| TF_PARALLELISM |
Parallelism/ concurrent operations limit. Valid values are between 1 and 256, both inclusive. Learn more. |
string |
"250" |
no |
| TF_VERSION |
The version of the Terraform engine that's used in the Schematics workspace. |
string |
"1.5" |
no |
| TF_WAIT_DURATION |
wait duration time set for the storage and worker node to complete the entire setup |
string |
"180s" |
no |
| api_key |
This is the IBM Cloud API key for the IBM Cloud account where the IBM Spectrum LSF cluster needs to be deployed. For more information on how to create an API key, see Managing user API keys. |
string |
n/a |
yes |
| app_center_db_pwd |
Password for MariaDB. Note: Password should be at least 8 characters, must have one number, one lowercase letter, one uppercase letter, and at least one special character. |
string |
"" |
no |
| app_center_gui_pwd |
Password for Application Center GUI. Note: Password should be at least 8 characters, must have one number, one lowercase letter, one uppercase letter, and at least one special character. |
string |
"" |
no |
| cluster_id |
Unique ID of the cluster used by LSF for configuration of resources. This can be up to 39 alphanumeric characters including the underscore (_), the hyphen (-), and the period (.) characters. Other special characters and spaces are not allowed. Do not use the name of any host or user as the name of your cluster. You cannot change the cluster ID after deployment. |
string |
"HPCCluster" |
no |
| cluster_prefix |
Prefix that is used to name the IBM Spectrum LSF cluster and IBM Cloud resources that are provisioned to build the IBM Spectrum LSF cluster instance. You cannot create more than one instance of the lsf cluster with the same name. Make sure that the name is unique. |
string |
"hpcc-lsf" |
no |
| cluster_subnet_id |
Existing cluster subnet ID under the VPC, where the cluster will be provisioned. |
string |
"" |
no |
| compute_image_name |
Name of the custom image that you want to use to create virtual server instances in your IBM Cloud account to deploy the IBM Cloud HPC cluster dynamic compute nodes. By default, the solution uses a RHEL 8-6 OS image with additional software packages mentioned here. If you would like to include your application-specific binary files, follow the instructions in Planning for custom images to create your own custom image and use that to build the IBM Cloud HPC cluster through this offering. |
string |
"hpc-lsf10-rhel88-worker-v1" |
no |
| create_authorization_policy_vpc_to_cos |
Set it to true if authorization policy is required for VPC to access COS. This can be set to false if authorization policy already exists. For more information on how to create authorization policy manually, see creating authorization policies for VPC flow log. |
bool |
false |
no |
| custom_file_shares |
Mount points and sizes in GB and IOPS range of file shares that can be used to customize shared file storage layout. Provide the details for up to 5 shares. Each file share size in GB supports different range of IOPS. For more information, see file share IOPS value. |
list(object({
mount_path = string,
size = number,
iops = number
})) |
[
{
"iops": 2000,
"mount_path": "/mnt/binaries",
"size": 100
},
{
"iops": 6000,
"mount_path": "/mnt/data",
"size": 100
}
] |
no |
| dedicated_host_enabled |
Set to true to use dedicated hosts for compute hosts (default: false). Note that lsf still dynamically provisions compute hosts at public VSIs and dedicated hosts are used only for static compute hosts provisioned at the time the cluster is created. The number of dedicated hosts and the profile names for dedicated hosts are calculated from worker_node_min_count and dedicated_host_type_name. |
bool |
false |
no |
| dedicated_host_placement |
Specify 'pack' or 'spread'. The 'pack' option will deploy VSIs on one dedicated host until full before moving on to the next dedicated host. The 'spread' option will deploy VSIs in round-robin fashion across all the dedicated hosts. The second option should result in mostly even distribution of VSIs on the hosts, while the first option could result in one dedicated host being mostly empty. |
string |
"spread" |
no |
| dns_custom_resolver_id |
IBM Cloud DNS custom resolver id. |
string |
"" |
no |
| dns_domain |
IBM Cloud DNS Services domain name to be used for the IBM Cloud LSF cluster. |
string |
"lsf.com" |
no |
| dns_instance_id |
IBM Cloud HPC DNS service resource id. |
string |
"" |
no |
| enable_app_center |
Set to true to install and enable use of the IBM Spectrum LSF Application Center GUI (default: false). System requirements for IBM Spectrum LSF Application Center Version 10.2 Fix Pack 14. |
