You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

186 lines
5.3 KiB

  1. terraform {
  2. required_version = ">= 0.8.7"
  3. }
  4. provider "aws" {
  5. access_key = "${var.AWS_ACCESS_KEY_ID}"
  6. secret_key = "${var.AWS_SECRET_ACCESS_KEY}"
  7. region = "${var.AWS_DEFAULT_REGION}"
  8. }
  9. /*
  10. * Calling modules who create the initial AWS VPC / AWS ELB
  11. * and AWS IAM Roles for Kubernetes Deployment
  12. */
  13. module "aws-vpc" {
  14. source = "modules/vpc"
  15. aws_cluster_name = "${var.aws_cluster_name}"
  16. aws_vpc_cidr_block = "${var.aws_vpc_cidr_block}"
  17. aws_avail_zones="${var.aws_avail_zones}"
  18. aws_cidr_subnets_private="${var.aws_cidr_subnets_private}"
  19. aws_cidr_subnets_public="${var.aws_cidr_subnets_public}"
  20. }
  21. module "aws-elb" {
  22. source = "modules/elb"
  23. aws_cluster_name="${var.aws_cluster_name}"
  24. aws_vpc_id="${module.aws-vpc.aws_vpc_id}"
  25. aws_avail_zones="${var.aws_avail_zones}"
  26. aws_subnet_ids_public="${module.aws-vpc.aws_subnet_ids_public}"
  27. aws_elb_api_port = "${var.aws_elb_api_port}"
  28. k8s_secure_api_port = "${var.k8s_secure_api_port}"
  29. }
  30. module "aws-iam" {
  31. source = "modules/iam"
  32. aws_cluster_name="${var.aws_cluster_name}"
  33. }
  34. /*
  35. * Create Bastion Instances in AWS
  36. *
  37. */
  38. resource "aws_instance" "bastion-server" {
  39. ami = "${var.aws_bastion_ami}"
  40. instance_type = "${var.aws_bastion_size}"
  41. count = "${length(var.aws_cidr_subnets_public)}"
  42. associate_public_ip_address = true
  43. availability_zone = "${element(var.aws_avail_zones,count.index)}"
  44. subnet_id = "${element(module.aws-vpc.aws_subnet_ids_public,count.index)}"
  45. vpc_security_group_ids = [ "${module.aws-vpc.aws_security_group}" ]
  46. key_name = "${var.AWS_SSH_KEY_NAME}"
  47. tags {
  48. Name = "kubernetes-${var.aws_cluster_name}-bastion-${count.index}"
  49. Cluster = "${var.aws_cluster_name}"
  50. Role = "bastion-${var.aws_cluster_name}-${count.index}"
  51. }
  52. }
  53. /*
  54. * Create K8s Master and worker nodes and etcd instances
  55. *
  56. */
  57. resource "aws_instance" "k8s-master" {
  58. ami = "${var.aws_cluster_ami}"
  59. instance_type = "${var.aws_kube_master_size}"
  60. count = "${var.aws_kube_master_num}"
  61. availability_zone = "${element(var.aws_avail_zones,count.index)}"
  62. subnet_id = "${element(module.aws-vpc.aws_subnet_ids_private,count.index)}"
  63. vpc_security_group_ids = [ "${module.aws-vpc.aws_security_group}" ]
  64. iam_instance_profile = "${module.aws-iam.kube-master-profile}"
  65. key_name = "${var.AWS_SSH_KEY_NAME}"
  66. tags {
  67. Name = "kubernetes-${var.aws_cluster_name}-master${count.index}"
  68. Cluster = "${var.aws_cluster_name}"
  69. Role = "master"
  70. }
  71. }
  72. resource "aws_elb_attachment" "attach_master_nodes" {
  73. count = "${var.aws_kube_master_num}"
  74. elb = "${module.aws-elb.aws_elb_api_id}"
  75. instance = "${element(aws_instance.k8s-master.*.id,count.index)}"
  76. }
  77. resource "aws_instance" "k8s-etcd" {
  78. ami = "${var.aws_cluster_ami}"
  79. instance_type = "${var.aws_etcd_size}"
  80. count = "${var.aws_etcd_num}"
  81. availability_zone = "${element(var.aws_avail_zones,count.index)}"
  82. subnet_id = "${element(module.aws-vpc.aws_subnet_ids_private,count.index)}"
  83. vpc_security_group_ids = [ "${module.aws-vpc.aws_security_group}" ]
  84. key_name = "${var.AWS_SSH_KEY_NAME}"
  85. tags {
  86. Name = "kubernetes-${var.aws_cluster_name}-etcd${count.index}"
  87. Cluster = "${var.aws_cluster_name}"
  88. Role = "etcd"
  89. }
  90. }
  91. resource "aws_instance" "k8s-worker" {
  92. ami = "${var.aws_cluster_ami}"
  93. instance_type = "${var.aws_kube_worker_size}"
  94. count = "${var.aws_kube_worker_num}"
  95. availability_zone = "${element(var.aws_avail_zones,count.index)}"
  96. subnet_id = "${element(module.aws-vpc.aws_subnet_ids_private,count.index)}"
  97. vpc_security_group_ids = [ "${module.aws-vpc.aws_security_group}" ]
  98. iam_instance_profile = "${module.aws-iam.kube-worker-profile}"
  99. key_name = "${var.AWS_SSH_KEY_NAME}"
  100. tags {
  101. Name = "kubernetes-${var.aws_cluster_name}-worker${count.index}"
  102. Cluster = "${var.aws_cluster_name}"
  103. Role = "worker"
  104. }
  105. }
  106. /*
  107. * Create Kargo Inventory File
  108. *
  109. */
  110. data "template_file" "inventory" {
  111. template = "${file("${path.module}/templates/inventory.tpl")}"
  112. vars {
  113. public_ip_address_bastion = "${join("\n",formatlist("bastion ansible_ssh_host=%s" , aws_instance.bastion-server.*.public_ip))}"
  114. connection_strings_master = "${join("\n",formatlist("%s ansible_ssh_host=%s",aws_instance.k8s-master.*.tags.Name, aws_instance.k8s-master.*.private_ip))}"
  115. connection_strings_node = "${join("\n", formatlist("%s ansible_ssh_host=%s", aws_instance.k8s-worker.*.tags.Name, aws_instance.k8s-worker.*.private_ip))}"
  116. connection_strings_etcd = "${join("\n",formatlist("%s ansible_ssh_host=%s", aws_instance.k8s-etcd.*.tags.Name, aws_instance.k8s-etcd.*.private_ip))}"
  117. list_master = "${join("\n",aws_instance.k8s-master.*.tags.Name)}"
  118. list_node = "${join("\n",aws_instance.k8s-worker.*.tags.Name)}"
  119. list_etcd = "${join("\n",aws_instance.k8s-etcd.*.tags.Name)}"
  120. elb_api_fqdn = "apiserver_loadbalancer_domain_name=\"${module.aws-elb.aws_elb_api_fqdn}\""
  121. elb_api_port = "loadbalancer_apiserver.port=${var.aws_elb_api_port}"
  122. kube_insecure_apiserver_address = "kube_apiserver_insecure_bind_address: ${var.kube_insecure_apiserver_address}"
  123. }
  124. }
  125. resource "null_resource" "inventories" {
  126. provisioner "local-exec" {
  127. command = "echo '${data.template_file.inventory.rendered}' > ../../../inventory/hosts"
  128. }
  129. }