Created
August 15, 2017 10:09
-
-
Save davidgenn/3db8f6d44ca7436d0764e78fafe12f63 to your computer and use it in GitHub Desktop.
failing-terraform
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
provider "aws" { | |
access_key = "<access-key>" | |
secret_key = "<secret-key>" | |
region = "eu-west-1" | |
} | |
# Create a VPC to launch our instances into | |
resource "aws_vpc" "default" { | |
cidr_block = "10.0.0.0/16" | |
tags { | |
Name = "docker-test" | |
} | |
} | |
# Create an internet gateway to give our subnets access to the outside world | |
resource "aws_internet_gateway" "default" { | |
vpc_id = "${aws_vpc.default.id}" | |
} | |
# Create three public subnets | |
resource "aws_subnet" "public-1" { | |
vpc_id = "${aws_vpc.default.id}" | |
cidr_block = "10.0.0.0/24" | |
availability_zone = "eu-west-1a" | |
tags { | |
Name = "docker-test-public-1" | |
} | |
} | |
resource "aws_subnet" "public-2" { | |
vpc_id = "${aws_vpc.default.id}" | |
cidr_block = "10.0.1.0/24" | |
availability_zone = "eu-west-1b" | |
tags { | |
Name = "docker-test-public-2" | |
} | |
} | |
resource "aws_subnet" "public-3" { | |
vpc_id = "${aws_vpc.default.id}" | |
cidr_block = "10.0.2.0/24" | |
availability_zone = "eu-west-1c" | |
tags { | |
Name = "docker-test-public-3" | |
} | |
} | |
resource "aws_route_table" "public" { | |
vpc_id = "${aws_vpc.default.id}" | |
route { | |
cidr_block = "0.0.0.0/0" | |
gateway_id = "${aws_internet_gateway.default.id}" | |
} | |
tags { | |
Name = "Public Subnet" | |
} | |
} | |
resource "aws_route_table_association" "public-1" { | |
subnet_id = "${aws_subnet.public-1.id}" | |
route_table_id = "${aws_route_table.public.id}" | |
} | |
resource "aws_route_table_association" "public-2" { | |
subnet_id = "${aws_subnet.public-2.id}" | |
route_table_id = "${aws_route_table.public.id}" | |
} | |
resource "aws_route_table_association" "public-3" { | |
subnet_id = "${aws_subnet.public-3.id}" | |
route_table_id = "${aws_route_table.public.id}" | |
} | |
# Create three private subnets | |
resource "aws_subnet" "private-1" { | |
vpc_id = "${aws_vpc.default.id}" | |
cidr_block = "10.0.3.0/24" | |
availability_zone = "eu-west-1a" | |
tags { | |
Name = "docker-test-private-1" | |
} | |
} | |
resource "aws_subnet" "private-2" { | |
vpc_id = "${aws_vpc.default.id}" | |
cidr_block = "10.0.4.0/24" | |
availability_zone = "eu-west-1b" | |
tags { | |
Name = "docker-test-private-2" | |
} | |
} | |
resource "aws_subnet" "private-3" { | |
vpc_id = "${aws_vpc.default.id}" | |
cidr_block = "10.0.5.0/24" | |
availability_zone = "eu-west-1c" | |
tags { | |
Name = "docker-test-private-3" | |
} | |
} | |
# Create a NAT gateway for the private subnets to access the internet | |
resource "aws_eip" "nat" { | |
} | |
resource "aws_nat_gateway" "default" { | |
allocation_id = "${aws_eip.nat.id}" | |
subnet_id = "${aws_subnet.public-1.id}" | |
depends_on = ["aws_internet_gateway.default"] | |
} | |
resource "aws_route_table" "private" { | |
vpc_id = "${aws_vpc.default.id}" | |
route { | |
cidr_block = "0.0.0.0/0" | |
nat_gateway_id = "${aws_nat_gateway.default.id}" | |
} | |
tags { | |
Name = "Private Subnet" | |
} | |
} | |
resource "aws_route_table_association" "private-1" { | |
subnet_id = "${aws_subnet.private-1.id}" | |
route_table_id = "${aws_route_table.private.id}" | |
} | |
resource "aws_route_table_association" "private-2" { | |
