open-consul/terraform/aws/consul.tf

77 lines
1.8 KiB
Terraform
Raw Normal View History

2014-10-12 00:09:51 +00:00
resource "aws_instance" "server" {
ami = "${lookup(var.ami, "${var.region}-${var.platform}")}"
instance_type = "${var.instance_type}"
key_name = "${var.key_name}"
count = "${var.servers}"
security_groups = ["${aws_security_group.consul.id}"]
subnet_id = "${lookup(var.subnets, count.index % var.servers)}"
2014-10-12 00:09:51 +00:00
connection {
user = "${lookup(var.user, var.platform)}"
private_key = "${file("${var.key_path}")}"
}
2014-10-12 00:09:51 +00:00
#Instance tags
tags {
Name = "${var.tagName}-${count.index}"
ConsulRole = "Server"
}
2015-05-21 00:38:42 +00:00
provisioner "file" {
source = "${path.module}/../shared/scripts/${lookup(var.service_conf, var.platform)}"
destination = "/tmp/${lookup(var.service_conf_dest, var.platform)}"
}
2014-10-12 00:09:51 +00:00
provisioner "remote-exec" {
inline = [
"echo ${var.servers} > /tmp/consul-server-count",
"echo ${aws_instance.server.0.private_ip} > /tmp/consul-server-addr",
]
}
2014-10-12 00:09:51 +00:00
provisioner "remote-exec" {
scripts = [
"${path.module}/../shared/scripts/install.sh",
"${path.module}/../shared/scripts/service.sh",
"${path.module}/../shared/scripts/ip_tables.sh",
]
}
2014-10-12 00:09:51 +00:00
}
resource "aws_security_group" "consul" {
name = "consul_${var.platform}"
description = "Consul internal traffic + maintenance."
vpc_id = "${var.vpc_id}"
2014-10-12 00:09:51 +00:00
// These are for internal traffic
ingress {
from_port = 0
to_port = 65535
protocol = "tcp"
self = true
}
2014-10-12 00:09:51 +00:00
ingress {
from_port = 0
to_port = 65535
protocol = "udp"
self = true
}
2014-10-12 00:09:51 +00:00
// These are for maintenance
ingress {
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
2015-05-21 00:38:42 +00:00
// This is for outbound internet access
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
2014-10-12 00:09:51 +00:00
}