shnee
/
k8s-terraform
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Added proxy and ZFS drives.

Browse Source
new-vpc
Curtis Wilson 4 years ago
parent c6d4beb1a6
commit 8283730606
6 changed files with 64 additions and 19 deletions
Show Stats Download Patch File Download Diff File

2
get-vm-ips.sh
Unescape Escape View File

@ -92,7 +92,7 @@ for GROUP in $ANS_GROUPS; do
sed 's/-/_/g' sed 's/-/_/g'
)" )"
# Print the contents of $VARS converted to uppercase. If it's not expty. # Print the contents of $VARS converted to uppercase. If it's not expty.
if [ ! -z $VARS ]; then if [ ! -z "$VARS" ]; then
echo "${VARS^^}" echo "${VARS^^}"
fi fi
done done

36
main.tf
Unescape Escape View File

@ -1,12 +1,16 @@
locals { locals {
k8s-subnets-ids = [ k8s-subnets-ids = [
# module.aws-network-from-scratch.subnet.id,
module.aws-network-existing.subnet-by-name["subnet_1"].id, module.aws-network-existing.subnet-by-name["subnet_1"].id,
module.aws-network-existing.subnet-by-name["subnet_3"].id, module.aws-network-existing.subnet-by-name["subnet_3"].id,
] ]
nfs-subnets = [ nfs-subnets = [
# module.aws-network-from-scratch.subnet,
module.aws-network-existing.subnet-by-name["subnet_4"], module.aws-network-existing.subnet-by-name["subnet_4"],
] ]
aws-security-group-id = module.aws-network-existing.default-sg.id
# aws-security-group-id = module.aws-network-from-scratch.default-security-group.id
nodes-config = { nodes-config = {
"k8s-master" = { "k8s-master" = {
base-image = var.ubuntu-ami base-image = var.ubuntu-ami
@ -23,14 +27,26 @@ locals {
"ansible-test" = { "ansible-test" = {
base-image = var.ubuntu-ami base-image = var.ubuntu-ami
aws-ec2-type = var.t2-micro-1gib-1vcpu aws-ec2-type = var.t2-micro-1gib-1vcpu
# subnet-ids = [module.aws-network-from-scratch.subnet.id]
subnet-ids = [module.aws-network-existing.subnet-by-name["subnet_2"].id] subnet-ids = [module.aws-network-existing.subnet-by-name["subnet_2"].id]
num = 0 num = 0
}, },
"nfs" = { "nfs" = {
base-image = var.ubuntu-ami base-image = var.ubuntu-ami
aws-ec2-type = var.t2-micro-1gib-1vcpu aws-ec2-type = var.t2-micro-1gib-1vcpu
# subnet-ids = [module.aws-network-from-scratch.subnet.id]
subnet-ids = [module.aws-network-existing.subnet-by-name["subnet_4"].id] subnet-ids = [module.aws-network-existing.subnet-by-name["subnet_4"].id]
num = 1 num = 1
num-disks = 1
disk-size = 10
},
"proxy" = {
base-image = var.ubuntu-ami
aws-ec2-type = var.t2-micro-1gib-1vcpu
# subnet-ids = [module.aws-network-from-scratch.subnet.id]
subnet-ids = [module.aws-network-existing.subnet-by-name["subnet_4"].id]
private-ips = [var.aws-proxy-private-ip]
num = 1
}, },
} }
install-qemu-agent = false install-qemu-agent = false
@ -103,25 +119,33 @@ resource "aws_key_pair" "key" {
resource "aws_ebs_volume" "zfs" { resource "aws_ebs_volume" "zfs" {
# TODO REM look at types. # TODO REM look at types.
availability_zone = local.nfs-subnets[0].availability_zone availability_zone = local.nfs-subnets[0].availability_zone
size = 10 size = local.nodes-config["nfs"].disk-size
encrypted = false encrypted = true
count = local.nodes-config["nfs"].num-disks
tags = { tags = {
Name = "zfs-disk" Name = "zfs-disk-${count.index}"
} }
} }
resource "aws_volume_attachment" "mount-nfs-volume" { resource "aws_volume_attachment" "mount-nfs-volume" {
device_name = "/dev/sdf" device_name = "/dev/sd${element(var.aws-zfs-drive-letters, count.index)}"
instance_id = module.nodes["nfs"].nodes[0].id instance_id = module.nodes["nfs"].nodes[0].id
volume_id = aws_ebs_volume.zfs.id count = local.nodes-config["nfs"].num-disks
volume_id = element(aws_ebs_volume.zfs, count.index).id
}
output "zfs-drive-letters" {
value = aws_volume_attachment.mount-nfs-volume.*.device_name
} }
module "nodes" { module "nodes" {
for_each = local.nodes-config for_each = local.nodes-config
source = "./modules/aws-nodes" source = "./modules/aws-nodes"
ec2-instance-type = each.value.aws-ec2-type
ami = each.value.base-image ami = each.value.base-image
subnet-ids = each.value.subnet-ids subnet-ids = each.value.subnet-ids
security-group-ids = [module.aws-network-existing.default-sg.id] private-ips = try(each.value.private-ips, [])
security-group-ids = [local.aws-security-group-id]
user-datas = lookup(module.cloud-init-config, each.key, null).user-datas user-datas = lookup(module.cloud-init-config, each.key, null).user-datas
num-nodes = each.value.num num-nodes = each.value.num
name-prefix = "${var.vm-name-prefix}-${each.key}" name-prefix = "${var.vm-name-prefix}-${each.key}"

