| # Security Group for ALB | |
| resource "aws_security_group" "atlassian-alb" { | |
| name = "${var.name}-load-balancer" | |
| description = "allow HTTPS to ${var.name} Load Balancer (ALB)" | |
| vpc_id = "${module.vpc.vpc_id}" | |
| ingress { | |
| from_port = "443" | |
| to_port = "443" | |
| protocol = "tcp" | |
| cidr_blocks = ["0.0.0.0/0"] |
This is the common component:
# Create a single load balancer for all Atlassian services
resource "aws_alb" "atlassian" {
name = "${var.name}"
internal = false
idle_timeout = "300"
security_groups = [
"${aws_security_group.atlassian-alb.id}",
This gist demonstrates how to run a docker container with nomad, using a wrapper script.
With the wrapper, we can more easily run the container in the way we need to and without being limited by Nomad's docker driver. For example, while Nomad will have great support for volumes in the future, it has no such support right now, and the driver does not expose a config parameter to tune the volumes mounted in the docker container. This is also a great way to use consul to lookup services before starting your app, or to retrieve credentials from Vault. When running legacy applications with nomad, the wrapper script is the place to put that type of look-up logic.
We use a wrapper script and the raw_exec driver to run the container with the parameters we need.
| locals { | |
| # we have to fixup the master username before we use it, the AWS API will error out otherwise | |
| # RDS expects the username to be without hyphens and 16 characters at max. 'rdsadmin' is also | |
| # a forbidden username, though we don't validate that here. | |
| db_master_user_unsanitized = "${var.app_db_master_user}" | |
| # truncate to 16 characters, but deal with the fact that substr() will error out if you ask | |
| # for more characters than are in the string | |
| default_master_user_max_length = "16" |
| # Grafana deployment | |
| # | |
| # TODO: Auto-import data sources and dashboards. See for example: | |
| # https://raw.githubusercontent.com/giantswarm/kubernetes-prometheus/master/manifests-all.yaml | |
| # | |
| # After bringing up: | |
| # * add datasource: prometheus http://prometheus | |
| # * import dashboard: https://grafana.net/dashboards/315 | |
| # | |
| apiVersion: extensions/v1beta1 |
| apiVersion: v1 | |
| kind: ConfigMap | |
| metadata: | |
| name: prometheus | |
| namespace: ops | |
| data: | |
| prometheus.yml: | | |
| global: | |
| scrape_interval: 30s | |
| scrape_timeout: 30s |
I hereby claim:
To claim this, I am signing this object:
| 2016/11/19 09:49:12 [INFO] Terraform version: 0.8.0 dev 283d49f12fe203a2cd2ad23acec046f72f7842de+CHANGES | |
| 2016/11/19 09:49:12 [INFO] CLI args: []string{"/home/user/bin/terraform-v0.8.0-dev", "apply"} | |
| 2016/11/19 09:49:12 [DEBUG] Detected home directory from env var: /home/user | |
| 2016/11/19 09:49:12 [DEBUG] Detected home directory from env var: /home/user | |
| 2016/11/19 09:49:12 [DEBUG] Attempting to open CLI config file: /home/user/.terraformrc | |
| 2016/11/19 09:49:12 [DEBUG] File doesn't exist, but doesn't need to. Ignoring. | |
| 2016/11/19 09:49:12 [DEBUG] Detected home directory from env var: /home/user | |
| 2016/11/19 09:49:12 [TRACE] Preserving existing state lineage "a56754c9-aed5-4dce-92f8-921e3c1de105" | |
| 2016/11/19 09:49:12 [TRACE] Preserving existing state lineage "a56754c9-aed5-4dce-92f8-921e3c1de105" | |
| 2016/11/19 09:49:12 [TRACE] Graph after step *terraform.ConfigTransformerOld: |
| {-# LANGUAGE RecordWildCards #-} | |
| {-# LANGUAGE OverloadedStrings #-} | |
| module Main where | |
| import Network.Consul (getSelf, ConsulClient(..), initializeConsulClient, listKeys) | |
| import qualified Network.Consul.Internal as I | |
| client = initializeConsulClient "localhost" 8500 Nothing |