Open 80/443 for VMray / Increase Sensus IOPS

To be tagged v3.1.10

base/sensu/main.tf

@@ -79,6 +79,8 @@ resource "aws_instance" "instance" {
     device_name = "/dev/xvdo"
     volume_type = "gp3"
     # volume_size = xx
+    iops = 6000 # etcd requires extra performance
+    throughput = 250 # etcd requires extra performance
     delete_on_termination = true
     encrypted = true
     kms_key_id = data.aws_kms_key.ebs-key.arn

base/vmray_instances/security-groups.tf

@@ -11,6 +11,24 @@ resource "aws_security_group" "vmray_server_sg" {
   tags        = merge(var.standard_tags, var.tags)
 }
 
+resource "aws_security_group_rule" "vmray_server_http_in_from_workers" {
+  type              = "ingress"
+  from_port         = 80
+  to_port           = 80
+  protocol          = "tcp"
+  source_security_group_id = aws_security_group.vmray_worker_sg.id
+  security_group_id = aws_security_group.vmray_server_sg.id
+}
+
+resource "aws_security_group_rule" "vmray_server_https_in_from_workers" {
+  type              = "ingress"
+  from_port         = 443
+  to_port           = 443
+  protocol          = "tcp"
+  source_security_group_id = aws_security_group.vmray_worker_sg.id
+  security_group_id = aws_security_group.vmray_server_sg.id
+}
+
 resource "aws_security_group_rule" "vmray_server_https_in" {
   type              = "ingress"
   from_port         = 443
@@ -21,24 +39,24 @@ resource "aws_security_group_rule" "vmray_server_https_in" {
   security_group_id = aws_security_group.vmray_server_sg.id
 }
 
-## Proxy - Ubuntu Advantage doesn't appear to respect it
-#resource "aws_security_group_rule" "vmray_server_http_out" {
-#  type              = "egress"
-#  from_port         = 80
-#  to_port           = 80
-#  protocol          = "tcp"
-#  cidr_blocks       = [ "0.0.0.0/0" ]
-#  security_group_id = aws_security_group.vmray_server_sg.id
-#}
-#
-#resource "aws_security_group_rule" "vmray_server_https_out" {
-#  type              = "egress"
-#  from_port         = 443
-#  to_port           = 443
-#  protocol          = "tcp"
-#  cidr_blocks       = [ "0.0.0.0/0" ]
-#  security_group_id = aws_security_group.vmray_server_sg.id
-#}
+## VMRay Requires Direct Internet Access
+resource "aws_security_group_rule" "vmray_server_http_out" {
+  type              = "egress"
+  from_port         = 80
+  to_port           = 80
+  protocol          = "tcp"
+  cidr_blocks       = [ "0.0.0.0/0" ]
+  security_group_id = aws_security_group.vmray_server_sg.id
+}
+
+resource "aws_security_group_rule" "vmray_server_https_out" {
+  type              = "egress"
+  from_port         = 443
+  to_port           = 443
+  protocol          = "tcp"
+  cidr_blocks       = [ "0.0.0.0/0" ]
+  security_group_id = aws_security_group.vmray_server_sg.id
+}
 
 resource "aws_security_group_rule" "vmray_server_vnc_to_workers" {
   type              = "egress"