aboutsummaryrefslogtreecommitdiffstats
path: root/fdio.infra.terraform/terraform-aws-fdio-csit-dash-env
diff options
context:
space:
mode:
authorPeter Mikus <pmikus@cisco.com>2022-03-31 15:59:10 +0200
committerPeter Mikus <pmikus@cisco.com>2022-04-01 10:54:23 +0000
commitca81b6ccfdcee62846217f824c1e4a1610b8a950 (patch)
treef0f836509b346cd59e9d10b5d67abe71cddb3264 /fdio.infra.terraform/terraform-aws-fdio-csit-dash-env
parente972e67afac3ab3eb785668d01d3bdf1833eade9 (diff)
refactor(terraform): Directory structure
Signed-off-by: Peter Mikus <pmikus@cisco.com> Change-Id: I2f3cdf0241aaf7c4a8ba4e00b701df10c9165cf8
Diffstat (limited to 'fdio.infra.terraform/terraform-aws-fdio-csit-dash-env')
-rw-r--r--fdio.infra.terraform/terraform-aws-fdio-csit-dash-env/main.tf106
-rw-r--r--fdio.infra.terraform/terraform-aws-fdio-csit-dash-env/output.tf4
-rw-r--r--fdio.infra.terraform/terraform-aws-fdio-csit-dash-env/providers.tf11
-rw-r--r--fdio.infra.terraform/terraform-aws-fdio-csit-dash-env/variables.tf28
-rw-r--r--fdio.infra.terraform/terraform-aws-fdio-csit-dash-env/versions.tf17
5 files changed, 166 insertions, 0 deletions
diff --git a/fdio.infra.terraform/terraform-aws-fdio-csit-dash-env/main.tf b/fdio.infra.terraform/terraform-aws-fdio-csit-dash-env/main.tf
new file mode 100644
index 0000000000..7add0851c8
--- /dev/null
+++ b/fdio.infra.terraform/terraform-aws-fdio-csit-dash-env/main.tf
@@ -0,0 +1,106 @@
+data "vault_generic_secret" "fdio_docs" {
+ path = "kv/secret/data/etl/fdio_docs"
+}
+
+data "vault_aws_access_credentials" "creds" {
+ backend = "${var.vault_name}-path"
+ role = "${var.vault_name}-role"
+}
+
+module "elastic_beanstalk_application" {
+ source = "../terraform-aws-elastic-beanstalk-application"
+
+ # application
+ application_description = "FD.io CSIT Results Dashboard"
+ application_name = "fdio-csit-dash-app"
+ appversion_lifecycle_service_role_arn = ""
+ appversion_lifecycle_max_count = 2
+ appversion_lifecycle_delete_source_from_s3 = false
+}
+
+module "elastic_beanstalk_environment" {
+ source = "../terraform-aws-elastic-beanstalk-environment"
+
+ # vpc
+ vpc_cidr_block = "192.168.0.0/24"
+ vpc_enable_dns_hostnames = true
+ vpc_enable_dns_support = true
+ vpc_instance_tenancy = "default"
+
+ # subnet
+ subnet_availability_zone = "us-east-1a"
+
+ # environment
+ environment_application = module.elastic_beanstalk_application.application_name
+ environment_description = module.elastic_beanstalk_application.application_description
+ environment_name = "fdio-csit-dash-env"
+ environment_solution_stack_name = "64bit Amazon Linux 2 v3.3.11 running Python 3.8"
+ environment_tier = "WebServer"
+ environment_wait_for_ready_timeout = "20m"
+ environment_version_label = ""
+
+ # aws:ec2:instances
+ instances_instance_types = "t3a.xlarge"
+
+ # aws:ec2:vpc
+ associate_public_ip_address = true
+ elb_scheme = "public"
+
+ # aws:elbv2:listener:default
+ default_listener_enabled = true
+
+ # aws:elasticbeanstalk:environment
+ environment_loadbalancer_type = "network"
+
+ # aws:elasticbeanstalk:environment:process:default
+ environment_process_default_healthcheck_interval = 10
+ environment_process_default_healthy_threshold_count = 3
+ environment_process_default_port = 5000
+ environment_process_default_unhealthy_threshold_count = 3
+
+ # aws:elasticbeanstalk:healthreporting:system
+ healthreporting_system_type = "enhanced"
+
+ # aws:elasticbeanstalk:managedactions
+ managedactions_managed_actions_enabled = true
+ managedactions_preferred_start_time = "Sun:10:00"
+
+ # aws:elasticbeanstalk:managedactions:platformupdate
+ managedactions_platformupdate_update_level = "minor"
+ managedactions_platformupdate_instance_refresh_enabled = true
+
+ # aws:autoscaling:asg
+ autoscaling_asg_minsize = 1
