-
Notifications
You must be signed in to change notification settings - Fork 181
/
Copy pathmain.tf
123 lines (101 loc) · 3.05 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
# Data source: query the list of availability zones
data "aws_availability_zones" "all" {}
# Data source: DB remote state
data "terraform_remote_state" "db" {
backend = "s3"
config {
bucket = "${var.db_remote_state_bucket}"
key = "${var.db_remote_state_key}"
region = "eu-west-1"
}
}
# Data source: Template file
data "template_file" "user_data" {
template = "${file("${path.module}/user-data.sh")}"
vars {
server_port = "${var.server_port}"
db_address = "${data.terraform_remote_state.db.address}"
db_port = "${data.terraform_remote_state.db.port}"
}
}
# Create a Security Group for an EC2 instance
resource "aws_security_group" "instance" {
name = "${var.cluster_name}-instance"
lifecycle {
create_before_destroy = true
}
}
# Create a Security Group Rule
resource "aws_security_group_rule" "allow_server_http_inbound" {
type = "ingress"
security_group_id = "${aws_security_group.instance.id}"
from_port = "${var.server_port}"
to_port = "${var.server_port}"
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
# Create a Security Group for an ELB
resource "aws_security_group" "elb" {
name = "${var.cluster_name}-elb"
}
# Create a Security Group Rule, inbound
resource "aws_security_group_rule" "allow_http_inbound" {
type = "ingress"
security_group_id = "${aws_security_group.elb.id}"
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
# Create a Security Group Rule, outbound
resource "aws_security_group_rule" "allow_all_outbound" {
type = "egress"
security_group_id = "${aws_security_group.elb.id}"
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
# Create a Launch Configuration
resource "aws_launch_configuration" "example" {
image_id = "ami-785db401"
instance_type = "${var.instance_type}"
security_groups = ["${aws_security_group.instance.id}"]
user_data = "${data.template_file.user_data.rendered}"
lifecycle {
create_before_destroy = true
}
}
# Create an Autoscaling Group
resource "aws_autoscaling_group" "example" {
launch_configuration = "${aws_launch_configuration.example.id}"
availability_zones = ["${data.aws_availability_zones.all.names}"]
load_balancers = ["${aws_elb.example.name}"]
health_check_type = "ELB"
min_size = "${var.min_size}"
max_size = "${var.max_size}"
tag {
key = "Name"
value = "${var.cluster_name}"
propagate_at_launch = true
}
}
# Create an ELB
resource "aws_elb" "example" {
name = "${var.cluster_name}"
availability_zones = ["${data.aws_availability_zones.all.names}"]
security_groups = ["${aws_security_group.elb.id}"]
listener {
lb_port = 80
lb_protocol = "http"
instance_port = "${var.server_port}"
instance_protocol = "http"
}
health_check {
healthy_threshold = 2
unhealthy_threshold = 2
timeout = 3
interval = 30
target = "HTTP:${var.server_port}/"
}
}