From 2000a573190e85bb1a6be46a550df6165e5d18b6 Mon Sep 17 00:00:00 2001 From: nasusoba <108400027+nasusoba@users.noreply.github.com> Date: Mon, 21 Oct 2024 16:14:33 +0800 Subject: [PATCH] Create files --- dev/runyunewid/.gitignore | 1 + dev/runyunewid/backend.tf | 10 + dev/runyunewid/imports.tf | 6 + dev/runyunewid/main.tf | 70 +++ dev/runyunewid/provider.tf | 9 + dev/runyunewid/terraform.tf | 15 + dev/runyunewid/variables.tf | 66 +++ modules/runyutesttemplate2/checks.tf | 16 + modules/runyutesttemplate2/main.tf | 354 ++++++++++++++++ modules/runyutesttemplate2/naming.tf | 21 + .../scripts/ip-range-overlap.ps1 | 25 ++ modules/runyutesttemplate2/terraform.tf | 15 + .../variables.aks-arc.global.tf | 37 ++ .../variables.aks-arc.misc.tf | 2 + .../variables.aks-arc.site.tf | 4 + .../variables.hci-extensions.global.tf | 86 ++++ .../variables.hci-extensions.misc.tf | 3 + .../variables.hci-provisioners.global.tf | 26 ++ .../variables.hci-provisioners.misc.tf | 47 +++ .../variables.hci-vm-gallery-image.global.tf | 11 + .../variables.hci-vm.global.tf | 76 ++++ .../variables.hci-vm.site.tf | 6 + .../variables.hci.global.tf | 399 ++++++++++++++++++ .../runyutesttemplate2/variables.hci.misc.tf | 40 ++ .../runyutesttemplate2/variables.hci.site.tf | 17 + .../variables.logical-network.global.tf | 29 ++ .../variables.logical-network.site.tf | 20 + .../variables.main.global.tf | 14 + .../runyutesttemplate2/variables.main.misc.tf | 4 + .../runyutesttemplate2/variables.main.site.tf | 4 + .../variables.site-manager.global.tf | 5 + .../variables.site-manager.misc.tf | 1 + .../variables.site-manager.site.tf | 77 ++++ 33 files changed, 1516 insertions(+) create mode 100644 dev/runyunewid/.gitignore create mode 100644 dev/runyunewid/backend.tf create mode 100644 dev/runyunewid/imports.tf create mode 100644 dev/runyunewid/main.tf create mode 100644 dev/runyunewid/provider.tf create mode 100644 dev/runyunewid/terraform.tf create mode 100644 dev/runyunewid/variables.tf create mode 100644 modules/runyutesttemplate2/checks.tf create mode 100644 modules/runyutesttemplate2/main.tf create mode 100644 modules/runyutesttemplate2/naming.tf create mode 100644 modules/runyutesttemplate2/scripts/ip-range-overlap.ps1 create mode 100644 modules/runyutesttemplate2/terraform.tf create mode 100644 modules/runyutesttemplate2/variables.aks-arc.global.tf create mode 100644 modules/runyutesttemplate2/variables.aks-arc.misc.tf create mode 100644 modules/runyutesttemplate2/variables.aks-arc.site.tf create mode 100644 modules/runyutesttemplate2/variables.hci-extensions.global.tf create mode 100644 modules/runyutesttemplate2/variables.hci-extensions.misc.tf create mode 100644 modules/runyutesttemplate2/variables.hci-provisioners.global.tf create mode 100644 modules/runyutesttemplate2/variables.hci-provisioners.misc.tf create mode 100644 modules/runyutesttemplate2/variables.hci-vm-gallery-image.global.tf create mode 100644 modules/runyutesttemplate2/variables.hci-vm.global.tf create mode 100644 modules/runyutesttemplate2/variables.hci-vm.site.tf create mode 100644 modules/runyutesttemplate2/variables.hci.global.tf create mode 100644 modules/runyutesttemplate2/variables.hci.misc.tf create mode 100644 modules/runyutesttemplate2/variables.hci.site.tf create mode 100644 modules/runyutesttemplate2/variables.logical-network.global.tf create mode 100644 modules/runyutesttemplate2/variables.logical-network.site.tf create mode 100644 modules/runyutesttemplate2/variables.main.global.tf create mode 100644 modules/runyutesttemplate2/variables.main.misc.tf create mode 100644 modules/runyutesttemplate2/variables.main.site.tf create mode 100644 modules/runyutesttemplate2/variables.site-manager.global.tf create mode 100644 modules/runyutesttemplate2/variables.site-manager.misc.tf create mode 100644 modules/runyutesttemplate2/variables.site-manager.site.tf diff --git a/dev/runyunewid/.gitignore b/dev/runyunewid/.gitignore new file mode 100644 index 0000000..34a308b --- /dev/null +++ b/dev/runyunewid/.gitignore @@ -0,0 +1 @@ +*.tfvars \ No newline at end of file diff --git a/dev/runyunewid/backend.tf b/dev/runyunewid/backend.tf new file mode 100644 index 0000000..91ab0fe --- /dev/null +++ b/dev/runyunewid/backend.tf @@ -0,0 +1,10 @@ +terraform { + backend "azurerm" { + resource_group_name = "runyutestiac" + storage_account_name = "runyutestiacsa" + container_name = "runyutestiaccontainer" + key = "runyunewid.tfstate" + use_azuread_auth = true + subscription_id = "de3c4d5e-af08-451a-a873-438d86ab6f4b" + } +} diff --git a/dev/runyunewid/imports.tf b/dev/runyunewid/imports.tf new file mode 100644 index 0000000..9f6f3a1 --- /dev/null +++ b/dev/runyunewid/imports.tf @@ -0,0 +1,6 @@ +# # Uncomment the following lines to import the resource group when Arc servers are provisioned by yourself. + +# import { +# id = "/subscriptions//resourceGroups/" +# to = module.base.azurerm_resource_group.rg +# } diff --git a/dev/runyunewid/main.tf b/dev/runyunewid/main.tf new file mode 100644 index 0000000..d25b55d --- /dev/null +++ b/dev/runyunewid/main.tf @@ -0,0 +1,70 @@ +# module "base" { +# source = "../../modules/runyutesttemplate2" +# location = "" +# site_id = basename(abspath(path.module)) +# domain_fqdn = "" +# starting_address = "" +# ending_address = "" +# default_gateway = "" +# dns_servers = [""] +# adou_suffix = "" +# dc_ip = "" +# servers = [ +# { +# name = "", +# ipv4Address = "" +# }, +# { +# name = "", +# ipv4Address = "" +# } +# ] +# management_adapters = ["", ""] +# storage_networks = [ +# { +# name = "Storage1Network", +# networkAdapterName = "", +# vlanId = "" +# }, +# { +# name = "Storage2Network", +# networkAdapterName = "", +# vlanId = "" +# } +# ] +# rdma_enabled = false // Change to true if RDMA is enabled. +# storage_connectivity_switchless = false // Change to true if storage connectivity is switchless. +# enable_provisioners = true // Change to false when Arc servers are connected by yourself. +# authentication_method = "Credssp" // or "Default" +# subscription_id = var.subscription_id +# domain_admin_user = var.domain_admin_user +# domain_admin_password = var.domain_admin_password +# local_admin_user = var.local_admin_user +# local_admin_password = var.local_admin_password +# deployment_user_password = var.deployment_user_password +# service_principal_id = var.service_principal_id +# service_principal_secret = var.service_principal_secret +# rp_service_principal_object_id = var.rp_service_principal_object_id + +# # Region HCI logical network parameters +# lnet_starting_address = "" +# lnet_ending_address = "" # This IP range should not overlap with HCI infra IP range. +# lnet_address_prefix = "" # E.g., 192.168.1.0/24 +# lnet_default_gateway = "" # Default gateway can be same as HCI infra default gateway. +# lnet_dns_servers = [""] # DNS servers can be same as HCI infra DNS servers. + +# # Region AKS Arc parameters +# aks_arc_control_plane_ip = "" # An IP address in the logical network IP