Very preliminary tf scripting.

This commit is contained in:
James Wells 2021-05-30 08:14:36 -07:00
parent 0266d9ee8a
commit f1844c1a4e
Signed by: jwells
GPG key ID: 73196D10B8E65666
8 changed files with 275 additions and 0 deletions

86
.dockerignore Normal file
View file

@ -0,0 +1,86 @@
# ---> Go
# Compiled Object files, Static and Dynamic libs (Shared Objects)
*.o
*.a
*.so
# Folders
_obj
_test
bin/
tfenv/
vendor/
# Architecture specific extensions/prefixes
*.[568vq]
[568vq].out
*.cgo1.go
*.cgo2.c
_cgo_defun.c
_cgo_gotypes.go
_cgo_export.*
_testmain.go
*.exe
*.test
*.prof
# Ignore various IDE
.idea
*.iml
*.ipr
.vscode
debug
# Ignore various temporary files
*.swp
*.tmp
*.bak
*.log
*.pid
# Ignore various Drone CI support files
.drone.secrets
# Local .terraform directories
**/.terraform/*
# .tfstate files
*.tfstate
*.tfstate.*
# Ignore Terraform lock files as they are managed by terraform init
.terraform.lock*
# Crash log files
crash.log
# Exclude all .tfvars files, which are likely to contain sentitive data, such as
# password, private keys, and other secrets. These should not be part of version
# control as they are data points which are potentially sensitive and subject
# to change depending on the environment.
#
*.tfvars
# Ignore override files as they are usually used to override resources locally and so
# are not checked in
override.tf
override.tf.json
*_override.tf
*_override.tf.json
# Include override files you do wish to add to version control using negated pattern
#
# !example_override.tf
# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
# example: *tfplan*
*tfplan*
# Ignore CLI configuration files
.terraformrc
terraform.rc

37
.gitignore vendored
View file

@ -43,3 +43,40 @@ debug
# Ignore various Drone CI support files
.drone.secrets
# Local .terraform directories
**/.terraform/*
# .tfstate files
*.tfstate
*.tfstate.*
# Ignore Terraform lock files as they are managed by terraform init
.terraform.lock*
# Crash log files
crash.log
# Exclude all .tfvars files, which are likely to contain sentitive data, such as
# password, private keys, and other secrets. These should not be part of version
# control as they are data points which are potentially sensitive and subject
# to change depending on the environment.
#
*.tfvars
# Ignore override files as they are usually used to override resources locally and so
# are not checked in
override.tf
override.tf.json
*_override.tf
*_override.tf.json
# Include override files you do wish to add to version control using negated pattern
#
# !example_override.tf
# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
# example: *tfplan*
# Ignore CLI configuration files
.terraformrc
terraform.rc

9
tfenv/_provider.tf Normal file
View file

@ -0,0 +1,9 @@
provider "aws" {
alias = "us-west-2"
region = "us-west-2"
}
provider "aws" {
alias = "us-east-1"
region = "us-east-1"
}

84
tfenv/cluster/subnets.tf Normal file
View file

@ -0,0 +1,84 @@
# variable "vpc_id" {}
data "aws_vpc" "selected" {
id = var.vpc_id
}
variable "regional_cidr_blocks" {
description = "A simple map of subnets used by region"
type = map
default = {
"us-west-2a-private" = "10.172.64.0/23",
"us-west-2b-private" = "10.172.66.0/23",
"us-west-2a-public" = "10.172.68.0/26",
"us-west-2b-public" = "10.172.68.64/26",
"us-east-1a-private" = "10.172.0.0/23",
"us-east-1b-private" = "10.172.2.0/23",
"us-east-1a-public" = "10.172.4.0/26",
"us-east-1b-public" = "10.172.4.64/26"
}
}
resource "aws_subnet" "aza-private" {
depends_on = [data.aws_vpc.selected]
vpc_id = data.aws_vpc.id
availability_zone = format("%sa", var.region)
cidr_block = var.regional_cidr_blocks[
format("%sa-private", var.region)
]
tags = merge(
var.extra_tags,
{
Name = "aza-private"
tier = "private"
}
)
}
# resource "aws_subnet" "aza-public" {
# depends_on = [data.aws_vpc.selected]
# vpc_id = data.aws_vpc.selected.id
# availability_zone = format("%sa", var.region)
# cidr_block = var.regional_cidr_blocks[
# format("%sa-public", var.region)
# ]
# tags = merge(
# var.extra_tags,
# {
# Name = "aza-public"
# tier = "public"
# }
# )
# }
#
# resource "aws_subnet" "azb-private" {
# depends_on = [data.aws_vpc.selected]
# vpc_id = data.aws_vpc.selected.id
# availability_zone = format("%sb", var.region)
# cidr_block = var.regional_cidr_blocks[
# format("%sb-private", var.region)
# ]
# tags = merge(
# var.extra_tags,
# {
# Name = "azb-private"
# tier = "private"
# }
# )
# }
#
# resource "aws_subnet" "azb-public" {
# depends_on = [data.aws_vpc.selected]
# vpc_id = data.aws_vpc.selected.id
# availability_zone = format("%sb", var.region)
# cidr_block = var.regional_cidr_blocks[
# format("%sb-public", var.region)
# ]
# tags = merge(
# var.extra_tags,
# {
# Name = "azb-public"
# tier = "public"
# }
# )
# }

View file

@ -0,0 +1,9 @@
variable "extra_tags" {
description = "Tags required on all resources"
type = map
default = {
"org" = "dragonheim"
"service" = "gagent"
"maintained_by" = "jwells@dragonheim.net"
}
}

23
tfenv/cluster/vpc.tf Normal file
View file

@ -0,0 +1,23 @@
variable "region" {}
variable "provider_alias" {}
variable "regional_vpc_cidr" {
description = "A simple map of VPC subnets used by region"
type = map
default = {
"us-west-2" = "10.172.64.0/19",
"us-east-1" = "10.172.0.0/19",
}
}
resource "aws_vpc" "gagent" {
instance_tenancy = "default"
enable_dns_support = true
cidr_block = var.regional_vpc_cidr[var.region]
tags = merge(
var.extra_tags,
{
Name = "gagent"
}
)
}

18
tfenv/main.tf Normal file
View file

@ -0,0 +1,18 @@
# main.tf
module "us-east-1" {
source = "./cluster"
region = "us-east-1"
provider_alias = us-west-2
providers = {
aws = "aws.us-east-1"
}
}
module "us-west-2" {
source = "./cluster"
region = "us-west-2"
provider_alias = us-west-2
providers = {
aws = "aws.us-west-2"
}
}

9
tfenv/terraform.tf Normal file
View file

@ -0,0 +1,9 @@
terraform {
required_version = ">= 0.15.3"
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 3.42.0"
}
}
}