bool |
false |
no |
| enable_customer_managed_encryption |
Setting this to true will enable customer managed encryption. Otherwise, encryption will be provider managed. |
bool |
true |
no |
| enable_ldap |
Set this option to true to enable LDAP for IBM Cloud HPC, with the default value set to false. |
bool |
false |
no |
| enable_vpc_flow_logs |
Flag to enable VPC flow logs. If true, a flow log collector will be created. |
bool |
false |
no |
| existing_cos_instance_guid |
GUID of the COS instance to create a flow log collector. |
string |
null |
no |
| existing_storage_bucket_name |
Name of the COS bucket to collect VPC flow logs. |
string |
null |
no |
| hyperthreading_enabled |
Setting this to true will enable hyper-threading in the worker nodes of the cluster (default). Otherwise, hyper-threading will be disabled. |
bool |
true |
no |
| ibm_customer_number |
Comma-separated list of the IBM Customer Number(s) (ICN) that is used for the Bring Your Own License (BYOL) entitlement check. For more information on how to find your ICN, see What is my IBM Customer Number (ICN)?. |
string |
"" |
no |
| image_name |
Name of the custom image that you want to use to create virtual server instances in your IBM Cloud account to deploy the IBM Spectrum LSF cluster. By default, the automation uses a base image with additional software packages documented here. If you would like to include your application-specific binary files, follow the instructions in Planning for custom images to create your own custom image and use that to build the IBM Spectrum LSF cluster through this offering. |
string |
"hpcc-lsf10-scale5201-rhel88-5-0" |
no |
| is_flow_log_collector_active |
Indicates whether the collector is active. If false, this collector is created in inactive mode. |
bool |
true |
no |
| kms_instance_id |
Unique identifier of the Key Protect instance associated with the Key Management Service. While providing an existing “kms_instance_id”, it's necessary to create the required authorization policy for encryption to be completed. To create the authorisation policy, go to Service authorizations. The ID can be found under the details of the KMS, see View key-protect ID. |
string |
"" |
no |
| kms_key_name |
Provide the existing KMS encryption key name that you want to use for the IBM Cloud LSF cluster. (for example kms_key_name: my-encryption-key). |
string |
"" |
no |
| ldap_admin_password |
The LDAP administrative password should be 8 to 20 characters long, with a mix of at least three alphabetic characters, including one uppercase and one lowercase letter. It must also include two numerical digits and at least one special character from (~@_+:) are required. It is important to avoid including the username in the password for enhanced security.[This value is ignored for an existing LDAP server]. |
string |
"" |
no |
| ldap_basedns |
The dns domain name is used for configuring the LDAP server. If an LDAP server is already in existence, ensure to provide the associated DNS domain name. |
string |
"hpcaas.com" |
no |
| ldap_server |
Provide the IP address for the existing LDAP server. If no address is given, a new LDAP server will be created. |
string |
"null" |
no |
| ldap_user_name |
Custom LDAP User for performing cluster operations. Note: Username should be between 4 to 32 characters, (any combination of lowercase and uppercase letters).[This value is ignored for an existing LDAP server] |
string |
"" |
no |
| ldap_user_password |
The LDAP user password should be 8 to 20 characters long, with a mix of at least three alphabetic characters, including one uppercase and one lowercase letter. It must also include two numerical digits and at least one special character from (~@_+:) are required.It is important to avoid including the username in the password for enhanced security.[This value is ignored for an existing LDAP server]. |
string |
"" |
no |
| ldap_vsi_osimage_name |
Image name to be used for provisioning the LDAP instances. |
string |
"ibm-ubuntu-22-04-4-minimal-amd64-3" |
no |
| ldap_vsi_profile |
Profile to be used for LDAP virtual server instance. |
string |
"cx2-2x4" |
no |
| login_node_instance_type |
Specify the VSI profile type name to be used to create the login node for Spectrum LSF cluster. Learn more. |
string |
"bx2-2x8" |
no |
| login_subnet_id |
Existing Login subnet ID under the VPC, where the bastion/login will be provisioned. |
string |
"" |
no |
| management_node_count |
Number of management nodes. This is the total number of management and management candidates. Enter a value in the range 1 - 3. |
