Skip to content

Commit

Permalink
Merge pull request #168 from oracle-quickstart/LANZ2666
Browse files Browse the repository at this point in the history 
Added Flag to deploy Non_Prod Environment
  • Loading branch information
@VinayKumar611
VinayKumar611 authored Feb 26, 2024
2 parents a199509 + 636cd38 commit 62e3999
Show file tree
Hide file tree
Showing 11 changed files with 185 additions and 49 deletions.
5 changes: 5 additions & 0 deletions templates/elz-environment/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -148,7 +148,12 @@ module "network" {
private_spoke_subnet_web_cidr_block = var.private_spoke_subnet_web_cidr_block
private_spoke_subnet_app_cidr_block = var.private_spoke_subnet_app_cidr_block
private_spoke_subnet_db_cidr_block = var.private_spoke_subnet_db_cidr_block
hub_public_subnet_dns_label = var.hub_public_subnet_dns_label
hub_private_subnet_dns_label = var.hub_private_subnet_dns_label
spoke_vcn_cidr = var.spoke_vcn_cidr
subnet_app_dns_label = var.subnet_app_dns_label
subnet_db_dns_label = var.subnet_db_dns_label
subnet_web_dns_label = var.subnet_web_dns_label
ipsec_connection_static_routes = var.ipsec_connection_static_routes
enable_vpn_or_fastconnect = var.enable_vpn_or_fastconnect
enable_vpn_on_environment = var.enable_vpn_on_environment
Expand Down
21 changes: 21 additions & 0 deletions templates/elz-environment/variables.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -226,6 +226,27 @@ variable "create_master_encryption_key" {
# Network Variables
# -----------------------------------------------------------------------------

variable "hub_public_subnet_dns_label" {
type = string
description = "Hub Public Subnet DNS Label."
}
variable "hub_private_subnet_dns_label" {
type = string
description = "Hub Private Subnet DNS Label."
}
variable "subnet_app_dns_label" {
type = string
description = "Spoke App Subnet DNS Label."
}
variable "subnet_db_dns_label" {
type = string
description = "Spoke DB Subnet DNS Label."
}
variable "subnet_web_dns_label" {
type = string
description = "Spoke Web Subnet DNS Label."
}

variable "enable_internet_gateway_hub" {
type = string
description = "Option to enable true and Disable false."
Expand Down
15 changes: 5 additions & 10 deletions templates/elz-network/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,10 +14,8 @@ locals {
vcn-hub-info = {
hub_public_subnet_display_name = "OCI-ELZ-SUB-${var.environment_prefix}-HUB-${local.region_key[0]}001"
hub_public_subnet_description = "Hub Public Subnet"
hub_public_subnet_dns_label = "publabel"
hub_private_subnet_display_name = "OCI-ELZ-SUB-${var.environment_prefix}-HUB-${local.region_key[0]}002"
hub_private_subnet_description = "Hub Private Subnet"
hub_private_subnet_dns_label = "prilabel"
hub_security_list_display_name = "OCI-ELZ-${var.environment_prefix}-Hub-Security-List"
igw_gateway_display_name = "OCI-ELZ-IGW-${var.environment_prefix}-HUB"
nat_gateway_display_name = "OCI-ELZ-NGW-${var.environment_prefix}-HUB"
Expand Down Expand Up @@ -56,10 +54,10 @@ module "hub" {
hub_vcn_dns_label = local.vcn_hub.dns_label
hub_public_subnet_display_name = local.vcn-hub-info.hub_public_subnet_display_name
hub_public_subnet_description = local.vcn-hub-info.hub_public_subnet_description
hub_public_subnet_dns_label = local.vcn-hub-info.hub_public_subnet_dns_label
hub_public_subnet_dns_label = var.hub_public_subnet_dns_label
hub_private_subnet_display_name = local.vcn-hub-info.hub_private_subnet_display_name
hub_private_subnet_description = local.vcn-hub-info.hub_private_subnet_description
hub_private_subnet_dns_label = local.vcn-hub-info.hub_private_subnet_dns_label
hub_private_subnet_dns_label = var.hub_private_subnet_dns_label
igw_gateway_display_name = local.vcn-hub-info.igw_gateway_display_name
nat_gateway_display_name = local.vcn-hub-info.nat_gateway_display_name
srv_gateway_display_name = local.vcn-hub-info.srv_gateway_display_name
Expand Down Expand Up @@ -94,9 +92,6 @@ locals {
route_table_display_name = "OCI-ELZ-RTPRV-${var.environment_prefix}-SPK001"
nat_gateway_display_name = "OCI-ELZ-NGW-${var.environment_prefix}-SPK"
service_gateway_display_name = "OCI-ELZ-SGW-${var.environment_prefix}-SPK"
subnet_app_dns_label = "appdnslabel"
subnet_db_dns_label = "dbdnslabel"
subnet_web_dns_label = "webdnslabel"
subnet_web_display_name = "OCI-ELZ-SUB-${var.environment_prefix}-SPK-${local.region_key[0]}001"
subnet_app_display_name = "OCI-ELZ-SUB-${var.environment_prefix}-SPK-${local.region_key[0]}002"
subnet_db_display_name = "OCI-ELZ-SUB-${var.environment_prefix}-SPK-${local.region_key[0]}003"
Expand Down Expand Up @@ -124,13 +119,13 @@ module "spoke" {
workload_compartment_id = var.workload_compartment_id
workload_private_spoke_subnet_app_cidr_block = var.private_spoke_subnet_app_cidr_block
workload_private_spoke_subnet_app_display_name = local.vcn-spoke-info.subnet_app_display_name
workload_private_spoke_subnet_app_dns_label = local.vcn-spoke-info.subnet_app_dns_label
workload_private_spoke_subnet_app_dns_label = var.subnet_app_dns_label
workload_private_spoke_subnet_db_cidr_block = var.private_spoke_subnet_db_cidr_block
workload_private_spoke_subnet_db_display_name = local.vcn-spoke-info.subnet_db_display_name
workload_private_spoke_subnet_db_dns_label = local.vcn-spoke-info.subnet_db_dns_label
workload_private_spoke_subnet_db_dns_label = var.subnet_db_dns_label
workload_private_spoke_subnet_web_cidr_block = var.private_spoke_subnet_web_cidr_block
workload_private_spoke_subnet_web_display_name = local.vcn-spoke-info.subnet_web_display_name
workload_private_spoke_subnet_web_dns_label = local.vcn-spoke-info.subnet_web_dns_label
workload_private_spoke_subnet_web_dns_label = var.subnet_web_dns_label
workload_spoke_vcn_cidr = var.spoke_vcn_cidr
enable_vpn_or_fastconnect = var.enable_vpn_or_fastconnect
enable_vpn_on_environment = var.enable_vpn_on_environment
Expand Down
22 changes: 22 additions & 0 deletions templates/elz-network/variables.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -135,6 +135,28 @@ variable "add_ssh_to_security_list" {
default = false
}

variable "hub_public_subnet_dns_label" {
type = string
description = "Hub Public Subnet DNS Label."
}
variable "hub_private_subnet_dns_label" {
type = string
description = "Hub Private Subnet DNS Label."
}
variable "subnet_app_dns_label" {
type = string
description = "Spoke App Subnet DNS Label."
}
variable "subnet_db_dns_label" {
type = string
description = "Spoke DB Subnet DNS Label."
}
variable "subnet_web_dns_label" {
type = string
description = "Spoke Web Subnet DNS Label."
}


# -----------------------------------------------------------------------------
# VPN Variables
# -----------------------------------------------------------------------------
Expand Down
14 changes: 7 additions & 7 deletions templates/enterprise-landing-zone/backup-main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -112,11 +112,11 @@ module "backup_prod_environment" {

module "backup_nonprod_environment" {
source = "../elz-backup/elz-backup-environment"
count = var.enable_landing_zone_replication ? 1 : 0
count = var.enable_landing_zone_replication && var.is_nonprod_env_deploy ? 1 : 0

environment_prefix = local.nonprod_environment.environment_prefix
spoke_vcn_cidr = var.backup_nonprod_workload_cidr
workload_compartment_id = module.nonprod_environment.workload_compartment_id
workload_compartment_id = module.nonprod_environment[0].workload_compartment_id
backup_region = var.backup_region
tenancy_ocid = var.tenancy_ocid
region = var.region
Expand All @@ -127,7 +127,7 @@ module "backup_nonprod_environment" {
igw_hub_check = var.backup_igw_hub_check
nat_gw_hub_check = var.backup_nat_gw_hub_check
service_gw_hub_check = var.backup_service_gw_hub_check
network_compartment_id = module.nonprod_environment.compartment.network.id
network_compartment_id = module.nonprod_environment[0].compartment.network.id
vcn_cidr_block = var.backup_nonprod_hub_vcn_cidr_block
public_subnet_cidr_block = var.backup_nonprod_public_subnet_cidr_block
private_subnet_cidr_block = var.backup_nonprod_private_subnet_cidr_block
Expand All @@ -152,17 +152,17 @@ module "backup_nonprod_environment" {
enable_replication = var.backup_nonprod_vault_enable_replication
replica_region = var.backup_nonprod_vault_replica_region
resource_label = var.resource_label
security_compartment_id = module.nonprod_environment.compartment.security.id
security_compartment_id = module.nonprod_environment[0].compartment.security.id
vault_type = var.backup_nonprod_vault_type
home_compartment_id = module.home_compartment.compartment_id

home_compartment_name = var.home_compartment_name
logging_compartment_id = module.nonprod_environment.compartment.logging.id
logging_compartment_id = module.nonprod_environment[0].compartment.logging.id
retention_policy_duration_amount = var.backup_nonprod_retention_policy_duration_amount
retention_policy_duration_time_unit = var.backup_nonprod_retention_policy_duration_time_unit

bastion_client_cidr_block_allow_list = var.backup_nonprod_bastion_client_cidr_block_allow_list
environment_compartment_id = module.nonprod_environment.compartment.environment.id
environment_compartment_id = module.nonprod_environment[0].compartment.environment.id

is_create_alarms = var.is_create_alarms_backup
network_topic_endpoints = var.nonprod_network_topic_endpoints_backup
Expand Down Expand Up @@ -206,7 +206,7 @@ module "backup_nonprod_environment" {
enable_fastconnect_on_environment = var.backup_nonprod_enable_fastconnect
customer_onprem_ip_cidr = var.backup_customer_onprem_ip_cidr

depends_on = [module.nonprod_environment]
depends_on = [module.nonprod_environment[0]]

providers = {
oci = oci
Expand Down
15 changes: 13 additions & 2 deletions templates/enterprise-landing-zone/environment.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -101,6 +101,11 @@ module "prod_environment" {
private_spoke_subnet_web_cidr_block = var.prod_spoke_subnet_web_cidr_block
private_spoke_subnet_app_cidr_block = var.prod_spoke_subnet_app_cidr_block
private_spoke_subnet_db_cidr_block = var.prod_spoke_subnet_db_cidr_block
hub_public_subnet_dns_label = var.prod_hub_public_subnet_dns_label
hub_private_subnet_dns_label = var.prod_hub_private_subnet_dns_label
subnet_app_dns_label = var.prod_subnet_app_dns_label
subnet_db_dns_label = var.prod_subnet_db_dns_label
subnet_web_dns_label = var.prod_subnet_web_dns_label

enable_network_firewall = var.enable_network_firewall_prod
enable_traffic_threat_log = var.enable_traffic_threat_log_prod
Expand Down Expand Up @@ -190,7 +195,8 @@ locals {
}

module "nonprod_environment" {
source = "../elz-environment"
count = var.is_nonprod_env_deploy ? 1 : 0
source = "../elz-environment"

