Merge pull request #1836 from shaneog/terraform-google

Add Terraform config for Google Cloud Platform

terraform/aws/consul.tf

@@ -16,7 +16,7 @@ resource "aws_instance" "server" {
     }
 
     provisioner "file" {
-        source = "${path.module}/scripts/${lookup(var.service_conf, var.platform)}"
+        source = "${path.module}/../shared/scripts/${lookup(var.service_conf, var.platform)}"
         destination = "/tmp/${lookup(var.service_conf_dest, var.platform)}"
     }
 
@@ -30,9 +30,9 @@ resource "aws_instance" "server" {
 
     provisioner "remote-exec" {
         scripts = [
-            "${path.module}/scripts/install.sh",
-            "${path.module}/scripts/service.sh",
-            "${path.module}/scripts/ip_tables.sh",
+            "${path.module}/../shared/scripts/install.sh",
+            "${path.module}/../shared/scripts/service.sh",
+            "${path.module}/../shared/scripts/ip_tables.sh",
         ]
     }
 }

terraform/google/README.md

@@ -0,0 +1,33 @@
+## Running the Google Cloud Platform templates to set up a Consul cluster
+
+The platform variable defines the target OS, default is `ubuntu`.
+
+Supported Machine Images:
+- Ubuntu 14.04 (`ubuntu`)
+- RHEL6 (`rhel6`)
+- RHEL7 (`rhel7`)
+- CentOS6 (`centos6`)
+- CentOS7 (`centos7`)
+
+For Google Cloud provider, set up your environment as outlined here: https://www.terraform.io/docs/providers/google/index.html
+
+To set up a Ubuntu based cluster, replace `key_path` with actual value and run:
+
+
+```shell
+terraform apply -var 'key_path=/Users/xyz/consul.pem'
+```
+
+_or_
+
+```shell
+terraform apply -var 'key_path=/Users/xyz/consul.pem' -var 'platform=ubuntu'
+```
+
+To run RHEL6, run like below:
+
+```shell
+terraform apply -var 'key_path=/Users/xyz/consul.pem' -var 'platform=rhel6'
+```
+
+**Note:** For RHEL and CentOS based clusters, you need to have a [SSH key added](https://console.cloud.google.com/compute/metadata/sshKeys) for the user `root`.

terraform/google/consul.tf

@@ -0,0 +1,68 @@
+resource "google_compute_instance" "consul" {
+    count = "${var.servers}"
+
+    name = "consul-${count.index}"
+    zone = "${var.region_zone}"
+    tags = ["${var.tag_name}"]
+
+    machine_type = "${var.machine_type}"
+
+    disk {
+        image = "${lookup(var.machine_image, var.platform)}"
+    }
+
+    network_interface {
+        network = "default"
+
+        access_config {
+            # Ephemeral
+        }
+    }
+
+    service_account {
+        scopes = ["https://www.googleapis.com/auth/compute.readonly"]
+    }
+
+    connection {
+        user     = "${lookup(var.user, var.platform)}"
+        key_path = "${var.key_path}"
+    }
+
+    provisioner "file" {
+        source      = "${path.module}/../shared/scripts/${lookup(var.service_conf, var.platform)}"
+        destination = "/tmp/${lookup(var.service_conf_dest, var.platform)}"
+    }
+
+    provisioner "remote-exec" {
+        inline = [
+            "echo ${var.servers} > /tmp/consul-server-count",
+            "echo ${google_compute_instance.consul.0.network_interface.0.address} > /tmp/consul-server-addr",
+        ]
+    }
+
+    provisioner "remote-exec" {
+        scripts = [
+            "${path.module}/../shared/scripts/install.sh",
+            "${path.module}/../shared/scripts/service.sh",
+            "${path.module}/../shared/scripts/ip_tables.sh",
+        ]
+    }
+}
+
+resource "google_compute_firewall" "consul_ingress" {
+    name = "consul-internal-access"
+    network = "default"
+
+    allow {
+        protocol = "tcp"
+        ports = [
+            "8300", # Server RPC
+            "8301", # Serf LAN
+            "8302", # Serf WAN
+            "8400", # RPC
+        ]
+    }
+
+    source_tags = ["${var.tag_name}"]
+    target_tags = ["${var.tag_name}"]
+}

