Infrastructure as Code - OpenStack

OpenTofu configuration for deploying infrastructure on SWITCHengines via OpenStack.

Project Structure

├── main.tf                 # Root configuration
├── variables.tf            # Root variables
├── outputs.tf              # Root outputs
└── modules/
    ├── networking/         # Security groups, ports, floating IPs
    ├── compute/            # Compute instances
    ├── storage/            # Block storage volumes
    └── cloud-init/         # Cloud-init configuration

Setup

1. OpenStack Configuration

Copy and configure OpenStack credentials:

cp clouds.example.yaml ~/.config/openstack/clouds.yaml

Edit the file with credentials.

2. Terraform Variables

Copy and configure variables:

cp /examples/terraform.example.tfvars terraform.tfvars

Edit terraform.tfvars to customize the setup.

3. GitLab Authentication

Install and authenticate with GitLab CLI:

glab auth login

Select GitLab FHNW instance when prompted.

4. Initialize with GitLab State Backend

glab opentofu init -R 'spd/module/pcls/hs25/hs25-group06/iac-infra' 'default'

This automatically configures the remote state backend using your GitLab credentials.

Usage

Deploy Root Configuration

tofu plan      # Show planned changes
tofu apply     # Apply changes
tofu destroy   # Destroy infrastructure

Architecture

This IaC setup provisions only the infrastructure for the application. The infrastructure includes:

• Compute: Creates the instance
• Networking: Configures security groups, network ports, and floating IPs.
• Storage: Provisions block storage volumes for persistent data
• Cloud-init Configuration: Sets up users, base packages and mounts volume

The application itself is deployed and managed separately using Ansible.