Stage VM's for CA development

2021-04-04 20:32:28 +02:00 · 2021-04-04 20:32:28 +02:00 · 4da89c8155
commit 4da89c8155
parent cb570a281a
3 changed files with 139 additions and 1 deletions
--- a/terraform/CA01.tf
+++ b/terraform/CA01.tf
@ -0,0 +1,66 @@
+data "vsphere_ovf_vm_template" "ovf-rootca" {
+  name                   = "ovf-rootca"
+  resource_pool_id       = data.vsphere_resource_pool.pool.id
+  datastore_id           = data.vsphere_datastore.datastore.id
+  host_system_id         = data.vsphere_host.host.id
+
+  # remote_ovf_url         = "https://${var.repo_username}:${var.repo_password}@sn.itch.fyi/Repository/rel/ADCS-appliance.ova"
+  # deployment_option      = "standalone-root"
+  remote_ovf_url         = "https://${var.repo_username}:${var.repo_password}@sn.itch.fyi/Repository/rel/Windows-Server-2019-LTSC.ova"
+  deployment_option      = "standalone"
+}
+
+resource "vsphere_virtual_machine" "vm-srv" {
+  name                   = "TF-CA01"
+
+  num_cpus               = var.vm_numcpu
+  memory                 = var.vm_memory
+
+  datacenter_id          = data.vsphere_datacenter.dc.id
+  folder                 = var.hv_vmfolder
+
+  guest_id               = data.vsphere_ovf_vm_template.ovf-rootca.guest_id
+  resource_pool_id       = data.vsphere_ovf_vm_template.ovf-rootca.resource_pool_id
+  datastore_id           = data.vsphere_ovf_vm_template.ovf-rootca.datastore_id
+  host_system_id         = data.vsphere_ovf_vm_template.ovf-rootca.host_system_id
+
+  network_interface {
+    network_id           = data.vsphere_network.network.id
+  }
+
+  disk {
+    label                = "disk0"
+    unit_number          = 0
+    size                 = 40
+    thin_provisioned     = true
+  }
+  disk {
+    label                = "disk1"
+    unit_number          = 1
+    size                 = 25
+    thin_provisioned     = true
+  }
+
+  ovf_deploy {
+    remote_ovf_url       = data.vsphere_ovf_vm_template.ovf-rootca.remote_ovf_url
+    deployment_option    = data.vsphere_ovf_vm_template.ovf-rootca.deployment_option
+  }
+
+  vapp {
+    properties = {
+      "guestinfo.hostname"        = "TF-CA01"
+      "guestinfo.ipaddress"       = "10.0.0.22"
+      "guestinfo.prefixlength"    = "24"
+      "guestinfo.dnsserver"       = "10.0.0.21"
+      "guestinfo.gateway"         = "10.0.0.1"
+
+      "guestinfo.administratorpw" = var.adds_domainname
+      "guestinfo.ntpserver"       = var.adds_ntpserver
+    }
+  }
+
+  # # This does not actually achieve protection from destruction, see https://github.com/hashicorp/terraform/issues/17599
+  # lifecycle {
+  #   prevent_destroy = true
+  # }
+}
--- a/terraform/CA02.tf
+++ b/terraform/CA02.tf
@ -0,0 +1,72 @@
+data "vsphere_ovf_vm_template" "ovf-intermediateca" {
+  name                   = "ovf-intermediateca"
+  resource_pool_id       = data.vsphere_resource_pool.pool.id
+  datastore_id           = data.vsphere_datastore.datastore.id
+  host_system_id         = data.vsphere_host.host.id
+
+  # remote_ovf_url         = "https://${var.repo_username}:${var.repo_password}@sn.itch.fyi/Repository/rel/ADCS-appliance.ova"
+  # deployment_option      = "enterprise-intermediate"
+  remote_ovf_url         = "https://${var.repo_username}:${var.repo_password}@sn.itch.fyi/Repository/rel/Windows-Server-2019-LTSC.ova"
+  deployment_option      = "domainmember"
+}
+
+resource "vsphere_virtual_machine" "vm-intermediateca" {
+  name                   = "TF-CA02"
+
+  num_cpus               = var.vm_numcpu
+  memory                 = var.vm_memory
+
+  datacenter_id          = data.vsphere_datacenter.dc.id
+  folder                 = var.hv_vmfolder
+
+  guest_id               = data.vsphere_ovf_vm_template.ovf-intermediateca.guest_id
+  resource_pool_id       = data.vsphere_ovf_vm_template.ovf-intermediateca.resource_pool_id
+  datastore_id           = data.vsphere_ovf_vm_template.ovf-intermediateca.datastore_id
+  host_system_id         = data.vsphere_ovf_vm_template.ovf-intermediateca.host_system_id
+
+  network_interface {
+    network_id           = data.vsphere_network.network.id
+  }
+
+  disk {
+    label                = "disk0"
+    unit_number          = 0
+    size                 = 40
+    thin_provisioned     = true
+  }
+  disk {
+    label                = "disk1"
+    unit_number          = 1
+    size                 = 25
+    thin_provisioned     = true
+  }
+
+  ovf_deploy {
+    remote_ovf_url       = data.vsphere_ovf_vm_template.ovf-intermediateca.remote_ovf_url
+    deployment_option    = data.vsphere_ovf_vm_template.ovf-intermediateca.deployment_option
+  }
+
+  vapp {
+    properties = {
+      "guestinfo.hostname"     = "TF-CA02"
+      "guestinfo.ipaddress"    = "10.0.0.23"
+      "guestinfo.prefixlength" = "24"
+      "guestinfo.dnsserver"    = "10.0.0.21"
+      "guestinfo.gateway"      = "10.0.0.1"
+
+      "addsconfig.domainname"  = var.adds_domainname
+      "addsconfig.username"    = var.adds_username
+      "addsconfig.password"    = var.adds_password
+    }
+  }
+
+  depends_on = [
+    vsphere_virtual_machine.vm-dc,
+    vsphere_virtual_machine.vm-rootca
+  ]
+
+  # # This does not actually achieve protection from destruction, see https://github.com/hashicorp/terraform/issues/17599
+  # lifecycle {
+  #   prevent_destroy = true
+  # }
+}
--- a/terraform/vsphere.tfvars
+++ b/terraform/vsphere.tfvars
@ -3,6 +3,6 @@ hv_username       = "administrator@vsphere.local"
 hv_datacenter     = "DeSchakel"
 hv_host           = "bv11-esx.bessems.lan"
 hv_hostip         = "192.168.11.200"
-hv_datastore      = "Datastore04.NAS"
+hv_datastore      = "Datastore05.NAS"
 hv_vmfolder       = "/Terraform"
 hv_network        = "Staging"