Merge pull request #8985 from w3st3ry/fmt

Fmt all the config files
This commit is contained in:
Paul Stack 2016-09-22 12:57:41 +01:00 committed by GitHub
commit 0ed7140c88
43 changed files with 582 additions and 533 deletions

View File

@ -8,77 +8,79 @@ resource "aws_elb" "web-elb" {
# The same availability zone as our instances # The same availability zone as our instances
availability_zones = ["${split(",", var.availability_zones)}"] availability_zones = ["${split(",", var.availability_zones)}"]
listener { listener {
instance_port = 80 instance_port = 80
instance_protocol = "http" instance_protocol = "http"
lb_port = 80 lb_port = 80
lb_protocol = "http" lb_protocol = "http"
} }
health_check { health_check {
healthy_threshold = 2 healthy_threshold = 2
unhealthy_threshold = 2 unhealthy_threshold = 2
timeout = 3 timeout = 3
target = "HTTP:80/" target = "HTTP:80/"
interval = 30 interval = 30
} }
} }
resource "aws_autoscaling_group" "web-asg" { resource "aws_autoscaling_group" "web-asg" {
availability_zones = ["${split(",", var.availability_zones)}"] availability_zones = ["${split(",", var.availability_zones)}"]
name = "terraform-example-asg" name = "terraform-example-asg"
max_size = "${var.asg_max}" max_size = "${var.asg_max}"
min_size = "${var.asg_min}" min_size = "${var.asg_min}"
desired_capacity = "${var.asg_desired}" desired_capacity = "${var.asg_desired}"
force_delete = true force_delete = true
launch_configuration = "${aws_launch_configuration.web-lc.name}" launch_configuration = "${aws_launch_configuration.web-lc.name}"
load_balancers = ["${aws_elb.web-elb.name}"] load_balancers = ["${aws_elb.web-elb.name}"]
#vpc_zone_identifier = ["${split(",", var.availability_zones)}"] #vpc_zone_identifier = ["${split(",", var.availability_zones)}"]
tag { tag {
key = "Name" key = "Name"
value = "web-asg" value = "web-asg"
propagate_at_launch = "true" propagate_at_launch = "true"
} }
} }
resource "aws_launch_configuration" "web-lc" { resource "aws_launch_configuration" "web-lc" {
name = "terraform-example-lc" name = "terraform-example-lc"
image_id = "${lookup(var.aws_amis, var.aws_region)}" image_id = "${lookup(var.aws_amis, var.aws_region)}"
instance_type = "${var.instance_type}" instance_type = "${var.instance_type}"
# Security group # Security group
security_groups = ["${aws_security_group.default.id}"] security_groups = ["${aws_security_group.default.id}"]
user_data = "${file("userdata.sh")}" user_data = "${file("userdata.sh")}"
key_name = "${var.key_name}" key_name = "${var.key_name}"
} }
# Our default security group to access # Our default security group to access
# the instances over SSH and HTTP # the instances over SSH and HTTP
resource "aws_security_group" "default" { resource "aws_security_group" "default" {
name = "terraform_example_sg" name = "terraform_example_sg"
description = "Used in the terraform" description = "Used in the terraform"
# SSH access from anywhere # SSH access from anywhere
ingress { ingress {
from_port = 22 from_port = 22
to_port = 22 to_port = 22
protocol = "tcp" protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"] cidr_blocks = ["0.0.0.0/0"]
} }
# HTTP access from anywhere # HTTP access from anywhere
ingress { ingress {
from_port = 80 from_port = 80
to_port = 80 to_port = 80
protocol = "tcp" protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"] cidr_blocks = ["0.0.0.0/0"]
} }
# outbound internet access # outbound internet access
egress { egress {
from_port = 0 from_port = 0
to_port = 0 to_port = 0
protocol = "-1" protocol = "-1"
cidr_blocks = ["0.0.0.0/0"] cidr_blocks = ["0.0.0.0/0"]
} }
} }

View File

@ -1,12 +1,15 @@
output "security_group" { output "security_group" {
value = "${aws_security_group.default.id}" value = "${aws_security_group.default.id}"
} }
output "launch_configuration" { output "launch_configuration" {
value = "${aws_launch_configuration.web-lc.id}" value = "${aws_launch_configuration.web-lc.id}"
} }
output "asg_name" { output "asg_name" {
value = "${aws_autoscaling_group.web-asg.id}" value = "${aws_autoscaling_group.web-asg.id}"
} }
output "elb_name" { output "elb_name" {
value = "${aws_elb.web-elb.dns_name}" value = "${aws_elb.web-elb.dns_name}"
} }

View File

@ -1,6 +1,6 @@
variable "aws_region" { variable "aws_region" {
description = "The AWS region to create things in." description = "The AWS region to create things in."
default = "us-east-1" default = "us-east-1"
} }
# ubuntu-trusty-14.04 (x64) # ubuntu-trusty-14.04 (x64)
@ -12,7 +12,7 @@ variable "aws_amis" {
} }
variable "availability_zones" { variable "availability_zones" {
default = "us-east-1b,us-east-1c,us-east-1d,us-east-1e" default = "us-east-1b,us-east-1c,us-east-1d,us-east-1e"
description = "List of availability zones, use AWS CLI to find your " description = "List of availability zones, use AWS CLI to find your "
} }
@ -21,22 +21,21 @@ variable "key_name" {
} }
variable "instance_type" { variable "instance_type" {
default = "t2.micro" default = "t2.micro"
description = "AWS instance type" description = "AWS instance type"
} }
variable "asg_min" { variable "asg_min" {
description = "Min numbers of servers in ASG" description = "Min numbers of servers in ASG"
default = "1" default = "1"
} }
variable "asg_max" { variable "asg_max" {
description = "Max numbers of servers in ASG" description = "Max numbers of servers in ASG"
default = "2" default = "2"
} }
variable "asg_desired" { variable "asg_desired" {
description = "Desired numbers of servers in ASG" description = "Desired numbers of servers in ASG"
default = "1" default = "1"
} }

View File

@ -4,6 +4,7 @@ provider "aws" {
resource "aws_cloudwatch_event_rule" "foo" { resource "aws_cloudwatch_event_rule" "foo" {
name = "${var.rule_name}" name = "${var.rule_name}"
event_pattern = <<PATTERN event_pattern = <<PATTERN
{ {
"detail-type": [ "detail-type": [
@ -16,12 +17,14 @@ resource "aws_cloudwatch_event_rule" "foo" {
} }
} }
PATTERN PATTERN
role_arn = "${aws_iam_role.role.arn}" role_arn = "${aws_iam_role.role.arn}"
} }
resource "aws_iam_role" "role" { resource "aws_iam_role" "role" {
name = "${var.iam_role_name}" name = "${var.iam_role_name}"
assume_role_policy = <<POLICY
assume_role_policy = <<POLICY
{ {
"Version": "2012-10-17", "Version": "2012-10-17",
"Statement": [ "Statement": [
@ -41,6 +44,7 @@ POLICY
resource "aws_iam_role_policy" "policy" { resource "aws_iam_role_policy" "policy" {
name = "tf-example-policy" name = "tf-example-policy"
role = "${aws_iam_role.role.id}" role = "${aws_iam_role.role.id}"
policy = <<POLICY policy = <<POLICY
{ {
"Version": "2012-10-17", "Version": "2012-10-17",
@ -61,12 +65,12 @@ POLICY
} }
resource "aws_cloudwatch_event_target" "foobar" { resource "aws_cloudwatch_event_target" "foobar" {
rule = "${aws_cloudwatch_event_rule.foo.name}" rule = "${aws_cloudwatch_event_rule.foo.name}"
target_id = "${var.target_name}" target_id = "${var.target_name}"
arn = "${aws_kinesis_stream.foo.arn}" arn = "${aws_kinesis_stream.foo.arn}"
} }
resource "aws_kinesis_stream" "foo" { resource "aws_kinesis_stream" "foo" {
name = "${var.stream_name}" name = "${var.stream_name}"
shard_count = 1 shard_count = 1
} }

View File

@ -1,24 +1,24 @@
variable "aws_region" { variable "aws_region" {
description = "The AWS region to create resources in." description = "The AWS region to create resources in."
default = "us-east-1" default = "us-east-1"
} }
variable "rule_name" { variable "rule_name" {
description = "The name of the CloudWatch Event Rule" description = "The name of the CloudWatch Event Rule"
default = "tf-example-cloudwatch-event-rule-for-kinesis" default = "tf-example-cloudwatch-event-rule-for-kinesis"
} }
variable "iam_role_name" { variable "iam_role_name" {
description = "The name of the IAM Role" description = "The name of the IAM Role"
default = "tf-example-iam-role-for-kinesis" default = "tf-example-iam-role-for-kinesis"
} }
variable "target_name" { variable "target_name" {
description = "The name of the CloudWatch Event Target" description = "The name of the CloudWatch Event Target"
default = "tf-example-cloudwatch-event-target-for-kinesis" default = "tf-example-cloudwatch-event-target-for-kinesis"
} }
variable "stream_name" { variable "stream_name" {
description = "The name of the Kinesis Stream to send events to" description = "The name of the Kinesis Stream to send events to"
default = "tf-example-kinesis-stream" default = "tf-example-kinesis-stream"
} }

View File

@ -4,6 +4,7 @@ provider "aws" {
resource "aws_cloudwatch_event_rule" "foo" { resource "aws_cloudwatch_event_rule" "foo" {
name = "${var.rule_name}" name = "${var.rule_name}"
event_pattern = <<PATTERN event_pattern = <<PATTERN
{ {
"detail-type": [ "detail-type": [
@ -19,9 +20,9 @@ PATTERN
} }
resource "aws_cloudwatch_event_target" "bar" { resource "aws_cloudwatch_event_target" "bar" {
rule = "${aws_cloudwatch_event_rule.foo.name}" rule = "${aws_cloudwatch_event_rule.foo.name}"
target_id = "${var.target_name}" target_id = "${var.target_name}"
arn = "${aws_sns_topic.foo.arn}" arn = "${aws_sns_topic.foo.arn}"
} }
resource "aws_sns_topic" "foo" { resource "aws_sns_topic" "foo" {

View File

@ -1,19 +1,19 @@
variable "aws_region" { variable "aws_region" {
description = "The AWS region to create resources in." description = "The AWS region to create resources in."
default = "us-east-1" default = "us-east-1"
} }
variable "rule_name" { variable "rule_name" {
description = "The name of the CloudWatch Event Rule" description = "The name of the CloudWatch Event Rule"
default = "tf-example-cloudwatch-event-rule-for-sns" default = "tf-example-cloudwatch-event-rule-for-sns"
} }
variable "target_name" { variable "target_name" {
description = "The name of the CloudWatch Event Target" description = "The name of the CloudWatch Event Target"
default = "tf-example-cloudwatch-event-target-for-sns" default = "tf-example-cloudwatch-event-target-for-sns"
} }
variable "sns_topic_name" { variable "sns_topic_name" {
description = "The name of the SNS Topic to send events to" description = "The name of the SNS Topic to send events to"
default = "tf-example-sns-topic" default = "tf-example-sns-topic"
} }

View File

@ -10,20 +10,19 @@ resource "aws_elb" "web" {
availability_zones = ["${aws_instance.web.*.availability_zone}"] availability_zones = ["${aws_instance.web.*.availability_zone}"]
listener { listener {
instance_port = 80 instance_port = 80
instance_protocol = "http" instance_protocol = "http"
lb_port = 80 lb_port = 80
lb_protocol = "http" lb_protocol = "http"
} }
# The instances are registered automatically # The instances are registered automatically
instances = ["${aws_instance.web.*.id}"] instances = ["${aws_instance.web.*.id}"]
} }
resource "aws_instance" "web" { resource "aws_instance" "web" {
instance_type = "m1.small" instance_type = "m1.small"
ami = "${lookup(var.aws_amis, var.aws_region)}" ami = "${lookup(var.aws_amis, var.aws_region)}"
# This will create 4 instances # This will create 4 instances
count = 4 count = 4

View File

@ -1,6 +1,6 @@
variable "aws_region" { variable "aws_region" {
description = "The AWS region to create things in." description = "The AWS region to create things in."
default = "us-west-2" default = "us-west-2"
} }
# Ubuntu Precise 12.04 LTS (x64) # Ubuntu Precise 12.04 LTS (x64)

View File

@ -14,10 +14,10 @@ resource "aws_vpc" "main" {
} }
resource "aws_subnet" "main" { resource "aws_subnet" "main" {
count = "${var.az_count}" count = "${var.az_count}"
cidr_block = "${cidrsubnet(aws_vpc.main.cidr_block, 8, count.index)}" cidr_block = "${cidrsubnet(aws_vpc.main.cidr_block, 8, count.index)}"
availability_zone = "${data.aws_availability_zones.available.names[count.index]}" availability_zone = "${data.aws_availability_zones.available.names[count.index]}"
vpc_id = "${aws_vpc.main.id}" vpc_id = "${aws_vpc.main.id}"
} }
resource "aws_internet_gateway" "gw" { resource "aws_internet_gateway" "gw" {
@ -26,67 +26,75 @@ resource "aws_internet_gateway" "gw" {
resource "aws_route_table" "r" { resource "aws_route_table" "r" {
vpc_id = "${aws_vpc.main.id}" vpc_id = "${aws_vpc.main.id}"
route { route {
cidr_block = "0.0.0.0/0" cidr_block = "0.0.0.0/0"
gateway_id = "${aws_internet_gateway.gw.id}" gateway_id = "${aws_internet_gateway.gw.id}"
} }
} }
resource "aws_route_table_association" "a" { resource "aws_route_table_association" "a" {
count = "${var.az_count}" count = "${var.az_count}"
subnet_id = "${element(aws_subnet.main.*.id, count.index)}" subnet_id = "${element(aws_subnet.main.*.id, count.index)}"
route_table_id = "${aws_route_table.r.id}" route_table_id = "${aws_route_table.r.id}"
} }
### Compute ### Compute
resource "aws_autoscaling_group" "app" { resource "aws_autoscaling_group" "app" {
name = "tf-test-asg" name = "tf-test-asg"
vpc_zone_identifier = ["${aws_subnet.main.*.id}"] vpc_zone_identifier = ["${aws_subnet.main.*.id}"]
min_size = "${var.asg_min}" min_size = "${var.asg_min}"
max_size = "${var.asg_max}" max_size = "${var.asg_max}"
desired_capacity = "${var.asg_desired}" desired_capacity = "${var.asg_desired}"
launch_configuration = "${aws_launch_configuration.app.name}" launch_configuration = "${aws_launch_configuration.app.name}"
} }
data "template_file" "cloud_config" { data "template_file" "cloud_config" {
template = "${file("${path.module}/cloud-config.yml")}" template = "${file("${path.module}/cloud-config.yml")}"
vars { vars {
aws_region = "${var.aws_region}" aws_region = "${var.aws_region}"
ecs_cluster_name = "${aws_ecs_cluster.main.name}" ecs_cluster_name = "${aws_ecs_cluster.main.name}"
ecs_log_level = "info" ecs_log_level = "info"
ecs_agent_version = "latest" ecs_agent_version = "latest"
ecs_log_group_name = "${aws_cloudwatch_log_group.ecs.name}" ecs_log_group_name = "${aws_cloudwatch_log_group.ecs.name}"
} }
} }
data "aws_ami" "stable_coreos" { data "aws_ami" "stable_coreos" {
most_recent = true most_recent = true
filter { filter {
name = "description" name = "description"
values = ["CoreOS stable *"] values = ["CoreOS stable *"]
} }
filter { filter {
name = "architecture" name = "architecture"
values = ["x86_64"] values = ["x86_64"]
} }
filter { filter {
name = "virtualization-type" name = "virtualization-type"
values = ["hvm"] values = ["hvm"]
} }
owners = ["595879546273"] # CoreOS owners = ["595879546273"] # CoreOS
} }
resource "aws_launch_configuration" "app" { resource "aws_launch_configuration" "app" {
security_groups = [ security_groups = [
"${aws_security_group.instance_sg.id}" "${aws_security_group.instance_sg.id}",
] ]
key_name = "${var.key_name}"
image_id = "${data.aws_ami.stable_coreos.id}" key_name = "${var.key_name}"
instance_type = "${var.instance_type}" image_id = "${data.aws_ami.stable_coreos.id}"
iam_instance_profile = "${aws_iam_instance_profile.app.name}" instance_type = "${var.instance_type}"
user_data = "${data.template_file.cloud_config.rendered}" iam_instance_profile = "${aws_iam_instance_profile.app.name}"
user_data = "${data.template_file.cloud_config.rendered}"
associate_public_ip_address = true associate_public_ip_address = true
lifecycle { lifecycle {
create_before_destroy = true create_before_destroy = true
} }
@ -98,55 +106,59 @@ resource "aws_security_group" "lb_sg" {
description = "controls access to the application ELB" description = "controls access to the application ELB"
vpc_id = "${aws_vpc.main.id}" vpc_id = "${aws_vpc.main.id}"
name = "tf-ecs-lbsg" name = "tf-ecs-lbsg"
ingress { ingress {
protocol = "tcp" protocol = "tcp"
from_port = 80 from_port = 80
to_port = 80 to_port = 80
cidr_blocks = ["0.0.0.0/0"] cidr_blocks = ["0.0.0.0/0"]
} }
egress { egress {
from_port = 0 from_port = 0
to_port = 0 to_port = 0
protocol = "-1" protocol = "-1"
cidr_blocks = [ cidr_blocks = [
"0.0.0.0/0" "0.0.0.0/0",
] ]
} }
} }
resource "aws_security_group" "instance_sg" { resource "aws_security_group" "instance_sg" {
description = "controls direct access to application instances" description = "controls direct access to application instances"
vpc_id = "${aws_vpc.main.id}" vpc_id = "${aws_vpc.main.id}"
name = "tf-ecs-instsg" name = "tf-ecs-instsg"
ingress { ingress {
protocol = "tcp" protocol = "tcp"
from_port = 22 from_port = 22
to_port = 22 to_port = 22
cidr_blocks = [ cidr_blocks = [
"${var.admin_cidr_ingress}" "${var.admin_cidr_ingress}",
] ]
} }
ingress { ingress {
protocol = "tcp" protocol = "tcp"
from_port = 8080 from_port = 8080
to_port = 8080 to_port = 8080
security_groups = [ security_groups = [
"${aws_security_group.lb_sg.id}" "${aws_security_group.lb_sg.id}",
] ]
} }
egress { egress {
from_port = 0 from_port = 0
to_port = 0 to_port = 0
protocol = "-1" protocol = "-1"
cidr_blocks = ["0.0.0.0/0"] cidr_blocks = ["0.0.0.0/0"]
} }
} }
## ECS ## ECS
resource "aws_ecs_cluster" "main" { resource "aws_ecs_cluster" "main" {
@ -155,43 +167,44 @@ resource "aws_ecs_cluster" "main" {
data "template_file" "task_definition" { data "template_file" "task_definition" {
template = "${file("${path.module}/task-definition.json")}" template = "${file("${path.module}/task-definition.json")}"
vars { vars {
image_url = "ghost:latest" image_url = "ghost:latest"
container_name = "ghost" container_name = "ghost"
log_group_region = "${var.aws_region}" log_group_region = "${var.aws_region}"
log_group_name = "${aws_cloudwatch_log_group.app.name}" log_group_name = "${aws_cloudwatch_log_group.app.name}"
} }
} }
resource "aws_ecs_task_definition" "ghost" { resource "aws_ecs_task_definition" "ghost" {
family = "tf_example_ghost_td" family = "tf_example_ghost_td"
container_definitions = "${data.template_file.task_definition.rendered}" container_definitions = "${data.template_file.task_definition.rendered}"
} }
resource "aws_ecs_service" "test" { resource "aws_ecs_service" "test" {
name = "tf-example-ecs-ghost" name = "tf-example-ecs-ghost"
cluster = "${aws_ecs_cluster.main.id}" cluster = "${aws_ecs_cluster.main.id}"
task_definition = "${aws_ecs_task_definition.ghost.arn}" task_definition = "${aws_ecs_task_definition.ghost.arn}"
desired_count = 1 desired_count = 1
iam_role = "${aws_iam_role.ecs_service.name}" iam_role = "${aws_iam_role.ecs_service.name}"
load_balancer { load_balancer {
target_group_arn = "${aws_alb_target_group.test.id}" target_group_arn = "${aws_alb_target_group.test.id}"
container_name = "ghost" container_name = "ghost"
container_port = "2368" container_port = "2368"
} }
depends_on = [ depends_on = [
"aws_iam_role_policy.ecs_service", "aws_iam_role_policy.ecs_service",
"aws_alb_listener.front_end" "aws_alb_listener.front_end",
] ]
} }
## IAM ## IAM
resource "aws_iam_role" "ecs_service" { resource "aws_iam_role" "ecs_service" {
name = "tf_example_ecs_role" name = "tf_example_ecs_role"
assume_role_policy = <<EOF assume_role_policy = <<EOF
{ {
"Version": "2008-10-17", "Version": "2008-10-17",
@ -212,6 +225,7 @@ EOF
resource "aws_iam_role_policy" "ecs_service" { resource "aws_iam_role_policy" "ecs_service" {
name = "tf_example_ecs_policy" name = "tf_example_ecs_policy"
role = "${aws_iam_role.ecs_service.name}" role = "${aws_iam_role.ecs_service.name}"
policy = <<EOF policy = <<EOF
{ {
"Version": "2012-10-17", "Version": "2012-10-17",
@ -234,12 +248,13 @@ EOF
} }
resource "aws_iam_instance_profile" "app" { resource "aws_iam_instance_profile" "app" {
name = "tf-ecs-instprofile" name = "tf-ecs-instprofile"
roles = ["${aws_iam_role.app_instance.name}"] roles = ["${aws_iam_role.app_instance.name}"]
} }
resource "aws_iam_role" "app_instance" { resource "aws_iam_role" "app_instance" {
name = "tf-ecs-example-instance-role" name = "tf-ecs-example-instance-role"
assume_role_policy = <<EOF assume_role_policy = <<EOF
{ {
"Version": "2012-10-17", "Version": "2012-10-17",
@ -259,6 +274,7 @@ EOF
data "template_file" "instance_profile" { data "template_file" "instance_profile" {
template = "${file("${path.module}/instance-profile-policy.json")}" template = "${file("${path.module}/instance-profile-policy.json")}"
vars { vars {
app_log_group_arn = "${aws_cloudwatch_log_group.app.arn}" app_log_group_arn = "${aws_cloudwatch_log_group.app.arn}"
ecs_log_group_arn = "${aws_cloudwatch_log_group.ecs.arn}" ecs_log_group_arn = "${aws_cloudwatch_log_group.ecs.arn}"
@ -266,18 +282,18 @@ data "template_file" "instance_profile" {
} }
resource "aws_iam_role_policy" "instance" { resource "aws_iam_role_policy" "instance" {
name = "TfEcsExampleInstanceRole" name = "TfEcsExampleInstanceRole"
role = "${aws_iam_role.app_instance.name}" role = "${aws_iam_role.app_instance.name}"
policy = "${data.template_file.instance_profile.rendered}" policy = "${data.template_file.instance_profile.rendered}"
} }
## ALB ## ALB
resource "aws_alb_target_group" "test" { resource "aws_alb_target_group" "test" {
name = "tf-example-ecs-ghost" name = "tf-example-ecs-ghost"
port = 80 port = 80
protocol = "HTTP" protocol = "HTTP"
vpc_id = "${aws_vpc.main.id}" vpc_id = "${aws_vpc.main.id}"
} }
resource "aws_alb" "main" { resource "aws_alb" "main" {
@ -288,12 +304,12 @@ resource "aws_alb" "main" {
resource "aws_alb_listener" "front_end" { resource "aws_alb_listener" "front_end" {
load_balancer_arn = "${aws_alb.main.id}" load_balancer_arn = "${aws_alb.main.id}"
port = "80" port = "80"
protocol = "HTTP" protocol = "HTTP"
default_action { default_action {
target_group_arn = "${aws_alb_target_group.test.id}" target_group_arn = "${aws_alb_target_group.test.id}"
type = "forward" type = "forward"
} }
} }

