diff --git a/get-vm-ips.sh b/get-vm-ips.sh index cd319ff..e0ed0a2 100755 --- a/get-vm-ips.sh +++ b/get-vm-ips.sh @@ -92,7 +92,7 @@ for GROUP in $ANS_GROUPS; do sed 's/-/_/g' )" # Print the contents of $VARS converted to uppercase. If it's not expty. - if [ ! -z $VARS ]; then + if [ ! -z "$VARS" ]; then echo "${VARS^^}" fi done diff --git a/main.tf b/main.tf index 3f0a9c5..19b1c7b 100644 --- a/main.tf +++ b/main.tf @@ -1,12 +1,16 @@ locals { k8s-subnets-ids = [ + # module.aws-network-from-scratch.subnet.id, module.aws-network-existing.subnet-by-name["subnet_1"].id, module.aws-network-existing.subnet-by-name["subnet_3"].id, ] nfs-subnets = [ + # module.aws-network-from-scratch.subnet, module.aws-network-existing.subnet-by-name["subnet_4"], ] + aws-security-group-id = module.aws-network-existing.default-sg.id + # aws-security-group-id = module.aws-network-from-scratch.default-security-group.id nodes-config = { "k8s-master" = { base-image = var.ubuntu-ami @@ -23,14 +27,26 @@ locals { "ansible-test" = { base-image = var.ubuntu-ami aws-ec2-type = var.t2-micro-1gib-1vcpu + # subnet-ids = [module.aws-network-from-scratch.subnet.id] subnet-ids = [module.aws-network-existing.subnet-by-name["subnet_2"].id] num = 0 }, "nfs" = { base-image = var.ubuntu-ami aws-ec2-type = var.t2-micro-1gib-1vcpu + # subnet-ids = [module.aws-network-from-scratch.subnet.id] subnet-ids = [module.aws-network-existing.subnet-by-name["subnet_4"].id] num = 1 + num-disks = 1 + disk-size = 10 + }, + "proxy" = { + base-image = var.ubuntu-ami + aws-ec2-type = var.t2-micro-1gib-1vcpu + # subnet-ids = [module.aws-network-from-scratch.subnet.id] + subnet-ids = [module.aws-network-existing.subnet-by-name["subnet_4"].id] + private-ips = [var.aws-proxy-private-ip] + num = 1 }, } install-qemu-agent = false @@ -103,25 +119,33 @@ resource "aws_key_pair" "key" { resource "aws_ebs_volume" "zfs" { # TODO REM look at types. availability_zone = local.nfs-subnets[0].availability_zone - size = 10 - encrypted = false + size = local.nodes-config["nfs"].disk-size + encrypted = true + count = local.nodes-config["nfs"].num-disks tags = { - Name = "zfs-disk" + Name = "zfs-disk-${count.index}" } } resource "aws_volume_attachment" "mount-nfs-volume" { - device_name = "/dev/sdf" + device_name = "/dev/sd${element(var.aws-zfs-drive-letters, count.index)}" instance_id = module.nodes["nfs"].nodes[0].id - volume_id = aws_ebs_volume.zfs.id + count = local.nodes-config["nfs"].num-disks + volume_id = element(aws_ebs_volume.zfs, count.index).id +} + +output "zfs-drive-letters" { + value = aws_volume_attachment.mount-nfs-volume.*.device_name } module "nodes" { for_each = local.nodes-config source = "./modules/aws-nodes" + ec2-instance-type = each.value.aws-ec2-type ami = each.value.base-image subnet-ids = each.value.subnet-ids - security-group-ids = [module.aws-network-existing.default-sg.id] + private-ips = try(each.value.private-ips, []) + security-group-ids = [local.aws-security-group-id] user-datas = lookup(module.cloud-init-config, each.key, null).user-datas num-nodes = each.value.num name-prefix = "${var.vm-name-prefix}-${each.key}" diff --git a/modules/aws-nodes/main.tf b/modules/aws-nodes/main.tf index 15cf0fd..1b994b7 100644 --- a/modules/aws-nodes/main.tf +++ b/modules/aws-nodes/main.tf @@ -4,6 +4,9 @@ resource "aws_instance" "nodes" { # TODO Make this a variable. associate_public_ip_address = true subnet_id = element(var.subnet-ids, count.index % length(var.subnet-ids)) + # Set a private IP if var.private-ips is not empty, otherwise let AWS assign + # the IP. + private_ip = length(var.private-ips) == 0 ? null : element(var.private-ips, count.index) vpc_security_group_ids = var.security-group-ids user_data = element(var.user-datas.*.rendered, count.index) count = var.num-nodes diff --git a/modules/aws-nodes/variables.tf b/modules/aws-nodes/variables.tf index 5e526b8..9eec3f0 100644 --- a/modules/aws-nodes/variables.tf +++ b/modules/aws-nodes/variables.tf @@ -21,6 +21,12 @@ variable "num-nodes" { type = number } +variable "private-ips" { + default = [] + description = "A list of private IP addresses to use for the nodes. If the list is empty then each node will get an IP assigned from AWS." + type = list(string) +} + variable "user-datas" { description = "A list of cloud-init configs that get applied to their corresponding node." } diff --git a/providers.tf b/providers.tf index 68b5fd1..3f8b0c8 100644 --- a/providers.tf +++ b/providers.tf @@ -1,20 +1,21 @@ provider "aws" { - region = "us-gov-west-1" + region = var.aws-region + # profile = } terraform { required_version = ">= 1.0.8" - backend "s3" { - - bucket = "mss-terraform-state" - key = "global/s3/terraform.tfstate" - region = "us-gov-west-1" - - dynamodb_table = "mss-terraform-state-lock" - encrypt = true + backend "s3" { + + bucket = "mss-terraform-state" + key = "global/s3/terraform.tfstate" + region = "us-gov-west-1" + + dynamodb_table = "mss-terraform-state-lock" + encrypt = true } required_providers { @@ -73,4 +74,4 @@ resource "aws_dynamodb_table" "terraform_locks" { output "s3_bucket_arn" { value = aws_s3_bucket.terraform_state.arn description = "The ARN of the S3 bucket" -} \ No newline at end of file +} diff --git a/variables.tf b/variables.tf index 7107858..cd083b4 100644 --- a/variables.tf +++ b/variables.tf @@ -4,13 +4,19 @@ variable "admin-ips" { type = list(string) } +variable "aws-zfs-drive-letters" { + default = ["f", "g", "h", "i", "j"] + description = "These are the drove letters to use when attaching EBS volumes, ie. /dev/sdf or /dev/sdg" + type = list(string) +} + variable "aws-existing-sg-name" { - default = "change-me-if-using-aws-network-existing" + default = "change-me-if-using-aws-network-existing" description = "The name of the existing security group when using aws-network-existing." } variable "aws-existing-vpc-name" { - default = "change-me-if-using-aws-network-existing" + default = "change-me-if-using-aws-network-existing" description = "The name of the existing VPC when using aws-network-existing." } @@ -20,6 +26,11 @@ variable "aws-existing-subnet-names" { type = list(string) } +variable "aws-proxy-private-ip" { + description = "The private IP to request for the proxy instance." + type = string +} + variable "aws-region" { default = "us-east-1" description = "The AWS region to use."