add terraform script for openstack for flex vm license

Change-Id: Id4a7c331924e265de4425d79248df8fc1739a620

openstack/6.4/single/README.md

@@ -0,0 +1,59 @@
+# Deployment of a FortiGate-VM on the Openstack
+## Introduction
+A Terraform script to deploy FortiGate-VM on Openstack
+
+## Requirements
+* [Terraform](https://learn.hashicorp.com/terraform/getting-started/install.html) >= 0.13.0
+* Terraform Provider Openstack >= 1.31.0
+* FortiGate-VM Flex VM token license
+
+## Deployment overview
+Terraform deploys the following components:
+ - FortiGate-VM instance(s) with two NICS
+
+## Deployment
+To deploy the FortiGate-VM to OCI:
+1. Clone the repository.
+2. Customize variables in the `terraform.tfvars` and `variables.tf` file as needed.
+3. Initialize the providers and modules:
+ ```sh
+ $ cd XXXXX
+ $ terraform init
+ ```
+4. Submit the Terraform plan:
+ ```sh
+ $ terraform plan
+ ```
+5. Verify output.
+6. Confirm and apply the plan:
+ ```sh
+ $ terraform apply
+ ```
+7. If output is satisfactory, type `yes`.
+
+Output will include the information necessary to log in to the FortiGate-VM instances:
+```sh
+Outputs:
+
+Default_Password = <default password>
+Default_Username = admin
+IP_Address = {
+ "<instance name>" = "<instance ipv4 address>"
+ :
+}
+
+## Destroy the instance
+To destroy the instance, use the command:
+```sh
+$ terraform destroy
+```
+
+# Support
+Fortinet-provided scripts in this and other GitHub projects do not fall under the regular Fortinet technical support scope and are not supported by FortiCare Support Services.
+For direct issues, please refer to the [Issues](https://github.com/fortinet/fortigate-terraform-deploy/issues) tab of this GitHub project.
+For other questions related to this project, contact [[email protected]](mailto:[email protected]).
+
+## License
+[License](https://github.com/fortinet/fortigate-terraform-deploy/blob/master/LICENSE) © Fortinet Technologies. All rights reserved.
+
+

openstack/6.4/single/fgt.tf

@@ -0,0 +1,25 @@
+resource "openstack_compute_instance_v2" "fgt" {
+ for_each = var.flextoken
+ name = each.value.name
+ image_id = var.image_id
+ flavor_id = var.flavor_id
+ security_groups = ["${var.security_group}"]
+ availability_zone = "nova"
+ user_data = file("${var.boostrap_file}")
+ config_drive = "true"
+
+ // For FGTVM license file
+ // For Flex VM, uses License-Token
+ personality {
+ file = "/content/0000"
+ content = each.value.token
+
+ }
+ network {
+ name = var.unprotect_network
+ }
+
+ network {
+ name = var.protect_network
+ }
+}

openstack/6.4/single/output.tf

@@ -0,0 +1,16 @@
+// Default Username and Password
+output "Default_Username" {
+ value = "admin"
+}
+
+output "Default_Password" {
+ value = ""
+}
+
+// Instance access IPv4 address
+output "IP_Address" {
+ value = {
+ for instance in openstack_compute_instance_v2.fgt :
+ instance.name => instance.access_ip_v4
+ }
+}

openstack/6.4/single/provider.tf

@@ -0,0 +1,8 @@
+provider "openstack" {
+ user_name = var.user_name
+ password = var.password
+ auth_url = var.auth_url
+ user_domain_name = var.user_domain_name
+ region = var.region
+ tenant_name = var.tenant_name
+}

openstack/6.4/single/terraform.tfvars

@@ -0,0 +1,7 @@
+// Change to your own variables
+user_name = "<user name>"
+password = "<user password>"
+auth_url = "<auth url>"
+user_domain_name = "<domain name>"
+region = "<region>"
+tenant_name = "<tenant>"

openstack/6.4/single/variables.tf

@@ -0,0 +1,58 @@
+variable "user_name" {}
+variable "password" {}
+variable "auth_url" {}
+variable "user_domain_name" {}
+variable "region" {}
+variable "tenant_name" {}
+
+// FGTVM image id
+variable "image_id" {
+ default = "<FGT Image ID>"
+}
+
+// Flavor ID
+variable "flavor_id" {
+ default = "<flavor id>"
+}
+
+// Bootstrap FGT configuration file
+variable "boostrap_file" {
+ default = "userdata.txt"
+}
+
+// network for port1
+variable "unprotect_network" {
+ default = "<openstack network name>"
+}
+
+// network for port2
+variable "protect_network" {
+ default = "<openstack network name>"
+}
+
+// security group
+variable "security_group" {
+ default = "<openstack security group>"
+}
+
+// Flex VM token
+// token variable needs to follow this format
+// LICENSE-TOKEN:<TOKEN>
+// One token per instance
+// To add more instances with new token
+// "second" = {
+// "name" = "<fgt name>",
+// "token" = "LICENSE-TOKEN: <Flex VM token>"
+// }
+variable "flextoken" {
+ default = {
+ "first" = {
+ "name" = "fgt-first",
+ "token" = "LICENSE-TOKEN:XXXXXXXXXXX"
+ },
+ "second" = {
+ "name" = "fgt-second",
+ "token" = "LICENSE-TOKEN:XXXXXXXXXXX"
+ }
+ }
+}

openstack/6.4/single/versions.tf

@@ -0,0 +1,8 @@
+terraform {
+ required_providers {
+ openstack = {
+ source = "terraform-providers/openstack"
+ }
+ }
+ required_version = ">= 0.13"
+}