Skip to content

Add some terraform scripts to startup a workspace VM on AWS #15

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
mrdavidlaing wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Add some terraform scripts to startup a workspace VM on AWS #15

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
33f7ec4
Add terraform stuff for setting up a microbosh
simonjohansson Jul 31, 2015
0bb566d
Refactor and extend to launch logsearch-workspace spot instance on AWS
mrdavidlaing Aug 3, 2015
530a72b
WIP: Launch an on demand AWS workspace instance
mrdavidlaing Aug 6, 2015
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,4 +34,5 @@ build/
.rvmrc

.vagrant/
workspace/
workspace/
*.tfstate*
29 changes: 29 additions & 0 deletions _setup/terraform/aws-workspace/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@

0. Setup your AWS credentials
```
export TF_VAR_access_key=$AWS_ACCESS_KEY_ID
export TF_VAR_secret_key=$AWS_SECRET_ACCESS_KEY
export TF_VAR_workspace_key_name="pcf"
export TF_VAR_workspace_subnet_id="subnet-fcd4838b" #pcf-public-az-a
export TF_VAR_workspace_security_group_id0="sg-2032c147" #workspace
export TF_VAR_workspace_security_group_id1="sg-6a1a080e" #stayup-pcf-VMs
export TF_VAR_workspace_security_group_id2="sg-65fa4302" #staff_office_ips

```
0. Make sure your IP is listed in the `staff_office_ips` security group
0. Make sure that you had `ssh-add`ed the key to your keychain

0. `/path/to/logsearch-workspace/_setup/terraform/aws-workspace$ terraform apply`


## Tricks

0. Use `terraform taint aws_volume_attachment.workspace_ebs_att` to re-run just the provision.sh script

```
_setup/terraform/aws-workspace$ terraform taint aws_volume_attachment.workspace_ebs_att
The resource aws_volume_attachment.workspace_ebs_att in the module root has been marked as tainted!
_setup/terraform/aws-workspace$ terraform apply
...snip...
aws_volume_attachment.workspace_ebs_att: Provisioning with 'remote-exec'...
```
103 changes: 103 additions & 0 deletions _setup/terraform/aws-workspace/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,103 @@
provider "aws" {
access_key = "${var.access_key}"
secret_key = "${var.secret_key}"
region = "us-east-1"
}

resource "aws_ebs_volume" "workspace_disk" {
availability_zone = "us-east-1a"
size = 10
tags {
Name = "workspace_disk"
}
}

resource "aws_instance" "workspace_instance" {
ami = "ami-3fee3b54" #BOSH lite 9000.38
instance_type = "m3.medium"
key_name = "${var.workspace_key_name}"
tags {
Name = "workspace_instance"
}

subnet_id = "${var.workspace_subnet_id}"
vpc_security_group_ids = ["${var.workspace_security_group_id0}", "${var.workspace_security_group_id1}", "${var.workspace_security_group_id2}"]

associate_public_ip_address = "true"

root_block_device {
volume_type = "gp2"
volume_size = 10
}

}

resource "aws_volume_attachment" "workspace_ebs_att" {
device_name = "/dev/sdf"
volume_id = "${aws_ebs_volume.workspace_disk.id}"
#instance_id = "${aws_spot_instance_request.workspace_instance.spot_instance_id}"
instance_id = "${aws_instance.workspace_instance.id}"

provisioner "remote-exec" {
script = "provision.sh"
connection {
host = "${aws_instance.workspace_instance.public_ip}"
user = "ubuntu"

}
}
}


#resource "aws_spot_instance_request" "workspace_instance" {
# ami = "ami-3fee3b54" #BOSH lite 9000.38
# instance_type = "m3.xlarge"
# spot_price = "0.15"
#
# subnet_id = "${var.workspace_subnet_id}"
#
# wait_for_fulfillment = true
# key_name = "${var.workspace_key_name}"
# tags {
# Name = "workspace_instance"
# }
#
# root_block_device {
# volume_type = "gp2"
# volume_size = 100
# }
#}
#
#resource "aws_network_interface" "workspace_instance_network_interface" {
# subnet_id = "${var.workspace_subnet_id}"
# security_groups = ["${var.workspace_security_group_id0}", "${var.workspace_security_group_id1}", "${var.#workspace_security_group_id2}"]
# attachment {
# instance = "${aws_spot_instance_request.workspace_instance.spot_instance_id}"
# device_index = 1
# }
# tags {
# Name = "workspace_instance"
# }
#}
#
#
#resource "aws_eip" "workspace_instance_public_ip" {
# network_interface = "${aws_network_interface.workspace_instance_network_interface.id}"
#
# vpc = true
#
# provisioner "remote-exec" {
# script = "provision.sh"
# connection {
# host = "${aws_eip.workspace_instance_public_ip.public_ip}"
# user = "ubuntu"
# key_file = "${var.workspace_key_file}"
# }
# }
#
#}





40 changes: 40 additions & 0 deletions _setup/terraform/aws-workspace/provision.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
#!/bin/bash
echo "Provisioning..."

sudo apt-get update
sudo apt-get -y install git

echo "Mounting persistent disk as as /workspaces..."
# TODO: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-using-volumes.html

echo "Relocating all user home dirs to /workspaces..."
# TODO

echo "Installing logsearch-workspace dependancies..."
# TODO:
# sudo git clone https://github.com/logsearch/workspace /root/logsearch-workspace
# sudo /root/logsearch-workspace/_setup/runtime/install_dependancies

echo "Provision user accounts"
# TODO - not sure this step can/should be automated
# steps:
# sudo /root/logsearch-workspace/_setup/runtime/add_new_workspace --workspace-tenant-number 1 --workspace-username mrdavidlaing --workspace-public-key 'ssh-rsa AAAAB3...' --workspace-homedirs /workspaces
# sudo /root/logsearch-workspace/_setup/runtime/add_new_workspace --workspace-tenant-number 2 --workspace-username user2 ...

echo "Installing CF..."
# TODO
echo "Adding ip-tables routes to CF"
# PRIVATE_IP=????
# sudo iptables -t nat -A PREROUTING -p tcp -d $PRIVATE_IP --dport 80 -j DNAT --to 10.244.0.34:80
# sudo iptables -t nat -A PREROUTING -p tcp -d $PRIVATE_IP --dport 443 -j DNAT --to 10.244.0.34:443

# sudo iptables-save > /etc/iptables/rules.v4

echo "Installing Logsearch..."
# TODO

echo "=-=-=-=-=-=-=-=-=-=-=-=-=-="
echo " "
echo "\o/ Provisioning completed!"
echo " |"
echo '/ \'
7 changes: 7 additions & 0 deletions _setup/terraform/aws-workspace/variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
variable "access_key" {}
variable "secret_key" {}
variable "workspace_key_name" {}
variable "workspace_subnet_id" {}
variable "workspace_security_group_id0" {}
variable "workspace_security_group_id1" {}
variable "workspace_security_group_id2" {}