You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

191 lines
5.7 KiB

  1. terraform {
  2. required_version = ">= 0.8.7"
  3. }
  4. provider "aws" {
  5. access_key = "${var.AWS_ACCESS_KEY_ID}"
  6. secret_key = "${var.AWS_SECRET_ACCESS_KEY}"
  7. region = "${var.AWS_DEFAULT_REGION}"
  8. }
  9. data "aws_availability_zones" "available" {}
  10. /*
  11. * Calling modules who create the initial AWS VPC / AWS ELB
  12. * and AWS IAM Roles for Kubernetes Deployment
  13. */
  14. module "aws-vpc" {
  15. source = "modules/vpc"
  16. aws_cluster_name = "${var.aws_cluster_name}"
  17. aws_vpc_cidr_block = "${var.aws_vpc_cidr_block}"
  18. aws_avail_zones="${slice(data.aws_availability_zones.available.names,0,2)}"
  19. aws_cidr_subnets_private="${var.aws_cidr_subnets_private}"
  20. aws_cidr_subnets_public="${var.aws_cidr_subnets_public}"
  21. default_tags="${var.default_tags}"
  22. }
  23. module "aws-elb" {
  24. source = "modules/elb"
  25. aws_cluster_name="${var.aws_cluster_name}"
  26. aws_vpc_id="${module.aws-vpc.aws_vpc_id}"
  27. aws_avail_zones="${slice(data.aws_availability_zones.available.names,0,2)}"
  28. aws_subnet_ids_public="${module.aws-vpc.aws_subnet_ids_public}"
  29. aws_elb_api_port = "${var.aws_elb_api_port}"
  30. k8s_secure_api_port = "${var.k8s_secure_api_port}"
  31. default_tags="${var.default_tags}"
  32. }
  33. module "aws-iam" {
  34. source = "modules/iam"
  35. aws_cluster_name="${var.aws_cluster_name}"
  36. }
  37. /*
  38. * Create Bastion Instances in AWS
  39. *
  40. */
  41. resource "aws_instance" "bastion-server" {
  42. ami = "${data.aws_ami.distro.id}"
  43. instance_type = "${var.aws_bastion_size}"
  44. count = "${length(var.aws_cidr_subnets_public)}"
  45. associate_public_ip_address = true
  46. availability_zone = "${element(slice(data.aws_availability_zones.available.names,0,2),count.index)}"
  47. subnet_id = "${element(module.aws-vpc.aws_subnet_ids_public,count.index)}"
  48. vpc_security_group_ids = [ "${module.aws-vpc.aws_security_group}" ]
  49. key_name = "${var.AWS_SSH_KEY_NAME}"
  50. tags = "${merge(var.default_tags, map(
  51. "Name", "kubernetes-${var.aws_cluster_name}-bastion-${count.index}",
  52. "Cluster", "${var.aws_cluster_name}",
  53. "Role", "bastion-${var.aws_cluster_name}-${count.index}"
  54. ))}"
  55. }
  56. /*
  57. * Create K8s Master and worker nodes and etcd instances
  58. *
  59. */
  60. resource "aws_instance" "k8s-master" {
  61. ami = "${data.aws_ami.distro.id}"
  62. instance_type = "${var.aws_kube_master_size}"
  63. count = "${var.aws_kube_master_num}"
  64. availability_zone = "${element(slice(data.aws_availability_zones.available.names,0,2),count.index)}"
  65. subnet_id = "${element(module.aws-vpc.aws_subnet_ids_private,count.index)}"
  66. vpc_security_group_ids = [ "${module.aws-vpc.aws_security_group}" ]
  67. iam_instance_profile = "${module.aws-iam.kube-master-profile}"
  68. key_name = "${var.AWS_SSH_KEY_NAME}"
  69. tags = "${merge(var.default_tags, map(
  70. "Name", "kubernetes-${var.aws_cluster_name}-master${count.index}",
  71. "kubernetes.io/cluster/${var.aws_cluster_name}", "member",
  72. "Role", "master"
  73. ))}"
  74. }
  75. resource "aws_elb_attachment" "attach_master_nodes" {
  76. count = "${var.aws_kube_master_num}"
  77. elb = "${module.aws-elb.aws_elb_api_id}"
  78. instance = "${element(aws_instance.k8s-master.*.id,count.index)}"
  79. }
  80. resource "aws_instance" "k8s-etcd" {
  81. ami = "${data.aws_ami.distro.id}"
  82. instance_type = "${var.aws_etcd_size}"
  83. count = "${var.aws_etcd_num}"
  84. availability_zone = "${element(slice(data.aws_availability_zones.available.names,0,2),count.index)}"
  85. subnet_id = "${element(module.aws-vpc.aws_subnet_ids_private,count.index)}"
  86. vpc_security_group_ids = [ "${module.aws-vpc.aws_security_group}" ]
  87. key_name = "${var.AWS_SSH_KEY_NAME}"
  88. tags = "${merge(var.default_tags, map(
  89. "Name", "kubernetes-${var.aws_cluster_name}-etcd${count.index}",
  90. "kubernetes.io/cluster/${var.aws_cluster_name}", "member",
  91. "Role", "etcd"
  92. ))}"
  93. }
  94. resource "aws_instance" "k8s-worker" {
  95. ami = "${data.aws_ami.distro.id}"
  96. instance_type = "${var.aws_kube_worker_size}"
  97. count = "${var.aws_kube_worker_num}"
  98. availability_zone = "${element(slice(data.aws_availability_zones.available.names,0,2),count.index)}"
  99. subnet_id = "${element(module.aws-vpc.aws_subnet_ids_private,count.index)}"
  100. vpc_security_group_ids = [ "${module.aws-vpc.aws_security_group}" ]
  101. iam_instance_profile = "${module.aws-iam.kube-worker-profile}"
  102. key_name = "${var.AWS_SSH_KEY_NAME}"
  103. tags = "${merge(var.default_tags, map(
  104. "Name", "kubernetes-${var.aws_cluster_name}-worker${count.index}",
  105. "kubernetes.io/cluster/${var.aws_cluster_name}", "member",
  106. "Role", "worker"
  107. ))}"
  108. }
  109. /*
  110. * Create Kubespray Inventory File
  111. *
  112. */
  113. data "template_file" "inventory" {
  114. template = "${file("${path.module}/templates/inventory.tpl")}"
  115. vars {
  116. public_ip_address_bastion = "${join("\n",formatlist("bastion ansible_host=%s" , aws_instance.bastion-server.*.public_ip))}"
  117. connection_strings_master = "${join("\n",formatlist("%s ansible_host=%s",aws_instance.k8s-master.*.tags.Name, aws_instance.k8s-master.*.private_ip))}"
  118. connection_strings_node = "${join("\n", formatlist("%s ansible_host=%s", aws_instance.k8s-worker.*.tags.Name, aws_instance.k8s-worker.*.private_ip))}"
  119. connection_strings_etcd = "${join("\n",formatlist("%s ansible_host=%s", aws_instance.k8s-etcd.*.tags.Name, aws_instance.k8s-etcd.*.private_ip))}"
  120. list_master = "${join("\n",aws_instance.k8s-master.*.tags.Name)}"
  121. list_node = "${join("\n",aws_instance.k8s-worker.*.tags.Name)}"
  122. list_etcd = "${join("\n",aws_instance.k8s-etcd.*.tags.Name)}"
  123. elb_api_fqdn = "apiserver_loadbalancer_domain_name=\"${module.aws-elb.aws_elb_api_fqdn}\""
  124. }
  125. }
  126. resource "null_resource" "inventories" {
  127. provisioner "local-exec" {
  128. command = "echo '${data.template_file.inventory.rendered}' > ${var.inventory_file}"
  129. }
  130. triggers {
  131. template = "${data.template_file.inventory.rendered}"
  132. }
  133. }