examples: unify the configuration file syntax
This commit is contained in:
parent
3f7c3a92c3
commit
6e92813daa
|
@ -1,6 +1,6 @@
|
||||||
# Specify the provider and access details
|
# Specify the provider and access details
|
||||||
provider "aws" {
|
provider "aws" {
|
||||||
region = "${var.aws_region}"
|
region = "${var.aws_region}"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_elb" "web-elb" {
|
resource "aws_elb" "web-elb" {
|
||||||
|
@ -36,49 +36,49 @@ resource "aws_autoscaling_group" "web-asg" {
|
||||||
load_balancers = ["${aws_elb.web-elb.name}"]
|
load_balancers = ["${aws_elb.web-elb.name}"]
|
||||||
#vpc_zone_identifier = ["${split(",", var.availability_zones)}"]
|
#vpc_zone_identifier = ["${split(",", var.availability_zones)}"]
|
||||||
tag {
|
tag {
|
||||||
key = "Name"
|
key = "Name"
|
||||||
value = "web-asg"
|
value = "web-asg"
|
||||||
propagate_at_launch = "true"
|
propagate_at_launch = "true"
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
resource "aws_launch_configuration" "web-lc" {
|
resource "aws_launch_configuration" "web-lc" {
|
||||||
name = "terraform-example-lc"
|
name = "terraform-example-lc"
|
||||||
image_id = "${lookup(var.aws_amis, var.aws_region)}"
|
image_id = "${lookup(var.aws_amis, var.aws_region)}"
|
||||||
instance_type = "${var.instance_type}"
|
instance_type = "${var.instance_type}"
|
||||||
# Security group
|
# Security group
|
||||||
security_groups = ["${aws_security_group.default.name}"]
|
security_groups = ["${aws_security_group.default.name}"]
|
||||||
user_data = "${file("userdata.sh")}"
|
user_data = "${file("userdata.sh")}"
|
||||||
key_name = "${var.key_name}"
|
key_name = "${var.key_name}"
|
||||||
}
|
}
|
||||||
|
|
||||||
# Our default security group to access
|
# Our default security group to access
|
||||||
# the instances over SSH and HTTP
|
# the instances over SSH and HTTP
|
||||||
resource "aws_security_group" "default" {
|
resource "aws_security_group" "default" {
|
||||||
name = "terraform_example_sg"
|
name = "terraform_example_sg"
|
||||||
description = "Used in the terraform"
|
description = "Used in the terraform"
|
||||||
|
|
||||||
# SSH access from anywhere
|
# SSH access from anywhere
|
||||||
ingress {
|
ingress {
|
||||||
from_port = 22
|
from_port = 22
|
||||||
to_port = 22
|
to_port = 22
|
||||||
protocol = "tcp"
|
protocol = "tcp"
|
||||||
cidr_blocks = ["0.0.0.0/0"]
|
cidr_blocks = ["0.0.0.0/0"]
|
||||||
}
|
}
|
||||||
|
|
||||||
# HTTP access from anywhere
|
# HTTP access from anywhere
|
||||||
ingress {
|
ingress {
|
||||||
from_port = 80
|
from_port = 80
|
||||||
to_port = 80
|
to_port = 80
|
||||||
protocol = "tcp"
|
protocol = "tcp"
|
||||||
cidr_blocks = ["0.0.0.0/0"]
|
cidr_blocks = ["0.0.0.0/0"]
|
||||||
}
|
}
|
||||||
|
|
||||||
# outbound internet access
|
# outbound internet access
|
||||||
egress {
|
egress {
|
||||||
from_port = 0
|
from_port = 0
|
||||||
to_port = 0
|
to_port = 0
|
||||||
protocol = "-1"
|
protocol = "-1"
|
||||||
cidr_blocks = ["0.0.0.0/0"]
|
cidr_blocks = ["0.0.0.0/0"]
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,12 +1,12 @@
|
||||||
output "security_group" {
|
output "security_group" {
|
||||||
value = "${aws_security_group.default.id}"
|
value = "${aws_security_group.default.id}"
|
||||||
}
|
}
|
||||||
output "launch_configuration" {
|
output "launch_configuration" {
|
||||||
value = "${aws_launch_configuration.web-lc.id}"
|
value = "${aws_launch_configuration.web-lc.id}"
|
||||||
}
|
}
|
||||||
output "asg_name" {
|
output "asg_name" {
|
||||||
value = "${aws_autoscaling_group.web-asg.id}"
|
value = "${aws_autoscaling_group.web-asg.id}"
|
||||||
}
|
}
|
||||||
output "elb_name" {
|
output "elb_name" {
|
||||||
value = "${aws_elb.web-elb.dns_name}"
|
value = "${aws_elb.web-elb.dns_name}"
|
||||||
}
|
}
|
|
@ -1,42 +1,42 @@
|
||||||
variable "aws_region" {
|
variable "aws_region" {
|
||||||
description = "The AWS region to create things in."
|
description = "The AWS region to create things in."
