Skip to content

Volodymyr Tsap / xpdays

Go to a project
Toggle navigation
Toggle navigation pinning
d18efca8 by Volodymyr Tsap
Options

adding sample5

1 parent 8627d5eb
Inline Side-by-side
Showing 11 changed files with 217 additions and 1 deletions
......@@ -3,5 +3,6 @@
*.tfstate
*.tfstate.backup
*/.*
*/*/.*
# Module directory
.terraform/
......
# Sample2. Creating ubuntu instance using set of files
# Sample3. Deploy a sample application, using RDS
1. Build custom image using packer. Build/redeploy workflow
2. Deploy a sample application using *user_data*
......
# Sample5. Scaling our applications, adding scaling policies
1. Add IAM profile for instance
2. Creating launch configuration, autoscaling grops
3. Building module
4. Dealing with LoadBalancers and http
```
# setup your AMS access parameters in ~/.aws
# Init terraform
terraform init
# Create instance
terraform apply
```
## Get instance AMI
data "aws_ami" "xpdays-ami" {
most_recent = true
filter {
name = "name"
values = ["xpdays-ami*"]
}
}
#!/bin/bash
hostname ${instancehostname} && hostname > /etc/hostname
echo "127.0.0.1 localhost `hostname`" > /etc/hosts
cd /home/ubuntu
git clone https://bitbucket.org/bohdaq/wisehands.me.git
cd /home/ubuntu/wisehands.me/ && play deps
mkdir -p /home/ubuntu/wisehands.me/modules/guice-1.2
cd /home/ubuntu/wisehands.me/modules/guice-1.2
wget https://www.playframework.com/modules/guice-1.2.zip
unzip guice-1.2.zip
sed -i 's/mysql-database-endpoint/${dbendpoint}/g' /home/ubuntu/wisehands.me/conf/application.conf
cd /home/ubuntu/wisehands.me/ && play run
## Define a policy to RO
resource "aws_iam_policy" "ec2-ro-policy" {
name = "ec2-ro-policy"
path = "/"
description = "Autocreated Policy to read tags from ec2 instance"
policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1506366968000",
"Effect": "Allow",
"Action": [
"ec2:DescribeInstances",
"ec2:DescribeTags"
],
"Resource": [
"*"
]
}
]
}
EOF
}
## STS AssumeRole Data
data "aws_iam_policy_document" "instance-assume-role-policy" {
statement {
actions = ["sts:AssumeRole"]
principals {
type = "Service"
identifiers = ["ec2.amazonaws.com"]
}
}
}
## Add EC2 instance role
resource "aws_iam_role" "ec2-instance-role" {
name = "ec2-instance-role"
path = "/"
assume_role_policy = "${data.aws_iam_policy_document.instance-assume-role-policy.json}"
}
## Attach policy to role
resource "aws_iam_policy_attachment" "ec2-policy-attachemnt" {
name = "ec2-policy-attachemnt"
roles = ["${aws_iam_role.ec2-instance-role.name}"]
policy_arn = "${aws_iam_policy.ec2-ro-policy.arn}"
}
## Create instance profile and attah the role
resource "aws_iam_instance_profile" "ec2-instance-profile" {
name = "ec2-instance-profile"
role = "${aws_iam_role.ec2-instance-role.name}"
}
# Template for initial configuration bash script
data "template_file" "init" {
template = "${file("files/init.tpl")}"
count = "${length(var.instance_suffix)}"
vars {
dbendpoint="${aws_db_instance.db-instance.username}:${aws_db_instance.db-instance.password}@${aws_db_instance.db-instance.endpoint}\\/${aws_db_instance.db-instance.name}"
instancehostname="xpdays-${var.instance_suffix[count.index]}-${count.index}"
}
}
# Define the instance
#resource "aws_instance" "xpdays-instance" {
# ami = "${data.aws_ami.xpdays-ami.id}"
# vpc_security_group_ids = [ "${var.vpc_security_group_ids}" ]
# instance_type = "${lookup(var.instance_type, var.environment)}"
# user_data = "${data.template_file.init.*.rendered[count.index]}"
#
# tags {
# Name = "xpdays${count.index + 1}"
# }
#
# count = "${length(var.instance_suffix)}"
#}
resource "aws_launch_configuration" "launch-xpdays" {
# name = "${var.environment}-launch-xpdays${count.index + 1}"
image_id = "${data.aws_ami.xpdays-ami.id}"
instance_type = "${lookup(var.instance_type, var.environment)}"
iam_instance_profile = "${aws_iam_instance_profile.ec2-instance-profile.name}"
associate_public_ip_address = true
enable_monitoring = true
user_data = "${data.template_file.init.*.rendered[count.index]}"
lifecycle {
create_before_destroy = true
}
count = "${length(var.instance_suffix)}"
}
## Define provider
provider "aws" {
region = "${var.region}"
}
resource "aws_db_subnet_group" "default_db_subnet_group" {
name = "main"
subnet_ids = ["${var.default_db_subnet_group_subnet_ids[var.region]}"]
tags {
Name = "Default DB subnet group"
}
}
resource "aws_db_instance" "db-instance" {
allocated_storage = 10
storage_type = "gp2"
engine = "mysql"
engine_version = "5.7.17"
instance_class = "db.t2.micro"
name = "wisehandsdb"
username = "root"
password = "53N4CsNmQrxh2"
db_subnet_group_name = "${aws_db_subnet_group.default_db_subnet_group.id}"
final_snapshot_identifier = "snapshot-defaultdbinstance${count.index + 1}"
skip_final_snapshot = true
publicly_accessible = true
tags {
key = "Name"
value = "default-db-instance${count.index + 1}-${var.environment}"
}
}
output "database_endpoint" {
value = "${aws_db_instance.db-instance.username}:${aws_db_instance.db-instance.password}@${aws_db_instance.db-instance.endpoint}/${aws_db_instance.db-instance.name}"
}
# String
region = "eu-central-1"
# List
vpc_security_group_ids = [ "sg-84e649ed", "sg-90ea45fa" ]
# Map
instance_type = {
production = "t2.micro"
development = "m3.medium"
}
# Map of Lists
default_db_subnet_group_subnet_ids = {
eu-central-1 = [ "subnet-f1e92d8a", "subnet-304b7f7a" ]
eu-west-1 = [ "subnet-f1e92d8a", "subnet-304b7f7a" ]
}
#
instance_suffix = ["blue","green"]
variable "region" {
type = "string"
default = "eu-central-1"
description = "The AWS region"
}
variable "environment" {
description = "The Environment Type"
default = "production"
}
variable "default_db_subnet_group_subnet_ids" {
type = "map"
default = {}
}
variable "vpc_security_group_ids" {
type = "list"
}
variable "instance_type" {
type = "map"
default = {}
}
variable "instance_suffix" {
type = "list"
description = "Add instance suffix"
}