-
Notifications
You must be signed in to change notification settings - Fork 11
/
Copy pathmain.tf
95 lines (81 loc) · 4.38 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
locals {
# cidr blocks allowed for ssh and alb access
allowed_cidr_blocks = {
"all" = "0.0.0.0/0"
"shared" = "10.49.0.0/16"
}
}
provider "aws" {
profile = var.deploy_profile
region = var.aws_region
}
resource "random_pet" "unicorn" {
# NOTE: Length 1 used to avoid problems with the different delimiter requirements in AWS. Nevertheless 1 should be enough.
length = 1
}
module "networking" {
source = "../../modules/networking"
region = var.aws_region
env_name = var.env_name
unique_postfix = "-${random_pet.unicorn.id}"
az_postfixes = ["a", "b"]
asg_name_backoffice = module.nomad-infra.dc-backoffice_asg_name
asg_name_public_services = module.nomad-infra.dc-public-services_asg_name
}
module "nomad-infra" {
source = "../../"
# [General] Required variables
aws_region = var.aws_region
vpc_id = module.networking.vpc_id
alb_subnet_ids = module.networking.public_subnet_ids
# HACK: Use an http listener here to avoid the need to create a certificate.
# In a production environment you should pass in a https listener instead.
alb_ingress_https_listener_arn = module.networking.alb_ingress_http_listener_arn
alb_backoffice_http_listener_arn = module.networking.alb_backoffice_http_listener_arn
attach_backoffice_alb_listener = true
# [Nomad] Required variables
nomad_ami_id_servers = var.ami_id
nomad_ami_id_clients = var.ami_id
nomad_server_subnet_ids = module.networking.backoffice_subnet_ids
nomad_clients_public_services_subnet_ids = module.networking.services_subnet_ids
nomad_clients_private_services_subnet_ids = module.networking.services_subnet_ids
nomad_clients_content_connector_subnet_ids = module.networking.content_connector_subnet_ids
nomad_clients_backoffice_subnet_ids = module.networking.backoffice_subnet_ids
# [Consul] Required variables
consul_server_subnet_ids = module.networking.backoffice_subnet_ids
consul_ami_id = var.ami_id
# [General] Optional variables
stack_name = var.stack_name
env_name = var.env_name
unique_postfix = "-${random_pet.unicorn.id}"
instance_type_server = "t2.micro"
allowed_cidr_blocks_for_ui_alb = local.allowed_cidr_blocks
# INFO: uncomment the following two lines if you want to deploy the cluster having https endpoints
# for the ui-albs (nomad-ui, consul-ui and fabio-ui).
# Keep in mind that you have to configure the nomad CLI to skip certificate verification in this case
# because the sample certificate that is used here is just a self signed one which even does not fit the
# domain by the nomad alb. Short said it is invalid and only in place for testing/ demonstration purposes.
#ui_alb_https_listener_cert_arn = "${aws_iam_server_certificate.certificate_alb.arn}"
#ui_alb_use_https_listener = true
# [Nomad] Optional variables
nomad_server_scaling_cfg = var.server_scaling_cfg
nomad_private_services_dc_node_cfg = var.nomad_dc_node_cfg
nomad_public_services_dc_node_cfg = var.nomad_dc_node_cfg
nomad_content_connector_dc_node_cfg = var.nomad_dc_node_cfg
nomad_backoffice_dc_node_cfg = var.nomad_dc_node_cfg
ebs_block_devices_private_services_dc = var.ebs_block_devices_sample
ebs_block_devices_public_services_dc = var.ebs_block_devices_sample
ebs_block_devices_backoffice_dc = var.ebs_block_devices_sample
ebs_block_devices_content_connector_dc = var.ebs_block_devices_sample
device_to_mount_target_map_public_services_dc = var.device_to_mount_target_map_sample
device_to_mount_target_map_private_services_dc = var.device_to_mount_target_map_sample
device_to_mount_target_map_backoffice_dc = var.device_to_mount_target_map_sample
device_to_mount_target_map_content_connector_dc = var.device_to_mount_target_map_sample
additional_instance_tags_public_services_dc = var.additional_instance_tags_sample
additional_instance_tags_private_services_dc = var.additional_instance_tags_sample
additional_instance_tags_backoffice_dc = var.additional_instance_tags_sample
additional_instance_tags_content_connector_dc = var.additional_instance_tags_sample
# [Consul] Optional variables
consul_num_servers = 3
consul_instance_type = "t2.micro"
}