Skip to content

Instantly share code, notes, and snippets.

@jpsecher

jpsecher/mywebapp.tf

Last active Feb 20, 2016
Embed
What would you like to do?
Terraform AWS Docker host setup
variable "aws_key_name" {
description = "Name of the SSH keypair to use in AWS."
}
variable "safe_ips" {
description = "Comma-separated string of CIDR blocks for trusted IPs."
}
variable "pem_file" {
description = "Local SSH key that matches AWS key."
}
variable "aws_region" {
description = "AWS region to launch servers."
default = "eu-west-1"
}
variable "aws_amis" {
description = "dockerhost AMI for each region."
default = {
# TODO: how do we automatically update the AMI id?
"eu-west-1" = "ami-f763d584"
}
}
provider "aws" {
profile = "mycompany"
region = "${var.aws_region}"
}
resource "aws_security_group" "dockerctrl" {
name = "http_open-ssh_docker_safe"
description = "SSH & Docker & HTTP from anywhere"
# SSH access from safe IPs.
ingress {
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["${split(",", var.safe_ips)}"]
}
# Docker Daemon Remote access from safe IPs.
ingress {
from_port = 2375
to_port = 2375
protocol = "tcp"
cidr_blocks = ["${split(",", var.safe_ips)}"]
}
# HTTP access from anywhere.
ingress {
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
# Outbound internet access.
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}
resource "aws_instance" "dockerhost" {
ami = "${lookup(var.aws_amis, var.aws_region)}"
instance_type = "t2.micro"
security_groups = ["${aws_security_group.dockerctrl.name}"]
key_name = "${var.aws_key_name}"
provisioner "file" {
source = "../provision/open-remote-tcp-control-of-docker"
destination = "/tmp/open-remote-tcp-control-of-docker"
connection {
user = "ubuntu"
private_key = "${var.pem_file}"
}
}
provisioner "remote-exec" {
inline = [
"sudo sh /tmp/open-remote-tcp-control-of-docker",
"sudo restart docker"
]
connection {
user = "ubuntu"
private_key = "${var.pem_file}"
}
}
tags {
Name = "mycompany"
}
}
provider "docker" {
host = "tcp://${aws_instance.dockerhost.ip}:2375/"
}
resource "docker_image" "mywebapp" {
name = "mycompany/mywebapp"
}
resource "docker_container" "mywebapp" {
name = "my-web-app"
image = "${docker_image.mywebapp.latest}"
ports {
internal = 3000
external = 80
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment