github.com/hspak/nomad@v0.7.2-0.20180309000617-bc4ae22a39a5/terraform/aws/modules/hashistack/hashistack.tf

github.com/hspak/nomad@v0.7.2-0.20180309000617-bc4ae22a39a5/terraform/aws/modules/hashistack/hashistack.tf (about)

     1  variable "region" {}
     2  variable "ami" {}
     3  variable "instance_type" {}
     4  variable "key_name" {}
     5  variable "server_count" {}
     6  variable "client_count" {}
     7  variable "retry_join" {}
     8  
     9  data "aws_vpc" "default" {
    10    default = true
    11  }
    12  
    13  resource "aws_security_group" "hashistack" {
    14    name   = "hashistack"
    15    vpc_id = "${data.aws_vpc.default.id}"
    16  
    17    ingress {
    18      from_port   = 22
    19      to_port     = 22
    20      protocol    = "tcp"
    21      cidr_blocks = ["0.0.0.0/0"]
    22    }
    23  
    24    # Nomad
    25    ingress {
    26      from_port   = 4646
    27      to_port     = 4646
    28      protocol    = "tcp"
    29      cidr_blocks = ["0.0.0.0/0"]
    30    }
    31  
    32    # Consul
    33    ingress {
    34      from_port   = 8500
    35      to_port     = 8500
    36      protocol    = "tcp"
    37      cidr_blocks = ["0.0.0.0/0"]
    38    }
    39  
    40    # HDFS NameNode UI
    41    ingress {
    42      from_port   = 50070
    43      to_port     = 50070
    44      protocol    = "tcp"
    45      cidr_blocks = ["0.0.0.0/0"]
    46    }
    47  
    48    # HDFS DataNode UI
    49    ingress {
    50      from_port   = 50075
    51      to_port     = 50075
    52      protocol    = "tcp"
    53      cidr_blocks = ["0.0.0.0/0"]
    54    }
    55  
    56    # Spark history server UI
    57    ingress {
    58      from_port   = 18080
    59      to_port     = 18080
    60      protocol    = "tcp"
    61      cidr_blocks = ["0.0.0.0/0"]
    62    }
    63  
    64    ingress {
    65      from_port = 0
    66      to_port   = 0
    67      protocol  = "-1"
    68      self      = true
    69    }
    70  
    71    egress {
    72      from_port   = 0
    73      to_port     = 0
    74      protocol    = "-1"
    75      cidr_blocks = ["0.0.0.0/0"]
    76    }
    77  }
    78  
    79  data "template_file" "user_data_server" {
    80    template = "${file("${path.root}/user-data-server.sh")}"
    81  
    82    vars {
    83      server_count = "${var.server_count}"
    84      region       = "${var.region}"
    85      retry_join   = "${var.retry_join}"
    86    }
    87  }
    88  
    89  data "template_file" "user_data_client" {
    90    template = "${file("${path.root}/user-data-client.sh")}"
    91  
    92    vars {
    93      region     = "${var.region}"
    94      retry_join = "${var.retry_join}"
    95    }
    96  }
    97  
    98  resource "aws_instance" "server" {
    99    ami                    = "${var.ami}"
   100    instance_type          = "${var.instance_type}"
   101    key_name               = "${var.key_name}"
   102    vpc_security_group_ids = ["${aws_security_group.hashistack.id}"]
   103    count                  = "${var.server_count}"
   104  
   105    #Instance tags
   106    tags {
   107      Name           = "hashistack-server-${count.index}"
   108      ConsulAutoJoin = "auto-join"
   109    }
   110  
   111    user_data            = "${data.template_file.user_data_server.rendered}"
   112    iam_instance_profile = "${aws_iam_instance_profile.instance_profile.name}"
   113  }
   114  
   115  resource "aws_instance" "client" {
   116    ami                    = "${var.ami}"
   117    instance_type          = "${var.instance_type}"
   118    key_name               = "${var.key_name}"
   119    vpc_security_group_ids = ["${aws_security_group.hashistack.id}"]
   120    count                  = "${var.client_count}"
   121    depends_on             = ["aws_instance.server"]
   122  
   123    #Instance tags
   124    tags {
   125      Name           = "hashistack-client-${count.index}"
   126      ConsulAutoJoin = "auto-join"
   127    }
   128  
   129    user_data            = "${data.template_file.user_data_client.rendered}"
   130    iam_instance_profile = "${aws_iam_instance_profile.instance_profile.name}"
   131  }
   132  
   133  resource "aws_iam_instance_profile" "instance_profile" {
   134    name_prefix = "hashistack"
   135    role        = "${aws_iam_role.instance_role.name}"
   136  }
   137  
   138  resource "aws_iam_role" "instance_role" {
   139    name_prefix        = "hashistack"
   140    assume_role_policy = "${data.aws_iam_policy_document.instance_role.json}"
   141  }
   142  
   143  data "aws_iam_policy_document" "instance_role" {
   144    statement {
   145      effect  = "Allow"
   146      actions = ["sts:AssumeRole"]
   147  
   148      principals {
   149        type        = "Service"
   150        identifiers = ["ec2.amazonaws.com"]
   151      }
   152    }
   153  }
   154  
   155  resource "aws_iam_role_policy" "auto_discover_cluster" {
   156    name   = "auto-discover-cluster"
   157    role   = "${aws_iam_role.instance_role.id}"
   158    policy = "${data.aws_iam_policy_document.auto_discover_cluster.json}"
   159  }
   160  
   161  data "aws_iam_policy_document" "auto_discover_cluster" {
   162    statement {
   163      effect = "Allow"
   164  
   165      actions = [
   166        "ec2:DescribeInstances",
   167        "ec2:DescribeTags",
   168        "autoscaling:DescribeAutoScalingGroups",
   169      ]
   170  
   171      resources = ["*"]
   172    }
   173  }
   174  
   175  output "server_public_ips" {
   176    value = ["${aws_instance.server.*.public_ip}"]
   177  }
   178  
   179  output "client_public_ips" {
   180    value = ["${aws_instance.client.*.public_ip}"]
   181  }