Terraform を使い、AWS Marketplace から Cisco Catalyst 8000V Edge Software - BYOL をデプロイする .tf ファイルのサンプルをメモしておきます。
構成図
Catalyst 8000V は 17.09.01a (ap-northeast-1 での AMI ID は ami-0d8d61e501acd56c3) を利用しました。 構成は以下の通りです。
.tf ファイルのサンプル
Catalyst 8000V のデフォルトユーザ名は ec2-user です。 この .tf ファイルでデプロイした後は登録した公開鍵と対になる秘密鍵とユーザ名 ec2-user で SSH ログインします。 下記の例では VPC Default Security Group を全アドレス (0.0.0.0/0) から許可している為、必要に応じて修正・制限が必要と思われます。
variable "prefix" { default = "TEST_" }
provider "aws" {
access_key = "ACCESS-KEY"
secret_key = "SECRET-KEY
region = "ap-northeast-1"
}
# VPC
resource "aws_vpc" "vpc1" {
cidr_block = "10.0.0.0/16"
tags = { Name = "${var.prefix}VPC" }
}
# Internet Gateway
resource "aws_internet_gateway" "igw1" {
tags = { Name = "${var.prefix}igw1" }
vpc_id = aws_vpc.vpc1.id
}
# Route Table
resource "aws_route_table" "rtb1" {
vpc_id = aws_vpc.vpc1.id
tags = { Name = "${var.prefix}RouteTable1" }
}
resource "aws_route_table_association" "rtb_association1" {
route_table_id = aws_route_table.rtb1.id
subnet_id = aws_subnet.subnet1.id
}
resource "aws_route" "route1" {
destination_cidr_block = "0.0.0.0/0"
gateway_id = aws_internet_gateway.igw1.id
route_table_id = aws_route_table.rtb1.id
}
resource "aws_route_table" "rtb2" {
vpc_id = aws_vpc.vpc1.id
tags = { Name = "${var.prefix}RouteTable2" }
}
resource "aws_route_table_association" "rtb_association2" {
route_table_id = aws_route_table.rtb2.id
subnet_id = aws_subnet.subnet2.id
}
# Subnet
resource "aws_subnet" "subnet1" {
availability_zone = "ap-northeast-1a"
cidr_block = "10.0.1.0/24"
tags = { Name = "${var.prefix}Subnet1" }
vpc_id = aws_vpc.vpc1.id
}
resource "aws_subnet" "subnet2" {
availability_zone = "ap-northeast-1a"
cidr_block = "10.0.2.0/24"
tags = { Name = "${var.prefix}Subnet2" }
vpc_id = aws_vpc.vpc1.id
}
# Security Group
resource "aws_default_security_group" "sg1" {
vpc_id = aws_vpc.vpc1.id
tags = { Name = "${var.prefix}Default" }
}
resource "aws_security_group_rule" "sg_rule1" {
type = "ingress"
protocol = "all"
from_port = 0
to_port = 0
cidr_blocks = ["0.0.0.0/0"]
security_group_id = aws_default_security_group.sg1.id
}
# Key Pair
resource "aws_key_pair" "keypair" {
key_name = "${var.prefix}keypair"
public_key = "PUBKEY"
}
# EC2 Instance
resource "aws_network_interface" "nic1" {
subnet_id = aws_subnet.subnet1.id
private_ips = ["10.0.1.100"]
security_groups = [aws_default_security_group.sg1.id]
tags = { Name = "${var.prefix}C8Kv-Gi1" }
}
resource "aws_network_interface" "nic2" {
subnet_id = aws_subnet.subnet2.id
private_ips = ["10.0.2.100"]
security_groups = [aws_default_security_group.sg1.id]
tags = { Name = "${var.prefix}C8Kv-Gi2" }
}
resource "aws_instance" "instance1" {
ami = "ami-0a6f4f867117f37c4"
instance_type = "t3.medium"
key_name = aws_key_pair.keypair.id
tags = { Name = "${var.prefix}C8Kv-1" }
network_interface {
network_interface_id = aws_network_interface.nic1.id
device_index = 0
}
network_interface {
network_interface_id = aws_network_interface.nic2.id
device_index = 1
}
}
resource "aws_eip" "eip1" {
vpc = true
network_interface = aws_network_interface.nic1.id
tags = { Name = "${var.prefix}C8Kv-1" }
}
コメント