Initial scripts

Author: junior

compute.tf

@@ -0,0 +1,41 @@
+# Copyright (c) 2021 Oracle and/or its affiliates. All rights reserved.
+# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
+# 
+
+resource "oci_core_instance" "app_instance" {
+  availability_domain = random_shuffle.compute_ad.result[count.index % length(random_shuffle.compute_ad.result)]
+  compartment_id      = var.compartment_ocid
+  display_name        = "DotNet-${random_string.deploy_id.result}-${count.index}"
+  shape               = var.instance_shape
+  freeform_tags       = local.common_tags
+
+  create_vnic_details {
+    subnet_id        = oci_core_subnet.dotnet_main_subnet.id
+    display_name     = "primaryvnic"
+    assign_public_ip = (var.instance_visibility == "Private") ? false : true
+    hostname_label   = "dotnet-${random_string.deploy_id.result}-${count.index}"
+  }
+
+  source_details {
+    source_type = "image"
+    source_id   = lookup(data.oci_core_images.compute_images.images[0], "id")
+  }
+
+  metadata = {
+    ssh_authorized_keys = var.generate_public_ssh_key ? tls_private_key.compute_ssh_key.public_key_openssh : var.public_ssh_key
+    user_data           = data.template_cloudinit_config.instances.rendered
+  }
+
+  count = var.num_instances
+}
+
+### Important Security Notice ###
+# The private key generated by this resource will be stored unencrypted in your Terraform state file. 
+# Use of this resource for production deployments is not recommended. 
+# Instead, generate a private key file outside of Terraform and distribute it securely to the system where Terraform will be run.
+
+# Generate ssh keys to access Compute Nodes, if generate_public_ssh_key=true, applies to the Compute
+resource "tls_private_key" "compute_ssh_key" {
+  algorithm = "RSA"
+  rsa_bits  = 2048
+}

datasources.tf

@@ -0,0 +1,121 @@
+# Copyright (c) 2021 Oracle and/or its affiliates. All rights reserved.
+# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
+# 
+
+# Gets a list of Availability Domains
+data "oci_identity_availability_domains" "ADs" {
+  compartment_id = var.tenancy_ocid
+}
+
+# Randoms
+resource "random_string" "deploy_id" {
+  length  = 4
+  special = false
+}
+
+# Check for resource limits
+## Check available compute shape
+data "oci_limits_services" "compute_services" {
+  compartment_id = var.tenancy_ocid
+
+  filter {
+    name   = "name"
+    values = ["compute"]
+  }
+}
+data "oci_limits_limit_definitions" "compute_limit_definitions" {
+  compartment_id = var.tenancy_ocid
+  service_name   = data.oci_limits_services.compute_services.services.0.name
+
+  filter {
+    name   = "description"
+    values = [var.instance_shape]
+  }
+}
+data "oci_limits_resource_availability" "compute_resource_availability" {
+  compartment_id      = var.tenancy_ocid
+  limit_name          = data.oci_limits_limit_definitions.compute_limit_definitions.limit_definitions[0].name
+  service_name        = data.oci_limits_services.compute_services.services.0.name
+  availability_domain = data.oci_identity_availability_domains.ADs.availability_domains[count.index].name
+
+  count = length(data.oci_identity_availability_domains.ADs.availability_domains)
+}
+resource "random_shuffle" "compute_ad" {
+  input        = local.compute_available_limit_ad_list
+  result_count = length(local.compute_available_limit_ad_list)
+}
+locals {
+  compute_available_limit_ad_list = [for limit in data.oci_limits_resource_availability.compute_resource_availability : limit.availability_domain if(limit.available - var.num_instances) >= 0]
+  compute_available_limit_error = length(local.compute_available_limit_ad_list) == 0 ? (
+  file("ERROR: No limits available for the chosen compute shape and number of nodes")) : 0
+}
+
+# Gets a list of supported images based on the shape, operating_system and operating_system_version provided
+data "oci_core_images" "compute_images" {
+  compartment_id           = var.compartment_ocid
+  operating_system         = var.image_operating_system
+  operating_system_version = var.image_operating_system_version
+  shape                    = var.instance_shape
+  sort_by                  = "TIMECREATED"
+  sort_order               = "DESC"
+}
+
+data "oci_identity_tenancy" "tenant_details" {
+  tenancy_id = var.tenancy_ocid
+
+  provider = oci.current_region
+}
+
+data "oci_identity_regions" "home_region" {
+  filter {
+    name   = "key"
+    values = [data.oci_identity_tenancy.tenant_details.home_region_key]
+  }
+
+  provider = oci.current_region
+}
+
+# Available Services
+data "oci_core_services" "all_services" {
+  filter {
+    name   = "name"
+    values = ["All .* Services In Oracle Services Network"]
+    regex  = true
+  }
+}
+
+locals {
+  common_tags = {
+    Reference = "Created by OCI QuickStart for DotNet sample"
+  }
+}
+
+# Cloud Init
+data "template_cloudinit_config" "instances" {
+  gzip          = true
+  base64_encode = true
+
+  part {
+    filename     = "cloud-config.yaml"
+    content_type = "text/cloud-config"
+    content      = data.template_file.cloud_init.rendered
+  }
+}
+data "template_file" "cloud_init" {
+  template = file("${path.module}/scripts/cloud-config.template.yaml")
+
+  vars = {
+    setup_preflight_sh_content = base64gzip(data.template_file.setup_preflight.rendered)
+    setup_template_sh_content  = base64gzip(data.template_file.setup_template.rendered)
+    deploy_template_content    = base64gzip(data.template_file.deploy_template.rendered)
+  }
+}
+data "template_file" "setup_preflight" {
+  template = file("${path.module}/scripts/setup.preflight.sh")
+}
+data "template_file" "setup_template" {
+  template = file("${path.module}/scripts/setup.template.sh")
+}
+data "template_file" "deploy_template" {
+  template = file("${path.module}/scripts/deploy.template.sh")
+}

