fix: Use terraform is_image resource.

nirajdp76 · Dec 4, 2019 · 4677020 · 4677020
1 parent ae854d9
commit 4677020
Show file tree

Hide file tree

Showing 8 changed files with 23 additions and 74 deletions.
diff --git a/README.md b/README.md
@@ -51,7 +51,6 @@ Before you apply your template, you can customize the following default variable
 
 |Variable Name|Description|Default Value|
 |-------------|-----------|-------------|
-|`ibmcloud_api_key`|[Temp hack] to workaround IBM IS Provider (Image Create) gap. The APIKey of the IBM Cloud account where resources will be provisioned.|`None`|
 |`ibmcloud_vnf_svc_api_key`|The APIKey of the IBM Cloud NFV service account that is hosting the F5-BIGIP qcow2 image file.|`None`|
 |`generation`|The VPC Generation to target. Valid values are 2 or 1..|`2`|
 |`region`|The VPC Region that you want your VPC to be provisioned. To list available zones, run `ibmcloud is regions`.|`us-south`|

diff --git a/backends.tf b/backends.tf
@@ -22,7 +22,7 @@ data "ibm_is_image" "ubuntu_18_image" {
 
 resource "ibm_is_instance" "backend_vsi" {
   count     = 2
-  name      = "backend-vsi-0${count.index}"
+  name      = "${var.vpc_name}-backend-vsi-0${count.index}"
   image     = "${data.ibm_is_image.ubuntu_18_image.id}"
   profile   = "cx2-2x4"
 

diff --git a/compute.tf b/compute.tf
@@ -23,7 +23,7 @@ data "ibm_is_instance_profile" "f5_profile" {
 ##############################################################################
 resource "ibm_is_instance" "f5_vsi" {
   name    = "${var.f5_vsi_name}"
-  image   = "${data.ibm_is_image.f5_custom_image.id}"
+  image   = "${ibm_is_image.f5_custom_image.id}"
   profile = "${data.ibm_is_instance_profile.f5_profile.name}"
 
   primary_network_interface = {

diff --git a/image.tf b/image.tf
@@ -3,10 +3,8 @@
 #  - Creates IAM Authorization Policy in vnfsvc account
 #  - Creates Custom Image in User account
 #
-# Note: There are following gaps in ibm is provider and thus using Terraform tricks
-# to overcome the gaps for the PoC sake.
-# Gap1: IBM IS Provider missing resource implementation for is_image (Create, update, delete)
-# Gap2: IBM IS provider missing data source to read logged user provider session info
+# Note: There are following gaps in ibm is provider
+# Gap1: : IBM IS provider missing data source to read logged user provider session info
 # example: account-id
 ##############################################################################
 
@@ -35,54 +33,21 @@ resource "ibm_iam_authorization_policy" "authorize_image" {
   target_resource_instance_id   = "${var.vnf_f5bigip_cos_instance_id}"
 }
 
-##############################################################################
-# Read Custom Image using the image name and visibility
-##############################################################################
-data "ibm_is_image" "f5_custom_image" {
-  depends_on  = ["data.external.create_image_hack"]
-  name        = "${var.f5_image_name}"
-  visibility  = "private"
-}
+# ##############################################################################
+# # Read Custom Image using the image name and visibility
+# ##############################################################################
+# data "ibm_is_image" "f5_custom_image" {
+#   depends_on  = ["data.external.create_image_hack"]
+#   name        = "${var.f5_image_name}"
+#   visibility  = "private"
+# }
 
 ##############################################################################
 # Create Custom Image
-# Hack: Given ibm provider is missing ibm_is_image resource we using
-# external data provider tricks and provisining the resource using bash script.
 ##############################################################################
-data "external" "create_image_hack" {
-  depends_on  = ["ibm_iam_authorization_policy.authorize_image"]
-  program     = ["bash", "${path.module}/scripts/create-image-hack.sh"]
-
-  query = {
-    ibmcloud_endpoint         = "${var.ibmcloud_endpoint}"
-    ibmcloud_api_key          = "${var.ibmcloud_api_key}"
-    generation                = "${var.generation}"
-    region                    = "${data.ibm_is_region.region.name}"
-    resource_group_id         = "${data.ibm_resource_group.rg.id}"
-    f5_image_name             = "${var.f5_image_name}"
-    vnf_f5bigip_cos_image_url = "${var.vnf_f5bigip_cos_image_url}"
- }
+resource "ibm_is_image" "f5_custom_image" {
+  depends_on        = ["ibm_iam_authorization_policy.authorize_image"]
+  name              = "${var.f5_image_name}"
+  href              = "${var.vnf_f5bigip_cos_image_url}"
+  operating_system  = "centos-7-amd64"
 }
-
-# resource "null_resource" "null_custom_image" {
-#   # provisioner "local-exec" {
-#   #   command = "${path.module}/scripts/create-image-hack.sh"
-#   #   environment = {
-#   #     ibmcloud_api_key = "${var.ibmcloud_api_key}"
-#   #     generation = "${var.generation}"
-#   #     region = "${var.region}"
-#   #     resource_group_id = "${data.ibm_resource_group.rg.id}"
-#   #     f5_image_name = "${var.f5_image_name}"
-#   #     vnf_f5bigip_cos_image_url = "${var.vnf_f5bigip_cos_image_url}"
-#   #   }
-#   # }
-#   # provisioner "local-exec" {
-#   #   when        = "destroy"
-#   #   command = <<EOT
-#   #     ibmcloud plugin install vpc-infrastructure -f
-#   #     ibmcloud login --apikey ${var.ibmcloud_api_key} -r "${var.region}" -g "${var.resource_group}"
-#   #     ibmcloud is target --gen ${var.generation}
-#   #     ibmcloud is image-delete "${data.external.create_image_hack.result.id}" -f
-#   #   EOT
-#   # }
-# }
diff --git a/network.tf b/network.tf
@@ -19,7 +19,7 @@ data "ibm_is_vpc" "f5_vpc" {
 # Create Public_Gateway for a given VPC
 ##############################################################################
 resource "ibm_is_public_gateway" "f5_gateway" {
-  name = "f5-bigip-1nic-demo-gateway01"
+  name = "${var.vpc_name}-pgw01"
   vpc  = "${data.ibm_is_vpc.f5_vpc.id}"
   zone = "${data.ibm_is_zone.zone.name}"
 
@@ -33,7 +33,7 @@ resource "ibm_is_public_gateway" "f5_gateway" {
 # Create Subnet for a given VPC and Public-Gateway
 ##############################################################################
 resource "ibm_is_subnet" "f5_subnet1" {
-  name            = "f5-bigip-1nic-demo-subnet01"
+  name            = "${var.vpc_name}-f5-subnet01"
   vpc             = "${data.ibm_is_vpc.f5_vpc.id}"
   zone            = "${data.ibm_is_zone.zone.name}"
   ipv4_cidr_block = "10.240.0.0/24"
@@ -44,6 +44,6 @@ resource "ibm_is_subnet" "f5_subnet1" {
 # Create Floating-IP targeted to F5-BIGIP virtual server primary network
 ##############################################################################
 resource ibm_is_floating_ip "f5_fip01" {
-  name   = "f5-bigip-1nic-demo-ip01"
+  name   = "${var.vpc_name}-f5-fip01"
   target = "${ibm_is_instance.f5_vsi.primary_network_interface.0.id}"
 }
diff --git a/provider.tf b/provider.tf
@@ -2,16 +2,6 @@
 # Variable block - See each variable description
 ##############################################################################
 
-##############################################################################
-# ibmcloud_api_key - [Temp hack] Will be removed once IBM Provider supports 
-#                    IS Image Resource
-##############################################################################
-variable "ibmcloud_api_key" {
- default      = ""
- type         = "string"
- description  = "Temp Hack to workaround IBM IS Provider (Image Create) gap. The APIKey of the IBM Cloud account where resources will be provisioned."
-}
-
 ##############################################################################
 # ibmcloud_vnf_svc_api_key - Cloud Service apikey hosting the F5-BIGIP 
 #                            image in COS. This variable is not shown to user.

diff --git a/security-group.tf b/security-group.tf
@@ -3,7 +3,7 @@
 ##############################################################################
 #FIXME - set rules on f5_sg01
 resource "ibm_is_security_group" "f5_sg01" {
-  name = "f5-bigip-1nic-demo-sg01"
+  name = "${var.vpc_name}-sg01"
   vpc  = "${data.ibm_is_vpc.f5_vpc.id}"
 }
 

diff --git a/variables.tf b/variables.tf
@@ -35,15 +35,15 @@ variable "zone" {
 # vpc_name - VPC where resources are to be provisioned.
 ##############################################################################
 variable "vpc_name" {
-  default     = "f5-1arm-vpc"
+  default     = ""
   description = "The name of your VPC where F5-BIGIP VSI is to be provisioned."
 }
 
 ##############################################################################
 # ssh_key_name - The name of the public SSH key to be used when provisining F5-BIGIP VSI.
 ##############################################################################
 variable "ssh_key_name" {
-  default     = "f5-1arm-sshkey"
+  default     = ""
   description = "The name of the public SSH key to be used when provisining F5-BIGIP VSI."
 }
 
@@ -75,8 +75,3 @@ variable "f5_license" {
   default     = ""
   description = "Optional. The BYOL license key that you want your F5 virtual server in a VPC to be used by registration flow during cloud-init."
 }
-
-variable "ibmcloud_endpoint" {
-  default     = "cloud.ibm.com"
-  description = "[Temp Hack] Optional. The IBM Cloud endpoint used by create_image_hack script."
-}