From 4cd6da0d584a542a385bffd09f00b7bf396e64f9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20Lu=CC=88ckel?= Date: Tue, 27 Mar 2018 12:26:59 +0200 Subject: [PATCH 1/9] Split loadbalancer and application cluster into seperate folders to be more flexible in usage and to be able to add more listener_rules to one loadbalancer --- .../auto_scaling_group.tf | 2 +- iam.tf => application_cluster/iam.tf | 0 application_cluster/variables.tf | 53 +++++++++++++++++++ .../loadbalancer.tf | 19 +++---- output.tf => loadbalancer/output.tf | 0 variables.tf => loadbalancer/variables.tf | 43 --------------- 6 files changed, 61 insertions(+), 56 deletions(-) rename auto_scaling_group.tf => application_cluster/auto_scaling_group.tf (99%) rename iam.tf => application_cluster/iam.tf (100%) create mode 100644 application_cluster/variables.tf rename loadbalancer.tf => loadbalancer/loadbalancer.tf (84%) rename output.tf => loadbalancer/output.tf (100%) rename variables.tf => loadbalancer/variables.tf (59%) diff --git a/auto_scaling_group.tf b/application_cluster/auto_scaling_group.tf similarity index 99% rename from auto_scaling_group.tf rename to application_cluster/auto_scaling_group.tf index a780383..c4ddf92 100644 --- a/auto_scaling_group.tf +++ b/application_cluster/auto_scaling_group.tf @@ -22,4 +22,4 @@ resource "aws_autoscaling_group" "application_cluster_appserver_auto_scaling_gro value = "ASG - ${var.application_cluster_application_name} - ${var.application_cluster_environment}" propagate_at_launch = "${var.application_cluster_propagate_at_launch}" } -} \ No newline at end of file +} diff --git a/iam.tf b/application_cluster/iam.tf similarity index 100% rename from iam.tf rename to application_cluster/iam.tf diff --git a/application_cluster/variables.tf b/application_cluster/variables.tf new file mode 100644 index 0000000..48d7ac8 --- /dev/null +++ b/application_cluster/variables.tf @@ -0,0 +1,53 @@ +variable "application_cluster_ami_id" { + description = "the AMI with which the app-servers should be created" +} + +variable "application_cluster_instance_type" { + description = "the size of the instances, e.g. t2.micro" +} + +variable "application_cluster_launch_configuration_security_groups" { + description = "Security-Groups to append to the instances" + type = "list" +} + +variable "application_cluster_launch_configuration_detailed_monitoring" { + description = "Enable/disable detailed monitoring" + default = false +} + +variable "application_cluster_user_data" { + description = "Custom start-up script in base64-style" + default = "" +} + +variable "application_cluster_instance_role_id" { + description = "the instance-role to attach to the appservers" + default = "" +} + +variable "application_cluster_application_name" { + description = "the name of the application beeing build" +} + +variable "application_cluster_environment" { + description = "the environement of the cluster, e.g. stage or live" +} + +variable "application_cluster_max_size" { + default = 1 + description = "defines the max-value of the autoscaling group" +} + +variable "application_cluster_min_size" { + default = 1 + description = "defineds the min-value for the autoscaling group" +} + +variable "application_cluster_subnet_ids" { + type = "list" +} + +variable "application_cluster_propagate_at_launch" { + default = true +} diff --git a/loadbalancer.tf b/loadbalancer/loadbalancer.tf similarity index 84% rename from loadbalancer.tf rename to loadbalancer/loadbalancer.tf index 22f7c4d..5b4559f 100644 --- a/loadbalancer.tf +++ b/loadbalancer/loadbalancer.tf @@ -17,18 +17,6 @@ resource "aws_lb" "application_cluster_loadbalancer" { } } -resource "aws_lb_target_group" "application_cluster_target_group" { - name = "${var.application_cluster_application_name}-${var.application_cluster_environment}-target-group" - port = "${var.application_cluster_instance_port_http}" - protocol = "HTTP" - vpc_id = "${var.application_cluster_vpc_id}" -} - -resource "aws_autoscaling_attachment" "application_cluster_autoscaling_attachment" { - autoscaling_group_name = "${aws_autoscaling_group.application_cluster_appserver_auto_scaling_group.id}" - alb_target_group_arn = "${aws_lb_target_group.application_cluster_target_group.arn}" -} - resource "aws_lb_listener" "application_cluster_listener" { load_balancer_arn = "${aws_lb.application_cluster_loadbalancer.arn}" port = "80" @@ -52,3 +40,10 @@ resource "aws_lb_listener" "application_cluster_listener_ssl" { type = "forward" } } + +resource "aws_lb_target_group" "application_cluster_target_group" { + name = "${var.application_cluster_application_name}-${var.application_cluster_environment}-default-target-group" + port = "${var.application_cluster_instance_port_http}" + protocol = "HTTP" + vpc_id = "${var.application_cluster_vpc_id}" +} diff --git a/output.tf b/loadbalancer/output.tf similarity index 100% rename from output.tf rename to loadbalancer/output.tf diff --git a/variables.tf b/loadbalancer/variables.tf similarity index 59% rename from variables.tf rename to loadbalancer/variables.tf index 9b65267..0685c11 100644 --- a/variables.tf +++ b/loadbalancer/variables.tf @@ -1,4 +1,3 @@ -#Loadbalancer variable "application_cluster_lb_security_groups" { description = "security-groups which should be assigned to the lb" type = "list" @@ -29,11 +28,6 @@ variable "application_cluster_ssl_cert_arn" { default = "" } -# Appserver - Cluster -variable "application_cluster_ami_id" { - description = "the AMI with which the app-servers should be created" -} - variable "application_cluster_application_name" { description = "the name of the application beeing build" } @@ -47,33 +41,6 @@ variable "application_cluster_instance_port_http" { description = "the port for http on the instances" } -variable "application_cluster_instance_role_id" { - description = "the instance-role to attach to the appservers" - default = "" -} - -variable "application_cluster_instance_type" { - description = "the size of the instances, e.g. t2.micro" -} - -variable "application_cluster_max_size" { - default = 1 - description = "defines the max-value of the autoscaling group" -} -variable "application_cluster_min_size" { - default = 1 - description = "defineds the min-value for the autoscaling group" -} - -variable "application_cluster_propagate_at_launch" { - default = true -} - -variable "application_cluster_launch_configuration_security_groups" { - description = "Security-Groups to append to the instances" - type = "list" -} - variable "application_cluster_subnet_ids" { type = "list" } @@ -83,17 +50,7 @@ variable "application_cluster_vpc_id" { type = "string" } -variable "application_cluster_user_data" { - description = "Custom start-up script in base64-style" - default = "" -} - variable "application_cluster_ssl_policy" { description = "Policy for SSL" default = "ELBSecurityPolicy-TLS-1-2-2017-01" } - -variable "application_cluster_launch_configuration_detailed_monitoring" { - description = "Enable/disable detailed monitoring" - default = false -} From a19c92febebcf1317add2edaba33cf279e7d8f7f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20Lu=CC=88ckel?= Date: Tue, 27 Mar 2018 16:49:41 +0200 Subject: [PATCH 2/9] Prefix 'target-group' with DEFAULT for an better overview in backend --- loadbalancer/loadbalancer.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/loadbalancer/loadbalancer.tf b/loadbalancer/loadbalancer.tf index 5b4559f..c2ffcb2 100644 --- a/loadbalancer/loadbalancer.tf +++ b/loadbalancer/loadbalancer.tf @@ -42,7 +42,7 @@ resource "aws_lb_listener" "application_cluster_listener_ssl" { } resource "aws_lb_target_group" "application_cluster_target_group" { - name = "${var.application_cluster_application_name}-${var.application_cluster_environment}-default-target-group" + name = "DEFAULT-${var.application_cluster_application_name}-${var.application_cluster_environment}-target-group" port = "${var.application_cluster_instance_port_http}" protocol = "HTTP" vpc_id = "${var.application_cluster_vpc_id}" From 8353e524de25dcff3c6ff3f4ff234ceecb6dd6c1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20Lu=CC=88ckel?= Date: Tue, 27 Mar 2018 16:58:59 +0200 Subject: [PATCH 3/9] Restructured naming of loadbalancer + add some more outputs --- loadbalancer/loadbalancer.tf | 16 ++++++------- loadbalancer/output.tf | 44 +++++++++++++++++++++++++++++++----- 2 files changed, 46 insertions(+), 14 deletions(-) diff --git a/loadbalancer/loadbalancer.tf b/loadbalancer/loadbalancer.tf index c2ffcb2..6b7cf55 100644 --- a/loadbalancer/loadbalancer.tf +++ b/loadbalancer/loadbalancer.tf @@ -1,4 +1,4 @@ -resource "aws_lb" "application_cluster_loadbalancer" { +resource "aws_lb" "loadbalancer" { access_logs { bucket = "${var.application_cluster_lb_access_log_bucket}" prefix = "${var.application_cluster_lb_access_log_folder}/${var.application_cluster_environment}" @@ -17,31 +17,31 @@ resource "aws_lb" "application_cluster_loadbalancer" { } } -resource "aws_lb_listener" "application_cluster_listener" { - load_balancer_arn = "${aws_lb.application_cluster_loadbalancer.arn}" +resource "aws_lb_listener" "loadbalancer_listener" { + load_balancer_arn = "${aws_lb.loadbalancer.arn}" port = "80" protocol = "HTTP" default_action { - target_group_arn = "${aws_lb_target_group.application_cluster_target_group.arn}" + target_group_arn = "${aws_lb_target_group.loadbalancer_default_target_group.arn}" type = "forward" } } -resource "aws_lb_listener" "application_cluster_listener_ssl" { - load_balancer_arn = "${aws_lb.application_cluster_loadbalancer.arn}" +resource "aws_lb_listener" "loadbalancer_listener_ssl" { + load_balancer_arn = "${aws_lb.loadbalancer.arn}" port = "443" protocol = "HTTPS" ssl_policy = "${var.application_cluster_ssl_policy}" certificate_arn = "${var.application_cluster_ssl_cert_arn}" default_action { - target_group_arn = "${aws_lb_target_group.application_cluster_target_group.arn}" + target_group_arn = "${aws_lb_target_group.loadbalancer_default_target_group.arn}" type = "forward" } } -resource "aws_lb_target_group" "application_cluster_target_group" { +resource "aws_lb_target_group" "loadbalancer_default_target_group" { name = "DEFAULT-${var.application_cluster_application_name}-${var.application_cluster_environment}-target-group" port = "${var.application_cluster_instance_port_http}" protocol = "HTTP" diff --git a/loadbalancer/output.tf b/loadbalancer/output.tf index 564868e..b2af4fc 100644 --- a/loadbalancer/output.tf +++ b/loadbalancer/output.tf @@ -1,11 +1,43 @@ -output "application_cluster_loadbalancer_id" { - value = "${aws_lb.application_cluster_loadbalancer.id}" +output "loadbalancer_id" { + value = "${aws_lb.loadbalancer.id}" } -output "application_cluster_loadbalancer_dns" { - value = "${aws_lb.application_cluster_loadbalancer.dns_name}" +output "loadbalancer_arn" { + value = "${aws_lb.loadbalancer.arn}" } -output "application_cluster_loadbalancer_zone_id" { - value = "${aws_lb.application_cluster_loadbalancer.zone_id}" +output "loadbalancer_dns_name" { + value = "${aws_lb.loadbalancer.dns_name}" +} + +output "loadbalancer_zone_id" { + value = "${aws_lb.loadbalancer.zone_id}" +} + +output "loadbalancer_listener_id" { + value = "${aws_lb_listener.loadbalancer_listener.id}" +} + +output "loadbalancer_listener_arn" { + value = "${aws_lb_listener.loadbalancer_listener.arn}" +} + +output "loadbalancer_listener_ssl_id" { + value = "${aws_lb_listener.loadbalancer_listener_ssl.id}" +} + +output "loadbalancer_listener_ssl_arn" { + value = "${aws_lb_listener.loadbalancer_listener_ssl.arn}" +} + +output "loadbalancer_default_target_group_id" { + value = "${aws_lb_target_group.loadbalancer_default_target_group.id}" +} + +output "loadbalancer_default_target_group_arn" { + value = "${aws_lb_target_group.loadbalancer_default_target_group.arn}" +} + +output "loadbalancer_default_target_group_vpc_id" { + value = "${aws_lb_target_group.loadbalancer_default_target_group.vpc_id}" } From fc50d8a395a71453bb10d2fcb939eb4a9fc251f1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20Lu=CC=88ckel?= Date: Tue, 27 Mar 2018 17:31:56 +0200 Subject: [PATCH 4/9] Added listener_rules, target_groups and variables to be able to attach an auto_scaling_group to a defined loadbalancer --- application_cluster/auto_scaling_group.tf | 42 +++++++++++++++++++++++ application_cluster/variables.tf | 30 ++++++++++++++++ 2 files changed, 72 insertions(+) diff --git a/application_cluster/auto_scaling_group.tf b/application_cluster/auto_scaling_group.tf index c4ddf92..133beff 100644 --- a/application_cluster/auto_scaling_group.tf +++ b/application_cluster/auto_scaling_group.tf @@ -23,3 +23,45 @@ resource "aws_autoscaling_group" "application_cluster_appserver_auto_scaling_gro propagate_at_launch = "${var.application_cluster_propagate_at_launch}" } } + +resource "aws_lb_listener_rule" "application_cluster_listener_rule" { + listener_arn = "${var.loadbalancer_listener_arn}" + priority = "" + + action { + target_group_arn = "${aws_lb_target_group.application_cluster_target_group.arn}" + type = "forward" + } + + condition { + field = "${var.application_cluster_listener_rule_condition_field}" + values = "${var.application_cluster_listener_rule_condition_values}" + } +} + +resource "aws_lb_listener_rule" "application_cluster_listener_rule" { + listener_arn = "${var.loadbalancer_listener_ssl_arn}" + priority = "" + + action { + target_group_arn = "${aws_lb_target_group.application_cluster_target_group.arn}" + type = "forward" + } + + condition { + field = "${var.application_cluster_listener_rule_condition_field}" + values = "${var.application_cluster_listener_rule_condition_values}" + } +} + +resource "aws_lb_target_group" "application_cluster_target_group" { + name = "${var.application_cluster_application_name}-${var.application_cluster_environment}-target-group" + port = "${var.application_cluster_instance_port_http}" + protocol = "HTTP" + vpc_id = "${var.application_cluster_vpc_id}" +} + +resource "aws_autoscaling_attachment" "application_cluster_autoscaling_attachment" { + autoscaling_group_name = "${aws_autoscaling_group.application_cluster_appserver_auto_scaling_group.id}" + alb_target_group_arn = "${aws_lb_target_group.application_cluster_target_group.arn}" +} diff --git a/application_cluster/variables.tf b/application_cluster/variables.tf index 48d7ac8..61b0a81 100644 --- a/application_cluster/variables.tf +++ b/application_cluster/variables.tf @@ -34,6 +34,11 @@ variable "application_cluster_environment" { description = "the environement of the cluster, e.g. stage or live" } +variable "application_cluster_instance_port_http" { + default = 80 + description = "the port for http on the instances" +} + variable "application_cluster_max_size" { default = 1 description = "defines the max-value of the autoscaling group" @@ -48,6 +53,31 @@ variable "application_cluster_subnet_ids" { type = "list" } +variable "application_cluster_vpc_id" { + description = "vpc to attach target groups to" + type = "string" +} + variable "application_cluster_propagate_at_launch" { default = true } + +variable "loadbalancer_listener_arn" { + description = "arn of listener from loadbalancer" + type = "string" +} + +variable "loadbalancer_listener_ssl_arn" { + description = "arn of ssl listener from loadbalancer" + type = "string" +} + +variable "application_cluster_listener_rule_condition_field" { + description = "field on which the condition should be triggered" + type = "string" +} + +variable "application_cluster_listener_rule_condition_values" { + description = "values which should be used on condition" + type = "list" +} From bd18f285a50a3333f16f63fde7e02dc56de4f730 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20Lu=CC=88ckel?