From 5c17f7cf4d1db14e03f324502eda8f5999c8e1d3 Mon Sep 17 00:00:00 2001 From: clint shryock Date: Fri, 13 Jan 2017 16:08:40 -0600 Subject: [PATCH] update aws elb example to work in vpc --- examples/aws-elb/README.md | 4 +++ examples/aws-elb/main.tf | 65 ++++++++++++++++++++++++++++++++++---- 2 files changed, 63 insertions(+), 6 deletions(-) diff --git a/examples/aws-elb/README.md b/examples/aws-elb/README.md index 2451a72c8..0c31b4fdb 100644 --- a/examples/aws-elb/README.md +++ b/examples/aws-elb/README.md @@ -4,6 +4,10 @@ The example launches a web server, installs nginx, creates an ELB for instance. To run, configure your AWS provider as described in https://www.terraform.io/docs/providers/aws/index.html +This example assumes you have created a Key Pair. Visit +https://console.aws.amazon.com/ec2/v2/home?region=us-east-1#KeyPairs:sort=keyName +to create a key if you do not have one. + Run this example using: terraform apply -var 'key_name=YOUR_KEY_NAME' diff --git a/examples/aws-elb/main.tf b/examples/aws-elb/main.tf index 4abbf787c..b7f131f24 100644 --- a/examples/aws-elb/main.tf +++ b/examples/aws-elb/main.tf @@ -3,11 +3,57 @@ provider "aws" { region = "${var.aws_region}" } +resource "aws_vpc" "default" { + cidr_block = "10.0.0.0/16" + enable_dns_hostnames = true + + tags { + Name = "tf_test" + } +} + +resource "aws_subnet" "tf_test_subnet" { + vpc_id = "${aws_vpc.default.id}" + cidr_block = "10.0.0.0/24" + map_public_ip_on_launch = true + + tags { + Name = "tf_test_subnet" + } +} + +resource "aws_internet_gateway" "gw" { + vpc_id = "${aws_vpc.default.id}" + + tags { + Name = "tf_test_ig" + } +} + +resource "aws_route_table" "r" { + vpc_id = "${aws_vpc.default.id}" + + route { + cidr_block = "0.0.0.0/0" + gateway_id = "${aws_internet_gateway.gw.id}" + } + + tags { + Name = "aws_route_table" + } +} + +resource "aws_route_table_association" "a" { + subnet_id = "${aws_subnet.tf_test_subnet.id}" + route_table_id = "${aws_route_table.r.id}" +} + # Our default security group to access # the instances over SSH and HTTP resource "aws_security_group" "default" { name = "instance_sg" description = "Used in the terraform" + vpc_id = "${aws_vpc.default.id}" # SSH access from anywhere ingress { @@ -40,6 +86,8 @@ resource "aws_security_group" "elb" { name = "elb_sg" description = "Used in the terraform" + vpc_id = "${aws_vpc.default.id}" + # HTTP access from anywhere ingress { from_port = 80 @@ -55,14 +103,18 @@ resource "aws_security_group" "elb" { protocol = "-1" cidr_blocks = ["0.0.0.0/0"] } + + # ensure the VPC has an Internet gateway or this step will fail + depends_on = ["aws_internet_gateway.gw"] } resource "aws_elb" "web" { name = "example-elb" # The same availability zone as our instance - availability_zones = ["${aws_instance.web.availability_zone}"] - security_groups = ["${aws_security_group.elb.id}"] + subnets = ["${aws_subnet.tf_test_subnet.id}"] + + security_groups = ["${aws_security_group.elb.id}"] listener { instance_port = 80 @@ -80,8 +132,8 @@ resource "aws_elb" "web" { } # The instance is registered automatically - instances = ["${aws_instance.web.id}"] + instances = ["${aws_instance.web.id}"] cross_zone_load_balancing = true idle_timeout = 400 connection_draining = true @@ -110,11 +162,12 @@ resource "aws_instance" "web" { key_name = "${var.key_name}" # Our Security group to allow HTTP and SSH access - security_groups = ["${aws_security_group.default.name}"] - - user_data = "${file("userdata.sh")}" + vpc_security_group_ids = ["${aws_security_group.default.id}"] + subnet_id = "${aws_subnet.tf_test_subnet.id}" + user_data = "${file("userdata.sh")}" #Instance tags + tags { Name = "elb-example" }