tenancy_ocid = var.tenancy_ocid
region = var.region
Expand Down Expand Up @@ -275,6 +281,11 @@ module "nonprod_environment" {
private_spoke_subnet_web_cidr_block = var.nonprod_spoke_subnet_web_cidr_block
private_spoke_subnet_app_cidr_block = var.nonprod_spoke_subnet_app_cidr_block
private_spoke_subnet_db_cidr_block = var.nonprod_spoke_subnet_db_cidr_block
hub_public_subnet_dns_label = var.nonprod_hub_public_subnet_dns_label
hub_private_subnet_dns_label = var.nonprod_hub_private_subnet_dns_label
subnet_app_dns_label = var.nonprod_subnet_app_dns_label
subnet_db_dns_label = var.nonprod_subnet_db_dns_label
subnet_web_dns_label = var.nonprod_subnet_web_dns_label

enable_network_firewall = var.enable_network_firewall_nonprod
enable_traffic_threat_log = var.enable_traffic_threat_log_nonprod
Expand Down Expand Up @@ -309,7 +320,7 @@ module "nonprod_environment" {
enable_workload_monitoring_alarms = var.nonprod_enable_workload_monitoring_alarms
enable_datasafe = var.enable_datasafe

#workload_compartment_id = module.nonprod_environment.workload_compartment_id
#workload_compartment_id = module.nonprod_environment[0].workload_compartment_id

remote_peering_connection_peer_id = var.enable_vpn_or_fastconnect == "FASTCONNECT" ? module.prod_environment.rpc_id : null
remote_peering_connection_peer_region_name = var.region
Expand Down
11 changes: 11 additions & 0 deletions templates/enterprise-landing-zone/example.tfvars
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ resource_label = "DEMO"
prod_domain_admin_email = "an-example-email-address@oracle.com"
nonprod_domain_admin_email = "an-example-email-address@oracle.com"
enable_compartment_delete = false
is_nonprod_env_deploy = true

# security
enable_cloud_guard = true
Expand Down Expand Up @@ -60,20 +61,30 @@ nonprod_enable_service_gateway_spoke = "true"
prod_hub_vcn_cidr_block = "10.1.0.0/16"
prod_hub_public_subnet_cidr_block = "10.1.1.0/24"
prod_hub_private_subnet_cidr_block = "10.1.2.0/24"
prod_hub_public_subnet_dns_label = "ppublabel"
prod_hub_private_subnet_dns_label = "prilabel"

prod_spoke_vcn_cidr = "10.2.0.0/16"
prod_spoke_subnet_web_cidr_block = "10.2.1.0/24"
prod_spoke_subnet_app_cidr_block = "10.2.2.0/24"
prod_spoke_subnet_db_cidr_block = "10.2.3.0/24"
prod_subnet_app_dns_label = "papplabel"
prod_subnet_db_dns_label = "pdblabel"
prod_subnet_web_dns_label = "pweblabel"

nonprod_hub_vcn_cidr_block = "10.3.0.0/16"
nonprod_hub_public_subnet_cidr_block = "10.3.1.0/24"
nonprod_hub_private_subnet_cidr_block = "10.3.2.0/24"
nonprod_hub_public_subnet_dns_label = "npublabel"
nonprod_hub_private_subnet_dns_label = "nprilabel"

nonprod_spoke_vcn_cidr = "10.4.0.0/16"
nonprod_spoke_subnet_web_cidr_block = "10.4.1.0/24"
nonprod_spoke_subnet_app_cidr_block = "10.4.2.0/24"
nonprod_spoke_subnet_db_cidr_block = "10.4.3.0/24"
nonprod_subnet_app_dns_label = "napplabel"
nonprod_subnet_db_dns_label = "ndblabel"
nonprod_subnet_web_dns_label = "nweblabel"

# Tagging
prod_enable_tagging = true
Expand Down
Loading

0 comments on commit 62e3999

Please sign in to comment.