= Date: Tue, 27 Mar 2018 18:39:32 +0200 Subject: [PATCH 5/9] Restructured README with ne information about the split --- README.md | 198 ++++++++++++++++++++++-------------------------------- 1 file changed, 80 insertions(+), 118 deletions(-) diff --git a/README.md b/README.md index bcc8986..aca4b4c 100644 --- a/README.md +++ b/README.md @@ -2,143 +2,106 @@ ## Basic Information -This terraform module can be used to create an application-cluster consisting of -+ ApplicationLoadBalancer - + 1 Listener for Port 80 - + 1 Listener for Port 443 (An AWS-certificate is mandatory for this at the moment) -+ AutoScaling-Group -+ IAM-Instance-Profile -+ LaunchConfiguration -+ TargetGroup +This terraform module consists of two submodules. One for the loadbalancer and +one for the application-cluster. -## Usage -### Parameters -```hcl-terraform -variable "application_cluster_lb_security_groups" { - description = "security-groups which should be assigned to the lb" - type = "list" -} - -variable "application_cluster_lb_access_log_bucket" { - description = "the bucket name to save the lb-access-logs to. The application-data-bucket of all accounts is configured for log-file-access" -} - -variable "application_cluster_lb_access_log_folder" { - description = "the folder where the logs should be saved. The application-data-bucket of all accounts is configured with the default path" - default = "logs/access" -} - -variable "application_cluster_access_log_enabled" { - description = "enable/disable the logging of access (default: true)" - default = true -} - -variable "application_cluster_loadbalancer_type" { - description = "which lb type to use: application or network (default: application)" - default = "application" - type = "string" -} - -variable "application_cluster_ssl_cert_arn" { - description = "The ssl-certificate for the lb" - default = "" -} - -# Appserver - Cluster -variable "application_cluster_ami_id" { - description = "the AMI with which the app-servers should be created" -} - -variable "application_cluster_application_name" { - description = "the name of the application beeing build" -} - -variable "application_cluster_environment" { - description = "the environement of the cluster, e.g. stage or live" -} - -variable "application_cluster_instance_port_http" { - default = 80 - description = "the port for http on the instances" -} - -variable "application_cluster_instance_role_id" { - description = "the instance-role to attach to the appservers" - default = "" -} +This separation is useful to be able to have 1 loadbalancer with 1 or more +application-cluster in different code bases! -variable "application_cluster_instance_type" { - description = "the size of the instances, e.g. t2.micro" -} +1. LoadBalancer -variable "application_cluster_max_size" { - default = 1 - description = "defines the max-value of the autoscaling group" -} -variable "application_cluster_min_size" { - default = 1 - description = "defineds the min-value for the autoscaling group" -} +Resources for a LoadBalancer (default: ApplicationLoadBalancer) with + 1 Listener for Port 80 + 1 Listener for Port 443 (An AWS-certificate is mandatory for this at the moment) + 1 Default Target Group (needed to define a listener) + +2. ApplicationCluster -variable "application_cluster_propagate_at_launch" { - default = true -} +Resources for an auto scaling group application cluster + + AutoScaling-Group + + IAM-Instance-Profile + + LaunchConfiguration + + TargetGroup + + 1 Listener rule to attach it to a loadbalancer listener + + 1 Listener SSL rule to attach it to a loadbalancer ssl listener -variable "application_cluster_security_groups" { - description = "Security-Groups to append to the instances" - type = "list" -} +## Usage +### Loadbalancer +#### Variables +- `application_cluster_lb_security_groups`: (list) Security groups which should be assigned to the loadbalancer +- `application_cluster_lb_access_log_bucket`: (string) The bucket name to save the lb-access-logs to. +- `application_cluster_lb_access_log_folder`: (string) The folder where the logs should be saved. +- `application_cluster_access_log_enabled`: (boolean|default:true) Enable/disable the logging of access. +- `application_cluster_loadbalancer_type`: (string|default:application) Which lb type to use: application or network. +- `application_cluster_ssl_cert_arn`: (string) The ssl-certificate for the loadbalancer. +- `application_cluster_application_name`: (string) The name to identify the loadbalancer. +- `application_cluster_environment`: (string) The environment of the loadbalancer. +- `application_cluster_instance_port_http`: (int|default:80) The port for http communication with an instance. +- `application_cluster_subnet_ids`: (list) Subnet ids to assign to the loadbalancer +- `application_cluster_vpc_id`: (string) VPC to work with. +- `application_cluster_ssl_policy`: (string|default:ELBSecurityPolicy-TLS-1-2-2017-01) Policy to use for SSL. + +### Application-Cluster +#### Variables +- `application_cluster_ami_id`: (string) The AMI with which the app-servers should be created. +- `application_cluster_instance_type`: (string) The size of an instance, e.g. t2.micro. +- `application_cluster_launch_configuration_security_groups`: (list) Security groups which should be assigned to an instance. +- `application_cluster_launch_configuration_detailed_monitoring`: (boolean|default:false) You can find information about detailed_monitoring in the [AWS Documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-cloudwatch-new.html). +- `application_cluster_user_data`: (string) Custom start-up script in base64-style. +- `application_cluster_instance_role_id`: (string) The instance-role to attach to an instance. +- `application_cluster_application_name`: (string) The name to identify an instance. +- `application_cluster_environment`: (string) The environment of an instance. +- `application_cluster_instance_port_http`: (int|default:80) The port for http communication with an instance. +- `application_cluster_max_size`: (int|default:1) Defines the max-value of the autoscaling group. +- `application_cluster_min_size`: (int|default:1) Defines the min-value of the autoscaling group. +- `application_cluster_subnet_ids`: (list) Subnet ids to assign to an instance. +- `application_cluster_vpc_id`: (string) VPC to work with. +- `application_cluster_propagate_at_launch`: (bool|default:true) +- `loadbalancer_listener_arn`: (string) ARN of a loadbalancer listener to be able to attach a target group. +- `loadbalancer_listener_ssl_arn`: (string) ARN of a loadbalancer ssl listener to be able to attach a target group. +- `application_cluster_listener_rule_condition_field`: (string) Field on which the listener rule condition should be triggered. More in the [AWS Documentation](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_RuleCondition.html)! +- `application_cluster_listener_rule_condition_values`: (list) Values which should be used on listener rule condition. More in the [AWS Documentation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-listenerrule-conditions.html) -variable "application_cluster_subnet_ids" { - type = "list" -} -variable "application_cluster_vpc_id" { - description = "vpc to attach target groups to" - type = "string" -} +### Using the Module +```hcl-terraform +module "loadbalancer" { + source = "git::ssh://git@github.com/solutionDrive/terraform-aws-application-cluster.git//loadbalancer" -variable "application_cluster_user_data" { - description = "Custom start-up script in base64-style" - default = "" + application_cluster_lb_security_groups = ["List", "of", "SecurityGroupIDs"] + application_cluster_lb_access_log_bucket = "bucket-name-for-logging" + application_cluster_ssl_cert_arn = "${data.aws_acm_certificate.certificate.arn}" + application_cluster_application_name = "AwesomeLoadbalancer" + application_cluster_environment = "stage" + application_cluster_subnet_ids = ["List", "of", "SubnetIds"] + application_cluster_vpc_id = "your-vpc-id" } -variable "application_cluster_ssl_policy" { - description = "Policy for SSL" - default = "ELBSecurityPolicy-TLS-1-2-2017-01" +data "aws_acm_certificate" "certificate" { + domain = "your-awsome-domain.tld" + statuses = ["ISSUED"] } ``` - variable "application_cluster_launch_configuration_detailed_monitoring" { - description = "Enable/disable detailed monitoring" - default = false - } -You can find information about detailed_monitoring in the [AWS Documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-cloudwatch-new.html) - -### Using the Module ```hcl-terraform module "application_cluster" { - source = "git::ssh://git@github.com/solutionDrive/terraform-aws-application-cluster" - - application_cluster_instance_type = "t2.micro" - application_cluster_lb_security_groups = ["List", "of", "SecurityGroupIDs"] + source = "git::ssh://git@github.com/solutionDrive/terraform-aws-application-cluster.git//application_cluster" + application_cluster_ami_id = "${data.aws_ami.appserver.id}" - application_cluster_application_name = "AwsomeApplication" + application_cluster_instance_type = "t2.micro" application_cluster_launch_configuration_security_groups = ["List", "of", "SecurityGroupIDs"] + application_cluster_user_data = "your-userdata-script-as-string" #can be loaded from a file + application_cluster_instance_role_id = "RoleIDForInstanceProfile" + application_cluster_application_name = "AwesomeApplication" application_cluster_environment = "stage" - application_cluster_vpc_id = "your-vpc-id" - application_cluster_subnet_ids = ["List", "of", "SubnetIds"] application_cluster_max_size = 2 # the maximum size of the cluster application_cluster_min_size = 1 # the minimum size of the cluster - application_cluster_ssl_cert_arn = "${data.aws_acm_certificate.certificate.arn}" - application_cluster_user_data = "your-userdata-script-as-string" #can be loaded from a file - application_cluster_lb_access_log_bucket = "bucket-name-for-logging" - application_cluster_instance_role_id = "RoleIDForInstanceProfile" -} - -data "aws_acm_certificate" "certificate" { - domain = "your-awsome-domain.tld" - statuses = ["ISSUED"] + application_cluster_subnet_ids = ["List", "of", "SubnetIds"] + application_cluster_vpc_id = "your-vpc-id" + loadbalancer_listener_arn = "arn-of-loadbalancer-listener" + loadbalancer_listener_ssl_arn = "arn-of-loadbalancer-ssl-listener" + application_cluster_listener_rule_condition_field = "host-header" + application_cluster_listener_rule_condition_values = ["*.your-awsome-domain.tld"] } data "aws_ami" "appserver" { @@ -148,5 +111,4 @@ data "aws_ami" "appserver" { values = ["appserver-image"] } } - ``` From ce687968969acdd2e5260759cc2e0c90cb86679b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20Lu=CC=88ckel?= Date: Tue, 27 Mar 2018 22:47:01 +0200 Subject: [PATCH 6/9] Add substr functions to be sure we have 0-32 chars --- loadbalancer/loadbalancer.