range. +# rbac_admin_group_object_ids = [""] # An AAD group that will have the admin permission of this AKS Arc cluster. Check ./doc/AKS-Arc-Admin-Groups.md for details + +# # Region HCI VM parameters +# # Uncomment this section will create a windows server VM on HCI. +# # download_win_server_image = true +# # vm_admin_password = var.vm_admin_password +# # domain_join_password = var.domain_join_password + +# # Region site manager parameters +# # Uncomment this section will create site manager instance for the resource group. +# # Check ./doc/Add-Site-Manager.md for more information +# # country = "" +# } diff --git a/dev/runyunewid/provider.tf b/dev/runyunewid/provider.tf new file mode 100644 index 0000000..ea131dc --- /dev/null +++ b/dev/runyunewid/provider.tf @@ -0,0 +1,9 @@ +provider "azurerm" { + features { + } + subscription_id = var.subscription_id +} + +provider "azapi" { + subscription_id = var.subscription_id +} diff --git a/dev/runyunewid/terraform.tf b/dev/runyunewid/terraform.tf new file mode 100644 index 0000000..e4f7bbb --- /dev/null +++ b/dev/runyunewid/terraform.tf @@ -0,0 +1,15 @@ +terraform { + required_providers { + azurerm = { + source = "hashicorp/azurerm" + version = "~>3.0" + } + random = { + source = "hashicorp/random" + version = "~>3.0" + } + azapi = { + source = "azure/azapi" + } + } +} diff --git a/dev/runyunewid/variables.tf b/dev/runyunewid/variables.tf new file mode 100644 index 0000000..9d38a1b --- /dev/null +++ b/dev/runyunewid/variables.tf @@ -0,0 +1,66 @@ +variable "subscription_id" { + description = "The subscription id to register this environment." + type = string +} + +variable "local_admin_user" { + description = "The username of the local administrator account." + sensitive = true + type = string +} + +variable "local_admin_password" { + description = "The password of the local administrator account." + sensitive = true + type = string +} + +variable "domain_admin_user" { + description = "The username of the domain account." + sensitive = true + type = string +} + +variable "domain_admin_password" { + description = "The password of the domain account." + sensitive = true + type = string +} + +variable "deployment_user_password" { + sensitive = true + type = string + description = "The password for deployment user." +} + +variable "service_principal_id" { + description = "The id of service principal to create hci cluster." + sensitive = true + type = string +} + +variable "service_principal_secret" { + description = "The secret of service principal to create hci cluster." + sensitive = true + type = string +} + +variable "rp_service_principal_object_id" { + default = "" + type = string + description = "The object ID of the HCI resource provider service principal." +} + +variable "vm_admin_password" { + description = "Admin password for the VM" + type = string + sensitive = true + default = "" +} + +variable "domain_join_password" { + description = "Password of User with permissions to join the domain." + type = string + sensitive = true + default = "" +} diff --git a/modules/runyutesttemplate2/checks.tf b/modules/runyutesttemplate2/checks.tf new file mode 100644 index 0000000..acc3a2d --- /dev/null +++ b/modules/runyutesttemplate2/checks.tf @@ -0,0 +1,16 @@ +locals { + is_windows = length(regexall("^[a-z]:", lower(abspath(path.root)))) > 0 + program = local.is_windows ? "powershell.exe" : "pwsh" +} + +data "external" "lnet_ip_check" { + program = [local.program, "-File", "${abspath(path.module)}/scripts/ip-range-overlap.ps1", var.starting_address, var.ending_address, var.lnet_starting_address, var.lnet_ending_address] + + lifecycle { + postcondition { + condition = self.result.result == "ok" + error_message = "AKS Arc IP range overlaps with HCI IP range." + } + } +} + diff --git a/modules/runyutesttemplate2/main.tf b/modules/runyutesttemplate2/main.tf new file mode 100644 index 0000000..c048164 --- /dev/null +++ b/modules/runyutesttemplate2/main.tf @@ -0,0 +1,354 @@ +resource "azurerm_resource_group" "rg" { + depends_on = [ + data.external.lnet_ip_check + ] + name = local.resource_group_name + location = var.location + tags = { + siteId = var.site_id + } + + lifecycle { + ignore_changes = [tags] + } +} + +data "azurerm_client_config" "current" {} + +module "edge_site" { + source = "Azure/avm-res-edge-site/azurerm" + version = "~>0.1" + + count = var.country != "" ? 1 : 0 + enable_telemetry = var.enable_telemetry + + location = azurerm_resource_group.rg.location + address_resource_name = local.address_resource_name + country = var.country + city = var.city + company_name = var.company_name + postal_code = var.postal_code + state_or_province = var.state_or_province + street_address_1 = var.street_address_1 + street_address_2 = var.street_address_2 + street_address_3 = var.street_address_3 + zip_extended_code = var.zip_extended_code + contact_name = var.contact_name + email_list = var.email_list + mobile = var.mobile + phone = var.phone + phone_extension = var.phone_extension + resource_group_id = azurerm_resource_group.rg.id + site_display_name = local.site_display_name + site_resource_name = local.site_resource_name +} + +# Prepare AD +module "hci_ad_provisioner" { + source = "Azure/avm-ptn-hci-ad-provisioner/azurerm" + version = "~>0.1" + + count = var.enable_provisioners ? 1 : 0 + enable_telemetry = var.enable_telemetry + + resource_group_name = azurerm_resource_group.rg.name + dc_port = var.dc_port + dc_ip = var.dc_ip + authentication_method = var.authentication_method + domain_fqdn = var.domain_fqdn + deployment_user_password = var.deployment_user_password + domain_admin_user = var.domain_admin_user + domain_admin_password = var.domain_admin_password + deployment_user = local.deployment_user_name + adou_path = local.adou_path +} + +# Prepare arc server +module "hci_server_provisioner" { + source = "Azure/avm-ptn-hci-server-provisioner/azurerm" + version = "~>0.1" + + for_each = var.enable_provisioners ? { + for index, server in var.servers : + server.name => server.ipv4Address + } : {} + + enable_telemetry = var.enable_telemetry + + name = each.key + resource_group_name = azurerm_resource_group.rg.name + local_admin_user = var.local_admin_user + local_admin_password = var.local_admin_password + authentication_method = var.authentication_method + server_ip = var.virtual_host_ip == "" ? each.value : var.virtual_host_ip + winrm_port = var.virtual_host_ip == "" ? 