From 297e4f02c53fa9865d93b156fbcc8802eb560d5f Mon Sep 17 00:00:00 2001 From: Shane O'Grady Date: Tue, 15 Mar 2016 14:01:56 -0300 Subject: [PATCH 1/3] Move scripts to a shared directory --- terraform/aws/consul.tf | 8 ++++---- terraform/{aws => shared}/scripts/debian_upstart.conf | 2 +- terraform/{aws => shared}/scripts/install.sh | 4 ++-- terraform/{aws => shared}/scripts/ip_tables.sh | 0 terraform/{aws => shared}/scripts/rhel_consul.service | 0 terraform/{aws => shared}/scripts/rhel_upstart.conf | 0 terraform/{aws => shared}/scripts/service.sh | 0 7 files changed, 7 insertions(+), 7 deletions(-) rename terraform/{aws => shared}/scripts/debian_upstart.conf (96%) rename terraform/{aws => shared}/scripts/install.sh (94%) rename terraform/{aws => shared}/scripts/ip_tables.sh (100%) rename terraform/{aws => shared}/scripts/rhel_consul.service (100%) rename terraform/{aws => shared}/scripts/rhel_upstart.conf (100%) rename terraform/{aws => shared}/scripts/service.sh (100%) diff --git a/terraform/aws/consul.tf b/terraform/aws/consul.tf index ce5d6f0a7..3deeb4f51 100644 --- a/terraform/aws/consul.tf +++ b/terraform/aws/consul.tf @@ -16,7 +16,7 @@ resource "aws_instance" "server" { } provisioner "file" { - source = "${path.module}/scripts/${lookup(var.service_conf, var.platform)}" + source = "${path.module}/../shared/scripts/${lookup(var.service_conf, var.platform)}" destination = "/tmp/${lookup(var.service_conf_dest, var.platform)}" } @@ -30,9 +30,9 @@ resource "aws_instance" "server" { provisioner "remote-exec" { scripts = [ - "${path.module}/scripts/install.sh", - "${path.module}/scripts/service.sh", - "${path.module}/scripts/ip_tables.sh", + "${path.module}/../shared/scripts/install.sh", + "${path.module}/../shared/scripts/service.sh", + "${path.module}/../shared/scripts/ip_tables.sh", ] } } diff --git a/terraform/aws/scripts/debian_upstart.conf b/terraform/shared/scripts/debian_upstart.conf similarity index 96% rename from terraform/aws/scripts/debian_upstart.conf rename to terraform/shared/scripts/debian_upstart.conf index 7c57a0efc..eb52354a7 100644 --- a/terraform/aws/scripts/debian_upstart.conf +++ b/terraform/shared/scripts/debian_upstart.conf @@ -15,7 +15,7 @@ script # Make sure to use all our CPUs, because Consul can block a scheduler thread export GOMAXPROCS=`nproc` - # Get the public IP + # Get the local IP BIND=`ifconfig eth0 | grep "inet addr" | awk '{ print substr($2,6) }'` exec /usr/local/bin/consul agent \ diff --git a/terraform/aws/scripts/install.sh b/terraform/shared/scripts/install.sh similarity index 94% rename from terraform/aws/scripts/install.sh rename to terraform/shared/scripts/install.sh index 9c392606b..08e2fdffb 100644 --- a/terraform/aws/scripts/install.sh +++ b/terraform/shared/scripts/install.sh @@ -36,7 +36,7 @@ then echo "Installing Upstart service..." sudo mkdir -p /etc/consul.d sudo mkdir -p /etc/service - sudo chown root:root /tmp/upstart.conf + sudo chown root:root /tmp/upstart.conf sudo mv /tmp/upstart.conf /etc/init/consul.conf sudo chmod 0644 /etc/init/consul.conf sudo mv /tmp/consul_flags /etc/service/consul @@ -44,7 +44,7 @@ then else echo "Installing Systemd service..." sudo mkdir -p /etc/systemd/system/consul.d - sudo chown root:root /tmp/consul.service + sudo chown root:root /tmp/consul.service sudo mv /tmp/consul.service /etc/systemd/system/consul.service sudo chmod 0644 /etc/systemd/system/consul.service sudo mv /tmp/consul_flags /etc/sysconfig/consul diff --git a/terraform/aws/scripts/ip_tables.sh b/terraform/shared/scripts/ip_tables.sh similarity index 100% rename from terraform/aws/scripts/ip_tables.sh rename to terraform/shared/scripts/ip_tables.sh diff --git a/terraform/aws/scripts/rhel_consul.service b/terraform/shared/scripts/rhel_consul.service similarity index 100% rename from terraform/aws/scripts/rhel_consul.service rename to terraform/shared/scripts/rhel_consul.service diff --git a/terraform/aws/scripts/rhel_upstart.conf b/terraform/shared/scripts/rhel_upstart.conf similarity index 100% rename from terraform/aws/scripts/rhel_upstart.conf rename to terraform/shared/scripts/rhel_upstart.conf diff --git a/terraform/aws/scripts/service.sh b/terraform/shared/scripts/service.sh similarity index 100% rename from terraform/aws/scripts/service.sh rename to terraform/shared/scripts/service.sh From 3fe7162d1207cb75d583d212a6bb36ee30a8e168 Mon Sep 17 00:00:00 2001 From: Shane O'Grady Date: Tue, 15 Mar 2016 14:57:26 -0300 Subject: [PATCH 2/3] Add RPC port to iptables config From https://www.consul.io/docs/agent/options.html#ports --- terraform/shared/scripts/ip_tables.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/terraform/shared/scripts/ip_tables.sh b/terraform/shared/scripts/ip_tables.sh index b304cd1a8..acf853402 100644 --- a/terraform/shared/scripts/ip_tables.sh +++ b/terraform/shared/scripts/ip_tables.sh @@ -4,6 +4,7 @@ set -e sudo iptables -I INPUT -s 0/0 -p tcp --dport 8300 -j ACCEPT sudo iptables -I INPUT -s 0/0 -p tcp --dport 8301 -j ACCEPT sudo iptables -I INPUT -s 0/0 -p tcp --dport 8302 -j ACCEPT +sudo iptables -I INPUT -s 0/0 -p tcp --dport 8400 -j ACCEPT if [ -d /etc/sysconfig ]; then sudo iptables-save | sudo tee /etc/sysconfig/iptables From bc85603f0ea45875339beb664a2fb3d158b5e3a0 Mon Sep 17 00:00:00 2001 From: Shane O'Grady Date: Tue, 15 Mar 2016 15:49:44 -0300 Subject: [PATCH 3/3] Add Terraform config for Google Cloud Platform Supports: - Ubuntu 14.04 LTS - RHEL 6 - RHEL 7 - CentOS 6 - CentOS 7 --- terraform/google/README.md | 33 ++++++++++++++++ terraform/google/consul.tf | 68 +++++++++++++++++++++++++++++++++ terraform/google/outputs.tf | 4 ++ terraform/google/variables.tf | 72 +++++++++++++++++++++++++++++++++++ 4 files changed, 177 insertions(+) create mode 100644 terraform/google/README.md create mode 100644 terraform/google/consul.tf create mode 100644 terraform/google/outputs.tf create mode 100644 terraform/google/variables.tf diff --git a/terraform/google/README.md b/terraform/google/README.md new file mode 100644 index 000000000..0369ef407 --- /dev/null +++ b/terraform/google/README.md @@ -0,0 +1,33 @@ +## Running the Google Cloud Platform templates to set up a Consul cluster + +The platform variable defines the target OS, default is `ubuntu`. + +Supported Machine Images: +- Ubuntu 14.04 (`ubuntu`) +- RHEL6 (`rhel6`) +- RHEL7 (`rhel7`) +- CentOS6 (`centos6`) +- CentOS7 (`centos7`) + +For Google Cloud provider, set up your environment as outlined here: https://www.terraform.io/docs/providers/google/index.html + +To set up a Ubuntu based cluster, replace `key_path` with actual value and run: + + +```shell +terraform apply -var 'key_path=/Users/xyz/consul.pem' +``` + +_or_ + +```shell +terraform apply -var 'key_path=/Users/xyz/consul.pem' -var 'platform=ubuntu' +``` + +To run RHEL6, run like below: + +```shell +terraform apply -var 'key_path=/Users/xyz/consul.pem' -var 'platform=rhel6' +``` + +**Note:** For RHEL and CentOS based clusters, you need to have a [SSH key added](https://console.cloud.google.com/compute/metadata/sshKeys) for the user `root`. \ No newline at end of file diff --git a/terraform/google/consul.tf b/terraform/google/consul.tf new file mode 100644 index 