|
||||||
default = "us-east-1"
|
default = "us-east-1"
|
||||||
}
|
}
|
||||||
|
|
||||||
# ubuntu-trusty-14.04 (x64)
|
# ubuntu-trusty-14.04 (x64)
|
||||||
variable "aws_amis" {
|
variable "aws_amis" {
|
||||||
default = {
|
default = {
|
||||||
"us-east-1" = "ami-5f709f34"
|
"us-east-1" = "ami-5f709f34"
|
||||||
"us-west-2" = "ami-7f675e4f"
|
"us-west-2" = "ami-7f675e4f"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "availability_zones" {
|
variable "availability_zones" {
|
||||||
default = "us-east-1b,us-east-1c,us-east-1d,us-east-1e"
|
default = "us-east-1b,us-east-1c,us-east-1d,us-east-1e"
|
||||||
description = "List of availability zones, use AWS CLI to find your "
|
description = "List of availability zones, use AWS CLI to find your "
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "key_name" {
|
variable "key_name" {
|
||||||
description = "Name of AWS key pair"
|
description = "Name of AWS key pair"
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "instance_type" {
|
variable "instance_type" {
|
||||||
default = "t2.micro"
|
default = "t2.micro"
|
||||||
description = "AWS instance type"
|
description = "AWS instance type"
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "asg_min" {
|
variable "asg_min" {
|
||||||
description = "Min numbers of servers in ASG"
|
description = "Min numbers of servers in ASG"
|
||||||
default = "1"
|
default = "1"
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "asg_max" {
|
variable "asg_max" {
|
||||||
description = "Max numbers of servers in ASG"
|
description = "Max numbers of servers in ASG"
|
||||||
default = "2"
|
default = "2"
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "asg_desired" {
|
variable "asg_desired" {
|
||||||
description = "Desired numbers of servers in ASG"
|
description = "Desired numbers of servers in ASG"
|
||||||
default = "1"
|
default = "1"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
# Specify the provider and access details
|
# Specify the provider and access details
|
||||||
provider "aws" {
|
provider "aws" {
|
||||||
region = "${var.aws_region}"
|
region = "${var.aws_region}"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_elb" "web" {
|
resource "aws_elb" "web" {
|
||||||
|
|
|
@ -1,14 +1,14 @@
|
||||||
variable "aws_region" {
|
variable "aws_region" {
|
||||||
description = "The AWS region to create things in."
|
description = "The AWS region to create things in."
|
||||||
default = "us-west-2"
|
default = "us-west-2"
|
||||||
}
|
}
|
||||||
|
|
||||||
# Ubuntu Precise 12.04 LTS (x64)
|
# Ubuntu Precise 12.04 LTS (x64)
|
||||||
variable "aws_amis" {
|
variable "aws_amis" {
|
||||||
default = {
|
default = {
|
||||||
"eu-west-1" = "ami-b1cf19c6"
|
"eu-west-1" = "ami-b1cf19c6"
|
||||||
"us-east-1" = "ami-de7ab6b6"
|
"us-east-1" = "ami-de7ab6b6"
|
||||||
"us-west-1" = "ami-3f75767a"
|
"us-west-1" = "ami-3f75767a"
|
||||||
"us-west-2" = "ami-21f78e11"
|
"us-west-2" = "ami-21f78e11"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,42 +1,42 @@
|
||||||
# Specify the provider and access details
|
# Specify the provider and access details
|
||||||
provider "aws" {
|
provider "aws" {
|
||||||
region = "${var.aws_region}"
|
region = "${var.aws_region}"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_eip" "default" {
|
resource "aws_eip" "default" {
|
||||||
instance = "${aws_instance.web.id}"
|
instance = "${aws_instance.web.id}"
|
||||||
vpc = true
|
vpc = true
|
||||||
}
|
}
|
||||||
|
|
||||||
# Our default security group to access
|
# Our default security group to access
|
||||||
# the instances over SSH and HTTP
|
# the instances over SSH and HTTP
|
||||||
resource "aws_security_group" "default" {
|
resource "aws_security_group" "default" {
|
||||||
name = "eip_example"
|
name = "eip_example"
|
||||||
description = "Used in the terraform"
|
description = "Used in the terraform"
|
||||||
|
|
||||||
# SSH access from anywhere
|
# SSH access from anywhere
|
||||||
ingress {
|
ingress {
|
||||||
from_port = 22
|
from_port = 22
|
||||||
to_port = 22
|
to_port = 22
|
||||||
protocol = "tcp"
|
protocol = "tcp"
|
||||||
cidr_blocks = ["0.0.0.0/0"]
|
cidr_blocks = ["0.0.0.0/0"]
|
||||||
}
|
}
|
||||||
|
|
||||||
# HTTP access from anywhere
|
# HTTP access from anywhere
|
||||||
ingress {
|
ingress {
|
||||||
from_port = 80
|
from_port = 80
|
||||||
to_port = 80
|
to_port = 80
|
||||||
protocol = "tcp"
|
protocol = "tcp"
|
||||||
cidr_blocks = ["0.0.0.0/0"]
|
cidr_blocks = ["0.0.0.0/0"]
|
||||||
}
|
}
|
||||||
|
|
||||||
# outbound internet access
|
# outbound internet access
|
||||||
egress {
|
egress {
|
||||||
from_port = 0
|
from_port = 0
|
||||||
to_port = 0
|
to_port = 0
|
||||||
protocol = "-1"
|
protocol = "-1"
|
||||||
cidr_blocks = ["0.0.0.0/0"]
|
cidr_blocks = ["0.0.0.0/0"]
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -62,8 +62,7 @@ resource "aws_instance" "web" {
|
||||||
# this should be on port 80
|
# this should be on port 80
|
||||||
user_data = "${file("userdata.sh")}"
|
user_data = "${file("userdata.sh")}"
|
||||||
#Instance tags
|
#Instance tags
|
||||||
tags {
|
tags {
|
||||||
Name = "eip-example"
|
Name = "eip-example"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,17 +1,17 @@
|
||||||
variable "aws_region" {
|
variable "aws_region" {
|
||||||
description = "The AWS region to create things in."
