Moved part of TF configuration to Ansible to use best of Jinja2
This commit is contained in:
parent
3dc5ee0e27
commit
e4ff004d96
|
@ -1,8 +1,3 @@
|
|||
.DS_Store
|
||||
|
||||
# Testing
|
||||
/ignore.tfvars
|
||||
|
||||
# Terraform State
|
||||
*.terraform*
|
||||
*terraform.tfstate.d*
|
||||
|
@ -10,11 +5,13 @@
|
|||
roles/main_infra/files/backend.tfvars
|
||||
roles/main_infra/files/remote-backend-selector.tf
|
||||
roles/main_infra/files/terraform.tfvars
|
||||
roles/main_infra/files/hosts.tf
|
||||
roles/main_infra/files/routing.tf
|
||||
*.backup
|
||||
|
||||
# Sensitive information
|
||||
/*.privkey
|
||||
/*.tfvars
|
||||
*.privkey
|
||||
*.tfvars
|
||||
|
||||
# Stack-specific information
|
||||
/PREFIX
|
||||
|
|
|
@ -10,3 +10,4 @@
|
|||
- roles/main_infra/files/terraform.tfstate.d
|
||||
- roles/main_infra/files/main.tfvars
|
||||
- roles/main_infra/files/backend.tfvars
|
||||
- roles/main_infra/files/terraform.tfplan
|
||||
|
|
|
@ -57,6 +57,7 @@ chain_custom_environment:
|
|||
TXS_COUNT_CACHE_PERIOD: 7200 # Interval in seconds to restart the task, which calculates the total txs count.
|
||||
ADDRESS_WITH_BALANCES_UPDATE_INTERVAL: 1800 #Interval in seconds to restart the task, which calculates addresses with balances
|
||||
LINK_TO_OTHER_EXPLORERS: "false" # If true, links to other explorers are added in the footer
|
||||
USE_PLACEMENT_GROUP: "false" # If true, BlockScout instance will be created in the placement group
|
||||
|
||||
## Region. It is recommended to deploy to us-east-1 as some of the other regions fails due to varied reasons
|
||||
region: "us-east-1"
|
||||
|
|
|
@ -34,9 +34,6 @@ pool_size: 30
|
|||
## The following variable represents the elixir version that will be used to run BlockScout instance. Will be used to download the Elixir at the following link: https://github.com/elixir-lang/elixir/releases/download/{{ elixir_version }}/Precompiled.zip
|
||||
elixir_version: "v1.7.4"
|
||||
|
||||
## Whether or not to use the placement group for the BlockScout instances.
|
||||
use_placement_group: false
|
||||
|
||||
# DB related variables
|
||||
|
||||
## This value represents the name of the DB that will be created/attached. Must be unique. Will be prefixed with `prefix` variable.
|
||||
|
|
|
@ -17,7 +17,7 @@ resource "aws_codedeploy_deployment_group" "explorer" {
|
|||
app_name = "${aws_codedeploy_app.explorer.name}"
|
||||
deployment_group_name = "${var.prefix}-explorer-dg${count.index}"
|
||||
service_role_arn = "${aws_iam_role.deployer.arn}"
|
||||
autoscaling_groups = ["${aws_autoscaling_group.explorer.*.id[count.index]}"]
|
||||
autoscaling_groups = ["${aws_launch_configuration.explorer.name}-asg-${element(var.chains,count.index)}"]
|
||||
|
||||
deployment_style {
|
||||
deployment_option = "WITH_TRAFFIC_CONTROL"
|
||||
|
|
|
@ -5,6 +5,34 @@ resource "aws_ssm_parameter" "db_host" {
|
|||
type = "String"
|
||||
}
|
||||
|
||||
resource "aws_ssm_parameter" "db_port" {
|
||||
count = "${length(var.chains)}"
|
||||
name = "/${var.prefix}/${element(var.chains,count.index)}/db_port"
|
||||
value = "${aws_db_instance.default.*.port[count.index]}"
|
||||
type = "String"
|
||||
}
|
||||
|
||||
resource "aws_ssm_parameter" "db_name" {
|
||||
count = "${length(var.chains)}"
|
||||
name = "/${var.prefix}/${element(var.chains,count.index)}/db_name"
|
||||
value = "${lookup(var.chain_db_name,element(var.chains,count.index))}"
|
||||
type = "String"
