Commit 8c561b99 authored by Chris King's avatar Chris King
Browse files

Add config for web interface

* Add security group so that 8080 and 8443 can be accessed
* Request a second floating IP attached to the first mon instance for
  the interface
* Add more setup to the cloud-init.yml file to include salt-minion setup
* Break out cloud-init.yml for admin node to set up minion and master,
  in addition to installing ceph-salt
parent 4a052046
......@@ -12,6 +12,15 @@ data "openstack_compute_flavor_v2" "m1_small" {
# template file cloud-init.yml
#
data "template_file" "cloud_init_admin_yml" {
template = file("${path.module}/templates/cloud-init-admin.yml")
vars = {
sles_reg_code = var.sles_reg_code
sles_reg_email = var.sles_reg_email
sles_ses_reg = var.sles_ses_reg
}
}
data "template_file" "cloud_init_yml" {
template = file("${path.module}/templates/cloud-init.yml")
......@@ -34,7 +43,7 @@ resource "openstack_compute_instance_v2" "admin" {
openstack_compute_secgroup_v2.allow_ssh.name
]
user_data = data.template_file.cloud_init_yml.rendered
user_data = data.template_file.cloud_init_admin_yml.rendered
block_device {
# this is the image to clone from
......@@ -140,7 +149,8 @@ resource "openstack_compute_instance_v2" "mon" {
flavor_id = data.openstack_compute_flavor_v2.m1_small.id
key_pair = var.ssh_keypair
security_groups = [
"default"
"default",
openstack_compute_secgroup_v2.allow_web_interface.name
]
user_data = data.template_file.cloud_init_yml.rendered
......@@ -158,3 +168,9 @@ resource "openstack_compute_instance_v2" "mon" {
uuid = openstack_networking_network_v2.public_network.id
}
}
resource "openstack_compute_floatingip_associate_v2" "mon_association" {
floating_ip = openstack_compute_floatingip_v2.floating_ip_mon.address
instance_id = openstack_compute_instance_v2.mon[0].id
}
......@@ -45,6 +45,12 @@ resource "openstack_networking_router_interface_v2" "router_interface_public" {
# floating ip
# ip for admin node
resource "openstack_compute_floatingip_v2" "floating_ip" {
pool = data.openstack_networking_network_v2.external.name
}
# ip for mon node
resource "openstack_compute_floatingip_v2" "floating_ip_mon" {
pool = data.openstack_networking_network_v2.external.name
}
output "admin_ip_address" {
value = openstack_compute_floatingip_v2.floating_ip.address
}
output "web_ip_address" {
value = "https://${openstack_compute_floatingip_v2.floating_ip_mon.address}:8443/"
}
......@@ -9,3 +9,22 @@ resource "openstack_compute_secgroup_v2" "allow_ssh" {
cidr = "0.0.0.0/0"
}
}
resource "openstack_compute_secgroup_v2" "allow_web_interface" {
name = "allow web interfaces for ceph"
description = "allow 8080/8443 to the monitor host"
rule {
from_port = 8080
to_port = 8080
ip_protocol = "tcp"
cidr = "0.0.0.0/0"
}
rule {
from_port = 8443
to_port = 8443
ip_protocol = "tcp"
cidr = "0.0.0.0/0"
}
}
#cloud-config
runcmd:
- sudo SUSEConnect -r ${sles_reg_code} -e ${sles_reg_email}
- sudo SUSEConnect -p ses/7/x86_64 -r ${sles_ses_reg}
- sudo zypper in -y salt-minion salt-master
- sudo sed -i 's/^#\(log_level_logfile:\).*/\1 info/' /etc/salt/minion
- sudo sed -i 's/^#\(master:\).*/\1 admin.openstack.internal/' /etc/salt/minion
- sudo systemctl enable salt-minion && sudo systemctl start salt-minion && sudo systemctl enable salt-master && sudo systemctl start salt-master
- sudo zypper in -y ceph-salt
- sudo systemctl restart salt-master.service
......@@ -3,3 +3,7 @@
runcmd:
- sudo SUSEConnect -r ${sles_reg_code} -e ${sles_reg_email}
- sudo SUSEConnect -p ses/7/x86_64 -r ${sles_ses_reg}
- sudo zypper in -y salt-minion
- sudo sed -i 's/^#\(log_level_logfile:\).*/\1 info/' /etc/salt/minion
- sudo sed -i 's/^#\(master:\).*/\1 admin.openstack.internal/' /etc/salt/minion
- sudo systemctl enable salt-minion && sudo systemctl start salt-minion
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment