create new implementation

2016-06-27 13:32:17 +02:00 · 2016-06-27 13:32:17 +02:00 · ae85956e41
commit ae85956e41
parent 41103a2c11
5 changed files with 330 additions and 0 deletions
--- a/contrib/terraform/aws/autoscale/as.tf
+++ b/contrib/terraform/aws/autoscale/as.tf
@ -0,0 +1,84 @@
+resource "aws_autoscaling_group" "masters" {
+  availability_zones = ["${split(",", var.av_zones)}"]
+  vpc_zone_identifier = ["${split(",", var.masters.subnets)}"]
+  name = "k8s-as-masters"
+  max_size = 2
+  min_size = 2
+  desired_capacity = 2
+  health_check_grace_period = 300
+  health_check_type = "ELB"
+  launch_configuration = "${aws_launch_configuration.lc-masters.name}"
+  load_balancers = ["${aws_elb.elb-masters.name}"]
+
+  tag {
+    key = "Name"
+    value = "k8s-master"
+    propagate_at_launch = true
+  }
+  tag {
+    key = "role"
+    value = "master"
+    propagate_at_launch = true
+  }
+  tag {
+    key = "env"
+    value = "${var.env}"
+    propagate_at_launch = true
+  }
+}
+
+resource "aws_autoscaling_group" "etcd" {
+  availability_zones = ["${split(",", var.av_zones)}"]
+  vpc_zone_identifier = ["${split(",", var.nodes.subnets)}"]
+  name = "k8s-as-etcd"
+  max_size = 3
+  min_size = 3
+  desired_capacity = 3
+  health_check_type = "EC2"
+  health_check_grace_period = 300
+  launch_configuration = "${aws_launch_configuration.lc-etcd.name}"
+
+  tag {
+    key = "Name"
+    value = "k8s-etcd"
+    propagate_at_launch = true
+  }
+  tag {
+    key = "role"
+    value = "etcd"
+    propagate_at_launch = true
+  }
+  tag {
+    key = "env"
+    value = "${var.env}"
+    propagate_at_launch = true
+  }
+}
+
+resource "aws_autoscaling_group" "nodes" {
+  availability_zones = ["${split(",", var.av_zones)}"]
+  vpc_zone_identifier = ["${split(",", var.nodes.subnets)}"]
+  name = "k8s-as-nodes"
+  max_size = 10
+  min_size = 2
+  desired_capacity = 3
+  health_check_grace_period = 300
+  health_check_type = "ELB"
+  launch_configuration = "${aws_launch_configuration.lc-nodes.name}"
+
+  tag {
+    key = "Name"
+    value = "k8s-node"
+    propagate_at_launch = true
+  }
+  tag {
+    key = "role"
+    value = "node"
+    propagate_at_launch = true
+  }
+  tag {
+    key = "env"
+    value = "${var.env}"
+    propagate_at_launch = true
+  }
+}
--- a/contrib/terraform/aws/autoscale/elb.tf
+++ b/contrib/terraform/aws/autoscale/elb.tf
@ -0,0 +1,28 @@
+resource "aws_elb" "elb-masters" {
+  name = "k8s-masters-elb"
+  availability_zones = ["${split(",", var.av_zones)}"]
+
+  listener {
+    instance_port = 80
+    instance_protocol = "http"
+    lb_port = 80
+    lb_protocol = "http"
+  }
+
+  health_check {
+    healthy_threshold = 2
+    unhealthy_threshold = 2
+    timeout = 3
+    target = "HTTP:80${var.masters.check}"
+    interval = 30
+  }
+
+  cross_zone_load_balancing = true
+  idle_timeout = 300
+  connection_draining = true
+  connection_draining_timeout = 300
+
+  tags {
+    Name = "elb-k8s-api"
+  }
+}
--- a/contrib/terraform/aws/autoscale/iam.tf
+++ b/contrib/terraform/aws/autoscale/iam.tf
@ -0,0 +1,137 @@
+resource "aws_iam_instance_profile" "masters" {
+    name = "masters"
+    roles = ["${aws_iam_role.masters.name}"]
+}
+
+resource "aws_iam_role" "masters" {
+    name = "masters"
+    path = "/"
+    assume_role_policy = <<EOF
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Action": "sts:AssumeRole",
+      "Principal": {
+        "Service": "ec2.amazonaws.com"
+      },
+      "Effect": "Allow",
+      "Sid": ""
+    }
+  ]
+}
+EOF
+}
+
+resource "aws_iam_role_policy" "masters" {
+    name = "masters_policy"
+    role = "${aws_iam_role.masters.id}"
+    policy = <<EOF
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Action": [
+        "ec2:Describe*"
+      ],
+      "Effect": "Allow",
+      "Resource": "*"
+    }
+  ]
+}
+EOF
+}
