terraform modules (for TF 0.3)

terraform/README.md

@@ -0,0 +1,5 @@
+# Terraform Modules
+
+This folder contains modules for Terraform that can setup Consul for
+various systems. The infrastructure provider that is used is designated
+by the folder above. See the `variables.tf` file in each for more documentation.

terraform/aws/consul.tf

@@ -0,0 +1,65 @@
+resource "aws_instance" "server" {
+    ami = "${lookup(var.ami, var.region)}"
+    instance_type = "m1.small"
+    key_name = "${var.key_name}"
+    count = "${var.servers}"
+    security_groups = ["${aws_security_group.consul.name}"]
+
+    connection {
+        user = "ubuntu"
+        key_file = "${var.key_path}"
+    }
+
+    provisioner "file" {
+        source = "${path.module}/scripts/upstart.conf"
+        destination = "/tmp/upstart.conf"
+    }
+
+    provisioner "file" {
+        source = "${path.module}/scripts/upstart-join.conf"
+        destination = "/tmp/upstart-join.conf"
+    }
+
+    provisioner "remote-exec" {
+        inline = [
+            "echo ${var.servers} > /tmp/consul-server-count",
+            "echo ${aws_instance.server.0.private_dns} > /tmp/consul-server-addr",
+        ]
+    }
+
+    provisioner "remote-exec" {
+        scripts = [
+            "${path.module}/scripts/install.sh",
+            "${path.module}/scripts/server.sh",
+            "${path.module}/scripts/service.sh",
+        ]
+    }
+}
+
+resource "aws_security_group" "consul" {
+    name = "consul"
+    description = "Consul internal traffic + maintenance."
+
+    // These are for internal traffic
+    ingress {
+        from_port = 0
+        to_port = 65535
+        protocol = "tcp"
+        self = true
+    }
+
+    ingress {
+        from_port = 0
+        to_port = 65535
+        protocol = "udp"
+        self = true
+    }
+
+    // These are for maintenance
+    ingress {
+        from_port = 22
+        to_port = 22
+        protocol = "tcp"
+        cidr_blocks = ["0.0.0.0/0"]
+    }
+}

terraform/aws/outputs.tf

@@ -0,0 +1,3 @@
+output "server_address" {
+    value = "${aws_instance.server.0.public_dns}"
+}

terraform/aws/scripts/install.sh

@@ -0,0 +1,32 @@
+#!/bin/bash
+set -e
+
+# Read the address to join from the file we provisioned
+JOIN_ADDRS=$(cat /tmp/consul-server-addr | tr -d '\n')
+
+echo "Installing dependencies..."
+sudo apt-get update -y
+sudo apt-get install -y unzip
+
+echo "Fetching Consul..."
+cd /tmp
+wget https://dl.bintray.com/mitchellh/consul/0.4.0_linux_amd64.zip -O consul.zip
+
+echo "Installing Consul..."
+unzip consul.zip >/dev/null
+sudo chmod +x consul
+sudo mv consul /usr/local/bin/consul
+sudo mkdir -p /etc/consul.d
+sudo mkdir -p /mnt/consul
+sudo mkdir -p /etc/service
+
+# Setup the join address
+cat >/tmp/consul-join << EOF
+export CONSUL_JOIN="${JOIN_ADDRS}"
+EOF
+sudo mv /tmp/consul-join /etc/service/consul-join
+chmod 0644 /etc/service/consul-join
+
+echo "Installing Upstart service..."
+sudo mv /tmp/upstart.conf /etc/init/consul.conf
+sudo mv /tmp/upstart-join.conf /etc/init/consul-join.conf

terraform/aws/scripts/server.sh

@@ -0,0 +1,14 @@
+#!/bin/bash
+set -e
+
+# Read from the file we created
+SERVER_COUNT=$(cat /tmp/consul-server-count | tr -d '\n')
+
+# Write the flags to a temporary file
+cat >/tmp/consul_flags << EOF
+export CONSUL_FLAGS="-server -bootstrap-expect=${SERVER_COUNT} -data-dir=/mnt/consul"
+EOF
+
+# Write it to the full sevice file
+sudo mv /tmp/consul_flags /etc/service/consul
+chmod 0644 /etc/service/consul

terraform/aws/scripts/service.sh

@@ -0,0 +1,5 @@
+#!/bin/bash
+set -e
+
+echo "Starting Consul..."
+sudo start consul

terraform/aws/scripts/upstart-join.conf

@@ -0,0 +1,25 @@
+description "Join the consul cluster"
+
+start on started consul
+stop on stopped consul
+
+task
+
+script
+  if [ -f "/etc/service/consul-join" ]; then
+    . /etc/service/consul-join
+  fi
+
+  # Keep trying to join until it succeeds
+  set +e
+  while :; do
+    logger -t "consul-join" "Attempting join: ${CONSUL_JOIN}"
+    /usr/local/bin/consul join \
+      ${CONSUL_JOIN} \
+      >>/var/log/consul-join.log 2>&1
+    [ $? -eq 0 ] && break
+    sleep 5
+  done
+
+  logger -t "consul-join" "Join success!"
+end script

terraform/aws/scripts/upstart.conf

@@ -0,0 +1,24 @@
+description "Consul agent"
+
+start on runlevel [2345]
+stop on runlevel [!2345]
+
+respawn
+
+script
+  if [ -f "/etc/service/consul" ]; then
+    . /etc/service/consul
+  fi
+
+  # Make sure to use all our CPUs, because Consul can block a scheduler thread
+  export GOMAXPROCS=`nproc`
+
+  # Get the public IP
+  BIND=`ifconfig eth0 | grep "inet addr" | awk '{ print substr($2,6) }'`
+
+  exec /usr/local/bin/consul agent \
+    -config-dir="/etc/consul.d" \
+    -bind=$BIND \
+    ${CONSUL_FLAGS} \
+    >>/var/log/consul.log 2>&1
+end script

terraform/aws/variables.tf

@@ -0,0 +1,24 @@
+variable "ami" {
+    default = {
+        us-east-1 = "ami-3acc7a52"
+        us-west-2 = "ami-37501207"
+    }
+}
+
+variable "key_name" {
+    description = "SSH key name in your AWS account for AWS instances."
+}
+
+variable "key_path" {
+    description = "Path to the private key specified by key_name."
+}
+
+variable "region" {
+    default = "us-east-1"
+    description = "The region of AWS, for AMI lookups."
+}
+
+variable "servers" {
+    default = "3"
+    description = "The number of Consul servers to launch."
+}