5985 : var.server_ports[each.key] + subscription_id = var.subscription_id + location = azurerm_resource_group.rg.location + tenant = data.azurerm_client_config.current.tenant_id + service_principal_id = var.service_principal_id + service_principal_secret = var.service_principal_secret +} + +module "hci_cluster" { + source = "Azure/avm-res-azurestackhci-cluster/azurerm" + version = "~>0.8" + + depends_on = [module.hci_server_provisioner, module.hci_ad_provisioner] + enable_telemetry = var.enable_telemetry + + location = azurerm_resource_group.rg.location + name = local.cluster_name + cluster_tags = var.cluster_tags + resource_group_id = azurerm_resource_group.rg.id + site_id = var.site_id + domain_fqdn = var.domain_fqdn + adou_path = local.adou_path + servers = var.servers + custom_location_name = local.custom_location_name + eu_location = var.eu_location + operation_type = var.operation_type + configuration_mode = var.configuration_mode + + # Network settings + starting_address = var.starting_address + ending_address = var.ending_address + subnet_mask = var.subnet_mask + default_gateway = var.default_gateway + dns_servers = var.dns_servers + management_adapters = var.management_adapters + + # Intent settings + intent_name = var.intent_name + rdma_enabled = var.rdma_enabled + override_adapter_property = var.override_adapter_property + qos_policy_overrides = var.qos_policy_overrides + compute_intent_name = var.compute_intent_name + compute_override_adapter_property = var.compute_override_adapter_property + compute_qos_policy_overrides = var.compute_qos_policy_overrides + compute_rdma_enabled = var.compute_rdma_enabled + storage_networks = var.storage_networks + storage_adapter_ip_info = var.storage_adapter_ip_info + storage_connectivity_switchless = var.storage_connectivity_switchless + storage_intent_name = var.storage_intent_name + storage_override_adapter_property = var.storage_override_adapter_property + storage_qos_policy_overrides = var.storage_qos_policy_overrides + storage_rdma_enabled = var.storage_rdma_enabled + + # Witness settings + witness_path = var.witness_path + witness_type = var.witness_type + random_suffix = local.random_suffix + create_witness_storage_account = var.create_witness_storage_account + witness_storage_account_name = var.witness_storage_account_name == "" ? local.witness_storage_account_name : var.witness_storage_account_name + witness_storage_account_resource_group_name = var.witness_storage_account_resource_group_name + cross_tenant_replication_enabled = var.cross_tenant_replication_enabled + account_replication_type = var.account_replication_type + allow_nested_items_to_be_public = var.allow_nested_items_to_be_public + azure_service_endpoint = var.azure_service_endpoint + min_tls_version = var.min_tls_version + storage_tags = var.storage_tags + + # Deployment secrets key vault settings + use_legacy_key_vault_model = var.use_legacy_key_vault_model + create_key_vault = var.create_key_vault + keyvault_name = var.keyvault_name == "" ? local.keyvault_name : var.keyvault_name + key_vault_location = var.key_vault_location + key_vault_resource_group = var.key_vault_resource_group + keyvault_tags = var.keyvault_tags + keyvault_purge_protection_enabled = var.keyvault_purge_protection_enabled + keyvault_soft_delete_retention_days = var.keyvault_soft_delete_retention_days + azure_stack_lcm_user_credential_content_type = var.azure_stack_lcm_user_credential_content_type + azure_stack_lcm_user_credential_tags = var.azure_stack_lcm_user_credential_tags + default_arb_application_content_type = var.default_arb_application_content_type + default_arb_application_tags = var.default_arb_application_tags + local_admin_credential_content_type = var.local_admin_credential_content_type + local_admin_credential_tags = var.local_admin_credential_tags + witness_storage_key_content_type = var.witness_storage_key_content_type + witness_storage_key_tags = var.witness_storage_key_tags + + # Security settings + hvci_protection = var.hvci_protection + drtm_protection = var.drtm_protection + drift_control_enforced = var.drift_control_enforced + credential_guard_enforced = var.credential_guard_enforced + side_channel_mitigation_enforced = var.side_channel_mitigation_enforced + smb_cluster_encryption = var.smb_cluster_encryption + smb_signing_enforced = var.smb_signing_enforced + bitlocker_boot_volume = var.bitlocker_boot_volume + bitlocker_data_volumes = var.bitlocker_data_volumes + wdac_enforced = var.wdac_enforced + + # Credentials settings + deployment_user = local.deployment_user_name + deployment_user_password = var.deployment_user_password + local_admin_user = var.local_admin_user + local_admin_password = var.local_admin_password + service_principal_id = var.service_principal_id + service_principal_secret = var.service_principal_secret + rp_service_principal_object_id = var.rp_service_principal_object_id +} + +module "hci_logicalnetwork" { + source = "Azure/avm-res-azurestackhci-logicalnetwork/azurerm" + version = "~>0.4" + + depends_on = [module.hci_cluster] + enable_telemetry = var.enable_telemetry + + location = azurerm_resource_group.rg.location + resource_group_id = azurerm_resource_group.rg.id + custom_location_id = module.hci_cluster.customlocation.id + vm_switch_name = module.hci_cluster.v_switch_name + name = local.logical_network_name + ip_allocation_method = "Static" + logical_network_tags = var.logical_network_tags + starting_address = var.lnet_starting_address + ending_address = var.lnet_ending_address + dns_servers = length(var.lnet_dns_servers) == 0 ? var.dns_servers : var.lnet_dns_servers + default_gateway = var.lnet_default_gateway == "" ? var.default_gateway : var.lnet_default_gateway + address_prefix = var.lnet_address_prefix + vlan_id = var.lnet_vlan_id + route_name = var.route_name + subnet_0_name = var.subnet_0_name +} + +module "aks_arc" { + source = "Azure/avm-res-hybridcontainerservice-provisionedclusterinstance/azurerm" + version = "~>0.3" + + depends_on = [module.hci_cluster, module.hci_logicalnetwork] + enable_telemetry = var.enable_telemetry + + location = azurerm_resource_group.rg.location + name = local.aks_arc_name + resource_group_id = azurerm_resource_group.rg.id + custom_location_id = module.hci_cluster.customlocation.id + logical_network_id = module.hci_logicalnetwork.resource_id + agent_pool_profiles = var.agent_pool_profiles + ssh_key_vault_id = module.hci_cluster.keyvault.id + control_plane_ip = var.aks_arc_control_plane_ip + kubernetes_version = var.kubernetes_version + control_plane_count = var.control_plane_count + rbac_admin_group_object_ids = var.rbac_admin_group_object_ids +} + +locals { + arc_server_ids = { for server in var.servers : server.name => "${azurerm_resource_group.rg.id}/providers/Microsoft.HybridCompute/machines/${server.name}" } +} + +module "hci_insights" { + source = "Azure/avm-ptn-azuremonitorwindowsagent/azurerm" + version = "~>0.4" + + depends_on = [module.hci_cluster] + enable_telemetry = var.enable_telemetry + + count = var.enable_insights ? 1 : 0 + resource_group_name = azurerm_resource_group.rg.name + arc_server_ids = local.arc_server_ids + arc_setting_id = module.hci_cluster.arc_settings.id + data_collection_rule_resource_id = var.data_collection_rule_resource_id + create_data_collection_resources = var.data_collection_rule_resource_id == "" ? true : false + data_collection_resources_location = azurerm_resource_group.rg.location + data_collection_rule_name = local.data_collection_rule_name + data_collection_rule_tags = var.data_collection_rule_tags + data_collection_rule_destination_id = var.data_collection_rule_destination_id + data_collection_endpoint_name = local.data_collection_endpoint_name + data_collection_endpoint_tags = var.data_collection_endpoint_tags + workspace_name = local.workspace_name + workspace_tags = var.workspace_tags + sku = var.sku + cmk_for_query_forced = var.cmk_for_query_forced + immediate_data_purge_on_30_days_enabled = var.immediate_data_purge_on_30_days_enabled + retention_in_days = var.retention_in_days + counter_specifiers = var.counter_specifiers + x_path_queries = var.x_path_queries +} + +resource "azapi_resource" "hci_alerts" { + depends_on = [module.hci_cluster] + count = var.enable_alerts && var.enable_insights ? 1 : 0 + type = "Microsoft.AzureStackHCI/clusters/ArcSettings/Extensions@2023-08-01" + parent_id = module.hci_cluster.arc_settings.id + name = "AzureEdgeAlerts" + body = { + properties = { + extensionParameters = { + enableAutomaticUpgrade = true + autoUpgradeMinorVersion = false + publisher = "Microsoft.AzureStack.HCI.Alerts" + type = "AlertsForWindowsHCI" + settings = {} + } + } + } +} + +resource "azapi_resource" "hci_win_image" { + count = var.download_win_server_image ? 1 : 0 + type = "Microsoft.AzureStackHCI/marketplaceGalleryImages@2023-09-01-preview" + name = "winServer2022-01" + parent_id = azurerm_resource_group.rg.id + location = var.location + timeouts { + create = "24h" + delete = "60m" + } + lifecycle { + ignore_changes = [ + body.properties.version.properties.storageProfile.osDiskImage + ] + } + body = { + properties = { + containerId = null + osType = "Windows" + hyperVGeneration = "V2" + identifier = { + publisher = "MicrosoftWindowsServer" + offer = "WindowsServer" + sku = "2022-datacenter-azure-edition" + } + version = { + name = "20348.2113.231109" + properties = { + storageProfile = { + osDiskImage = { + } + } + } + } + } + extendedLocation = { + name = module.hci_cluster.customlocation.id + type = "CustomLocation" + } + } +} + +module "hci-vm" { + count = var.download_win_server_image ? 1 : 0 + source = "Azure/avm-res-azurestackhci-virtualmachineinstance/azurerm" + version = "~>0.1" + depends_on = [azapi_resource.hci_win_image] + location = azurerm_resource_group.rg.location + custom_location_id = module.hci_cluster.customlocation.id + resource_group_name = azurerm_resource_group.rg.name + name = local.vm_name + image_id = one(azapi_resource.hci_win_image).id + logical_network_id = module.hci_logicalnetwork.resource_id + admin_username = local.vm_admin_username + admin_password = var.vm_admin_password + v_cpu_count = var.v_cpu_count + memory_mb = var.memory_mb + dynamic_memory = var.dynamic_memory + dynamic_memory_max = var.dynamic_memory_max + dynamic_memory_min = var.dynamic_memory_min + dynamic_memory_buffer = var.dynamic_memory_buffer + data_disk_params = var.data_disk_params + private_ip_address = var.private_ip_address + domain_to_join = var.domain_to_join + domain_target_ou = var.domain_target_ou + domain_join_user_name = var.domain_join_user_name + domain_join_password = var.domain_join_password +} diff --git a/modules/runyutesttemplate2/naming.tf b/modules/runyutesttemplate2/naming.tf new file mode 100644 index 0000000..a489570 --- /dev/null +++ b/modules/runyutesttemplate2/naming.tf @@ -0,0 +1,21 @@ +locals { + resource_group_name = "${var.site_id}-rg" + site_resource_name = length(var.site_id) < 4 ? "${var.site_id}-site" : "${var.site_id}" + site_display_name = var.site_id + address_resource_name = "${var.site_id}-address" + deployment_user_name = "${var.site_id}deploy" + witness_storage_account_name = "${lower(var.site_id)}wit" + keyvault_name = "${var.site_id}-kv" + adou_path = "OU=${var.site_id},${var.adou_suffix}" + cluster_name = "${var.site_id}-cl" + custom_location_name = "${var.site_id}-customlocation" + workspace_name = "${var.site_id}-workspace" + data_collection_endpoint_name = "${var.site_id}-dce" + data_collection_rule_name = "AzureStackHCI-${var.site_id}-dcr" + logical_network_name = "${var.site_id}-logicalnetwork" + aks_arc_name = "${var.site_id}-aksArc" + vm_name = "${var.site_id}-vm" + vm_admin_username = "${var.site_id}admin" + domain_join_user_name = "${var.site_id}vmuser" + random_suffix = true +} diff --git a/modules/runyutesttemplate2/scripts/ip-range-overlap.ps1 b/modules/runyutesttemplate2/scripts/ip-range-overlap.ps1 new file mode 100644 index 0000000..6d1e6de --- /dev/null +++ b/modules/runyutesttemplate2/scripts/ip-range-overlap.ps1 @@ -0,0 +1,25 @@ +param( + $range1_start, + $range1_end, + $range2_start, + $range2_end +) + +$script:ErrorActionPreference = 'Stop' +$result = "overlap" + +if (([IPAddress]$range1_start).Address -gt ([IPAddress]$range1_end).Address -or ([IPAddress]$range2_start).Address -gt ([IPAddress]$range2_end).Address) { + $result = "invalid" +} + +if (([IPAddress]$range1_end).Address -lt ([IPAddress]$range2_start).Address) { + $result = "ok" +} + +if (([IPAddress]$range2_end).Address -lt ([IPAddress]$range1_start).Address) { + $result = "ok" +} + +echo @{ + "result"= $result +} | ConvertTo-Json diff --git a/modules/runyutesttemplate2/terraform.tf b/modules/runyutesttemplate2/terraform.tf new file mode 100644 index 0000000..2223b07 --- /dev/null +++ b/modules/runyutesttemplate2/terraform.tf @@ -0,0 +1,15 @@ +terraform { + required_providers { + azurerm = { + source = "hashicorp/azurerm" + version = "~>3.0" + } + random = { + source = "hashicorp/random" + version = "~>3.0" + } + azapi = { + source = "azure/azapi" + } + } +} diff --git a/modules/runyutesttemplate2/variables.aks-arc.global.tf b/modules/runyutesttemplate2/variables.aks-arc.global.tf new file mode 100644 index 0000000..083bf0b --- /dev/null +++ b/modules/runyutesttemplate2/variables.aks-arc.global.tf @@ -0,0 +1,37 @@ +variable "kubernetes_version" { + description = "The version of Kubernetes to use for the provisioned cluster." + type = string + default = "1.28.5" +} + +variable "control_plane_count" { + description = "The number of control plane nodes for the Kubernetes cluster." + type = number + default = 1 +} + +variable "agent_pool_profiles" { + description = "The agent pool profiles for the Kubernetes cluster." + type = list(object({ + count = number + enableAutoScaling = optional(bool, false) + nodeTaints = optional(list(string)) + nodeLabels = optional(map(string)) + maxPods = optional(number) + name = optional(string) + osSKU = optional(string, "CBLMariner") + osType = optional(string, "Linux") + vmSize = optional(string) + })) + default = [{ + count = 1 + enableAutoScaling = false + }] +} + +variable "rbac_admin_group_object_ids" { + description = "The object id of the Azure AD group that will be assigned the 'cluster-admin' role in the Kubernetes cluster." + type = list(string) + # Add your default admin groups here. Refer to the documentation under doc/AKS-Arc-Admin-Groups.md for more information. + # default = [""] +} diff --git a/modules/runyutesttemplate2/variables.aks-arc.misc.tf