diff --git a/.circleci/config.yml b/.circleci/config.yml index f8378c2..c27d00f 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -5,10 +5,10 @@ jobs: working_directory: ~/repo docker: - - image: unifio/ci:3.0.622-ruby-2.5.3 + - image: unifio/ci:5.0.945-ruby-2.5.5 environment: - AWS_REGION: 'us-east-2' + AWS_REGION: 'us-east-1' CI_REPORTS: 'reports/infrastructure' TF_PLUGIN_CACHE_DIR: "/root/.terraform.d/plugin-cache" diff --git a/.env.docker b/.env.docker index cfa2e93..2076db9 100644 --- a/.env.docker +++ b/.env.docker @@ -1,4 +1,7 @@ -AWS_REGION=us-east-2 +AWS_REGION=us-east-1 +AWS_PROFILE=unifiouat +AWS_DEFAULT_PROFILE=unifiouat +AWS_DEFAULT_REGION=us-east-1 COVALENCE_LOG=info COVALENCE_TEST_ENVS=basic,complete CHECKPOINT_DISABLE=1 diff --git a/CHANGELOG.md b/CHANGELOG.md index a9e1285..2f74e18 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,14 @@ #### IMPROVEMENTS / NEW FEATURES: * Add support for application auto scaling +## 0.4.0 (May 28, 2020) + +#### IMPROVEMENTS / NEW FEATURES: +* Updated for Terraform v0.12 + +#### BACKWARDS INCOMPATIBILITIES / NOTES: +* Terraform versions earlier than 0.12.0 no longer supported. + ## 0.3.3 (March 10, 2019) #### BACKWARDS INCOMPATIBILITIES / NOTES: diff --git a/README.md b/README.md index e4a4264..3b25fc1 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,7 @@ Terraform module for the deployment of an AWS Elastic Container Service (ECS) cl ## Requirements ## -- Terraform 0.11.0 or newer +- Terraform 0.12.0 or newer - AWS provider ## Cluster module ## diff --git a/cluster/iam.tf b/cluster/iam.tf index 95e50c2..46782ff 100644 --- a/cluster/iam.tf +++ b/cluster/iam.tf @@ -14,15 +14,15 @@ data "aws_iam_policy_document" "agent_policy" { } resource "aws_iam_role" "agent_role" { - assume_role_policy = "${data.aws_iam_policy_document.agent_policy.json}" + assume_role_policy = data.aws_iam_policy_document.agent_policy.json name = "ecs-agent-${var.cluster_label}-${var.stack_item_label}-${data.aws_region.current.name}" - path = "${var.iam_path}" + path = var.iam_path } resource "aws_iam_instance_profile" "agent_profile" { name = "ecs-agent-${var.cluster_label}-${var.stack_item_label}-${data.aws_region.current.name}" - path = "${var.iam_path}" - role = "${aws_iam_role.agent_role.name}" + path = var.iam_path + role = aws_iam_role.agent_role.name } ### Creates monitoring policy @@ -40,8 +40,8 @@ data "aws_iam_policy_document" "monitoring_policy" { resource "aws_iam_role_policy" "monitoring_policy" { name = "monitoring" - policy = "${data.aws_iam_policy_document.monitoring_policy.json}" - role = "${aws_iam_role.agent_role.id}" + policy = data.aws_iam_policy_document.monitoring_policy.json + role = aws_iam_role.agent_role.id } ### Creates resource tagging policy @@ -55,8 +55,8 @@ data "aws_iam_policy_document" "tagging_policy" { resource "aws_iam_role_policy" "tagging_policy" { name = "tagging" - policy = "${data.aws_iam_policy_document.tagging_policy.json}" - role = "${aws_iam_role.agent_role.id}" + policy = data.aws_iam_policy_document.tagging_policy.json + role = aws_iam_role.agent_role.id } ### Creates Elastic Container Service (ECS) service policy @@ -80,13 +80,13 @@ data "aws_iam_policy_document" "ecs_policy" { resource "aws_iam_role_policy" "ecs_policy" { name = "ecs" - policy = "${data.aws_iam_policy_document.ecs_policy.json}" - role = "${aws_iam_role.agent_role.id}" + policy = data.aws_iam_policy_document.ecs_policy.json + role = aws_iam_role.agent_role.id } ### Creates Simple Storage Service (S3) policy for logging buckets data "aws_iam_policy_document" "logging_policy" { - count = "${var.logs_bucket_enabled == "true" ? "1" : "0"}" + count = var.logs_bucket_enabled == "true" ? "1" : "0" statement { actions = ["s3:ListBucket"] @@ -106,9 +106,10 @@ data "aws_iam_policy_document" "logging_policy" { } resource "aws_iam_role_policy" "logging_policy" { - count = "${var.logs_bucket_enabled == "true" ? "1" : "0"}" + count = var.logs_bucket_enabled == "true" ? "1" : "0" name = "logging" - policy = "${data.aws_iam_policy_document.logging_policy.json}" - role = "${aws_iam_role.agent_role.id}" + policy = data.aws_iam_policy_document.logging_policy[0].json + role = aws_iam_role.agent_role.id } + diff --git a/cluster/main.tf b/cluster/main.tf index 1cabf20..31ecc05 100644 --- a/cluster/main.tf +++ b/cluster/main.tf @@ -1,19 +1,15 @@ # Elastic Container Service (ECS) cluster -## Set Terraform version constraint -terraform { - required_version = "> 0.11.0" +data "aws_region" "current" { } -data "aws_region" "current" {} - ## Creates cloud-config data for agent cluster data "template_file" "user_data" { - template = "${var.user_data_override != "" ? "" : file("${path.module}/templates/user_data.hcl")}" + template = var.user_data_override != "" ? "" : file("${path.module}/templates/user_data.hcl") - vars { - cluster_label = "${var.cluster_label}" - stack_item_label = "${var.stack_item_label}" + vars = { + cluster_label = var.cluster_label + stack_item_label = var.stack_item_label } } @@ -44,58 +40,61 @@ data "aws_ami" "ecs_ami" { } module "cluster" { - source = "github.com/unifio/terraform-aws-asg?ref=v0.3.7//group" + source = "github.com/unifio/terraform-aws-asg?ref=upgrade-0.12//group" # Resource tags - stack_item_fullname = "${var.stack_item_fullname}" + stack_item_fullname = var.stack_item_fullname stack_item_label = "${var.cluster_label}-${var.stack_item_label}" # VPC parameters - subnets = ["${var.subnets}"] - vpc_id = "${var.vpc_id}" + subnets = var.subnets + vpc_id = var.vpc_id # LC parameters - ami = "${coalesce(var.ami_override,data.aws_ami.ecs_ami.id)}" - associate_public_ip_address = "${var.associate_public_ip_address}" - ebs_optimized = "${var.ebs_optimized}" - ebs_vol_del_on_term = "${var.ebs_vol_del_on_term}" - ebs_vol_device_name = "${var.ebs_vol_device_name}" - ebs_vol_encrypted = "${var.ebs_vol_encrypted}" - ebs_vol_iops = "${var.ebs_vol_iops}" - ebs_vol_size = "${var.ebs_vol_size}" - ebs_vol_snapshot_id = "${var.ebs_vol_snapshot_id}" - ebs_vol_type = "${var.ebs_vol_type}" - enable_monitoring = "${var.enable_monitoring}" - instance_based_naming_enabled = "${var.instance_based_naming_enabled}" - instance_name_prefix = "${var.instance_name_prefix}" - instance_profile = "${aws_iam_instance_profile.agent_profile.id}" - instance_tags = "${var.instance_tags}" - instance_type = "${var.instance_type}" - key_name = "${var.key_name}" - placement_tenancy = "${var.placement_tenancy}" - root_vol_del_on_term = "${var.root_vol_del_on_term}" - root_vol_iops = "${var.root_vol_iops}" - root_vol_size = "${var.root_vol_size}" - root_vol_type = "${var.root_vol_type}" - security_groups = ["${distinct(concat(list(module.consul.sg_id), compact(var.security_groups)))}"] - spot_price = "${var.spot_price}" - user_data = "${coalesce(var.user_data_override,data.template_file.user_data.rendered)}" + ami = coalesce(var.ami_override, data.aws_ami.ecs_ami.id) + associate_public_ip_address = var.associate_public_ip_address + ebs_optimized = var.ebs_optimized + ebs_vol_del_on_term = var.ebs_vol_del_on_term + ebs_vol_device_name = var.ebs_vol_device_name + ebs_vol_encrypted = var.ebs_vol_encrypted + ebs_vol_iops = var.ebs_vol_iops + ebs_vol_size = var.ebs_vol_size + ebs_vol_snapshot_id = var.ebs_vol_snapshot_id + ebs_vol_type = var.ebs_vol_type + enable_monitoring = var.enable_monitoring + instance_based_naming_enabled = var.instance_based_naming_enabled + instance_name_prefix = var.instance_name_prefix + instance_profile = aws_iam_instance_profile.agent_profile.id + instance_tags = var.instance_tags + instance_type = var.instance_type + key_name = var.key_name + placement_tenancy = var.placement_tenancy + root_vol_del_on_term = var.root_vol_del_on_term + root_vol_iops = var.root_vol_iops + root_vol_size = var.root_vol_size + root_vol_type = var.root_vol_type + security_groups = distinct(concat([module.consul.sg_id], compact(var.security_groups))) + spot_price = var.spot_price + user_data = coalesce( + var.user_data_override, + data.template_file.user_data.rendered, + ) # ASG parameters - default_cooldown = "${var.default_cooldown}" - desired_capacity = "${var.desired_capacity}" - enabled_metrics = ["${var.enabled_metrics}"] - force_delete = "${var.force_delete}" - hc_check_type = "${var.hc_check_type}" - hc_grace_period = "${var.hc_grace_period}" - max_size = "${var.max_size}" - min_size = "${var.min_size}" - placement_group = "${var.placement_group}" - protect_from_scale_in = "${var.protect_from_scale_in}" - suspended_processes = ["${var.suspended_processes}"] - target_group_arns = ["${var.target_group_arns}"] - termination_policies = ["${var.termination_policies}"] - wait_for_capacity_timeout = "${var.wait_for_capacity_timeout}" + default_cooldown = var.default_cooldown + desired_capacity = var.desired_capacity + enabled_metrics = var.enabled_metrics + force_delete = var.force_delete + hc_check_type = var.hc_check_type + hc_grace_period = var.hc_grace_period + max_size = var.max_size + min_size = var.min_size + placement_group = var.placement_group + protect_from_scale_in = var.protect_from_scale_in + suspended_processes = var.suspended_processes + target_group_arns = var.target_group_arns + termination_policies = var.termination_policies + wait_for_capacity_timeout = var.wait_for_capacity_timeout } ## Updates security groups @@ -103,7 +102,7 @@ resource "aws_security_group_rule" "agent_egress" { cidr_blocks = ["0.0.0.0/0"] from_port = 0 protocol = -1 - security_group_id = "${module.cluster.sg_id}" + security_group_id = module.cluster.sg_id to_port = 0 type = "egress" } @@ -118,31 +117,32 @@ module "consul" { source = "../consul" # Resource tags - stack_item_fullname = "${var.stack_item_fullname}" + stack_item_fullname = var.stack_item_fullname stack_item_label = "${var.cluster_label}-${var.stack_item_label}" # ECS parameters - cluster_id = "${aws_ecs_cluster.cluster.id}" - cluster_name = "${aws_ecs_cluster.cluster.name}" - cluster_sg_id = "${module.cluster.sg_id}" - iam_path = "${var.iam_path}" - vpc_id = "${var.vpc_id}" + cluster_id = aws_ecs_cluster.cluster.id + cluster_name = aws_ecs_cluster.cluster.name + cluster_sg_id = module.cluster.sg_id + iam_path = var.iam_path + vpc_id = var.vpc_id # Service discovery parameters ## TODO: Enable for auto scaling - agent_config_override = "${var.agent_config_override}" - agent_desired_count = "${((length(var.desired_capacity) > 0 ? var.desired_capacity : var.min_size) - var.server_desired_count) >= 0 ? (var.min_size - var.server_desired_count) : "0"}" - agent_task_arn_override = "${var.agent_task_arn_override}" - consul_dc = "${var.consul_dc}" - consul_docker_image = "${var.consul_docker_image}" - registrator_config_override = "${var.registrator_config_override}" - registrator_desired_count = "${length(var.desired_capacity) > 0 ? var.desired_capacity : var.min_size}" - registrator_docker_image = "${var.registrator_docker_image}" - registrator_task_arn_override = "${var.registrator_task_arn_override}" - server_config_override = "${var.server_config_override}" - server_desired_count = "${var.server_desired_count}" - server_task_arn_override = "${var.server_task_arn_override}" - service_discovery_enabled = "${(var.min_size - var.server_desired_count) < 0 ? "false" : var.service_discovery_enabled}" - service_registration_enabled = "${var.service_registration_enabled}" + agent_config_override = var.agent_config_override + agent_desired_count = length(var.desired_capacity) > 0 ? var.desired_capacity : var.min_size - var.server_desired_count >= 0 ? var.min_size - var.server_desired_count : "0" + agent_task_arn_override = var.agent_task_arn_override + consul_dc = var.consul_dc + consul_docker_image = var.consul_docker_image + registrator_config_override = var.registrator_config_override + registrator_desired_count = length(var.desired_capacity) > 0 ? var.desired_capacity : var.min_size + registrator_docker_image = var.registrator_docker_image + registrator_task_arn_override = var.registrator_task_arn_override + server_config_override = var.server_config_override + server_desired_count = var.server_desired_count + server_task_arn_override = var.server_task_arn_override + service_discovery_enabled = var.min_size - var.server_desired_count < 0 ? "false" : var.service_discovery_enabled + service_registration_enabled = var.service_registration_enabled } + diff --git a/cluster/outputs.tf b/cluster/outputs.tf index 1b549c4..a03855a 100644 --- a/cluster/outputs.tf +++ b/cluster/outputs.tf @@ -1,25 +1,26 @@ # Outputs output "agent_role_id" { - value = "${aws_iam_role.agent_role.id}" + value = aws_iam_role.agent_role.id } output "cluster_id" { - value = "${aws_ecs_cluster.cluster.id}" + value = aws_ecs_cluster.cluster.id } output "cluster_name" { - value = "${aws_ecs_cluster.cluster.name}" + value = aws_ecs_cluster.cluster.name } output "consul_sg_id" { - value = "${module.consul.sg_id}" + value = module.consul.sg_id } output "consul_target_group_arn" { - value = "${module.consul.target_group_arn}" + value = module.consul.target_group_arn } output "sg_id" { - value = "${module.cluster.sg_id}" + value = module.cluster.sg_id } + diff --git a/cluster/variables.tf b/cluster/variables.tf index 94bda61..12c4b9f 100644 --- a/cluster/variables.tf +++ b/cluster/variables.tf @@ -2,28 +2,28 @@ ## Resource tags variable "cluster_label" { - type = "string" + type = string description = "Short form identifier for this cluster." } variable "stack_item_fullname" { - type = "string" + type = string description = "Long form descriptive name for this stack item. This value is used to create the 'application' resource tag for