|
|
@@ -1,3 +1,8 @@
|
|
|
+# Some instance variables
|
|
|
+locals {
|
|
|
+ ami_selection = "master" # master, minion, ...
|
|
|
+}
|
|
|
+
|
|
|
# Rather than pass in the aws security group, we just look it up. This will
|
|
|
# probably be useful other places, as well.
|
|
|
data "aws_security_group" "typical-host" {
|
|
|
@@ -38,7 +43,7 @@ resource "aws_instance" "instance" {
|
|
|
monitoring = false
|
|
|
iam_instance_profile = "msoc-default-instance-profile"
|
|
|
|
|
|
- ami = local.ami_map["minion"]
|
|
|
+ ami = local.ami_map[local.ami_selection]
|
|
|
# We need to ignore ebs_block_device changes, because if the AMI changes, so does the snapshot_id.
|
|
|
# If they add a feature to block more specific changes (eg `ebs_block_devices[*].snapshot_id`), then
|
|
|
# that could be removed.
|
|
|
@@ -65,7 +70,7 @@ resource "aws_instance" "instance" {
|
|
|
# See:
|
|
|
# https://github.com/hashicorp/terraform/issues/19958
|
|
|
# https://github.com/terraform-providers/terraform-provider-aws/issues/13118
|
|
|
- snapshot_id = local.block_device_mappings["minion"]["/dev/xvdm"].ebs.snapshot_id
|
|
|
+ snapshot_id = local.block_device_mappings[local.ami_selection]["/dev/xvdm"].ebs.snapshot_id
|
|
|
}
|
|
|
ebs_block_device {
|
|
|
# /home
|
|
|
@@ -74,7 +79,7 @@ resource "aws_instance" "instance" {
|
|
|
delete_on_termination = true
|
|
|
encrypted = true
|
|
|
kms_key_id = data.aws_kms_key.ebs-key.arn
|
|
|
- snapshot_id = local.block_device_mappings["minion"]["/dev/xvdn"].ebs.snapshot_id
|
|
|
+ snapshot_id = local.block_device_mappings[local.ami_selection]["/dev/xvdn"].ebs.snapshot_id
|
|
|
|
|
|
}
|
|
|
ebs_block_device {
|
|
|
@@ -84,7 +89,7 @@ resource "aws_instance" "instance" {
|
|
|
delete_on_termination = true
|
|
|
encrypted = true
|
|
|
kms_key_id = data.aws_kms_key.ebs-key.arn
|
|
|
- snapshot_id = local.block_device_mappings["minion"]["/dev/xvdo"].ebs.snapshot_id
|
|
|
+ snapshot_id = local.block_device_mappings[local.ami_selection]["/dev/xvdo"].ebs.snapshot_id
|
|
|
}
|
|
|
ebs_block_device {
|
|
|
# /var/tmp
|
|
|
@@ -93,7 +98,7 @@ resource "aws_instance" "instance" {
|
|
|
delete_on_termination = true
|
|
|
encrypted = true
|
|
|
kms_key_id = data.aws_kms_key.ebs-key.arn
|
|
|
- snapshot_id = local.block_device_mappings["minion"]["/dev/xvdp"].ebs.snapshot_id
|
|
|
+ snapshot_id = local.block_device_mappings[local.ami_selection]["/dev/xvdp"].ebs.snapshot_id
|
|
|
}
|
|
|
ebs_block_device {
|
|
|
# /var/log
|
|
|
@@ -102,7 +107,7 @@ resource "aws_instance" "instance" {
|
|
|
delete_on_termination = true
|
|
|
encrypted = true
|
|
|
kms_key_id = data.aws_kms_key.ebs-key.arn
|
|
|
- snapshot_id = local.block_device_mappings["minion"]["/dev/xvdq"].ebs.snapshot_id
|
|
|
+ snapshot_id = local.block_device_mappings[local.ami_selection]["/dev/xvdq"].ebs.snapshot_id
|
|
|
}
|
|
|
ebs_block_device {
|
|
|
# /var/log/audit
|
|
|
@@ -111,7 +116,7 @@ resource "aws_instance" "instance" {
|
|
|
delete_on_termination = true
|
|
|
encrypted = true
|
|
|
kms_key_id = data.aws_kms_key.ebs-key.arn
|
|
|
- snapshot_id = local.block_device_mappings["minion"]["/dev/xvdr"].ebs.snapshot_id
|
|
|
+ snapshot_id = local.block_device_mappings[local.ami_selection]["/dev/xvdr"].ebs.snapshot_id
|
|
|
}
|
|
|
ebs_block_device {
|
|
|
# /tmp
|
|
|
@@ -120,7 +125,7 @@ resource "aws_instance" "instance" {
|
|
|
delete_on_termination = true
|
|
|
encrypted = true
|
|
|
kms_key_id = data.aws_kms_key.ebs-key.arn
|
|
|
- snapshot_id = local.block_device_mappings["minion"]["/dev/xvds"].ebs.snapshot_id
|
|
|
+ snapshot_id = local.block_device_mappings[local.ami_selection]["/dev/xvds"].ebs.snapshot_id
|
|
|
}
|
|
|
|
|
|
network_interface {
|
Frederick Damstra