From 92331e9e603d83e782f6192bed128bce55247b57 Mon Sep 17 00:00:00 2001 From: RavinderReddyF5 Date: Wed, 15 Mar 2023 23:39:57 +0530 Subject: [PATCH] adding new atc tools installation and readme changes --- examples/bigip_aws_1nic_deploy/README.md | 51 ++++++++----- examples/bigip_aws_1nic_deploy/main.tf | 10 +++ .../bigip_aws_1nic_deploy_airgap/README.md | 51 ++++++++----- .../README.md | 62 +++++++++++----- .../README.md | 56 ++++++++------ examples/bigip_aws_2nic_deploy/README.md | 54 +++++++++----- examples/bigip_aws_3nic_deploy/README.md | 59 ++++++++++----- examples/bigip_aws_4nic_deploy/README.md | 73 +++++++++++-------- examples/bigip_aws_iam_profile/README.md | 68 +++++++++-------- variables.tf | 10 +-- 10 files changed, 308 insertions(+), 186 deletions(-) diff --git a/examples/bigip_aws_1nic_deploy/README.md b/examples/bigip_aws_1nic_deploy/README.md index 8f193ae..38ace04 100644 --- a/examples/bigip_aws_1nic_deploy/README.md +++ b/examples/bigip_aws_1nic_deploy/README.md @@ -1,35 +1,41 @@ -## Deploys F5 BIG-IP AWS Cloud +# Deploys F5 BIG-IP AWS Cloud -This Terraform module example deploys 1-NIC BIG-IP in AWS, deployed BIGIP will be having management interface associated with user provided subnet and security-group +* This Terraform module example deploys 1-NIC BIG-IP in AWS cloud. +* Using module `count` feature we can also deploy multiple BIGIP instances(default value of `count` is **1**) +* Management interface associated with user provided **mgmt_subnet_ids** and **mgmt_securitygroup_ids** +* Random generated `password` for login to BIG-IP -## Steps to clone and use the module example locally +## Example Usage -```shell -git clone https://github.com/f5devcentral/terraform-aws-bigip-module -cd terraform-aws-bigip-module/examples/bigip_aws_1nic_deploy/ +```hcl +module "bigip" { + source = "F5Networks/bigip-module/aws" + count = var.instance_count + prefix = format("%s-1nic", var.prefix) + ec2_key_name = aws_key_pair.generated_key.key_name + f5_password = random_string.password.result + mgmt_subnet_ids = [{ "subnet_id" = aws_subnet.mgmt.id, "public_ip" = true, "private_ip_primary" = "" }] + mgmt_securitygroup_ids = [module.mgmt-network-security-group.security_group_id] +} ``` -- Then follow the stated process in Example Usage below - -## Example Usage - -- Modify `terraform.tfvars` according to the requirement by changing `region` and `AllowedIPs` variables as follows: +* Modify `terraform.tfvars` according to the requirement by changing `region` and `AllowedIPs` variables as follows: ```hcl region = "ap-south-1" AllowedIPs = ["0.0.0.0/0"] ``` -- Next, run the following commands to create and destroy your configuration +* Next, run the following commands to create and destroy your configuration ```shell - terraform init - terraform plan - terraform apply - terraform destroy + $terraform init + $terraform plan + $terraform apply + $terraform destroy ``` -#### Optional Input Variables +### Optional Input Variables | Name | Description | Type | Default | |------|-------------|------|---------| @@ -37,7 +43,7 @@ cd terraform-aws-bigip-module/examples/bigip_aws_1nic_deploy/ | cidr | aws VPC CIDR | `string` | 10.2.0.0/16 | | availabilityZones | If you want the VM placed in an Availability Zone, and the AWS region you are deploying to supports it, specify the numbers of the existing Availability Zone you want to use | `List` | ["us-east-1a"] | -#### Output Variables +### Output Variables | Name | Description | |------|-------------| @@ -51,4 +57,11 @@ cd terraform-aws-bigip-module/examples/bigip_aws_1nic_deploy/ | public\_addresses | List of BIG-IP public addresses | | vpc\_id | VPC Id where BIG-IP Deployed | -**NOTE:** A local json file will get generated which contains the DO declaration +~>**NOTE:** A local json file will get generated which contains the DO declaration + +#### Steps to clone and use the module example locally + +```shell +$git clone https://github.com/F5Networks/terraform-aws-bigip-module +$cd terraform-aws-bigip-module/examples/bigip_aws_1nic_deploy/ +``` diff --git a/examples/bigip_aws_1nic_deploy/main.tf b/examples/bigip_aws_1nic_deploy/main.tf index c4369ff..33e0cab 100644 --- a/examples/bigip_aws_1nic_deploy/main.tf +++ b/examples/bigip_aws_1nic_deploy/main.tf @@ -180,6 +180,16 @@ resource "aws_key_pair" "generated_key" { } +module "bigip" { + source = "F5Networks/bigip-module/aws" + count = var.instance_count + prefix = format("%s-1nic", var.prefix) + ec2_key_name = aws_key_pair.generated_key.key_name + f5_password = random_string.password.result + mgmt_subnet_ids = [{ "subnet_id" = aws_subnet.mgmt.id, "public_ip" = true, "private_ip_primary" = "" }] + mgmt_securitygroup_ids = [module.mgmt-network-security-group.security_group_id] +} + # # Create BIG-IP # diff --git a/examples/bigip_aws_1nic_deploy_airgap/README.md b/examples/bigip_aws_1nic_deploy_airgap/README.md index 8f193ae..0721b4c 100644 --- a/examples/bigip_aws_1nic_deploy_airgap/README.md +++ b/examples/bigip_aws_1nic_deploy_airgap/README.md @@ -1,35 +1,41 @@ -## Deploys F5 BIG-IP AWS Cloud +# Deploys F5 BIG-IP AWS Cloud -This Terraform module example deploys 1-NIC BIG-IP in AWS, deployed BIGIP will be having management interface associated with user provided subnet and security-group +* This Terraform module example deploys 1-NIC BIG-IP in AWS cloud. +* Using module `count` feature we can also deploy multiple BIGIP instances(default value of `count` is **1**) +* Management interface associated with user provided **mgmt_subnet_ids** and **mgmt_securitygroup_ids** +* Random generated `password` for login to BIG-IP -## Steps to clone and use the module example locally +## Example Usage -```shell -git clone https://github.com/f5devcentral/terraform-aws-bigip-module -cd terraform-aws-bigip-module/examples/bigip_aws_1nic_deploy/ +```hcl +module "bigip" { + source = "F5Networks/bigip-module/aws" + count = var.instance_count + prefix = format("%s-1nic", var.prefix) + ec2_key_name = aws_key_pair.generated_key.key_name + f5_password = random_string.password.result + mgmt_subnet_ids = [{ "subnet_id" = aws_subnet.mgmt.id, "public_ip" = false, "private_ip_primary" = "" }] + mgmt_securitygroup_ids = [module.mgmt-network-security-group.security_group_id] +} ``` -- Then follow the stated process in Example Usage below - -## Example Usage - -- Modify `terraform.tfvars` according to the requirement by changing `region` and `AllowedIPs` variables as follows: +* Modify `terraform.tfvars` according to the requirement by changing `region` and `AllowedIPs` variables as follows: ```hcl region = "ap-south-1" AllowedIPs = ["0.0.0.0/0"] ``` -- Next, run the following commands to create and destroy your configuration +* Next, run the following commands to create and destroy your configuration ```shell - terraform init - terraform plan - terraform apply - terraform destroy + $terraform init + $terraform plan + $terraform apply + $terraform destroy ``` -#### Optional Input Variables +### Optional Input Variables | Name | Description | Type | Default | |------|-------------|------|---------| @@ -37,7 +43,7 @@ cd terraform-aws-bigip-module/examples/bigip_aws_1nic_deploy/ | cidr | aws VPC CIDR | `string` | 10.2.0.0/16 | | availabilityZones | If you want the VM placed in an Availability Zone, and the AWS region you are deploying to supports it, specify the numbers of the existing Availability Zone you want to use | `List` | ["us-east-1a"] | -#### Output Variables +### Output Variables | Name | Description | |------|-------------| @@ -51,4 +57,11 @@ cd terraform-aws-bigip-module/examples/bigip_aws_1nic_deploy/ | public\_addresses | List of BIG-IP public addresses | | vpc\_id | VPC Id where BIG-IP Deployed | -**NOTE:** A local json file will get generated which contains the DO declaration +~>**NOTE:** A local json file will get generated which contains the DO declaration + +#### Steps to clone and use the module example locally + +```shell +$git clone https://github.com/F5Networks/terraform-aws-bigip-module +$cd terraform-aws-bigip-module/examples/bigip_aws_1nic_deploy_airgap/ +``` diff --git a/examples/bigip_aws_1nic_deploy_custom_runtime_init/README.md b/examples/bigip_aws_1nic_deploy_custom_runtime_init/README.md index 8f193ae..bffddf7 100644 --- a/examples/bigip_aws_1nic_deploy_custom_runtime_init/README.md +++ b/examples/bigip_aws_1nic_deploy_custom_runtime_init/README.md @@ -1,35 +1,52 @@ -## Deploys F5 BIG-IP AWS Cloud +# Deploys F5 BIG-IP AWS Cloud -This Terraform module example deploys 1-NIC BIG-IP in AWS, deployed BIGIP will be having management interface associated with user provided subnet and security-group +* This Terraform module example