|
description = "The AWS region to create things in."
|
||||||
default = "us-east-1"
|
default = "us-east-1"
|
||||||
}
|
}
|
||||||
|
|
||||||
# ubuntu-trusty-14.04 (x64)
|
# ubuntu-trusty-14.04 (x64)
|
||||||
variable "aws_amis" {
|
variable "aws_amis" {
|
||||||
default = {
|
default = {
|
||||||
"us-east-1" = "ami-5f709f34"
|
"us-east-1" = "ami-5f709f34"
|
||||||
"us-west-2" = "ami-7f675e4f"
|
"us-west-2" = "ami-7f675e4f"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "key_name" {
|
variable "key_name" {
|
||||||
description = "Name of the SSH keypair to use in AWS."
|
description = "Name of the SSH keypair to use in AWS."
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,64 +1,62 @@
|
||||||
# Specify the provider and access details
|
# Specify the provider and access details
|
||||||
provider "aws" {
|
provider "aws" {
|
||||||
region = "${var.aws_region}"
|
region = "${var.aws_region}"
|
||||||
}
|
}
|
||||||
|
|
||||||
# Our default security group to access
|
# Our default security group to access
|
||||||
# the instances over SSH and HTTP
|
# the instances over SSH and HTTP
|
||||||
resource "aws_security_group" "default" {
|
resource "aws_security_group" "default" {
|
||||||
name = "instance_sg"
|
name = "instance_sg"
|
||||||
description = "Used in the terraform"
|
description = "Used in the terraform"
|
||||||
|
|
||||||
# SSH access from anywhere
|
# SSH access from anywhere
|
||||||
ingress {
|
ingress {
|
||||||
from_port = 22
|
from_port = 22
|
||||||
to_port = 22
|
to_port = 22
|
||||||
protocol = "tcp"
|
protocol = "tcp"
|
||||||
cidr_blocks = ["0.0.0.0/0"]
|
cidr_blocks = ["0.0.0.0/0"]
|
||||||
}
|
}
|
||||||
|
|
||||||
# HTTP access from anywhere
|
# HTTP access from anywhere
|
||||||
ingress {
|
ingress {
|
||||||
from_port = 80
|
from_port = 80
|
||||||
to_port = 80
|
to_port = 80
|
||||||
protocol = "tcp"
|
protocol = "tcp"
|
||||||
cidr_blocks = ["0.0.0.0/0"]
|
cidr_blocks = ["0.0.0.0/0"]
|
||||||
}
|
}
|
||||||
|
|
||||||
# outbound internet access
|
# outbound internet access
|
||||||
egress {
|
egress {
|
||||||
from_port = 0
|
from_port = 0
|
||||||
to_port = 0
|
to_port = 0
|
||||||
protocol = "-1"
|
protocol = "-1"
|
||||||
cidr_blocks = ["0.0.0.0/0"]
|
cidr_blocks = ["0.0.0.0/0"]
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
# Our elb security group to access
|
# Our elb security group to access
|
||||||
# the ELB over HTTP
|
# the ELB over HTTP
|
||||||
resource "aws_security_group" "elb" {
|
resource "aws_security_group" "elb" {
|
||||||
name = "elb_sg"
|
name = "elb_sg"
|
||||||
description = "Used in the terraform"
|
description = "Used in the terraform"
|
||||||
|
|
||||||
# HTTP access from anywhere
|
# HTTP access from anywhere
|
||||||
ingress {
|
ingress {
|
||||||
from_port = 80
|
from_port = 80
|
||||||
to_port = 80
|
to_port = 80
|
||||||
protocol = "tcp"
|
protocol = "tcp"
|
||||||
cidr_blocks = ["0.0.0.0/0"]
|
cidr_blocks = ["0.0.0.0/0"]
|
||||||
}
|
}
|
||||||
|
|
||||||
# outbound internet access
|
|
||||||
egress {
|
|
||||||
from_port = 0
|
|
||||||
to_port = 0
|
|
||||||
protocol = "-1"
|
|
||||||
cidr_blocks = ["0.0.0.0/0"]
|
|
||||||
}
|
|
||||||
|
|
||||||
|
# outbound internet access
|
||||||
|
egress {
|
||||||
|
from_port = 0
|
||||||
|
to_port = 0
|
||||||
|
protocol = "-1"
|
||||||
|
cidr_blocks = ["0.0.0.0/0"]
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
resource "aws_elb" "web" {
|
resource "aws_elb" "web" {
|
||||||
name = "example-elb"
|
name = "example-elb"
|
||||||
|
|
||||||
|
@ -117,7 +115,7 @@ resource "aws_instance" "web" {
|
||||||
|
|
||||||
user_data = "${file("userdata.sh")}"
|
user_data = "${file("userdata.sh")}"
|
||||||
#Instance tags
|
#Instance tags
|
||||||
tags {
|
tags {
|
||||||
Name = "elb-example"
|
Name = "elb-example"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,17 +1,17 @@
|
||||||
variable "key_name" {
|
variable "key_name" {
|
||||||
description = "Name of the SSH keypair to use in AWS."
|
description = "Name of the SSH keypair to use in AWS."
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "aws_region" {
|
variable "aws_region" {
|
||||||
description = "AWS region to launch servers."
|
description = "AWS region to launch servers."
|
||||||
default = "us-east-1"
|
default = "us-east-1"
|
||||||
}
|
}
|
||||||
|
|
||||||
# ubuntu-trusty-14.04 (x64)
|
# ubuntu-trusty-14.04 (x64)
|
||||||
variable "aws_amis" {
|
variable "aws_amis" {
|
||||||
default = {
|
default = {
|
||||||
"us-east-1" = "ami-5f709f34"
|
"us-east-1" = "ami-5f709f34"
|
||||||
"us-west-2" = "ami-7f675e4f"
|
"us-west-2" = "ami-7f675e4f"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,19 +1,19 @@
|
||||||
resource "aws_db_instance" "default" {
|
resource "aws_db_instance" "default" {
|
||||||
depends_on = "aws_security_group.default"
|
depends_on = "aws_security_group.default"
|
||||||
identifier = "${var.identifier}"
|
identifier = "${var.identifier}"
|
||||||
allocated_storage = "${var.storage}"
|
allocated_storage = "${var.storage}"
|
||||||
engine = "${var.engine}"
|
engine = "${var.engine}"
|
||||||
engine_version = "${lookup(var.engine_version, var.engine)}"
|
engine_version = "${lookup(var.engine_version, var.engine)}"
|
||||||
instance_class = "${var.instance_class}"
|
instance_class = "${var.instance_class}"
|
||||||
name = "${var.db_name}"
|
name = "${var.db_name}"
|
||||||
username = "${var.username}"
|
username = "${var.username}"
|
||||||
password = "${var.password}"
|
password = "${var.password}"
|
||||||
vpc_security_group_ids = ["${aws_security_group.default.id}"]
|
vpc_security_group_ids = ["${aws_security_group.default.id}"]
|
||||||
db_subnet_group_name = "${aws_db_subnet_group.default.id}"
|
db_subnet_group_name = "${aws_db_subnet_group.default.id}"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_db_subnet_group" "default" {
|
resource "aws_db_subnet_group" "default" {
|
||||||
name = "main_subnet_group"
|
name = "main_subnet_group"
|
||||||
description = "Our main group of subnets"
|
description = "Our main group of subnets"
|
||||||
subnet_ids = ["${aws_subnet.subnet_1.id}", "${aws_subnet.subnet_2.id}"]
|
subnet_ids = ["${aws_subnet.subnet_1.id}", "${aws_subnet.subnet_2.id}"]
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,10 +1,10 @@
|
||||||
output "subnet_group" {
|
output "subnet_group" {
|
||||||
value = "${aws_db_subnet_group.default.name}"
|
value = "${aws_db_subnet_group.default.name}"
|
||||||
}
|
}
|
||||||
output "db_instance_id" {
|
output "db_instance_id" {
|
||||||
value = "${aws_db_instance.default.id}"
|
value = "${aws_db_instance.default.id}"
|
||||||
}
|
}
|
||||||
output "db_instance_address" {
|
output "db_instance_address" {
|
||||||
value = "${aws_db_instance.default.address}"
|
value = "${aws_db_instance.default.address}"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,10 +1,10 @@
|
||||||
variable "cidr_blocks" {
|
variable "cidr_blocks" {
|
||||||
default = "0.0.0.0/0"
|
default = "0.0.0.0/0"
|
||||||
description = "CIDR for sg"
|
description = "CIDR for sg"
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "sg_name" {
|
variable "sg_name" {
|
||||||
default = "rds_sg"
|
default = "rds_sg"
|
||||||
description = "Tag Name for sg"
|
description = "Tag Name for sg"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -4,17 +4,17 @@ resource "aws_security_group" "default" {
|
||||||
vpc_id = "${var.vpc_id}"
|
vpc_id = "${var.vpc_id}"
|
||||||
|
|
||||||
ingress {
|
ingress {
|
||||||
from_port = 0
|
from_port = 0
|
||||||
to_port = 65535
|
to_port = 65535
|
||||||
protocol = "TCP"
|
protocol = "TCP"
|
||||||
cidr_blocks = ["${var.cidr_blocks}"]
|
cidr_blocks = ["${var.cidr_blocks}"]
|
||||||
}
|
}
|
||||||
|
|
||||||
egress {
|
egress {
|
||||||
from_port = 0
|
from_port = 0
|
||||||
to_port = 0
|
to_port = 0
|
||||||
protocol = "-1"
|
protocol = "-1"
|
||||||
cidr_blocks = ["0.0.0.0/0"]
|
cidr_blocks = ["0.0.0.0/0"]
|
||||||
}
|
}
|
||||||
|
|
||||||
tags {
|
tags {
|
||||||
|
|
|
@ -1,24 +1,24 @@
|
||||||
variable "subnet_1_cidr" {
|
variable "subnet_1_cidr" {
|
||||||
default = "10.0.1.0/24"
|
default = "10.0.1.0/24"
|
||||||
description = "Your AZ"
|
description = "Your AZ"
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "subnet_2_cidr" {
|
variable "subnet_2_cidr" {
|
||||||
default = "10.0.2.0/24"
|
default = "10.0.2.0/24"
|
||||||
description = "Your AZ"
|
description = "Your AZ"
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "az_1" {
