259 lines
8.2 KiB
HCL
259 lines
8.2 KiB
HCL
# Copyright (c) HashiCorp, Inc.
|
|
# SPDX-License-Identifier: MPL-2.0
|
|
|
|
variable "location" {}
|
|
variable "image_id" {}
|
|
variable "vm_size" {}
|
|
variable "server_count" {}
|
|
variable "client_count" {}
|
|
variable "retry_join" {}
|
|
|
|
resource "tls_private_key" "main" {
|
|
algorithm = "RSA"
|
|
}
|
|
|
|
resource "null_resource" "main" {
|
|
provisioner "local-exec" {
|
|
command = "echo \"${tls_private_key.main.private_key_pem}\" > azure-hashistack.pem"
|
|
}
|
|
|
|
provisioner "local-exec" {
|
|
command = "chmod 600 azure-hashistack.pem"
|
|
}
|
|
}
|
|
|
|
resource "azurerm_resource_group" "hashistack" {
|
|
name = "hashistack"
|
|
location = "${var.location}"
|
|
}
|
|
|
|
resource "azurerm_virtual_network" "hashistack-vn" {
|
|
name = "hashistack-vn"
|
|
address_space = ["10.0.0.0/16"]
|
|
location = "${var.location}"
|
|
resource_group_name = "${azurerm_resource_group.hashistack.name}"
|
|
}
|
|
|
|
resource "azurerm_subnet" "hashistack-sn" {
|
|
name = "hashistack-sn"
|
|
resource_group_name = "${azurerm_resource_group.hashistack.name}"
|
|
virtual_network_name = "${azurerm_virtual_network.hashistack-vn.name}"
|
|
address_prefixes = ["10.0.2.0/24"]
|
|
}
|
|
|
|
resource "azurerm_network_security_group" "hashistack-sg" {
|
|
name = "hashistack-sg"
|
|
location = "${var.location}"
|
|
resource_group_name = "${azurerm_resource_group.hashistack.name}"
|
|
}
|
|
|
|
resource "azurerm_network_security_rule" "hashistack-sgr-22" {
|
|
name = "hashistack-sgr-22"
|
|
resource_group_name = "${azurerm_resource_group.hashistack.name}"
|
|
network_security_group_name = "${azurerm_network_security_group.hashistack-sg.name}"
|
|
|
|
priority = 100
|
|
direction = "Inbound"
|
|
access = "Allow"
|
|
protocol = "Tcp"
|
|
|
|
source_address_prefix = "*"
|
|
source_port_range = "*"
|
|
destination_port_range = "22"
|
|
destination_address_prefix = "*"
|
|
}
|
|
|
|
resource "azurerm_network_security_rule" "hashistack-sgr-4646" {
|
|
name = "hashistack-sgr-4646"
|
|
resource_group_name = "${azurerm_resource_group.hashistack.name}"
|
|
network_security_group_name = "${azurerm_network_security_group.hashistack-sg.name}"
|
|
|
|
priority = 101
|
|
direction = "Inbound"
|
|
access = "Allow"
|
|
protocol = "Tcp"
|
|
|
|
source_address_prefix = "*"
|
|
source_port_range = "*"
|
|
destination_port_range = "4646"
|
|
destination_address_prefix = "*"
|
|
}
|
|
|
|
resource "azurerm_network_security_rule" "hashistack-sgr-8500" {
|
|
name = "hashistack-sgr-8500"
|
|
resource_group_name = "${azurerm_resource_group.hashistack.name}"
|
|
network_security_group_name = "${azurerm_network_security_group.hashistack-sg.name}"
|
|
|
|
priority = 102
|
|
direction = "Inbound"
|
|
access = "Allow"
|
|
protocol = "Tcp"
|
|
|
|
source_address_prefix = "*"
|
|
source_port_range = "*"
|
|
destination_port_range = "8500"
|
|
destination_address_prefix = "*"
|
|
}
|
|
|
|
resource "azurerm_public_ip" "hashistack-server-public-ip" {
|
|
count = "${var.server_count}"
|
|
name = "hashistack-server-ip-${count.index}"
|
|
location = "${var.location}"
|
|
resource_group_name = "${azurerm_resource_group.hashistack.name}"
|
|
allocation_method = "Static"
|
|
}
|
|
|
|
resource "azurerm_network_interface" "hashistack-server-ni" {
|
|
count = "${var.server_count}"
|
|
name = "hashistack-server-ni-${count.index}"
|
|
location = "${var.location}"
|
|
resource_group_name = "${azurerm_resource_group.hashistack.name}"
|
|
network_security_group_id = "${azurerm_network_security_group.hashistack-sg.id}"
|
|
|
|
ip_configuration {
|
|
name = "hashistack-ipc"
|
|
subnet_id = "${azurerm_subnet.hashistack-sn.id}"
|
|
private_ip_address_allocation = "dynamic"
|
|
public_ip_address_id = "${element(azurerm_public_ip.hashistack-server-public-ip.*.id, count.index)}"
|
|
}
|
|
|
|
tags = {
|
|
ConsulAutoJoin = "auto-join"
|
|
}
|
|
}
|
|
|
|
resource "azurerm_virtual_machine" "server" {
|
|
name = "hashistack-server-${count.index}"
|
|
location = "${var.location}"
|
|
resource_group_name = "${azurerm_resource_group.hashistack.name}"
