shnee
/
k8s-terraform
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Branches k8s-nodes-updated and add_backend consolidted.

Browse Source
master
shnee 4 years ago
parent 073ace2732
commit 5107ec9a5c
2 changed files with 77 additions and 0 deletions
Show Stats Download Patch File Download Diff File

1
k8s-nodes/modules/aws-nodes/main.tf
Unescape Escape View File

@ -1,6 +1,7 @@
resource "aws_instance" "nodes" {
ami = var.ami
instance_type = var.ec2-instance-type
# TODO REM double check this key.
# key_name = aws_key_pair.debug1.key_name
associate_public_ip_address = true
subnet_id = var.subnet-id

76
k8s-nodes/providers.tf
Unescape Escape View File

@ -0,0 +1,76 @@
provider "aws" {
region = "us-gov-west-1"
}
terraform {
required_version = ">= 1.0.8"
backend "s3" {
bucket = "mss-terraform-state"
key = "global/s3/terraform.tfstate"
region = "us-gov-west-1"
dynamodb_table = "mss-terraform-state-lock"
encrypt = true
}
required_providers {
libvirt = {
source = "dmacvicar/libvirt"
version = "0.6.11"
}
}
}
##
#S3 bucket create to hold our TFState file so we can all share env settings
resource "aws_s3_bucket" "terraform_state" {
bucket = "mss-terraform-state"
# enable versioning for the state files
versioning {
enabled = true
}
#enable server-side encryption
server_side_encryption_configuration {
rule {
apply_server_side_encryption_by_default {
sse_algorithm = "AES256"
}
}
}
}
##
# no sql database used so that we can lock the TFstate file in the S3 bucket to ensure two people
# are not running a terraform command at the same time
resource "aws_dynamodb_table" "terraform_locks" {
name = "mss-terraform-state-lock"
billing_mode = "PAY_PER_REQUEST"
hash_key = "LockID"
attribute {
name = "LockID"
type = "S"
}
}
##
# output variable to give details on the s3 bucket created
#TODO: move to output.tf
output "s3_bucket_arn" {
value = aws_s3_bucket.terraform_state.arn
description = "The ARN of the S3 bucket"
}
Write Preview
Loading…
Cancel
Save