Skip to content

Latest commit

 

History

History
 
 

powervs-vpc-landing-zone

README.md

Module powervs-vpc-landing-zone

IBM Power Virtual Server with VPC landing zone

This module provisions the following resources in IBM Cloud:

  • A VPC Infrastructure based on value passed to 'var.landing_zone_configuration' with the following components:

    • landing_zone_configuration = 3VPC_RHEL or 3VPC_SLES

      • Provisions three VPCs with one VSI in each VPC one management(jump/bastion) VSI, one inet-svs VSI configured as squid proxy server, one private-svs VSI (configured as NFS, NTP, DNS server) using this preset.
      • Installs and configures the Squid Proxy, DNS Forwarder, NTP forwarder and NFS on hosts, and sets the host as the server for the NTP, NFS, and DNS services by using ansible galaxy collection roles ibm.power_linux_sap collection.

    • landing_zone_configuration = 1VPC_RHEL

      • One VPC with one VSI for management(jump/bastion) using this preset.
      • Installation and configuration of Squid Proxy, DNS Forwarder, NTP forwarder and NFS on the bastion host, and sets the host as the server for the NTP, NFS, and DNS services using ansible galaxy collection roles ibm.power_linux_sap collection

  • A Power Virtual Server workspace with the following network topology:

    • Creates two private networks: a management network and a backup network.
    • Creates one or two IBM Cloud connections in Non PER environment.
    • Attaches the private networks to the IBM Cloud connections in Non PER environment.
    • Attaches the IBM Cloud connections to a transit gateway in Non PER environment.
    • Attaches the PowerVS workspace to Transit gateway in PER enabled DC
    • Creates an SSH key.

  • Finally Interconnects both VPC and PowerVS infrastructure.

Usage

provider "ibm" {
  alias            = "ibm-pi"
  region           = ""
  zone             = ""
  ibmcloud_api_key = var.ibmcloud_api_key != null ? var.ibmcloud_api_key : null
}

provider "ibm" {
  alias            = "ibm-is"
  region           = ""
  zone             = ""
  ibmcloud_api_key = var.ibmcloud_api_key != null ? var.ibmcloud_api_key : null
}

module "fullstack" {
  source  = "terraform-ibm-modules/powervs-infrastructure/ibm//modules//powervs-vpc-landing-zone"
  version = "x.x.x" # Replace "x.x.x" with a git release version to lock into a specific release

  providers = { ibm.ibm-is = ibm.ibm-is, ibm.ibm-pi = ibm.ibm-pi }

  powervs_zone                = var.powervs_zone
  landing_zone_configuration  = var.landing_zone_configuration
  prefix                      = var.prefix
  external_access_ip          = var.external_access_ip
  ssh_public_key              = var.ssh_public_key
  ssh_private_key             = var.ssh_private_key
  configure_dns_forwarder     = var.configure_dns_forwarder      #(optional,  default false)
  configure_ntp_forwarder     = var.configure_ntp_forwarder      #(optional,  default false)
  configure_nfs_server        = var.configure_nfs_server         #(optional.  default false)
  nfs_server_config           = var.nfs_server_config            #(optional.  default check vars)
  dns_forwarder_config        = var.dns_forwarder_config         #(optional.  default check vars)
  powervs_resource_group_name = var.powervs_resource_group_name  #(optional.  default check vars)
  powervs_management_network  = var.powervs_management_network   #(optional.  default check vars)
  powervs_backup_network      = var.powervs_backup_network       #(optional.  default check vars)
  cloud_connection            = var.cloud_connection             #(optional.  default check vars)
  powervs_image_names         = var.powervs_image_names          #(optional.  default check vars)
  tags                        = var.tags                         #(optional.  default check vars)
}

Notes:

Catalog image names to be imported into infrastructure can be found here

Creates VPC Landing Zone Performs VPC VSI OS Config Creates PowerVS Infrastructure Creates PowerVS Instance Performs PowerVS OS Config
✔️ ✔️ ✔️ N/A N/A

Supported Reference architectures

  1. PowerVS workspace full-stack variation
  2. PowerVS quickstart variation

Requirements

Name Version
terraform >= 1.3
ibm >=1.58.1
time >= 0.9.1

Modules

Name Source Version
landing_zone terraform-ibm-modules/landing-zone/ibm//patterns//vsi//module 4.14.0
landing_zone_configure_network_services ../ansible-configure-network-services n/a
landing_zone_configure_proxy_server ../ansible-configure-network-services n/a
powervs_infra terraform-ibm-modules/powervs-workspace/ibm 1.2.0

Resources

Name Type
time_sleep.wait_for_squid_setup_to_complete resource

Inputs

Name Description Type Default Required
cloud_connection Cloud connection configuration: speed (50, 100, 200, 500, 1000, 2000, 5000, 10000 Mb/s), count (1 or 2 connections), global_routing (true or false), metered (true or false). Not applicable for dal10 DC where PER is enabled. 
object({
    count          = number
    speed          = number
    global_routing = bool
    metered        = bool
  })
 
{
  "count": 2,
  "global_routing": true,
  "metered": true,
  "speed": 5000
}
 no
configure_dns_forwarder Specify if DNS forwarder will be configured. This will allow you to use central DNS servers (e.g. IBM Cloud DNS servers) sitting outside of the created IBM PowerVS infrastructure. If yes, ensure 'dns_forwarder_config' optional variable is set properly. DNS forwarder will be installed on the private-svs-1 vsi if exists else on inet-svs-1 vsi. bool false no
configure_nfs_server Specify if NFS server will be configured. This will allow you easily to share files between PowerVS instances (e.g., SAP installation files). NFS server will be installed on the private-svs vsi. If yes, ensure 'nfs_server_config' optional variable is set properly below. Default value is '1TB' which will be mounted on '/nfs'. bool false no
configure_ntp_forwarder Specify if NTP forwarder will be configured. This will allow you to synchronize time between IBM PowerVS instances. NTP forwarder will be installed on the private-svs-1 vsi if exists else on inet-svs-1 vsi. bool false no
dns_forwarder_config Configuration for the DNS forwarder to a DNS service that is not reachable directly from PowerVS. 
object({
    dns_servers = string
  })
 
{
  "dns_servers": "161.26.0.7; 161.26.0.8; 9.9.9.9;"
}
 no
external_access_ip Specify the IP address or CIDR to login through SSH to the environment after deployment. Access to this environment will be allowed only from this IP address. string n/a yes
landing_zone_configuration VPC landing zone configuration. Provided value must be one of ['3VPC_RHEL', '3VPC_SLES', '1VPC_RHEL'] only. string n/a yes
nfs_server_config Configuration for the NFS server. 'size' is in GB, 'mount_path' defines the mount point on os. Set 'configure_nfs_server' to false to ignore creating volume. 
object({
    size       = number
    mount_path = string
  })
 
{
  "mount_path": "/nfs",
  "size": 1000
}
 no
powervs_backup_network Name of the IBM Cloud PowerVS backup network and CIDR to create. 
object({
    name = string
    cidr = string
  })
 
{
  "cidr": "10.52.0.0/24",
  "name": "bkp_net"
}
 no
powervs_image_names List of Images to be imported into cloud account from catalog images. Supported values can be found here list(string) 
[
  "IBMi-75-01-2924-2",
  "IBMi-75-01-2984-2",
  "7300-01-01",
  "7300-00-01",
  "SLES15-SP4-SAP",
  "SLES15-SP4-SAP-NETWEAVER",
  "RHEL8-SP6-SAP",
  "RHEL8-SP6-SAP-NETWEAVER"
]
 no
powervs_management_network Name of the IBM Cloud PowerVS management subnet and CIDR to create. 
object({
    name = string
    cidr = string
  })
 
{
  "cidr": "10.51.0.0/24",
  "name": "mgmt_net"
}
 no
powervs_resource_group_name Existing IBM Cloud resource group name. string n/a yes
powervs_zone IBM Cloud data center location where IBM PowerVS infrastructure will be created. string n/a yes
prefix A unique identifier for resources. Must begin with a lowercase letter and end with a lowercase letter or number. This prefix will be prepended to any resources provisioned by this template. Prefixes must be 16 or fewer characters. string n/a yes
ssh_private_key Private SSH key (RSA format) used to login to IBM PowerVS instances. Should match to public SSH key referenced by 'ssh_public_key'. Entered data must be in heredoc strings format. The key is not uploaded or stored. For more information about SSH keys, see SSH keys. string n/a yes
ssh_public_key Public SSH Key for VSI creation. Must be an RSA key with a key size of either 2048 bits or 4096 bits (recommended). Must be a valid SSH key that does not already exist in the deployment region. string n/a yes
tags List of tag names for the IBM Cloud PowerVS workspace list(string) [] no

Outputs

Name Description
access_host_or_ip Access host(jump/bastion) for created PowerVS infrastructure.
cloud_connection_count Number of cloud connections configured in created PowerVS infrastructure.
dns_host_or_ip DNS forwarder host for created PowerVS infrastructure.
nfs_host_or_ip_path NFS host for created PowerVS infrastructure.
ntp_host_or_ip NTP host for created PowerVS infrastructure.
powervs_backup_subnet Name, ID and CIDR of backup private network in created PowerVS infrastructure.
powervs_images Object containing imported PowerVS image names and image ids.
powervs_management_subnet Name, ID and CIDR of management private network in created PowerVS infrastructure.
powervs_resource_group_name IBM Cloud resource group where PowerVS infrastructure is created.
powervs_ssh_public_key SSH public key name and value in created PowerVS infrastructure.
powervs_workspace_guid PowerVS infrastructure workspace guid. The GUID of the resource instance.
powervs_workspace_id PowerVS infrastructure workspace id. The unique identifier of the new resource instance.
powervs_workspace_name PowerVS infrastructure workspace name.
powervs_zone Zone where PowerVS infrastructure is created.
prefix The prefix that is associated with all resources
proxy_host_or_ip_port Proxy host:port for created PowerVS infrastructure.
ssh_public_key The string value of the ssh public key used when deploying VPC
transit_gateway_id The ID of transit gateway.
transit_gateway_name The name of the transit gateway.
vpc_names A list of the names of the VPC.
vsi_list A list of VSI with name, id, zone, and primary ipv4 address, VPC Name, and floating IP.
vsi_names A list of the vsis names provisioned within the VPCs.