|
variable "az_1" {
|
||||||
default = "us-east-1b"
|
default = "us-east-1b"
|
||||||
description = "Your Az1, use AWS CLI to find your account specific"
|
description = "Your Az1, use AWS CLI to find your account specific"
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "az_2" {
|
variable "az_2" {
|
||||||
default = "us-east-1c"
|
default = "us-east-1c"
|
||||||
description = "Your Az2, use AWS CLI to find your account specific"
|
description = "Your Az2, use AWS CLI to find your account specific"
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "vpc_id" {
|
variable "vpc_id" {
|
||||||
description = "Your VPC ID"
|
description = "Your VPC ID"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,19 +1,19 @@
|
||||||
resource "aws_subnet" "subnet_1" {
|
resource "aws_subnet" "subnet_1" {
|
||||||
vpc_id = "${var.vpc_id}"
|
vpc_id = "${var.vpc_id}"
|
||||||
cidr_block = "${var.subnet_1_cidr}"
|
cidr_block = "${var.subnet_1_cidr}"
|
||||||
availability_zone = "${var.az_1}"
|
availability_zone = "${var.az_1}"
|
||||||
|
|
||||||
tags {
|
tags {
|
||||||
Name = "main_subnet1"
|
Name = "main_subnet1"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_subnet" "subnet_2" {
|
resource "aws_subnet" "subnet_2" {
|
||||||
vpc_id = "${var.vpc_id}"
|
vpc_id = "${var.vpc_id}"
|
||||||
cidr_block = "${var.subnet_2_cidr}"
|
cidr_block = "${var.subnet_2_cidr}"
|
||||||
availability_zone = "${var.az_2}"
|
availability_zone = "${var.az_2}"
|
||||||
|
|
||||||
tags {
|
tags {
|
||||||
Name = "main_subnet2"
|
Name = "main_subnet2"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,41 +1,41 @@
|
||||||
variable "identifier" {
|
variable "identifier" {
|
||||||
default = "mydb-rds"
|
default = "mydb-rds"
|
||||||
description = "Identifier for your DB"
|
description = "Identifier for your DB"
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "storage" {
|
variable "storage" {
|
||||||
default = "10"
|
default = "10"
|
||||||
description = "Storage size in GB"
|
description = "Storage size in GB"
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "engine" {
|
variable "engine" {
|
||||||
default = "postgres"
|
default = "postgres"
|
||||||
description = "Engine type, example values mysql, postgres"
|
description = "Engine type, example values mysql, postgres"
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "engine_version" {
|
variable "engine_version" {
|
||||||
description = "Engine version"
|
description = "Engine version"
|
||||||
default = {
|
default = {
|
||||||
mysql = "5.6.22"
|
mysql = "5.6.22"
|
||||||
postgres = "9.4.1"
|
postgres = "9.4.1"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "instance_class" {
|
variable "instance_class" {
|
||||||
default = "db.t2.micro"
|
default = "db.t2.micro"
|
||||||
description = "Instance class"
|
description = "Instance class"
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "db_name" {
|
variable "db_name" {
|
||||||
default = "mydb"
|
default = "mydb"
|
||||||
description = "db name"
|
description = "db name"
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "username" {
|
variable "username" {
|
||||||
default = "myuser"
|
default = "myuser"
|
||||||
description = "User name"
|
description = "User name"
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "password" {
|
variable "password" {
|
||||||
description = "password, provide through your ENV variables"
|
description = "password, provide through your ENV variables"
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,54 +1,54 @@
|
||||||
provider "aws" {
|
provider "aws" {
|
||||||
alias = "prod"
|
alias = "prod"
|
||||||
|
|
||||||
region = "us-east-1"
|
region = "us-east-1"
|
||||||
access_key = "${var.prod_access_key}"
|
access_key = "${var.prod_access_key}"
|
||||||
secret_key = "${var.prod_secret_key}"
|
secret_key = "${var.prod_secret_key}"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_s3_bucket" "prod" {
|
resource "aws_s3_bucket" "prod" {
|
||||||
provider = "aws.prod"
|
provider = "aws.prod"
|
||||||
|
|
||||||
bucket = "${var.bucket_name}"
|
bucket = "${var.bucket_name}"
|
||||||
acl = "private"
|
acl = "private"
|
||||||
policy = <<POLICY
|
policy = <<POLICY
|
||||||
{
|
{
|
||||||
"Version": "2008-10-17",
|
"Version": "2008-10-17",
|
||||||
"Statement": [
|
"Statement": [
|
||||||
{
|
{
|
||||||
"Sid": "AllowTest",
|
"Sid": "AllowTest",
|
||||||
"Effect": "Allow",
|
"Effect": "Allow",
