Skip to content

Commit 46a449a

Browse files
committed
- autogenerate passwords and cookie secret
- add ability to provide volume type and size - add ability to provide additional security groups both for ELB and RabbitMQ nodes - add create_before_destroy for launch configuration - consistent resource naming to allow creating multiple clusters - add min_size max_size and desired_size vars for ASG
1 parent b90fcea commit 46a449a

File tree

8 files changed

+197
-113
lines changed

8 files changed

+197
-113
lines changed

.gitignore

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,3 +3,4 @@
33
*.tfvars
44
*.lock.info
55
.terraform
6+
.idea

.travis.yml

Lines changed: 42 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,42 @@
1+
language: ruby
2+
sudo: required
3+
dist: trusty
4+
5+
services:
6+
- docker
7+
8+
rvm:
9+
- 2.4.2
10+
11+
before_install:
12+
- echo "before_install"
13+
14+
install:
15+
- echo "install"
16+
- gem install bundler --no-rdoc --no-ri
17+
- bundle install
18+
19+
before_script:
20+
- echo 'before_script'
21+
- export AWS_REGION='us-east-1'
22+
- export TF_VAR_region=${AWS_REGION}
23+
- echo "using AWS_REGION=${AWS_REGION}"
24+
- export TF_WARN_OUTPUT_ERRORS=1
25+
- curl --silent --output terraform.zip https://releases.hashicorp.com/terraform/0.11.8/terraform_0.11.8_linux_amd64.zip
26+
- sha256sum terraform.zip | grep "84ccfb8e13b5fce63051294f787885b76a1fedef6bdbecf51c5e586c9e20c9b7"
27+
- unzip terraform.zip ; rm -f terraform.zip; chmod +x terraform
28+
- mkdir -p ${HOME}/bin ; export PATH=${PATH}:${HOME}/bin; mv terraform ${HOME}/bin/
29+
- terraform -v
30+
31+
script:
32+
- echo 'script'
33+
- terraform init
34+
- terraform fmt -check=true
35+
- terraform validate -var "region=${AWS_REGION}" -var "vpc_id=vpc-123456" -var "subnets=[\"subnet-12345a\"]" -var "workers_ami_id=ami-123456" -var "cluster_ingress_cidrs=[]" -var "cluster_name=test_cluster"
36+
# - docker run --rm -v $(pwd):/app/ --workdir=/app/ -t wata727/tflint --error-with-issues
37+
- cd examples/eks_test_fixture
38+
- terraform init
39+
- terraform fmt -check=true
40+
- terraform validate
41+
- cd -
42+
- terraform -v

README.md

Lines changed: 15 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@
33

44
## What it does ?
55

6-
1. Creates `${var.count}` nodes in `${var.subnet_ids}` subnets
6+
1. Creates `N` nodes in `M` subnets
77
1. Creates Autoscaling Group and ELB to load balance nodes
88
1. Makes sure nodes can talk to each other and create cluster
99
1. Make sure new nodes always join the cluster
@@ -16,28 +16,24 @@
1616

1717

1818
## How to use it ?
19-
20-
Clone the repo, go to `example` directory, create `terraform.tfvars` file with content:
19+
Copy and paste into your Terraform configuration:
2120
```
22-
region = "<REGION-HERE>"
23-
access_key = "<YOUR-KEY-HERE>"
24-
secret_key = "<YOUR-SECRET-HERE>"
25-
ssh_key_name = "<SSH-KEY-NAME>"
26-
instance_type = "t2.small"
27-
vpc_id = "<VPC-ID>"
28-
subnet_ids = ["<SUBNET-ID-1>", "<SUBNET-ID-2>"]
29-
ssh_security_group_ids = []
30-
elb_security_group_ids = []
31-
32-
rabbitmq_admin_password = "example-password"
33-
rabbitmq_rabbit_password = "example-password"
34-
rabbitmq_secret_cookie = "example-secret-cookie"
35-
rabbitmq_node_count = 3
21+
module "rabbitmq" {
22+
source = "ulamlabs/rabbitmq/aws"
23+
version = "2.0.0"
24+
vpc_id = "${var.vpc_id}"
25+
ssh_key_name = "${var.ssh_key_name}"
26+
subnet_ids = "${var.subnet_ids}"
27+
elb_additional_security_group_ids = ["var.cluster_security_group_id"]
28+
min_size = "3"
29+
max_size = "3"
30+
desired_size = "3"
31+
}
3632
```
3733

