Moving networking code out into its own module
This commit is contained in:
parent
10ed1f1a98
commit
609f9b3e7b
8
.gitignore
vendored
8
.gitignore
vendored
@ -1,11 +1,11 @@
|
||||
msg
|
||||
*.swp
|
||||
infra/secrets/
|
||||
infra/.terraform
|
||||
infra/.terraform.lock.hcl
|
||||
infra/terraform.tfvars
|
||||
infra/**/.terraform/
|
||||
infra/**/.terraform.lock.hcl
|
||||
infra/**/terraform.tfvars
|
||||
infra/keys/
|
||||
infra/out.plan
|
||||
infra/**/out.plan
|
||||
infra/terraform.tfstate
|
||||
infra/terraform.tfstate.backup
|
||||
playbooks/hosts.ini
|
||||
|
||||
24
infra/networking/Makefile
Normal file
24
infra/networking/Makefile
Normal file
@ -0,0 +1,24 @@
|
||||
plan=out.plan
|
||||
|
||||
SHELL := /bin/bash
|
||||
|
||||
$(plan): *.tf
|
||||
source ../secrets/set-env.sh && terraform plan -input=false -out $(plan)
|
||||
|
||||
push: build
|
||||
source ../secrets/set-env.sh && terraform apply $(plan)
|
||||
|
||||
refresh:
|
||||
source ../secrets/set-env.sh && terraform apply -refresh-only
|
||||
|
||||
test:
|
||||
terraform validate
|
||||
|
||||
|
||||
rip:
|
||||
source ../secrets/set-env.sh && terraform destroy
|
||||
|
||||
clean:
|
||||
rm -f $(plan)
|
||||
|
||||
.PHONY: test build clean push rip
|
||||
24
infra/networking/backend.tf
Normal file
24
infra/networking/backend.tf
Normal file
@ -0,0 +1,24 @@
|
||||
terraform {
|
||||
required_version = ">= 0.13"
|
||||
backend "s3" {
|
||||
bucket = "project-athens"
|
||||
key = "infra/networking/state/build.tfstate"
|
||||
region = "us-west-1"
|
||||
encrypt = true
|
||||
}
|
||||
required_providers {
|
||||
aws = {
|
||||
source = "hashicorp/aws"
|
||||
version = "4.13.0"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
# Base config for using AWS features w/ Terraform
|
||||
provider "aws" {
|
||||
access_key = var.aws_key
|
||||
secret_key = var.aws_secret
|
||||
region = var.aws_region
|
||||
max_retries = 1
|
||||
}
|
||||
|
||||
8
infra/networking/gateway.tf
Normal file
8
infra/networking/gateway.tf
Normal file
@ -0,0 +1,8 @@
|
||||
# Used to provide internet access for instances in the VPC
|
||||
resource "aws_internet_gateway" "athens_internet_gateway" {
|
||||
vpc_id = aws_vpc.athens_vpc.id
|
||||
|
||||
tags = {
|
||||
Name = "Athens Common Internet Gateway in Olypmus"
|
||||
}
|
||||
}
|
||||
23
infra/networking/route-table.tf
Normal file
23
infra/networking/route-table.tf
Normal file
@ -0,0 +1,23 @@
|
||||
# NOTE: local traffic route is implied and does not need to be specified
|
||||
resource "aws_route_table" "crete_route_table" {
|
||||
vpc_id = aws_vpc.athens_vpc.id
|
||||
route {
|
||||
cidr_block = "0.0.0.0/0"
|
||||
gateway_id = aws_internet_gateway.athens_internet_gateway.id
|
||||
}
|
||||
|
||||
tags = {
|
||||
Name = "Crete IGW Route Table"
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
resource "aws_route_table_association" "crete_gateway_association" {
|
||||
subnet_id = aws_subnet.crete.id
|
||||
route_table_id = aws_route_table.crete_route_table.id
|
||||
}
|
||||
|
||||
resource "aws_route_table_association" "delphi_gateway_association" {
|
||||
subnet_id = aws_subnet.delphi.id
|
||||
route_table_id = aws_route_table.crete_route_table.id
|
||||
}
|
||||
23
infra/networking/subnet.tf
Normal file
23
infra/networking/subnet.tf
Normal file
@ -0,0 +1,23 @@
|
||||
# This script represents the subnet structure for Crete(primary subnet)
|
||||
|
||||
resource "aws_subnet" "crete" {
|
||||
vpc_id = aws_vpc.athens_vpc.id
|
||||
# 10.0.1.0/24
|
||||
cidr_block = var.crete_cidr
|
||||
availability_zone = var.athens_availability_zone
|
||||
|
||||
tags = {
|
||||
Name = "Crete Subnet"
|
||||
Description = "Main subnet for EC2 and Alpha-LB"
|
||||
}
|
||||
}
|
||||
|
||||
resource "aws_subnet" "delphi" {
|
||||
vpc_id = aws_vpc.athens_vpc.id
|
||||
cidr_block = "10.0.2.0/24"
|
||||
availability_zone = "us-west-1c"
|
||||
tags = {
|
||||
Name = "Delphi Subnet"
|
||||
Description = "Secondary subnet for the Alpha-LB mostly"
|
||||
}
|
||||
}
|
||||
7
infra/networking/terraform.tfvars
Normal file
7
infra/networking/terraform.tfvars
Normal file
@ -0,0 +1,7 @@
|
||||
# AWS Things
|
||||
aws_region = "us-west-1"
|
||||
|
||||
athens_availability_zone = "us-west-1b"
|
||||
athens_cidr = "10.0.0.0/16"
|
||||
crete_cidr = "10.0.1.0/24"
|
||||
|
||||
35
infra/networking/variables.tf
Normal file
35
infra/networking/variables.tf
Normal file
@ -0,0 +1,35 @@
|
||||
# All variables that are used in various places go here
|
||||
|
||||
######################### General provider specific values
|
||||
|
||||
variable "aws_key" {
|
||||
description = "Access Key for AWS operations"
|
||||
type = string
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
variable "aws_secret" {
|
||||
description = "Secret Key for AWS operations"
|
||||
type = string
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
variable "aws_region" {
|
||||
description = "Region where the VPC is located"
|
||||
type = string
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
variable "crete_cidr" {
|
||||
description = "CIDR block for the servers themselves"
|
||||
type = string
|
||||
}
|
||||
variable "athens_availability_zone" {
|
||||
description = "Availability zone for Project Bucket"
|
||||
type = string
|
||||
}
|
||||
|
||||
variable "athens_cidr" {
|
||||
description = "VPC Subnet CIDR block"
|
||||
type = string
|
||||
}
|
||||
11
infra/networking/vpc.tf
Normal file
11
infra/networking/vpc.tf
Normal file
@ -0,0 +1,11 @@
|
||||
|
||||
resource "aws_vpc" "athens_vpc" {
|
||||
cidr_block = var.athens_cidr
|
||||
enable_dns_support = true
|
||||
enable_dns_hostnames = true
|
||||
|
||||
tags = {
|
||||
Name = "Project Athens VPC"
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user