number |
2 |
no |
| management_node_instance_type |
Specify the virtual server instance profile type to be used to create the management nodes for the Spectrum LSF cluster. For choices on profile types, see Instance profiles. |
string |
"bx2-4x16" |
no |
| remote_allowed_ips |
Comma-separated list of IP addresses that can access the Spectrum LSF instance through an SSH or RDP interface. For security purposes, provide the public IP addresses assigned to the devices that are authorized to establish SSH or RDP connections (for example, ["169.45.117.34"]). To fetch the IP address of the device, use https://ipv4.icanhazip.com/. |
list(string) |
n/a |
yes |
| resource_group |
Resource group name from your IBM Cloud account where the VPC resources should be deployed. For additional information on resource groups, see Managing resource groups. |
string |
"Default" |
no |
| scale_compute_cluster_filesystem_mountpoint |
Compute cluster (accessingCluster) file system mount point. The accessingCluster is the cluster that accesses the owningCluster. For more information, see Mounting a remote GPFS file system. |
string |
"/gpfs/fs1" |
no |
| scale_compute_cluster_gui_password |
Password for Compute cluster GUI. Note: Password should be at least 8 characters, must have one number, one lowercase letter, one uppercase letter, and at least one unique character. Password should not contain username. |
string |
"" |
no |
| scale_compute_cluster_gui_username |
GUI user to perform system management and monitoring tasks on compute cluster. Note: Username should be at least 4 characters, any combination of lowercase and uppercase letters. |
string |
"" |
no |
| scale_filesystem_block_size |
File system block size. Spectrum Scale supported block sizes (in bytes) include: 256K, 512K, 1M, 2M, 4M, 8M, 16M. |
string |
"4M" |
no |
| scale_storage_cluster_filesystem_mountpoint |
Spectrum Scale Storage cluster (owningCluster) Filesystem mount point. The owningCluster is the cluster that owns and serves the file system to be mounted. Mounting a remote GPFS file system. |
string |
"/gpfs/fs1" |
no |
| scale_storage_cluster_gui_password |
Password for Spectrum Scale storage cluster GUI. Note: Password should be at least 8 characters, must have one number, one lowercase letter, one uppercase letter, and at least one unique character. Password should not contain username. |
string |
"" |
no |
| scale_storage_cluster_gui_username |
GUI user to perform system management and monitoring tasks on storage cluster. Note: Username should be at least 4 characters, any combination of lowercase and uppercase letters. |
string |
"" |
no |
| scale_storage_image_name |
Name of the custom image that you would like to use to create virtual machines in your IBM Cloud account to deploy the Spectrum Scale storage cluster. By default, the automation uses a base image plus the Spectrum Scale software and any other software packages that it requires. If you would like, you can follow the instructions for Planning for custom images to create your own custom image and use that to build the Spectrum Scale storage cluster through this offering. |
string |
"hpcc-scale5201-rhel88" |
no |
| scale_storage_node_count |
The number of Spectrum scale storage nodes that will be provisioned at the time the cluster is created. Enter a value in the range 2 - 18. It must to be divisible of 2. |
number |
4 |
no |
| scale_storage_node_instance_type |
Specify the virtual server instance storage profile type name to be used to create the Spectrum Scale storage nodes for the Spectrum Storage cluster. For more information, see Instance profiles. |
string |
"cx2d-8x16" |
no |
| spectrum_scale_enabled |
Setting this to true will enables Spectrum Scale integration with the cluster. Otherwise, Spectrum Scale integration will be disabled (default). By entering 'true' for the property, you have also agreed to one of the two conditions: (1) You are using the software in production and confirm you have sufficient licenses to cover your use under the International Program License Agreement (IPLA). (2) You are evaluating the software and agree to abide by the International License Agreement for Evaluation of Programs (ILAE). Note: Failure to comply with licenses for production use of software is a violation of IBM International Program License Agreement. |
bool |
false |
no |
| ssh_key_name |
Comma-separated list of names of the SSH key configured in your IBM Cloud account that is used to establish a connection to the LSF management node. Ensure that the SSH key is present in the same resource group and region where the cluster is being provisioned. If you do not have an SSH key in your IBM Cloud account, create one by using the instructions given at SSH Keys. |
string |
n/a |
yes |
| storage_node_instance_type |
Specify the virtual server instance profile type to be used to create the storage nodes for the Spectrum LSF cluster. The storage nodes are the ones that are used to create an NFS instance to manage the data for HPC workloads. For choices on profile types, see Instance profiles. |
string |
"bx2-2x8" |
no |
| vpc_cidr_block |
Creates the address prefix for the new VPC, when the vpc_name variable is empty. Only a single address prefix is allowed. For more information, see Setting IP ranges. |
list(string) |
[
"10.241.0.0/18"
] |
no |
| vpc_cluster_login_private_subnets_cidr_blocks |
The CIDR block that's required for the creation of the login cluster private subnet. Modify the CIDR block if it has already been reserved or used for other applications within the VPC or conflicts with any on-premises CIDR blocks when using a hybrid environment. Provide only one CIDR block for the creation of the login subnet. Since login subnet is used only for the creation of login virtual server instance provide a CIDR range of /28. |
list(string) |
[
"10.241.16.0/28"
] |
no |
| vpc_cluster_private_subnets_cidr_blocks |
The CIDR block that's required for the creation of the compute and storage cluster private subnet. Modify the CIDR block if it has already been reserved or used for other applications within the VPC or conflicts with any on-premises CIDR blocks when using a hybrid environment. Provide only one CIDR block for the creation of the compute and storage subnet. Make sure to select a CIDR block size that will accommodate the maximum number of management, storage, and both static and dynamic worker nodes that you expect to have in your cluster. For more information on CIDR block size selection, see Choosing IP ranges for your VPC. |
list(string) |
[
"10.241.0.0/20"
] |
no |
| vpc_name |
Name of an existing VPC in which the cluster resources will be deployed. If no value is given, then a new VPC will be provisioned for the cluster. Learn more. |
string |
"" |
no |
| vpn_enabled |
Set to true to deploy a VPN gateway for VPC in the cluster. |
bool |
false |
no |
| vpn_peer_address |
The peer public IP address to which the VPN will be connected. |
string |
"" |
no |
| vpn_peer_cidrs |
Comma separated list of peer CIDRs (e.g., 192.168.0.0/24) to which the VPN will be connected. |
string |
"" |
no |
| vpn_preshared_key |
The pre-shared key for the VPN. |
string |
"" |
no |
| worker_node_instance_type |
Specify the virtual server instance profile type name to be used to create the worker nodes for the Spectrum LSF cluster. The worker nodes are the ones where the workload execution takes place and the choice should be made according to the characteristic of workloads. For choices on profile types, see Instance Profiles. Note: If dedicated_host_enabled == true, available instance prefix (e.g., bx2 and cx2) can be limited depending on your target region. Check ibmcloud target -r {region_name}; ibmcloud is dedicated-host-profiles. |
string |
"bx2-4x16" |
no |
| worker_node_max_count |
The maximum number of worker nodes that can be deployed in the Spectrum LSF cluster. In order to use the Resource Connector feature to dynamically create and delete worker nodes based on workload demand, the value selected for this parameter must be larger than worker_node_min_count. If you plan to deploy only static worker nodes in the LSF cluster, e.g., when using Spectrum Scale storage, the value for this parameter should be equal to worker_node_min_count. Enter a value in the range 1 - 500. |
number |
10 |
no |
| worker_node_min_count |
The minimum number of worker nodes. This is the number of static worker nodes that will be provisioned at the time the cluster is created. If using NFS storage, enter a value in the range 0 - 500. If using Spectrum Scale storage, enter a value in the range 1 - 64. NOTE: Spectrum Scale requires a minimum of 3 compute nodes (combination of management-host, management-host-candidate, and worker nodes) to establish a quorum and maintain data consistency in the event of a node failure. Therefore, the minimum value of 1 may need to be larger if the value specified for management_node_count is less than 2. |
number |
0 |
no |
| zone |
IBM Cloud zone name within the selected region where the Spectrum LSF cluster should be deployed. To get a full list of zones within a region, see Get zones by using the CLI. |
string |
n/a |
yes |