|
||||||
"Principal": {
|
"Principal": {
|
||||||
"AWS": "arn:aws:iam::${var.test_account_id}:root"
|
"AWS": "arn:aws:iam::${var.test_account_id}:root"
|
||||||
},
|
},
|
||||||
"Action": "s3:*",
|
"Action": "s3:*",
|
||||||
"Resource": "arn:aws:s3:::${var.bucket_name}/*"
|
"Resource": "arn:aws:s3:::${var.bucket_name}/*"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
POLICY
|
POLICY
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_s3_bucket_object" "prod" {
|
resource "aws_s3_bucket_object" "prod" {
|
||||||
provider = "aws.prod"
|
provider = "aws.prod"
|
||||||
|
|
||||||
bucket = "${aws_s3_bucket.prod.id}"
|
bucket = "${aws_s3_bucket.prod.id}"
|
||||||
key = "object-uploaded-via-prod-creds"
|
key = "object-uploaded-via-prod-creds"
|
||||||
source = "${path.module}/prod.txt"
|
source = "${path.module}/prod.txt"
|
||||||
}
|
}
|
||||||
|
|
||||||
provider "aws" {
|
provider "aws" {
|
||||||
alias = "test"
|
alias = "test"
|
||||||
|
|
||||||
region = "us-east-1"
|
region = "us-east-1"
|
||||||
access_key = "${var.test_access_key}"
|
access_key = "${var.test_access_key}"
|
||||||
secret_key = "${var.test_secret_key}"
|
secret_key = "${var.test_secret_key}"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_s3_bucket_object" "test" {
|
resource "aws_s3_bucket_object" "test" {
|
||||||
provider = "aws.test"
|
provider = "aws.test"
|
||||||
|
|
||||||
bucket = "${aws_s3_bucket.prod.id}"
|
bucket = "${aws_s3_bucket.prod.id}"
|
||||||
key = "object-uploaded-via-test-creds"
|
key = "object-uploaded-via-test-creds"
|
||||||
source = "${path.module}/test.txt"
|
source = "${path.module}/test.txt"
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,37 +1,37 @@
|
||||||
# Specify the provider and access details
|
# Specify the provider and access details
|
||||||
provider "aws" {
|
provider "aws" {
|
||||||
region = "${var.aws_region}"
|
region = "${var.aws_region}"
|
||||||
}
|
}
|
||||||
|
|
||||||
# Our default security group to access
|
# Our default security group to access
|
||||||
# the instances over SSH and HTTP
|
# the instances over SSH and HTTP
|
||||||
resource "aws_security_group" "default" {
|
resource "aws_security_group" "default" {
|
||||||
name = "terraform_example"
|
name = "terraform_example"
|
||||||
description = "Used in the terraform"
|
description = "Used in the terraform"
|
||||||
|
|
||||||
# SSH access from anywhere
|
# SSH access from anywhere
|
||||||
ingress {
|
ingress {
|
||||||
from_port = 22
|
from_port = 22
|
||||||
to_port = 22
|
to_port = 22
|
||||||
protocol = "tcp"
|
protocol = "tcp"
|
||||||
cidr_blocks = ["0.0.0.0/0"]
|
cidr_blocks = ["0.0.0.0/0"]
|
||||||
}
|
}
|
||||||
|
|
||||||
# HTTP access from anywhere
|
# HTTP access from anywhere
|
||||||
ingress {
|
ingress {
|
||||||
from_port = 80
|
from_port = 80
|
||||||
to_port = 80
|
to_port = 80
|
||||||
protocol = "tcp"
|
protocol = "tcp"
|
||||||
cidr_blocks = ["0.0.0.0/0"]
|
cidr_blocks = ["0.0.0.0/0"]
|
||||||
}
|
}
|
||||||
|
|
||||||
# outbound internet access
|
# outbound internet access
|
||||||
egress {
|
egress {
|
||||||
from_port = 0
|
from_port = 0
|
||||||
to_port = 0
|
to_port = 0
|
||||||
protocol = "-1"
|
protocol = "-1"
|
||||||
cidr_blocks = ["0.0.0.0/0"]
|
cidr_blocks = ["0.0.0.0/0"]
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -85,9 +85,9 @@ resource "aws_instance" "web" {
|
||||||
# this should be on port 80
|
# this should be on port 80
|
||||||
provisioner "remote-exec" {
|
provisioner "remote-exec" {
|
||||||
inline = [
|
inline = [
|
||||||
"sudo apt-get -y update",
|
"sudo apt-get -y update",
|
||||||
"sudo apt-get -y install nginx",
|
"sudo apt-get -y install nginx",
|
||||||
"sudo service nginx start"
|
"sudo service nginx start"
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,22 +1,22 @@
|
||||||
variable "key_name" {
|
variable "key_name" {
|
||||||
description = "Name of the SSH keypair to use in AWS."
|
description = "Name of the SSH keypair to use in AWS."
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "key_path" {
|
variable "key_path" {
|
||||||
description = "Path to the private portion of the SSH key specified."
|
description = "Path to the private portion of the SSH key specified."
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "aws_region" {
|
variable "aws_region" {
|
||||||
description = "AWS region to launch servers."
|
description = "AWS region to launch servers."
