Skip to content

Commit

Permalink
infra: assign public ip to nodes to make debugging easier
Browse files Browse the repository at this point in the history
Signed-off-by: Yang Chiu <[email protected]>
  • Loading branch information
yangchiu committed Feb 6, 2024
1 parent 0a10ee7 commit af84fc3
Show file tree
Hide file tree
Showing 22 changed files with 121 additions and 159 deletions.
2 changes: 2 additions & 0 deletions test_framework/terraform/aws/oracle/k3s_instances.tf
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,8 @@ resource "aws_instance" "lh_aws_instance_worker_k3s" {

count = var.k8s_distro_name == "k3s" ? var.lh_aws_instance_count_worker : 0

associate_public_ip_address = true

availability_zone = var.aws_availability_zone

ami = data.aws_ami.aws_ami_oraclelinux.id
Expand Down
51 changes: 18 additions & 33 deletions test_framework/terraform/aws/oracle/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -85,6 +85,14 @@ resource "aws_security_group" "lh_aws_secgrp_controlplane" {
cidr_blocks = ["0.0.0.0/0"]
}

ingress {
description = "Allow longhorn-ui nodeport"
from_port = 30000
to_port = 30000
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}

ingress {
description = "Allow UDP connection for longhorn-webhooks"
from_port = 0
Expand Down Expand Up @@ -114,13 +122,20 @@ resource "aws_security_group" "lh_aws_secgrp_controlplane" {
}
}


# Create worker security group
resource "aws_security_group" "lh_aws_secgrp_worker" {
name = "lh_aws_secgrp_worker"
description = "Allow all inbound traffic"
vpc_id = aws_vpc.lh_aws_vpc.id

ingress {
description = "Allow SSH"
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}

ingress {
description = "Allow HTTP"
from_port = 80
Expand Down Expand Up @@ -158,7 +173,6 @@ resource "aws_security_group" "lh_aws_secgrp_worker" {
}
}


# Create Public subnet
resource "aws_subnet" "lh_aws_public_subnet" {
vpc_id = aws_vpc.lh_aws_vpc.id
Expand All @@ -183,35 +197,6 @@ resource "aws_subnet" "lh_aws_private_subnet" {
}
}

# Create EIP for NATGW
resource "aws_eip" "lh_aws_eip_nat_gw" {
vpc = true

tags = {
Name = "lh_eip_nat_gw-${random_string.random_suffix.id}"
Owner = "longhorn-infra"
}
}

# Create nat gateway
resource "aws_nat_gateway" "lh_aws_nat_gw" {
depends_on = [
aws_internet_gateway.lh_aws_igw,
aws_eip.lh_aws_eip_nat_gw,
aws_subnet.lh_aws_public_subnet,
aws_subnet.lh_aws_private_subnet
]

allocation_id = aws_eip.lh_aws_eip_nat_gw.id
subnet_id = aws_subnet.lh_aws_public_subnet.id

tags = {
Name = "lh_eip_nat_gw-${random_string.random_suffix.id}"
Owner = "longhorn-infra"
}
}


# Create route table for public subnets
resource "aws_route_table" "lh_aws_public_rt" {
depends_on = [
Expand All @@ -234,14 +219,14 @@ resource "aws_route_table" "lh_aws_public_rt" {
# Create route table for private subnets
resource "aws_route_table" "lh_aws_private_rt" {
depends_on = [
aws_nat_gateway.lh_aws_nat_gw
aws_internet_gateway.lh_aws_igw,
]

vpc_id = aws_vpc.lh_aws_vpc.id

route {
cidr_block = "0.0.0.0/0"
gateway_id = aws_nat_gateway.lh_aws_nat_gw.id
gateway_id = aws_internet_gateway.lh_aws_igw.id
}

tags = {
Expand Down
2 changes: 2 additions & 0 deletions test_framework/terraform/aws/oracle/rke2_instances.tf
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,8 @@ resource "aws_instance" "lh_aws_instance_worker_rke2" {

count = var.k8s_distro_name == "rke2" ? var.lh_aws_instance_count_worker : 0

associate_public_ip_address = true

availability_zone = var.aws_availability_zone

ami = data.aws_ami.aws_ami_oraclelinux.id
Expand Down
2 changes: 2 additions & 0 deletions test_framework/terraform/aws/oracle/rke_instances.tf
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,8 @@ resource "aws_instance" "lh_aws_instance_worker_rke" {

count = var.k8s_distro_name == "rke" ? var.lh_aws_instance_count_worker : 0

associate_public_ip_address = true

availability_zone = var.aws_availability_zone

ami = data.aws_ami.aws_ami_oraclelinux.id
Expand Down
2 changes: 2 additions & 0 deletions test_framework/terraform/aws/rhel/k3s_instances.tf
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,8 @@ resource "aws_instance" "lh_aws_instance_worker_k3s" {

count = var.k8s_distro_name == "k3s" ? var.lh_aws_instance_count_worker : 0

associate_public_ip_address = true

availability_zone = var.aws_availability_zone

ami = data.aws_ami.aws_ami_rhel.id
Expand Down
49 changes: 18 additions & 31 deletions test_framework/terraform/aws/rhel/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -85,6 +85,14 @@ resource "aws_security_group" "lh_aws_secgrp_controlplane" {
cidr_blocks = ["0.0.0.0/0"]
}

ingress {
description = "Allow longhorn-ui nodeport"
from_port = 30000
to_port = 30000
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}

ingress {
description = "Allow UDP connection for longhorn-webhooks"
from_port = 0
Expand Down Expand Up @@ -121,6 +129,14 @@ resource "aws_security_group" "lh_aws_secgrp_worker" {
description = "Allow all inbound traffic"
vpc_id = aws_vpc.lh_aws_vpc.id

ingress {
description = "Allow SSH"
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}

ingress {
description = "Allow HTTP"
from_port = 80
Expand Down Expand Up @@ -183,35 +199,6 @@ resource "aws_subnet" "lh_aws_private_subnet" {
}
}

# Create EIP for NATGW
resource "aws_eip" "lh_aws_eip_nat_gw" {
vpc = true

tags = {
Name = "lh_eip_nat_gw-${random_string.random_suffix.id}"
Owner = "longhorn-infra"
}
}

# Create nat gateway
resource "aws_nat_gateway" "lh_aws_nat_gw" {
depends_on = [
aws_internet_gateway.lh_aws_igw,
aws_eip.lh_aws_eip_nat_gw,
aws_subnet.lh_aws_public_subnet,
aws_subnet.lh_aws_private_subnet
]

allocation_id = aws_eip.lh_aws_eip_nat_gw.id
subnet_id = aws_subnet.lh_aws_public_subnet.id

tags = {
Name = "lh_eip_nat_gw-${random_string.random_suffix.id}"
Owner = "longhorn-infra"
}
}


# Create route table for public subnets
resource "aws_route_table" "lh_aws_public_rt" {
depends_on = [
Expand All @@ -234,14 +221,14 @@ resource "aws_route_table" "lh_aws_public_rt" {
# Create route table for private subnets
resource "aws_route_table" "lh_aws_private_rt" {
depends_on = [
aws_nat_gateway.lh_aws_nat_gw
aws_internet_gateway.lh_aws_igw,
]

vpc_id = aws_vpc.lh_aws_vpc.id

route {
cidr_block = "0.0.0.0/0"
gateway_id = aws_nat_gateway.lh_aws_nat_gw.id
gateway_id = aws_internet_gateway.lh_aws_igw.id
}

tags = {
Expand Down
2 changes: 2 additions & 0 deletions test_framework/terraform/aws/rhel/rke2_instances.tf
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,8 @@ resource "aws_instance" "lh_aws_instance_worker_rke2" {

count = var.k8s_distro_name == "rke2" ? var.lh_aws_instance_count_worker : 0

associate_public_ip_address = true

availability_zone = var.aws_availability_zone

ami = data.aws_ami.aws_ami_rhel.id
Expand Down
2 changes: 2 additions & 0 deletions test_framework/terraform/aws/rhel/rke_instances.tf
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,8 @@ resource "aws_instance" "lh_aws_instance_worker_rke" {

count = var.k8s_distro_name == "rke" ? var.lh_aws_instance_count_worker : 0

associate_public_ip_address = true

availability_zone = var.aws_availability_zone

ami = data.aws_ami.aws_ami_rhel.id
Expand Down
2 changes: 2 additions & 0 deletions test_framework/terraform/aws/rockylinux/k3s_instances.tf
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,8 @@ resource "aws_instance" "lh_aws_instance_worker_k3s" {

count = var.k8s_distro_name == "k3s" ? var.lh_aws_instance_count_worker : 0

associate_public_ip_address = true

availability_zone = var.aws_availability_zone

ami = data.aws_ami.aws_ami_rockylinux.id
Expand Down
49 changes: 18 additions & 31 deletions test_framework/terraform/aws/rockylinux/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -85,6 +85,14 @@ resource "aws_security_group" "lh_aws_secgrp_controlplane" {
cidr_blocks = ["0.0.0.0/0"]
}

ingress {
description = "Allow longhorn-ui nodeport"
from_port = 30000
to_port = 30000
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}

ingress {
description = "Allow UDP connection for longhorn-webhooks"
from_port = 0
Expand Down Expand Up @@ -122,6 +130,14 @@ resource "aws_security_group" "lh_aws_secgrp_worker" {
description = "Allow all inbound traffic"
vpc_id = aws_vpc.lh_aws_vpc.id

ingress {
description = "Allow SSH"
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}

ingress {
description = "Allow HTTP"
from_port = 80
Expand Down Expand Up @@ -184,35 +200,6 @@ resource "aws_subnet" "lh_aws_private_subnet" {
}
}

# Create EIP for NATGW
resource "aws_eip" "lh_aws_eip_nat_gw" {
vpc = true

tags = {
Name = "lh_eip_nat_gw-${random_string.random_suffix.id}"
Owner = "longhorn-infra"
}
}

# Create nat gateway
resource "aws_nat_gateway" "lh_aws_nat_gw" {
depends_on = [
aws_internet_gateway.lh_aws_igw,
aws_eip.lh_aws_eip_nat_gw,
aws_subnet.lh_aws_public_subnet,
aws_subnet.lh_aws_private_subnet
]

allocation_id = aws_eip.lh_aws_eip_nat_gw.id
subnet_id = aws_subnet.lh_aws_public_subnet.id

tags = {
Name = "lh_eip_nat_gw-${random_string.random_suffix.id}"
Owner = "longhorn-infra"
}
}


# Create route table for public subnets
resource "aws_route_table" "lh_aws_public_rt" {
depends_on = [
Expand All @@ -235,14 +222,14 @@ resource "aws_route_table" "lh_aws_public_rt" {
# Create route table for private subnets
resource "aws_route_table" "lh_aws_private_rt" {
depends_on = [
aws_nat_gateway.lh_aws_nat_gw
aws_internet_gateway.lh_aws_igw,
]

vpc_id = aws_vpc.lh_aws_vpc.id

route {
cidr_block = "0.0.0.0/0"
gateway_id = aws_nat_gateway.lh_aws_nat_gw.id
gateway_id = aws_internet_gateway.lh_aws_igw.id
}

tags = {
Expand Down
2 changes: 2 additions & 0 deletions test_framework/terraform/aws/rockylinux/rke2_instances.tf
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,8 @@ resource "aws_instance" "lh_aws_instance_worker_rke2" {

count = var.k8s_distro_name == "rke2" ? var.lh_aws_instance_count_worker : 0

associate_public_ip_address = true

availability_zone = var.aws_availability_zone

ami = data.aws_ami.aws_ami_rockylinux.id
Expand Down
2 changes: 2 additions & 0 deletions test_framework/terraform/aws/rockylinux/rke_instances.tf
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,8 @@ resource "aws_instance" "lh_aws_instance_worker_rke" {

count = var.k8s_distro_name == "rke" ? var.lh_aws_instance_count_worker : 0

associate_public_ip_address = true

availability_zone = var.aws_availability_zone

ami = data.aws_ami.aws_ami_rockylinux.id
Expand Down
8 changes: 8 additions & 0 deletions test_framework/terraform/aws/sle-micro/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -85,6 +85,14 @@ resource "aws_security_group" "lh_aws_secgrp_public" {
cidr_blocks = ["0.0.0.0/0"]
}

ingress {
description = "Allow longhorn-ui nodeport"
from_port = 30000
to_port = 30000
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}

ingress {
description = "Allow UDP connection for longhorn-webhooks"
from_port = 0
Expand Down
2 changes: 2 additions & 0 deletions test_framework/terraform/aws/sles/k3s_instances.tf
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,8 @@ resource "aws_instance" "lh_aws_instance_worker_k3s" {

count = var.k8s_distro_name == "k3s" ? var.lh_aws_instance_count_worker : 0

associate_public_ip_address = true

availability_zone = var.aws_availability_zone

ami = data.aws_ami.aws_ami_sles.id
Expand Down
Loading

0 comments on commit af84fc3

Please sign in to comment.