open-nomad/e2e/terraform/nomad.tf
Tim Gross 9f05d62338
E2E with HCP Consul/Vault (#12267)
Use HCP Consul and HCP Vault for the Consul and Vault clusters used in E2E testing. This has the following benefits:

* Without the need to support mTLS bootstrapping for Consul and Vault, we can simplify the mTLS configuration by leaning on Terraform instead of janky bash shell scripting.
* Vault bootstrapping is no longer required, so we can eliminate even more janky shell scripting
* Our E2E exercises HCP, which is important to us as an organization
* With the reduction in configurability, we can simplify the Terraform configuration and drop the complicated `provision.sh`/`provision.ps1` scripts we were using previously. We can template Nomad configuration files and upload them with the `file` provisioner.
* Packer builds for Linux and Windows become much simpler.

tl;dr way less janky shell scripting!
2022-03-18 09:27:28 -04:00

78 lines
2.4 KiB
HCL

module "nomad_server" {
source = "./provision-nomad"
depends_on = [aws_instance.server]
count = var.server_count
platform = "linux"
arch = "linux_amd64"
role = "server"
index = count.index
instance = aws_instance.server[count.index]
nomad_local_binary = count.index < length(var.nomad_local_binary_server) ? var.nomad_local_binary_server[count.index] : var.nomad_local_binary
nomad_license = var.nomad_license
tls_ca_key = tls_private_key.ca.private_key_pem
tls_ca_cert = tls_self_signed_cert.ca.cert_pem
connection = {
type = "ssh"
user = "ubuntu"
port = 22
private_key = "${path.root}/keys/${local.random_name}.pem"
}
}
# TODO: split out the different Linux targets (ubuntu, centos, arm, etc.) when
# they're available
module "nomad_client_ubuntu_bionic_amd64" {
source = "./provision-nomad"
depends_on = [aws_instance.client_ubuntu_bionic_amd64]
count = var.client_count_ubuntu_bionic_amd64
platform = "linux"
arch = "linux_amd64"
role = "client"
index = count.index
instance = aws_instance.client_ubuntu_bionic_amd64[count.index]
nomad_local_binary = count.index < length(var.nomad_local_binary_client_ubuntu_bionic_amd64) ? var.nomad_local_binary_client_ubuntu_bionic_amd64[count.index] : var.nomad_local_binary
tls_ca_key = tls_private_key.ca.private_key_pem
tls_ca_cert = tls_self_signed_cert.ca.cert_pem
connection = {
type = "ssh"
user = "ubuntu"
port = 22
private_key = "${path.root}/keys/${local.random_name}.pem"
}
}
# TODO: split out the different Windows targets (2016, 2019) when they're
# available
module "nomad_client_windows_2016_amd64" {
source = "./provision-nomad"
depends_on = [aws_instance.client_windows_2016_amd64]
count = var.client_count_windows_2016_amd64
platform = "windows"
arch = "windows_amd64"
role = "client"
index = count.index
instance = aws_instance.client_windows_2016_amd64[count.index]
nomad_local_binary = count.index < length(var.nomad_local_binary_client_windows_2016_amd64) ? var.nomad_local_binary_client_windows_2016_amd64[count.index] : ""
tls_ca_key = tls_private_key.ca.private_key_pem
tls_ca_cert = tls_self_signed_cert.ca.cert_pem
connection = {
type = "ssh"
user = "Administrator"
port = 22
private_key = "${path.root}/keys/${local.random_name}.pem"
}
}