Very preliminary tf scripting.

2025-04-12 00:22:40 -07:00 · 2021-05-30 08:14:36 -07:00 · 2021-05-30 08:14:36 -07:00 · f1844c1a4e
commit f1844c1a4e
parent 0266d9ee8a
8 changed files with 275 additions and 0 deletions
--- a/.dockerignore
+++ b/.dockerignore
@ -0,0 +1,86 @@
 # ---> Go
 # Compiled Object files, Static and Dynamic libs (Shared Objects)
 *.o
 *.a
 *.so
 # Folders
 _obj
 _test
 bin/
 tfenv/
 vendor/
 # Architecture specific extensions/prefixes
 *.[568vq]
 [568vq].out
 *.cgo1.go
 *.cgo2.c
 _cgo_defun.c
 _cgo_gotypes.go
 _cgo_export.*
 _testmain.go
 *.exe
 *.test
 *.prof
 # Ignore various IDE
 .idea
 *.iml
 *.ipr
 .vscode
 debug
 # Ignore various temporary files
 *.swp
 *.tmp
 *.bak
 *.log
 *.pid
 # Ignore various Drone CI support files
 .drone.secrets
 # Local .terraform directories
 **/.terraform/*
 # .tfstate files
 *.tfstate
 *.tfstate.*
 # Ignore  Terraform lock files as they are managed by terraform init
 .terraform.lock*
 # Crash log files
 crash.log
 # Exclude all .tfvars files, which are likely to contain sentitive data, such as
 # password, private keys, and other secrets. These should not be part of version 
 # control as they are data points which are potentially sensitive and subject 
 # to change depending on the environment.
 #
 *.tfvars
 # Ignore override files as they are usually used to override resources locally and so
 # are not checked in
 override.tf
 override.tf.json
 *_override.tf
 *_override.tf.json
 # Include override files you do wish to add to version control using negated pattern
 #
 # !example_override.tf
 # Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
 # example: *tfplan*
 *tfplan*
 # Ignore CLI configuration files
 .terraformrc
 terraform.rc
--- a/.gitignore
+++ b/.gitignore
@ -43,3 +43,40 @@ debug
 # Ignore various Drone CI support files
 .drone.secrets
 # Local .terraform directories
 **/.terraform/*
 # .tfstate files
 *.tfstate
 *.tfstate.*
 # Ignore  Terraform lock files as they are managed by terraform init
 .terraform.lock*
 # Crash log files
 crash.log
 # Exclude all .tfvars files, which are likely to contain sentitive data, such as
 # password, private keys, and other secrets. These should not be part of version 
 # control as they are data points which are potentially sensitive and subject 
 # to change depending on the environment.
 #
 *.tfvars
 # Ignore override files as they are usually used to override resources locally and so
 # are not checked in
 override.tf
 override.tf.json
 *_override.tf
 *_override.tf.json
 # Include override files you do wish to add to version control using negated pattern
 #
 # !example_override.tf
 # Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
 # example: *tfplan*
 # Ignore CLI configuration files
 .terraformrc
 terraform.rc
--- a/tfenv/_provider.tf
+++ b/tfenv/_provider.tf
@ -0,0 +1,9 @@
 provider "aws" {
  alias      = "us-west-2"
  region     = "us-west-2"
 }
 provider "aws" {
  alias      = "us-east-1"
  region     = "us-east-1"
 }
--- a/tfenv/cluster/subnets.tf
+++ b/tfenv/cluster/subnets.tf
@ -0,0 +1,84 @@
 # variable "vpc_id" {}
 data "aws_vpc" "selected" {
  id                 = var.vpc_id
 }
 variable "regional_cidr_blocks" {
  description = "A simple map of subnets used by region"
  type        = map
  default     = {
    "us-west-2a-private" = "10.172.64.0/23",
    "us-west-2b-private" = "10.172.66.0/23",
    "us-west-2a-public"  = "10.172.68.0/26",
    "us-west-2b-public"  = "10.172.68.64/26",
    "us-east-1a-private" = "10.172.0.0/23",
    "us-east-1b-private" = "10.172.2.0/23",
    "us-east-1a-public"  = "10.172.4.0/26",
    "us-east-1b-public"  = "10.172.4.64/26"
  }
 }
 resource "aws_subnet" "aza-private" {
  depends_on         = [data.aws_vpc.selected]
  vpc_id             = data.aws_vpc.id
  availability_zone  = format("%sa", var.region)
  cidr_block         = var.regional_cidr_blocks[
    format("%sa-private", var.region)
  ]
  tags               = merge(
    var.extra_tags,
    {
      Name = "aza-private"
      tier = "private"
    }
  )
 }
 # resource "aws_subnet" "aza-public" {
 #   depends_on         = [data.aws_vpc.selected]
 #   vpc_id             = data.aws_vpc.selected.id
 #   availability_zone  = format("%sa", var.region)
 #   cidr_block         = var.regional_cidr_blocks[
 #     format("%sa-public", var.region)
 #   ]
 #   tags               = merge(
 #     var.extra_tags,
 #     {
 #       Name = "aza-public"
 #       tier = "public"
 #     }
 #   )
 # }
 # 
 # resource "aws_subnet" "azb-private" {
 #   depends_on         = [data.aws_vpc.selected]
 #   vpc_id             = data.aws_vpc.selected.id
 #   availability_zone  = format("%sb", var.region)
 #   cidr_block         = var.regional_cidr_blocks[
 #     format("%sb-private", var.region)
 #   ]
 #   tags               = merge(
 #     var.extra_tags,
 #     {
 #       Name = "azb-private"
 #       tier = "private"
 #     }
 #   )
 # }
 # 
 # resource "aws_subnet" "azb-public" {
 #   depends_on         = [data.aws_vpc.selected]
 #   vpc_id             = data.aws_vpc.selected.id
 #   availability_zone  = format("%sb", var.region)
 #   cidr_block         = var.regional_cidr_blocks[
 #     format("%sb-public", var.region)
 #   ]
 #   tags               = merge(
 #     var.extra_tags,
 #     {
 #       Name = "azb-public"
 #       tier = "public"
 #     }
 #   )
 # }
--- a/tfenv/cluster/variables.tf
+++ b/tfenv/cluster/variables.tf
@ -0,0 +1,9 @@
 variable "extra_tags" {
  description        = "Tags required on all resources"
  type               = map
  default            = {
    "org"            = "dragonheim"
    "service"        = "gagent"
    "maintained_by"  = "jwells@dragonheim.net"
  }
 }
--- a/tfenv/cluster/vpc.tf
+++ b/tfenv/cluster/vpc.tf
@ -0,0 +1,23 @@
 variable "region" {}
 variable "provider_alias" {}
 variable "regional_vpc_cidr" {
  description = "A simple map of VPC subnets used by region"
  type        = map
  default     = {
    "us-west-2" = "10.172.64.0/19",
    "us-east-1" = "10.172.0.0/19",
  }
 }
 resource "aws_vpc" "gagent" {
  instance_tenancy   = "default"
  enable_dns_support = true
  cidr_block         = var.regional_vpc_cidr[var.region]
  tags = merge(
    var.extra_tags,
    {
      Name = "gagent"
    }
  )
 }
--- a/tfenv/main.tf
+++ b/tfenv/main.tf
@ -0,0 +1,18 @@
 # main.tf
 module "us-east-1" {
  source    = "./cluster"
  region    = "us-east-1"
  provider_alias = us-west-2
  providers = {
    aws = "aws.us-east-1"
  }
 }
 module "us-west-2" {
  source    = "./cluster"
  region    = "us-west-2"
  provider_alias = us-west-2
  providers = {
    aws = "aws.us-west-2"
  }
 }
--- a/tfenv/terraform.tf
+++ b/tfenv/terraform.tf
@ -0,0 +1,9 @@
 terraform {
  required_version = ">= 0.15.3"
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 3.42.0"
    }
  }
 }