Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #################################################
- # EKS
- #################################################
- module "eks" {
- source = "StayWell/eks/aws"
- version = "0.1.2"
- env = "${var.env}"
- tags = "${local.tags}"
- vpc_id = "${data.aws_vpc.core.id}"
- private_subnet_ids = ["${data.aws_subnet_ids.private.ids}"]
- public_subnet_ids = ["${data.aws_subnet_ids.public.ids}"]
- kubernetes_version = "${var.kubernetes_version}"
- linux_disk_size = "${var.linux_disk_size}"
- linux_node_count = "${var.linux_node_count}"
- linux_target_group_arns = ["${module.target.target_group_arn}", "${aws_lb_target_group.jnlp.arn}"]
- linux_ami_name = "amazon-eks-node-1.11-v20190109"
- }
- output "worker_config_map" {
- value = "${module.eks.worker_config_map}"
- }
- output "kubeconfig" {
- value = "${module.eks.kubeconfig}"
- }
- #################################################
- # Jenkins
- #################################################
- module "jenkins" {
- source = "StayWell/jenkins/kubernetes"
- version = "0.2.0"
- identifier = "${var.host}"
- jenkins_volume_id = "${module.ebs.volume_id}"
- volume_availability_zone = "${data.aws_availability_zones.this.names[1]}"
- jenkins_volume_size = "${var.jenkins_volume_size}"
- web_node_port = "${var.web_node_port}"
- jnlp_node_port = "${var.jnlp_node_port}"
- jenkins_version = "${var.jenkins_version}"
- }
- #################################################
- # Jenkins Data
- #################################################
- data "aws_availability_zones" "this" {}
- module "ebs" {
- source = "StayWell/resilient-ebs/aws"
- version = "0.1.0"
- env = "${var.env}"
- availability_zone = "${data.aws_availability_zones.this.names[1]}"
- size = "${var.jenkins_volume_size}"
- tags = "${local.tags}"
- }
- #################################################
- # Load Balancer
- #################################################
- data "aws_acm_certificate" "this" {
- domain = "*.${var.domain}"
- statuses = ["ISSUED"]
- most_recent = true
- }
- module "alb" {
- source = "StayWell/alb/aws"
- version = "0.1.0"
- env = "${var.env}"
- tags = "${local.tags}"
- vpc_id = "${data.aws_vpc.core.id}"
- subnet_ids = ["${data.aws_subnet_ids.public.ids}"]
- certificate_arn = "${data.aws_acm_certificate.this.arn}"
- }
- #################################################
- # Web Target
- #################################################
- data "aws_route53_zone" "this" {
- name = "${var.domain}."
- }
- module "target" {
- source = "StayWell/alb-target/aws"
- version = "0.1.1"
- env = "${var.env}"
- tags = "${local.tags}"
- vpc_id = "${data.aws_vpc.core.id}"
- listener_arn = "${module.alb.listener_arn}"
- lb_dns_name = "${module.alb.lb_dns_name}"
- lb_zone_id = "${module.alb.lb_zone_id}"
- host = "${var.host}"
- domain = "${var.domain}"
- route53_zone_id = "${data.aws_route53_zone.this.zone_id}"
- port = "${var.web_node_port}"
- health_check_path = "${var.web_health_check_path}"
- }
- resource "aws_security_group_rule" "worker_ingress_alb_web" {
- description = "ALB"
- type = "ingress"
- from_port = "${var.web_node_port}"
- to_port = "${var.web_node_port}"
- protocol = "tcp"
- security_group_id = "${module.eks.worker_sg_id}"
- source_security_group_id = "${module.alb.sg_id}"
- }
- resource "aws_security_group_rule" "alb_egress_worker_web" {
- description = "EKS workers"
- type = "egress"
- from_port = "${var.web_node_port}"
- to_port = "${var.web_node_port}"
- protocol = "tcp"
- security_group_id = "${module.alb.sg_id}"
- source_security_group_id = "${module.eks.worker_sg_id}"
- }
- #################################################
- # JNLP Target
- #################################################
- resource "aws_lb_listener" "jnlp" {
- load_balancer_arn = "${module.alb.lb_arn}"
- port = "${var.jnlp_port}"
- protocol = "HTTP"
- default_action {
- type = "forward"
- target_group_arn = "${aws_lb_target_group.jnlp.arn}"
- }
- }
- resource "aws_security_group_rule" "jnlp" {
- description = "internet"
- type = "ingress"
- from_port = "${var.jnlp_port}"
- to_port = "${var.jnlp_port}"
- protocol = "tcp"
- security_group_id = "${module.alb.sg_id}"
- cidr_blocks = ["0.0.0.0/0"]
- }
- resource "aws_lb_target_group" "jnlp" {
- port = "${var.jnlp_node_port}"
- protocol = "HTTP"
- vpc_id = "${data.aws_vpc.core.id}"
- target_type = "instance"
- tags = "${merge(map("Name", "${var.env}-jnlp"), local.tags)}"
- health_check {
- path = "/"
- }
- }
- resource "aws_security_group_rule" "worker_ingress_alb_jnlp" {
- description = "ALB"
- type = "ingress"
- from_port = "${var.jnlp_port}"
- to_port = "${var.jnlp_port}"
- protocol = "tcp"
- security_group_id = "${module.eks.worker_sg_id}"
- source_security_group_id = "${module.alb.sg_id}"
- }
- resource "aws_security_group_rule" "alb_egress_worker_jnlp" {
- description = "EKS workers"
- type = "egress"
- from_port = "${var.jnlp_port}"
- to_port = "${var.jnlp_port}"
- protocol = "tcp"
- security_group_id = "${module.alb.sg_id}"
- source_security_group_id = "${module.eks.worker_sg_id}"
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement