Create multiple file storages
We recommend that you create resources in order. If you create all resources at once, Terraform will take into account the dependencies between resources that you specify in the configuration file. If dependencies are not specified, resources will be created in parallel, which can cause errors. For example, a resource that is required to create another resource may not have been created yet.
- Optional: configure the providers.
- Create a private network and subnet.
- Set variables for the file stores.
- Configure the storage network configuration.
- Create file stores.
- Configure file storage access rules.
Configuration files
Example file for configuring providers
terraform {
required_providers {
selectel = {
source = "selectel/selectel"
version = "~> 6.0"
}
openstack = {
source = "terraform-provider-openstack/openstack"
version = "2.1.0"
}
}
}
provider "selectel" {
domain_name = "123456"
username = "user"
password = "password"
auth_region = "ru-9"
auth_url = "https://cloud.api.selcloud.ru/identity/v3/"
}
resource "selectel_vpc_project_v2" "project_1" {
name = "project"
}
resource "selectel_iam_serviceuser_v1" "serviceuser_1" {
name = "username"
password = "password"
role {
role_name = "member"
scope = "project"
project_id = selectel_vpc_project_v2.project_1.id
}
}
provider "openstack" {
auth_url = "https://cloud.api.selcloud.ru/identity/v3"
domain_name = "123456"
tenant_id = selectel_vpc_project_v2.project_1.id
user_name = selectel_iam_serviceuser_v1.serviceuser_1.name
password = selectel_iam_serviceuser_v1.serviceuser_1.password
region = "ru-9"
}
Example file for creating three file storages
resource "openstack_networking_network_v2" "network_1" {
name = "private-network"
admin_state_up = "true"
}
resource "openstack_networking_subnet_v2" "subnet_1" {
name = "private-subnet"
network_id = openstack_networking_network_v2.network_1.id
cidr = "192.168.199.0/24"
}
variable "storages" {
default = [
{ name = "nfs-storage-1", size = 50, type="basic.ru-3a", proto="NFS", ip = "192.168.199.10" },
{ name = "nfs-storage-2", size = 100, type="fast.ru-3a", proto="NFS", ip = "192.168.199.11" },
{ name = "nfs-storage-3", size = 50, type="universal.ru-3a", proto="CIFS", ip = "192.168.199.12" },
]
}
resource "openstack_sharedfilesystem_sharenetwork_v2" "share_network" {
count = length(var.storages)
name = "share-network-${count.index}"
neutron_net_id = openstack_networking_network_v2.network_1.id
neutron_subnet_id = openstack_networking_subnet_v2.subnet_1.id
}
resource "openstack_sharedfilesystem_share_v2" "share" {
count = length(var.storages)
name = var.storages[count.index].name
share_type = var.storages[count.index].type
share_proto = var.storages[count.index].proto
size = var.storages[count.index].size
share_network_id = openstack_sharedfilesystem_sharenetwork_v2.sharenetwork.id
metadata = { ip = var.storages[count.index].ip }
}
resource "openstack_sharedfilesystem_share_access_v2" "share_access" {
count = length(var.storages)
access_level = "rw"
access_to = "0.0.0.0/0"
access_type = "ip"
share_id = openstack_sharedfilesystem_share_v2.share[count.index].id
}
1. Optional: configure providers
If you have configured Selectel and OpenStack providers, skip this step.
-
Ensure that in the Control Panel you have created a service user with the Account Administrator and User Administrator roles.
-
Create a directory to store the configuration files and a separate file with a
.tfextension to configure the providers. -
Add Selectel and OpenStack providers to the file to configure the providers:
terraform {
required_providers {
selectel = {
source = "selectel/selectel"
version = "~> 6.0"
}
openstack = {
source = "terraform-provider-openstack/openstack"
version = "2.1.0"
}
}
}Here
version—versions ofproviders. The current version can be found in Selectel (in Terraform Registry and GitHub) and OpenStack (in Terraform Registry and GitHub) documentation.Learn more about the products, services, and services that can be managed with providers in the Selectel and OpenStack Providers instruction.
