-
Notifications
You must be signed in to change notification settings - Fork 11
/
Copy pathmain.tf
198 lines (173 loc) · 7.81 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
locals {
consul_cluster_tag_key = "consul-servers"
consul_cluster_tag_value = "${var.stack_name}-consul${var.unique_postfix}"
}
module "ui-access" {
source = "./modules/ui-access"
## required parameters
vpc_id = var.vpc_id
subnet_ids = var.alb_subnet_ids
consul_server_asg_name = module.consul.asg_name_consul_servers
nomad_server_asg_name = module.nomad.asg_name_nomad_servers
fabio_server_asg_name = module.dc-public-services.asg_name
ui_alb_https_listener_cert_arn = var.ui_alb_https_listener_cert_arn
ui_alb_use_https_listener = var.ui_alb_use_https_listener
## optional parameters
aws_region = var.aws_region
env_name = var.env_name
stack_name = var.stack_name
unique_postfix = var.unique_postfix
allowed_cidr_blocks_for_ui_alb = var.allowed_cidr_blocks_for_ui_alb
}
module "consul" {
source = "./modules/consul"
## required parameters
ami_id = var.consul_ami_id
vpc_id = var.vpc_id
subnet_ids = var.consul_server_subnet_ids
## optional parameters
env_name = var.env_name
aws_region = var.aws_region
stack_name = var.stack_name
cluster_tag_key = local.consul_cluster_tag_key
cluster_tag_value = local.consul_cluster_tag_value
num_servers = var.consul_num_servers
instance_type = var.consul_instance_type
}
#### DC: PUBLIC-SERVICES ###################################################
module "dc-public-services" {
source = "./modules/nomad-datacenter"
## required parameters
vpc_id = var.vpc_id
subnet_ids = var.nomad_clients_public_services_subnet_ids
ami_id = var.nomad_ami_id_clients
consul_cluster_tag_key = local.consul_cluster_tag_key
consul_cluster_tag_value = local.consul_cluster_tag_value
server_sg_id = module.nomad.security_group_id_nomad_servers
## optional parameters
env_name = var.env_name
stack_name = var.stack_name
aws_region = var.aws_region
instance_type = lookup(
var.nomad_public_services_dc_node_cfg,
"instance_type",
"INVALID",
)
datacenter_name = "public-services"
unique_postfix = var.unique_postfix
alb_ingress_https_listener_arn = var.alb_ingress_https_listener_arn
attach_ingress_alb_listener = true
node_scaling_cfg = var.nomad_public_services_dc_node_cfg
ebs_block_devices = var.ebs_block_devices_public_services_dc
device_to_mount_target_map = var.device_to_mount_target_map_public_services_dc
additional_instance_tags = var.additional_instance_tags_public_services_dc
}
#### DC: PRIVATE-SERVICES ###################################################
module "dc-private-services" {
source = "./modules/nomad-datacenter"
## required parameters
vpc_id = var.vpc_id
subnet_ids = var.nomad_clients_private_services_subnet_ids
ami_id = var.nomad_ami_id_clients
consul_cluster_tag_key = local.consul_cluster_tag_key
consul_cluster_tag_value = local.consul_cluster_tag_value
server_sg_id = module.nomad.security_group_id_nomad_servers
## optional parameters
env_name = var.env_name
stack_name = var.stack_name
aws_region = var.aws_region
instance_type = lookup(
var.nomad_private_services_dc_node_cfg,
"instance_type",
"INVALID",
)
datacenter_name = "private-services"
unique_postfix = var.unique_postfix
node_scaling_cfg = var.nomad_private_services_dc_node_cfg
efs_dns_name = var.efs_dns_name
map_bucket_name = var.map_bucket_name
ebs_block_devices = var.ebs_block_devices_private_services_dc
device_to_mount_target_map = var.device_to_mount_target_map_private_services_dc
additional_instance_tags = var.additional_instance_tags_private_services_dc
}
#### DC: BACKOFFICE ###################################################
module "dc-backoffice" {
source = "./modules/nomad-datacenter"
## required parameters
vpc_id = var.vpc_id
subnet_ids = var.nomad_clients_backoffice_subnet_ids
ami_id = var.nomad_ami_id_clients
consul_cluster_tag_key = local.consul_cluster_tag_key
consul_cluster_tag_value = local.consul_cluster_tag_value
server_sg_id = module.nomad.security_group_id_nomad_servers
## optional parameters
env_name = var.env_name
stack_name = var.stack_name
aws_region = var.aws_region
instance_type = lookup(var.nomad_backoffice_dc_node_cfg, "instance_type", "INVALID")
datacenter_name = "backoffice"
unique_postfix = var.unique_postfix
alb_ingress_https_listener_arn = var.alb_backoffice_http_listener_arn
attach_ingress_alb_listener = var.attach_backoffice_alb_listener
node_scaling_cfg = var.nomad_backoffice_dc_node_cfg
ebs_block_devices = var.ebs_block_devices_backoffice_dc
device_to_mount_target_map = var.device_to_mount_target_map_backoffice_dc
additional_instance_tags = var.additional_instance_tags_backoffice_dc
}
#### DC: CONTENT-CONNECTOR ###################################################
module "dc-content-connector" {
source = "./modules/nomad-datacenter"
## required parameters
vpc_id = var.vpc_id
subnet_ids = var.nomad_clients_content_connector_subnet_ids
ami_id = var.nomad_ami_id_clients
consul_cluster_tag_key = local.consul_cluster_tag_key
consul_cluster_tag_value = local.consul_cluster_tag_value
server_sg_id = module.nomad.security_group_id_nomad_servers
## optional parameters
env_name = var.env_name
stack_name = var.stack_name
aws_region = var.aws_region
instance_type = lookup(
var.nomad_content_connector_dc_node_cfg,
"instance_type",
"INVALID",
)
datacenter_name = "content-connector"
unique_postfix = var.unique_postfix
node_scaling_cfg = var.nomad_content_connector_dc_node_cfg
ebs_block_devices = var.ebs_block_devices_content_connector_dc
device_to_mount_target_map = var.device_to_mount_target_map_content_connector_dc
additional_instance_tags = var.additional_instance_tags_content_connector_dc
}
module "nomad" {
source = "./modules/nomad"
## required parameters
vpc_id = var.vpc_id
subnet_ids = var.nomad_server_subnet_ids
ami_id = var.nomad_ami_id_servers
consul_cluster_tag_key = local.consul_cluster_tag_key
consul_cluster_tag_value = local.consul_cluster_tag_value
## optional parameters
env_name = var.env_name
stack_name = var.stack_name
aws_region = var.aws_region
instance_type = var.instance_type_server
node_scaling_cfg = var.nomad_server_scaling_cfg
unique_postfix = var.unique_postfix
}
module "sgrules" {
source = "./modules/sgrules"
sg_id_public_services_dc = module.dc-public-services.sg_datacenter_id
sg_id_private_services_dc = module.dc-private-services.sg_datacenter_id
sg_id_content_connector_dc = module.dc-content-connector.sg_datacenter_id
sg_id_backoffice_dc = module.dc-backoffice.sg_datacenter_id
sg_id_consul = module.consul.security_group_id_consul_servers
sg_id_nomad_server = module.nomad.security_group_id_nomad_servers
sg_id_ui_alb_nomad = module.ui-access.nomad_ui_alb_sg_id
sg_id_ui_alb_consul = module.ui-access.consul_ui_alb_sg_id
}
module "ecr" {
source = "./modules/ecr"
ecr_repositories = var.ecr_repositories
}