From ec721b75bde4ed547ab496cb55425826c899a48f Mon Sep 17 00:00:00 2001 From: Edward Viaene Date: Wed, 20 Jun 2018 12:39:48 +0000 Subject: [PATCH] module-demo --- module-demo/ecr-login.sh | 3 +++ module-demo/ecs.tf | 49 ++++++++++++++++++++++++++++++++++++ module-demo/key.tf | 4 +++ module-demo/provider.tf | 3 +++ module-demo/securitygroup.tf | 23 +++++++++++++++++ module-demo/vars.tf | 12 +++++++++ module-demo/vpc.tf | 18 +++++++++++++ 7 files changed, 112 insertions(+) create mode 100755 module-demo/ecr-login.sh create mode 100644 module-demo/ecs.tf create mode 100644 module-demo/key.tf create mode 100644 module-demo/provider.tf create mode 100644 module-demo/securitygroup.tf create mode 100644 module-demo/vars.tf create mode 100644 module-demo/vpc.tf diff --git a/module-demo/ecr-login.sh b/module-demo/ecr-login.sh new file mode 100755 index 0000000..639e3e1 --- /dev/null +++ b/module-demo/ecr-login.sh @@ -0,0 +1,3 @@ +#!/bin/bash +REGION="eu-west-1" +`AWS_PROFILE=ward aws ecr get-login --no-include-email --region ${REGION}` diff --git a/module-demo/ecs.tf b/module-demo/ecs.tf new file mode 100644 index 0000000..432fed2 --- /dev/null +++ b/module-demo/ecs.tf @@ -0,0 +1,49 @@ +data "aws_caller_identity" "current" {} + +module "my-ecs" { + source = "github.com/in4it/terraform-modules//modules/ecs-cluster?ref=v1.0.0" + VPC_ID = "${module.vpc.vpc_id}" + CLUSTER_NAME = "my-ecs" + INSTANCE_TYPE = "t2.small" + SSH_KEY_NAME = "${aws_key_pair.mykeypair.key_name}" + VPC_SUBNETS = "${join(",", module.vpc.public_subnets)}" + ENABLE_SSH = true + SSH_SG = "${aws_security_group.allow-ssh.id}" + LOG_GROUP = "my-log-group" + AWS_ACCOUNT_ID = "${data.aws_caller_identity.current.account_id}" + AWS_REGION = "${var.AWS_REGION}" +} +module "my-service" { + source = "github.com/in4it/terraform-modules//modules/ecs-service?ref=v1.0.0" + VPC_ID = "${module.vpc.vpc_id}" + APPLICATION_NAME = "my-service" + APPLICATION_PORT = "80" + APPLICATION_VERSION = "latest" + CLUSTER_ARN = "${module.my-ecs.cluster_arn}" + SERVICE_ROLE_ARN = "${module.my-ecs.service_role_arn}" + AWS_REGION = "${var.AWS_REGION}" + HEALTHCHECK_MATCHER = "200" + CPU_RESERVATION = "256" + MEMORY_RESERVATION = "128" + LOG_GROUP = "my-log-group" + DESIRED_COUNT = 2 + ALB_ARN = "${module.my-alb.alb_arn}" +} +module "my-alb" { + source = "github.com/in4it/terraform-modules//modules/alb?ref=v1.0.0" + VPC_ID = "${module.vpc.vpc_id}" + ALB_NAME = "my-alb" + VPC_SUBNETS = "${join(",", module.vpc.public_subnets)}" + DEFAULT_TARGET_ARN = "${module.my-service.target_group_arn}" + DOMAIN = "*.ecs.newtech.academy" + INTERNAL = false + ECS_SG = "${module.my-ecs.cluster_sg}" +} +module "my-alb-rule" { + source = "github.com/in4it/terraform-modules//modules/alb-rule?ref=v1.0.0" + LISTENER_ARN = "${module.my-alb.http_listener_arn}" + PRIORITY = 100 + TARGET_GROUP_ARN = "${module.my-service.target_group_arn}" + CONDITION_FIELD = "host-header" + CONDITION_VALUES = ["subdomain.ecs.newtech.academy"] +} diff --git a/module-demo/key.tf b/module-demo/key.tf new file mode 100644 index 0000000..2b92f43 --- /dev/null +++ b/module-demo/key.tf @@ -0,0 +1,4 @@ +resource "aws_key_pair" "mykeypair" { + key_name = "mykeypair" + public_key = "${file("${var.PATH_TO_PUBLIC_KEY}")}" +} diff --git a/module-demo/provider.tf b/module-demo/provider.tf new file mode 100644 index 0000000..6b43802 --- /dev/null +++ b/module-demo/provider.tf @@ -0,0 +1,3 @@ +provider "aws" { + region = "eu-west-1" +} diff --git a/module-demo/securitygroup.tf b/module-demo/securitygroup.tf new file mode 100644 index 0000000..9cb4d90 --- /dev/null +++ b/module-demo/securitygroup.tf @@ -0,0 +1,23 @@ +resource "aws_security_group" "allow-ssh" { + vpc_id = "${module.vpc.vpc_id}" + name = "allow-ssh" + description = "security group that allows ssh and all egress traffic" + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } + + ingress { + from_port = 22 + to_port = 22 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + tags { + Name = "allow-ssh" + } +} diff --git a/module-demo/vars.tf b/module-demo/vars.tf new file mode 100644 index 0000000..3878f40 --- /dev/null +++ b/module-demo/vars.tf @@ -0,0 +1,12 @@ +variable "AWS_REGION" { + default = "eu-west-1" +} + +variable "PATH_TO_PRIVATE_KEY" { + default = "mykey" +} + +variable "PATH_TO_PUBLIC_KEY" { + default = "mykey.pub" +} + diff --git a/module-demo/vpc.tf b/module-demo/vpc.tf new file mode 100644 index 0000000..728b1fe --- /dev/null +++ b/module-demo/vpc.tf @@ -0,0 +1,18 @@ +module "vpc" { + source = "terraform-aws-modules/vpc/aws" + + name = "vpc-module-demo" + cidr = "10.0.0.0/16" + + azs = ["${var.AWS_REGION}a", "${var.AWS_REGION}b", "${var.AWS_REGION}c"] + private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"] + public_subnets = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"] + + enable_nat_gateway = false + enable_vpn_gateway = false + + tags = { + Terraform = "true" + Environment = "prod" + } +}