|
|
network_interface_ids = ["${element(azurerm_network_interface.hashistack-server-ni.*.id, count.index)}"]
|
|
vm_size = "${var.vm_size}"
|
|
count = "${var.server_count}"
|
|
|
|
# Uncomment this line to delete the OS disk automatically when deleting the VM
|
|
delete_os_disk_on_termination = true
|
|
|
|
# Uncomment this line to delete the data disks automatically when deleting the VM
|
|
delete_data_disks_on_termination = true
|
|
|
|
storage_image_reference {
|
|
id = "${var.image_id}"
|
|
}
|
|
|
|
storage_os_disk {
|
|
name = "hashistack-server-osdisk-${count.index}"
|
|
caching = "ReadWrite"
|
|
create_option = "FromImage"
|
|
managed_disk_type = "Standard_LRS"
|
|
}
|
|
|
|
os_profile {
|
|
computer_name = "hashistack-server-${count.index}"
|
|
admin_username = "ubuntu"
|
|
admin_password = "none"
|
|
custom_data = "${base64encode(data.template_file.user_data_server.rendered)}"
|
|
}
|
|
|
|
os_profile_linux_config {
|
|
disable_password_authentication = true
|
|
|
|
ssh_keys {
|
|
path = "/home/ubuntu/.ssh/authorized_keys"
|
|
key_data = "${tls_private_key.main.public_key_openssh}"
|
|
}
|
|
}
|
|
}
|
|
|
|
data "template_file" "user_data_server" {
|
|
template = "${file("${path.root}/user-data-server.sh")}"
|
|
vars = {
|
|
server_count = "${var.server_count}"
|
|
retry_join = "${var.retry_join}"
|
|
}
|
|
}
|
|
|
|
resource "azurerm_public_ip" "hashistack-client-public-ip" {
|
|
count = "${var.client_count}"
|
|
name = "hashistack-client-ip-${count.index}"
|
|
location = "${var.location}"
|
|
resource_group_name = "${azurerm_resource_group.hashistack.name}"
|
|
allocation_method = "Static"
|
|
}
|
|
|
|
resource "azurerm_network_interface" "hashistack-client-ni" {
|
|
count = "${var.client_count}"
|
|
name = "hashistack-client-ni-${count.index}"
|
|
location = "${var.location}"
|
|
resource_group_name = "${azurerm_resource_group.hashistack.name}"
|
|
network_security_group_id = "${azurerm_network_security_group.hashistack-sg.id}"
|
|
|
|
ip_configuration {
|
|
name = "hashistack-ipc"
|
|
subnet_id = "${azurerm_subnet.hashistack-sn.id}"
|
|
private_ip_address_allocation = "dynamic"
|
|
public_ip_address_id = "${element(azurerm_public_ip.hashistack-client-public-ip.*.id, count.index)}"
|
|
}
|
|
|
|
tags = {
|
|
ConsulAutoJoin = "auto-join"
|
|
}
|
|
}
|
|
|
|
resource "azurerm_virtual_machine" "client" {
|
|
name = "hashistack-client-${count.index}"
|
|
location = "${var.location}"
|
|
resource_group_name = "${azurerm_resource_group.hashistack.name}"
|
|
network_interface_ids = ["${element(azurerm_network_interface.hashistack-client-ni.*.id, count.index)}"]
|
|
vm_size = "${var.vm_size}"
|
|
count = "${var.client_count}"
|
|
depends_on = ["azurerm_virtual_machine.server"]
|
|
|
|
# Uncomment this line to delete the OS disk automatically when deleting the VM
|
|
delete_os_disk_on_termination = true
|
|
|
|
# Uncomment this line to delete the data disks automatically when deleting the VM
|
|
delete_data_disks_on_termination = true
|
|
|
|
storage_image_reference {
|
|
id = "${var.image_id}"
|
|
}
|
|
|
|
storage_os_disk {
|
|
name = "hashistack-client-osdisk-${count.index}"
|
|
caching = "ReadWrite"
|
|
create_option = "FromImage"
|
|
managed_disk_type = "Standard_LRS"
|
|
}
|
|
|
|
os_profile {
|
|
computer_name = "hashistack-client-${count.index}"
|
|
admin_username = "ubuntu"
|
|
admin_password = "none"
|
|
custom_data = "${base64encode(data.template_file.user_data_client.rendered)}"
|
|
}
|
|
|
|
os_profile_linux_config {
|
|
disable_password_authentication = true
|
|
|
|
ssh_keys {
|
|
path = "/home/ubuntu/.ssh/authorized_keys"
|
|
key_data = "${tls_private_key.main.public_key_openssh}"
|
|
}
|
|
}
|
|
}
|
|
|
|
data "template_file" "user_data_client" {
|
|
template = "${file("${path.root}/user-data-client.sh")}"
|
|
vars = {
|
|
retry_join = "${var.retry_join}"
|
|
}
|
|
}
|
|
|
|
output "server_public_ips" {
|
|
value = ["${azurerm_public_ip.hashistack-server-public-ip.*.ip_address}"]
|
|
}
|
|
|
|
output "client_public_ips" {
|
|
value = ["${azurerm_public_ip.hashistack-client-public-ip.*.ip_address}"]
|
|
}
|