Created
October 12, 2018 13:36
-
-
Save mkeeler/8d1ce60054e531ca2231e5c3cbb34afe to your computer and use it in GitHub Desktop.
Creates two, three server Consul datacenters with ACLs enabled and puts two client nodes into the secondary datacenter.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| provider "docker" { | |
| } | |
| variable "primary_srv1_image" { | |
| default = "consul-dev" | |
| } | |
| variable "primary_srv2_image" { | |
| default = "consul-dev" | |
| } | |
| variable "primary_srv3_image" { | |
| default = "consul-dev" | |
| } | |
| variable "secondary_srv1_image" { | |
| default = "consul-dev" | |
| } | |
| variable "secondary_srv2_image" { | |
| default = "consul-dev" | |
| } | |
| variable "secondary_srv3_image" { | |
| default = "consul-dev" | |
| } | |
| variable "secondary_client1_image" { | |
| default = "consul-dev" | |
| } | |
| variable "secondary_client2_image" { | |
| default = "consul-dev" | |
| } | |
| variable "server_labels" { | |
| type = "map" | |
| default = { | |
| "consul.cluster.nodetype" = "server" | |
| } | |
| } | |
| variable "client_labels" { | |
| type = "map" | |
| default = { | |
| "consul.cluster.nodetype" = "client" | |
| } | |
| } | |
| resource "docker_network" "consul-acls-test" { | |
| name = "consul-acls-test" | |
| check_duplicate = "true" | |
| driver = "bridge" | |
| options = { | |
| "com.docker.network.bridge.enable_icc" = "true" | |
| "com.docker.network.bridge.enable_ip_masquerade" = "true" | |
| } | |
| internal = false | |
| } | |
| resource "docker_container" "consul-primary-srv1" { | |
| privileged = true | |
| image = "${var.primary_srv1_image}" | |
| name = "consul-primary-srv1" | |
| hostname = "consul-primary-srv1" | |
| labels = "${var.server_labels}" | |
| networks = ["consul-acls-test"] | |
| network_mode = "consul-acls-test" | |
| command = ["agent", "-datacenter=primary", "-server", "-log-level=DEBUG", "-client=0.0.0.0", "-bootstrap-expect=3", "-retry-join=consul-primary-srv2", "-retry-join=consul-primary-srv3"] | |
| env=["CONSUL_BIND_INTERFACE=eth0", "CONSUL_ALLOW_PRIVILEGED_PORTS=yes"] | |
| upload { | |
| content = "${file("acl.json")}" | |
| file = "/consul/config/acl.json" | |
| } | |
| } | |
| resource "docker_container" "consul-primary-srv2" { | |
| privileged = true | |
| image = "${var.primary_srv2_image}" | |
| name = "consul-primary-srv2" | |
| hostname = "consul-primary-srv2" | |
| labels = "${var.server_labels}" | |
| networks = ["consul-acls-test"] | |
| network_mode = "consul-acls-test" | |
| command = ["agent", "-datacenter=primary", "-server", "-log-level=DEBUG", "-client=0.0.0.0", "-bootstrap-expect=3", "-retry-join=consul-primary-srv1", "-retry-join=consul-primary-srv3"] | |
| env=["CONSUL_BIND_INTERFACE=eth0", "CONSUL_ALLOW_PRIVILEGED_PORTS=yes"] | |
| upload { | |
| content = "${file("acl.json")}" | |
| file = "/consul/config/acl.json" | |
| } | |
| } | |
| resource "docker_container" "consul-primary-srv3" { | |
| privileged = true | |
| image = "${var.primary_srv3_image}" | |
| name = "consul-primary-srv3" | |
| hostname = "consul-primary-srv3" | |
| labels = "${var.server_labels}" | |
| networks = ["consul-acls-test"] | |
| network_mode = "consul-acls-test" | |
| command = ["agent", "-datacenter=primary", "-server", "-log-level=DEBUG", "-client=0.0.0.0", "-bootstrap-expect=3", "-retry-join=consul-primary-srv1", "-retry-join=consul-primary-srv2"] | |
| env=["CONSUL_BIND_INTERFACE=eth0", "CONSUL_ALLOW_PRIVILEGED_PORTS=yes"] | |
| upload { | |
| content = "${file("acl.json")}" | |
| file = "/consul/config/acl.json" | |
| } | |
| } | |
| resource "docker_container" "consul-secondary-srv1" { | |
| privileged = true | |
| image = "${var.secondary_srv1_image}" | |
| name = "consul-secondary-srv1" | |