-
Initialize the Selectel provider:
provider "selectel" {
domain_name = "123456"
username = "user"
password = "password"
auth_region = "ru-9"
auth_url = "https://cloud.api.selcloud.ru/identity/v3/"
}Here:
domain_name— Selectel account number. You can look it up in control panel in the upper right corner;username— username service user with the roles Account Administrator and User Administrator. Can be viewed in the control panel section Access Control → User Management → tab Service Users (the section is available only to the Account Owner and User Administrator);password— password of the service user. You can view it when creating a user or change it to a new one;auth_region— pool for exampleru-9. All resources will be created in this pool. The list of available pools can be found in the instructions Availability matrices.
-
Create a project:
resource "selectel_vpc_project_v2" "project_1" {
name = "project"
}View a detailed description of the selectel_vpc_project_v2 resource.
-
Create a service user to access the project and assign the Project Administrator role to it:
resource "selectel_iam_serviceuser_v1" "serviceuser_1" {
name = "username"
password = "password"
role {
role_name = "member"
scope = "project"
project_id = selectel_vpc_project_v2.project_1.id
}
}Here:
username— username;password— user password. The password must be no shorter than eight characters and contain Latin letters of different cases and digits;project_id— Project ID. You can view it in control panel: in the top menu click Products and select Cloud Servers → open the projects menu → in the row of the desired project, click .
View a detailed description of the selectel_iam_serviceuser_v1 resource.
-
Initialize the OpenStack provider:
provider "openstack" {
auth_url = "https://cloud.api.selcloud.ru/identity/v3"
domain_name = "123456"
tenant_id = selectel_vpc_project_v2.project_1.id
user_name = selectel_iam_serviceuser_v1.serviceuser_1.name
password = selectel_iam_serviceuser_v1.serviceuser_1.password
region = "ru-9"
}Here:
domain_name— Selectel account number. You can look it up in control panel in the upper right corner;region— pool for exampleru-9. All resources will be created in this pool. The list of available pools can be found in the instructions Availability matrices.
-
If you create resources at the same time as configuring providers, add the
depends_onargument for OpenStack resources . For example, for the resource openstack_networking_network_v2:resource "openstack_networking_network_v2" "network_1" {
name = "private-network"
admin_state_up = "true"
depends_on = [
selectel_vpc_project_v2.project_1,
selectel_iam_serviceuser_v1.serviceuser_1
]
} -
Optional: if you want to use a mirror, create a separate Terraform CLI configuration file and add a block to it:
provider_installation {
network_mirror {
url = "https://tf-proxy.selectel.ru/mirror/v1/"
include = ["registry.terraform.io/*/*"]
}
direct {
exclude = ["registry.terraform.io/*/*"]
}
}See the CLI Configuration File instructions in HashiCorp's CLI Configuration File documentation for more information on configuring mirrors.
-
Open the CLI.
-
Initialize the Terraform configuration in the directory:
terraform init -
Check that the configuration files have been compiled without errors:
terraform validate -
Format the configuration files:
terraform fmt -
Check the resources that will be created:
terraform plan -
Apply the changes and create the resources:
terraform apply -
Confirm the creation — type yes and press Enter. The created resources are displayed in the control panel.
-
If there were not enough quotas to create resources, increase the quotas.
2. Create a private network and subnet
resource "openstack_networking_network_v2" "network_1" {
name = "private-network"
admin_state_up = "true"
}
resource "openstack_networking_subnet_v2" "subnet_1" {
name = "private-subnet"
network_id = openstack_networking_network_v2.network_1.id
cidr = "192.168.199.0/24"
}
Here cidr is the CIDR of the private subnet, for example 192.168.199.0/24.
