status-im
/
infra-swarm
mirror of https://github.com/status-im/infra-swarm.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

replace multi-provider with one from github 

Signed-off-by: Jakub Sokołowski <jakub@status.im>
This commit is contained in:
Jakub Sokołowski 2018-11-07 13:27:13 +01:00
parent 73ab0af813
commit f298cc65f3
No known key found for this signature in database
GPG Key ID: 4EF064D0E6D63020
14 changed files with 1 additions and 803 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
main.tf
View File

@ -43,7 +43,7 @@ locals {
/* RESOURCES --------------------------------------*/
module "swarm" {
source = "modules/multi-provider"
source = "github.com/status-im/infra-tf-multi-provider"
/* node type */
name = "node"
group = "swarm"
@ -54,7 +54,6 @@ module "swarm" {
/* general */
env = "${var.env}"
domain = "${var.domain}"
eth_network = "${var.eth_network}"
/* firewall */
open_ports = [
"443-443", /* https */

151
modules/alibaba-cloud/main.tf
View File

@ -1,151 +0,0 @@
/* DERIVED --------------------------------------*/
locals {
stage = "${terraform.workspace}"
tokens = "${split(".", local.stage)}"
dc = "${var.provider}-${var.zone}"
/* always add SSH, Tinc, Netdata, and Consul to allowed ports */
open_ports = [
"22/22", "655/655", "8000/8000", "8301/8301",
"${var.open_ports}",
]
}
/* RESOURCES ------------------------------------*/
/* default vpc to avoid creating by hand */
data "alicloud_vpcs" "host" {
is_default = true
}
/* default vswitch to avoid creating by hand */
data "alicloud_vswitches" "host" {
is_default = true
}
resource "alicloud_security_group" "host" {
name = "sg-${var.env}-${local.stage}"
description = "Sec Group via Terraform"
vpc_id = "${data.alicloud_vpcs.host.vpcs.0.id}"
}
resource "alicloud_security_group_rule" "icmp" {
security_group_id = "${alicloud_security_group.host.id}"
type = "ingress"
ip_protocol = "icmp"
cidr_ip = "0.0.0.0/0"
}
/* WARNING: Using 'all' protocol fucks with port_range option */
resource "alicloud_security_group_rule" "tcp" {
security_group_id = "${alicloud_security_group.host.id}"
type = "ingress"
ip_protocol = "tcp"
cidr_ip = "0.0.0.0/0"
port_range = "${replace(element(local.open_ports, count.index), "-", "/")}"
count = "${length(local.open_ports)}"
}
resource "alicloud_security_group_rule" "udp" {
security_group_id = "${alicloud_security_group.host.id}"
type = "ingress"
ip_protocol = "udp"
cidr_ip = "0.0.0.0/0"
port_range = "${replace(element(local.open_ports, count.index), "-", "/")}"
count = "${length(local.open_ports)}"
}
data "alicloud_images" "host" {
owners = "self"
name_regex = "${var.image}"
}
resource "alicloud_instance" "host" {
host_name = "${var.name}-${format("%02d", count.index+1)}.${local.dc}.${var.env}.${local.stage}"
instance_name = "${var.name}-${format("%02d", count.index+1)}.${local.dc}.${var.env}.${local.stage}"
security_groups = ["${alicloud_security_group.host.id}"]
image_id = "${data.alicloud_images.host.images.0.id}"
vswitch_id = "${data.alicloud_vswitches.host.vswitches.0.id}"
tags = {
stage = "${local.stage}"
group = "${var.group}"
env = "${var.env}"
}
key_name = "${var.key_pair}"
availability_zone = "${var.zone}"
instance_type = "${var.type}"
system_disk_category = "${var.disk}"
count = "${var.count}"
/* costs */
instance_charge_type = "${var.charge}"
period_unit = "${var.period}"
/* NOTE: We provision inside Elastic IP association */
}
resource "alicloud_eip" "host" {
count = "${var.count}"
lifecycle = { prevent_destroy = true }
}
/**
* WARNING: This is broken when instance has a public_ip
* https://www.alibabacloud.com/help/doc-detail/72125.htm
* "The ECS instance does not have a public IP, nor is it bound to any EIP."
* https://www.terraform.io/docs/providers/alicloud/r/eip_association.html
**/
resource "alicloud_eip_association" "host" {
allocation_id = "${element(alicloud_eip.host.*.id, count.index)}"
instance_id = "${element(alicloud_instance.host.*.id, count.index)}"
count = "${var.count}"
/**
* It is necessary to provision here instead of in alicloud_instance
* because Alibaba Cloud instances do not have public IPs by default
**/
provisioner "ansible" {
connection {
host = "${element(alicloud_eip.host.*.ip_address, count.index)}"
user = "${var.ssh_user}"
}
local = "yes"
plays {
playbook = "./ansible/bootstrap.yml"
groups = ["${var.group}"]
extra_vars = {
hostname = "${element(alicloud_instance.host.*.host_name, count.index)}"
ansible_ssh_user = "${var.ssh_user}"
data_center = "${local.dc}"
stage = "${local.stage}"
env = "${var.env}"
}
}
}
}
resource "cloudflare_record" "host" {
domain = "${var.domain}"
count = "${var.count}"
name = "${element(alicloud_instance.host.*.host_name, count.index)}"
value = "${element(alicloud_eip.host.*.ip_address, count.index)}"
type = "A"
ttl = 3600
}
resource "ansible_host" "host" {
inventory_hostname = "${element(alicloud_instance.host.*.host_name, count.index)}"
groups = ["${var.group}", "${local.dc}"]
count = "${var.count}"
vars {
ansible_host = "${element(alicloud_eip.host.*.ip_address, count.index)}"
hostname = "${element(alicloud_instance.host.*.host_name, count.index)}"
region = "${element(alicloud_instance.host.*.availability_zone, count.index)}"
dns_entry = "${element(alicloud_instance.host.*.host_name, count.index)}.${var.domain}"
dns_domain = "${var.domain}"
data_center = "${local.dc}"
stage = "${local.stage}"
env = "${var.env}"
}
}

