github.com/djenriquez/nomad-1@v0.8.1/terraform/aws/modules/hashistack/hashistack.tf

github.com/djenriquez/nomad-1@v0.8.1/terraform/aws/modules/hashistack/hashistack.tf (about)

     1  variable "name" {}
     2  variable "region" {}
     3  variable "ami" {}
     4  variable "instance_type" {}
     5  variable "key_name" {}
     6  variable "server_count" {}
     7  variable "client_count" {}
     8  variable "retry_join" {}
     9  variable "nomad_binary" {}
    10  
    11  data "aws_vpc" "default" {
    12    default = true
    13  }
    14  
    15  resource "aws_security_group" "primary" {
    16    name   = "${var.name}"
    17    vpc_id = "${data.aws_vpc.default.id}"
    18  
    19    ingress {
    20      from_port   = 22
    21      to_port     = 22
    22      protocol    = "tcp"
    23      cidr_blocks = ["0.0.0.0/0"]
    24    }
    25  
    26    # Nomad
    27    ingress {
    28      from_port   = 4646
    29      to_port     = 4646
    30      protocol    = "tcp"
    31      cidr_blocks = ["0.0.0.0/0"]
    32    }
    33  
    34    # Consul
    35    ingress {
    36      from_port   = 8500
    37      to_port     = 8500
    38      protocol    = "tcp"
    39      cidr_blocks = ["0.0.0.0/0"]
    40    }
    41  
    42    # HDFS NameNode UI
    43    ingress {
    44      from_port   = 50070
    45      to_port     = 50070
    46      protocol    = "tcp"
    47      cidr_blocks = ["0.0.0.0/0"]
    48    }
    49  
    50    # HDFS DataNode UI
    51    ingress {
    52      from_port   = 50075
    53      to_port     = 50075
    54      protocol    = "tcp"
    55      cidr_blocks = ["0.0.0.0/0"]
    56    }
    57  
    58    # Spark history server UI
    59    ingress {
    60      from_port   = 18080
    61      to_port     = 18080
    62      protocol    = "tcp"
    63      cidr_blocks = ["0.0.0.0/0"]
    64    }
    65  
    66    ingress {
    67      from_port = 0
    68      to_port   = 0
    69      protocol  = "-1"
    70      self      = true
    71    }
    72  
    73    egress {
    74      from_port   = 0
    75      to_port     = 0
    76      protocol    = "-1"
    77      cidr_blocks = ["0.0.0.0/0"]
    78    }
    79  }
    80  
    81  data "template_file" "user_data_server" {
    82    template = "${file("${path.root}/user-data-server.sh")}"
    83  
    84    vars {
    85      server_count = "${var.server_count}"
    86      region       = "${var.region}"
    87      retry_join   = "${var.retry_join}"
    88      nomad_binary = "${var.nomad_binary}"
    89    }
    90  }
    91  
    92  data "template_file" "user_data_client" {
    93    template = "${file("${path.root}/user-data-client.sh")}"
    94  
    95    vars {
    96      region     = "${var.region}"
    97      retry_join = "${var.retry_join}"
    98      nomad_binary = "${var.nomad_binary}"
    99    }
   100  }
   101  
   102  resource "aws_instance" "server" {
   103    ami                    = "${var.ami}"
   104    instance_type          = "${var.instance_type}"
   105    key_name               = "${var.key_name}"
   106    vpc_security_group_ids = ["${aws_security_group.primary.id}"]
   107    count                  = "${var.server_count}"
   108  
   109    #Instance tags
   110    tags {
   111      Name           = "${var.name}-server-${count.index}"
   112      ConsulAutoJoin = "auto-join"
   113    }
   114  
   115    user_data            = "${data.template_file.user_data_server.rendered}"
   116    iam_instance_profile = "${aws_iam_instance_profile.instance_profile.name}"
   117  }
   118  
   119  resource "aws_instance" "client" {
   120    ami                    = "${var.ami}"
   121    instance_type          = "${var.instance_type}"
   122    key_name               = "${var.key_name}"
   123    vpc_security_group_ids = ["${aws_security_group.primary.id}"]
   124    count                  = "${var.client_count}"
   125    depends_on             = ["aws_instance.server"]
   126  
   127    #Instance tags
   128    tags {
   129      Name           = "${var.name}-client-${count.index}"
   130      ConsulAutoJoin = "auto-join"
   131    }
   132  
   133    ebs_block_device =  {
   134      device_name                 = "/dev/xvdd"
   135      volume_type                 = "gp2"
   136      volume_size                 = "50"
   137      delete_on_termination       = "true"
   138    }
   139  
   140    user_data            = "${data.template_file.user_data_client.rendered}"
   141    iam_instance_profile = "${aws_iam_instance_profile.instance_profile.name}"
   142  }
   143  
   144  resource "aws_iam_instance_profile" "instance_profile" {
   145    name_prefix = "${var.name}"
   146    role        = "${aws_iam_role.instance_role.name}"
   147  }
   148  
   149  resource "aws_iam_role" "instance_role" {
   150    name_prefix        = "${var.name}"
   151    assume_role_policy = "${data.aws_iam_policy_document.instance_role.json}"
   152  }
   153  
   154  data "aws_iam_policy_document" "instance_role" {
   155    statement {
   156      effect  = "Allow"
   157      actions = ["sts:AssumeRole"]
   158  
   159      principals {
   160        type        = "Service"
   161        identifiers = ["ec2.amazonaws.com"]
   162      }
   163    }
   164  }
   165  
   166  resource "aws_iam_role_policy" "auto_discover_cluster" {
   167    name   = "auto-discover-cluster"
   168    role   = "${aws_iam_role.instance_role.id}"
   169    policy = "${data.aws_iam_policy_document.auto_discover_cluster.json}"
   170  }
   171  
   172  data "aws_iam_policy_document" "auto_discover_cluster" {
   173    statement {
   174      effect = "Allow"
   175  
   176      actions = [
   177        "ec2:DescribeInstances",
   178        "ec2:DescribeTags",
   179        "autoscaling:DescribeAutoScalingGroups",
   180      ]
   181  
   182      resources = ["*"]
   183    }
   184  }
   185  
   186  output "server_public_ips" {
   187    value = ["${aws_instance.server.*.public_ip}"]
   188  }
   189  
   190  output "client_public_ips" {
   191    value = ["${aws_instance.client.*.public_ip}"]
   192  }