From a1ef6b759b012bb1bfcae783532507728730f448 Mon Sep 17 00:00:00 2001 From: Damien Date: Fri, 9 Sep 2022 09:08:37 +0100 Subject: [PATCH] infra: migrate the builder to x86 --- terraform/modules/shuttle/locals.tf | 2 +- terraform/modules/shuttle/service.tf | 24 ----- terraform/modules/shuttle/service_x86.tf | 98 +++++++++++++++++++ .../systemd/system/opt-shuttle.mount.tftpl | 5 +- 4 files changed, 101 insertions(+), 28 deletions(-) create mode 100644 terraform/modules/shuttle/service_x86.tf diff --git a/terraform/modules/shuttle/locals.tf b/terraform/modules/shuttle/locals.tf index 4d9a750d3..2240a88e5 100644 --- a/terraform/modules/shuttle/locals.tf +++ b/terraform/modules/shuttle/locals.tf @@ -3,6 +3,6 @@ data "aws_caller_identity" "current" {} locals { account_id = data.aws_caller_identity.current.account_id data_dir = "/opt/shuttle" - docker_backend_image = "public.ecr.aws/shuttle/backend" + docker_backend_image = "public.ecr.aws/shuttle/api" docker_provisioner_image = "public.ecr.aws/shuttle/provisioner" } diff --git a/terraform/modules/shuttle/service.tf b/terraform/modules/shuttle/service.tf index 67c02aec9..a8d88db67 100644 --- a/terraform/modules/shuttle/service.tf +++ b/terraform/modules/shuttle/service.tf @@ -57,30 +57,6 @@ EOF } } -resource "aws_lb_target_group_attachment" "api" { - target_group_arn = aws_lb_target_group.api.arn - target_id = aws_instance.backend.id - port = var.api_container_port -} - -resource "aws_lb_target_group_attachment" "user" { - target_group_arn = aws_lb_target_group.user.arn - target_id = aws_instance.backend.id - port = var.proxy_container_port -} - -resource "aws_lb_target_group_attachment" "postgres" { - target_group_arn = aws_lb_target_group.postgres.arn - target_id = aws_instance.backend.id - port = var.postgres_container_port -} - -resource "aws_lb_target_group_attachment" "mongodb" { - target_group_arn = aws_lb_target_group.mongodb.arn - target_id = aws_instance.backend.id - port = var.mongodb_container_port -} - data "aws_ami" "ubuntu" { most_recent = true diff --git a/terraform/modules/shuttle/service_x86.tf b/terraform/modules/shuttle/service_x86.tf new file mode 100644 index 000000000..77c51e019 --- /dev/null +++ b/terraform/modules/shuttle/service_x86.tf @@ -0,0 +1,98 @@ +resource "aws_network_interface" "backend_x86" { + subnet_id = aws_subnet.backend_b.id +} + +resource "aws_eip" "backend_x86" { + vpc = true + network_interface = aws_network_interface.backend_x86.id +} + +resource "aws_lb_target_group_attachment" "api" { + target_group_arn = aws_lb_target_group.api.arn + target_id = aws_instance.backend_x86.id + port = var.api_container_port +} + +resource "aws_lb_target_group_attachment" "user" { + target_group_arn = aws_lb_target_group.user.arn + target_id = aws_instance.backend_x86.id + port = var.proxy_container_port +} + +resource "aws_lb_target_group_attachment" "postgres" { + target_group_arn = aws_lb_target_group.postgres.arn + target_id = aws_instance.backend_x86.id + port = var.postgres_container_port +} + +resource "aws_lb_target_group_attachment" "mongodb" { + target_group_arn = aws_lb_target_group.mongodb.arn + target_id = aws_instance.backend_x86.id + port = var.mongodb_container_port +} + +data "aws_ami" "ubuntu_x86" { + most_recent = true + + filter { + name = "name" + values = ["ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-20220511"] + } + + filter { + name = "virtualization-type" + values = ["hvm"] + } + + owners = ["099720109477"] # Canonical +} + +resource "aws_ebs_volume" "backend_x86" { + availability_zone = "eu-west-2b" + type = "gp3" + size = 512 + + tags = { + Name = "backend_x86" + } +} + +resource "aws_volume_attachment" "ebs_att" { + device_name = "/dev/sdh" + volume_id = aws_ebs_volume.backend_x86.id + instance_id = aws_instance.backend_x86.id +} + +resource "aws_instance" "backend_x86" { + ami = data.aws_ami.ubuntu_x86.id + instance_type = "c6i.4xlarge" + + monitoring = true + + availability_zone = "eu-west-2b" + + iam_instance_profile = aws_iam_instance_profile.backend.id + + metadata_options { + http_endpoint = "enabled" + # Our api runs in a container and therefore has an extra hop limit + # https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-data-retrieval.html#imds-considerations + http_put_response_hop_limit = 2 + http_tokens = "required" + } + + network_interface { + network_interface_id = aws_network_interface.backend_x86.id + device_index = 0 + } + + root_block_device { + delete_on_termination = true + encrypted = false + volume_size = 64 + volume_type = "gp2" + } + + user_data = data.cloudinit_config.backend.rendered + user_data_replace_on_change = false +} diff --git a/terraform/modules/shuttle/systemd/system/opt-shuttle.mount.tftpl b/terraform/modules/shuttle/systemd/system/opt-shuttle.mount.tftpl index 135ccc97a..3a6fff2e9 100644 --- a/terraform/modules/shuttle/systemd/system/opt-shuttle.mount.tftpl +++ b/terraform/modules/shuttle/systemd/system/opt-shuttle.mount.tftpl @@ -2,10 +2,9 @@ Description=mounts the user data [Mount] -What=${dns_name}:/ +What=/dev/nvme1n1 Where=${data_dir} -Type=nfs -Options=nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport +Type=ext4 [Install] WantedBy=multi-user.target