Init Terraform EC2 provider

Signed-off-by: Nicolas Lamirault <[email protected]>

README.md

@@ -22,9 +22,6 @@ In [Docker Swarm][] :
 - consul : the service discovery used (See https://docs.docker.com/swarm/discovery/)
 
 
-
-
-
 ## Initialization
 
 Initialize environment:

terraform/ec2/README.md

@@ -0,0 +1,48 @@
+# Terraform templates for Amazon Web Services
+
+This project contains [Terraform][] templates to help you deploy [hyperion-rancher][] on [AWS][].
+
+## Prerequisites
+
+* An [Amazon Web Services account](http://aws.amazon.com/)
+* An [AWS Access and Secret Access Keys](http://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSGettingStartedGuide/AWSCredentials.html)
+* An [AWS EC2 Key Pairs](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html)
+
+
+## Configure
+
+The available variables that can be configured are:
+
+* `aws_access_key`: AWS access key
+* `aws_secret_key`: AWS secret key
+* `aws_key_name`: The SSH key name to use for the instances
+* `aws_ssh_private_key_file`: Path to the SSH private key file
+* `aws_ssh_user`: SSH user (default `admin`)
+* `aws_region`: AWS region (default `eu-west-1`)
+* `aws_vpc_cidr_block`: The IPv4 address range that machines in the network are assigned to, represented as a CIDR block (default `10.0.0.0/16`)
+* `aws_subnet_cidr_block`: The IPv4 address range that machines in the network are assigned to, represented as a CIDR block (default `10.0.1.0/24`)
+* `aws_image`: The name of the image to base the launched instances
+* `aws_instance_type_master`: The machine type to use for the Hyperion master instance (default `m3.medium`)
+
+Copy and renamed *terraform.tfvars.example* to *terraform.tfvars*.
+
+## Deploy
+
+Deploy your cluster
+
+    $ terraform apply --var-file=terraform.tfvars
+
+## Destroy
+
+Destroy the cluster :
+
+    $ terraform destroy --var-file=terraform.tfvars
+
+## Updating
+
+
+
+[Terraform]: https://www.terraform.io/
+[AWS]: https://aws.amazon.com/
+
+[hyperion-rancher]: http://github.com/portefaix/hyperion-rancher