b/modules/runyutesttemplate2/variables.aks-arc.misc.tf new file mode 100644 index 0000000..ceec9d2 --- /dev/null +++ b/modules/runyutesttemplate2/variables.aks-arc.misc.tf @@ -0,0 +1,2 @@ +# Reference variables +# variable "tenant" "ref/hci/tenant" diff --git a/modules/runyutesttemplate2/variables.aks-arc.site.tf b/modules/runyutesttemplate2/variables.aks-arc.site.tf new file mode 100644 index 0000000..64b3e84 --- /dev/null +++ b/modules/runyutesttemplate2/variables.aks-arc.site.tf @@ -0,0 +1,4 @@ +variable "aks_arc_control_plane_ip" { + type = string + description = "The IP address of the control plane." +} diff --git a/modules/runyutesttemplate2/variables.hci-extensions.global.tf b/modules/runyutesttemplate2/variables.hci-extensions.global.tf new file mode 100644 index 0000000..750cb87 --- /dev/null +++ b/modules/runyutesttemplate2/variables.hci-extensions.global.tf @@ -0,0 +1,86 @@ +variable "enable_insights" { + description = "Whether to enable Azure Monitor Insights." + type = bool + default = false +} + +variable "enable_alerts" { + description = "Whether to enable Azure Monitor Alerts." + type = bool + default = false +} + +variable "data_collection_rule_resource_id" { + type = string + description = "The id of the Azure Log Analytics data collection rule." + default = "" +} + +variable "cmk_for_query_forced" { + type = bool + default = false + description = "(Optional) Is Customer Managed Storage mandatory for query management?" +} + +variable "counter_specifiers" { + type = list(string) + default = [ + "\\Memory\\Available Bytes", + "\\Network Interface(*)\\Bytes Total/sec", + "\\Processor(_Total)\\% Processor Time", + "\\RDMA Activity(*)\\RDMA Inbound Bytes/sec", + "\\RDMA Activity(*)\\RDMA Outbound Bytes/sec" + ] + description = "A list of performance counter specifiers." +} + +variable "data_collection_endpoint_tags" { + type = map(string) + default = {} + description = "A mapping of tags to assign to th data collection endpoint." +} + +variable "data_collection_rule_destination_id" { + type = string + default = "2-90d1-e814dab6067e" + description = "The id of data collection rule destination id." +} + +variable "data_collection_rule_tags" { + type = map(string) + default = {} + description = "A mapping of tags to assign to th data collection rule." +} + +variable "immediate_data_purge_on_30_days_enabled" { + type = bool + default = false + description = "(Optional) Whether to remove the data in the Log Analytics Workspace immediately after 30 days." +} + +variable "retention_in_days" { + type = number + default = 30 + description = "(Optional) The workspace data retention in days. Possible values are either 7 (Free Tier only) or range between 30 and 730." +} + +variable "sku" { + type = string + default = "PerGB2018" + description = " (Optional) Specifies the SKU of the Log Analytics Workspace." +} + +variable "workspace_tags" { + type = map(string) + default = {} + description = "A mapping of tags to assign to the Azure Log Analytics workspace." +} + +variable "x_path_queries" { + type = list(string) + default = [ + "Microsoft-Windows-SDDC-Management/Operational!*[System[(EventID=3000 or EventID=3001 or EventID=3002 or EventID=3003 or EventID=3004)]]", + "microsoft-windows-health/operational!*" + ] + description = "A list of XPath queries for event logs." +} diff --git a/modules/runyutesttemplate2/variables.hci-extensions.misc.tf b/modules/runyutesttemplate2/variables.hci-extensions.misc.tf new file mode 100644 index 0000000..7b4eef8 --- /dev/null +++ b/modules/runyutesttemplate2/variables.hci-extensions.misc.tf @@ -0,0 +1,3 @@ +# Reference variables +# variable "site_id" "ref/main/site_id" +# variable "server_names" "ref/hci/servers" "server_names = [for server in var.servers : server.name]" diff --git a/modules/runyutesttemplate2/variables.hci-provisioners.global.tf b/modules/runyutesttemplate2/variables.hci-provisioners.global.tf new file mode 100644 index 0000000..b5ff508 --- /dev/null +++ b/modules/runyutesttemplate2/variables.hci-provisioners.global.tf @@ -0,0 +1,26 @@ +variable "enable_provisioners" { + type = bool + default = true + description = "Whether to enable provisioners." +} + +variable "dc_ip" { + type = string + description = "The ip of the server." +} + +variable "destory_adou" { + description = "whether destroy previous adou" + default = false + type = bool +} + +variable "authentication_method" { + type = string + description = "The authentication method for Enter-PSSession." + validation { + condition = can(regex("^(Default|Basic|Negotiate|NegotiateWithImplicitCredential|Credssp|Digest|Kerberos)$", var.authentication_method)) + error_message = "Value of authenticationMethod should be {Default | Basic | Negotiate | NegotiateWithImplicitCredential | Credssp | Digest | Kerberos}" + } + default = "Default" +} diff --git a/modules/runyutesttemplate2/variables.hci-provisioners.misc.tf b/modules/runyutesttemplate2/variables.hci-provisioners.misc.tf new file mode 100644 index 0000000..fcaf98f --- /dev/null +++ b/modules/runyutesttemplate2/variables.hci-provisioners.misc.tf @@ -0,0 +1,47 @@ +# Pass through variables +variable "domain_admin_user" { + type = string + description = "The username for the domain administrator account." +} + +variable "domain_admin_password" { + # sensitive = true + type = string + description = "The password for the domain administrator account." +} + +# Virtual host related variables +variable "virtual_host_ip" { + type = string + description = "The virtual host IP address." + default = "" +} + +variable "dc_port" { + type = number + description = "Domain controller winrm port in virtual host" + default = 5985 +} + +variable "server_ports" { + type = map(number) + description = "Server winrm ports in virtual host" + default = {} +} + + +# Reference variables +# variable "location" "ref/main/location" +# variable "site_id" "ref/main/site_id" +# variable "site_name" "ref/main/site_name" +# variable "subscription_id" "ref/main/subscription_id" +# variable "servers" "ref/hci/servers" +# variable "deployment_user" "ref/hci/deployment_user" +# variable "deployment_user_password" "ref/hci/deployment_user_password" +# variable "local_admin_user" "ref/hci/local_admin_user" +# variable "local_admin_password" "ref/hci/local_admin_password" +# variable "domain_fqdn" "ref/hci/domain_fqdn" +# variable "adou_path" "ref/hci/adou_path" +# variable "tenant" "ref/hci/tenant" +# variable "service_principal_id" "ref/hci/service_principal_id" +# variable "service_principal_secret" "ref/hci/service_principal_secret" diff --git a/modules/runyutesttemplate2/variables.hci-vm-gallery-image.global.tf b/modules/runyutesttemplate2/variables.hci-vm-gallery-image.global.tf new file mode 100644 index 0000000..8965fed --- /dev/null +++ b/modules/runyutesttemplate2/variables.hci-vm-gallery-image.global.tf @@ -0,0 +1,11 @@ +variable "download_win_server_image" { + description = "Whether to download Windows Server image" + type = bool + default = false +} + +variable "user_storage_id" { + description = "The user storage ID to store images." + type = string + default = "" +} diff --git a/modules/runyutesttemplate2/variables.hci-vm.global.tf b/modules/runyutesttemplate2/variables.hci-vm.global.tf new file mode 100644 index 0000000..e0d7b8c --- /dev/null +++ b/modules/runyutesttemplate2/variables.hci-vm.global.tf @@ -0,0 +1,76 @@ +variable "v_cpu_count" { + description = "Number of vCPUs" + type = number + default = 2 +} + +variable "memory_mb" { + description = "Memory in MB" + type = number + default = 8192 +} + +variable "dynamic_memory" { + description = "Enable dynamic memory" + type = bool + default = false +} + +variable "dynamic_memory_max" { + description = "Maximum memory in MB when dynamic memory is enabled" + type = number + default = 8192 +} + +variable "dynamic_memory_min" { + description = "Minimum memory in MB when dynamic memory is enabled" + type = number + default = 512 +} + +variable "dynamic_memory_buffer" { + description = "Buffer memory in MB when dynamic memory is enabled" + type = number + default = 20 +} + +variable "data_disk_params" { + description = "The array description of the dataDisks to attach to the vm. Provide an empty array for no additional disks, or an array following the example below." + type = map(object({ + diskSizeGB = number + dynamic = bool + name = string + })) + default = {} +} + +variable "private_ip_address" { + description = "The private IP address of the NIC" + type = string + default = "" +} + +variable "domain_to_join" { + description = "Optional Domain name to join - specify to join the VM to domain. example: contoso.com - If left empty, ou, username and password parameters will not be evaluated in the deployment." + type = string + default = "" +} + +variable "domain_target_ou" { + description = "Optional domain organizational unit to join. example: ou=computers,dc=contoso,dc=com - Required if 'domainToJoin' is specified." + type = string + default = "" +} + +variable "domain_join_user_name" { + description = "Optional User Name with permissions to join the domain. example: domain-joiner - Required if 'domainToJoin' is specified." + type = string + default = "" +} + +variable "domain_join_password" { + description = "Optional Password of User with permissions to join the domain. - Required if 'domainToJoin' is specified." + type = string + sensitive = true + default = "" +} diff --git a/modules/runyutesttemplate2/variables.hci-vm.site.tf b/modules/runyutesttemplate2/variables.hci-vm.site.tf new file mode 100644 index 0000000..e91f7da --- /dev/null +++ b/modules/runyutesttemplate2/variables.hci-vm.site.tf @@ -0,0 +1,6 @@ +variable "vm_admin_password" { + description = "Admin password for the VM" + type = string + sensitive = true + default = "" +} diff --git a/modules/runyutesttemplate2/variables.hci.global.tf b/modules/runyutesttemplate2/variables.hci.global.tf new file mode 100644 index 0000000..7f01213 --- /dev/null +++ b/modules/runyutesttemplate2/variables.hci.global.tf @@ -0,0 +1,399 @@ +variable "domain_fqdn" { + description = "The domain FQDN." + type = string +} + +variable "adou_suffix" { + type = string + description = "The suffix of Active Directory OU path." +} + +variable "subnet_mask" { + type = string + description = "The subnet mask for the network." + default = "255.255.255.0" +} + +variable "default_gateway" { + description = "The default gateway for the network." + type = string +} + +variable "dns_servers" { + type = list(string) + description = "A list of DNS server IP addresses." +} + +variable "management_adapters" { + type = list(string) +} + +variable "storage_networks" { + type = list(object({ + name = string + networkAdapterName = string + vlanId = string + })) + description = "A list of storage networks." +} + +variable "storage_adapter_ip_info" { + type = map(list(object({ + physicalNode = string + ipv4Address = string + subnetMask = string + }))) + default = null + description = "The IP information for the storage networks. Key is the storage network name." +} + +variable "rdma_enabled" { + type = bool + description = "Indicates whether RDMA is enabled." +} + +variable "storage_connectivity_switchless" { + type = bool + description = "Indicates whether storage connectivity is switchless." +} + +variable "account_replication_type" { + type = string + default = "ZRS" + description = "The replication type for the storage account." +} + +variable "allow_nested_items_to_be_public" { + type = bool + default = false + description = "Indicates whether nested items can be public." +} + +variable "azure_service_endpoint" { + type = string + default = "core.windows.net" + description = "The Azure service endpoint." +} + +variable "azure_stack_lcm_user_credential_content_type" { + type = string + default = null + description = "(Optional) Content type of the azure stack lcm user credential." +} + +variable "azure_stack_lcm_user_credential_tags" { + type = map(string) + default = null + description = "(Optional) Tags of the azure stack lcm user credential." +} + +variable "cluster_tags" { + type = map(string) + default = null + description = "(Optional) Tags of the cluster." +} + +variable "compute_intent_name" { + type = string + default = "ManagementCompute" + description = "The name of compute intent." +} + +variable "compute_override_adapter_property" { + type = bool + default = true + description = "Indicates whether to override adapter property for compute." +} + +variable "compute_qos_policy_overrides" { + type = object({ + priorityValue8021Action_SMB = string + priorityValue8021Action_Cluster = string + bandwidthPercentage_SMB = string + }) + default = { + priorityValue8021Action_SMB = "" + priorityValue8021Action_Cluster = "" + bandwidthPercentage_SMB = "" + } + description = "QoS policy overrides for network settings with required properties for compute." +} + +variable "compute_rdma_enabled" { + type = bool + default = false + description = "Indicates whether RDMA is enabled for compute." +} + +variable "keyvault_name" { + type = string + default = "" + description = "The name override of the key vault." +} + +variable "use_legacy_key_vault_model" { + type = bool + default = false + description = "Indicates whether to use the legacy key vault model." +} + +variable "create_key_vault" { + type = bool + default = true + description = "Set to true to create the key vault, or false to skip it" +} + +variable "create_witness_storage_account" { + type = bool + default = true + description = "Set to true to create the witness storage account, or false to skip it" +} + +variable "witness_storage_account_name" { + type = string + default = "" + description = "The name override of the witness storage account." +} + +variable "cross_tenant_replication_enabled" { + type = bool + default = false + description = "Indicates whether cross-tenant replication is enabled." +} + +variable "default_arb_application_content_type" { + type = string + default = null + description = "(Optional) Content type of the default arb application." +} + +variable "default_arb_application_tags" { + type = map(string) + default = null + description = "(Optional) Tags of the default arb application." +} + +variable "eu_location" { + type = bool + default = false + description = "Indicates whether the location is in EU." +} + +variable "intent_name" { + type = string + default = "ManagementComputeStorage" + description = "The name of intent." +} + +variable "key_vault_location" { + type = string + default = "" + description = "The location of the key vault." +} + +variable "key_vault_resource_group" { + type = string + default = "" + description = "The resource group of the key vault." +} + +variable "keyvault_purge_protection_enabled" { + type = bool + default = true + description = "Indicates whether purge protection is enabled." +} + +variable "keyvault_soft_delete_retention_days" { + type = number + default = 30 + description = "The number of days that items should be retained for soft delete." +} + +variable "keyvault_tags" { + type = map(string) + default = null + description = "(Optional) Tags of the keyvault." +} + +variable "local_admin_credential_content_type" { + type = string + default = null + description = "(Optional) Content type of the local admin credential." +} + +variable "local_admin_credential_tags" { + type = map(string) + default = null + description = "(Optional) Tags of the local admin credential." +} + +variable "min_tls_version" { + type = string + default = "TLS1_2" + description = "The minimum TLS version." +} + +variable "override_adapter_property" { + type = bool + default = true + description = "Indicates whether to override adapter property." +} + +variable "qos_policy_overrides" { + type = object({ + priorityValue8021Action_SMB = string + priorityValue8021Action_Cluster = string + bandwidthPercentage_SMB = string + }) + default = { + priorityValue8021Action_SMB = "" + priorityValue8021Action_Cluster = "" + bandwidthPercentage_SMB = "" + } + description = "QoS policy overrides for network settings with required properties." +} + +variable "storage_intent_name" { + type = string + default = "Storage" + description = "The name of storage intent." +} + +variable "storage_override_adapter_property" { + type = bool + default = true + description = "Indicates whether to override adapter property for storagte." +} + +variable "storage_qos_policy_overrides" { + type = object({ + priorityValue8021Action_SMB = string + priorityValue8021Action_Cluster = string + bandwidthPercentage_SMB = string + }) + default = { + priorityValue8021Action_SMB = "" + priorityValue8021Action_Cluster = "" + bandwidthPercentage_SMB = "" + } + description = "QoS policy overrides for network settings with required properties for storage." +} + +variable "storage_rdma_enabled" { + type = bool + default = false + description = "Indicates whether RDMA is enabled for storage. Storage RDMA will be enabled if either rdma_enabled or storage_rdma_enabled is set to true." +} + +variable "storage_tags" { + type = map(string) + default = null + description = "(Optional) Tags of the storage." +} + +variable "witness_path" { + type = string + default = "Cloud" + description = "The path to the witness." +} + +variable "witness_storage_account_resource_group_name" { + type = string + default = "" + description = "The resource group of the witness storage account. If not provided, 'resource_group_name' will be used as the storage account's resource group." +} + +variable "witness_storage_key_content_type" { + type = string + default = null + description = "(Optional) Content type of the witness storage key." +} + +variable "witness_storage_key_tags" { + type = map(string) + default = null + description = "(Optional) Tags of the witness storage key." +} + +variable "witness_type" { + type = string + default = "Cloud" + description = "The type of the witness." +} + +variable "operation_type" { + type = string + default = "ClusterProvisioning" + description = "The intended operation for a cluster." + + validation { + condition = contains(["ClusterProvisioning", "ClusterUpgrade"], var.operation_type) + error_message = "operation_type must be either 'ClusterProvisioning' or 'ClusterUpgrade'." + } +} + +variable "configuration_mode" { + type = string + default = "Express" + description = "The configuration mode for the storage." +} + +variable "hvci_protection" { + type = bool + default = true + description = "By default, Hypervisor-protected Code Integrity is enabled on your Azure HCI cluster." +} + +variable "drtm_protection" { + type = bool + default = true + description = "By default, Secure Boot is enabled on your Azure HCI cluster. This setting is hardware dependent." +} + +variable "drift_control_enforced" { + type = bool + default = true + description = "When set to true, the security baseline is re-applied regularly." +} + +variable "credential_guard_enforced" { + type = bool + default = false + description = "When set to true, Credential Guard is enabled on your Azure HCI cluster." +} + +variable "side_channel_mitigation_enforced" { + type = bool + default = true + description = "When set to true, all the side channel mitigations are enabled." +} + +variable "smb_cluster_encryption" { + type = bool + default = false + description = "When set to true, cluster east-west traffic is encrypted." +} + +variable "smb_signing_enforced" { + type = bool + default = true + description = "When set to true, the SMB default instance requires sign in for the client and server services." +} + +variable "bitlocker_boot_volume" { + type = bool + default = true + description = "When set to true, BitLocker XTS_AES 256-bit encryption is enabled for all data-at-rest on the OS volume of your Azure Stack HCI cluster. This setting is TPM-hardware dependent." +} + +variable "bitlocker_data_volumes" { + type = bool + default = true + description = "When set to true, BitLocker XTS-AES 256-bit encryption is enabled for all data-at-rest on your Azure Stack HCI cluster shared volumes." +} + +variable "wdac_enforced" { + type = bool + default = true + description = "WDAC is enabled by default and limits the applications and the code that you can run on your Azure Stack HCI cluster." +} diff --git a/modules/runyutesttemplate2/variables.hci.misc.tf b/modules/runyutesttemplate2/variables.hci.misc.tf new file mode 100644 index 0000000..6edaa3d --- /dev/null +++ b/modules/runyutesttemplate2/variables.hci.misc.tf @@ -0,0 +1,40 @@ +variable "rp_service_principal_object_id" { + default = "" + type = string + description = "The object ID of the HCI resource provider service principal." +} + +variable "deployment_user_password" { + sensitive = true + type = string + description = "The password for deployment user." +} + +variable "local_admin_user" { + type = string + description = "The username for the local administrator account." +} + +variable "local_admin_password" { + sensitive = true + type = string + description = "The password for the local administrator account." +} + +variable "service_principal_id" { + type = string + sensitive = true + description = "The service principal ID for ARB." +} + +variable "service_principal_secret" { + type = string + sensitive = true + description = "The service principal secret." +} + +# variable "location" "ref/main/location" +# variable "site_id" "ref/main/site_id" +# variable "site_name" "ref/main/site_name" +# variable "subscription_id" "ref/main/subscription_id" +# variable "deployment_user" "ref/naming/deployment_userName" diff --git a/modules/runyutesttemplate2/variables.hci.site.tf b/modules/runyutesttemplate2/variables.hci.site.tf new file mode 100644 index 0000000..a2191f5 --- /dev/null +++ b/modules/runyutesttemplate2/variables.hci.site.tf @@ -0,0 +1,17 @@ +variable "servers" { + type = list(object({ + name = string + ipv4Address = string + })) + description = "A list of servers with their names and IPv4 addresses." +} + +variable "starting_address" { + description = "The starting IP address of the IP address range." + type = string +} + +variable "ending_address" { + description = "The ending IP address of the IP address range." + type = string +} diff --git a/modules/runyutesttemplate2/variables.logical-network.global.tf b/modules/runyutesttemplate2/variables.logical-network.global.tf new file mode 100644 index 0000000..ec979dd --- /dev/null +++ b/modules/runyutesttemplate2/variables.logical-network.global.tf @@ -0,0 +1,29 @@ +variable "lnet_dns_servers" { + type = list(string) + description = "A list of DNS server IP addresses." + default = [] +} + +variable "lnet_default_gateway" { + type = string + description = "The default gateway for the network." + default = "" +} + +variable "logical_network_tags" { + type = map(string) + default = null + description = "(Optional) Tags of the logical network." +} + +variable "route_name" { + type = string + default = "default" + description = "The name of the route" +} + +variable "subnet_0_name" { + type = string + default = "default" + description = "The name of the subnet" +} diff --git a/modules/runyutesttemplate2/variables.logical-network.site.tf b/modules/runyutesttemplate2/variables.logical-network.site.tf new file mode 100644 index 0000000..5022915 --- /dev/null +++ b/modules/runyutesttemplate2/variables.logical-network.site.tf @@ -0,0 +1,20 @@ +variable "lnet_address_prefix" { + type = string + description = "The CIDR prefix of the subnet that start from startting address and end with ending address, this can be omit if using existing logical network" +} + +variable "lnet_starting_address" { + type = string + description = "The starting IP address of the IP address range of the logical network, this can be omit if using existing logical network" +} + +variable "lnet_ending_address" { + type = string + description = "The ending IP address of the IP address range of the logical network, this can be omit if using existing logical network" +} + +variable "lnet_vlan_id" { + type = number + description = "The vlan id of the logical network, default is not set vlan id, this can be omit if using existing logical network" + default = null +} diff --git a/modules/runyutesttemplate2/variables.main.global.tf b/modules/runyutesttemplate2/variables.main.global.tf new file mode 100644 index 0000000..4a96eed --- /dev/null +++ b/modules/runyutesttemplate2/variables.main.global.tf @@ -0,0 +1,14 @@ +variable "location" { + type = string + description = "The Azure region where the resources will be deployed." +} + +variable "enable_telemetry" { + type = bool + default = true + description = <. +If it is set to false, then no telemetry will be collected. +DESCRIPTION +} diff --git a/modules/runyutesttemplate2/variables.main.misc.tf b/modules/runyutesttemplate2/variables.main.misc.tf new file mode 100644 index 0000000..54c2106 --- /dev/null +++ b/modules/runyutesttemplate2/variables.main.misc.tf @@ -0,0 +1,4 @@ +variable "subscription_id" { + type = string + description = "The subscription ID for resources." +} diff --git a/modules/runyutesttemplate2/variables.main.site.tf b/modules/runyutesttemplate2/variables.main.site.tf new file mode 100644 index 0000000..7068810 --- /dev/null +++ b/modules/runyutesttemplate2/variables.main.site.tf @@ -0,0 +1,4 @@ +variable "site_id" { + type = string + description = "A unique identifier for the site." +} diff --git a/modules/runyutesttemplate2/variables.site-manager.global.tf b/modules/runyutesttemplate2/variables.site-manager.global.tf new file mode 100644 index 0000000..92bde5c --- /dev/null +++ b/modules/runyutesttemplate2/variables.site-manager.global.tf @@ -0,0 +1,5 @@ +variable "country" { + description = "The order country of the site." + type = string + default = "" +} diff --git a/modules/runyutesttemplate2/variables.site-manager.misc.tf b/modules/runyutesttemplate2/variables.site-manager.misc.tf new file mode 100644 index 0000000..c768acc --- /dev/null +++ b/modules/runyutesttemplate2/variables.site-manager.misc.tf @@ -0,0 +1 @@ +# variable "site_id" "ref/main/site_id" diff --git a/modules/runyutesttemplate2/variables.site-manager.site.tf b/modules/runyutesttemplate2/variables.site-manager.site.tf new file mode 100644 index 0000000..e36c8fd --- /dev/null +++ b/modules/runyutesttemplate2/variables.site-manager.site.tf @@ -0,0 +1,77 @@ +variable "city" { + description = "The city of the site." + type = string + default = "" +} + +variable "company_name" { + description = "The company name of the site." + type = string + default = "" +} + +variable "postal_code" { + description = "The postal code of the site." + type = string + default = "" +} + +variable "state_or_province" { + description = "The state or province of the site." + type = string + default = "" +} + +variable "street_address_1" { + description = "The first line of the street address of the site." + type = string + default = "" +} + +variable "street_address_2" { + description = "The second line of the street address of the site." + type = string + default = "" +} + +variable "street_address_3" { + description = "The third line of the street address of the site." + type = string + default = "" +} + +variable "zip_extended_code" { + description = "The extended ZIP code of the site." + type = string + default = "" +} + +variable "contact_name" { + description = "The contact name of the site." + type = string + default = " " +} + +variable "email_list" { + description = "A list of email addresses for the site." + type = list(string) + default = [] +} + +variable "mobile" { + description = "The mobile phone number of the site." + type = string + default = "" +} + +variable "phone" { + description = "The phone number of the site." + type = string + default = "" +} + +variable "phone_extension" { + description = "The phone extension of the site." + type = string + default = "" +}