl") + vars = { + "config_file" = file("ogg_pgsql/odbc.ini") + "source_postgre" = var.source_db + } +} + + +data "template_cloudinit_config" "ogg_postgre_cloud_init" { + gzip = true + base64_encode = true + + part { + filename = "cloudinit.sh" + content_type = "text/x-shellscript" + content = data.template_file.ogg_postgre_script.rendered + } + +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_pgsql%compute.tf b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_pgsql%compute.tf new file mode 100644 index 0000000..9c61adf --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_pgsql%compute.tf @@ -0,0 +1,53 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. + +resource "oci_core_instance" "vm1" { + availability_domain = var.availability_domain + compartment_id = var.compartment_id + display_name = var.display_name + shape = var.compute_shape + create_vnic_details { + subnet_id = var.subnet_id + display_name = var.display_name + assign_public_ip = var.assign_public_ip + hostname_label = var.hostname_label + } + source_details { + source_type = "image" + source_id = var.image_id + boot_volume_size_in_gbs = var.boot_size_in_gbs + } + metadata = { + ssh_authorized_keys = var.ssh_public_key + user_data = data.template_cloudinit_config.ogg_postgre_cloud_init.rendered + } + extended_metadata = { + installations_directory = var.installations_directory + swap_device = var.swap_device + trails_device = var.trails_device + trails_directory = var.trails_directory + deployments_device = var.deployments_device + deployments_directory = var.deployments_directory + deployments = var.deployments + } +} + +resource "oci_core_volume_attachment" "swap_volume_attachment" { + attachment_type = "paravirtualized" + instance_id = oci_core_instance.vm1.id + volume_id = var.swap_volume_id + device = var.swap_device +} + +resource "oci_core_volume_attachment" "trails_volume_attachment" { + attachment_type = "paravirtualized" + instance_id = oci_core_instance.vm1.id + volume_id = var.trails_volume_id + device = var.trails_device +} + +resource "oci_core_volume_attachment" "deployments_volume_attachment" { + attachment_type = "paravirtualized" + instance_id = oci_core_instance.vm1.id + volume_id = var.deployments_volume_id + device = var.deployments_device +} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_pgsql%outputs.tf b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_pgsql%outputs.tf new file mode 100644 index 0000000..deff88b --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_pgsql%outputs.tf @@ -0,0 +1,13 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. + +output "image_id" { + value = "${oci_core_instance.vm1.source_details.0.source_id}" +} + +output "instance_id" { + value = "${oci_core_instance.vm1.id}" +} + +output "OGG_PGSQL_Public_ip" { + value = oci_core_instance.vm1.public_ip +} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_pgsql%variables.tf b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_pgsql%variables.tf new file mode 100644 index 0000000..f55ad75 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_pgsql%variables.tf @@ -0,0 +1,47 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. + +variable "compartment_id" {} +variable "availability_domain" {} +variable "image_id" {} +variable "compute_shape" {} +variable "ssh_public_key" {} +variable "boot_size_in_gbs" {} +variable "display_name" {} +variable "hostname_label" {} +variable "source_db" {} +variable "installations_directory" { + default = "/u01/app/ogg" +} + +variable "swap_volume_id" {} + +variable "swap_device" { + default = "/dev/oracleoci/oraclevdb" +} + +variable "trails_volume_id" {} + +variable "trails_device" { + default = "/dev/oracleoci/oraclevdc" +} + +variable "trails_directory" { + default = "/u02/trails" +} + +variable "deployments_volume_id" {} + +variable "deployments_device" { + default = "/dev/oracleoci/oraclevdd" +} + +variable "deployments_directory" { + default = "/u02/deployments" +} + +variable "deployments" { + default = "" +} + +variable "subnet_id" {} +variable "assign_public_ip" {} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_pgsqlimage%outputs.tf b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_pgsqlimage%outputs.tf new file mode 100644 index 0000000..77bd618 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_pgsqlimage%outputs.tf @@ -0,0 +1,5 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. + +output "image_id" { + value = "${var.market_image_id}" +} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_pgsqlimage%variables.tf b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_pgsqlimage%variables.tf new file mode 100644 index 0000000..cffd958 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%ogg_pgsqlimage%variables.tf @@ -0,0 +1,5 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. + +variable "compartment_ocid" {} +variable "market_image_id" {} +variable "custom_image_name" {} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%provider.tf b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%provider.tf new file mode 100644 index 0000000..5268730 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%provider.tf @@ -0,0 +1,3 @@ +provider "oci" { + region = var.region +} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%source_db%cloud_init.tf b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%source_db%cloud_init.tf new file mode 100644 index 0000000..2829b88 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%source_db%cloud_init.tf @@ -0,0 +1,13 @@ +data "template_file" "source_postgre_script" { + template = file("source_db/ubuntu.tpl") +} +data "template_cloudinit_config" "source_postgre_cloud_init" { + gzip = true + base64_encode = true + + part { + filename = "cloud-init.sh" + content_type = "text/x-shellscript" + content = data.template_file.source_postgre_script.rendered + } +} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%source_db%compute.tf b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%source_db%compute.tf new file mode 100644 index 0000000..3941935 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%source_db%compute.tf @@ -0,0 +1,21 @@ +resource "oci_core_instance" "vm0" { + availability_domain = var.availability_domain + compartment_id = var.compartment_id + display_name = var.display_name + shape = var.compute_shape + create_vnic_details { + subnet_id = var.subnet_id + display_name = var.display_name + assign_public_ip = var.assign_public_ip + hostname_label = var.hostname_label + } + source_details { + source_type = "image" + source_id = var.image_id + boot_volume_size_in_gbs = var.boot_size_in_gbs + } + metadata = { + ssh_authorized_keys = var.ssh_public_key + user_data = data.template_cloudinit_config.source_postgre_cloud_init.rendered + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%source_db%outputs.tf b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%source_db%outputs.tf new file mode 100644 index 0000000..143dfa4 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%source_db%outputs.tf @@ -0,0 +1,4 @@ + +output "Source_PGSQLDB_Public_ip" { + value = oci_core_instance.vm0.public_ip +} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%source_db%variables.tf b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%source_db%variables.tf new file mode 100644 index 0000000..f8f2a17 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%source_db%variables.tf @@ -0,0 +1,12 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. + +variable "compartment_id" {} +variable "availability_domain" {} +variable "image_id" {} +variable "compute_shape" {} +variable "ssh_public_key" {} +variable "boot_size_in_gbs" {} +variable "display_name" {} +variable "hostname_label" {} +variable "subnet_id" {} +variable "assign_public_ip" {} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%subscription.tf b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%subscription.tf new file mode 100644 index 0000000..6a91ae2 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%subscription.tf @@ -0,0 +1,66 @@ +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. + +# Get Image Agreement +resource "oci_core_app_catalog_listing_resource_version_agreement" "mp_image_agreement" { + listing_id = local.mp_listing_id + listing_resource_version = local.mp_listing_resource_version +} + +# Accept Terms and Subscribe to the image, placing the image TC in a particular compartment (same as the instance) +resource "oci_core_app_catalog_subscription" "mp_image_subscription" { + compartment_id = var.compartment_ocid + eula_link = oci_core_app_catalog_listing_resource_version_agreement.mp_image_agreement.eula_link + listing_id = oci_core_app_catalog_listing_resource_version_agreement.mp_image_agreement.listing_id + listing_resource_version = oci_core_app_catalog_listing_resource_version_agreement.mp_image_agreement.listing_resource_version + oracle_terms_of_use_link = oci_core_app_catalog_listing_resource_version_agreement.mp_image_agreement.oracle_terms_of_use_link + signature = oci_core_app_catalog_listing_resource_version_agreement.mp_image_agreement.signature + time_retrieved = oci_core_app_catalog_listing_resource_version_agreement.mp_image_agreement.time_retrieved + + timeouts { + create = "20m" + } +} + +# Gets the partner image subscription +data "oci_core_app_catalog_subscriptions" "mp_image_subscription" { + compartment_id = var.compartment_ocid + listing_id = local.mp_listing_id + + filter { + name = "listing_resource_version" + values = [local.mp_listing_resource_version] + } +} +// Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. + +# Get Image Agreement +resource "oci_core_app_catalog_listing_resource_version_agreement" "mp_image_agreement2" { + listing_id = local.mp_listing_id2 + listing_resource_version = local.mp_listing_resource_version2 +} + +# Accept Terms and Subscribe to the image, placing the image TC in a particular compartment (same as the instance) +resource "oci_core_app_catalog_subscription" "mp_image_subscription2" { + compartment_id = var.compartment_ocid + eula_link = oci_core_app_catalog_listing_resource_version_agreement.mp_image_agreement2.eula_link + listing_id = oci_core_app_catalog_listing_resource_version_agreement.mp_image_agreement2.listing_id + listing_resource_version = oci_core_app_catalog_listing_resource_version_agreement.mp_image_agreement2.listing_resource_version + oracle_terms_of_use_link = oci_core_app_catalog_listing_resource_version_agreement.mp_image_agreement2.oracle_terms_of_use_link + signature = oci_core_app_catalog_listing_resource_version_agreement.mp_image_agreement2.signature + time_retrieved = oci_core_app_catalog_listing_resource_version_agreement.mp_image_agreement2.time_retrieved + + timeouts { + create = "20m" + } +} + +# Gets the partner image subscription +data "oci_core_app_catalog_subscriptions" "mp_image_subscription2" { + compartment_id = var.compartment_ocid + listing_id = local.mp_listing_id2 + + filter { + name = "listing_resource_version" + values = [local.mp_listing_resource_version2] + } +} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%vars.tf b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%vars.tf new file mode 100644 index 0000000..a3c4448 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%vars.tf @@ -0,0 +1,313 @@ +variable "tenancy_ocid" {} +variable "region" {} +variable "compartment_ocid" {} + +################################ VCN + +variable "holvcn_display_name" { + default = "HOLVCN" +} +variable "holvcn_dns_label" { + default = "holvcn" +} +variable "holvcn_public_subnet_display_name" { + default = "HOLVCN_Public_Subnet" +} +variable "holvcn_public_security_list_display_name" { + default = "HOLVCN_Public_SL" +} +variable "holvcn_public_dns_label" { + default = "holvcnpublc" +} +variable "holvcn_public_route_table_display_name" { + default = "HOLVCN_Public_RT" +} +variable "holvcn_private_subnet_display_name" { + default = "HOLVCN_Private_subnet" +} +variable "holvcn_private_security_list_display_name" { + default = "HOLVCN_Private_SL" +} +variable "holvcn_private_dns_label" { + default = "holvcnprivate" +} +variable "holvcn_private_route_table_display_name" { + default = "HOLVCN_Private_RT" +} +variable "holvcn_igw_display_name" { + default = "HOLVCN_IGW" +} +variable "holvcn_nat_display_name" { + default = "HOLVCN_IGW" +} +variable "holvcn_cidr_block" { + default = "10.10.0.0/16" +} +variable "holvcn_public_cidr_block" { + default = "10.10.0.0/24" +} +variable "holvcn_private_cidr_block" { + default = "10.10.1.0/24" +} +variable "holvcn_igw_cidr_block" { + default = "0.0.0.0/0" +} +variable "holvcn_nat_cidr_block" { + default = "0.0.0.0/0" +} + +################################ TARGET ATP +variable "atp_display_name" { + default = "HOL Target ATP" +} +variable "atp_db_name" { + default = "hol" +} +variable "atp_db_version" { + default = "19c" +} +variable "atp_license_model" { + default = "LICENSE_INCLUDED" +} +## FREE TIER +variable "atp_is_free_tier" { + default = false +} +variable "atp_ocpu_count" { + default = 1 +} +variable "atp_storage_size" { + default = 1 +} +variable "atp_visibility" { + default = "Public" +} +variable "atp_wallet_generate_type" { + default = "SINGLE" +} +variable "atp_workload" { + default = "OLTP" +} +variable "database_id" { + default = "" +} + +################################ SOURCE PGSQL +variable "source_pgsql_assign_public_ip" { + default = true +} +variable "source_pgsql_boot_size_in_gbs" { + default = "50" +} +variable "source_pgsql_hostname_label" { + default = "sourcedb" +} + +variable "source_pgsql_custom_volume_sizes" { + default = false +} +variable "source_pgsql_display_name" { + default = "HOL Source PGSQL" +} + +variable "source_pgsql_compute_shape" { + default = "VM.Standard.E2.1" +} + +variable "source_postgre_image_ocid" { + type = map(string) + + default = { + ap-chuncheon-1 = "ocid1.image.oc1.ap-chuncheon-1.aaaaaaaa4m7auvu5xbygu3ufuxayr5hiv53kjbhuae2v23ceezfh23l5ljla" + ap-hyderabad-1 = "ocid1.image.oc1.ap-hyderabad-1.aaaaaaaamagn4cvnqlhl263dyeomjtquwtdb7c26rxaexnakbcv2xwe2y5za" + ap-melbourne-1 = "ocid1.image.oc1.ap-melbourne-1.aaaaaaaawnjddjpgrw6prdf5i3soh4ifd7afdnux3iby2aqksz2b2rblhcra" + ap-mumbai-1 = "ocid1.image.oc1.ap-mumbai-1.aaaaaaaaowjhuftuftocybrcshdis7fi47w7yxqpgu332h3ke4fp5rkkgwqq" + ap-osaka-1 = "ocid1.image.oc1.ap-osaka-1.aaaaaaaagvqhpcpunoxm3iztj2cf2oaslhi3q5z7kmkixostvtbdlhagp7nq" + ap-seoul-1 = "ocid1.image.oc1.ap-seoul-1.aaaaaaaatuvkpqct4yqpdygb3ootlmyoyhupne7nzzngz5fbx5pirzi7h5pa" + ap-sydney-1 = "ocid1.image.oc1.ap-sydney-1.aaaaaaaasqyequj27dmozbs2tgdiw723hxmakt5qw374kesfbwa7c5q7fbea" + ap-tokyo-1 = "ocid1.image.oc1.ap-tokyo-1.aaaaaaaawlaz3p2bplxsa3qbc7hklncl5dwzl57m3r76kn5o7mt5jtjud3qq" + ca-montreal-1 = "ocid1.image.oc1.ca-montreal-1.aaaaaaaablwhx3hp26hqljyt7j74tuitzmf42ptowjqvdgu4mzitmccrqpkq" + ca-toronto-1 = "ocid1.image.oc1.ca-toronto-1.aaaaaaaaasmi3hswr5h4tpfq2mjnkukeavy6acb7g2cd7pc47p2frtei7z6a" + eu-amsterdam-1 = "ocid1.image.oc1.eu-amsterdam-1.aaaaaaaacw2njhmftuhzlz66ggvvmrnol4t6fhfa7wwwareizn5z6kiql4eq" + eu-frankfurt-1 = "ocid1.image.oc1.eu-frankfurt-1.aaaaaaaastzzgsgf6mczjopdxq5ts6cgh7oamduy5qtu66lixjs5hqqjzocq" + eu-zurich-1 = "ocid1.image.oc1.eu-zurich-1.aaaaaaaa5kiv4il7xufs6urxnljuugvq556cbhidkncxlz2a5trokltaix5q" + me-dubai-1 = "ocid1.image.oc1.me-dubai-1.aaaaaaaapbettobjiffch4r6hkvp347azd4o37j34iiet6isiejltygjsica" + me-jeddah-1 = "ocid1.image.oc1.me-jeddah-1.aaaaaaaabokpmh5qdymx3lhesw75thxvtxbeetnpy5xefnh7ph6bucagsg7a" + sa-santiago-1 = "ocid1.image.oc1.sa-santiago-1.aaaaaaaa6amxp6srujrdjn25ydcx6vlxxorn27zjxk2bv6nqzizm5vil2k5a" + sa-saopaulo-1 = "ocid1.image.oc1.sa-saopaulo-1.aaaaaaaav5a2iaqihnjzd7urhl3b5xwtbypfyw7m2qadpnkg7z32x2kjh45q" + uk-cardiff-1 = "ocid1.image.oc1.uk-cardiff-1.aaaaaaaao5slzhavcc5p4kfvb5wizqpkvydoa2pclqq26f25defyf33iha5a" + uk-london-1 = "ocid1.image.oc1.uk-london-1.aaaaaaaafsngwpdx4d4nndrkhtzesln4i4hmh276pf6giqpet4pqob7et5ha" + us-ashburn-1 = "ocid1.image.oc1.iad.aaaaaaaawwax2iqkcrg65cxr3w656erbgsb2v7pcjbsm45aocl5qic24h2va" + us-gov-ashburn-1 = "ocid1.image.oc3.us-gov-ashburn-1.aaaaaaaa2nktxyg4kdcr5kthm6amnbifxobroziliu3ulhwl3njm7hgtluhq" + us-gov-chicago-1 = "ocid1.image.oc3.us-gov-chicago-1.aaaaaaaawofdj6o6gxch4h3f2vj3btdw6ah7mn5akjgt6caqm6v524toclnq" + us-gov-phoenix-1 = "ocid1.image.oc3.us-gov-phoenix-1.aaaaaaaa6g7cj3r5jepgphp4ocfcw6hjrb2rlcykaw5nzsd5e726jaruvvxq" + us-langley-1 = "ocid1.image.oc2.us-langley-1.aaaaaaaa73eflc6ofgmb6zkr4vl23mp5wczbvcprwz5h4idef3vsfpz5rsha" + us-luke-1 = "ocid1.image.oc2.us-luke-1.aaaaaaaaqyd7ecglgqe6wolrggxmq35z66355zpc7cnra66atqjjrqd7cnkq" + us-phoenix-1 = "ocid1.image.oc1.phx.aaaaaaaacctmcjjajc7xawyz3uuot4ei7q2tqw4yipbh5okosppc5v3yxava" + us-sanjose-1 = "ocid1.image.oc1.us-sanjose-1.aaaaaaaafbd4avhggiy2a3wdlda5xi3c47qbbe6kepbt4uyhizdbkmwyxbmq" + } +} + +################################ OGG POSTGRESQL BLOCK VOLUME +// +variable "ogg_pgsql_bv_display_name" { + default = "OGG_PGSQL BlockVolume" +} +variable "boot_size_in_gbs" { + default = "50" +} +variable "ogg_pgsql_swap_size_in_gbs" { + default = "50" //256 +} +variable "ogg_pgsql_trails_size_in_gbs" { + default = "50" //512 +} +variable "ogg_pgsql_deployments_size_in_gbs" { + default = "50" +} + +// OGG Deployment volume +variable "ogg_pgsql_deployments_volume_id" { + default = "" +} + +// OGG Trails volume +variable "ogg_pgsql_trails_volume_id" { + default = "" +} +################################ OGG MICRO BLOCK VOLUME +// +variable "ogg_micro_bv_display_name" { + default = "OGG_Micro BlockVolume" +} + +variable "ogg_micro_swap_size_in_gbs" { + default = "50" //256 +} +variable "ogg_micro_trails_size_in_gbs" { + default = "50" //512 +} +variable "ogg_micro_deployments_size_in_gbs" { + default = "50" +} +variable "ogg_micro_cacheManager_size_in_gbs" { + default = "50" +} + +// OGG Deployment volume +variable "ogg_micro_deployments_volume_id" { + default = "" +} +// OGG CacheManager volume +variable "ogg_micro_cacheManager_volume_id" { + default = "" +} + +// OGG Trails volume +variable "ogg_micro_trails_volume_id" { + default = "" +} +################################ OGG PGSQL IMAGE +variable "ogg_pgsql_dbms" { + default = "postgresql" +} +variable "ogg_pgsql_edition" { + default = "Classic" +} +variable "ogg_pgsql_version" { + default = "19.1.0.0.201013" +} +variable "image_compartment_id" { + default = "" +} +################################ OGG PGSQL INSTANCE +variable "ogg_pgsql_assign_public_ip" { + default = true +} +variable "ogg_pgsql_boot_size_in_gbs" { + default = "50" +} +variable "ogg_pgsql_display_name" { + default = "HOL OGG PGSQL" +} +variable "ogg_pgsql_hostname_label" { + default = "ogg19cpgsql" +} +variable "ogg_pgsql_compute_shape" { + default = "VM.Standard2.1" +} +variable "ogg_pgsql_custom_volume_sizes" { + default = false +} +################################ OGG Micro IMAGE +variable "ogg_micro_dbms" { + default = "Oracle" +} +variable "ogg_micro_edition" { + default = "Microservices" +} +variable "ogg_micro_version" { + default = "19.1.0.0.201013" +} + +################################ OGG MICRO INSTANCE +variable "ogg_micro_assign_public_ip" { + default = true +} +variable "ogg_micro_boot_size_in_gbs" { + default = "50" +} +variable "ogg_micro_display_name" { + default = "HOL OGG Microservices" +} +variable "ogg_micro_hostname_label" { + default = "ogg19micro" +} +variable "ogg_micro_compute_shape" { + default = "VM.Standard2.1" +} +variable "ogg_micro_custom_volume_sizes" { + default = false +} +################################ OGG MICRO GG CONFIGURATION + +variable deployments_json { + default = "" +} + +variable deployment_1_name { + default = "Source" +} + +variable deployment_1_dbms { + default = "Oracle 11g (11.2.0.4)" +} +variable deployment_1_adb { + default = false +} +variable deployment_1_adb_id { + default = "" +} +variable deployment_1_adb_compartment_id { + default = "" +} + +variable deployment_2_name { + default = "Target" +} + +variable deployment_2_dbms { + default = "Oracle 19c (19.x)" +} + +variable deployment_2_adb { + default = true +} + +variable deployment_2_adb_compartment_id { + default = "" +} + +variable deployment_2_adb_id { + default = "" +} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%vcn.tf b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%vcn.tf new file mode 100644 index 0000000..2b66456 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%data-management-library%goldengate%migrate-postgre-atp%terraform%vcn.tf @@ -0,0 +1,186 @@ +#VCN +resource oci_core_vcn holvcn { + compartment_id = var.compartment_ocid + cidr_block = var.holvcn_cidr_block + dns_label = var.holvcn_dns_label + display_name = var.holvcn_display_name +} + +#PUBLIC SUBNET +resource "oci_core_subnet" "holvcn_public_subnet" { + compartment_id = var.compartment_ocid + vcn_id = oci_core_vcn.holvcn.id + cidr_block = var.holvcn_public_cidr_block + dns_label = var.holvcn_public_dns_label + display_name = var.holvcn_public_subnet_display_name + security_list_ids = [oci_core_security_list.holvcn_public_security_list.id] +} +resource "oci_core_route_table_attachment" "holvcn_public_route_attachment" { + subnet_id = oci_core_subnet.holvcn_public_subnet.id + route_table_id = oci_core_route_table.holvcn_public_route_table.id +} + +#PRIVATE SUBNET +resource "oci_core_subnet" "holvcn_private_subnet" { + compartment_id = var.compartment_ocid + vcn_id = oci_core_vcn.holvcn.id + cidr_block = var.holvcn_private_cidr_block + dns_label = var.holvcn_private_dns_label + display_name = var.holvcn_private_subnet_display_name + security_list_ids = [oci_core_security_list.holvcn_private_security_list.id] +} +resource "oci_core_route_table_attachment" "holvcn_private_route_attachment" { + subnet_id = oci_core_subnet.holvcn_private_subnet.id + route_table_id = oci_core_route_table.holvcn_private_route_table.id +} + +#Public RT +resource "oci_core_route_table" "holvcn_public_route_table" { + compartment_id = var.compartment_ocid + display_name = var.holvcn_public_route_table_display_name + vcn_id = oci_core_vcn.holvcn.id + route_rules { + network_entity_id = oci_core_internet_gateway.holvcn_igw.id + cidr_block = var.holvcn_igw_cidr_block + destination_type = "CIDR_BLOCK" + } +} + +#Private RT +resource "oci_core_route_table" "holvcn_private_route_table" { + compartment_id = var.compartment_ocid + display_name = var.holvcn_private_route_table_display_name + vcn_id = oci_core_vcn.holvcn.id + route_rules { + network_entity_id = oci_core_nat_gateway.holvcn_nat.id + cidr_block = var.holvcn_nat_cidr_block + destination_type = "CIDR_BLOCK" + } +} +#IGW +resource "oci_core_internet_gateway" "holvcn_igw" { + compartment_id = var.compartment_ocid + vcn_id = oci_core_vcn.holvcn.id + enabled = "true" + display_name = var.holvcn_igw_display_name +} +#NAT +resource "oci_core_nat_gateway" "holvcn_nat" { + compartment_id = var.compartment_ocid + vcn_id = oci_core_vcn.holvcn.id + display_name = var.holvcn_nat_display_name +} +#Public SL +resource "oci_core_security_list" "holvcn_public_security_list" { + display_name = var.holvcn_public_security_list_display_name + compartment_id = var.compartment_ocid + vcn_id = oci_core_vcn.holvcn.id + egress_security_rules { + destination = var.holvcn_igw_cidr_block + protocol = "all" + } + ingress_security_rules { + protocol = "6" + source = var.holvcn_igw_cidr_block + source_type = "CIDR_BLOCK" + tcp_options { + max = 22 + min = 22 + } + } + ingress_security_rules { + protocol = "6" + source = var.holvcn_igw_cidr_block + source_type = "CIDR_BLOCK" + description = "Web ports" + tcp_options { + max = 80 + min = 80 + } + } + ingress_security_rules { + protocol = "6" + source = var.holvcn_igw_cidr_block + source_type = "CIDR_BLOCK" + description = "Web ports" + tcp_options { + max = 443 + min = 443 + } + } + ingress_security_rules { + protocol = "6" + source = var.holvcn_igw_cidr_block + source_type = "CIDR_BLOCK" + description = "Goldengate microservices ports" + tcp_options { + max = 9014 + min = 9011 + } + } + ingress_security_rules { + protocol = "6" + source = var.holvcn_igw_cidr_block + source_type = "CIDR_BLOCK" + description = "Goldengate microservice ports" + tcp_options { + max = 9024 + min = 9021 + } + } + ingress_security_rules { + protocol = "6" + source = var.holvcn_igw_cidr_block + source_type = "CIDR_BLOCK" + description = "Goldengate Classic ports" + tcp_options { + max = 7811 + min = 7809 + } + } + ingress_security_rules { + protocol = "6" + source = var.holvcn_igw_cidr_block + source_type = "CIDR_BLOCK" + description = "Database ports" + tcp_options { + max = 1522 + min = 1521 + } + } + ingress_security_rules { + protocol = "6" + source = var.holvcn_igw_cidr_block + source_type = "CIDR_BLOCK" + #description = "Postgresql port" + tcp_options { + max = 5432 + min = 5432 + } + } +} + +#Private SL +resource "oci_core_security_list" "holvcn_private_security_list" { + display_name = var.holvcn_private_security_list_display_name + compartment_id = var.compartment_ocid + vcn_id = oci_core_vcn.holvcn.id + + egress_security_rules { + destination = var.holvcn_nat_cidr_block + protocol = "all" + } + ingress_security_rules { + source = var.holvcn_cidr_block + protocol = "all" + } + ingress_security_rules { + protocol = "6" + source = var.holvcn_cidr_block + source_type = "CIDR_BLOCK" + tcp_options { + max = 22 + min = 22 + } + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-lbaas-demo%compute.tf b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-lbaas-demo%compute.tf new file mode 100644 index 0000000..4975c71 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-lbaas-demo%compute.tf @@ -0,0 +1,39 @@ +resource "oci_core_instance" "webserver1" { + availability_domain = "${lookup(data.oci_identity_availability_domains.availability_domains.availability_domains[var.availability_domains -2],"name")}" + compartment_id = "${var.compartment_ocid}" + display_name = "Webserver 1" + shape = "${var.instance_shape}" + subnet_id = "${oci_core_subnet.lb-backendset1-subnet.id}" + hostname_label = "orm-demo-ws1" + + metadata { + ssh_authorized_keys = "${var.ssh_public_key}" + user_data = "${base64encode(file(var.bootstrap_file))}" + assign_public_ip = "false" + } + + source_details { + source_type = "image" + source_id = "${var.instance_image_ocid[var.region]}" + } +} + +resource "oci_core_instance" "webserver2" { + availability_domain = "${lookup(data.oci_identity_availability_domains.availability_domains.availability_domains[var.availability_domains -1],"name")}" + compartment_id = "${var.compartment_ocid}" + display_name = "Webserver 2" + shape = "${var.instance_shape}" + subnet_id = "${oci_core_subnet.lb-backendset2-subnet.id}" + hostname_label = "orm-demo-ws2" + + metadata { + ssh_authorized_keys = "${var.ssh_public_key}" + user_data = "${base64encode(file(var.bootstrap_file))}" + assign_public_ip = "false" + } + + source_details { + source_type = "image" + source_id = "${var.instance_image_ocid[var.region]}" + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-lbaas-demo%loadbalancer.tf b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-lbaas-demo%loadbalancer.tf new file mode 100644 index 0000000..7c8379b --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-lbaas-demo%loadbalancer.tf @@ -0,0 +1,71 @@ +/* Load Balancer */ +resource "oci_load_balancer" "lb" { + display_name = "LB Load Balancer" + shape = "${var.lb_shape}" + compartment_id = "${var.compartment_ocid}" + + subnet_ids = [ + "${oci_core_subnet.lb-primary-subnet.id}", + "${oci_core_subnet.lb-failover-subnet.id}", + ] + is_private = "false" +} + +resource "oci_load_balancer_hostname" "lb-hostname" { + #Required + name = "LB Hostname" + hostname = "app.example.com" + load_balancer_id = "${oci_load_balancer.lb.id}" +} + +resource "oci_load_balancer_backend" "lb-backend" { + load_balancer_id = "${oci_load_balancer.lb.id}" + backendset_name = "${oci_load_balancer_backend_set.lb-backendset-1.name}" + ip_address = "${oci_core_instance.webserver1.private_ip}" + port = 80 + backup = false + drain = false + offline = false + weight = 1 +} + +resource "oci_load_balancer_backend_set" "lb-backendset-1" { + name = "${var.backendset_name}" + load_balancer_id = "${oci_load_balancer.lb.id}" + policy = "${var.backendset_policy}" + + health_checker { + protocol = "${var.hc_protocol}" + port = "${var.hc_port}" + interval_ms = "${var.hc_interval_ms}" + retries = "${var.hc_retries}" + return_code = "${var.hc_return_code}" + timeout_in_millis = "${var.hc_timeout_in_millis}" + response_body_regex = "${var.hc_response_body_regex}" + url_path = "${var.hc_url_path}" + } +} + +resource "oci_load_balancer_backend" "lb-backendset-2" { + load_balancer_id = "${oci_load_balancer.lb.id}" + backendset_name = "${oci_load_balancer_backend_set.lb-backendset-1.name}" + ip_address = "${oci_core_instance.webserver2.private_ip}" + port = 80 + backup = false + drain = false + offline = false + weight = 1 +} + +resource "oci_load_balancer_listener" "lb-listener" { + name = "LB_Listener" + load_balancer_id = "${oci_load_balancer.lb.id}" + default_backend_set_name = "${oci_load_balancer_backend_set.lb-backendset-1.name}" + hostname_names = ["${oci_load_balancer_hostname.lb-hostname.name}"] + port = 80 + protocol = "HTTP" + + connection_configuration { + idle_timeout_in_seconds = "2" + } +} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-lbaas-demo%network.tf b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-lbaas-demo%network.tf new file mode 100644 index 0000000..00699b6 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-lbaas-demo%network.tf @@ -0,0 +1,226 @@ +/* Network */ +data "oci_identity_availability_domains" "availability_domains" { + compartment_id = "${var.compartment_ocid}" +} + +############################################ +# Local variables +############################################ + +locals { + tcp_protocol = "6" + all_protocol = "all" + anywhere = "0.0.0.0/0" +} + +############################################ +# Create VCN +############################################ + +resource "oci_core_virtual_network" "lb-network-vcn" { + display_name = "LB Network VCN" + cidr_block = "${var.vcn_cidr}" + compartment_id = "${var.compartment_ocid}" + dns_label = "lbnetworkvcn" +} + +############################################ +# Create Internet Gateway +############################################ + +resource "oci_core_internet_gateway" "internetgateway" { + compartment_id = "${var.compartment_ocid}" + display_name = "orm-demo-internetgateway" + vcn_id = "${oci_core_virtual_network.lb-network-vcn.id}" +} + +############################################ +# Create Route Table +############################################ + +resource "oci_core_route_table" "lb-routetable" { + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_virtual_network.lb-network-vcn.id}" + display_name = "LB Route Table (Public)" + + route_rules { + destination = "${local.anywhere}" +// destination_type = "CIDR_BLOCK" + network_entity_id = "${oci_core_internet_gateway.internetgateway.id}" + } +} + +resource "oci_core_route_table" "bs-routetable" { + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_virtual_network.lb-network-vcn.id}" + display_name = "Backend Route Table (Private)" + + route_rules { + destination = "${local.anywhere}" +// destination_type = "CIDR_BLOCK" + network_entity_id = "${oci_core_internet_gateway.internetgateway.id}" + } +} + +############################################ +# Create Security List +############################################ + +resource "oci_core_security_list" "lb-securitylist" { + display_name = "LB Security List (public subnets)" + compartment_id = "${oci_core_virtual_network.lb-network-vcn.compartment_id}" + vcn_id = "${oci_core_virtual_network.lb-network-vcn.id}" + + egress_security_rules = [ + { + protocol = "${local.all_protocol}" + destination = "${local.anywhere}" + } + ] + + ingress_security_rules = [ + { + protocol = "${local.tcp_protocol}" + source = "${local.anywhere}" + + tcp_options = { + "min" = "${var.non_ssl_listener_port}" + "max" = "${var.non_ssl_listener_port}" + } + }, + { + protocol = "${local.tcp_protocol}" + source = "${local.anywhere}" + + tcp_options = { + "min" = 443 + "max" = 443 + } + } + ] +} + +resource "oci_core_security_list" "bs-securitylist" { + display_name = "Backend Set Security List (private subnets)" + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_virtual_network.lb-network-vcn.id}" + + egress_security_rules = [ + { + protocol = "${local.all_protocol}" + destination = "${local.anywhere}" + }] + + ingress_security_rules = [ + { + protocol = "${local.tcp_protocol}" + source = "${var.primary_lb_cidr}" + + tcp_options = { + "min" = 80 + "max" = 80 + } + }, + { + protocol = "${local.tcp_protocol}" + source = "${local.anywhere}" + + tcp_options = { + "min" = 22 + "max" = 22 + } + }, + { + protocol = "${local.tcp_protocol}" + source = "${var.failover_lb_cidr}" + + tcp_options = { + "min" = 80 + "max" = 80 + }, + + }, + { + protocol = "${local.tcp_protocol}" + source = "${var.primary_lb_cidr}" + + tcp_options = { + "min" = 443 + "max" = 443 + } + }, + { + protocol = "${local.tcp_protocol}" + source = "${var.failover_lb_cidr}" + + tcp_options = { + "min" = 443 + "max" = 443 + } + } + ] +} + +############################################ +# Create Load Balancer Subnets +############################################ +resource "oci_core_subnet" "lb-primary-subnet" { + display_name = "LB Subnet 1 (Public Primary)" + availability_domain = "${lookup(data.oci_identity_availability_domains.availability_domains.availability_domains[var.availability_domains -2],"name")}" + cidr_block = "${var.primary_lb_cidr}" + dns_label = "lbsubnet1" + security_list_ids = ["${oci_core_security_list.lb-securitylist.id}"] + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_virtual_network.lb-network-vcn.id}" + route_table_id = "${oci_core_route_table.lb-routetable.id}" + dhcp_options_id = "${oci_core_virtual_network.lb-network-vcn.default_dhcp_options_id}" + + provisioner "local-exec" { + command = "sleep 5" + } +} + +resource "oci_core_subnet" "lb-failover-subnet" { + display_name = "LB Subnet 2 (Public Failover)" + availability_domain = "${lookup(data.oci_identity_availability_domains.availability_domains.availability_domains[var.availability_domains -1],"name")}" + cidr_block = "${var.failover_lb_cidr}" + dns_label = "lbsubnet2" + security_list_ids = ["${oci_core_security_list.lb-securitylist.id}"] + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_virtual_network.lb-network-vcn.id}" + route_table_id = "${oci_core_route_table.lb-routetable.id}" + dhcp_options_id = "${oci_core_virtual_network.lb-network-vcn.default_dhcp_options_id}" + + provisioner "local-exec" { + command = "sleep 5" + } +} + +############################################ +# Create Backend Subnets +############################################ +resource "oci_core_subnet" "lb-backendset1-subnet" { + display_name = "Backend Set 1 (private subnet)" + availability_domain = "${lookup(data.oci_identity_availability_domains.availability_domains.availability_domains[var.availability_domains -2],"name")}" + cidr_block = "${var.bs1_subnet_cidr}" + dns_label = "lbsubnet3" + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_virtual_network.lb-network-vcn.id}" + security_list_ids = ["${oci_core_security_list.bs-securitylist.id}"] + route_table_id = "${oci_core_route_table.lb-routetable.id}" + dhcp_options_id = "${oci_core_virtual_network.lb-network-vcn.default_dhcp_options_id}" +// prohibit_public_ip_on_vnic = "true" +} + +resource "oci_core_subnet" "lb-backendset2-subnet" { + display_name = "Backend Set 2 (private subnet)" + availability_domain = "${lookup(data.oci_identity_availability_domains.availability_domains.availability_domains[var.availability_domains -1],"name")}" + cidr_block = "${var.bs2_subnet_cidr}" + dns_label = "lbsubnet4" + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_virtual_network.lb-network-vcn.id}" + security_list_ids = ["${oci_core_security_list.bs-securitylist.id}"] + route_table_id = "${oci_core_route_table.lb-routetable.id}" + dhcp_options_id = "${oci_core_virtual_network.lb-network-vcn.default_dhcp_options_id}" +// prohibit_public_ip_on_vnic = "true" +} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-lbaas-demo%outputs.tf b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-lbaas-demo%outputs.tf new file mode 100644 index 0000000..1d3d681 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-lbaas-demo%outputs.tf @@ -0,0 +1,8 @@ + +output "lb_ocid" { + value = ["${oci_load_balancer.lb.id}"] +} + +output "lb_public_ip" { + value = ["${oci_load_balancer.lb.ip_addresses}"] +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-lbaas-demo%variables.tf b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-lbaas-demo%variables.tf new file mode 100644 index 0000000..4d9fe70 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-lbaas-demo%variables.tf @@ -0,0 +1,119 @@ +variable "region" { +} + +variable "compartment_ocid" {} + +variable "backendset_name" { + default = "ormdemobackendset" +} + +variable "backendset_policy" { + description = "The load balancer policy for the backend set." + default = "ROUND_ROBIN" +} +variable "bootstrap_file" { + default = "./userdata/bootstrap" +} + +variable "instance_image_ocid" { + type = "map" + + default = { + // Oracle-provided image "Oracle-Linux-7.x" + // See https://docs.us-phoenix-1.oraclecloud.com/images/ + // https://docs.cloud.oracle.com/iaas/images/image/7d31cb1d-f31f-450c-95c4-0539776c3dcf/ + ca-toronto-1 = "ocid1.image.oc1.ca-toronto-1.aaaaaaaafozx4cw5fgcnptx6ukgdjjfzvjb2365chtzprratabynb573wria" + eu-frankfurt-1 = "ocid1.image.oc1.eu-frankfurt-1.aaaaaaaagbrvhganmn7awcr7plaaf5vhabmzhx763z5afiitswjwmzh7upna" + uk-london-1 = "ocid1.image.oc1.uk-london-1.aaaaaaaajwtut4l7fo3cvyraate6erdkyf2wdk5vpk6fp6ycng3dv2y3ymvq" + us-ashburn-1 = "ocid1.image.oc1.iad.aaaaaaaawufnve5jxze4xf7orejupw5iq3pms6cuadzjc7klojix6vmk42va" + us-phoenix-1 = "ocid1.image.oc1.phx.aaaaaaaadjnj3da72bztpxinmqpih62c2woscbp6l3wjn36by2cvmdhjub6a" + } +} + +variable "instance_shape" { + description = "The shape of the compute instance" + default = "VM.Standard2.1" +} + +variable "lb_shape" { + description = "The shape of the load balancer" + default = "100Mbps" +} + +variable "availability_domains" { + default = "3" +} + +variable "vcn_cidr" { + default = "10.0.0.0/16" +} +variable primary_lb_cidr { + default = "10.0.4.0/24" +} + +variable failover_lb_cidr { + default = "10.0.5.0/24" +} + +variable bs1_subnet_cidr { + description = "Private subnet for first backend set" + default = "10.0.1.0/24" +} + +variable bs2_subnet_cidr { + default = "10.0.2.0/24" +} + +variable "non_ssl_listener_port" { + description = "The communication port for the listener without ssl enabled." + default = "80" +} + + +variable "is_private" { + description = "To create a public or private load balancer." + default = false +} + +variable "hc_protocol" { + description = "The health chheecker protocol." + default = "HTTP" +} +variable "hc_port" { + description = "The backend server port against which to run the health check" + default = "80" +} + +variable "hc_interval_ms" { + description = "Specify how frequently to run the health check." + default = 30000 +} + +variable "hc_retries" { + description = "The number of retries to attempt before a backend server is considered unhealthy." + default = 3 +} + +variable "hc_return_code" { + description = "The status code a healthy backend server must return." + default = 200 +} + +variable "hc_timeout_in_millis" { + description = "The maximum time in milliseconds to wait for a reply to a health check." + default = 3000 +} + +variable "hc_response_body_regex" { + description = "A regular expression for parsing the response body from the backend server." + default = ".*" +} + +variable "hc_url_path" { + description = "A URL endpoint against which to run the health check." + default = "/" +} + +variable ssh_public_key { + default = "" +} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-oci-oke%cluster.tf b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-oci-oke%cluster.tf new file mode 100644 index 0000000..aab77bb --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-oci-oke%cluster.tf @@ -0,0 +1,27 @@ +// Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved. + +resource "oci_containerengine_cluster" "test_cluster" { + #Required + compartment_id = "${var.compartment_ocid}" + kubernetes_version = "${data.oci_containerengine_cluster_option.test_cluster_option.kubernetes_versions.1}" + name = "${var.cluster_name}" + vcn_id = "${oci_core_virtual_network.test_vcn.id}" + + #Optional + options { + service_lb_subnet_ids = ["${oci_core_subnet.lb_regional_subnet.id}"] + + #Optional + add_ons { + #Optional + is_kubernetes_dashboard_enabled = "${var.cluster_options_add_ons_is_kubernetes_dashboard_enabled}" + is_tiller_enabled = "${var.cluster_options_add_ons_is_tiller_enabled}" + } + + kubernetes_network_config { + #Optional + pods_cidr = "${var.cluster_options_kubernetes_network_config_pods_cidr}" + services_cidr = "${var.cluster_options_kubernetes_network_config_services_cidr}" + } + } +} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-oci-oke%datasources.tf b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-oci-oke%datasources.tf new file mode 100644 index 0000000..7357348 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-oci-oke%datasources.tf @@ -0,0 +1,44 @@ + +// Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved. + + +data "oci_identity_availability_domains" "test_availability_domains" { + compartment_id = "${var.compartment_ocid}" +} + +data "oci_containerengine_cluster_option" "test_cluster_option" { + cluster_option_id = "all" +} + +data "oci_containerengine_node_pool_option" "test_node_pool_option" { + node_pool_option_id = "all" +} + + +data "oci_core_services" "test_services" { + filter { + name = "name" + values = ["All .* Services In Oracle Services Network"] + regex = true + } +} + + +data "oci_identity_availability_domains" "ad_list" { + compartment_id = var.tenancy_ocid +} + +data "template_file" "ad_names" { + count = length(data.oci_identity_availability_domains.ad_list.availability_domains) + template = lookup(data.oci_identity_availability_domains.ad_list.availability_domains[count.index], "name") +} + + +data "oci_containerengine_cluster_kube_config" "test_cluster_kube_config" { + #Required + cluster_id = "${oci_containerengine_cluster.test_cluster.id}" + + #Optional + expiration = "${var.cluster_kube_config_expiration}" + token_version = "${var.cluster_kube_config_token_version}" +} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-oci-oke%kube_config.tf b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-oci-oke%kube_config.tf new file mode 100644 index 0000000..142abd1 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-oci-oke%kube_config.tf @@ -0,0 +1,6 @@ +// Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved. + +resource "local_file" "test_cluster_kube_config_file" { + content = "${data.oci_containerengine_cluster_kube_config.test_cluster_kube_config.content}" + filename = "${path.module}/test_cluster_kubeconfig" +} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-oci-oke%networking.tf b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-oci-oke%networking.tf new file mode 100644 index 0000000..c47d144 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-oci-oke%networking.tf @@ -0,0 +1,108 @@ + +// Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved. + +resource "oci_core_virtual_network" "test_vcn" { + cidr_block = "${var.vcn_cidr}" + compartment_id = "${var.compartment_ocid}" + display_name = "tfVcnForClusters" + dns_label = "${var.cluster_name}" +} + +resource "oci_core_internet_gateway" "test_ig" { + compartment_id = "${var.compartment_ocid}" + display_name = "tfClusterInternetGateway" + vcn_id = "${oci_core_virtual_network.test_vcn.id}" +} + + +resource "oci_core_nat_gateway" "test_nat_gateway" { + + + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_virtual_network.test_vcn.id}" + display_name = "tfNatGateway" + + count = "${(var.worker_mode == "private") ? 1 : 0}" + +} + +resource "oci_core_service_gateway" "test_service_gateway" { + + compartment_id = "${var.compartment_ocid}" + services { + service_id = "${lookup(data.oci_core_services.test_services.services[0], "id")}" + } + vcn_id = "${oci_core_virtual_network.test_vcn.id}" + display_name = "testServiceGateway" + + count = "${(var.worker_mode == "private") ? 1 : 0}" + + +} + +resource "oci_core_route_table" "test_route_table" { + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_virtual_network.test_vcn.id}" + display_name = "tfClustersRouteTable" + + route_rules { + destination = "0.0.0.0/0" + destination_type = "CIDR_BLOCK" + network_entity_id = "${oci_core_internet_gateway.test_ig.id}" + } +} + +resource "oci_core_route_table" "test_route_table_private" { + + + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_virtual_network.test_vcn.id}" + display_name = "tfWorkerPrivateRouteTable" + + + route_rules { + + destination = "0.0.0.0/0" + destination_type = "CIDR_BLOCK" + network_entity_id = "${oci_core_nat_gateway.test_nat_gateway[count.index].id}" + } + + route_rules { + destination = "${lookup(data.oci_core_services.test_services.services[0], "cidr_block")}" + destination_type = "SERVICE_CIDR_BLOCK" + network_entity_id = "${oci_core_service_gateway.test_service_gateway[count.index].id}" + } + + + count = "${(var.worker_mode == "private") ? 1 : 0}" + +} + +resource "oci_core_subnet" "lb_regional_subnet" { + #Required + cidr_block = "${var.lb_cidr}" + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_virtual_network.test_vcn.id}" + + # Provider code tries to maintain compatibility with old versions. + security_list_ids = ["${oci_core_security_list.lb_seclist.id}"] + display_name = "tflbRegionalSubNet" + route_table_id = "${oci_core_route_table.test_route_table.id}" + #Public subnet + prohibit_public_ip_on_vnic = false +} + + +resource "oci_core_subnet" "nodepool_regional_subnet" { + #Required + cidr_block = "${var.nodepools_cidr}" + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_virtual_network.test_vcn.id}" + + # Provider code tries to maintain compatibility with old versions. + security_list_ids = ["${var.worker_mode}" == "private" ? "${oci_core_security_list.workers_private_seclist[0].id}" : "${oci_core_security_list.workers_public_seclist[0].id}"] + display_name = "tfRegionalSubnetForNodePool" + route_table_id = var.worker_mode == "private" ? "${oci_core_route_table.test_route_table_private[0].id}" : "${oci_core_route_table.test_route_table.id}" + # private subnet + prohibit_public_ip_on_vnic = var.worker_mode == "private" ? true : false +} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-oci-oke%nodepools.tf b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-oci-oke%nodepools.tf new file mode 100644 index 0000000..874f544 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-oci-oke%nodepools.tf @@ -0,0 +1,36 @@ +// Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved. + +resource "oci_containerengine_node_pool" "test_node_pool" { + #Required + cluster_id = "${oci_containerengine_cluster.test_cluster.id}" + compartment_id = "${var.compartment_ocid}" + kubernetes_version = "${data.oci_containerengine_node_pool_option.test_node_pool_option.kubernetes_versions.1}" + name = "${var.node_pool_name}" + node_image_name = "${var.node_pool_node_image_name}" + node_shape = "${var.node_pool_node_shape}" + depends_on = ["oci_containerengine_cluster.test_cluster"] + + #Optional + initial_node_labels { + #Optional + key = "${var.node_pool_initial_node_labels_key}" + value = "${var.node_pool_initial_node_labels_value}" + } + + node_config_details { + + dynamic "placement_configs" { + iterator = ad_iterator + for_each = "${data.template_file.ad_names.*.rendered}" + content { + availability_domain = ad_iterator.value + subnet_id = "${oci_core_subnet.nodepool_regional_subnet.id}" + } + } + + # set number of nodes in the node pool + size = "${var.number_of_nodes}" + } + + ssh_public_key = "${var.node_pool_ssh_public_key}" +} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-oci-oke%output.tf b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-oci-oke%output.tf new file mode 100644 index 0000000..24823ef --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-oci-oke%output.tf @@ -0,0 +1,30 @@ +// Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved. + +output "cluster" { + value = { + id = "${oci_containerengine_cluster.test_cluster.id}" + kubernetes_version = "${oci_containerengine_cluster.test_cluster.kubernetes_version}" + name = "${oci_containerengine_cluster.test_cluster.name}" + } +} + +output "node_pool" { + value = { + id = "${oci_containerengine_node_pool.test_node_pool.id}" + kubernetes_version = "${oci_containerengine_node_pool.test_node_pool.kubernetes_version}" + name = "${oci_containerengine_node_pool.test_node_pool.name}" + subnet_ids = "${oci_containerengine_node_pool.test_node_pool.subnet_ids}" + } +} + +output "cluster_kubernetes_versions" { + value = ["${data.oci_containerengine_cluster_option.test_cluster_option.kubernetes_versions}"] +} + +output "node_pool_kubernetes_version" { + value = ["${data.oci_containerengine_node_pool_option.test_node_pool_option.kubernetes_versions}"] +} + +output "services" { + value = ["${data.oci_core_services.test_services.services}"] +} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-oci-oke%provider.tf b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-oci-oke%provider.tf new file mode 100644 index 0000000..d2f5e52 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-oci-oke%provider.tf @@ -0,0 +1,12 @@ + +// Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved. + +/* + * This example file shows how to configure the oci provider to target the a single region. + */ + + +provider "oci" { + version = ">= 3.45.0" + region = "${var.region}" +} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-oci-oke%security.tf b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-oci-oke%security.tf new file mode 100644 index 0000000..9d94428 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-oci-oke%security.tf @@ -0,0 +1,169 @@ +# Copyright 2017, 2018, 2019 Oracle Corporation and/or affiliates. All rights reserved. + +locals { + icmp_protocol = "1" + tcp_protocol = "6" + all_protocols = "all" + + anywhere = "0.0.0.0/0" + + ssh_port = "22" + + node_port_min = "30000" + node_port_max = "32767" +} + +# worker security private +resource "oci_core_security_list" "workers_private_seclist" { + count = "${(var.worker_mode == "private") ? 1 : 0}" + + compartment_id = "${var.compartment_ocid}" + display_name = "workers private security list" + vcn_id = "${oci_core_virtual_network.test_vcn.id}" + + egress_security_rules { + # intra-vcn + protocol = "${local.all_protocols}" + destination = "${oci_core_virtual_network.test_vcn.cidr_block}" + stateless = "true" + } + + egress_security_rules { + # intra-vcn + protocol = "${local.all_protocols}" + destination = "0.0.0.0/0" + stateless = "false" + } + + egress_security_rules { + + destination = "${lookup(data.oci_core_services.test_services.services[0], "cidr_block")}" + destination_type = "SERVICE_CIDR_BLOCK" + protocol = "all" + + } + + + ingress_security_rules { + # intra-vcn + protocol = "all" + source = "${oci_core_virtual_network.test_vcn.cidr_block}" + stateless = "true" + } + + ingress_security_rules { + # icmp + protocol = "${local.icmp_protocol}" + source = "${local.anywhere}" + stateless = "false" + } + + ingress_security_rules { + # rule 9 + protocol = "${local.tcp_protocol}" + source = "${local.anywhere}" + stateless = "false" + + tcp_options { + max = "${local.ssh_port}" + min = "${local.ssh_port}" + } + } + + ingress_security_rules { + # rule 10 + protocol = "${local.tcp_protocol}" + source = "${local.anywhere}" + stateless = "false" + + tcp_options { + max = "${local.node_port_max}" + min = "${local.node_port_min}" + } + } + +} + +# worker security public +resource "oci_core_security_list" "workers_public_seclist" { + + count = "${(var.worker_mode == "public") ? 1 : 0}" + + compartment_id = "${var.compartment_ocid}" + display_name = "workers public security list" + vcn_id = "${oci_core_virtual_network.test_vcn.id}" + + egress_security_rules { + # intra-vcn + protocol = "${local.all_protocols}" + destination = "${oci_core_virtual_network.test_vcn.cidr_block}" + stateless = "true" + } + + egress_security_rules { + # intra-vcn + protocol = "${local.all_protocols}" + destination = "0.0.0.0/0" + stateless = "false" + } + + + + ingress_security_rules { + # intra-vcn + protocol = "all" + source = "${oci_core_virtual_network.test_vcn.cidr_block}" + stateless = "true" + } + + ingress_security_rules { + # icmp + protocol = "${local.icmp_protocol}" + source = "${local.anywhere}" + stateless = "false" + } + + ingress_security_rules { + # rule 9 + protocol = "${local.tcp_protocol}" + source = "${local.anywhere}" + stateless = "false" + + tcp_options { + max = "${local.ssh_port}" + min = "${local.ssh_port}" + } + } + + ingress_security_rules { + # rule 10 + protocol = "${local.tcp_protocol}" + source = "${local.anywhere}" + stateless = "false" + + tcp_options { + max = "${local.node_port_max}" + min = "${local.node_port_min}" + } + } + +} + +# load balancer security checklist +resource "oci_core_security_list" "lb_seclist" { + compartment_id = "${var.compartment_ocid}" + display_name = "load balancer security list" + vcn_id = "${oci_core_virtual_network.test_vcn.id}" + + egress_security_rules { + protocol = "${local.all_protocols}" + destination = "${local.anywhere}" + stateless = "true" + } + + ingress_security_rules { + protocol = "${local.tcp_protocol}" + source = "${local.anywhere}" + stateless = "true" + } +} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-oci-oke%variables.tf b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-oci-oke%variables.tf new file mode 100644 index 0000000..0e38eea --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%DevOps%Resource_Manager%orm-oci-oke%variables.tf @@ -0,0 +1,104 @@ +// Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved. + +variable "tenancy_ocid" { + description = "INSERT YOUR TENANCY OCID HERE" + } + +variable "compartment_ocid" { + description = "INSERT YOUR COMPARTMENT OCID HERE" + +} + +variable "region" { + default = "us-ashburn-1" +} + +variable "cluster_name" { + default = "tfTestCluster" +} + + +variable "vcn_cidr" { + type = "string" + description = "cidr block of VCN" + default = "10.0.0.0/16" +} + +variable "cluster_options_add_ons_is_kubernetes_dashboard_enabled" { + default = true +} + +variable "cluster_options_add_ons_is_tiller_enabled" { + default = true +} + +variable "cluster_options_kubernetes_network_config_pods_cidr" { + description = "This is the CIDR range used for IP addresses by your pods. A /16 CIDR is generally sufficient. This CIDR should not overlap with any subnet range in the VCN (it can also be outside the VCN CIDR range)." + default = "10.244.0.0/16" +} + +variable "cluster_options_kubernetes_network_config_services_cidr" { + description = "This is the CIDR range used by exposed Kubernetes services (ClusterIPs). This CIDR should not overlap with the VCN CIDR range." + default = "10.96.0.0/16" +} + +variable "node_pool_initial_node_labels_key" { + default = "key" +} + +variable "node_pool_initial_node_labels_value" { + default = "value" +} + +variable "node_pool_name" { + default = "tfPool" +} + +variable "node_pool_node_image_name" { + default = "Oracle-Linux-7.6" +} + +variable "node_pool_node_shape" { + default = "VM.Standard2.1" +} + +variable "number_of_nodes" { + description = "Number of Worker Nodes in the Node pool" + default = 1 +} + +variable "node_pool_ssh_public_key" { + description = "INSERT YOUR SSH PUBLIC KEY USED TO SSH INTO WORKER NODES" +} + +variable "lb_cidr" { + type = "string" + description = "cidr block of lb" + default = "10.0.20.0/24" +} + +variable "nodepools_cidr" { + type = "string" + description = "cidr block of nodepools" + default = "10.0.10.0/24" +} + + +variable "worker_mode" { + description = "whether to provision public or private workers" + default = "private" +} + +variable "vcn_dns_label" { + type = "string" + default = "oke" +} + + +variable "cluster_kube_config_expiration" { + default = 2592000 +} + +variable "cluster_kube_config_token_version" { + default = "2.0.0" +} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%oci-library%L100-LAB%Load_Balancer%terraform%loadbalancer.tf b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%L100-LAB%Load_Balancer%terraform%loadbalancer.tf new file mode 100644 index 0000000..c456750 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%L100-LAB%Load_Balancer%terraform%loadbalancer.tf @@ -0,0 +1,52 @@ +resource "oci_load_balancer" "lb1" { + shape = "100Mbps" + compartment_id = "${var.compartment_ocid}" + + subnet_ids = [ + "${oci_core_subnet.tf_lb-subnet.id}", + ] + + display_name = "TF-LB-Web-Servers" + is_private = false +} + +resource "oci_load_balancer_backend_set" "lb-bes1" { + name = "lb-bes1" + load_balancer_id = "${oci_load_balancer.lb1.id}" + policy = "ROUND_ROBIN" + + health_checker { + port = "80" + protocol = "HTTP" + response_body_regex = ".*" + url_path = "/" + } +} + +resource "oci_load_balancer_backend" "lb-be" { + load_balancer_id = "${oci_load_balancer.lb1.id}" + backendset_name = "${oci_load_balancer_backend_set.lb-bes1.name}" + ip_address = "${oci_core_instance.TFInstance[count.index].private_ip}" + count = 2 + port = 80 + backup = false + drain = false + offline = false + weight = 1 +} + +resource "oci_load_balancer_listener" "lb-listener1" { + load_balancer_id = "${oci_load_balancer.lb1.id}" + name = "http" + default_backend_set_name = "${oci_load_balancer_backend_set.lb-bes1.name}" + port = 80 + protocol = "HTTP" + + connection_configuration { + idle_timeout_in_seconds = "2" + } +} + +output "lb_public_ip" { + value = ["${oci_load_balancer.lb1.ip_address_details}"] +} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%oci-library%L100-LAB%Load_Balancer%terraform%networking.tf b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%L100-LAB%Load_Balancer%terraform%networking.tf new file mode 100644 index 0000000..4cd5721 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%L100-LAB%Load_Balancer%terraform%networking.tf @@ -0,0 +1,193 @@ +terraform { + required_version = ">= 0.12" +} + +provider "oci" { + version = "~> 3.36" + tenancy_ocid = "${var.tenancy_ocid}" + user_ocid = "${var.user_ocid}" + fingerprint = "${var.fingerprint}" + private_key_path = "${var.private_key_path}" + region = "${var.region}" +} + +// This provider defines an alias and is targetable by resources by including `provider = "oci.iad"`. +provider "oci" { + region = "us-ashburn-1" + alias = "iad" + tenancy_ocid = "${var.tenancy_ocid}" + user_ocid = "${var.user_ocid}" + fingerprint = "${var.fingerprint}" + private_key_path = "${var.private_key_path}" +} + +resource "oci_core_vcn" "tf_vcn" { + #Required + cidr_block = "${var.vcn_cidr_block}" + compartment_id = "${var.compartment_ocid}" + + dns_label = "tfvcn" +} + +data "oci_core_security_lists" "tf_security_lists" { + #Required + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_vcn.tf_vcn.id}" + + #Optional + display_name = "${var.security_list_display_name}" + #state = "${var.security_list_state}" +} + +resource "oci_core_security_list" "LB-Security-List" { + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_vcn.tf_vcn.id}" + display_name = "LB-Security-List" + // allow outbound traffic on all ports for all protocols + egress_security_rules { + destination = "0.0.0.0/0" + protocol = "all" + } + + // allow inbound http traffic + ingress_security_rules { + protocol = "6" // tcp + source = "0.0.0.0/0" + stateless = false + + tcp_options { + // These values correspond to the destination port range. + min = 80 + max = 80 + } + } +} + +resource "oci_core_security_list" "Web-Security-List" { + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_vcn.tf_vcn.id}" + display_name = "Web-Security-List" + + + // allow outbound traffic on all ports for all protocols + egress_security_rules { + destination = "0.0.0.0/0" + protocol = "all" + } + + // allow inbound http traffic from the LB subnet + ingress_security_rules { + protocol = "6" // tcp + source = "10.0.1.0/24" + stateless = false + + tcp_options { + // These values correspond to the destination port range. + min = 80 + max = 80 + } + } + + // allow inbound ssh traffic + ingress_security_rules { + protocol = "6" // tcp + source = "0.0.0.0/0" + stateless = false + + tcp_options { + // These values correspond to the destination port range. + min = 22 + max = 22 + } + } + // allow inbound icmp traffic of a specific type + ingress_security_rules { + protocol = 1 + source = "0.0.0.0/0" + stateless = true + } + +} + +resource "oci_core_internet_gateway" "tf_IG" { + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_vcn.tf_vcn.id}" + display_name = "TF-Internet Gateway" +} + +resource "oci_core_route_table" "tf_routetable" { + # Required + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_vcn.tf_vcn.id}" + + display_name = "TF-Route Table" + + route_rules { + destination = "0.0.0.0/0" + destination_type = "CIDR_BLOCK" + network_entity_id = "${oci_core_internet_gateway.tf_IG.id}" + } +} + +resource "oci_core_subnet" "tf_lb-subnet" { + # Required + cidr_block = "10.0.1.0/24" + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_vcn.tf_vcn.id}" + + # Optional + display_name = "TF-LBSubnet" + dns_label = "lbsubnet" + security_list_ids = ["${oci_core_security_list.LB-Security-List.id}"] + route_table_id = "${oci_core_route_table.tf_routetable.id}" + #dhcp_options_id = "${oci_core_vcn.tf_vcn.default_dhcp_options_id}" +} + +resource "oci_core_subnet" "tf_web-subnet" { + # Required + cidr_block = "10.0.2.0/24" + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_vcn.tf_vcn.id}" + + # Optional + display_name = "TF-WebSubnet" + dns_label = "websubnet" + security_list_ids = ["${oci_core_security_list.Web-Security-List.id}"] + route_table_id = "${oci_core_route_table.tf_routetable.id}" + #dhcp_options_id = "${oci_core_vcn.tf_vcn.default_dhcp_options_id}" +} +/* # Get a list of Availability Domains */ +/* data "oci_identity_availability_domains" "ads" { */ +/* compartment_id = "${var.compartment_ocid}" */ +/* } */ + +data "oci_identity_availability_domains" "ad-phx" { + compartment_id = "${var.tenancy_ocid}" + + filter { + name = "name" + values = ["\\w*-AD-"] + regex = true + } +} + +data "oci_identity_availability_domains" "ad-iad" { + provider = "oci.iad" + compartment_id = "${var.tenancy_ocid}" + + filter { + name = "name" + values = ["\\w*-AD-"] + regex = true + } +} + +output "ad-phx" { + value = "${data.oci_identity_availability_domains.ad-phx.availability_domains}" +} + +output "ad-iad" { + value = "${data.oci_identity_availability_domains.ad-iad.availability_domains}" +} + + diff --git a/example/real_world_stuff/oracle/oracle%learning-library%oci-library%L100-LAB%Load_Balancer%terraform%vars.tf b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%L100-LAB%Load_Balancer%terraform%vars.tf new file mode 100644 index 0000000..6bca5fd --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%L100-LAB%Load_Balancer%terraform%vars.tf @@ -0,0 +1,14 @@ +variable "tenancy_ocid" {} +variable "compartment_ocid" {} +variable "user_ocid" {} +variable "fingerprint" {} +variable "private_key_path" {} +variable "region" {} + +variable "vcn_cidr_block" { + default = "10.0.0.0/16" +} + +variable "security_list_display_name" { + default = "LB-Security-List" +} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%oci-library%L100-LAB%Load_Balancer%terraform%webservers.tf b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%L100-LAB%Load_Balancer%terraform%webservers.tf new file mode 100644 index 0000000..13f914f --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%L100-LAB%Load_Balancer%terraform%webservers.tf @@ -0,0 +1,59 @@ +variable "ssh_public_key" {} +variable "ssh_private_key" {} + +# Defines the number of instances to deploy +variable "NumInstances" { + default = "2" +} + +variable "instance_shape" { + default = "VM.Standard1.1" +} + +variable "instance_image_ocid" { + type = "map" + + default = { + // See https://docs.us-phoenix-1.oraclecloud.com/images/ + // Oracle-provided image "Oracle-Linux-7.5-2018.10.16-0" + us-phoenix-1 = "ocid1.image.oc1.phx.aaaaaaaaoqj42sokaoh42l76wsyhn3k2beuntrh5maj3gmgmzeyr55zzrwwa" + + us-ashburn-1 = "ocid1.image.oc1.iad.aaaaaaaageeenzyuxgia726xur4ztaoxbxyjlxogdhreu3ngfj2gji3bayda" + } +} + +variable "BootStrapFile" { + default = "./userdata/bootstrap.sh" +} + +resource "oci_core_instance" "TFInstance" { + count = "${var.NumInstances}" + availability_domain = "${lookup(data.oci_identity_availability_domains.ad-phx.availability_domains[count.index+1], "name")}" + compartment_id = "${var.compartment_ocid}" + display_name = "TF-Web-Server-${count.index+1}" + shape = "${var.instance_shape}" + + create_vnic_details { + subnet_id = "${oci_core_subnet.tf_web-subnet.id}" + display_name = "primaryvnic" + assign_public_ip = true + hostname_label = "tfinstance${count.index+1}" + } + + source_details { + source_type = "image" + source_id = "${var.instance_image_ocid[var.region]}" + } + + metadata = { + ssh_authorized_keys = "${var.ssh_public_key}" + # If you want to initialize the instance with a shell script + user_data = "${base64encode(templatefile("${path.module}/userdata/bootstrap.sh", { instance = count.index+1}))}" + # If you want to initialize the instance with cloud-init + #user_data = "${base64encode(templatefile("${path.module}/userdata/cloud-config.yaml.tpl", { instance = count.index+1}))}" + } +} + +output "web-server-ips" { + value = "${oci_core_instance.TFInstance.*.public_ip}" +} diff --git a/example/real_world_stuff/oracle/oracle%learning-library%oci-library%L100-LAB%Terraform%environment.tf b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%L100-LAB%Terraform%environment.tf new file mode 100644 index 0000000..eab348f --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%learning-library%oci-library%L100-LAB%Terraform%environment.tf @@ -0,0 +1,420 @@ +## *** This terraform script creates a virtual cloud network with required +## *** resources of internet connectivity. +## *** It creates two linux webservers and installs webserver software. +## *** It opens necessary ports on the host and in security lists +## *** of virtual cloud network for the webserver. + + +variable "tenancy_ocid" { + type = string +} + +variable "user_ocid" { + type = string +} + +variable "fingerprint" { + type = string +} + +variable "private_key_path" { + type = string +} + +variable "region" { + type = string +} + +variable "region_name" { + type = string +} + +variable "ssh_private_key" { + type = string +} +variable "ssh_public_key" { + type = string +} + +variable compartment_ocid { + type = string +} + +variable backend_port { + type = number + default = 80 +} + +variable backend_set_lb_cookie_session_persistence_configuration_cookie_name { + type = string + default = "oci_webserver_cookie" +} + +provider oci { + version = ">= 3.60.0" + tenancy_ocid = var.tenancy_ocid + user_ocid = var.user_ocid + fingerprint = var.fingerprint + private_key_path = var.private_key_path + region = var.region +} + +data "oci_identity_availability_domains" "region_name" { + compartment_id = var.tenancy_ocid +} + +### Network Variables ##### + +variable "vcn_cidr_block" { + default = "10.0.0.0/16" +} + +variable "dns_label_vcn" { + default = "dnsvcn" +} + +variable "subnet_cidr_w1" { + default = "10.0.10.0/24" +} + +variable "subnet_cidr_w2" { + default = "10.0.20.0/24" +} + +variable "instance_shape" { + default = "VM.Standard2.1" +} + +variable "load_balancer_shape" { + default = "VM.Standard2.1" +} + +#### VCN ####### + +resource "oci_core_virtual_network" "vcn_w" { + cidr_block = var.vcn_cidr_block + compartment_id = var.compartment_ocid + display_name = "vcn_webserver" + dns_label = "vcn" + + provisioner "local-exec" { + command = "sleep 5" + } +} + +#### Internet Gateay ### + +resource "oci_core_internet_gateway" "igw" { + compartment_id = var.compartment_ocid + display_name = "igw" + vcn_id = oci_core_virtual_network.vcn_w.id +} + + +#### Route Table ##### + +resource "oci_core_route_table" "rt1" { + compartment_id = var.compartment_ocid + vcn_id = oci_core_virtual_network.vcn_w.id + display_name = "rt1" + + route_rules { + destination = "0.0.0.0/0" + network_entity_id = oci_core_internet_gateway.igw.id + } +} + + +##### Security Lists ###### + +resource "oci_core_security_list" "sl_w" { + display_name = "sl-loadbalancer" + compartment_id = var.compartment_ocid + vcn_id = oci_core_virtual_network.vcn_w.id + + egress_security_rules { + protocol = "all" + destination = "0.0.0.0/0" + } + + # Security Rules Protocol Codes + # 1 = ICMP + # 6 = TCP + # 17 = UDP + # 58 = ICMPv6 + + /* Open port 22 (for SSH) to all incomming traffic */ + ingress_security_rules { + tcp_options { + max = 22 + min = 22 + } + + protocol = "6" # TCP + source = "0.0.0.0/0" + } + + /* Open post 80 to all incomming TCP traffic */ + ingress_security_rules { + tcp_options { + max = 80 + min = 80 + } + + protocol = "6" # TCP + source = "0.0.0.0/0" + } + + /* Open port 443 to all incmming traffic */ + ingress_security_rules { + tcp_options { + max = 443 + min = 443 + } + + protocol = "6" # TCP + source = "0.0.0.0/0" + } + + ingress_security_rules { + icmp_options { + type = 0 # ECHO Reply + } + + protocol = 1 # ICMP + source = "0.0.0.0/0" + } + + ingress_security_rules { + icmp_options { + type = 3 # Destination Unreachable + code = 4 # Fragmentation Needed and Don't Fragment was set + } + + protocol = 1 # ICMP + source = "0.0.0.0/0" + } + ingress_security_rules { + icmp_options { + # ECHO + type = 8 + } + + protocol = 1 # ICMP + source = "0.0.0.0/0" + } +} + + +#### Subnet ####### + +resource "oci_core_subnet" "subnet1" { + availability_domain = lookup(data.oci_identity_availability_domains.region_name.availability_domains[0], "name") + cidr_block = var.subnet_cidr_w1 + display_name = "subnet1-AD1" + security_list_ids = [oci_core_security_list.sl_w.id] + compartment_id = var.compartment_ocid + vcn_id = oci_core_virtual_network.vcn_w.id + route_table_id = oci_core_route_table.rt1.id + dhcp_options_id = oci_core_virtual_network.vcn_w.default_dhcp_options_id + + provisioner "local-exec" { + command = "sleep 5" + } +} + +resource "oci_core_subnet" "subnet2" { + availability_domain = lookup(data.oci_identity_availability_domains.region_name.availability_domains[1], "name") + cidr_block = var.subnet_cidr_w2 + display_name = "subnet2-AD2" + security_list_ids = [oci_core_security_list.sl_w.id] + compartment_id = var.compartment_ocid + vcn_id = oci_core_virtual_network.vcn_w.id + route_table_id = oci_core_route_table.rt1.id + dhcp_options_id = oci_core_virtual_network.vcn_w.default_dhcp_options_id + + provisioner "local-exec" { + command = "sleep 5" + } +} + +/* Load Balancer */ +resource "oci_load_balancer_load_balancer" "webserver_load_balancer" { + #Required + compartment_id = var.compartment_ocid + + # Optional + display_name = "webserver_lb" + shape = "100Mbps" # Small + subnet_ids = [oci_core_subnet.subnet1.id, oci_core_subnet.subnet2.id] # var.load_balancer_subnet_ids + + #defined_tags = {"Operations.CostCenter"= "42"} + #freeform_tags = {"Department"= "Finance"} + ip_mode = "IPV4" + is_private = "false" + # network_security_group_ids = "${var.load_balancer_network_security_group_ids}" +} + +resource "oci_load_balancer_backend" "webserver_backend" { + #Required + backendset_name = "webserver_backend_set" + ip_address = "10.0.0.3" # var.backend_ip_address + load_balancer_id = oci_load_balancer_load_balancer.webserver_load_balancer.id + port = 80 + + #Optional + #backup = "${var.backend_backup}" + #drain = "${var.backend_drain}" + #offline = "${var.backend_offline}" + #weight = "${var.backend_weight}" +} + +resource "oci_load_balancer_backend_set" "webserver_backend_set" { + #Required + health_checker { + #Required + protocol = "HTTP" + + #Optional + interval_ms = 10000 + port = 80 + response_body_regex = "^((?!false).|\\s)*$" + retries = 3 + return_code = 200 + timeout_in_millis = 3000 + url_path = "/healthcheck" + } + load_balancer_id = oci_load_balancer_load_balancer.webserver_load_balancer.id + name = "webserver_backend_set" + policy = "LEAST_CONECTIONS" + + #Optional + lb_cookie_session_persistence_configuration { + + #Optional + cookie_name = var.backend_set_lb_cookie_session_persistence_configuration_cookie_name + disable_fallback = true + # domain = "${var.backend_set_lb_cookie_session_persistence_configuration_domain}" + is_http_only = false + is_secure = false + max_age_in_seconds = 3600 + path = "/lb" + } + session_persistence_configuration { + #Required + cookie_name = "sessionCookie" + + #Optional + # disable_fallback = "${var.backend_set_session_persistence_configuration_disable_fallback}" + } + # ssl_configuration { + # #Required + # certificate_name = "${oci_load_balancer_certificate.test_certificate.certificate_name}" + + # #Optional + # verify_depth = "${var.backend_set_ssl_configuration_verify_depth}" + # verify_peer_certificate = "${var.backend_set_ssl_configuration_verify_peer_certificate}" + # } +} + +/* Instances */ +resource "oci_core_instance" "Webserver-AD1" { + availability_domain = lookup(data.oci_identity_availability_domains.region_name.availability_domains[0], "name") + compartment_id = var.compartment_ocid + display_name = "Webserver-AD1" + shape = var.instance_shape + + create_vnic_details { + subnet_id = oci_core_subnet.subnet1.id + display_name = "primaryvnic" + assign_public_ip = true + } + + source_details { + source_type = "image" + source_id = "ocid1.image.oc1.iad.aaaaaaaaiu73xa6afjzskjwvt3j5shpmboxtlo7yw4xpeqpdz5czpde7px2a" + } + + # Configure the server via an SSH session. + metadata = { + ssh_authorized_keys = var.ssh_public_key + user_data = "${base64encode(var.user-data)}" + } + + timeouts { + create = "60m" + } +} + + +resource "oci_core_instance" "Webserver-AD2" { + availability_domain = lookup(data.oci_identity_availability_domains.region_name.availability_domains[1], "name") + compartment_id = var.compartment_ocid + display_name = "Webserver-AD2" + shape = var.instance_shape + + create_vnic_details { + subnet_id = oci_core_subnet.subnet2.id + display_name = "primaryvnic" + assign_public_ip = true + } + + source_details { + source_type = "image" + source_id = "ocid1.image.oc1.iad.aaaaaaaaiu73xa6afjzskjwvt3j5shpmboxtlo7yw4xpeqpdz5czpde7px2a" + } + + # Configure the server via and SSH session + metadata = { + ssh_authorized_keys = var.ssh_public_key + user_data = base64encode(var.user-data) + } + + timeouts { + create = "60m" + } +} + +/* + * This user-data is sent to each compute instance via an ssh + * session, is if a person were entering these commands + * through a secure shell session + */ +variable "user-data" { + default = <
' > /var/www/html/index.html
+each '' >> /var/www/html/index.html
+echo '
' >> /var/www/html/index.html
+hostname >> /var/www/html/index.html
+echo '
' >> /var/www/html/index.html
+echo '
' >> /var/www/html/index.html
+echo 'OOW2018' >> /var/www/html/index.html
+echo '
' >> /var/www/html/index.html +firewall-offline-cmd --add-service=http +systemctl enable firewalld +systemctl restart firewalld +touch ~opc/userdata.`date +%s`.finish +echo '################### webserver userdata ends #######################' +EOF +} + +output "Webserver-AD1" { + value = ["${oci_core_instance.Webserver-AD1.public_ip}"] +} + +output "Webserver-AD2" { + value = ["${oci_core_instance.Webserver-AD2.public_ip}"] +} + +output foobar { + value = ["Hello world"] +} diff --git a/example/real_world_stuff/oracle/oracle%microservices-datadriven%grabdish%terraform%availability_domain.tf b/example/real_world_stuff/oracle/oracle%microservices-datadriven%grabdish%terraform%availability_domain.tf new file mode 100644 index 0000000..d84e450 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%microservices-datadriven%grabdish%terraform%availability_domain.tf @@ -0,0 +1,14 @@ +data "oci_identity_availability_domain" "ad1" { + compartment_id = var.ociTenancyOcid + ad_number = 1 +} +/* +data "oci_identity_availability_domain" "ad2" { + compartment_id = var.ociTenancyOcid + ad_number = 2 +} +data "oci_identity_availability_domain" "ad3" { + compartment_id = var.ociTenancyOcid + ad_number = 3 +} +*/ \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%microservices-datadriven%grabdish%terraform%containerengine.tf b/example/real_world_stuff/oracle/oracle%microservices-datadriven%grabdish%terraform%containerengine.tf new file mode 100644 index 0000000..1d15aec --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%microservices-datadriven%grabdish%terraform%containerengine.tf @@ -0,0 +1,110 @@ +resource "oci_containerengine_cluster" "okell_cluster" { + #Required + compartment_id = var.ociCompartmentOcid + endpoint_config { + is_public_ip_enabled = "true" + nsg_ids = [ + ] + subnet_id = oci_core_subnet.endpoint_Subnet.id + } + kubernetes_version = "v1.19.7" + name = "grabdish" + vcn_id = oci_core_vcn.okell_vcn.id + #Optional + options { + service_lb_subnet_ids = [oci_core_subnet.svclb_Subnet.id] + #Optional + add_ons { + #Optional + is_kubernetes_dashboard_enabled = "false" + is_tiller_enabled = "false" + } + admission_controller_options { + #Optional + is_pod_security_policy_enabled = "false" + } + kubernetes_network_config { + #Optional + pods_cidr = "10.244.0.0/16" + services_cidr = "10.96.0.0/16" + } + } +} +resource "oci_containerengine_node_pool" "okell_node_pool" { + #Required + cluster_id = oci_containerengine_cluster.okell_cluster.id + compartment_id = var.ociCompartmentOcid + kubernetes_version = "v1.19.7" + name = "Pool" +# node_shape="VM.Standard2.4" +# node_shape = "VM.Standard.B2.1" + node_shape = "VM.Standard.E2.1" +# node_shape = "VM.Standard2.2" + #subnet_ids = [oci_core_subnet.nodePool_Subnet_1.id] + #Optional + node_config_details { + placement_configs { + availability_domain = data.oci_identity_availability_domain.ad1.name + subnet_id = oci_core_subnet.nodePool_Subnet.id + } +/* placement_configs { + availability_domain = data.oci_identity_availability_domain.ad2.name + subnet_id = oci_core_subnet.nodePool_Subnet.id + } + placement_configs { + availability_domain = data.oci_identity_availability_domain.ad3.name + subnet_id = oci_core_subnet.nodePool_Subnet.id + } +*/ + size = "3" + } + node_source_details { + #Required + image_id = local.oracle_linux_images.0 # Latest + source_type = "IMAGE" + #Optional + #boot_volume_size_in_gbs = "60" + } + //quantity_per_subnet = 1 + //ssh_public_key = var.node_pool_ssh_public_key + //ssh_public_key = var.resUserPublicKey +} +data "oci_containerengine_cluster_option" "okell_cluster_option" { + cluster_option_id = "all" +} +data "oci_containerengine_node_pool_option" "okell_node_pool_option" { + node_pool_option_id = "all" +} +locals { + all_sources = data.oci_containerengine_node_pool_option.okell_node_pool_option.sources + oracle_linux_images = [for source in local.all_sources : source.image_id if length(regexall("Oracle-Linux-[0-9]*.[0-9]*-20[0-9]*",source.source_name)) > 0] +} +/* +output "cluster_kubernetes_versions" { + value = [data.oci_containerengine_cluster_option.okell_cluster_option.kubernetes_versions] +} +output "node_pool_kubernetes_version" { + value = [data.oci_containerengine_node_pool_option.okell_node_pool_option.kubernetes_versions] +} +data "oci_containerengine_cluster_kube_config" "okell_cluster_kube_config" { + #Required + cluster_id = oci_containerengine_cluster.okell_cluster.id + #Optional + token_version = "2.0.0" +} +resource "local_file" "okell_cluster_kube_config_file" { + content = data.oci_containerengine_cluster_kube_config.okell_cluster_kube_config.content + filename = "${path.module}/okell_cluster_kubeconfig" +} +variable "InstanceImageOCID" { + type = map(string) + default = { + // See https://docs.us-phoenix-1.oraclecloud.com/images/ + // Oracle-provided image "Oracle-Linux-7.5-2018.10.16-0" + us-phoenix-1 = "ocid1.image.oc1.phx.aaaaaaaadjnj3da72bztpxinmqpih62c2woscbp6l3wjn36by2cvmdhjub6a" + us-ashburn-1 = "ocid1.image.oc1.iad.aaaaaaaawufnve5jxze4xf7orejupw5iq3pms6cuadzjc7klojix6vmk42va" + eu-frankfurt-1 = "ocid1.image.oc1.eu-frankfurt-1.aaaaaaaagbrvhganmn7awcr7plaaf5vhabmzhx763z5afiitswjwmzh7upna" + uk-london-1 = "ocid1.image.oc1.uk-london-1.aaaaaaaajwtut4l7fo3cvyraate6erdkyf2wdk5vpk6fp6ycng3dv2y3ymvq" + } +} +*/ \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%microservices-datadriven%grabdish%terraform%core.tf b/example/real_world_stuff/oracle/oracle%microservices-datadriven%grabdish%terraform%core.tf new file mode 100644 index 0000000..43b939e --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%microservices-datadriven%grabdish%terraform%core.tf @@ -0,0 +1,455 @@ +resource "oci_core_vcn" "okell_vcn" { + cidr_block = "10.0.0.0/16" + compartment_id = var.ociCompartmentOcid + display_name = "grabdish" + dns_label = "grabdish" +} +resource "oci_core_internet_gateway" "ig" { + compartment_id = var.ociCompartmentOcid + display_name = "ClusterInternetGateway" + vcn_id = oci_core_vcn.okell_vcn.id +} +/*resource "oci_core_dhcp_options" "grabdish" { + #Required + compartment_id = var.ociCompartmentOcid + options { + type = "DomainNameServer" + server_type = "VcnLocalPlusInternet" + } + + options { + type = "SearchDomain" + search_domain_names = [ "grabdish.oraclevcn.com" ] + } + + vcn_id = oci_core_vcn.okell_vcn.id +} +*/ +/* +resource oci_core_private_ip prip { + display_name = "Service VNIC for cluster" + freeform_tags = { + } + hostname_label = "host-10-0-0-2" + ip_address = "10.0.0.2" + #vlan_id = <> + #vnic_id = oci_core_public_ip.puip.id +} +data "oci_core_vnic_attachments" "vnic_attachments" { + #Required + compartment_id = var.ociCompartmentOcid + + #Optional + availability_domain = data.oci_identity_availability_domain.ad1.name + #instance_id = oci_core_instance.test_instance.id + #vnic_id = oci_core_vnic.test_vnic.id +} +resource oci_core_public_ip puip { + compartment_id = var.ociCompartmentOcid + display_name = "Floating Public IP for cluster" + freeform_tags = { + } + lifetime = "RESERVED" + private_ip_id = oci_core_private_ip.prip.id + #public_ip_pool_id = <> +} +*/ +resource oci_core_nat_gateway ngw { + block_traffic = "false" + compartment_id = var.ociCompartmentOcid + display_name = "ngw" + freeform_tags = { + } + #public_ip_id = oci_core_public_ip.puip.id + vcn_id = oci_core_vcn.okell_vcn.id +} +resource oci_core_service_gateway sg { + compartment_id = var.ociCompartmentOcid + display_name = "grabdish" + freeform_tags = { + } + #route_table_id = <> + services { + service_id = data.oci_core_services.services.services.0.id + } + vcn_id = oci_core_vcn.okell_vcn.id +} +resource oci_core_route_table private { + compartment_id = var.ociCompartmentOcid + display_name = "private" + freeform_tags = { + } + route_rules { + description = "traffic to the internet" + destination = "0.0.0.0/0" + destination_type = "CIDR_BLOCK" + network_entity_id = oci_core_nat_gateway.ngw.id + } + route_rules { + description = "traffic to OCI services" + destination = data.oci_core_services.services.services.0.cidr_block + destination_type = "SERVICE_CIDR_BLOCK" + network_entity_id = oci_core_service_gateway.sg.id + } + /* + route_rules { + description = "traffic to OCI services" + destination = data.oci_core_services.services.services.1.cidr_block + destination_type = "SERVICE_CIDR_BLOCK" + network_entity_id = oci_core_service_gateway.sg.id + } + */ + vcn_id = oci_core_vcn.okell_vcn.id +} +resource oci_core_default_route_table public { + display_name = "public" + freeform_tags = { + } + manage_default_resource_id = oci_core_vcn.okell_vcn.default_route_table_id + route_rules { + description = "traffic to/from internet" + destination = "0.0.0.0/0" + destination_type = "CIDR_BLOCK" + network_entity_id = oci_core_internet_gateway.ig.id + } +} +resource "oci_core_subnet" "endpoint_Subnet" { + #Required + #availability_domain = data.oci_identity_availability_domain.ad1.name + cidr_block = "10.0.0.0/28" + compartment_id = var.ociCompartmentOcid + vcn_id = oci_core_vcn.okell_vcn.id + # Provider code tries to maintain compatibility with old versions. + security_list_ids = [oci_core_security_list.endpoint.id] + display_name = "SubNet1ForEndpoint" + prohibit_public_ip_on_vnic = "false" + route_table_id = oci_core_vcn.okell_vcn.default_route_table_id + dns_label = "endpoint" +} +resource "oci_core_subnet" "nodePool_Subnet" { + #Required + #availability_domain = data.oci_identity_availability_domain.ad1.name + cidr_block = "10.0.10.0/24" + compartment_id = var.ociCompartmentOcid + vcn_id = oci_core_vcn.okell_vcn.id + # Provider code tries to maintain compatibility with old versions. + security_list_ids = [oci_core_security_list.nodePool.id] + display_name = "SubNet1ForNodePool" + prohibit_public_ip_on_vnic = "true" + route_table_id = oci_core_route_table.private.id + dns_label = "nodepool" +} +resource "oci_core_subnet" "svclb_Subnet" { + #Required + #availability_domain = data.oci_identity_availability_domain.ad1.name + cidr_block = "10.0.20.0/24" + compartment_id = var.ociCompartmentOcid + vcn_id = oci_core_vcn.okell_vcn.id + # Provider code tries to maintain compatibility with old versions. + security_list_ids = [oci_core_default_security_list.svcLB.id] + display_name = "SubNet1ForSvcLB" + route_table_id = oci_core_vcn.okell_vcn.default_route_table_id + dhcp_options_id = oci_core_vcn.okell_vcn.default_dhcp_options_id + prohibit_public_ip_on_vnic = "false" + dns_label = "svclb" +} +resource oci_core_security_list nodePool { + compartment_id = var.ociCompartmentOcid + display_name = "nodepool" + egress_security_rules { + description = "Allow pods on one worker node to communicate with pods on other worker nodes" + destination = "10.0.10.0/24" + destination_type = "CIDR_BLOCK" + #icmp_options = <> + protocol = "all" + stateless = "false" + #tcp_options = <> + #udp_options = <> + } + egress_security_rules { + description = "Access to Kubernetes API Endpoint" + destination = "10.0.0.0/28" + destination_type = "CIDR_BLOCK" + #icmp_options = <> + protocol = "6" + stateless = "false" + tcp_options { + max = "6443" + min = "6443" + #source_port_range = <> + } + #udp_options = <> + } + egress_security_rules { + description = "Kubernetes worker to control plane communication" + destination = "10.0.0.0/28" + destination_type = "CIDR_BLOCK" + #icmp_options = <> + protocol = "6" + stateless = "false" + tcp_options { + max = "12250" + min = "12250" + #source_port_range = <> + } + #udp_options = <> + } + egress_security_rules { + description = "Path discovery" + destination = "10.0.0.0/28" + destination_type = "CIDR_BLOCK" + icmp_options { + code = "4" + type = "3" + } + protocol = "1" + stateless = "false" + #tcp_options = <> + #udp_options = <> + } + egress_security_rules { + description = "Allow nodes to communicate with OKE to ensure correct start-up and continued functioning (0)" + destination = data.oci_core_services.services.services.0.cidr_block + destination_type = "SERVICE_CIDR_BLOCK" + #icmp_options = <> + protocol = "6" + stateless = "false" + tcp_options { + max = "443" + min = "443" + #source_port_range = <> + } + #udp_options = <> + } +/* + egress_security_rules { + description = "Allow nodes to communicate with OKE to ensure correct start-up and continued functioning (1)" + destination = data.oci_core_services.services.services.1.cidr_block + destination_type = "SERVICE_CIDR_BLOCK" + #icmp_options = <> + protocol = "6" + stateless = "false" + tcp_options { + max = "443" + min = "443" + #source_port_range = <> + } + #udp_options = <> + } +*/ + egress_security_rules { + description = "ICMP Access from Kubernetes Control Plane" + destination = "0.0.0.0/0" + destination_type = "CIDR_BLOCK" + icmp_options { + code = "4" + type = "3" + } + protocol = "1" + stateless = "false" + #tcp_options = <> + #udp_options = <> + } + egress_security_rules { + description = "Worker Nodes access to Internet" + destination = "0.0.0.0/0" + destination_type = "CIDR_BLOCK" + #icmp_options = <> + protocol = "all" + stateless = "false" + #tcp_options = <> + #udp_options = <> + } + freeform_tags = { + } + ingress_security_rules { + description = "Allow pods on one worker node to communicate with pods on other worker nodes" + #icmp_options = <> + protocol = "all" + source = "10.0.10.0/24" + source_type = "CIDR_BLOCK" + stateless = "false" + #tcp_options = <> + #udp_options = <> + } + ingress_security_rules { + description = "Path discovery" + icmp_options { + code = "4" + type = "3" + } + protocol = "1" + source = "10.0.0.0/28" + source_type = "CIDR_BLOCK" + stateless = "false" + #tcp_options = <> + #udp_options = <> + } + ingress_security_rules { + description = "TCP access from Kubernetes Control Plane" + #icmp_options = <> + protocol = "6" + source = "10.0.0.0/28" + source_type = "CIDR_BLOCK" + stateless = "false" + #tcp_options = <> + #udp_options = <> + } + ingress_security_rules { + description = "Inbound SSH traffic to worker nodes" + #icmp_options = <> + protocol = "6" + source = "0.0.0.0/0" + source_type = "CIDR_BLOCK" + stateless = "false" + tcp_options { + max = "22" + min = "22" + #source_port_range = <> + } + #udp_options = <> + } +/* + ingress_security_rules { + #description = <> + #icmp_options = <> + protocol = "6" + source = "10.0.20.0/24" + source_type = "CIDR_BLOCK" + stateless = "false" + tcp_options { + max = "31750" + min = "31750" + #source_port_range = <> + } + #udp_options = <> + } + ingress_security_rules { + #description = <> + #icmp_options = <> + protocol = "6" + source = "10.0.20.0/24" + source_type = "CIDR_BLOCK" + stateless = "false" + tcp_options { + max = "10256" + min = "10256" + #source_port_range = <> + } + #udp_options = <> + } +*/ + vcn_id = oci_core_vcn.okell_vcn.id +} + +resource oci_core_security_list endpoint { + compartment_id = var.ociCompartmentOcid + display_name = "endpoint" + egress_security_rules { + description = "Allow Kubernetes Control Plane to communicate with OKE" + destination = data.oci_core_services.services.services.0.cidr_block + destination_type = "SERVICE_CIDR_BLOCK" + #icmp_options = <> + protocol = "6" + stateless = "false" + tcp_options { + max = "443" + min = "443" + #source_port_range = <> + } + #udp_options = <> + } + egress_security_rules { + description = "All traffic to worker nodes" + destination = "10.0.10.0/24" + destination_type = "CIDR_BLOCK" + #icmp_options = <> + protocol = "6" + stateless = "false" + #tcp_options = <> + #udp_options = <> + } + egress_security_rules { + description = "Path discovery" + destination = "10.0.10.0/24" + destination_type = "CIDR_BLOCK" + icmp_options { + code = "4" + type = "3" + } + protocol = "1" + stateless = "false" + #tcp_options = <> + #udp_options = <> + } + freeform_tags = { + } + ingress_security_rules { + description = "External access to Kubernetes API endpoint" + #icmp_options = <> + protocol = "6" + source = "0.0.0.0/0" + source_type = "CIDR_BLOCK" + stateless = "false" + tcp_options { + max = "6443" + min = "6443" + #source_port_range = <> + } + #udp_options = <> + } + ingress_security_rules { + description = "Kubernetes worker to Kubernetes API endpoint communication" + #icmp_options = <> + protocol = "6" + source = "10.0.10.0/24" + source_type = "CIDR_BLOCK" + stateless = "false" + tcp_options { + max = "6443" + min = "6443" + #source_port_range = <> + } + #udp_options = <> + } + ingress_security_rules { + description = "Kubernetes worker to control plane communication" + #icmp_options = <> + protocol = "6" + source = "10.0.10.0/24" + source_type = "CIDR_BLOCK" + stateless = "false" + tcp_options { + max = "12250" + min = "12250" + #source_port_range = <> + } + #udp_options = <> + } + ingress_security_rules { + description = "Path discovery" + icmp_options { + code = "4" + type = "3" + } + protocol = "1" + source = "10.0.10.0/24" + source_type = "CIDR_BLOCK" + stateless = "false" + #tcp_options = <> + #udp_options = <> + } + vcn_id = oci_core_vcn.okell_vcn.id +} + +resource oci_core_default_security_list svcLB { + display_name = "svcLB" + manage_default_resource_id = oci_core_vcn.okell_vcn.default_security_list_id +} +data "oci_core_services" "services" { + filter { + name = "name" + values = ["All .* Services In Oracle Services Network"] + regex = true + } +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%microservices-datadriven%grabdish%terraform%database.tf b/example/real_world_stuff/oracle/oracle%microservices-datadriven%grabdish%terraform%database.tf new file mode 100644 index 0000000..d91e051 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%microservices-datadriven%grabdish%terraform%database.tf @@ -0,0 +1,74 @@ +//================= create ATP Instance ======================================= +variable "autonomous_database_db_workload" { default = "OLTP" } +variable "autonomous_database_defined_tags_value" { default = "value" } +variable "autonomous_database_license_model" { default = "BRING_YOUR_OWN_LICENSE" } +variable "autonomous_database_is_dedicated" { default = false } +resource "random_string" "autonomous_database_wallet_password" { + length = 16 + special = true +} +resource "random_password" "database_admin_password" { + length = 12 + upper = true + lower = true + number = true + special = false + min_lower = "1" + min_upper = "1" + min_numeric = "1" +} +resource "oci_database_autonomous_database" "autonomous_database_atp" { + #Required + admin_password = random_password.database_admin_password.result + compartment_id = var.ociCompartmentOcid + cpu_core_count = "1" + data_storage_size_in_tbs = "1" + db_name = var.orderDbName + # is_free_tier = true , if there exists sufficient service limit + is_free_tier = false + #Optional #db_workload = "${var.autonomous_database_db_workload}" + db_workload = var.autonomous_database_db_workload + display_name ="ORDERDB" + is_auto_scaling_enabled = "false" + is_preview_version_with_service_terms_accepted = "false" +} +resource "oci_database_autonomous_database" "autonomous_database_atp2" { + #Required + admin_password = random_password.database_admin_password.result + compartment_id = var.ociCompartmentOcid + cpu_core_count = "1" + data_storage_size_in_tbs = "1" + db_name = var.inventoryDbName + is_free_tier = false + db_workload = var.autonomous_database_db_workload + // Autonomous Database name cannot be longer than 14 characters. + display_name = "INVENTORYDB" + is_auto_scaling_enabled = "false" + is_preview_version_with_service_terms_accepted = "false" +} +data "oci_database_autonomous_databases" "autonomous_databases_atp" { + #Required + compartment_id = var.ociCompartmentOcid + #Optional + display_name = "ORDERDB" + db_workload = var.autonomous_database_db_workload +} +data "oci_database_autonomous_databases" "autonomous_databases_atp2" { + #Required + compartment_id = var.ociCompartmentOcid + #Optional + display_name = "INVENTORYDB" + db_workload = var.autonomous_database_db_workload +} +//======= Name space details ------------------------------------------------------ +data "oci_objectstorage_namespace" "test_namespace" { + #Optional + compartment_id = var.ociCompartmentOcid +} +//========= Outputs =========================== +output "ns_objectstorage_namespace" { + value = [ data.oci_objectstorage_namespace.test_namespace.namespace ] +} +output "autonomous_database_admin_password" { + value = [ "Welcome12345" ] +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%microservices-datadriven%grabdish%terraform%main_var.tf b/example/real_world_stuff/oracle/oracle%microservices-datadriven%grabdish%terraform%main_var.tf new file mode 100644 index 0000000..daea094 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%microservices-datadriven%grabdish%terraform%main_var.tf @@ -0,0 +1,9 @@ +//Copyright (c) 2021 Oracle and/or its affiliates. +//Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. +variable "ociTenancyOcid" {} +variable "ociUserOcid" {} +variable "ociCompartmentOcid" {} +variable "ociRegionIdentifier" {} +variable "runName" {} +variable "orderDbName" {} +variable "inventoryDbName" {} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%microservices-datadriven%grabdish%terraform%provider.tf b/example/real_world_stuff/oracle/oracle%microservices-datadriven%grabdish%terraform%provider.tf new file mode 100644 index 0000000..57ea31b --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%microservices-datadriven%grabdish%terraform%provider.tf @@ -0,0 +1,3 @@ +provider "oci" { + region = var.ociRegionIdentifier +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%microservices-datadriven%grabdish%terraform%repos.tf b/example/real_world_stuff/oracle/oracle%microservices-datadriven%grabdish%terraform%repos.tf new file mode 100644 index 0000000..c5d1fad --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%microservices-datadriven%grabdish%terraform%repos.tf @@ -0,0 +1,51 @@ +//------- Create repos End ------------------------------------------ +/* +resource "oci_artifacts_container_repository" "frontend_helidon_container_repository" { + #Required + compartment_id = "${var.ociCompartmentOcid}" + display_name = "${var.runName}/frontend-helidon" + is_public = true +} +resource "oci_artifacts_container_repository" "helidonatp_container_repository" { + #Required + compartment_id = "${var.ociCompartmentOcid}" + display_name = "${var.runName}/admin-helidon" + is_public = true +} +resource "oci_artifacts_container_repository" "order-helidon_container_repository" { + #Required + compartment_id = "${var.ociCompartmentOcid}" + display_name = "${var.runName}/order-helidon" + is_public = true +} +resource "oci_artifacts_container_repository" "supplier-helidon-se_container_repository" { + #Required + compartment_id = "${var.ociCompartmentOcid}" + display_name = "${var.runName}/supplier-helidon-se" + is_public = true +} +resource "oci_artifacts_container_repository" "inventory-helidon_container_repository" { + #Required + compartment_id = "${var.ociCompartmentOcid}" + display_name = "${var.runName}/inventory-helidon" + is_public = true +} +resource "oci_artifacts_container_repository" "inventory-python_container_repository" { + #Required + compartment_id = "${var.ociCompartmentOcid}" + display_name = "${var.runName}/inventory-python" + is_public = true +} +resource "oci_artifacts_container_repository" "nodejs_container_repository" { + #Required + compartment_id = "${var.ociCompartmentOcid}" + display_name = "${var.runName}/inventory-nodejs" + is_public = true +} +resource "oci_artifacts_container_repository" "inventory-helidon-se_container_repository" { + #Required + compartment_id = "${var.ociCompartmentOcid}" + display_name = "${var.runName}/inventory-helidon-se" + is_public = true +} +*/ \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%oci-flexvolume-driver%test%integration%terraform%common.tf b/example/real_world_stuff/oracle/oracle%oci-flexvolume-driver%test%integration%terraform%common.tf new file mode 100644 index 0000000..45058ee --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%oci-flexvolume-driver%test%integration%terraform%common.tf @@ -0,0 +1,50 @@ +// Common OCI stuff +variable "tenancy_ocid" { + default = "ocid1.tenancy.oc1..aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +} + +variable "user_ocid" { + default = "ocid1.user.oc1..aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +} + +variable "fingerprint" { + default = "aa:bb:cc:dd:ee:ff:gg:hh:ii:jj:kk:ll:mm:nn:oo:pp" +} + +variable "private_key_path" { + default = "_tmp/oci_api_key.pem" +} + +variable "compartment_ocid" { + default = "ocid1.compartment.oc1..aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +} + +variable "availability_domain" { + default = "NWuj:PHX-AD-2" +} + +variable "region" { + default = "us-phoenix-1" +} + +variable "test_id" {} + +provider "oci" { + tenancy_ocid = "${var.tenancy_ocid}" + user_ocid = "${var.user_ocid}" + fingerprint = "${var.fingerprint}" + private_key_path = "${var.private_key_path}" + region = "${var.region}" +} + +provider "null" { + version = "~> 1.0" +} + +provider "template" { + version = "~> 1.0" +} + +output "test_id" { + value = "${var.test_id}" +} diff --git a/example/real_world_stuff/oracle/oracle%oci-flexvolume-driver%test%integration%terraform%instance.tf b/example/real_world_stuff/oracle/oracle%oci-flexvolume-driver%test%integration%terraform%instance.tf new file mode 100644 index 0000000..15b1a67 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%oci-flexvolume-driver%test%integration%terraform%instance.tf @@ -0,0 +1,99 @@ +variable "ssh_public_key" { + default = "" +} + +variable "ssh_private_key" { + default = "" +} + +variable "vcn" { + default = "" +} + +variable subnet_ocid { + default = "ocid1.subnet.oc1.phx.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +} + +# Gets the OCID of the OS image to use +data "oci_core_images" "os_image_ocid" { + compartment_id = "${var.compartment_ocid}" + display_name = "Oracle-Linux-7.5-2018.08.14-0" +} + +resource "oci_core_instance" "instance" { + availability_domain = "${var.availability_domain}" + compartment_id = "${var.compartment_ocid}" + display_name = "${var.test_id}" + image = "${lookup(data.oci_core_images.os_image_ocid.images[0], "id")}" + shape = "VM.Standard1.1" + subnet_id = "${var.subnet_ocid}" + + metadata { + ssh_authorized_keys = "${var.ssh_public_key}" + } + + timeouts { + create = "60m" + } +} + +data "oci_core_vnic_attachments" "instance_vnics" { + compartment_id = "${var.compartment_ocid}" + availability_domain = "${var.availability_domain}" + instance_id = "${oci_core_instance.instance.id}" +} + +# Gets the OCID of the first (default) vNIC +data "oci_core_vnic" "instance_vnic" { + vnic_id = "${lookup(data.oci_core_vnic_attachments.instance_vnics.vnic_attachments[0], "vnic_id")}" +} + +data "template_file" "driver_config" { + template = "${file("${path.module}/config.yaml.tpl")}" + + vars { + key = "${ indent(4, file("${path.module}/_tmp/oci_api_key.pem")) }" + vcn = "${var.vcn}" + } +} + +resource null_resource "instance" { + depends_on = [ + "data.oci_core_vnic.instance_vnic", + ] + + triggers { + instance_id = "${oci_core_instance.instance.id}" + } + + connection { + type = "ssh" + host = "${data.oci_core_vnic.instance_vnic.public_ip_address}" + user = "opc" + private_key = "${var.ssh_private_key}" + } + + provisioner "file" "test_binary" { + source = "../../../dist/bin/integration-tests" + destination = "/home/opc/integration-tests" + } + + provisioner "file" "driver_config" { + content = "${data.template_file.driver_config.rendered}" + destination = "/home/opc/config.yaml" + } + + provisioner "remote-exec" "run_tests" { + inline = [ + "chmod +x /home/opc/integration-tests", + ] + } +} + +output "instance_public_ip" { + value = "${data.oci_core_vnic.instance_vnic.public_ip_address}" +} + +output "instance_ocid" { + value = "${oci_core_instance.instance.id}" +} diff --git a/example/real_world_stuff/oracle/oracle%oci-flexvolume-driver%test%integration%terraform%volume.tf b/example/real_world_stuff/oracle/oracle%oci-flexvolume-driver%test%integration%terraform%volume.tf new file mode 100644 index 0000000..f847215 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%oci-flexvolume-driver%test%integration%terraform%volume.tf @@ -0,0 +1,10 @@ +resource "oci_core_volume" "test_volume" { + availability_domain = "${var.availability_domain}" + compartment_id = "${var.compartment_ocid}" + display_name = "${var.test_id}" + size_in_gbs = "50" +} + +output "volume_ocid" { + value = "${oci_core_volume.test_volume.id}" +} diff --git a/example/real_world_stuff/oracle/oracle%oci-flexvolume-driver%test%system%terraform%volume.tf b/example/real_world_stuff/oracle/oracle%oci-flexvolume-driver%test%system%terraform%volume.tf new file mode 100644 index 0000000..c3574ea --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%oci-flexvolume-driver%test%system%terraform%volume.tf @@ -0,0 +1,48 @@ +variable "tenancy_ocid" { + default = "ocid1.tenancy.oc1..aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +} + +variable "user_ocid" { + default = "ocid1.user.oc1..aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +} + +variable "fingerprint" { + default = "aa:bb:cc:dd:ee:ff:gg:hh:ii:jj:kk:ll:mm:nn:oo:pp" +} + +variable "private_key_path" { + default = "/tmp/oci_api_key.pem" +} + +variable "compartment_ocid" { + default = "ocid1.compartment.oc1..aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +} + +variable "availability_domain" { + default = "NWuj:PHX-AD-2" +} + +variable "region" { + default = "us-phoenix-1" +} + +variable "test_id" {} + +provider "oci" { + tenancy_ocid = "${var.tenancy_ocid}" + user_ocid = "${var.user_ocid}" + fingerprint = "${var.fingerprint}" + private_key_path = "${var.private_key_path}" + region = "${var.region}" +} + +resource "oci_core_volume" "test_volume" { + availability_domain = "${var.availability_domain}" + compartment_id = "${var.compartment_ocid}" + display_name = "flexvolumesystemtest${var.test_id}" + size_in_gbs = "50" +} + +output "volume_ocid" { + value = "${oci_core_volume.test_volume.id}" +} diff --git a/example/real_world_stuff/oracle/oracle%oci-utils%contrib%oracle_virt_manager%instance.tf b/example/real_world_stuff/oracle/oracle%oci-utils%contrib%oracle_virt_manager%instance.tf new file mode 100644 index 0000000..295f5ed --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%oci-utils%contrib%oracle_virt_manager%instance.tf @@ -0,0 +1,347 @@ +// Copyright (c) 2020 Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown +// at http://oss.oracle.com/licenses/upl. +terraform { + required_providers { + oci = ">= 3.56.0" + } +} + +variable "tenancy_ocid" {} +variable "user_ocid" {} +variable "fingerprint" {} +variable "private_key_path" {} +variable "region" { + default = "uk-london-1" +} +variable "compartment_id" {} +variable "availability_domain_id" {} +variable "subnet_id" {} +variable "instance_shape" { + default = "VM.Standard2.4" +} +variable "instance_image_ocid" { + default = "ocid1.image.oc1.uk-london-1.aaaaaaaav6vnrgev7zgrkk2infary43tr5lh3rpheqbul3qowv26a3erb7ua" +} + +variable "ssh_private_key_path" {} +variable "ssh_public_key_path" {} +variable "ssh_authorized_key_path" {} +variable "ssh_user" { + default = "opc" +} +variable "http_proxy_url" {} +variable "https_proxy_url" {} + +data "oci_core_subnet" "kvminstance_subnet" { + subnet_id = var.subnet_id +} + + +provider "oci" { + tenancy_ocid = var.tenancy_ocid + user_ocid = var.user_ocid + fingerprint = var.fingerprint + private_key_path = var.private_key_path + region = var.region +} + +data "template_file" "tests_environement" { + template = file(join("/", [abspath(path.root), "userdata", "oci-tests-env"])) + vars = { + http_proxy_url = var.http_proxy_url + https_proxy_url = var.https_proxy_url + } +} + + +resource "oci_core_instance" "kvm_instance" { + availability_domain = var.availability_domain_id + compartment_id = var.compartment_id + display_name = "KVMMgmtInstance_oVIRT" + shape = var.instance_shape + + + create_vnic_details { + subnet_id = data.oci_core_subnet.kvminstance_subnet.id + display_name = "Primaryvnic" + assign_public_ip = false + } + + source_details { + source_type = "image" + source_id = var.instance_image_ocid + } + + preserve_boot_volume = false + + metadata = { + ssh_authorized_keys = file(var.ssh_authorized_key_path) + } + + +} + +resource "oci_core_instance_console_connection" "kvm_instance_console_connection" { + depends_on = [oci_core_instance.kvm_instance] + #Required + instance_id = oci_core_instance.kvm_instance.id + public_key = file(var.ssh_public_key_path) +} + +resource "oci_core_vnic_attachment" "test_vnic_attachment_nic0" { + count = 2 + create_vnic_details { + subnet_id = data.oci_core_subnet.kvminstance_subnet.id + assign_public_ip = false + } + + instance_id = oci_core_instance.kvm_instance.id + nic_index = 0 +} + + + +resource "oci_core_volume" "vm_tank_volume" { + availability_domain = var.availability_domain_id + compartment_id = var.compartment_id + display_name = "KVMMgmtInstanceTank" + size_in_gbs = 256 +} +resource "oci_core_volume_attachment" "vm_tank_volume_attachment" { + attachment_type = "iscsi" + instance_id = oci_core_instance.kvm_instance.id + volume_id = oci_core_volume.vm_tank_volume.id + + is_read_only = false + +} + +output "instance_private_ip" { + value = oci_core_instance.kvm_instance.private_ip +} +output "instance_fqdn" { + value = format("%s.%s", oci_core_instance.kvm_instance.hostname_label, data.oci_core_subnet.kvminstance_subnet.subnet_domain_name) +} + +output "instance_dns_label" { + value = oci_core_instance.kvm_instance.hostname_label +} + +output "instance_ssh_con" { + value = oci_core_instance_console_connection.kvm_instance_console_connection.connection_string +} + +resource "null_resource" "deploy_virt_mgr" { + depends_on = [oci_core_instance.kvm_instance] + + provisioner "file" { + content = data.template_file.tests_environement.rendered + destination = "/tmp/oci-tests-env.sh" + + connection { + type = "ssh" + agent = false + user = var.ssh_user + host = oci_core_instance.kvm_instance.private_ip + timeout = "15m" + private_key = file(var.ssh_private_key_path) + } + } + + // do this right now as other command may need it + provisioner "remote-exec" { + connection { + type = "ssh" + agent = false + user = var.ssh_user + host = oci_core_instance.kvm_instance.private_ip + timeout = "15m" + private_key = file(var.ssh_private_key_path) + } + inline = [ + "/bin/sudo /bin/mv --force /tmp/oci-tests-env.sh /etc/profile.d" + ] + } + + provisioner "remote-exec" { + connection { + type = "ssh" + agent = false + user = var.ssh_user + host = oci_core_instance.kvm_instance.private_ip + timeout = "15m" + private_key = file(var.ssh_private_key_path) + } + + inline = [ + "/bin/sudo --login yum install --quiet --assumeyes oracle-ovirt-release-el7", + "/bin/sudo --login yum-config-manager --disable ovirt-4.2", + "/bin/sudo --login yum-config-manager --disable ovirt-4.2-extra", + "/bin/sudo --login yum install --quiet --assumeyes ovirt-engine", + "/bin/sudo --login yum install --quiet --assumeyes ovirt-log-collector", + "/bin/sudo --login yum install --quiet --assumeyes cockpit-ovirt-dashboard", + "/bin/sudo --login /usr/bin/systemctl enable cockpit.socket", + "/bin/sudo --login /usr/bin/systemctl start cockpit.socket", + "/bin/sudo --login firewall-cmd --permanent --add-service=cockpit" + ] + } + +} +resource "null_resource" "configure_virt_mgr" { + depends_on = [null_resource.deploy_virt_mgr] + + provisioner "file" { + connection { + type = "ssh" + agent = false + user = var.ssh_user + host = oci_core_instance.kvm_instance.private_ip + timeout = "15m" + private_key = file(var.ssh_private_key_path) + } + source = join("/", [abspath(path.root), "userdata", "ovirt-engine-setup-answers.conf"]) + destination = "/var/tmp/ovirt-engine-setup-answers.conf" + } + provisioner "file" { + connection { + type = "ssh" + agent = false + user = var.ssh_user + host = oci_core_instance.kvm_instance.private_ip + timeout = "15m" + private_key = file(var.ssh_private_key_path) + } + content = format("[environment:default]\nQUESTION/1/OVESETUP_NETWORK_FQDN_this=str:%s.%s\nQUESTION/1/OVESETUP_PKI_ORG=str:%s", + oci_core_instance.kvm_instance.hostname_label, + data.oci_core_subnet.kvminstance_subnet.subnet_domain_name, + data.oci_core_subnet.kvminstance_subnet.subnet_domain_name) + destination = "/var/tmp/ovirt-engine-setup-answers-extra.conf" + } + + provisioner "remote-exec" { + connection { + type = "ssh" + agent = false + user = var.ssh_user + host = oci_core_instance.kvm_instance.private_ip + timeout = "15m" + private_key = file(var.ssh_private_key_path) + } + + inline = [ + "sudo --login /bin/engine-setup --config=/var/tmp/ovirt-engine-setup-answers.conf --config-append=/var/tmp/ovirt-engine-setup-answers-extra.conf" + ] + } + # TODO : remove these configuration files +} + +resource "null_resource" "tweak_virt_mgr_host" { + depends_on = [null_resource.configure_virt_mgr] + provisioner "remote-exec" { + connection { + type = "ssh" + agent = false + user = var.ssh_user + host = oci_core_instance.kvm_instance.private_ip + timeout = "15m" + private_key = file(var.ssh_private_key_path) + } + + inline = [ + # we install python3, that's break otopi as rpmUtils library is not installed for python3 + # force otopi to use python2 + "sudo --login mkdir -p /etc/otopi.env.d", + "sudo --login touch /etc/otopi.env.d/10-python.env", + "echo OTOPI_PYTHON=/usr/bin/python2.7 | sudo --login tee /etc/otopi.env.d/10-python.env", + "sudo --login chmod a+r /etc/otopi.env.d/10-python.env" + ] + } + + provisioner "file" { + connection { + type = "ssh" + agent = false + user = var.ssh_user + host = oci_core_instance.kvm_instance.private_ip + timeout = "15m" + private_key = file(var.ssh_private_key_path) + } + content = format("Match User root Address %s LocalAddress %s\n\tPermitRootLogin without-password", + oci_core_instance.kvm_instance.private_ip, + oci_core_instance.kvm_instance.private_ip + ) + destination = "/tmp/local-ssh.conf" + } + provisioner "remote-exec" { + connection { + type = "ssh" + agent = false + user = var.ssh_user + host = oci_core_instance.kvm_instance.private_ip + timeout = "15m" + private_key = file(var.ssh_private_key_path) + } + + inline = [ + # engine reuire root ssh access, allow it for local loop + "/bin/cat /tmp/local-ssh.conf | sudo --login tee -a /etc/ssh/sshd_config", + "/bin/rm /tmp/local-ssh.conf" + ] + } + provisioner "remote-exec" { + connection { + type = "ssh" + agent = false + user = var.ssh_user + host = oci_core_instance.kvm_instance.private_ip + timeout = "15m" + private_key = file(var.ssh_private_key_path) + } + + inline = [ + # ovirt host deploy set credential add it as default + "echo export LIBVIRT_DEFAULT_URI=\"qemu:///system?authfile=/etc/ovirt-hosted-engine/virsh_auth.conf\" >> /home/${var.ssh_user}/.bashrc", + "echo export LIBVIRT_DEFAULT_URI=\"qemu:///system?authfile=/etc/ovirt-hosted-engine/virsh_auth.conf\" | sudo --login tee -a /root/.bashrc" + ] + } + +} + +resource "null_resource" "deploy_iso" { + depends_on = [null_resource.deploy_virt_mgr] + + provisioner "remote-exec" { + connection { + type = "ssh" + agent = false + user = var.ssh_user + host = oci_core_instance.kvm_instance.private_ip + timeout = "15m" + private_key = file(var.ssh_private_key_path) + } + inline = [ + "wget -O /var/tmp/OracleLinux-R7-U9-Server-x86_64-dvd.iso --no-directories --progress=bar https://ca-artifacts.us.oracle.com/ISOs/build-isos/x86_64-el7-u9-isos/LATEST/OracleLinux-R7-U9-Server-x86_64-dvd.iso" + ] + } +} + +resource "null_resource" "prepare_local_storage" { + depends_on = [oci_core_volume_attachment.vm_tank_volume_attachment] + + provisioner "remote-exec" { + connection { + type = "ssh" + agent = false + user = var.ssh_user + host = oci_core_instance.kvm_instance.private_ip + timeout = "15m" + private_key = file(var.ssh_private_key_path) + } + inline = [ + "sudo --login mkdir -p /data/images", + "sudo --login chown 36:36 /data /data/images", + "sudo --login chmod 0755 /data /data/images" + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%base_instance%data.tf b/example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%base_instance%data.tf new file mode 100644 index 0000000..d22f559 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%base_instance%data.tf @@ -0,0 +1,7 @@ +// Copyright (c) 2021 Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown +// at http:/oss.oracle.com/licenses/upl. + +data "http" "channel_rpm" { + url = "http://${var.server_ip}/channel_rpms/${var.os_user}/" +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%base_instance%main.tf b/example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%base_instance%main.tf new file mode 100644 index 0000000..e8477ca --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%base_instance%main.tf @@ -0,0 +1,192 @@ +// Copyright (c) 2021 Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown +// at http:/oss.oracle.com/licenses/upl. + +variable "os_user" { + description = "os user." + type = string +} + +variable "os_user_home" { + description = "operator home directory" + type = string +} + +variable "server_ip" { + description = "this server ipv4 address" + type = string +} + +variable "tenancy_ocid" { + description = "tencancy identification." + type = string +} + +variable "user_ocid" { + description = "user identification." + type = string +} + +variable "oci_private_key" { + description = "path to use private key for OCI." + type = string +} + +variable "fingerprint" { + description = "OCI key fingerprint." + type = string +} + +variable "region" { + description = "oci region name." + type = string +} + +variable "availability_domain" { + description = "availability domain name." + type = string +} + +variable "compartment_ocid" { + description = "compartment identification." + type = string +} + +variable "shape" { + description = "shape selection." + type = string +} + +variable "source_ocid" { + description = "source identification." + type = string +} + +variable "source_type" { + description = "source type identification." + type = string +} + +variable "instance_display_name" { + description = "instance display name." + type = string +} + +variable "vnic_display_name" { + description = "vnic display name." + type = string +} + +variable "subnet_ocid" { + description = "subnet identification." + type = string +} + +variable "ssh_public_key" { + description = "user authorized keys path." + type = string +} + +variable "remote_user" { + description = "user to connect to remote with sudo priviliges." + type = string +} + +variable "ssh_private_key" { + description = "local user private key path." + type = string +} + +variable "auth" { + description = "authentication method." + type = string +} + +variable "log_file_path" { + description = "path to logfile" + type = string +} + +provider "oci" { + tenancy_ocid = var.tenancy_ocid + user_ocid = var.user_ocid + private_key_path = var.oci_private_key + fingerprint = var.fingerprint + region = var.region + // auth = var.auth +} + +resource "oci_core_instance" "test_instance" { + count = "1" + availability_domain = var.availability_domain + compartment_id = var.compartment_ocid + display_name = var.instance_display_name + shape = var.shape + + create_vnic_details { + subnet_id = var.subnet_ocid + display_name = var.vnic_display_name + assign_public_ip = false + } + + source_details { + source_type = var.source_type + source_id = var.source_ocid + } + + preserve_boot_volume = false + + metadata = { + ssh_authorized_keys = file(var.ssh_public_key) + } + + timeouts { + create = "60m" + } + +} + +// install repo. +resource "null_resource" "install_repo" { + depends_on = [oci_core_instance.test_instance] + provisioner "file" { + source = "/var/www/html/channel_rpms/${var.os_user}/" + destination = "/tmp/" + connection { + type = "ssh" + agent = false + user = var.remote_user + host = oci_core_instance.test_instance.*.private_ip[0] + timeout = "15m" + private_key = file(var.ssh_private_key) + } + } + + provisioner "remote-exec" { + connection { + type = "ssh" + agent = false + user = var.remote_user + host = oci_core_instance.test_instance.*.private_ip[0] + timeout = "15m" + private_key = file(var.ssh_private_key) + } + script = "../scripts/install_oci_utils_automation.sh" + } + + provisioner "remote-exec" { + connection { + type = "ssh" + agent = false + user = var.remote_user + host = oci_core_instance.test_instance.*.private_ip[0] + timeout = "15m" + private_key = file(var.ssh_private_key) + } + inline = [ + "/bin/sudo --preserve-env mkdir -p /logs", + "/bin/sudo --preserve-env chmod 777 /logs" + ] + } +} + diff --git a/example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%base_instance%output.tf b/example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%base_instance%output.tf new file mode 100644 index 0000000..dec8c69 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%base_instance%output.tf @@ -0,0 +1,16 @@ +// Copyright (c) 2021 Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown +// at http:/oss.oracle.com/licenses/upl. + +output "instance_private_ip" { + value = oci_core_instance.test_instance.*.private_ip[0] +} + +output "boot_volume_ocid" { + value = oci_core_instance.test_instance.*.boot_volume_id[0] +} + +output "instance_ocid" { + value = oci_core_instance.test_instance.*.id[0] +} + diff --git a/example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%test_iscsi%data.tf b/example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%test_iscsi%data.tf new file mode 100644 index 0000000..8130d27 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%test_iscsi%data.tf @@ -0,0 +1,8 @@ +// Copyright (c) 2021 Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown +// at http:/oss.oracle.com/licenses/upl. + +data "oci_identity_availability_domains" "ads" { + compartment_id = var.tenancy_ocid +} + diff --git a/example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%test_iscsi%main.tf b/example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%test_iscsi%main.tf new file mode 100644 index 0000000..34644e3 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%test_iscsi%main.tf @@ -0,0 +1,169 @@ +// Copyright (c) 2021 Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown +// at http:/oss.oracle.com/licenses/upl. + +variable "os_user" { + description = "os user." + type = string +} + +variable "os_user_home" { + description = "operator home directory" + type = string +} + +variable "server_ip" { + description = "this server ipv4 address" + type = string +} + +variable "tenancy_ocid" { + description = "tencancy identification." + type = string +} + +variable "compartment_ocid" { + description = "compartment identification." + type = string +} + +variable "availability_domain" { + description = "availability domain name." + type = string +} + +variable "user_ocid" { + description = "user identification." + type = string +} + +variable "oci_private_key" { + description = "path to use private key for OCI." + type = string +} + +variable "fingerprint" { + description = "OCI key fingerprint." + type = string +} + +variable "region" { + description = "oci region name." + type = string +} + +variable "shape" { + description = "shape selection." + type = string +} + +variable "source_ocid" { + description = "source identification." + type = string +} + +variable "source_type" { + description = "source type identification." + type = string +} + +variable "instance_display_name" { + description = "instance display name." + type = string +} + +variable "vnic_display_name" { + description = "vnic display name." + type = string +} + +variable "subnet_ocid" { + description = "subnet identification." + type = string +} + +variable "ssh_public_key" { + description = "user authorized keys path." + type = string +} + +variable "remote_user" { + description = "user to connect to remote with sudo privileges." + type = string +} + +variable "ssh_private_key" { + description = "local user private key path." + type = string +} + +variable "auth" { + description = "authentication method." + type = string +} + +variable "log_file_path" { + description = "path to logfile" + type = string +} + +module "base_instance"{ + source = "../base_instance" + os_user = var.os_user + os_user_home = var.os_user_home + server_ip = var.server_ip + auth = var.auth + tenancy_ocid = var.tenancy_ocid + compartment_ocid = var.compartment_ocid + availability_domain = var.availability_domain + user_ocid = var.user_ocid + fingerprint = var.fingerprint + region = var.region + shape = var.shape + source_ocid = var.source_ocid + source_type = var.source_type + instance_display_name = var.instance_display_name + vnic_display_name = var.vnic_display_name + subnet_ocid = var.subnet_ocid + ssh_public_key = var.ssh_public_key + oci_private_key = var.oci_private_key + remote_user = var.remote_user + ssh_private_key = var.ssh_private_key + log_file_path = var.log_file_path +} + +resource "null_resource" "run_test_cli_iscsi_config" { + depends_on = [ + module.base_instance] + provisioner "remote-exec" { + connection { + type = "ssh" + user = var.remote_user + agent = false + host = module.base_instance.instance_private_ip + timeout = "15m" + private_key = file(var.ssh_private_key) + } + inline = [ + "cd /opt/oci-utils/ && /bin/sudo --preserve-env /bin/python3 /opt/oci-utils/setup.py oci_tests --tests-base=/opt/oci-utils/tests/data --test-suite=tests.test_cli_iscsi_config > /logs/run_test_cli_iscsi_config 2>&1" + ] + } +} + +resource "null_resource" "run_test_iscsiadm" { + depends_on = [ + module.base_instance] + provisioner "remote-exec" { + connection { + type = "ssh" + user = var.remote_user + agent = false + host = module.base_instance.instance_private_ip + timeout = "15m" + private_key = file(var.ssh_private_key) + } + inline = [ + "cd /opt/oci-utils/ && /bin/sudo --preserve-env /bin/python3 /opt/oci-utils/setup.py oci_tests --tests-base=/opt/oci-utils/tests/data --test-suite=tests.test_iscsiadm > /logs/run_test_iscsiadm 2>&1" + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%test_iscsi%terraform_version.tf b/example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%test_iscsi%terraform_version.tf new file mode 100644 index 0000000..d0fcb2b --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%test_iscsi%terraform_version.tf @@ -0,0 +1,10 @@ +// Copyright (c) 2020 Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown +// at http:/oss.oracle.com/licenses/upl. + +terraform { + required_providers { + oci = ">= 3.56.0" + } +} + diff --git a/example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%test_metadata%data.tf b/example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%test_metadata%data.tf new file mode 100644 index 0000000..358b8db --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%test_metadata%data.tf @@ -0,0 +1,8 @@ +// Copyright (c) 2020 Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown +// at http:/oss.oracle.com/licenses/upl. + +data "oci_identity_availability_domains" "ads" { + compartment_id = var.tenancy_ocid +} + diff --git a/example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%test_metadata%main.tf b/example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%test_metadata%main.tf new file mode 100644 index 0000000..621a165 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%test_metadata%main.tf @@ -0,0 +1,169 @@ +// Copyright (c) 2021 Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown +// at http:/oss.oracle.com/licenses/upl. + +variable "os_user" { + description = "os user." + type = string +} + +variable "os_user_home" { + description = "operator home directory" + type = string +} + +variable "server_ip" { + description = "this server ipv4 address" + type = string +} + +variable "tenancy_ocid" { + description = "tencancy identification." + type = string +} + +variable "compartment_ocid" { + description = "compartment identification." + type = string +} + +variable "availability_domain" { + description = "availability domain name." + type = string +} + +variable "user_ocid" { + description = "user identification." + type = string +} + +variable "oci_private_key" { + description = "path to use private key for OCI." + type = string +} + +variable "fingerprint" { + description = "OCI key fingerprint." + type = string +} + +variable "region" { + description = "oci region name." + type = string +} + +variable "shape" { + description = "shape selection." + type = string +} + +variable "source_ocid" { + description = "source identification." + type = string +} + +variable "source_type" { + description = "source type identification." + type = string +} + +variable "instance_display_name" { + description = "instance display name." + type = string +} + +variable "vnic_display_name" { + description = "vnic display name." + type = string +} + +variable "subnet_ocid" { + description = "subnet identification." + type = string +} + +variable "ssh_public_key" { + description = "user authorized keys path." + type = string +} + +variable "remote_user" { + description = "user to connect to remote with sudo privileges." + type = string +} + +variable "ssh_private_key" { + description = "local user private key path." + type = string +} + +variable "auth" { + description = "authentication method." + type = string +} + +variable "log_file_path" { + description = "path to logfile" + type = string +} + +module "base_instance"{ + source = "../base_instance" + os_user = var.os_user + os_user_home = var.os_user_home + server_ip = var.server_ip + auth = var.auth + tenancy_ocid = var.tenancy_ocid + compartment_ocid = var.compartment_ocid + availability_domain = var.availability_domain + user_ocid = var.user_ocid + fingerprint = var.fingerprint + region = var.region + shape = var.shape + source_ocid = var.source_ocid + source_type = var.source_type + instance_display_name = var.instance_display_name + vnic_display_name = var.vnic_display_name + subnet_ocid = var.subnet_ocid + ssh_public_key = var.ssh_public_key + oci_private_key = var.oci_private_key + remote_user = var.remote_user + ssh_private_key = var.ssh_private_key + log_file_path = var.log_file_path +} + +resource "null_resource" "run_test_oci_metadata" { + depends_on = [ + module.base_instance] + provisioner "remote-exec" { + connection { + type = "ssh" + user = var.remote_user + agent = false + host = module.base_instance.instance_private_ip + timeout = "15m" + private_key = file(var.ssh_private_key) + } + inline = [ + "cd /opt/oci-utils/ && /bin/sudo mkdir /logs && /bin/sudo --preserve-env /bin/python3 /opt/oci-utils/setup.py oci_tests --tests-base=/opt/oci-utils/tests/data --test-suite=tests.test_oci_metadata > /logs/run_test_oci_metadata 2>&1" + ] + } +} + +resource "null_resource" "run_test_cli_metadata" { + depends_on = [ + module.base_instance] + provisioner "remote-exec" { + connection { + type = "ssh" + user = var.remote_user + agent = false + host = module.base_instance.instance_private_ip + timeout = "15m" + private_key = file(var.ssh_private_key) + } + inline = [ + "cd /opt/oci-utils/ && /bin/sudo mkdir /logs && /bin/sudo --preserve-env /bin/python3 /opt/oci-utils/setup.py oci_tests --tests-base=/opt/oci-utils/tests/data --test-suite=tests.test_cli_metadata > /logs/run_test_cli_metadata 2>&1" + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%test_metadata%terraform_version.tf b/example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%test_metadata%terraform_version.tf new file mode 100644 index 0000000..12617d4 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%test_metadata%terraform_version.tf @@ -0,0 +1,10 @@ +// Copyright (c) 2021 Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown +// at http:/oss.oracle.com/licenses/upl. + +terraform { + required_providers { + oci = ">= 3.56.0" + } +} + diff --git a/example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%test_various%data.tf b/example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%test_various%data.tf new file mode 100644 index 0000000..8130d27 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%test_various%data.tf @@ -0,0 +1,8 @@ +// Copyright (c) 2021 Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown +// at http:/oss.oracle.com/licenses/upl. + +data "oci_identity_availability_domains" "ads" { + compartment_id = var.tenancy_ocid +} + diff --git a/example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%test_various%main.tf b/example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%test_various%main.tf new file mode 100644 index 0000000..36f6c14 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%test_various%main.tf @@ -0,0 +1,259 @@ +// Copyright (c) 2021 Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown +// at http:/oss.oracle.com/licenses/upl. + +variable "os_user" { + description = "os user." + type = string +} + +variable "os_user_home" { + description = "operator home directory" + type = string +} + +variable "server_ip" { + description = "this server ipv4 address" + type = string +} + +variable "tenancy_ocid" { + description = "tencancy identification." + type = string +} + +variable "compartment_ocid" { + description = "compartment identification." + type = string +} + +variable "availability_domain" { + description = "availability domain name." + type = string +} + +variable "user_ocid" { + description = "user identification." + type = string +} + +variable "oci_private_key" { + description = "path to use private key for OCI." + type = string +} + +variable "fingerprint" { + description = "OCI key fingerprint." + type = string +} + +variable "region" { + description = "oci region name." + type = string +} + +variable "shape" { + description = "shape selection." + type = string +} + +variable "source_ocid" { + description = "source identification." + type = string +} + +variable "source_type" { + description = "source type identification." + type = string +} + +variable "instance_display_name" { + description = "instance display name." + type = string +} + +variable "vnic_display_name" { + description = "vnic display name." + type = string +} + +variable "subnet_ocid" { + description = "subnet identification." + type = string +} + +variable "ssh_public_key" { + description = "user authorized keys path." + type = string +} + +variable "remote_user" { + description = "user to connect to remote with sudo privileges." + type = string +} + +variable "ssh_private_key" { + description = "local user private key path." + type = string +} + +variable "auth" { + description = "authentication method." + type = string +} + +variable "log_file_path" { + description = "path to logfile" + type = string +} + +module "base_instance"{ + source = "../base_instance" + os_user = var.os_user + os_user_home = var.os_user_home + server_ip = var.server_ip + auth = var.auth + tenancy_ocid = var.tenancy_ocid + compartment_ocid = var.compartment_ocid + availability_domain = var.availability_domain + user_ocid = var.user_ocid + fingerprint = var.fingerprint + region = var.region + shape = var.shape + source_ocid = var.source_ocid + source_type = var.source_type + instance_display_name = var.instance_display_name + vnic_display_name = var.vnic_display_name + subnet_ocid = var.subnet_ocid + ssh_public_key = var.ssh_public_key + oci_private_key = var.oci_private_key + remote_user = var.remote_user + ssh_private_key = var.ssh_private_key + log_file_path = var.log_file_path +} + +resource "null_resource" "run_test_auth_helper" { + depends_on = [ + module.base_instance] + provisioner "remote-exec" { + connection { + type = "ssh" + user = var.remote_user + agent = false + host = module.base_instance.instance_private_ip + timeout = "15m" + private_key = file(var.ssh_private_key) + } + inline = [ + "cd /opt/oci-utils/ && /bin/sudo --preserve-env /bin/python3 /opt/oci-utils/setup.py oci_tests --tests-base=/opt/oci-utils/tests/data --test-suite=tests.test_auth_helper > /logs/run_test_auth_helper 2>&1" + ] + } +} + +resource "null_resource" "run_test_cache" { + depends_on = [ + module.base_instance] + provisioner "remote-exec" { + connection { + type = "ssh" + user = var.remote_user + agent = false + host = module.base_instance.instance_private_ip + timeout = "15m" + private_key = file(var.ssh_private_key) + } + inline = [ + "cd /opt/oci-utils/ && /bin/sudo --preserve-env /bin/python3 /opt/oci-utils/setup.py oci_tests --tests-base=/opt/oci-utils/tests/data --test-suite=tests.test_cache > /logs/run_test_cache 2>&1" + ] + } +} + +resource "null_resource" "run_test_exec_helpers" { + depends_on = [ + module.base_instance] + provisioner "remote-exec" { + connection { + type = "ssh" + user = var.remote_user + agent = false + host = module.base_instance.instance_private_ip + timeout = "15m" + private_key = file(var.ssh_private_key) + } + inline = [ + "cd /opt/oci-utils/ && /bin/sudo --preserve-env /bin/python3 /opt/oci-utils/setup.py oci_tests --tests-base=/opt/oci-utils/tests/data --test-suite=tests.test_exec_helpers > /logs/run_test_exec-helper 2>&1 " + ] + } +} + +resource "null_resource" "run_test_exec_utils_config_helper" { + depends_on = [ + module.base_instance] + provisioner "remote-exec" { + connection { + type = "ssh" + user = var.remote_user + agent = false + host = module.base_instance.instance_private_ip + timeout = "15m" + private_key = file(var.ssh_private_key) + } + inline = [ + "cd /opt/oci-utils/ && /bin/sudo --preserve-env /bin/python3 /opt/oci-utils/setup.py oci_tests --tests-base=/opt/oci-utils/tests/data --test-suite=tests.test_exec_utils-config-helper > /logs/run_test_exec_utils_config_helper 2>&1" + ] + } +} + +resource "null_resource" "run_test_network_helpers" { + depends_on = [ + module.base_instance] + provisioner "remote-exec" { + connection { + type = "ssh" + user = var.remote_user + agent = false + host = module.base_instance.instance_private_ip + timeout = "15m" + private_key = file(var.ssh_private_key) + } + inline = [ + "cd /opt/oci-utils/ && /bin/sudo --preserve-env /bin/python3 /opt/oci-utils/setup.py oci_tests --tests-base=/opt/oci-utils/tests/data --test-suite=tests.test_network_helpers > /logs/run_test_network_helpers 2>&1" + ] + } +} + +resource "null_resource" "run_test_platform_helpers" { + depends_on = [ + module.base_instance] + provisioner "remote-exec" { + connection { + type = "ssh" + user = var.remote_user + agent = false + host = module.base_instance.instance_private_ip + timeout = "15m" + private_key = file(var.ssh_private_key) + } + inline = [ + "cd /opt/oci-utils/ && /bin/sudo --preserve-env /bin/python3 /opt/oci-utils/setup.py oci_tests --tests-base=/opt/oci-utils/tests/data --test-suite=tests.test_platform_helpers > /logs/run_test_platform_helpers 2>&1 " + ] + } +} + +resource "null_resource" "run_test_row_printer" { + depends_on = [ + module.base_instance] + provisioner "remote-exec" { + connection { + type = "ssh" + user = var.remote_user + agent = false + host = module.base_instance.instance_private_ip + timeout = "15m" + private_key = file(var.ssh_private_key) + } + inline = [ + "cd /opt/oci-utils/ && /bin/sudo --preserve-env /bin/python3 /opt/oci-utils/setup.py oci_tests --tests-base=/opt/oci-utils/tests/data --test-suite=tests.test_row_printer > /logs/run_test_row_printer 2>&1" + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%test_various%terraform_version.tf b/example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%test_various%terraform_version.tf new file mode 100644 index 0000000..d0fcb2b --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%oci-utils%tests%automation%data%test_various%terraform_version.tf @@ -0,0 +1,10 @@ +// Copyright (c) 2020 Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown +// at http:/oss.oracle.com/licenses/upl. + +terraform { + required_providers { + oci = ">= 3.56.0" + } +} + diff --git a/example/real_world_stuff/oracle/oracle%oci-utils%tools%provisionning%dev_instance%dev-instance.tf b/example/real_world_stuff/oracle/oracle%oci-utils%tools%provisionning%dev_instance%dev-instance.tf new file mode 100644 index 0000000..b788d10 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%oci-utils%tools%provisionning%dev_instance%dev-instance.tf @@ -0,0 +1,110 @@ +// Copyright (c) 2020 Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown +// at http://oss.oracle.com/licenses/upl. +terraform { + required_providers { + oci = ">= 3.56.0" + } +} + +variable "tenancy_ocid" {} +variable "user_ocid" {} +variable "fingerprint" {} +variable "private_key_path" {} +variable "region" {} +variable "compartment_id" {} +variable "availability_domain_id" {} +variable "subnet_id" {} +variable "instance_shape" {} +variable "instance_image_ocid" {} + +variable "ssh_private_key_path" {} +variable "ssh_authorized_key_path" {} +variable "ssh_user" {} +variable "ssh_public_key_path" {} + +variable "dns_search_domains" {} +variable "dns_server_ip" {} +variable "http_proxy_url" {} +variable "https_proxy_url" {} + + +provider "oci" { + tenancy_ocid = var.tenancy_ocid + user_ocid = var.user_ocid + fingerprint = var.fingerprint + private_key_path = var.private_key_path + region = var.region +} + +data "oci_identity_availability_domains" "ad" { + compartment_id = var.compartment_id +} + + +resource "oci_core_instance" "dev_instance" { + availability_domain = var.availability_domain_id + compartment_id = var.compartment_id + display_name = "OCI-DEV-Instance" + shape = var.instance_shape + + create_vnic_details { + subnet_id = var.subnet_id + display_name = "Primaryvnic" + assign_public_ip = false + } + + source_details { + source_type = "image" + source_id = var.instance_image_ocid + } + + preserve_boot_volume = false + + metadata = { + ssh_authorized_keys = file(var.ssh_authorized_key_path) + } + + + timeouts { + create = "60m" + } + +} + +resource "oci_core_vnic_attachment" "test_vnic_attachment_0" { + create_vnic_details { + subnet_id = var.subnet_id + } + instance_id = oci_core_instance.dev_instance.id + nic_index = 0 +} +resource "oci_core_instance_console_connection" "instance_console_connection" { + depends_on = [oci_core_instance.dev_instance] + #Required + instance_id = oci_core_instance.dev_instance.id + public_key = file(var.ssh_public_key_path) +} + +resource "oci_core_volume" "vm_tank_volume" { + availability_domain = var.availability_domain_id + compartment_id = var.compartment_id + display_name = "DevInstanceTank" + size_in_gbs = 256 +} +resource "oci_core_volume_attachment" "vm_tank_volume_attachment" { + attachment_type = "iscsi" + instance_id = oci_core_instance.dev_instance.id + volume_id = oci_core_volume.vm_tank_volume.id + + is_read_only = false + +} + + +output "instance_private_ip" { + value = oci_core_instance.dev_instance.