# Multi-Cloud Main Deployment # Orchestrates deployment across all enabled environments from environments.yaml locals { # Load environments environments = data.local_file.environments.content != null ? yamldecode(data.local_file.environments.content) : { environments = [] } # Get enabled environments enabled_envs = { for env in try(local.environments.environments, []) : env.name => env if env.enabled == true } # Separate by provider azure_envs = { for name, env in local.enabled_envs : name => env if env.provider == "azure" } aws_envs = { for name, env in local.enabled_envs : name => env if env.provider == "aws" } gcp_envs = { for name, env in local.enabled_envs : name => env if env.provider == "gcp" } ibm_envs = { for name, env in local.enabled_envs : name => env if env.provider == "ibm" } oci_envs = { for name, env in local.enabled_envs : name => env if env.provider == "oci" } onprem_envs = { for name, env in local.enabled_envs : name => env if env.provider == "onprem" } } # Load environments.yaml data "local_file" "environments" { filename = "${path.module}/../../config/environments.yaml" } # ============================================ # AZURE DEPLOYMENTS # ============================================ module "azure_environments" { source = "./modules/azure" for_each = local.azure_envs environment_config = each.value environment = var.environment tags = var.tags # Azure-specific variables subscription_id = var.azure_subscription_id tenant_id = var.azure_tenant_id } # ============================================ # AWS DEPLOYMENTS # ============================================ module "aws_environments" { source = "./modules/aws" for_each = local.aws_envs environment_config = each.value environment = var.environment tags = var.tags } # ============================================ # GCP DEPLOYMENTS # ============================================ module "gcp_environments" { source = "./modules/gcp" for_each = local.gcp_envs environment_config = each.value environment = var.environment tags = var.tags gcp_project_id = var.gcp_project_id gcp_default_region = var.gcp_default_region } # ============================================ # IBM CLOUD DEPLOYMENTS # ============================================ # module "ibm_environments" { # source = "./modules/ibm" # # for_each = local.ibm_envs # # environment_config = each.value # environment = var.environment # tags = var.tags # } # ============================================ # ORACLE CLOUD DEPLOYMENTS # ============================================ # module "oci_environments" { # source = "./modules/oci" # # for_each = local.oci_envs # # environment_config = each.value # environment = var.environment # tags = var.tags # } # ============================================ # ON-PREM HCI DEPLOYMENTS # ============================================ module "onprem_environments" { source = "./modules/onprem-hci" for_each = local.onprem_envs environment_config = each.value environment = var.environment tags = var.tags # vSphere configuration vsphere_user = var.vsphere_user vsphere_password = var.vsphere_password vsphere_server = var.vsphere_server } # ============================================ # AZURE ARC INTEGRATION (for hybrid management) # ============================================ module "azure_arc" { source = "./modules/azure-arc" count = var.enable_azure_arc ? 1 : 0 # Collect all clusters that should be onboarded to Azure Arc clusters = merge( { for k, v in module.aws_environments : k => { name = v.cluster_name provider = "aws" region = v.region kubeconfig = v.kubeconfig }}, { for k, v in module.gcp_environments : k => { name = v.cluster_name provider = "gcp" region = v.region kubeconfig = v.kubeconfig }}, { for k, v in module.onprem_environments : k => { name = v.cluster_name provider = "onprem" region = v.region kubeconfig = v.kubeconfig }} ) azure_subscription_id = var.azure_subscription_id azure_tenant_id = var.azure_tenant_id resource_group_name = "rg-arc-${var.environment}" location = "westus" # Admin region location tags = var.tags } # ============================================ # SERVICE MESH (for cross-cloud communication) # ============================================ module "service_mesh" { source = "./modules/service-mesh" count = var.enable_service_mesh ? 1 : 0 provider = var.service_mesh_provider # Collect all cluster endpoints clusters = merge( { for k, v in module.azure_environments : k => { endpoint = v.cluster_endpoint kubeconfig = v.kubeconfig }}, { for k, v in module.aws_environments : k => { endpoint = v.cluster_endpoint kubeconfig = v.kubeconfig }}, { for k, v in module.gcp_environments : k => { endpoint = v.cluster_endpoint kubeconfig = v.kubeconfig }} ) mTLS_enabled = try(local.environments.global.service_mesh.mTLS, true) tags = var.tags } # ============================================ # SECRETS MANAGEMENT # ============================================ module "secrets" { source = "./modules/secrets" provider = var.secrets_provider environments = local.enabled_envs # Vault configuration vault_address = var.vault_address vault_token = var.vault_token tags = var.tags } # ============================================ # OBSERVABILITY # ============================================ module "observability" { source = "./modules/observability" environments = local.enabled_envs global_config = try(local.environments.global.observability, {}) # Collect all cluster endpoints for observability clusters = merge( { for k, v in module.azure_environments : k => { endpoint = v.cluster_endpoint kubeconfig = v.kubeconfig }}, { for k, v in module.aws_environments : k => { endpoint = v.cluster_endpoint kubeconfig = v.kubeconfig }}, { for k, v in module.gcp_environments : k => { endpoint = v.cluster_endpoint kubeconfig = v.kubeconfig }} ) tags = var.tags }