16
modules/alibaba-cloud/outputs.tf
View File

@ -1,16 +0,0 @@
locals {
hostnames = "${alicloud_instance.host.*.host_name}"
public_ips = "${alicloud_eip.host.*.ip_address}"
}
output "hostnames" {
value = ["${local.hostnames}"]
}
output "public_ips" {
value = ["${local.public_ips}"]
}
output "hosts" {
value = "${zipmap(local.hostnames, local.public_ips)}"
}

90
modules/alibaba-cloud/variables.tf
View File

@ -1,90 +0,0 @@
/* SCALING --------------------------------------*/
variable count {
description = "Number of instances to start in this region."
}
variable image {
/**
* This image is created with Packer because Alicloud does not provide one
* See: https://github.com/status-im/infra-utils/tree/master/alicloud/ubuntu_1804
*/
description = "OS image used to create instance."
default = "ubuntu_18_04_64_custom_20180719"
}
variable type {
description = "Type of instance to create."
default = "ecs.t5-lc2m1.nano"
}
variable zone {
description = "Availability Zone in which the instance will be created."
default = "cn-hongkong-c"
}
variable disk {
description = "Disk I/O optimization type."
default = "cloud_ssd"
}
variable max_band_out {
description = "Maximum outgoing bandwidth to the public network, measured in Mbps."
default = 30
}
/* FIREWALL -------------------------------------*/
variable open_ports {
description = "Ports to enable access to through security group."
type = "list"
default = []
}
/* GENERAL --------------------------------------*/
variable provider {
description = "Short name of provider being used."
/* Digital Ocean */
default = "ac"
}
variable name {
description = "Prefix of hostname before index."
default = "node"
}
variable charge {
description = "Way in which the instance is paid for."
/* The other value is PrePaid */
default = "PostPaid"
}
variable period {
description = "Time period in which we pay for instances."
/* The other value is Week */
default = "Month"
}
variable group {
description = "Name of Ansible group to add hosts to."
}
variable env {
description = "Environment for these hosts, affects DNS entries."
}
variable domain {
description = "DNS Domain to update"
}
variable ssh_user {
description = "SSH user used to log in after creation."
default = "root"
}
variable key_pair {
description = "SSH key pair used to log in to instance"
/* WARNING I really shouldn't use my own key here */
default = "jakub_status.im"
}

77
modules/digital-ocean/main.tf
View File

@ -1,77 +0,0 @@
/* DERIVED --------------------------------------*/
locals {
stage = "${terraform.workspace}"
dc = "${var.provider}-${var.region}"
}
/* RESOURCES ------------------------------------*/
# create a tag for every segment of workspace separate by dot
locals = {
tags = ["${local.stage}", "${var.group}", "${var.env}"]
tags_sorted = "${sort(distinct(local.tags))}"
tags_count = "${length(local.tags_sorted)}"
}
resource "digitalocean_tag" "host" {
name = "${element(local.tags_sorted, count.index)}"
count = "${local.tags_count}"
}
resource "digitalocean_droplet" "host" {
image = "${var.image}"
name = "${var.name}-${format("%02d", count.index+1)}.${local.dc}.${var.env}.${local.stage}"
region = "${var.region}"
size = "${var.size}"
count = "${var.count}"
ssh_keys = "${var.ssh_keys}"
tags = ["${digitalocean_tag.host.*.id}"]
provisioner "ansible" {
plays {
playbook = "${path.cwd}/ansible/bootstrap.yml"
groups = ["${var.group}"]
extra_vars = {
hostname = "${var.name}-${format("%02d", count.index+1)}.${local.dc}.${var.env}.${local.stage}"
ansible_ssh_user = "${var.ssh_user}"
data_center = "${local.dc}"
stage = "${local.stage}"
env = "${var.env}"
}
}
local = "yes"
}
}
resource "digitalocean_floating_ip" "host" {
droplet_id = "${element(digitalocean_droplet.host.*.id, count.index)}"
region = "${element(digitalocean_droplet.host.*.region, count.index)}"
count = "${var.count}"
/*lifecycle = { prevent_destroy = true }*/
}
resource "cloudflare_record" "host" {
domain = "${var.domain}"
count = "${var.count}"
name = "${element(digitalocean_droplet.host.*.name, count.index)}"
value = "${element(digitalocean_floating_ip.host.*.ip_address, count.index)}"
type = "A"
ttl = 3600
}
resource "ansible_host" "host" {
inventory_hostname = "${element(digitalocean_droplet.host.*.name, count.index)}"
groups = ["${var.group}", "${local.dc}"]
count = "${var.count}"
vars {
ansible_user = "admin"
ansible_host = "${element(digitalocean_floating_ip.host.*.ip_address, count.index)}"
hostname = "${element(digitalocean_droplet.host.*.name, count.index)}"
region = "${element(digitalocean_droplet.host.*.region, count.index)}"
dns_entry = "${element(digitalocean_droplet.host.*.name, count.index)}.${var.domain}"
nodes_per_host = "${var.nodes_per_host}"
eth_network = "${var.eth_network}"
data_center = "${local.dc}"
stage = "${local.stage}"
env = "${var.env}"
}
}

16
modules/digital-ocean/outputs.tf
View File

@ -1,16 +0,0 @@
locals {
hostnames = "${digitalocean_droplet.host.*.name}"
public_ips = "${digitalocean_floating_ip.host.*.ip_address}"
}
output "hostnames" {
value = ["${local.hostnames}"]
}
output "public_ips" {
value = ["${local.public_ips}"]
}
output "hosts" {
value = "${zipmap(local.hostnames, local.public_ips)}"
}

67
modules/digital-ocean/variables.tf
View File

@ -1,67 +0,0 @@
/* SCALING ---------------------------------------*/
variable count {
description = "Number of hosts to run."
}
variable nodes_per_host {
description = "Number of statsd containers to run per host."
}
variable size {
description = "Size of the hosts to deploy."
# cmd: doctl compute size list
default = "s-1vcpu-2gb"
}
variable region {
description = "Region in which to deploy hosts."
# cmd: doctl compute region list
default = "ams3"
}
variable image {
description = "OS image to use when deploying hosts."
# cmd: doctl compute image list --public
default = "ubuntu-18-04-x64"
}
variable provider {
description = "Short name of the provider used."
# DigitalOcean
default = "do"
}
/* GENERAL ---------------------------------------*/
variable name {
description = "Name for hosts. To be used in the DNS entry."
}
variable group {
description = "Ansible group to assign hosts to."
}
variable env {
description = "Environment for these hosts, affects DNS entries."
}
variable domain {
description = "DNS Domain to update"
}
variable eth_network {
description = "Ethereum network to connect to."
}
variable ssh_user {
description = "User used to log in to instance"
default = "root"
}
variable ssh_keys {
description = "Names of ssh public keys to add to created hosts"
type = "list"
# cmd: doctl compute ssh-key list
default = ["16822693", "18813432", "18813461", "19525749", "20671731", "20686611"]
}

120
modules/google-cloud/main.tf
View File

@ -1,120 +0,0 @@
/* DERIVED --------------------------------------*/
locals {
stage = "${terraform.workspace}"
dc = "${var.provider}-${var.zone}"
/* always add SSH, Tinc, Netdata, and Consul to allowed ports */
open_ports = [
"22", "655", "8000", "8301",
"${var.open_ports}"
]
}
/* RESOURCES ------------------------------------*/
locals = {
tags = [
"${var.name}", "${local.stage}", "${var.env}",
/* for precise targeting with firewall rules */
"${var.name}-${var.env}-${local.stage}",
]
tags_sorted = "${sort(distinct(local.tags))}"
}
resource "google_compute_address" "host" {
name = "${var.name}-${format("%02d", count.index+1)}-${local.dc}-${var.env}-${local.stage}"
count = "${var.count}"
/*lifecycle = { prevent_destroy = true }*/
}
resource "google_compute_firewall" "host" {
name = "allow-${var.name}-${var.zone}-${var.env}-${local.stage}"
network = "default"
target_tags = ["${var.name}-${var.env}-${local.stage}"]
allow {
protocol = "tcp"
ports = ["${local.open_ports}"]
}
allow {
protocol = "udp"
ports = ["${local.open_ports}"]
}
}
resource "google_compute_instance" "host" {
name = "${var.name}-${format("%02d", count.index+1)}-${local.dc}-${var.env}-${local.stage}"
zone = "${var.zone}"
count = "${var.count}"
machine_type = "${var.machine_type}"
/* enable changing machine_type */
allow_stopping_for_update = true
tags = ["${local.tags_sorted}"]
boot_disk {
initialize_params {
image = "${var.image}"
size = "${var.disk_size}"
}
}
network_interface {
network = "default"
access_config {
nat_ip = "${element(google_compute_address.host.*.address, count.index)}"
}
}
metadata {
node = "${var.name}"
env = "${var.env}"
group = "${var.group}"
/* This is a hack because we can't use dots in actual instance name */
hostname = "${var.name}-${format("%02d", count.index+1)}.${local.dc}.${var.env}.${local.stage}"
/* Enable SSH access */
sshKeys = "${var.ssh_user}:${file(var.ssh_key)}"
}
/* bootstrap access to host and basic resources */
provisioner "ansible" {
plays {
playbook = "${path.cwd}/ansible/bootstrap.yml"
groups = ["${var.group}"]
extra_vars = {
hostname = "${var.name}-${format("%02d", count.index+1)}.${local.dc}.${var.env}.${local.stage}"
ansible_ssh_user = "${var.ssh_user}"
data_center = "${local.dc}"
stage = "${local.stage}"
env = "${var.env}"
}
}
local = "yes"
}
}
resource "cloudflare_record" "host" {
domain = "${var.domain}"
count = "${var.count}"
name = "${element(google_compute_instance.host.*.metadata.hostname, count.index)}"
value = "${element(google_compute_instance.host.*.network_interface.0.access_config.0.assigned_nat_ip , count.index)}"
type = "A"
ttl = 3600
}
resource "ansible_host" "host" {
inventory_hostname = "${element(google_compute_instance.host.*.metadata.hostname, count.index)}"
groups = ["${var.group}", "${local.dc}"]
count = "${var.count}"
vars {
ansible_user = "admin"
ansible_host = "${element(google_compute_instance.host.*.network_interface.0.access_config.0.assigned_nat_ip , count.index)}"
hostname = "${element(google_compute_instance.host.*.metadata.hostname, count.index)}"
region = "${element(google_compute_instance.host.*.zone, count.index)}"
dns_entry = "${element(google_compute_instance.host.*.metadata.hostname, count.index)}.${var.domain}"
nodes_per_host = "${var.nodes_per_host}"
eth_network = "${var.eth_network}"
data_center = "${local.dc}"
stage = "${local.stage}"
env = "${var.env}"
}
}