*.private_ip +} + + + diff --git a/example/real_world_stuff/oracle/oracle%oci-utils%tools%provisionning%test_instance%instance.tf b/example/real_world_stuff/oracle/oracle%oci-utils%tools%provisionning%test_instance%instance.tf new file mode 100644 index 0000000..afe58ba --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%oci-utils%tools%provisionning%test_instance%instance.tf @@ -0,0 +1,268 @@ +// Copyright (c) 2021 Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown +// at http://oss.oracle.com/licenses/upl. +terraform { + required_providers { + oci = ">= 3.56.0" + } +} + +variable "tenancy_ocid" {} +variable "user_ocid" {} +variable "fingerprint" {} +variable "private_key_path" {} +variable "region" {} +variable "compartment_id" {} +variable "availability_domain_id" {} +variable "subnet_id" {} +variable "instance_shape" {} +variable "instance_image_ocid" {} + +variable "ssh_private_key_path" {} +variable "ssh_authorized_key_path" {} +variable "ssh_user" {} + +variable "oci_utils_rpms_dir" {} + + +variable "dns_search_domains" {} +variable "dns_server_ip" {} +variable "http_proxy_url" {} +variable "https_proxy_url" {} + +variable "subnet_identifier" { + type = map(string) + default = { + us-ashburn-1 = "", + uk-london-1 = "" + } +} + + +provider "oci" { + tenancy_ocid = var.tenancy_ocid + user_ocid = var.user_ocid + fingerprint = var.fingerprint + private_key_path = var.private_key_path + region = var.region +} + +data "template_file" "resolver_config" { + template = file(join("/", [abspath(path.root), "userdata", "oci_resolver_config"])) + vars = { + dns_search_domains = var.dns_search_domains + dns_server_ip = var.dns_server_ip + } +} +data "template_file" "tests_environement" { + template = file(join("/", [abspath(path.root), "userdata", "oci-tests-env"])) + vars = { + http_proxy_url = var.http_proxy_url + https_proxy_url = var.https_proxy_url + } +} + +resource "oci_core_instance" "test_instance" { + availability_domain = var.availability_domain_id + compartment_id = var.compartment_id + display_name = "OCIUtilsTestInstance" + shape = var.instance_shape + + create_vnic_details { + subnet_id = var.subnet_id + display_name = "Primaryvnic" + assign_public_ip = false + } + + source_details { + source_type = "image" + source_id = var.instance_image_ocid + } + + preserve_boot_volume = false + + metadata = { + ssh_authorized_keys = file(var.ssh_authorized_key_path) + } + + + timeouts { + create = "60m" + } + +} + +resource "oci_core_vnic_attachment" "test_vnic_attachment_nic0" { + count = 2 + create_vnic_details { + subnet_id = var.subnet_id + assign_public_ip = false + } + + instance_id = oci_core_instance.test_instance.id + nic_index = 0 +} + + +resource "oci_core_vnic_attachment" "test_vnic_attachment_nic1" { + count = 2 + create_vnic_details { + subnet_id = var.subnet_id + assign_public_ip = false + } + instance_id = oci_core_instance.test_instance.id + nic_index = 1 +} + +resource "oci_core_volume" "test_volume" { + availability_domain = var.availability_domain_id + compartment_id = var.compartment_id + display_name = "OCIUtilsTestVolume" + size_in_gbs = 128 +} +resource "oci_core_volume_attachment" "test_volume_attachment" { + #Required + attachment_type = "iscsi" + instance_id = oci_core_instance.test_instance.id + volume_id = oci_core_volume.test_volume.id + + is_read_only = false + +} + +resource "oci_core_instance_console_connection" "test_instance_cnx" { + depends_on = [oci_core_instance.test_instance] + #Required + instance_id = oci_core_instance.test_instance.id + public_key = file(var.ssh_public_key_path) +} +output "instance_private_ip" { + value = oci_core_instance.test_instance.private_ip +} + + +resource "null_resource" "deploy_test" { + depends_on = [oci_core_instance.test_instance] + + provisioner "file" { + source = join("/", [var.oci_utils_rpms_dir, "/"]) + destination = "/tmp" + + connection { + type = "ssh" + agent = false + user = var.ssh_user + host = oci_core_instance.test_instance.private_ip + timeout = "15m" + private_key = file(var.ssh_private_key_path) + } + + } + + provisioner "file" { + content = data.template_file.resolver_config.rendered + destination = "/tmp/resolv.conf" + + connection { + type = "ssh" + agent = false + user = var.ssh_user + host = oci_core_instance.test_instance.private_ip + timeout = "15m" + private_key = file(var.ssh_private_key_path) + } + + } + provisioner "file" { + content = data.template_file.tests_environement.rendered + destination = "/tmp/oci-tests-env.sh" + + connection { + type = "ssh" + agent = false + user = var.ssh_user + host = oci_core_instance.test_instance.private_ip + timeout = "15m" + private_key = file(var.ssh_private_key_path) + } + } + + // do this right now as other command may need it + provisioner "remote-exec" { + connection { + type = "ssh" + agent = false + user = var.ssh_user + host = oci_core_instance.test_instance.private_ip + timeout = "15m" + private_key = file(var.ssh_private_key_path) + } + inline = [ + "/bin/sudo /bin/cp --force /tmp/oci-tests-env.sh /etc/profile.d", + "/bin/sudo /bin/cp --force /etc/resolv.conf /etc/resolv.conf.back", + "/bin/sudo /bin/cp --force /tmp/resolv.conf /etc/resolv.conf", + ] + } + + provisioner "remote-exec" { + connection { + type = "ssh" + agent = false + user = var.ssh_user + host = oci_core_instance.test_instance.private_ip + timeout = "15m" + private_key = file(var.ssh_private_key_path) + } + + inline = [ + "/bin/sudo --login /usr/bin/yum install --quiet --assumeyes gcc", + "/bin/sudo --login /usr/bin/pip3 install --quiet --upgrade pip", + "/bin/sudo --login /usr/bin/pip3 install setuptools --upgrade", + "/bin/sudo --login /usr/bin/yum localinstall --assumeyes /tmp/oci-utils-*.rpm", + "/bin/sudo --login /usr/bin/systemctl enable --now ocid", + "/bin/sudo --login /usr/bin/systemctl enable --now libvirtd", + "/bin/sudo --login /usr/bin/pip3 install wheel" + + ] + } + +} + +resource "null_resource" "deploy_iso" { + depends_on = [null_resource.deploy_test] + + provisioner "remote-exec" { + connection { + type = "ssh" + agent = false + user = var.ssh_user + host = oci_core_instance.test_instance.private_ip + timeout = "15m" + private_key = file(var.ssh_private_key_path) + } + inline = [ + "wget -O /var/tmp/OracleLinux-R7-U9-Server-x86_64-dvd.iso --no-directories --progress=bar https://ca-artifacts.us.oracle.com/ISOs/build-isos/x86_64-el7-u9-isos/LATEST/OracleLinux-R7-U9-Server-x86_64-dvd.iso" + ] + } +} + +resource "null_resource" "run_test" { + depends_on = [null_resource.deploy_iso] + + provisioner "remote-exec" { + connection { + type = "ssh" + agent = false + user = var.ssh_user + host = oci_core_instance.test_instance.private_ip + timeout = "15m" + private_key = file(var.ssh_private_key_path) + } + // do not use --login as it make the shell to change dir + inline = [ + "cd /opt/oci-utils/ && /bin/sudo --preserve-env /bin/python3 /opt/oci-utils/setup.py oci_tests --tests-base=/opt/oci-utils/tests/data" + ] + } + + +} diff --git a/example/real_world_stuff/oracle/oracle%oci-volume-provisioner%test%system%terraform%volume.tf b/example/real_world_stuff/oracle/oracle%oci-volume-provisioner%test%system%terraform%volume.tf new file mode 100644 index 0000000..1f2814b --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%oci-volume-provisioner%test%system%terraform%volume.tf @@ -0,0 +1,61 @@ +variable "tenancy_ocid" { + default = "ocid1.tenancy.oc1..aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +} + +variable "user_ocid" { + default = "ocid1.user.oc1..aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +} + +variable "fingerprint" { + default = "14:40:85:15:d1:61:e9:b9:a2:33:52:2a:3f:d7:95:b1" +} + +variable "private_key_path" { + default = "/tmp/oci_api_key.pem" +} + +variable "compartment_ocid" { + default = "ocid1.compartment.oc1..aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +} + +variable "availability_domain" { + default = "NWuj:PHX-AD-2" +} + +variable "region" { + default = "us-phoenix-1" +} + +variable "test_id" {} + +provider "oci" { + tenancy_ocid = "${var.tenancy_ocid}" + user_ocid = "${var.user_ocid}" + fingerprint = "${var.fingerprint}" + private_key_path = "${var.private_key_path}" + region = "${var.region}" +} + +data "oci_identity_availability_domains" "ADs" { + compartment_id = "${var.tenancy_ocid}" +} + +resource "oci_core_volume" "test_volume" { + availability_domain = "${var.availability_domain}" + compartment_id = "${var.compartment_ocid}" + display_name = "volume_provisioner_system_test${var.test_id}" + size_in_gbs = "50" +} + +resource "oci_core_volume_backup" "test_volume_backup" { + volume_id = "${oci_core_volume.test_volume.id}" + display_name = "backup_volume_provisioner_system_test${var.test_id}" +} + +output "volume_ocid" { + value = "${oci_core_volume.test_volume.id}" +} + +output "availability_domain" { + value = "${oci_core_volume.test_volume.availability_domain}" +} diff --git a/example/real_world_stuff/oracle/oracle%opengrok%opengrok-indexer%src%test%resources%analysis%hcl%sample.hcl b/example/real_world_stuff/oracle/oracle%opengrok%opengrok-indexer%src%test%resources%analysis%hcl%sample.hcl new file mode 100644 index 0000000..4f5de84 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%opengrok%opengrok-indexer%src%test%resources%analysis%hcl%sample.hcl @@ -0,0 +1,81 @@ +/* + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + */ + +/* + * This is derived from Caiyeon goldfish/config/sample.hcl just for testing + * OpenGrok's HCL handling and modified arbitrarily to test other HCL syntax. + */ + +# [Required] listener defines how goldfish will listen to incoming connections +listener "tcp" { + # [Required] [Format: "address", "address:port", or ":port"] + # goldfish's listening address and/or port. Simply ":443" would suffice. + address = ":8000" + + # [Optional] [Default: 0] [Allowed values: 0, 1] + # set to 1 to disable tls & https + tls_disable = 1 + + # [Optional] [Default: 0] [Allowed values: 0, 1] + # set to 1 to redirect port 80 to 443 (hard-coded port numbers) + tls_autoredirect = 0 + + # Option 1: local certificate + certificate "local" { + cert_file = "/path/to/certificate.cert" + key_file = "/path/to/keyfile.pem" + } + + # Option 2: using Vault's PKI backend [Requires vault_token at launch time] + # goldfish will request new certificates at half-life and hot-reload, + pki_certificate "pki" { + # [Required] + pki_path = "pki/issue/" + common_name = "goldfish.vault.service" + + # [Optional] see Vault PKI docs for what these mean + alt_names = ["goldfish.vault.srv", "ui.vault.srv"] + ip_sans = ["10.0.0.10", "127.0.0.1", "172.0.0.1"] + } +} + +# [Required] vault defines how goldfish should bootstrap to vault +vault { + # [Required] [Format: "protocol://address:port"] + # This is vault's address. Vault must be up before goldfish is deployed! + address = "http://127.0.0.1:8200" + + # [Optional] [Default: 0] [Allowed values: 0, 1] + # Set this to 1 to skip verifying the certificate of vault (e.g. self-signed certs) + tls_skip_verify = 0 + + # [Required] [Default: "secret/goldfish"] + # This should be a generic secret endpoint where runtime settings are stored + # See wiki for what key values are required in this + runtime_config = "secret/goldfish" + + # [Optional] [Default: "auth/approle/login"] + # You can omit this, unless you mounted approle somewhere weird + approle_login = "auth/approle/login" + + # [Optional] [Default: "goldfish"] + # You can omit this if you already customized the approle ID to be 'goldfish' + approle_id = "goldfish" + + # [Optional] [Default: ""] + # If provided, goldfish will use this CA cert to verify Vault's certificate + # This should be a path to a PEM-encoded CA cert file + ca_cert = "" + + # [Optional] [Default: ""] + # See above. This should be a path to a directory instead of a single cert + ca_path = "" +} + +# [Optional] [Default: 0] [Allowed values: 0, 1] +# Set to 1 to disable mlock. Implementation is similar to vault - see vault docs for details +# This option will be ignored on unsupported platforms (e.g Windows) +disable_mlock = 0 diff --git a/example/real_world_stuff/oracle/oracle%opengrok%opengrok-indexer%src%test%resources%analysis%terraform%sample.tf b/example/real_world_stuff/oracle/oracle%opengrok%opengrok-indexer%src%test%resources%analysis%terraform%sample.tf new file mode 100644 index 0000000..ca9a8c8 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%opengrok%opengrok-indexer%src%test%resources%analysis%terraform%sample.tf @@ -0,0 +1,215 @@ +/* + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/* + * This is derived from Hashicat main.tf just for testing OpenGrok's Terraform + * handling and modified arbitrarily to test other Terraform or HCL syntax. + */ + +provider "azurerm" { + version = "=1.44.0" +} + +resource "azurerm_resource_group" "myresourcegroup" { + name = "${var.prefix}-workshop" + location = var.location +} + +resource "azurerm_virtual_network" "vnet" { + name = "${var.prefix}-vnet" + location = azurerm_resource_group.myresourcegroup.location + address_space = [var.address_space] + resource_group_name = azurerm_resource_group.myresourcegroup.name +} + +resource "azurerm_subnet" "subnet" { + name = "${var.prefix}-subnet" + virtual_network_name = azurerm_virtual_network.vnet.name + resource_group_name = azurerm_resource_group.myresourcegroup.name + address_prefix = var.subnet_prefix +} + +resource "azurerm_network_security_group" "catapp-sg" { + name = "${var.prefix}-sg" + location = var.location + resource_group_name = azurerm_resource_group.myresourcegroup.name + + security_rule { + name = "HTTP" + priority = 100 + direction = "Inbound" + access = "Allow" + protocol = "Tcp" + source_port_range = "*" + destination_port_range = "80" + source_address_prefix = "*" + destination_address_prefix = "*" + } + + security_rule { + name = "HTTPS" + priority = 102 + direction = "Inbound" + access = "Allow" + protocol = "Tcp" + source_port_range = "*" + destination_port_range = "443" + source_address_prefix = "*" + destination_address_prefix = "*" + } + + security_rule { + name = "SSH" + priority = 101 + direction = "Inbound" + access = "Allow" + protocol = "Tcp" + source_port_range = "*" + destination_port_range = "22" + source_address_prefix = "*" + destination_address_prefix = "*" + } +} + +resource "azurerm_network_interface" "catapp-nic" { + name = "${var.prefix}-catapp-nic" + location = var.location + resource_group_name = azurerm_resource_group.myresourcegroup.name + network_security_group_id = azurerm_network_security_group.catapp-sg.id + + ip_configuration { + name = "${var.prefix}ipconfig" + subnet_id = azurerm_subnet.subnet.id + private_ip_address_allocation = "Dynamic" + public_ip_address_id = azurerm_public_ip.catapp-pip.id + } +} + +resource "azurerm_public_ip" "catapp-pip" { + name = "${var.prefix}-ip" + location = var.location + resource_group_name = azurerm_resource_group.myresourcegroup.name + allocation_method = "Dynamic" + domain_name_label = "${var.prefix}-meow" +} + +resource "azurerm_virtual_machine" "catapp" { + name = "${var.prefix}-meow" + location = var.location + resource_group_name = azurerm_resource_group.myresourcegroup.name + vm_size = var.vm_size + + network_interface_ids = [azurerm_network_interface.catapp-nic.id] + delete_os_disk_on_termination = "true" + + storage_image_reference { + publisher = var.image_publisher + offer = var.image_offer + sku = var.image_sku + version = var.image_version + } + + storage_os_disk { + name = "${var.prefix}-osdisk" + managed_disk_type = "Standard_LRS" + caching = "ReadWrite" + create_option = "FromImage" + } + + os_profile { + computer_name = var.prefix + admin_username = var.admin_username + admin_password = var.admin_password + } + + os_profile_linux_config { + disable_password_authentication = false + } +} + +# We're using a little trick here so we can run the provisioner without +# destroying the VM. Do not do this in production. + +# If you need ongoing management (Day N) of your virtual machines a tool such +# as Chef or Puppet is a better choice. These tools track the state of +# individual files and can keep them in the correct configuration. + +# Here we do the following steps: +# Sync everything in files/ to the remote VM. +# Set up some environment variables for our script. +# Add execute permissions to our scripts. +# Run the deploy_app.sh script. +resource "null_resource" "configure-cat-app" { + depends_on = [ + azurerm_virtual_machine.catapp, + ] + + # Terraform 0.11 + # triggers { + # build_number = "${timestamp()}" + # } + + # Terraform 0.12 + triggers = { + build_number = timestamp() + } + + provisioner "file" { + source = "files/" + destination = "/home/${var.admin_username}/" + + connection { + type = "ssh" + user = var.admin_username + password = var.admin_password + host = azurerm_public_ip.catapp-pip.fqdn + } + } + + provisioner "remote-exec" { + inline = [ + "sudo apt -y update", + "sudo apt -y install apache2", + "sudo systemctl start apache2", + "sudo chown -R ${var.admin_username}:${var.admin_username} /var/www/html", + "chmod +x *.sh", + "PLACEHOLDER=${var.placeholder} WIDTH=${var.width} HEIGHT=${var.height} PREFIX=${var.prefix} ./deploy_app.sh", + ] + + connection { + type = "ssh" + user = var.admin_username + password = var.admin_password + host = azurerm_public_ip.catapp-pip.fqdn + } + } +} + +resource "no-interp-here-${var.admin_username}" { + doc1 = < is the compartment OCID for the root compartment. +# Use for the compartment OCID. + +data "oci_identity_availability_domains" "ads" { + compartment_id = var.tenancy_ocid +} + +# Create a compartment + +resource "oci_identity_compartment" "tf-compartment" { + # Required + compartment_id = var.tenancy_ocid + description = "Compartment for Terraform resources." + name = "ORDS_Compartment" +} + +# Create a public subnet + +resource "oci_core_subnet" "vcn-public-subnet"{ + + # Required + compartment_id = oci_identity_compartment.tf-compartment.id + vcn_id = var.vcn_ocid + cidr_block = "10.0.0.0/24" + + # Optional + #route_table_id = module.vcn.ig_route_id + security_list_ids = [oci_core_security_list.public-security-list.id] + display_name = "public-ords-subnet" +} + +# Create a public security list and some rules + +resource "oci_core_security_list" "public-security-list"{ + +# Required + compartment_id = oci_identity_compartment.tf-compartment.id + vcn_id = var.vcn_ocid + +# Optional + display_name = "security-list-for-public-ords-subnet" + + egress_security_rules { + stateless = false + destination = "0.0.0.0/0" + destination_type = "CIDR_BLOCK" + protocol = "all" + } +ingress_security_rules { + stateless = false + source = "0.0.0.0/0" + source_type = "CIDR_BLOCK" + # Get protocol numbers from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml TCP is 6 + protocol = "6" + tcp_options { + min = 22 + max = 22 + } + } + +# ingress_security_rules { +# stateless = false +# source = "0.0.0.0/0" +# source_type = "CIDR_BLOCK" +# # Get protocol numbers from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml TCP is 6 +# protocol = "6" +# tcp_options { +# min = 8080 +# max = 8080 +# } +# } + +ingress_security_rules { + stateless = false + source = "0.0.0.0/0" + source_type = "CIDR_BLOCK" + # Get protocol numbers from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml TCP is 6 + protocol = "6" + tcp_options { + min = 8443 + max = 8443 + } + } + +# ingress_security_rules { +# stateless = false +# source = "0.0.0.0/0" +# source_type = "CIDR_BLOCK" +# # Get protocol numbers from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml TCP is 6 +# protocol = "6" +# tcp_options { +# min = 443 +# max = 443 +# } +# } + ingress_security_rules { + stateless = false + source = "0.0.0.0/0" + source_type = "CIDR_BLOCK" + # Get protocol numbers from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml ICMP is 1 + protocol = "1" + + # For ICMP type and code see: https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml + icmp_options { + type = 3 + code = 4 + } + } + + ingress_security_rules { + stateless = false + source = "10.0.0.0/16" + source_type = "CIDR_BLOCK" + # Get protocol numbers from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml ICMP is 1 + protocol = "1" + + # For ICMP type and code see: https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml + icmp_options { + type = 3 + } + } + +} + +# Create DHCP Options + +resource "oci_core_dhcp_options" "dhcp-options"{ + + # Required + compartment_id = oci_identity_compartment.tf-compartment.id + vcn_id = var.vcn_ocid + #Options for type are either "DomainNameServer" or "SearchDomain" + options { + type = "DomainNameServer" + server_type = "VcnLocalPlusInternet" + } + + # Optional + display_name = "default-dhcp-options" +} + +# Create a compute instance + +resource "oci_core_instance" "ords_compute_instance" { + # Required + availability_domain = data.oci_identity_availability_domains.ads.availability_domains[0].name + compartment_id = oci_identity_compartment.tf-compartment.id + is_pv_encryption_in_transit_enabled = "true" + count = var.number_of_midtiers +# Shape Section +# + shape = var.vm_shape +# +# Remember to add the following section if using one of the shapes that need it. Refer to the readme +# + shape_config { + memory_in_gbs = "8" + ocpus = "1" + } +# +# + source_details { + # Oracle Linux 7.9 + source_id = "ocid1.image.oc1.eu-frankfurt-1.aaaaaaaaprt6uk32tylin3owcddyllao3uthmo7vheqepeybvjj6to7xkdgq" + source_type = "image" + } + + # Optional + display_name = "ORDS${count.index}" + create_vnic_details { + assign_public_ip = true + subnet_id = oci_core_subnet.vcn-public-subnet.id + } + metadata = { + ssh_authorized_keys = file("/path/to/your/public/keys") + block_storage_sizes_in_gbs = "20" + } + preserve_boot_volume = false +} + + +# OS Stuff + +resource "null_resource" "remote-exec" { + + count = var.number_of_midtiers + + provisioner "remote-exec" { + connection { + agent = false + timeout = "10m" + host = oci_core_instance.ords_compute_instance[count.index].public_ip + user = "opc" + private_key = file("/path/to/your/private/keys") + } + + inline = [ + "sudo yum install ords -y", + "sudo firewall-cmd --permanent --zone=public --add-port=8443/tcp", + # "sudo firewall-cmd --permanent --zone=public --add-port=443/tcp", + "sudo firewall-cmd --reload", + ] + + } + +depends_on = [ + oci_core_instance.ords_compute_instance, + ] + +} + + +resource "null_resource" "file" { + + count = var.number_of_midtiers + + connection { + agent = false + timeout = "10m" + host = oci_core_instance.ords_compute_instance[count.index].public_ip + user = "opc" + private_key = file("/path/to/your/private/keys") + } + + provisioner "file" { + source = "ords_params.properties" + destination = "/tmp/ords_params.properties" + } + + provisioner "remote-exec" { + connection { + agent = false + timeout = "10m" + host = oci_core_instance.ords_compute_instance[count.index].public_ip + user = "opc" + private_key = file("/path/to/your/private/keys") + } + + inline = [ + # Set the config directory + "sudo su - oracle -c 'java -jar /opt/oracle/ords/ords.war configdir /opt/oracle/ords/conf'", + + # Uninstall then install + "sudo su - oracle -c 'java -jar /opt/oracle/ords/ords.war uninstall --parameterFile /tmp/ords_params.properties --silent'", + "sudo su - oracle -c 'java -jar /opt/oracle/ords/ords.war install --parameterFile /tmp/ords_params.properties --silent &'", + "sudo su - oracle -c 'sleep 60s'", + "sudo rm /tmp/ords_params.properties", + + # # we need to make sure ORDS is stopped.....no matter what..... + # "sudo su - oracle -c 'systemctl stop ords'", + # "sudo systemctl stop ords", + # "sudo su - oracle -c 'ps -ef | grep java | grep -v grep | awk \"{print $2}\" | xargs kill'", + + # #prep for starting as root on 443 + # "sudo su - oracle -c 'sed -i 's/8443/443/g' /opt/oracle/ords/conf/ords/standalone/standalone.properties'", + # "sudo sed -i \"s,ords_owner='oracle',ords_owner='root',g\" /etc/init.d/ords", + # "sudo systemctl start ords", + ] + + } + +depends_on = [ + null_resource.remote-exec + ] + +} diff --git a/example/real_world_stuff/oracle/oracle%oracle-db-tools%devops%terraform%ORDS_dbcs%variables.tf b/example/real_world_stuff/oracle/oracle%oracle-db-tools%devops%terraform%ORDS_dbcs%variables.tf new file mode 100644 index 0000000..192e44d --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%oracle-db-tools%devops%terraform%ORDS_dbcs%variables.tf @@ -0,0 +1,51 @@ +# Variables for ORDS Only install +# Please fill in the xxxxxx with your account values + +variable "region" { + # sample: eu-frankfurt-1 + default = "xxxxxx" +} + + +variable "tenancy_ocid" { + # OCID of your OCI Account Tenancy + default = "xxxxxx" +} + +variable "vcn_ocid" { +# if using an existing VCN, add the OCID here: +# Assumption is that the vcn cidr = "10.0.0.0/16" +# If using a different CIDR, you will need to make the changes in the terraform file +# + default = "xxxxx" + +} + + +variable "vm_shape" { + # shape/type of VM + # choose from: VM.Standard.E2.1.Micro, VM.Standard.E4.Flex, VM.Standard.A1.Flex + # if using VM.Standard.E4.Flex or VM.Standard.A1.Flex you must add the folowing lines to define the shape + # for VM.Standard.A1.Flex, you can have up to 4 OCPUs and 24 gb of memory for free. + # shape_config { + # memory_in_gbs = "24" + # ocpus = "4" + # } + default = "xxxxxx" +} + +variable "number_of_midtiers" { + # how many midtiers you want to create + default = 1 +} + + +## These Variables are not used at this time + +# variable "ssh_public_key" { +# default = "xxxxxx" +# } + +# variable "ssh_private_key" { +# default = "xxxxxx" +# } \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%oracle-db-tools%devops%terraform%vanityURL-ADB%Variables.tf b/example/real_world_stuff/oracle/oracle%oracle-db-tools%devops%terraform%vanityURL-ADB%Variables.tf new file mode 100644 index 0000000..671a347 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%oracle-db-tools%devops%terraform%vanityURL-ADB%Variables.tf @@ -0,0 +1,47 @@ +# Variables +# Please fill in the xxxxxx with your account values + +variable "region" { + # sample: eu-frankfurt-1 + default = "xxxxxx" +} + +variable "admin_password" { + #admin password of the autonomous database you want to use + default = "xxxxxx" +} + +variable "tenency_ocid" { + # OCID of your OCI Account Tenancy + default = "xxxxxx" +} + +variable "adb_ocid" { + # OCID of your Autonomous Database you wish to use + default = "xxxxxx" +} + +variable "database_name" { + # Name of the autonomous database you wish to use + default = "xxxxxx" +} + +variable "domain_name" { + # Your domain name you wish to use and own + default = "xxxxxx" +} + +variable "number_of_midtiers" { + # how many midtiers you want to create + default = 1 +} + +## These Variables are not used at this time + +variable "ssh_public_key" { + default = "xxxxxx" +} + +variable "ssh_private_key" { + default = "xxxxxx" +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%oracle-db-tools%devops%terraform%vanityURL-ADB%completeSetupFullVM.tf b/example/real_world_stuff/oracle/oracle%oracle-db-tools%devops%terraform%vanityURL-ADB%completeSetupFullVM.tf new file mode 100644 index 0000000..afd253e --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%oracle-db-tools%devops%terraform%vanityURL-ADB%completeSetupFullVM.tf @@ -0,0 +1,551 @@ +# Start + +# Get ADs + +# is the compartment OCID for the root compartment. +# Use for the compartment OCID. + +data "oci_identity_availability_domains" "ads" { + compartment_id = var.tenency_ocid +} + +# Create a compartment + +resource "oci_identity_compartment" "tf-compartment" { + # Required + compartment_id = var.tenency_ocid + description = "Compartment for Terraform resources." + name = "ORDS_Compartment" +} + +# Create a VCN + +module "vcn"{ + source = "oracle-terraform-modules/vcn/oci" + version = "1.0.3" + # Use the latest version, if there is one newer than "1.0.3" + # insert the 4 required variables here + + # Required + compartment_id = oci_identity_compartment.tf-compartment.id + region = var.region + vcn_name = "ordsvcn" + vcn_dns_label = "ordsvcn" + + # Optional + internet_gateway_enabled = true + nat_gateway_enabled = true + service_gateway_enabled = true + vcn_cidr = "10.0.0.0/16" +} + +# Create a private subnet + +resource "oci_core_subnet" "vcn-private-subnet"{ + + # Required + compartment_id = oci_identity_compartment.tf-compartment.id + vcn_id = module.vcn.vcn_id + cidr_block = "10.0.1.0/24" + + # Optional + # Caution: For the route table id, use module.vcn.nat_route_id. + # Do not use module.vcn.nat_gateway_id, because it is the OCID for the gateway and not the route table. + route_table_id = module.vcn.nat_route_id + security_list_ids = [oci_core_security_list.private-security-list.id] + display_name = "private-subnet" +} + +# Create a public subnet + +resource "oci_core_subnet" "vcn-public-subnet"{ + + # Required + compartment_id = oci_identity_compartment.tf-compartment.id + vcn_id = module.vcn.vcn_id + cidr_block = "10.0.0.0/24" + + # Optional + route_table_id = module.vcn.ig_route_id + security_list_ids = [oci_core_security_list.public-security-list.id] + display_name = "public-subnet" +} + +# Create a private security list and some rules + +resource "oci_core_security_list" "private-security-list"{ + +# Required + compartment_id = oci_identity_compartment.tf-compartment.id + vcn_id = module.vcn.vcn_id + +# Optional + display_name = "security-list-for-private-subnet" + +# +egress_security_rules { + stateless = false + destination = "0.0.0.0/0" + destination_type = "CIDR_BLOCK" + protocol = "all" + } + +ingress_security_rules { + stateless = false + source = "10.0.0.0/16" + source_type = "CIDR_BLOCK" + # Get protocol numbers from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml TCP is 6 + protocol = "6" + tcp_options { + min = 22 + max = 22 + } + } + ingress_security_rules { + stateless = false + source = "0.0.0.0/0" + source_type = "CIDR_BLOCK" + # Get protocol numbers from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml ICMP is 1 + protocol = "1" + + # For ICMP type and code see: https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml + icmp_options { + type = 3 + code = 4 + } + } + + ingress_security_rules { + stateless = false + source = "10.0.0.0/16" + source_type = "CIDR_BLOCK" + # Get protocol numbers from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml ICMP is 1 + protocol = "1" + + # For ICMP type and code see: https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml + icmp_options { + type = 3 + } + } +} + +# Create a public security list and some rules + +resource "oci_core_security_list" "public-security-list"{ + +# Required + compartment_id = oci_identity_compartment.tf-compartment.id + vcn_id = module.vcn.vcn_id + +# Optional + display_name = "security-list-for-public-subnet" + + egress_security_rules { + stateless = false + destination = "0.0.0.0/0" + destination_type = "CIDR_BLOCK" + protocol = "all" + } +ingress_security_rules { + stateless = false + source = "0.0.0.0/0" + source_type = "CIDR_BLOCK" + # Get protocol numbers from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml TCP is 6 + protocol = "6" + tcp_options { + min = 22 + max = 22 + } + } +ingress_security_rules { + stateless = false + source = "0.0.0.0/0" + source_type = "CIDR_BLOCK" + # Get protocol numbers from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml TCP is 6 + protocol = "6" + tcp_options { + min = 80 + max = 80 + } + } +ingress_security_rules { + stateless = false + source = "0.0.0.0/0" + source_type = "CIDR_BLOCK" + # Get protocol numbers from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml TCP is 6 + protocol = "6" + tcp_options { + min = 8080 + max = 8080 + } + } +ingress_security_rules { + stateless = false + source = "0.0.0.0/0" + source_type = "CIDR_BLOCK" + # Get protocol numbers from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml TCP is 6 + protocol = "6" + tcp_options { + min = 443 + max = 443 + } + } + ingress_security_rules { + stateless = false + source = "0.0.0.0/0" + source_type = "CIDR_BLOCK" + # Get protocol numbers from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml ICMP is 1 + protocol = "1" + + # For ICMP type and code see: https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml + icmp_options { + type = 3 + code = 4 + } + } + + ingress_security_rules { + stateless = false + source = "10.0.0.0/16" + source_type = "CIDR_BLOCK" + # Get protocol numbers from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml ICMP is 1 + protocol = "1" + + # For ICMP type and code see: https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml + icmp_options { + type = 3 + } + } + +} + +# Create DHCP Options + +resource "oci_core_dhcp_options" "dhcp-options"{ + + # Required + compartment_id = oci_identity_compartment.tf-compartment.id + vcn_id = module.vcn.vcn_id + #Options for type are either "DomainNameServer" or "SearchDomain" + options { + type = "DomainNameServer" + server_type = "VcnLocalPlusInternet" + } + + # Optional + display_name = "default-dhcp-options" +} + +# Create a compute instance + +resource "oci_core_instance" "ords_compute_instance" { + # Required + availability_domain = data.oci_identity_availability_domains.ads.availability_domains[0].name + compartment_id = oci_identity_compartment.tf-compartment.id + count = var.number_of_midtiers + #shape = "VM.Standard.E2.1.Micro" + shape = "VM.Standard.E3.Flex" + shape_config { + memory_in_gbs = "20" + ocpus = "1" + } + source_details { + source_id = "ocid1.image.oc1.eu-frankfurt-1.aaaaaaaaf6gm7xvn7rhll36kwlotl4chm25ykgsje7zt2b4w6gae4yqfdfwa" + source_type = "image" + } + + # Optional + display_name = "ORDS${count.index}" + create_vnic_details { + assign_public_ip = true + subnet_id = oci_core_subnet.vcn-public-subnet.id + } + metadata = { + ssh_authorized_keys = file("/path/to/your/public/keys") + block_storage_sizes_in_gbs = "20" + } + preserve_boot_volume = false +} + +# # Create a volume + +# resource "oci_core_volume" "ords_volume" { + +# availability_domain = data.oci_identity_availability_domains.ads.availability_domains[0].name +# compartment_id = oci_identity_compartment.tf-compartment.id +# display_name = "ords_volume" +# size_in_gbs = "50" +# } + +# # Attach the volume + +# resource "oci_core_volume_attachment" "attach_volume" { + +# instance_id = oci_core_instance.ords_compute_instance.id +# volume_id = oci_core_volume.ords_volume.id +# attachment_type = "paravirtualized" + +# } + +# Load Balancer + +resource "oci_load_balancer_load_balancer" "vanity_load_balancer" { + + compartment_id = oci_identity_compartment.tf-compartment.id + display_name = "LB1" + shape = "10Mbps-Micro" + subnet_ids = [oci_core_subnet.vcn-public-subnet.id] + +depends_on = [ + oci_core_instance.ords_compute_instance, + ] + +} + +resource "oci_load_balancer_backend" "vanity_backend" { + count = var.number_of_midtiers + backendset_name = oci_load_balancer_backend_set.vanity_backend_set.name + ip_address = oci_core_instance.ords_compute_instance[count.index].private_ip + load_balancer_id = oci_load_balancer_load_balancer.vanity_load_balancer.id + port = "8080" + +} + +resource "oci_load_balancer_backend" "vanity_backend_ssl" { + count = var.number_of_midtiers + backendset_name = oci_load_balancer_backend_set.vanity_backend_set_ssl.name + ip_address = oci_core_instance.ords_compute_instance[count.index].private_ip + load_balancer_id = oci_load_balancer_load_balancer.vanity_load_balancer.id + port = "443" + +} + +resource "oci_load_balancer_backend_set" "vanity_backend_set" { + #Required + health_checker { + #Required + protocol = "TCP" + + #Optional + interval_ms = "10000" + port = "8080" + retries = "3" + timeout_in_millis = "3000" + } + load_balancer_id = oci_load_balancer_load_balancer.vanity_load_balancer.id + name = "ords_backendset" + policy = "ROUND_ROBIN" + +} + +resource "oci_load_balancer_backend_set" "vanity_backend_set_ssl" { + #Required + health_checker { + #Required + protocol = "TCP" + + #Optional + interval_ms = "10000" + port = "443" + retries = "3" + timeout_in_millis = "3000" + } + load_balancer_id = oci_load_balancer_load_balancer.vanity_load_balancer.id + name = "ords_backendset_ssl" + policy = "ROUND_ROBIN" + +} + +resource "oci_load_balancer_listener" "vanity_listener" { + #Required + default_backend_set_name = oci_load_balancer_backend_set.vanity_backend_set.name + load_balancer_id = oci_load_balancer_load_balancer.vanity_load_balancer.id + name = "ORDS_BackendListener" + port = "80" + protocol = "TCP" + +} + +resource "oci_load_balancer_listener" "vanity_listener_ssl" { + #Required + default_backend_set_name = oci_load_balancer_backend_set.vanity_backend_set_ssl.name + load_balancer_id = oci_load_balancer_load_balancer.vanity_load_balancer.id + name = "ORDS_BackendListener_ssl" + port = "443" + protocol = "TCP" + +} + +resource "random_string" "password" { + length = 16 + special = true + min_special = 2 + min_numeric = 2 + override_special = "#" + +depends_on = [ + oci_core_instance.ords_compute_instance, + ] + +} + +resource "oci_database_autonomous_database_wallet" "autonomous_data_warehouse_wallet" { + #Required + autonomous_database_id = var.adb_ocid + password = random_string.password.result + + #Optional + base64_encode_content = "true" + generate_type = "SINGLE" +} + +resource "local_file" "autonomous_data_warehouse_wallet_file" { + content_base64 = oci_database_autonomous_database_wallet.autonomous_data_warehouse_wallet.content + filename = "wallet.zip" + +depends_on = [ + oci_core_instance.ords_compute_instance, + ] + +} + +output "autonomous_data_warehouse_wallet_password" { + value = "The password is ${random_string.password.result}" +} + +# OS Stuff + +resource "null_resource" "remote-exec" { + + count = var.number_of_midtiers + + provisioner "remote-exec" { + connection { + agent = false + timeout = "10m" + host = oci_core_instance.ords_compute_instance[count.index].public_ip + user = "opc" + private_key = file("/path/to/your/private/keys") + } + + inline = [ + "sudo yum install ords -y", + "sudo yum install sqlcl -y", + "sudo firewall-cmd --permanent --zone=public --add-port=8080/tcp", + "sudo firewall-cmd --permanent --zone=public --add-port=443/tcp", + "sudo firewall-cmd --reload", + ] + + } + +depends_on = [ + oci_core_instance.ords_compute_instance, + oci_load_balancer_listener.vanity_listener, + ] + +} + +resource "null_resource" "file" { + + count = var.number_of_midtiers + + connection { + agent = false + timeout = "10m" + host = oci_core_instance.ords_compute_instance[count.index].public_ip + user = "opc" + private_key = file("/path/to/your/private/keys") + } + + provisioner "file" { + source = "wallet.zip" + destination = "/tmp/wallet.zip" + } + + provisioner "remote-exec" { + connection { + agent = false + timeout = "10m" + host = oci_core_instance.ords_compute_instance[count.index].public_ip + user = "opc" + private_key = file("/path/to/your/private/keys") + } + + inline = [ + "sudo su - oracle -c 'curl -o /opt/oracle/ords/apex.zip APEX_PAR_URL'", + "sudo su - oracle -c 'unzip -q /opt/oracle/ords/apex.zip -d /opt/oracle/ords'", + "sudo su - oracle -c 'curl -o /opt/oracle/ords/ords_conf.zip ORDS_CONF_PAR_URL'", + "sudo su - oracle -c 'unzip -q /opt/oracle/ords/ords_conf.zip -d /opt/oracle/ords/'", + "sudo su - oracle -c 'sed -i 's/PASSWORD_HERE/${random_string.password.result}/g' /opt/oracle/ords/conf/ords/create_user.sql'", + "sudo su - oracle -c 'sed -i 's/PASSWORD_HERE/${random_string.password.result}/g' /opt/oracle/ords/conf/ords/conf/apex_pu.xml'", + "sudo su - oracle -c 'java -jar /opt/oracle/ords/ords.war configdir /opt/oracle/ords/conf'", + "sudo su - oracle -c 'mkdir -p /opt/oracle/ords/conf/ords/standalone/doc_root/.well-known/acme-challenge'", + "sudo su - oracle -c 'sql -cloudconfig /tmp/wallet.zip admin/${var.admin_password}@${var.database_name}_high @/opt/oracle/ords/conf/ords/create_user.sql'", + "sudo su - oracle -c 'java -jar -Duser.timezone=UTC /opt/oracle/ords/ords.war standalone &'", + "sudo su - oracle -c 'sleep 210s'", + ] + + } + +depends_on = [ + local_file.autonomous_data_warehouse_wallet_file, null_resource.remote-exec + ] + +} + + + +resource "null_resource" "cert" { + + count = var.number_of_midtiers + + connection { + agent = false + timeout = "10m" + host = oci_core_instance.ords_compute_instance[count.index].public_ip + user = "opc" + private_key = file("/path/to/your/private/keys") + } + + + provisioner "remote-exec" { + connection { + agent = false + timeout = "10m" + host = oci_core_instance.ords_compute_instance[count.index].public_ip + user = "opc" + private_key = file("/path/to/your/private/keys") + } + + inline = [ + + "sudo su - oracle -c 'curl --silent https://raw.githubusercontent.com/srvrco/getssl/master/getssl > getssl ; chmod 700 getssl'", + "sudo su - oracle -c './getssl -c ${var.domain_name}'", + "sudo su - oracle -c 'cd ~/.getssl ; cd $(ls -d */|head -n 1) ; echo 'PRIVATE_KEY_ALG=\"rsa\"' >> getssl.cfg ; echo \"ACL=('/opt/oracle/ords/conf/ords/standalone/doc_root/.well-known/acme-challenge')\" >> getssl.cfg ; echo 'USE_SINGLE_ACL=\"true\"' >> getssl.cfg ; '", + "sudo su - oracle -c 'cd ~/.getssl ; sed -i 's/acme-staging-v02/acme-v02/g' getssl.cfg'", + "sudo su - oracle -c './getssl ${var.domain_name}'", + "sudo su - oracle -c 'cd ~/.getssl; cd $(ls -d */|head -n 1); cp ${var.domain_name}.crt /opt/oracle/ords/conf/ords/standalone/domain.crt; cp ${var.domain_name}.key /opt/oracle/ords/conf/ords/standalone/domain.key; '", + "sudo su - oracle -c 'openssl pkcs8 -topk8 -inform PEM -outform PEM -nocrypt -in /opt/oracle/ords/conf/ords/standalone/domain.key -out /opt/oracle/ords/conf/ords/standalone/domain.pkcs8.key'", + "sudo su - oracle -c 'openssl pkcs8 -topk8 -inform PEM -outform DER -in /opt/oracle/ords/conf/ords/standalone/domain.pkcs8.key -out /opt/oracle/ords/conf/ords/standalone/domain.pkcs8.der -nocrypt'", + "sudo su - oracle -c 'rm /opt/oracle/ords/conf/ords/standalone/domain.pkcs8.key'", + "sudo su - oracle -c 'cp /opt/oracle/ords/conf/ords/standalone/standalone.properties /opt/oracle/ords/conf/ords/standalone/standalone.properties.nonSSL'", + "sudo su - oracle -c 'cp /opt/oracle/ords/conf/ords/standalone/standalone.properties.SSL /opt/oracle/ords/conf/ords/standalone/standalone.properties'", +# we need to make sure ORDS is stopped.....no matter what..... + "sudo su - oracle -c 'systemctl stop ords'", + "sudo systemctl stop ords", + "sudo su - oracle -c 'ps -ef | grep java | grep -v grep | awk \"{print $2}\" | xargs kill'", +# "echo 'JAVA_OPTIONS=-Xmx512M' | sudo tee -a /etc/ords/ords.conf", + "sudo sed -i \"s,ords_owner='oracle',ords_owner='root',g\" /etc/init.d/ords", + "sudo systemctl start ords", +# "sudo su - oracle -c 'ps -ef | grep java | grep -v grep | awk \"{print $2}\" | xargs kill'", +# "sudo java -Xmx512M -jar -Duser.timezone=UTC /opt/oracle/ords/ords.war standalone &", + ] + + } + +depends_on = [ + null_resource.file + ] + +} + diff --git a/example/real_world_stuff/oracle/oracle%oracle-db-tools%devops%terraform%vanityURL-ADB%completeSetupMicroVM.tf b/example/real_world_stuff/oracle/oracle%oracle-db-tools%devops%terraform%vanityURL-ADB%completeSetupMicroVM.tf new file mode 100644 index 0000000..24ab652 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%oracle-db-tools%devops%terraform%vanityURL-ADB%completeSetupMicroVM.tf @@ -0,0 +1,525 @@ +# Start + +# Get ADs + +# is the compartment OCID for the root compartment. +# Use for the compartment OCID. + +data "oci_identity_availability_domains" "ads" { + compartment_id = var.tenency_ocid +} + +# Create a compartment + +resource "oci_identity_compartment" "tf-compartment" { + # Required + compartment_id = var.tenency_ocid + description = "Compartment for Terraform resources." + name = "ORDS_Compartment" +} + +# Create a VCN + +module "vcn"{ + source = "oracle-terraform-modules/vcn/oci" + version = "1.0.3" + # Use the latest version, if there is one newer than "1.0.3" + # insert the 4 required variables here + + # Required + compartment_id = oci_identity_compartment.tf-compartment.id + region = var.region + vcn_name = "ordsvcn" + vcn_dns_label = "ordsvcn" + + # Optional + internet_gateway_enabled = true + nat_gateway_enabled = true + service_gateway_enabled = true + vcn_cidr = "10.0.0.0/16" +} + +# Create a private subnet + +resource "oci_core_subnet" "vcn-private-subnet"{ + + # Required + compartment_id = oci_identity_compartment.tf-compartment.id + vcn_id = module.vcn.vcn_id + cidr_block = "10.0.1.0/24" + + # Optional + # Caution: For the route table id, use module.vcn.nat_route_id. + # Do not use module.vcn.nat_gateway_id, because it is the OCID for the gateway and not the route table. + route_table_id = module.vcn.nat_route_id + security_list_ids = [oci_core_security_list.private-security-list.id] + display_name = "private-subnet" +} + +# Create a public subnet + +resource "oci_core_subnet" "vcn-public-subnet"{ + + # Required + compartment_id = oci_identity_compartment.tf-compartment.id + vcn_id = module.vcn.vcn_id + cidr_block = "10.0.0.0/24" + + # Optional + route_table_id = module.vcn.ig_route_id + security_list_ids = [oci_core_security_list.public-security-list.id] + display_name = "public-subnet" +} + +# Create a private security list and some rules + +resource "oci_core_security_list" "private-security-list"{ + +# Required + compartment_id = oci_identity_compartment.tf-compartment.id + vcn_id = module.vcn.vcn_id + +# Optional + display_name = "security-list-for-private-subnet" + +# +egress_security_rules { + stateless = false + destination = "0.0.0.0/0" + destination_type = "CIDR_BLOCK" + protocol = "all" + } + +ingress_security_rules { + stateless = false + source = "10.0.0.0/16" + source_type = "CIDR_BLOCK" + # Get protocol numbers from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml TCP is 6 + protocol = "6" + tcp_options { + min = 22 + max = 22 + } + } + ingress_security_rules { + stateless = false + source = "0.0.0.0/0" + source_type = "CIDR_BLOCK" + # Get protocol numbers from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml ICMP is 1 + protocol = "1" + + # For ICMP type and code see: https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml + icmp_options { + type = 3 + code = 4 + } + } + + ingress_security_rules { + stateless = false + source = "10.0.0.0/16" + source_type = "CIDR_BLOCK" + # Get protocol numbers from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml ICMP is 1 + protocol = "1" + + # For ICMP type and code see: https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml + icmp_options { + type = 3 + } + } +} + +# Create a public security list and some rules + +resource "oci_core_security_list" "public-security-list"{ + +# Required + compartment_id = oci_identity_compartment.tf-compartment.id + vcn_id = module.vcn.vcn_id + +# Optional + display_name = "security-list-for-public-subnet" + + egress_security_rules { + stateless = false + destination = "0.0.0.0/0" + destination_type = "CIDR_BLOCK" + protocol = "all" + } +ingress_security_rules { + stateless = false + source = "0.0.0.0/0" + source_type = "CIDR_BLOCK" + # Get protocol numbers from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml TCP is 6 + protocol = "6" + tcp_options { + min = 22 + max = 22 + } + } +ingress_security_rules { + stateless = false + source = "0.0.0.0/0" + source_type = "CIDR_BLOCK" + # Get protocol numbers from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml TCP is 6 + protocol = "6" + tcp_options { + min = 80 + max = 80 + } + } +ingress_security_rules { + stateless = false + source = "0.0.0.0/0" + source_type = "CIDR_BLOCK" + # Get protocol numbers from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml TCP is 6 + protocol = "6" + tcp_options { + min = 8080 + max = 8080 + } + } +ingress_security_rules { + stateless = false + source = "0.0.0.0/0" + source_type = "CIDR_BLOCK" + # Get protocol numbers from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml TCP is 6 + protocol = "6" + tcp_options { + min = 443 + max = 443 + } + } + ingress_security_rules { + stateless = false + source = "0.0.0.0/0" + source_type = "CIDR_BLOCK" + # Get protocol numbers from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml ICMP is 1 + protocol = "1" + + # For ICMP type and code see: https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml + icmp_options { + type = 3 + code = 4 + } + } + + ingress_security_rules { + stateless = false + source = "10.0.0.0/16" + source_type = "CIDR_BLOCK" + # Get protocol numbers from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml ICMP is 1 + protocol = "1" + + # For ICMP type and code see: https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml + icmp_options { + type = 3 + } + } + +} + +# Create DHCP Options + +resource "oci_core_dhcp_options" "dhcp-options"{ + + # Required + compartment_id = oci_identity_compartment.tf-compartment.id + vcn_id = module.vcn.vcn_id + #Options for type are either "DomainNameServer" or "SearchDomain" + options { + type = "DomainNameServer" + server_type = "VcnLocalPlusInternet" + } + + # Optional + display_name = "default-dhcp-options" +} + +# Create a compute instance + +resource "oci_core_instance" "ords_compute_instance" { + # Required + availability_domain = data.oci_identity_availability_domains.ads.availability_domains[0].name + compartment_id = oci_identity_compartment.tf-compartment.id + count = var.number_of_midtiers + shape = "VM.Standard.E2.1.Micro" + source_details { + source_id = "ocid1.image.oc1.eu-frankfurt-1.aaaaaaaaf6gm7xvn7rhll36kwlotl4chm25ykgsje7zt2b4w6gae4yqfdfwa" + source_type = "image" + } + + # Optional + display_name = "ORDS${count.index}" + create_vnic_details { + assign_public_ip = true + subnet_id = oci_core_subnet.vcn-public-subnet.id + } + metadata = { + ssh_authorized_keys = file("/path/to/your/public/keys") + block_storage_sizes_in_gbs = "20" + } + preserve_boot_volume = false +} + +# Load Balancer + +resource "oci_load_balancer_load_balancer" "vanity_load_balancer" { + + compartment_id = oci_identity_compartment.tf-compartment.id + display_name = "LB1" + shape = "10Mbps-Micro" + subnet_ids = [oci_core_subnet.vcn-public-subnet.id] + +depends_on = [ + oci_core_instance.ords_compute_instance, + ] + +} + +resource "oci_load_balancer_backend" "vanity_backend" { + count = var.number_of_midtiers + backendset_name = oci_load_balancer_backend_set.vanity_backend_set.name + ip_address = oci_core_instance.ords_compute_instance[count.index].private_ip + load_balancer_id = oci_load_balancer_load_balancer.vanity_load_balancer.id + port = "8080" + +} + +resource "oci_load_balancer_backend" "vanity_backend_ssl" { + count = var.number_of_midtiers + backendset_name = oci_load_balancer_backend_set.vanity_backend_set_ssl.name + ip_address = oci_core_instance.ords_compute_instance[count.index].private_ip + load_balancer_id = oci_load_balancer_load_balancer.vanity_load_balancer.id + port = "443" + +} + +resource "oci_load_balancer_backend_set" "vanity_backend_set" { + #Required + health_checker { + #Required + protocol = "TCP" + + #Optional + interval_ms = "10000" + port = "8080" + retries = "3" + timeout_in_millis = "3000" + } + load_balancer_id = oci_load_balancer_load_balancer.vanity_load_balancer.id + name = "ords_backendset" + policy = "ROUND_ROBIN" + +} + +resource "oci_load_balancer_backend_set" "vanity_backend_set_ssl" { + #Required + health_checker { + #Required + protocol = "TCP" + + #Optional + interval_ms = "10000" + port = "443" + retries = "3" + timeout_in_millis = "3000" + } + load_balancer_id = oci_load_balancer_load_balancer.vanity_load_balancer.id + name = "ords_backendset_ssl" + policy = "ROUND_ROBIN" + +} + +resource "oci_load_balancer_listener" "vanity_listener" { + #Required + default_backend_set_name = oci_load_balancer_backend_set.vanity_backend_set.name + load_balancer_id = oci_load_balancer_load_balancer.vanity_load_balancer.id + name = "ORDS_BackendListener" + port = "80" + protocol = "TCP" + +} + +resource "oci_load_balancer_listener" "vanity_listener_ssl" { + #Required + default_backend_set_name = oci_load_balancer_backend_set.vanity_backend_set_ssl.name + load_balancer_id = oci_load_balancer_load_balancer.vanity_load_balancer.id + name = "ORDS_BackendListener_ssl" + port = "443" + protocol = "TCP" + +} + +resource "random_string" "password" { + length = 16 + special = true + min_special = 2 + min_numeric = 2 + override_special = "#" + +depends_on = [ + oci_core_instance.ords_compute_instance, + ] + +} + +resource "oci_database_autonomous_database_wallet" "autonomous_data_warehouse_wallet" { + #Required + autonomous_database_id = var.adb_ocid + password = random_string.password.result + + #Optional + base64_encode_content = "true" + generate_type = "SINGLE" +} + +resource "local_file" "autonomous_data_warehouse_wallet_file" { + content_base64 = oci_database_autonomous_database_wallet.autonomous_data_warehouse_wallet.content + filename = "wallet.zip" + +depends_on = [ + oci_core_instance.ords_compute_instance, + ] + +} + +output "autonomous_data_warehouse_wallet_password" { + value = "The password is ${random_string.password.result}" +} + +# OS Stuff + +resource "null_resource" "remote-exec" { + + count = var.number_of_midtiers + + provisioner "remote-exec" { + connection { + agent = false + timeout = "10m" + host = oci_core_instance.ords_compute_instance[count.index].public_ip + user = "opc" + private_key = file("/path/to/your/private/keys") + } + + inline = [ + "sudo yum install ords -y", + "sudo yum install sqlcl -y", + "sudo firewall-cmd --permanent --zone=public --add-port=8080/tcp", + "sudo firewall-cmd --permanent --zone=public --add-port=443/tcp", + "sudo firewall-cmd --reload", + ] + + } + +depends_on = [ + oci_core_instance.ords_compute_instance, + ] + +} + +resource "null_resource" "file" { + + count = var.number_of_midtiers + + connection { + agent = false + timeout = "10m" + host = oci_core_instance.ords_compute_instance[count.index].public_ip + user = "opc" + private_key = file("/path/to/your/private/keys") + } + + provisioner "file" { + source = "wallet.zip" + destination = "/tmp/wallet.zip" + } + + provisioner "remote-exec" { + connection { + agent = false + timeout = "10m" + host = oci_core_instance.ords_compute_instance[count.index].public_ip + user = "opc" + private_key = file("/path/to/your/private/keys") + } + + inline = [ + "sudo su - oracle -c 'curl -o /opt/oracle/ords/apex.zip APEX_PAR_URL'", + "sudo su - oracle -c 'unzip -q /opt/oracle/ords/apex.zip -d /opt/oracle/ords'", + "sudo su - oracle -c 'curl -o /opt/oracle/ords/ords_conf.zip ORDS_CONF_PAR_URL'", + "sudo su - oracle -c 'unzip -q /opt/oracle/ords/ords_conf.zip -d /opt/oracle/ords/'", + "sudo su - oracle -c 'sed -i 's/PASSWORD_HERE/${random_string.password.result}/g' /opt/oracle/ords/conf/ords/create_user.sql'", + "sudo su - oracle -c 'sed -i 's/PASSWORD_HERE/${random_string.password.result}/g' /opt/oracle/ords/conf/ords/conf/apex_pu.xml'", + "sudo su - oracle -c 'java -Xmx512M -jar /opt/oracle/ords/ords.war configdir /opt/oracle/ords/conf'", + "sudo su - oracle -c 'mkdir -p /opt/oracle/ords/conf/ords/standalone/doc_root/.well-known/acme-challenge'", + "sudo su - oracle -c 'sql -cloudconfig /tmp/wallet.zip admin/${var.admin_password}@${var.database_name}_high @/opt/oracle/ords/conf/ords/create_user.sql'", + "sudo su - oracle -c 'java -Xmx512M -jar -Duser.timezone=UTC /opt/oracle/ords/ords.war standalone &'", + "sudo su - oracle -c 'sleep 210s'", + ] + + } + +depends_on = [ + local_file.autonomous_data_warehouse_wallet_file, null_resource.remote-exec + ] + +} + + + +resource "null_resource" "cert" { + + count = var.number_of_midtiers + + connection { + agent = false + timeout = "10m" + host = oci_core_instance.ords_compute_instance[count.index].public_ip + user = "opc" + private_key = file("/path/to/your/private/keys") + } + + + provisioner "remote-exec" { + connection { + agent = false + timeout = "10m" + host = oci_core_instance.ords_compute_instance[count.index].public_ip + user = "opc" + private_key = file("/path/to/your/private/keys") + } + + inline = [ + + "sudo su - oracle -c 'curl --silent https://raw.githubusercontent.com/srvrco/getssl/master/getssl > getssl ; chmod 700 getssl'", + "sudo su - oracle -c './getssl -c ${var.domain_name}'", + "sudo su - oracle -c 'cd ~/.getssl ; cd $(ls -d */|head -n 1) ; echo 'PRIVATE_KEY_ALG=\"rsa\"' >> getssl.cfg ; echo \"ACL=('/opt/oracle/ords/conf/ords/standalone/doc_root/.well-known/acme-challenge')\" >> getssl.cfg ; echo 'USE_SINGLE_ACL=\"true\"' >> getssl.cfg ; '", + "sudo su - oracle -c 'cd ~/.getssl ; sed -i 's/acme-staging-v02/acme-v02/g' getssl.cfg'", + "sudo su - oracle -c './getssl ${var.domain_name}'", + "sudo su - oracle -c 'cd ~/.getssl; cd $(ls -d */|head -n 1); cp ${var.domain_name}.crt /opt/oracle/ords/conf/ords/standalone/domain.crt; cp ${var.domain_name}.key /opt/oracle/ords/conf/ords/standalone/domain.key; '", + "sudo su - oracle -c 'openssl pkcs8 -topk8 -inform PEM -outform PEM -nocrypt -in /opt/oracle/ords/conf/ords/standalone/domain.key -out /opt/oracle/ords/conf/ords/standalone/domain.pkcs8.key'", + "sudo su - oracle -c 'openssl pkcs8 -topk8 -inform PEM -outform DER -in /opt/oracle/ords/conf/ords/standalone/domain.pkcs8.key -out /opt/oracle/ords/conf/ords/standalone/domain.pkcs8.der -nocrypt'", + "sudo su - oracle -c 'rm /opt/oracle/ords/conf/ords/standalone/domain.pkcs8.key'", + "sudo su - oracle -c 'cp /opt/oracle/ords/conf/ords/standalone/standalone.properties /opt/oracle/ords/conf/ords/standalone/standalone.properties.nonSSL'", + "sudo su - oracle -c 'cp /opt/oracle/ords/conf/ords/standalone/standalone.properties.SSL /opt/oracle/ords/conf/ords/standalone/standalone.properties'", +# we need to make sure ORDS is stopped + "sudo su - oracle -c 'systemctl stop ords'", + "sudo systemctl stop ords", + "sudo su - oracle -c 'ps -ef | grep java | grep -v grep | awk \"{print $2}\" | xargs kill'", + "echo 'JAVA_OPTIONS=-Xmx512M' | sudo tee -a /etc/ords/ords.conf", + "sudo sed -i \"s,ords_owner='oracle',ords_owner='root',g\" /etc/init.d/ords", + "sudo systemctl start ords", +# "sudo su - oracle -c 'ps -ef | grep java | grep -v grep | awk \"{print $2}\" | xargs kill'", +# "sudo java -Xmx512M -jar -Duser.timezone=UTC /opt/oracle/ords/ords.war standalone &", + ] + + } + +depends_on = [ + null_resource.file + ] + +} + diff --git a/example/real_world_stuff/oracle/oracle%oracle-db-tools%devops%terraform%vanityURL-DBCS%Variables.tf b/example/real_world_stuff/oracle/oracle%oracle-db-tools%devops%terraform%vanityURL-DBCS%Variables.tf new file mode 100644 index 0000000..84f1af5 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%oracle-db-tools%devops%terraform%vanityURL-DBCS%Variables.tf @@ -0,0 +1,56 @@ +# Variables +# Please fill in the xxxxxx with your account values + +variable "region" { + # sample: eu-frankfurt-1 + default = "xxxxxx" +} + + +variable "tenancy_ocid" { + # OCID of your OCI Account Tenancy + default = "xxxxxx" +} + +variable "vcn_ocid" { +# if using an existing VCN, add the OCID here: +# Assumption is that the vcn cidr = "10.0.0.0/16" +# If using a different CIDR, you will need to make the changes in the terraform file +# + default = "xxxxx" + +} + + +variable "vm_shape" { + # shape/type of VM + # choose from: VM.Standard.E2.1.Micro, VM.Standard.E4.Flex, VM.Standard.A1.Flex + # if using VM.Standard.E4.Flex or VM.Standard.A1.Flex you must add the folowing lines to define the shape + # for VM.Standard.A1.Flex, you can have up to 4 OCPUs and 24 gb of memory for free. + # shape_config { + # memory_in_gbs = "24" + # ocpus = "4" + # } + default = "xxxxxx" +} + +variable "domain_name" { + # Your domain name you wish to use and own + default = "xxxxxx" +} + +variable "number_of_midtiers" { + # how many midtiers you want to create + default = 1 +} + + +## These Variables are not used at this time + +variable "ssh_public_key" { + default = "xxxxxx" +} + +variable "ssh_private_key" { + default = "xxxxxx" +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%oracle-db-tools%devops%terraform%vanityURL-DBCS%main.tf b/example/real_world_stuff/oracle/oracle%oracle-db-tools%devops%terraform%vanityURL-DBCS%main.tf new file mode 100644 index 0000000..42af4b3 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%oracle-db-tools%devops%terraform%vanityURL-DBCS%main.tf @@ -0,0 +1,521 @@ +# Start + +# Get ADs + +# is the compartment OCID for the root compartment. +# Use for the compartment OCID. + +data "oci_identity_availability_domains" "ads" { + compartment_id = var.tenancy_ocid +} + +# Create a compartment + +resource "oci_identity_compartment" "tf-compartment" { + # Required + compartment_id = var.tenancy_ocid + description = "Compartment for Terraform resources." + name = "ORDS_Compartment" +} + +# Create a private subnet + +resource "oci_core_subnet" "vcn-private-subnet"{ + + # Required + compartment_id = oci_identity_compartment.tf-compartment.id + vcn_id = var.vcn_ocid + cidr_block = "10.0.1.0/24" + + # Optional + # Caution: For the route table id, use module.vcn.nat_route_id. + # Do not use module.vcn.nat_gateway_id, because it is the OCID for the gateway and not the route table. + #route_table_id = module.vcn.nat_route_id + security_list_ids = [oci_core_security_list.private-security-list.id] + display_name = "private-subnet" +} + +# Create a public subnet + +resource "oci_core_subnet" "vcn-public-subnet"{ + + # Required + compartment_id = oci_identity_compartment.tf-compartment.id + vcn_id = var.vcn_ocid + cidr_block = "10.0.0.0/24" + + # Optional + #route_table_id = module.vcn.ig_route_id + security_list_ids = [oci_core_security_list.public-security-list.id] + display_name = "public-subnet" +} + +# Create a private security list and some rules + +resource "oci_core_security_list" "private-security-list"{ + +# Required + compartment_id = oci_identity_compartment.tf-compartment.id + vcn_id = var.vcn_ocid + +# Optional + display_name = "security-list-for-private-ords-subnet" + +# +egress_security_rules { + stateless = false + destination = "0.0.0.0/0" + destination_type = "CIDR_BLOCK" + protocol = "all" + } + +ingress_security_rules { + stateless = false + source = "10.0.0.0/16" + source_type = "CIDR_BLOCK" + # Get protocol numbers from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml TCP is 6 + protocol = "6" + tcp_options { + min = 22 + max = 22 + } + } + ingress_security_rules { + stateless = false + source = "0.0.0.0/0" + source_type = "CIDR_BLOCK" + # Get protocol numbers from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml ICMP is 1 + protocol = "1" + + # For ICMP type and code see: https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml + icmp_options { + type = 3 + code = 4 + } + } + + ingress_security_rules { + stateless = false + source = "10.0.0.0/16" + source_type = "CIDR_BLOCK" + # Get protocol numbers from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml ICMP is 1 + protocol = "1" + + # For ICMP type and code see: https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml + icmp_options { + type = 3 + } + } +} + +# Create a public security list and some rules + +resource "oci_core_security_list" "public-security-list"{ + +# Required + compartment_id = oci_identity_compartment.tf-compartment.id + vcn_id = var.vcn_ocid + +# Optional + display_name = "security-list-for-public-ords-subnet" + + egress_security_rules { + stateless = false + destination = "0.0.0.0/0" + destination_type = "CIDR_BLOCK" + protocol = "all" + } +ingress_security_rules { + stateless = false + source = "0.0.0.0/0" + source_type = "CIDR_BLOCK" + # Get protocol numbers from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml TCP is 6 + protocol = "6" + tcp_options { + min = 22 + max = 22 + } + } +ingress_security_rules { + stateless = false + source = "0.0.0.0/0" + source_type = "CIDR_BLOCK" + # Get protocol numbers from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml TCP is 6 + protocol = "6" + tcp_options { + min = 80 + max = 80 + } + } +ingress_security_rules { + stateless = false + source = "0.0.0.0/0" + source_type = "CIDR_BLOCK" + # Get protocol numbers from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml TCP is 6 + protocol = "6" + tcp_options { + min = 8080 + max = 8080 + } + } +ingress_security_rules { + stateless = false + source = "0.0.0.0/0" + source_type = "CIDR_BLOCK" + # Get protocol numbers from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml TCP is 6 + protocol = "6" + tcp_options { + min = 443 + max = 443 + } + } + ingress_security_rules { + stateless = false + source = "0.0.0.0/0" + source_type = "CIDR_BLOCK" + # Get protocol numbers from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml ICMP is 1 + protocol = "1" + + # For ICMP type and code see: https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml + icmp_options { + type = 3 + code = 4 + } + } + + ingress_security_rules { + stateless = false + source = "10.0.0.0/16" + source_type = "CIDR_BLOCK" + # Get protocol numbers from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml ICMP is 1 + protocol = "1" + + # For ICMP type and code see: https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml + icmp_options { + type = 3 + } + } + +} + +# Create DHCP Options + +resource "oci_core_dhcp_options" "dhcp-options"{ + + # Required + compartment_id = oci_identity_compartment.tf-compartment.id + vcn_id = var.vcn_ocid + #Options for type are either "DomainNameServer" or "SearchDomain" + options { + type = "DomainNameServer" + server_type = "VcnLocalPlusInternet" + } + + # Optional + display_name = "default-dhcp-options" +} + +# Create a compute instance + +resource "oci_core_instance" "ords_compute_instance" { + # Required + availability_domain = data.oci_identity_availability_domains.ads.availability_domains[0].name + compartment_id = oci_identity_compartment.tf-compartment.id + is_pv_encryption_in_transit_enabled = "true" + count = var.number_of_midtiers +# Shape Section +# + shape = var.vm_shape +# +# Remember to add the following section if using one of the shapes that need it. Refer to the readme +# + shape_config { + memory_in_gbs = "8" + ocpus = "1" + } +# +# + source_details { + # Oracle Linux 7.9 + source_id = "ocid1.image.oc1.eu-frankfurt-1.aaaaaaaaprt6uk32tylin3owcddyllao3uthmo7vheqepeybvjj6to7xkdgq" + source_type = "image" + } + + # Optional + display_name = "ORDS${count.index}" + create_vnic_details { + assign_public_ip = true + subnet_id = oci_core_subnet.vcn-public-subnet.id + } + metadata = { + ssh_authorized_keys = file("/path/to/your/public/keys") + block_storage_sizes_in_gbs = "20" + } + preserve_boot_volume = false +} + +# Create a volume + +# resource "oci_core_volume" "ords_volume" { + +# availability_domain = data.oci_identity_availability_domains.ads.availability_domains[0].name +# compartment_id = oci_identity_compartment.tf-compartment.id +# display_name = "ords_volume" +# size_in_gbs = "50" +# } + +# # Attach the volume + +# resource "oci_core_volume_attachment" "attach_volume" { + +# instance_id = oci_core_instance.ords_compute_instance.id +# volume_id = oci_core_volume.ords_volume.id +# attachment_type = "paravirtualized" + +# } + +# Load Balancer + +resource "oci_load_balancer_load_balancer" "vanity_load_balancer" { + + compartment_id = oci_identity_compartment.tf-compartment.id + display_name = "LB1" + # LB Shape can be changed here + shape = "10Mbps-Micro" + subnet_ids = [oci_core_subnet.vcn-public-subnet.id] + +depends_on = [ + oci_core_instance.ords_compute_instance, + ] + +} + +resource "oci_load_balancer_backend" "vanity_backend" { + count = var.number_of_midtiers + backendset_name = oci_load_balancer_backend_set.vanity_backend_set.name + ip_address = oci_core_instance.ords_compute_instance[count.index].private_ip + load_balancer_id = oci_load_balancer_load_balancer.vanity_load_balancer.id + port = "8080" + +} + +resource "oci_load_balancer_backend" "vanity_backend_ssl" { + count = var.number_of_midtiers + backendset_name = oci_load_balancer_backend_set.vanity_backend_set_ssl.name + ip_address = oci_core_instance.ords_compute_instance[count.index].private_ip + load_balancer_id = oci_load_balancer_load_balancer.vanity_load_balancer.id + port = "443" + +} + +resource "oci_load_balancer_backend_set" "vanity_backend_set" { + #Required + health_checker { + #Required + protocol = "TCP" + + #Optional + interval_ms = "10000" + port = "8080" + retries = "3" + timeout_in_millis = "3000" + } + load_balancer_id = oci_load_balancer_load_balancer.vanity_load_balancer.id + name = "ords_backendset" + policy = "ROUND_ROBIN" + +} + +resource "oci_load_balancer_backend_set" "vanity_backend_set_ssl" { + #Required + health_checker { + #Required + protocol = "TCP" + + #Optional + interval_ms = "10000" + port = "443" + retries = "3" + timeout_in_millis = "3000" + } + load_balancer_id = oci_load_balancer_load_balancer.vanity_load_balancer.id + name = "ords_backendset_ssl" + policy = "ROUND_ROBIN" + +} + +resource "oci_load_balancer_listener" "vanity_listener" { + #Required + default_backend_set_name = oci_load_balancer_backend_set.vanity_backend_set.name + load_balancer_id = oci_load_balancer_load_balancer.vanity_load_balancer.id + name = "ORDS_BackendListener" + port = "80" + protocol = "TCP" + +} + +resource "oci_load_balancer_listener" "vanity_listener_ssl" { + #Required + default_backend_set_name = oci_load_balancer_backend_set.vanity_backend_set_ssl.name + load_balancer_id = oci_load_balancer_load_balancer.vanity_load_balancer.id + name = "ORDS_BackendListener_ssl" + port = "443" + protocol = "TCP" + +} + + +# OS Stuff + +resource "null_resource" "remote-exec" { + + count = var.number_of_midtiers + + provisioner "remote-exec" { + connection { + agent = false + timeout = "10m" + host = oci_core_instance.ords_compute_instance[count.index].public_ip + user = "opc" + private_key = file("/path/to/your/private/keys") + } + + inline = [ + "sudo yum install ords -y", + # "sudo yum install sqlcl -y", + "sudo firewall-cmd --permanent --zone=public --add-port=8080/tcp", + "sudo firewall-cmd --permanent --zone=public --add-port=443/tcp", + "sudo firewall-cmd --reload", + ] + + } + +depends_on = [ + oci_core_instance.ords_compute_instance, + oci_load_balancer_listener.vanity_listener, + ] + +} + + +resource "null_resource" "file" { + + count = var.number_of_midtiers + + connection { + agent = false + timeout = "10m" + host = oci_core_instance.ords_compute_instance[count.index].public_ip + user = "opc" + private_key = file("/path/to/your/private/keys") + } + + provisioner "file" { + source = "ords_params.properties" + destination = "/tmp/ords_params.properties" + } + + provisioner "file" { + source = "standalone.properties.SSL" + destination = "/tmp/standalone.properties.SSL" + } + + + provisioner "remote-exec" { + connection { + agent = false + timeout = "10m" + host = oci_core_instance.ords_compute_instance[count.index].public_ip + user = "opc" + private_key = file("/path/to/your/private/keys") + } + + inline = [ + # Uncomment if you need APEX + # "sudo su - oracle -c 'curl -o /opt/oracle/ords/apex.zip APEX_PAR_URL'", + # "sudo su - oracle -c 'unzip -q /opt/oracle/ords/apex.zip -d /opt/oracle/ords'", + + # "sudo su - oracle -c 'curl -o /opt/oracle/ords/ords_conf.zip ORDS_CONF_PAR_URL'", + # "sudo su - oracle -c 'unzip -q /opt/oracle/ords/ords_conf.zip -d /opt/oracle/ords/'", + # "sudo su - oracle -c 'sed -i 's/PASSWORD_HERE/${random_string.password.result}/g' /opt/oracle/ords/conf/ords/create_user.sql'", + # "sudo su - oracle -c 'sed -i 's/PASSWORD_HERE/${random_string.password.result}/g' /opt/oracle/ords/conf/ords/conf/apex_pu.xml'", + + # Set the config directory + "sudo su - oracle -c 'java -jar /opt/oracle/ords/ords.war configdir /opt/oracle/ords/conf'", + "sudo su - oracle -c 'mkdir -p /opt/oracle/ords/conf/ords/standalone/doc_root/.well-known/acme-challenge'", + + # "sudo su - oracle -c 'sql system/${var.admin_password}@${var.db_connect_string} @/opt/oracle/ords/conf/ords/create_user.sql'", + # "sudo su - oracle -c 'java -jar -Duser.timezone=UTC /opt/oracle/ords/ords.war standalone &'", + # slient install syntax java-jar ords.war install --silent --parameterFile /path/to/my_params.properties + + # Use the approiprate properties file for APEX or not + "sudo su - oracle -c 'java -jar /opt/oracle/ords/ords.war uninstall --parameterFile /tmp/ords_params.properties --silent'", + "sudo su - oracle -c 'java -jar /opt/oracle/ords/ords.war install --parameterFile /tmp/ords_params.properties --silent &'", + "sudo su - oracle -c 'sleep 210s'", + "sudo rm /tmp/ords_params.properties", + ] + + } + +depends_on = [ + null_resource.remote-exec + ] + +} + + + +resource "null_resource" "cert" { + + count = var.number_of_midtiers + + connection { + agent = false + timeout = "10m" + host = oci_core_instance.ords_compute_instance[count.index].public_ip + user = "opc" + private_key = file("/path/to/your/private/keys") + } + + + provisioner "remote-exec" { + connection { + agent = false + timeout = "10m" + host = oci_core_instance.ords_compute_instance[count.index].public_ip + user = "opc" + private_key = file("/path/to/your/private/keys") + } + + inline = [ + + "sudo su - oracle -c 'curl --silent https://raw.githubusercontent.com/srvrco/getssl/master/getssl > getssl ; chmod 700 getssl'", + "sudo su - oracle -c './getssl -c ${var.domain_name}'", + "sudo su - oracle -c 'cd ~/.getssl ; cd $(ls -d */|head -n 1) ; echo 'PRIVATE_KEY_ALG=\"rsa\"' >> getssl.cfg ; echo \"ACL=('/opt/oracle/ords/conf/ords/standalone/doc_root/.well-known/acme-challenge')\" >> getssl.cfg ; echo 'USE_SINGLE_ACL=\"true\"' >> getssl.cfg ; '", + "sudo su - oracle -c 'cd ~/.getssl ; sed -i 's/acme-staging-v02/acme-v02/g' getssl.cfg'", + "sudo su - oracle -c './getssl ${var.domain_name}'", + "sudo su - oracle -c 'cd ~/.getssl; cd $(ls -d */|head -n 1); cp ${var.domain_name}.crt /opt/oracle/ords/conf/ords/standalone/domain.crt; cp ${var.domain_name}.key /opt/oracle/ords/conf/ords/standalone/domain.key; '", + "sudo su - oracle -c 'openssl pkcs8 -topk8 -inform PEM -outform PEM -nocrypt -in /opt/oracle/ords/conf/ords/standalone/domain.key -out /opt/oracle/ords/conf/ords/standalone/domain.pkcs8.key'", + "sudo su - oracle -c 'openssl pkcs8 -topk8 -inform PEM -outform DER -in /opt/oracle/ords/conf/ords/standalone/domain.pkcs8.key -out /opt/oracle/ords/conf/ords/standalone/domain.pkcs8.der -nocrypt'", + "sudo su - oracle -c 'rm /opt/oracle/ords/conf/ords/standalone/domain.pkcs8.key'", + "sudo su - oracle -c 'cp /opt/oracle/ords/conf/ords/standalone/standalone.properties /opt/oracle/ords/conf/ords/standalone/standalone.properties.nonSSL'", + "sudo su - oracle -c 'cp /tmp/standalone.properties.SSL /opt/oracle/ords/conf/ords/standalone/standalone.properties'", +# we need to make sure ORDS is stopped.....no matter what..... + "sudo su - oracle -c 'systemctl stop ords'", + "sudo systemctl stop ords", + "sudo su - oracle -c 'ps -ef | grep java | grep -v grep | awk \"{print $2}\" | xargs kill'", +# "echo 'JAVA_OPTIONS=-Xmx512M' | sudo tee -a /etc/ords/ords.conf", + "sudo sed -i \"s,ords_owner='oracle',ords_owner='root',g\" /etc/init.d/ords", + "sudo systemctl start ords", +# "sudo su - oracle -c 'ps -ef | grep java | grep -v grep | awk \"{print $2}\" | xargs kill'", +# "sudo java -Xmx512M -jar -Duser.timezone=UTC /opt/oracle/ords/ords.war standalone &", + ] + + } + +depends_on = [ + null_resource.file + ] + +} + diff --git a/example/real_world_stuff/oracle/oracle%oracle-timesten-samples%cloud%ottscaleout%blkvol.tf b/example/real_world_stuff/oracle/oracle%oracle-timesten-samples%cloud%ottscaleout%blkvol.tf new file mode 100644 index 0000000..bbbcdf3 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%oracle-timesten-samples%cloud%ottscaleout%blkvol.tf @@ -0,0 +1,96 @@ +# Copyright (c) 1999, 2019, Oracle and/or its affiliates. All rights reserved. +# +# Licensed under the Universal Permissive License v 1.0 as shown +# at http://oss.oracle.com/licenses/upl +# +# Block volumes, if requested, are allocated here +# Block volumes are attached to Standard shapes. +# A single block volume is allocated per data instance +# The minimum block volume size is 50GB. +# Block volumes should minimally be 3X RAM; not checked +# Commands for {a|de}ttaching volumes via iscsi are generated here +# + +locals { + + # block volumes + standard = "${substr(var.diInstanceShape,3,8)}" + bvcount1 = "${(local.standard == "Standard") ? 1 : 0}" + # validate min/max OCI block volume storage limits or error out + bvcount2 = "${(var.diBlockVolumeSizeGB >= 50 && + var.diBlockVolumeSizeGB <= 32768) ? + local.dicount1 : 0}" + # set to indicate error condition if no block volume and Standard shape or size out of range + bvcheck1 = "${(local.bvcount2 == 0 && local.bvcount1 == 1) ? 1 : 0}" + # mdraid with block volume not supported + bvcheck2 = "${(local.bvcount2 == 0 && var.system["storage"] == "MD-RAID-10") ? 1 : 0}" + +} + +# workaround for error checking +# prevent use of standard shape without block volume or size out of range +resource "null_resource" "bv_check_1" { + count = "${local.bvcheck1}" + provisioner "local-exec" { + command = "echo -e '\nERROR: No block volumes or invalid GB specified with Standard shape\nRerun terraform with nonzero value for diBlockVolumeSizeGB\n' && false" + } +} + +resource "null_resource" "bv_check_2" { + count = "${local.bvcheck2}" + provisioner "local-exec" { + command = "echo -e '\nERROR: MD-RAID-10 storage not permitted with block volume\nRerun terraform with var.system[\"storage\"] == LVM-READ-0\n' && false" + } +} + +# Optional block volume attachments +# May only used with Standard shape + +resource "oci_core_volume" "di_volume" { + count = "${local.bvcount2}" + #Required + availability_domain = "${local.adlist[((count.index % local.numADs) + local.firstAD) % 3]}" + compartment_id = "${var.compartment_ocid}" + + #Optional + display_name = "${format("%s-bv-%03d", var.service_name, count.index + 1)}" + size_in_gbs = "${var.diBlockVolumeSizeGB}" + freeform_tags = "${map(var.opc["tagkey"],var.service_name)}" +} + +resource "oci_core_volume_attachment" "di_volume_attachments" { + count = "${local.bvcount2 }" + #Required + instance_id = "${oci_core_instance.di_instance.*.id[count.index]}" + attachment_type = "iscsi" + volume_id = "${oci_core_volume.di_volume.*.id[count.index]}" + + #Optional + display_name = "${format("%s-bvat-%03d", var.service_name, count.index + 1)}" + + provisioner "local-exec" { + when = "destroy" + command = "rm -rf ${var.opc["scriptdir"]}/iscsi/iscsi-??tach.${self.display_name}" + } + + # attach; write iscsi attach commands + provisioner "local-exec" { + command = "echo iscsiadm -m node -o new -T ${self.iqn} -p ${self.ipv4}:${self.port} >> ${var.opc["scriptdir"]}/iscsi/iscsi-attach.${self.display_name}" + } + provisioner "local-exec" { + command = "echo iscsiadm -m node -o update -n node.startup -v automatic -T ${self.iqn} >> ${var.opc["scriptdir"]}/iscsi/iscsi-attach.${self.display_name}" + } + provisioner "local-exec" { + command = "echo iscsiadm -m node -l -T ${self.iqn} -p ${self.ipv4}:${self.port} >> ${var.opc["scriptdir"]}/iscsi/iscsi-attach.${self.display_name}" + } + + # detach; write iscsi detach commands + provisioner "local-exec" { + command = "echo iscsiadm -m node -u -T ${self.iqn} -p ${self.ipv4}:${self.port} >> ${var.opc["scriptdir"]}/iscsi/iscsi-detach.${self.display_name}" + } + provisioner "local-exec" { + command = "echo iscsiadm -m node -o delete -T ${self.iqn} -p ${self.ipv4}:${self.port} >> ${var.opc["scriptdir"]}/iscsi/iscsi-detach.${self.display_name}" + } + +} + diff --git a/example/real_world_stuff/oracle/oracle%oracle-timesten-samples%cloud%ottscaleout%compute.tf b/example/real_world_stuff/oracle/oracle%oracle-timesten-samples%cloud%ottscaleout%compute.tf new file mode 100644 index 0000000..9b481df --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%oracle-timesten-samples%cloud%ottscaleout%compute.tf @@ -0,0 +1,322 @@ +# Copyright (c) 1999, 2019, Oracle and/or its affiliates. All rights reserved. +# +# Licensed under the Universal Permissive License v 1.0 as shown +# at http://oss.oracle.com/licenses/upl +# +# Compute resources +# Bastion servers live on public subnets +# Such servers enable hosts on private networks to pull [install/update] software +# Bastions also allow ssh access from public internet and to private subnet hosts +# +# Valid user specified counts for compute instances +# bsInstanceCount == [1-3]; default == 1 +# zkInstanceCount == {0,3}; 0 collocates; if 3 on its own vms +# mgInstanceCount == {0,2}; 0 collocates; if 2 on its own vms +# diInstanceCount > 1; default == 2; 1x1 disallowed + +data "oci_identity_availability_domains" "ADs" { + compartment_id = "${var.tenancy_ocid}" +} + +# Create a list of ad names following best practices +# https://www.terraform.io/docs/providers/oci/guides/best_practices.html +data "template_file" "ad_names" { + count = "${length(data.oci_identity_availability_domains.ADs.availability_domains)}" + template = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[count.index], "name")}" +} +locals { + adlist = "${data.template_file.ad_names.*.rendered}" +} + +# Create lists of fault domains +# Place different dataspaces in different fault domains +# Currently there are 3 fault domains per AD. +data "oci_identity_fault_domains" "ad1" { + availability_domain = "${local.adlist[0]}" + compartment_id = "${var.tenancy_ocid}" +} +data "oci_identity_fault_domains" "ad2" { + availability_domain = "${local.adlist[1]}" + compartment_id = "${var.tenancy_ocid}" +} +data "oci_identity_fault_domains" "ad3" { + availability_domain = "${local.adlist[2]}" + compartment_id = "${var.tenancy_ocid}" +} + +# List of Fault Domains in each AD +# ${element(fdlist[ad],fd)} works on terraform 11 but not 12 +# ${element(element(fdlist,ad),fd)} works on 12 but not on 11 +# ${element(flatten(fdlist),ad*numADs + fd)} works on both +locals { + fdlist = [ + [ + "${data.oci_identity_fault_domains.ad1.fault_domains.0.name}", + "${data.oci_identity_fault_domains.ad1.fault_domains.1.name}", + "${data.oci_identity_fault_domains.ad1.fault_domains.2.name}" + ], + [ + "${data.oci_identity_fault_domains.ad2.fault_domains.0.name}", + "${data.oci_identity_fault_domains.ad2.fault_domains.1.name}", + "${data.oci_identity_fault_domains.ad2.fault_domains.2.name}" + ], + [ + "${data.oci_identity_fault_domains.ad3.fault_domains.0.name}", + "${data.oci_identity_fault_domains.ad3.fault_domains.1.name}", + "${data.oci_identity_fault_domains.ad3.fault_domains.2.name}" + ] + ] +} + +locals { + # Validate bastion server count; fall back to 1 + bscount1 = "${ (var.bsInstanceCount >= "1" && var.bsInstanceCount <= "3") ? var.bsInstanceCount : 1 }" + # Which AD to start placing bastion hosts; bastion hosts span ADs + bsad = "${ (var.bsInstanceInitialAD >= 1 && var.bsInstanceInitialAD <= 3) ? var.bsInstanceInitialAD - 1 : 0 }" +} + +resource "oci_core_instance" "bs_instance" { + count = "${local.bscount1}" + # span ads + availability_domain = "${local.adlist[(count.index + local.bsad) % 3]}" + compartment_id = "${var.compartment_ocid}" + display_name = "${format("%s-bs-%03d", var.service_name, count.index + 1 )}" + hostname_label = "${format("%s-bs-%03d", var.service_name, count.index + 1 )}" + shape = "${var.bsInstanceShape}" + create_vnic_details { + subnet_id = "${oci_core_subnet.public_subnet.id}" + skip_source_dest_check = true + } + source_details { + source_type = "image" + source_id = "${var.InstanceImageOCID[var.region]}" + } + metadata = { + ssh_authorized_keys = "${var.ssh_public_key}" + user_data = "${base64encode(file("service/scripts/user_data.tpl"))}" + } + timeouts { + create = "${var.instance_create_timeout}" + } + freeform_tags = "${map(var.opc["tagkey"],var.service_name)}" +} + +# count any existing zk_instances +data "oci_core_instances" "zk_instances" { + + #Required + compartment_id = "${var.compartment_ocid}" + state = "RUNNING" + + filter { + name = "display_name" + values = ["${var.service_name}-zk-\\w+"] + regex = true + } +} + +locals { + # availability domains + firstAD = "${(var.initialAD >= 1 && + var.initialAD <= 3) ? + var.initialAD - 1 : 0}" + # validate ksafety or fall back to 2 + ksafeval = "${(var.ksafety >= 1 && var.ksafety <= 2) ? var.ksafety : 2}" + # By default ksafety > 1 spans ADs + numADs = "${(var.singleAD == "true") ? 1 : local.ksafeval}" + + # fault domains + # use all 3 fault domains + numFDs = "3" + + # data instances + # adjust number of data instances for ksafety + dicount0 = "${(var.diInstanceCount * local.ksafeval) }" + # disallow 1x1 configuration + dicheck0 = "${(local.dicount0 <= 1) ? 1 : 0}" + dicount1 = "${(local.dicount0 <= 1) ? 2 : local.dicount0}" + # disallow single core shapes + dicheck1 = "${(substr(var.diInstanceShape,-2,2) == ".1") ? 1 : 0}" + dishape1 = "${(local.dicheck1 == 1) ? replace(var.diInstanceShape,".1",".2") : var.diInstanceShape}" + + # zookeeper servers + # how many existing zk instances if any + zkinstances = "${length(flatten(data.oci_core_instances.zk_instances.*.instances))}" + # validate user input + zkcount0 = "${(var.zkInstanceCount == "0" || + var.zkInstanceCount == "3") ? + var.zkInstanceCount : 0}" + # prevent destroy of any existing instances + # use existing count if present to prevent accidental destroy or addition + zkcount1 = "${(local.zkinstances > 0) ? local.zkinstances : local.zkcount0}" + + # minimum of 3 compute instances needed for zk servers + # increase zk count if < 3 compute instances for zk servers + # zkcount2 ; == 0 if co-located; == 1 if 1x2 or 2x1 config; == 2 if 1x1 config; == 3 if offloaded + zkcount2 = "${((local.dicount1 + local.mgcount + local.zkcount1) < 3) ? (3 - local.dicount1) : local.zkcount1 }" + +} + +# ensure minimum data instances +resource "null_resource" "di_count_check_1" { + count = "${local.dicheck0}" + + provisioner "local-exec" { + command = "echo -e '\nWARNING: 1x1 grids not permitted.\ndiInstanceCount increased to 2'" + } +} + +# require >= 2 cores for data instances +resource "null_resource" "di_shape_check_1" { + count = "${local.dicheck1}" + provisioner "local-exec" { + command = "echo -e '\nWARNING: Single core shapes have insufficient resources for use as data instances.\nUsing 2 core shape'" + } +} + + +# zookeeper hosts +resource "oci_core_instance" "zk_instance" { + count = "${local.zkcount2}" + # spans ads + availability_domain = "${local.adlist[(count.index + local.firstAD) % 3]}" + compartment_id = "${var.compartment_ocid}" + display_name = "${format("%s-zk-%03d", var.service_name, count.index + 1)}" + hostname_label = "${format("%s-zk-%03d", var.service_name, count.index + 1)}" + shape = "${var.zkInstanceShape}" + fault_domain = "${element(flatten(local.fdlist), (count.index + local.firstAD))}" + + # uncomment to prevent accidental destroy + # lifecycle { + # prevent_destroy = "true" + # } + + create_vnic_details { + subnet_id = "${oci_core_subnet.private_subnet_dc.id}" + assign_public_ip = "false" + } + source_details { + source_type = "image" + source_id = "${var.InstanceImageOCID[var.region]}" + } + metadata = { + ssh_authorized_keys = "${var.ssh_public_key}" + user_data = "${base64encode(file("service/scripts/user_data.tpl"))}" + } + timeouts { + create = "${var.instance_create_timeout}" + } + freeform_tags = "${map(var.opc["tagkey"],var.service_name)}" +} + +# count any existing mg_instances +data "oci_core_instances" "mg_instances" { + + #Required + compartment_id = "${var.compartment_ocid}" + state = "RUNNING" + + filter { + name = "display_name" + values = ["${var.service_name}-mg-\\w+"] + regex = true + } +} + +locals { + # how many mg instances already exist + mginstances = "${length(flatten(data.oci_core_instances.mg_instances.*.instances))}" + # validate user input + validmgcount = "${(var.mgInstanceCount == "0" || + var.mgInstanceCount == "2") ? + var.mgInstanceCount : 0}" + # prevent accidental destroy and use existing instances + mgcount = "${(local.mginstances > 0) ? local.mginstances : local.validmgcount}" +} + +# management active standby pair +resource "oci_core_instance" "mg_instance" { + count = "${local.mgcount}" + availability_domain = "${local.adlist[((count.index % local.numADs) + local.firstAD) % 3]}" + fault_domain = "${element(flatten(local.fdlist),(((count.index % local.numADs) + local.firstAD) % 3) + (count.index % local.numFDs))}" + compartment_id = "${var.compartment_ocid}" + display_name = "${format("%s-mg-%03d", var.service_name, count.index + 1)}" + hostname_label = "${format("%s-mg-%03d", var.service_name, count.index + 1)}" + shape = "${var.mgInstanceShape}" + + # uncomment to prevent accidental destroy + # lifecycle { + # prevent_destroy = "true" + # } + create_vnic_details { + subnet_id = "${oci_core_subnet.private_subnet_dc.id}" + assign_public_ip = "false" + } + source_details { + source_type = "image" + source_id = "${var.InstanceImageOCID[var.region]}" + } + metadata = { + ssh_authorized_keys = "${var.ssh_public_key}" + user_data = "${base64encode(file("service/scripts/user_data.tpl"))}" + } + timeouts { + create = "${var.instance_create_timeout}" + } + freeform_tags = "${map(var.opc["tagkey"],var.service_name)}" +} + + +# data instances +resource "oci_core_instance" "di_instance" { + count = "${local.dicount1}" + availability_domain = "${local.adlist[((count.index % local.numADs) + local.firstAD) % 3]}" + fault_domain = "${element(flatten(local.fdlist),(((count.index % local.numADs) + local.firstAD) % 3) + (count.index % local.numFDs))}" + compartment_id = "${var.compartment_ocid}" + display_name = "${format("%s-di-%03d", var.service_name, count.index + 1)}" + hostname_label = "${format("%s-di-%03d", var.service_name, count.index + 1)}" + shape = "${local.dishape1}" + create_vnic_details { + subnet_id = "${oci_core_subnet.private_subnet_dc.id}" + assign_public_ip = false + } + source_details { + source_type = "image" + source_id = "${var.InstanceImageOCID[var.region]}" + } + metadata = { + ssh_authorized_keys = "${var.ssh_public_key}" + user_data = "${base64encode(file("service/scripts/user_data.tpl"))}" + } + timeouts { + create = "${var.instance_create_timeout}" + } + freeform_tags = "${map(var.opc["tagkey"],var.service_name)}" +} + +# client instances +resource "oci_core_instance" "cl_instance" { + count = "${var.clInstanceCount}" + availability_domain = "${local.adlist[((count.index % local.numADs) + local.firstAD) % 3]}" + compartment_id = "${var.compartment_ocid}" + display_name = "${format("%s-cl-%03d", var.service_name, count.index + 1)}" + hostname_label = "${format("%s-cl-%03d", var.service_name, count.index + 1)}" + shape = "${var.clInstanceShape}" + create_vnic_details { + subnet_id = "${oci_core_subnet.private_subnet_cl.id}" + assign_public_ip = "false" + } + source_details { + source_type = "image" + source_id = "${var.InstanceImageOCID[var.region]}" + } + metadata = { + ssh_authorized_keys = "${var.ssh_public_key}" + user_data = "${base64encode(file("service/scripts/user_data.tpl"))}" + } + timeouts { + create = "${var.instance_create_timeout}" + } + freeform_tags = "${map(var.opc["tagkey"],var.service_name)}" +} + diff --git a/example/real_world_stuff/oracle/oracle%oracle-timesten-samples%cloud%ottscaleout%network.tf b/example/real_world_stuff/oracle/oracle%oracle-timesten-samples%cloud%ottscaleout%network.tf new file mode 100644 index 0000000..9dd4373 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%oracle-timesten-samples%cloud%ottscaleout%network.tf @@ -0,0 +1,312 @@ +# Copyright (c) 1999, 2019, Oracle and/or its affiliates. All rights reserved. +# +# Licensed under the Universal Permissive License v 1.0 as shown +# at http://oss.oracle.com/licenses/upl +# +# Sets up networks for TimesTen +# One public regional subnet, one private regional subnet +# Bastion servers live on public subnet +# Other compute and block volumes are on private subnet +# NAT gateway provides internet access for hosts on private subnet +# +# Configure security lists, open ports, enable DNS +# 4/2019 - now using regional subnets rather than one per AD +# + +# validate service name +# oci limits vcn name to 15 chars, code below adds 'vcn' +# alpha followed by 0-11 alphanumeric +locals { + nameregex = "^[A-Za-z][A-Za-z0-9]{0,11}$" + nameermsg = "\nService name must start with alpha and contain only alpha and numeric characters" +} + +resource "null_resource" "service_name_check" { + provisioner "local-exec" { + command = "if [[ ! -z ${var.service_name} ]] && [[ ! ${var.service_name} =~ ${local.nameregex} ]]; then echo '${local.nameermsg}' && false; fi;" + } +} + + +resource "oci_core_vcn" "CoreVCN" { + cidr_block = "${var.network["cidr"]}" + compartment_id = "${var.compartment_ocid}" + display_name = "vcn${var.service_name}" + dns_label = "vcn${var.service_name}" + freeform_tags = "${map(var.opc["tagkey"],var.service_name)}" +} + +resource "oci_core_internet_gateway" "PublicIG" { + compartment_id = "${var.compartment_ocid}" + display_name = "PublicIG" + vcn_id = "${oci_core_vcn.CoreVCN.id}" + freeform_tags = "${map(var.opc["tagkey"],var.service_name)}" +} + +resource "oci_core_route_table" "PublicRouteTable" { + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_vcn.CoreVCN.id}" + display_name = "PublicRouteTable" + route_rules { + #cidr_block = "0.0.0.0/0" + destination = "0.0.0.0/0" + destination_type = "CIDR_BLOCK" + network_entity_id = "${oci_core_internet_gateway.PublicIG.id}" + } +} + +resource "oci_core_security_list" "PublicSecurityList" { + compartment_id = "${var.compartment_ocid}" + display_name = "PublicSecurityList" + vcn_id = "${oci_core_vcn.CoreVCN.id}" + + egress_security_rules { + protocol = "all" + destination = "0.0.0.0/0" + } + + ingress_security_rules { + tcp_options { + max = 443 + min = 443 + } + protocol = "6" + source = "0.0.0.0/0" + } + ingress_security_rules { + protocol = "6" + source = "0.0.0.0/0" + tcp_options { + min = 22 + max = 22 + } + } + ingress_security_rules { + protocol = "all" + source = "${var.network["cidr"]}" + } + ingress_security_rules { + protocol = "1" + source = "0.0.0.0/0" + icmp_options { + type = 3 + code = 4 + } + } + freeform_tags = "${map(var.opc["tagkey"],var.service_name)}" +} + +resource "oci_core_nat_gateway" "nat_gateway" { + #Required + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_vcn.CoreVCN.id}" + #Optional + display_name = "nat_gateway_${var.service_name}" + freeform_tags = "${map(var.opc["tagkey"],var.service_name)}" +} + +resource "oci_core_subnet" "public_subnet" { + cidr_block = "${cidrsubnet(var.network["cidr"],var.network["subnets"],0)}" + display_name = "public_subnet0" + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_vcn.CoreVCN.id}" + route_table_id = "${oci_core_route_table.PublicRouteTable.id}" + security_list_ids = ["${oci_core_security_list.PublicSecurityList.id}"] + dhcp_options_id = "${oci_core_vcn.CoreVCN.default_dhcp_options_id}" + dns_label = "ttpublic0" + freeform_tags = "${map(var.opc["tagkey"],var.service_name)}" +} + +##### +# +# +# private subnets +# +# Allocates private subnets and compute instances +# Bastion hosts are attached to public subnet +# All other hosts, block volumes are attached to private subnet + +resource "oci_core_security_list" "PrivateSecurityList_ttservers" { + compartment_id = "${var.compartment_ocid}" + display_name = "ttPrivateSecurityList" + vcn_id = "${oci_core_vcn.CoreVCN.id}" + + egress_security_rules { + protocol = "all" + destination = "0.0.0.0/0" + } + + ingress_security_rules { + tcp_options { + max = "${var.timesten["mgmtdaemonport"]}" + min = "${var.timesten["mgmtdaemonport"]}" + } + protocol = "6" + source = "${var.network["cidr"]}" + } + ingress_security_rules { + tcp_options { + max = "${var.timesten["mgmtcsport"] }" + min = "${var.timesten["mgmtcsport"] }" + } + protocol = "6" + source = "${var.network["cidr"]}" + } + ingress_security_rules { + tcp_options { + max = "${var.timesten["mgmtreplport"]}" + min = "${var.timesten["mgmtreplport"]}" + } + protocol = "6" + source = "${var.network["cidr"]}" + } + ingress_security_rules { + tcp_options { + max = "${var.timesten["chnlporthi"]}" + min = "${var.timesten["chnlportlo"]}" + } + protocol = "6" + source = "${var.network["cidr"]}" + } + ingress_security_rules { + tcp_options { + max = "${var.zookeeper["zkclientport"]}" + min = "${var.zookeeper["zkclientport"]}" + } + protocol = "6" + source = "${var.network["cidr"]}" + } + ingress_security_rules { + tcp_options { + max = "${var.zookeeper["zkserverport"]}" + min = "${var.zookeeper["zkserverport"]}" + } + protocol = "6" + source = "${var.network["cidr"]}" + } + ingress_security_rules { + tcp_options { + max = "${var.zookeeper["zkelectionport"]}" + min = "${var.zookeeper["zkelectionport"]}" + } + protocol = "6" + source = "${var.network["cidr"]}" + } + ingress_security_rules { + protocol = "6" + tcp_options { + min = 22 + max = 22 + } + source = "${var.network["cidr"]}" + } + ingress_security_rules { + protocol = "1" + source = "0.0.0.0/0" + icmp_options { + type = 8 + code = 0 + } + } + freeform_tags = "${map(var.opc["tagkey"],var.service_name)}" +} + +resource "oci_core_security_list" "PrivateSecurityList_ttclients" { + compartment_id = "${var.compartment_ocid}" + display_name = "ttClientSecurityList" + vcn_id = "${oci_core_vcn.CoreVCN.id}" + egress_security_rules { + protocol = "all" + destination = "0.0.0.0/0" + } + + ingress_security_rules { + protocol = "6" + tcp_options { + min = 22 + max = 22 + } + source = "${var.network["cidr"]}" + } + ingress_security_rules { + protocol = "1" + source = "0.0.0.0/0" + icmp_options { + type = 8 + code = 0 + } + } + freeform_tags = "${map(var.opc["tagkey"],var.service_name)}" +} + +# Optionally create NAT routing through bastion host +# Limitation that all private subnets route through one bastion host +# If using bastion host for NAT, need to manually add route rule if that host is lost + +# Gets a list of VNIC attachments on the bastion (NAT) instance +data "oci_core_vnic_attachments" "bsInstanceVnic" { + compartment_id = "${var.compartment_ocid}" + instance_id = "${element(oci_core_instance.bs_instance.*.id, 0)}" +} + +# Get private IP address +resource "oci_core_private_ip" "bsInstancePrivateIP" { + vnic_id = "${lookup(data.oci_core_vnic_attachments.bsInstanceVnic.vnic_attachments[0],"vnic_id")}" + display_name = "bsInstancePrivateIP" + freeform_tags = "${map(var.opc["tagkey"],var.service_name)}" +} + +# Private Route Table +# Create routing for private subnet through NAT gateway or NAT instance +# For NAT instance, route through one bastion host only +# If using bastion host for NAT, need to manually add route rule if that host is lost +locals { + # hashicorp issue 11210 workaround + has_pip = "${(length(oci_core_private_ip.bsInstancePrivateIP.*.id) > 0) ? + element(concat(oci_core_private_ip.bsInstancePrivateIP.*.id,list("")),0) : + oci_core_nat_gateway.nat_gateway.id }" + nat_type = "${(var.network["use_nat_gateway"] == 0) ? + local.has_pip : oci_core_nat_gateway.nat_gateway.id}" +} + +resource "oci_core_route_table" "PrivateRouteTable" { + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_vcn.CoreVCN.id}" + display_name = "PrivateRouteTable" + route_rules { + destination = "0.0.0.0/0" + destination_type = "CIDR_BLOCK" + network_entity_id = "${local.nat_type}" + } + freeform_tags = "${map(var.opc["tagkey"],var.service_name)}" +} + +# Subnets now are regional +# Route through NAT gateway +# Data channel subnet +resource "oci_core_subnet" "private_subnet_dc" { + cidr_block = "${cidrsubnet(var.network["cidr"],var.network["subnets"],2)}" + display_name = "private_subnet_dc0" + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_vcn.CoreVCN.id}" + route_table_id = "${oci_core_route_table.PrivateRouteTable.id}" + security_list_ids = ["${oci_core_security_list.PrivateSecurityList_ttservers.id}"] + dhcp_options_id = "${oci_core_vcn.CoreVCN.default_dhcp_options_id}" + dns_label="ttprivdc0" + prohibit_public_ip_on_vnic = "true" + freeform_tags = "${map(var.opc["tagkey"],var.service_name)}" +} + +# Client subnet +resource "oci_core_subnet" "private_subnet_cl" { + cidr_block = "${cidrsubnet(var.network["cidr"],var.network["subnets"],3)}" + display_name = "private_subnet_cl0" + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_vcn.CoreVCN.id}" + route_table_id = "${oci_core_route_table.PrivateRouteTable.id}" + security_list_ids = ["${oci_core_security_list.PrivateSecurityList_ttclients.id}"] + dhcp_options_id = "${oci_core_vcn.CoreVCN.default_dhcp_options_id}" + dns_label="ttprivcl0" + prohibit_public_ip_on_vnic = "true" + freeform_tags = "${map(var.opc["tagkey"],var.service_name)}" +} diff --git a/example/real_world_stuff/oracle/oracle%oracle-timesten-samples%cloud%ottscaleout%oci.tf b/example/real_world_stuff/oracle/oracle%oracle-timesten-samples%cloud%ottscaleout%oci.tf new file mode 100644 index 0000000..8d0f595 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%oracle-timesten-samples%cloud%ottscaleout%oci.tf @@ -0,0 +1,31 @@ +# Copyright (c) 1999, 2019, Oracle and/or its affiliates. All rights reserved. +# +# Licensed under the Universal Permissive License v 1.0 as shown +# at http://oss.oracle.com/licenses/upl +# +# terraform provider for oci +# + +provider "oci" { + tenancy_ocid = "${var.tenancy_ocid}" + user_ocid = "${var.user_ocid}" + fingerprint = "${var.fingerprint}" + private_key_path = "${var.private_key_path}" + region = "${var.region}" + # v3.27 req'd for terraform 0.12 + version = ">= 3.27.0, < 4.0.0" +} +#alternative to provider data above if provisioning within oci +#provider "oci" { +# auth = "InstancePrincipal" +# region = "${var.region}" +# version = ">= 3.27.0, < 4.0.0" +#} +provider "null" { + # 2.1.2 req'd for terraform 0.12 + version = ">= 2.1.2, < 3.0.0" +} +provider "template" { + # 2.1.2 req'd for terraform 0.12 + version = ">= 2.1, < 3.0.0" +} diff --git a/example/real_world_stuff/oracle/oracle%oracle-timesten-samples%cloud%ottscaleout%outputs.tf b/example/real_world_stuff/oracle/oracle%oracle-timesten-samples%cloud%ottscaleout%outputs.tf new file mode 100644 index 0000000..37f0bdc --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%oracle-timesten-samples%cloud%ottscaleout%outputs.tf @@ -0,0 +1,21 @@ +# Copyright (c) 1999, 2019, Oracle and/or its affiliates. All rights reserved. +# +# Licensed under the Universal Permissive License v 1.0 as shown +# at http://oss.oracle.com/licenses/upl + +output "BastionHostAddresses" { + value = "${format("Public IP addresses (ssh connect string) of bastion host(s):\n%s",join("",formatlist("ssh opc@%s\n",oci_core_instance.bs_instance.*.public_ip)))}" +} +output "DatabaseHostAddresses" { + value = "${format("Private IP addresses of database hosts:\n%s",join("",formatlist("%s %s\n",oci_core_instance.di_instance.*.hostname_label,oci_core_instance.di_instance.*.private_ip)))}" +} +output "ManagementHostAddresses" { + value = "${format("Private IP addresses of mgmt hosts if offloaded from database hosts:\n%s",join("",formatlist("%s %s\n",oci_core_instance.mg_instance.*.hostname_label,oci_core_instance.mg_instance.*.private_ip)))}" +} +output "ZookeeperHostAddresses" { + value = "${format("Private IP addresses of zookeeper hosts if offloaded:\n%s",join("",formatlist("%s %s\n",oci_core_instance.zk_instance.*.hostname_label,oci_core_instance.zk_instance.*.private_ip)))}" +} +output "ClientHostAddresses" { + value = "${format("Private IP addresses of client hosts if any:\n%s",join("",formatlist("%s %s\n",oci_core_instance.cl_instance.*.hostname_label,oci_core_instance.cl_instance.*.private_ip)))}" +} + diff --git a/example/real_world_stuff/oracle/oracle%oracle-timesten-samples%cloud%ottscaleout%system-config.tf b/example/real_world_stuff/oracle/oracle%oracle-timesten-samples%cloud%ottscaleout%system-config.tf new file mode 100644 index 0000000..6901f8f --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%oracle-timesten-samples%cloud%ottscaleout%system-config.tf @@ -0,0 +1,162 @@ +# Copyright (c) 1999, 2019, Oracle and/or its affiliates. All rights reserved. +# +# Licensed under the Universal Permissive License v 1.0 as shown +# at http://oss.oracle.com/licenses/upl +# +# OCI system configuration +# Implements interface betweeen terraform and ansible +# Copies files to bastion hosts +# + +locals { + type = "string" + ansibledir = "service/ansible" + ansiblehosts = "${local.ansibledir}/hosts" + # dns search paths /etc/resolv.conf + privsubnetdc = "${replace(join(" ",oci_core_subnet.private_subnet_dc.*.subnet_domain_name), ",", " ")}" + privsubnetcl = "${replace(join(" ",oci_core_subnet.private_subnet_cl.*.subnet_domain_name), ",", " ")}" + privsubnets = "${local.privsubnetdc} ${local.privsubnetcl}" + publsubnets = "${replace(join(" ",oci_core_subnet.public_subnet.*.subnet_domain_name), ",", " ")}" +} + +# Copy ssh key to bastion host +# First bastion becomes ansible controller +resource "null_resource" "copy-to-bastion" { + + count = "${local.bscount1}" + + connection { + type = "ssh" + user = "opc" + private_key = "${var.ssh_private_key}" + host = "${element(oci_core_instance.bs_instance.*.public_ip, count.index + 1 )}" + timeout = "20m" + } + + triggers = { + di_instance_ids = "${join(",", oci_core_instance.di_instance.*.id)}" + cl_instance_ids = "${join(",", oci_core_instance.cl_instance.*.id)}" + } + + # copy opc ssh key + provisioner "remote-exec" { + inline = [ + "echo '${var.ssh_private_key}' > ${var.opc["opchome"]}/.ssh/id_rsa", + "chmod 0400 ${var.opc["opchome"]}/.ssh/id_rsa" + ] + } + + # copy service directory + provisioner "file" { + source = "./service" + destination = "${var.opc["opchome"]}" + } + + depends_on = ["null_resource.configvars", + "null_resource.write-hosts-file", + "null_resource.dns-searchpaths", + "oci_core_volume_attachment.di_volume_attachments"] +} + + +# +# create script to set searchpaths in resolv.conf +# script installed as dhcp-client exit-hook +# +resource "null_resource" "dns-searchpaths" { + provisioner "local-exec" { + when = "destroy" + command = "rm -rf ${var.opc["scriptdir"]}/resolv.conf" + } + provisioner "local-exec" { + command = "echo search ${local.publsubnets} ${local.privsubnets} >> ${var.opc["scriptdir"]}/resolv.conf" + } +} + +# +# write hosts file for use with ansible +# +resource "null_resource" "write-hosts-file" { + + triggers = { + di_instance_ids = "${join(",", oci_core_instance.di_instance.*.id)}" + cl_instance_ids = "${join(",", oci_core_instance.cl_instance.*.id)}" + bs_instance_ids = "${join(",", oci_core_instance.bs_instance.*.id)}" + mg_instance_ids = "${join(",", oci_core_instance.mg_instance.*.id)}" + zk_instance_ids = "${join(",", oci_core_instance.zk_instance.*.id)}" + } + + provisioner "local-exec" { + command = "echo '${format("[bastion-hosts]\n%s\n[db-addresses]\n%s[mgmt-addresses]\n%s[zookeeper-addresses]\n%s[client-addresses]\n%s", + join("",formatlist("%s\n",oci_core_instance.bs_instance.*.private_ip)), + join("",formatlist("%s\n",oci_core_instance.di_instance.*.hostname_label)), + join("",formatlist("%s\n",oci_core_instance.mg_instance.*.hostname_label)), + join("",formatlist("%s\n",oci_core_instance.zk_instance.*.hostname_label)), + join("",formatlist("%s\n",oci_core_instance.cl_instance.*.hostname_label)))}' > ${path.module}/${local.ansiblehosts}" + } + + provisioner "local-exec" { + command = "${var.opc["scriptdir"]}/crhostfile.py ${path.module}/${local.ansiblehosts} ${var.ksafety}" + } + +} + +resource "null_resource" "install-ansible" { + count = "${local.bscount1}" + connection { + type = "ssh" + user = "opc" + private_key = "${var.ssh_private_key}" + host = "${element(oci_core_instance.bs_instance.*.public_ip, count.index + 1 )}" + timeout = "30m" + } + + triggers = { + bs_instance_ids = "${join(",", oci_core_instance.bs_instance.*.id)}" + } + + provisioner "remote-exec" { + inline = [ + # install ansible + "sudo yum install -y ansible > /tmp/yum.install 2>&1", + # copy ansible config file into place + "cp ${var.opc["opchome"]}/${local.ansibledir}/ansible.cfg ${var.opc["opchome"]}/.ansible.cfg" + ] + } + depends_on = ["null_resource.copy-to-bastion"] +} + +# +# Print variables to config file +# +locals { + qt="\"" + cfgfile = "./${local.ansibledir}/roles/common/vars/main.yaml" +} + +# write select variables into new config file +resource "null_resource" "configvars" { + + triggers = { + bs_instance_ids = "${join(",", oci_core_instance.bs_instance.*.id)}" + } + + provisioner "local-exec" { + command = "rm -rf ${local.cfgfile}" + } + provisioner "local-exec" { + command = "${var.opc["scriptdir"]}/getversion ${local.cfgfile}" + } + provisioner "local-exec" { + command = "${var.opc["scriptdir"]}/crvarsfile.py variables.tf >> ${local.cfgfile}" + } + provisioner "local-exec" { + command = "echo 'dbname : ${local.qt}${var.service_name}${local.qt}' >> ${local.cfgfile}" + } + provisioner "local-exec" { + command = "echo 'ksafety : ${local.qt}${var.ksafety}${local.qt}' >> ${local.cfgfile}" + } + provisioner "local-exec" { + command = "echo 'singleAD : ${local.qt}${var.singleAD}${local.qt}' >> ${local.cfgfile}" + } +} diff --git a/example/real_world_stuff/oracle/oracle%oracle-timesten-samples%cloud%ottscaleout%variables.tf b/example/real_world_stuff/oracle/oracle%oracle-timesten-samples%cloud%ottscaleout%variables.tf new file mode 100644 index 0000000..3f71adc --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%oracle-timesten-samples%cloud%ottscaleout%variables.tf @@ -0,0 +1,189 @@ +# Copyright (c) 1999, 2019, Oracle and/or its affiliates. All rights reserved. +# +# Licensed under the Universal Permissive License v 1.0 as shown +# at http://oss.oracle.com/licenses/upl +# +# variables for terraform, ansible +# configure +# bastion hosts, mgmt instances +# db connection attributes +# os images +# network parameters, storage +# + +### Instance configuration +# Creating an NxK TimesTen Scaleout Cluster (default 2x2) +# Creates VCN, subnets, compute resources +# The N in NxK (replica sets) +variable "diInstanceCount" { default = "2" } + +# Compute instance shape for data instances +# N*K VMs/BMs are provisioned for data instances +# Not allowed to use VM.Standard1.1 shape +# Recommended to use NVMe shape (DenseIO, HighIO) for best performance +variable "diInstanceShape" { default = "VM.DenseIO2.8" } + +### K-Safety +# The K in NxK (copies of data) +# Supports {1|2} +# By default, K==2 spans ADs; see singleAD variable below +variable "ksafety" { default = "2" } + +# ZooKeeper is allocated on zkInstanceCount VMs +# To co-locate Zk VMs with mgmt/data VMs set zkInstanceCount=0 +# Otherwise set zkInstanceCount=3 for stand-alone VMs +variable "zkInstanceCount" { default = "0" } +variable "zkInstanceShape" { default = "VM.Standard2.1" } + +# Number of hosts for mgmt instances {0|2} +# 0 = co-located with data instance VMs +variable "mgInstanceCount" { default = "0" } +variable "mgInstanceShape" { default = "VM.Standard2.1" } + +# Client only installations are allocated on clInstanceCount VMs +# clients are provisioned on private subnet +variable "clInstanceCount" { default = "0" } +variable "clInstanceShape" { default = "VM.Standard2.1" } + +# Number and shape of Bastion hosts {1|2|3} +variable "bsInstanceCount" { default = "1" } +variable "bsInstanceShape" { default = "VM.Standard2.1" } +variable "bsInstanceInitialAD" { default = "1" } + +### Which AD(s) +# Compute instances provisioned round robin to AD mod ksafety +# To start provisioning in AD3, initialAD=3 +# Valid values are 1-3 otherwise 1 is used +variable "initialAD" { default = "1" } +# Co-locate data spaces and management instances in same AD +# singleAD == { "true" | "false" } +variable "singleAD" { default = "false" } + +### Block Volumes if any +# One block volume for each data compute instance (NxK) +# To use block volumes, instance shape must be standard +# If both block and nvme devices exist, DB is created on nvme only +# +# Size of block volume in GB to attach to each data compute instance +# diBlockVolumeSizeGB < 50 means do not attach block volumes to any data compute instance +# Recommended to use > 3X RAM of diInstanceShape +# Minimum allocation is 50 GB +variable "diBlockVolumeSizeGB" { default = "0" } + +# What OS Image to use +variable "InstanceImageOCID" { + type = "map" + default = { + # Oracle-Linux-7.6-2019.02.20-0 + // See https://docs.us-phoenix-1.oraclecloud.com/images/ + "ca-toronto-1" = "ocid1.image.oc1.ca-toronto-1.aaaaaaaa7ac57wwwhputaufcbf633ojir6scqa4yv6iaqtn3u64wisqd3jjq" + "eu-frankfurt-1" = "ocid1.image.oc1.eu-frankfurt-1.aaaaaaaa527xpybx2azyhcz2oyk6f4lsvokyujajo73zuxnnhcnp7p24pgva" + "uk-london-1" = "ocid1.image.oc1.uk-london-1.aaaaaaaarruepdlahln5fah4lvm7tsf4was3wdx75vfs6vljdke65imbqnhq" + "us-ashburn-1" = "ocid1.image.oc1.iad.aaaaaaaannaquxy7rrbrbngpaqp427mv426rlalgihxwdjrz3fr2iiaxah5a" + "us-phoenix-1" = "ocid1.image.oc1.phx.aaaaaaaacss7qgb6vhojblgcklnmcbchhei6wgqisqmdciu3l4spmroipghq" + } +} + +# Variables after this point written to ansible vars file +# +# Networking +# VCN addressing +# +variable "network" { + type = "map" + default = { + "cidr" = "172.16.0.0/16" + # logbase2(subnets in network) + # enables 2^16 - 2^subnets host systems + "subnets" = "4" + # nat instance or nat gateway? + # nat instance single point of failure + "use_nat_gateway" = "1" + } +} + +# Oracle Timesten Scaleout +variable "timesten" { + type = "map" + default = { + "databasecharacterset" = "AL32UTF8" + "connectioncharacterset" = "AL32UTF8" + "connections" = 2048 + "durability" = 0 + "permsize" = 4096 + "tempsize" = 400 + "restarttimeout" = 300 + "stoptimeout" = 300 + "mgmtdaemonport" = 6624 + "mgmtcsport" = 6625 + "mgmtreplport" = 3754 + # entire ephemeral range req'd for channel ports at present + "chnlportlo" = 32768 + "chnlporthi" = 61000 + # daemon and cs ports must be in range chnlportlo-chnlporthi + "dsdaemonport" = 46464 + "dscsport" = 46465 + } +} + +# Zookeeper Configuration +variable "zookeeper" { + type = "map" + default = { + zkclientport = "2181" + zkserverport = "2888" + zkelectionport = "3888" + } +} + +# Storage Configuration +# Uses no more than 4 devices +# LVM only or mdraid (mdadm) +# LVM-RAID-0, MD-RAID-10 +# Creating a file system on mdraid takes 10-30 minutes +# Default is RAID0 (striped) using LVM +# +variable "system" { + type = "map" + default = { + "fsname" = "/u10" + "storage" = "LVM-RAID-0" + } +} + +# opc +variable "opc" { + type = "map" + default = { + opchome = "/home/opc" + scriptdir = "service/scripts" + securityupdates = "false" + tagkey = "TimesTenScaleout" + } +} + +variable "java" { + type = "map" + default = { + "javabase" = "/opt" + } +} + +# Begin section of: do not modify here variables +# Begin Defined in env-vars +# oci +variable "tenancy_ocid" {} +variable "user_ocid" {} +variable "fingerprint" {} +variable "private_key_path" {} +variable "compartment_ocid" {} +variable "region" {} +# keys +variable "ssh_public_key" {} +variable "ssh_private_key" {} +# timeout +variable "instance_create_timeout" {} +# name +variable "service_name" {} +# end Defined in env-vars +# end do not modify here diff --git a/example/real_world_stuff/oracle/oracle%sample-serverless-saas-erp-dataload%terraform%apigw.tf b/example/real_world_stuff/oracle/oracle%sample-serverless-saas-erp-dataload%terraform%apigw.tf new file mode 100644 index 0000000..1aadc6a --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%sample-serverless-saas-erp-dataload%terraform%apigw.tf @@ -0,0 +1,31 @@ +# Copyright (c) 2021, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +resource "oci_apigateway_gateway" "ServerlessIntegration_gateway" { + compartment_id = var.compartment_ocid + endpoint_type = "PUBLIC" + display_name = "ServerlessIntegration_APIGW" + subnet_id = oci_core_subnet.ServerlessIntegration_subnet.id +} + +resource "oci_apigateway_deployment" "ServerlessIntegration_Deployment" { + compartment_id = var.compartment_ocid + display_name = "ServerlessIntegration_Deployment" + gateway_id = oci_apigateway_gateway.ServerlessIntegration_gateway.id + path_prefix = var.functionsapp.pathprefix + specification { + request_policies { + } + dynamic "routes" { + for_each = {for func in local.functions: basename(func.fnpath)=>func if length(func.methods)>0 && func.path!=null} + content { + backend { + type = "ORACLE_FUNCTIONS_BACKEND" + function_id = module.functions[routes.key].function_ocid + } + path = routes.value.path + methods = routes.value.methods + } + } + } +} diff --git a/example/real_world_stuff/oracle/oracle%sample-serverless-saas-erp-dataload%terraform%events.tf b/example/real_world_stuff/oracle/oracle%sample-serverless-saas-erp-dataload%terraform%events.tf new file mode 100644 index 0000000..0b50277 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%sample-serverless-saas-erp-dataload%terraform%events.tf @@ -0,0 +1,65 @@ +# Copyright (c) 2021, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +resource "oci_events_rule" "ServerlessIntegration_PROCESS_ERP_JSON" { + actions { + actions { + action_type = "FAAS" + is_enabled = "true" + function_id= module.functions["erp-transform-file"].function_ocid + description = "Call erp-transform-file to transform the file from JSON to ERP format" + } + actions { + action_type = "ONS" + is_enabled = "true" + description = "Send Notification" + topic_id = oci_ons_notification_topic.ServerlessIntegration_INFO_TOPIC.id + } + } + compartment_id = var.compartment_ocid + condition = jsonencode({ + eventType: "com.oraclecloud.objectstorage.createobject" + data: { additionalDetails: { + bucketName: var.datafile_buckets.json_inbound_bucket_name + } + } + } + ) + + + + + + display_name = "ServerlessIntegration_PROCESS_ERP JSON" + is_enabled =true +} + +resource "oci_events_rule" "ServerlessIntegration_PROCESS_ERP_ZIP" { + actions { + actions { + action_type = "FAAS" + is_enabled = "true" + function_id= module.functions["erp-file-load"].function_ocid + description = "Call erp-file=load to load the file into Oracle ERP" + } + actions { + action_type = "ONS" + is_enabled = "true" + description = "Send Notification" + topic_id = oci_ons_notification_topic.ServerlessIntegration_INFO_TOPIC.id + } + } + compartment_id = var.compartment_ocid + condition = jsonencode({ + eventType: "com.oraclecloud.objectstorage.createobject" + data: { additionalDetails: { + bucketName: var.datafile_buckets.zip_inbound_bucket_name + } + } + } + ) + + + display_name = "ServerlessIntegration_PROCESS_ERP_ZIP" + is_enabled =true +} \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%sample-serverless-saas-erp-dataload%terraform%functionsapp.tf b/example/real_world_stuff/oracle/oracle%sample-serverless-saas-erp-dataload%terraform%functionsapp.tf new file mode 100644 index 0000000..1a08669 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%sample-serverless-saas-erp-dataload%terraform%functionsapp.tf @@ -0,0 +1,37 @@ +# Copyright (c) 2021, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +locals { + rawctxdata = yamldecode(file(var.functionsapp.contextfile)) +} +resource "oci_functions_application" "ServerlessIntegration_App" { + compartment_id = var.compartment_ocid + syslog_url = var.functionsapp.syslogurl + display_name = var.functionsapp.appname + subnet_ids = [oci_core_subnet.ServerlessIntegration_subnet.id] + config = jsondecode(templatefile(var.functionsapp.config_template, { + apigw = oci_apigateway_gateway.ServerlessIntegration_gateway + datafile_buckets= var.datafile_buckets + fnapp = var.functionsapp + fn = local.functionmap + ons_error_topic_ocid = oci_ons_notification_topic.ServerlessIntegration_ERROR_TOPIC.id + ons_info_topic_ocid = oci_ons_notification_topic.ServerlessIntegration_INFO_TOPIC.id + erp_password_vault_ocid = data.oci_vault_secrets.erp_secret.secrets[0].id + fusion_properties = var.fusion_properties + fusion_server = var.fusion_server + })) +} + +module "functions" { + source = "./functionsmodule" + for_each = local.functionmap + function = each.value + compartment = var.compartment_ocid + functionsapp = var.functionsapp + application = oci_functions_application.ServerlessIntegration_App.id + registry = local.rawctxdata.registry +} + + + + diff --git a/example/real_world_stuff/oracle/oracle%sample-serverless-saas-erp-dataload%terraform%functionsmodule%functions.tf b/example/real_world_stuff/oracle/oracle%sample-serverless-saas-erp-dataload%terraform%functionsmodule%functions.tf new file mode 100644 index 0000000..1a36ef6 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%sample-serverless-saas-erp-dataload%terraform%functionsmodule%functions.tf @@ -0,0 +1,47 @@ +# Copyright (c) 2021, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +variable "function" {} +variable "compartment" {} +variable "functionsapp" {} +variable "application" {} +variable "registry" {} + +locals { + fnroot = "${abspath(path.root)}/${var.function.fnpath}" + fnyaml = "${local.fnroot}/${var.function.yamlfile}" + rawfndata = yamldecode(file(local.fnyaml)) + fndata = { + name = local.rawfndata.name + version = local.rawfndata.version + memory = local.rawfndata.memory + timeout = var.function.timeout + image = "${var.registry}/${local.rawfndata.name}:${local.rawfndata.version}" + } +} + +resource "null_resource" "deploy_function" { + triggers = { + fnversion = local.fndata.version + } + provisioner "local-exec" { + working_dir = local.fnroot + command = <<-EOC + fn build + fn push + EOC + } +} + +resource "oci_functions_function" "test_function" { + depends_on = [ null_resource.deploy_function ] + application_id = var.application + display_name = local.fndata.name + image = local.fndata.image + memory_in_mbs = local.fndata.memory + timeout_in_seconds = local.fndata.timeout +} + +output "function_ocid" { + value = oci_functions_function.test_function.id +} diff --git a/example/real_world_stuff/oracle/oracle%sample-serverless-saas-erp-dataload%terraform%network.tf b/example/real_world_stuff/oracle/oracle%sample-serverless-saas-erp-dataload%terraform%network.tf new file mode 100644 index 0000000..23f117a --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%sample-serverless-saas-erp-dataload%terraform%network.tf @@ -0,0 +1,64 @@ +# Copyright (c) 2021, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +resource "oci_core_internet_gateway" "ServerlessIntegration_igtw" { + compartment_id = var.compartment_ocid + vcn_id = oci_core_vcn.ServerlessIntegration_vcn.id + display_name = "ServerlessIntegration_igtw" +} + +resource "oci_core_default_route_table" "ServerlessIntegration_routetable" { + manage_default_resource_id = oci_core_vcn.ServerlessIntegration_vcn.default_route_table_id + display_name = "ServerlessIntegration_routetable" + + route_rules { + destination = "0.0.0.0/0" + network_entity_id = oci_core_internet_gateway.ServerlessIntegration_igtw.id + } +} + +resource "oci_core_default_security_list" "ServerlessIntegration_igtw_sec_list" { + manage_default_resource_id = oci_core_vcn.ServerlessIntegration_vcn.default_security_list_id + display_name = "ServerlessIntegration_seclist" + egress_security_rules { + protocol = "all" + destination = "0.0.0.0/0" + stateless = false + } + + // allow inbound icmp traffic of a specific type + ingress_security_rules { + protocol = 1 + source = oci_core_vcn.ServerlessIntegration_vcn.cidr_block + stateless = false + + icmp_options { + type = 3 + } + } + + ingress_security_rules { + protocol = "6" + // tcp + source = "0.0.0.0/0" + stateless = false + + tcp_options { + min = 443 + max = 443 + } + } +} + +resource "oci_core_subnet" "ServerlessIntegration_subnet" { + cidr_block = var.functionsapp.subnet + compartment_id = var.compartment_ocid + vcn_id = oci_core_vcn.ServerlessIntegration_vcn.id + display_name = "ServerlessIntegration_subnet" +} + +resource "oci_core_vcn" "ServerlessIntegration_vcn" { + cidr_block = var.functionsapp.subnet + compartment_id = var.compartment_ocid + display_name = "ServerlessIntegration_VCN" +} diff --git a/example/real_world_stuff/oracle/oracle%sample-serverless-saas-erp-dataload%terraform%storage.tf b/example/real_world_stuff/oracle/oracle%sample-serverless-saas-erp-dataload%terraform%storage.tf new file mode 100644 index 0000000..fe9559a --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%sample-serverless-saas-erp-dataload%terraform%storage.tf @@ -0,0 +1,38 @@ +# Copyright (c) 2021, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +# +# This file creates the object storage buckets +# +resource "oci_objectstorage_bucket" "ServerlessIntegration_JSON_INBOUND" { + compartment_id = var.compartment_ocid + name = var.datafile_buckets.json_inbound_bucket_name + namespace = var.oci-namespace + object_events_enabled = true +} +resource "oci_objectstorage_bucket" "ServerlessIntegration_FAILED" { + + compartment_id = var.compartment_ocid + name = var.datafile_buckets.failed_bucket_name + namespace = var.oci-namespace + object_events_enabled = true +} +resource "oci_objectstorage_bucket" "ServerlessIntegration_PROCESSING" { + + compartment_id = var.compartment_ocid + name = var.datafile_buckets.processing_bucket_name + namespace = var.oci-namespace + object_events_enabled = true +} +resource "oci_objectstorage_bucket" "ServerlessIntegration_ZIPINBOUND" { + compartment_id = var.compartment_ocid + name = var.datafile_buckets.zip_inbound_bucket_name + namespace = var.oci-namespace + object_events_enabled = true +} +resource "oci_objectstorage_bucket" "ServerlessIntegration_SUCCESS" { + compartment_id = var.compartment_ocid + name = var.datafile_buckets.succeeded_bucket_name + namespace = var.oci-namespace + object_events_enabled = true +} diff --git a/example/real_world_stuff/oracle/oracle%sample-serverless-saas-erp-dataload%terraform%topic.tf b/example/real_world_stuff/oracle/oracle%sample-serverless-saas-erp-dataload%terraform%topic.tf new file mode 100644 index 0000000..65e69d9 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%sample-serverless-saas-erp-dataload%terraform%topic.tf @@ -0,0 +1,28 @@ +# Copyright (c) 2021, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +resource "oci_ons_notification_topic" "ServerlessIntegration_ERROR_TOPIC" { + compartment_id = var.compartment_ocid + name = "ServerlessIntegration_ERROR_TOPIC" + description = "All error messages from the ERP integration flow end up being posted here" +} +resource "oci_ons_notification_topic" "ServerlessIntegration_INFO_TOPIC" { + compartment_id = var.compartment_ocid + name = "ServerlessIntegration_INFO_TOPIC" + description = "All informational messages from the ERP integration flow end up being posted here" +} + + +resource "oci_ons_subscription" "ServerlessIntegration_info_sub" { + compartment_id = var.compartment_ocid + endpoint = var.notification_email + protocol = "EMAIL" + topic_id = oci_ons_notification_topic.ServerlessIntegration_ERROR_TOPIC.id +} + +resource "oci_ons_subscription" "ServerlessIntegration_error_sub" { + compartment_id = var.compartment_ocid + endpoint = var.notification_email + protocol = "EMAIL" + topic_id = oci_ons_notification_topic.ServerlessIntegration_INFO_TOPIC.id +} diff --git a/example/real_world_stuff/oracle/oracle%sample-serverless-saas-erp-dataload%terraform%variables.tf b/example/real_world_stuff/oracle/oracle%sample-serverless-saas-erp-dataload%terraform%variables.tf new file mode 100644 index 0000000..f1edd87 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%sample-serverless-saas-erp-dataload%terraform%variables.tf @@ -0,0 +1,183 @@ +# Copyright (c) 2021, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + + +variable "user" { + description = "OCI user OCID" + type = string +} +variable "fingerprint" { + description = "OCI key fingerprint" + type = string + +} +variable "key_file" { + description = "OCI key file path" + type = string +} +variable "tenancy" { + description = "OCI tenancy OCID" + type = string +} +variable "region" { + description = "OCI region code" + type = string +} + +variable "pass_phrase" { + description = "OCI key file pass phrase" + type = string + default = null +} + +variable "functionsapp" { + description = <func} +} + +provider "oci" { + tenancy_ocid = var.tenancy + user_ocid = var.user + fingerprint = var.fingerprint + private_key_path = var.key_file + region = var.region + private_key_password = var.pass_phrase +} + +variable "compartment_ocid" { + description = "OCI compartment OCID" + type = string +} + +variable "oci-namespace" { + description = "OCI Namespace where assets will be deployed to" + type = string +} + + +# Email address to receive notifications +variable "notification_email" { + description = "Email to send notifications whilst code is processing data" + type = string +} + +# +# Bucket Names used for the data files, the following names will be "prefixed" with the global prefix above +# +variable "datafile_buckets" { + description = "Names of the various OCI buckets" + type = object( + { + json_inbound_bucket_name=string + zip_inbound_bucket_name=string + processing_bucket_name=string + succeeded_bucket_name=string + failed_bucket_name=string + }) + default = { + json_inbound_bucket_name = "Serverless_Integration_json_inbound" + zip_inbound_bucket_name = "Serverless_Integration_zip_inbound" + processing_bucket_name = "Serverless_Integration_processing" + succeeded_bucket_name = "Serverless_Integration_succeeded" + failed_bucket_name = "Serverless_Integration_failed" + } +} + + +# +# Fusion ERP FBDI defaults (for invoices) +variable "fusion_properties" { + description = <> ~/.bashrc" + ] + } +} + diff --git a/example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%ceph-osd%storage%variables.tf b/example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%ceph-osd%storage%variables.tf new file mode 100644 index 0000000..e1e1e48 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%ceph-osd%storage%variables.tf @@ -0,0 +1,56 @@ +#=============================================================== +# Module Inputs +#=============================================================== + +variable "compartment_id" { + description = "The OCI compartment id" +} + +variable "instance_id" { + description = "The list of compute instance ids to which volume will be attached" + type = "list" +} + +variable "instance_count" { + description = "The number of compute instances; This many number of volumes will be created" + default = "1" +} + +variable "username" { + description = "The username for login to the instance(s)" + default = "opc" +} + +variable "ssh_private_key" { + description = "The ssh private key for login to the instance(s)" +} + +variable "availability_domain" { + description = "The list of availability domains" + type = "list" +} + +variable "availability_domain_index" { + description = "The index for the availability domain in the list; this is where the volume will be created" + type = "list" +} + +variable "volume_name_prefix" { + description = "The prefix to the name of the volume. The name will be appended by an hyphen, followed by an integer starting at 0" +} + +variable "volume_size_in_gbs" { + description = "The size of the volume in GB" + default = "1024" +} + +variable "volume_attachment_type" { + description = "The type of attachment to the instacne. Currently, iscsi is the only option" + default = "iscsi" +} + +variable "host_addresses" { + description = "The IP address of the host instance " + type = "list" +} + diff --git a/example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%ceph-osd%variables.tf b/example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%ceph-osd%variables.tf new file mode 100644 index 0000000..584aa67 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%ceph-osd%variables.tf @@ -0,0 +1,96 @@ + +#=============================================================== +# Module Inputs +#=============================================================== + +variable "tenancy_ocid" { + description = "The OCI tenancy id" +} + +variable "compartment_ocid" { + description = "The OCI compartment id" +} + +variable "instance_os" { + description = "The Name of the Operating System for all OSDs" +} + +variable "instance_count" { + description = "The Number of OSDs to create" +} + +variable "availability_domain_index_list" { + description = "The availability domains where the OSDs will be created (as a list of indexes)" + type = "list" +} + +variable "hostname_prefix" { + description = "The prefix to the name of the instances. The name will be appended by an hyphen, followed by an integer starting at 0" +} + +variable "shape" { + description = "The compute shape of the instances" +} + +variable "subnet_id_list" { + description = "The subnets where the OSDs will be created (as a list of indexes)" + type = "list" +} + +variable "ssh_public_key_file" { + description = "The public key that will be installed on to the new instance(s) for ssh login" +} + +variable "ssh_private_key_file" { + description = "The private key that for ssh login to the new instance(s)" +} + +variable "ssh_username" { + description = "The username for ssh login to the instance(s)" +} + +variable "ceph_deployer_ip" { + description = "The IP of the Ceph deployer node" +} + +variable "instance_create_timeout" { + description = "The timeout value for instance creation" +} + +variable "create_volume" { + description = "Controls whether or not to create a block storage. Create if the value is set to true." + default = false +} + +variable "volume_name_prefix" { + description = "The prefix to the name of the volumes. The name will be appended by an hyphen, followed by an integer starting at 0" +} + +variable "volume_size_in_gbs" { + description = "The size of the volume in GB" +} + +variable "volume_attachment_type" { + description = "The type of attachment to the instance. Currently, iscsi is the only option" +} + +variable "scripts_src_directory" { + description = "Path to the directory where the scripts and config files are" +} + +variable "scripts_dst_directory" { + description = "Path to the directory where the scripts and config files will be copied to" +} + +variable "block_device_for_ceph" { + description = "A list of the names for the block deivices that can be used for Ceph. Currently we use two values: 'sbd' for block storage and 'nvme0n1 for instances with NVMe SSDs" + type = "list" +} + +variable "deployer_deploy" { + description = "A Synchronization primitive for letting TF know that the deployment for the deployer is complete" +} + +variable "new_cluster" { + description = "A Synchronization primitive for letting TF know that the creation of the new cluster is complete" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%network%main.tf b/example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%network%main.tf new file mode 100644 index 0000000..f1fb6ba --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%network%main.tf @@ -0,0 +1,189 @@ + +#------------------------------------------------------------------------------- +# If both var.create_new_subnet AND var.create_new_vcn is set to true +# 1. Create a new VCN +# 2. Create a Gateway for that VCN +#------------------------------------------------------------------------------- +# Create a New VCN +resource "oci_core_virtual_network" "vcn" { + count = "${min(var.create_new_vcn, var.create_new_subnets)}" + cidr_block = "${var.vcn_cidr}" + compartment_id = "${var.compartment_id}" + display_name = "${var.vcn_name}" + dns_label = "${var.vcn_name}" +} + +# Create a New Gateway +#resource "oci_core_internet_gateway" "gateway" { +# count = "${min(var.create_new_vcn, var.create_new_subnets)}" +# compartment_id = "${var.compartment_id}" +# display_name = "${var.gateway_name}" +# vcn_id = "${oci_core_virtual_network.vcn.id}" +#} + +locals { + vcn_id = "${element(concat(oci_core_virtual_network.vcn.