terraform/google/outputs.tf

@@ -0,0 +1,4 @@
+output "server_address" {
+    value = "${google_compute_instance.consul.0.network_interface.0.address}"
+}
+

terraform/google/variables.tf

@@ -0,0 +1,72 @@
+variable "platform" {
+    default = "ubuntu"
+    description = "The OS Platform"
+}
+
+variable "user" {
+    default = {
+        ubuntu  = "ubuntu"
+        rhel6   = "root"
+        rhel7   = "root"
+        centos6 = "root"
+        centos7 = "root"
+    }
+}
+
+variable "machine_image" {
+    default = {
+        ubuntu  = "ubuntu-os-cloud/ubuntu-1404-trusty-v20160314"
+        rhel6   = "rhel-cloud/rhel-6-v20160303"
+        rhel7   = "rhel-cloud/rhel-7-v20160303"
+        centos6 = "centos-cloud/centos-6-v20160301"
+        centos7 = "centos-cloud/centos-7-v20160301"
+    }
+}
+
+variable "service_conf" {
+    default = {
+        ubuntu  = "debian_upstart.conf"
+        rhel6   = "rhel_upstart.conf"
+        rhel7   = "rhel_consul.service"
+        centos6 = "rhel_upstart.conf"
+        centos7 = "rhel_consul.service"
+    }
+}
+variable "service_conf_dest" {
+    default = {
+        ubuntu  = "upstart.conf"
+        rhel6   = "upstart.conf"
+        rhel7   = "consul.service"
+        centos6 = "upstart.conf"
+        centos7 = "consul.service"
+    }
+}
+
+variable "key_path" {
+    description = "Path to the private key used to access the cloud servers"
+}
+
+variable "region" {
+    default     = "us-central1"
+    description = "The region of Google Cloud where to launch the cluster"
+}
+
+variable "region_zone" {
+    default     = "us-central1-f"
+    description = "The zone of Google Cloud in which to launch the cluster"
+}
+
+variable "servers" {
+    default     = "3"
+    description = "The number of Consul servers to launch"
+}
+
+variable "machine_type" {
+    default     = "f1-micro"
+    description = "Google Cloud Compute machine type"
+}
+
+variable "tag_name" {
+    default     = "consul"
+    description = "Name tag for the servers"
+}

terraform/shared/scripts/debian_upstart.conf

@@ -15,7 +15,7 @@ script
   # Make sure to use all our CPUs, because Consul can block a scheduler thread
   export GOMAXPROCS=`nproc`
 
-  # Get the public IP
+  # Get the local IP
   BIND=`ifconfig eth0 | grep "inet addr" | awk '{ print substr($2,6) }'`
 
   exec /usr/local/bin/consul agent \

terraform/shared/scripts/install.sh

@@ -36,7 +36,7 @@ then
   echo "Installing Upstart service..."
   sudo mkdir -p /etc/consul.d
   sudo mkdir -p /etc/service
-  sudo chown root:root /tmp/upstart.conf 
+  sudo chown root:root /tmp/upstart.conf
   sudo mv /tmp/upstart.conf /etc/init/consul.conf
   sudo chmod 0644 /etc/init/consul.conf
   sudo mv /tmp/consul_flags /etc/service/consul
@@ -44,7 +44,7 @@ then
 else
   echo "Installing Systemd service..."
   sudo mkdir -p /etc/systemd/system/consul.d
-  sudo chown root:root /tmp/consul.service 
+  sudo chown root:root /tmp/consul.service
   sudo mv /tmp/consul.service /etc/systemd/system/consul.service
   sudo chmod 0644 /etc/systemd/system/consul.service
   sudo mv /tmp/consul_flags /etc/sysconfig/consul

terraform/shared/scripts/ip_tables.sh

@@ -4,6 +4,7 @@ set -e
 sudo iptables -I INPUT -s 0/0 -p tcp --dport 8300 -j ACCEPT
 sudo iptables -I INPUT -s 0/0 -p tcp --dport 8301 -j ACCEPT
 sudo iptables -I INPUT -s 0/0 -p tcp --dport 8302 -j ACCEPT
+sudo iptables -I INPUT -s 0/0 -p tcp --dport 8400 -j ACCEPT
 
 if [ -d /etc/sysconfig ]; then
   sudo iptables-save | sudo tee /etc/sysconfig/iptables