2014-10-12 00:09:51 +00:00
|
|
|
resource "aws_instance" "server" {
|
2018-10-24 15:02:38 +00:00
|
|
|
ami = "${lookup(var.ami, "${var.region}-${var.platform}")}"
|
|
|
|
instance_type = "${var.instance_type}"
|
|
|
|
key_name = "${var.key_name}"
|
|
|
|
count = "${var.servers}"
|
|
|
|
security_groups = ["${aws_security_group.consul.id}"]
|
|
|
|
subnet_id = "${lookup(var.subnets, count.index % var.servers)}"
|
2014-10-12 00:09:51 +00:00
|
|
|
|
2018-10-24 15:02:38 +00:00
|
|
|
connection {
|
|
|
|
user = "${lookup(var.user, var.platform)}"
|
|
|
|
private_key = "${file("${var.key_path}")}"
|
|
|
|
}
|
2014-10-12 00:09:51 +00:00
|
|
|
|
2018-10-24 15:02:38 +00:00
|
|
|
#Instance tags
|
|
|
|
tags {
|
|
|
|
Name = "${var.tagName}-${count.index}"
|
|
|
|
ConsulRole = "Server"
|
|
|
|
}
|
2015-05-21 00:38:42 +00:00
|
|
|
|
2018-10-24 15:02:38 +00:00
|
|
|
provisioner "file" {
|
|
|
|
source = "${path.module}/../shared/scripts/${lookup(var.service_conf, var.platform)}"
|
|
|
|
destination = "/tmp/${lookup(var.service_conf_dest, var.platform)}"
|
|
|
|
}
|
2014-10-12 00:09:51 +00:00
|
|
|
|
2018-10-24 15:02:38 +00:00
|
|
|
provisioner "remote-exec" {
|
|
|
|
inline = [
|
|
|
|
"echo ${var.servers} > /tmp/consul-server-count",
|
|
|
|
"echo ${aws_instance.server.0.private_ip} > /tmp/consul-server-addr",
|
|
|
|
]
|
|
|
|
}
|
2014-10-12 00:09:51 +00:00
|
|
|
|
2018-10-24 15:02:38 +00:00
|
|
|
provisioner "remote-exec" {
|
|
|
|
scripts = [
|
|
|
|
"${path.module}/../shared/scripts/install.sh",
|
|
|
|
"${path.module}/../shared/scripts/service.sh",
|
|
|
|
"${path.module}/../shared/scripts/ip_tables.sh",
|
|
|
|
]
|
|
|
|
}
|
2014-10-12 00:09:51 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
resource "aws_security_group" "consul" {
|
2018-10-24 15:02:38 +00:00
|
|
|
name = "consul_${var.platform}"
|
|
|
|
description = "Consul internal traffic + maintenance."
|
|
|
|
vpc_id = "${var.vpc_id}"
|
2014-10-12 00:09:51 +00:00
|
|
|
|
2018-10-24 15:02:38 +00:00
|
|
|
// These are for internal traffic
|
|
|
|
ingress {
|
|
|
|
from_port = 0
|
|
|
|
to_port = 65535
|
|
|
|
protocol = "tcp"
|
|
|
|
self = true
|
|
|
|
}
|
2014-10-12 00:09:51 +00:00
|
|
|
|
2018-10-24 15:02:38 +00:00
|
|
|
ingress {
|
|
|
|
from_port = 0
|
|
|
|
to_port = 65535
|
|
|
|
protocol = "udp"
|
|
|
|
self = true
|
|
|
|
}
|
2014-10-12 00:09:51 +00:00
|
|
|
|
2018-10-24 15:02:38 +00:00
|
|
|
// These are for maintenance
|
|
|
|
ingress {
|
|
|
|
from_port = 22
|
|
|
|
to_port = 22
|
|
|
|
protocol = "tcp"
|
|
|
|
cidr_blocks = ["0.0.0.0/0"]
|
|
|
|
}
|
2015-05-21 00:38:42 +00:00
|
|
|
|
2018-10-24 15:02:38 +00:00
|
|
|
// This is for outbound internet access
|
|
|
|
egress {
|
|
|
|
from_port = 0
|
|
|
|
to_port = 0
|
|
|
|
protocol = "-1"
|
|
|
|
cidr_blocks = ["0.0.0.0/0"]
|
|
|
|
}
|
2014-10-12 00:09:51 +00:00
|
|
|
}
|