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/loadbalancer/loadbalancer.tf b/loadbalancer/loadbalancer.tf index 6b7cf55..902f19e 100644 --- a/loadbalancer/loadbalancer.tf +++ b/loadbalancer/loadbalancer.tf @@ -42,7 +42,7 @@ resource "aws_lb_listener" "loadbalancer_listener_ssl" { } resource "aws_lb_target_group" "loadbalancer_default_target_group" { - name = "DEFAULT-${var.application_cluster_application_name}-${var.application_cluster_environment}-target-group" + name = "DEFAULT-${substr(var.application_cluster_application_name, 0, 16)}-${substr(var.application_cluster_environment, 0, 4)}-tg" port = "${var.application_cluster_instance_port_http}" protocol = "HTTP" vpc_id = "${var.application_cluster_vpc_id}" From bc9169d7d8853bde067913d12acb62263f9d86bb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20Lu=CC=88ckel?= Date: Tue, 27 Mar 2018 22:50:20 +0200 Subject: [PATCH 7/9] use min+length to prevent error of 'substr: 'offset + length' cannot be larger than the length of the string' --- loadbalancer/loadbalancer.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/loadbalancer/loadbalancer.tf b/loadbalancer/loadbalancer.tf index 902f19e..02e63d7 100644 --- a/loadbalancer/loadbalancer.tf +++ b/loadbalancer/loadbalancer.tf @@ -42,7 +42,7 @@ resource "aws_lb_listener" "loadbalancer_listener_ssl" { } resource "aws_lb_target_group" "loadbalancer_default_target_group" { - name = "DEFAULT-${substr(var.application_cluster_application_name, 0, 16)}-${substr(var.application_cluster_environment, 0, 4)}-tg" + name = "DEFAULT-${substr(var.application_cluster_application_name, 0, min(16,length(var.application_cluster_application_name)))}-${substr(var.application_cluster_environment, 0, min(4, length(var.application_cluster_environment)))}-tg" port = "${var.application_cluster_instance_port_http}" protocol = "HTTP" vpc_id = "${var.application_cluster_vpc_id}" From d78691a9f6f9c9607ec4c9a77d8044eaf4871bf0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20Lu=CC=88ckel?= Date: Tue, 27 Mar 2018 23:22:59 +0200 Subject: [PATCH 8/9] Fixed name --- application_cluster/auto_scaling_group.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/application_cluster/auto_scaling_group.tf b/application_cluster/auto_scaling_group.tf index 133beff..bc6b5cc 100644 --- a/application_cluster/auto_scaling_group.tf +++ b/application_cluster/auto_scaling_group.tf @@ -39,7 +39,7 @@ resource "aws_lb_listener_rule" "application_cluster_listener_rule" { } } -resource "aws_lb_listener_rule" "application_cluster_listener_rule" { +resource "aws_lb_listener_rule" "application_cluster_listener_ssl_rule" { listener_arn = "${var.loadbalancer_listener_ssl_arn}" priority = "" From fe50109d3c95716b899080e6a9212e5424d601b4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20Lu=CC=88ckel?= Date: Wed, 28 Mar 2018 08:52:33 +0200 Subject: [PATCH 9/9] Do not use Priority at the moment because it is optional and will managed by the listener itself --- application_cluster/auto_scaling_group.tf | 2 -- 1 file changed, 2 deletions(-) diff --git a/application_cluster/auto_scaling_group.tf b/application_cluster/auto_scaling_group.tf index bc6b5cc..b767d64 100644 --- a/application_cluster/auto_scaling_group.tf +++ b/application_cluster/auto_scaling_group.tf @@ -26,7 +26,6 @@ resource "aws_autoscaling_group" "application_cluster_appserver_auto_scaling_gro resource "aws_lb_listener_rule" "application_cluster_listener_rule" { listener_arn = "${var.loadbalancer_listener_arn}" - priority = "" action { target_group_arn = "${aws_lb_target_group.application_cluster_target_group.arn}" @@ -41,7 +40,6 @@ resource "aws_lb_listener_rule" "application_cluster_listener_rule" { resource "aws_lb_listener_rule" "application_cluster_listener_ssl_rule" { listener_arn = "${var.loadbalancer_listener_ssl_arn}" - priority = "" action { target_group_arn = "${aws_lb_target_group.application_cluster_target_group.arn}"