38-
then run `terraform get`, `terraform plan` and `terraform apply`.
34+
then run `terraform init`, `terraform plan` and `terraform apply`.
3935

40-
Are 3 node not enough ? Update `count` to `5` and run `terraform apply` again,
36+
Are 3 node not enough ? Update sizes to `5` and run `terraform apply` again,
4137
it will update Autoscaling Group and add `2` nodes more. Dead simple.
4238

4339
Node becomes unresponsive ? Autoscaling group and ELB Health Checks will automatically replace it with new one, without data loss.

cloud-init.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -69,7 +69,7 @@ runcmd:
6969
- service docker start
7070
- chkconfig docker on
7171
- usermod -a -G docker ec2-user
72-
- docker run -d --name rabbitmq --hostname $HOSTNAME -p 4369:4369 -p 5672:5672 -p 15672:15672 -p 25672:25672 -e RABBITMQ_ERLANG_COOKIE='${secret_cookie}' -v /root/data:/var/lib/rabbitmq -v /root/conf/:/etc/rabbitmq -v /root/bin:/tmp/bin rabbitmq:3-management
72+
- docker run -d --name rabbitmq --hostname $HOSTNAME -p 4369:4369 -p 5672:5672 -p 15672:15672 -p 25672:25672 -e RABBITMQ_ERLANG_COOKIE='${secret_cookie}' -e RABBITMQ_USE_LONGNAME=true -v /root/data:/var/lib/rabbitmq -v /root/conf/:/etc/rabbitmq -v /root/bin:/tmp/bin rabbitmq:3-management
7373
- sleep 1
7474
- docker exec rabbitmq bash /tmp/bin/join_cluster.sh $(bash /root/find_hosts.sh)
7575
- sleep 1

example/main.tf

Lines changed: 12 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -5,12 +5,15 @@ variable "region" {}
55
variable "vpc_id" {}
66
variable "ssh_key_name" {}
77
variable "instance_type" {}
8+
89
variable "subnet_ids" {
910
type = "list"
1011
}
12+
1113
variable "ssh_security_group_ids" {
1214
type = "list"
1315
}
16+
1417
variable "elb_security_group_ids" {
1518
type = "list"
1619
}
@@ -27,16 +30,16 @@ provider "aws" {
2730
}
2831

2932
module "rabbitmq" {
30-
source = "github.com/ulamlabs/rabbitmq-cluster"
31-
region = "${var.region}"
32-
vpc_id = "${var.vpc_id}"
33-
ssh_key_name = "${var.ssh_key_name}"
34-
instance_type = "${var.instance_type}"
35-
subnet_ids = "${var.subnet_ids}"
33+
source = "github.com/ulamlabs/rabbitmq-cluster"
34+
region = "${var.region}"
35+
vpc_id = "${var.vpc_id}"
36+
ssh_key_name = "${var.ssh_key_name}"
37+
instance_type = "${var.instance_type}"
38+
subnet_ids = "${var.subnet_ids}"
3639
ssh_security_group_ids = "${var.ssh_security_group_ids}"
3740
elb_security_group_ids = "${var.elb_security_group_ids}"
38-
admin_password = "${var.rabbitmq_admin_password}"
39-
rabbit_password = "${var.rabbitmq_rabbit_password}"
41+
admin_password = "${var.rabbitmq_admin_password}"
42+
rabbit_password = "${var.rabbitmq_rabbit_password}"
4043
rabbitmq_secret_cookie = "${var.rabbitmq_secret_cookie}"
41-
count = "${var.rabbitmq_node_count}"
44+
count = "${var.rabbitmq_node_count}"
4245
}

main.tf

Lines changed: 70 additions & 62 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,8 @@ data "aws_vpc" "vpc" {
22
id = "${var.vpc_id}"
33
}
44