resources created by this stack item." } variable "stack_item_label" { - type = "string" + type = string description = "Short form identifier for this stack. This value is used to create the 'Name' resource tag for resources created by this stack item, and also serves as a unique key for re-use." } ## VPC parameters variable "subnets" { - type = "list" + type = list(string) description = "A list of subnet IDs to launch resources in." } variable "vpc_id" { - type = "string" + type = string description = "ID of the target VPC." } @@ -31,37 +31,37 @@ variable "vpc_id" { ### LC parameters variable "ami_override" { - type = "string" + type = string description = "Custom Amazon Machine Image (AMI) to associate with the launch configuration." default = "" } variable "associate_public_ip_address" { - type = "string" + type = string description = "Flag for associating public IP addresses with instances managed by the auto scaling group." default = "" } variable "ebs_optimized" { - type = "string" + type = string description = "Flag to enable EBS optimization." default = "false" } variable "ebs_vol_del_on_term" { - type = "string" + type = string description = "Whether the volume should be destroyed on instance termination." default = "true" } variable "ebs_vol_device_name" { - type = "string" + type = string description = "The name of the device to mount." default = "" } variable "ebs_vol_encrypted" { - type = "string" + type = string description = "Whether the volume should be encrypted or not. Do not use this option if you are using 'ebs_vol_snapshot_id' as the encrypted flag will be determined by the snapshot." default = "" } @@ -71,55 +71,55 @@ http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html For the best per-I/O latency experience, we recommend that you provision an IOPS-to-GiB ratio greater than 2:1. For example, a 2,000 IOPS volume should be smaller than 1,000 GiB. */ variable "ebs_vol_iops" { - type = "string" + type = string description = "The amount of provisioned IOPS. Only utilized with 'ebs_vol_type' of 'io1'." default = "2000" } variable "ebs_vol_size" { - type = "string" + type = string description = "The size of the volume in gigabytes." default = "" } variable "ebs_vol_snapshot_id" { - type = "string" + type = string description = "The Snapshot ID to mount." default = "" } variable "ebs_vol_type" { - type = "string" + type = string description = "The type of volume. Valid values are 'standard', 'gp2' and 'io1'." default = "gp2" } variable "enable_monitoring" { - type = "string" + type = string description = "Flag to enable detailed monitoring." default = "" } variable "iam_path" { - type = "string" + type = string description = "The path to the IAM resource." default = "/" } variable "instance_based_naming_enabled" { - type = "string" + type = string description = "Flag to enable instance-id based name tagging. Requires the AWS CLI to be installed on the instance. Currently only supports Linux based systems." default = "" } variable "instance_name_prefix" { - type = "string" + type = string description = "String to prepend instance-id based name tags with." default = "" } variable "instance_tags" { - type = "map" + type = map(string) description = "Map of tags to add to instances. Requires the AWS CLI to be installed on the instance. Currently only supports Linux based systems." default = { @@ -128,36 +128,36 @@ variable "instance_tags" { } variable "instance_type" { - type = "string" + type = string description = "The EC2 instance type to associate with the launch configuration." } variable "key_name" { - type = "string" + type = string description = "The SSH key pair to associate with the launch configuration." default = "" } variable "logs_bucket_enabled" { - type = "string" + type = string description = "Flag for enabling access to the logs bucket from the instances." default = "false" } variable "logs_bucket_name" { - type = "string" + type = string description = "Name of the S3 bucket for logging." default = "" } variable "placement_tenancy" { - type = "string" + type = string description = "The tenancy of the instance. Valid values are 'default' or 'dedicated'." default = "default" } variable "root_vol_del_on_term" { - type = "string" + type = string description = "Whether the volume should be destroyed on instance termination." default = "true" } @@ -167,193 +167,194 @@ http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html For the best per-I/O latency experience, we recommend that you provision an IOPS-to-GiB ratio greater than 2:1. For example, a 2,000 IOPS volume should be smaller than 1,000 GiB. */ variable "root_vol_iops" { - type = "string" + type = string description = "The amount of provisioned IOPS. Only utilized with 'root_vol_type' of 'io1'" default = "2000" } variable "root_vol_size" { - type = "string" + type = string description = "The size of the volume in gigabytes." default = "" } variable "root_vol_type" { - type = "string" + type = string description = "The type of volume. Valid values are 'standard', 'gp2' and 'io1'." default = "gp2" } variable "security_groups" { - type = "list" + type = list(string) description = "A list of security group IDs to associate with the instances." default = [] } variable "spot_price" { - type = "string" + type = string description = "The price to use for reserving spot instances." default = "" } variable "user_data_override" { - type = "string" + type = string description = "Custom instance initialization data to associate with the launch configuration." default = "" } ### ASG parameters variable "default_cooldown" { - type = "string" + type = string description = "The amount of time, in seconds, after a scaling activity completes before another scaling activity can start." default = "" } variable "desired_capacity" { - type = "string" + type = string description = "The number of Amazon EC2 instances that should be running in the group." default = "" } variable "enabled_metrics" { - type = "list" + type = list(string) description = "A list of metrics to collect. The allowed values are 'GroupMinSize', 'GroupMaxSize', 'GroupDesiredCapacity', 'GroupInServiceInstances', 'GroupPendingInstances', 'GroupStandbyInstances', 'GroupTerminatingInstances', 'GroupTotalInstances'." default = [] } variable "force_delete" { - type = "string" + type = string description = "Flag to allow deletion of the auto scaling group without waiting for all instances in the pool to terminate." default = "false" } variable "hc_check_type" { - type = "string" + type = string description = "Type of health check performed by the auto scaling group. Valid values are 'ELB' or 'EC2'." default = "" } variable "hc_grace_period" { - type = "string" + type = string description = "Time allowed after an instance comes into service before