[add] Added files

Author: luisllm

.gitignore

@@ -0,0 +1,2 @@
+mykey
+.tfstate

.terraform/plugins/linux_amd64/lock.json

@@ -0,0 +1,4 @@
+{
+  "aws": "2cb7ba40c1496959553c7bd6c224cc18ac2791c2f3f7d2a60d481ddc79dc1ca6",
+  "template": "f1d8e373d9f89d21fade8858a562bed75b463c814a2cf8fb750eb017083f1e88"
+}

.terraform/plugins/linux_amd64/terraform-provider-aws_v1.14.0_x4

@@ -0,0 +1,24 @@
+{
+    "version": 3,
+    "serial": 1,
+    "lineage": "06907ce5-e150-5588-b91a-74c2707e5a3c",
+    "backend": {
+        "type": "s3",
+        "config": {
+            "bucket": "terraform-state-luislongo-123",
+            "key": "terraform/docker-demo-3",
+            "region": "eu-west-1"
+        },
+        "hash": 4093006775391328672
+    },
+    "modules": [
+        {
+            "path": [
+                "root"
+            ],
+            "outputs": {},
+            "resources": {},
+            "depends_on": []
+        }
+    ]
+}

.terraform/plugins/linux_amd64/terraform-provider-template_v1.0.0_x4

@@ -0,0 +1 @@
+My terraform examples to test the examples of this course https://github.com/wardviaene/terraform-course

.terraform/terraform.tfstate

@@ -0,0 +1,7 @@
+terraform {
+   backend "s3" {
+	bucket= "terraform-state-luislongo-123"
+	key= "terraform/docker-demo-3"
+	region= "eu-west-1"
+   }
+}

README.md

@@ -0,0 +1,19 @@
+data "template_file" "jenkins-init" {
+  template = "${file("scripts/jenkins-init.sh")}"
+  vars {
+    DEVICE = "${var.INSTANCE_DEVICE_NAME}"
+    JENKINS_VERSION = "${var.JENKINS_VERSION}"
+    TERRAFORM_VERSION = "${var.TERRAFORM_VERSION}"
+  }
+}
+data "template_cloudinit_config" "cloudinit-jenkins" {
+
+  gzip = false
+  base64_encode = false
+
+  part {
+    content_type = "text/x-shellscript"
+    content      = "${data.template_file.jenkins-init.rendered}"
+  }
+
+}

backend.tf

@@ -0,0 +1,3 @@
+resource "aws_ecr_repository" "myapp" {
+  name = "myapp"
+}

cloudinit.tf

@@ -0,0 +1,28 @@
+# cluster
+resource "aws_ecs_cluster" "example-cluster" {
+    name = "example-cluster"
+}
+resource "aws_launch_configuration" "ecs-example-launchconfig" {
+  name_prefix          = "ecs-launchconfig"
+  image_id             = "${lookup(var.ECS_AMIS, var.AWS_REGION)}"
+  instance_type        = "${var.ECS_INSTANCE_TYPE}"
+  key_name             = "${aws_key_pair.mykeypair.key_name}"
+  iam_instance_profile = "${aws_iam_instance_profile.ecs-ec2-role.id}"
+  security_groups      = ["${aws_security_group.ecs-securitygroup.id}"]
+  user_data            = "#!/bin/bash\necho 'ECS_CLUSTER=example-cluster' > /etc/ecs/ecs.config\nstart ecs"
+  lifecycle              { create_before_destroy = true }
+}
+resource "aws_autoscaling_group" "ecs-example-autoscaling" {
+  name                 = "ecs-example-autoscaling"
+  vpc_zone_identifier  = ["${aws_subnet.main-public-1.id}", "${aws_subnet.main-public-2.id}"]
+  launch_configuration = "${aws_launch_configuration.ecs-example-launchconfig.name}"
+  min_size             = 1
+  max_size             = 1
+  tag {
+      key = "Name"
+      value = "ecs-ec2-container"
+      propagate_at_launch = true
+  }
+}
+
+

ecr.tf

@@ -0,0 +1,113 @@
+# ecs ec2 role
+resource "aws_iam_role" "ecs-ec2-role" {
+    name = "ecs-ec2-role"
+    assume_role_policy = <<EOF
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Action": "sts:AssumeRole",
+      "Principal": {
+        "Service": "ec2.amazonaws.com"
+      },
+      "Effect": "Allow",
+      "Sid": ""
+    }
+  ]
+}
+EOF
+}
+resource "aws_iam_instance_profile" "ecs-ec2-role" {
+    name = "ecs-ec2-role"
+    role = "${aws_iam_role.ecs-ec2-role.name}"
+}
+
+resource "aws_iam_role" "ecs-consul-server-role" {
+    name = "ecs-consul-server-role"
+    assume_role_policy = <<EOF
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Action": "sts:AssumeRole",
+      "Principal": {
+        "Service": "ec2.amazonaws.com"
+      },
+      "Effect": "Allow",
+      "Sid": ""
+    }
+  ]
+}
+EOF
+}
+
+resource "aws_iam_role_policy" "ecs-ec2-role-policy" {
+    name = "ecs-ec2-role-policy"
+    role = "${aws_iam_role.ecs-ec2-role.id}"
+    policy = <<EOF
+{
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+            "Effect": "Allow",
+            "Action": [
+              "ecs:CreateCluster",
+              "ecs:DeregisterContainerInstance",
+              "ecs:DiscoverPollEndpoint",
+              "ecs:Poll",
+              "ecs:RegisterContainerInstance",
+              "ecs:StartTelemetrySession",
+              "ecs:Submit*",
+              "ecs:StartTask",
+              "ecr:GetAuthorizationToken",
+              "ecr:BatchCheckLayerAvailability",
+              "ecr:GetDownloadUrlForLayer",
+              "ecr:BatchGetImage",
+              "logs:CreateLogStream",
+              "logs:PutLogEvents"
+            ],
+            "Resource": "*"
+        },
+        {
+            "Effect": "Allow",
+            "Action": [
+                "logs:CreateLogGroup",
+                "logs:CreateLogStream",
+                "logs:PutLogEvents",
+                "logs:DescribeLogStreams"
+            ],
+            "Resource": [
+                "arn:aws:logs:*:*:*"
+            ]
+        }
+    ]
+}
+EOF
+}
+
+# ecs service role
+resource "aws_iam_role" "ecs-service-role" {
+    name = "ecs-service-role"
+    assume_role_policy = <<EOF
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Action": "sts:AssumeRole",
+      "Principal": {
+        "Service": "ecs.amazonaws.com"
+      },
+      "Effect": "Allow",
+      "Sid": ""
+    }
+  ]
+}
+EOF
+}
+
+resource "aws_iam_policy_attachment" "ecs-service-attach1" {
+    name = "ecs-service-attach1"
+    roles = ["${aws_iam_role.ecs-service-role.name}"]
+    policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceRole"
+}
+

ecs.tf

@@ -0,0 +1,33 @@
+resource "aws_instance" "jenkins-instance" {
+  ami           = "${lookup(var.AMIS, var.AWS_REGION)}"
+  instance_type = "t2.micro"
+
+  # the VPC subnet
+  subnet_id = "${aws_subnet.main-public-1.id}"
+
+  # the security group
+  vpc_security_group_ids = ["${aws_security_group.jenkins-securitygroup.id}"]
+
+  # the public SSH key
+  key_name = "${aws_key_pair.mykeypair.key_name}"
+
+  # user data
+  user_data = "${data.template_cloudinit_config.cloudinit-jenkins.rendered}"
+
+}
+
+resource "aws_ebs_volume" "jenkins-data" {
+    availability_zone = "eu-west-1a"
+    size = 20
+    type = "gp2" 
+    tags {
+        Name = "jenkins-data"
+    }
+}
+
+resource "aws_volume_attachment" "jenkins-data-attachment" {
+  device_name = "${var.INSTANCE_DEVICE_NAME}"
+  volume_id = "${aws_ebs_volume.jenkins-data.id}"
+  instance_id = "${aws_instance.jenkins-instance.id}"
+}
+

iam.tf

@@ -0,0 +1,7 @@
+resource "aws_key_pair" "mykeypair" {
+  key_name = "mykeypair"
+  public_key = "${file("${var.PATH_TO_PUBLIC_KEY}")}"
+  lifecycle {
+    ignore_changes = ["public_key"]
+  }
+}

jenkins.tf

@@ -0,0 +1,2 @@
+variable "MYAPP_SERVICE_ENABLE" { default = "0" }
+variable "MYAPP_VERSION" { default = "0" }

key.tf

@@ -0,0 +1,64 @@
+# app
+
+data "template_file" "myapp-task-definition-template" {
+  template               = "${file("templates/app.json.tpl")}"
+  vars {
+    REPOSITORY_URL = "${replace("${aws_ecr_repository.myapp.repository_url}", "https://", "")}"
+    APP_VERSION = "${var.MYAPP_VERSION}"
+  }
+}
+
+resource "aws_ecs_task_definition" "myapp-task-definition" {
+  family                = "myapp"
+  container_definitions = "${data.template_file.myapp-task-definition-template.rendered}"
+}
+
+resource "aws_ecs_service" "myapp-service" {
+  count = "${var.MYAPP_SERVICE_ENABLE}"
+  name = "myapp"
+  cluster = "${aws_ecs_cluster.example-cluster.id}"
+  task_definition = "${aws_ecs_task_definition.myapp-task-definition.arn}"
+  desired_count = 1
+  iam_role = "${aws_iam_role.ecs-service-role.arn}"
+  depends_on = ["aws_iam_policy_attachment.ecs-service-attach1"]
+
+  load_balancer {
+    elb_name = "${aws_elb.myapp-elb.name}"
+    container_name = "myapp"
+    container_port = 3000
+  }
+  lifecycle { ignore_changes = ["task_definition"] }
+}
+
+# load balancer
+resource "aws_elb" "myapp-elb" {
+  name = "myapp-elb"
+
+  listener {
+    instance_port = 3000
+    instance_protocol = "http"
+    lb_port = 80
+    lb_protocol = "http"
+  }
+
+  health_check {
+    healthy_threshold = 3
+    unhealthy_threshold = 3
+    timeout = 30
+    target = "HTTP:3000/"
+    interval = 60
+  }
+
+  cross_zone_load_balancing = true
+  idle_timeout = 400
+  connection_draining = true
+  connection_draining_timeout = 400
+
+  subnets = ["${aws_subnet.main-public-1.id}","${aws_subnet.main-public-2.id}"]
+  security_groups = ["${aws_security_group.myapp-elb-securitygroup.id}"]
+
+  tags {
+    Name = "myapp-elb"
+  }
+}
+

myapp-vars.tf

@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC5R3hBGD182YcOnTXykn/bM4vhUUeAGFelk6yR4PhxXdbaYisshwnyQdOkuBpS/LfjHeT4xgjwovCIY32xpj0pgUsonlhCUzrs6Ec+69gFvIIK9b3C2U2UjoKQULjONUco2ZB0IlvRWTd80DiRlHGZbou8oAgx87TQ8PR8x1iKDECK2hUTYQE/ztnNubsT3sNZ1kfwjR51APPbJ4DIAJMDyIK7BwyecfiAU1b8iXjBS4fAhMvnDhaTeEKfuPSPp9a2X6PLzgDW5enPmckBfk9PVlpChnBPuY3DppG7MMP19+xve9FpMdikksTPvNMXoUAggwd3tek0spg7DQgYxRit nagraops@debian-nagraops

myapp.tf

@@ -0,0 +1,9 @@
+output "elb" {
+  value = "${aws_elb.myapp-elb.dns_name}"
+}
+output "jenkins" {
+  value = "${aws_instance.jenkins-instance.public_ip}"
+}
+output "myapp-repository-URL" {
+  value = "${aws_ecr_repository.myapp.repository_url}"
+}

mykey.pub

@@ -0,0 +1,4 @@
+provider "aws" { 
+  version = "~> 1.13"
+  region = "${var.AWS_REGION}"
+}

output.tf

@@ -0,0 +1,8 @@
+resource "aws_s3_bucket" "terraform-state" {
+    bucket = "terraform-state-luislongo-123"
+    acl = "private"
+
+    tags {
+        Name = "Terraform state"
+    }
+}