A Passionate Techie

ingress = “22:192.168.0.0/24:tcp,80:172.16.120.0/16:tcp,8080:0.0.0.0/0:tcp” egress = “22:192.168.0.0/24:tcp,80:172.16.120.0/16:tcp,8081:127.0.0.0/0:udp” resource “openstack_compute_secgroup_v2” “secgroup_1” { name = “secgroup” description = “my security group” count = “${length(split(“,”,var.ingress))}” rule { from_port = “${element(split(“:”,element(split(“,”,var.ingress),count.index)), 0)}” to_port = “${element(split(“:”,element(split(“,”,var.ingress),count.index)), 0)}” ip_protocol = “${element(split(“:”,element(split(“,”,var.ingress),count.index)), 2)}” cidr = “${element(split(“:”,element(split(“,”,var.ingress),count.index)), 1)}” } } Note : This will create multiple security groups if you want single security group and multiple rules use following code: resource “openstack_networking_secgroup_v2” “secgroup” { name = “secgroup” description = “My neutron security group” } resource “openstack_networking_secgroup_rule_v2” “secgroup_rule_ingress” { count = “${length(spl...

In general when opening ICMP rule for security groups we generally use the following configuration: Port: -1 Protocol: icmp CIDR: 0.0.0.0/0 But with the openstack terraform when using a negative value for port throws the following error: module.compute.instance.openstack_compute_floatingip_associate_v2.floating_ip_assoc: Creation complete (ID: 10.43.14.187/0e48f51d-6dc0-479d-9481-358e5f739dac/) Error applying plan: 1 error(s) occurred: module.network.module.sg.openstack_networking_secgroup_rule_v2.secgroup_rule_test: 1 error(s) occurred: openstack_networking_secgroup_rule_v2.secgroup_rule_test: Invalid request due to incorrect syntax or missing required parameters. The correct way to open ICMP rule is as follows: resource "openstack_networking_secgroup_rule_v2" "secgroup_rule_test" { direction = "ingress" ethertype = "IPv4" protocol = "icmp" port_range_min = "0" port_range_max = "0" r...

The common way this seems to get done, is via something like  count = "${length(split(",", var.private_subnets))}"  However, this results in either needing trailing commas, or being unable to handle the 0 case: Eg: ${length(split(",", ""))}  is 1 ${length(split(",", "foo"))}  is 1 ${length(split(",", "foo,bar"))}  is 2 ${length(split(",", "")) -1 }  is 0 ${length(split(",", "foo")) - 1}  is 0 ${length(split(",", "foo,")) - 1}  is 1 ${length(split(",", "foo,bar")) - 1}  is 1 neither of those is very satisfying the  compact  function was somewhat recently added to deal with empty strings when splitting so, for example: ${length(compact(split(",", "")))}  should be 0 ${length(compact(split(",", "foo")))}  should be 1 ${length(compact(split(",", "foo,bar...

The common way this seems to get done, is via something like  count = "${length(split(",", var.private_subnets))}"  However, this results in either needing trailing commas, or being unable to handle the 0 case: Eg: ${length(split(",", ""))}  is 1 ${length(split(",", "foo"))}  is 1 ${length(split(",", "foo,bar"))}  is 2 ${length(split(",", "")) -1 }  is 0 ${length(split(",", "foo")) - 1}  is 0 ${length(split(",", "foo,")) - 1}  is 1 ${length(split(",", "foo,bar")) - 1}  is 1 neither of those is very satisfying the  compact  function was somewhat recently added to deal with empty strings when splitting so, for example: ${length(compact(split(",", "")))}  should be 0 ${length(compact(split(",", "foo")))}  should be 1 ${length(compact(split(",", "foo,bar...

In general when opening ICMP rule for security groups we generally use the following configuration: Port: -1 Protocol: icmp CIDR: 0.0.0.0/0 But with the openstack terraform when using a negative value for port throws the following error: module.compute.instance.openstack_compute_floatingip_associate_v2.floating_ip_assoc: Creation complete (ID: 10.43.14.187/0e48f51d-6dc0-479d-9481-358e5f739dac/) Error applying plan: 1 error(s) occurred: module.network.module.sg.openstack_networking_secgroup_rule_v2.secgroup_rule_test: 1 error(s) occurred: openstack_networking_secgroup_rule_v2.secgroup_rule_test: Invalid request due to incorrect syntax or missing required parameters. The correct way to open ICMP rule is as follows: resource "openstack_networking_secgroup_rule_v2" "secgroup_rule_test" { direction = "ingress" ethertype = "IPv4" protocol = "icmp" port_range_min = "0" port_range_max = "0" remote_ip_prefix =...

ingress = "22:192.168.0.0/24:tcp,80:172.16.120.0/16:tcp,8080:0.0.0.0/0:tcp" egress = "22:192.168.0.0/24:tcp,80:172.16.120.0/16:tcp,8081:127.0.0.0/0:udp" resource "openstack_compute_secgroup_v2" "secgroup_1" { name = "secgroup" description = "my security group" count = "${length(split(",",var.ingress))}" rule { from_port = "${element(split(":",element(split(",",var.ingress),count.index)), 0)}" to_port = "${element(split(":",element(split(",",var.ingress),count.index)), 0)}" ip_protocol = "${element(split(":",element(split(",",var.ingress),count.index)), 2)}" cidr = "${element(split(":",element(split(",",var.ingress),count.index)), 1)}" } } Note : This will create multiple security groups if you want single security group and multiple rules use following code: resource "openstack_networ...

Terraform is a tool for building, changing, and versioning infrastructure safely and efficiently. Terraform can manage existing and popular service providers as well as custom in-house solutions. Configuration files describe to Terraform the components needed to run a single application or your entire datacenter. Terraform generates an execution plan describing what it will do to reach the desired state, and then executes it to build the described infrastructure. As the configuration changes, Terraform is able to determine what changed and create incremental execution plans which can be applied. The infrastructure Terraform can manage includes low-level components such as compute instances, storage, and networking, as well as high-level components such as DNS entries, SaaS features, etc. The key features of Terraform are: Infrastructure as Code : Infrastructure is described using a high-level configuration syntax. This allows a blueprint of your datacenter to be versioned and treated...