Commit 2d449c88 authored by Daniele Valeriani's avatar Daniele Valeriani

Create the staging network in Azure

parents
*.terraform/
*.terraform.tfstate*
image: "dev.gitlab.org:5005/gitlab/gitlab-build-images:terraform-0.1"
variables:
TF_VAR_az_prod_client_id: ""
TF_VAR_az_prod_client_secret: ""
TF_VAR_az_prod_subscription_id: ""
TF_VAR_az_prod_tenant_id: ""
TF_VAR_do_dev_token: ""
CONSUL_HTTP_ADDR: ""
CONSUL_HTTP_TOKEN: ""
# Disabled for now
#CONSUL_HTTP_SSL: ""
stages:
- planning
- deploy
staging:
stage: planning
script:
- ls -al
- cd ./env-dev && /terraform remote config -backend=consul -backend-config="path=terraform/gitlab-com-staging" && /terraform plan
except:
- master
deploy_staging:
stage: deploy
script:
- cd ./env-dev && /terraform remote config -backend=consul -backend-config="path=terraform/gitlab-com-staging" && /terraform apply
environment:
name: development
url: https://staging.gitlab.com
only:
- master
# GitLab.com Infrastructure
Terraform files that maintain the GitLab.com staging infrastructure and deploy using CI/CD pipelines.
/*
We're not going to put anything at the top
but just in case we run a terraform command
here we want to do nothing
*/
// The Azure credentials are specified in the following environment variables:
//
// ARM_SUBSCRIPTION_ID
// ARM_CLIENT_ID
// ARM_CLIENT_SECRET
// ARM_TENANT_ID
//
// The azurerm provider doesn't need anything else
provider "azurerm" {}
data "terraform_remote_state" "gitlab-com-staging" {
backend = "consul"
config {
path = "terraform/gitlab-com-staging"
}
}
resource "azurerm_resource_group" "GitLabStaging" {
name = "GitLabStaging"
location = "East US 2"
}
resource "azurerm_virtual_network" "GitLabStaging" {
name = "GitLabStaging"
address_space = ["10.128.0.0/11"]
location = "East US 2"
resource_group_name = "${azurerm_resource_group.GitLabStaging.name}"
}
resource "azurerm_network_security_group" "gitlab-staging-nsg" {
name = "gitlab-staging-nsg"
location = "East US 2"
resource_group_name = "${azurerm_resource_group.GitLabStaging.name}"
security_rule {
name = "default-allow-ssh"
priority = 1000
direction = "Inbound"
access = "Allow"
protocol = "TCP"
source_port_range = "*"
source_address_prefix = "*"
destination_port_range = "22"
destination_address_prefix = "*"
}
}
resource "azurerm_subnet" "ExternalLBStaging" {
name = "ExternalLBStaging"
resource_group_name = "${azurerm_resource_group.GitLabStaging.name}"
virtual_network_name = "${azurerm_virtual_network.GitLabStaging.name}"
address_prefix = "10.128.1.0/24"
network_security_group_id = "${azurerm_network_security_group.gitlab-staging-nsg.id}"
}
resource "azurerm_subnet" "InternalLBStaging" {
name = "InternalLBStaging"
resource_group_name = "${azurerm_resource_group.GitLabStaging.name}"
virtual_network_name = "${azurerm_virtual_network.GitLabStaging.name}"
address_prefix = "10.128.2.0/24"
network_security_group_id = "${azurerm_network_security_group.gitlab-staging-nsg.id}"
}
resource "azurerm_subnet" "DBStaging" {
name = "DBStaging"
resource_group_name = "${azurerm_resource_group.GitLabStaging.name}"
virtual_network_name = "${azurerm_virtual_network.GitLabStaging.name}"
address_prefix = "10.129.1.0/24"
network_security_group_id = "${azurerm_network_security_group.gitlab-staging-nsg.id}"
}
resource "azurerm_subnet" "RedisStaging" {
name = "RedisStaging"
resource_group_name = "${azurerm_resource_group.GitLabStaging.name}"
virtual_network_name = "${azurerm_virtual_network.GitLabStaging.name}"
address_prefix = "10.129.2.0/24"
network_security_group_id = "${azurerm_network_security_group.gitlab-staging-nsg.id}"
}
resource "azurerm_subnet" "ConsulStaging" {
name = "ConsulStaging"
resource_group_name = "${azurerm_resource_group.GitLabStaging.name}"
virtual_network_name = "${azurerm_virtual_network.GitLabStaging.name}"
address_prefix = "10.130.1.0/24"
network_security_group_id = "${azurerm_network_security_group.gitlab-staging-nsg.id}"
}
resource "azurerm_subnet" "VaultStaging" {
name = "VaultStaging"
resource_group_name = "${azurerm_resource_group.GitLabStaging.name}"
virtual_network_name = "${azurerm_virtual_network.GitLabStaging.name}"
address_prefix = "10.130.2.0/24"
network_security_group_id = "${azurerm_network_security_group.gitlab-staging-nsg.id}"
}
resource "azurerm_subnet" "MonitoringStaging" {
name = "MonitoringStaging"
resource_group_name = "${azurerm_resource_group.GitLabStaging.name}"