|
||||
}
|
||||
|
||||
resource "aws_ssm_parameter" "db_username" {
|
||||
count = "${length(var.chains)}"
|
||||
name = "/${var.prefix}/${element(var.chains,count.index)}/db_username"
|
||||
value = "${lookup(var.chain_db_username,element(var.chains,count.index))}"
|
||||
type = "String"
|
||||
}
|
||||
|
||||
resource "aws_ssm_parameter" "db_password" {
|
||||
count = "${length(var.chains)}"
|
||||
name = "/${var.prefix}/${element(var.chains,count.index)}/db_password"
|
||||
value = "${lookup(var.chain_db_password,element(var.chains,count.index))}"
|
||||
type = "String"
|
||||
}
|
||||
|
||||
resource "aws_db_instance" "default" {
|
||||
count = "${length(var.chains)}"
|
||||
name = "${lookup(var.chain_db_name,element(var.chains,count.index))}"
|
||||
|
|
|
@ -7,15 +7,19 @@ variable "db_subnet_cidr" {}
|
|||
variable "dns_zone_name" {}
|
||||
variable "instance_type" {}
|
||||
variable "root_block_size" {}
|
||||
variable "pool_size" {}
|
||||
variable "pool_size" {
|
||||
default = {}
|
||||
}
|
||||
variable "elixir_version" {}
|
||||
variable "use_placement_group" {}
|
||||
variable "use_placement_group" {
|
||||
default = {}
|
||||
}
|
||||
variable "key_content" {
|
||||
default = ""
|
||||
}
|
||||
|
||||
variable "chains" {
|
||||
default = {}
|
||||
default = []
|
||||
}
|
||||
|
||||
variable "chain_db_id" {
|
||||
|
@ -55,10 +59,12 @@ variable "chain_db_version" {
|
|||
}
|
||||
|
||||
variable "secret_key_base" {
|
||||
default = {}
|
||||
default = {}
|
||||
}
|
||||
|
||||
variable "alb_ssl_policy" {}
|
||||
variable "alb_certificate_arn" {}
|
||||
|
||||
variable "use_ssl" {
|
||||
default = {}
|
||||
default = {}
|
||||
}
|
||||
|
|
|
@ -35,6 +35,12 @@
|
|||
path: roles/main_infra/files/.terraform/
|
||||
state: absent
|
||||
when: stat_result.stat.exists == True
|
||||
|
||||
- name: Generate Terraform files
|
||||
template:
|
||||
src: "{{ item.key }}"
|
||||
dest: "{{ item.value }}"
|
||||
with_dict: {hosts.tf.j2: roles/main_infra/files/hosts.tf,routing.tf.j2: roles/main_infra/files/routing.tf}
|
||||
|
||||
#Workaround since terraform module return unexpected error.
|
||||
- name: Terraform plan construct
|
||||
|
@ -44,11 +50,12 @@
|
|||
chdir: "roles/main_infra/files"
|
||||
with_items:
|
||||
- "init{{ ' -backend-config=backend.tfvars' if backend|bool == true else '' }}"
|
||||
- plan
|
||||
- plan -out terraform.tfplan
|
||||
- show terraform.tfplan -no-color
|
||||
|
||||
- name: Show Terraform plan
|
||||
debug:
|
||||
var: tf_plan.results[1].stdout_lines
|
||||
var: tf_plan.results[2].stdout_lines
|
||||
|
||||
- name: User prompt
|
||||
pause:
|
||||
|
@ -61,9 +68,10 @@
|
|||
loop_control:
|
||||
loop_var: chain
|
||||
index_var: index
|
||||
when: user_answer.user_input|bool == True
|
||||
|
||||
- name: Terraform provisioning
|
||||
shell: "echo yes | {{ terraform_location }} apply"
|
||||
shell: "echo yes | {{ terraform_location }} apply terraform.tfplan"
|
||||
args:
|
||||
chdir: "roles/main_infra/files"
|
||||
when: user_answer.user_input|bool == True
|
||||
|
@ -84,5 +92,5 @@
|
|||
|
||||
- name: Output info from Terraform
|
||||
debug:
|
||||
value: output.stdout_lines.instructions.value
|
||||
var: output.stdout_lines
|
||||
when: user_answer.user_input|bool == True
|
||||
|
|
|
@ -18,7 +18,7 @@ data "aws_ami" "explorer" {
|
|||
}
|
||||
|
||||
resource "aws_launch_configuration" "explorer" {
|
||||
name_prefix = "${var.prefix}-explorer-launchconfig-"
|
||||
name_prefix = "${var.prefix}-explorer-launchconfig"
|
||||
image_id = "${data.aws_ami.explorer.id}"
|
||||
instance_type = "${var.instance_type}"
|
||||
security_groups = ["${aws_security_group.app.id}"]
|
||||
|
@ -39,23 +39,24 @@ resource "aws_launch_configuration" "explorer" {
|
|||
}
|
||||
}
|
||||
|
||||
resource "aws_placement_group" "explorer" {
|
||||
count = "${var.use_placement_group ? length(var.chains): 0}"
|
||||
name = "${var.prefix}-explorer-placement-group${count.index}"
|
||||
{% for key, value in chain_custom_environment.iteritems() %}
|
||||
resource "aws_placement_group" "explorer-{{key}}" {
|
||||
name = "${var.prefix}-{{key}}-explorer-pg"
|
||||
strategy = "cluster"
|
||||
}
|
||||
{% endfor %}
|
||||
|
||||
resource "aws_autoscaling_group" "explorer" {
|
||||
count = "${length(var.chains)}"
|
||||
name = "${aws_launch_configuration.explorer.name}-asg${count.index}"
|
||||
max_size = "${length(var.chains) * 4}"
|
||||
min_size = "${length(var.chains)}"
|
||||
desired_capacity = "${length(var.chains)}"
|
||||
placement_group = "${var.use_placement_group ? aws_placement_group.explorer.*.id[count.index] : "zero"}"
|
||||
{% for key, value in chain_custom_environment.iteritems() %}
|
||||
resource "aws_autoscaling_group" "explorer-{{key}}" {
|
||||
name = "${aws_launch_configuration.explorer.name}-asg-{{key}}"
|
||||
max_size = "4"
|
||||
min_size = "1"
|
||||
desired_capacity = "1"
|
||||
{% if value['USE_PLACEMENT_GROUP'] == "true" %} placement_group = "${var.prefix}-{{key}}-explorer-pg" {% endif %}
|
||||
launch_configuration = "${aws_launch_configuration.explorer.name}"
|
||||
vpc_zone_identifier = ["${aws_subnet.default.id}"]
|
||||
availability_zones = ["${data.aws_availability_zones.available.names}"]
|
||||
target_group_arns = ["${aws_lb_target_group.explorer.*.arn[count.index]}"]
|
||||
target_group_arns = ["${aws_lb_target_group.explorer.*.arn[{{loop.index-1}}]}"]
|
||||
|
||||
# Health checks are performed by CodeDeploy hooks
|
||||
health_check_type = "EC2"
|
||||
|
@ -69,7 +70,11 @@ resource "aws_autoscaling_group" "explorer" {
|
|||
]
|
||||
|
||||
depends_on = [
|
||||
"aws_ssm_parameter.db_host"
|
||||
"aws_ssm_parameter.db_host",
|
||||
"aws_ssm_parameter.db_name",
|
||||
"aws_ssm_parameter.db_port",
|
||||
"aws_ssm_parameter.db_username",
|
||||
"aws_ssm_parameter.db_password"
|
||||
]
|
||||
|
||||
lifecycle {
|
||||
|
@ -84,26 +89,25 @@ resource "aws_autoscaling_group" "explorer" {
|
|||
|
||||
tag {
|
||||
key = "chain"
|
||||
value = "${element(var.chains,count.index)}"
|
||||
value = "{{ key }}"
|
||||
propagate_at_launch = true
|
||||
}
|
||||
}
|
||||
|
||||
# TODO: These autoscaling policies are not currently wired up to any triggers
|
||||
resource "aws_autoscaling_policy" "explorer-up" {
|
||||
count = "${length(var.chains)}"
|
||||
name = "${var.prefix}-explorer-autoscaling-policy-up${count.index}"
|
||||
autoscaling_group_name = "${element(aws_autoscaling_group.explorer.*.name, count.index)}"
|
||||
name = "${var.prefix}-{{key}}-explorer-autoscaling-policy-up"
|
||||
autoscaling_group_name = "${aws_autoscaling_group.explorer-{{key}}.name}"
|
||||
adjustment_type = "ChangeInCapacity"
|
||||
scaling_adjustment = 1
|
||||
cooldown = 300
|
||||
}
|
||||
|
||||
resource "aws_autoscaling_policy" "explorer-down" {
|
||||
count = "${length(var.chains)}"
|
||||
name = "${var.prefix}-explorer-autoscaling-policy-down${count.index}"
|
||||
autoscaling_group_name = "${element(aws_autoscaling_group.explorer.*.name, count.index)}"
|
||||
name = "${var.prefix}-{{key}}-explorer-autoscaling-policy-down"
|
||||
autoscaling_group_name = "${aws_autoscaling_group.explorer-{{key}}.name}"
|
||||
adjustment_type = "ChangeInCapacity"
|
||||
scaling_adjustment = -1
|
||||
cooldown = 300
|
||||
}
|
||||
{% endfor %}
|
|
@ -58,30 +58,19 @@ resource "aws_lb_target_group" "explorer" {
|
|||
}
|
||||
}
|
||||
|
||||
# The Listener for the ALB (HTTP protocol)
|
||||
resource "aws_alb_listener" "alb_listener_http" {
|
||||
count = "${var.use_ssl == "true" ? 0 : length(var.chains)}"
|
||||
load_balancer_arn = "${aws_lb.explorer.*.arn[count.index]}"
|
||||
port = 80
|
||||
protocol = "HTTP"
|
||||
|
||||
{% for key, value in chain_custom_environment.iteritems() %}
|
||||
resource "aws_alb_listener" "alb_listener{{loop.index-1}}" {
|
||||
load_balancer_arn = "${aws_lb.explorer.*.arn[{{loop.index-1}}]}"
|
||||
port = "${lookup(var.use_ssl,element(var.chains,{{loop.index-1}})) ? "443" : "80" }"
|
||||
protocol = "${lookup(var.use_ssl,element(var.chains,{{loop.index-1}})) ? "HTTPS" : "HTTP" }"
|
||||
{% if value['ECTO_USE_SSL'] == "true" %}
|
||||
ssl_policy = "${lookup(var.use_ssl,element(var.chains,{{loop.index-1}})) ? var.alb_ssl_policy : "null" }"
|
||||
certificate_arn = "${lookup(var.use_ssl,element(var.chains,{{loop.index-1}})) ? var.alb_certificate_arn : "null" }"
|
||||
{% endif %}
|
||||
default_action {
|
||||
type = "forward"
|
||||
target_group_arn = "${aws_lb_target_group.explorer.*.arn[count.index]}"
|
||||
target_group_arn = "${aws_lb_target_group.explorer.*.arn[{{loop.index-1}}]}"
|
||||
}
|
||||
}
|
||||
|
||||
# The Listener for the ALB (HTTPS protocol)
|
||||
resource "aws_alb_listener" "alb_listener_https" {
|
||||
count = "${var.use_ssl == "true" ? length(var.chains) : 0}"
|
||||
load_balancer_arn = "${aws_lb.explorer.*.arn[count.index]}"
|
||||
port = 443
|
||||
protocol = "HTTPS"
|
||||
ssl_policy = "${var.alb_ssl_policy}"
|
||||
certificate_arn = "${var.alb_certificate_arn}"
|
||||
|
||||
default_action {
|
||||
type = "forward"
|
||||
target_group_arn = "${aws_lb_target_group.explorer.*.arn[count.index]}"
|
||||
}
|
||||
}
|
||||
{% endfor %}
|
|
@ -8,32 +8,31 @@ db_subnet_cidr = "{{ db_subnet_cidr }}"
|
|||
dns_zone_name = "{{ dns_zone_name }}"
|
||||
instance_type = "{{ instance_type }}"
|
||||
root_block_size = "{{ root_block_size }}"
|
||||
use_placement_group = "{{ use_placement_group }}"
|
||||
alb_ssl_policy = "{{ alb_ssl_policy }}"
|
||||
alb_certificate_arn = "{{ alb_certificate_arn }}"
|
||||
elixir_version = "{{ elixir_version }}"
|
||||
|
||||
pool_size = {
|
||||
{% for key, value in chain_custom_environment.iteritems() %}
|
||||
{{ key }}={{ value['POOL_SIZE'] }}{% if not loop.last %},{% endif %}
|
||||
{{ key }}="{{ value['POOL_SIZE'] }}"{% if not loop.last %},{% endif %}
|
||||
{% endfor %}
|
||||
}
|
||||
|
||||
secret_key_base = {
|
||||
{% for key, value in chain_custom_environment.iteritems() %}
|
||||
{{ key }}={{ value['SECRET_KEY_BASE'] }}{% if not loop.last %},{% endif %}
|
||||
{{ key }}="{{ value['SECRET_KEY_BASE'] }}"{% if not loop.last %},{% endif %}
|
||||
{% endfor %}
|
||||
}
|
||||
|
||||
use_ssl = {
|
||||
{% for key, value in chain_custom_environment.iteritems() %}
|
||||
{{ key }}={{ value['ECTO_USE_SSL'] }}{% if not loop.last %},{% endif %}
|
||||
{{ key }}="{{ value['ECTO_USE_SSL'] }}"{% if not loop.last %},{% endif %}
|
||||
{% endfor %}
|
||||
}
|
||||
|
||||
chains = [
|
||||
{% for key in chain_custom_environment.iteritems() %}
|
||||
{{ key }}{% if not loop.last %},{% endif %}
|
||||
{% for key,value in chain_custom_environment.iteritems() %}
|
||||
"{{ key }}"{% if not loop.last %},{% endif %}
|
||||
{% endfor %}
|
||||
]
|
||||
|
||||
|
|
|
@ -75,12 +75,18 @@
|
|||
vars:
|
||||
path: "/{{ prefix }}/{{ chain }}"
|
||||
|
||||
- name: Make config variables lowercase
|
||||
set_fact:
|
||||
chain_lower_env: "{{ chain_lower_env | combine ({item.key|lower : item.value}) }}"
|
||||
with_dict: "{{ chain_custom_environment_chain }}"
|
||||
vars:
|
||||
chain_lower_env: {}
|
||||
chain_custom_environment_chain: "{{ chain_cec[chain] | default({}) }}"
|
||||
chain_cec: "{{ chain_custom_environment | default ({}) }}"
|
||||
|
||||
- name: Override env variables
|
||||
set_fact:
|
||||
chain_env: "{{ chain_env | combine(chain_custom_environment_chain) }}"
|
||||
vars:
|
||||
chain_custom_environment_chain: "{{ chain_cec[chain] | default({}) }}"
|
||||
chain_cec: "{{ chain_custom_environment | default ({}) }}"
|
||||
chain_env: "{{ chain_env | combine(chain_lower_env) }}"
|
||||
|
||||
- name: Uppercase chain
|
||||
set_fact:
|
||||
|
@ -135,7 +141,7 @@
|
|||
- "blockscout-{{ chain }}/apps/block_scout_web/assets/node_modules/"
|
||||
- "blockscout-{{ chain }}/apps/explorer/node_modules/"
|
||||
- "blockscout-{{ chain }}/logs/dev/"
|
||||
when: user_answer.user_input|default(true)|bool != false
|
||||
when: user_answer.user_input|lower != "false" or user_answer.user_input|lower != "no"
|
||||
|
||||
- name: Fix bug with favicon
|
||||
copy:
|
||||
|
@ -161,24 +167,16 @@
|
|||
prompt: "Do you want to update the Parameter Store variables? [Yes/No] Default: Yes"
|
||||
register: user_answer
|
||||
|
||||
- name: Prepare variables for Parameter Store
|
||||
set_fact:
|
||||
chain_lower_env: "{{ chain_lower_env | combine ({item.key|lower : item.value}) }}"
|
||||
with_dict: "{{ chain_upper_env }}"
|
||||
vars:
|
||||
chain_lower_env: {}
|
||||
when: user_answer.user_input|default(true)|bool != false
|
||||
|
||||
- name: Update chain variables
|
||||
aws_ssm_parameter_store:
|
||||
name: "/{{ prefix }}/{{ chain }}/{{ item.key }}"
|
||||
value: "{{ item.value }}"
|
||||
with_dict: "{{ chain_lower_env }}"
|
||||
with_dict: "{{ chain_env }}"
|
||||
environment:
|
||||
AWS_ACCESS_KEY_ID: "{{ aws_access_key }}"
|
||||
AWS_SECRET_ACCESS_KEY: "{{ aws_secret_key }}"
|
||||
AWS_REGION: "{{ region }}"
|
||||
when: user_answer.user_input|default(true)|bool != false
|
||||
when: user_answer.user_input|lower != "false" or user_answer.user_input|lower != "no"
|
||||
|
||||
- name: User prompt
|
||||
pause:
|
||||
|
@ -187,7 +185,7 @@
|
|||
|
||||
- name: Deploy Blockscout
|
||||
command: "{{ push_output.stdout_lines[1] }} --deployment-group-name {{ prefix }}-explorer-dg{{ index }} --deployment-config-name CodeDeployDefault.OneAtATime --description '{{ chain_upper_env['BLOCKSCOUT_VERSION'] }}'"
|
||||
when: user_answer.user_input|default(true)|bool != false
|
||||
when: user_answer.user_input|lower != "false" or user_answer.user_input|lower != "no"
|
||||
environment:
|
||||
AWS_ACCESS_KEY_ID: "{{ aws_access_key }}"
|
||||
AWS_SECRET_ACCESS_KEY: "{{ aws_secret_key }}"
|
||||
|
|
Loading…
Reference in New Issue