Topic sk jcs more fss fixes (#115)

* more fss fixes for AD specific subnet.

* Revert "more fss fixes for AD specific subnet."

This reverts commit 2f5e48d.

* More fixes for fss/MT.
Remove subnet id for existing mt and existing fss
Remove subnet cidr for existing mt and existing fss
Fix AD ui screen.

* terraform fmt
14c schema.yaml fix.

* Fix AD issue with FSS

* JCS-13511 - Improvements to existing FSS use case

* tf format.

* Fixed issue with new FSS

* Fixed issue with new FSS

* Topic sk jcs mt vcn check (#112)

* Check if the mount target is is from the same vcn as network vcn.

* terraform fmt.

* incorporated Roberto's comments.

* terraform fmt.

* FIx the datasources.

* tf fmt.

* Fix the non fss issue.

* terraform fmt.

Co-authored-by: Abhijit Paranjpe <[email protected]>

Author: skommala

terraform/data_sources.tf

@@ -113,27 +113,22 @@ data "oci_file_storage_mount_targets" "mount_targets" {
   #Required
   availability_domain = local.fss_availability_domain
   compartment_id      = var.mount_target_compartment_id
-
-  id = var.mount_target_id
+  id                  = var.mount_target_id
 }
 
-data "oci_file_storage_exports" "export" {
-  count = var.existing_fss_id != "" ? 1 : 0
-  id    = var.existing_export_path_id
-}
 
-data "oci_file_storage_mount_targets" "mount_target_by_export_set" {
+data "oci_file_storage_mount_targets" "existing_mount_target" {
   count = var.existing_fss_id != "" ? 1 : 0
   #Required
   availability_domain = local.fss_availability_domain
-  compartment_id      = var.fss_compartment_id
-  export_set_id       = data.oci_file_storage_exports.export[0].export_set_id
+  compartment_id      = var.mount_target_compartment_id
+  id                  = var.mount_target_id
 }
 
 data "oci_core_private_ip" "mount_target_private_ips" {
   count = var.existing_fss_id != "" ? 1 : 0
   #Required
-  private_ip_id = data.oci_file_storage_mount_targets.mount_target_by_export_set[0].mount_targets[0].private_ip_ids[0]
+  private_ip_id = data.oci_file_storage_mount_targets.existing_mount_target[0].mount_targets[0].private_ip_ids[0]
 }
 
 data "oci_apm_apm_domain" "apm_domain" {
@@ -149,6 +144,20 @@ data "oci_core_vcn" "wls_vcn" {
   vcn_id = var.wls_existing_vcn_id
 }
 
+data "oci_core_subnet" "mount_target_existing_subnet" {
+  count = var.mount_target_id == "" ? 0 : 1
+
+  #Required
+  subnet_id = data.oci_file_storage_mount_targets.mount_targets[0].mount_targets[0].subnet_id
+}
+
+data "oci_core_subnet" "mount_target_existing_subnet_by_fss" {
+  count = var.existing_fss_id == "" ? 0 : 1
+
+  #Required
+  subnet_id = data.oci_file_storage_mount_targets.existing_mount_target[0].mount_targets[0].subnet_id
+}
+
 data "oci_objectstorage_namespace" "object_namespace" {
 
   #Optional

terraform/fss_variables.tf

@@ -25,12 +25,6 @@ variable "existing_fss_id" {
   default     = ""
 }
 
-variable "existing_export_path_id" {
-  type        = string
-  description = "The OCID of the existing export path"
-  default     = ""
-}
-
 variable "fss_compartment_id" {
   type        = string
   description = "The OCID of the compartment where the file system exists"

terraform/locals.tf

@@ -4,16 +4,16 @@
 locals {
   service_name_prefix = replace(var.service_name, "/[^a-zA-Z0-9]/", "")
 
-  home_region          = lookup(data.oci_identity_regions.home_region.regions[0], "name")
-  ad_names             = compact(data.template_file.ad_names.*.rendered)
-  export_path          = format("/%s", var.service_name)
-  vm_instance_image_id = var.terms_and_conditions ? var.ucm_instance_image_id : var.instance_image_id
-
+  home_region                  = lookup(data.oci_identity_regions.home_region.regions[0], "name")
+  ad_names                     = compact(data.template_file.ad_names.*.rendered)
+  export_path                  = format("/%s", var.service_name)
+  vm_instance_image_id         = var.terms_and_conditions ? var.ucm_instance_image_id : var.instance_image_id
+  add_existing_mount_target    = (var.add_existing_mount_target || var.add_existing_fss)
   bastion_availability_domain  = var.bastion_subnet_id != "" ? (local.use_regional_subnet ? var.wls_availability_domain_name != "" ? var.wls_availability_domain_name : local.ad_names[0] : data.oci_core_subnet.bastion_subnet[0].availability_domain) : (local.use_regional_subnet ? var.wls_availability_domain_name != "" ? var.wls_availability_domain_name : local.ad_names[0] : var.wls_availability_domain_name)
   wls_availability_domain      = local.use_regional_subnet ? (var.wls_availability_domain_name == "" ? local.ad_names[0] : var.wls_availability_domain_name) : (var.wls_subnet_id == "" ? var.wls_availability_domain_name : data.oci_core_subnet.wls_subnet[0].availability_domain)
   lb_availability_domain_name1 = var.lb_subnet_1_id != "" ? (local.use_regional_subnet ? "" : data.oci_core_subnet.lb_subnet_1_id[0].availability_domain) : ""
   lb_availability_domain_name2 = var.lb_subnet_2_id != "" ? (local.use_regional_subnet ? "" : data.oci_core_subnet.lb_subnet_2_id[0].availability_domain) : ""
-  fss_availability_domain      = var.add_fss && local.use_existing_subnets && !local.use_regional_subnet ? data.oci_core_subnet.mount_target_subnet[0].availability_domain : var.fss_availability_domain
+  fss_availability_domain      = var.add_fss ? (local.use_regional_subnet ? var.fss_availability_domain : (!var.add_existing_fss && !local.add_existing_mount_target ? data.oci_core_subnet.mount_target_subnet[0].availability_domain : var.fss_availability_domain)) : ""
   network_compartment_id       = var.network_compartment_id == "" ? var.compartment_ocid : var.network_compartment_id
 
   #dynamic group is based on the system generated tags for DG

terraform/main.tf

@@ -58,6 +58,8 @@ module "network-vcn-config" {
   create_internet_gateway      = var.wls_vcn_name != ""
   lb_destination_cidr          = var.is_lb_private ? var.bastion_subnet_cidr : "0.0.0.0/0"
   add_fss                      = var.add_fss
+  add_existing_mount_target    = local.add_existing_mount_target
+  add_existing_fss             = var.add_existing_fss
   # If the module is empty (count is zero), an empty list is returned. If not, a list of lists of strings is returned.
   # By using flatten we make sure each entry in the map is a list of string, either with one element, or empty
   nsg_ids = {
@@ -283,7 +285,7 @@ module "network-wls-public-subnet" {
 /* Create private subnet for FSS */
 module "network-mount-target-private-subnet" {
   source         = "./modules/network/subnet"
-  count          = var.add_fss && var.mount_target_subnet_id == "" ? 1 : 0
+  count          = var.add_fss && !local.add_existing_mount_target && !var.add_existing_fss && var.mount_target_subnet_id == "" ? 1 : 0
   compartment_id = local.network_compartment_id
   vcn_id         = local.vcn_id
 
@@ -395,7 +397,7 @@ module "validators" {
   mount_target_compartment_id          = var.mount_target_compartment_id
   mount_target_id                      = var.mount_target_id
   existing_fss_id                      = var.existing_fss_id
-  mount_target_availability_domain     = var.add_existing_mount_target ? data.oci_file_storage_mount_targets.mount_targets[0].mount_targets[0].availability_domain : ""
+  mount_target_availability_domain     = local.add_existing_mount_target ? data.oci_file_storage_mount_targets.mount_targets[0].mount_targets[0].availability_domain : ""
 
   create_policies  = var.create_policies
   use_oci_logging  = var.use_oci_logging
@@ -436,7 +438,7 @@ module "validators" {
 
 module "fss" {
   source = "./modules/fss"
-  count  = var.existing_fss_id == "" && var.add_fss ? 1 : 0
+  count  = var.add_fss ? 1 : 0
 
   compartment_id      = var.compartment_ocid
   availability_domain = local.fss_availability_domain
@@ -445,10 +447,11 @@ module "fss" {
   vcn_cidr                    = var.wls_vcn_cidr != "" ? var.wls_vcn_cidr : data.oci_core_vcn.wls_vcn[0].cidr_block
   resource_name_prefix        = var.service_name
   export_path                 = local.export_path
+  existing_fss_id             = var.existing_fss_id
   mount_target_id             = var.mount_target_id
   mount_target_compartment_id = var.mount_target_compartment_id == "" ? var.compartment_ocid : var.mount_target_compartment_id
-  mount_target_subnet_id      = local.use_existing_subnets ? var.mount_target_subnet_id : module.network-mount-target-private-subnet[0].subnet_id
-  mount_target_nsg_id         = var.mount_target_subnet_id != "" ? (var.add_existing_nsg ? [var.existing_mount_target_nsg_id] : []) : element(module.network-mount-target-nsg[*].nsg_id, 0)
+  mount_target_subnet_id      = local.use_existing_subnets ? var.mount_target_subnet_id : (local.add_existing_mount_target ? "" : module.network-mount-target-private-subnet[0].subnet_id)
+  mount_target_nsg_id         = var.mount_target_subnet_id != "" || local.add_existing_mount_target ? (var.add_existing_nsg ? [var.existing_mount_target_nsg_id] : []) : element(module.network-mount-target-nsg[*].nsg_id, 0)
   tags = {
     defined_tags  = local.defined_tags
     freeform_tags = local.free_form_tags
@@ -555,6 +558,7 @@ module "compute" {
   wls_domain_name               = format("%s_domain", local.service_name_prefix)
   wls_server_startup_args       = var.wls_server_startup_args
   wls_existing_vcn_id           = var.wls_existing_vcn_id
+  mount_vcn_id                  = var.mount_target_id != "" ? data.oci_core_subnet.mount_target_existing_subnet[0].vcn_id : (var.existing_fss_id != "" ? data.oci_core_subnet.mount_target_existing_subnet_by_fss[0].vcn_id : "")
   wls_vcn_cidr                  = var.wls_vcn_cidr != "" ? var.wls_vcn_cidr : element(concat(module.network-vcn.*.vcn_cidr, tolist([""])), 0)
   wls_version                   = var.wls_version
   wls_edition                   = var.wls_edition
@@ -578,7 +582,7 @@ module "compute" {
   add_fss     = var.add_fss
   mount_ip    = var.existing_fss_id != "" ? element(concat(data.oci_core_private_ip.mount_target_private_ips.*.ip_address, [""]), 0) : element(concat(module.fss[*].mount_ip, [""]), 0)
   mount_path  = var.mount_path
-  export_path = var.existing_export_path_id != "" ? element(concat(data.oci_file_storage_exports.export[*].exports[0].path, [""]), 0) : element(concat(module.fss[*].export_path, [""]), 0)
+  export_path = local.export_path
 
   db_existing_vcn_add_seclist = var.db_existing_vcn_add_secrule
   jrf_parameters = {

terraform/modules/compute/wls_compute/userdata/bootstrap

@@ -149,6 +149,21 @@ if [ "$add_fss" == "true" ]; then
   mount_path=$(sudo su oracle -c 'python3 /opt/scripts/databag.py mount_path')
   export_path=$(sudo su oracle -c 'python3 /opt/scripts/databag.py export_path')
 
+  wls_existing_vcn_id=$(sudo su oracle -c 'python3 /opt/scripts/databag.py wls_existing_vcn_id')
+  mount_vcn_id=$(sudo su oracle -c 'python3 /opt/scripts/databag.py mount_vcn_id')
+
+  if [ $mount_vcn_id != "" ]; then
+    echo "Checking if the mount target and the WebLogic servers are in the same VCN" | log >> $log_file
+    if [ "$wls_existing_vcn_id" == "$mount_vcn_id" ]; then
+      echo "The mount target and the WebLogic servers are in the same VCN [$wls_existing_vcn_id]" | log >> $log_file
+    else
+      echo "The mount target is not in the same VCN as the WebLogic servers [$wls_existing_vcn_id, $mount_vcn_id]. Exiting" | log >> $log_file
+      #clean up script
+      /opt/scripts/tidyup.sh
+      exit 1
+    fi
+  fi
+
   echo "Executing fss mounting script" | log >> $log_file
   output=$(/opt/scripts/fss_mount.sh -i $mount_ip -p $mount_path -e $export_path 2>&1)
   exit_code=$?

terraform/modules/compute/wls_compute/variables.tf

@@ -65,6 +65,12 @@ variable "wls_existing_vcn_id" {
   default     = ""
 }
 
+variable "mount_vcn_id" {
+  type        = string
+  description = "The OCID of the existing VCN where the mount target is located."
+  default     = ""
+}
+
 variable "wls_vcn_cidr" {
   type        = string
   description = "The CIDR of the VCN where the subnet the compute instance will be created is located"

terraform/modules/compute/wls_compute/wls_compute.tf

@@ -60,6 +60,7 @@ module "wls-instances" {
       total_vm_count                     = var.num_vm_instances
       assign_public_ip                   = var.assign_public_ip
       wls_existing_vcn_id                = var.wls_existing_vcn_id
+      mount_vcn_id                       = var.mount_vcn_id
       wls_subnet_ocid                    = var.subnet_id
       wls_vcn_cidr                       = var.wls_vcn_cidr
       network_compartment_id             = var.network_compartment_id

terraform/modules/fss/export.tf

@@ -5,7 +5,7 @@ resource "oci_file_storage_export" "mount_export" {
 
   #Required
   export_set_id  = oci_file_storage_export_set.mount_export_set.id
-  file_system_id = join("", oci_file_storage_file_system.file_system.*.id)
+  file_system_id = element(compact(tolist([var.existing_fss_id, join("", oci_file_storage_file_system.file_system.*.id)])), 0)
   path           = var.export_path
 
   #Optional

terraform/modules/fss/fss.tf

@@ -2,7 +2,7 @@
 # Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
 
 resource "oci_file_storage_file_system" "file_system" {
-
+  count = var.existing_fss_id == "" ? 1 : 0
   #Required
   availability_domain = var.availability_domain
   compartment_id      = var.compartment_id

terraform/modules/fss/variables.tf

@@ -67,3 +67,8 @@ variable "resource_name_prefix" {
   type        = string
   description = "Prefix which will be used to create File Shared System resources"
 }
+
+variable "existing_fss_id" {
+  type        = string
+  description = "The OCID of the File System"
+}