See a detailed description of the resources:
3. Set variables for file storages
Set a variable with parameters for each file store you need to create.
variable "storages" {
default = [
{ name = "nfs-storage-1", size = 50, type="basic.ru-3a", proto="NFS", ip = "192.168.199.10" },
{ name = "nfs-storage-2", size = 100, type="fast.ru-3a", proto="NFS", ip = "192.168.199.11" },
{ name = "nfs-storage-3", size = 50, type="universal.ru-3a", proto="CIFS", ip = "192.168.199.12" },
]
}
Here:
name— name of the file storage;size— file storage size in GB, e.g.50. Limitations are from 50 GB to 50 TB;type— file storage type и pool segment in the format<type>.<pool_segment>for examplebasic.ru-9a:<type>basic— HDD type Basic;universal— SSD type Universal;fast— SSD type Fast;
<pool_segment>— the pool segment where the file storage will be created, e.g.ru-9a. You can see the list of available pool segments in the instructions Availability matrices;
proto— file storage protocol:NFS— for the NFSv4 protocol;CIFS— for the CIFS SMBv3 protocol;
- optional:
ip— private IP address of the file storage, for example192.168.199.10.Once the storage is created, the IP address cannot be changed.
4. Configure storage networks
A separate openstack_sharedfilesystem_sharenetwork_v2 resource will be automatically created for each file store, even if the file stores share the same private network and subnet.
resource "openstack_sharedfilesystem_sharenetwork_v2" "share_network" {
count = length(var.storages)
name = "share-network-${count.index}"
neutron_net_id = openstack_networking_network_v2.network_1.id
neutron_subnet_id = openstack_networking_subnet_v2.subnet_1.id
}
5. Create file storages
resource "openstack_sharedfilesystem_share_v2" "share" {
count = length(var.storages)
name = var.storages[count.index].name
share_type = var.storages[count.index].type
share_proto = var.storages[count.index].proto
size = var.storages[count.index].size
share_network_id = openstack_sharedfilesystem_sharenetwork_v2.share_network[count.index].id
metadata = { ip = var.storages[count.index].ip }
}
Here:
count— the number of file storages to create. The value will be based on the number of file storages you set in the variable earlier;share_type— file storage type и pool segment in the format<type>.<pool_segment>for examplebasic.ru-9a. The value for each file store is taken from the variable you set earlier;share_proto— file store protocol. The value for each file store is taken from the variable you set earlier:NFS— for the NFSv4 protocol;CIFS— for the CIFS SMBv3 protocol;
size— file storage size in GB, e.g.50. The limits are from 50 GB to 50 TB. The value for each file store is taken from the variable that you set earlier;- optional:
metadata = {"ip": "<ip_address>"}— private IP address of the file storage, for example192.168.199.10.Once the storage is created, the IP address cannot be changed. The value for each file storage is taken from the variable you set earlier.
View the detailed resource description of openstack_sharedfilesystem_share_v2.
6. Configure access rules to file storages
resource "openstack_sharedfilesystem_share_access_v2" "share_access" {
count = length(var.storages)
access_level = "rw"
access_to = "0.0.0.0/0"
access_type = "ip"
share_id = openstack_sharedfilesystem_share_v2.share[count.index].id
}
Here:
count— number of file storages. The value will be based on the number of file storages you set in the variable earlier;access_level— access level to the storage, which depends on the protocol:- for CIFS SMBv3 —
rw(read and write); - for NFSv4 —
ro(read only) orrw(read and write);
- for CIFS SMBv3 —
access_to— The IP address or CIDR of the private subnet for which access will be granted. For example:192.168.199.10— access for IP address;192.168.199.0/24— access for the private subnet range;0.0.0.0/0— access for all addresses of the private subnet where the file storages are located. To configure file storage access for any client on the network, you can add to the resource openstack_sharedfilesystem_share_v2 linemetadata = {"access_list_allow_all": "true"}.
View a detailed description of the openstack_sharedfilesystem_share_access_v2 resource.