Skip to content

azure: support Hub/Spoke network architecture and add Fortinet deployment#763

Draft
yeoldegrove wants to merge 162 commits intoSUSE:developfrom
Project-Mayerhofen:mayerhofen
Draft

azure: support Hub/Spoke network architecture and add Fortinet deployment#763
yeoldegrove wants to merge 162 commits intoSUSE:developfrom
Project-Mayerhofen:mayerhofen

Conversation

@yeoldegrove
Copy link
Collaborator

@yeoldegrove yeoldegrove commented Sep 29, 2021
edited
Loading

Hub/Spoke Architecture

This adds support for Microsoft Azure's Hub/Spoke Architecture.
It does so by implementing a new variable network_topologywhich is set to plain(current setup) by default.
The new variable executes different terraform modules called network_{plain,hub,spoke} which implement the different network scenarios.
If network_topology="hub_spoke" is set, the new hub/spoke scenario is deployed.

A refernce to "Use Hub/Spoke network architecture" is in README.md and examples (to just uncomment) are in terraform.tfvars.

e.g.

plain network (default/current setup)

The plain network is still the default.

# no need to set this, as this is already the default.
network_topology = "plain"

create hub + spoke network

To create both Hub/Spoke networks and a bastion host, set this in terraform.tfvars:

network_topology = "hub_spoke"                        # set network topology
vnet_hub_create = true                                # create hub vnet
bastion_enabled = true                                # deployment of bastion host
spoke_name = "sap-1"                                  # name for spoke to create

existing hub + create spoke network

To use an existing Hub network and bastion host and only deploy the Spoke network, set this in terraform.tfvars:

network_topology = "hub_spoke"                        # set network topology
vnet_hub_create = false                               # do not create hub vnet
vnet_hub_name = "myhubnet"                            # name of existing hub vnet
bastion_enabled = false                               # disable deployment of bastion host
bastion_host = "X.X.X.X"                              # public IP of existing bastion host in hub network
spoke_name = "sap-2"                                  # name for spoke to create

Fortinet Deployment

arbulu89
arbulu89 requested changes Sep 29, 2021
View reviewed changes
Copy link
Collaborator

@arbulu89 arbulu89 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Many many comments.
I just checked the logic of the new code. I didn't check whether the terraform usage of the new components is correct or not, as it is pretty complex.

In any case, I miss some documentation in the terraform.tfvars.example file. This is the file most people use rather than the README file

arbulu89
arbulu89 reviewed Oct 6, 2021
View reviewed changes
@yeoldegrove yeoldegrove marked this pull request as draft October 12, 2021 15:00
@yeoldegrove yeoldegrove force-pushed the mayerhofen branch 2 times, most recently from cab6969 to da84d5c Compare November 11, 2021 12:49
yeoldegrove and others added 22 commits January 24, 2022 09:20
@yeoldegrove
azure: Support Hub/Spoke architecture
c8fdf72
@yeoldegrove
azure: add a tag "role" (matching the salt role) to every virtual mac…
387bc8d 
…hine
@yeoldegrove
remove old comments and unneeded variables
b511115
@yeoldegrove
fix vnet_name variable
641d849
@yeoldegrove
azure: be able to use different resource group for hub network
e37aa0d
@yeoldegrove
update variable descriptions
c90b3b5
@yeoldegrove
terraform fmt
9a3a198
@yeoldegrove
azure: move hub+spoke examples to terraform.tfvars
90d28e9
@yeoldegrove
azure: fix hana role tag
d9d369c
@movinalot @yeoldegrove
fortinet fortigate initial commit
45d0fee
@yeoldegrove
azure: add initial ANF (Azure Netapp Files) shared storage support
581b441
@yeoldegrove
add hana_scale_out_enabled variable to be able to disable shared storage
431b24f
@yeoldegrove
forward port latest changes from SUSE:develop
0d21a7a
@yeoldegrove
terraform fmt
045f76b
@yeoldegrove
azure: add possibility to use remote state
ef66c9d
@movinalot @yeoldegrove
added fortigate networking and lb
e4b4cb6
@movinalot @yeoldegrove
add fortigate vm deployment
b4832a0
@movinalot @yeoldegrove
variable additions and fortiadc vm initial setup
30315ff
@movinalot @yeoldegrove
fortiadc updates
c7b3832
@movinalot @yeoldegrove
add route tables, routes and subnet associations
061d5ac
@movinalot @yeoldegrove
change from list to maps for subnets
951d36e
@movinalot @yeoldegrove
add internal trusted subnet
ea433c6
yeoldegrove and others added 30 commits February 9, 2022 13:55
@yeoldegrove
remove "my" resources prefix
13da683
@yeoldegrove
rename *.tf files to match naming convention
03b280c
@yeoldegrove
remove unneeded number in resource name
c530015
@yeoldegrove
remove useless count
37e46fe
@yeoldegrove
corrections to descriptions
f31fd06
@yeoldegrove
Merge branch 'develop-mayerhofen' of ssh://github.com/Project-Mayerho…
91cb883 
…fen/ha-sap-terraform-deployments into mayerhofen
@yeoldegrove
Merge branch 'develop-mayerhofen' of ssh://github.com/Project-Mayerho…
354786b 
…fen/ha-sap-terraform-deployments into develop-mayerhofen
@yeoldegrove
Merge branch 'develop' of ssh://github.com/Project-Mayerhofen/ha-sap-…
5c3b4f7 
…terraform-deployments into develop-mayerhofen
@yeoldegrove
Merge branch 'develop' of ssh://github.com/Project-Mayerhofen/ha-sap-…
a6be735 
…terraform-deployments into mayerhofen
@yeoldegrove
azure: update default os_image to SLES15-SP3
bdd458e
@yeoldegrove
azure: change fortigate deployment to be byol by default
f28ae36
@yeoldegrove
azure: update default os_image to SLES15-SP3
caee0ad
@yeoldegrove
azure: change fortigate deployment to be byol by default
75ff989
@movinalot
set fortigate payg defaults
ab2a76c
@yeoldegrove
Merge branch 'develop-mayerhofen' of ssh://github.com/Project-Mayerho…
73280ff 
…fen/ha-sap-terraform-deployments into mayerhofen
@yeoldegrove
raise registercloudguest/SUSEConnect retries
754e778
@yeoldegrove
Merge branch 'develop-mayerhofen' into mayerhofen
49b65e7
@yeoldegrove
Merge branch 'develop' of ssh://github.com/Project-Mayerhofen/ha-sap-…
a574b42 
…terraform-deployments into develop-mayerhofen
@yeoldegrove
update azure/.terraform.lock.hcl
cd1e543
@yeoldegrove
terraform fmt
c384249
@yeoldegrove
Merge branch 'develop-mayerhofen' into mayerhofen
946d9bd
@movinalot
update deprecated load balacing rule attribute
2318f16
@movinalot
more granular firewall policies
40e7482
@movinalot
update availability_set name to match SUSE style
d302e24
@movinalot
fix terraform formatting and spelling error
a0745b9
@movinalot
remove deprecated attributes
90cd277
@movinalot
terraform fmt
8acf55b
@movinalot
add support for sap gui policy and service
00c761a
@movinalot
add support for sap gui policy and service
4bd7d8e
@yeoldegrove
Merge pull request #3 from Project-Mayerhofen/develop-mayerhofen
bb1fa55 
Develop mayerhofen
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@arbulu89 arbulu89 arbulu89 requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@yeoldegrove @arbulu89 @movinalot