terraform/ec2/hyperion.tf

@@ -0,0 +1,229 @@
+resource "template_file" "swarm-manager-service" {
+  template = "../swarm-manager.service"
+  vars {
+    swarm_version = "${var.swarm_version}"
+    consul_server = "${var.cluster_name}-discover.c.${var.gce_project}.internal"
+  }
+}
+
+resource "template_file" "swarm-agent-service" {
+  template = "../swarm-agent.service"
+  vars {
+    swarm_version = "${var.swarm_version}"
+    consul_server = "${var.cluster_name}-discover.c.${var.gce_project}.internal"
+  }
+}
+
+resource "template_file" "docker-service" {
+  template = "../docker.service"
+}
+
+resource "template_file" "consul-config" {
+  template = "../config.json"
+}
+
+resource "template_file" "consul-service" {
+  template = "../consul.service"
+}
+
+resource "aws_key_pair" "deployer" {
+  key_name = "${var.aws_key_name}"
+  public_key = "${file("${var.aws_ssh_public_key}")}"
+}
+
+resource "aws_vpc" "hyperion-network" {
+  cidr_block = "${var.aws_vpc_cidr_block}"
+  enable_dns_support = true
+  enable_dns_hostnames = true
+  tags {
+    Name = "hyperion"
+  }
+}
+
+resource "aws_subnet" "hyperion-network" {
+  vpc_id = "${aws_vpc.hyperion-network.id}"
+  cidr_block = "${var.aws_subnet_cidr_block}"
+  map_public_ip_on_launch = true
+  tags {
+    Name = "hyperion"
+  }
+}
+
+resource "aws_internet_gateway" "hyperion-network" {
+  vpc_id = "${aws_vpc.hyperion-network.id}"
+}
+
+resource "aws_route_table" "hyperion-network" {
+  vpc_id = "${aws_vpc.hyperion-network.id}"
+  route {
+    cidr_block = "0.0.0.0/0"
+    gateway_id = "${aws_internet_gateway.hyperion-network.id}"
+  }
+}
+
+resource "aws_route_table_association" "hyperion-network" {
+  subnet_id = "${aws_subnet.hyperion-network.id}"
+  route_table_id = "${aws_route_table.hyperion-network.id}"
+}
+
+resource "aws_security_group" "hyperion-network" {
+  name = "hyperion"
+  description = "Hyperion security group"
+  vpc_id = "${aws_vpc.hyperion-network.id}"
+  ingress {
+    protocol = "tcp"
+    from_port = 1
+    to_port = 65535
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+  ingress {
+    protocol = "udp"
+    from_port = 1
+    to_port = 65535
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+  egress {
+    protocol = "tcp"
+    from_port = 1
+    to_port = 65535
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+  egress {
+    protocol = "udp"
+    from_port = 1
+    to_port = 65535
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+  tags {
+    Name = "hyperion"
+  }
+}
+
+resource "aws_eip" "ip" {
+  instance = "${aws_instance.hyperion-master.id}"
+  vpc = true
+  connection {
+    # host = "${aws_eip.ip.public_ip}"
+    user = "${var.aws_ssh_user}"
+    key_file = "${var.aws_ssh_private_key_file}"
+    agent = false
+  }
+}
+
+resource "aws_instance" "hyperion-discover" {
+  ami = "${var.aws_image}"
+  instance_type = "${var.aws_instance_type_discover}"
+  key_name = "${var.aws_key_name}"
+  subnet_id = "${aws_subnet.hyperion-network.id}"
+  security_groups = [
+    "${aws_security_group.hyperion-network.id}",
+  ]
+  tags {
+    Name = "hyperion-discover"
+  }
+
+  connection {
+    user = "${var.aws_ssh_user}"
+    key_file = "${var.aws_ssh_private_key_file}"
+    agent = false
+  }
+
+    provisioner "remote-exec" {
+    inline = [
+      "sudo mkdir -p /opt/consul/data",
+      "/sbin/ifconfig eth0 | grep \"inet addr\" | awk '{ print substr($2,6) }' > /tmp/ip_addr",
+      "sudo cat <<'EOF' > /tmp/consul.service\n${template_file.consul-service.rendered}\nEOF",
+      "sudo mv /tmp/consul.service /lib/systemd/system/",
+      "sudo cat <<'EOF' > /tmp/config.json\n${template_file.consul-config.rendered}\nEOF",
+      "sudo mv /tmp/config.json /etc/consul/",
+      "sudo sed -i \"s/__IP_ADDR__/$(cat /tmp/ip_addr)/g\" /etc/consul/config.json",
+      "sudo systemctl daemon-reload",
+      "sudo systemctl start consul.service",
+    ]
+  }
+  depends_on = [
+    "template_file.consul-service",
+    "template_file.consul-config",
+  ]
+
+}
+
+resource "aws_instance" "hyperion-master" {
+  ami = "${var.aws_image}"
+  instance_type = "${var.aws_instance_type_master}"
+  key_name = "${var.aws_key_name}"
+  subnet_id = "${aws_subnet.hyperion-network.id}"
+  security_groups = [
+    "${aws_security_group.hyperion-network.id}",
+  ]
+  tags {
+    Name = "hyperion-master"
+  }
+
+  connection {
+    user = "${var.aws_ssh_user}"
+    key_file = "${var.aws_ssh_private_key_file}"
+    agent = false
+  }
+
+  provisioner "remote-exec" {
+    inline = [
+      "sudo cat <<'EOF' > /tmp/swarm-manager.service\n${template_file.swarm-manager-service.rendered}\nEOF",
+      "sudo mv /tmp/swarm-manager.service /lib/systemd/system/",
+      "sudo systemctl daemon-reload",
+      "sudo systemctl restart docker.service",
+      "sudo systemctl start swarm-manager.service"
+    ]
+  }
+
+  depends_on = [
+    "template_file.swarm-manager-service",
+  ]
+
+}
+
+
+resource "aws_instance" "hyperion-nodes" {
+  depends_on = ["aws_eip.ip"]
+  count = "${var.hyperion_nb_nodes}"
+  ami = "${var.aws_image}"
+  instance_type = "${var.aws_instance_type_node}"
+  key_name = "${var.aws_key_name}"
+  subnet_id = "${aws_subnet.hyperion-network.id}"
+  security_groups = [
+    "${aws_security_group.hyperion-network.id}",
+  ]
+
+  tags {
+    Name = "hyperion-node-${count.index}"
+  }
+
+  connection {
+    user = "${var.aws_ssh_user}"
+    key_file = "${var.aws_ssh_private_key_file}"
+    agent = false
+  }
+
+  provisioner "remote-exec" {
+    inline = [
+      "/sbin/ifconfig eth0 | grep \"inet addr\" | awk '{ print substr($2,6) }' > /tmp/ip_addr",
+      // For ID duplicated: https://github.com/docker/swarm/issues/380
+      "sudo cat <<'EOF' > /tmp/swarm-agent.service\n${template_file.swarm-agent-service.rendered}\nEOF",
+      "sudo cat <<'EOF' > /tmp/docker.service\n${template_file.docker-service.rendered}\nEOF",
+      "sudo sed -i \"s/__IP_ADDR__/$(cat /tmp/ip_addr)/g\" /tmp/swarm-agent.service",
+      "sudo mv /tmp/swarm-agent.service /lib/systemd/system/",
+      "sudo mv /tmp/docker.service /lib/systemd/system/",
+      "sudo systemctl daemon-reload",
+      "sudo systemctl restart docker.service",
+      "sudo rm /etc/docker/key.json",
+      "sudo systemctl restart docker.service",
+      "sudo systemctl start swarm-agent.service"
+    ]
+  }
+
+  depends_on = [
+    "template_file.swarm-agent-service",
+    "template_file.docker-service"
+  ]
+
+}

