github.com/tetrafolium/tflint@v0.8.0/tflint/test-fixtures/v0.11.0_module/.terraform/modules/abc3234899392665e7e4875ddfd1340d/hashicorp-terraform-aws-consul-ee980b4/main.tf (about) 1 # --------------------------------------------------------------------------------------------------------------------- 2 # DEPLOY A CONSUL CLUSTER IN AWS 3 # These templates show an example of how to use the consul-cluster module to deploy Consul in AWS. We deploy two Auto 4 # Scaling Groups (ASGs): one with a small number of Consul server nodes and one with a larger number of Consul client 5 # nodes. Note that these templates assume that the AMI you provide via the ami_id input variable is built from 6 # the examples/consul-ami/consul.json Packer template. 7 # --------------------------------------------------------------------------------------------------------------------- 8 9 provider "aws" { 10 region = "${var.aws_region}" 11 } 12 13 # Terraform 0.9.5 suffered from https://github.com/hashicorp/terraform/issues/14399, which causes this template the 14 # conditionals in this template to fail. 15 terraform { 16 required_version = ">= 0.9.3, != 0.9.5" 17 } 18 19 # --------------------------------------------------------------------------------------------------------------------- 20 # AUTOMATICALLY LOOK UP THE LATEST PRE-BUILT AMI 21 # This repo contains a CircleCI job that automatically builds and publishes the latest AMI by building the Packer 22 # template at /examples/consul-ami upon every new release. The Terraform data source below automatically looks up the 23 # latest AMI so that a simple "terraform apply" will just work without the user needing to manually build an AMI and 24 # fill in the right value. 25 # 26 # !! WARNING !! These exmaple AMIs are meant only convenience when initially testing this repo. Do NOT use these example 27 # AMIs in a production setting because it is important that you consciously think through the configuration you want 28 # in your own production AMI. 29 # 30 # NOTE: This Terraform data source must return at least one AMI result or the entire template will fail. See 31 # /_ci/publish-amis-in-new-account.md for more information. 32 # --------------------------------------------------------------------------------------------------------------------- 33 data "aws_ami" "consul" { 34 most_recent = true 35 36 # If we change the AWS Account in which test are run, update this value. 37 owners = ["562637147889"] 38 39 filter { 40 name = "virtualization-type" 41 values = ["hvm"] 42 } 43 44 filter { 45 name = "is-public" 46 values = ["true"] 47 } 48 49 filter { 50 name = "name" 51 values = ["consul-ubuntu-*"] 52 } 53 } 54 55 # --------------------------------------------------------------------------------------------------------------------- 56 # DEPLOY THE CONSUL SERVER NODES 57 # --------------------------------------------------------------------------------------------------------------------- 58 59 module "consul_servers" { 60 # When using these modules in your own templates, you will need to use a Git URL with a ref attribute that pins you 61 # to a specific version of the modules, such as the following example: 62 # source = "git::git@github.com:hashicorp/terraform-aws-consul.git//modules/consul-cluster?ref=v0.0.1" 63 source = "./modules/consul-cluster" 64 65 cluster_name = "${var.cluster_name}-server" 66 cluster_size = "${var.num_servers}" 67 instance_type = "t2.micro" 68 69 # The EC2 Instances will use these tags to automatically discover each other and form a cluster 70 cluster_tag_key = "${var.cluster_tag_key}" 71 cluster_tag_value = "${var.cluster_name}" 72 73 ami_id = "${var.ami_id == "" ? data.aws_ami.consul.image_id : var.ami_id}" 74 user_data = "${data.template_file.user_data_server.rendered}" 75 76 vpc_id = "${data.aws_vpc.default.id}" 77 subnet_ids = "${data.aws_subnet_ids.default.ids}" 78 79 # To make testing easier, we allow Consul and SSH requests from any IP address here but in a production 80 # deployment, we strongly recommend you limit this to the IP address ranges of known, trusted servers inside your VPC. 81 allowed_ssh_cidr_blocks = ["0.0.0.0/0"] 82 allowed_inbound_cidr_blocks = ["0.0.0.0/0"] 83 ssh_key_name = "${var.ssh_key_name}" 84 } 85 86 # --------------------------------------------------------------------------------------------------------------------- 87 # THE USER DATA SCRIPT THAT WILL RUN ON EACH CONSUL SERVER EC2 INSTANCE WHEN IT'S BOOTING 88 # This script will configure and start Consul 89 # --------------------------------------------------------------------------------------------------------------------- 90 91 data "template_file" "user_data_server" { 92 template = "${file("${path.module}/examples/root-example/user-data-server.sh")}" 93 94 vars { 95 cluster_tag_key = "${var.cluster_tag_key}" 96 cluster_tag_value = "${var.cluster_name}" 97 } 98 } 99 100 # --------------------------------------------------------------------------------------------------------------------- 101 # DEPLOY THE CONSUL CLIENT NODES 102 # Note that you do not have to use the consul-cluster module to deploy your clients. We do so simply because it 103 # provides a convenient way to deploy an Auto Scaling Group with the necessary IAM and security group permissions for 104 # Consul, but feel free to deploy those clients however you choose (e.g. a single EC2 Instance, a Docker cluster, etc). 105 # --------------------------------------------------------------------------------------------------------------------- 106 107 module "consul_clients" { 108 # When using these modules in your own templates, you will need to use a Git URL with a ref attribute that pins you 109 # to a specific version of the modules, such as the following example: 110 # source = "git::git@github.com:hashicorp/terraform-aws-consul.git//modules/consul-cluster?ref=v0.0.1" 111 source = "./modules/consul-cluster" 112 113 cluster_name = "${var.cluster_name}-client" 114 cluster_size = "${var.num_clients}" 115 instance_type = "t2.micro" 116 117 cluster_tag_key = "consul-clients" 118 cluster_tag_value = "${var.cluster_name}" 119 120 ami_id = "${var.ami_id == "" ? data.aws_ami.consul.image_id : var.ami_id}" 121 user_data = "${data.template_file.user_data_client.rendered}" 122 123 vpc_id = "${data.aws_vpc.default.id}" 124 subnet_ids = "${data.aws_subnet_ids.default.ids}" 125 126 # To make testing easier, we allow Consul and SSH requests from any IP address here but in a production 127 # deployment, we strongly recommend you limit this to the IP address ranges of known, trusted servers inside your VPC. 128 allowed_ssh_cidr_blocks = ["0.0.0.0/0"] 129 allowed_inbound_cidr_blocks = ["0.0.0.0/0"] 130 ssh_key_name = "${var.ssh_key_name}" 131 } 132 133 # --------------------------------------------------------------------------------------------------------------------- 134 # THE USER DATA SCRIPT THAT WILL RUN ON EACH CONSUL CLIENT EC2 INSTANCE WHEN IT'S BOOTING 135 # This script will configure and start Consul 136 # --------------------------------------------------------------------------------------------------------------------- 137 138 data "template_file" "user_data_client" { 139 template = "${file("${path.module}/examples/root-example/user-data-client.sh")}" 140 141 vars { 142 cluster_tag_key = "${var.cluster_tag_key}" 143 cluster_tag_value = "${var.cluster_name}" 144 } 145 } 146 147 # --------------------------------------------------------------------------------------------------------------------- 148 # DEPLOY CONSUL IN THE DEFAULT VPC AND SUBNETS 149 # Using the default VPC and subnets makes this example easy to run and test, but it means Consul is accessible from the 150 # public Internet. For a production deployment, we strongly recommend deploying into a custom VPC with private subnets. 151 # --------------------------------------------------------------------------------------------------------------------- 152 153 data "aws_vpc" "default" { 154 default = "${var.vpc_id == "" ? true : false}" 155 id = "${var.vpc_id}" 156 } 157 158 data "aws_subnet_ids" "default" { 159 vpc_id = "${data.aws_vpc.default.id}" 160 }