3
modules/aws-nodes/main.tf
Unescape Escape View File

@ -4,6 +4,9 @@ resource "aws_instance" "nodes" {
# TODO Make this a variable. # TODO Make this a variable.
associate_public_ip_address = true associate_public_ip_address = true
subnet_id = element(var.subnet-ids, count.index % length(var.subnet-ids)) subnet_id = element(var.subnet-ids, count.index % length(var.subnet-ids))
# Set a private IP if var.private-ips is not empty, otherwise let AWS assign
# the IP.
private_ip = length(var.private-ips) == 0 ? null : element(var.private-ips, count.index)
vpc_security_group_ids = var.security-group-ids vpc_security_group_ids = var.security-group-ids
user_data = element(var.user-datas.*.rendered, count.index) user_data = element(var.user-datas.*.rendered, count.index)
count = var.num-nodes count = var.num-nodes

6
modules/aws-nodes/variables.tf
Unescape Escape View File

@ -21,6 +21,12 @@ variable "num-nodes" {
type = number type = number
} }
variable "private-ips" {
default = []
description = "A list of private IP addresses to use for the nodes. If the list is empty then each node will get an IP assigned from AWS."
type = list(string)
}
variable "user-datas" { variable "user-datas" {
description = "A list of cloud-init configs that get applied to their corresponding node." description = "A list of cloud-init configs that get applied to their corresponding node."
} }

21
providers.tf
Unescape Escape View File

@ -1,20 +1,21 @@
provider "aws" { provider "aws" {
region = "us-gov-west-1" region = var.aws-region
# profile = <aws cli profile>
} }
terraform { terraform {
required_version = ">= 1.0.8" required_version = ">= 1.0.8"
backend "s3" { backend "s3" {
bucket = "mss-terraform-state" bucket = "mss-terraform-state"
key = "global/s3/terraform.tfstate" key = "global/s3/terraform.tfstate"
region = "us-gov-west-1" region = "us-gov-west-1"
dynamodb_table = "mss-terraform-state-lock" dynamodb_table = "mss-terraform-state-lock"
encrypt = true encrypt = true
} }
required_providers { required_providers {
@ -73,4 +74,4 @@ resource "aws_dynamodb_table" "terraform_locks" {
output "s3_bucket_arn" { output "s3_bucket_arn" {
value = aws_s3_bucket.terraform_state.arn value = aws_s3_bucket.terraform_state.arn
description = "The ARN of the S3 bucket" description = "The ARN of the S3 bucket"
} }

15
variables.tf
Unescape Escape View File

@ -4,13 +4,19 @@ variable "admin-ips" {
type = list(string) type = list(string)
} }
variable "aws-zfs-drive-letters" {
default = ["f", "g", "h", "i", "j"]
description = "These are the drove letters to use when attaching EBS volumes, ie. /dev/sdf or /dev/sdg"
type = list(string)
}
variable "aws-existing-sg-name" { variable "aws-existing-sg-name" {
default = "change-me-if-using-aws-network-existing" default = "change-me-if-using-aws-network-existing"
description = "The name of the existing security group when using aws-network-existing." description = "The name of the existing security group when using aws-network-existing."
} }
variable "aws-existing-vpc-name" { variable "aws-existing-vpc-name" {
default = "change-me-if-using-aws-network-existing" default = "change-me-if-using-aws-network-existing"
description = "The name of the existing VPC when using aws-network-existing." description = "The name of the existing VPC when using aws-network-existing."
} }
@ -20,6 +26,11 @@ variable "aws-existing-subnet-names" {
type = list(string) type = list(string)
} }
variable "aws-proxy-private-ip" {
description = "The private IP to request for the proxy instance."
type = string
}
variable "aws-region" { variable "aws-region" {
default = "us-east-1" default = "us-east-1"
description = "The AWS region to use." description = "The AWS region to use."

Write Preview
Loading…
Cancel
Save