+ autoscaling_asg_maxsize = 2
+
+ # aws:autoscaling:trigger
+ autoscaling_trigger_measure_name = "CPUUtilization"
+ autoscaling_trigger_statistic = "Average"
+ autoscaling_trigger_unit = "Percent"
+ autoscaling_trigger_lower_threshold = 20
+ autoscaling_trigger_lower_breach_scale_increment = -1
+ autoscaling_trigger_upper_threshold = 80
+ autoscaling_trigger_upper_breach_scale_increment = 1
+
+ # aws:elasticbeanstalk:hostmanager
+ hostmanager_log_publication_control = true
+
+ # aws:elasticbeanstalk:cloudwatch:logs
+ cloudwatch_logs_stream_logs = true
+ cloudwatch_logs_delete_on_terminate = true
+ cloudwatch_logs_retention_in_days = 3
+
+ # aws:elasticbeanstalk:cloudwatch:logs:health
+ cloudwatch_logs_health_health_streaming_enabled = true
+ cloudwatch_logs_health_delete_on_terminate = true
+ cloudwatch_logs_health_retention_in_days = 3
+
+ environment_type = "LoadBalanced"
+
+ # aws:elasticbeanstalk:application:environment
+ environment_variables = {
+ "AWS_ACCESS_KEY_ID" = data.vault_generic_secret.fdio_docs.data["access_key"]
+ "AWS_SECRET_ACCESS_KEY" = data.vault_generic_secret.fdio_docs.data["secret_key"]
+ "AWS_DEFAULT_REGION" = data.vault_generic_secret.fdio_docs.data["region"]
+ }
+}
diff --git a/fdio.infra.terraform/terraform-aws-fdio-csit-dash-env/output.tf b/fdio.infra.terraform/terraform-aws-fdio-csit-dash-env/output.tf
new file mode 100644
index 0000000000..094c8f5422
--- /dev/null
+++ b/fdio.infra.terraform/terraform-aws-fdio-csit-dash-env/output.tf
@@ -0,0 +1,4 @@
+output "elastic_beanstalk_environment_hostname" {
+ description = "DNS hostname"
+ value = module.elastic_beanstalk_environment.environment_cname
+}
diff --git a/fdio.infra.terraform/terraform-aws-fdio-csit-dash-env/providers.tf b/fdio.infra.terraform/terraform-aws-fdio-csit-dash-env/providers.tf
new file mode 100644
index 0000000000..7241b27c16
--- /dev/null
+++ b/fdio.infra.terraform/terraform-aws-fdio-csit-dash-env/providers.tf
@@ -0,0 +1,11 @@
+provider "aws" {
+ region = var.region
+ access_key = data.vault_aws_access_credentials.creds.access_key
+ secret_key = data.vault_aws_access_credentials.creds.secret_key
+}
+
+provider "vault" {
+ address = var.vault_provider_address
+ skip_tls_verify = var.vault_provider_skip_tls_verify
+ token = var.vault_provider_token
+}
diff --git a/fdio.infra.terraform/terraform-aws-fdio-csit-dash-env/variables.tf b/fdio.infra.terraform/terraform-aws-fdio-csit-dash-env/variables.tf
new file mode 100644
index 0000000000..25790290bc
--- /dev/null
+++ b/fdio.infra.terraform/terraform-aws-fdio-csit-dash-env/variables.tf
@@ -0,0 +1,28 @@
+variable "region" {
+ description = "AWS Region."
+ type = string
+ default = "us-east-1"
+}
+
+variable "vault_provider_address" {
+ description = "Vault cluster address."
+ type = string
+ default = "http://10.30.51.28:8200"
+}
+
+variable "vault_provider_skip_tls_verify" {
+ description = "Verification of the Vault server's TLS certificate."
+ type = bool
+ default = false
+}
+
+variable "vault_provider_token" {
+ description = "Vault root token."
+ type = string
+ sensitive = true
+}
+
+variable "vault_name" {
+ type = string
+ default = "dynamic-aws-creds-vault-fdio-csit-jenkins"
+}
diff --git a/fdio.infra.terraform/terraform-aws-fdio-csit-dash-env/versions.tf b/fdio.infra.terraform/terraform-aws-fdio-csit-dash-env/versions.tf
new file mode 100644
index 0000000000..4afbbc00a7
--- /dev/null
+++ b/fdio.infra.terraform/terraform-aws-fdio-csit-dash-env/versions.tf
@@ -0,0 +1,17 @@
+terraform {
+ backend "consul" {
+ address = "10.32.8.14:8500"
+ scheme = "http"
+ path = "terraform/dash"
+ }
+ required_providers {
+ aws = {
+ source = "hashicorp/aws"
+ version = ">= 4.3.0"
+ }
+ vault = {
+ version = ">= 3.2.1"
+ }
+ }
+ required_version = ">= 1.1.4"
+}