checking health." default = "" } variable "max_size" { - type = "string" + type = string description = "The maximum number of instances allowed by the auto scaling group." } variable "min_size" { - type = "string" + type = string description = "The minimum number of instance to be maintained by the auto scaling group." } variable "placement_group" { - type = "string" + type = string description = "The name of the placement group into which you'll launch your instances, if any." default = "" } variable "protect_from_scale_in" { - type = "string" + type = string description = "Allows setting instance protection. The autoscaling group will not select instances with this setting for terminination during scale in events." default = "" } variable "suspended_processes" { - type = "list" + type = list(string) description = "A list of processes to suspend for the AutoScaling Group. The allowed values are 'Launch', 'Terminate', 'HealthCheck', 'ReplaceUnhealthy', 'AZRebalance', 'AlarmNotification', 'ScheduledActions', 'AddToLoadBalancer'. Note that if you suspend either the 'Launch' or 'Terminate' process types, it can prevent your autoscaling group from functioning properly." default = [] } variable "target_group_arns" { - type = "list" + type = list(string) description = "A list of 'aws_alb_target_group' ARNs, for use with Application Load Balancing" default = [] } variable "termination_policies" { - type = "list" + type = list(string) description = "A list of policies to decide how the instances in the auto scale group should be terminated. The allowed values are 'OldestInstance', 'NewestInstance', 'OldestLaunchConfiguration', 'ClosestToNextInstanceHour', 'Default'." default = [] } variable "wait_for_capacity_timeout" { - type = "string" + type = string description = "A maximum duration that Terraform should wait for ASG managed instances to become healthy before timing out." default = "" } ## Service discovery parameters variable "agent_config_override" { - type = "string" + type = string description = "Consul agent ECS task configuration JSON." default = "" } variable "agent_task_arn_override" { - type = "string" + type = string description = "Consul agent ECS task ARN." default = "" } variable "consul_dc" { - type = "string" + type = string description = "Consul datacenter of the specified cluster." default = "dc1" } variable "consul_docker_image" { - type = "string" + type = string description = "Consul Docker image and tag" default = "consul:latest" } variable "registrator_config_override" { - type = "string" + type = string description = "Registrator ECS task configuration JSON." default = "" } variable "registrator_docker_image" { - type = "string" + type = string description = "Registrator Docker image and tag" default = "gliderlabs/registrator:v7" } variable "registrator_task_arn_override" { - type = "string" + type = string description = "Registrator ECS task ARN." default = "" } variable "server_config_override" { - type = "string" + type = string description = "Consul server ECS task configuration JSON." default = "" } variable "server_task_arn_override" { - type = "string" + type = string description = "Consul server ECS task ARN." default = "" } variable "server_desired_count" { - type = "string" + type = string description = "The number of Consul server containers to run." default = "3" } variable "service_discovery_enabled" { - type = "string" + type = string description = "Flag for the deployment of Consul service discovery and configuration." default = "false" } variable "service_registration_enabled" { - type = "string" + type = string description = "Flag for the deployment of Registrator service registration." default = "false" } + diff --git a/cluster/versions.tf b/cluster/versions.tf new file mode 100644 index 0000000..ac97c6a --- /dev/null +++ b/cluster/versions.tf @@ -0,0 +1,4 @@ + +terraform { + required_version = ">= 0.12" +} diff --git a/consul/iam.tf b/consul/iam.tf index cd3d467..cb7f7f7 100644 --- a/consul/iam.tf +++ b/consul/iam.tf @@ -2,7 +2,7 @@ ## Creates IAM role for Consul ECS services data "aws_iam_policy_document" "consul_policy" { - count = "${local.service_discovery_check}" + count = local.service_discovery_check statement { actions = ["sts:AssumeRole"] @@ -16,15 +16,15 @@ data "aws_iam_policy_document" "consul_policy" { } resource "aws_iam_role" "consul_role" { - count = "${local.service_discovery_check}" + count = local.service_discovery_check - assume_role_policy = "${data.aws_iam_policy_document.consul_policy.json}" + assume_role_policy = data.aws_iam_policy_document.consul_policy[0].json name = "consul-${var.stack_item_label}-${data.aws_region.current.name}" - path = "${var.iam_path}" + path = var.iam_path } data "aws_iam_policy_document" "consul_ec2_policy" { - count = "${local.service_discovery_check}" + count = local.service_discovery_check statement { actions = [ @@ -37,16 +37,16 @@ data "aws_iam_policy_document" "consul_ec2_policy" { } resource "aws_iam_role_policy" "consul_ec2_policy" { - count = "${local.service_discovery_check}" + count = local.service_discovery_check name = "ec2" - policy = "${data.aws_iam_policy_document.consul_ec2_policy.json}" - role = "${aws_iam_role.consul_role.id}" + policy = data.aws_iam_policy_document.consul_ec2_policy[0].json + role = aws_iam_role.consul_role[0].id } ## Creates IAM role for the ECS service data "aws_iam_policy_document" "ecs_policy" { - count = "${local.service_discovery_check * local.consul_server_check}" + count = local.service_discovery_check * local.consul_server_check statement { actions = ["sts:AssumeRole"] @@ -60,11 +60,11 @@ data "aws_iam_policy_document" "ecs_policy" { } resource "aws_iam_role" "ecs_role" { - count = "${local.service_discovery_check * local.consul_server_check}" + count = local.service_discovery_check * local.consul_server_check - assume_role_policy = "${data.aws_iam_policy_document.ecs_policy.json}" + assume_role_policy = data.aws_iam_policy_document.ecs_policy[0].json name = "ecs-consul-${var.stack_item_label}-${data.aws_region.current.name}" - path = "${var.iam_path}" + path = var.iam_path } data "aws_iam_policy_document" "lb_policy" { @@ -85,11 +85,11 @@ data "aws_iam_policy_document" "lb_policy" { } resource "aws_iam_role_policy" "lb_policy" { - count = "${local.service_discovery_check * local.consul_server_check}" + count = local.service_discovery_check * local.consul_server_check name = "lb" - policy = "${data.aws_iam_policy_document.lb_policy.json}" - role = "${aws_iam_role.ecs_role.id}" + policy = data.aws_iam_policy_document.lb_policy.json + role = aws_iam_role.ecs_role[0].id } data "aws_iam_policy_document" "ecs_ec2_policy" { @@ -105,9 +105,10 @@ data "aws_iam_policy_document" "ecs_ec2_policy" { } resource "aws_iam_role_policy" "ecs_ec2_policy" { - count = "${local.service_discovery_check * local.consul_server_check}" + count = local.service_discovery_check * local.consul_server_check name = "ec2" - policy = "${data.aws_iam_policy_document.ecs_ec2_policy.json}" - role = "${aws_iam_role.ecs_role.id}" + policy = data.aws_iam_policy_document.ecs_ec2_policy.json + role = aws_iam_role.ecs_role[0].id } + diff --git a/consul/main.tf b/consul/main.tf index 3fc8716..a6497f1 100644 --- a/consul/main.tf +++ b/consul/main.tf @@ -1,30 +1,26 @@ # Consul service discovery & configuration -## Set Terraform version constraint -terraform { - required_version = "> 0.11.0" +data "aws_region" "current" { } -data "aws_region" "current" {} - locals { - service_discovery_check = "${var.service_discovery_enabled == "true" ? 1 : 0}" - consul_server_check = "${var.server_desired_count > 0 ? 1 : 0}" - consul_agent_check = "${var.agent_desired_count > 0 ? 1 : 0}" - registrator_check = "${var.service_registration_enabled == "true" ? 1 : 0}" + service_discovery_check = var.service_discovery_enabled == "true" ? 1 : 0 + consul_server_check = var.server_desired_count > 0 ? 1 : 0 + consul_agent_check = var.agent_desired_count > 0 ? 1 : 0 + registrator_check = var.service_registration_enabled == "true" ? 1 : 0 } ## Creates Consul communication security group resource "aws_security_group" "consul_sg" { - count = "${local.service_discovery_check * local.consul_server_check}" + count = local.service_discovery_check * local.consul_server_check description = "${var.stack_item_fullname} Consul security group" name_prefix = "consul-${var.stack_item_label}-" - vpc_id = "${var.vpc_id}" + vpc_id = var.vpc_id - tags { - application = "${var.stack_item_fullname}" + tags = { + application = var.stack_item_fullname managed_by = "terraform" Name = "consul-${var.stack_item_label}" } @@ -36,66 +32,66 @@ resource "aws_security_group" "consul_sg" { ### Traffic within the environment resource "aws_security_group_rule" "agent_consul_rpc" { - count = "${local.service_discovery_check * local.consul_server_check}" + count = local.service_discovery_check * local.consul_server_check from_port = 8300 protocol = "tcp" - security_group_id = "${aws_security_group.consul_sg.id}" + security_group_id = aws_security_group.consul_sg[0].id self = true to_port = 8300 type = "ingress" } resource "aws_security_group_rule" "agent_serf_lan_tcp" { - count = "${local.service_discovery_check * local.consul_server_check}" + count = local.service_discovery_check * local.consul_server_check from_port = 8301 protocol = "tcp" - security_group_id = "${aws_security_group.consul_sg.id}" + security_group_id = aws_security_group.consul_sg[0].id self = true to_port = 8301 type = "ingress" } resource "aws_security_group_rule" "agent_serf_lan_udp" { - count = "${local.service_discovery_check * local.consul_server_check}" + count = local.service_discovery_check * local.consul_server_check from_port = 8301 protocol = "udp" - security_group_id = "${aws_security_group.consul_sg.id}" + security_group_id = aws_security_group.consul_sg[0].id self = true to_port = 8301 type = "ingress" } resource "aws_security_group_rule" "agent_serf_wan_tcp" { - count = "${local.service_discovery_check * local.consul_server_check}" + count = local.service_discovery_check * local.consul_server_check from_port = 8302 protocol = "tcp" - security_group_id = "${aws_security_group.consul_sg.id}" + security_group_id = aws_security_group.consul_sg[0].id self = true to_port = 8302 type = "ingress" } resource "aws_security_group_rule" "agent_serf_wan_udp" { - count = "${local.service_discovery_check * local.consul_server_check}" + count = local.service_discovery_check * local.consul_server_check from_port = 8302 protocol = "udp" - security_group_id = "${aws_security_group.consul_sg.id}" + security_group_id = aws_security_group.consul_sg[0].id self = true to_port = 8302 type = "ingress" } resource "aws_security_group_rule" "agent_http" { - count = "${local.service_discovery_check * local.consul_server_check}" + count = local.service_discovery_check * local.consul_server_check from_port = 8500 protocol = "tcp" - security_group_id = "${aws_security_group.consul_sg.id}" + security_group_id = aws_security_group.consul_sg[0].id self = true to_port = 8500 type = "ingress" @@ -103,12 +99,12 @@ resource "aws_security_group_rule" "agent_http" { ## Creates ALB target group resource "aws_alb_target_group" "consul_group" { - count = "${local.service_discovery_check * local.consul_server_check}" + count = local.service_discovery_check * local.consul_server_check name = "consul-${var.stack_item_label}" port = 8500 protocol = "HTTP" - vpc_id = "${var.vpc_id}" + vpc_id = var.vpc_id health_check { path = "/v1/agent/self" @@ -116,8 +112,8 @@ resource "aws_alb_target_group" "consul_group" { protocol = "HTTP" } - tags { - application = "${var.stack_item_fullname}" + tags = { + application = var.stack_item_fullname Name = "consul-${var.stack_item_label}" managed_by = "terraform" } @@ -127,25 +123,28 @@ resource "aws_alb_target_group" "consul_group" { ### Consul server data "template_file" "server_config" { - count = "${local.service_discovery_check * local.consul_server_check}" + count = local.service_discovery_check * local.consul_server_check - template = "${file("${path.module}/templates/server.hcl")}" + template = file("${path.module}/templates/server.hcl") - vars { - bootstrap_expect = "${var.server_desired_count}" - consul_dc = "${var.consul_dc}" - docker_image = "${var.consul_docker_image}" - join = "${var.cluster_name}" + vars = { + bootstrap_expect = var.server_desired_count + consul_dc = var.consul_dc + docker_image = var.consul_docker_image + join = var.cluster_name } } resource "aws_ecs_task_definition" "server_task" { - count = "${local.service_discovery_check * local.consul_server_check}" + count = local.service_discovery_check * local.consul_server_check - container_definitions = "${coalesce(var.server_config_override,data.template_file.server_config.rendered)}" - family = "consul-server-${var.stack_item_label}" - network_mode = "host" - task_role_arn = "${aws_iam_role.consul_role.arn}" + container_definitions = coalesce( + var.server_config_override, + data.template_file.server_config[0].rendered, + ) + family = "consul-server-${var.stack_item_label}" + network_mode = "host" + task_role_arn = aws_iam_role.consul_role[0].arn volume { host_path = "/etc/consul.d" @@ -160,24 +159,27 @@ resource "aws_ecs_task_definition" "server_task" { ### Consul agent data "template_file" "agent_config" { - count = "${local.service_discovery_check * local.consul_agent_check}" + count = local.service_discovery_check * local.consul_agent_check - template = "${file("${path.module}/templates/agent.hcl")}" + template = file("${path.module}/templates/agent.hcl") - vars { - consul_dc = "${var.consul_dc}" - docker_image = "${var.consul_docker_image}" - join = "${var.cluster_name}" + vars = { + consul_dc = var.consul_dc + docker_image = var.consul_docker_image + join = var.cluster_name } } resource "aws_ecs_task_definition" "agent_task" { - count = "${local.service_discovery_check * local.consul_agent_check}" + count = local.service_discovery_check * local.consul_agent_check - container_definitions = "${coalesce(var.agent_config_override,data.template_file.agent_config.rendered)}" - family = "consul-agent-${var.stack_item_label}" - network_mode = "host" - task_role_arn = "${aws_iam_role.consul_role.arn}" + container_definitions = coalesce( + var.agent_config_override, + data.template_file.agent_config[0].rendered, + ) + family = "consul-agent-${var.stack_item_label}" + network_mode = "host" + task_role_arn = aws_iam_role.consul_role[0].arn volume { host_path = "/etc/consul.d" @@ -192,21 +194,24 @@ resource "aws_ecs_task_definition" "agent_task" { ### Registrator data "template_file" "registrator_config" { - count = "${local.service_discovery_check * local.registrator_check}" + count = local.service_discovery_check * local.registrator_check - template = "${file("${path.module}/templates/registrator.hcl")}" + template = file("${path.module}/templates/registrator.hcl") - vars { - docker_image = "${var.registrator_docker_image}" + vars = { + docker_image = var.registrator_docker_image } } resource "aws_ecs_task_definition" "registrator_task" { - count = "${local.service_discovery_check * local.registrator_check}" + count = local.service_discovery_check * local.registrator_check - container_definitions = "${coalesce(var.registrator_config_override,data.template_file.registrator_config.rendered)}" - family = "registrator-${var.stack_item_label}" - network_mode = "host" + container_definitions = coalesce( + var.registrator_config_override, + data.template_file.registrator_config[0].rendered, + ) + family = "registrator-${var.stack_item_label}" + network_mode = "host" volume { host_path = "/var/run/docker.sock" @@ -218,21 +223,24 @@ resource "aws_ecs_task_definition" "registrator_task" { ### Consul server resource "aws_ecs_service" "consul_server" { - count = "${local.service_discovery_check * local.consul_server_check}" - depends_on = ["aws_iam_role.ecs_role"] + count = local.service_discovery_check * local.consul_server_check + depends_on = [aws_iam_role.ecs_role] - cluster = "${var.cluster_id}" + cluster = var.cluster_id deployment_maximum_percent = "100" deployment_minimum_healthy_percent = "50" - desired_count = "${var.server_desired_count}" - iam_role = "${aws_iam_role.ecs_role.arn}" + desired_count = var.server_desired_count + iam_role = aws_iam_role.ecs_role[0].arn name = "consul-server" - task_definition = "${coalesce(var.server_task_arn_override,aws_ecs_task_definition.server_task.arn)}" + task_definition = coalesce( + var.server_task_arn_override, + aws_ecs_task_definition.server_task[0].arn, + ) load_balancer { container_name = "consul-server" container_port = "8500" - target_group_arn = "${aws_alb_target_group.consul_group.arn}" + target_group_arn = aws_alb_target_group.consul_group[0].arn } placement_constraints { @@ -242,14 +250,17 @@ resource "aws_ecs_service" "consul_server" { ### Consul agent resource "aws_ecs_service" "consul_agent" { - count = "${local.service_discovery_check * local.consul_agent_check}" + count = local.service_discovery_check * local.consul_agent_check - cluster = "${var.cluster_id}" + cluster = var.cluster_id deployment_maximum_percent = "100" deployment_minimum_healthy_percent = "50" - desired_count = "${var.agent_desired_count}" + desired_count = var.agent_desired_count name = "consul-agent" - task_definition = "${coalesce(var.agent_task_arn_override,aws_ecs_task_definition.agent_task.arn)}" + task_definition = coalesce( + var.agent_task_arn_override, + aws_ecs_task_definition.agent_task[0].arn, + ) placement_constraints { type = "distinctInstance" @@ -258,16 +269,20 @@ resource "aws_ecs_service" "consul_agent" { ### Registrator resource "aws_ecs_service" "registrator" { - count = "${local.service_discovery_check * local.registrator_check}" + count = local.service_discovery_check * local.registrator_check - cluster = "${var.cluster_id}" + cluster = var.cluster_id deployment_maximum_percent = "100" deployment_minimum_healthy_percent = "50" - desired_count = "${var.registrator_desired_count}" + desired_count = var.registrator_desired_count name = "registrator" - task_definition = "${coalesce(var.registrator_task_arn_override,aws_ecs_task_definition.registrator_task.arn)}" + task_definition = coalesce( + var.registrator_task_arn_override, + aws_ecs_task_definition.registrator_task[0].arn, + ) placement_constraints { type = "distinctInstance" } } + diff --git a/consul/outputs.tf b/consul/outputs.tf index 2303ea3..afa52ab 100644 --- a/consul/outputs.tf +++ b/consul/outputs.tf @@ -1,9 +1,10 @@ # Outputs output "sg_id" { - value = "${join(",", compact(aws_security_group.consul_sg.*.id))}" + value = join(",", compact(aws_security_group.consul_sg.*.id)) } output "target_group_arn" { - value = "${join(",", compact(aws_alb_target_group.consul_group.*.arn))}" + value = join(",", compact(aws_alb_target_group.consul_group.*.arn)) } + diff --git a/consul/variables.tf b/consul/variables.tf index 6526f31..82abaaf 100644 --- a/consul/variables.tf +++ b/consul/variables.tf @@ -2,91 +2,92 @@ ## Resource tags variable "stack_item_fullname" { - type = "string" + type = string } variable "stack_item_label" { - type = "string" + type = string } ## ECS parameters variable "cluster_id" { - type = "string" + type = string description = "ECS cluster ID." } variable "cluster_name" { - type = "string" + type = string description = "ECS cluster name." } variable "cluster_sg_id" { - type = "string" + type = string description = "ECS cluster security group ID." } variable "iam_path" { - type = "string" + type = string } variable "vpc_id" { - type = "string" + type = string description = "ID of the target VPC." } ## Service discovery parameters variable "agent_config_override" { - type = "string" + type = string } variable "agent_desired_count" { - type = "string" + type = string } variable "agent_task_arn_override" { - type = "string" + type = string } variable "consul_dc" { - type = "string" + type = string } variable "consul_docker_image" { - type = "string" + type = string } variable "registrator_config_override" { - type = "string" + type = string } variable "registrator_desired_count" { - type = "string" + type = string } variable "registrator_docker_image" { - type = "string" + type = string } variable "registrator_task_arn_override" { - type = "string" + type = string } variable "server_config_override" { - type = "string" + type = string } variable "server_desired_count" { - type = "string" + type = string } variable "server_task_arn_override" { - type = "string" + type = string } variable "service_discovery_enabled" { - type = "string" + type = string } variable "service_registration_enabled" { - type = "string" + type = string } + diff --git a/consul/versions.tf b/consul/versions.tf new file mode 100644 index 0000000..ac97c6a --- /dev/null +++ b/consul/versions.tf @@ -0,0 +1,4 @@ + +terraform { + required_version = ">= 0.12" +} diff --git a/data/globals.yaml b/data/globals.yaml index 76d561f..cda690d 100644 --- a/data/globals.yaml +++ b/data/globals.yaml @@ -2,5 +2,5 @@ # Global variables ## Terraform -tf_state_bucket: 'unifio-terraform-state' -tf_state_region: 'us-east-2' +tf_state_bucket: 'unifio-terrraform-state-us-east-1' +tf_state_region: 'us-east-1' diff --git a/data/stacks/common.yaml b/data/stacks/common.yaml index 3bcd315..02600ce 100644 --- a/data/stacks/common.yaml +++ b/data/stacks/common.yaml @@ -3,13 +3,14 @@ ## Complete examples examples::complete::vars: - ami_override: 'ami-abf2a9ce' # amzn-ami-2016.03.j-amazon-ecs-optimized + # https://us-east-1.console.aws.amazon.com/systems-manager/parameters/aws/service/ecs/optimized-ami/amazon-linux/recommended/image_id/description?region=us-east-1 + ami_override: 'ami-040d7258a1baecb27' cluster_label: 'exmpl' enable_monitoring: 'true' iam_path: '/terraform/' instance_based_naming_enabled: 'true' instance_type: 't2.nano' - region: 'us-east-2' + region: 'us-east-1' stack_item_label: 'cmpl' stack_item_fullname: 'Complete Examples' subnets: diff --git a/data/stacks/defaults.yaml b/data/stacks/defaults.yaml index 2ae8776..3d4f2aa 100644 --- a/data/stacks/defaults.yaml +++ b/data/stacks/defaults.yaml @@ -17,7 +17,7 @@ examples::basic::vars: instance_type: 't2.nano' max_size: '3' min_size: '2' - region: 'us-east-2' + region: 'us-east-1' stack_item_fullname: 'Basic Examples' stack_item_label: 'bsc' subnets: diff --git a/data/stacks/networking.yaml b/data/stacks/networking.yaml index 4202f6e..0c2e833 100644 --- a/data/stacks/networking.yaml +++ b/data/stacks/networking.yaml @@ -13,6 +13,6 @@ networking::state: ## Input variables examples::prereqs::vars: - region: 'us-east-2' + region: 'us-east-1' stack_item_fullname: 'ECS Examples' stack_item_label: 'ecs-exmpl' diff --git a/data/stacks/overrides.yaml b/data/stacks/overrides.yaml index ed5f1a9..b301d0d 100644 --- a/data/stacks/overrides.yaml +++ b/data/stacks/overrides.yaml @@ -13,7 +13,8 @@ overrides::state: ## Input variables examples::complete::vars: - ami_override: 'ami-abf2a9ce' # amzn-ami-2016.03.j-amazon-ecs-optimized + # https://us-east-1.console.aws.amazon.com/systems-manager/parameters/aws/service/ecs/optimized-ami/amazon-linux/recommended/image_id/description?region=us-east-1 + ami_override: 'ami-040d7258a1baecb27' cluster_label: 'exmpl' enable_monitoring: 'true' iam_path: '/terraform/' @@ -21,7 +22,7 @@ examples::complete::vars: instance_type: 't2.small' max_size: '3' min_size: '2' - region: 'us-east-2' + region: 'us-east-1' stack_item_fullname: 'Complete Examples' stack_item_label: 'cmpl' subnets: diff --git a/examples/basic/main.tf b/examples/basic/main.tf index 198bf88..9b8ab1d 100644 --- a/examples/basic/main.tf +++ b/examples/basic/main.tf @@ -2,7 +2,7 @@ ## Configures AWS provider provider "aws" { - region = "${var.region}" + region = var.region } ## Configures ECS cluster @@ -12,15 +12,15 @@ module "cluster" { source = "../../cluster" # Resource tags - cluster_label = "${var.cluster_label}" - stack_item_fullname = "${var.stack_item_fullname}" - stack_item_label = "${var.stack_item_label}" + cluster_label = var.cluster_label + stack_item_fullname = var.stack_item_fullname + stack_item_label = var.stack_item_label # Cluster parameters associate_public_ip_address = "true" - instance_type = "${var.instance_type}" - max_size = "${var.max_size}" - min_size = "${var.min_size}" - subnets = ["${var.subnets}"] - vpc_id = "${var.vpc_id}" + instance_type = var.instance_type + max_size = var.max_size + min_size = var.min_size + subnets = var.subnets + vpc_id = var.vpc_id } diff --git a/examples/basic/variables.tf b/examples/basic/variables.tf index 36fbbe9..f8035f1 100644 --- a/examples/basic/variables.tf +++ b/examples/basic/variables.tf @@ -2,38 +2,38 @@ ## Resource tags variable "cluster_label" { - type = "string" + type = string } variable "stack_item_fullname" { - type = "string" + type = string } variable "stack_item_label" { - type = "string" + type = string } ## Cluster parameters variable "instance_type" { - type = "string" + type = string } variable "max_size" { - type = "string" + type = string } variable "min_size" { - type = "string" + type = string } variable "region" { - type = "string" + type = string } variable "subnets" { - type = "list" + type = list(string) } variable "vpc_id" { - type = "string" + type = string } diff --git a/examples/complete/main.tf b/examples/complete/main.tf index 5f7599b..803fbf2 100644 --- a/examples/complete/main.tf +++ b/examples/complete/main.tf @@ -2,7 +2,7 @@ ## Configures AWS provider provider "aws" { - region = "${var.region}" + region = var.region } ## Creates logs bucket @@ -17,11 +17,11 @@ resource "aws_s3_bucket" "logs" { ## Creates cloud-config data "template_file" "init" { - template = "${file("${path.module}/user_data.hcl")}" + template = file("${path.module}/user_data.hcl") - vars { - cluster_label = "${var.cluster_label}" - stack_item_label = "${var.stack_item_label}" + vars = { + cluster_label = var.cluster_label + stack_item_label = var.stack_item_label } } @@ -32,33 +32,33 @@ module "cluster" { source = "../../cluster" # Resource tags - cluster_label = "${var.cluster_label}" - stack_item_fullname = "${var.stack_item_fullname}" - stack_item_label = "${var.stack_item_label}" + cluster_label = var.cluster_label + stack_item_fullname = var.stack_item_fullname + stack_item_label = var.stack_item_label # Cluster parameters associate_public_ip_address = "true" - ami_override = "${var.ami_override}" - enable_monitoring = "${var.enable_monitoring}" - iam_path = "${var.iam_path}" - instance_based_naming_enabled = "${var.instance_based_naming_enabled}" + ami_override = var.ami_override + enable_monitoring = var.enable_monitoring + iam_path = var.iam_path + instance_based_naming_enabled = var.instance_based_naming_enabled instance_tags = { "env" = "example" } - instance_type = "${var.instance_type}" + instance_type = var.instance_type logs_bucket_enabled = "true" - logs_bucket_name = "${aws_s3_bucket.logs.id}" - max_size = "${var.max_size}" - min_size = "${var.min_size}" - subnets = ["${var.subnets}"] - user_data_override = "${data.template_file.init.rendered}" - vpc_id = "${var.vpc_id}" + logs_bucket_name = aws_s3_bucket.logs.id + max_size = var.max_size + min_size = var.min_size + subnets = var.subnets + user_data_override = data.template_file.init.rendered + vpc_id = var.vpc_id # Service discovery parameters - service_discovery_enabled = "${var.service_discovery_enabled}" - service_registration_enabled = "${var.service_registration_enabled}" + service_discovery_enabled = var.service_discovery_enabled + service_registration_enabled = var.service_registration_enabled } # Configures ALB for internal dashboards @@ -67,10 +67,10 @@ module "cluster" { resource "aws_security_group" "lb" { name_prefix = "${var.stack_item_label}-lb-" description = "${var.stack_item_fullname} load balancer security group" - vpc_id = "${var.vpc_id}" + vpc_id = var.vpc_id - tags { - application = "${var.stack_item_fullname}" + tags = { + application = var.stack_item_fullname managed_by = "terraform" Name = "${var.stack_item_label}-lb" } @@ -81,7 +81,7 @@ resource "aws_security_group_rule" "lb_egress" { cidr_blocks = ["0.0.0.0/0"] from_port = 0 protocol = -1 - security_group_id = "${aws_security_group.lb.id}" + security_group_id = aws_security_group.lb.id to_port = 0 type = "egress" } @@ -90,20 +90,20 @@ resource "aws_security_group_rule" "lb_http" { cidr_blocks = ["0.0.0.0/0"] from_port = 80 protocol = "tcp" - security_group_id = "${aws_security_group.lb.id}" + security_group_id = aws_security_group.lb.id to_port = 80 type = "ingress" } resource "aws_alb" "lb" { name = "${var.cluster_label}-${var.stack_item_label}" - security_groups = ["${aws_security_group.lb.id}", "${module.cluster.consul_sg_id}"] - subnets = ["${var.subnets}"] + security_groups = [aws_security_group.lb.id, module.cluster.consul_sg_id] + subnets = var.subnets - tags { - application = "${var.stack_item_fullname}" + tags = { + application = var.stack_item_fullname managed_by = "terraform" - Name = "${var.stack_item_label}" + Name = var.stack_item_label } } @@ -111,44 +111,44 @@ resource "aws_alb_target_group" "default" { name = "default-${var.stack_item_label}" port = 80 protocol = "HTTP" - vpc_id = "${var.vpc_id}" + vpc_id = var.vpc_id health_check { port = 80 protocol = "HTTP" } - tags { - application = "${var.stack_item_fullname}" + tags = { + application = var.stack_item_fullname Name = "default-${var.stack_item_label}" managed_by = "terraform" } } resource "aws_alb_listener" "admin" { - load_balancer_arn = "${aws_alb.lb.arn}" + load_balancer_arn = aws_alb.lb.arn port = 80 protocol = "HTTP" default_action { - target_group_arn = "${aws_alb_target_group.default.arn}" + target_group_arn = aws_alb_target_group.default.arn type = "forward" } } resource "aws_alb_listener_rule" "consul_rule" { - count = "${var.service_discovery_enabled == "true" ? 1 : 0}" + count = var.service_discovery_enabled == "true" ? 1 : 0 - listener_arn = "${aws_alb_listener.admin.arn}" + listener_arn = aws_alb_listener.admin.arn priority = 100 action { type = "forward" - target_group_arn = "${module.cluster.consul_target_group_arn}" + target_group_arn = module.cluster.consul_target_group_arn } - condition { - field = "path-pattern" - values = ["/*"] + path_pattern { + values = ["/*"] + } } } diff --git a/examples/complete/variables.tf b/examples/complete/variables.tf index 1814c4c..329260b 100644 --- a/examples/complete/variables.tf +++ b/examples/complete/variables.tf @@ -2,65 +2,65 @@ ## Resource tags variable "cluster_label" { - type = "string" + type = string } variable "stack_item_fullname" { - type = "string" + type = string } variable "stack_item_label" { - type = "string" + type = string } ## Cluster parameters variable "ami_override" { - type = "string" + type = string } variable "enable_monitoring" { - type = "string" + type = string } variable "iam_path" { - type = "string" + type = string } variable "instance_based_naming_enabled" { - type = "string" + type = string } variable "instance_type" { - type = "string" + type = string } variable "max_size" { - type = "string" + type = string } variable "min_size" { - type = "string" + type = string } variable "region" { - type = "string" + type = string } variable "subnets" { - type = "list" + type = list(string) } variable "vpc_id" { - type = "string" + type = string } ## Service discovery parameters variable "service_discovery_enabled" { - type = "string" + type = string default = "false" } variable "service_registration_enabled" { - type = "string" + type = string default = "false" } diff --git a/examples/prereqs/main.tf b/examples/prereqs/main.tf index ad55d50..ef1168b 100644 --- a/examples/prereqs/main.tf +++ b/examples/prereqs/main.tf @@ -2,34 +2,34 @@ ## Configures AWS provider provider "aws" { - region = "${var.region}" + region = var.region } ## Configures base VPC module "vpc_base" { - source = "github.com/unifio/terraform-aws-vpc?ref=v0.4.0//base" + source = "github.com/unifio/terraform-aws-vpc?ref=upgrade-0.12//base" enable_dns = "true" - stack_item_fullname = "${var.stack_item_fullname}" - stack_item_label = "${var.stack_item_label}" + stack_item_fullname = var.stack_item_fullname + stack_item_label = var.stack_item_label vpc_cidr = "172.16.0.0/24" } ## Configures VPC availabilty zones module "vpc_az" { - source = "github.com/unifio/terraform-aws-vpc?ref=v0.4.0//az" + source = "github.com/unifio/terraform-aws-vpc?ref=upgrade-0.12//az" azs_provisioned = 2 lans_per_az = 0 - rt_dmz_id = "${module.vpc_base.rt_dmz_id}" - stack_item_fullname = "${var.stack_item_fullname}" - stack_item_label = "${var.stack_item_label}" - vpc_id = "${module.vpc_base.vpc_id}" + rt_dmz_id = module.vpc_base.rt_dmz_id + stack_item_fullname = var.stack_item_fullname + stack_item_label = var.stack_item_label + vpc_id = module.vpc_base.vpc_id } ## Configures routing resource "aws_route" "dmz-to-igw" { destination_cidr_block = "0.0.0.0/0" - gateway_id = "${module.vpc_base.igw_id}" - route_table_id = "${module.vpc_base.rt_dmz_id}" + gateway_id = module.vpc_base.igw_id + route_table_id = module.vpc_base.rt_dmz_id } diff --git a/examples/prereqs/outputs.tf b/examples/prereqs/outputs.tf index 1230042..c0bc86a 100644 --- a/examples/prereqs/outputs.tf +++ b/examples/prereqs/outputs.tf @@ -1,13 +1,13 @@ # Output variables output "dmz_rt_id" { - value = "${module.vpc_base.rt_dmz_id}" + value = module.vpc_base.rt_dmz_id } output "dmz_subnet_ids" { - value = "${module.vpc_az.dmz_ids}" + value = module.vpc_az.dmz_ids } output "vpc_id" { - value = "${module.vpc_base.vpc_id}" + value = module.vpc_base.vpc_id } diff --git a/examples/prereqs/variables.tf b/examples/prereqs/variables.tf index 3c36449..6a886ef 100644 --- a/examples/prereqs/variables.tf +++ b/examples/prereqs/variables.tf @@ -1,13 +1,13 @@ # Input variables variable "region" { - type = "string" + type = string } variable "stack_item_fullname" { - type = "string" + type = string } variable "stack_item_label" { - type = "string" + type = string }