deploys 1-NIC BIG-IP in AWS cloud. +* Using module `count` feature we can also deploy multiple BIGIP instances(default value of `count` is **1**) +* Management interface associated with user provided **mgmt_subnet_ids** and **mgmt_securitygroup_ids** +* Random generated `password` for login to BIG-IP -## Steps to clone and use the module example locally +## Example Usage -```shell -git clone https://github.com/f5devcentral/terraform-aws-bigip-module -cd terraform-aws-bigip-module/examples/bigip_aws_1nic_deploy/ +```hcl +module "bigip" { + source = "F5Networks/bigip-module/aws" + count = var.instance_count + prefix = format("%s-1nic", var.prefix) + ec2_key_name = aws_key_pair.generated_key.key_name + f5_password = random_string.password.result + mgmt_subnet_ids = [{ "subnet_id" = aws_subnet.mgmt.id, "public_ip" = true, "private_ip_primary" = "" }] + mgmt_securitygroup_ids = [module.mgmt-network-security-group.security_group_id] + custom_user_data = templatefile("custom_onboard_big.tmpl", { + bigip_username = "bigipuser" + ssh_keypair = fileexists("~/.ssh/id_rsa.pub") ? file("~/.ssh/id_rsa.pub") : "" + aws_secretmanager_auth = false + bigip_password = "xxxxxx" + INIT_URL = "https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/v1.2.1/dist/f5-bigip-runtime-init-1.2.1-1.gz.run", + DO_URL = "https://github.com/F5Networks/f5-declarative-onboarding/releases/download/v1.21.0/f5-declarative-onboarding-1.21.0-3.noarch.rpm", + DO_VER = "v1.21.0" + AS3_URL = "https://github.com/F5Networks/f5-appsvcs-extension/releases/download/v3.28.0/f5-appsvcs-3.28.0-3.noarch.rpm", + AS3_VER = "v3.28.0" + }) +} ``` -- Then follow the stated process in Example Usage below - -## Example Usage - -- Modify `terraform.tfvars` according to the requirement by changing `region` and `AllowedIPs` variables as follows: +* Modify `terraform.tfvars` according to the requirement by changing `region` and `AllowedIPs` variables as follows: ```hcl region = "ap-south-1" AllowedIPs = ["0.0.0.0/0"] ``` -- Next, run the following commands to create and destroy your configuration +* Next, run the following commands to create and destroy your configuration ```shell - terraform init - terraform plan - terraform apply - terraform destroy + $terraform init + $terraform plan + $terraform apply + $terraform destroy ``` -#### Optional Input Variables +### Optional Input Variables | Name | Description | Type | Default | |------|-------------|------|---------| @@ -37,7 +54,7 @@ cd terraform-aws-bigip-module/examples/bigip_aws_1nic_deploy/ | cidr | aws VPC CIDR | `string` | 10.2.0.0/16 | | availabilityZones | If you want the VM placed in an Availability Zone, and the AWS region you are deploying to supports it, specify the numbers of the existing Availability Zone you want to use | `List` | ["us-east-1a"] | -#### Output Variables +### Output Variables | Name | Description | |------|-------------| @@ -51,4 +68,11 @@ cd terraform-aws-bigip-module/examples/bigip_aws_1nic_deploy/ | public\_addresses | List of BIG-IP public addresses | | vpc\_id | VPC Id where BIG-IP Deployed | -**NOTE:** A local json file will get generated which contains the DO declaration +~>**NOTE:** A local json file will get generated which contains the DO declaration + +#### Steps to clone and use the module example locally + +```shell +$git clone https://github.com/F5Networks/terraform-aws-bigip-module +$cd terraform-aws-bigip-module/examples/bigip_aws_1nic_deploy_custom_runtime_init/ +``` diff --git a/examples/bigip_aws_1nic_deploy_module_count/README.md b/examples/bigip_aws_1nic_deploy_module_count/README.md index 49a915a..38ace04 100644 --- a/examples/bigip_aws_1nic_deploy_module_count/README.md +++ b/examples/bigip_aws_1nic_deploy_module_count/README.md @@ -1,47 +1,49 @@ -## Deploys F5 BIG-IP AWS Cloud +# Deploys F5 BIG-IP AWS Cloud -This Terraform module example deploys 2 BIG-IPs(1-Nic) in AWS and by using module count feature. +* This Terraform module example deploys 1-NIC BIG-IP in AWS cloud. +* Using module `count` feature we can also deploy multiple BIGIP instances(default value of `count` is **1**) +* Management interface associated with user provided **mgmt_subnet_ids** and **mgmt_securitygroup_ids** +* Random generated `password` for login to BIG-IP -- we can deploy multiple BIGIP instances by using module count feature. ref: [module count](https://www.terraform.io/docs/language/meta-arguments/count.html) - -## Steps to clone and use the module example locally +## Example Usage -```shell -git clone https://github.com/f5devcentral/terraform-aws-bigip-module -cd terraform-aws-bigip-module/examples/bigip_aws_1nic_deploy_module_count/ +```hcl +module "bigip" { + source = "F5Networks/bigip-module/aws" + count = var.instance_count + prefix = format("%s-1nic", var.prefix) + ec2_key_name = aws_key_pair.generated_key.key_name + f5_password = random_string.password.result + mgmt_subnet_ids = [{ "subnet_id" = aws_subnet.mgmt.id, "public_ip" = true, "private_ip_primary" = "" }] + mgmt_securitygroup_ids = [module.mgmt-network-security-group.security_group_id] +} ``` -- Then follow the stated process in Example Usage below - -## Example Usage - -- Modify `terraform.tfvars` according to the requirement by changing `region` and `AllowedIPs` variables as follows: +* Modify `terraform.tfvars` according to the requirement by changing `region` and `AllowedIPs` variables as follows: ```hcl region = "ap-south-1" AllowedIPs = ["0.0.0.0/0"] - instance_count = 2 ``` -- Next, run the following commands to create and destroy your configuration +* Next, run the following commands to create and destroy your configuration ```shell - terraform init - terraform plan - terraform apply - terraform destroy + $terraform init + $terraform plan + $terraform apply + $terraform destroy ``` -#### Optional Input Variables +### Optional Input Variables | Name | Description | Type | Default | |------|-------------|------|---------| | prefix | Prefix for resources created by this module | `string` | tf-aws-bigip | | cidr | aws VPC CIDR | `string` | 10.2.0.0/16 | | availabilityZones | If you want the VM placed in an Availability Zone, and the AWS region you are deploying to supports it, specify the numbers of the existing Availability Zone you want to use | `List` | ["us-east-1a"] | -| instance_count | Number of Bigip instances to create | `number` | 1 | -#### Output Variables +### Output Variables | Name | Description | |------|-------------| @@ -55,5 +57,11 @@ cd terraform-aws-bigip-module/examples/bigip_aws_1nic_deploy_module_count/ | public\_addresses | List of BIG-IP public addresses | | vpc\_id | VPC Id where BIG-IP Deployed | -**NOTE** |A local json file will get generated which contains the DO declaration| -|------|-----| +~>**NOTE:** A local json file will get generated which contains the DO declaration + +#### Steps to clone and use the module example locally + +```shell +$git clone https://github.com/F5Networks/terraform-aws-bigip-module +$cd terraform-aws-bigip-module/examples/bigip_aws_1nic_deploy/ +``` diff --git a/examples/bigip_aws_2nic_deploy/README.md b/examples/bigip_aws_2nic_deploy/README.md index 8c1f328..7e04bea 100644 --- a/examples/bigip_aws_2nic_deploy/README.md +++ b/examples/bigip_aws_2nic_deploy/README.md @@ -1,35 +1,44 @@ -## Deploys F5 BIG-IP AWS Cloud +# Deploys F5 BIG-IP AWS Cloud -This Terraform module example deploys 2-NIC BIG-IP in AWS, deployed BIGIP will be having management/external/internal interface associated with user provided subnet and security-group +* This Terraform module example deploys `2-NIC` BIG-IP in AWS cloud. +* Using module `count` feature we can also deploy multiple BIGIP instances(default value of `count` is **1**) +* Management interface associated with user provided **mgmt_subnet_ids** and **mgmt_securitygroup_ids** +* External interface associated with user provided **external_subnet_ids** and **external_securitygroup_ids** +* Random generated `password` for login to BIG-IP -## Steps to clone and use the module example locally +## Example Usage -```shell -git clone https://github.com/f5devcentral/terraform-aws-bigip-module -cd terraform-aws-bigip-module/examples/bigip_aws_2nic_deploy/ +```hcl +module "bigip" { + source = "F5Networks/bigip-module/aws" + count = var.instance_count + prefix = format("%s-2nic", var.prefix) + ec2_key_name = aws_key_pair.generated_key.key_name + aws_secretmanager_secret_id = aws_secretsmanager_secret.bigip.id + mgmt_subnet_ids = [{ "subnet_id" = aws_subnet.mgmt.id, "public_ip" = true, "private_ip_primary" = "" }] + mgmt_securitygroup_ids = [module.mgmt-network-security-group.security_group_id] + external_securitygroup_ids = [module.external-network-security-group-public.security_group_id] + external_subnet_ids = [{ "subnet_id" = aws_subnet.external-public.id, "public_ip" = true, "private_ip_primary" = "", "private_ip_secondary" = "" }] +} ``` -- Then follow the stated process in Example Usage below - -## Example Usage - -- Modify `terraform.tfvars` according to the requirement by changing `region` and `AllowedIPs` variables as follows: +* Modify `terraform.tfvars` according to the requirement by changing `region` and `AllowedIPs` variables as follows: ```hcl region = "ap-south-1" AllowedIPs = ["0.0.0.0/0"] ``` -- Next, run the following commands to create and destroy your configuration +* Next, run the following commands to create and destroy your configuration ```shell - terraform init - terraform plan - terraform apply - terraform destroy + $terraform init + $terraform plan + $terraform apply + $terraform destroy ``` -#### Optional Input Variables +### Optional Input Variables | Name | Description | Type | Default | |------|-------------|------|---------| @@ -37,7 +46,7 @@ cd terraform-aws-bigip-module/examples/bigip_aws_2nic_deploy/ | cidr | aws VPC CIDR | `string` | 10.2.0.0/16 | | availabilityZones | If you want the VM placed in an Availability Zone, and the AWS region you are deploying to supports it, specify the numbers of the existing Availability Zone you want to use | `List` | ["us-east-1a"] | -#### Output Variables +### Output Variables | Name | Description | |------|-------------| @@ -51,4 +60,11 @@ cd terraform-aws-bigip-module/examples/bigip_aws_2nic_deploy/ | public\_addresses | List of BIG-IP public addresses | | vpc\_id | VPC Id where BIG-IP Deployed | -**NOTE:** A local json file will get generated which contains the DO declaration \ No newline at end of file +~>**NOTE:** A local json file will get generated which contains the DO declaration + +#### Steps to clone and use the module example locally + +```shell +$git clone https://github.com/F5Networks/terraform-aws-bigip-module +$cd terraform-aws-bigip-module/examples/bigip_aws_2nic_deploy/ +``` diff --git a/examples/bigip_aws_3nic_deploy/README.md b/examples/bigip_aws_3nic_deploy/README.md index 1ed2f1c..36234fe 100644 --- a/examples/bigip_aws_3nic_deploy/README.md +++ b/examples/bigip_aws_3nic_deploy/README.md @@ -1,35 +1,49 @@ -## Deploys F5 BIG-IP AWS Cloud +# Deploys F5 BIG-IP AWS Cloud -This Terraform module example deploys 3-NIC BIG-IP in AWS, deployed BIGIP will be having management/external/internal interface associated with user provided subnet and security-group +* This Terraform module example deploys `3-NIC` BIG-IP in AWS cloud. +* Using module `count` feature we can also deploy multiple BIGIP instances(default value of `count` is **1**) +* Management interface associated with user provided **mgmt_subnet_ids** and **mgmt_securitygroup_ids** +* External interface associated with user provided **external_subnet_ids** and **external_securitygroup_ids** +* Internal interface associated with user provided **internal_subnet_ids** and **internal_securitygroup_ids** +* Random generated `password` for login to BIG-IP -## Steps to clone and use the module example locally +## Example Usage -```shell -git clone https://github.com/f5devcentral/terraform-aws-bigip-module -cd terraform-aws-bigip-module/examples/bigip_aws_3nic_deploy/ +```hcl +module "bigip" { + source = "F5Networks/bigip-module/aws" + count = var.instance_count + prefix = format("%s-3nic", var.prefix) + ec2_key_name = aws_key_pair.generated_key.key_name + aws_secretmanager_secret_id = aws_secretsmanager_secret.bigip.id + mgmt_subnet_ids = [{ "subnet_id" = aws_subnet.mgmt.id, "public_ip" = true, "private_ip_primary" = "" }] + mgmt_securitygroup_ids = [module.mgmt-network-security-group.security_group_id] + external_securitygroup_ids = [module.external-network-security-group-public.security_group_id] + internal_securitygroup_ids = [module.internal-network-security-group-public.security_group_id] + external_subnet_ids = [{ "subnet_id" = aws_subnet.external-public.id, "public_ip" = true, "private_ip_primary" = "", "private_ip_secondary" = "" }] + # external_subnet_ids = [{ "subnet_id" = aws_subnet.external-public.id, "public_ip" = true, "private_ip_primary" = "10.0.2.90", "private_ip_secondary" = "" }] + internal_subnet_ids = [{ "subnet_id" = aws_subnet.internal.id, "public_ip" = false, "private_ip_primary" = "" }] + //depends_on = [aws_secretsmanager_secret.bigip] +} ``` -- Then follow the stated process in Example Usage below - -## Example Usage - -- Modify `terraform.tfvars` according to the requirement by changing `region` and `AllowedIPs` variables as follows: +* Modify `terraform.tfvars` according to the requirement by changing `region` and `AllowedIPs` variables as follows: ```hcl region = "ap-south-1" AllowedIPs = ["0.0.0.0/0"] ``` -- Next, run the following commands to create and destroy your configuration +* Next, run the following commands to create and destroy your configuration ```shell - terraform init - terraform plan - terraform apply - terraform destroy + $terraform init + $terraform plan + $terraform apply + $terraform destroy ``` -#### Optional Input Variables +### Optional Input Variables | Name | Description | Type | Default | |------|-------------|------|---------| @@ -37,7 +51,7 @@ cd terraform-aws-bigip-module/examples/bigip_aws_3nic_deploy/ | cidr | aws VPC CIDR | `string` | 10.2.0.0/16 | | availabilityZones | If you want the VM placed in an Availability Zone, and the AWS region you are deploying to supports it, specify the numbers of the existing Availability Zone you want to use | `List` | ["us-east-1a"] | -#### Output Variables +### Output Variables | Name | Description | |------|-------------| @@ -51,4 +65,11 @@ cd terraform-aws-bigip-module/examples/bigip_aws_3nic_deploy/ | public\_addresses | List of BIG-IP public addresses | | vpc\_id | VPC Id where BIG-IP Deployed | -**NOTE:** A local json file will get generated which contains the DO declaration \ No newline at end of file +~>**NOTE:** A local json file will get generated which contains the DO declaration + +#### Steps to clone and use the module example locally + +```shell +$git clone https://github.com/F5Networks/terraform-aws-bigip-module +$cd terraform-aws-bigip-module/examples/bigip_aws_3nic_deploy/ +``` diff --git a/examples/bigip_aws_4nic_deploy/README.md b/examples/bigip_aws_4nic_deploy/README.md index 2143574..35c5dd5 100644 --- a/examples/bigip_aws_4nic_deploy/README.md +++ b/examples/bigip_aws_4nic_deploy/README.md @@ -1,48 +1,56 @@ -## Deploys F5 BIG-IP AWS Cloud +# Deploys F5 BIG-IP AWS Cloud -This Terraform module deploys 4-NIC BIG-IP in AWS and by using module count feature we can also deploy multiple BIGIP instances(default value of count as 1 ) with the following characteristics: +* This Terraform module example deploys `4-NIC` BIG-IP in AWS cloud. +* Using module `count` feature we can also deploy multiple BIGIP instances(default value of `count` is **1**) +* Management interface associated with user provided **mgmt_subnet_ids** and **mgmt_securitygroup_ids** +* External interface associated with user provided **external_subnet_ids** and **external_securitygroup_ids** +* Internal interface associated with user provided **internal_subnet_ids** and **internal_securitygroup_ids** +* Random generated `password` for login to BIG-IP -BIG-IP 4 Nic as management interface associated with user provided subnet and security-group - - -## Steps to clone and use the provisioner locally - -``` -$ git clone https://github.com/f5devcentral/terraform-aws-bigip-module -$ cd terraform-aws-bigip-module/examples/bigip_aws_4nic_deploy/ +## Example Usage +```hcl +module "bigip" { + source = "F5Networks/bigip-module/aws" + count = var.instance_count + prefix = format("%s-3nic", var.prefix) + ec2_key_name = aws_key_pair.generated_key.key_name + aws_secretmanager_secret_id = aws_secretsmanager_secret.bigip.id + mgmt_subnet_ids = [{ "subnet_id" = aws_subnet.mgmt.id, "public_ip" = true, "private_ip_primary" = "" }] + mgmt_securitygroup_ids = [module.mgmt-network-security-group.security_group_id] + external_securitygroup_ids = [module.external-network-security-group-public.security_group_id, module.external-network-security-group-public2.security_group_id] + internal_securitygroup_ids = [module.internal-network-security-group-public.security_group_id] + external_subnet_ids = [{ "subnet_id" = aws_subnet.external-public.id, "public_ip" = true, "private_ip_primary" = "", "private_ip_secondary" = "" }, { "subnet_id" = aws_subnet.external-subnet2.id, "public_ip" = false, "private_ip_primary" = "", "private_ip_secondary" = "" }] + internal_subnet_ids = [{ "subnet_id" = aws_subnet.internal.id, "public_ip" = false, "private_ip_primary" = "" }] + //depends_on = [aws_secretsmanager_secret.bigip] +} ``` -- Then follow the stated process in Example Usage below - -## Example Usage - ->Modify terraform.tfvars according to the requirement by changing `region` and `AllowedIPs` variables as follows +* Modify `terraform.tfvars` according to the requirement by changing `region` and `AllowedIPs` variables as follows: -``` -region = "ap-south-1" -AllowedIPs = ["0.0.0.0/0"] -``` -Next, Run the following commands to create and destroy your configuration + ```hcl + region = "ap-south-1" + AllowedIPs = ["0.0.0.0/0"] + ``` -``` -$ terraform init -$ terraform plan -$ terraform apply -$ terraform destroy +* Next, run the following commands to create and destroy your configuration -``` + ```shell + $terraform init + $terraform plan + $terraform apply + $terraform destroy + ``` -#### Optional Input Variables +### Optional Input Variables | Name | Description | Type | Default | |------|-------------|------|---------| | prefix | Prefix for resources created by this module | `string` | tf-aws-bigip | | cidr | aws VPC CIDR | `string` | 10.2.0.0/16 | | availabilityZones | If you want the VM placed in an Availability Zone, and the AWS region you are deploying to supports it, specify the numbers of the existing Availability Zone you want to use | `List` | ["us-east-1a"] | -| instance_count | Number of Bigip instances to create | `number` | 1 | -#### Output Variables +### Output Variables | Name | Description | |------|-------------| @@ -56,8 +64,11 @@ $ terraform destroy | public\_addresses | List of BIG-IP public addresses | | vpc\_id | VPC Id where BIG-IP Deployed | +~>**NOTE:** A local json file will get generated which contains the DO declaration +#### Steps to clone and use the module example locally +```shell +$git clone https://github.com/F5Networks/terraform-aws-bigip-module +$cd terraform-aws-bigip-module/examples/bigip_aws_4nic_deploy/ ``` -NOTE: A local json file will get generated which contains the DO declaration -``` \ No newline at end of file diff --git a/examples/bigip_aws_iam_profile/README.md b/examples/bigip_aws_iam_profile/README.md index cfa35a0..76684a8 100644 --- a/examples/bigip_aws_iam_profile/README.md +++ b/examples/bigip_aws_iam_profile/README.md @@ -1,48 +1,51 @@ -## Deploys F5 BIG-IP AWS Cloud +# Deploys F5 BIG-IP AWS Cloud -This Terraform module deploys 1-NIC BIG-IP in AWS and by using module count feature we can also deploy multiple BIGIP instances(default value of count as 1 ) with the following characteristics: +* This Terraform module example deploys 1-NIC BIG-IP in AWS cloud. +* Using module `count` feature we can also deploy multiple BIGIP instances(default value of `count` is **1**) +* Management interface associated with user provided **mgmt_subnet_ids** and **mgmt_securitygroup_ids** +* Random generated `password` for login to BIG-IP -BIG-IP 1 Nic as management interface associated with user provided subnet and security-group - - -## Steps to clone and use the provisioner locally - -``` -$ git clone https://github.com/f5devcentral/terraform-aws-bigip-module -$ cd terraform-aws-bigip-module/examples/bigip_aws_1nic_deploy/ +## Example Usage +```hcl +module "bigip" { + source = "F5Networks/bigip-module/aws" + count = var.instance_count + prefix = format("%s-1nic", var.prefix) + ec2_key_name = aws_key_pair.generated_key.key_name + aws_secretmanager_auth = true + aws_secretmanager_secret_id = aws_secretsmanager_secret.bigip.id + aws_iam_instance_profile = aws_iam_instance_profile.instance_profile.name + mgmt_subnet_ids = [{ "subnet_id" = aws_subnet.mgmt.id, "public_ip" = true, "private_ip_primary" = "" }] + mgmt_securitygroup_ids = [module.mgmt-network-security-group.security_group_id] +} ``` -- Then follow the stated process in Example Usage below - -## Example Usage - ->Modify terraform.tfvars according to the requirement by changing `region` and `AllowedIPs` variables as follows +* Modify `terraform.tfvars` according to the requirement by changing `region` and `AllowedIPs` variables as follows: -``` -region = "ap-south-1" -AllowedIPs = ["0.0.0.0/0"] -``` -Next, Run the following commands to create and destroy your configuration + ```hcl + region = "ap-south-1" + AllowedIPs = ["0.0.0.0/0"] + ``` -``` -$ terraform init -$ terraform plan -$ terraform apply -$ terraform destroy +* Next, run the following commands to create and destroy your configuration -``` + ```shell + $terraform init + $terraform plan + $terraform apply + $terraform destroy + ``` -#### Optional Input Variables +### Optional Input Variables | Name | Description | Type | Default | |------|-------------|------|---------| | prefix | Prefix for resources created by this module | `string` | tf-aws-bigip | | cidr | aws VPC CIDR | `string` | 10.2.0.0/16 | | availabilityZones | If you want the VM placed in an Availability Zone, and the AWS region you are deploying to supports it, specify the numbers of the existing Availability Zone you want to use | `List` | ["us-east-1a"] | -| instance_count | Number of Bigip instances to create | `number` | 1 | -#### Output Variables +### Output Variables | Name | Description | |------|-------------| @@ -56,8 +59,11 @@ $ terraform destroy | public\_addresses | List of BIG-IP public addresses | | vpc\_id | VPC Id where BIG-IP Deployed | +~>**NOTE:** A local json file will get generated which contains the DO declaration +#### Steps to clone and use the module example locally +```shell +$git clone https://github.com/F5Networks/terraform-aws-bigip-module +$cd terraform-aws-bigip-module/examples/bigip_aws_iam_profile/ ``` -NOTE: A local json file will get generated which contains the DO declaration -``` \ No newline at end of file diff --git a/variables.tf b/variables.tf index c44553e..9849615 100644 --- a/variables.tf +++ b/variables.tf @@ -117,14 +117,14 @@ variable "internal_securitygroup_ids" { variable "DO_URL" { description = "URL to download the BIG-IP Declarative Onboarding module" type = string - default = "https://github.com/F5Networks/f5-declarative-onboarding/releases/download/v1.35.0/f5-declarative-onboarding-1.35.0-6.noarch.rpm" + default = "https://github.com/F5Networks/f5-declarative-onboarding/releases/download/v1.36.1/f5-declarative-onboarding-1.36.1-1.noarch.rpm" } ## Please check and update the latest AS3 URL from https://github.com/F5Networks/f5-appsvcs-extension/releases/latest # always point to a specific version in order to avoid inadvertent configuration inconsistency variable "AS3_URL" { description = "URL to download the BIG-IP Application Service Extension 3 (AS3) module" type = string - default = "https://github.com/F5Networks/f5-appsvcs-extension/releases/download/v.3.42.0/f5-appsvcs-3.42.0-5.noarch.rpm" + default = "https://github.com/F5Networks/f5-appsvcs-extension/releases/download/v3.43.0/f5-appsvcs-3.43.0-2.noarch.rpm" } ## Please check and update the latest TS URL from https://github.com/F5Networks/f5-telemetry-streaming/releases/latest @@ -140,7 +140,7 @@ variable "TS_URL" { variable "CFE_URL" { description = "URL to download the BIG-IP Cloud Failover Extension module" type = string - default = "https://github.com/F5Networks/f5-cloud-failover-extension/releases/download/v1.13.0/f5-cloud-failover-1.13.0-0.noarch.rpm" + default = "https://github.com/F5Networks/f5-cloud-failover-extension/releases/download/v1.14.0/f5-cloud-failover-1.14.0-0.noarch.rpm" } ## Please check and update the latest FAST URL from https://github.com/F5Networks/f5-appsvcs-templates/releases/latest @@ -148,14 +148,14 @@ variable "CFE_URL" { variable "FAST_URL" { description = "URL to download the BIG-IP FAST module" type = string - default = "https://github.com/F5Networks/f5-appsvcs-templates/releases/download/v1.23.0/f5-appsvcs-templates-1.23.0-1.noarch.rpm" + default = "https://github.com/F5Networks/f5-appsvcs-templates/releases/download/v1.24.0/f5-appsvcs-templates-1.24.0-1.noarch.rpm" } ## Please check and update the latest runtime init URL from https://github.com/F5Networks/f5-bigip-runtime-init/releases/latest # always point to a specific version in order to avoid inadvertent configuration inconsistency variable "INIT_URL" { description = "URL to download the BIG-IP runtime init" type = string - default = "https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/v1.5.2/dist/f5-bigip-runtime-init-1.5.2-1.gz.run" + default = "https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/v1.6.0/dist/f5-bigip-runtime-init-1.6.0-1.gz.run" } variable "libs_dir" { description = "Directory on the BIG-IP to download the A&O Toolchain into"