Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Kerens mac #60

Merged
merged 10 commits into from
Jan 25, 2024
40 changes: 20 additions & 20 deletions .github/workflows/actionlint.yml
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
---
# Copyright (c) NetApp, Inc.
# SPDX-License-Identifier: Apache-2.0

Expand All @@ -17,25 +18,24 @@ jobs:
runs-on: ubuntu-latest

steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0

- name: Super-linter
uses: super-linter/[email protected] # x-release-please-version
env:
DEFAULT_BRANCH: main
# To report GitHub Actions status checks, you must provide a GitHub token.
GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
DEFAULT_BRANCH : main
VALIDATE_BASH : true
VALIDATE_BASH_EXEC : true
BASH_SEVERITY : "error"
VALIDATE_GITHUB_ACTIONS : true
VALIDATE_MARKDOWN : true
VALIDATE_NATURAL_LANGUAGE : true
VALIDATE_POWERSHELL : true
VALIDATE_TERRAFORM_FMT : true
VALIDATE_YAML : true
- name: Super-linter
uses: super-linter/[email protected] # x-release-please-version
env:
DEFAULT_BRANCH: main
# To report GitHub Actions status checks, you must provide a GitHub token.
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
VALIDATE_BASH: true
VALIDATE_BASH_EXEC: true
BASH_SEVERITY: "error"
VALIDATE_GITHUB_ACTIONS: true
# VALIDATE_MARKDOWN: true
# VALIDATE_NATURAL_LANGUAGE: true
VALIDATE_POWERSHELL: true
VALIDATE_TERRAFORM_FMT: true
VALIDATE_YAML: true

1 change: 1 addition & 0 deletions .github/workflows/terraform-docs.yml
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
---
# Copyright (c) NetApp, Inc.
# SPDX-License-Identifier: Apache-2.0

Expand Down
1 change: 1 addition & 0 deletions .github/workflows/terraform.yml
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
---
# Copyright (c) NetApp, Inc.
# SPDX-License-Identifier: Apache-2.0

Expand Down
3 changes: 1 addition & 2 deletions Terraform/deploy-fsx-ontap/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -196,6 +196,7 @@ terraform apply -y
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| fsx_admin_password | The ONTAP administrative password for the fsxadmin user that you can use to administer your file system using the ONTAP CLI and REST API | `string` | n/a | yes |
| kms_key_id | ARN for the KMS Key to encrypt the file system at rest, Defaults to an AWS managed KMS Key. | `string` | n/a | yes |
| route_table_ids | Specifies the VPC route tables in which your file system's endpoints will be created. You should specify all VPC route tables associated with the subnets in which your clients are located. | `list` | n/a | yes |
| backup_retention_days | The number of days to retain automatic backups. Setting this to 0 disables automatic backups. You can retain automatic backups for a maximum of 90 days. | `number` | `0` | no |
| cidr_for_sg | cide block to be used for the ingress rules | `string` | `"0.0.0.0/0"` | no |
Expand All @@ -208,8 +209,6 @@ terraform apply -y
| fsx_name | The deployed filesystem name | `string` | `"terraform-fsxn"` | no |
| fsx_subnets | The IDs of the subnets fro which the FSxN filesystem will be assigned IP addresses | `map` | <pre>{<br> "primarysub": "",<br> "secondarysub": ""<br>}</pre> | no |
| fsx_tput_in_MBps | The throughput capacity (in MBps) for the file system. Valid values are 128, 256, 512, 1024, 2048, and 4096. | `number` | `256` | no |
| ha_pairs | The number of ha_pairs to deploy for the file system. Valid values are 1 through 6. Recommend only using this parameter for 2 or more ha pairs. | `number` | `1` | no |
| kms_key_id | ARN for the KMS Key to encrypt the file system at rest, Defaults to an AWS managed KMS Key. | `string` | `""` | no |
| root_vol_sec_style | Specifies the root volume security style, Valid values are UNIX, NTFS, and MIXED. All volumes created under this SVM will inherit the root security style unless the security style is specified on the volume. | `string` | `"UNIX"` | no |
| storage_type | The filesystem storage type | `string` | `"SSD"` | no |
| svm_name | The name of the Storage Virtual Machine | `string` | `"first_svm"` | no |
Expand Down
54 changes: 27 additions & 27 deletions Terraform/deploy-fsx-ontap/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -14,22 +14,22 @@
*/

resource "aws_security_group" "fsx_sg" {
count = var.create_sg ? 1 : 0
count = var.create_sg ? 1 : 0
name = "fsx_sg"
description = "Allow FSx ONTAP required ports"
vpc_id = var.vpc_id
}

resource "aws_vpc_security_group_ingress_rule" "all_icmp" {
count = var.create_sg ? 1 : 0
count = var.create_sg ? 1 : 0
security_group_id = aws_security_group.fsx_sg[count.index]
description = "Allow all ICMP traffic"
cidr_ipv4 = "0.0.0.0/0"
ip_protocol = "icmp"
}

resource "aws_vpc_security_group_ingress_rule" "nfs_tcp" {
count = var.create_sg ? 1 : 0
count = var.create_sg ? 1 : 0
security_group_id = aws_security_group.fsx_sg[count.index]
description = "Remote procedure call for NFS"
cidr_ipv4 = var.cidr_for_sg
Expand All @@ -39,7 +39,7 @@ resource "aws_vpc_security_group_ingress_rule" "nfs_tcp" {
}

resource "aws_vpc_security_group_ingress_rule" "nfs_udp" {
count = var.create_sg ? 1 : 0
count = var.create_sg ? 1 : 0
security_group_id = aws_security_group.fsx_sg[count.index]
description = "Remote procedure call for NFS"
cidr_ipv4 = var.cidr_for_sg
Expand All @@ -49,7 +49,7 @@ resource "aws_vpc_security_group_ingress_rule" "nfs_udp" {
}

resource "aws_vpc_security_group_ingress_rule" "cifs" {
count = var.create_sg ? 1 : 0
count = var.create_sg ? 1 : 0
security_group_id = aws_security_group.fsx_sg[count.index]
description = "NetBIOS service session for CIFS"
cidr_ipv4 = var.cidr_for_sg
Expand All @@ -59,7 +59,7 @@ resource "aws_vpc_security_group_ingress_rule" "cifs" {
}

resource "aws_vpc_security_group_ingress_rule" "snmp_tcp" {
count = var.create_sg ? 1 : 0
count = var.create_sg ? 1 : 0
security_group_id = aws_security_group.fsx_sg[count.index]
description = "Simple network management protocol for log collection"
cidr_ipv4 = var.cidr_for_sg
Expand All @@ -69,7 +69,7 @@ resource "aws_vpc_security_group_ingress_rule" "snmp_tcp" {
}

resource "aws_vpc_security_group_ingress_rule" "snmp_udp" {
count = var.create_sg ? 1 : 0
count = var.create_sg ? 1 : 0
security_group_id = aws_security_group.fsx_sg[count.index]
description = "Simple network management protocol for log collection"
cidr_ipv4 = var.cidr_for_sg
Expand All @@ -79,7 +79,7 @@ resource "aws_vpc_security_group_ingress_rule" "snmp_udp" {
}

resource "aws_vpc_security_group_ingress_rule" "smb_cifs" {
count = var.create_sg ? 1 : 0
count = var.create_sg ? 1 : 0
security_group_id = aws_security_group.fsx_sg[count.index]
description = "Microsoft SMB/CIFS over TCP with NetBIOS framing"
cidr_ipv4 = var.cidr_for_sg
Expand All @@ -89,7 +89,7 @@ resource "aws_vpc_security_group_ingress_rule" "smb_cifs" {
}

resource "aws_vpc_security_group_ingress_rule" "nfs_mount_tcp" {
count = var.create_sg ? 1 : 0
count = var.create_sg ? 1 : 0
security_group_id = aws_security_group.fsx_sg[count.index]
description = "NFS mount"
cidr_ipv4 = var.cidr_for_sg
Expand All @@ -99,7 +99,7 @@ resource "aws_vpc_security_group_ingress_rule" "nfs_mount_tcp" {
}

resource "aws_vpc_security_group_ingress_rule" "nfs_mount_udp" {
count = var.create_sg ? 1 : 0
count = var.create_sg ? 1 : 0
security_group_id = aws_security_group.fsx_sg[count.index]
description = "NFS mount"
cidr_ipv4 = var.cidr_for_sg
Expand Down Expand Up @@ -128,38 +128,38 @@ resource "aws_vpc_security_group_egress_rule" "allow_all_traffic" {
*/

resource "aws_fsx_ontap_file_system" "terraform-fsxn" {
// REQUIRED PARAMETERS
// REQUIRED PARAMETERS
subnet_ids = [var.fsx_subnets["primarysub"]]
preferred_subnet_id = var.fsx_subnets["primarysub"]

// OPTIONAL PARAMETERS
// OPTIONAL PARAMETERS
storage_capacity = var.fsx_capacity_size_gb
security_group_ids = var.create_sg ? [element(aws_security_group.fsx_sg.*.id, 0)] : []
deployment_type = var.fsx_deploy_type
throughput_capacity = var.fsx_tput_in_MBps
tags = {
Name = var.fsx_name
tags = {
Name = var.fsx_name
}
weekly_maintenance_start_time = var.fsx_maintenance_start_time
kms_key_id = var.kms_key_id
automatic_backup_retention_days = var.backup_retention_days
weekly_maintenance_start_time = var.fsx_maintenance_start_time
kms_key_id = var.kms_key_id
automatic_backup_retention_days = var.backup_retention_days
daily_automatic_backup_start_time = var.daily_backup_start_time
storage_type = var.storage_type
storage_type = var.storage_type
disk_iops_configuration {
iops = var.disk_iops_configuration["iops"]
mode = var.disk_iops_configuration["mode"]
}
fsx_admin_password = var.fsx_admin_password
route_table_ids = var.route_table_ids
route_table_ids = var.route_table_ids
# endpoint_ip_address_range = ""
}

resource "aws_fsx_ontap_storage_virtual_machine" "mysvm" {
// REQUIRED PARAMETERS
// REQUIRED PARAMETERS
file_system_id = aws_fsx_ontap_file_system.terraform-fsxn.id
name = var.svm_name

// OPTIONAL PARAMETERS
// OPTIONAL PARAMETERS
root_volume_security_style = var.root_vol_sec_style
tags = {
Name = var.svm_name
Expand All @@ -168,12 +168,12 @@ resource "aws_fsx_ontap_storage_virtual_machine" "mysvm" {
}

resource "aws_fsx_ontap_volume" "myvol" {
// REQUIRED PARAMETERS
// REQUIRED PARAMETERS
name = var.vol_info["vol_name"]
size_in_megabytes = var.vol_info["size_mg"]
storage_virtual_machine_id = aws_fsx_ontap_storage_virtual_machine.mysvm.id

// OPTIONAL PARAMETERS
// OPTIONAL PARAMETERS
junction_path = var.vol_info["junction_path"]
ontap_volume_type = var.vol_info["vol_type"]
storage_efficiency_enabled = var.vol_info["efficiency"]
Expand All @@ -182,10 +182,10 @@ resource "aws_fsx_ontap_volume" "myvol" {
cooling_period = var.vol_info["cooling_period"]
}
bypass_snaplock_enterprise_retention = var.vol_info["bypass_sl_retention"]
copy_tags_to_backups = var.vol_info["copy_tags_to_backups"]
security_style = var.vol_info["sec_style"]
skip_final_backup = var.vol_info["skip_final_backup"]
copy_tags_to_backups = var.vol_info["copy_tags_to_backups"]
security_style = var.vol_info["sec_style"]
skip_final_backup = var.vol_info["skip_final_backup"]
# snaplock_configuration {}
snapshot_policy = "NONE"
tags = var.tags
tags = var.tags
}
1 change: 0 additions & 1 deletion Terraform/deploy-fsx-ontap/output.tf
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
output "my_fsx_ontap_security_group_id" {
description = "The ID of the FSxN Security Group"
value = var.create_sg ? [element(aws_security_group.fsx_sg.*.id, 0)] : []

}

output "my_filesystem_id" {
Expand Down
Loading