16
modules/google-cloud/outputs.tf
View File

@ -1,16 +0,0 @@
locals {
hostnames = "${google_compute_instance.host.*.metadata.hostname}"
public_ips = "${google_compute_instance.host.*.network_interface.0.access_config.0.assigned_nat_ip }"
}
output "hostnames" {
value = ["${local.hostnames}"]
}
output "public_ips" {
value = ["${local.public_ips}"]
}
output "hosts" {
value = "${zipmap(local.hostnames, local.public_ips)}"
}

82
modules/google-cloud/variables.tf
View File

@ -1,82 +0,0 @@
/* SCALING ---------------------------------------*/
variable count {
description = "Number of hosts to run."
}
variable nodes_per_host {
description = "Number of statsd containers to run per host."
}
variable machine_type {
description = "Type of machine to deploy."
/* https://cloud.google.com/compute/docs/machine-types */
default = "n1-standard-1"
}
variable zone {
description = "Specific zone in which to deploy hosts."
/* https://cloud.google.com/compute/docs/regions-zones/ */
default = "us-central1-a"
}
variable image {
description = "OS image to use when deploying hosts."
/* https://cloud.google.com/compute/docs/images */
default = "ubuntu-os-cloud/ubuntu-1804-lts"
}
variable disk_size {
description = "Size in GB of the root filesystem."
default = 50
}
variable provider {
description = "Short name of the provider used."
/* Google Cloud */
default = "gc"
}
/* CONFIG ----------------------------------------*/
variable name {
description = "Name for hosts. To be used in the DNS entry."
}
variable env {
description = "Environment for these hosts, affects DNS entries."
}
variable group {
description = "Ansible group to assign hosts to."
}
variable domain {
description = "DNS Domain to update"
}
variable eth_network {
description = "Ethereum network to connect to."
default = 1
}
/* MODULE ----------------------------------------*/
variable ssh_user {
description = "User used to log in to instance"
default = "root"
}
variable ssh_key {
description = "Names of ssh public keys to add to created hosts"
/* TODO this needs to be dynamic */
default = "~/.ssh/status.im/id_rsa.pub"
}
/* FIREWALL -------------------------------------------*/
variable open_ports {
description = "Port ranges to enable access from outside. Format: 'N-N'"
type = "list"
default = []
}