View File

@ -1,11 +1,11 @@
variable "aws_region" { variable "aws_region" {
description = "The AWS region to create things in." description = "The AWS region to create things in."
default = "us-west-2" default = "us-west-2"
} }
variable "az_count" { variable "az_count" {
description = "Number of AZs to cover in a given AWS region" description = "Number of AZs to cover in a given AWS region"
default = "2" default = "2"
} }
variable "key_name" { variable "key_name" {
@ -13,23 +13,23 @@ variable "key_name" {
} }
variable "instance_type" { variable "instance_type" {
default = "t2.small" default = "t2.small"
description = "AWS instance type" description = "AWS instance type"
} }
variable "asg_min" { variable "asg_min" {
description = "Min numbers of servers in ASG" description = "Min numbers of servers in ASG"
default = "1" default = "1"
} }
variable "asg_max" { variable "asg_max" {
description = "Max numbers of servers in ASG" description = "Max numbers of servers in ASG"
default = "2" default = "2"
} }
variable "asg_desired" { variable "asg_desired" {
description = "Desired numbers of servers in ASG" description = "Desired numbers of servers in ASG"
default = "1" default = "1"
} }
variable "admin_cidr_ingress" { variable "admin_cidr_ingress" {

View File

@ -5,41 +5,40 @@ provider "aws" {
resource "aws_eip" "default" { resource "aws_eip" "default" {
instance = "${aws_instance.web.id}" instance = "${aws_instance.web.id}"
vpc = true vpc = true
} }
# Our default security group to access # Our default security group to access
# the instances over SSH and HTTP # the instances over SSH and HTTP
resource "aws_security_group" "default" { resource "aws_security_group" "default" {
name = "eip_example" name = "eip_example"
description = "Used in the terraform" description = "Used in the terraform"
# SSH access from anywhere # SSH access from anywhere
ingress { ingress {
from_port = 22 from_port = 22
to_port = 22 to_port = 22
protocol = "tcp" protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"] cidr_blocks = ["0.0.0.0/0"]
} }
# HTTP access from anywhere # HTTP access from anywhere
ingress { ingress {
from_port = 80 from_port = 80
to_port = 80 to_port = 80
protocol = "tcp" protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"] cidr_blocks = ["0.0.0.0/0"]
} }
# outbound internet access # outbound internet access
egress { egress {
from_port = 0 from_port = 0
to_port = 0 to_port = 0
protocol = "-1" protocol = "-1"
cidr_blocks = ["0.0.0.0/0"] cidr_blocks = ["0.0.0.0/0"]
} }
} }
resource "aws_instance" "web" { resource "aws_instance" "web" {
instance_type = "t2.micro" instance_type = "t2.micro"
@ -61,6 +60,7 @@ resource "aws_instance" "web" {
# In this case, we just install nginx and start it. By default, # In this case, we just install nginx and start it. By default,
# this should be on port 80 # this should be on port 80
user_data = "${file("userdata.sh")}" user_data = "${file("userdata.sh")}"
#Instance tags #Instance tags
tags { tags {
Name = "eip-example" Name = "eip-example"

View File

@ -1,6 +1,7 @@
output "address" { output "address" {
value = "${aws_instance.web.private_ip}" value = "${aws_instance.web.private_ip}"
} }
output "elastic ip" { output "elastic ip" {
value = "${aws_eip.default.public_ip}" value = "${aws_eip.default.public_ip}"
} }

View File

@ -1,6 +1,6 @@
variable "aws_region" { variable "aws_region" {
description = "The AWS region to create things in." description = "The AWS region to create things in."
default = "us-east-1" default = "us-east-1"
} }
# ubuntu-trusty-14.04 (x64) # ubuntu-trusty-14.04 (x64)
@ -14,4 +14,3 @@ variable "aws_amis" {
variable "key_name" { variable "key_name" {
description = "Name of the SSH keypair to use in AWS." description = "Name of the SSH keypair to use in AWS."
} }

