Created
April 8, 2017 08:48
-
-
Save echo-devnull/e3208bab761b688bdb0d1ec3e80a77bb to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// This terraform file will setup an autoscaling group for a grafan server | |
// Deciding which AMI to use | |
// aws ec2 describe-images --owners 099720109477 --filters Name=virtualization-type,Values=paravirtual | |
data "aws_ami" "ubuntu" { | |
most_recent = true | |
filter { | |
name = "name" | |
values = ["ubuntu/images/hvm-ssd/ubuntu-xenial-16.04-amd64-server-*"] | |
} | |
filter { | |
name = "architecture" | |
values = ["x86_64"] | |
} | |
owners = ["099720109477"] # Canonical | |
} | |
// AWS launch configguration, used by the Autoscaling group | |
resource "aws_launch_configuration" "grafana" { | |
name_prefix = "grafana" | |
image_id = "${data.aws_ami.ubuntu.id}" | |
instance_type = "t2.medium" | |
security_groups = ["${aws_security_group.grafana_server.id}"] | |
key_name = "${aws_key_pair.ansible_bootstrap.id}" | |
associate_public_ip_address = false | |
lifecycle { | |
create_before_destroy = true | |
} | |
} | |
// Autoscaling group | |
resource "aws_autoscaling_group" "grafana" { | |
name = "basegrafana" | |
max_size = 1 | |
min_size = 1 | |
health_check_grace_period = 300 | |
health_check_type = "EC2" | |
desired_capacity = 1 | |
force_delete = true | |
launch_configuration = "${aws_launch_configuration.grafana.name}" | |
vpc_zone_identifier = ["${split(",", module.vpc.frontend_subnets)}"] | |
tag { | |
key = "env" | |
value = "base" | |
propagate_at_launch = true | |
} | |
tag { | |
key = "ansible" | |
value = "yes" | |
propagate_at_launch = true | |
} | |
tag { | |
key = "Name" | |
value = "basegrafana" | |
propagate_at_launch = true | |
} | |
} | |
// Firewall for this here Grafana stuff! | |
resource "aws_security_group" "grafana_server" { | |
name = "grafana_server" | |
description = "Allow access to grafana_server hosts for each vpc or from anywhere" | |
vpc_id = "${module.vpc.vpc_id}" | |
} | |
resource "aws_security_group_rule" "ingress_http_grafana_server_from_openvpn" { | |
type = "ingress" | |
from_port = 80 | |
to_port = 80 | |
protocol = "tcp" | |
security_group_id = "${aws_security_group.grafana_server.id}" | |
source_security_group_id = "${aws_security_group.openvpn.id}" | |
} | |
resource "aws_security_group_rule" "ingress_ssh_grafana_server_from_openvpn" { | |
type = "ingress" | |
from_port = 22 | |
to_port = 22 | |
protocol = "tcp" | |
security_group_id = "${aws_security_group.grafana_server.id}" | |
source_security_group_id = "${aws_security_group.openvpn.id}" | |
} | |
resource "aws_security_group_rule" "ingress_ping_grafana_server_from_openvpn" { | |
type = "ingress" | |
from_port = 8 | |
to_port = 0 | |
protocol = "icmp" | |
security_group_id = "${aws_security_group.grafana_server.id}" | |
source_security_group_id = "${aws_security_group.openvpn.id}" | |
} | |
resource "aws_security_group_rule" "ingress_nfs_grafana_server" { | |
type = "ingress" | |
from_port = 2049 | |
to_port = 2049 | |
protocol = "tcp" | |
cidr_blocks = ["0.0.0.0/0"] | |
security_group_id = "${aws_security_group.grafana_server.id}" | |
} | |
resource "aws_security_group_rule" "egress_all_grafana_server" { | |
type = "egress" | |
from_port = 0 | |
to_port = 0 | |
protocol = "-1" | |
cidr_blocks = ["0.0.0.0/0"] | |
security_group_id = "${aws_security_group.grafana_server.id}" | |
} | |
// Storing of the state | |
resource "aws_efs_file_system" "grafana" { | |
creation_token = "Storing Grafana state" | |
tags { | |
Name = "grafana-store" | |
} | |
} | |
resource "aws_efs_mount_target" "grafana" { | |
file_system_id = "${aws_efs_file_system.grafana.id}" | |
security_groups = ["${aws_security_group.grafana_server.id}"] | |
subnet_id = "${element(split(",", module.vpc.frontend_subnets), count.index)}" | |
count = 3 | |
} | |
output "mounttarget" { | |
value = ["${aws_efs_mount_target.grafana.*.dns_name}"] | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment