diff --git a/terraform/aws/consul.tf b/terraform/aws/consul.tf index ce5d6f0a7b..3deeb4f51c 100644 --- a/terraform/aws/consul.tf +++ b/terraform/aws/consul.tf @@ -16,7 +16,7 @@ resource "aws_instance" "server" { } provisioner "file" { - source = "${path.module}/scripts/${lookup(var.service_conf, var.platform)}" + source = "${path.module}/../shared/scripts/${lookup(var.service_conf, var.platform)}" destination = "/tmp/${lookup(var.service_conf_dest, var.platform)}" } @@ -30,9 +30,9 @@ resource "aws_instance" "server" { provisioner "remote-exec" { scripts = [ - "${path.module}/scripts/install.sh", - "${path.module}/scripts/service.sh", - "${path.module}/scripts/ip_tables.sh", + "${path.module}/../shared/scripts/install.sh", + "${path.module}/../shared/scripts/service.sh", + "${path.module}/../shared/scripts/ip_tables.sh", ] } } diff --git a/terraform/google/README.md b/terraform/google/README.md new file mode 100644 index 0000000000..0369ef4072 --- /dev/null +++ b/terraform/google/README.md @@ -0,0 +1,33 @@ +## Running the Google Cloud Platform templates to set up a Consul cluster + +The platform variable defines the target OS, default is `ubuntu`. + +Supported Machine Images: +- Ubuntu 14.04 (`ubuntu`) +- RHEL6 (`rhel6`) +- RHEL7 (`rhel7`) +- CentOS6 (`centos6`) +- CentOS7 (`centos7`) + +For Google Cloud provider, set up your environment as outlined here: https://www.terraform.io/docs/providers/google/index.html + +To set up a Ubuntu based cluster, replace `key_path` with actual value and run: + + +```shell +terraform apply -var 'key_path=/Users/xyz/consul.pem' +``` + +_or_ + +```shell +terraform apply -var 'key_path=/Users/xyz/consul.pem' -var 'platform=ubuntu' +``` + +To run RHEL6, run like below: + +```shell +terraform apply -var 'key_path=/Users/xyz/consul.pem' -var 'platform=rhel6' +``` + +**Note:** For RHEL and CentOS based clusters, you need to have a [SSH key added](https://console.cloud.google.com/compute/metadata/sshKeys) for the user `root`. \ No newline at end of file diff --git a/terraform/google/consul.tf b/terraform/google/consul.tf new file mode 100644 index 0000000000..066f586c30 --- /dev/null +++ b/terraform/google/consul.tf @@ -0,0 +1,68 @@ +resource "google_compute_instance" "consul" { + count = "${var.servers}" + + name = "consul-${count.index}" + zone = "${var.region_zone}" + tags = ["${var.tag_name}"] + + machine_type = "${var.machine_type}" + + disk { + image = "${lookup(var.machine_image, var.platform)}" + } + + network_interface { + network = "default" + + access_config { + # Ephemeral + } + } + + service_account { + scopes = ["https://www.googleapis.com/auth/compute.readonly"] + } + + connection { + user = "${lookup(var.user, var.platform)}" + key_path = "${var.key_path}" + } + + provisioner "file" { + source = "${path.module}/../shared/scripts/${lookup(var.service_conf, var.platform)}" + destination = "/tmp/${lookup(var.service_conf_dest, var.platform)}" + } + + provisioner "remote-exec" { + inline = [ + "echo ${var.servers} > /tmp/consul-server-count", + "echo ${google_compute_instance.consul.0.network_interface.0.address} > /tmp/consul-server-addr", + ] + } + + provisioner "remote-exec" { + scripts = [ + "${path.module}/../shared/scripts/install.sh", + "${path.module}/../shared/scripts/service.sh", + "${path.module}/../shared/scripts/ip_tables.sh", + ] + } +} + +resource "google_compute_firewall" "consul_ingress" { + name = "consul-internal-access" + network = "default" + + allow { + protocol = "tcp" + ports = [ + "8300", # Server RPC + "8301", # Serf LAN + "8302", # Serf WAN + "8400", # RPC + ] + } + + source_tags = ["${var.tag_name}"] + target_tags = ["${var.tag_name}"] +} diff --git a/terraform/google/outputs.tf b/terraform/google/outputs.tf new file mode 100644 index 0000000000..66d031cb22 --- /dev/null +++ b/terraform/google/outputs.tf @@ -0,0 +1,4 @@ +output "server_address" { + value = "${google_compute_instance.consul.0.network_interface.0.address}" +} + diff --git a/terraform/google/variables.tf b/terraform/google/variables.tf new file mode 100644 index 0000000000..d877e359d7 --- /dev/null +++ b/terraform/google/variables.tf @@ -0,0 +1,72 @@ +variable "platform" { + default = "ubuntu" + description = "The OS Platform" +} + +variable "user" { + default = { + ubuntu = "ubuntu" + rhel6 = "root" + rhel7 = "root" + centos6 = "root" + centos7 = "root" + } +} + +variable "machine_image" { + default = { + ubuntu = "ubuntu-os-cloud/ubuntu-1404-trusty-v20160314" + rhel6 = "rhel-cloud/rhel-6-v20160303" + rhel7 = "rhel-cloud/rhel-7-v20160303" + centos6 = "centos-cloud/centos-6-v20160301" + centos7 = "centos-cloud/centos-7-v20160301" + } +} + +variable "service_conf" { + default = { + ubuntu = "debian_upstart.conf" + rhel6 = "rhel_upstart.conf" + rhel7 = "rhel_consul.service" + centos6 = "rhel_upstart.conf" + centos7 = "rhel_consul.service" + } +} +variable "service_conf_dest" { + default = { + ubuntu = "upstart.conf" + rhel6 = "upstart.conf" + rhel7 = "consul.service" + centos6 = "upstart.conf" + centos7 = "consul.service" + } +} + +variable "key_path" { + description = "Path to the private key used to access the cloud servers" +} + +variable "region" { + default = "us-central1" + description = "The region of Google Cloud where to launch the cluster" +} + +variable "region_zone" { + default = "us-central1-f" + description = "The zone of Google Cloud in which to launch the cluster" +} + +variable "servers" { + default = "3" + description = "The number of Consul servers to launch" +} + +variable "machine_type" { + default = "f1-micro" + description = "Google Cloud Compute machine type" +} + +variable "tag_name" { + default = "consul" + description = "Name tag for the servers" +} diff --git a/terraform/aws/scripts/debian_upstart.conf b/terraform/shared/scripts/debian_upstart.conf similarity index 96% rename from terraform/aws/scripts/debian_upstart.conf rename to terraform/shared/scripts/debian_upstart.conf index 7c57a0efc2..eb52354a72 100644 --- a/terraform/aws/scripts/debian_upstart.conf +++ b/terraform/shared/scripts/debian_upstart.conf @@ -15,7 +15,7 @@ script # Make sure to use all our CPUs, because Consul can block a scheduler thread export GOMAXPROCS=`nproc` - # Get the public IP + # Get the local IP BIND=`ifconfig eth0 | grep "inet addr" | awk '{ print substr($2,6) }'` exec /usr/local/bin/consul agent \ diff --git a/terraform/aws/scripts/install.sh b/terraform/shared/scripts/install.sh similarity index 94% rename from terraform/aws/scripts/install.sh rename to terraform/shared/scripts/install.sh index 9c392606be..08e2fdffb0 100644 --- a/terraform/aws/scripts/install.sh +++ b/terraform/shared/scripts/install.sh @@ -36,7 +36,7 @@ then echo "Installing Upstart service..." sudo mkdir -p /etc/consul.d sudo mkdir -p /etc/service - sudo chown root:root /tmp/upstart.conf + sudo chown root:root /tmp/upstart.conf sudo mv /tmp/upstart.conf /etc/init/consul.conf sudo chmod 0644 /etc/init/consul.conf sudo mv /tmp/consul_flags /etc/service/consul @@ -44,7 +44,7 @@ then else echo "Installing Systemd service..." sudo mkdir -p /etc/systemd/system/consul.d - sudo chown root:root /tmp/consul.service + sudo chown root:root /tmp/consul.service sudo mv /tmp/consul.service /etc/systemd/system/consul.service sudo chmod 0644 /etc/systemd/system/consul.service sudo mv /tmp/consul_flags /etc/sysconfig/consul diff --git a/terraform/aws/scripts/ip_tables.sh b/terraform/shared/scripts/ip_tables.sh similarity index 85% rename from terraform/aws/scripts/ip_tables.sh rename to terraform/shared/scripts/ip_tables.sh index b304cd1a8c..acf853402e 100644 --- a/terraform/aws/scripts/ip_tables.sh +++ b/terraform/shared/scripts/ip_tables.sh @@ -4,6 +4,7 @@ set -e sudo iptables -I INPUT -s 0/0 -p tcp --dport 8300 -j ACCEPT sudo iptables -I INPUT -s 0/0 -p tcp --dport 8301 -j ACCEPT sudo iptables -I INPUT -s 0/0 -p tcp --dport 8302 -j ACCEPT +sudo iptables -I INPUT -s 0/0 -p tcp --dport 8400 -j ACCEPT if [ -d /etc/sysconfig ]; then sudo iptables-save | sudo tee /etc/sysconfig/iptables diff --git a/terraform/aws/scripts/rhel_consul.service b/terraform/shared/scripts/rhel_consul.service similarity index 100% rename from terraform/aws/scripts/rhel_consul.service rename to terraform/shared/scripts/rhel_consul.service diff --git a/terraform/aws/scripts/rhel_upstart.conf b/terraform/shared/scripts/rhel_upstart.conf similarity index 100% rename from terraform/aws/scripts/rhel_upstart.conf rename to terraform/shared/scripts/rhel_upstart.conf diff --git a/terraform/aws/scripts/service.sh b/terraform/shared/scripts/service.sh similarity index 100% rename from terraform/aws/scripts/service.sh rename to terraform/shared/scripts/service.sh