From 6aad6870d580b292bdb6d631ae5646c8f6ef42aa Mon Sep 17 00:00:00 2001 From: bottkars Date: Tue, 9 Apr 2024 12:46:45 +0200 Subject: [PATCH] Added DDMC for AWS --- terraforming-aws/README.md | 36 ++++++++----------- terraforming-aws/ddmc_variables.tf | 23 ++++++------ terraforming-aws/ddve_variables.tf | 3 +- terraforming-aws/modules/ddmc/ddmc.tf | 1 + terraforming-aws/modules/ddmc/sg.tf | 6 ++++ .../modules/ddve/atos_bucket_iam.tf | 2 +- terraforming-aws/ppdm_variables.tf | 1 + 7 files changed, 38 insertions(+), 34 deletions(-) diff --git a/terraforming-aws/README.md b/terraforming-aws/README.md index 8019899..9aba0b5 100644 --- a/terraforming-aws/README.md +++ b/terraforming-aws/README.md @@ -45,7 +45,7 @@ No resources. |------|-------------|------|---------|:--------:| | [AVE\_HOSTNAME](#input\_AVE\_HOSTNAME) | Hotname of the AVE Machine | `string` | `"ave_terraform"` | no | | [BASTION\_HOSTNAME](#input\_BASTION\_HOSTNAME) | Hotname of the PPDM Machine | `string` | `"bastion_terraform"` | no | -| [DDMC\_HOSTNAME](#input\_DDMC\_HOSTNAME) | Hotname of the ddmc Machine | `string` | `"ddmc_terraform"` | no | +| [DDMC\_HOSTNAME](#input\_DDMC\_HOSTNAME) | Hotname of the DDMC Machine | `string` | `"ddmc_terraform"` | no | | [DDVE\_HOSTNAME](#input\_DDVE\_HOSTNAME) | Hotname of the DDVE Machine | `string` | `"ddve_terraform"` | no | | [NVE\_HOSTNAME](#input\_NVE\_HOSTNAME) | Hostname of the nve Machine | `string` | `"nve_terraform"` | no | | [PPDM\_HOSTNAME](#input\_PPDM\_HOSTNAME) | Hotname of the PPDM Machine | `string` | `"ppdm_terraform"` | no | @@ -74,10 +74,10 @@ No resources. | [crs\_vpc\_id](#input\_crs\_vpc\_id) | id of the vpc when using existing networks/vpc | `string` | `""` | no | | [crs\_vpn\_destination\_cidr\_blocks](#input\_crs\_vpn\_destination\_cidr\_blocks) | the cidr blocks as string !!! for the destination route in you local network, when s2s\_vpn is deployed | `string` | `"[]"` | no | | [crs\_wan\_ip](#input\_crs\_wan\_ip) | The IP of your VPN Device if S2S VPN | `any` | n/a | yes | -| [ddmc\_count](#input\_ddmc\_count) | Do you want to create a ddmc | `bool` | `false` | no | -| [ddmc\_type](#input\_ddmc\_type) | ddmc Type, can be: '12.5 Gigabit Ethernet ddmc', '10 Gigabit Ethernet ddmc' | `string` | `"12.5 Gigabit Ethernet ddmc"` | no | -| [ddmc\_version](#input\_ddmc\_version) | ddmc Version, can be: '7.13.0.10','7.10.1.20', '7.7.5.30' | `string` | `"7.13.0.10"` | no | -| [ddve\_count](#input\_ddve\_count) | Do you want to create a DDVE | `bool` | `false` | no | +| [ddmc\_count](#input\_ddmc\_count) | Do you want to create a DDMC | `number` | `0` | no | +| [ddmc\_type](#input\_ddmc\_type) | DDMC Type, can be: '12.5 Gigabit Ethernet DDMC', '10 Gigabit Ethernet DDMC' | `string` | `"12.5 Gigabit Ethernet DDMC"` | no | +| [ddmc\_version](#input\_ddmc\_version) | DDMC Version, can be: '7.13.0.10', '7.12.0.0', '7.10.1.20', '7.7.5.30','7.7.5.25' | `string` | `"7.13.0.10"` | no | +| [ddve\_count](#input\_ddve\_count) | Do you want to create a DDVE | `number` | `0` | no | | [ddve\_type](#input\_ddve\_type) | DDVE Type, can be: '16 TB DDVE', '32 TB DDVE', '96 TB DDVE', '256 TB DDVE' | `string` | `"16 TB DDVE"` | no | | [ddve\_version](#input\_ddve\_version) | DDVE Version, can be: '7.13.0.20','7.10.1.20', '7.7.5.30' | `string` | `"7.13.0.20"` | no | | [default\_sg\_id](#input\_default\_sg\_id) | id of default security group when using existing networks | `any` | `null` | no | @@ -177,6 +177,7 @@ Also, when set to false, required ID´s like vpc, default sg´s or subnet, must ```hcl AVE_HOSTNAME = "ave_terraform" +AVE_HOSTNAME = "ave_terraform" BASTION_HOSTNAME = "bastion_terraform" DDMC_HOSTNAME = "ddmc_terraform" DDVE_HOSTNAME = "ddve_terraform" @@ -207,10 +208,10 @@ crs_vpc_cidr = "" crs_vpc_id = "" crs_vpn_destination_cidr_blocks = "[]" crs_wan_ip = "" -ddmc_count = false -ddmc_type = "12.5 Gigabit Ethernet ddmc" +ddmc_count = 0 +ddmc_type = "12.5 Gigabit Ethernet DDMC" ddmc_version = "7.13.0.10" -ddve_count = false +ddve_count = 0 ddve_type = "16 TB DDVE" ddve_version = "7.13.0.20" default_sg_id = "" @@ -328,7 +329,10 @@ ansible-playbook ../../ansible_ppdd/3.2-Playbook-set-boost_avamar.yml \ ## module_ddmc -when the deployment is finished, you can connect and configure DDVE in multiple ways. + +when the deployment is finished, you can connect and configure DDMC in multiple ways. +DDMC shares the same set of API´s that can be used to manage a DataDomain as well. +So we reuse the DDVE Methods to configure DDMC my preferred way is ansible, but depending on needs one might to get into DDVE with ssh ### Configure using CLI via SSH: @@ -354,7 +358,7 @@ export PPDD_TIMEZONE="Europe/Berlin" ``` Configure DataDomain -set the Initial DataDomain Password +set the Initial DataDomain Management Center Password ```bash ansible-playbook ~/workspace/ansible_ppdd/1.0-Playbook-configure-initial-password.yml ``` @@ -364,18 +368,6 @@ If you have a valid dd license, set the variable PPDD_LICENSE, example: ansible-playbook ~/workspace/ansible_ppdd/3.0-Playbook-set-dd-license.yml ``` -next, we set the passphrase, as it is required for ATOS -then, we will set the Timezone and the NTP to AWS NTP link local Server -```bash -ansible-playbook ~/workspace/ansible_ppdd/2.1-Playbook-configure-ddpassphrase.yml -ansible-playbook ~/workspace/ansible_ppdd/2.1.1-Playbook-set-dd-timezone-and-ntp-aws.yml -ansible-playbook ~/workspace/ansible_ppdd/2.2-Playbook-configure-dd-atos-aws.yml -``` -this concludes basic DDVE Configuration - - - - ## module_ave ### Configuring Avamar Virtual Edition Software using AVI API diff --git a/terraforming-aws/ddmc_variables.tf b/terraforming-aws/ddmc_variables.tf index 1228233..9ec6765 100644 --- a/terraforming-aws/ddmc_variables.tf +++ b/terraforming-aws/ddmc_variables.tf @@ -1,25 +1,28 @@ variable "ddmc_count" { - default = false - description = "Do you want to create a ddmc" + default = 0 + type = number + description = "Do you want to create a DDMC" } variable "DDMC_HOSTNAME" { default = "ddmc_terraform" - description = "Hotname of the ddmc Machine" + description = "Hotname of the DDMC Machine" } variable "ddmc_version" { type = string default = "7.13.0.10" - description = "ddmc Version, can be: '7.13.0.10','7.10.1.20', '7.7.5.30'" + description = "DDMC Version, can be: '7.13.0.10', '7.12.0.0', '7.10.1.20', '7.7.5.30','7.7.5.25'" validation { condition = anytrue([ var.ddmc_version == "7.13.0.10", + var.ddmc_version == "7.12.0.0", var.ddmc_version == "7.10.1.20", var.ddmc_version == "7.7.5.30", + var.ddmc_version == "7.7.5.25" ]) - error_message = "Must be a valid ddmc Version, can be: '7.13.0.10','7.10.1.20', '7.7.5.30' ." + error_message = "Must be a valid DDMC Version, can be: '7.13.0.10', '7.12.0.0', '7.10.1.20', '7.7.5.30','7.7.5.25' ." } } @@ -27,13 +30,13 @@ variable "ddmc_version" { variable "ddmc_type" { type = string - default = "12.5 Gigabit Ethernet ddmc" - description = "ddmc Type, can be: '12.5 Gigabit Ethernet ddmc', '10 Gigabit Ethernet ddmc'" + default = "12.5 Gigabit Ethernet DDMC" + description = "DDMC Type, can be: '12.5 Gigabit Ethernet DDMC', '10 Gigabit Ethernet DDMC'" validation { condition = anytrue([ - var.ddmc_type == "12.5 Gigabit Ethernet ddmc", - var.ddmc_type == "10 Gigabit Ethernet ddmc", + var.ddmc_type == "12.5 Gigabit Ethernet DDMC", + var.ddmc_type == "10 Gigabit Ethernet DDMC", ]) - error_message = "Must be a valid ddmc Type, can be: '12.5 Gigabit Ethernet ddmc', '10 Gigabit Ethernet ddmc'." + error_message = "Must be a valid DDMC Type, can be: '12.5 Gigabit Ethernet DDMC', '10 Gigabit Ethernet DDMC'." } } diff --git a/terraforming-aws/ddve_variables.tf b/terraforming-aws/ddve_variables.tf index 6914ff9..18037f5 100644 --- a/terraforming-aws/ddve_variables.tf +++ b/terraforming-aws/ddve_variables.tf @@ -1,5 +1,6 @@ variable "ddve_count" { - default = false + default = 0 + type = number description = "Do you want to create a DDVE" } diff --git a/terraforming-aws/modules/ddmc/ddmc.tf b/terraforming-aws/modules/ddmc/ddmc.tf index 47f73f8..b6d0be9 100644 --- a/terraforming-aws/modules/ddmc/ddmc.tf +++ b/terraforming-aws/modules/ddmc/ddmc.tf @@ -36,6 +36,7 @@ resource "aws_instance" "ddmc" { associate_public_ip_address = false subnet_id = var.subnet_id key_name = aws_key_pair.ddmc.key_name + iam_instance_profile = aws_iam_instance_profile.ddmc-iam-profile.name tags = merge( var.tags, { "Name" = local.ddmc_name diff --git a/terraforming-aws/modules/ddmc/sg.tf b/terraforming-aws/modules/ddmc/sg.tf index 14f2c5b..6522edf 100644 --- a/terraforming-aws/modules/ddmc/sg.tf +++ b/terraforming-aws/modules/ddmc/sg.tf @@ -14,6 +14,12 @@ resource "aws_security_group" "ddmc_sg" { protocol = "tcp" cidr_blocks = concat(var.ingress_cidr_blocks, var.private_subnets_cidr, var.public_subnets_cidr) } + ingress { + from_port = 3009 + to_port = 3009 + protocol = "tcp" + cidr_blocks = concat(var.ingress_cidr_blocks, var.private_subnets_cidr, var.public_subnets_cidr) + } ingress { from_port = 80 diff --git a/terraforming-aws/modules/ddve/atos_bucket_iam.tf b/terraforming-aws/modules/ddve/atos_bucket_iam.tf index 84cf4b3..81d7a39 100644 --- a/terraforming-aws/modules/ddve/atos_bucket_iam.tf +++ b/terraforming-aws/modules/ddve/atos_bucket_iam.tf @@ -5,7 +5,7 @@ data "aws_iam_policy_document" "atos-bucket-policy" { actions = ["s3:PutObject", "s3:GetObject", "s3:ListBucket", - "s3:DeleteObject"] + "s3:DeleteObject"] resources = [ aws_s3_bucket.atos-bucket.arn, "${aws_s3_bucket.atos-bucket.arn}/*" diff --git a/terraforming-aws/ppdm_variables.tf b/terraforming-aws/ppdm_variables.tf index 3251843..9936347 100644 --- a/terraforming-aws/ppdm_variables.tf +++ b/terraforming-aws/ppdm_variables.tf @@ -1,6 +1,7 @@ variable "ppdm_count" { default = 0 + type = number description = "Do you want to create an PPDM" }