000000000..066f586c3 --- /dev/null +++ b/terraform/google/consul.tf @@ -0,0 +1,68 @@ +resource "google_compute_instance" "consul" { + count = "${var.servers}" + + name = "consul-${count.index}" + zone = "${var.region_zone}" + tags = ["${var.tag_name}"] + + machine_type = "${var.machine_type}" + + disk { + image = "${lookup(var.machine_image, var.platform)}" + } + + network_interface { + network = "default" + + access_config { + # Ephemeral + } + } + + service_account { + scopes = ["https://www.googleapis.com/auth/compute.readonly"] + } + + connection { + user = "${lookup(var.user, var.platform)}" + key_path = "${var.key_path}" + } + + provisioner "file" { + source = "${path.module}/../shared/scripts/${lookup(var.service_conf, var.platform)}" + destination = "/tmp/${lookup(var.service_conf_dest, var.platform)}" + } + + provisioner "remote-exec" { + inline = [ + "echo ${var.servers} > /tmp/consul-server-count", + "echo ${google_compute_instance.consul.0.network_interface.0.address} > /tmp/consul-server-addr", + ] + } + + provisioner "remote-exec" { + scripts = [ + "${path.module}/../shared/scripts/install.sh", + "${path.module}/../shared/scripts/service.sh", + "${path.module}/../shared/scripts/ip_tables.sh", + ] + } +} + +resource "google_compute_firewall" "consul_ingress" { + name = "consul-internal-access" + network = "default" + + allow { + protocol = "tcp" + ports = [ + "8300", # Server RPC + "8301", # Serf LAN + "8302", # Serf WAN + "8400", # RPC + ] + } + + source_tags = ["${var.tag_name}"] + target_tags = ["${var.tag_name}"] +} diff --git a/terraform/google/outputs.tf b/terraform/google/outputs.tf new file mode 100644 index 000000000..66d031cb2 --- /dev/null +++ b/terraform/google/outputs.tf @@ -0,0 +1,4 @@ +output "server_address" { + value = "${google_compute_instance.consul.0.network_interface.0.address}" +} + diff --git a/terraform/google/variables.tf b/terraform/google/variables.tf new file mode 100644 index 000000000..d877e359d --- /dev/null +++ b/terraform/google/variables.tf @@ -0,0 +1,72 @@ +variable "platform" { + default = "ubuntu" + description = "The OS Platform" +} + +variable "user" { + default = { + ubuntu = "ubuntu" + rhel6 = "root" + rhel7 = "root" + centos6 = "root" + centos7 = "root" + } +} + +variable "machine_image" { + default = { + ubuntu = "ubuntu-os-cloud/ubuntu-1404-trusty-v20160314" + rhel6 = "rhel-cloud/rhel-6-v20160303" + rhel7 = "rhel-cloud/rhel-7-v20160303" + centos6 = "centos-cloud/centos-6-v20160301" + centos7 = "centos-cloud/centos-7-v20160301" + } +} + +variable "service_conf" { + default = { + ubuntu = "debian_upstart.conf" + rhel6 = "rhel_upstart.conf" + rhel7 = "rhel_consul.service" + centos6 = "rhel_upstart.conf" + centos7 = "rhel_consul.service" + } +} +variable "service_conf_dest" { + default = { + ubuntu = "upstart.conf" + rhel6 = "upstart.conf" + rhel7 = "consul.service" + centos6 = "upstart.conf" + centos7 = "consul.service" + } +} + +variable "key_path" { + description = "Path to the private key used to access the cloud servers" +} + +variable "region" { + default = "us-central1" + description = "The region of Google Cloud where to launch the cluster" +} + +variable "region_zone" { + default = "us-central1-f" + description = "The zone of Google Cloud in which to launch the cluster" +} + +variable "servers" { + default = "3" + description = "The number of Consul servers to launch" +} + +variable "machine_type" { + default = "f1-micro" + description = "Google Cloud Compute machine type" +} + +variable "tag_name" { + default = "consul" + description = "Name tag for the servers" +}