|
||||||
default = "us-west-2"
|
default = "us-west-2"
|
||||||
}
|
}
|
||||||
|
|
||||||
# Ubuntu Precise 12.04 LTS (x64)
|
# Ubuntu Precise 12.04 LTS (x64)
|
||||||
variable "aws_amis" {
|
variable "aws_amis" {
|
||||||
default = {
|
default = {
|
||||||
eu-west-1 = "ami-b1cf19c6"
|
eu-west-1 = "ami-b1cf19c6"
|
||||||
us-east-1 = "ami-de7ab6b6"
|
us-east-1 = "ami-de7ab6b6"
|
||||||
us-west-1 = "ami-3f75767a"
|
us-west-1 = "ami-3f75767a"
|
||||||
us-west-2 = "ami-21f78e11"
|
us-west-2 = "ami-21f78e11"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,43 +1,43 @@
|
||||||
# Setup the Consul provisioner to use the demo cluster
|
# Setup the Consul provisioner to use the demo cluster
|
||||||
provider "consul" {
|
provider "consul" {
|
||||||
address = "demo.consul.io:80"
|
address = "demo.consul.io:80"
|
||||||
datacenter = "nyc1"
|
datacenter = "nyc1"
|
||||||
}
|
}
|
||||||
|
|
||||||
# Setup an AWS provider
|
# Setup an AWS provider
|
||||||
provider "aws" {
|
provider "aws" {
|
||||||
region = "${var.aws_region}"
|
region = "${var.aws_region}"
|
||||||
}
|
}
|
||||||
|
|
||||||
# Setup a key in Consul to provide inputs
|
# Setup a key in Consul to provide inputs
|
||||||
resource "consul_keys" "input" {
|
resource "consul_keys" "input" {
|
||||||
key {
|
key {
|
||||||
name = "size"
|
name = "size"
|
||||||
path = "tf_test/size"
|
path = "tf_test/size"
|
||||||
default = "m1.small"
|
default = "m1.small"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
# Setup a new AWS instance using a dynamic ami and
|
# Setup a new AWS instance using a dynamic ami and
|
||||||
# instance type
|
# instance type
|
||||||
resource "aws_instance" "test" {
|
resource "aws_instance" "test" {
|
||||||
ami = "${lookup(var.aws_amis, var.aws_region)}"
|
ami = "${lookup(var.aws_amis, var.aws_region)}"
|
||||||
instance_type = "${consul_keys.input.var.size}"
|
instance_type = "${consul_keys.input.var.size}"
|
||||||
}
|
}
|
||||||
|
|
||||||
# Setup a key in Consul to store the instance id and
|
# Setup a key in Consul to store the instance id and
|
||||||
# the DNS name of the instance
|
# the DNS name of the instance
|
||||||
resource "consul_keys" "test" {
|
resource "consul_keys" "test" {
|
||||||
key {
|
key {
|
||||||
name = "id"
|
name = "id"
|
||||||
path = "tf_test/id"
|
path = "tf_test/id"
|
||||||
value = "${aws_instance.test.id}"
|
value = "${aws_instance.test.id}"
|
||||||
delete = true
|
delete = true
|
||||||
}
|
}
|
||||||
key {
|
key {
|
||||||
name = "address"
|
name = "address"
|
||||||
path = "tf_test/public_dns"
|
path = "tf_test/public_dns"
|
||||||
value = "${aws_instance.test.public_dns}"
|
value = "${aws_instance.test.public_dns}"
|
||||||
delete = true
|
delete = true
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,14 +1,14 @@
|
||||||
variable "aws_region" {
|
variable "aws_region" {
|
||||||
description = "The AWS region to create resources in."
|
description = "The AWS region to create resources in."
|
||||||
default = "us-east-1"
|
default = "us-east-1"
|
||||||
}
|
}
|
||||||
|
|
||||||
# AMI's from http://cloud-images.ubuntu.com/locator/ec2/
|
# AMI's from http://cloud-images.ubuntu.com/locator/ec2/
|
||||||
variable "aws_amis" {
|
variable "aws_amis" {
|
||||||
default = {
|
default = {
|
||||||
eu-west-1 = "ami-b1cf19c6"
|
eu-west-1 = "ami-b1cf19c6"
|
||||||
us-east-1 = "ami-de7ab6b6"
|
us-east-1 = "ami-de7ab6b6"
|
||||||
us-west-1 = "ami-3f75767a"
|
us-west-1 = "ami-3f75767a"
|
||||||
us-west-2 = "ami-21f78e11"
|
us-west-2 = "ami-21f78e11"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -21,6 +21,6 @@ resource "dnsimple_record" "web" {
|
||||||
# to the heroku application after we have assigned the domain
|
# to the heroku application after we have assigned the domain
|
||||||
# in DNSimple
|
# in DNSimple
|
||||||
resource "heroku_domain" "foobar" {
|
resource "heroku_domain" "foobar" {
|
||||||
app = "${heroku_app.web.name}"
|
app = "${heroku_app.web.name}"
|
||||||
hostname = "${dnsimple_record.web.hostname}"
|
hostname = "${dnsimple_record.web.hostname}"
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,3 +1,3 @@
|
||||||
variable "dnsimple_domain" {
|
variable "dnsimple_domain" {
|
||||||
description = "The domain we are creating a record for."
|
description = "The domain we are creating a record for."