*.id, var.existing_vcn_id), 0)}" +} + +#------------------------------------------------------------------------------- +# Get the ID of the Internet Gateway to be used for the rest of the deployment +#==================================================================================== +# When a new VCN was created +#data "oci_core_internet_gateways" "igw_new" { +# count = "${min(var.create_new_vcn, var.create_new_subnets)}" +# depends_on = [ "oci_core_internet_gateway.gateway" ] +# compartment_id = "${var.compartment_id}" +# vcn_id = "${oci_core_virtual_network.vcn.id}" +#} +# +## When an existing VCN is used +#data "oci_core_internet_gateways" "igw_existing" { +# count = "${1 - min(var.create_new_vcn, var.create_new_subnets)}" +# compartment_id = "${var.compartment_id}" +# vcn_id = "${var.existing_vcn_id[0]}" +#} +# +#locals { +# gateway_list_of_list = "${concat(data.oci_core_internet_gateways.igw_new.*.gateways, data.oci_core_internet_gateways.igw_existing.*.gateways)}" +# gateway_list = [ "${local.gateway_list_of_list[0]}" ] +# gateway_id = "${lookup(local.gateway_list[0], "id")}" +#} +# +#------------------------------------------------------------------------------- +# Get the DHCP Options to be used for the rest of the deployment +#------------------------------------------------------------------------------- +data "oci_core_dhcp_options" "dhcp_opt" { + compartment_id = "${var.compartment_id}" + vcn_id = "${local.vcn_id}" +} + +locals { +# dhcp_options_id = "${lookup(data.oci_core_dhcp_options.dhcp_opt.options[0], "id")}" + dhcp_options_id = "" +} + +#------------------------------------------------------------------------------- +# If var.create_new_subnet is set to true +# 1. Create a Route Table +# 2. Create a Security List +#------------------------------------------------------------------------------- +#resource "oci_core_route_table" "route_table" { +# count = "${var.create_new_subnets}" +# depends_on = [ "oci_core_internet_gateway.gateway" ] +# compartment_id = "${var.compartment_id}" +# vcn_id = "${local.vcn_id}" +# display_name = "${var.route_table_name}" +# route_rules { +# cidr_block = "0.0.0.0/0" +# network_entity_id = "${local.gateway_id}" +# } +#} + +data "oci_core_route_tables" "route_table" { + compartment_id = "${var.compartment_id}" + vcn_id = "${local.vcn_id}" +} + +locals { + #route_table_id = "${lookup(data.oci_core_route_tables.route_table.route_tables[0], "id")}" + route_table_id = "" +} + + +resource "oci_core_security_list" "security_list" { + count = "${var.create_new_subnets}" + compartment_id = "${var.compartment_id}" + display_name = "Security List" + vcn_id = "${local.vcn_id}" + egress_security_rules = [{ + destination = "0.0.0.0/0" + protocol = "all" + }] + ingress_security_rules { + protocol = "6" // tcp + source = "0.0.0.0/0" + stateless = false + tcp_options = { + "min" = 22 //ssh + "max" = 22 + } + } + ingress_security_rules { + protocol = "6" // tcp + source = "0.0.0.0/0" + stateless = false + tcp_options = { + "min" = 80 //http + "max" = 80 + } + } + ingress_security_rules { + protocol = "6" // tcp + source = "0.0.0.0/0" + stateless = false + tcp_options = { + "min" = 443 //https + "max" = 443 + } + } + ingress_security_rules { + protocol = "6" // tcp + source = "10.0.0.0/16" + stateless = false + tcp_options = { + "min" = 6789 //ceph-monitors + "max" = 6789 + } + } + ingress_security_rules { + protocol = "6" // tcp + source = "10.0.0.0/16" + stateless = false + tcp_options = { + "min" = 6800 //ceph-servers + "max" = 7300 + } + } + ingress_security_rules { + protocol = "6" // tcp + source = "10.0.0.0/16" + stateless = false + tcp_options = { + "min" = 7480 //ceph-servers + "max" = 7480 + } + } + ingress_security_rules { + protocol = "6" // tcp + source = "10.0.0.0/16" + stateless = false + tcp_options = { + "min" = 9000 //ceph-servers + "max" = 9000 + } + } +} + +#------------------------------------------------------------------------------- +# Get a list of Availability Domains +#------------------------------------------------------------------------------- +data "oci_identity_availability_domains" "ADs" { + compartment_id = "${var.tenancy_ocid}" +} + +#------------------------------------------------------------------------------- +# If var.create_new_subnet is set to true +# 1. Create the Subnets +#------------------------------------------------------------------------------- +resource "oci_core_subnet" "subnets" { + count = "${var.new_subnet_count}" + availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[element(var.availability_domain_index_list, count.index) - 1],"name")}" + cidr_block = "${element(var.subnet_cidr_blocks, count.index)}" + display_name = "${var.subnet_name_prefix}${count.index}" + compartment_id = "${var.compartment_id}" + vcn_id = "${local.vcn_id}" + route_table_id = "${local.route_table_id}" + security_list_ids = [ "${oci_core_security_list.security_list.*.id}" ] + dhcp_options_id = "${local.dhcp_options_id}" + dns_label = "${var.subnet_name_prefix}${count.index}" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%network%output.tf b/example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%network%output.tf new file mode 100644 index 0000000..13cb09c --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%network%output.tf @@ -0,0 +1,16 @@ + +output "vcn_id" { + value = "${local.vcn_id}" +} + +output "dhcp_options_id" { + value = "${local.dhcp_options_id}" +} + +output "security_list_id" { + value = "${oci_core_security_list.security_list.*.id}" +} + +output "subnet_id_list" { + value = [ "${concat(oci_core_subnet.subnets.*.id, var.existing_subnet_ids)}" ] +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%network%variables.tf b/example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%network%variables.tf new file mode 100644 index 0000000..b6b5640 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%network%variables.tf @@ -0,0 +1,72 @@ + +#=============================================================== +# Module Inputs +#=============================================================== + +variable "tenancy_ocid" { + description = "The OCI tenancy id" +} + +variable "compartment_id" { + description = "The OCI compartment id" +} + +variable "create_new_vcn" { + description = "If true, a New VCN and Gateway will be created; If false, an existing VCN ID (in the same region) must be provided via the variable existing_vcn_id" + default = false +} + +variable existing_vcn_id { + description = "If create_new_vcn is false, provide the id of an existing VCN to use" + default = [ "" ] +} + +variable "vcn_cidr" { + description = "The CIDR for the new VCN (if created)" + default = "10.0.0.0/16" +} + +variable "vcn_name" { + description = "The name for the new VCN (if created)" + default = "cephvcn" +} + +variable "gateway_name" { + description = "The name of the gateway for the new VCN (if created)" + default = "cephgw" +} + +variable "route_table_name" { + description = "The name of the route table for the new VCN (if created)" + default = "cephrt" +} + +variable "create_new_subnets" { + description = "If true, new subnets will be created; If false, existing subnet ids must be provided via the variable existing_subnet_ids" + default = false +} + +variable "new_subnet_count" { + description = "The nubner of subnets to create" + default = "0" +} + +variable existing_subnet_ids { + description = "If create_new_subnets is false, provide the list of ids of existing subnets to use" + default = [ "" ] +} + +variable "availability_domain_index_list" { + description = "Specifies the availability domain indexes for the subnets" + default = ["1", "2", "3"] +} + +variable "subnet_name_prefix" { + description = "The prefix for the subnet names" + default = "cephSub" +} + +variable "subnet_cidr_blocks" { + description = "The CIDR for the new subnets(if created)" + default = [ "10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24" ] +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%network.full%main.tf b/example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%network.full%main.tf new file mode 100644 index 0000000..5f4a13b --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%network.full%main.tf @@ -0,0 +1,177 @@ + +#------------------------------------------------------------------------------- +# If both var.create_new_subnet AND var.create_new_vcn is set to true +# 1. Create a new VCN +# 2. Create a Gateway for that VCN +#------------------------------------------------------------------------------- +# Create a New VCN +resource "oci_core_virtual_network" "vcn" { + count = "${min(var.create_new_vcn, var.create_new_subnets)}" + cidr_block = "${var.vcn_cidr}" + compartment_id = "${var.compartment_id}" + display_name = "${var.vcn_name}" + dns_label = "${var.vcn_name}" +} + +# Create a New Gateway +resource "oci_core_internet_gateway" "gateway" { + count = "${min(var.create_new_vcn, var.create_new_subnets)}" + compartment_id = "${var.compartment_id}" + display_name = "${var.gateway_name}" + vcn_id = "${oci_core_virtual_network.vcn.id}" +} + +locals { + vcn_id = "${element(concat(oci_core_virtual_network.vcn.*.id, var.existing_vcn_id), 0)}" +} + +#------------------------------------------------------------------------------- +# Get the ID of the Internet Gateway to be used for the rest of the deployment +#==================================================================================== +# When a new VCN was created +data "oci_core_internet_gateways" "igw_new" { + count = "${min(var.create_new_vcn, var.create_new_subnets)}" + depends_on = [ "oci_core_internet_gateway.gateway" ] + compartment_id = "${var.compartment_id}" + vcn_id = "${oci_core_virtual_network.vcn.id}" +} + +# When an existing VCN is used +data "oci_core_internet_gateways" "igw_existing" { + count = "${1 - min(var.create_new_vcn, var.create_new_subnets)}" + compartment_id = "${var.compartment_id}" + vcn_id = "${var.existing_vcn_id[0]}" +} + +locals { + gateway_list_of_list = "${concat(data.oci_core_internet_gateways.igw_new.*.gateways, data.oci_core_internet_gateways.igw_existing.*.gateways)}" + gateway_list = "${local.gateway_list_of_list[0]}" + gateway_id = "${lookup(local.gateway_list[0], "id")}" +} + +#------------------------------------------------------------------------------- +# Get the DHCP Options to be used for the rest of the deployment +#------------------------------------------------------------------------------- +data "oci_core_dhcp_options" "dhcp_opt" { + compartment_id = "${var.compartment_id}" + vcn_id = "${local.vcn_id}" +} + +locals { + dhcp_options_id = "${lookup(data.oci_core_dhcp_options.dhcp_opt.options[0], "id")}" +} + +#------------------------------------------------------------------------------- +# If var.create_new_subnet is set to true +# 1. Create a Route Table +# 2. Create a Security List +#------------------------------------------------------------------------------- +resource "oci_core_route_table" "route_table" { + count = "${var.create_new_subnets}" + depends_on = [ "oci_core_internet_gateway.gateway" ] + compartment_id = "${var.compartment_id}" + vcn_id = "${local.vcn_id}" + display_name = "${var.route_table_name}" + route_rules { + cidr_block = "0.0.0.0/0" + network_entity_id = "${local.gateway_id}" + } +} + +resource "oci_core_security_list" "security_list" { + count = "${var.create_new_subnets}" + compartment_id = "${var.compartment_id}" + display_name = "Security List" + vcn_id = "${local.vcn_id}" + egress_security_rules = [{ + destination = "0.0.0.0/0" + protocol = "all" + }] + ingress_security_rules { + protocol = "6" // tcp + source = "0.0.0.0/0" + stateless = false + tcp_options = { + "min" = 22 //ssh + "max" = 22 + } + } + ingress_security_rules { + protocol = "6" // tcp + source = "0.0.0.0/0" + stateless = false + tcp_options = { + "min" = 80 //http + "max" = 80 + } + } + ingress_security_rules { + protocol = "6" // tcp + source = "0.0.0.0/0" + stateless = false + tcp_options = { + "min" = 443 //https + "max" = 443 + } + } + ingress_security_rules { + protocol = "6" // tcp + source = "10.0.0.0/16" + stateless = false + tcp_options = { + "min" = 6789 //ceph-monitors + "max" = 6789 + } + } + ingress_security_rules { + protocol = "6" // tcp + source = "10.0.0.0/16" + stateless = false + tcp_options = { + "min" = 6800 //ceph-servers + "max" = 7300 + } + } + ingress_security_rules { + protocol = "6" // tcp + source = "10.0.0.0/16" + stateless = false + tcp_options = { + "min" = 7480 //ceph-servers + "max" = 7480 + } + } + ingress_security_rules { + protocol = "6" // tcp + source = "10.0.0.0/16" + stateless = false + tcp_options = { + "min" = 9000 //ceph-servers + "max" = 9000 + } + } +} + +#------------------------------------------------------------------------------- +# Get a list of Availability Domains +#------------------------------------------------------------------------------- +data "oci_identity_availability_domains" "ADs" { + compartment_id = "${var.tenancy_ocid}" +} + +#------------------------------------------------------------------------------- +# If var.create_new_subnet is set to true +# 1. Create the Subnets +#------------------------------------------------------------------------------- +resource "oci_core_subnet" "subnets" { + count = "${var.new_subnet_count}" + availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[element(var.availability_domain_index_list, count.index) - 1],"name")}" + cidr_block = "${element(var.subnet_cidr_blocks, count.index)}" + display_name = "${var.subnet_name_prefix}${count.index}" + compartment_id = "${var.compartment_id}" + vcn_id = "${local.vcn_id}" + route_table_id = "${oci_core_route_table.route_table.id}" + security_list_ids = [ "${oci_core_security_list.security_list.*.id}" ] + dhcp_options_id = "${local.dhcp_options_id}" + dns_label = "${var.subnet_name_prefix}${count.index}" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%network.full%output.tf b/example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%network.full%output.tf new file mode 100644 index 0000000..8876fa1 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%network.full%output.tf @@ -0,0 +1,24 @@ + +output "vcn_id" { + value = "${local.vcn_id}" +} + +output "gateway_id" { + value = "${local.gateway_id}" +} + +output "dhcp_options_id" { + value = "${local.dhcp_options_id}" +} + +output "route_table_id" { + value = "${oci_core_route_table.route_table.*.id}" +} + +output "security_list_id" { + value = "${oci_core_security_list.security_list.*.id}" +} + +output "subnet_id_list" { + value = [ "${concat(oci_core_subnet.subnets.*.id, var.existing_subnet_ids)}" ] +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%network.full%variables.tf b/example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%network.full%variables.tf new file mode 100644 index 0000000..b6b5640 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-ceph-installer%modules%network.full%variables.tf @@ -0,0 +1,72 @@ + +#=============================================================== +# Module Inputs +#=============================================================== + +variable "tenancy_ocid" { + description = "The OCI tenancy id" +} + +variable "compartment_id" { + description = "The OCI compartment id" +} + +variable "create_new_vcn" { + description = "If true, a New VCN and Gateway will be created; If false, an existing VCN ID (in the same region) must be provided via the variable existing_vcn_id" + default = false +} + +variable existing_vcn_id { + description = "If create_new_vcn is false, provide the id of an existing VCN to use" + default = [ "" ] +} + +variable "vcn_cidr" { + description = "The CIDR for the new VCN (if created)" + default = "10.0.0.0/16" +} + +variable "vcn_name" { + description = "The name for the new VCN (if created)" + default = "cephvcn" +} + +variable "gateway_name" { + description = "The name of the gateway for the new VCN (if created)" + default = "cephgw" +} + +variable "route_table_name" { + description = "The name of the route table for the new VCN (if created)" + default = "cephrt" +} + +variable "create_new_subnets" { + description = "If true, new subnets will be created; If false, existing subnet ids must be provided via the variable existing_subnet_ids" + default = false +} + +variable "new_subnet_count" { + description = "The nubner of subnets to create" + default = "0" +} + +variable existing_subnet_ids { + description = "If create_new_subnets is false, provide the list of ids of existing subnets to use" + default = [ "" ] +} + +variable "availability_domain_index_list" { + description = "Specifies the availability domain indexes for the subnets" + default = ["1", "2", "3"] +} + +variable "subnet_name_prefix" { + description = "The prefix for the subnet names" + default = "cephSub" +} + +variable "subnet_cidr_blocks" { + description = "The CIDR for the new subnets(if created)" + default = [ "10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24" ] +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-ceph-installer%outputs.tf b/example/real_world_stuff/oracle/oracle%terraform-ceph-installer%outputs.tf new file mode 100644 index 0000000..decf5bd --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-ceph-installer%outputs.tf @@ -0,0 +1,48 @@ + +output "vcn_id" { + value = "${module.ceph_network.vcn_id}" +} + +output "subnet_id_list" { + value = "${module.ceph_network.subnet_id_list}" +} + +output "ceph_deployer_ip" { + value = "${module.ceph_deployer.ip}" +} + +output "ceph_deployer_hostname" { + value = "${module.ceph_deployer.hostname}" +} + +output "ceph_monitor_ip_list" { + value = "${module.ceph_monitors.ip_list}" +} + +output "ceph_monitor_hostname_list" { + value = "${module.ceph_monitors.hostname_list}" +} + +output "ceph_osd_ip_list" { + value = "${module.ceph_osds.ip_list}" +} + +output "ceph_osd_hostname_list" { + value = "${module.ceph_osds.hostname_list}" +} + +output "ceph_mds_ip_list" { + value = "${module.ceph_mds.ip_list}" +} + +output "ceph_mds_hostname_list" { + value = "${module.ceph_mds.hostname_list}" +} + +output "ceph_client_ip" { + value = "${module.ceph_client.ip}" +} + +output "ceph_client_hostname" { + value = "${module.ceph_client.hostname}" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-ceph-installer%provider.tf b/example/real_world_stuff/oracle/oracle%terraform-ceph-installer%provider.tf new file mode 100644 index 0000000..b5b0ef6 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-ceph-installer%provider.tf @@ -0,0 +1,10 @@ + +provider "oci" { + tenancy_ocid = "${var.tenancy_ocid}" + user_ocid = "${var.user_ocid}" + fingerprint = "${var.fingerprint}" + private_key_path = "${var.private_key_path}" + private_key_password = "${var.private_key_password}" + region = "${var.region}" + disable_auto_retries = "true" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%oci%connect_vcns_using_multiple_vnics%bridge.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%oci%connect_vcns_using_multiple_vnics%bridge.tf new file mode 100644 index 0000000..dfbb52a --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%oci%connect_vcns_using_multiple_vnics%bridge.tf @@ -0,0 +1,93 @@ +// Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. +resource "oci_core_instance_configuration" "bridge_instance_configuration" { + compartment_id = "${var.compartment_ocid}" + display_name = "BridgeInstance" + + instance_details { + instance_type = "compute" + + launch_details { + source_details { + source_type = "image" + image_id = "${var.InstanceImageOCID[var.region]}" + } + + create_vnic_details { + skip_source_dest_check = true + } + + compartment_id = "${var.compartment_ocid}" + display_name = "BridgeInstance" + shape = "${var.InstanceShape}" + + metadata = { + ssh_authorized_keys = "${file(var.ssh_public_key_path)}" + user_data = "${base64encode(file("user_data.tpl"))}" + } + } + + secondary_vnics { + display_name = "SecondaryVNIC" + + create_vnic_details { + skip_source_dest_check = true + assign_public_ip = false + } + } + } + + timeouts { + create = "10m" + } +} + +resource "oci_core_instance_pool" "bridge_instance_pool" { + display_name = "BridgeInstancePool" + compartment_id = "${var.compartment_ocid}" + instance_configuration_id = "${oci_core_instance_configuration.bridge_instance_configuration.id}" + + placement_configurations { + availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[var.AD - 1], "name")}" + primary_subnet_id = "${oci_core_subnet.MgmtSubnet.id}" + + secondary_vnic_subnets { + subnet_id = "${oci_core_subnet.MgmtSubnet2.id}" + display_name = "SecondaryVNIC" + } + } + + size = "1" +} + +resource "oci_core_private_ip" "BridgeInstancePrivateIP" { + depends_on = ["oci_core_instance_pool.bridge_instance_pool"] + vnic_id = "${data.oci_core_vnic.BridgeInstanceVnic1.id}" + display_name = "BridgeInstancePrivateIP" +} + +# Configurations for setting up the secondary VNIC +resource "null_resource" "configure-secondary-vnic" { + depends_on = ["oci_core_instance_pool.bridge_instance_pool"] + + connection { + type = "ssh" + user = "opc" + private_key = "${file(var.ssh_private_key_path)}" + host = "${data.oci_core_instance.bridge_instance.public_ip}" + timeout = "30m" + } + + provisioner "file" { + source = "scripts/secondary_vnic_all_configure.sh" + destination = "/tmp/secondary_vnic_all_configure.sh" + } + + provisioner "remote-exec" { + inline = [ + "sudo chmod 777 /tmp/secondary_vnic_all_configure.sh", + "sudo /tmp/secondary_vnic_all_configure.sh -c ${lookup(data.oci_core_private_ips.BridgeInstancePrivateIP2.private_ips[0], "id")}", + "sudo ip route add ${var.vcn_cidr2} dev ens4 via ${oci_core_subnet.MgmtSubnet2.virtual_router_ip}", + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%oci%connect_vcns_using_multiple_vnics%datasources.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%oci%connect_vcns_using_multiple_vnics%datasources.tf new file mode 100644 index 0000000..403dd1a --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%oci%connect_vcns_using_multiple_vnics%datasources.tf @@ -0,0 +1,62 @@ +// Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. +data "oci_identity_availability_domains" "ADs" { + compartment_id = "${var.tenancy_ocid}" +} + +###### BRIDGE INSTANCE ######### +# Get Bridge instance object from instance pool +data "oci_core_instance" "bridge_instance" { + instance_id = "${lookup(data.oci_core_instance_pool_instances.bridge_instance_pool_instances.instances[0], "id")}" +} + +data "oci_core_instance_pool_instances" "bridge_instance_pool_instances" { + depends_on = ["oci_core_instance_pool.bridge_instance_pool"] + compartment_id = "${var.compartment_ocid}" + instance_pool_id = "${oci_core_instance_pool.bridge_instance_pool.id}" +} + +# Gets a list of private IPs on the second VNIC + +data "oci_core_private_ips" "BridgeInstancePrivateIP2" { + depends_on = ["oci_core_instance_pool.bridge_instance_pool"] + vnic_id = "${data.oci_core_vnic.BridgeInstanceVnic2.id}" +} + +# Get the OCID of the primary VNIC +data "oci_core_vnic" "BridgeInstanceVnic1" { + depends_on = ["oci_core_instance_pool.bridge_instance_pool"] + vnic_id = "${lookup(data.oci_core_vnic_attachments.BridgeInstanceVnicAttachmentPrimary.vnic_attachments[0], "vnic_id")}" +} + +# Get the OCID of the secondary VNIC +data "oci_core_vnic" "BridgeInstanceVnic2" { + depends_on = ["oci_core_instance_pool.bridge_instance_pool"] + vnic_id = "${lookup(data.oci_core_vnic_attachments.BridgeInstanceVnicAttachmentSecondary.vnic_attachments[0], "vnic_id")}" +} + +data "oci_core_vnic_attachments" "BridgeInstanceVnicAttachmentPrimary" { + depends_on = ["oci_core_instance_pool.bridge_instance_pool"] + compartment_id = "${var.compartment_ocid}" + availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[var.AD - 1], "name")}" + instance_id = "${data.oci_core_instance.bridge_instance.id}" + + filter { + name = "subnet_id" + + values = [ + "${oci_core_subnet.MgmtSubnet.id}", + ] + } +} + +data "oci_core_vnic_attachments" "BridgeInstanceVnicAttachmentSecondary" { + compartment_id = "${var.compartment_ocid}" + availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[var.AD - 1], "name")}" + instance_id = "${data.oci_core_instance.bridge_instance.id}" + + filter { + name = "subnet_id" + values = ["${oci_core_subnet.MgmtSubnet2.id}"] + } +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%oci%connect_vcns_using_multiple_vnics%output.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%oci%connect_vcns_using_multiple_vnics%output.tf new file mode 100644 index 0000000..125a3f1 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%oci%connect_vcns_using_multiple_vnics%output.tf @@ -0,0 +1,30 @@ +// Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. +# Outputing required info for users +output "Bridge_Instance_Public_IP" { + value = "${data.oci_core_instance.bridge_instance.public_ip}" +} + +output "PrivateInstance1_Private_IP" { + value = "${oci_core_instance.PrivateInstance.private_ip}" +} + +output "PrivateInstance2_Private_IP" { + value = "${oci_core_instance.PrivateInstance2.private_ip}" +} + +output "SSH_login_to_the_Bridge_Instance" { + value = "ssh -A opc@${data.oci_core_instance.bridge_instance.public_ip}" +} + +output "SSH_login_to_the_Private_Instance-1_after_logging_into_Bridge_Instance_as_shown_above" { + value = "ssh -A opc@${oci_core_instance.PrivateInstance.private_ip}" +} + +output "SSH_login_to_the_Private_Instance-2_after_logging_into_Bridge_Instance_as_shown_above" { + value = "ssh -A opc@${oci_core_instance.PrivateInstance2.private_ip}" +} + +output "Ping_from_PrivateInstance-1_to_PrivateInstance-2" { + value = "ping ${oci_core_instance.PrivateInstance2.private_ip} " +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%oci%connect_vcns_using_multiple_vnics%provider.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%oci%connect_vcns_using_multiple_vnics%provider.tf new file mode 100644 index 0000000..ea3b911 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%oci%connect_vcns_using_multiple_vnics%provider.tf @@ -0,0 +1,11 @@ +// Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. +provider "oci" { + version = ">= 3.14" + tenancy_ocid = "${var.tenancy_ocid}" + user_ocid = "${var.user_ocid}" + fingerprint = "${var.fingerprint}" + private_key_path = "${var.private_key_path}" + private_key_password = "${var.private_key_password}" + region = "${var.region}" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%oci%connect_vcns_using_multiple_vnics%variables.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%oci%connect_vcns_using_multiple_vnics%variables.tf new file mode 100644 index 0000000..6c9846b --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%oci%connect_vcns_using_multiple_vnics%variables.tf @@ -0,0 +1,65 @@ +// Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. +variable "tenancy_ocid" {} + +variable "user_ocid" {} +variable "fingerprint" {} +variable "private_key_path" {} +variable "private_key_password" {} +variable "compartment_ocid" {} +variable "region" {} +variable "ssh_public_key_path" {} + +variable "ssh_private_key_path" {} + +# Choose an Availability Domain +variable "AD" { + default = "1" +} + +variable "InstanceShape" { + default = "VM.Standard2.1" +} + +variable "InstanceShape2" { + default = "VM.Standard2.1" +} + +variable "InstanceImageOCID" { + type = "map" + + default = { + // See https://docs.us-phoenix-1.oraclecloud.com/images/ + // Oracle-provided image "Oracle-Linux-7.4-2018.02.21-1" + us-phoenix-1 = "ocid1.image.oc1.phx.aaaaaaaaupbfz5f5hdvejulmalhyb6goieolullgkpumorbvxlwkaowglslq" + + us-ashburn-1 = "ocid1.image.oc1.iad.aaaaaaaajlw3xfie2t5t52uegyhiq2npx7bqyu4uvi2zyu3w3mqayc2bxmaa" + eu-frankfurt-1 = "ocid1.image.oc1.eu-frankfurt-1.aaaaaaaa7d3fsb6272srnftyi4dphdgfjf6gurxqhmv6ileds7ba3m2gltxq" + uk-london-1 = "ocid1.image.oc1.uk-london-1.aaaaaaaaa6h6gj6v4n56mqrbgnosskq63blyv2752g36zerymy63cfkojiiq" + } +} + +# The First VCN +variable "vcn_cidr" { + default = "10.0.0.0/16" +} + +variable "mgmt_subnet_cidr" { + default = "10.0.0.0/24" +} + +variable "private_subnet_cidr" { + default = "10.0.1.0/24" +} + +variable "vcn_cidr2" { + default = "10.1.0.0/16" +} + +variable "mgmt_subnet_cidr2" { + default = "10.1.0.0/24" +} + +variable "private_subnet_cidr2" { + default = "10.1.1.0/24" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%oci%connect_vcns_using_multiple_vnics%vcn1.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%oci%connect_vcns_using_multiple_vnics%vcn1.tf new file mode 100644 index 0000000..f958218 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%oci%connect_vcns_using_multiple_vnics%vcn1.tf @@ -0,0 +1,142 @@ +// Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. +resource "oci_core_virtual_network" "CoreVCN" { + cidr_block = "${var.vcn_cidr}" + compartment_id = "${var.compartment_ocid}" + display_name = "VCN-1" +} + +# First VCN configuration +resource "oci_core_internet_gateway" "MgmtIG" { + compartment_id = "${var.compartment_ocid}" + display_name = "MgmtIG" + vcn_id = "${oci_core_virtual_network.CoreVCN.id}" +} + +resource "oci_core_route_table" "MgmtRouteTable" { + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_virtual_network.CoreVCN.id}" + display_name = "MgmtRouteTable" + + route_rules { + cidr_block = "0.0.0.0/0" + network_entity_id = "${oci_core_internet_gateway.MgmtIG.id}" + } +} + +resource "oci_core_security_list" "MgmtSecurityList" { + compartment_id = "${var.compartment_ocid}" + display_name = "MgmtSecurityList" + vcn_id = "${oci_core_virtual_network.CoreVCN.id}" + + egress_security_rules { + protocol = "all" + destination = "0.0.0.0/0" + } + + ingress_security_rules { + protocol = "all" + source = "${var.vcn_cidr}" + } + + ingress_security_rules { + protocol = "all" + source = "${var.vcn_cidr2}" + } + + ingress_security_rules { + protocol = "6" + source = "0.0.0.0/0" + + tcp_options { + min = 22 + max = 22 + } + } + ingress_security_rules { + protocol = "1" + source = "0.0.0.0/0" + + icmp_options { + type = 3 + code = 4 + } + } +} + +resource "oci_core_subnet" "MgmtSubnet" { + availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[var.AD - 1], "name")}" + cidr_block = "${var.mgmt_subnet_cidr}" + display_name = "MgmtSubnet" + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_virtual_network.CoreVCN.id}" + route_table_id = "${oci_core_route_table.MgmtRouteTable.id}" + security_list_ids = ["${oci_core_security_list.MgmtSecurityList.id}"] + dhcp_options_id = "${oci_core_virtual_network.CoreVCN.default_dhcp_options_id}" +} + +# Frist VCN Private instance details +resource "oci_core_security_list" "PrivateSecurityList" { + compartment_id = "${var.compartment_ocid}" + display_name = "PrivateSecurityList" + vcn_id = "${oci_core_virtual_network.CoreVCN.id}" + + egress_security_rules { + protocol = "all" + destination = "0.0.0.0/0" + } + + ingress_security_rules { + protocol = "all" + source = "${var.vcn_cidr}" + } + + ingress_security_rules { + protocol = "all" + source = "${var.vcn_cidr2}" + } +} + +resource "oci_core_route_table" "PrivateRouteTable" { + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_virtual_network.CoreVCN.id}" + display_name = "PrivateRouteTable" + + route_rules { + cidr_block = "0.0.0.0/0" + network_entity_id = "${oci_core_private_ip.BridgeInstancePrivateIP.id}" + } +} + +resource "oci_core_subnet" "PrivateSubnet" { + availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[var.AD - 1], "name")}" + cidr_block = "${var.private_subnet_cidr}" + display_name = "PrivateSubnet" + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_virtual_network.CoreVCN.id}" + route_table_id = "${oci_core_route_table.PrivateRouteTable.id}" + security_list_ids = ["${oci_core_security_list.PrivateSecurityList.id}"] + dhcp_options_id = "${oci_core_virtual_network.CoreVCN.default_dhcp_options_id}" + prohibit_public_ip_on_vnic = "true" +} + +resource "oci_core_instance" "PrivateInstance" { + availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[var.AD - 1], "name")}" + compartment_id = "${var.compartment_ocid}" + display_name = "PrivateInstance" + image = "${var.InstanceImageOCID[var.region]}" + shape = "${var.InstanceShape}" + + create_vnic_details { + subnet_id = "${oci_core_subnet.PrivateSubnet.id}" + assign_public_ip = false + } + + metadata = { + ssh_authorized_keys = "${file(var.ssh_public_key_path)}" + } + + timeouts { + create = "10m" + } +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%oci%connect_vcns_using_multiple_vnics%vcn2.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%oci%connect_vcns_using_multiple_vnics%vcn2.tf new file mode 100644 index 0000000..104551b --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%oci%connect_vcns_using_multiple_vnics%vcn2.tf @@ -0,0 +1,118 @@ +// Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +# Second VCN +resource "oci_core_virtual_network" "CoreVCN2" { + cidr_block = "${var.vcn_cidr2}" + compartment_id = "${var.compartment_ocid}" + display_name = "VCN-2" +} + +resource "oci_core_security_list" "MgmtSecurityList2" { + compartment_id = "${var.compartment_ocid}" + display_name = "MgmtSecurityList2" + vcn_id = "${oci_core_virtual_network.CoreVCN2.id}" + + egress_security_rules { + protocol = "all" + destination = "0.0.0.0/0" + } + + ingress_security_rules { + protocol = "all" + source = "${var.vcn_cidr2}" + } + ingress_security_rules { + protocol = "6" + source = "0.0.0.0/0" + + tcp_options { + min = 22 + max = 22 + } + } + ingress_security_rules { + protocol = "1" + source = "0.0.0.0/0" + + icmp_options { + type = 3 + code = 4 + } + } +} + +resource "oci_core_subnet" "MgmtSubnet2" { + availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[var.AD - 1], "name")}" + cidr_block = "${var.mgmt_subnet_cidr2}" + display_name = "MgmtSubnet2" + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_virtual_network.CoreVCN2.id}" + security_list_ids = ["${oci_core_security_list.MgmtSecurityList2.id}"] + dhcp_options_id = "${oci_core_virtual_network.CoreVCN2.default_dhcp_options_id}" +} + +# Second VCN private instance details +resource "oci_core_security_list" "PrivateSecurityList2" { + compartment_id = "${var.compartment_ocid}" + display_name = "PrivateSecurityList2" + vcn_id = "${oci_core_virtual_network.CoreVCN2.id}" + + egress_security_rules { + protocol = "all" + destination = "0.0.0.0/0" + } + + ingress_security_rules { + protocol = "all" + source = "${var.vcn_cidr}" + } + ingress_security_rules { + protocol = "all" + source = "${var.vcn_cidr2}" + } +} + +resource "oci_core_route_table" "PrivateRouteTable2" { + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_virtual_network.CoreVCN2.id}" + display_name = "PrivateRouteTable2" + + route_rules { + cidr_block = "0.0.0.0/0" + network_entity_id = "${lookup(data.oci_core_private_ips.BridgeInstancePrivateIP2.private_ips[0], "id")}" + } +} + +resource "oci_core_subnet" "PrivateSubnet2" { + availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[var.AD - 1], "name")}" + cidr_block = "${var.private_subnet_cidr2}" + display_name = "PrivateSubnet2" + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_virtual_network.CoreVCN2.id}" + route_table_id = "${oci_core_route_table.PrivateRouteTable2.id}" + security_list_ids = ["${oci_core_security_list.PrivateSecurityList2.id}"] + dhcp_options_id = "${oci_core_virtual_network.CoreVCN2.default_dhcp_options_id}" + prohibit_public_ip_on_vnic = "true" +} + +resource "oci_core_instance" "PrivateInstance2" { + availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[var.AD - 1], "name")}" + compartment_id = "${var.compartment_ocid}" + display_name = "PrivateInstance2" + image = "${var.InstanceImageOCID[var.region]}" + shape = "${var.InstanceShape2}" + + create_vnic_details { + subnet_id = "${oci_core_subnet.PrivateSubnet2.id}" + assign_public_ip = false + } + + metadata = { + ssh_authorized_keys = "${file(var.ssh_public_key_path)}" + } + + timeouts { + create = "10m" + } +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%bastion-host-provisioning%main.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%bastion-host-provisioning%main.tf new file mode 100644 index 0000000..79fedab --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%bastion-host-provisioning%main.tf @@ -0,0 +1,70 @@ +// Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +variable "user" {} +variable "password" {} +variable "domain" {} +variable "endpoint" {} + +provider "opc" { + user = "${var.user}" + password = "${var.password}" + identity_domain = "${var.domain}" + endpoint = "${var.endpoint}" +} + +resource "opc_compute_ssh_key" "bastion" { + name = "bastion_ssh" + key = "${file("./bastion_id_rsa.pub")}" + enabled = true +} + +resource "opc_compute_ssh_key" "instance" { + name = "instance_ssh" + key = "${file("./instance_id_rsa.pub")}" + enabled = true +} + +module "bastion-host" { + source = "./modules/bastion" + ssh_public_key = "${opc_compute_ssh_key.bastion.name}" + ssh_private_key = "${file("./bastion_id_rsa")}" + private_ip_network = "${opc_compute_ip_network.private-ip-network.name}" +} + +resource "opc_compute_ip_network" "private-ip-network" { + name = "private-ip-network" + ip_address_prefix = "192.168.1.0/24" + public_napt_enabled = true +} + +resource "opc_compute_instance" "private-instance" { + name = "private1" + hostname = "private1" + shape = "oc3" + image_list = "/oracle/public/OL_7.2_UEKR4_x86_64" + ssh_keys = ["${opc_compute_ssh_key.instance.name}"] + + networking_info { + index = 0 + shared_network = "false" + ip_network = "${opc_compute_ip_network.private-ip-network.name}" + } + + connection { + type = "ssh" + host = "${self.ip_address}" + user = "opc" + private_key = "${file("./instance_id_rsa")}" + + bastion_host = "${module.bastion-host.bastion_public_ip}" + bastion_user = "${module.bastion-host.bastion_user}" + bastion_private_key = "${module.bastion-host.bastion_private_key}" + } + + provisioner "remote-exec" { + inline = [ + "echo 'This instance was provisioned by Terraform.' | sudo tee /etc/motd", + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%bastion-host-provisioning%modules%bastion%bastion.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%bastion-host-provisioning%modules%bastion%bastion.tf new file mode 100644 index 0000000..79e0448 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%bastion-host-provisioning%modules%bastion%bastion.tf @@ -0,0 +1,45 @@ +// Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +resource "opc_compute_security_list" "bastion" { + name = "bastion" + policy = "DENY" + outbound_cidr_policy = "PERMIT" +} + +resource "opc_compute_sec_rule" "allow-bastion-ssh" { + action = "permit" + name = "allow-bastion-ssh" + source_list = "seciplist:/oracle/public/public-internet" + destination_list = "seclist:${opc_compute_security_list.bastion.name}" + application = "/oracle/public/ssh" +} + +resource "opc_compute_ip_reservation" "bastion" { + name = "bastion" + parent_pool = "/oracle/public/ippool" + permanent = true +} + +resource "opc_compute_instance" "bastion" { + name = "${var.hostname}" + hostname = "${var.hostname}" + label = "${var.hostname}" + shape = "oc3" + image_list = "${var.image}" + ssh_keys = ["${var.ssh_public_key}"] + tags = ["bastion"] + + networking_info { + index = 0 + shared_network = "true" + nat = ["${opc_compute_ip_reservation.bastion.name}"] + sec_lists = ["${opc_compute_security_list.bastion.name}"] + } + + networking_info { + index = 1 + shared_network = "false" + ip_network = "${var.private_ip_network}" + } +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%bastion-host-provisioning%modules%bastion%outputs.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%bastion-host-provisioning%modules%bastion%outputs.tf new file mode 100644 index 0000000..d7495b8 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%bastion-host-provisioning%modules%bastion%outputs.tf @@ -0,0 +1,22 @@ +// Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +output "bastion_public_ip" { + description = "Bastion host Public IP address" + value = "${opc_compute_ip_reservation.bastion.ip}" +} + +output "bastion_public_key" { + description = "Bastion ssh key resource" + value = "${var.ssh_public_key}" +} + +output "bastion_private_key" { + description = "Bastion private ssh key" + value = "${var.ssh_private_key}" +} + +output "bastion_user" { + description = "Bastion user" + value = "${var.ssh_user}" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%bastion-host-provisioning%modules%bastion%variables.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%bastion-host-provisioning%modules%bastion%variables.tf new file mode 100644 index 0000000..94d63c7 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%bastion-host-provisioning%modules%bastion%variables.tf @@ -0,0 +1,29 @@ +// Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +variable "ssh_public_key" { + description = "(Required) Name of existing SSH Key resource" +} + +variable "ssh_private_key" { + description = "(Required) SSH private key." +} + +variable "ssh_user" { + description = "(Optional) SSH user to connect to bastion host. Default is `opc`" + default = "opc" +} + +variable "hostname" { + description = "(Optional) name of the host. Default is `bastion`" + default = "bastion" +} + +variable "image" { + description = "(Optional) Machine image. Default is Oracle Linux 7.2 R4" + default = "/oracle/public/OL_7.2_UEKR4_x86_64" +} + +variable "private_ip_network" { + description = "(Required) Name of the IP Network for private interface" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-from-colocated-snapshot%main.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-from-colocated-snapshot%main.tf new file mode 100644 index 0000000..b5eea19 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-from-colocated-snapshot%main.tf @@ -0,0 +1,34 @@ +// Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +provider "opc" { + user = "${var.user}" + password = "${var.password}" + identity_domain = "${var.domain}" + endpoint = "${var.endpoint}" +} + +data "opc_compute_storage_volume_snapshot" "snapshot1" { + name = "my-bootable-storage-volume/my-colocated-snapshot" +} + +resource "opc_compute_storage_volume" "volume1" { + name = "volume-from-storage-snapshot" + snapshot = "/Compute-${var.domain}/${var.user}/${data.opc_compute_storage_volume_snapshot.snapshot1.name}" + size = "${data.opc_compute_storage_volume_snapshot.snapshot1.size}" + storage_type = "/oracle/public/storage/default" + bootable = "${data.opc_compute_storage_volume_snapshot.snapshot1.parent_volume_bootable}" +} + +resource "opc_compute_instance" "instance1" { + name = "instance1" + label = "instance1" + shape = "oc3" + + storage { + index = 1 + volume = "${opc_compute_storage_volume.volume1.name}" + } + + boot_order = [1] +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-from-colocated-snapshot%variables.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-from-colocated-snapshot%variables.tf new file mode 100644 index 0000000..713a763 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-from-colocated-snapshot%variables.tf @@ -0,0 +1,7 @@ +// Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +variable user {} +variable password {} +variable domain {} +variable endpoint {} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-from-storage-snapshot%main.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-from-storage-snapshot%main.tf new file mode 100644 index 0000000..d19981b --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-from-storage-snapshot%main.tf @@ -0,0 +1,33 @@ +// Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +provider "opc" { + user = "${var.user}" + password = "${var.password}" + identity_domain = "${var.domain}" + endpoint = "${var.endpoint}" +} + +data "opc_compute_storage_volume_snapshot" "snapshot1" { + name = "my-bootable-storage-volume/my-storage-volume-snapshot" +} + +resource "opc_compute_storage_volume" "volume1" { + name = "volume-from-storage-snapshot" + snapshot_id = "${data.opc_compute_storage_volume_snapshot.snapshot1.snapshot_id}" + size = "${data.opc_compute_storage_volume_snapshot.snapshot1.size}" + bootable = true +} + +resource "opc_compute_instance" "instance1" { + name = "instance1" + label = "instance1" + shape = "oc3" + + storage { + index = 1 + volume = "${opc_compute_storage_volume.volume1.name}" + } + + boot_order = [1] +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-from-storage-snapshot%variables.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-from-storage-snapshot%variables.tf new file mode 100644 index 0000000..713a763 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-from-storage-snapshot%variables.tf @@ -0,0 +1,7 @@ +// Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +variable user {} +variable password {} +variable domain {} +variable endpoint {} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-with-persistent-boot-volume%main.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-with-persistent-boot-volume%main.tf new file mode 100644 index 0000000..5625283 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-with-persistent-boot-volume%main.tf @@ -0,0 +1,42 @@ +// Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +provider "opc" { + user = "${var.user}" + password = "${var.password}" + identity_domain = "${var.domain}" + endpoint = "${var.endpoint}" +} + +resource "opc_compute_storage_volume" "volume1" { + size = "12" + description = "Example bootable storage volume" + name = "boot-from-storage-example" + bootable = true + image_list = "/oracle/public/OL_6.8_UEKR3_x86_64" + image_list_entry = 3 +} + +resource "opc_compute_storage_volume" "volume2" { + size = "4" + description = "Example persistent storage volume" + name = "persistent-storage-example" +} + +resource "opc_compute_instance" "instance1" { + name = "boot-from-storage-instance1" + label = "Example instance with bootable storage" + shape = "oc3" + + storage { + index = 1 + volume = "${opc_compute_storage_volume.volume1.name}" + } + + storage { + index = 2 + volume = "${opc_compute_storage_volume.volume2.name}" + } + + boot_order = [1] +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-with-persistent-boot-volume%variables.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-with-persistent-boot-volume%variables.tf new file mode 100644 index 0000000..5bd9d05 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-with-persistent-boot-volume%variables.tf @@ -0,0 +1,7 @@ +// Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +variable user {} +variable password {} +variable domain {} +variable endpoint {} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-with-public-ip-on-ip-network-interface%main.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-with-public-ip-on-ip-network-interface%main.tf new file mode 100644 index 0000000..d40aca5 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-with-public-ip-on-ip-network-interface%main.tf @@ -0,0 +1,82 @@ +// Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +provider "opc" { + user = "${var.user}" + password = "${var.password}" + identity_domain = "${var.domain}" + endpoint = "${var.endpoint}" +} + +resource "opc_compute_ssh_key" "my-ssh-key" { + name = "my-ssh-key" + key = "${file(var.public_ssh_key)}" + enabled = true +} + +resource "opc_compute_ip_address_reservation" "my-ip-address" { + name = "my-ip-address" + ip_address_pool = "public-ippool" +} + +resource "opc_compute_ip_network" "my-ip-network" { + name = "my-ip-network" + ip_address_prefix = "192.168.1.0/24" +} + +resource "opc_compute_acl" "my-acl" { + name = "my-acl" +} + +resource "opc_compute_security_rule" "ssh" { + name = "Allow-ssh-ingress" + flow_direction = "ingress" + acl = "${opc_compute_acl.my-acl.name}" + security_protocols = ["${opc_compute_security_protocol.ssh.name}"] +} + +resource "opc_compute_security_rule" "egress" { + name = "Allow-all-egress" + flow_direction = "egress" + acl = "${opc_compute_acl.my-acl.name}" + security_protocols = ["${opc_compute_security_protocol.all.name}"] +} + +resource "opc_compute_security_protocol" "all" { + name = "all" + ip_protocol = "all" +} + +resource "opc_compute_security_protocol" "ssh" { + name = "ssh" + dst_ports = ["22"] + ip_protocol = "tcp" +} + +resource "opc_compute_vnic_set" "my-vnic-set" { + name = "my-vnic-set" + applied_acls = ["${opc_compute_acl.my-acl.name}"] +} + +resource "opc_compute_instance" "my-instance" { + name = "my-instance" + hostname = "my-instance" + label = "my-instance" + shape = "oc3" + image_list = "/oracle/public/OL_7.2_UEKR4_x86_64" + + networking_info { + index = 0 + ip_network = "${opc_compute_ip_network.my-ip-network.name}" + ip_address = "192.168.1.100" + is_default_gateway = true + vnic_sets = ["${opc_compute_vnic_set.my-vnic-set.name}"] + nat = ["${opc_compute_ip_address_reservation.my-ip-address.name}"] + } + + ssh_keys = ["${opc_compute_ssh_key.my-ssh-key.name}"] +} + +output "public_ip_address" { + value = "${opc_compute_ip_address_reservation.my-ip-address.ip_address}" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-with-public-ip-on-ip-network-interface%variables.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-with-public-ip-on-ip-network-interface%variables.tf new file mode 100644 index 0000000..7d9bf39 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-with-public-ip-on-ip-network-interface%variables.tf @@ -0,0 +1,11 @@ +// Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +variable "user" {} +variable "password" {} +variable "domain" {} +variable "endpoint" {} + +variable "public_ssh_key" { + default = "~/.ssh/id_rsa.pub" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-with-ssh%main.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-with-ssh%main.tf new file mode 100644 index 0000000..a5a3d98 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-with-ssh%main.tf @@ -0,0 +1,50 @@ +// Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +provider "opc" { + user = "${var.user}" + password = "${var.password}" + identity_domain = "${var.domain}" + endpoint = "${var.endpoint}" +} + +resource "opc_compute_instance" "instance1" { + name = "example-instance1" + label = "My Oracle Linux 7.2 UEK3 Server" + shape = "oc3" + image_list = "/oracle/public/OL_7.2_UEKR3_x86_64" + ssh_keys = ["${opc_compute_ssh_key.sshkey1.name}"] + + networking_info { + index = 0 + shared_network = true + nat = ["${opc_compute_ip_reservation.ipreservation1.name}"] + sec_lists = ["${opc_compute_security_list.seclist1.name}"] + } +} + +resource "opc_compute_ssh_key" "sshkey1" { + name = "example-sshkey1" + key = "${file(var.ssh_public_key_file)}" + enabled = true +} + +resource "opc_compute_ip_reservation" "ipreservation1" { + parent_pool = "/oracle/public/ippool" + permanent = true +} + +resource "opc_compute_security_list" "seclist1" { + name = "example-seclist1" + policy = "DENY" + outbound_cidr_policy = "PERMIT" +} + +resource "opc_compute_sec_rule" "allow-ssh" { + name = "Allow-ssh-access" + source_list = "seciplist:/oracle/public/public-internet" + destination_list = "seclist:${opc_compute_security_list.seclist1.name}" + action = "permit" + application = "/oracle/public/ssh" + disabled = false +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-with-ssh%variables.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-with-ssh%variables.tf new file mode 100644 index 0000000..a0134af --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%instance-with-ssh%variables.tf @@ -0,0 +1,12 @@ +// Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +variable user {} +variable password {} +variable domain {} +variable endpoint {} + +variable ssh_public_key_file { + description = "ssh public key" + default = "./id_rsa.pub" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%ipnetworks%main.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%ipnetworks%main.tf new file mode 100644 index 0000000..79adf9c --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%ipnetworks%main.tf @@ -0,0 +1,168 @@ +// Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +provider "opc" { + user = "${var.user}" + password = "${var.password}" + identity_domain = "${var.domain}" + endpoint = "${var.endpoint}" +} + +resource "opc_compute_ssh_key" "ssh_key" { + name = "ip-network-example-key" + key = "${file(var.ssh_public_key)}" + enabled = true +} + +resource "opc_compute_ip_network" "ip-network-1" { + name = "IPNetwork_1" + description = "Example IP Network 1" + ip_address_prefix = "192.168.2.0/24" + ip_network_exchange = "${opc_compute_ip_network_exchange.test-ip-network-exchange.name}" +} + +resource "opc_compute_ip_network" "ip-network-2" { + name = "IPNetwork_2" + description = "Example IP Network 2" + ip_address_prefix = "192.168.3.0/24" + ip_network_exchange = "${opc_compute_ip_network_exchange.test-ip-network-exchange.name}" +} + +resource "opc_compute_ip_network" "ip-network-3" { + name = "IPNetwork_3" + description = "Example IP Network 3" + ip_address_prefix = "192.168.2.0/24" +} + +resource "opc_compute_ip_network_exchange" "test-ip-network-exchange" { + name = "IPExchange" + description = "IP Network Exchange" +} + +resource "opc_compute_instance" "instance-1" { + name = "Instance_1" + hostname = "instance1" + label = "Instance_1" + shape = "oc3" + image_list = "/oracle/public/OL_7.2_UEKR3_x86_64" + + networking_info { + index = 0 + ip_network = "${opc_compute_ip_network.ip-network-1.name}" + ip_address = "192.168.2.16" + } + + ssh_keys = ["${opc_compute_ssh_key.ssh_key.name}"] +} + +resource "opc_compute_instance" "instance-2" { + name = "Instance_2" + hostname = "instance2" + label = "Instance_2" + shape = "oc3" + image_list = "/oracle/public/OL_7.2_UEKR3_x86_64" + + networking_info { + index = 0 + ip_network = "${opc_compute_ip_network.ip-network-2.name}" + ip_address = "192.168.3.11" + } + + ssh_keys = ["${opc_compute_ssh_key.ssh_key.name}"] +} + +resource "opc_compute_instance" "instance-3" { + name = "Instance_3" + hostname = "instance3" + label = "Instance_3" + shape = "oc3" + image_list = "/oracle/public/OL_7.2_UEKR3_x86_64" + + networking_info { + index = 0 + shared_network = true + nat = ["${opc_compute_ip_reservation.reservation1.name}"] + } + + networking_info { + index = 1 + ip_network = "${opc_compute_ip_network.ip-network-2.name}" + ip_address = "192.168.3.16" + } + + ssh_keys = ["${opc_compute_ssh_key.ssh_key.name}"] +} + +resource "opc_compute_instance" "instance-4" { + name = "Instance_4" + hostname = "instance4" + label = "Instance_4" + shape = "oc3" + image_list = "/oracle/public/OL_7.2_UEKR3_x86_64" + + networking_info { + index = 0 + shared_network = true + nat = ["${opc_compute_ip_reservation.reservation2.name}"] + } + + networking_info { + index = 1 + ip_network = "${opc_compute_ip_network.ip-network-3.name}" + ip_address = "192.168.2.16" + } + + ssh_keys = ["${opc_compute_ssh_key.ssh_key.name}"] +} + +resource "opc_compute_instance" "instance-5" { + name = "Instance_5" + hostname = "instance5" + label = "Instance_5" + shape = "oc3" + image_list = "/oracle/public/OL_7.2_UEKR3_x86_64" + + networking_info { + index = 1 + ip_network = "${opc_compute_ip_network.ip-network-3.name}" + ip_address = "192.168.2.18" + } + + ssh_keys = ["${opc_compute_ssh_key.ssh_key.name}"] +} + +resource "opc_compute_ip_reservation" "reservation1" { + parent_pool = "/oracle/public/ippool" + permanent = true +} + +resource "opc_compute_ip_reservation" "reservation2" { + parent_pool = "/oracle/public/ippool" + permanent = true +} + +module "instance3_install_ssh_keys" { + source = "./modules/install_ssh_keys" + trigger = "${opc_compute_instance.instance-3.id}" + public_ip = "${opc_compute_ip_reservation.reservation1.ip}" + ssh_user = "${var.ssh_user}" + ssh_private_key = "${var.ssh_private_key}" + ssh_public_key = "${var.ssh_public_key}" +} + +module "instance4_install_ssh_keys" { + source = "./modules/install_ssh_keys" + trigger = "${opc_compute_instance.instance-4.id}" + public_ip = "${opc_compute_ip_reservation.reservation2.ip}" + ssh_user = "${var.ssh_user}" + ssh_private_key = "${var.ssh_private_key}" + ssh_public_key = "${var.ssh_public_key}" +} + +output "instance_3_public_ip" { + value = "${opc_compute_ip_reservation.reservation1.ip}" +} + +output "instance_4_public_ip" { + value = "${opc_compute_ip_reservation.reservation2.ip}" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%ipnetworks%modules%install_ssh_keys%main.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%ipnetworks%modules%install_ssh_keys%main.tf new file mode 100644 index 0000000..9b8c788 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%ipnetworks%modules%install_ssh_keys%main.tf @@ -0,0 +1,34 @@ +// Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +variable "trigger" {} +variable "public_ip" {} +variable "ssh_private_key" {} +variable "ssh_public_key" {} +variable "ssh_user" {} + +// Install the private ssh key used to access the other hosts +resource "null_resource" "install_ssh_keys" { + triggers = { + compute_instance = "${var.trigger}" + } + + connection { + type = "ssh" + host = "${var.public_ip}" + private_key = "${file(var.ssh_private_key)}" + user = "${var.ssh_user}" + timeout = "5m" + } + + provisioner "file" { + source = "${var.ssh_private_key}" + destination = "./.ssh/id_rsa" + } + + provisioner "remote-exec" { + inline = [ + "chmod go-r ~/.ssh/id_rsa", + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%ipnetworks%variables.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%ipnetworks%variables.tf new file mode 100644 index 0000000..f9f22c0 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%ipnetworks%variables.tf @@ -0,0 +1,22 @@ +// Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +variable user {} +variable password {} +variable domain {} +variable endpoint {} + +variable ssh_user { + description = "User account for ssh access to the image" + default = "opc" +} + +variable ssh_private_key { + description = "File location of the ssh private key" + default = "./id_rsa" +} + +variable ssh_public_key { + description = "File location of the ssh public key" + default = "./id_rsa.pub" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%certificates%main.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%certificates%main.tf new file mode 100644 index 0000000..b5e2bb4 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%certificates%main.tf @@ -0,0 +1,55 @@ +// Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +resource "tls_private_key" "example" { + algorithm = "RSA" + rsa_bits = 4096 +} + +resource "tls_self_signed_cert" "ca" { + key_algorithm = "${tls_private_key.example.algorithm}" + private_key_pem = "${tls_private_key.example.private_key_pem}" + + validity_period_hours = "${var.validity_period_hours}" + early_renewal_hours = "${var.early_renewal_hours}" + + allowed_uses = [ + "cert_signing", + ] + + dns_names = ["${var.dns_names}"] + + subject { + common_name = "${var.common_name}" + organization = "${var.organization}" + } + + is_ca_certificate = true +} + +resource "tls_cert_request" "example" { + key_algorithm = "${tls_private_key.example.algorithm}" + private_key_pem = "${tls_private_key.example.private_key_pem}" + + subject { + common_name = "${var.common_name}" + organization = "${var.organization}" + province = "${var.province}" + country = "${var.country}" + } + + dns_names = ["${var.dns_names}"] +} + +resource "tls_locally_signed_cert" "example" { + cert_request_pem = "${tls_cert_request.example.cert_request_pem}" + ca_key_algorithm = "${tls_private_key.example.algorithm}" + ca_private_key_pem = "${tls_private_key.example.private_key_pem}" + ca_cert_pem = "${tls_self_signed_cert.ca.cert_pem}" + + validity_period_hours = "${var.validity_period_hours}" + + allowed_uses = [ + "server_auth", + ] +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%certificates%outputs.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%certificates%outputs.tf new file mode 100644 index 0000000..d0cb30e --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%certificates%outputs.tf @@ -0,0 +1,14 @@ +// Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +output "ca_cert_pem" { + value = "${tls_self_signed_cert.ca.cert_pem}" +} + +output "cert_pem" { + value = "${tls_locally_signed_cert.example.cert_pem}" +} + +output "private_key_pem" { + value = "${tls_private_key.example.private_key_pem}" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%certificates%variables.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%certificates%variables.tf new file mode 100644 index 0000000..f269ee8 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%certificates%variables.tf @@ -0,0 +1,19 @@ +// Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +variable "dns_names" { + type = "list" +} + +variable "organization" {} +variable "common_name" {} +variable "province" {} +variable "country" {} + +variable "validity_period_hours" { + default = "8760" // 365 days +} + +variable "early_renewal_hours" { + default = "720" // 30 days +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%load_balancer%main.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%load_balancer%main.tf new file mode 100644 index 0000000..e2a7ee2 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%load_balancer%main.tf @@ -0,0 +1,76 @@ +// Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +# main load balancer instance +resource "opc_lbaas_load_balancer" "lb1" { + name = "${var.name}" + region = "${var.region}" + description = "My Example Load Balancer" + + scheme = "INTERNET_FACING" + ip_network = "${var.ip_network}" + permitted_methods = ["GET", "HEAD", "POST", "PUT"] +} + +# Server Pool for backend Origin Servers +resource "opc_lbaas_server_pool" "serverpool1" { + load_balancer = "${opc_lbaas_load_balancer.lb1.id}" + + name = "serverpool1" + servers = ["${var.servers}"] + vnic_set = "${var.vnic_set}" +} + +# Round Robin Load Balancing Policy +resource "opc_lbaas_policy" "load_balancing_mechanism_policy" { + load_balancer = "${opc_lbaas_load_balancer.lb1.id}" + name = "example_load_balancing_mechanism_policy" + + load_balancing_mechanism_policy { + load_balancing_mechanism = "round_robin" + } +} + +# Listener to direct HTTP traffic for ${var.dns_name} to serverpool1 +resource "opc_lbaas_listener" "listener1" { + load_balancer = "${opc_lbaas_load_balancer.lb1.id}" + name = "listener-http" + port = 80 + + balancer_protocol = "HTTP" + server_protocol = "HTTP" + server_pool = "${opc_lbaas_server_pool.serverpool1.uri}" + + virtual_hosts = ["${var.dns_name}"] + + policies = [ + "${opc_lbaas_policy.load_balancing_mechanism_policy.uri}", + ] +} + +# Server Certificate +resource "opc_lbaas_certificate" "cert1" { + name = "server-cert" + type = "SERVER" + private_key = "${var.private_key_pem}" + certificate_body = "${var.cert_pem}" + certificate_chain = "${var.ca_cert_pem}" +} + +# Listener to direct HTTPS traffic for ${var.dns_name} to serverpool1 +resource "opc_lbaas_listener" "listener2" { + load_balancer = "${opc_lbaas_load_balancer.lb1.id}" + name = "listener-https" + port = 443 + + balancer_protocol = "HTTPS" + server_protocol = "HTTP" + certificates = ["${opc_lbaas_certificate.cert1.uri}"] + server_pool = "${opc_lbaas_server_pool.serverpool1.uri}" + + virtual_hosts = ["${var.dns_name}"] + + policies = [ + "${opc_lbaas_policy.load_balancing_mechanism_policy.uri}", + ] +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%load_balancer%outputs.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%load_balancer%outputs.tf new file mode 100644 index 0000000..5be616d --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%load_balancer%outputs.tf @@ -0,0 +1,6 @@ +// Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +output "canonical_host_name" { + value = "${opc_lbaas_load_balancer.lb1.canonical_host_name}" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%load_balancer%variables.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%load_balancer%variables.tf new file mode 100644 index 0000000..088ef5a --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%load_balancer%variables.tf @@ -0,0 +1,17 @@ +// Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +variable "name" {} +variable "region" {} +variable "ip_network" {} +variable "vnic_set" {} + +variable "servers" { + type = "list" +} + +variable "dns_name" {} + +variable "cert_pem" {} +variable "ca_cert_pem" {} +variable "private_key_pem" {} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%main.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%main.tf new file mode 100644 index 0000000..de556a9 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%main.tf @@ -0,0 +1,70 @@ +// Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +terraform { + required_version = "~> 0.11.0" +} + +provider "opc" { + version = "~>1.2" + user = "${var.user}" + password = "${var.password}" + identity_domain = "${var.domain}" + endpoint = "${var.endpoint}" + lbaas_endpoint = "${var.lbaas_endpoint}" +} + +locals { + ssh_user = "opc" + private_ssh_key_file = "./id_rsa" + public_ssh_key_file = "./id_rsa.pub" + server_count = 2 +} + +module "server_network" { + source = "./network" + name = "server-pool-network" + cidr = "192.168.100.0/24" +} + +module "server_pool" { + source = "./server_pool" + name = "server" + server_count = "${local.server_count}" + ip_network = "${module.server_network.ipnetwork}" + public_ssh_key = "${file(local.public_ssh_key_file)}" +} + +module "certificates" { + source = "./certificates" + organization = "example.com" + province = "ON" + country = "Canada" + common_name = "${var.dns_name}" + dns_names = ["${var.dns_name}"] +} + +module "webapp" { + source = "./webapp" + name = "webapp" + servers = "${module.server_pool.public_ip_addresses}" + server_count = "${local.server_count}" + server_acl = "${module.server_pool.server_acl}" + ssh_user = "${local.ssh_user}" + private_ssh_key_file = "${local.private_ssh_key_file}" + public_ssh_key_file = "${local.public_ssh_key_file}" +} + +module "load_balancer" { + source = "./load_balancer" + region = "${var.region}" + name = "webapp-lb1" + servers = ["${formatlist("%s:%s", module.server_pool.private_ip_addresses, module.webapp.port)}"] + ip_network = "/Compute-${var.domain}/${var.user}/${module.server_network.ipnetwork}" + vnic_set = "/Compute-${var.domain}/${var.user}/${module.server_pool.vnicset}" + + dns_name = "${var.dns_name}" + ca_cert_pem = "${module.certificates.ca_cert_pem}" + cert_pem = "${module.certificates.cert_pem}" + private_key_pem = "${module.certificates.private_key_pem}" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%network%main.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%network%main.tf new file mode 100644 index 0000000..3b9a7bb --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%network%main.tf @@ -0,0 +1,7 @@ +// Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +resource "opc_compute_ip_network" "ipnetwork" { + name = "${var.name}" + ip_address_prefix = "${var.cidr}" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%network%output.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%network%output.tf new file mode 100644 index 0000000..558b2f6 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%network%output.tf @@ -0,0 +1,10 @@ +// Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +output "ipnetwork" { + value = "${opc_compute_ip_network.ipnetwork.name}" +} + +output "cidr" { + value = "${opc_compute_ip_network.ipnetwork.ip_address_prefix}" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%network%variables.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%network%variables.tf new file mode 100644 index 0000000..439ac1c --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%network%variables.tf @@ -0,0 +1,5 @@ +// Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +variable "name" {} +variable "cidr" {} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%outputs.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%outputs.tf new file mode 100644 index 0000000..35485d8 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%outputs.tf @@ -0,0 +1,18 @@ +// Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +output "server_ip_address" { + value = "${module.server_pool.public_ip_addresses}" +} + +output "server_hostnames" { + value = "${module.server_pool.hostnames}" +} + +output "dns_instructions" { + value = "Follow your DNS providers guidelines to create/update the CNAME record to redirect the domain `${var.dns_name}` to load balancers `canonical_host_name`" +} + +output "canonical_host_name" { + value = "${module.load_balancer.canonical_host_name}" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%security_rules%all_egress%main.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%security_rules%all_egress%main.tf new file mode 100644 index 0000000..b239100 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%security_rules%all_egress%main.tf @@ -0,0 +1,17 @@ +// Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +variable "name" {} +variable "acl" {} + +resource "opc_compute_security_rule" "egress" { + name = "${var.name}-all-egress" + flow_direction = "egress" + acl = "${var.acl}" + security_protocols = ["${opc_compute_security_protocol.all.name}"] +} + +resource "opc_compute_security_protocol" "all" { + name = "${var.name}-all" + ip_protocol = "all" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%security_rules%main.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%security_rules%main.tf new file mode 100644 index 0000000..bcf8209 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%security_rules%main.tf @@ -0,0 +1,26 @@ +// Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +variable "name_prefix" {} +variable "acl" {} +variable "protocol_name" {} +variable "ip_protocol" {} +variable "direction" {} +variable "port" {} + +resource "opc_compute_security_rule" "rule" { + name = "${var.name_prefix}-${var.protocol_name}-${var.direction}" + flow_direction = "${var.direction}" + acl = "${var.acl}" + security_protocols = ["${opc_compute_security_protocol.protocol.name}"] +} + +resource "opc_compute_security_protocol" "protocol" { + name = "${var.name_prefix}-${var.protocol_name}" + dst_ports = ["${var.port}"] + ip_protocol = "${var.ip_protocol}" +} + +output "name" { + value = "${opc_compute_security_rule.rule.name}" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%server_pool%main.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%server_pool%main.tf new file mode 100644 index 0000000..9a0c09e --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%server_pool%main.tf @@ -0,0 +1,59 @@ +// Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +resource "opc_compute_ssh_key" "sshkey" { + name = "${var.name}-ssh-key" + key = "${var.public_ssh_key}" + enabled = true +} + +resource "opc_compute_ip_address_reservation" "ipres" { + count = "${var.server_count}" + name = "${var.name}${count.index}-ip-address" + ip_address_pool = "public-ippool" +} + +resource "opc_compute_acl" "acl" { + name = "${var.name}" +} + +module "security_all_egress" { + source = "../security_rules/all_egress" + name = "${var.name}" + acl = "${opc_compute_acl.acl.name}" +} + +module "security_ssh_ingress" { + source = "../security_rules" + name_prefix = "${var.name}" + port = "22" + protocol_name = "ssh" + ip_protocol = "tcp" + direction = "ingress" + acl = "${opc_compute_acl.acl.name}" +} + +resource "opc_compute_vnic_set" "vnicset" { + name = "${var.name}" + applied_acls = ["${opc_compute_acl.acl.name}"] +} + +resource "opc_compute_instance" "server" { + count = "${var.server_count}" + name = "${var.name}${count.index}" + hostname = "${var.name}${count.index}" + shape = "${var.shape}" + image_list = "${var.image_list}" + + networking_info { + index = 0 + ip_network = "${var.ip_network}" + is_default_gateway = true + dns = ["${var.name}${count.index}"] + vnic = "${var.name}${count.index}_eth0" + vnic_sets = ["${opc_compute_vnic_set.vnicset.name}"] + nat = ["${element(opc_compute_ip_address_reservation.ipres.*.name, count.index)}"] + } + + ssh_keys = ["${opc_compute_ssh_key.sshkey.name}"] +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%server_pool%outputs.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%server_pool%outputs.tf new file mode 100644 index 0000000..a8d49fd --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%server_pool%outputs.tf @@ -0,0 +1,22 @@ +// Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +output "public_ip_addresses" { + value = "${opc_compute_ip_address_reservation.ipres.*.ip_address}" +} + +output "private_ip_addresses" { + value = "${opc_compute_instance.server.*.ip_address}" +} + +output "hostnames" { + value = "${opc_compute_instance.server.*.hostname}" +} + +output "vnicset" { + value = "${opc_compute_vnic_set.vnicset.name}" +} + +output "server_acl" { + value = "${opc_compute_acl.acl.name}" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%server_pool%variables.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%server_pool%variables.tf new file mode 100644 index 0000000..64cc0e7 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%server_pool%variables.tf @@ -0,0 +1,20 @@ +// Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +variable "public_ssh_key" {} + +variable "server_count" { + default = 1 +} + +variable "name" {} + +variable "shape" { + default = "oc3" +} + +variable "image_list" { + default = "/oracle/public/OL_7.2_UEKR4_x86_64" +} + +variable "ip_network" {} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%variables.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%variables.tf new file mode 100644 index 0000000..b2e41ad --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%variables.tf @@ -0,0 +1,13 @@ +// Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +variable "user" {} +variable "password" {} +variable "domain" {} +variable "endpoint" {} +variable "lbaas_endpoint" {} +variable "region" {} + +variable "dns_name" { + default = "mywebapp.example.com" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%webapp%main.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%webapp%main.tf new file mode 100644 index 0000000..52f3d22 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%webapp%main.tf @@ -0,0 +1,37 @@ +// Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +locals { + web_app_port = "80" +} + +module "security_web_ingress" { + source = "../security_rules" + name_prefix = "${var.name}" + port = "${local.web_app_port}" + protocol_name = "web" + ip_protocol = "tcp" + direction = "ingress" + acl = "${var.server_acl}" +} + +resource "null_resource" "install_httpd" { + count = "${var.server_count}" + + connection { + type = "ssh" + host = "${element(var.servers,count.index)}" + user = "${var.ssh_user}" + private_key = "${file(var.private_ssh_key_file)}" + timeout = "30m" + } + + provisioner "remote-exec" { + inline = [ + "sudo yum -y install httpd", + "sudo systemctl enable httpd", + "sudo systemctl start httpd", + "echo '

Hello from server${count.index}

' | sudo tee /var/www/html/index.html", + ] + } +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%webapp%outputs.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%webapp%outputs.tf new file mode 100644 index 0000000..f9de6c6 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%webapp%outputs.tf @@ -0,0 +1,6 @@ +// Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +output "port" { + value = "${local.web_app_port}" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%webapp%variables.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%webapp%variables.tf new file mode 100644 index 0000000..f95cf1c --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%loadbalancer-classic%webapp%variables.tf @@ -0,0 +1,14 @@ +// Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +variable "name" {} + +variable "servers" { + type = "list" +} + +variable "server_acl" {} +variable "server_count" {} +variable "ssh_user" {} +variable "private_ssh_key_file" {} +variable "public_ssh_key_file" {} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%marketplace-bitnami-elk%main.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%marketplace-bitnami-elk%main.tf new file mode 100644 index 0000000..68f2582 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%marketplace-bitnami-elk%main.tf @@ -0,0 +1,120 @@ +// Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +variable user {} +variable password {} +variable domain {} +variable endpoint {} + +provider "opc" { + user = "${var.user}" + password = "${var.password}" + identity_domain = "${var.domain}" + endpoint = "${var.endpoint}" +} + +variable ssh_public_key_file { + description = "ssh public key" + default = "./id_rsa.pub" +} + +variable ssh_private_key_file { + description = "ssh private key" + default = "./id_rsa" +} + +resource "opc_compute_ssh_key" "bitnami-elk" { + name = "bitnami-elk-sshkey" + key = "${file(var.ssh_public_key_file)}" + enabled = true +} + +resource "opc_compute_ip_reservation" "bitnami-elk-public-ip" { + name = "bitnami-elk-ip" + parent_pool = "/oracle/public/ippool" + permanent = true +} + +resource "opc_compute_instance" "elk" { + name = "bitnami-elk" + hostname = "bitnami-elk" + shape = "oc3" + image_list = "/Compute-${var.domain}/${var.user}/bitnami-elk-5.4.1-0-linux-oel-6.7-x86_64" + ssh_keys = ["${opc_compute_ssh_key.bitnami-elk.name}"] + + networking_info { + index = 0 + shared_network = true + nat = ["${opc_compute_ip_reservation.bitnami-elk-public-ip.name}"] + sec_lists = ["${opc_compute_security_list.elk.name}"] + } + + connection { + type = "ssh" + host = "${opc_compute_ip_reservation.bitnami-elk-public-ip.ip}" + user = "bitnami" + private_key = "${file(var.ssh_private_key_file)}" + timeout = "10m" + } + + provisioner "remote-exec" { + # change the permissions so config files can be uploaded over scp + inline = [ + "sudo chown bitnami /opt/bitnami/logstash/conf", + ] + } + + provisioner "file" { + # upload the example configuration + source = "access-log.conf" + destination = "/opt/bitnami/logstash/conf/access-log.conf" + } + + provisioner "remote-exec" { + # restart logstash and get the intial user password + inline = [ + "sudo /opt/bitnami/ctlscript.sh restart logstash", + "sudo grep -F '#' /var/log/boot.log", + ] + } +} + +resource "opc_compute_security_list" "elk" { + name = "For-ELK-access" + policy = "DENY" + outbound_cidr_policy = "PERMIT" +} + +resource "opc_compute_sec_rule" "elk-http" { + name = "Allow-ELK-http-access" + source_list = "seciplist:/oracle/public/public-internet" + destination_list = "seclist:${opc_compute_security_list.elk.name}" + action = "permit" + application = "/oracle/public/http" + disabled = false +} + +resource "opc_compute_sec_rule" "elk-ssh" { + name = "Allow-ELK-ssh-access" + source_list = "seciplist:/oracle/public/public-internet" + destination_list = "seclist:${opc_compute_security_list.elk.name}" + action = "permit" + application = "/oracle/public/ssh" + disabled = false +} + +output "ssh" { + value = "ssh bitnami@${opc_compute_ip_reservation.bitnami-elk-public-ip.ip} -i ${var.ssh_private_key_file}" +} + +output "base_url" { + value = "http://${opc_compute_ip_reservation.bitnami-elk-public-ip.ip}" +} + +output "elk_url" { + value = "http://${opc_compute_ip_reservation.bitnami-elk-public-ip.ip}/elk" +} + +output "docs" { + value = "https://docs.bitnami.com/oracle/apps/elk/" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%orchestrated-instance%main.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%orchestrated-instance%main.tf new file mode 100644 index 0000000..65e682b --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%orchestrated-instance%main.tf @@ -0,0 +1,61 @@ +// Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +variable "user" {} +variable "password" {} +variable "domain" {} +variable "endpoint" {} + +provider "opc" { + version = "> 1.0.1" + user = "${var.user}" + password = "${var.password}" + identity_domain = "${var.domain}" + endpoint = "${var.endpoint}" +} + +resource "opc_compute_ip_network" "ipnet1" { + name = "ipnet1" + ip_address_prefix = "192.168.4.0/24" +} + +resource "opc_compute_storage_volume" "boot" { + size = "12" + name = "boot" + bootable = true + image_list = "/oracle/public/OL_7.2_UEKR4_x86_64" + image_list_entry = 1 +} + +resource "opc_compute_ssh_key" "key1" { + name = "key1" + key = "${file("~/.ssh/id_rsa.pub")}" +} + +resource "opc_compute_orchestrated_instance" "MyInstance" { + name = "example-instance-orchestraion" + description = "Example Instance Orchesrtation" + desired_state = "active" + + instance { + persistent = true + name = "vm-1" + hostname = "vm-1" + shape = "oc3" + ssh_keys = ["${opc_compute_ssh_key.key1.name}"] + + networking_info { + index = 1 + ip_network = "${opc_compute_ip_network.ipnet1.name}" + ip_address = "192.168.4.2" + vnic = "eth1-ipnet1" + } + + storage { + index = 1 + volume = "${opc_compute_storage_volume.boot.name}" + } + + boot_order = [1] + } +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%windows-instance-with-rdp%variables.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%windows-instance-with-rdp%variables.tf new file mode 100644 index 0000000..bbbecc5 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%windows-instance-with-rdp%variables.tf @@ -0,0 +1,11 @@ +// Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +variable user {} +variable password {} +variable domain {} +variable endpoint {} + +variable administrator_password { + description = "initial administrator password to the set when launching the windows instance" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%windows-instance-with-rdp%windows-server.tf b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%windows-instance-with-rdp%windows-server.tf new file mode 100644 index 0000000..3099b7e --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-examples%examples%opc%windows-instance-with-rdp%windows-server.tf @@ -0,0 +1,63 @@ +// Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. + +provider "opc" { + user = "${var.user}" + password = "${var.password}" + identity_domain = "${var.domain}" + endpoint = "${var.endpoint}" +} + +data "template_file" "userdata" { + vars = { + admin_password = "${var.administrator_password}" + } + + template = < ${var.label_prefix}source.sh" + } +} + +resource null_resource "etcd-ad1" { + count = "${var.etcdAd1Count}" + depends_on = [ + "module.instances-etcd-ad1", + "null_resource.build_source" + ] + + triggers { + etcd_id = "${element(module.instances-etcd-ad1.ids, count.index)}" + build_source_id = "${null_resource.build_source.id}" + } + + provisioner "local-exec" { + command = "echo 'alias ${var.label_prefix}etcdad1-${count.index}=\"ssh -i ${path.root}/generated/instances_id_rsa opc@${element(module.instances-etcd-ad1.instance_public_ips, count.index)}\"' >> source.sh" + } +} + +resource null_resource "etcd-ad2" { + count = "${var.etcdAd2Count}" + depends_on = [ + "module.instances-etcd-ad2", + "null_resource.build_source" + ] + + triggers { + etcd_id = "${element(module.instances-etcd-ad2.ids, count.index)}" + build_source_id = "${null_resource.build_source.id}" + } + + provisioner "local-exec" { + command = "echo 'alias ${var.label_prefix}etcdad2-${count.index}=\"ssh -i ${path.root}/generated/instances_id_rsa opc@${element(module.instances-etcd-ad2.instance_public_ips, count.index)}\"' >> source.sh" + } +} + + +resource null_resource "etcd-ad3" { + count = "${var.etcdAd3Count}" + depends_on = [ + "module.instances-etcd-ad3", + ] + + triggers { + etcd_id = "${element(module.instances-etcd-ad3.ids, count.index)}" + build_source_id = "${null_resource.build_source.id}" + } + + provisioner "local-exec" { + command = "echo 'alias ${var.label_prefix}etcad3-${count.index}=\"ssh -i ${path.root}/generated/instances_id_rsa opc@${element(module.instances-etcd-ad3.instance_public_ips, count.index)}\"' >> source.sh" + } +} + + + + + +resource null_resource "k8smaster-ad1" { + count = "${var.k8sMasterAd1Count}" + depends_on = [ + "module.instances-k8smaster-ad1", + ] + + triggers { + master_id = "${element(module.instances-k8smaster-ad1.ids, count.index)}" + build_source_id = "${null_resource.build_source.id}" + } + + provisioner "local-exec" { + command = "echo 'alias ${var.label_prefix}masterad1-${count.index}=\"ssh -i ${path.root}/generated/instances_id_rsa opc@${element(module.instances-k8smaster-ad1.public_ips, count.index)}\"' >> source.sh" + } +} + +resource null_resource "k8smaster-ad2" { + count = "${var.k8sMasterAd2Count}" + depends_on = [ + "module.instances-k8smaster-ad2", + ] + + triggers { + master_id = "${element(module.instances-k8smaster-ad2.ids, count.index)}" + build_source_id = "${null_resource.build_source.id}" + } + + provisioner "local-exec" { + command = "echo 'alias ${var.label_prefix}masterad2-${count.index}=\"ssh -i ${path.root}/generated/instances_id_rsa opc@${element(module.instances-k8smaster-ad2.public_ips, count.index)}\"' >> source.sh" + } +} + + +resource null_resource "k8smaster-ad3" { + count = "${var.k8sMasterAd3Count}" + depends_on = [ + "module.instances-k8smaster-ad3", + ] + + triggers { + master_id = "${element(module.instances-k8smaster-ad3.ids, count.index)}" + build_source_id = "${null_resource.build_source.id}" + } + + provisioner "local-exec" { + command = "echo 'alias ${var.label_prefix}masterad3-${count.index}=\"ssh -i ${path.root}/generated/instances_id_rsa opc@${element(module.instances-k8smaster-ad3.public_ips, count.index)}\"' >> source.sh" + } +} + +resource null_resource "k8sworker-ad1" { + count = "${var.k8sWorkerAd1Count}" + depends_on = [ + "module.instances-k8sworker-ad1", + ] + + triggers { + worker_id = "${element(module.instances-k8sworker-ad1.ids, count.index)}" + build_source_id = "${null_resource.build_source.id}" + } + + provisioner "local-exec" { + command = "echo 'alias ${var.label_prefix}workerad1-${count.index}=\"ssh -i ${path.root}/generated/instances_id_rsa opc@${element(module.instances-k8sworker-ad1.public_ips, count.index)}\"' >> source.sh" + } +} + +resource null_resource "k8sworker-ad2" { + count = "${var.k8sWorkerAd2Count}" + depends_on = [ + "module.instances-k8sworker-ad2", + ] + + triggers { + worker_id = "${element(module.instances-k8sworker-ad2.ids, count.index)}" + build_source_id = "${null_resource.build_source.id}" + } + + provisioner "local-exec" { + command = "echo 'alias ${var.label_prefix}workerad2-${count.index}=\"ssh -i ${path.root}/generated/instances_id_rsa opc@${element(module.instances-k8sworker-ad2.public_ips, count.index)}\"' >> source.sh" + } +} + + +resource null_resource "k8sworker-ad3" { + count = "${var.k8sWorkerAd3Count}" + depends_on = [ + "module.instances-k8sworker-ad3", + ] + + triggers { + master_id = "${element(module.instances-k8sworker-ad3.ids, count.index)}" + build_source_id = "${null_resource.build_source.id}" + } + + provisioner "local-exec" { + command = "echo 'alias ${var.label_prefix}workerad3-${count.index}=\"ssh -i ${path.root}/generated/instances_id_rsa opc@${element(module.instances-k8sworker-ad3.public_ips, count.index)}\"' >> source.sh" + } +} + diff --git a/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%datasources.tf b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%datasources.tf new file mode 100644 index 0000000..75b1db1 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%datasources.tf @@ -0,0 +1,9 @@ +data "oci_identity_availability_domains" "ADs" { + compartment_id = "${var.tenancy_ocid}" +} + +resource "template_file" "etcd_discovery_url" { + provisioner "local-exec" { + command = "[ -d ${path.root}/generated ] || mkdir -p ${path.root}/generated && curl --retry 3 https://discovery.etcd.io/new?size=${var.etcdAd1Count + var.etcdAd2Count + var.etcdAd3Count} > ${path.root}/generated/discovery${self.id}" + } +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%identity%cloud_controller_user.tf b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%identity%cloud_controller_user.tf new file mode 100644 index 0000000..f05b1ea --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%identity%cloud_controller_user.tf @@ -0,0 +1,39 @@ +resource "tls_private_key" "cloud_controller_user_key" { + algorithm = "RSA" rsa_bits = 2048 +} + +resource "oci_identity_group" "cloud_controller_group" { + name = "${var.label_prefix}cloud_controller_group" + description = "Terraform created group for OCI Cloud Controller Manager" +} + +resource "oci_identity_user" "cloud_controller_user" { + name = "${var.label_prefix}cloud_controller_user" + description = "Terraform created user for OCI Cloud Controller Manager" +} + +resource "oci_identity_api_key" "cloud_controller_key_assoc" { + user_id = "${oci_identity_user.cloud_controller_user.id}" + key_value = "${tls_private_key.cloud_controller_user_key.public_key_pem}" +} + +resource "oci_identity_user_group_membership" "cloud_controller_user_group_assoc" { + compartment_id = "${var.tenancy_ocid}" + user_id = "${oci_identity_user.cloud_controller_user.id}" + group_id = "${oci_identity_group.cloud_controller_group.id}" +} + +resource "oci_identity_policy" "cloud_controller_policy" { + depends_on = ["oci_identity_group.cloud_controller_group"] + compartment_id = "${var.compartment_ocid}" + name = "${var.label_prefix}cloud_controller_policy" + description = "${var.label_prefix}cloud_controller_group policy" + statements = [ + "Allow group id ${oci_identity_group.cloud_controller_group.id} to manage load-balancers in compartment id ${var.compartment_ocid}", + "Allow group id ${oci_identity_group.cloud_controller_group.id} to use security-lists in compartment id ${var.compartment_ocid}", + "Allow group id ${oci_identity_group.cloud_controller_group.id} to read instances in compartment id ${var.compartment_ocid}", + "Allow group id ${oci_identity_group.cloud_controller_group.id} to read subnets in compartment id ${var.compartment_ocid}", + "Allow group id ${oci_identity_group.cloud_controller_group.id} to read vnics in compartment id ${var.compartment_ocid}", + "Allow group id ${oci_identity_group.cloud_controller_group.id} to read vnic-attachments in compartment id ${var.compartment_ocid}", + ] +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%identity%flexvolume_user.tf b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%identity%flexvolume_user.tf new file mode 100644 index 0000000..493343d --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%identity%flexvolume_user.tf @@ -0,0 +1,45 @@ +resource "tls_private_key" "flexvolume_driver_user_key" { + algorithm = "RSA" rsa_bits = 2048 +} + +resource "oci_identity_group" "flexvolume_driver_group" { + name = "${var.label_prefix}flexvolume_driver_group" + description = "Terraform created group for OCI Cloud Controller Manager" +} + +resource "oci_identity_user" "flexvolume_driver_user" { + name = "${var.label_prefix}flexvolume_driver_user" + description = "Terraform created user for OCI Cloud Controller Manager" +} + +resource "oci_identity_api_key" "flexvolume_driver_key_assoc" { + user_id = "${oci_identity_user.flexvolume_driver_user.id}" + key_value = "${tls_private_key.flexvolume_driver_user_key.public_key_pem}" +} + +resource "oci_identity_user_group_membership" "flexvolume_driver_user_group_assoc" { + compartment_id = "${var.tenancy_ocid}" + user_id = "${oci_identity_user.flexvolume_driver_user.id}" + group_id = "${oci_identity_group.flexvolume_driver_group.id}" +} + +resource "oci_identity_policy" "flexvolume_driver_policy" { + depends_on = ["oci_identity_group.flexvolume_driver_group"] + compartment_id = "${var.compartment_ocid}" + name = "${var.label_prefix}flexvolume_driver_policy" + description = "${var.label_prefix}flexvolume_driver_group policy" + statements = [ + "Allow group id ${oci_identity_group.flexvolume_driver_group.id} to read vnic-attachments in compartment id ${var.compartment_ocid}", + "Allow group id ${oci_identity_group.flexvolume_driver_group.id} to read vnics in compartment id ${var.compartment_ocid}", + "Allow group id ${oci_identity_group.flexvolume_driver_group.id} to read instances in compartment id ${var.compartment_ocid}", + "Allow group id ${oci_identity_group.flexvolume_driver_group.id} to read subnets in compartment id ${var.compartment_ocid}", + "Allow group id ${oci_identity_group.flexvolume_driver_group.id} to use volumes in compartment id ${var.compartment_ocid}", + "Allow group id ${oci_identity_group.flexvolume_driver_group.id} to use instances in compartment id ${var.compartment_ocid}", + "Allow group id ${oci_identity_group.flexvolume_driver_group.id} to manage volume-attachments in compartment id ${var.compartment_ocid}", + + "Allow group id ${oci_identity_group.flexvolume_driver_group.id} to read file-systems in compartment id ${var.compartment_ocid}", + "Allow group id ${oci_identity_group.flexvolume_driver_group.id} to read mount-targets in compartment id ${var.compartment_ocid}", + "Allow group id ${oci_identity_group.flexvolume_driver_group.id} to read private-ips in compartment id ${var.compartment_ocid}", + "Allow group id ${oci_identity_group.flexvolume_driver_group.id} to manage export-sets in compartment id ${var.compartment_ocid}", + ] +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%identity%outputs.tf b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%identity%outputs.tf new file mode 100644 index 0000000..7478c96 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%identity%outputs.tf @@ -0,0 +1,51 @@ +output "cloud_controller_user" { + value = "${oci_identity_user.cloud_controller_user.id}" +} + +output "cloud_controller_public_key" { + value = "${tls_private_key.cloud_controller_user_key.public_key_pem}" +} + +output "cloud_controller_private_key" { + sensitive = true + value = "${tls_private_key.cloud_controller_user_key.private_key_pem}" +} + +output "cloud_controller_user_fingerprint" { + value = "run 'terraform output cloud_controller_private_key > cc_key && openssl rsa -in cc_key -pubout -outform DER | openssl md5 -c && rm cc_key' determine the fingerprint" +} + +output "flexvolume_driver_user" { + value = "${oci_identity_user.flexvolume_driver_user.id}" +} + +output "flexvolume_driver_public_key" { + value = "${tls_private_key.flexvolume_driver_user_key.public_key_pem}" +} + +output "flexvolume_driver_private_key" { + sensitive = true + value = "${tls_private_key.flexvolume_driver_user_key.private_key_pem}" +} + +output "flexvolume_driver_user_fingerprint" { + value = "run 'terraform output flexvolume_driver_private_key > cc_key && openssl rsa -in cc_key -pubout -outform DER | openssl md5 -c && rm cc_key' determine the fingerprint" +} + +output "volume_provisioner_user" { + value = "${oci_identity_user.volume_provisioner_user.id}" +} + +output "volume_provisioner_public_key" { + value = "${tls_private_key.volume_provisioner_user_key.public_key_pem}" +} + +output "volume_provisioner_private_key" { + sensitive = true + value = "${tls_private_key.volume_provisioner_user_key.private_key_pem}" +} + +output "volume_provisioner_user_fingerprint" { + value = "run 'terraform output volume_provisioner_private_key > cc_key && openssl rsa -in cc_key -pubout -outform DER | openssl md5 -c && rm cc_key' determine the fingerprint" +} + diff --git a/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%identity%provider.tf b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%identity%provider.tf new file mode 100644 index 0000000..61d23b5 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%identity%provider.tf @@ -0,0 +1,9 @@ +provider "oci" { + tenancy_ocid = "${var.tenancy_ocid}" + user_ocid = "${var.user_ocid}" + fingerprint = "${var.fingerprint}" + private_key_path = "${var.private_key_path}" + private_key_password = "${var.private_key_password}" + region = "${var.region}" + disable_auto_retries = "false" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%identity%variables.tf b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%identity%variables.tf new file mode 100644 index 0000000..1366973 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%identity%variables.tf @@ -0,0 +1,20 @@ +variable "label_prefix" { + description = "To create unique identifier for multiple clusters in a compartment." + type = "string" +} + +variable "compartment_ocid" {} + + +variable "tenancy_ocid" {} +variable "user_ocid" {} +variable "fingerprint" {} +variable "private_key_path" {} + +variable "private_key_password" { + default = "" +} + +variable "region" { + default = "us-phoenix-1" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%identity%volume_provisioner_user.tf b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%identity%volume_provisioner_user.tf new file mode 100644 index 0000000..93caf29 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%identity%volume_provisioner_user.tf @@ -0,0 +1,35 @@ +resource "tls_private_key" "volume_provisioner_user_key" { + algorithm = "RSA" rsa_bits = 2048 +} + +resource "oci_identity_group" "volume_provisioner_group" { + name = "${var.label_prefix}volume_provisioner_group" + description = "Terraform created group for OCI Cloud Controller Manager" +} + +resource "oci_identity_user" "volume_provisioner_user" { + name = "${var.label_prefix}volume_provisioner_user" + description = "Terraform created user for OCI Cloud Controller Manager" +} + +resource "oci_identity_api_key" "volume_provisioner_key_assoc" { + user_id = "${oci_identity_user.volume_provisioner_user.id}" + key_value = "${tls_private_key.volume_provisioner_user_key.public_key_pem}" +} + +resource "oci_identity_user_group_membership" "volume_provisioner_user_group_assoc" { + compartment_id = "${var.tenancy_ocid}" + user_id = "${oci_identity_user.volume_provisioner_user.id}" + group_id = "${oci_identity_group.volume_provisioner_group.id}" +} + +resource "oci_identity_policy" "volume_provisioner_policy" { + depends_on = ["oci_identity_group.volume_provisioner_group"] + compartment_id = "${var.compartment_ocid}" + name = "${var.label_prefix}volume_provisioner_policy" + description = "${var.label_prefix}volume_provisioner_group policy" + statements = [ + "Allow group id ${oci_identity_group.volume_provisioner_group.id} to manage volumes in compartment id ${var.compartment_ocid}", + "Allow group id ${oci_identity_group.volume_provisioner_group.id} to manage file-systems in compartment id ${var.compartment_ocid}", + ] +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%etcd%datasources.tf b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%etcd%datasources.tf new file mode 100644 index 0000000..ba0bb0d --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%etcd%datasources.tf @@ -0,0 +1,24 @@ +# Prevent oci_core_images image list from changing underneath us. +data "oci_core_images" "ImageOCID" { + compartment_id = "${var.compartment_ocid}" + display_name = "${var.oracle_linux_image_name}" +} + +# Cloud call to get a list of Availability Domains +data "oci_identity_availability_domains" "ADs" { + compartment_id = "${var.tenancy_ocid}" +} + +# "cloud init" file to bootstrap instance +data "template_file" "etcd-bootstrap" { + template = "${file("${path.module}/cloud_init/bootstrap.template.sh")}" + + vars { + domain_name = "${var.domain_name}" + docker_ver = "${var.docker_ver}" + etcd_ver = "${var.etcd_ver}" + docker_max_log_size = "${var.etcd_docker_max_log_size}" + docker_max_log_files = "${var.etcd_docker_max_log_files}" + etcd_discovery_url = "${file("${path.root}/generated/discovery${var.etcd_discovery_url}")}" + } +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%etcd%main.tf b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%etcd%main.tf new file mode 100644 index 0000000..e66828c --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%etcd%main.tf @@ -0,0 +1,55 @@ +/** + * The instances/etcd module provisions and configures one or more etcd instances. + */ + +resource "oci_core_instance" "TFInstanceEtcd" { + count = "${var.count}" + availability_domain = "${var.availability_domain}" + compartment_id = "${var.compartment_ocid}" + display_name = "${var.label_prefix}${var.display_name_prefix}-${count.index}" + hostname_label = "${var.hostname_label_prefix}-${count.index}" + image = "${lookup(data.oci_core_images.ImageOCID.images[0], "id")}" + shape = "${var.shape}" + + create_vnic_details { + subnet_id = "${var.subnet_id}" + display_name = "${var.label_prefix}${var.display_name_prefix}-${count.index}" + hostname_label = "${var.hostname_label_prefix}-${count.index}" + assign_public_ip = "${(var.control_plane_subnet_access == "private") ? "false" : "true"}" + private_ip = "${var.assign_private_ip == "true" ? cidrhost(lookup(var.network_cidrs,var.subnet_name), count.index+2) : ""}" + } + + extended_metadata { + roles = "etcd" + ssh_authorized_keys = "${var.ssh_public_key_openssh}" + + # Automate etcd instance configuration with cloud init run at launch time + user_data = "${base64encode(data.template_file.etcd-bootstrap.rendered)}" + tags = "group:etcd" + } + + timeouts { + create = "60m" + } + + provisioner "local-exec" { + command = "sleep 10" + } +} + +resource "oci_core_volume" "TFVolumeInstanceEtcd" { + count = "${var.etcd_iscsi_volume_create ? var.count : 0}" + availability_domain = "${var.availability_domain}" + compartment_id = "${var.compartment_ocid}" + display_name = "block-volume-${var.hostname_label_prefix}-${count.index}" + size_in_gbs = "${var.etcd_iscsi_volume_size}" +} + +resource "oci_core_volume_attachment" "TFVolumeAttachmentInstanceEtcd" { + count = "${var.etcd_iscsi_volume_create ? var.count : 0}" + attachment_type = "iscsi" + compartment_id = "${var.compartment_ocid}" + instance_id = "${oci_core_instance.TFInstanceEtcd.*.id[count.index]}" + volume_id = "${oci_core_volume.TFVolumeInstanceEtcd.*.id[count.index]}" + depends_on = ["oci_core_instance.TFInstanceEtcd", "oci_core_volume.TFVolumeInstanceEtcd"] +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%etcd%outputs.tf b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%etcd%outputs.tf new file mode 100644 index 0000000..8093dbf --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%etcd%outputs.tf @@ -0,0 +1,18 @@ +# Output the private and public IPs of the instance + +output "ids" { + value = ["${oci_core_instance.TFInstanceEtcd.*.id}"] +} + +output "hostname_label" { + value = "${oci_core_instance.TFInstanceEtcd.*.hostname_label}" +} + +output "private_ips" { + value = ["${oci_core_instance.TFInstanceEtcd.*.private_ip}"] +} + +output "instance_public_ips" { + value = ["${oci_core_instance.TFInstanceEtcd.*.public_ip}"] +} + \ No newline at end of file diff --git a/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%etcd%variables.tf b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%etcd%variables.tf new file mode 100644 index 0000000..21c1526 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%etcd%variables.tf @@ -0,0 +1,69 @@ +variable "network_cidrs" { + type = "map" +} +variable "availability_domain" {} +variable "compartment_ocid" {} +variable "display_name_prefix" {} +variable "hostname_label_prefix" {} + +variable "shape" { + default = "VM.Standard1.1" +} + +variable "subnet_id" {} +variable "subnet_name" {} +variable "ssh_public_key_openssh" {} +variable "domain_name" {} + +variable "label_prefix" { + default = "" +} + +variable "docker_ver" { + default = "17.06.2.ol" +} + +variable "oracle_linux_image_name" { + default = "Oracle-Linux-7.5-2018.10.16-0" +} + +variable "etcd_ver" { + default = "v3.2.2" +} + +variable "tenancy_ocid" {} +variable "etcd_discovery_url" {} + +variable "count" { + default = "1" +} + +variable "control_plane_subnet_access" { + description = "Whether instances in the control plane are launched in a public or private subnets" + default = "public" +} + +variable "etcd_docker_max_log_size" { + description = "Maximum size of the etcd docker container json logs" + default = "50m" +} +variable "etcd_docker_max_log_files" { + description = "Maximum number of etcd docker container json logs to rotate" + default = "5" +} + +# iSCSI +variable "etcd_iscsi_volume_create" { + description = "Bool if an iscsi volume should be attached and mounted at the etcd volume mount point /etcd" + default = false +} + +variable "etcd_iscsi_volume_size" { + description = "Size of iscsi volume to be created" + default = 50 +} + +variable "assign_private_ip" { + description = "Assign a static private ip based on CIDR block for that AD" + default = false +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%k8smaster%datasources.tf b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%k8smaster%datasources.tf new file mode 100644 index 0000000..89830ab --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%k8smaster%datasources.tf @@ -0,0 +1,156 @@ +# Prevent oci_core_images image list from changing underneath us. +data "oci_core_images" "ImageOCID" { + compartment_id = "${var.compartment_ocid}" + display_name = "${var.oracle_linux_image_name}" +} + +# Cloud call to get a list of Availability Domains +data "oci_identity_availability_domains" "ADs" { + compartment_id = "${var.tenancy_ocid}" +} + +data "template_file" "setup-template" { + template = "${file("${path.module}/scripts/setup.template.sh")}" + + vars = { + domain_name = "${var.domain_name}" + docker_ver = "${var.docker_ver}" + etcd_ver = "${var.etcd_ver}" + flannel_ver = "${var.flannel_ver}" + flannel_network_cidr = "${var.flannel_network_cidr}" + flannel_backend = "${var.flannel_backend}" + k8s_ver = "${var.k8s_ver}" + docker_max_log_size = "${var.master_docker_max_log_size}" + docker_max_log_files = "${var.master_docker_max_log_files}" + etcd_discovery_url = "${file("${path.root}/generated/discovery${var.etcd_discovery_url}")}" + etcd_endpoints = "${var.etcd_endpoints}" + cloud_controller_version = "${var.cloud_controller_version}" + flexvolume_driver_version = "${var.flexvolume_driver_version}" + volume_provisioner_version = "${var.volume_provisioner_version}" + kubernetes_network_plugin = "${var.kubernetes_network_plugin}" + } +} + +data "template_file" "setup-preflight" { + template = "${file("${path.module}/scripts/setup.preflight.sh")}" + + vars = { + k8s_ver = "${var.k8s_ver}" + } +} + +data "template_file" "kube-apiserver" { + template = "${file("${path.module}/manifests/kube-apiserver.yaml")}" + + vars = { + api_server_count = "${var.api_server_count}" + domain_name = "${var.domain_name}" + k8s_ver = "${var.k8s_ver}" + etcd_endpoints = "${var.etcd_endpoints}" + } +} + +data "template_file" "kubelet-service" { + template = "${file("${path.module}/scripts/kubelet.service")}" + + vars = { + k8s_ver = "${var.k8s_ver}" + } +} + +data "template_file" "kube-controller-manager" { + template = "${file("${path.module}/manifests/kube-controller-manager.yaml")}" + + vars = { + k8s_ver = "${var.k8s_ver}" + flannel_network_cidr = "${var.flannel_network_cidr}" + } +} + +data "template_file" "kube-dns" { + template = "${file("${path.module}/manifests/kube-dns.yaml")}" + + vars = { + pillar_dns_domain = "cluster.local" + k8s_dns_ver = "${var.k8s_dns_ver}" + } +} + +data "template_file" "kube-proxy" { + template = "${file("${path.module}/manifests/kube-proxy.yaml")}" + + vars = { + k8s_ver = "${var.k8s_ver}" + flannel_network_cidr = "${var.flannel_network_cidr}" + } +} + +data "template_file" "kube-scheduler" { + template = "${file("${path.module}/manifests/kube-scheduler.yaml")}" + + vars = { + k8s_ver = "${var.k8s_ver}" + } +} + +data "template_file" "kube-dashboard" { + template = "${file("${path.module}/manifests/kubernetes-dashboard.yaml")}" + + vars = { + k8s_dashboard_ver = "${var.k8s_dashboard_ver}" + } +} + +data "template_file" "kube-rbac" { + template = "${file("${path.module}/manifests/kube-rbac-role-binding.yaml")}" +} + +data "template_file" "master-kubeconfig" { + template = "${file("${path.module}/manifests/master-kubeconfig.template.yaml")}" +} + +data "template_file" "token_auth_file" { + template = "${file("${path.module}/scripts/token_auth.csv")}" + + vars { + token_admin = "${var.k8s_apiserver_token_admin}" + } +} + +data "template_file" "kube_master_cloud_init_file" { + template = "${file("${path.module}/cloud_init/bootstrap.template.yaml")}" + + vars = { + k8s_ver = "${var.k8s_ver}" + setup_preflight_sh_content = "${base64gzip(data.template_file.setup-preflight.rendered)}" + setup_template_sh_content = "${base64gzip(data.template_file.setup-template.rendered)}" + kube_apiserver_template_content = "${base64gzip(data.template_file.kube-apiserver.rendered)}" + kube_controller_manager_template_content = "${base64gzip(data.template_file.kube-controller-manager.rendered)}" + kube_dns_template_content = "${base64gzip(data.template_file.kube-dns.rendered)}" + kube_proxy_template_content = "${base64gzip(data.template_file.kube-proxy.rendered)}" + kube_dashboard_template_content = "${base64gzip(data.template_file.kube-dashboard.rendered)}" + kube_rbac_content = "${base64gzip(data.template_file.kube-rbac.rendered)}" + master_kubeconfig_template_content = "${base64gzip(data.template_file.master-kubeconfig.rendered)}" + kube_scheduler_template_content = "${base64gzip(data.template_file.kube-scheduler.rendered)}" + kubelet_service_content = "${base64gzip(data.template_file.kubelet-service.rendered)}" + ca-pem-content = "${base64gzip(var.root_ca_pem)}" + ca-key-content = "${base64gzip(var.root_ca_key)}" + api-server-key-content = "${base64gzip(var.api_server_private_key_pem)}" + api-server-cert-content = "${base64gzip(var.api_server_cert_pem)}" + api-token_auth_template_content = "${base64gzip(data.template_file.token_auth_file.rendered)}" + cloud_provider_secret_content = "${base64gzip(var.cloud_controller_secret)}" + flexvolume_driver_secret_content = "${base64gzip(var.flexvolume_driver_secret)}" + volume_provisioner_secret_content = "${base64gzip(var.volume_provisioner_secret)}" + } +} + +data "template_cloudinit_config" "master" { + gzip = true + base64_encode = true + + part { + filename = "bootstrap.yaml" + content_type = "text/cloud-config" + content = "${data.template_file.kube_master_cloud_init_file.rendered}" + } +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%k8smaster%main.tf b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%k8smaster%main.tf new file mode 100644 index 0000000..9beb2a0 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%k8smaster%main.tf @@ -0,0 +1,55 @@ +/** + * The instances/k8smaster module provisions and configures one or more Kubernetes Master instances. + */ + +resource "oci_core_instance" "TFInstanceK8sMaster" { + count = "${var.count}" + availability_domain = "${var.availability_domain}" + compartment_id = "${var.compartment_ocid}" + display_name = "${var.label_prefix}${var.display_name_prefix}-${count.index}" + hostname_label = "${var.hostname_label_prefix}-${count.index}" + image = "${lookup(data.oci_core_images.ImageOCID.images[0], "id")}" + shape = "${var.shape}" + + create_vnic_details { + subnet_id = "${var.subnet_id}" + display_name = "${var.label_prefix}${var.display_name_prefix}-${count.index}" + hostname_label = "${var.hostname_label_prefix}-${count.index}" + assign_public_ip = "${(var.control_plane_subnet_access == "private") ? "false" : "true"}" + private_ip = "${var.assign_private_ip == "true" ? cidrhost(lookup(var.network_cidrs,var.subnet_name), count.index+2) : ""}" + } + + extended_metadata { + roles = "masters" + ssh_authorized_keys = "${var.ssh_public_key_openssh}" + + # Automate master instance configuration with cloud init run at launch time + user_data = "${data.template_cloudinit_config.master.rendered}" + tags = "group:k8s-master" + } + + provisioner "remote-exec" { + when = "destroy" + + inline = [ + "nodeName=`getent hosts $(/usr/sbin/ip route get 1 | awk '{print $NF;exit}') | awk '{print $2}'`", + "[ -e /usr/bin/kubectl ] && sudo kubectl --kubeconfig /etc/kubernetes/manifests/master-kubeconfig.yaml drain $nodeName --force", + "[ -e /usr/bin/kubectl ] && sudo kubectl --kubeconfig /etc/kubernetes/manifests/master-kubeconfig.yaml delete node $nodeName", + "exit 0", + ] + + on_failure = "continue" + + connection { + host = "${self.public_ip}" + user = "opc" + private_key = "${var.ssh_private_key}" + agent = false + timeout = "30s" + } + } + + timeouts { + create = "60m" + } +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%k8smaster%outputs.tf b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%k8smaster%outputs.tf new file mode 100644 index 0000000..1966ff2 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%k8smaster%outputs.tf @@ -0,0 +1,11 @@ +output "ids" { + value = ["${oci_core_instance.TFInstanceK8sMaster.*.id}"] +} + +output "private_ips" { + value = ["${oci_core_instance.TFInstanceK8sMaster.*.private_ip}"] +} + +output "public_ips" { + value = ["${oci_core_instance.TFInstanceK8sMaster.*.public_ip}"] +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%k8smaster%variables.tf b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%k8smaster%variables.tf new file mode 100644 index 0000000..df47500 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%k8smaster%variables.tf @@ -0,0 +1,102 @@ +# BMCS +variable "availability_domain" {} + +variable "compartment_ocid" {} +variable "display_name_prefix" {} +variable "hostname_label_prefix" {} + +variable "flannel_network_cidr" {} +variable "flannel_backend" {} + +variable "kubernetes_network_plugin" {} + +variable "count" { + default = "1" +} + +variable "control_plane_subnet_access" { + description = "Whether instances in the control plane are launched in a public or private subnets" + default = "public" +} + +variable "network_cidrs" { + type = "map" +} +variable "subnet_id" {} +variable "subnet_name" {} +variable "domain_name" {} +variable "shape" {} +variable "tenancy_ocid" {} + +variable "label_prefix" { + default = "" +} + +# Instance +variable "ssh_public_key_openssh" {} + +variable "docker_ver" { + default = "17.06.2.ol" +} + +variable "oracle_linux_image_name" { + default = "Oracle-Linux-7.5-2018.10.16-0" +} + +variable "etcd_ver" { + default = "v3.2.2" +} + +variable "flannel_ver" { + default = "v0.9.1" +} + +variable "ssh_private_key" {} + +# Kubernetes +variable "k8s_ver" { + default = "1.8.5" +} + +variable "k8s_dashboard_ver" { + default = "1.6.3" +} + +variable "k8s_dns_ver" { + default = "1.14.2" +} + +variable "api_server_count" {} + +variable "root_ca_pem" {} +variable "root_ca_key" {} +variable "api_server_private_key_pem" {} +variable "api_server_cert_pem" {} +variable "k8s_apiserver_token_admin" {} + +# etcd +variable "etcd_discovery_url" {} +variable "etcd_endpoints" {} + +variable "master_docker_max_log_size" { + description = "Maximum size of the k8s master docker container json logs" + default = "50m" +} +variable "master_docker_max_log_files" { + description = "Maximum number of k8s master docker container json logs to rotate" + default = "5" +} + +variable "cloud_controller_version" {} +variable "cloud_controller_secret" {} + +variable "flexvolume_driver_version" {} +variable "flexvolume_driver_secret" {} + +variable "volume_provisioner_version" {} +variable "volume_provisioner_secret" {} + +variable "assign_private_ip" { + description = "Assign a static private ip based on CIDR block for that AD" + default = false +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%k8sworker%datasources.tf b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%k8sworker%datasources.tf new file mode 100644 index 0000000..72058a5 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%k8sworker%datasources.tf @@ -0,0 +1,96 @@ +# Prevent oci_core_images image list from changing underneath us. +data "oci_core_images" "ImageOCID" { + compartment_id = "${var.compartment_ocid}" + display_name = "${var.oracle_linux_image_name}" +} + +# Cloud call to get a list of Availability Domains +data "oci_identity_availability_domains" "ADs" { + compartment_id = "${var.tenancy_ocid}" +} + +data "template_file" "setup-template" { + template = "${file("${path.module}/scripts/setup.template.sh")}" + + vars = { + master_lb = "${var.master_lb}" + domain_name = "${var.domain_name}" + docker_ver = "${var.docker_ver}" + k8s_ver = "${var.k8s_ver}" + docker_max_log_size = "${var.worker_docker_max_log_size}" + docker_max_log_files = "${var.worker_docker_max_log_files}" + worker_iscsi_volume_mount = "${var.worker_iscsi_volume_mount}" + flexvolume_driver_version = "${var.flexvolume_driver_version}" + reverse_proxy_setup = "${var.reverse_proxy_setup}" + } +} + +data "template_file" "setup-preflight" { + template = "${file("${path.module}/scripts/setup.preflight.sh")}" + + vars = { + k8s_ver = "${var.k8s_ver}" + } +} + +data "template_file" "kube-proxy" { + template = "${file("${path.module}/manifests/kube-proxy.template.yaml")}" + + vars = { + master_lb = "${var.master_lb}" + k8s_ver = "${var.k8s_ver}" + domain_name = "${var.domain_name}" + flannel_network_cidr = "${var.flannel_network_cidr}" + } +} + +data "template_file" "worker-kubeconfig" { + template = "${file("${path.module}/manifests/worker-kubeconfig.template.yaml")}" + + vars = { + master_lb = "${var.master_lb}" + k8s_ver = "${var.k8s_ver}" + domain_name = "${var.domain_name}" + } +} + +data "template_file" "kubelet-service" { + template = "${file("${path.module}/scripts/kubelet.service")}" + + vars = { + master_lb = "${var.master_lb}" + k8s_ver = "${var.k8s_ver}" + domain_name = "${var.domain_name}" + region = "${var.region}" + zone = "${element(split(":",var.availability_domain),1)}" + } +} + +data "template_file" "kube_worker_cloud_init_file" { + template = "${file("${path.module}/cloud_init/bootstrap.template.yaml")}" + + vars = { + k8s_ver = "${var.k8s_ver}" + setup_preflight_sh_content = "${base64gzip(data.template_file.setup-preflight.rendered)}" + setup_template_sh_content = "${base64gzip(data.template_file.setup-template.rendered)}" + kube_proxy_template_content = "${base64gzip(data.template_file.kube-proxy.rendered)}" + worker_kubeconfig_template_content = "${base64gzip(data.template_file.worker-kubeconfig.rendered)}" + kubelet_service_content = "${base64gzip(data.template_file.kubelet-service.rendered)}" + ca-pem-content = "${base64gzip(var.root_ca_pem)}" + ca-key-content = "${base64gzip(var.root_ca_key)}" + api-server-key-content = "${base64gzip(var.api_server_private_key_pem)}" + api-server-cert-content = "${base64gzip(var.api_server_cert_pem)}" + reverse_proxy-content = "${var.reverse_proxy_clount_init}" + } +} + +data "template_cloudinit_config" "master" { + gzip = true + base64_encode = true + + part { + filename = "bootstrap.yaml" + content_type = "text/cloud-config" + content = "${data.template_file.kube_worker_cloud_init_file.rendered}" + } +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%k8sworker%main.tf b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%k8sworker%main.tf new file mode 100644 index 0000000..a6a132d --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%k8sworker%main.tf @@ -0,0 +1,66 @@ +/** + * The instances/k8sworker module provisions and configures one or more Kubernetes Worker instances. + */ + +resource "oci_core_instance" "TFInstanceK8sWorker" { + count = "${var.count}" + availability_domain = "${var.availability_domain}" + compartment_id = "${var.compartment_ocid}" + display_name = "${var.label_prefix}${var.display_name_prefix}-${count.index}" + hostname_label = "${var.hostname_label_prefix}-${count.index}" + image = "${lookup(data.oci_core_images.ImageOCID.images[0], "id")}" + shape = "${var.shape}" + subnet_id = "${var.subnet_id}" + + extended_metadata { + roles = "nodes" + ssh_authorized_keys = "${var.ssh_public_key_openssh}" + + # Automate worker instance configuration with cloud init run at launch time + user_data = "${data.template_cloudinit_config.master.rendered}" + tags = "group:k8s-worker" + } + + # TODO handle scenario when control_plane_subnet_access = "private" + provisioner "remote-exec" { + when = "destroy" + + inline = [ + "nodeName=`getent hosts $(/usr/sbin/ip route get 1 | awk '{print $NF;exit}') | awk '{print $2}'`", + "[ -e /usr/bin/kubectl ] && sudo kubectl --kubeconfig /etc/kubernetes/manifests/worker-kubeconfig.yaml drain $nodeName --force", + "[ -e /usr/bin/kubectl ] && sudo kubectl --kubeconfig /etc/kubernetes/manifests/worker-kubeconfig.yaml delete node $nodeName", + "exit 0", + ] + + on_failure = "continue" + + connection { + host = "${self.public_ip}" + user = "opc" + private_key = "${var.ssh_private_key}" + agent = false + timeout = "30s" + } + } + + timeouts { + create = "60m" + } +} + +resource "oci_core_volume" "TFVolumeK8sWorker" { + count = "${var.worker_iscsi_volume_create ? var.count : 0}" + availability_domain = "${var.availability_domain}" + compartment_id = "${var.compartment_ocid}" + display_name = "block-volume-${var.hostname_label_prefix}-${count.index}" + size_in_gbs = "${var.worker_iscsi_volume_size}" +} + +resource "oci_core_volume_attachment" "TFVolumeAttachmentK8sWorker" { + count = "${var.worker_iscsi_volume_create ? var.count : 0}" + attachment_type = "iscsi" + compartment_id = "${var.compartment_ocid}" + instance_id = "${oci_core_instance.TFInstanceK8sWorker.*.id[count.index]}" + volume_id = "${oci_core_volume.TFVolumeK8sWorker.*.id[count.index]}" + depends_on = ["oci_core_instance.TFInstanceK8sWorker", "oci_core_volume.TFVolumeK8sWorker"] +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%k8sworker%output.tf b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%k8sworker%output.tf new file mode 100644 index 0000000..89621c4 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%k8sworker%output.tf @@ -0,0 +1,15 @@ +output "ids" { + value = ["${oci_core_instance.TFInstanceK8sWorker.*.id}"] +} + +output "private_ips" { + value = ["${oci_core_instance.TFInstanceK8sWorker.*.private_ip}"] +} + +output "public_ips" { + value = ["${oci_core_instance.TFInstanceK8sWorker.*.public_ip}"] +} + +output "instance_host_names" { + value = ["${oci_core_instance.TFInstanceK8sWorker.*.display_name}"] +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%k8sworker%variables.tf b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%k8sworker%variables.tf new file mode 100644 index 0000000..dab8556 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%instances%k8sworker%variables.tf @@ -0,0 +1,77 @@ +# BMCS +variable "availability_domain" {} + +variable "compartment_ocid" {} +variable "display_name_prefix" {} +variable "hostname_label_prefix" {} +variable "flannel_network_cidr" {} + +variable "count" { + default = "1" +} + +variable "subnet_id" {} +variable "domain_name" {} +variable "region" {} +variable "shape" {} +variable "tenancy_ocid" {} + +variable "label_prefix" { + default = "" +} + +# Instance +variable "ssh_public_key_openssh" {} + +variable "ssh_private_key" {} + +variable "docker_ver" { + default = "17.06.2.ol" +} + +variable "oracle_linux_image_name" { + default = "Oracle-Linux-7.5-2018.10.16-0" +} + +# Kubernetes +variable "master_lb" {} + +variable "k8s_ver" { + default = "1.8.5" +} + +variable "root_ca_pem" {} +variable "root_ca_key" {} +variable "api_server_private_key_pem" {} +variable "api_server_cert_pem" {} + +variable "worker_docker_max_log_size" { + description = "Maximum size of the k8s worker docker container json logs" + default = "50m" +} +variable "worker_docker_max_log_files" { + description = "Maximum number of the k8s worker docker container json logs to rotate" + default = "5" +} + +# iSCSI +variable "worker_iscsi_volume_create" { + description = "Bool if an iscsi volume should be attached and mounted at /var/lib/docker" + default = false +} + +variable "worker_iscsi_volume_size" { + description = "Size of iscsi volume to be created" + default = 50 +} + +variable "worker_iscsi_volume_mount" { + description = "Mount point of iscsi volume" + default = "/var/lib/docker" +} + +variable "flexvolume_driver_version" {} + +variable "reverse_proxy_setup" {} + +variable "reverse_proxy_clount_init" {} diff --git a/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%k8s-oci.tf b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%k8s-oci.tf new file mode 100644 index 0000000..43e570c --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%k8s-oci.tf @@ -0,0 +1,483 @@ + +locals { + master_lb_ip = "${var.master_oci_lb_enabled == "true" ? element(concat(flatten(module.k8smaster-public-lb.ip_addresses), list("")), 0) : "127.0.0.1"}" + master_lb_address = "${format("https://%s:%s", local.master_lb_ip, var.master_oci_lb_enabled == "true" ? "443" : "6443")}" + + reverse_proxy_clount_init = "${var.master_oci_lb_enabled == "true" ? "" : module.reverse-proxy.clount_init}" + reverse_proxy_setup = "${var.master_oci_lb_enabled == "true" ? "" : module.reverse-proxy.setup}" + + etcd_endpoints = "${var.etcd_lb_enabled == "true" ? + join(",",formatlist("http://%s:2379", module.etcd-lb.ip_addresses)) : + join(",",formatlist("http://%s:2379", compact(concat( + module.instances-etcd-ad1.private_ips, + module.instances-etcd-ad2.private_ips, + module.instances-etcd-ad3.private_ips)))) }" +} + +### CA and Cluster Certificates + +module "k8s-tls" { + source = "./tls/" + api_server_private_key = "${var.api_server_private_key}" + api_server_cert = "${var.api_server_cert}" + ca_cert = "${var.ca_cert}" + ca_key = "${var.ca_key}" + api_server_admin_token = "${var.api_server_admin_token}" + master_lb_public_ip = "${local.master_lb_ip}" + ssh_private_key = "${var.ssh_private_key}" + ssh_public_key_openssh = "${var.ssh_public_key_openssh}" +} + +### Virtual Cloud Network + +module "vcn" { + source = "./network/vcn" + compartment_ocid = "${var.compartment_ocid}" + label_prefix = "${var.label_prefix}" + tenancy_ocid = "${var.tenancy_ocid}" + vcn_dns_name = "${var.vcn_dns_name}" + additional_etcd_security_lists_ids = "${var.additional_etcd_security_lists_ids}" + additional_k8smaster_security_lists_ids = "${var.additional_k8s_master_security_lists_ids}" + additional_k8sworker_security_lists_ids = "${var.additional_k8s_worker_security_lists_ids}" + additional_public_security_lists_ids = "${var.additional_public_security_lists_ids}" + control_plane_subnet_access = "${var.control_plane_subnet_access}" + etcd_ssh_ingress = "${var.etcd_ssh_ingress}" + etcd_cluster_ingress = "${var.etcd_cluster_ingress}" + master_ssh_ingress = "${var.master_ssh_ingress}" + master_https_ingress = "${var.master_https_ingress}" + network_cidrs = "${var.network_cidrs}" + public_subnet_ssh_ingress = "${var.public_subnet_ssh_ingress}" + public_subnet_http_ingress = "${var.public_subnet_http_ingress}" + public_subnet_https_ingress = "${var.public_subnet_https_ingress}" + nat_instance_oracle_linux_image_name = "${var.nat_ol_image_name}" + nat_instance_shape = "${var.natInstanceShape}" + nat_instance_ad1_enabled = "${var.nat_instance_ad1_enabled}" + nat_instance_ad2_enabled = "${var.nat_instance_ad2_enabled}" + nat_instance_ad3_enabled = "${var.nat_instance_ad3_enabled}" + nat_instance_ssh_public_key_openssh = "${module.k8s-tls.ssh_public_key_openssh}" + dedicated_nat_subnets = "${var.dedicated_nat_subnets}" + worker_ssh_ingress = "${var.worker_ssh_ingress}" + worker_nodeport_ingress = "${var.worker_nodeport_ingress}" + master_nodeport_ingress = "${var.master_nodeport_ingress}" + external_icmp_ingress = "${var.external_icmp_ingress}" + internal_icmp_ingress = "${var.internal_icmp_ingress}" + network_subnet_dns = "${var.network_subnet_dns}" +} + +module "oci-cloud-controller" { + source = "./kubernetes/oci-cloud-controller" + label_prefix = "${var.label_prefix}" + compartment_ocid = "${var.compartment_ocid}" + tenancy = "${var.tenancy_ocid}" + region = "${var.region}" + cloud_controller_user_ocid = "${var.cloud_controller_user_ocid == "" ? var.user_ocid : var.cloud_controller_user_ocid}" + cloud_controller_user_fingerprint = "${var.cloud_controller_user_fingerprint == "" ? var.fingerprint : var.cloud_controller_user_fingerprint}" + cloud_controller_user_private_key_path = "${var.cloud_controller_user_private_key_path == "" ? var.private_key_path : var.cloud_controller_user_private_key_path}" + + // So we are using the private_key_path to see if it is set as we don't want to fall back to the var.private_key_password if the + // var.cloud_controller_user_private_key_path has been provided but has an empty password + cloud_controller_user_private_key_password = "${var.cloud_controller_user_private_key_path == "" ? var.private_key_password : var.cloud_controller_user_private_key_password}" + + subnet1 = "${element(module.vcn.ccmlb_subnet_ad1_id,0)}" + subnet2 = "${element(module.vcn.ccmlb_subnet_ad2_id,0)}" +} + +module "oci-flexvolume-driver" { + source = "./kubernetes/oci-flexvolume-driver" + tenancy = "${var.tenancy_ocid}" + vcn = "${module.vcn.id}" + + flexvolume_driver_user_ocid = "${var.flexvolume_driver_user_ocid == "" ? var.user_ocid : var.flexvolume_driver_user_ocid}" + flexvolume_driver_user_fingerprint = "${var.flexvolume_driver_user_fingerprint == "" ? var.fingerprint : var.flexvolume_driver_user_fingerprint}" + flexvolume_driver_user_private_key_path = "${var.flexvolume_driver_user_private_key_path == "" ? var.private_key_path : var.flexvolume_driver_user_private_key_path}" + + // See comment for oci-cloud-controller + flexvolume_driver_user_private_key_password = "${var.flexvolume_driver_user_private_key_path == "" ? var.private_key_password : var.flexvolume_driver_user_private_key_password}" +} + +module "oci-volume-provisioner" { + source = "./kubernetes/oci-volume-provisioner" + tenancy = "${var.tenancy_ocid}" + region = "${var.region}" + + compartment = "${var.compartment_ocid}" + volume_provisioner_user_ocid = "${var.volume_provisioner_user_ocid == "" ? var.user_ocid : var.volume_provisioner_user_ocid}" + volume_provisioner_user_fingerprint = "${var.volume_provisioner_user_fingerprint == "" ? var.fingerprint : var.volume_provisioner_user_fingerprint}" + volume_provisioner_user_private_key_path = "${var.volume_provisioner_user_private_key_path == "" ? var.private_key_path : var.volume_provisioner_user_private_key_path}" + + // See comment for oci-cloud-controller + volume_provisioner_user_private_key_password = "${var.volume_provisioner_user_private_key_path == "" ? var.private_key_password : var.volume_provisioner_user_private_key_password}" +} + +### Compute Instance(s) + +module "instances-etcd-ad1" { + source = "./instances/etcd" + count = "${var.etcdAd1Count}" + availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[0],"name")}" + compartment_ocid = "${var.compartment_ocid}" + control_plane_subnet_access = "${var.control_plane_subnet_access}" + display_name_prefix = "etcd-ad1" + domain_name = "${var.domain_name}" + etcd_discovery_url = "${template_file.etcd_discovery_url.id}" + etcd_ver = "${var.etcd_ver}" + hostname_label_prefix = "etcd-ad1" + oracle_linux_image_name = "${var.etcd_ol_image_name}" + label_prefix = "${var.label_prefix}" + shape = "${var.etcdShape}" + ssh_public_key_openssh = "${module.k8s-tls.ssh_public_key_openssh}" + network_cidrs = "${var.network_cidrs}" + subnet_id = "${module.vcn.etcd_subnet_ad1_id}" + subnet_name = "etcdSubnetAD1" + tenancy_ocid = "${var.compartment_ocid}" + etcd_docker_max_log_size = "${var.etcd_docker_max_log_size}" + etcd_docker_max_log_files = "${var.etcd_docker_max_log_files}" + etcd_iscsi_volume_create = "${var.etcd_iscsi_volume_create}" + etcd_iscsi_volume_size = "${var.etcd_iscsi_volume_size}" + assign_private_ip = "${var.etcd_maintain_private_ip == "true" ? "true": "false"}" +} + +module "instances-etcd-ad2" { + source = "./instances/etcd" + count = "${var.etcdAd2Count}" + availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[1],"name")}" + compartment_ocid = "${var.compartment_ocid}" + control_plane_subnet_access = "${var.control_plane_subnet_access}" + display_name_prefix = "etcd-ad2" + domain_name = "${var.domain_name}" + etcd_discovery_url = "${template_file.etcd_discovery_url.id}" + etcd_ver = "${var.etcd_ver}" + hostname_label_prefix = "etcd-ad2" + oracle_linux_image_name = "${var.etcd_ol_image_name}" + label_prefix = "${var.label_prefix}" + shape = "${var.etcdShape}" + ssh_public_key_openssh = "${module.k8s-tls.ssh_public_key_openssh}" + network_cidrs = "${var.network_cidrs}" + subnet_id = "${module.vcn.etcd_subnet_ad2_id}" + subnet_name = "etcdSubnetAD2" + tenancy_ocid = "${var.compartment_ocid}" + etcd_docker_max_log_size = "${var.etcd_docker_max_log_size}" + etcd_docker_max_log_files = "${var.etcd_docker_max_log_files}" + etcd_iscsi_volume_create = "${var.etcd_iscsi_volume_create}" + etcd_iscsi_volume_size = "${var.etcd_iscsi_volume_size}" + assign_private_ip = "${var.etcd_maintain_private_ip == "true" ? "true": "false"}" +} + +module "instances-etcd-ad3" { + source = "./instances/etcd" + count = "${var.etcdAd3Count}" + availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[2],"name")}" + compartment_ocid = "${var.compartment_ocid}" + control_plane_subnet_access = "${var.control_plane_subnet_access}" + display_name_prefix = "etcd-ad3" + docker_ver = "${var.docker_ver}" + domain_name = "${var.domain_name}" + etcd_discovery_url = "${template_file.etcd_discovery_url.id}" + etcd_ver = "${var.etcd_ver}" + hostname_label_prefix = "etcd-ad3" + oracle_linux_image_name = "${var.etcd_ol_image_name}" + label_prefix = "${var.label_prefix}" + shape = "${var.etcdShape}" + ssh_public_key_openssh = "${module.k8s-tls.ssh_public_key_openssh}" + network_cidrs = "${var.network_cidrs}" + subnet_id = "${module.vcn.etcd_subnet_ad3_id}" + subnet_name = "etcdSubnetAD3" + tenancy_ocid = "${var.compartment_ocid}" + etcd_docker_max_log_size = "${var.etcd_docker_max_log_size}" + etcd_docker_max_log_files = "${var.etcd_docker_max_log_files}" + etcd_iscsi_volume_create = "${var.etcd_iscsi_volume_create}" + etcd_iscsi_volume_size = "${var.etcd_iscsi_volume_size}" + assign_private_ip = "${var.etcd_maintain_private_ip == "true" ? "true": "false"}" +} + +module "instances-k8smaster-ad1" { + source = "./instances/k8smaster" + count = "${var.k8sMasterAd1Count}" + api_server_cert_pem = "${module.k8s-tls.api_server_cert_pem}" + api_server_count = "${var.k8sMasterAd1Count + var.k8sMasterAd2Count + var.k8sMasterAd3Count}" + api_server_private_key_pem = "${module.k8s-tls.api_server_private_key_pem}" + availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[0],"name")}" + k8s_apiserver_token_admin = "${module.k8s-tls.api_server_admin_token}" + compartment_ocid = "${var.compartment_ocid}" + control_plane_subnet_access = "${var.control_plane_subnet_access}" + display_name_prefix = "k8s-master-ad1" + docker_ver = "${var.docker_ver}" + master_docker_max_log_size = "${var.master_docker_max_log_size}" + master_docker_max_log_files = "${var.master_docker_max_log_files}" + domain_name = "${var.domain_name}" + etcd_discovery_url = "${template_file.etcd_discovery_url.id}" + etcd_ver = "${var.etcd_ver}" + flannel_ver = "${var.flannel_ver}" + hostname_label_prefix = "k8s-master-ad1" + oracle_linux_image_name = "${var.master_ol_image_name}" + k8s_dashboard_ver = "${var.k8s_dashboard_ver}" + k8s_dns_ver = "${var.k8s_dns_ver}" + k8s_ver = "${var.k8s_ver}" + label_prefix = "${var.label_prefix}" + root_ca_pem = "${module.k8s-tls.root_ca_pem}" + root_ca_key = "${module.k8s-tls.root_ca_key}" + shape = "${var.k8sMasterShape}" + ssh_private_key = "${module.k8s-tls.ssh_private_key}" + ssh_public_key_openssh = "${module.k8s-tls.ssh_public_key_openssh}" + network_cidrs = "${var.network_cidrs}" + subnet_id = "${module.vcn.k8smaster_subnet_ad1_id}" + subnet_name = "masterSubnetAD1" + tenancy_ocid = "${var.compartment_ocid}" + cloud_controller_version = "${var.cloud_controller_version}" + cloud_controller_secret = "${module.oci-cloud-controller.cloud-provider-json}" + flexvolume_driver_version = "${var.flexvolume_driver_version}" + flexvolume_driver_secret = "${module.oci-flexvolume-driver.flex-volume-driver-yaml}" + volume_provisioner_version = "${var.volume_provisioner_version}" + volume_provisioner_secret = "${module.oci-volume-provisioner.volume-provisioner-yaml}" + assign_private_ip = "${var.master_maintain_private_ip}" + etcd_endpoints = "${local.etcd_endpoints}" + flannel_backend = "${var.flannel_backend}" + flannel_network_cidr = "${var.flannel_network_cidr}" + kubernetes_network_plugin = "${var.kubernetes_network_plugin}" +} + +module "instances-k8smaster-ad2" { + source = "./instances/k8smaster" + count = "${var.k8sMasterAd2Count}" + api_server_cert_pem = "${module.k8s-tls.api_server_cert_pem}" + api_server_count = "${var.k8sMasterAd1Count + var.k8sMasterAd2Count + var.k8sMasterAd3Count}" + api_server_private_key_pem = "${module.k8s-tls.api_server_private_key_pem}" + availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[1],"name")}" + k8s_apiserver_token_admin = "${module.k8s-tls.api_server_admin_token}" + compartment_ocid = "${var.compartment_ocid}" + control_plane_subnet_access = "${var.control_plane_subnet_access}" + display_name_prefix = "k8s-master-ad2" + docker_ver = "${var.docker_ver}" + master_docker_max_log_size = "${var.master_docker_max_log_size}" + master_docker_max_log_files = "${var.master_docker_max_log_files}" + domain_name = "${var.domain_name}" + etcd_discovery_url = "${template_file.etcd_discovery_url.id}" + etcd_ver = "${var.etcd_ver}" + flannel_ver = "${var.flannel_ver}" + hostname_label_prefix = "k8s-master-ad2" + oracle_linux_image_name = "${var.master_ol_image_name}" + k8s_dashboard_ver = "${var.k8s_dashboard_ver}" + k8s_dns_ver = "${var.k8s_dns_ver}" + k8s_ver = "${var.k8s_ver}" + label_prefix = "${var.label_prefix}" + root_ca_pem = "${module.k8s-tls.root_ca_pem}" + root_ca_key = "${module.k8s-tls.root_ca_key}" + shape = "${var.k8sMasterShape}" + ssh_private_key = "${module.k8s-tls.ssh_private_key}" + ssh_public_key_openssh = "${module.k8s-tls.ssh_public_key_openssh}" + network_cidrs = "${var.network_cidrs}" + subnet_id = "${module.vcn.k8smaster_subnet_ad2_id}" + subnet_name = "masterSubnetAD2" + tenancy_ocid = "${var.compartment_ocid}" + cloud_controller_version = "${var.cloud_controller_version}" + cloud_controller_secret = "${module.oci-cloud-controller.cloud-provider-json}" + flexvolume_driver_version = "${var.flexvolume_driver_version}" + flexvolume_driver_secret = "${module.oci-flexvolume-driver.flex-volume-driver-yaml}" + volume_provisioner_version = "${var.volume_provisioner_version}" + volume_provisioner_secret = "${module.oci-volume-provisioner.volume-provisioner-yaml}" + assign_private_ip = "${var.master_maintain_private_ip}" + etcd_endpoints = "${local.etcd_endpoints}" + flannel_backend = "${var.flannel_backend}" + flannel_network_cidr = "${var.flannel_network_cidr}" + kubernetes_network_plugin = "${var.kubernetes_network_plugin}" +} + +module "instances-k8smaster-ad3" { + source = "./instances/k8smaster" + count = "${var.k8sMasterAd3Count}" + api_server_cert_pem = "${module.k8s-tls.api_server_cert_pem}" + api_server_count = "${var.k8sMasterAd1Count + var.k8sMasterAd2Count + var.k8sMasterAd3Count}" + api_server_private_key_pem = "${module.k8s-tls.api_server_private_key_pem}" + availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[2],"name")}" + k8s_apiserver_token_admin = "${module.k8s-tls.api_server_admin_token}" + compartment_ocid = "${var.compartment_ocid}" + control_plane_subnet_access = "${var.control_plane_subnet_access}" + display_name_prefix = "k8s-master-ad3" + docker_ver = "${var.docker_ver}" + master_docker_max_log_size = "${var.master_docker_max_log_size}" + master_docker_max_log_files = "${var.master_docker_max_log_files}" + domain_name = "${var.domain_name}" + etcd_discovery_url = "${template_file.etcd_discovery_url.id}" + etcd_ver = "${var.etcd_ver}" + flannel_ver = "${var.flannel_ver}" + hostname_label_prefix = "k8s-master-ad3" + oracle_linux_image_name = "${var.master_ol_image_name}" + k8s_dashboard_ver = "${var.k8s_dashboard_ver}" + k8s_dns_ver = "${var.k8s_dns_ver}" + k8s_ver = "${var.k8s_ver}" + label_prefix = "${var.label_prefix}" + root_ca_pem = "${module.k8s-tls.root_ca_pem}" + root_ca_key = "${module.k8s-tls.root_ca_key}" + shape = "${var.k8sMasterShape}" + ssh_private_key = "${module.k8s-tls.ssh_private_key}" + ssh_public_key_openssh = "${module.k8s-tls.ssh_public_key_openssh}" + network_cidrs = "${var.network_cidrs}" + subnet_id = "${module.vcn.k8smaster_subnet_ad3_id}" + subnet_name = "masterSubnetAD3" + tenancy_ocid = "${var.compartment_ocid}" + cloud_controller_version = "${var.cloud_controller_version}" + cloud_controller_secret = "${module.oci-cloud-controller.cloud-provider-json}" + flexvolume_driver_version = "${var.flexvolume_driver_version}" + flexvolume_driver_secret = "${module.oci-flexvolume-driver.flex-volume-driver-yaml}" + volume_provisioner_version = "${var.volume_provisioner_version}" + volume_provisioner_secret = "${module.oci-volume-provisioner.volume-provisioner-yaml}" + assign_private_ip = "${var.master_maintain_private_ip}" + etcd_endpoints = "${local.etcd_endpoints}" + flannel_backend = "${var.flannel_backend}" + flannel_network_cidr = "${var.flannel_network_cidr}" + kubernetes_network_plugin = "${var.kubernetes_network_plugin}" +} + +module "instances-k8sworker-ad1" { + source = "./instances/k8sworker" + count = "${var.k8sWorkerAd1Count}" + api_server_cert_pem = "${module.k8s-tls.api_server_cert_pem}" + api_server_private_key_pem = "${module.k8s-tls.api_server_private_key_pem}" + availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[0],"name")}" + compartment_ocid = "${var.compartment_ocid}" + display_name_prefix = "k8s-worker-ad1" + docker_ver = "${var.docker_ver}" + worker_docker_max_log_size = "${var.worker_docker_max_log_size}" + worker_docker_max_log_files = "${var.worker_docker_max_log_files}" + domain_name = "${var.domain_name}" + hostname_label_prefix = "k8s-worker-ad1" + oracle_linux_image_name = "${var.worker_ol_image_name}" + k8s_ver = "${var.k8s_ver}" + label_prefix = "${var.label_prefix}" + master_lb = "${local.master_lb_address}" + reverse_proxy_clount_init = "${local.reverse_proxy_clount_init}" + reverse_proxy_setup = "${local.reverse_proxy_setup}" + region = "${var.region}" + root_ca_key = "${module.k8s-tls.root_ca_key}" + root_ca_pem = "${module.k8s-tls.root_ca_pem}" + shape = "${var.k8sWorkerShape}" + ssh_private_key = "${module.k8s-tls.ssh_private_key}" + ssh_public_key_openssh = "${module.k8s-tls.ssh_public_key_openssh}" + subnet_id = "${module.vcn.k8worker_subnet_ad1_id}" + tenancy_ocid = "${var.compartment_ocid}" + flexvolume_driver_version = "${var.flexvolume_driver_version}" + worker_iscsi_volume_create = "${var.worker_iscsi_volume_create}" + worker_iscsi_volume_size = "${var.worker_iscsi_volume_size}" + worker_iscsi_volume_mount = "${var.worker_iscsi_volume_mount}" + flannel_network_cidr = "${var.flannel_network_cidr}" +} + +module "instances-k8sworker-ad2" { + source = "./instances/k8sworker" + count = "${var.k8sWorkerAd2Count}" + api_server_cert_pem = "${module.k8s-tls.api_server_cert_pem}" + api_server_private_key_pem = "${module.k8s-tls.api_server_private_key_pem}" + availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[1],"name")}" + compartment_ocid = "${var.compartment_ocid}" + display_name_prefix = "k8s-worker-ad2" + docker_ver = "${var.docker_ver}" + worker_docker_max_log_size = "${var.worker_docker_max_log_size}" + worker_docker_max_log_files = "${var.worker_docker_max_log_files}" + domain_name = "${var.domain_name}" + hostname_label_prefix = "k8s-worker-ad2" + oracle_linux_image_name = "${var.worker_ol_image_name}" + k8s_ver = "${var.k8s_ver}" + label_prefix = "${var.label_prefix}" + master_lb = "${local.master_lb_address}" + reverse_proxy_clount_init = "${local.reverse_proxy_clount_init}" + reverse_proxy_setup = "${local.reverse_proxy_setup}" + region = "${var.region}" + root_ca_key = "${module.k8s-tls.root_ca_key}" + root_ca_pem = "${module.k8s-tls.root_ca_pem}" + shape = "${var.k8sWorkerShape}" + ssh_private_key = "${module.k8s-tls.ssh_private_key}" + ssh_public_key_openssh = "${module.k8s-tls.ssh_public_key_openssh}" + subnet_id = "${module.vcn.k8worker_subnet_ad2_id}" + tenancy_ocid = "${var.compartment_ocid}" + flexvolume_driver_version = "${var.flexvolume_driver_version}" + worker_iscsi_volume_create = "${var.worker_iscsi_volume_create}" + worker_iscsi_volume_size = "${var.worker_iscsi_volume_size}" + worker_iscsi_volume_mount = "${var.worker_iscsi_volume_mount}" + flannel_network_cidr = "${var.flannel_network_cidr}" +} + +module "instances-k8sworker-ad3" { + source = "./instances/k8sworker" + count = "${var.k8sWorkerAd3Count}" + api_server_cert_pem = "${module.k8s-tls.api_server_cert_pem}" + api_server_private_key_pem = "${module.k8s-tls.api_server_private_key_pem}" + availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[2],"name")}" + compartment_ocid = "${var.compartment_ocid}" + display_name_prefix = "k8s-worker-ad3" + docker_ver = "${var.docker_ver}" + worker_docker_max_log_size = "${var.worker_docker_max_log_size}" + worker_docker_max_log_files = "${var.worker_docker_max_log_files}" + domain_name = "${var.domain_name}" + hostname_label_prefix = "k8s-worker-ad3" + oracle_linux_image_name = "${var.worker_ol_image_name}" + k8s_ver = "${var.k8s_ver}" + label_prefix = "${var.label_prefix}" + master_lb = "${local.master_lb_address}" + reverse_proxy_clount_init = "${local.reverse_proxy_clount_init}" + reverse_proxy_setup = "${local.reverse_proxy_setup}" + region = "${var.region}" + root_ca_key = "${module.k8s-tls.root_ca_key}" + root_ca_pem = "${module.k8s-tls.root_ca_pem}" + shape = "${var.k8sWorkerShape}" + ssh_private_key = "${module.k8s-tls.ssh_private_key}" + ssh_public_key_openssh = "${module.k8s-tls.ssh_public_key_openssh}" + subnet_id = "${module.vcn.k8worker_subnet_ad3_id}" + tenancy_ocid = "${var.compartment_ocid}" + flexvolume_driver_version = "${var.flexvolume_driver_version}" + worker_iscsi_volume_create = "${var.worker_iscsi_volume_create}" + worker_iscsi_volume_size = "${var.worker_iscsi_volume_size}" + worker_iscsi_volume_mount = "${var.worker_iscsi_volume_mount}" + flannel_network_cidr = "${var.flannel_network_cidr}" +} + +### Load Balancers + +module "etcd-lb" { + source = "./network/loadbalancers/etcd" + etcd_lb_enabled = "${var.etcd_lb_enabled}" + compartment_ocid = "${var.compartment_ocid}" + is_private = "${var.etcd_lb_access == "private" ? "true": "false"}" + + # Handle case where var.etcd_lb_access=public, but var.control_plane_subnet_access=private + etcd_subnet_0_id = "${var.etcd_lb_access == "private" ? module.vcn.etcd_subnet_ad1_id: coalesce(join(" ", module.vcn.public_subnet_ad1_id), join(" ", list(module.vcn.etcd_subnet_ad1_id)))}" + etcd_subnet_1_id = "${var.etcd_lb_access == "private" ? "": coalesce(join(" ", module.vcn.public_subnet_ad2_id), join(" ", list(module.vcn.etcd_subnet_ad2_id)))}" + etcd_ad1_private_ips = "${module.instances-etcd-ad1.private_ips}" + etcd_ad2_private_ips = "${module.instances-etcd-ad2.private_ips}" + etcd_ad3_private_ips = "${module.instances-etcd-ad3.private_ips}" + etcdAd1Count = "${var.etcdAd1Count}" + etcdAd2Count = "${var.etcdAd2Count}" + etcdAd3Count = "${var.etcdAd3Count}" + label_prefix = "${var.label_prefix}" + shape = "${var.etcdLBShape}" +} + +module "k8smaster-public-lb" { + source = "./network/loadbalancers/k8smaster" + master_oci_lb_enabled = "${var.master_oci_lb_enabled}" + compartment_ocid = "${var.compartment_ocid}" + is_private = "${var.k8s_master_lb_access == "private" ? "true": "false"}" + + # Handle case where var.k8s_master_lb_access=public, but var.control_plane_subnet_access=private + k8smaster_subnet_0_id = "${var.k8s_master_lb_access == "private" ? module.vcn.k8smaster_subnet_ad1_id: coalesce(join(" ", module.vcn.public_subnet_ad1_id), join(" ", list(module.vcn.k8smaster_subnet_ad1_id)))}" + k8smaster_subnet_1_id = "${var.k8s_master_lb_access == "private" ? "": coalesce(join(" ", module.vcn.public_subnet_ad2_id), join(" ", list(module.vcn.k8smaster_subnet_ad2_id)))}" + k8smaster_ad1_private_ips = "${module.instances-k8smaster-ad1.private_ips}" + k8smaster_ad2_private_ips = "${module.instances-k8smaster-ad2.private_ips}" + k8smaster_ad3_private_ips = "${module.instances-k8smaster-ad3.private_ips}" + k8sMasterAd1Count = "${var.k8sMasterAd1Count}" + k8sMasterAd2Count = "${var.k8sMasterAd2Count}" + k8sMasterAd3Count = "${var.k8sMasterAd3Count}" + label_prefix = "${var.label_prefix}" + shape = "${var.k8sMasterLBShape}" +} + +module "reverse-proxy" { + source = "./network/loadbalancers/reverse-proxy" + hosts = "${concat(module.instances-k8smaster-ad1.private_ips,module.instances-k8smaster-ad2.private_ips, module.instances-k8smaster-ad3.private_ips)}" +} + +module "kubeconfig" { + source = "./kubernetes/kubeconfig" + api_server_private_key_pem = "${module.k8s-tls.api_server_private_key_pem}" + api_server_cert_pem = "${module.k8s-tls.api_server_cert_pem}" + k8s_master = "${var.master_oci_lb_enabled == "true" ? local.master_lb_address : format("https://%s:%s", element(coalescelist(module.instances-k8smaster-ad1.public_ips, module.instances-k8smaster-ad2.public_ips, module.instances-k8smaster-ad3.public_ips), 0), "443")}" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%kubernetes%kubeconfig%kubeconfig.tf b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%kubernetes%kubeconfig%kubeconfig.tf new file mode 100644 index 0000000..58abb16 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-kubernetes-installer%kubernetes%kubeconfig%kubeconfig.tf @@ -0,0 +1,22 @@ +data "template_file" "kubeconfig" { + template = <> ~/.bashrc", + "sudo mkdir /mnt/bosh", + "sudo chown -R ubuntu:ubuntu /mnt/bosh", + "sudo ln -s /mnt/bosh /home/ubuntu/bosh", + "echo '/dev/sdb /mnt/bosh ext4 defaults,noatime,_netdev 0 2' | sudo tee --append /etc/fstab > /dev/null", + "chmod +x ~/install_deps.sh", + "sudo mount -a"] + } +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-oci-cf-install%datasources.tf b/example/real_world_stuff/oracle/oracle%terraform-oci-cf-install%datasources.tf new file mode 100644 index 0000000..3ddd26a --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-oci-cf-install%datasources.tf @@ -0,0 +1,16 @@ +# Gets a list of Availability Domains +data "oci_identity_availability_domains" "ADs" { + compartment_id = "${var.oci_tenancy_ocid}" +} + +# Gets a list of vNIC attachments on the instance +data "oci_core_vnic_attachments" "InstanceVnics" { + compartment_id = "${oci_identity_compartment.bosh_compartment.id}" + availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[var.bastion_ad - 1], "name")}" + instance_id = "${oci_core_instance.bosh_cli.id}" +} + +# Gets the OCID of the first (default) vNIC +data "oci_core_vnic" "InstanceVnic" { + vnic_id = "${lookup(data.oci_core_vnic_attachments.InstanceVnics.vnic_attachments[0], "vnic_id")}" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-oci-cf-install%identity.tf b/example/real_world_stuff/oracle/oracle%terraform-oci-cf-install%identity.tf new file mode 100644 index 0000000..7293e69 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-oci-cf-install%identity.tf @@ -0,0 +1,38 @@ +resource "oci_identity_compartment" "bosh_compartment" { + name = "${var.bosh_compartment_name}" + description = "${var.bosh_compartment_name}" +} + +resource "oci_identity_group" "bosh_group" { + name = "${var.bosh_group_name}" + description = "${var.bosh_group_name}" +} + +resource "oci_identity_user" "bosh_user" { + name = "${var.bosh_user_name}" + description = "${var.bosh_user_name}" +} + +resource "oci_identity_user_group_membership" "bosh_user_group_membership" { + compartment_id = "${oci_identity_compartment.bosh_compartment.id}" + user_id = "${oci_identity_user.bosh_user.id}" + group_id = "${oci_identity_group.bosh_group.id}" +} + +resource "oci_identity_api_key" "bosh_api_key" { + user_id = "${oci_identity_user.bosh_user.id}" + key_value = "${file(var.bosh_api_public_key)}" +} + +resource "oci_identity_policy" "bosh_policy" { + compartment_id = "${var.oci_tenancy_ocid}" + name = "${oci_identity_group.bosh_group.name}-policy" + description = "bosh policies" + statements = [ + "allow group ${oci_identity_group.bosh_group.name} to manage instance-family in tenancy", + "allow group ${oci_identity_group.bosh_group.name} to manage volume-family in tenancy", + "allow group ${oci_identity_group.bosh_group.name} to manage object-family in tenancy", + "allow group ${oci_identity_group.bosh_group.name} to manage virtual-network-family in tenancy", + "allow group ${oci_identity_group.bosh_group.name} to manage load-balancers in tenancy" + ] +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-oci-cf-install%network.tf b/example/real_world_stuff/oracle/oracle%terraform-oci-cf-install%network.tf new file mode 100644 index 0000000..0f262b4 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-oci-cf-install%network.tf @@ -0,0 +1,398 @@ +resource "oci_core_virtual_network" "cloudfoundry_vcn" { + cidr_block = "${var.vpc_cidr}" + compartment_id = "${oci_identity_compartment.bosh_compartment.id}" + display_name = "cloudfoundry_vcn" + dns_label = "cfvcn" +} + +resource "oci_core_internet_gateway" "cloudfoundry_ig" { + compartment_id = "${oci_identity_compartment.bosh_compartment.id}" + display_name = "cloudfoundry_ig" + vcn_id = "${oci_core_virtual_network.cloudfoundry_vcn.id}" +} + +resource "oci_core_route_table" "cloudfoundry_route_table" { + compartment_id = "${oci_identity_compartment.bosh_compartment.id}" + vcn_id = "${oci_core_virtual_network.cloudfoundry_vcn.id}" + display_name = "cloudfoundry_route_table" + route_rules { + cidr_block = "0.0.0.0/0" + network_entity_id = "${oci_core_internet_gateway.cloudfoundry_ig.id}" + } +} + +resource "oci_core_security_list" "public_subnet" { + compartment_id = "${oci_identity_compartment.bosh_compartment.id}" + display_name = "public_all" + vcn_id = "${oci_core_virtual_network.cloudfoundry_vcn.id}" + egress_security_rules = [{ + destination = "0.0.0.0/0" + protocol = "all" + }] + ingress_security_rules = [{ + tcp_options = { + "max" = 80 + "min" = 80 + } + protocol = "6" + source = "0.0.0.0/0" + }, + { + tcp_options = { + "max" = 443 + "min" = 443 + } + protocol = "6" + source = "0.0.0.0/0" + }, + { + tcp_options = { + "max" = 4443 + "min" = 4443 + } + protocol = "6" + source = "0.0.0.0/0" + }, + { + protocol = "6" + source = "${var.vpc_cidr}" + }, + { + tcp_options = { + "max" = 2222 + "min" = 2222 + } + protocol = "6" + source = "0.0.0.0/0" + }] +} + +resource "oci_core_security_list" "bastion_subnet" { + compartment_id = "${oci_identity_compartment.bosh_compartment.id}" + display_name = "bastion_all" + vcn_id = "${oci_core_virtual_network.cloudfoundry_vcn.id}" + egress_security_rules = [{ + protocol = "all" + destination = "0.0.0.0/0" + }] + ingress_security_rules = [{ + tcp_options = { + "max" = 22 + "min" = 22 + } + protocol = "6" + source = "0.0.0.0/0" + }, + { + protocol = "6" + source = "${var.vpc_cidr}" + }, + { + tcp_options = { + "max" = 6901 + "min" = 6901 + } + protocol = "6" + source = "${var.director_subnet_ad1_cidr}" + }, + { + protocol = "1" + source = "${var.vpc_cidr}" + }] +} + +resource "oci_core_security_list" "director_subnet" { + compartment_id = "${oci_identity_compartment.bosh_compartment.id}" + display_name = "director_all" + vcn_id = "${oci_core_virtual_network.cloudfoundry_vcn.id}" + egress_security_rules = [{ + protocol = "all" + destination = "0.0.0.0/0" + }] + ingress_security_rules = [{ + protocol = "6" + source = "${var.director_subnet_ad1_cidr}" + }, + { + protocol = "1" + source = "${var.vpc_cidr}" + }, + { + tcp_options = { + "max" = 22 + "min" = 22 + } + protocol = "6" + source = "${var.bastion_subnet_ad1_cidr}" + }, + { + tcp_options = { + "max" = 4222 + "min" = 4222 + } + protocol = "6" + source = "${var.vpc_cidr}" + }, + { + tcp_options = { + "max" = 6868 + "min" = 6868 + } + protocol = "6" + source = "${var.vpc_cidr}" + }, + { + tcp_options = { + "max" = 8443 + "min" = 8443 + } + protocol = "6" + source = "${var.vpc_cidr}" + }, + { + tcp_options = { + "max" = 25250 + "min" = 25250 + } + protocol = "6" + source = "${var.vpc_cidr}" + }, + { + tcp_options = { + "max" = 25555 + "min" = 25555 + } + protocol = "6" + source = "${var.vpc_cidr}" + }, + { + tcp_options = { + "max" = 25777 + "min" = 25777 + } + protocol = "6" + source = "${var.vpc_cidr}" + }] +} + +resource "oci_core_security_list" "private_subnet" { + compartment_id = "${oci_identity_compartment.bosh_compartment.id}" + display_name = "private_all" + vcn_id = "${oci_core_virtual_network.cloudfoundry_vcn.id}" + egress_security_rules = [{ + protocol = "all" + destination = "0.0.0.0/0" + }] + + ingress_security_rules = [{ + protocol = "1" + source = "${var.vpc_cidr}" + }, + { + protocol = "all" + source = "${var.private_subnet_ad1_cidr}" + }, + { + protocol = "all" + source = "${var.private_subnet_ad2_cidr}" + }, + { + protocol = "all" + source = "${var.private_subnet_ad3_cidr}" + }, + { + tcp_options = { + "max" = 22 + "min" = 22 + } + protocol = "6" + source = "${var.bastion_subnet_ad1_cidr}" + }, + { + tcp_options = { + "max" = 22 + "min" = 22 + } + protocol = "6" + source = "${var.director_subnet_ad1_cidr}" + }, + { + tcp_options = { + "max" = 6868 + "min" = 6868 + } + protocol = "6" + source = "${var.director_subnet_ad1_cidr}" + }, + { + tcp_options = { + "max" = 80 + "min" = 80 + } + protocol = "6" + source = "${var.public_subnet_ad1_cidr}" + }, + { + tcp_options = { + "max" = 443 + "min" = 443 + } + protocol = "6" + source = "${var.public_subnet_ad1_cidr}" + }, + { + tcp_options = { + "max" = 2222 + "min" = 2222 + } + protocol = "6" + source = "${var.public_subnet_ad1_cidr}" + }, + { + tcp_options = { + "max" = 4443 + "min" = 4443 + } + protocol = "6" + source = "${var.public_subnet_ad1_cidr}" + }, + { + tcp_options = { + "max" = 8080 + "min" = 8080 + } + protocol = "6" + source = "${var.public_subnet_ad1_cidr}" + }, + { + tcp_options = { + "max" = 80 + "min" = 80 + } + protocol = "6" + source = "${var.public_subnet_ad2_cidr}" + }, + { + tcp_options = { + "max" = 443 + "min" = 443 + } + protocol = "6" + source = "${var.public_subnet_ad2_cidr}" + }, + { + tcp_options = { + "max" = 2222 + "min" = 2222 + } + protocol = "6" + source = "${var.public_subnet_ad2_cidr}" + }, + { + tcp_options = { + "max" = 4443 + "min" = 4443 + } + protocol = "6" + source = "${var.public_subnet_ad2_cidr}" + }, + { + tcp_options = { + "max" = 8080 + "min" = 8080 + } + protocol = "6" + source = "${var.public_subnet_ad2_cidr}" + }] +} + +resource "oci_core_subnet" "public_subnet_ad1" { + availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[0], "name")}" + cidr_block = "${var.public_subnet_ad1_cidr}" + display_name = "public_subnet_ad1" + dhcp_options_id = "${oci_core_virtual_network.cloudfoundry_vcn.default_dhcp_options_id}" + dns_label = "cfwebad1" + compartment_id = "${oci_identity_compartment.bosh_compartment.id}" + vcn_id = "${oci_core_virtual_network.cloudfoundry_vcn.id}" + route_table_id = "${oci_core_route_table.cloudfoundry_route_table.id}" + security_list_ids = ["${oci_core_security_list.public_subnet.id}"] + prohibit_public_ip_on_vnic = false +} + +resource "oci_core_subnet" "bastion_subnet_ad1" { + availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[0], "name")}" + cidr_block = "${var.bastion_subnet_ad1_cidr}" + display_name = "bastion_subnet_ad1" + dhcp_options_id = "${oci_core_virtual_network.cloudfoundry_vcn.default_dhcp_options_id}" + dns_label = "cfbstad1" + compartment_id = "${oci_identity_compartment.bosh_compartment.id}" + vcn_id = "${oci_core_virtual_network.cloudfoundry_vcn.id}" + route_table_id = "${oci_core_route_table.cloudfoundry_route_table.id}" + security_list_ids = ["${oci_core_security_list.bastion_subnet.id}"] + prohibit_public_ip_on_vnic = false +} + +resource "oci_core_subnet" "director_subnet_ad1" { + availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[0], "name")}" + cidr_block = "${var.director_subnet_ad1_cidr}" + display_name = "director_subnet_ad1" + dhcp_options_id = "${oci_core_virtual_network.cloudfoundry_vcn.default_dhcp_options_id}" + dns_label = "cfdirad1" + compartment_id = "${oci_identity_compartment.bosh_compartment.id}" + vcn_id = "${oci_core_virtual_network.cloudfoundry_vcn.id}" + route_table_id = "${oci_core_route_table.cloudfoundry_route_table.id}" + security_list_ids = ["${oci_core_security_list.director_subnet.id}"] + prohibit_public_ip_on_vnic = false +} + +resource "oci_core_subnet" "private_subnet_ad1" { + availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[0], "name")}" + cidr_block = "${var.private_subnet_ad1_cidr}" + display_name = "private_subnet_ad1" + dhcp_options_id = "${oci_core_virtual_network.cloudfoundry_vcn.default_dhcp_options_id}" + dns_label = "cfprvad1" + compartment_id = "${oci_identity_compartment.bosh_compartment.id}" + vcn_id = "${oci_core_virtual_network.cloudfoundry_vcn.id}" + route_table_id = "${oci_core_route_table.cloudfoundry_route_table.id}" + security_list_ids = ["${oci_core_security_list.private_subnet.id}"] + prohibit_public_ip_on_vnic = false +} + +resource "oci_core_subnet" "public_subnet_ad2" { + availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[1], "name")}" + cidr_block = "${var.public_subnet_ad2_cidr}" + display_name = "public_subnet_ad2" + dhcp_options_id = "${oci_core_virtual_network.cloudfoundry_vcn.default_dhcp_options_id}" + dns_label = "cfwebad2" + compartment_id = "${oci_identity_compartment.bosh_compartment.id}" + vcn_id = "${oci_core_virtual_network.cloudfoundry_vcn.id}" + route_table_id = "${oci_core_route_table.cloudfoundry_route_table.id}" + security_list_ids = ["${oci_core_security_list.public_subnet.id}"] + prohibit_public_ip_on_vnic = false +} + +resource "oci_core_subnet" "private_subnet_ad2" { + availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[1], "name")}" + cidr_block = "${var.private_subnet_ad2_cidr}" + display_name = "private_subnet_ad2" + dhcp_options_id = "${oci_core_virtual_network.cloudfoundry_vcn.default_dhcp_options_id}" + dns_label = "cfprvad2" + compartment_id = "${oci_identity_compartment.bosh_compartment.id}" + vcn_id = "${oci_core_virtual_network.cloudfoundry_vcn.id}" + route_table_id = "${oci_core_route_table.cloudfoundry_route_table.id}" + security_list_ids = ["${oci_core_security_list.private_subnet.id}"] + prohibit_public_ip_on_vnic = false +} + +resource "oci_core_subnet" "private_subnet_ad3" { + availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[2], "name")}" + cidr_block = "${var.private_subnet_ad3_cidr}" + display_name = "private_subnet_ad3" + dhcp_options_id = "${oci_core_virtual_network.cloudfoundry_vcn.default_dhcp_options_id}" + dns_label = "cfprvad3" + compartment_id = "${oci_identity_compartment.bosh_compartment.id}" + vcn_id = "${oci_core_virtual_network.cloudfoundry_vcn.id}" + route_table_id = "${oci_core_route_table.cloudfoundry_route_table.id}" + security_list_ids = ["${oci_core_security_list.private_subnet.id}"] + prohibit_public_ip_on_vnic = false +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-oci-cf-install%outputs.tf b/example/real_world_stuff/oracle/oracle%terraform-oci-cf-install%outputs.tf new file mode 100644 index 0000000..8487b75 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-oci-cf-install%outputs.tf @@ -0,0 +1,11 @@ +output "CompartmentOCID" { + value = ["${oci_identity_compartment.bosh_compartment.id}"] +} + +output "InstancePrivateIP" { + value = ["${data.oci_core_vnic.InstanceVnic.private_ip_address}"] +} + +output "InstancePublicIP" { + value = ["${data.oci_core_vnic.InstanceVnic.public_ip_address}"] +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-oci-cf-install%providers.tf b/example/real_world_stuff/oracle/oracle%terraform-oci-cf-install%providers.tf new file mode 100644 index 0000000..bdef91c --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-oci-cf-install%providers.tf @@ -0,0 +1,8 @@ +provider "oci" { + version = ">= 3.0.0" + region = "${var.oci_region}" + tenancy_ocid = "${var.oci_tenancy_ocid}" + user_ocid = "${var.oci_user_ocid}" + fingerprint = "${var.oci_fingerprint}" + private_key_path = "${var.oci_private_key_path}" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-oci-cf-install%variables.tf b/example/real_world_stuff/oracle/oracle%terraform-oci-cf-install%variables.tf new file mode 100644 index 0000000..5408e92 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-oci-cf-install%variables.tf @@ -0,0 +1,109 @@ +# Authentication +variable "oci_tenancy_ocid" {} +variable "oci_user_ocid" {} +variable "oci_fingerprint" {} +variable "oci_private_key_path" {} +variable "oci_region" { + default = "us-phoenix-1" +} + +# Identity +variable "bosh_compartment_name" { + default = "bosh" +} +variable "bosh_user_name" { + default = "bosh" +} +variable "bosh_group_name" { + default = "bosh" +} + +variable "bosh_api_public_key" { + default = "./keys/bosh-api-public-key.pem" +} + +variable "bosh_api_private_key" { + default = "./keys/bosh-api-private-key.pem" +} + +variable "bosh_api_fingerprint" { + default = "./keys/bosh-api-fingerprint" +} + +variable "bosh_ssh_public_key" { + default = "./keys/bosh-ssh.pub" +} +variable "bosh_ssh_private_key" { + default = "./keys/bosh-ssh" +} +variable "bosh_ssh_username" { + default = "vcap" +} + +# Networking + +variable "vpc_cidr" { + default = "10.0.0.0/16" +} + +variable "public_subnet_ad1_cidr" { + default = "10.0.1.0/24" +} + +variable "bastion_subnet_ad1_cidr" { + default = "10.0.2.0/24" +} +variable "director_subnet_ad1_cidr" { + default = "10.0.3.0/24" +} + +variable "private_subnet_ad1_cidr" { + default = "10.0.4.0/24" +} + +variable "public_subnet_ad2_cidr" { + default = "10.0.5.0/24" +} + +variable "private_subnet_ad2_cidr" { + default = "10.0.6.0/24" +} + +variable "private_subnet_ad3_cidr" { + default = "10.0.7.0/24" +} + +# Bastion VM + +# Choose an Availability Domain for the Bastion instance. +variable "bastion_ad" { + default = "1" +} + +variable "bastion_image_id" { + default = "ocid1.image.oc1.phx.aaaaaaaaxsufrpzn72dvhry5swbuwnuldcn3eko3cx6g7z4tw4qfwkq2zkra" +} + +variable "bastion_boot_timeout_minutes" { + default = 5 +} + +variable "bastion_instance_shape" { + default = "VM.Standard1.1" +} + +variable "bastion_instance_os" { + default = "Ubuntu" +} + +variable "bastion_instance_os_version" { + default = "16.04" +} + +variable "256GB" { + default = "256" +} + +variable "bastion_bootstrap_file" { + default = "./userdata/bootstrap" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-opc-compute-instance%main.tf b/example/real_world_stuff/oracle/oracle%terraform-opc-compute-instance%main.tf new file mode 100644 index 0000000..cc6bbb0 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-opc-compute-instance%main.tf @@ -0,0 +1,39 @@ +// Copyright © 2017 Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 + +resource "opc_compute_instance" "instance" { + name = "${var.instance_name}" + hostname = "${length(var.instance_hostname) > 0 ? var.instance_hostname : var.instance_name}" + label = "${length(var.instance_label) > 0 ? var.instance_label : var.instance_name}" + shape = "${var.instance_shape}" + instance_attributes = "${var.instance_attributes}" + reverse_dns = "${var.reverse_dns}" + ssh_keys = ["${compact(list(var.ssh_key))}"] + tags = "${var.tags}" + + networking_info { + index = 0 + shared_network = "${var.ip_network == "" ? true : false}" + ip_network = "${var.ip_network}" + nat = ["${compact(list(var.ip_reservation))}"] + dns = "${var.dns}" + search_domains = "${var.search_domains}" + } + + storage { + index = 1 + volume = "${opc_compute_storage_volume.boot-volume.name}" + } + + boot_order = [1] +} + +resource "opc_compute_storage_volume" "boot-volume" { + name = "${var.instance_name}-boot" + description = "${var.instance_name} boot storage volume " + image_list = "${var.boot_volume_image_list}" + image_list_entry = "${var.boot_volume_image_list_entry}" + size = "${var.boot_volume_size}" + bootable = true + tags = "${var.tags}" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-opc-compute-instance%outputs.tf b/example/real_world_stuff/oracle/oracle%terraform-opc-compute-instance%outputs.tf new file mode 100644 index 0000000..ee083d4 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-opc-compute-instance%outputs.tf @@ -0,0 +1,12 @@ +// Copyright © 2017 Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 + +output "instance_id" { + description = "The `opc_compute_instance` id." + value = "${opc_compute_instance.instance.id}" +} + +output "private_ip_address" { + description = "The private IP address of the instance." + value = "${opc_compute_instance.instance.ip_address}" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-opc-compute-instance%variables.tf b/example/real_world_stuff/oracle/oracle%terraform-opc-compute-instance%variables.tf new file mode 100644 index 0000000..0597608 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-opc-compute-instance%variables.tf @@ -0,0 +1,78 @@ +// Copyright © 2017 Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 + +variable boot_volume_image_list { + description = "The Image List to use for the boot volume. Defaults to Oracle Linux 7.2 UEK4." + default = "/oracle/public/OL_7.2_UEKR4_x86_64" +} + +variable boot_volume_image_list_entry { + description = "(Optional) The Image List Entry to use for the boot volume." + default = 1 +} + +variable boot_volume_size { + description = "Size in GB of the boot storage volume. Default is 12GB." + default = 12 +} + +variable instance_name { + description = "Instance name." +} + +variable instance_hostname { + description = "(Optional) Instance hostname. Defaults to the instance name." + default = "" +} + +variable instance_label { + description = "(Optional) Instance label. Defaults to the instance name." + default = "" +} + +variable instance_shape { + description = "Instance shape." +} + +variable instance_attributes { + description = "(Optional) A JSON string of custom attributes." + default = "" +} + +variable reverse_dns { + description = "(Optional) create reverse DNS records." + default = true +} + +variable ip_network { + description = "(Optional) IP Network to attach the instance to. If not set the instance will be connected to the Shared Network." + default = "" +} + +variable ip_reservation { + description = "(Optional) IP Address Reservation. If an `ip_network` is set then this must be a reference to an `opc_compute_ip_address_reservervation`. If no IP Network is set then this must be a `opc_compute_ip_address_reservervation`." + default = "" +} + +variable dns { + type = "list" + description = "(Optional) List of DNS servers." + default = [] +} + +variable search_domains { + type = "list" + description = "(Optional) Search domains." + default = [] +} + +variable ssh_key { + description = "(Optional) SSH Key name." + default = "" +} + +variable tags { + type = "list" + description = "(Optional) list of tags to apply to all resources." + default = [] +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-opc-ip-networks%main.tf b/example/real_world_stuff/oracle/oracle%terraform-opc-ip-networks%main.tf new file mode 100644 index 0000000..3478612 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-opc-ip-networks%main.tf @@ -0,0 +1,16 @@ +// Copyright © 2017 Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 + +resource "opc_compute_ip_network_exchange" "exchange" { + name = "${var.ip_exchange_name}" + tags = "${var.tags}" +} + +resource "opc_compute_ip_network" "network" { + count = "${length(var.subnet_cidrs)}" + name = "${element(var.subnet_names, count.index)}" + ip_address_prefix = "${element(var.subnet_cidrs, count.index)}" + ip_network_exchange = "${opc_compute_ip_network_exchange.exchange.name}" + public_napt_enabled = "${contains(var.public_napt_subnets, element(var.subnet_names, count.index))}" + tags = "${var.tags}" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-opc-ip-networks%outputs.tf b/example/real_world_stuff/oracle/oracle%terraform-opc-ip-networks%outputs.tf new file mode 100644 index 0000000..53ef961 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-opc-ip-networks%outputs.tf @@ -0,0 +1,12 @@ +// Copyright © 2017 Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 + +output "ip_networks" { + description = "Names of the IP Network resources created." + value = "${opc_compute_ip_network.network.*.name}" +} + +output "ip_network_exchange" { + description = "Name of the IP Network Exchange created." + value = "${opc_compute_ip_network_exchange.exchange.name}" +} diff --git a/example/real_world_stuff/oracle/oracle%terraform-opc-ip-networks%variables.tf b/example/real_world_stuff/oracle/oracle%terraform-opc-ip-networks%variables.tf new file mode 100644 index 0000000..c914678 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%terraform-opc-ip-networks%variables.tf @@ -0,0 +1,28 @@ +// Copyright © 2017 Oracle and/or its affiliates. All rights reserved. +// Licensed under the Universal Permissive License v 1.0 + +variable ip_exchange_name { + description = "Name for the IP Network Exchange resource." +} + +variable subnet_cidrs { + type = "list" + description = "List of CIDRs for the IP Network subnets. An separate IP Network resource will be created for each CIDR. Network address ranges must not overlap." +} + +variable subnet_names { + type = "list" + description = "List of names for the IP Networks subnets corresponding to the list of the `subnet_cidrs`." +} + +variable public_napt_subnets { + type = "list" + description = "Names of the IP Network subnets to be enabled for public internet access using NAPT. NAPT is disabled by default." + default = [] +} + +variable tags { + type = "list" + description = "(Optional) List of Tags to apply to all resources created by this module." + default = [] +} diff --git a/example/real_world_stuff/oracle/oracle%weblogic-kubernetes-operator%kubernetes%samples%scripts%terraform%cluster.tf b/example/real_world_stuff/oracle/oracle%weblogic-kubernetes-operator%kubernetes%samples%scripts%terraform%cluster.tf new file mode 100644 index 0000000..93e7bd6 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%weblogic-kubernetes-operator%kubernetes%samples%scripts%terraform%cluster.tf @@ -0,0 +1,62 @@ +/* +# Copyright (c) 2018, 2020, Oracle Corporation and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. +*/ +variable "cluster_kubernetes_version" { default = "v1.11.5" } +variable "cluster_name" { default = "tfTestCluster" } +variable "cluster_options_add_ons_is_kubernetes_dashboard_enabled" { default = true } +variable "cluster_options_add_ons_is_tiller_enabled" { default = true } +variable "cluster_options_kubernetes_network_config_pods_cidr" { default = "10.1.0.0/16" } +variable "cluster_options_kubernetes_network_config_services_cidr" { default = "10.2.0.0/16" } +variable "node_pool_initial_node_labels_key" { default = "key" } +variable "node_pool_initial_node_labels_value" { default = "value" } +variable "node_pool_kubernetes_version" { default = "v1.11.5" } +variable "node_pool_name" { default = "tfTestCluster_workers" } +variable "node_pool_node_image_name" { default = "Oracle-Linux-7.4" } +variable "node_pool_node_shape" { default = "VM.Standard2.1" } +variable "node_pool_quantity_per_subnet" { default = 2 } +variable "node_pool_ssh_public_key" { } + +data "oci_identity_availability_domains" "tfsample_availability_domains" { + compartment_id = "${var.compartment_ocid}" +} + + +resource "oci_containerengine_cluster" "tfsample_cluster" { + #Required + compartment_id = "${var.compartment_ocid}" + kubernetes_version = "${var.cluster_kubernetes_version}" + name = "${var.cluster_name}" + vcn_id = "${oci_core_virtual_network.oke-vcn.id}" + + #Optional + options { + service_lb_subnet_ids = ["${oci_core_subnet.oke-subnet-loadbalancer-1.id}", "${oci_core_subnet.oke-subnet-loadbalancer-2.id}"] + + #Optional + add_ons { + #Optional + is_kubernetes_dashboard_enabled = "${var.cluster_options_add_ons_is_kubernetes_dashboard_enabled}" + is_tiller_enabled = "${var.cluster_options_add_ons_is_tiller_enabled}" + } + } +} + +resource "oci_containerengine_node_pool" "tfsample_node_pool" { + #Required + cluster_id = "${oci_containerengine_cluster.tfsample_cluster.id}" + compartment_id = "${var.compartment_ocid}" + kubernetes_version = "${var.node_pool_kubernetes_version}" + name = "${var.node_pool_name}" + node_image_name = "${var.node_pool_node_image_name}" + node_shape = "${var.node_pool_node_shape}" + subnet_ids = ["${oci_core_subnet.oke-subnet-worker-1.id}", "${oci_core_subnet.oke-subnet-worker-2.id}","${oci_core_subnet.oke-subnet-worker-3.id}"] + + #Optional + quantity_per_subnet = "${var.node_pool_quantity_per_subnet}" + ssh_public_key = "${var.node_pool_ssh_public_key}" +} + +output "cluster_id" { + value = "${oci_containerengine_cluster.tfsample_cluster.id}" +} diff --git a/example/real_world_stuff/oracle/oracle%weblogic-kubernetes-operator%kubernetes%samples%scripts%terraform%kube_config.tf b/example/real_world_stuff/oracle/oracle%weblogic-kubernetes-operator%kubernetes%samples%scripts%terraform%kube_config.tf new file mode 100644 index 0000000..9d73ce5 --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%weblogic-kubernetes-operator%kubernetes%samples%scripts%terraform%kube_config.tf @@ -0,0 +1,17 @@ +/* +# Copyright (c) 2018, 2020, Oracle Corporation and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. +*/ + +variable "cluster_kube_config_expiration" { default = 2592000 } +variable "cluster_kube_config_token_version" { default = "1.0.0" } + +data "oci_containerengine_cluster_kube_config" "tfsample_cluster_kube_config" { + #Required + cluster_id = "${oci_containerengine_cluster.tfsample_cluster.id}" +} + +resource "local_file" "tfsample_cluster_kube_config_file" { + content = "${data.oci_containerengine_cluster_kube_config.tfsample_cluster_kube_config.content}" + filename = "${path.module}/${var.cluster_name}_kubeconfig" +} diff --git a/example/real_world_stuff/oracle/oracle%weblogic-kubernetes-operator%kubernetes%samples%scripts%terraform%provider.tf b/example/real_world_stuff/oracle/oracle%weblogic-kubernetes-operator%kubernetes%samples%scripts%terraform%provider.tf new file mode 100644 index 0000000..774984a --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%weblogic-kubernetes-operator%kubernetes%samples%scripts%terraform%provider.tf @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2018, 2020, Oracle Corporation and/or its affiliates. + * Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + * This example file shows how to configure the oci provider to target the a single region. +*/ + +// These variables would commonly be defined as environment variables or sourced in a .env file +variable "tenancy_ocid" {} +variable "user_ocid" {} +variable "fingerprint" {} +variable "private_key_path" {} +variable "region" { default = "us-phoenix-1" } + +provider "oci" { + version = ">= 3.0.0" + region = "${var.region}" + tenancy_ocid = "${var.tenancy_ocid}" + user_ocid = "${var.user_ocid}" + fingerprint = "${var.fingerprint}" + private_key_path = "${var.private_key_path}" +} diff --git a/example/real_world_stuff/oracle/oracle%weblogic-kubernetes-operator%kubernetes%samples%scripts%terraform%template.tfvars b/example/real_world_stuff/oracle/oracle%weblogic-kubernetes-operator%kubernetes%samples%scripts%terraform%template.tfvars new file mode 100644 index 0000000..7a4fcae --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%weblogic-kubernetes-operator%kubernetes%samples%scripts%terraform%template.tfvars @@ -0,0 +1,46 @@ +# Copyright (c) 2018, 2020, Oracle Corporation and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +# Template to generate TF variables file for cluster creation from property file oci.props +# +# User-specific vars - you can get these easily from the OCI console from your user page +# + +# OCID can be obtained from the user info page in the OCI console +user_ocid="@USEROCID@" +# API key fingerprint and private key location, needed for API access -- you should have added a public API key through the OCI console first +fingerprint="@OCIAPIPUBKEYFINGERPRINT@" +private_key_path="@OCIPRIVATEKEYPATH@" + +# Required tenancy vars +tenancy_ocid="@TENANCYOCID@" +compartment_ocid="@COMPARTMENTOCID@" +compartment_name="@COMPARTMENTNAME@" +region="@REGION@" + +# +# Cluster-specific vars +# + +# VCN CIDR -- must be unique within the compartment in the tenancy +# - assuming 1:1 cluster:vcn +# BE SURE TO SET BOTH VARS -- the first 2 octets for each variable have to match +vcn_cidr_prefix="@VCNCIDRPREFIX@" +vcn_cidr="@VCNCIDR@" + +# Cluster name and k8s version +cluster_kubernetes_version="@OKEK8SVERSION@" +cluster_name="@OKECLUSTERNAME@" + +# Node pool info +node_pool_kubernetes_version="@OKEK8SVERSION@" +node_pool_name="@OKECLUSTERNAME@_workers" +node_pool_node_shape="@NODEPOOLSHAPE@" +node_pool_node_image_name="@NODEPOOLIMAGENAME@" +node_pool_quantity_per_subnet=1 + +# SSH public key, for SSH access to nodes in the cluster +node_pool_ssh_public_key="@NODEPOOLSSHPUBKEY@" + + + diff --git a/example/real_world_stuff/oracle/oracle%weblogic-kubernetes-operator%kubernetes%samples%scripts%terraform%vcn.tf b/example/real_world_stuff/oracle/oracle%weblogic-kubernetes-operator%kubernetes%samples%scripts%terraform%vcn.tf new file mode 100644 index 0000000..619ea1b --- /dev/null +++ b/example/real_world_stuff/oracle/oracle%weblogic-kubernetes-operator%kubernetes%samples%scripts%terraform%vcn.tf @@ -0,0 +1,411 @@ +/* + * Copyright (c) 2018, 2020, Oracle Corporation and/or its affiliates. + * Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. +*/ + +// Compartment in which to create the cluster resources. +variable "compartment_name" {} +variable "compartment_ocid" {} + +variable vcn_cidr_prefix { default = "10.0" } +variable "vcn_cidr" { + default = "10.0.0.0/16" +} + +# ------------------------------------ + +/* + * Create a VCN. + * A DNS label with the name of the cluster is attached to the VCN. + * The creation of the vcn also creates the default route table, security list, and dhcp options. + */ +resource "oci_core_virtual_network" "oke-vcn" { + cidr_block = "${var.vcn_cidr}" + dns_label = "${var.cluster_name}vcn" + compartment_id = "${var.compartment_ocid}" + display_name = "${var.cluster_name}_vcn" +} + +/* + * An internet gateway is created in the relevant compartment attached to the created VCN. + */ +resource "oci_core_internet_gateway" "oke-igateway" { + compartment_id = "${var.compartment_ocid}" + display_name = "${var.cluster_name}-igateway" + vcn_id = "${oci_core_virtual_network.oke-vcn.id}" +} + +/* + * Configures the default route table that was created when the VCN was created. + * The default route is pointed to the internet gateway that was created. + */ + +resource "oci_core_default_route_table" "oke-default-route-table" { + manage_default_resource_id = "${oci_core_virtual_network.oke-vcn.default_route_table_id}" + display_name = "${var.cluster_name}-default-route-table" + + route_rules { + cidr_block = "0.0.0.0/0" + network_entity_id = "${oci_core_internet_gateway.oke-igateway.id}" + } +} + +/* + * Configures the default dhcp options object that was created along with the VCN. + */ +resource "oci_core_default_dhcp_options" "oke-default-dhcp-options" { + manage_default_resource_id = "${oci_core_virtual_network.oke-vcn.default_dhcp_options_id}" + display_name = "${var.cluster_name}-default-dhcp-options" + + # required + options { + type = "DomainNameServer" + server_type = "VcnLocalPlusInternet" + } +} + +/* + * Configures the default security list. + */ +resource "oci_core_default_security_list" "oke-default-security-list" { + manage_default_resource_id = "${oci_core_virtual_network.oke-vcn.default_security_list_id}" + display_name = "${var.cluster_name}-default-security-list" + + // allow outbound tcp traffic on all ports + egress_security_rules { + destination = "0.0.0.0/0" + protocol = "all" + } + + // allow inbound ssh traffic + ingress_security_rules { + protocol = "6" // tcp + source = "0.0.0.0/0" + stateless = false + + tcp_options = { + "min" = 22 + "max" = 22 + } + } + + // allow inbound icmp traffic of a specific type + ingress_security_rules { + protocol = 1 + source = "0.0.0.0/0" + + icmp_options = { + "type" = 3 + "code" = 4 + } + } +} + +/* + * Security list for the worker subnets. + * - Stateless ingress/egress rule-pairs for the worker subnets. this lets traffic between the worker + * nodes flow freely. Stateless rule. + * - Contains a stateful rule to allow traffic to the internet - like for pulling docker images from + * DockerHub + * - Conatins two ingress rules to allow SSH traffic from OCI Cluster service. + */ +resource "oci_core_security_list" "oke-worker-security-list" { + compartment_id = "${var.compartment_ocid}" + display_name = "${var.cluster_name}-Workers-SecList" + vcn_id = "${oci_core_virtual_network.oke-vcn.id}" + + egress_security_rules = [ + { + destination = "0.0.0.0/0" + protocol = "6" // outbound TCP to the internet + stateless = false + }, + { + destination = "${var.vcn_cidr_prefix}.10.0/24" + protocol = "all" + stateless = true + }, + { + destination = "${var.vcn_cidr_prefix}.11.0/24" + protocol = "all" + stateless = true + }, + { + destination = "${var.vcn_cidr_prefix}.12.0/24" + protocol = "all" + stateless = true + }, + ] + + ingress_security_rules = [ + { + # Intra VCN traffic - this lets the 3 subnets in teh 3 ADs tak to each other without restriction. + # These are stateless, so they need to be accompanied by stateless egress rules. + stateless = true + + protocol = "all" + source = "${var.vcn_cidr_prefix}.10.0/24" + }, + { + stateless = true + protocol = "all" + source = "${var.vcn_cidr_prefix}.11.0/24" + }, + { + stateless = true + protocol = "all" + source = "${var.vcn_cidr_prefix}.12.0/24" + }, + { + # ICMP + protocol = 1 + source = "0.0.0.0/0" + + icmp_options = { + "type" = 3 + "code" = 4 + } + }, + { + # OCI Cluster service + protocol = "6" // tcp + source = "130.35.0.0/16" + stateless = false + + tcp_options = { + "min" = 22 + "max" = 22 + } + }, + { + protocol = "6" // tcp + source = "138.1.0.0/17" + stateless = false + + tcp_options = { + "min" = 22 + "max" = 22 + } + }, + # NodePort ingress rules + { + protocol = "6" // tcp + source = "0.0.0.0/0" + stateless = true + + tcp_options = { + "min" = 30000 + "max" = 32767 + } + }, + # SSH Stateful ingress rules + { + protocol = "6" // tcp + source = "0.0.0.0/0" + stateless = false + + tcp_options = { + "min" = 22 + "max" = 22 + } + }, + ] +} + +/* + * Security list for the loadbalancer subnets. + * - Allows all TCP traffic in/out. + */ +resource "oci_core_security_list" "oke-lb-security-list" { + compartment_id = "${var.compartment_ocid}" + display_name = "${var.cluster_name}-LoadBalancers-SecList" + vcn_id = "${oci_core_virtual_network.oke-vcn.id}" + + egress_security_rules = [ + { + destination = "0.0.0.0/0" + protocol = "6" + stateless = true + }, + ] + + ingress_security_rules = [ + { + protocol = "6" + source = "0.0.0.0/0" + stateless = true + }, + ] +} + +/* + * Create the subnets. + * A total of 5 Subnets are created. This is just a basic config. + * + * Worker Subnets + * -------------- + * 3 Subnets are for worker nodes in the node pool. The workers are spreead across 3 availability + * domains, and one subnet is created for each AD to host workers in that AD. + * Obviously worker is a generic term, and assumes that the workload is homogeneous. + * For more realistic topologies, you may need to create additional subnets and security rules to say, + * separate parts of the application or certains components like a DB in to a separate subnet + * with separate security lists. You can for example create subnets to host frontend pods, + * middle tier pods as well as data store pods. You may want to restrict front ends to just have + * access to middle tier, but not DBs. + * + * LB subnets + * ---------- + * These host the LoadBalancers. If the K8s deployment create a service of type Loadbalancer then an + * OCI loadbalancer is provisioned and this is placed in this subnet. The two subnet exists, because + * OCI loadbalancers can provide a flaoting VIP that can move over to the second availability domain + * in case the first one fails for some reason. Typical HA config. + * + */ + +resource "oci_core_subnet" "oke-subnet-worker-1" { + availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[0],"name")}" + cidr_block = "${var.vcn_cidr_prefix}.10.0/24" + display_name = "${var.cluster_name}-WorkerSubnet01" + dns_label = "workers01" + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_virtual_network.oke-vcn.id}" + security_list_ids = ["${oci_core_security_list.oke-worker-security-list.id}"] + route_table_id = "${oci_core_virtual_network.oke-vcn.default_route_table_id}" + dhcp_options_id = "${oci_core_virtual_network.oke-vcn.default_dhcp_options_id}" +} + +resource "oci_core_subnet" "oke-subnet-worker-2" { + availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[1],"name")}" + cidr_block = "${var.vcn_cidr_prefix}.11.0/24" + display_name = "${var.cluster_name}-WorkerSubnet02" + dns_label = "workers02" + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_virtual_network.oke-vcn.id}" + security_list_ids = ["${oci_core_security_list.oke-worker-security-list.id}"] + route_table_id = "${oci_core_virtual_network.oke-vcn.default_route_table_id}" + dhcp_options_id = "${oci_core_virtual_network.oke-vcn.default_dhcp_options_id}" +} + +resource "oci_core_subnet" "oke-subnet-worker-3" { + availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[2],"name")}" + cidr_block = "${var.vcn_cidr_prefix}.12.0/24" + display_name = "${var.cluster_name}-WorkerSubnet03" + dns_label = "workers03" + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_virtual_network.oke-vcn.id}" + security_list_ids = ["${oci_core_security_list.oke-worker-security-list.id}"] + route_table_id = "${oci_core_virtual_network.oke-vcn.default_route_table_id}" + dhcp_options_id = "${oci_core_virtual_network.oke-vcn.default_dhcp_options_id}" +} + +resource "oci_core_subnet" "oke-subnet-loadbalancer-1" { + availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[0],"name")}" + cidr_block = "${var.vcn_cidr_prefix}.20.0/24" + display_name = "${var.cluster_name}-LB-Subnet01" + dns_label = "lb01" + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_virtual_network.oke-vcn.id}" + security_list_ids = ["${oci_core_security_list.oke-lb-security-list.id}"] + route_table_id = "${oci_core_virtual_network.oke-vcn.default_route_table_id}" + dhcp_options_id = "${oci_core_virtual_network.oke-vcn.default_dhcp_options_id}" +} + +resource "oci_core_subnet" "oke-subnet-loadbalancer-2" { + availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[1],"name")}" + cidr_block = "${var.vcn_cidr_prefix}.21.0/24" + display_name = "${var.cluster_name}-LB-Subnet02" + dns_label = "lb02" + compartment_id = "${var.compartment_ocid}" + vcn_id = "${oci_core_virtual_network.oke-vcn.id}" + security_list_ids = ["${oci_core_security_list.oke-lb-security-list.id}"] + route_table_id = "${oci_core_virtual_network.oke-vcn.default_route_table_id}" + dhcp_options_id = "${oci_core_virtual_network.oke-vcn.default_dhcp_options_id}" +} + +/** + * Get the avaialbility domains for this tennancy. + * Using any compartment id in this tennancy should also work just as well. + */ +data "oci_identity_availability_domains" "ADs" { + compartment_id = "${var.tenancy_ocid}" +} + +/* + * Query the compartment we created (or re-used) + */ +data "oci_identity_compartments" "oke-compartment" { + compartment_id = "${var.compartment_ocid}" + + filter { + name = "name" + values = ["${var.compartment_name}"] + } +} + +data "oci_core_virtual_networks" "oke-vcns" { + #Required + compartment_id = "${oci_core_virtual_network.oke-vcn.compartment_id}" + + #Filter + display_name = "${oci_core_virtual_network.oke-vcn.display_name}" +} + +data "oci_core_internet_gateways" "oke-igateways" { + #Required + compartment_id = "${oci_core_internet_gateway.oke-igateway.compartment_id}" + vcn_id = "${oci_core_internet_gateway.oke-igateway.vcn_id}" +} + +data "oci_core_route_tables" "oke_route_tables" { + #Required + compartment_id = "${oci_core_virtual_network.oke-vcn.compartment_id}" + vcn_id = "${oci_core_virtual_network.oke-vcn.id}" +} + +data "oci_core_dhcp_options" "oke_dhcp_options" { + #Required + compartment_id = "${oci_core_virtual_network.oke-vcn.compartment_id}" + vcn_id = "${oci_core_virtual_network.oke-vcn.id}" +} + +data "oci_core_security_lists" "oke_security_lists" { + #Required + compartment_id = "${oci_core_security_list.oke-worker-security-list.compartment_id}" + vcn_id = "${oci_core_security_list.oke-worker-security-list.vcn_id}" +} + +data "oci_core_subnets" "oke_subnets" { + #Required + compartment_id = "${oci_core_subnet.oke-subnet-worker-1.compartment_id}" + vcn_id = "${oci_core_subnet.oke-subnet-worker-1.vcn_id}" +} + +# Print out the VCN objects that were created. + +output "Compartments" { + value = "${data.oci_identity_compartments.oke-compartment.compartments}" +} + +output "VCN" { + value = "${data.oci_core_virtual_networks.oke-vcns.virtual_networks}" +} + +output "InternetGateway" { + value = "${data.oci_core_internet_gateways.oke-igateways.gateways}" +} + +output "RouteTables" { + value = "${data.oci_core_route_tables.oke_route_tables.route_tables}" +} + +output "DHCPOptions" { + value = "${data.oci_core_dhcp_options.oke_dhcp_options.options}" +} + +output "SecurityLists" { + value = "${data.oci_core_security_lists.oke_security_lists.security_lists}" +} + +output "Subnets" { + value = "${data.oci_core_subnets.oke_subnets.subnets}" +} diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_alb%alb%main.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_alb%alb%main.tf new file mode 100644 index 0000000..d0bb81b --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_alb%alb%main.tf @@ -0,0 +1,92 @@ +### ALB resources + +# TODO: +# support not logging + +data "template_file" "bucket_policy" { + template = "${file("${path.module}/bucket_policy.json")}" + + vars { + log_bucket = "${var.log_bucket}" + log_prefix = "${var.log_prefix}" + account_id = "${var.aws_account_id}" + principle_account_id = "${lookup(var.principle_account_id, var.aws_region)}" + } +} + +resource "aws_alb" "main" { + name = "${var.alb_name}" + subnets = ["${var.subnets}"] + security_groups = ["${var.alb_security_groups}"] + internal = "${var.alb_is_internal}" + + access_logs { + bucket = "${var.log_bucket}" + prefix = "${var.log_prefix}" + enabled = "${var.log_bucket != ""}" + } + + tags = "${merge(var.tags, map("Name", format("%s", var.alb_name)))}" +} + +resource "aws_s3_bucket" "log_bucket" { + count = "${var.log_bucket != "" ? 1 : 0}" + bucket = "${var.log_bucket}" + policy = "${data.template_file.bucket_policy.rendered}" + force_destroy = true + + tags = "${merge(var.tags, map("Name", format("%s", var.log_bucket)))}" +} + +resource "aws_alb_target_group" "target_group" { + name = "${var.alb_name}-tg" + port = "${var.backend_port}" + protocol = "${upper(var.backend_protocol)}" + vpc_id = "${var.vpc_id}" + + health_check { + interval = 30 + path = "${var.health_check_path}" + port = "traffic-port" + healthy_threshold = 3 + unhealthy_threshold = 3 + timeout = 5 + protocol = "${var.backend_protocol}" + } + + stickiness { + type = "lb_cookie" + cookie_duration = "${var.cookie_duration}" + enabled = "${ var.cookie_duration == 1 ? false : true}" + } + + tags = "${merge(var.tags, map("Name", format("%s-tg", var.alb_name)))}" +} + +resource "aws_alb_listener" "front_end_http" { + load_balancer_arn = "${aws_alb.main.arn}" + port = "80" + protocol = "HTTP" + + default_action { + target_group_arn = "${aws_alb_target_group.target_group.id}" + type = "forward" + } + + count = "${trimspace(element(split(",", var.alb_protocols), 1)) == "HTTP" || trimspace(element(split(",", var.alb_protocols), 2)) == "HTTP" ? 1 : 0}" +} + +resource "aws_alb_listener" "front_end_https" { + load_balancer_arn = "${aws_alb.main.arn}" + port = "443" + protocol = "HTTPS" + certificate_arn = "${var.certificate_arn}" + ssl_policy = "ELBSecurityPolicy-2015-05" + + default_action { + target_group_arn = "${aws_alb_target_group.target_group.id}" + type = "forward" + } + + count = "${trimspace(element(split(",", var.alb_protocols), 1)) == "HTTPS" || trimspace(element(split(",", var.alb_protocols), 2)) == "HTTPS" ? 1 : 0}" +} diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_alb%alb%outputs.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_alb%alb%outputs.tf new file mode 100644 index 0000000..4ce31b2 --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_alb%alb%outputs.tf @@ -0,0 +1,19 @@ +output "alb_id" { + value = "${aws_alb.main.id}" +} + +output "alb_dns_name" { + value = "${aws_alb.main.dns_name}" +} + +output "alb_zone_id" { + value = "${aws_alb.main.zone_id}" +} + +output "target_group_arn" { + value = "${aws_alb_target_group.target_group.arn}" +} + +output "principle_account_id" { + value = "${lookup(var.principle_account_id, var.aws_region)}" +} diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_alb%alb%variables.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_alb%alb%variables.tf new file mode 100644 index 0000000..797178b --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_alb%alb%variables.tf @@ -0,0 +1,102 @@ +/* +Module variables +*/ + +variable "alb_is_internal" { + description = "Determines if the ALB is internal. Default: false" + default = false +} + +variable "alb_name" { + description = "The name of the ALB as will show in the AWS EC2 ELB console." + default = "my-alb" +} + +variable "alb_protocols" { + description = "A comma delimited list of the protocols the ALB accepts. e.g.: HTTPS" + default = "HTTPS" +} + +variable "alb_security_groups" { + description = "A comma separated string of security groups with which we associate the ALB. e.g. 'sg-edcd9784,sg-edcd9785'" + type = "list" +} + +variable "aws_region" { + description = "AWS region to use." +} + +variable "aws_account_id" { + description = "AWS account ID." +} + +variable "backend_port" { + description = "The port the service on the EC2 instances listen on." + default = 80 +} + +variable "backend_protocol" { + description = "The protocol the backend service speaks. Options: HTTP, HTTPS, TCP, SSL (secure tcp)." + default = "HTTP" +} + +variable "certificate_arn" { + description = "The ARN of the SSL Certificate. e.g. 'arn:aws:iam::123456789012:server-certificate/ProdServerCert'" +} + +variable "cookie_duration" { + description = "If load balancer connection stickiness is desired, set this to the duration that cookie should be valid. If no stickiness is wanted, leave it blank. e.g.: 300" + default = "1" +} + +variable "health_check_path" { + description = "The URL the ELB should use for health checks. e.g. /health" + default = "/" +} + +variable "log_bucket" { + description = "S3 bucket for storing ALB access logs." + default = "" +} + +variable "log_prefix" { + description = "S3 prefix within the log_bucket under which logs are stored." + default = "" +} + +variable "principle_account_id" { + description = "A map of ELB/ALB root account numbers used to set up logging." + + default = { + us-east-1 = "127311923021" + us-east-2 = "033677994240" + us-west-1 = "027434742980" + us-west-2 = "797873946194" + ca-central-1 = "985666609251" + eu-west-1 = "156460612806" + eu-central-1 = "054676820928" + eu-west-2 = "652711504416" + ap-northeast-1 = "582318560864" + ap-northeast-2 = "600734575887" + ap-southeast-1 = "114774131450" + ap-southeast-2 = "783225319266" + ap-south-1 = "718504428378" + sa-east-1 = "507241528517" + us-gov-west-1 = "048591011584" + cn-north-1 = "638102146993" + } +} + +variable "subnets" { + description = "A list of subnets to associate with the ALB. e.g. ['subnet-1a2b3c4d','subnet-1a2b3c4e','subnet-1a2b3c4f']" + type = "list" +} + +variable "vpc_id" { + description = "VPC id where the ALB and other resources will be deployed." +} + +variable "tags" { + description = "A map of tags to add to all resources" + default = {} +} diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_alb%test%fixtures%main.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_alb%test%fixtures%main.tf new file mode 100644 index 0000000..18f2123 --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_alb%test%fixtures%main.tf @@ -0,0 +1,31 @@ +provider "aws" { + region = "${var.aws_region}" +} + +module "vpc" { + source = "github.com/terraform-community-modules/tf_aws_vpc" + name = "my-vpc" + cidr = "10.0.0.0/16" + private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"] + public_subnets = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"] + enable_nat_gateway = "true" + azs = ["us-west-2a", "us-west-2b", "us-west-2c"] +} + +module "sg_https_web" { + source = "github.com/terraform-community-modules/tf_aws_sg//sg_https_only" + security_group_name = "my-sg-https" + vpc_id = "${module.vpc.vpc_id}" +} + +module "alb" { + source = "../../alb/" + alb_security_groups = ["${module.sg_https_web.security_group_id_web}"] + aws_account_id = "${var.aws_account_id}" + aws_region = "${var.aws_region}" + certificate_arn = "${var.certificate_arn}" + log_bucket = "${var.log_bucket}" + log_prefix = "${var.log_prefix}" + subnets = "${module.vpc.public_subnets}" + vpc_id = "${module.vpc.vpc_id}" +} diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_alb%test%fixtures%outputs.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_alb%test%fixtures%outputs.tf new file mode 100644 index 0000000..739a93f --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_alb%test%fixtures%outputs.tf @@ -0,0 +1,11 @@ +/* +Outputs used for tests +*/ + +output "principle_account_id" { + value = "${module.alb.principle_account_id}" +} + +output "vpc_id" { + value = "${module.vpc.vpc_id}" +} diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_alb%test%fixtures%variables.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_alb%test%fixtures%variables.tf new file mode 100644 index 0000000..3297f8a --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_alb%test%fixtures%variables.tf @@ -0,0 +1,11 @@ +variable "aws_account_id" {} + +variable "aws_region" { + default = "us-west-2" +} + +variable "certificate_arn" {} + +variable "log_bucket" {} + +variable "log_prefix" {} diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_asg%main.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_asg%main.tf new file mode 100644 index 0000000..9230ace --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_asg%main.tf @@ -0,0 +1,48 @@ +// +// Module: tf_aws_asg +// + +// This template creates the following resources +// - A launch configuration +// - A auto-scaling group +// - It's meant to be used for ASGs that *don't* +// need an ELB associated with them. + +// Provider specific configs +provider "aws" { + access_key = "${var.aws_access_key}" + secret_key = "${var.aws_secret_key}" + region = "${var.aws_region}" +} + +resource "aws_launch_configuration" "launch_config" { + name = "${var.lc_name}" + image_id = "${var.ami_id}" + instance_type = "${var.instance_type}" + iam_instance_profile = "${var.iam_instance_profile}" + key_name = "${var.key_name}" + security_groups = ["${var.security_group}"] + user_data = "${file(var.user_data)}" +} + +resource "aws_autoscaling_group" "main_asg" { + //We want this to explicitly depend on the launch config above + depends_on = ["aws_launch_configuration.launch_config"] + name = "${var.asg_name}" + + // Split out the AZs string into an array + // The chosen availability zones *must* match + // the AZs the VPC subnets are tied to. + availability_zones = ["${split(",", var.azs)}"] + // Split out the subnets string into an array + vpc_zone_identifier = ["${split(",", var.subnet_azs)}"] + + // Uses the ID from the launch config created above + launch_configuration = "${aws_launch_configuration.launch_config.id}" + + max_size = "${var.asg_number_of_instances}" + min_size = "${var.asg_minimum_number_of_instances}" + desired_capacity = "${var.asg_number_of_instances}" + health_check_grace_period = "${var.health_check_grace_period}" + health_check_type = "${var.health_check_type}" +} diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_asg%outputs.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_asg%outputs.tf new file mode 100644 index 0000000..dee0688 --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_asg%outputs.tf @@ -0,0 +1,13 @@ +// +// Module: tf_aws_asg +// + +// Output the ID of the Launch Config +output "launch_config_id" { + value = "${aws_launch_configuration.launch_config.id}" +} + +// Output the ID of the Launch Config +output "asg_id" { + value = "${aws_autoscaling_group.main_asg.id}" +} diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_asg%variables.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_asg%variables.tf new file mode 100644 index 0000000..861886f --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_asg%variables.tf @@ -0,0 +1,63 @@ +// +// Module: tf_aws_asg +// + +// Module specific variables + +// Launch Configuration Variables + +variable "lc_name" {} +variable "ami_id" {} +variable "instance_type" {} +variable "iam_instance_profile" {} +variable "key_name" {} +variable "security_group" { + description = "The security group the instances to use" +} + +variable "user_data" { + description = "The path to a file with user_data for the instances" +} + +// Auto-Scaling Group +variable "asg_name" {} +variable "asg_number_of_instances" { + description = "The number of instances we want in the ASG" + // We use this to populate the following ASG settings + // - max_size + // - desired_capacity +} + +variable "asg_minimum_number_of_instances" { + description = "The minimum number of instances the ASG should maintain" + default = 1 + // Defaults to 1 + // Can be set to 0 if you never want the ASG to replace failed instances +} + +variable "health_check_grace_period" { + description = "Number of seconds for a health check to time out" + default = 300 +} +variable "health_check_type" { + default = "EC2" + //Types available are: + // - ELB + // - EC2 + // * http://docs.aws.amazon.com/cli/latest/reference/autoscaling/create-auto-scaling-group.html#options +} + +variable "subnet_azs" { + description = "The VPC subnet IDs" + // comma separated list +} + +variable "azs" { + description = "Availability Zones" + // comma separated list +} + +// Variables for providers used in this module +variable "aws_access_key" {} +variable "aws_secret_key" {} +variable "aws_region" {} diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_asg_elb%example%example.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_asg_elb%example%example.tf new file mode 100644 index 0000000..bd062d4 --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_asg_elb%example%example.tf @@ -0,0 +1,29 @@ +module "my_autoscaling_group" { + + source = "../" + + lc_name = "${var.lc_name}" + + ami_id = "${var.ami_id}" + + instance_type = "${var.instance_type}" + + iam_instance_profile = "${var.iam_instance_profile}" + + key_name = "${var.key_name}" + + security_group = "${var.security_group_id}" + + user_data = "${var.user_data_file}" + + asg_name = "${var.asg_name}" + asg_number_of_instances = "${var.asg_number_of_instances}" + asg_minimum_number_of_instances = "${var.asg_minimum_number_of_instances}" + + load_balancer_names = "${var.elb_names}" + + health_check_type = "${var.health_check_type}" + + availability_zones = "${var.availability_zones}" + vpc_zone_subnets = "${var.vpc_zone_subnets}" +} diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_asg_elb%example%vars.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_asg_elb%example%vars.tf new file mode 100644 index 0000000..dce031c --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_asg_elb%example%vars.tf @@ -0,0 +1,43 @@ + +variable "lc_name" { + default = "example_lc" +} +variable "ami_id" { + default = "ami-sadfasd" +} +variable "instance_type" { + default = "m3.medium" +} +variable "iam_instance_profile" { + default = "test_profile" +} +variable "key_name" { + default = "my_keypair_name" +} +variable "security_group_id" { + default = "sg-abcdef" +} +variable "user_data_file" { + default = "user-data.sh" +} +variable "asg_name" { + default = "my-custom-asg" +} +variable "asg_number_of_instances" { + default = 2 +} +variable "asg_minimum_number_of_instances" { + default = 1 +} +variable "elb_names" { + default = "my-elb-name" +} +variable "health_check_type" { + default = "ELB" +} +variable "availability_zones" { + default = "us-west-2a,us-west-2b" +} +variable "vpc_zone_subnets" { + default = "subnet-d2jdfd,subnet-2ell2kd" +} diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_asg_elb%main.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_asg_elb%main.tf new file mode 100644 index 0000000..9952b85 --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_asg_elb%main.tf @@ -0,0 +1,42 @@ +/* + * Module: tf_aws_asg_elb + * + * This template creates the following resources + * - A launch configuration + * - A auto-scaling group + * + * It requires you create an ELB instance before you use it. + */ + +resource "aws_launch_configuration" "launch_config" { + name = "${var.lc_name}" + image_id = "${var.ami_id}" + instance_type = "${var.instance_type}" + iam_instance_profile = "${var.iam_instance_profile}" + key_name = "${var.key_name}" + security_groups = ["${var.security_group}"] + user_data = "${file(var.user_data)}" +} + +resource "aws_autoscaling_group" "main_asg" { + # We want this to explicitly depend on the launch config above + depends_on = ["aws_launch_configuration.launch_config"] + + name = "${var.asg_name}" + + # The chosen availability zones *must* match the AZs the VPC subnets are tied to. + availability_zones = ["${split(",", var.availability_zones)}"] + vpc_zone_identifier = ["${split(",", var.vpc_zone_subnets)}"] + + # Uses the ID from the launch config created above + launch_configuration = "${aws_launch_configuration.launch_config.id}" + + max_size = "${var.asg_number_of_instances}" + min_size = "${var.asg_minimum_number_of_instances}" + desired_capacity = "${var.asg_number_of_instances}" + + health_check_grace_period = "${var.health_check_grace_period}" + health_check_type = "${var.health_check_type}" + + load_balancers = ["${split(",", var.load_balancer_names)}"] +} diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_asg_elb%outputs.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_asg_elb%outputs.tf new file mode 100644 index 0000000..b7bc31c --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_asg_elb%outputs.tf @@ -0,0 +1,17 @@ +/* + * Module: tf_aws_asg_elb + * + * Outputs: + * - launch_config_id + * - asg_id + */ + +# Output the ID of the Launch Config +output "launch_config_id" { + value = "${aws_launch_configuration.launch_config.id}" +} + +# Output the ID of the Launch Config +output "asg_id" { + value = "${aws_autoscaling_group.main_asg.id}" +} diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_asg_elb%variables.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_asg_elb%variables.tf new file mode 100644 index 0000000..c01fbc4 --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_asg_elb%variables.tf @@ -0,0 +1,81 @@ +/* + * Module: tf_aws_asg_elb + */ + +# +# Launch Configuration Variables +# +variable "lc_name" {} +variable "ami_id" { + description = "The AMI to use with the launch configuration" +} +variable "instance_type" {} +variable "iam_instance_profile" { + description = "The IAM role the launched instance will use" +} +variable "key_name" { + description = "The SSH public key name (in EC2 key-pairs) to be injected into instances" +} +variable "security_group" { + description = "ID of SG the launched instance will use" +} +variable "user_data" { + description = "The path to a file with user_data for the instances" +} + +# +# Auto-Scaling Group +# +variable "asg_name" {} + +/* We use this to populate the following ASG settings + * - max_size + * - desired_capacity + */ +variable "asg_number_of_instances" { + description = "The number of instances we want in the ASG" +} + +/* + * Can be set to 0 if you never want the ASG to replace failed instances + */ +variable "asg_minimum_number_of_instances" { + description = "The minimum number of instances the ASG should maintain" + default = 1 +} +variable "health_check_grace_period" { + description = "Number of seconds for a health check to time out" + default = 300 +} +/* + * Types available are: + * - ELB + * - EC2 + * + * @see-also: http://docs.aws.amazon.com/cli/latest/reference/autoscaling/create-auto-scaling-group.html#options + */ +variable "health_check_type" { + description = "The health check used by the ASG to determine health" + default = "ELB" +} + +variable "load_balancer_names" { + description = "A comma seperated list string of ELB names the ASG should associate instances with" +} + +/* + * A string list of AZs, ex: + * "us-east-1a,us-east-1c,us-east-1e" + */ +variable "availability_zones" { + description = "A comma seperated list string of AZs the ASG will be associated with" +} + +/* + * A string list of VPC subnet IDs, ex: + * "subnet-d2t4sad,subnet-434ladkn" + */ +variable "vpc_zone_subnets" { + description = "A comma seperated list string of VPC subnets to associate with ASG, should correspond with var.availability_zones zones" +} + diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_aurora%kms.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_aurora%kms.tf new file mode 100644 index 0000000..fa4e53f --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_aurora%kms.tf @@ -0,0 +1,10 @@ +resource "aws_kms_key" "aurora" { + description = "RDS master key for ${var.name}-${data.aws_vpc.vpc.tags["Name"]}" + deletion_window_in_days = 30 + enable_key_rotation = "true" +} + +resource "aws_kms_alias" "aurora" { + name = "alias/${var.name}-${data.aws_vpc.vpc.tags["Name"]}-rds-key" + target_key_id = "${aws_kms_key.aurora.key_id}" +} diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_aurora%main.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_aurora%main.tf new file mode 100644 index 0000000..991318a --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_aurora%main.tf @@ -0,0 +1,97 @@ +data "aws_vpc" "vpc" { + id = "${var.vpc_id}" +} + +resource "aws_rds_cluster" "aurora" { + cluster_identifier = "tf-${var.name}-${data.aws_vpc.vpc.tags["Name"]}" + availability_zones = ["${var.azs}"] + database_name = "${var.database_name}" + master_username = "${var.master_username}" + master_password = "${var.master_password}" + engine = "${var.engine}" + backup_retention_period = "${var.backup_retention_period}" + preferred_backup_window = "${var.preferred_backup_window}" + vpc_security_group_ids = ["${aws_security_group.aurora_security_group.id}"] + storage_encrypted = "${var.storage_encrypted}" + kms_key_id = "${aws_kms_key.aurora.arn}" + apply_immediately = "${var.apply_immediately}" + db_subnet_group_name = "${aws_db_subnet_group.aurora_subnet_group.id}" + db_cluster_parameter_group_name = "${aws_rds_cluster_parameter_group.aurora_cluster_parameter_group.id}" + final_snapshot_identifier = "final-snapshot-${var.name}-${data.aws_vpc.vpc.tags["Name"]}" # Useful in dev + + #skip_final_snapshot = true # Useful in dev - defaults to false + iam_database_authentication_enabled = "${var.iam_database_authentication_enabled}" + + lifecycle { + prevent_destroy = "true" # https://www.terraform.io/docs/configuration/resources.html#prevent_destroy + } +} + +resource "aws_rds_cluster_instance" "aurora_instance" { + count = "${var.cluster_size}" + identifier = "tf-rds-aurora-${var.name}-${data.aws_vpc.vpc.tags["Name"]}-${count.index}" + engine = "${var.engine}" + cluster_identifier = "${aws_rds_cluster.aurora.id}" + instance_class = "${var.instance_class}" + publicly_accessible = "${var.publicly_accessible}" + db_subnet_group_name = "${aws_db_subnet_group.aurora_subnet_group.id}" + db_parameter_group_name = "${aws_db_parameter_group.aurora_parameter_group.id}" + apply_immediately = "${var.apply_immediately}" + monitoring_role_arn = "${aws_iam_role.aurora_instance_role.arn}" + monitoring_interval = "5" + + tags { + Name = "tf-rds-aurora-${var.name}-${data.aws_vpc.vpc.tags["Name"]}-${count.index}" + } +} + +resource "aws_db_subnet_group" "aurora_subnet_group" { + name = "tf-rds-${var.name}-${data.aws_vpc.vpc.tags["Name"]}" + subnet_ids = ["${var.subnets}"] + + tags { + Name = "tf-rds-${var.name}-${data.aws_vpc.vpc.tags["Name"]}" + } +} + +resource "aws_db_parameter_group" "aurora_parameter_group" { + name = "tf-rds-${var.name}-${data.aws_vpc.vpc.tags["Name"]}" + family = "${var.family}" + description = "Terraform-managed parameter group for ${var.name}-${data.aws_vpc.vpc.tags["Name"]}" + + parameter = ["${var.db_parameters}"] + + tags { + Name = "tf-rds-${var.name}-${data.aws_vpc.vpc.tags["Name"]}" + } +} + +resource "aws_rds_cluster_parameter_group" "aurora_cluster_parameter_group" { + name = "tf-rds-${var.name}-${data.aws_vpc.vpc.tags["Name"]}" + family = "${var.family}" + description = "Terraform-managed cluster parameter group for ${var.name}-${data.aws_vpc.vpc.tags["Name"]}" + + parameter = ["${var.cluster_parameters}"] + + tags { + Name = "tf-rds-${var.name}-${data.aws_vpc.vpc.tags["Name"]}" + } +} + +resource "aws_db_option_group" "aurora_option_group" { + name = "tf-rds-${var.name}-${data.aws_vpc.vpc.tags["Name"]}" + option_group_description = "Terraform-managed option group for ${var.name}-${data.aws_vpc.vpc.tags["Name"]}" + engine_name = "${var.engine}" + major_engine_version = "${var.major_engine_version}" +} + +resource "aws_iam_role" "aurora_instance_role" { + name = "tf-role-rds-${var.name}-${data.aws_vpc.vpc.tags["Name"]}" + assume_role_policy = "${file("${path.module}/files/iam/assume_role_rds_monitoring.json")}" + path = "/tf/${var.env}/${var.name}-${data.aws_vpc.vpc.tags["Name"]}/" # edits? +} + +resource "aws_iam_role_policy_attachment" "aurora_policy_rds_monitoring" { + role = "${aws_iam_role.aurora_instance_role.name}" + policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonRDSEnhancedMonitoringRole" +} diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_aurora%outputs.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_aurora%outputs.tf new file mode 100644 index 0000000..96279a0 --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_aurora%outputs.tf @@ -0,0 +1,15 @@ +output "rds_cluster_id" { + value = "${aws_rds_cluster.aurora.id}" +} + +output "writer_endpoint" { + value = "${aws_rds_cluster.aurora.endpoint}" +} + +output "reader_endpoint" { + value = "${aws_rds_cluster.aurora.reader_endpoint}" +} + +output "security_group_id"{ + value = "${aws_security_group.aurora_security_group.id}" +} diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_aurora%security_group.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_aurora%security_group.tf new file mode 100644 index 0000000..fd2550d --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_aurora%security_group.tf @@ -0,0 +1,28 @@ +resource "aws_security_group" "aurora_security_group" { + name = "tf-sg-rds-${var.name}-${data.aws_vpc.vpc.tags["Name"]}" + description = "Terraform-managed RDS security group for ${var.name}-${data.aws_vpc.vpc.tags["Name"]}" + vpc_id = "${data.aws_vpc.vpc.id}" + + tags { + Name = "tf-sg-rds-${var.name}-${data.aws_vpc.vpc.tags["Name"]}" + } +} + +resource "aws_security_group_rule" "aurora_ingress" { + count = "${length(var.allowed_security_groups)}" + type = "ingress" + from_port = "${var.db_port}" + to_port = "${var.db_port}" + protocol = "tcp" + source_security_group_id = "${element(var.allowed_security_groups, count.index)}" + security_group_id = "${aws_security_group.aurora_security_group.id}" +} + +resource "aws_security_group_rule" "aurora_networks_ingress" { + type = "ingress" + from_port = "${var.db_port}" + to_port = "${var.db_port}" + protocol = "tcp" + cidr_blocks = ["${var.allowed_cidr}"] + security_group_id = "${aws_security_group.aurora_security_group.id}" +} diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_aurora%variables.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_aurora%variables.tf new file mode 100644 index 0000000..d8711c3 --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_aurora%variables.tf @@ -0,0 +1,83 @@ +variable "env" {} + +variable "allowed_cidr" { + type = "list" + default = ["127.0.0.1/32"] + description = "A list of Security Group ID's to allow access to." +} + +variable "allowed_security_groups" { + type = "list" + default = [] + description = "A list of Security Group ID's to allow access to." +} + +variable "azs" { + description = "A list of Availability Zones in the Region" + type = "list" +} + +variable "cluster_size" { + description = "Number of cluster instances to create" +} + +variable "db_port" { + default = 3306 +} + +variable "instance_class" { + description = "Instance class to use when creating RDS cluster" + default = "db.t2.medium" +} + +variable "publicly_accessible" { + description = "Should the instance get a public IP address?" + default = "false" +} + +variable "name" { + description = "Name for the Redis replication group i.e. cmsCommon" +} + +variable "subnets" { + description = "Subnets to use in creating RDS subnet group (must already exist)" + type = "list" +} + +variable "cluster_parameters" { + description = "A list of cluster parameter maps to apply" + type = "list" + default = [] +} + +variable "db_parameters" { + description = "A list of db parameter maps to apply" + type = "list" + default = [] +} + +# see aws_rds_cluster documentation for these variables +variable "database_name" { } +variable "master_username" { } +variable "master_password" { } + +variable "backup_retention_period" { + description = "The days to retain backups for" + default = "30" +} + +variable "preferred_backup_window" { + description = "The daily time range during which automated backups are created" + default = "01:00-03:00" +} +variable "storage_encrypted" { default = true } +variable "apply_immediately" { default = false } +variable "iam_database_authentication_enabled" { default = false } +variable "major_engine_version" { default = "5.6" } +variable "engine" { default = "aurora" } +variable "family" { default = "aurora5.6"} + + +variable "vpc_id" { + description = "VPC ID" +} diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_bastion_s3_keys%main.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_bastion_s3_keys%main.tf new file mode 100644 index 0000000..65c004d --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_bastion_s3_keys%main.tf @@ -0,0 +1,148 @@ +resource "aws_security_group" "bastion" { + name = var.name + vpc_id = var.vpc_id + description = "Bastion security group (only SSH inbound access is allowed)" + + tags = { + Name = var.name + } +} + +resource "aws_security_group_rule" "ssh_ingress" { + type = "ingress" + from_port = "22" + to_port = "22" + protocol = "tcp" + cidr_blocks = var.allowed_cidr + ipv6_cidr_blocks = var.allowed_ipv6_cidr + security_group_id = aws_security_group.bastion.id +} + +resource "aws_security_group_rule" "ssh_sg_ingress" { + count = length(var.allowed_security_groups) + type = "ingress" + from_port = "22" + to_port = "22" + protocol = "tcp" + source_security_group_id = element(var.allowed_security_groups, count.index) + security_group_id = aws_security_group.bastion.id +} + +resource "aws_security_group_rule" "bastion_all_egress" { + type = "egress" + from_port = "0" + to_port = "65535" + protocol = "all" + + cidr_blocks = [ + "0.0.0.0/0", + ] + + ipv6_cidr_blocks = [ + "::/0", + ] + + security_group_id = aws_security_group.bastion.id +} + +data "template_file" "user_data" { + template = file("${path.module}/${var.user_data_file}") + + vars = { + s3_bucket_name = var.s3_bucket_name + s3_bucket_uri = var.s3_bucket_uri + ssh_user = var.ssh_user + keys_update_frequency = var.keys_update_frequency + enable_hourly_cron_updates = var.enable_hourly_cron_updates + additional_user_data_script = var.additional_user_data_script + } +} + +//resource "aws_instance" "bastion" { +// ami = "${var.ami}" +// instance_type = "${var.instance_type}" +// iam_instance_profile = "${var.iam_instance_profile}" +// subnet_id = "${var.subnet_id}" +// vpc_security_group_ids = ["${aws_security_group.bastion.id}"] +// user_data = "${template_file.user_data.rendered}" +// +// count = 1 +// +// tags { +// Name = "${var.name}" +// } +//} + +resource "aws_launch_configuration" "bastion" { + name_prefix = "${var.name}-" + image_id = var.ami + instance_type = var.instance_type + user_data = data.template_file.user_data.rendered + enable_monitoring = var.enable_monitoring + + security_groups = compact( + concat( + [aws_security_group.bastion.id], + split(",", var.security_group_ids), + ), + ) + + root_block_device { + volume_size = var.instance_volume_size_gb + } + + iam_instance_profile = var.iam_instance_profile + associate_public_ip_address = var.associate_public_ip_address + key_name = var.key_name + + lifecycle { + create_before_destroy = true + } +} + +resource "aws_autoscaling_group" "bastion" { + name = var.apply_changes_immediately ? aws_launch_configuration.bastion.name : var.name + + vpc_zone_identifier = var.subnet_ids + + desired_capacity = "1" + min_size = "1" + max_size = "1" + health_check_grace_period = "60" + health_check_type = "EC2" + force_delete = false + wait_for_capacity_timeout = 0 + launch_configuration = aws_launch_configuration.bastion.name + + enabled_metrics = [ + "GroupMinSize", + "GroupMaxSize", + "GroupDesiredCapacity", + "GroupInServiceInstances", + "GroupPendingInstances", + "GroupStandbyInstances", + "GroupTerminatingInstances", + "GroupTotalInstances", + ] + + tags = concat( + [ + { + "key" = "Name" + "value" = var.name + "propagate_at_launch" = true + }, + { + "key" = "EIP" + "value" = var.eip + "propagate_at_launch" = true + }, + ], + var.extra_tags, + ) + + lifecycle { + create_before_destroy = true + } +} + diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_bastion_s3_keys%outputs.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_bastion_s3_keys%outputs.tf new file mode 100644 index 0000000..1b7e867 --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_bastion_s3_keys%outputs.tf @@ -0,0 +1,12 @@ +output "ssh_user" { + value = var.ssh_user +} + +output "security_group_id" { + value = aws_security_group.bastion.id +} + +output "asg_id" { + value = aws_autoscaling_group.bastion.id +} + diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_bastion_s3_keys%samples%ami.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_bastion_s3_keys%samples%ami.tf new file mode 100644 index 0000000..7e3fa51 --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_bastion_s3_keys%samples%ami.tf @@ -0,0 +1,7 @@ +# This is just a sample definition for bastion AMI +module "bastion_ami" { + source = "github.com/terraform-community-modules/tf_aws_ubuntu_ami/ebs" + instance_type = "t2.micro" + region = "eu-west-1" + distribution = "trusty" +} diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_bastion_s3_keys%samples%iam_allow_associateaddress.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_bastion_s3_keys%samples%iam_allow_associateaddress.tf new file mode 100644 index 0000000..016ba51 --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_bastion_s3_keys%samples%iam_allow_associateaddress.tf @@ -0,0 +1,49 @@ +# This is just a sample definition of IAM instance profile which is allowed to read-only from S3, and associate ElasticIP addresses. +resource "aws_iam_instance_profile" "s3_readonly-allow_associateaddress" { + name = "s3_readonly-allow_associateaddress" + role = "${aws_iam_role.s3_readonly-allow_associateaddress.name}" +} + +resource "aws_iam_role" "s3_readonly-allow_associateaddress" { + name = "s3_readonly-allow_associateaddress-role" + path = "/" + + assume_role_policy = < NOTE: The encrypted secret may be decrypted using the command line, for example: terraform output secret | base64 --decode | keybase pgp decrypt. +output "iam_access_encrypted_secret" { + value = "${aws_iam_access_key.k.encrypted_secret}" +} diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_cloudfront%variables.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_cloudfront%variables.tf new file mode 100644 index 0000000..5604915 --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_cloudfront%variables.tf @@ -0,0 +1,81 @@ +variable "name" {} + +variable "certificate_arn" { + description = "Existing certificate arn." +} + +variable "domains" { + type = "list" + default = [] +} + +variable "bucket_name" { + default = "tf-cf-bucket" +} + +variable "compress" { + default = "false" +} + +variable "ipv6_enabled" { + default = "true" +} + +variable "comment" { + default = "Managed by Terraform" +} + +variable "log_include_cookies" { + default = "false" +} + +variable "log_bucket" { } + +variable "log_prefix" { + default = "cf_logs" +} + +variable "price_class" { + default = "PriceClass_100" +} + +variable "viewer_protocol_policy" { + #default = "allow-all" + default = "redirect-to-https" +} + +variable "allowed_methods" { + type = "list" + default = ["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"] +} +variable "cached_methods" { + type = "list" + default = ["GET", "HEAD"] +} + +variable "min_ttl" { + default = "0" +} +variable "max_ttl" { + default = "31536000" +} +variable "default_ttl" { + default = "60" +} + +variable "tags" { + default = {} +} + +variable "create_user_with_policy" { + default = "false" +} + +variable "iam_policy" { + type = "string" + default = "" +} + +variable "pgp_key" { + default = "" +} diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_customer_gw%main.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_customer_gw%main.tf new file mode 100644 index 0000000..c80176b --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_customer_gw%main.tf @@ -0,0 +1,65 @@ +resource "aws_customer_gateway" "default" { + count = "${var.customer_gateway_id == "" ? 1 : 0}" + bgp_asn = "${var.bgp_asn}" + ip_address = "${var.ip_address}" + type = "ipsec.1" + + tags { + Name = "${var.name}" + } + + lifecycle { + create_before_destroy = true + } +} + +resource "aws_vpn_connection" "default" { + vpn_gateway_id = "${var.vpn_gateway_id}" + customer_gateway_id = "${coalesce(var.customer_gateway_id, aws_customer_gateway.default.id)}" + type = "ipsec.1" + static_routes_only = "${var.static_routes_only}" + + tags { + Name = "${var.name}" + } + + lifecycle { + create_before_destroy = true + } +} + +resource "aws_vpn_connection_route" "default" { + count = "${length(var.destination_cidr_blocks)}" + destination_cidr_block = "${element(var.destination_cidr_blocks, count.index)}" + vpn_connection_id = "${aws_vpn_connection.default.id}" + + lifecycle { + create_before_destroy = true + } +} + +#if route_source=static and there are more route_tables than cidr_blocks(or an equal amount) +# then add static routes in every specified route table for each destination_cidr_block=>VPN Gateway +resource "aws_route" "more_tables" { + count = "${(var.add_static_routes_to_tables == "true" ? 1 : 0) * (var.route_table_count >= length(var.destination_cidr_blocks) ? 1 : 0 ) * var.route_table_count * length(var.destination_cidr_blocks)}" + route_table_id = "${element(var.route_table_ids, count.index % floor(max(length(var.route_table_ids),length(var.destination_cidr_blocks))))}" + destination_cidr_block = "${element(var.destination_cidr_blocks, floor(count.index / max(length(var.route_table_ids),length(var.destination_cidr_blocks))))}" + gateway_id = "${var.vpn_gateway_id}" + + lifecycle { + create_before_destroy = true + } +} + +#if route_source=static and there are more cidr_blocks than route_tables +# then add static routes in every specified route table for each destination_cidr_block=>VPN Gateway +resource "aws_route" "more_cidrs" { + count = "${(var.add_static_routes_to_tables == "true" ? 1 : 0) * (length(var.destination_cidr_blocks) > var.route_table_count ? 1 : 0 ) * var.route_table_count * length(var.destination_cidr_blocks)}" + route_table_id = "${element(var.route_table_ids, floor(count.index / max(length(var.route_table_ids),length(var.destination_cidr_blocks))))}" + destination_cidr_block = "${element(var.destination_cidr_blocks, count.index % floor(max(length(var.route_table_ids),length(var.destination_cidr_blocks))))}" + gateway_id = "${var.vpn_gateway_id}" + + lifecycle { + create_before_destroy = true + } +} \ No newline at end of file diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_customer_gw%outputs.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_customer_gw%outputs.tf new file mode 100644 index 0000000..f10a64c --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_customer_gw%outputs.tf @@ -0,0 +1,11 @@ +output "cgw_id" { + value = "${aws_customer_gateway.default.id}" +} + +output "cgw_ip_address" { + value = "${aws_customer_gateway.default.ip_address}" +} + +output "cgw_bgp_asn" { + value = "${aws_customer_gateway.default.bgp_asn}" +} \ No newline at end of file diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_customer_gw%vars.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_customer_gw%vars.tf new file mode 100644 index 0000000..d155999 --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_customer_gw%vars.tf @@ -0,0 +1,45 @@ +variable "name" { + description = "Decriptive name used to label tagged resources." +} + +variable "vpn_gateway_id" { + description = "Specify which VPN Gateway the Customer Gateway will be associated with." +} + + +variable "customer_gateway_id" { + description = "Specify which Customer Gateway to use. If specified the variables ip_address and bgp_asn will not be used" + default = "" +} + +variable "ip_address" { + description = "IP address of the Customer Gateway external interface." + default = "" +} + +variable "bgp_asn" { + description = "BGP ASN of the Customer Gateway. By convention, use 65000 if you are not running BGP." + default = 65000 +} + +variable "destination_cidr_blocks" { + type = "list" + description = "List of comman separated CIDR blocks which should be routed to the Customer Gateway(s)." +} + +variable "route_table_ids" { + type = "list" + description = "List of command separated Route Table IDs where routes to destination_cidr_blocks will be created." +} + +variable "route_table_count" { + description = "Number of elements in the route_table_ids list. Here because Terraform cannot calculate count from dynamic values. This should be removed when Terraform 0.9 is released." +} + +variable "static_routes_only" { + description = "Whether the VPN connection uses static routes exclusively. Static routes must be used for devices that don't support BGP. Accepts either true or false." +} + +variable "add_static_routes_to_tables" { + description = "Determines whether static routes will be added to all route tables in route_table_ids list or if vgw route propagation will be used instead. If set to true, then route_table_ids, route_table_count, and destination_cidr_blocks must also be provided." +} \ No newline at end of file diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_ec2_instance%main.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_ec2_instance%main.tf new file mode 100644 index 0000000..f1de469 --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_ec2_instance%main.tf @@ -0,0 +1,22 @@ +// Provider specific configs +provider "aws" { + access_key = "${var.aws_access_key}" + secret_key = "${var.aws_secret_key}" + region = "${var.aws_region}" +} + +// EC2 Instance Resource for Module +resource "aws_instance" "ec2_instance" { + ami = "${var.ami_id}" + count = "${var.number_of_instances}" + subnet_id = "${var.subnet_id}" + instance_type = "${var.instance_type}" + user_data = "${file(var.user_data)}" + tags { + created_by = "${lookup(var.tags,"created_by")}" + // Takes the instance_name input variable and adds + // the count.index to the name., e.g. + // "example-host-web-1" + Name = "${var.instance_name}-${count.index}" + } +} diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_ec2_instance%outputs.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_ec2_instance%outputs.tf new file mode 100644 index 0000000..b4c6633 --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_ec2_instance%outputs.tf @@ -0,0 +1,4 @@ +// Output the ID of the EC2 instance created +output "ec2_instance_id" { + value = "${aws_instance.ec2_instance.id}" +} diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_ec2_instance%variables.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_ec2_instance%variables.tf new file mode 100644 index 0000000..5e6287e --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_ec2_instance%variables.tf @@ -0,0 +1,35 @@ +// Module specific variables + +variable "instance_name" { + description = "Used to populate the Name tag. This is done in main.tf" +} + +variable "instance_type" {} + +variable "subnet_id" { + description = "The VPC subnet the instance(s) will go in" +} + +variable "ami_id" { + description = "The AMI to use" +} + +variable "number_of_instances" { + description = "number of instances to make" + default = 1 +} + +variable "user_data" { + description = "The path to a file with user_data for the instances" +} + +variable "tags" { + default = { + created_by = "terraform" + } +} + +// Variables for providers used in this module +variable "aws_access_key" {} +variable "aws_secret_key" {} +variable "aws_region" {} diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_ecs%consul_agent.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_ecs%consul_agent.tf new file mode 100644 index 0000000..5f0da1c --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_ecs%consul_agent.tf @@ -0,0 +1,57 @@ +data "template_file" "consul" { + template = "${file("${path.module}/templates/consul.json")}" + + vars { + env = "${aws_ecs_cluster.cluster.name}" + image = "${var.consul_image}" + registrator_image = "${var.registrator_image}" + consul_memory_reservation = "${var.consul_memory_reservation}" + registrator_memory_reservation = "${var.registrator_memory_reservation}" + awslogs_group = "consul-agent-${aws_ecs_cluster.cluster.name}" + awslogs_stream_prefix = "consul-agent-${aws_ecs_cluster.cluster.name}" + awslogs_region = "${var.region}" + } +} + +# End Data block + +resource "aws_ecs_task_definition" "consul" { + count = "${var.enable_agents ? 1 : 0}" + family = "consul-agent-${aws_ecs_cluster.cluster.name}" + container_definitions = "${data.template_file.consul.rendered}" + network_mode = "host" + task_role_arn = "${aws_iam_role.consul_task.arn}" + + volume { + name = "consul-config-dir" + host_path = "/etc/consul" + } + + volume { + name = "docker-sock" + host_path = "/var/run/docker.sock" + } +} + +resource "aws_cloudwatch_log_group" "consul" { + count = "${var.enable_agents ? 1 : 0}" + name = "${aws_ecs_task_definition.consul.family}" + + tags { + VPC = "${data.aws_vpc.vpc.tags["Name"]}" + Application = "${aws_ecs_task_definition.consul.family}" + } +} + +resource "aws_ecs_service" "consul" { + count = "${var.enable_agents ? 1 : 0}" + name = "consul-agent-${aws_ecs_cluster.cluster.name}" + cluster = "${aws_ecs_cluster.cluster.id}" + task_definition = "${aws_ecs_task_definition.consul.arn}" + desired_count = "${var.servers}" + deployment_minimum_healthy_percent = "60" + + placement_constraints { + type = "distinctInstance" + } +} diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_ecs%graceful_shutdown.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_ecs%graceful_shutdown.tf new file mode 100644 index 0000000..676c0e3 --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_ecs%graceful_shutdown.tf @@ -0,0 +1,10 @@ +# Thank God for Circle CI for this post +# https://circleci.com/blog/graceful-shutdown-using-aws/ + +resource "aws_autoscaling_lifecycle_hook" "graceful_shutdown_asg_hook" { + name = "graceful_shutdown_asg" + autoscaling_group_name = "${aws_autoscaling_group.ecs.name}" + default_result = "CONTINUE" + heartbeat_timeout = "${var.heartbeat_timeout}" + lifecycle_transition = "autoscaling:EC2_INSTANCE_TERMINATING" +} diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_ecs%iam.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_ecs%iam.tf new file mode 100644 index 0000000..bec1739 --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_ecs%iam.tf @@ -0,0 +1,119 @@ +resource "aws_iam_instance_profile" "ecs_profile" { + name_prefix = "${replace(format("%.102s", replace("tf-ECSProfile-${var.name}-", "_", "-")), "/\\s/", "-")}" + role = "${aws_iam_role.ecs_role.name}" + path = "${var.iam_path}" +} + +resource "aws_iam_role" "ecs_role" { + name_prefix = "${replace(format("%.32s", replace("tf-ECSInRole-${var.name}-", "_", "-")), "/\\s/", "-")}" + path = "${var.iam_path}" + + assume_role_policy = < 0 ? true : false +} diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elasticsearch%main.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elasticsearch%main.tf new file mode 100644 index 0000000..73da9da --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elasticsearch%main.tf @@ -0,0 +1,106 @@ +data "aws_iam_policy_document" "es_management_access" { + count = false == local.inside_vpc ? 1 : 0 + + statement { + actions = [ + "es:*", + ] + + resources = [ + aws_elasticsearch_domain.es[0].arn, + "${aws_elasticsearch_domain.es[0].arn}/*", + ] + + principals { + type = "AWS" + + identifiers = distinct(compact(var.management_iam_roles)) + } + + condition { + test = "IpAddress" + variable = "aws:SourceIp" + + values = distinct(compact(var.management_public_ip_addresses)) + } + } +} + +resource "aws_elasticsearch_domain" "es" { + count = false == local.inside_vpc ? 1 : 0 + + depends_on = [aws_iam_service_linked_role.es] + + domain_name = local.domain_name + elasticsearch_version = var.es_version + + encrypt_at_rest { + enabled = var.encrypt_at_rest + kms_key_id = var.kms_key_id + } + + domain_endpoint_options { + enforce_https = var.enforce_https + tls_security_policy = var.tls_security_policy + } + + cluster_config { + instance_type = var.instance_type + instance_count = var.instance_count + dedicated_master_enabled = var.instance_count >= var.dedicated_master_threshold ? true : false + dedicated_master_count = var.instance_count >= var.dedicated_master_threshold ? 3 : 0 + dedicated_master_type = var.instance_count >= var.dedicated_master_threshold ? var.dedicated_master_type != "false" ? var.dedicated_master_type : var.instance_type : "" + zone_awareness_enabled = var.es_zone_awareness + dynamic "zone_awareness_config" { + for_each = var.es_zone_awareness ? [var.es_zone_awareness_count] : [] + content { + availability_zone_count = zone_awareness_config.value + } + } + } + + advanced_options = var.advanced_options + + dynamic "log_publishing_options" { + for_each = var.log_publishing_options + content { + # TF-UPGRADE-TODO: The automatic upgrade tool can't predict + # which keys might be set in maps assigned here, so it has + # produced a comprehensive set here. Consider simplifying + # this after confirming which keys can be set in practice. + + cloudwatch_log_group_arn = log_publishing_options.value.cloudwatch_log_group_arn + enabled = lookup(log_publishing_options.value, "enabled", null) + log_type = log_publishing_options.value.log_type + } + } + + node_to_node_encryption { + enabled = var.node_to_node_encryption_enabled + } + + ebs_options { + ebs_enabled = var.ebs_volume_size > 0 ? true : false + volume_size = var.ebs_volume_size + volume_type = var.ebs_volume_type + } + + snapshot_options { + automated_snapshot_start_hour = var.snapshot_start_hour + } + + tags = merge( + { + "Domain" = local.domain_name + }, + var.tags, + ) +} + +resource "aws_elasticsearch_domain_policy" "es_management_access" { + count = false == local.inside_vpc ? 1 : 0 + + domain_name = local.domain_name + access_policies = data.aws_iam_policy_document.es_management_access[0].json +} + diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elasticsearch%main_vpc.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elasticsearch%main_vpc.tf new file mode 100644 index 0000000..73c1dfe --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elasticsearch%main_vpc.tf @@ -0,0 +1,112 @@ +/*Add a new set of data.aws_iam_policy_document, aws_elasticsearch_domain, aws_elasticsearch_domain_policy. Because currently terraform/aws_elasticsearch_domain +does not handle properly null/empty "vpc_options" */ + +data "aws_iam_policy_document" "es_vpc_management_access" { + count = local.inside_vpc ? 1 : 0 + + statement { + actions = [ + "es:*", + ] + + resources = [ + aws_elasticsearch_domain.es_vpc[0].arn, + "${aws_elasticsearch_domain.es_vpc[0].arn}/*", + ] + + principals { + type = "AWS" + + identifiers = distinct(compact(var.management_iam_roles)) + } + } +} + +resource "aws_iam_service_linked_role" "es" { + count = var.create_iam_service_linked_role ? 1 : 0 + aws_service_name = "es.amazonaws.com" +} + +resource "aws_elasticsearch_domain" "es_vpc" { + count = local.inside_vpc ? 1 : 0 + + depends_on = [aws_iam_service_linked_role.es] + + domain_name = local.domain_name + elasticsearch_version = var.es_version + + encrypt_at_rest { + enabled = var.encrypt_at_rest + kms_key_id = var.kms_key_id + } + + domain_endpoint_options { + enforce_https = var.enforce_https + tls_security_policy = var.tls_security_policy + } + + cluster_config { + instance_type = var.instance_type + instance_count = var.instance_count + dedicated_master_enabled = var.instance_count >= var.dedicated_master_threshold ? true : false + dedicated_master_count = var.instance_count >= var.dedicated_master_threshold ? 3 : 0 + dedicated_master_type = var.instance_count >= var.dedicated_master_threshold ? var.dedicated_master_type != "false" ? var.dedicated_master_type : var.instance_type : "" + zone_awareness_enabled = var.es_zone_awareness + dynamic "zone_awareness_config" { + for_each = var.es_zone_awareness ? [var.es_zone_awareness_count] : [] + content { + availability_zone_count = zone_awareness_config.value + } + } + } + + advanced_options = var.advanced_options + + dynamic "log_publishing_options" { + for_each = var.log_publishing_options + content { + # TF-UPGRADE-TODO: The automatic upgrade tool can't predict + # which keys might be set in maps assigned here, so it has + # produced a comprehensive set here. Consider simplifying + # this after confirming which keys can be set in practice. + + cloudwatch_log_group_arn = log_publishing_options.value.cloudwatch_log_group_arn + enabled = lookup(log_publishing_options.value, "enabled", null) + log_type = log_publishing_options.value.log_type + } + } + + node_to_node_encryption { + enabled = var.node_to_node_encryption_enabled + } + + vpc_options { + subnet_ids = var.vpc_options["subnet_ids"] + security_group_ids = var.vpc_options["security_group_ids"] + } + + ebs_options { + ebs_enabled = var.ebs_volume_size > 0 ? true : false + volume_size = var.ebs_volume_size + volume_type = var.ebs_volume_type + } + + snapshot_options { + automated_snapshot_start_hour = var.snapshot_start_hour + } + + tags = merge( + { + "Domain" = local.domain_name + }, + var.tags, + ) +} + +resource "aws_elasticsearch_domain_policy" "es_vpc_management_access" { + count = local.inside_vpc ? 1 : 0 + + domain_name = local.domain_name + access_policies = data.aws_iam_policy_document.es_vpc_management_access[0].json +} + diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elasticsearch%outputs.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elasticsearch%outputs.tf new file mode 100644 index 0000000..af64d90 --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elasticsearch%outputs.tf @@ -0,0 +1,60 @@ +output "arn" { + description = "Amazon Resource Name (ARN) of the domain" + value = element( + concat( + aws_elasticsearch_domain.es_vpc.*.arn, + aws_elasticsearch_domain.es.*.arn, + [""], + ), + 0, + ) +} + +output "domain_id" { + description = "Unique identifier for the domain" + value = element( + concat( + aws_elasticsearch_domain.es_vpc.*.domain_id, + aws_elasticsearch_domain.es.*.domain_id, + [""], + ), + 0, + ) +} + +output "domain_name" { + description = "The name of the Elasticsearch domain" + value = element( + concat( + aws_elasticsearch_domain.es_vpc.*.domain_name, + aws_elasticsearch_domain.es.*.domain_name, + [""], + ), + 0, + ) +} + +output "endpoint" { + description = "Domain-specific endpoint used to submit index, search, and data upload requests" + value = element( + concat( + aws_elasticsearch_domain.es_vpc.*.endpoint, + aws_elasticsearch_domain.es.*.endpoint, + [""], + ), + 0, + ) +} + +output "kibana_endpoint" { + description = "Domain-specific endpoint for kibana without https scheme" + value = element( + concat( + aws_elasticsearch_domain.es_vpc.*.kibana_endpoint, + aws_elasticsearch_domain.es.*.kibana_endpoint, + [""], + ), + 0, + ) +} + diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elasticsearch%variables.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elasticsearch%variables.tf new file mode 100644 index 0000000..fb342f1 --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elasticsearch%variables.tf @@ -0,0 +1,153 @@ +variable "create_iam_service_linked_role" { + description = "Whether to create IAM service linked role for AWS ElasticSearch service. Can be only one per AWS account." + type = bool + default = true +} + +variable "domain_name" { + description = "Domain name for Elasticsearch cluster" + type = string + default = "es-domain" +} + +variable "es_version" { + description = "Version of Elasticsearch to deploy (default 5.1)" + type = string + default = "5.1" +} + +variable "instance_type" { + description = "ES instance type for data nodes in the cluster (default t2.small.elasticsearch)" + type = string + default = "t2.small.elasticsearch" +} + +variable "instance_count" { + description = "Number of data nodes in the cluster (default 6)" + type = number + default = 6 +} + +variable "dedicated_master_type" { + description = "ES instance type to be used for dedicated masters (default same as instance_type)" + type = string + default = "false" +} + +variable "encrypt_at_rest" { + description = "Enable encrption at rest (only specific instance family types support it: m4, c4, r4, i2, i3 default: false)" + type = bool + default = false +} + +variable "management_iam_roles" { + description = "List of IAM role ARNs from which to permit management traffic (default ['*']). Note that a client must match both the IP address and the IAM role patterns in order to be permitted access." + type = list(string) + default = ["*"] +} + +variable "management_public_ip_addresses" { + description = "List of IP addresses from which to permit management traffic (default []). Note that a client must match both the IP address and the IAM role patterns in order to be permitted access." + type = list(string) + default = [] +} + +variable "es_zone_awareness" { + description = "Enable zone awareness for Elasticsearch cluster (default false)" + type = bool + default = false +} + +variable "es_zone_awareness_count" { + description = "Number of availability zones used for data nodes (default 2)" + type = number + default = 2 +} + +variable "ebs_volume_size" { + description = "Optionally use EBS volumes for data storage by specifying volume size in GB (default 0)" + type = number + default = 0 +} + +variable "ebs_volume_type" { + description = "Storage type of EBS volumes, if used (default gp2)" + type = string + default = "gp2" +} + +variable "kms_key_id" { + description = "KMS key used for elasticsearch" + type = string + default = "" +} + +variable "snapshot_start_hour" { + description = "Hour at which automated snapshots are taken, in UTC (default 0)" + type = number + default = 0 +} + +variable "vpc_options" { + description = "A map of supported vpc options" + type = map(list(string)) + + default = { + security_group_ids = [] + subnet_ids = [] + } +} + +variable "tags" { + description = "tags to apply to all resources" + type = map(string) + default = {} +} + +variable "use_prefix" { + description = "Flag indicating whether or not to use the domain_prefix. Default: true" + type = bool + default = true +} + +variable "domain_prefix" { + description = "String to be prefixed to search domain. Default: tf-" + type = string + default = "tf-" +} + +variable "dedicated_master_threshold" { + description = "The number of instances above which dedicated master nodes will be used. Default: 10" + type = number + default = 10 +} + +variable "advanced_options" { + description = "Map of key-value string pairs to specify advanced configuration options. Note that the values for these configuration options must be strings (wrapped in quotes) or they may be wrong and cause a perpetual diff, causing Terraform to want to recreate your Elasticsearch domain on every apply." + type = map(string) + default = {} +} + +variable "log_publishing_options" { + description = "List of maps of options for publishing slow logs to CloudWatch Logs." + type = list(map(string)) + default = [] +} + +variable "node_to_node_encryption_enabled" { + description = "Whether to enable node-to-node encryption." + type = bool + default = false +} + +variable "enforce_https" { + description = "Whether or not to require HTTPS." + type = bool + default = false +} + +variable "tls_security_policy" { + description = "The name of the TLS security policy that needs to be applied to the HTTPS endpoint. Example values: Policy-Min-TLS-1-0-2019-07 and Policy-Min-TLS-1-2-2019-07. Terraform will only perform drift detection if a configuration value is provided." + type = string + default = null +} diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elb%elb_http%main.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elb%elb_http%main.tf new file mode 100644 index 0000000..2491346 --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elb%elb_http%main.tf @@ -0,0 +1,39 @@ +// +// Module: tf_aws_elb/elb_http +// + +// Provider specific configs +provider "aws" { + access_key = "${var.aws_access_key}" + secret_key = "${var.aws_secret_key}" + region = "${var.aws_region}" +} + +// ELB Resource for Module +// A note about instances: +// - This module assumes your instances will be made +// by an ASG and the ASG will associate them with +// the ELB. +resource "aws_elb" "elb" { + name = "${var.elb_name}" + subnets = ["${var.subnet_az1}","${var.subnet_az2}"] + internal = "${var.elb_is_internal}" + security_groups = ["${var.elb_security_group}"] + + listener { + instance_port = "${var.backend_port}" + instance_protocol = "${var.backend_protocol}" + lb_port = 80 + lb_protocol = "http" + } + + health_check { + healthy_threshold = 2 + unhealthy_threshold = 2 + timeout = 3 + target = "${var.health_check_target}" + interval = 30 + } + + cross_zone_load_balancing = true +} diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elb%elb_http%outputs.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elb%elb_http%outputs.tf new file mode 100644 index 0000000..aabe166 --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elb%elb_http%outputs.tf @@ -0,0 +1,15 @@ +// +// Module: tf_aws_elb/elb_http +// + +output "elb_id" { + value = "${aws_elb.elb.id}" +} + +output "elb_name" { + value = "${aws_elb.elb.name}" +} + +output "elb_dns_name" { + value = "${aws_elb.elb.dns_name}" +} diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elb%elb_http%variables.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elb%elb_http%variables.tf new file mode 100644 index 0000000..a9ea28c --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elb%elb_http%variables.tf @@ -0,0 +1,47 @@ +// +// Module: tf_aws_elb/elb_http +// + +// Module specific variables + +variable "elb_name" {} + +variable "elb_is_internal" { + description = "Determines if the ELB is internal or not" + default = false + // Defaults to false, which results in an external IP for the ELB +} + +variable "elb_security_group" {} + +variable "subnet_az1" { + description = "The subnet for AZ1" +} + +variable "subnet_az2" { + description = "The subnet for AZ2" +} + +variable "backend_port" { + description = "The port the service on the EC2 instances listens on" +} + +variable "backend_protocol" { + description = "The protocol the backend service speaks" + // Possible options are + // - http + // - https + // - tcp + // - ssl (secure tcp) +} + +variable "health_check_target" { + description = "The URL the ELB should use for health checks" + // This is primarily used with `http` or `https` backend protocols + // The format is like `HTTPS:443/health` +} + +// Variables for providers used in this module +variable "aws_access_key" {} +variable "aws_secret_key" {} +variable "aws_region" {} diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elb%elb_https%main.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elb%elb_https%main.tf new file mode 100644 index 0000000..2e672db --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elb%elb_https%main.tf @@ -0,0 +1,40 @@ +// +// Module: tf_aws_elb/elb_https +// + +// Provider specific configs +provider "aws" { + access_key = "${var.aws_access_key}" + secret_key = "${var.aws_secret_key}" + region = "${var.aws_region}" +} + +// ELB Resource for Module +// A note about instances: +// - This module assumes your instances will be made +// by an ASG and the ASG will associate them with +// the ELB. +resource "aws_elb" "elb" { + name = "${var.elb_name}" + subnets = ["${var.subnet_az1}","${var.subnet_az2}"] + internal = "${var.elb_is_internal}" + security_groups = ["${var.elb_security_group}"] + + listener { + instance_port = "${var.backend_port}" + instance_protocol = "${var.backend_protocol}" + lb_port = 443 + lb_protocol = "https" + ssl_certificate_id = "${var.ssl_certificate_id}" + } + + health_check { + healthy_threshold = 2 + unhealthy_threshold = 2 + timeout = 3 + target = "${var.health_check_target}" + interval = 30 + } + + cross_zone_load_balancing = true +} diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elb%elb_https%outputs.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elb%elb_https%outputs.tf new file mode 100644 index 0000000..60fa8de --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elb%elb_https%outputs.tf @@ -0,0 +1,15 @@ +// +// Module: tf_aws_elb/elb_https +// + +output "elb_id" { + value = "${aws_elb.elb.id}" +} + +output "elb_name" { + value = "${aws_elb.elb.name}" +} + +output "elb_dns_name" { + value = "${aws_elb.elb.dns_name}" +} diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elb%elb_https%variables.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elb%elb_https%variables.tf new file mode 100644 index 0000000..63238b9 --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_elb%elb_https%variables.tf @@ -0,0 +1,53 @@ +// +// Module: tf_aws_elb/elb_https +// + +// Module specific variables + +variable "elb_name" {} + +variable "elb_is_internal" { + description = "Determines if the ELB is internal or not" + default = false + // Defaults to false, which results in an external IP for the ELB +} + +variable "elb_security_group" {} + +// See README.md for details on finding the +// ARN of an SSL certificate in EC2 +variable "ssl_certificate_id" { + description = "The ARN of the SSL Certificate in EC2" +} + +variable "subnet_az1" { + description = "The subnet for AZ1" +} + +variable "subnet_az2" { + description = "The subnet for AZ2" +} + +variable "backend_port" { + description = "The port the service on the EC2 instances listens on" +} + +variable "backend_protocol" { + description = "The protocol the backend service speaks" + // Possible options are + // - http + // - https + // - tcp + // - ssl (secure tcp) +} + +variable "health_check_target" { + description = "The URL the ELB should use for health checks" + // This is primarily used with `http` or `https` backend protocols + // The format is like `HTTPS:443/health` +} + +// Variables for providers used in this module +variable "aws_access_key" {} +variable "aws_secret_key" {} +variable "aws_region" {} diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_igw%main.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_igw%main.tf new file mode 100644 index 0000000..135c3ae --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_igw%main.tf @@ -0,0 +1,14 @@ +variable "name" { default = "igw" } +variable "vpc_id" {} +variable "tags" { + description = "A map of tags to add to all resources" + default = {} +} + +resource "aws_internet_gateway" "igw" { + vpc_id = "${var.vpc_id}" + + tags = "${merge(var.tags, map("Name", format("%s", var.name)))}" +} + +output "igw_id" { value = "${aws_internet_gateway.igw.id}" } diff --git a/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_lambda_scheduled%main.tf b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_lambda_scheduled%main.tf new file mode 100644 index 0000000..f4a2610 --- /dev/null +++ b/example/real_world_stuff/terraform-community-modules/terraform-community-modules%tf_aws_lambda_scheduled%main.tf @@ -0,0 +1,65 @@ +resource "aws_iam_role" "lambda" { + name = "${var.lambda_name}" + + assume_role_policy = < + # https://docs.openvpn.net/how-to-tutorialsguides/virtual-platforms/amazon-ec2-appliance-ami-quick-start-guide/ + user_data = <::iterator it = context_stack.begin(); it != context_stack.end(); ++it) { + if (size + 2 + it->heredoc_identifier.size() >= TREE_SITTER_SERIALIZATION_BUFFER_SIZE) { + return 0; + } + buf[size++] = it->type; + buf[size++] = it->heredoc_identifier.size(); + it->heredoc_identifier.copy(&buf[size], it->heredoc_identifier.size()); + size += it->heredoc_identifier.size(); + } + return size; } - // TODO: implement properly void deserialize(const char* buf, unsigned n) { + unsigned size = 0; + if (n == 0) { + return; + } + context_stack.clear(); + + uint8_t context_stack_size = buf[size++]; + for (unsigned j = 0; j < context_stack_size; j++) { + Context ctx; + ctx.type = static_cast(buf[size++]); + uint8_t heredoc_identifier_size = buf[size++]; + ctx.heredoc_identifier.assign(buf + size, buf + size + heredoc_identifier_size); + size += heredoc_identifier_size; + context_stack.push_back(ctx); + } + assert(size == n); } bool scan(TSLexer* lexer, const bool* valid_symbols) {