smom-dbis-138/terraform/vm-deployment.tf

# VM Deployment Configuration for Besu Network
# Alternative to AKS deployment using VMs/VMSS with Docker Engine
# Variables are defined in vm-deployment-variables.tf

# Storage Account for boot diagnostics and genesis file
resource "azurerm_storage_account" "vm_storage" {
  count                    = var.vm_deployment_enabled ? 1 : 0
  name                     = "${var.cluster_name}vmstorage${substr(md5(var.resource_group_name), 0, 8)}"
  resource_group_name      = var.resource_group_name
  location                 = var.location
  account_tier             = "Standard"
  account_replication_type = "LRS"
  account_kind             = "StorageV2"
  
  tags = {
    Environment = "production"
    Deployment  = "vm"
  }
}

resource "azurerm_storage_container" "genesis" {
  count                 = var.vm_deployment_enabled ? 1 : 0
  name                  = "genesis"
  storage_account_name  = azurerm_storage_account.vm_storage[0].name
  container_access_type = "private"
}

# Upload genesis file to storage
resource "azurerm_storage_blob" "genesis" {
  count                  = var.vm_deployment_enabled ? 1 : 0
  name                   = "genesis.json"
  storage_account_name   = azurerm_storage_account.vm_storage[0].name
  storage_container_name = azurerm_storage_container.genesis[0].name
  type                   = "Block"
  source                 = "${path.module}/../config/genesis.json"
}

# VM Deployment Modules for each region
# Note: VM deployment is disabled by default (vm_deployment_enabled = false)
# The vm-deployment module expects a single node_type per module instance
# For multiple node types, create separate module instances

# Validator VMs
module "vm_deployment_validators" {
  count  = var.vm_deployment_enabled && contains(var.vm_regions, var.location) ? 1 : 0
  source = "./modules/vm-deployment"

  resource_group_name       = var.resource_group_name
  location                  = var.location
  cluster_name              = var.cluster_name
  node_type                 = "validator"
  node_count                = var.validator_vm_count
  vm_size                   = var.vm_size_validator
  subnet_id                 = module.networking.validators_subnet_id
  storage_account_name      = azurerm_storage_account.vm_storage[0].name
  key_vault_id              = module.keyvault.key_vault_id
  genesis_file_path         = azurerm_storage_blob.genesis[0].url
  network_security_group_id = module.networking.validators_nsg_id
  use_scale_set             = var.use_vmss
  ssh_public_key            = var.ssh_public_key
  
  tags = var.tags
}

# Sentry VMs
module "vm_deployment_sentries" {
  count  = var.vm_deployment_enabled && contains(var.vm_regions, var.location) ? 1 : 0
  source = "./modules/vm-deployment"

  resource_group_name       = var.resource_group_name
  location                  = var.location
  cluster_name              = var.cluster_name
  node_type                 = "sentry"
  node_count                = var.sentry_vm_count
  vm_size                   = var.vm_size_sentry
  subnet_id                 = module.networking.sentries_subnet_id
  storage_account_name      = azurerm_storage_account.vm_storage[0].name
  key_vault_id              = module.keyvault.key_vault_id
  genesis_file_path         = azurerm_storage_blob.genesis[0].url
  network_security_group_id = module.networking.sentries_nsg_id
  use_scale_set             = var.use_vmss
  ssh_public_key            = var.ssh_public_key
  
  tags = var.tags
  }

# RPC VMs
module "vm_deployment_rpc" {
  count  = var.vm_deployment_enabled && contains(var.vm_regions, var.location) ? 1 : 0
  source = "./modules/vm-deployment"

  resource_group_name       = var.resource_group_name
  location                  = var.location
  cluster_name              = var.cluster_name
  node_type                 = "rpc"
  node_count                = var.rpc_vm_count
  vm_size                   = var.vm_size_rpc
  subnet_id                 = module.networking.rpc_subnet_id
  storage_account_name      = azurerm_storage_account.vm_storage[0].name
  key_vault_id              = module.keyvault.key_vault_id
  genesis_file_path         = azurerm_storage_blob.genesis[0].url
  network_security_group_id = module.networking.rpc_nsg_id
  use_scale_set             = var.use_vmss
  ssh_public_key            = var.ssh_public_key
  
  tags = var.tags
}

# Additional regions can be added similarly
# module "vm_deployment_westus" { ... }
# module "vm_deployment_westeurope" { ... }

# Outputs
output "vm_storage_account_name" {
  value       = var.vm_deployment_enabled ? azurerm_storage_account.vm_storage[0].name : null
  description = "Storage account name for VM deployment"
}

output "vm_deployment_enabled" {
  value       = var.vm_deployment_enabled
  description = "Whether VM deployment is enabled"
}