subnet_id = "${aws_subnet.private-2.id}" | |
route_table_id = "${aws_route_table.private.id}" | |
} | |
resource "aws_route_table_association" "private-3" { | |
subnet_id = "${aws_subnet.private-3.id}" | |
route_table_id = "${aws_route_table.private.id}" | |
} | |
# A security group that makes the instances accessible to each other within the private subnets | |
resource "aws_security_group" "consul" { | |
vpc_id = "${aws_vpc.default.id}" | |
ingress { | |
from_port = 0 | |
to_port = 0 | |
protocol = "-1" | |
cidr_blocks = ["0.0.0.0/0"] | |
} | |
egress { | |
from_port = 0 | |
to_port = 0 | |
protocol = "-1" | |
cidr_blocks = ["0.0.0.0/0"] | |
} | |
} | |
# Consul Server | |
resource "aws_elb" "consul_server" { | |
security_groups = ["${aws_security_group.consul.id}"] | |
subnets = ["${aws_subnet.public-1.id}", "${aws_subnet.public-2.id}", "${aws_subnet.public-3.id}"] | |
listener { | |
instance_port = 80 | |
instance_protocol = "http" | |
lb_port = 80 | |
lb_protocol = "http" | |
} | |
listener { | |
instance_port = 8500 | |
instance_protocol = "http" | |
lb_port = 8500 | |
lb_protocol = "http" | |
} | |
} | |
resource "aws_autoscaling_group" "consul_server" { | |
availability_zones = ["eu-west-1a", "eu-west-1b", "eu-west-1c"] | |
max_size = "3" | |
min_size = "3" | |
desired_capacity = "3" | |
force_delete = true | |
vpc_zone_identifier = ["${aws_subnet.private-1.id}", "${aws_subnet.private-2.id}", "${aws_subnet.private-3.id}"] | |
launch_configuration = "${aws_launch_configuration.consul_server.name}" | |
load_balancers = ["${aws_elb.consul_server.name}"] | |
health_check_type = "EC2" | |
tag { | |
key = "Name" | |
value = "consul_server" | |
propagate_at_launch = "true" | |
} | |
tag { | |
key = "consul" | |
value = "server" | |
propagate_at_launch = "true" | |
} | |
tag { | |
key = "role" | |
value = "consul-server" | |
propagate_at_launch = "true" | |
} | |
} | |
resource "aws_launch_configuration" "consul_server" { | |
image_id = "ami-541bf62d" | |
instance_type = "t2.micro" | |
security_groups = ["${aws_security_group.consul.id}"] | |
key_name = "consul_server" | |
} | |
resource "aws_route53_record" "consul_server_test" { | |
zone_id = "Z1YPLMEPAU5NOO" | |
name = "consul-test.gojip2p.net" | |
type = "CNAME" | |
ttl = "300" | |
records = ["${aws_elb.consul_server.dns_name}"] | |
} | |
# Nomad Server | |
resource "aws_elb" "nomad_server" { | |
security_groups = ["${aws_security_group.consul.id}"] | |
subnets = ["${aws_subnet.public-1.id}", "${aws_subnet.public-2.id}", "${aws_subnet.public-3.id}"] | |
listener { | |
instance_port = 4646 | |
instance_protocol = "http" | |
lb_port = 4646 | |
lb_protocol = "http" | |
} | |
} | |
resource "aws_autoscaling_group" "nomad_server" { | |
availability_zones = ["eu-west-1a", "eu-west-1b", "eu-west-1c"] | |
vpc_zone_identifier = ["${aws_subnet.private-1.id}", "${aws_subnet.private-2.id}", "${aws_subnet.private-3.id}"] | |
max_size = "3" | |
min_size = "3" | |
desired_capacity = "3" | |
force_delete = true | |
launch_configuration = "${aws_launch_configuration.nomad_server.name}" | |
load_balancers = ["${aws_elb.nomad_server.name}"] | |
health_check_type = "EC2" | |
tag { | |
key = "Name" | |
value = "nomad_server_asg" | |
propagate_at_launch = "true" | |
} | |
tag { | |
key = "consul" | |
value = "server" | |
propagate_at_launch = "true" | |
} | |
tag { | |
key = "nomad" | |
value = "server" | |
propagate_at_launch = "true" | |
} | |
tag { | |
key = "role" | |
value = "nomad-server" | |
propagate_at_launch = "true" | |
} | |
} | |
resource "aws_launch_configuration" "nomad_server" { | |
image_id = "ami-0a6c8773" | |
instance_type = "t2.micro" | |
security_groups = ["${aws_security_group.consul.id}"] | |
key_name = "consul_server" | |
} | |
resource "aws_route53_record" "nomad_server_test" { | |
zone_id = "Z1YPLMEPAU5NOO" | |
name = "nomad-test.gojip2p.net" | |
type = "CNAME" | |
ttl = "300" | |
records = ["${aws_elb.nomad_server.dns_name}"] | |
} | |
# Nomad Client | |
resource "aws_elb" "nomad_client" { | |
subnets = ["${aws_subnet.public-1.id}", "${aws_subnet.public-2.id}", "${aws_subnet.public-3.id}"] | |
security_groups = ["${aws_security_group.consul.id}"] | |
listener { | |
instance_port = 80 | |
instance_protocol = "http" | |
lb_port = 80 | |
lb_protocol = "http" | |
} | |
listener { | |
instance_port = 8080 | |
instance_protocol = "http" | |
lb_port = 8080 | |
lb_protocol = "http" | |
} | |
} | |
resource "aws_autoscaling_group" "nomad_client" { | |
availability_zones = ["eu-west-1a", "eu-west-1b", "eu-west-1c"] | |
vpc_zone_identifier = ["${aws_subnet.private-1.id}", "${aws_subnet.private-2.id}", "${aws_subnet.private-3.id}"] | |
max_size = "3" | |
min_size = "3" | |
desired_capacity = "3" | |
force_delete = true | |
launch_configuration = "${aws_launch_configuration.nomad_client.name}" | |
load_balancers = ["${aws_elb.nomad_client.name}"] | |
health_check_type = "EC2" | |
tag { | |
key = "Name" | |
value = "nomad_client_asg" | |
propagate_at_launch = "true" | |
} | |
tag { | |
key = "consul" | |
value = "server" | |
propagate_at_launch = "true" | |
} | |
tag { | |
key = "nomad" | |
value = "client" | |
propagate_at_launch = "true" | |
} | |
tag { | |
key = "role" | |
value = "nomad-client" | |
propagate_at_launch = "true" | |
} | |
} | |
resource "aws_launch_configuration" "nomad_client" { | |
image_id = "ami-cdb042b4" | |
instance_type = "t2.medium" | |
security_groups = ["${aws_security_group.consul.id}"] | |
key_name = "consul_server" | |
} | |
resource "aws_route53_record" "docker_test" { | |
zone_id = "Z1YPLMEPAU5NOO" | |
name = "docker-test.gojip2p.net" | |
type = "CNAME" | |
ttl = "300" | |
records = ["${aws_elb.nomad_client.dns_name}"] | |
} | |
# Bastion server in a public subnet to allow ssh access to all the other servers | |
resource "aws_security_group" "bastion" { | |
vpc_id = "${aws_vpc.default.id}" | |
ingress { | |
from_port = 0 | |
to_port = 0 | |
protocol = "-1" | |
cidr_blocks = ["0.0.0.0/0"] | |
} | |
egress { | |
from_port = 0 | |
to_port = 0 | |
protocol = "-1" | |
cidr_blocks = ["0.0.0.0/0"] | |
} | |
} | |
resource "aws_instance" "bastion" { | |
instance_type = "t2.micro" | |
ami = "ami-86f318ff" | |
key_name = "consul_server" | |
vpc_security_group_ids = ["${aws_security_group.bastion.id}"] | |
subnet_id = "${aws_subnet.public-1.id}" | |
associate_public_ip_address = true | |
tags = { | |
role = "bastion" | |
} | |
} | |
resource "aws_route53_record" "bastion_test" { | |
zone_id = "Z1YPLMEPAU5NOO" | |
name = "bastion-test.gojip2p.net" | |
type = "A" | |
ttl = "300" | |
records = ["${aws_instance.bastion.public_ip}"] | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment