Merge pull request #15 from NetApp/kerenNewTF

Converted standalone code to useable module
NetApp · Jan 21, 2024 · 2b98655 · 2b98655
2 parents b3ecbc8 + b7ab16e
commit 2b98655
Show file tree

Hide file tree

Showing 5 changed files with 133 additions and 62 deletions.
diff --git a/README.md b/README.md
@@ -18,3 +18,57 @@ You may obtain a copy of the License at [apache.org/licenses/LICENSE-2.0](http:/
 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an _"AS IS"_ basis, without WARRANTIES or conditions of any kind, either express or implied.
 
 See the License for the specific language governing permissions and limitations under the License.
+
+<!-- BEGIN_TF_DOCS -->
+
+## Table of Contents
+* [Introduction](#introduction)
+* [Prerequisites](#prerequisites)
+* [Getting Started](#getting-started)
+* [Usage Examples](#usage-examples)
+* [Author Information](#author-information)
+* [License](#license)
+
+## Introduction
+
+<< place your description here >>
+
+##Prerequisites
+
+### Providers
+
+No providers.
+
+### Repository Overview
+
+### Inputs
+
+No inputs.
+
+### Outputs
+
+No outputs.
+
+## Getting Started
+
+<< place your instructions here >>
+
+## Usage Examples
+
+<< place your examples here >>
+
+## Author Information
+
+This repository is maintained by the contributors listed on [GitHub](https://github.com/NetApp/FSxN-Samples/graphs/contributors).
+
+## License
+
+Licensed under the Apache License, Version 2.0 (the "License").
+
+You may obtain a copy of the License at [apache.org/licenses/LICENSE-2.0](http://www.apache.org/licenses/LICENSE-2.0).
+
+Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an _"AS IS"_ basis, without WARRANTIES or conditions of any kind, either express or implied.
+
+See the License for the specific language governing permissions and limitations under the License.
+
+<!-- END_TF_DOCS -->
diff --git a/Terraform_samples/terraform_deployment/README.md b/Terraform_samples/terraform_deployment/README.md
@@ -1,27 +1,35 @@
 # Deploy an ONTAP FSx file-system using Terraform
-This sample demonstrates how to deploy an FSx for NetApp ONTAP file system, including an SVM and a FlexVolume in that file system, using AWS Terraform provider. 
+This is a Terraform module which creates an FSx for NetApp ONTAP file system, including an SVM, a Security-Group and a FlexVolume in that file system, using AWS Terraform provider. 
+This repo can be sourced as a terraform module.
 Follow the instructions below to use this sample in your own environment.
 
 ## Table of Contents
 * [Introduction](#introduction)
 * [Prerequisites](#prerequisites)
-* [Getting Started](#getting-started)
-* [Usage Examples](#usage-examples)
+* [Usage](#usage)
 * [Author Information](#author-information)
 * [License](#license)
 
 ## Introduction
 ### Repository Overview
-This is a standalone Terraform configutation repository that contains the following files:
-* **main.tf** - The main set of configuration for this terraform sample
+This is a Terraform module that contains the following files:
+* **main.tf** - The main set of configuration for this terraform module
 
 * **variables.tf** - Contains the variable definitions and assignments for this sample. Exported values will override any of the variables in this file. 
 
 * **output.tf** - Contains output declarations of the resources created by this Terraform module. Terraform stores output values in the configuration's state file
 
 ### What to expect
 
-Running this terraform sample will result the following:
+Running this terraform module will result the following:
+* Create a new AWS Security Group in your VPC with the following rules:
+    - **Ingress** allow all ICMP traffic
+    - **Ingress** allow nfs port 111 (both TCP and UDP)
+    - **Ingress** allow cifc TCP port 139
+    - **Ingress** allow snmp ports 161-162 (both TCP and UDP)
+    - **Ingress** allow smb cifs TCP port 445
+    - **Ingress** alloe bfs mount port 635 (both TCP and UDP)
+    - **Egress** allow all traffic
 * Create a new FSx for Netapp ONTAP file-system in your AWS account named "_terraform-fsxn_". The file-system will be created with the following configuration parameters:
     * 1024Gb of storage capacity
     * Single AZ deployment type
@@ -34,7 +42,7 @@ Running this terraform sample will result the following:
     * Auto tiering policy with 31 cooling days
 
 > [!NOTE]
-> All of the above configuration parameters can be modified for your preference by assigning your own values in the _terraform.tfvars_ file! 
+> All of the above configuration parameters can be modified for your preference by assigning your own values in the module block!
 
 ## Prerequisites
 
@@ -43,7 +51,10 @@ Running this terraform sample will result the following:
 
 ### Terraform
 
-Terraform should be installed in the server from which you are running this sample. Check out [this link](https://developer.hashicorp.com/terraform/tutorials/aws-get-started/install-cli) for installation details. 
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.6.6 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.25 |
 
 ### AWS Account Setup
 
@@ -96,62 +107,71 @@ Terraform should be installed in the server from which you are running this samp
 
 ## Usage
 
-#### 1. Clone the repository
-In your server's terminal, navigate to the location where you wish to store this Terraform repository, and clone the repository using your preferred authentication type. In this example we are using HTTPS clone:
+### Reference this module
 
-```shell 
-git clone https://github.com/NetApp/FSxN-Samples.git
-```
+Add the following module block to your root module `main.tf` file.
+Make sure to replace all values within `< >` with your own variables.
 
-#### 2. Navigate to the directory
-```shell
-cd terraform_deployment
-```
+```ruby
+module "fsxontap" {
+    source = "github.com/Netapp/FSxN-Samples/Terraform_samples/terraform_deployment"
 
-#### 3. Initialize Terraform
-This directory represents a standalone Terraform module. Run the following command to initialize the module and install all dependencies:
-```shell
-terraform init
+    vpc_id = "<YOUR-VPC-ID>"
+    fsx_subnets = {
+        "primarysub" = "<YOUR-PRIMARY-SUBNET>"
+        "secondarysub" = "<YOUR-SECONDAY-SUBNET>"
+    }
+    
+    tags = {
+        Terraform   = "true"
+        Environment = "dev"
+    }
+}
 ```
+   > [NOTE!]
+   > To Override default values assigned to other variables in this module, add them to this source block as well. The above source block includes the minimum requirements only.
 
-A succesfull initialization should display the following output:
-```shell
+### AWS provider block
 
-Initializing the backend...
+Add the AWS provider block to your root module `main.tf` file with the required configuration. For more information check [the docs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs)
 
-Initializing provider plugins...
-- Reusing previous version of hashicorp/aws from the dependency lock file
-- Using previously-installed hashicorp/aws v5.25.0
-
-Terraform has been successfully initialized!
-
-You may now begin working with Terraform. Try running "terraform plan" to see
-any changes that are required for your infrastructure. All Terraform commands
-should now work.
+Example:
+```ruby
+terraform {
+  required_providers {
+    aws = {
+      source = "hashicorp/aws"
+      version = "5.25"
+    }
+  }
+}
 
-If you ever set or change modules or backend configuration for Terraform,
-rerun this command to reinitialize your working directory. If you forget, other
-commands will detect it and remind you to do so if necessary.
+provider "aws" {
+  # Configuration options
+}
 ```
-You can see that Terraform recognizes the modules required by our configuration: `hashicorp/aws`.
 
-#### 4. Update Variables
+### Install the module
 
-Open the **`terraform.tfvars`** file in your preferred text editor. Update the values of the variables to match your preferences and save the file. This will ensure that the Terraform code deploys resources according to your specifications.
+Whenever you add a new module to a configuration, Terraform must install the module before it can be used. Both the `terraform get` and `terraform init` commands will install and update modules. The `terraform init` command will also initialize backends and install plugins.
+
+```shell
+terraform get
+Downloading git::https://github.com/Netapp/FSxN-Samples.git for fsxontap...
+- fsxontap in .terraform/modules/fsxontap/Terraform_samples/terraform_deployment
+```
 
-**Make sure to replace the values with ones that match your AWS environment and needs.**
+### Plan and Apply the cofiguration
 
-#### 5. Create a Terraform plan
-Run the following command to create an execution plan, which lets you preview the changes that Terraform plans to make to your infrastructure:
+Now that your new module is installed and configured, run the `terraform plan` command to create an execution plan, which lets you preview the changes that Terraform plans to make to your infrastructure:
 ```shell
 terraform plan
 ```
 Ensure that the proposed changes match what you expected before you apply the changes!
 
-#### 6. Apply the Terraform plan
-Run the following command to execute the Terrafom code and apply the changes proposed in the `plan` step:
+Once confirmed, run the `terraform apply` command followed by `yes` to execute the Terrafom code and apply the changes proposed in the `plan` step:
 ```shell
-terraform apply
+terraform apply -y
 ```
 
 ## Author Information

diff --git a/Terraform_samples/terraform_deployment/main.tf b/Terraform_samples/terraform_deployment/main.tf
@@ -1,20 +1,3 @@
-// TODO: Consider using aws secret manager resource to keep the created password string
-// TODO: Consider making this a module
-
-
-terraform {
-  required_providers {
-    aws = {
-      source  = "hashicorp/aws"
-      version = "5.25.0"
-    }
-  }
-
-}
-
-provider "aws" {
-  region = "us-west-2"
-}
 
 /* 
   The following resources are a Security Group followed by ingress and egress rules for FSx ONTAP. 

diff --git a/Terraform_samples/terraform_deployment/output.tf b/Terraform_samples/terraform_deployment/output.tf
@@ -1,3 +1,9 @@
+output "my_fsx_ontap_security_group_id" {
+  description = "The ID of the FSxN Security Group"
+  value       = aws_security_group.fsx_sg.id
+
+}
+
 output "my_filesystem_id" {
   description = "The ID of the FSxN Filesystem"
   value       = aws_fsx_ontap_file_system.terraform-fsxn.id

diff --git a/Terraform_samples/terraform_deployment/variables.tf b/Terraform_samples/terraform_deployment/variables.tf
@@ -54,4 +54,12 @@ variable "vol_info" {
 	  "tier_policy_name" = "AUTO"
 	  "cooling_period" = 31
    }
+}
+
+variable "tags" {
+   description = "Tags to be applied to the resources"
+   type = map
+   default = {
+      "Name" = "terraform-fsxn"
+   }
 }