| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394 |
- resource "aws_network_interface" "vmray-worker-interface" {
- count = var.vmray_worker_instance_count
- subnet_id = var.private_subnets[count.index % 3]
- security_groups = [ data.aws_security_group.typical-host.id, aws_security_group.vmray_worker_sg.id ]
- description = "vmray-worker"
- tags = merge(var.standard_tags, var.tags, { Name = "vmray-worker" })
- }
- resource "aws_instance" "vmray-worker-instance" {
- count = var.vmray_worker_instance_count
- tenancy = "default"
- ebs_optimized = true
- disable_api_termination = var.instance_termination_protection
- instance_initiated_shutdown_behavior = "stop"
- instance_type = var.instance_types["vmray-worker"]
- key_name = "msoc-build"
- monitoring = false
- iam_instance_profile = "msoc-default-instance-profile"
- ami = data.aws_ami.ubuntu2004.image_id
- # We need to ignore ebs_block_device changes, because if the AMI changes, so does the snapshot_id.
- # If they add a feature to block more specific changes (eg `ebs_block_devices[*].snapshot_id`), then
- # that could be removed.
- lifecycle { ignore_changes = [ ami, key_name, user_data, ebs_block_device ] }
- root_block_device {
- volume_type = "gp3"
- volume_size = "60"
- delete_on_termination = true
- encrypted = true
- kms_key_id = data.aws_kms_key.ebs-key.arn
- }
- network_interface {
- device_index = 0
- network_interface_id = aws_network_interface.vmray-worker-interface[count.index].id
- }
- user_data = data.template_cloudinit_config.cloud-init-vmray-worker[count.index].rendered
- tags = merge( var.standard_tags, var.tags, { Name = "vmray-worker-${ count.index }" })
- volume_tags = merge( var.standard_tags, var.tags, { Name = "vmray-worker-${ count.index }" })
- }
- data "template_file" "cloud-init-vmray-worker" {
- count = var.vmray_worker_instance_count
- template = file("${path.module}/cloud-init/cloud-init.tpl")
- vars = {
- hostname = "vmray-worker-${ count.index }"
- fqdn = "vmray-worker-${ count.index }.${var.dns_info["private"]["zone"]}"
- environment = var.environment
- salt_master = var.salt_master
- proxy = var.proxy
- aws_partition = var.aws_partition
- aws_partition_alias = var.aws_partition_alias
- aws_region = var.aws_region
- ua_key = local.secret_ubuntu["ua_key"] # This is gathered in server.tf
- }
- }
- # Render a multi-part cloud-init config making use of the part
- # above, and other source files
- data "template_cloudinit_config" "cloud-init-vmray-worker" {
- count = var.vmray_worker_instance_count
- gzip = true
- base64_encode = true
- # Main cloud-config configuration file.
- part {
- filename = "init.cfg"
- content_type = "text/cloud-config"
- content = data.template_file.cloud-init-vmray-worker[count.index].rendered
- }
- # Additional parts as needed
- #part {
- # content_type = "text/x-shellscript"
- # content = "ffbaz"
- #}
- }
- module "private_dns_record_vmray_worker" {
- count = var.vmray_worker_instance_count
- source = "../../submodules/dns/private_A_record"
- name = "vmray-worker-${ count.index }"
- ip_addresses = [ aws_instance.vmray-worker-instance[count.index].private_ip ]
- dns_info = var.dns_info
- reverse_enabled = true
- providers = {
- aws.c2 = aws.c2
- }
- }
|