View File

@ -6,30 +6,30 @@ provider "aws" {
# Our default security group to access # Our default security group to access
# the instances over SSH and HTTP # the instances over SSH and HTTP
resource "aws_security_group" "default" { resource "aws_security_group" "default" {
name = "instance_sg" name = "instance_sg"
description = "Used in the terraform" description = "Used in the terraform"
# SSH access from anywhere # SSH access from anywhere
ingress { ingress {
from_port = 22 from_port = 22
to_port = 22 to_port = 22
protocol = "tcp" protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"] cidr_blocks = ["0.0.0.0/0"]
} }
# HTTP access from anywhere # HTTP access from anywhere
ingress { ingress {
from_port = 80 from_port = 80
to_port = 80 to_port = 80
protocol = "tcp" protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"] cidr_blocks = ["0.0.0.0/0"]
} }
# outbound internet access # outbound internet access
egress { egress {
from_port = 0 from_port = 0
to_port = 0 to_port = 0
protocol = "-1" protocol = "-1"
cidr_blocks = ["0.0.0.0/0"] cidr_blocks = ["0.0.0.0/0"]
} }
} }
@ -37,22 +37,22 @@ resource "aws_security_group" "default" {
# Our elb security group to access # Our elb security group to access
# the ELB over HTTP # the ELB over HTTP
resource "aws_security_group" "elb" { resource "aws_security_group" "elb" {
name = "elb_sg" name = "elb_sg"
description = "Used in the terraform" description = "Used in the terraform"
# HTTP access from anywhere # HTTP access from anywhere
ingress { ingress {
from_port = 80 from_port = 80
to_port = 80 to_port = 80
protocol = "tcp" protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"] cidr_blocks = ["0.0.0.0/0"]
} }
# outbound internet access # outbound internet access
egress { egress {
from_port = 0 from_port = 0
to_port = 0 to_port = 0
protocol = "-1" protocol = "-1"
cidr_blocks = ["0.0.0.0/0"] cidr_blocks = ["0.0.0.0/0"]
} }
} }
@ -62,41 +62,40 @@ resource "aws_elb" "web" {
# The same availability zone as our instance # The same availability zone as our instance
availability_zones = ["${aws_instance.web.availability_zone}"] availability_zones = ["${aws_instance.web.availability_zone}"]
security_groups = ["${aws_security_group.elb.id}"] security_groups = ["${aws_security_group.elb.id}"]
listener { listener {
instance_port = 80 instance_port = 80
instance_protocol = "http" instance_protocol = "http"
lb_port = 80 lb_port = 80
lb_protocol = "http" lb_protocol = "http"
} }
health_check { health_check {
healthy_threshold = 2 healthy_threshold = 2
unhealthy_threshold = 2 unhealthy_threshold = 2
timeout = 3 timeout = 3
target = "HTTP:80/" target = "HTTP:80/"
interval = 30 interval = 30
} }
# The instance is registered automatically # The instance is registered automatically
instances = ["${aws_instance.web.id}"] instances = ["${aws_instance.web.id}"]
cross_zone_load_balancing = true cross_zone_load_balancing = true
idle_timeout = 400 idle_timeout = 400
connection_draining = true connection_draining = true
connection_draining_timeout = 400 connection_draining_timeout = 400
} }
resource "aws_lb_cookie_stickiness_policy" "default" { resource "aws_lb_cookie_stickiness_policy" "default" {
name = "lbpolicy" name = "lbpolicy"
load_balancer = "${aws_elb.web.id}" load_balancer = "${aws_elb.web.id}"
lb_port = 80 lb_port = 80
cookie_expiration_period = 600 cookie_expiration_period = 600
} }
resource "aws_instance" "web" { resource "aws_instance" "web" {
instance_type = "t2.micro" instance_type = "t2.micro"
# Lookup the correct AMI based on the region # Lookup the correct AMI based on the region
@ -114,8 +113,9 @@ resource "aws_instance" "web" {
security_groups = ["${aws_security_group.default.name}"] security_groups = ["${aws_security_group.default.name}"]
user_data = "${file("userdata.sh")}" user_data = "${file("userdata.sh")}"
#Instance tags #Instance tags
tags { tags {
Name = "elb-example" Name = "elb-example"
} }
} }

View File

@ -4,7 +4,7 @@ variable "key_name" {
variable "aws_region" { variable "aws_region" {
description = "AWS region to launch servers." description = "AWS region to launch servers."
default = "us-east-1" default = "us-east-1"
} }
# ubuntu-trusty-14.04 (x64) # ubuntu-trusty-14.04 (x64)
@ -14,4 +14,3 @@ variable "aws_amis" {
"us-west-2" = "ami-7f675e4f" "us-west-2" = "ami-7f675e4f"
} }
} }

View File

@ -1,19 +1,19 @@
resource "aws_db_instance" "default" { resource "aws_db_instance" "default" {
depends_on = ["aws_security_group.default"] depends_on = ["aws_security_group.default"]
identifier = "${var.identifier}" identifier = "${var.identifier}"
allocated_storage = "${var.storage}" allocated_storage = "${var.storage}"
engine = "${var.engine}" engine = "${var.engine}"
engine_version = "${lookup(var.engine_version, var.engine)}" engine_version = "${lookup(var.engine_version, var.engine)}"
instance_class = "${var.instance_class}" instance_class = "${var.instance_class}"
name = "${var.db_name}" name = "${var.db_name}"
username = "${var.username}" username = "${var.username}"
password = "${var.password}" password = "${var.password}"
vpc_security_group_ids = ["${aws_security_group.default.id}"] vpc_security_group_ids = ["${aws_security_group.default.id}"]
db_subnet_group_name = "${aws_db_subnet_group.default.id}" db_subnet_group_name = "${aws_db_subnet_group.default.id}"
} }
resource "aws_db_subnet_group" "default" { resource "aws_db_subnet_group" "default" {
name = "main_subnet_group" name = "main_subnet_group"
description = "Our main group of subnets" description = "Our main group of subnets"
subnet_ids = ["${aws_subnet.subnet_1.id}", "${aws_subnet.subnet_2.id}"] subnet_ids = ["${aws_subnet.subnet_1.id}", "${aws_subnet.subnet_2.id}"]
} }

View File

@ -1,10 +1,11 @@
output "subnet_group" { output "subnet_group" {
value = "${aws_db_subnet_group.default.name}" value = "${aws_db_subnet_group.default.name}"
} }
output "db_instance_id" { output "db_instance_id" {
value = "${aws_db_instance.default.id}" value = "${aws_db_instance.default.id}"
} }
output "db_instance_address" { output "db_instance_address" {
value = "${aws_db_instance.default.address}" value = "${aws_db_instance.default.address}"
} }

View File

@ -1,10 +1,9 @@
variable "cidr_blocks" { variable "cidr_blocks" {
default = "0.0.0.0/0" default = "0.0.0.0/0"
description = "CIDR for sg" description = "CIDR for sg"
} }
variable "sg_name" { variable "sg_name" {
default = "rds_sg" default = "rds_sg"
description = "Tag Name for sg" description = "Tag Name for sg"
} }

View File

@ -1,19 +1,19 @@
resource "aws_security_group" "default" { resource "aws_security_group" "default" {
name = "main_rds_sg" name = "main_rds_sg"
description = "Allow all inbound traffic" description = "Allow all inbound traffic"
vpc_id = "${var.vpc_id}" vpc_id = "${var.vpc_id}"
ingress { ingress {
from_port = 0 from_port = 0
to_port = 65535 to_port = 65535
protocol = "TCP" protocol = "TCP"
cidr_blocks = ["${var.cidr_blocks}"] cidr_blocks = ["${var.cidr_blocks}"]
} }
egress { egress {
from_port = 0 from_port = 0
to_port = 0 to_port = 0
protocol = "-1" protocol = "-1"
cidr_blocks = ["0.0.0.0/0"] cidr_blocks = ["0.0.0.0/0"]
} }

View File

@ -1,24 +1,23 @@
variable "subnet_1_cidr" { variable "subnet_1_cidr" {
default = "10.0.1.0/24" default = "10.0.1.0/24"
description = "Your AZ" description = "Your AZ"
} }
variable "subnet_2_cidr" { variable "subnet_2_cidr" {
default = "10.0.2.0/24" default = "10.0.2.0/24"
description = "Your AZ" description = "Your AZ"
} }
variable "az_1" { variable "az_1" {
default = "us-east-1b" default = "us-east-1b"
description = "Your Az1, use AWS CLI to find your account specific" description = "Your Az1, use AWS CLI to find your account specific"
} }
variable "az_2" { variable "az_2" {
default = "us-east-1c" default = "us-east-1c"
description = "Your Az2, use AWS CLI to find your account specific" description = "Your Az2, use AWS CLI to find your account specific"
} }
variable "vpc_id" { variable "vpc_id" {
description = "Your VPC ID" description = "Your VPC ID"
} }

View File

@ -1,6 +1,6 @@
resource "aws_subnet" "subnet_1" { resource "aws_subnet" "subnet_1" {
vpc_id = "${var.vpc_id}" vpc_id = "${var.vpc_id}"
cidr_block = "${var.subnet_1_cidr}" cidr_block = "${var.subnet_1_cidr}"
availability_zone = "${var.az_1}" availability_zone = "${var.az_1}"
tags { tags {
@ -9,8 +9,8 @@ resource "aws_subnet" "subnet_1" {
} }
resource "aws_subnet" "subnet_2" { resource "aws_subnet" "subnet_2" {
vpc_id = "${var.vpc_id}" vpc_id = "${var.vpc_id}"
cidr_block = "${var.subnet_2_cidr}" cidr_block = "${var.subnet_2_cidr}"
availability_zone = "${var.az_2}" availability_zone = "${var.az_2}"
tags { tags {

View File

@ -1,38 +1,39 @@
variable "identifier" { variable "identifier" {
default = "mydb-rds" default = "mydb-rds"
description = "Identifier for your DB" description = "Identifier for your DB"
} }
variable "storage" { variable "storage" {
default = "10" default = "10"
description = "Storage size in GB" description = "Storage size in GB"
} }
variable "engine" { variable "engine" {
default = "postgres" default = "postgres"
description = "Engine type, example values mysql, postgres" description = "Engine type, example values mysql, postgres"
} }
variable "engine_version" { variable "engine_version" {
description = "Engine version" description = "Engine version"
default = { default = {
mysql = "5.6.22" mysql = "5.6.22"
postgres = "9.4.1" postgres = "9.4.1"
} }
} }
variable "instance_class" { variable "instance_class" {
default = "db.t2.micro" default = "db.t2.micro"
description = "Instance class" description = "Instance class"
} }
variable "db_name" { variable "db_name" {
default = "mydb" default = "mydb"
description = "db name" description = "db name"
} }
variable "username" { variable "username" {
default = "myuser" default = "myuser"
description = "User name" description = "User name"
} }

View File

@ -1,7 +1,7 @@
provider "aws" { provider "aws" {
alias = "prod" alias = "prod"
region = "us-east-1" region = "us-east-1"
access_key = "${var.prod_access_key}" access_key = "${var.prod_access_key}"
secret_key = "${var.prod_secret_key}" secret_key = "${var.prod_secret_key}"
} }
@ -10,7 +10,8 @@ resource "aws_s3_bucket" "prod" {
provider = "aws.prod" provider = "aws.prod"
bucket = "${var.bucket_name}" bucket = "${var.bucket_name}"
acl = "private" acl = "private"
policy = <<POLICY policy = <<POLICY
{ {
"Version": "2012-10-17", "Version": "2012-10-17",
@ -33,14 +34,14 @@ resource "aws_s3_bucket_object" "prod" {
provider = "aws.prod" provider = "aws.prod"
bucket = "${aws_s3_bucket.prod.id}" bucket = "${aws_s3_bucket.prod.id}"
key = "object-uploaded-via-prod-creds" key = "object-uploaded-via-prod-creds"
source = "${path.module}/prod.txt" source = "${path.module}/prod.txt"
} }
provider "aws" { provider "aws" {
alias = "test" alias = "test"
region = "us-east-1" region = "us-east-1"
access_key = "${var.test_access_key}" access_key = "${var.test_access_key}"
secret_key = "${var.test_secret_key}" secret_key = "${var.test_secret_key}"
} }
@ -49,6 +50,6 @@ resource "aws_s3_bucket_object" "test" {
provider = "aws.test" provider = "aws.test"
bucket = "${aws_s3_bucket.prod.id}" bucket = "${aws_s3_bucket.prod.id}"
key = "object-uploaded-via-test-creds" key = "object-uploaded-via-test-creds"
source = "${path.module}/test.txt" source = "${path.module}/test.txt"
} }

View File

@ -1,8 +1,11 @@
variable "prod_access_key" {} variable "prod_access_key" {}
variable "prod_secret_key" {} variable "prod_secret_key" {}
variable "test_account_id" {} variable "test_account_id" {}
variable "test_access_key" {} variable "test_access_key" {}
variable "test_secret_key" {} variable "test_secret_key" {}
variable "bucket_name" {} variable "bucket_name" {}

View File

@ -82,7 +82,6 @@ resource "aws_security_group" "default" {
} }
} }
resource "aws_elb" "web" { resource "aws_elb" "web" {
name = "terraform-example-elb" name = "terraform-example-elb"
@ -96,7 +95,6 @@ resource "aws_elb" "web" {
lb_port = 80 lb_port = 80
lb_protocol = "http" lb_protocol = "http"
} }
} }
resource "aws_key_pair" "auth" { resource "aws_key_pair" "auth" {
@ -138,7 +136,7 @@ resource "aws_instance" "web" {
inline = [ inline = [
"sudo apt-get -y update", "sudo apt-get -y update",
"sudo apt-get -y install nginx", "sudo apt-get -y install nginx",
"sudo service nginx start" "sudo service nginx start",
] ]
} }
} }

View File

@ -14,7 +14,7 @@ variable "key_name" {
variable "aws_region" { variable "aws_region" {
description = "AWS region to launch servers." description = "AWS region to launch servers."
default = "us-west-2" default = "us-west-2"
} }
# Ubuntu Precise 12.04 LTS (x64) # Ubuntu Precise 12.04 LTS (x64)

View File

@ -3,94 +3,94 @@
provider "clc" { provider "clc" {
username = "${var.clc_username}" username = "${var.clc_username}"
password = "${var.clc_password}" password = "${var.clc_password}"
account = "${var.clc_account}" account = "${var.clc_account}"
} }
# -------------------- # --------------------
# Provision/Resolve a server group # Provision/Resolve a server group
resource "clc_group" "frontends" { resource "clc_group" "frontends" {
location_id = "CA1" location_id = "CA1"
name = "frontends" name = "frontends"
parent = "Default Group" parent = "Default Group"
} }
# -------------------- # --------------------
# Provision a server # Provision a server
resource "clc_server" "node" { resource "clc_server" "node" {
name_template = "trusty" name_template = "trusty"
source_server_id = "UBUNTU-14-64-TEMPLATE" source_server_id = "UBUNTU-14-64-TEMPLATE"
group_id = "${clc_group.frontends.id}" group_id = "${clc_group.frontends.id}"
cpu = 2 cpu = 2
memory_mb = 2048 memory_mb = 2048
password = "Green123$" password = "Green123$"
additional_disks
{ additional_disks {
path = "/var" path = "/var"
size_gb = 100 size_gb = 100
type = "partitioned" type = "partitioned"
} }
additional_disks
{ additional_disks {
size_gb = 10 size_gb = 10
type = "raw" type = "raw"
} }
} }
# -------------------- # --------------------
# Provision a public ip # Provision a public ip
resource "clc_public_ip" "backdoor" { resource "clc_public_ip" "backdoor" {
server_id = "${clc_server.node.0.id}" server_id = "${clc_server.node.0.id}"
internal_ip_address = "${clc_server.node.0.private_ip_address}" internal_ip_address = "${clc_server.node.0.private_ip_address}"
ports
{
protocol = "ICMP"
port = -1
}
ports
{
protocol = "TCP"
port = 22
}
source_restrictions
{ cidr = "173.60.0.0/16" }
ports {
protocol = "ICMP"
port = -1
}
ports {
protocol = "TCP"
port = 22
}
source_restrictions {
cidr = "173.60.0.0/16"
}
# ssh in and start a simple http server on :8080 # ssh in and start a simple http server on :8080
provisioner "remote-exec" { provisioner "remote-exec" {
inline = [ inline = [
"cd /tmp; python -mSimpleHTTPServer > /dev/null 2>&1 &" "cd /tmp; python -mSimpleHTTPServer > /dev/null 2>&1 &",
] ]
connection { connection {
host = "${clc_public_ip.backdoor.id}" host = "${clc_public_ip.backdoor.id}"
user = "root" user = "root"
password = "${clc_server.node.password}" password = "${clc_server.node.password}"
} }
} }
} }
# -------------------- # --------------------
# Provision a load balancer # Provision a load balancer
resource "clc_load_balancer" "frontdoor" { resource "clc_load_balancer" "frontdoor" {
data_center = "${clc_group.frontends.location_id}" data_center = "${clc_group.frontends.location_id}"
name = "frontdoor" name = "frontdoor"
description = "frontdoor" description = "frontdoor"
status = "enabled" status = "enabled"
} }
# -------------------- # --------------------
# Provision a load balancer pool # Provision a load balancer pool
resource "clc_load_balancer_pool" "pool" { resource "clc_load_balancer_pool" "pool" {
data_center = "${clc_group.frontends.location_id}" data_center = "${clc_group.frontends.location_id}"
load_balancer = "${clc_load_balancer.frontdoor.id}" load_balancer = "${clc_load_balancer.frontdoor.id}"
method = "roundRobin" method = "roundRobin"
persistence = "standard" persistence = "standard"
port = 80 port = 80
nodes
{ nodes {
status = "enabled" status = "enabled"
ipAddress = "${clc_server.node.private_ip_address}" ipAddress = "${clc_server.node.private_ip_address}"
privatePort = 8000 privatePort = 8000
} }
} }

View File

@ -24,4 +24,4 @@ output "frontdoor" {
output "pool" { output "pool" {
value = "curl -vv ${clc_load_balancer.frontdoor.ip_address}" value = "curl -vv ${clc_load_balancer.frontdoor.ip_address}"
} }

View File

@ -1,6 +1,7 @@
variable "clc_username" { variable "clc_username" {
default = "<username>" default = "<username>"
} }
variable "clc_password" { variable "clc_password" {
default = "<password>" default = "<password>"
} }
@ -16,4 +17,4 @@ variable "image" {
variable "app_port" { variable "app_port" {
default = 8080 default = 8080
} }

View File

@ -1,6 +1,6 @@
# Setup the Consul provisioner to use the demo cluster # Setup the Consul provisioner to use the demo cluster
provider "consul" { provider "consul" {
address = "demo.consul.io:80" address = "demo.consul.io:80"
datacenter = "nyc1" datacenter = "nyc1"
} }
@ -12,8 +12,8 @@ provider "aws" {
# Setup a key in Consul to provide inputs # Setup a key in Consul to provide inputs
resource "consul_keys" "input" { resource "consul_keys" "input" {
key { key {
name = "size" name = "size"
path = "tf_test/size" path = "tf_test/size"
default = "m1.small" default = "m1.small"
} }
} }
@ -21,7 +21,7 @@ resource "consul_keys" "input" {
# Setup a new AWS instance using a dynamic ami and # Setup a new AWS instance using a dynamic ami and
# instance type # instance type
resource "aws_instance" "test" { resource "aws_instance" "test" {
ami = "${lookup(var.aws_amis, var.aws_region)}" ami = "${lookup(var.aws_amis, var.aws_region)}"
instance_type = "${consul_keys.input.var.size}" instance_type = "${consul_keys.input.var.size}"
} }
@ -29,15 +29,16 @@ resource "aws_instance" "test" {
# the DNS name of the instance # the DNS name of the instance
resource "consul_keys" "test" { resource "consul_keys" "test" {
key { key {
name = "id" name = "id"
path = "tf_test/id" path = "tf_test/id"
value = "${aws_instance.test.id}" value = "${aws_instance.test.id}"
delete = true delete = true
} }
key { key {
name = "address" name = "address"
path = "tf_test/public_dns" path = "tf_test/public_dns"
value = "${aws_instance.test.public_dns}" value = "${aws_instance.test.public_dns}"
delete = true delete = true
} }
} }

View File

@ -1,14 +1,14 @@
variable "aws_region" { variable "aws_region" {
description = "The AWS region to create resources in." description = "The AWS region to create resources in."
default = "us-east-1" default = "us-east-1"
} }
# AMI's from http://cloud-images.ubuntu.com/locator/ec2/ # AMI's from http://cloud-images.ubuntu.com/locator/ec2/
variable "aws_amis" { variable "aws_amis" {
default = { default = {
eu-west-1 = "ami-b1cf19c6" eu-west-1 = "ami-b1cf19c6"
us-east-1 = "ami-de7ab6b6" us-east-1 = "ami-de7ab6b6"
us-west-1 = "ami-3f75767a" us-west-1 = "ami-3f75767a"
us-west-2 = "ami-21f78e11" us-west-2 = "ami-21f78e11"
} }
} }

View File

@ -14,13 +14,13 @@ resource "dnsimple_record" "web" {
value = "${heroku_app.web.heroku_hostname}" value = "${heroku_app.web.heroku_hostname}"
type = "CNAME" type = "CNAME"
ttl = 3600 ttl = 3600
} }
# The Heroku domain, which will be created and added # The Heroku domain, which will be created and added
# to the heroku application after we have assigned the domain # to the heroku application after we have assigned the domain
# in DNSimple # in DNSimple
resource "heroku_domain" "foobar" { resource "heroku_domain" "foobar" {
app = "${heroku_app.web.name}" app = "${heroku_app.web.name}"
hostname = "${dnsimple_record.web.hostname}" hostname = "${dnsimple_record.web.hostname}"
} }

View File

@ -1,43 +1,44 @@
provider "digitalocean" { provider "digitalocean" {
# You need to set this in your .bashrc # You need to set this in your .bashrc
# export DIGITALOCEAN_TOKEN="Your API TOKEN" # export DIGITALOCEAN_TOKEN="Your API TOKEN"
# #
} }
resource "digitalocean_droplet" "mywebserver" { resource "digitalocean_droplet" "mywebserver" {
# Obtain your ssh_key id number via your account. See Document https://developers.digitalocean.com/documentation/v2/#list-all-keys # Obtain your ssh_key id number via your account. See Document https://developers.digitalocean.com/documentation/v2/#list-all-keys
ssh_keys=[12345678] # Key example ssh_keys = [12345678] # Key example
image = "${var.ubuntu}" image = "${var.ubuntu}"
region = "${var.do_ams3}" region = "${var.do_ams3}"
size = "512mb" size = "512mb"
private_networking = true private_networking = true
backups = true backups = true
ipv6 = true ipv6 = true
name = "mywebserver-ams3" name = "mywebserver-ams3"
provisioner "remote-exec" { provisioner "remote-exec" {
inline = [ inline = [
"export PATH=$PATH:/usr/bin", "export PATH=$PATH:/usr/bin",
"sudo apt-get update", "sudo apt-get update",
"sudo apt-get -y install nginx" "sudo apt-get -y install nginx",
] ]
connection {
type = "ssh" connection {
key_file = "file(${HOME}/.ssh/id_rsa)" type = "ssh"
user = "root" key_file = "file(${HOME}/.ssh/id_rsa)"
timeout = "2m" user = "root"
} timeout = "2m"
} }
}
} }
resource "digitalocean_domain" "mywebserver" { resource "digitalocean_domain" "mywebserver" {
name = "www.mywebserver.com" name = "www.mywebserver.com"
ip_address = "${digitalocean_droplet.mywebserver.ipv4_address}" ip_address = "${digitalocean_droplet.mywebserver.ipv4_address}"
} }
resource "digitalocean_record" "mywebserver" { resource "digitalocean_record" "mywebserver" {
domain = "${digitalocean_domain.mywebserver.name}" domain = "${digitalocean_domain.mywebserver.name}"
type = "A" type = "A"
name = "mywebserver" name = "mywebserver"
value = "${digitalocean_droplet.mywebserver.ipv4_address}" value = "${digitalocean_droplet.mywebserver.ipv4_address}"
} }

View File

@ -1,7 +1,7 @@
output "Public ip" { output "Public ip" {
value = "${digitalocean_droplet.mywebserver.ipv4_address}" value = "${digitalocean_droplet.mywebserver.ipv4_address}"
} }
output "Name" { output "Name" {
value = "${digitalocean_droplet.mywebserver.name}" value = "${digitalocean_droplet.mywebserver.name}"
} }

View File

@ -1,71 +1,74 @@
# #### # ####
# Current Availiable Datacenter Regions # Current Availiable Datacenter Regions
# As of 05-07-2016 # As of 05-07-2016
# #
variable "do_ams2" { variable "do_ams2" {
description = "Digital Ocean Amsterdam Data Center 2" description = "Digital Ocean Amsterdam Data Center 2"
default = "ams2" default = "ams2"
} }
variable "do_ams3" { variable "do_ams3" {
description = "Digital Ocean Amsterdam Data Center 3" description = "Digital Ocean Amsterdam Data Center 3"
default = "ams3" default = "ams3"
} }
variable "do_fra1" { variable "do_fra1" {
description = "Digital Ocean Frankfurt Data Center 1" description = "Digital Ocean Frankfurt Data Center 1"
default = "fra1" default = "fra1"
} }
variable "do_lon1" { variable "do_lon1" {
description = "Digital Ocean London Data Center 1" description = "Digital Ocean London Data Center 1"
default = "lon1" default = "lon1"
} }
variable "do_nyc1" { variable "do_nyc1" {
description = "Digital Ocean New York Data Center 1" description = "Digital Ocean New York Data Center 1"
default = "nyc1" default = "nyc1"
} }
variable "do_nyc2" { variable "do_nyc2" {
description = "Digital Ocean New York Data Center 2" description = "Digital Ocean New York Data Center 2"
default = "nyc2" default = "nyc2"
} }
variable "do_nyc3" { variable "do_nyc3" {
description = "Digital Ocean New York Data Center 3" description = "Digital Ocean New York Data Center 3"
default = "nyc3" default = "nyc3"
} }
variable "do_sfo1" { variable "do_sfo1" {
description = "Digital Ocean San Francisco Data Center 1" description = "Digital Ocean San Francisco Data Center 1"
default = "sfo1" default = "sfo1"
} }
variable "do_sgp1" { variable "do_sgp1" {
description = "Digital Ocean Singapore Data Center 1" description = "Digital Ocean Singapore Data Center 1"
default = "sgp1" default = "sgp1"
} }
variable "do_tor1" { variable "do_tor1" {
description = "Digital Ocean Toronto Datacenter 1" description = "Digital Ocean Toronto Datacenter 1"
default = "tor1" default = "tor1"
} }
# Default Os # Default Os
variable "ubuntu" { variable "ubuntu" {
description = "Default LTS" description = "Default LTS"
default = "ubuntu-14-04-x64" default = "ubuntu-14-04-x64"
} }
variable "centos" { variable "centos" {
description = "Default Centos" description = "Default Centos"
default = "centos-72-x64" default = "centos-72-x64"
} }
variable "coreos" { variable "coreos" {
description = "Defaut Coreos" description = "Defaut Coreos"
default = "coreos-899.17.0" default = "coreos-899.17.0"
} }

View File

@ -1,11 +1,11 @@
variable "project" { variable "project" {
description = "Your project name" description = "Your project name"
} }
variable "region1" { variable "region1" {
description = "The desired region for the first network & VPN and project" description = "The desired region for the first network & VPN and project"
} }
variable "region2" { variable "region2" {
description = "The desired region for the second network & VPN" description = "The desired region for the second network & VPN"
} }

View File

@ -1,172 +1,182 @@
# An example of how to connect two GCE networks with a VPN # An example of how to connect two GCE networks with a VPN
provider "google" { provider "google" {
account_file = "${file("~/gce/account.json")}" account_file = "${file("~/gce/account.json")}"
project = "${var.project}" project = "${var.project}"
region = "${var.region1}" region = "${var.region1}"
} }
# Create the two networks we want to join. They must have seperate, internal # Create the two networks we want to join. They must have seperate, internal
# ranges. # ranges.
resource "google_compute_network" "network1" { resource "google_compute_network" "network1" {
name = "network1" name = "network1"
ipv4_range = "10.120.0.0/16" ipv4_range = "10.120.0.0/16"
} }
resource "google_compute_network" "network2" { resource "google_compute_network" "network2" {
name = "network2" name = "network2"
ipv4_range = "10.121.0.0/16" ipv4_range = "10.121.0.0/16"
} }
# Attach a VPN gateway to each network. # Attach a VPN gateway to each network.
resource "google_compute_vpn_gateway" "target_gateway1" { resource "google_compute_vpn_gateway" "target_gateway1" {
name = "vpn1" name = "vpn1"
network = "${google_compute_network.network1.self_link}" network = "${google_compute_network.network1.self_link}"
region = "${var.region1}" region = "${var.region1}"
} }
resource "google_compute_vpn_gateway" "target_gateway2" { resource "google_compute_vpn_gateway" "target_gateway2" {
name = "vpn2" name = "vpn2"
network = "${google_compute_network.network2.self_link}" network = "${google_compute_network.network2.self_link}"
region = "${var.region2}" region = "${var.region2}"
} }
# Create an outward facing static IP for each VPN that will be used by the # Create an outward facing static IP for each VPN that will be used by the
# other VPN to connect. # other VPN to connect.
resource "google_compute_address" "vpn_static_ip1" { resource "google_compute_address" "vpn_static_ip1" {
name = "vpn-static-ip1" name = "vpn-static-ip1"
region = "${var.region1}" region = "${var.region1}"
} }
resource "google_compute_address" "vpn_static_ip2" { resource "google_compute_address" "vpn_static_ip2" {
name = "vpn-static-ip2" name = "vpn-static-ip2"
region = "${var.region2}" region = "${var.region2}"
} }
# Forward IPSec traffic coming into our static IP to our VPN gateway. # Forward IPSec traffic coming into our static IP to our VPN gateway.
resource "google_compute_forwarding_rule" "fr1_esp" { resource "google_compute_forwarding_rule" "fr1_esp" {
name = "fr1-esp" name = "fr1-esp"
region = "${var.region1}" region = "${var.region1}"
ip_protocol = "ESP" ip_protocol = "ESP"
ip_address = "${google_compute_address.vpn_static_ip1.address}" ip_address = "${google_compute_address.vpn_static_ip1.address}"
target = "${google_compute_vpn_gateway.target_gateway1.self_link}" target = "${google_compute_vpn_gateway.target_gateway1.self_link}"
} }
resource "google_compute_forwarding_rule" "fr2_esp" { resource "google_compute_forwarding_rule" "fr2_esp" {
name = "fr2-esp" name = "fr2-esp"
region = "${var.region2}" region = "${var.region2}"
ip_protocol = "ESP" ip_protocol = "ESP"
ip_address = "${google_compute_address.vpn_static_ip2.address}" ip_address = "${google_compute_address.vpn_static_ip2.address}"
target = "${google_compute_vpn_gateway.target_gateway2.self_link}" target = "${google_compute_vpn_gateway.target_gateway2.self_link}"
} }
# The following two sets of forwarding rules are used as a part of the IPSec # The following two sets of forwarding rules are used as a part of the IPSec
# protocol # protocol
resource "google_compute_forwarding_rule" "fr1_udp500" { resource "google_compute_forwarding_rule" "fr1_udp500" {
name = "fr1-udp500" name = "fr1-udp500"
region = "${var.region1}" region = "${var.region1}"
ip_protocol = "UDP" ip_protocol = "UDP"
port_range = "500" port_range = "500"
ip_address = "${google_compute_address.vpn_static_ip1.address}" ip_address = "${google_compute_address.vpn_static_ip1.address}"
target = "${google_compute_vpn_gateway.target_gateway1.self_link}" target = "${google_compute_vpn_gateway.target_gateway1.self_link}"
} }
resource "google_compute_forwarding_rule" "fr2_udp500" { resource "google_compute_forwarding_rule" "fr2_udp500" {
name = "fr2-udp500" name = "fr2-udp500"
region = "${var.region2}" region = "${var.region2}"
ip_protocol = "UDP" ip_protocol = "UDP"
port_range = "500" port_range = "500"
ip_address = "${google_compute_address.vpn_static_ip2.address}" ip_address = "${google_compute_address.vpn_static_ip2.address}"
target = "${google_compute_vpn_gateway.target_gateway2.self_link}" target = "${google_compute_vpn_gateway.target_gateway2.self_link}"
} }
resource "google_compute_forwarding_rule" "fr1_udp4500" { resource "google_compute_forwarding_rule" "fr1_udp4500" {
name = "fr1-udp4500" name = "fr1-udp4500"
region = "${var.region1}" region = "${var.region1}"
ip_protocol = "UDP" ip_protocol = "UDP"
port_range = "4500" port_range = "4500"
ip_address = "${google_compute_address.vpn_static_ip1.address}" ip_address = "${google_compute_address.vpn_static_ip1.address}"
target = "${google_compute_vpn_gateway.target_gateway1.self_link}" target = "${google_compute_vpn_gateway.target_gateway1.self_link}"
} }
resource "google_compute_forwarding_rule" "fr2_udp4500" { resource "google_compute_forwarding_rule" "fr2_udp4500" {
name = "fr2-udp4500" name = "fr2-udp4500"
region = "${var.region2}" region = "${var.region2}"
ip_protocol = "UDP" ip_protocol = "UDP"
port_range = "4500" port_range = "4500"
ip_address = "${google_compute_address.vpn_static_ip2.address}" ip_address = "${google_compute_address.vpn_static_ip2.address}"
target = "${google_compute_vpn_gateway.target_gateway2.self_link}" target = "${google_compute_vpn_gateway.target_gateway2.self_link}"
} }
# Each tunnel is responsible for encrypting and decrypting traffic exiting # Each tunnel is responsible for encrypting and decrypting traffic exiting
# and leaving its associated gateway # and leaving its associated gateway
resource "google_compute_vpn_tunnel" "tunnel1" { resource "google_compute_vpn_tunnel" "tunnel1" {
name = "tunnel1" name = "tunnel1"
region = "${var.region1}" region = "${var.region1}"
peer_ip = "${google_compute_address.vpn_static_ip2.address}" peer_ip = "${google_compute_address.vpn_static_ip2.address}"
shared_secret = "a secret message" shared_secret = "a secret message"
target_vpn_gateway = "${google_compute_vpn_gateway.target_gateway1.self_link}" target_vpn_gateway = "${google_compute_vpn_gateway.target_gateway1.self_link}"
depends_on = ["google_compute_forwarding_rule.fr1_udp500",
"google_compute_forwarding_rule.fr1_udp4500", depends_on = ["google_compute_forwarding_rule.fr1_udp500",
"google_compute_forwarding_rule.fr1_esp"] "google_compute_forwarding_rule.fr1_udp4500",
"google_compute_forwarding_rule.fr1_esp",
]
} }
resource "google_compute_vpn_tunnel" "tunnel2" { resource "google_compute_vpn_tunnel" "tunnel2" {
name = "tunnel2" name = "tunnel2"
region = "${var.region2}" region = "${var.region2}"
peer_ip = "${google_compute_address.vpn_static_ip1.address}" peer_ip = "${google_compute_address.vpn_static_ip1.address}"
shared_secret = "a secret message" shared_secret = "a secret message"
target_vpn_gateway = "${google_compute_vpn_gateway.target_gateway2.self_link}" target_vpn_gateway = "${google_compute_vpn_gateway.target_gateway2.self_link}"
depends_on = ["google_compute_forwarding_rule.fr2_udp500",
"google_compute_forwarding_rule.fr2_udp4500", depends_on = ["google_compute_forwarding_rule.fr2_udp500",
"google_compute_forwarding_rule.fr2_esp"] "google_compute_forwarding_rule.fr2_udp4500",
"google_compute_forwarding_rule.fr2_esp",
]
} }
# Each route tells the associated network to send all traffic in the dest_range # Each route tells the associated network to send all traffic in the dest_range
# through the VPN tunnel # through the VPN tunnel
resource "google_compute_route" "route1" { resource "google_compute_route" "route1" {
name = "route1" name = "route1"
network = "${google_compute_network.network1.name}" network = "${google_compute_network.network1.name}"
next_hop_vpn_tunnel = "${google_compute_vpn_tunnel.tunnel1.self_link}" next_hop_vpn_tunnel = "${google_compute_vpn_tunnel.tunnel1.self_link}"
dest_range = "${google_compute_network.network2.ipv4_range}" dest_range = "${google_compute_network.network2.ipv4_range}"
priority = 1000 priority = 1000
} }
resource "google_compute_route" "route2" { resource "google_compute_route" "route2" {
name = "route2" name = "route2"
network = "${google_compute_network.network2.name}" network = "${google_compute_network.network2.name}"
next_hop_vpn_tunnel = "${google_compute_vpn_tunnel.tunnel2.self_link}" next_hop_vpn_tunnel = "${google_compute_vpn_tunnel.tunnel2.self_link}"
dest_range = "${google_compute_network.network1.ipv4_range}" dest_range = "${google_compute_network.network1.ipv4_range}"
priority = 1000 priority = 1000
} }
# We want to allow the two networks to communicate, so we need to unblock # We want to allow the two networks to communicate, so we need to unblock
# them in the firewall # them in the firewall
resource "google_compute_firewall" "network1-allow-network1" { resource "google_compute_firewall" "network1-allow-network1" {
name = "network1-allow-network1" name = "network1-allow-network1"
network = "${google_compute_network.network1.name}" network = "${google_compute_network.network1.name}"
source_ranges = ["${google_compute_network.network1.ipv4_range}"] source_ranges = ["${google_compute_network.network1.ipv4_range}"]
allow {
protocol = "tcp" allow {
} protocol = "tcp"
allow { }
protocol = "udp"
} allow {
allow { protocol = "udp"
protocol = "icmp" }
}
allow {
protocol = "icmp"
}
} }
resource "google_compute_firewall" "network1-allow-network2" { resource "google_compute_firewall" "network1-allow-network2" {
name = "network1-allow-network2" name = "network1-allow-network2"
network = "${google_compute_network.network1.name}" network = "${google_compute_network.network1.name}"
source_ranges = ["${google_compute_network.network2.ipv4_range}"] source_ranges = ["${google_compute_network.network2.ipv4_range}"]
allow {
protocol = "tcp" allow {
} protocol = "tcp"
allow { }
protocol = "udp"
} allow {
allow { protocol = "udp"
protocol = "icmp" }
}
allow {
protocol = "icmp"
}
} }

View File

@ -1,39 +1,39 @@
# See https://cloud.google.com/compute/docs/load-balancing/network/example # See https://cloud.google.com/compute/docs/load-balancing/network/example
provider "google" { provider "google" {
region = "${var.region}" region = "${var.region}"
project = "${var.project_name}" project = "${var.project_name}"
credentials = "${file("${var.credentials_file_path}")}" credentials = "${file("${var.credentials_file_path}")}"
} }
resource "google_compute_http_health_check" "default" { resource "google_compute_http_health_check" "default" {
name = "tf-www-basic-check" name = "tf-www-basic-check"
request_path = "/" request_path = "/"
check_interval_sec = 1 check_interval_sec = 1
healthy_threshold = 1 healthy_threshold = 1
unhealthy_threshold = 10 unhealthy_threshold = 10
timeout_sec = 1 timeout_sec = 1
} }
resource "google_compute_target_pool" "default" { resource "google_compute_target_pool" "default" {
name = "tf-www-target-pool" name = "tf-www-target-pool"
instances = ["${google_compute_instance.www.*.self_link}"] instances = ["${google_compute_instance.www.*.self_link}"]
health_checks = ["${google_compute_http_health_check.default.name}"] health_checks = ["${google_compute_http_health_check.default.name}"]
} }
resource "google_compute_forwarding_rule" "default" { resource "google_compute_forwarding_rule" "default" {
name = "tf-www-forwarding-rule" name = "tf-www-forwarding-rule"
target = "${google_compute_target_pool.default.self_link}" target = "${google_compute_target_pool.default.self_link}"
port_range = "80" port_range = "80"
} }
resource "google_compute_instance" "www" { resource "google_compute_instance" "www" {
count = 3 count = 3
name = "tf-www-${count.index}" name = "tf-www-${count.index}"
machine_type = "f1-micro" machine_type = "f1-micro"
zone = "${var.region_zone}" zone = "${var.region_zone}"
tags = ["www-node"] tags = ["www-node"]
disk { disk {
image = "ubuntu-os-cloud/ubuntu-1404-trusty-v20160602" image = "ubuntu-os-cloud/ubuntu-1404-trusty-v20160602"
@ -41,6 +41,7 @@ resource "google_compute_instance" "www" {
network_interface { network_interface {
network = "default" network = "default"
access_config { access_config {
# Ephemeral # Ephemeral
} }
@ -51,26 +52,28 @@ resource "google_compute_instance" "www" {
} }
provisioner "file" { provisioner "file" {
source = "${var.install_script_src_path}" source = "${var.install_script_src_path}"
destination = "${var.install_script_dest_path}" destination = "${var.install_script_dest_path}"
connection { connection {
type = "ssh" type = "ssh"
user = "root" user = "root"
private_key = "${file("${var.private_key_path}")}" private_key = "${file("${var.private_key_path}")}"
agent = false agent = false
} }
} }
provisioner "remote-exec" { provisioner "remote-exec" {
connection { connection {
type = "ssh" type = "ssh"
user = "root" user = "root"
private_key = "${file("${var.private_key_path}")}" private_key = "${file("${var.private_key_path}")}"
agent = false agent = false
} }
inline = [ inline = [
"chmod +x ${var.install_script_dest_path}", "chmod +x ${var.install_script_dest_path}",
"sudo ${var.install_script_dest_path} ${count.index}" "sudo ${var.install_script_dest_path} ${count.index}",
] ]
} }
@ -80,14 +83,14 @@ resource "google_compute_instance" "www" {
} }
resource "google_compute_firewall" "default" { resource "google_compute_firewall" "default" {
name = "tf-www-firewall" name = "tf-www-firewall"
network = "default" network = "default"
allow { allow {
protocol = "tcp" protocol = "tcp"
ports = ["80"] ports = ["80"]
} }
source_ranges = ["0.0.0.0/0"] source_ranges = ["0.0.0.0/0"]
target_tags = ["www-node"] target_tags = ["www-node"]
} }

View File

@ -12,25 +12,25 @@ variable "project_name" {
variable "credentials_file_path" { variable "credentials_file_path" {
description = "Path to the JSON file used to describe your account credentials" description = "Path to the JSON file used to describe your account credentials"
default = "~/.gcloud/Terraform.json" default = "~/.gcloud/Terraform.json"
} }
variable "public_key_path" { variable "public_key_path" {
description = "Path to file containing public key" description = "Path to file containing public key"
default = "~/.ssh/gcloud_id_rsa.pub" default = "~/.ssh/gcloud_id_rsa.pub"
} }
variable "private_key_path" { variable "private_key_path" {
description = "Path to file containing private key" description = "Path to file containing private key"
default = "~/.ssh/gcloud_id_rsa" default = "~/.ssh/gcloud_id_rsa"
} }
variable "install_script_src_path" { variable "install_script_src_path" {
description = "Path to install script within this repository" description = "Path to install script within this repository"
default = "scripts/install.sh" default = "scripts/install.sh"
} }
variable "install_script_dest_path" { variable "install_script_dest_path" {
description = "Path to put the install script on each destination resource" description = "Path to put the install script on each destination resource"
default = "/tmp/install.sh" default = "/tmp/install.sh"
} }

View File

@ -1,24 +1,24 @@
resource "openstack_compute_keypair_v2" "terraform" { resource "openstack_compute_keypair_v2" "terraform" {
name = "terraform" name = "terraform"
public_key = "${file("${var.ssh_key_file}.pub")}" public_key = "${file("${var.ssh_key_file}.pub")}"
} }
resource "openstack_networking_network_v2" "terraform" { resource "openstack_networking_network_v2" "terraform" {
name = "terraform" name = "terraform"
admin_state_up = "true" admin_state_up = "true"
} }
resource "openstack_networking_subnet_v2" "terraform" { resource "openstack_networking_subnet_v2" "terraform" {
name = "terraform" name = "terraform"
network_id = "${openstack_networking_network_v2.terraform.id}" network_id = "${openstack_networking_network_v2.terraform.id}"
cidr = "10.0.0.0/24" cidr = "10.0.0.0/24"
ip_version = 4 ip_version = 4
dns_nameservers = ["8.8.8.8","8.8.4.4"] dns_nameservers = ["8.8.8.8", "8.8.4.4"]
} }
resource "openstack_networking_router_v2" "terraform" { resource "openstack_networking_router_v2" "terraform" {
name = "terraform" name = "terraform"
admin_state_up = "true" admin_state_up = "true"
external_gateway = "${var.external_gateway}" external_gateway = "${var.external_gateway}"
} }
@ -28,52 +28,58 @@ resource "openstack_networking_router_interface_v2" "terraform" {
} }
resource "openstack_compute_secgroup_v2" "terraform" { resource "openstack_compute_secgroup_v2" "terraform" {
name = "terraform" name = "terraform"
description = "Security group for the Terraform example instances" description = "Security group for the Terraform example instances"
rule { rule {
from_port = 22 from_port = 22
to_port = 22 to_port = 22
ip_protocol = "tcp" ip_protocol = "tcp"
cidr = "0.0.0.0/0" cidr = "0.0.0.0/0"
} }
rule { rule {
from_port = 80 from_port = 80
to_port = 80 to_port = 80
ip_protocol = "tcp" ip_protocol = "tcp"
cidr = "0.0.0.0/0" cidr = "0.0.0.0/0"
} }
rule { rule {
from_port = -1 from_port = -1
to_port = -1 to_port = -1
ip_protocol = "icmp" ip_protocol = "icmp"
cidr = "0.0.0.0/0" cidr = "0.0.0.0/0"
} }
} }
resource "openstack_compute_floatingip_v2" "terraform" { resource "openstack_compute_floatingip_v2" "terraform" {
pool = "${var.pool}" pool = "${var.pool}"
depends_on = ["openstack_networking_router_interface_v2.terraform"] depends_on = ["openstack_networking_router_interface_v2.terraform"]
} }
resource "openstack_compute_instance_v2" "terraform" { resource "openstack_compute_instance_v2" "terraform" {
name = "terraform" name = "terraform"
image_name = "${var.image}" image_name = "${var.image}"
flavor_name = "${var.flavor}" flavor_name = "${var.flavor}"
key_pair = "${openstack_compute_keypair_v2.terraform.name}" key_pair = "${openstack_compute_keypair_v2.terraform.name}"
security_groups = [ "${openstack_compute_secgroup_v2.terraform.name}" ] security_groups = ["${openstack_compute_secgroup_v2.terraform.name}"]
floating_ip = "${openstack_compute_floatingip_v2.terraform.address}" floating_ip = "${openstack_compute_floatingip_v2.terraform.address}"
network { network {
uuid = "${openstack_networking_network_v2.terraform.id}" uuid = "${openstack_networking_network_v2.terraform.id}"
} }
provisioner "remote-exec" { provisioner "remote-exec" {
connection { connection {
user = "${var.ssh_user_name}" user = "${var.ssh_user_name}"
key_file = "${var.ssh_key_file}" key_file = "${var.ssh_key_file}"
} }
inline = [ inline = [
"sudo apt-get -y update", "sudo apt-get -y update",
"sudo apt-get -y install nginx", "sudo apt-get -y install nginx",
"sudo service nginx start" "sudo service nginx start",
] ]
} }
} }

View File

@ -1,3 +1,3 @@
output "address" { output "address" {
value = "${openstack_compute_floatingip_v2.terraform.address}" value = "${openstack_compute_floatingip_v2.terraform.address}"
} }

View File

@ -1,22 +1,21 @@
variable "image" { variable "image" {
default = "Ubuntu 14.04" default = "Ubuntu 14.04"
} }
variable "flavor" { variable "flavor" {
default = "m1.small" default = "m1.small"
} }
variable "ssh_key_file" { variable "ssh_key_file" {
default = "~/.ssh/id_rsa.terraform" default = "~/.ssh/id_rsa.terraform"
} }
variable "ssh_user_name" { variable "ssh_user_name" {
default = "ubuntu" default = "ubuntu"
} }
variable "external_gateway" { variable "external_gateway" {}
}
variable "pool" { variable "pool" {
default = "public" default = "public"
} }