terraform/ec2/provider.tf

@@ -0,0 +1,5 @@
+provider "aws" {
+    access_key = "${var.aws_access_key}"
+    secret_key = "${var.aws_secret_key}"
+    region = "${var.aws_region}"
+}

terraform/ec2/variables.tf

@@ -0,0 +1,48 @@
+variable "aws_access_key" {
+  description = "AWS access key."
+}
+
+variable "aws_secret_key" {
+    description = "AWS secret key."
+}
+
+variable "aws_region" {
+    description = "AWS region."
+    default = "eu-west-1"
+}
+
+variable "aws_key_name" {
+    description = "The SSH key name to use for the instances."
+}
+
+variable "aws_ssh_public_key" {
+  description = "Path to the SSH public key."
+}
+
+variable "aws_ssh_private_key_file" {
+    description = "Path to the SSH private key file."
+}
+
+variable "aws_ssh_user" {
+    description = "SSH user."
+    default = "ubuntu"
+}
+
+variable "aws_vpc_cidr_block" {
+    description = "The IPv4 address range that machines in the network are assigned to, represented as a CIDR block."
+    default = "10.0.0.0/16"
+}
+
+variable "aws_subnet_cidr_block" {
+    description = "The IPv4 address range that machines in the network are assigned to, represented as a CIDR block."
+    default = "10.0.1.0/24"
+}
+
+variable "aws_image" {
+    description = "The name of the image to base the launched instances."
+}
+
+variable "aws_instance_type_master" {
+    description = "The machine type to use for the Hyperion master instance."
+    default = "m3.medium"
+}