virtual_network_name = "${azurerm_virtual_network.GitLabStaging.name}"
address_prefix = "10.131.1.0/24"
network_security_group_id = "${azurerm_network_security_group.gitlab-staging-nsg.id}"
}
resource "azurerm_subnet" "LogStaging" {
name = "LogStaging"
resource_group_name = "${azurerm_resource_group.GitLabStaging.name}"
virtual_network_name = "${azurerm_virtual_network.GitLabStaging.name}"
address_prefix = "10.131.2.0/24"
network_security_group_id = "${azurerm_network_security_group.gitlab-staging-nsg.id}"
}
resource "azurerm_subnet" "APIStaging" {
name = "APIStaging"
resource_group_name = "${azurerm_resource_group.GitLabStaging.name}"
virtual_network_name = "${azurerm_virtual_network.GitLabStaging.name}"
address_prefix = "10.132.1.0/24"
network_security_group_id = "${azurerm_network_security_group.gitlab-staging-nsg.id}"
}
resource "azurerm_subnet" "GitStaging" {
name = "GitStaging"
resource_group_name = "${azurerm_resource_group.GitLabStaging.name}"
virtual_network_name = "${azurerm_virtual_network.GitLabStaging.name}"
address_prefix = "10.132.2.0/24"
network_security_group_id = "${azurerm_network_security_group.gitlab-staging-nsg.id}"
}
resource "azurerm_subnet" "SidekiqStaging" {
name = "SidekiqStaging"
resource_group_name = "${azurerm_resource_group.GitLabStaging.name}"
virtual_network_name = "${azurerm_virtual_network.GitLabStaging.name}"
address_prefix = "10.132.3.0/24"
network_security_group_id = "${azurerm_network_security_group.gitlab-staging-nsg.id}"
}
resource "azurerm_subnet" "WebStaging" {
name = "WebStaging"
resource_group_name = "${azurerm_resource_group.GitLabStaging.name}"
virtual_network_name = "${azurerm_virtual_network.GitLabStaging.name}"
address_prefix = "10.132.4.0/24"
network_security_group_id = "${azurerm_network_security_group.gitlab-staging-nsg.id}"
}
resource "azurerm_subnet" "NFSStaging" {
name = "NFSStaging"
resource_group_name = "${azurerm_resource_group.GitLabStaging.name}"
virtual_network_name = "${azurerm_virtual_network.GitLabStaging.name}"
address_prefix = "10.133.1.0/24"
network_security_group_id = "${azurerm_network_security_group.gitlab-staging-nsg.id}"
}
// resource "azurerm_availability_set" "GitLabStaging" {
// name = "GitLabStaging"
// location = "East US 2"
// platform_update_domain_count = 20
// platform_fault_domain_count = 3
// resource_group_name = "${azurerm_resource_group.NFS-Prod.name}"
// }
// resource "azurerm_network_interface" "api-staging-01-nic1" {
// name = "api-staging-01-nic1"
// location = "East US 2"
// resource_group_name = "${azurerm_resource_group.NFSProd.name}"
// network_security_group_id = "${azurerm_network_security_group.gitlab-staging-nsg.id}"
// ip_configuration {
// name = "testconfiguration1"
// subnet_id = "${azurerm_subnet.NFSProd.id}"
// private_ip_address_allocation = "dynamic"
// }
// }
//
// resource "azurerm_storage_account" "test" {
// name = "accsa"
// resource_group_name = "${azurerm_resource_group.test.name}"
// location = "westus"
// account_type = "Standard_LRS"
//
// tags {
// environment = "staging"
// }
// }
//
// resource "azurerm_storage_container" "test" {
// name = "vhds"
// resource_group_name = "${azurerm_resource_group.test.name}"
// storage_account_name = "${azurerm_storage_account.test.name}"
// container_access_type = "private"
// }
//
// resource "azurerm_virtual_machine" "test" {
// name = "acctvm"
// location = "West US"
// resource_group_name = "${azurerm_resource_group.test.name}"
// network_interface_ids = ["${azurerm_network_interface.test.id}"]
// vm_size = "Standard_A0"
//
// storage_image_reference {
// publisher = "Canonical"
// offer = "UbuntuServer"
// sku = "14.04.2-LTS"
// version = "latest"
// }
//
// storage_os_disk {
// name = "myosdisk1"
// vhd_uri = "${azurerm_storage_account.test.primary_blob_endpoint}${azurerm_storage_container.test.name}/myosdisk1.vhd"
// caching = "ReadWrite"
// create_option = "FromImage"
// }
//
// os_profile {
// computer_name = "hostname"
// admin_username = "testadmin"
// admin_password = "Password1234!"
// }
//
// os_profile_linux_config {
// disable_password_authentication = false
// }
//
// tags {
// environment = "staging"
// }
// }
## GitLab Variables
variable "az_prod_subscription_id" {}
variable "az_prod_client_id" {}
variable "az_prod_client_secret" {}
variable "az_prod_tenant_id" {}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment