-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathmodules.tf
105 lines (89 loc) · 2.87 KB
/
modules.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
# #####################
# All modules ( main terraform entry point )
# #####################
module "vpc" {
source = "./modules/vpc"
# Input
vpc_cidr = "${var.vpc_cidr}"
# Output
# vpc_id : aws_vpc.kubernetes.id
# subnet_id : aws_subnet.kubernetes.id
}
module "sg" {
source = "./modules/securitygroups"
# Input
vpc_id = "${module.vpc.vpc_id}"
vpc_cidr = "${var.vpc_cidr}"
control_cidr = "${var.control_cidr}"
# Output
# master_id : aws_security_group.k8s-master.id
# worker_id : aws_security_group.k8s-worker.id
}
module "iam" {
source = "./modules/iam"
# Input
# Output
# wroker_profile_id : aws_iam_role.worker_role.id
# worker_profile_name : aws_iam_instance_profile.worker_profile.name
# master_profile_id : aws_iam_role.master_role.id
# master_profile_name : aws_iam_instance_profile.master_profile.name
}
module "edge_eip" {
source = "./modules/eip"
# Input
allocation_id = "${var.edge_eip_allocation_id}"
instance_id = "${module.edge.instance_ids[0]}"
}
module "master" {
source = "./modules/ec2"
type = "master"
count = "${var.master_count}"
ami = "${lookup(var.amis, var.region)}"
instance_type = "${var.master_instance_type}"
volume_size = "${var.master_volume_size}"
sg_id = "${module.sg.master_id}"
subnet_id = "${module.vpc.subnet_id}"
iam_profile_name = "${module.iam.master_profile_name}"
ssh_key_name = "${var.ssh_key_name}"
ssh_user_name = "${var.ssh_user_name}"
ssh_private_key_path = "${var.ssh_private_key_path}"
}
module "worker" {
source = "./modules/ec2"
type = "worker"
count = "${var.worker_count}"
ami = "${lookup(var.amis, var.region)}"
instance_type = "${var.worker_instance_type}"
volume_size = "${var.worker_volume_size}"
sg_id = "${module.sg.worker_id}"
subnet_id = "${module.vpc.subnet_id}"
iam_profile_name = "${module.iam.worker_profile_name}"
ssh_key_name = "${var.ssh_key_name}"
ssh_user_name = "${var.ssh_user_name}"
ssh_private_key_path = "${var.ssh_private_key_path}"
}
# Basically an edge node is no different than a worker node,
# except that edge nodes has a wider security rule set and
# different tag.
module "edge"{
source = "./modules/ec2"
type = "edge"
count = "${var.edge_count}"
ami = "${lookup(var.amis, var.region)}"
instance_type = "${var.worker_instance_type}"
volume_size = "${var.worker_volume_size}"
#Edge node has its own security rules
sg_id = "${module.sg.edge_node_id}"
subnet_id = "${module.vpc.subnet_id}"
iam_profile_name = "${module.iam.worker_profile_name}"
ssh_key_name = "${var.ssh_key_name}"
ssh_user_name = "${var.ssh_user_name}"
ssh_private_key_path = "${var.ssh_private_key_path}"
}
# TODO: Move this out of terraform
module "cert" {
source = "./modules/cert"
master_public_ips = "${join(",", module.master.public_ips)}"
master_private_ips = "${join(",", module.master.private_ips)}"
service_ip = "${var.k8s_service_ip}"
}