91
modules/multi-provider/main.tf
View File

@ -1,91 +0,0 @@
/**
* Unfortunately Terraform does not support using the count parameter
* with custom modules, for more details see:
* https://github.com/hashicorp/terraform/issues/953
*
* Because of this to add a region/zone you have to copy a provider
* module and give it a different region/size argument.
*/
/* Digital Ocean */
module "do-ams3" {
source = "../digital-ocean"
/* specific */
name = "${var.name}"
count = "${var.count}"
env = "${var.env}"
group = "${var.group}"
eth_network = "${var.eth_network}"
/* scaling */
size = "${var.do_size}"
nodes_per_host = "${var.nodes_per_host}"
region = "ams3"
/* general */
domain = "${var.domain}"
}
resource "cloudflare_record" "do-ams3" {
domain = "${var.domain}"
name = "nodes.do-ams3.${var.env}.${terraform.workspace}"
value = "${element(module.do-ams3.public_ips, count.index)}"
count = "${var.count}"
type = "A"
ttl = 3600
}
/* Google Cloud */
module "gc-us-central1-a" {
source = "../google-cloud"
/* specific */
name = "${var.name}"
count = "${var.count}"
env = "${var.env}"
group = "${var.group}"
eth_network = "${var.eth_network}"
/* scaling */
machine_type = "${var.gc_size}"
nodes_per_host = "${var.nodes_per_host}"
zone = "us-central1-a"
/* general */
domain = "${var.domain}"
/* firewall */
open_ports = "${var.open_ports}"
}
resource "cloudflare_record" "gc-us-central1-a" {
domain = "${var.domain}"
name = "nodes.gc-us-central1-a.${var.env}.${terraform.workspace}"
value = "${element(module.gc-us-central1-a.public_ips, count.index)}"
count = "${var.count}"
type = "A"
ttl = 3600
}
/* Alibaba Cloud */
module "ac-cn-hongkong-c" {
source = "../alibaba-cloud"
/* specific */
name = "${var.name}"
count = "${var.count}"
env = "${var.env}"
group = "${var.group}"
/* scaling */
type = "${var.ac_size}"
zone = "cn-hongkong-c"
/* general */
domain = "${var.domain}"
/* firewall */
open_ports = "${var.open_ports}"
}
resource "cloudflare_record" "ac-cn-hongkong-c" {
domain = "${var.domain}"
name = "nodes.ac-cn-hongkong-c.${var.env}.${terraform.workspace}"
value = "${element(module.ac-cn-hongkong-c.public_ips, count.index)}"
count = "${var.count}"
type = "A"
ttl = 3600
}

15
modules/multi-provider/outputs.tf
View File

@ -1,15 +0,0 @@
output "public_ips" {
value = [
"${module.do-ams3.public_ips}",
"${module.gc-us-central1-a.public_ips}",
"${module.ac-cn-hongkong-c.public_ips}",
]
}
output "hosts" {
value = {
"do-ams3" = "${module.do-ams3.hosts}"
"gc-us-central1-a" = "${module.gc-us-central1-a.hosts}"
"ac-cn-hongkong-c" = "${module.ac-cn-hongkong-c.hosts}"
}
}

54
modules/multi-provider/variables.tf
View File

@ -1,54 +0,0 @@
variable count {
description = "Number of hosts to run."
}
variable name {
description = "Environment for these hosts, affects DNS entries."
}
variable env {
description = "Environment for these hosts, affects DNS entries."
}
variable group {
description = "Ansible group to assign hosts to."
}
variable domain {
description = "DNS Domain to update"
}
variable eth_network {
description = "Ethereum network to connect to."
default = 1
}
variable nodes_per_host {
description = "Number of statsd containers to run per host."
default = 0
}
/* Scaling -------------------------------------------*/
variable do_size {
description = "Size of host to provision in Digital Ocean."
default = "s-1vcpu-1gb"
}
variable gc_size {
description = "Size of host to provision in Google Cloud."
default = "n1-standard-1"
}
variable ac_size {
description = "Size of host to provision in Google Cloud."
default = "ecs.t5-lc1m1.small"
}
/* Firewall -------------------------------------------*/
variable open_ports {
description = "Port ranges to enable access from outside. Format: 'N-N'"
type = "list"
default = []
}

6
variables.tf
View File

@ -1,11 +1,5 @@
/* CONFIG ----------------------------------------*/
variable eth_network {
description = "Ethereum network to connect to."
# Default to Mainnet: see geth/params/cluster.go in status-go
default = 1
}
variable ssh_keys {
description = "Names of ssh public keys to add to created hosts"
type = "list"