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,54 +1,54 @@
|
||||||
# See https://cloud.google.com/compute/docs/load-balancing/network/example
|
# See https://cloud.google.com/compute/docs/load-balancing/network/example
|
||||||
|
|
||||||
provider "google" {
|
provider "google" {
|
||||||
region = "${var.region}"
|
region = "${var.region}"
|
||||||
project = "${var.project_name}"
|
project = "${var.project_name}"
|
||||||
account_file = "${file(var.account_file_path)}"
|
account_file = "${file(var.account_file_path)}"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_http_health_check" "default" {
|
resource "google_compute_http_health_check" "default" {
|
||||||
name = "tf-www-basic-check"
|
name = "tf-www-basic-check"
|
||||||
request_path = "/"
|
request_path = "/"
|
||||||
check_interval_sec = 1
|
check_interval_sec = 1
|
||||||
healthy_threshold = 1
|
healthy_threshold = 1
|
||||||
unhealthy_threshold = 10
|
unhealthy_threshold = 10
|
||||||
timeout_sec = 1
|
timeout_sec = 1
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_target_pool" "default" {
|
resource "google_compute_target_pool" "default" {
|
||||||
name = "tf-www-target-pool"
|
name = "tf-www-target-pool"
|
||||||
instances = ["${google_compute_instance.www.*.self_link}"]
|
instances = ["${google_compute_instance.www.*.self_link}"]
|
||||||
health_checks = ["${google_compute_http_health_check.default.name}"]
|
health_checks = ["${google_compute_http_health_check.default.name}"]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_forwarding_rule" "default" {
|
resource "google_compute_forwarding_rule" "default" {
|
||||||
name = "tf-www-forwarding-rule"
|
name = "tf-www-forwarding-rule"
|
||||||
target = "${google_compute_target_pool.default.self_link}"
|
target = "${google_compute_target_pool.default.self_link}"
|
||||||
port_range = "80"
|
port_range = "80"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_instance" "www" {
|
resource "google_compute_instance" "www" {
|
||||||
count = 3
|
count = 3
|
||||||
|
|
||||||
name = "tf-www-${count.index}"
|
name = "tf-www-${count.index}"
|
||||||
machine_type = "n1-standard-1"
|
machine_type = "n1-standard-1"
|
||||||
zone = "${var.region_zone}"
|
zone = "${var.region_zone}"
|
||||||
tags = ["www-node"]
|
tags = ["www-node"]
|
||||||
|
|
||||||
disk {
|
disk {
|
||||||
image = "ubuntu-os-cloud/ubuntu-1204-precise-v20150625"
|
image = "ubuntu-os-cloud/ubuntu-1204-precise-v20150625"
|
||||||
|
}
|
||||||
|
|
||||||
|
network_interface {
|
||||||
|
network = "default"
|
||||||
|
access_config {
|
||||||
|
# Ephemeral
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
network_interface {
|
metadata {
|
||||||
network = "default"
|
sshKeys = "ubuntu:${file("~/.ssh/gcloud_id_rsa.pub")}"
|
||||||
access_config {
|
startup-script = <<SCRIPT
|
||||||
# Ephemeral
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
metadata {
|
|
||||||
sshKeys = "ubuntu:${file("~/.ssh/gcloud_id_rsa.pub")}"
|
|
||||||
startup-script = <<SCRIPT
|
|
||||||
apt-get -y update
|
apt-get -y update
|
||||||
apt-get -y install nginx
|
apt-get -y install nginx
|
||||||
HOSTNAME=$(hostname | tr -d "\n")
|
HOSTNAME=$(hostname | tr -d "\n")
|
||||||
|
@ -56,22 +56,22 @@ IP=$(curl -s -H "Metadata-Flavor:Google" http://metadata/computeMetadata/v1/inst
|
||||||
echo "Welcome to ${count.index} - $HOSTNAME ($IP)" > /usr/share/nginx/www/index.html
|
echo "Welcome to ${count.index} - $HOSTNAME ($IP)" > /usr/share/nginx/www/index.html
|
||||||
service nginx start
|
service nginx start
|
||||||
SCRIPT
|
SCRIPT
|
||||||
}
|
}
|
||||||
|
|
||||||
service_account {
|
service_account {
|
||||||
scopes = ["https://www.googleapis.com/auth/compute.readonly"]
|
scopes = ["https://www.googleapis.com/auth/compute.readonly"]
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_firewall" "default" {
|
resource "google_compute_firewall" "default" {
|
||||||
name = "tf-www-firewall"
|
name = "tf-www-firewall"
|
||||||
network = "default"
|
network = "default"
|
||||||
|
|
||||||
allow {
|
allow {
|
||||||
protocol = "tcp"
|
protocol = "tcp"
|
||||||
ports = ["80"]
|
ports = ["80"]
|
||||||
}
|
}
|
||||||
|
|
||||||
source_ranges = ["0.0.0.0/0"]
|
source_ranges = ["0.0.0.0/0"]
|
||||||
target_tags = ["www-node"]
|
target_tags = ["www-node"]
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
output "pool_public_ip" {
|
output "pool_public_ip" {
|
||||||
value = "${google_compute_forwarding_rule.default.ip_address}"
|
value = "${google_compute_forwarding_rule.default.ip_address}"
|
||||||
}
|
}
|
||||||
|
|
||||||
output "instance_ips" {
|
output "instance_ips" {
|
||||||
value = "${join(" ", google_compute_instance.www.*.network_interface.0.access_config.0.nat_ip)}"
|
value = "${join(" ", google_compute_instance.www.*.network_interface.0.access_config.0.nat_ip)}"
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,15 +1,15 @@
|
||||||
variable "region" {
|
variable "region" {
|
||||||
default = "us-central1"
|
default = "us-central1"
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "region_zone" {
|
variable "region_zone" {
|
||||||
default = "us-central1-f"
|
default = "us-central1-f"
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "project_name" {
|
variable "project_name" {
|
||||||
description = "The ID of the Google Cloud project"
|
description = "The ID of the Google Cloud project"
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "account_file_path" {
|
variable "account_file_path" {
|
||||||
description = "Path to the JSON file used to describe your account credentials"
|
description = "Path to the JSON file used to describe your account credentials"
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue