Skip to content

Commit

Permalink
AWS deploy: don't use default VPC
Browse files Browse the repository at this point in the history
  • Loading branch information
panchoh committed Mar 13, 2019
1 parent a701e12 commit 33bc6d5
Show file tree
Hide file tree
Showing 3 changed files with 64 additions and 15 deletions.
14 changes: 7 additions & 7 deletions deploy/aws/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ module "qed" {
iam_instance_profile = "${aws_iam_instance_profile.qed-profile.name}"
volume_size = "20"
vpc_security_group_ids = "${module.security_group.this_security_group_id}"
subnet_id = "${element(data.aws_subnet_ids.all.ids, 0)}"
subnet_id = "${aws_subnet.qed.id}"
key_name = "${aws_key_pair.qed.key_name}"
key_path = "${var.keypath}"
}
Expand All @@ -60,7 +60,7 @@ module "inmemory-storage" {
iam_instance_profile = "${aws_iam_instance_profile.qed-profile.name}"
volume_size = "20"
vpc_security_group_ids = "${module.security_group.this_security_group_id}"
subnet_id = "${element(data.aws_subnet_ids.all.ids, 0)}"
subnet_id = "${aws_subnet.qed.id}"
key_name = "${aws_key_pair.qed.key_name}"
key_path = "${var.keypath}"
}
Expand All @@ -75,7 +75,7 @@ module "agent-publisher" {
iam_instance_profile = "${aws_iam_instance_profile.qed-profile.name}"
volume_size = "20"
vpc_security_group_ids = "${module.security_group.this_security_group_id}"
subnet_id = "${element(data.aws_subnet_ids.all.ids, 0)}"
subnet_id = "${aws_subnet.qed.id}"
key_name = "${aws_key_pair.qed.key_name}"
key_path = "${var.keypath}"
}
Expand All @@ -90,7 +90,7 @@ module "agent-monitor" {
iam_instance_profile = "${aws_iam_instance_profile.qed-profile.name}"
volume_size = "20"
vpc_security_group_ids = "${module.security_group.this_security_group_id}"
subnet_id = "${element(data.aws_subnet_ids.all.ids, 0)}"
subnet_id = "${aws_subnet.qed.id}"
key_name = "${aws_key_pair.qed.key_name}"
key_path = "${var.keypath}"
}
Expand All @@ -105,7 +105,7 @@ module "agent-auditor" {
iam_instance_profile = "${aws_iam_instance_profile.qed-profile.name}"
volume_size = "20"
vpc_security_group_ids = "${module.security_group.this_security_group_id}"
subnet_id = "${element(data.aws_subnet_ids.all.ids, 0)}"
subnet_id = "${aws_subnet.qed.id}"
key_name = "${aws_key_pair.qed.key_name}"
key_path = "${var.keypath}"
}
Expand All @@ -117,7 +117,7 @@ module "prometheus" {
iam_instance_profile = "${aws_iam_instance_profile.qed-profile.name}"
volume_size = "20"
vpc_security_group_ids = "${module.prometheus_security_group.this_security_group_id}"
subnet_id = "${element(data.aws_subnet_ids.all.ids, 0)}"
subnet_id = "${aws_subnet.qed.id}"
key_name = "${aws_key_pair.qed.key_name}"
key_path = "${var.keypath}"
}
Expand All @@ -129,7 +129,7 @@ module "riot" {
iam_instance_profile = "${aws_iam_instance_profile.qed-profile.name}"
volume_size = "20"
vpc_security_group_ids = "${module.security_group.this_security_group_id}"
subnet_id = "${element(data.aws_subnet_ids.all.ids, 0)}"
subnet_id = "${aws_subnet.qed.id}"
key_name = "${aws_key_pair.qed.key_name}"
key_path = "${var.keypath}"
endpoint = "${module.qed.private_ip[0]}"
Expand Down
55 changes: 47 additions & 8 deletions deploy/aws/network.tf
Original file line number Diff line number Diff line change
Expand Up @@ -18,26 +18,65 @@ data "http" "ip" {
url = "http://icanhazip.com"
}

data "aws_vpc" "default" {
default = true
resource "aws_vpc" "qed" {
enable_dns_hostnames = true
cidr_block = "${var.vpc_cidr}"

tags = {
Name = "QED"
}
}

resource "aws_subnet" "qed" {
vpc_id = "${aws_vpc.qed.id}"
cidr_block = "${var.public_subnet_cidr}"
map_public_ip_on_launch = true

tags = {
Name = "QED"
}
}

resource "aws_internet_gateway" "qed" {
vpc_id = "${aws_vpc.qed.id}"

tags = {
Name = "QED"
}
}

resource "aws_route" "qed" {
route_table_id = "${aws_vpc.qed.default_route_table_id}"
destination_cidr_block = "0.0.0.0/0"
gateway_id = "${aws_internet_gateway.qed.id}"
}

resource "aws_vpc_dhcp_options" "qed" {
domain_name = "service.qed"
domain_name_servers = ["AmazonProvidedDNS"]

tags = {
Name = "QED"
}
}

resource "aws_vpc_dhcp_options_association" "qed" {
vpc_id = "${aws_vpc.qed.id}"
dhcp_options_id = "${aws_vpc_dhcp_options.qed.id}"
}

resource "aws_key_pair" "qed" {
key_name = "qed"
public_key = "${file("${var.keypath}.pub")}"
}

data "aws_subnet_ids" "all" {
vpc_id = "${data.aws_vpc.default.id}"
}

module "security_group" {
source = "terraform-aws-modules/security-group/aws"
version = "2.11.0"

name = "qed"
description = "Security group for QED usage"
vpc_id = "${data.aws_vpc.default.id}"
vpc_id = "${aws_vpc.qed.id}"

egress_rules = ["all-all"]

Expand Down Expand Up @@ -101,7 +140,7 @@ module "prometheus_security_group" {

name = "prometheus"
description = "Security group for Prometheus/Grafana usage"
vpc_id = "${data.aws_vpc.default.id}"
vpc_id = "${aws_vpc.qed.id}"

egress_rules = ["all-all"]

Expand Down
10 changes: 10 additions & 0 deletions deploy/aws/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -5,3 +5,13 @@ variable "aws_profile" {
variable "keypath" {
default = "~/.ssh/id_rsa_free"
}

variable "vpc_cidr" {
description = "CIDR of the VPC as a whole"
default = "172.31.0.0/16"
}

variable "public_subnet_cidr" {
description = "CIDR of the public subnet"
default = "172.31.1.0/24"
}

0 comments on commit 33bc6d5

Please sign in to comment.