+
+resource "aws_iam_instance_profile" "nodes" {
+    name = "nodes"
+    roles = ["${aws_iam_role.nodes.name}"]
+}
+
+resource "aws_iam_role" "nodes" {
+    name = "nodes"
+    path = "/"
+    assume_role_policy = <<EOF
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Action": "sts:AssumeRole",
+      "Principal": {
+        "Service": "ec2.amazonaws.com"
+      },
+      "Effect": "Allow",
+      "Sid": ""
+    }
+  ]
+}
+EOF
+}
+
+resource "aws_iam_role_policy" "nodes" {
+    name = "nodes_policy"
+    role = "${aws_iam_role.nodes.id}"
+    policy = <<EOF
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Action": [
+        "ec2:Describe*"
+      ],
+      "Effect": "Allow",
+      "Resource": "*"
+    },{
+      "Action": [
+        "elasticloadbalancing:*"
+      ],
+      "Effect": "Allow",
+      "Resource": "*"
+    }
+  ]
+}
+EOF
+}
+
+resource "aws_iam_instance_profile" "etcd" {
+    name = "etcd"
+    roles = ["${aws_iam_role.etcd.name}"]
+}
+
+resource "aws_iam_role" "etcd" {
+    name = "etcd"
+    path = "/"
+    assume_role_policy = <<EOF
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Action": "sts:AssumeRole",
+      "Principal": {
+        "Service": "ec2.amazonaws.com"
+      },
+      "Effect": "Allow",
+      "Sid": ""
+    }
+  ]
+}
+EOF
+}
+
+resource "aws_iam_role_policy" "etcd" {
+    name = "etcd_policy"
+    role = "${aws_iam_role.etcd.id}"
+    policy = <<EOF
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Action": [
+        "ec2:Describe*"
+      ],
+      "Effect": "Allow",
+      "Resource": "*"
+    }
+  ]
+}
+EOF
+}
--- a/contrib/terraform/aws/autoscale/lc.tf
+++ b/contrib/terraform/aws/autoscale/lc.tf
@ -0,0 +1,39 @@
+resource "aws_launch_configuration" "lc-masters" {
+    name = "k8s-masters-lc"
+    image_id = "${var.masters.ami}"
+    instance_type = "${var.masters.type}"
+    iam_instance_profile = "${aws_iam_instance_profile.masters.id}"
+    key_name = "${var.masters.key}"
+    security_groups = ["${var.masters.sg}"]
+
+    lifecycle {
+      create_before_destroy = true
+    }
+}
+
+resource "aws_launch_configuration" "lc-etcd" {
+    name = "k8s-etcd-lc"
+    image_id = "${var.etcd.ami}"
+    instance_type = "${var.etcd.type}"
+    iam_instance_profile = "${aws_iam_instance_profile.etcd.id}"
+    key_name = "${var.etcd.key}"
+    security_groups = ["${var.etcd.sg}"]
+
+    lifecycle {
+      create_before_destroy = true
+    }
+}
+
+
+resource "aws_launch_configuration" "lc-nodes" {
+    name = "k8s-nodes-lc"
+    image_id = "${var.nodes.ami}"
+    instance_type = "${var.nodes.type}"
+    iam_instance_profile = "${aws_iam_instance_profile.nodes.id}"
+    key_name = "${var.nodes.key}"
+    security_groups = ["${var.nodes.sg}"]
+
+    lifecycle {
+      create_before_destroy = true
+    }
+}
--- a/contrib/terraform/aws/autoscale/variables.tf.sample
+++ b/contrib/terraform/aws/autoscale/variables.tf.sample
@ -0,0 +1,42 @@
+variable "aws_region" {
+  default     = "eu-central-1"
+}
+
+variable "env" {
+    default = "dev"
+}
+
+variable "av_zones" {
+    default = "eu-central-1a,eu-central-1b"
+}
+
+variable "masters" {
+    default {
+        key = "MY-KEY"
+        type = "t2.micro"
+        ami = "ami-ccc021a3" #Debian jessie 8.4
+        sg = "SG-MASTERS"
+        subnets = "subnet-AAAAAAAA,subnet-BBBBBBBB"
+        check = "/version"
+     }
+}
+
+variable "etcd" {
+    default {
+        key = "MY-KEY"
+        type = "t2.micro"
+        ami = "ami-ccc021a3" #Debian jessie 8.4
+        sg = "sg-ETCD"
+        subnets = "subnet-AAAAAAAA,subnet-BBBBBBBB"
+     }
+}
+
+variable "nodes" {
+    default {
+        key = "zied-eu-central-1"
+        type = "t2.micro"
+        ami = "ami-ccc021a3" #Debian jessie 8.4
+        sg = "sg-NODES"
+        subnets = "subnet-AAAAAAAA,subnet-BBBBBBBB"
+     }
+}