| hostname = "consul-secondary-srv1" | |
| labels = "${var.server_labels}" | |
| networks = ["consul-acls-test"] | |
| network_mode = "consul-acls-test" | |
| command = ["agent", "-datacenter=secondary", "-server", "-log-level=DEBUG", "-client=0.0.0.0", "-bootstrap-expect=3", "-retry-join=consul-secondary-srv2", "-retry-join=consul-secondary-srv3", "-retry-join-wan=consul-primary-srv1", "-retry-join-wan=consul-primary-srv2", "-retry-join-wan=consul-primary-srv3"] | |
| env=["CONSUL_BIND_INTERFACE=eth0", "CONSUL_ALLOW_PRIVILEGED_PORTS=yes"] | |
| upload { | |
| content = "${file("acl.json")}" | |
| file = "/consul/config/acl.json" | |
| } | |
| } | |
| resource "docker_container" "consul-secondary-srv2" { | |
| privileged = true | |
| image = "${var.secondary_srv2_image}" | |
| name = "consul-secondary-srv2" | |
| hostname = "consul-secondary-srv2" | |
| labels = "${var.server_labels}" | |
| networks = ["consul-acls-test"] | |
| network_mode = "consul-acls-test" | |
| command = ["agent", "-datacenter=secondary", "-server", "-log-level=DEBUG", "-client=0.0.0.0", "-bootstrap-expect=3", "-retry-join=consul-secondary-srv1", "-retry-join=consul-secondary-srv3", "-retry-join-wan=consul-primary-srv1", "-retry-join-wan=consul-primary-srv2", "-retry-join-wan=consul-primary-srv3"] | |
| env=["CONSUL_BIND_INTERFACE=eth0", "CONSUL_ALLOW_PRIVILEGED_PORTS=yes"] | |
| upload { | |
| content = "${file("acl.json")}" | |
| file = "/consul/config/acl.json" | |
| } | |
| } | |
| resource "docker_container" "consul-secondary-srv3" { | |
| privileged = true | |
| image = "${var.secondary_srv3_image}" | |
| name = "consul-secondary-srv3" | |
| hostname = "consul-secondary-srv3" | |
| labels = "${var.server_labels}" | |
| networks = ["consul-acls-test"] | |
| network_mode = "consul-acls-test" | |
| command = ["agent", "-datacenter=secondary", "-server", "-log-level=DEBUG", "-client=0.0.0.0", "-bootstrap-expect=3", "-retry-join=consul-secondary-srv1", "-retry-join=consul-secondary-srv2", "-retry-join-wan=consul-primary-srv1", "-retry-join-wan=consul-primary-srv2", "-retry-join-wan=consul-primary-srv3"] | |
| env=["CONSUL_BIND_INTERFACE=eth0", "CONSUL_ALLOW_PRIVILEGED_PORTS=yes"] | |
| upload { | |
| content = "${file("acl.json")}" | |
| file = "/consul/config/acl.json" | |
| } | |
| } | |
| resource "docker_container" "consul-secondary-client1" { | |
| privileged = true | |
| image = "${var.secondary_client1_image}" | |
| name = "consul-secondary-client1" | |
| hostname = "consul-secondary-client1" | |
| labels = "${var.client_labels}" | |
| networks = ["consul-acls-test"] | |
| network_mode = "consul-acls-test" | |
| command = ["agent", "-datacenter=secondary", "-client=0.0.0.0", "-log-level=DEBUG", "-retry-join=consul-secondary-srv1", "-retry-join=consul-secondary-srv2", "-retry-join=consul-secondary-srv3"] | |
| env=["CONSUL_BIND_INTERFACE=eth0", "CONSUL_ALLOW_PRIVILEGED_PORTS=yes"] | |
| upload { | |
| content = "${file("acl.json")}" | |
| file = "/consul/config/acl.json" | |
| } | |
| } | |
| resource "docker_container" "consul-secondary-client2" { | |
| privileged = true | |
| image = "${var.secondary_client2_image}" | |
| name = "consul-secondary-client2" | |
| hostname = "consul-secondary-client2" | |
| labels = "${var.client_labels}" | |
| networks = ["consul-acls-test"] | |
| network_mode = "consul-acls-test" | |
| command = ["agent", "-datacenter=secondary", "-client=0.0.0.0", "-log-level=DEBUG", "-retry-join=consul-secondary-srv1", "-retry-join=consul-secondary-srv2", "-retry-join=consul-secondary-srv3"] | |
| env=["CONSUL_BIND_INTERFACE=eth0", "CONSUL_ALLOW_PRIVILEGED_PORTS=yes"] | |
| upload { | |
| content = "${file("acl.json")}" | |
| file = "/consul/config/acl.json" | |
| } | |
| } | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment