Skip to content

Commit

Permalink
Merge pull request #4 from clouddrove/CD-160
Browse files Browse the repository at this point in the history
add NLB and cleanup
  • Loading branch information
Sohan Yadav authored May 12, 2020
2 parents c034c14 + 60b7849 commit eb9f30b
Show file tree
Hide file tree
Showing 15 changed files with 1,044 additions and 210 deletions.
34 changes: 28 additions & 6 deletions .github/workflows/terraform.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,11 +16,11 @@ jobs:
with:
actions_subcommand: 'fmt'

- name: 'Terraform Init'
- name: 'ALB Terraform Init'
uses: clouddrove/github-actions@v2.0
with:
actions_subcommand: 'init'
tf_actions_working_dir: ./_example
tf_actions_working_dir: ./_example/alb

- name: Configure AWS Credentials
uses: clouddrove/configure-aws-credentials@v1
Expand All @@ -29,19 +29,41 @@ jobs:
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-2

- name: 'Terraform Plan'
- name: 'ALB Terraform Plan'
uses: clouddrove/github-actions@v2.0
with:
actions_subcommand: 'plan'
tf_actions_working_dir: ./_example
tf_actions_working_dir: ./_example/alb
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

- name: 'Terratest'
- name: 'ALB Terratest'
uses: clouddrove/github-actions@v2.0
with:
actions_subcommand: 'terratest'
tf_actions_working_dir: ./_test
tf_actions_working_dir: ./_test/alb
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

- name: 'CLB Terraform Init'
uses: clouddrove/github-actions@v2.0
with:
actions_subcommand: 'init'
tf_actions_working_dir: ./_example/clb

- name: 'CLB Terraform Plan'
uses: clouddrove/github-actions@v2.0
with:
actions_subcommand: 'plan'
tf_actions_working_dir: ./_example/clb
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

- name: 'CLB Terratest'
uses: clouddrove/github-actions@v2.0
with:
actions_subcommand: 'terratest'
tf_actions_working_dir: ./_test/clb
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Expand Down
271 changes: 192 additions & 79 deletions README.md

Large diffs are not rendered by default.

154 changes: 130 additions & 24 deletions README.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -32,29 +32,135 @@ include:

# How to use this project
usage : |-
### Simple Example
Here is an example of how you can use this module in your inventory structure:
Here are examples of how you can use this module in your inventory structure:
### ALB Example
```hcl
module "alb" {
source = "git::https://github.com/clouddrove/terraform-aws-alb.git?ref=tags/0.12.5"
name = "alb"
application = "clouddrove"
environment = "test"
label_order = ["environment", "name", "application"]
internal = false
load_balancer_type = "application"
instance_count = 2
security_groups = ["sg-xxxxxxx"]
subnets = "subnet-xxxxxxx"
enable_deletion_protection = false
target_id = "i-xxxxxxxxxx"
vpc_id = "vpc-xxxxxxxxx"
target_group_protocol = "HTTP"
target_group_port = 80
listener_certificate_arn = "arn:aws:acm:eu-west-1:xxxxxxxxxxxx:certificate/xxxxxx-xxxx-xxxxx-xxxx"
https_enabled = true
http_enabled = true
https_port = 443
listener_type = "forward"
module "alb" {
source = "git::https://github.com/clouddrove/terraform-aws-alb.git?ref=tags/0.12.6"
name = "alb"
application = "clouddrove"
environment = "test"
label_order = ["environment", "application", "name"]
internal = false
load_balancer_type = "application"
instance_count = module.ec2.instance_count
security_groups = [module.ssh.security_group_ids, module.http-https.security_group_ids]
subnets = module.public_subnets.public_subnet_id
enable_deletion_protection = false
target_id = module.ec2.instance_id
vpc_id = module.vpc.vpc_id
https_enabled = true
http_enabled = true
https_port = 443
listener_type = "forward"
listener_certificate_arn = "arn:aws:acm:eu-west-1:924144197303:certificate/0418d2ba-91f7-4196-991b-28b5c60cd4cf"
target_group_port = 80
target_groups = [
{
backend_protocol = "HTTP"
backend_port = 80
target_type = "instance"
deregistration_delay = 300
health_check = {
enabled = true
interval = 30
path = "/"
port = "traffic-port"
healthy_threshold = 3
unhealthy_threshold = 3
timeout = 10
protocol = "HTTP"
matcher = "200-399"
}
}
]
}
```
```
### NLB Example
```hcl
module "alb" {
source = "git::https://github.com/clouddrove/terraform-aws-alb.git?ref=tags/0.12.6"
name = "nlb"
application = "clouddrove"
environment = "test"
label_order = ["environment", "application", "name"]
internal = false
load_balancer_type = "application"
instance_count = module.ec2.instance_count
subnets = module.public_subnets.public_subnet_id
enable_deletion_protection = false
target_id = module.ec2.instance_id
vpc_id = module.vpc.vpc_id
http_tcp_listeners = [
{
port = 80
protocol = "TCP"
target_group_index = 0
},
]
https_listeners = [
{
port = 443
protocol = "TLS"
certificate_arn = "arn:aws:acm:eu-west-1:924144197303:certificate/0418d2ba-91f7-4196-991b-28b5c60cd4cf"
target_group_index = 1
},
]
target_groups = [
{
backend_protocol = "TCP"
backend_port = 80
target_type = "instance"
},
{
backend_protocol = "TLS"
backend_port = 443
target_type = "instance"
},
]
}
```
### CLB Example
```hcl
module "clb" {
source = "git::https://github.com/clouddrove/terraform-aws-alb.git?ref=tags/0.12.6"
name = "clb"
application = "clouddrove"
environment = "test"
label_order = ["environment", "application", "name"]
load_balancer_type = "classic"
internal = false
target_id = module.ec2.instance_id
security_groups = [module.ssh.security_group_ids, module.http_https.security_group_ids]
subnets = module.public_subnets.public_subnet_id
listeners = [
{
lb_port = 22000
lb_protocol = "TCP"
instance_port = 22000
instance_protocol = "TCP"
ssl_certificate_id = null
},
{
lb_port = 4444
lb_protocol = "TCP"
instance_port = 4444
instance_protocol = "TCP"
ssl_certificate_id = null
}
]
health_check_target = "TCP:4444"
health_check_timeout = 10
health_check_interval = 30
health_check_unhealthy_threshold = 5
health_check_healthy_threshold = 5
}
```
170 changes: 170 additions & 0 deletions _example/alb/example.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,170 @@
provider "aws" {
region = "eu-west-1"
}

module "vpc" {
source = "git::https://github.com/clouddrove/terraform-aws-vpc.git?ref=tags/0.12.5"

name = "vpc"
application = "clouddrove"
environment = "test"
label_order = ["environment", "application", "name"]

cidr_block = "172.16.0.0/16"
}

module "public_subnets" {
source = "git::https://github.com/clouddrove/terraform-aws-subnet.git?ref=tags/0.12.6"

name = "public-subnet"
application = "clouddrove"
environment = "test"
label_order = ["environment", "application", "name"]

availability_zones = ["eu-west-1b", "eu-west-1c"]
vpc_id = module.vpc.vpc_id
cidr_block = module.vpc.vpc_cidr_block
type = "public"
igw_id = module.vpc.igw_id
}

module "http_https" {
source = "git::https://github.com/clouddrove/terraform-aws-security-group.git?ref=tags/0.12.4"

name = "http-https"
application = "clouddrove"
environment = "test"
label_order = ["environment", "application", "name"]

vpc_id = module.vpc.vpc_id
allowed_ip = ["0.0.0.0/0"]
allowed_ports = [80, 443]
}

module "ssh" {
source = "git::https://github.com/clouddrove/terraform-aws-security-group.git?ref=tags/0.12.4"

name = "ssh"
application = "clouddrove"
environment = "test"
label_order = ["environment", "application", "name"]

vpc_id = module.vpc.vpc_id
allowed_ip = [module.vpc.vpc_cidr_block]
allowed_ports = [22]
}

module "iam-role" {
source = "git::https://github.com/clouddrove/terraform-aws-iam-role.git?ref=tags/0.12.3"

name = "iam-role"
application = "clouddrove"
environment = "test"
label_order = ["environment", "application", "name"]
assume_role_policy = data.aws_iam_policy_document.default.json

policy_enabled = true
policy = data.aws_iam_policy_document.iam-policy.json
}

data "aws_iam_policy_document" "default" {
statement {
effect = "Allow"
actions = ["sts:AssumeRole"]
principals {
type = "Service"
identifiers = ["ec2.amazonaws.com"]
}
}
}

data "aws_iam_policy_document" "iam-policy" {
statement {
actions = [
"ssm:UpdateInstanceInformation",
"ssmmessages:CreateControlChannel",
"ssmmessages:CreateDataChannel",
"ssmmessages:OpenControlChannel",
"ssmmessages:OpenDataChannel"]
effect = "Allow"
resources = ["*"]
}
}

module "ec2" {
source = "git::https://github.com/clouddrove/terraform-aws-ec2.git?ref=tags/0.12.4"

name = "ec2-instance"
application = "clouddrove"
environment = "test"
label_order = ["environment", "application", "name"]

instance_count = 2
ami = "ami-08d658f84a6d84a80"
instance_type = "t2.nano"
monitoring = false
tenancy = "default"

vpc_security_group_ids_list = [module.ssh.security_group_ids, module.http_https.security_group_ids]
subnet_ids = tolist(module.public_subnets.public_subnet_id)

assign_eip_address = true
associate_public_ip_address = true

instance_profile_enabled = true
iam_instance_profile = module.iam-role.name

disk_size = 8
ebs_optimized = false
ebs_volume_enabled = true
ebs_volume_type = "gp2"
ebs_volume_size = 30
}


module "alb" {
source = "./../../"

name = "alb"
application = "clouddrove"
environment = "test"
label_order = ["environment", "application", "name"]

enable = true
internal = false
load_balancer_type = "application"
instance_count = module.ec2.instance_count
security_groups = [module.ssh.security_group_ids, module.http_https.security_group_ids]
subnets = module.public_subnets.public_subnet_id
enable_deletion_protection = false

target_id = module.ec2.instance_id
vpc_id = module.vpc.vpc_id

https_enabled = true
http_enabled = true
https_port = 443
listener_type = "forward"
listener_certificate_arn = "arn:aws:acm:eu-west-1:924144197303:certificate/0418d2ba-91f7-4196-991b-28b5c60cd4cf"
target_group_port = 80

target_groups = [
{
backend_protocol = "HTTP"
backend_port = 80
target_type = "instance"
deregistration_delay = 300
health_check = {
enabled = true
interval = 30
path = "/"
port = "traffic-port"
healthy_threshold = 3
unhealthy_threshold = 3
timeout = 10
protocol = "HTTP"
matcher = "200-399"
}
}
]
}
File renamed without changes.
Loading

0 comments on commit eb9f30b

Please sign in to comment.