loadbalancer.tf

@@ -0,0 +1,66 @@
+# Copyright (c) 2021 Oracle and/or its affiliates. All rights reserved.
+# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
+# 
+
+resource "oci_load_balancer_load_balancer" "dotnet_lb" {
+  compartment_id = var.compartment_ocid
+  display_name   = "DotNet-${random_string.deploy_id.result}"
+  shape          = var.lb_shape
+  subnet_ids     = [oci_core_subnet.dotnet_lb_subnet.id]
+  is_private     = "false"
+  freeform_tags  = local.common_tags
+}
+
+resource "oci_load_balancer_backend_set" "dotnet_bes" {
+  name             = "dotnet-${random_string.deploy_id.result}"
+  load_balancer_id = oci_load_balancer_load_balancer.dotnet_lb.id
+  policy           = "IP_HASH"
+
+  health_checker {
+    port                = local.app_port_number
+    protocol            = "HTTP"
+    response_body_regex = ".*"
+    url_path            = "/"
+    return_code         = 200
+    interval_ms         = 5000
+    timeout_in_millis   = 2000
+    retries             = 10
+  }
+}
+
+resource "oci_load_balancer_backend" "dotnet-be" {
+  load_balancer_id = oci_load_balancer_load_balancer.dotnet_lb.id
+  backendset_name  = oci_load_balancer_backend_set.dotnet_bes.name
+  ip_address       = element(oci_core_instance.app_instance.*.private_ip, count.index)
+  port             = local.app_port_number
+  backup           = false
+  drain            = false
+  offline          = false
+  weight           = 1
+
+  count = var.num_instances
+}
+
+resource "oci_load_balancer_listener" "dotnet_listener_80" {
+  load_balancer_id         = oci_load_balancer_load_balancer.dotnet_lb.id
+  default_backend_set_name = oci_load_balancer_backend_set.dotnet_bes.name
+  name                     = "dotnet-${random_string.deploy_id.result}-80"
+  port                     = local.http_port_number
+  protocol                 = "HTTP"
+
+  connection_configuration {
+    idle_timeout_in_seconds = "30"
+  }
+}
+
+resource "oci_load_balancer_listener" "dotnet_listener_443" {
+  load_balancer_id         = oci_load_balancer_load_balancer.dotnet_lb.id
+  default_backend_set_name = oci_load_balancer_backend_set.dotnet_bes.name
+  name                     = "dotnet-${random_string.deploy_id.result}-443"
+  port                     = local.https_port_number
+  protocol                 = "HTTP"
+
+  connection_configuration {
+    idle_timeout_in_seconds = "30"
+  }
+}

network.tf

@@ -0,0 +1,111 @@
+# Copyright (c) 2021 Oracle and/or its affiliates. All rights reserved.
+# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
+# 
+
+resource "oci_core_virtual_network" "dotnet_main_vcn" {
+  cidr_block     = lookup(var.network_cidrs, "MAIN-VCN-CIDR")
+  compartment_id = var.compartment_ocid
+  display_name   = "dotnet-main-${random_string.deploy_id.result}"
+  dns_label      = "dotnetmain${random_string.deploy_id.result}"
+  freeform_tags  = local.common_tags
+}
+
+resource "oci_core_subnet" "dotnet_main_subnet" {
+  cidr_block                 = lookup(var.network_cidrs, "MAIN-SUBNET-REGIONAL-CIDR")
+  display_name               = "dotnet-main-${random_string.deploy_id.result}"
+  dns_label                  = "dotnetmain${random_string.deploy_id.result}"
+  security_list_ids          = [oci_core_security_list.dotnet_security_list.id]
+  compartment_id             = var.compartment_ocid
+  vcn_id                     = oci_core_virtual_network.dotnet_main_vcn.id
+  route_table_id             = oci_core_route_table.dotnet_main_route_table.id
+  dhcp_options_id            = oci_core_virtual_network.dotnet_main_vcn.default_dhcp_options_id
+  prohibit_public_ip_on_vnic = (var.instance_visibility == "Private") ? true : false
+  freeform_tags              = local.common_tags
+}
+
+resource "oci_core_subnet" "dotnet_lb_subnet" {
+  cidr_block                 = lookup(var.network_cidrs, ("MAIN-LB-SUBNET-REGIONAL-CIDR"))
+  display_name               = "dotnet-lb-${random_string.deploy_id.result}"
+  dns_label                  = "dotnetlb${random_string.deploy_id.result}"
+  security_list_ids          = [oci_core_security_list.dotnet_lb_security_list.id]
+  compartment_id             = var.compartment_ocid
+  vcn_id                     = oci_core_virtual_network.dotnet_main_vcn.id
+  route_table_id             = oci_core_route_table.dotnet_lb_route_table.id
+  dhcp_options_id            = oci_core_virtual_network.dotnet_main_vcn.default_dhcp_options_id
+  prohibit_public_ip_on_vnic = false
+  freeform_tags              = local.common_tags
+}
+
+resource "oci_core_route_table" "dotnet_main_route_table" {
+  compartment_id = var.compartment_ocid
+  vcn_id         = oci_core_virtual_network.dotnet_main_vcn.id
+  display_name   = "dotnet-main-${random_string.deploy_id.result}"
+  freeform_tags  = local.common_tags
+
+  dynamic "route_rules" {
+    for_each = (var.instance_visibility == "Private") ? [1] : []
+    content {
+      destination       = lookup(data.oci_core_services.all_services.services[0], "cidr_block")
+      destination_type  = "SERVICE_CIDR_BLOCK"
+      network_entity_id = oci_core_service_gateway.dotnet_service_gateway.id
+    }
+  }
+
+  dynamic "route_rules" {
+    for_each = (var.instance_visibility == "Private") ? [] : [1]
+    content {
+      destination       = lookup(var.network_cidrs, "ALL-CIDR")
+      destination_type  = "CIDR_BLOCK"
+      network_entity_id = oci_core_internet_gateway.dotnet_internet_gateway.id
+    }
+  }
+
+}
+
+resource "oci_core_route_table" "dotnet_lb_route_table" {
+  compartment_id = var.compartment_ocid
+  vcn_id         = oci_core_virtual_network.dotnet_main_vcn.id
+  display_name   = "dotnet-lb-${random_string.deploy_id.result}"
+  freeform_tags  = local.common_tags
+
+  route_rules {
+    destination       = lookup(var.network_cidrs, "ALL-CIDR")
+    destination_type  = "CIDR_BLOCK"
+    network_entity_id = oci_core_internet_gateway.dotnet_internet_gateway.id
+  }
+}
+
+resource "oci_core_nat_gateway" "dotnet_nat_gateway" {
+  block_traffic  = "false"
+  compartment_id = var.compartment_ocid
+  display_name   = "dotnet-nat-gateway-${random_string.deploy_id.result}"
+  vcn_id         = oci_core_virtual_network.dotnet_main_vcn.id
+  freeform_tags  = local.common_tags
+
+  count = var.use_only_always_free_elegible_resources ? 0 : ((var.instance_visibility == "Private") ? 0 : 0)
+}
+
+resource "oci_core_internet_gateway" "dotnet_internet_gateway" {
+  compartment_id = var.compartment_ocid
+  display_name   = "dotnet-internet-gateway-${random_string.deploy_id.result}"
+  vcn_id         = oci_core_virtual_network.dotnet_main_vcn.id
+  freeform_tags  = local.common_tags
+}
+
+resource "oci_core_service_gateway" "dotnet_service_gateway" {
+  compartment_id = var.compartment_ocid
+  display_name   = "dotnet-service-gateway-${random_string.deploy_id.result}"
+  vcn_id         = oci_core_virtual_network.dotnet_main_vcn.id
+  services {
+    service_id = lookup(data.oci_core_services.all_services.services[0], "id")
+  }
+
+  count = var.use_only_always_free_elegible_resources ? 0 : 1
+}
+
+
+
+
+
+
+

outputs.tf

@@ -0,0 +1,32 @@
+# Copyright (c) 2021 Oracle and/or its affiliates. All rights reserved.
+# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
+# 
+
+output "app_public_url" {
+  value = format("http://%s", lookup(oci_load_balancer_load_balancer.dotnet_lb.ip_address_details[0], "ip_address"))
+}
+
+### Important Security Notice ###
+# The private key generated by this resource will be stored unencrypted in your Terraform state file. 
+# Use of this resource for production deployments is not recommended. 
+# Instead, generate a private key file outside of Terraform and distribute it securely to the system where Terraform will be run.
+output "generated_private_key_pem" {
+  value = var.generate_public_ssh_key ? tls_private_key.compute_ssh_key.private_key_pem : "No Keys Auto Generated"
+}
+
+output "dev" {
+  value = "Made with \u2764 by Oracle Developers"
+}
+
+output "comments" {
+  value = "The application URL will be unavailable for a few minutes after provisioning, while the application is configured"
+}
+
+output "deploy_id" {
+  value = random_string.deploy_id.result
+}
+
+output "deployed_to_region" {
+  value = local.region_to_deploy
+}
+