Merge pull request #23 from junior/5G-example

5G example initial infra

Author: junior

.terraform.lock.hcl

@@ -1 +1 @@
-0.8.9
+0.8.10

VERSION

@@ -46,7 +46,7 @@ module "cluster-tools" {
   ## Grafana
   grafana_enabled = var.grafana_enabled
 
-  depends_on = [module.oke, module.oke_node_pool, module.oke_cluster_autoscaler]
+  depends_on = [module.oke, module.oke_node_pools, module.oke_cluster_autoscaler]
 }
 
 # Kubernetes Cluster Tools

cluster-tools.tf

@@ -25,4 +25,4 @@ data "oci_core_services" "all_services_network" {
     values = ["All .* Services In Oracle Services Network"]
     regex  = true
   }
-}
+}

datasources.tf

@@ -7,7 +7,7 @@ locals {
   vcn_cidr_blocks = split(",", var.vcn_cidr_blocks)
   network_cidrs = {
     VCN-MAIN-CIDR                                  = local.vcn_cidr_blocks[0]                      # e.g.: "10.75.0.0/16" = 65536 usable IPs
-    VCN-NATIVE-POD-NETWORKING-REGIONAL-SUBNET-CIDR = cidrsubnet(local.vcn_cidr_blocks[0], 1, 1)    # e.g.: "10.20.128.0/17" = 32766 usable IPs (10.20.128.0 - 10.20.255.255)
+    VCN-NATIVE-POD-NETWORKING-REGIONAL-SUBNET-CIDR = cidrsubnet(local.vcn_cidr_blocks[0], 1, 1)    # e.g.: "10.75.128.0/17" = 32766 usable IPs (10.20.128.0 - 10.20.255.255)
     SUBNET-5GC-OAM-CIDR                            = cidrsubnet(local.vcn_cidr_blocks[0], 9, 128)  # e.g.: "10.75.64.0/25" = 128 usable IPs
     SUBNET-5GC-SIGNALLING-CIDR                     = cidrsubnet(local.vcn_cidr_blocks[0], 9, 129)  # e.g.: "10.75.64.128/25" = 128 usable IPs
     SUBNET-5G-RAN-CIDR                             = cidrsubnet(local.vcn_cidr_blocks[0], 11, 520) # e.g.: "10.75.65.0/27" = 32 usable IPs
@@ -247,4 +247,68 @@ locals {
       ipv6cidr_block               = null
     },
   ]
-}
+}
+
+# Node Pool 1 info for 5G VNICs attachments
+data "oci_containerengine_node_pool" "node_pool_1" {
+  node_pool_id = module.oke-quickstart.oke_node_pools["pool1"].node_pool_id
+}
+locals {
+  node_pool_nodes     = data.oci_containerengine_node_pool.node_pool_1.nodes
+  node_pool_nodes_ids = data.oci_containerengine_node_pool.node_pool_1.nodes.*.id
+}
+resource "oci_core_vnic_attachment" "vnic_attachment_5gc_oam" {
+  for_each = { for map in local.node_pool_nodes : map.id => map }
+  create_vnic_details {
+    display_name  = "5GC-OAM vnic"
+    private_ip    = [for hostnum in range(4, 15) : cidrhost(lookup(local.network_cidrs, "SUBNET-5GC-OAM-CIDR"), hostnum)][index(local.node_pool_nodes_ids, each.key)]
+    subnet_id     = module.oke-quickstart.subnets["5GC_OAM_subnet"].subnet_id
+    defined_tags  = {}
+    freeform_tags = { "Network" : "5GC-OAM" }
+  }
+  instance_id = each.value.id
+}
+resource "oci_core_vnic_attachment" "vnic_attachment_5gc_signalling" {
+  for_each = { for map in local.node_pool_nodes : map.id => map }
+  create_vnic_details {
+    display_name  = "5GC-Signalling vnic"
+    private_ip    = [for hostnum in range(4, 15) : cidrhost(lookup(local.network_cidrs, "SUBNET-5GC-SIGNALLING-CIDR"), hostnum)][index(local.node_pool_nodes_ids, each.key)]
+    subnet_id     = module.oke-quickstart.subnets["5GC_Signalling_subnet"].subnet_id
+    defined_tags  = {}
+    freeform_tags = { "Network" : "5GC-Signalling" }
+  }
+  instance_id = each.value.id
+}
+resource "oci_core_vnic_attachment" "vnic_attachment_5g_ran" {
+  for_each = { for map in local.node_pool_nodes : map.id => map }
+  create_vnic_details {
+    display_name  = "5G RAN vnic"
+    private_ip    = [for hostnum in range(4, 15) : cidrhost(lookup(local.network_cidrs, "SUBNET-5G-RAN-CIDR"), hostnum)][index(local.node_pool_nodes_ids, each.key)]
+    subnet_id     = module.oke-quickstart.subnets["5G_RAN_subnet"].subnet_id
+    defined_tags  = {}
+    freeform_tags = { "Network" : "5G RAN" }
+  }
+  instance_id = each.value.id
+}
+resource "oci_core_vnic_attachment" "vnic_attachment_5g_legal_intercept" {
+  for_each = { for map in local.node_pool_nodes : map.id => map }
+  create_vnic_details {
+    display_name  = "5G Legal Intercept vnic"
+    private_ip    = [for hostnum in range(4, 15) : cidrhost(lookup(local.network_cidrs, "SUBNET-LEGAL-INTERCEPT-CIDR"), hostnum)][index(local.node_pool_nodes_ids, each.key)]
+    subnet_id     = module.oke-quickstart.subnets["Legal_Intercept_subnet"].subnet_id
+    defined_tags  = {}
+    freeform_tags = { "Network" : "5G Legal Intercept" }
+  }
+  instance_id = each.value.id
+}
+resource "oci_core_vnic_attachment" "vnic_attachment_5g_epc" {
+  for_each = { for map in local.node_pool_nodes : map.id => map }
+  create_vnic_details {
+    display_name  = "5G-EPC vnic"
+    private_ip    = [for hostnum in range(4, 15) : cidrhost(lookup(local.network_cidrs, "SUBNET-5G-EPC-CIDR"), hostnum)][index(local.node_pool_nodes_ids, each.key)]
+    subnet_id     = module.oke-quickstart.subnets["5G_EPC_subnet"].subnet_id
+    defined_tags  = {}
+    freeform_tags = { "Network" : "5G-EPC" }
+  }
+  instance_id = each.value.id
+}

examples/5G-NF-Infra/networking.tf

@@ -6,7 +6,7 @@
 # OKE Cluster
 ################################################################################
 module "oke-quickstart" {
-  source = "github.com/oracle-quickstart/terraform-oci-oke-quickstart?ref=0.8.9"
+  source = "github.com/oracle-quickstart/terraform-oci-oke-quickstart?ref=0.8.10"
 
   # Oracle Cloud Infrastructure Tenancy and Compartment OCID
   tenancy_ocid     = var.tenancy_ocid

examples/5G-NF-Infra/oke.tf

@@ -35,8 +35,8 @@ variable "node_pool_instance_shape_1" {
   type = map(any)
   default = {
     "instanceShape" = "VM.Standard3.Flex"
-    "ocpus"         = 6
+    "ocpus"         = 8
     "memory"        = 96
   }
-  description = "Pooll: A shape is a template that determines the number of OCPUs, amount of memory, and other resources allocated to a newly created instance for the Worker Node. Select at least 2 OCPUs and 16GB of memory if using Flex shapes"
+  description = "Pooll: A shape is a template that determines the number of OCPUs, amount of memory, and other resources allocated to a newly created instance for the Worker Node. Select at least 2 OCPUs and 16GB of memory if using Flex shapes."
 }

examples/5G-NF-Infra/variables.tf

@@ -93,7 +93,7 @@ module "oke" {
 ################################################################################
 # Module: OKE Node Pool
 ################################################################################
-module "oke_node_pool" {
+module "oke_node_pools" {
   for_each = { for map in local.node_pools : map.node_pool_name => map }
   source   = "./modules/oke-node-pool"
 
@@ -176,9 +176,9 @@ module "oke_cluster_autoscaler" {
 
   ## Enable Cluster Autoscaler
   cluster_autoscaler_enabled = var.cluster_autoscaler_enabled
-  oke_node_pools             = values(module.oke_node_pool)
+  oke_node_pools             = values(module.oke_node_pools)
 
-  depends_on = [module.oke, module.oke_node_pool]
+  depends_on = [module.oke, module.oke_node_pools]
 }
 
 resource "oci_identity_compartment" "oke_compartment" {

main.tf

@@ -39,24 +39,3 @@ output "oke_cluster_compartment_ocid" {
   value       = local.oke_compartment_ocid
   description = "Compartment OCID used by the OKE Cluster"
 }
-
-# ### Important Security Notice ###
-# # The private key generated by this resource will be stored unencrypted in your Terraform state file. 
-# # Use of this resource for production deployments is not recommended. 
-# # Instead, generate a private key file outside of Terraform and distribute it securely to the system where Terraform will be run.
-# output "generated_private_key_pem" {
-#   value     = var.generate_public_ssh_key ? tls_private_key.oke_worker_node_ssh_key.private_key_pem : "No Keys Auto Generated"
-#   sensitive = true
-# }
-
-# output "oke_debug_oke_private_endpoint" {
-#   value = oci_containerengine_cluster.oke_cluster[0].endpoints.0.private_endpoint
-# }
-
-# output "oke_debug_orm_private_endpoint_reachable_ip" {
-#   value = data.oci_resourcemanager_private_endpoint_reachable_ip.private_kubernetes_endpoint.0.ip_address
-# }
-
-# output "oke_debug_oke_endpoints" {
-#   value = oci_containerengine_cluster.oke_cluster.0.endpoints
-# }

modules/oke/outputs.tf

@@ -28,6 +28,16 @@ output "kubeconfig_for_kubectl" {
   value       = module.oke.kubeconfig_for_kubectl
   description = "If using Terraform locally, this command set KUBECONFIG environment variable to run kubectl locally"
 }
+output "oke_cluster_ocid" {
+  value = module.oke.oke_cluster_ocid
+}
+output "oke_node_pools" {
+  value = module.oke_node_pools
+}
+output "subnets" {
+  value = module.subnets
+}
+
 output "dev" {
   value = module.oke.dev
 }
@@ -39,3 +49,4 @@ output "generated_private_key_pem" {
   value     = var.generate_public_ssh_key ? tls_private_key.oke_worker_node_ssh_key.private_key_pem : "No Keys Auto Generated"
   sensitive = true
 }
+