5+
data "aws_region" "current" {}
6+
57
data "aws_ami_ids" "ami" {
68
owners = ["amazon"]
79

@@ -11,6 +13,21 @@ data "aws_ami_ids" "ami" {
1113
}
1214
}
1315

16+
resource "random_string" "admin_password" {
17+
length = 32
18+
special = false
19+
}
20+
21+
resource "random_string" "rabbit_password" {
22+
length = 32
23+
special = false
24+
}
25+
26+
resource "random_string" "secret_cookie" {
27+
length = 64
28+
special = false
29+
}
30+
1431
data "aws_iam_policy_document" "policy_doc" {
1532
statement {
1633
actions = ["sts:AssumeRole"]
@@ -27,22 +44,23 @@ data "template_file" "cloud-init" {
2744

2845
vars {
2946
sync_node_count = 3
30-
region = "${var.region}"
31-
secret_cookie = "${var.rabbitmq_secret_cookie}"
32-
admin_password = "${var.admin_password}"
33-
rabbit_password = "${var.rabbit_password}"
34-
message_timeout = "${3 * 24 * 60 * 60 * 1000}" # 3 days
47+
region = "${data.aws_region.current.name}"
48+
admin_password = "${random_string.admin_password.result}"
49+
rabbit_password = "${random_string.rabbit_password.result}"
50+
secret_cookie = "${random_string.secret_cookie.result}"
51+
message_timeout = "${3 * 24 * 60 * 60 * 1000}" # 3 days
3552
}
3653
}
3754

3855
resource "aws_iam_role" "role" {
39-
name = "rabbitmq"
56+
name = "rabbitmq-${var.name}"
4057
assume_role_policy = "${data.aws_iam_policy_document.policy_doc.json}"
4158
}
4259

4360
resource "aws_iam_role_policy" "policy" {
44-
name = "rabbitmq"
45-
role = "${aws_iam_role.role.id}"
61+
name = "rabbitmq-${var.name}"
62+
role = "${aws_iam_role.role.id}"
63+
4664
policy = <<EOF
4765
{
4866
"Version": "2012-10-17",
@@ -63,30 +81,15 @@ EOF
6381
}
6482

6583
resource "aws_iam_instance_profile" "profile" {
66-
name = "rabbitmq"
67-
role = "${aws_iam_role.role.name}"
84+
name_prefix = "rabbitmq-${var.name}"
85+
role = "${aws_iam_role.role.name}"
6886
}
6987

70-
7188
resource "aws_security_group" "rabbitmq_elb" {
72-
name = "rabbitmq_elb"
89+
name = "rabbitmq_elb-${var.name}"
7390
vpc_id = "${var.vpc_id}"
7491
description = "Security Group for the rabbitmq elb"
7592

76-
ingress {
77-
protocol = "tcp"
78-
from_port = 5672
79-
to_port = 5672
80-
security_groups = ["${var.elb_security_group_ids}"]
81-
}
82-
83-
ingress {
84-
protocol = "tcp"
85-
from_port = 80
86-
to_port = 80
87-
security_groups = ["${var.elb_security_group_ids}"]
88-
}
89-
9093
egress {
9194
protocol = "-1"
9295
from_port = 0
@@ -95,12 +98,12 @@ resource "aws_security_group" "rabbitmq_elb" {
9598
}
9699

97100
tags {
98-
Name = "rabbitmq elb"
101+
Name = "rabbitmq ${var.name} ELB"
99102
}
100103
}
101104

102105
resource "aws_security_group" "rabbitmq_nodes" {
103-
name = "rabbitmq-nodes"
106+
name = "rabbitmq-${var.name}-nodes"
104107
vpc_id = "${var.vpc_id}"
105108
description = "Security Group for the rabbitmq nodes"
106109

@@ -125,42 +128,47 @@ resource "aws_security_group" "rabbitmq_nodes" {
125128
security_groups = ["${aws_security_group.rabbitmq_elb.id}"]
126129
}
127130

128-
ingress {
129-
protocol = "tcp"
130-
from_port = 22
131-
to_port = 22
132-
security_groups = ["${var.ssh_security_group_ids}"]
133-
}
134-
135131
egress {
136-
protocol = "-1"
137-
from_port = 0
138-
to_port = 0
132+
protocol = "-1"
133+
from_port = 0
134+
to_port = 0
135+
139136
cidr_blocks = [
140-
"0.0.0.0/0"
137+
"0.0.0.0/0",
141138
]
142139
}
143140

144141
tags {
145-
Name = "rabbitmq nodes"
142+
Name = "rabbitmq ${var.name} nodes"
146143
}
147144
}
148145

149146
resource "aws_launch_configuration" "rabbitmq" {
150-
name = "rabbitmq"
147+
name_prefix = "rabbitmq-${var.name}-"
151148
image_id = "${data.aws_ami_ids.ami.ids[0]}"
152149
instance_type = "${var.instance_type}"
153150
key_name = "${var.ssh_key_name}"
154-
security_groups = ["${aws_security_group.rabbitmq_nodes.id}"]
151+
security_groups = ["${aws_security_group.rabbitmq_nodes.id}", "${var.nodes_additional_security_group_ids}"]
155152
iam_instance_profile = "${aws_iam_instance_profile.profile.id}"
156153
user_data = "${data.template_file.cloud-init.rendered}"
154+
155+
root_block_device {
156+
volume_type = "${var.instance_volume_type}"
157+
volume_size = "${var.instance_volume_size}"
158+
iops = "${var.instance_volume_iops}"
159+
delete_on_termination = true
160+
}
161+
162+
lifecycle {
163+
create_before_destroy = true
164+
}
157165
}
158166

159167
resource "aws_autoscaling_group" "rabbitmq" {
160-
name = "rabbitmq"
161-
max_size = "${var.count}"
162-
min_size = "${var.count}"
163-
desired_capacity = "${var.count}"
168+
name_prefix = "rabbitmq-${var.name}-"
169+
min_size = "${var.min_size}"
170+
desired_capacity = "${var.desired_size}"
171+
max_size = "${var.max_size}"
164172
health_check_grace_period = 300
165173
health_check_type = "ELB"
166174
force_delete = true
@@ -169,27 +177,27 @@ resource "aws_autoscaling_group" "rabbitmq" {
169177
vpc_zone_identifier = ["${var.subnet_ids}"]
170178

171179
tag {
172-
key = "Name"
173-
value = "rabbitmq"
180+
key = "Name"
181+
value = "rabbitmq-${var.name}"
174182
propagate_at_launch = true
175183
}
176184
}
177185

178186
resource "aws_elb" "elb" {
179-
name = "rabbit-elb"
187+
name = "rabbitmq-${var.name}-elb"
180188

181189
listener {
182-
instance_port = 5672
183-
instance_protocol = "tcp"
184-
lb_port = 5672
185-
lb_protocol = "tcp"
190+
instance_port = 5672
191+
instance_protocol = "tcp"
192+
lb_port = 5672
193+
lb_protocol = "tcp"
186194
}
187195

188196
listener {
189-
instance_port = 15672
190-
instance_protocol = "http"
191-
lb_port = 80
192-
lb_protocol = "http"
197+
instance_port = 15672
198+
instance_protocol = "http"
199+
lb_port = 80
200+
lb_protocol = "http"
193201
}
194202

195203
health_check {
@@ -200,12 +208,12 @@ resource "aws_elb" "elb" {
200208
target = "TCP:5672"
201209
}
202210

203-
subnets = ["${var.subnet_ids}"]
204-
idle_timeout = 3600
205-
internal = true
206-
security_groups = ["${aws_security_group.rabbitmq_elb.id}"]
211+
subnets = ["${var.subnet_ids}"]
212+
idle_timeout = 3600
213+
internal = true
214+
security_groups = ["${aws_security_group.rabbitmq_elb.id}", "${var.elb_additional_security_group_ids}"]
207215

208216
tags {
209-
Name = "rabbitmq"
217+
Name = "rabbitmq-${var.name}"
210218
}
211219
}

0 commit comments

Comments
 (0)