From f1844c1a4e6db67b2eb38d1846b2dd92f3fd61df Mon Sep 17 00:00:00 2001 From: James Wells Date: Sun, 30 May 2021 08:14:36 -0700 Subject: [PATCH] Very preliminary tf scripting. --- .dockerignore | 86 ++++++++++++++++++++++++++++++++++++++ .gitignore | 37 ++++++++++++++++ tfenv/_provider.tf | 9 ++++ tfenv/cluster/subnets.tf | 84 +++++++++++++++++++++++++++++++++++++ tfenv/cluster/variables.tf | 9 ++++ tfenv/cluster/vpc.tf | 23 ++++++++++ tfenv/main.tf | 18 ++++++++ tfenv/terraform.tf | 9 ++++ 8 files changed, 275 insertions(+) create mode 100644 .dockerignore create mode 100644 tfenv/_provider.tf create mode 100644 tfenv/cluster/subnets.tf create mode 100644 tfenv/cluster/variables.tf create mode 100644 tfenv/cluster/vpc.tf create mode 100644 tfenv/main.tf create mode 100644 tfenv/terraform.tf diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..37f5fb2 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,86 @@ +# ---> Go +# Compiled Object files, Static and Dynamic libs (Shared Objects) +*.o +*.a +*.so + +# Folders +_obj +_test +bin/ +tfenv/ +vendor/ + +# Architecture specific extensions/prefixes +*.[568vq] +[568vq].out + +*.cgo1.go +*.cgo2.c +_cgo_defun.c +_cgo_gotypes.go +_cgo_export.* + +_testmain.go + +*.exe +*.test +*.prof + +# Ignore various IDE +.idea +*.iml +*.ipr +.vscode +debug + +# Ignore various temporary files +*.swp +*.tmp +*.bak +*.log +*.pid + +# Ignore various Drone CI support files +.drone.secrets + +# Local .terraform directories +**/.terraform/* + +# .tfstate files +*.tfstate +*.tfstate.* + +# Ignore Terraform lock files as they are managed by terraform init +.terraform.lock* + +# Crash log files +crash.log + +# Exclude all .tfvars files, which are likely to contain sentitive data, such as +# password, private keys, and other secrets. These should not be part of version +# control as they are data points which are potentially sensitive and subject +# to change depending on the environment. +# +*.tfvars + +# Ignore override files as they are usually used to override resources locally and so +# are not checked in +override.tf +override.tf.json +*_override.tf +*_override.tf.json + +# Include override files you do wish to add to version control using negated pattern +# +# !example_override.tf + +# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan +# example: *tfplan* +*tfplan* + +# Ignore CLI configuration files +.terraformrc +terraform.rc + + diff --git a/.gitignore b/.gitignore index 28732ad..e9b499c 100644 --- a/.gitignore +++ b/.gitignore @@ -43,3 +43,40 @@ debug # Ignore various Drone CI support files .drone.secrets +# Local .terraform directories +**/.terraform/* + +# .tfstate files +*.tfstate +*.tfstate.* + +# Ignore Terraform lock files as they are managed by terraform init +.terraform.lock* + +# Crash log files +crash.log + +# Exclude all .tfvars files, which are likely to contain sentitive data, such as +# password, private keys, and other secrets. These should not be part of version +# control as they are data points which are potentially sensitive and subject +# to change depending on the environment. +# +*.tfvars + +# Ignore override files as they are usually used to override resources locally and so +# are not checked in +override.tf +override.tf.json +*_override.tf +*_override.tf.json + +# Include override files you do wish to add to version control using negated pattern +# +# !example_override.tf + +# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan +# example: *tfplan* + +# Ignore CLI configuration files +.terraformrc +terraform.rc diff --git a/tfenv/_provider.tf b/tfenv/_provider.tf new file mode 100644 index 0000000..1991988 --- /dev/null +++ b/tfenv/_provider.tf @@ -0,0 +1,9 @@ +provider "aws" { + alias = "us-west-2" + region = "us-west-2" +} + +provider "aws" { + alias = "us-east-1" + region = "us-east-1" +} diff --git a/tfenv/cluster/subnets.tf b/tfenv/cluster/subnets.tf new file mode 100644 index 0000000..4bd677f --- /dev/null +++ b/tfenv/cluster/subnets.tf @@ -0,0 +1,84 @@ +# variable "vpc_id" {} + +data "aws_vpc" "selected" { + id = var.vpc_id +} + +variable "regional_cidr_blocks" { + description = "A simple map of subnets used by region" + type = map + default = { + "us-west-2a-private" = "10.172.64.0/23", + "us-west-2b-private" = "10.172.66.0/23", + "us-west-2a-public" = "10.172.68.0/26", + "us-west-2b-public" = "10.172.68.64/26", + "us-east-1a-private" = "10.172.0.0/23", + "us-east-1b-private" = "10.172.2.0/23", + "us-east-1a-public" = "10.172.4.0/26", + "us-east-1b-public" = "10.172.4.64/26" + } +} + +resource "aws_subnet" "aza-private" { + depends_on = [data.aws_vpc.selected] + vpc_id = data.aws_vpc.id + availability_zone = format("%sa", var.region) + cidr_block = var.regional_cidr_blocks[ + format("%sa-private", var.region) + ] + tags = merge( + var.extra_tags, + { + Name = "aza-private" + tier = "private" + } + ) +} + +# resource "aws_subnet" "aza-public" { +# depends_on = [data.aws_vpc.selected] +# vpc_id = data.aws_vpc.selected.id +# availability_zone = format("%sa", var.region) +# cidr_block = var.regional_cidr_blocks[ +# format("%sa-public", var.region) +# ] +# tags = merge( +# var.extra_tags, +# { +# Name = "aza-public" +# tier = "public" +# } +# ) +# } +# +# resource "aws_subnet" "azb-private" { +# depends_on = [data.aws_vpc.selected] +# vpc_id = data.aws_vpc.selected.id +# availability_zone = format("%sb", var.region) +# cidr_block = var.regional_cidr_blocks[ +# format("%sb-private", var.region) +# ] +# tags = merge( +# var.extra_tags, +# { +# Name = "azb-private" +# tier = "private" +# } +# ) +# } +# +# resource "aws_subnet" "azb-public" { +# depends_on = [data.aws_vpc.selected] +# vpc_id = data.aws_vpc.selected.id +# availability_zone = format("%sb", var.region) +# cidr_block = var.regional_cidr_blocks[ +# format("%sb-public", var.region) +# ] +# tags = merge( +# var.extra_tags, +# { +# Name = "azb-public" +# tier = "public" +# } +# ) +# } diff --git a/tfenv/cluster/variables.tf b/tfenv/cluster/variables.tf new file mode 100644 index 0000000..37f2ce0 --- /dev/null +++ b/tfenv/cluster/variables.tf @@ -0,0 +1,9 @@ +variable "extra_tags" { + description = "Tags required on all resources" + type = map + default = { + "org" = "dragonheim" + "service" = "gagent" + "maintained_by" = "jwells@dragonheim.net" + } +} diff --git a/tfenv/cluster/vpc.tf b/tfenv/cluster/vpc.tf new file mode 100644 index 0000000..4f6bddc --- /dev/null +++ b/tfenv/cluster/vpc.tf @@ -0,0 +1,23 @@ +variable "region" {} +variable "provider_alias" {} + +variable "regional_vpc_cidr" { + description = "A simple map of VPC subnets used by region" + type = map + default = { + "us-west-2" = "10.172.64.0/19", + "us-east-1" = "10.172.0.0/19", + } +} + +resource "aws_vpc" "gagent" { + instance_tenancy = "default" + enable_dns_support = true + cidr_block = var.regional_vpc_cidr[var.region] + tags = merge( + var.extra_tags, + { + Name = "gagent" + } + ) +} diff --git a/tfenv/main.tf b/tfenv/main.tf new file mode 100644 index 0000000..59d23c3 --- /dev/null +++ b/tfenv/main.tf @@ -0,0 +1,18 @@ +# main.tf +module "us-east-1" { + source = "./cluster" + region = "us-east-1" + provider_alias = us-west-2 + providers = { + aws = "aws.us-east-1" + } +} + +module "us-west-2" { + source = "./cluster" + region = "us-west-2" + provider_alias = us-west-2 + providers = { + aws = "aws.us-west-2" + } +} diff --git a/tfenv/terraform.tf b/tfenv/terraform.tf new file mode 100644 index 0000000..997430a --- /dev/null +++ b/tfenv/terraform.tf @@ -0,0 +1,9 @@ +terraform { + required_version = ">= 0.15.3" + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 3.42.0" + } + } +}