Skip to content

Notes on Docker HOST Terraform Script

Jump to bottom
Richard Hightower edited this page Nov 28, 2017 · 1 revision

Initial plan for terraform

/tf-ec2-docker-host-instance/connect.sh

#!/bin/bash
#
#if [ $# -lt 1 ];
#then
#        echo "USAGE: connect <host>"
#        exit 1
#fi

ssh-keygen -R `terraform output private_ip`
ssh -o "StrictHostKeyChecking no" \
    -i ../tf-aws-instance/resources/server/certs/test_rsa \
    centos@`terraform output private_ip`

/tf-ec2-docker-host-instance/docker_login.sh

docker login -u AWS -p eyJwYXlsb2FkIjoiV2NUeHJqeXpZUlZXQm5CanhGYSs0R2phUWFuQnNmUW1FRnA0N3ltcVNsclEydGJjV0tRZXFMRmpRL3RyeW1ocFJkVkVQV0NrSEh4ZHRyYlJ3YUtsa1ZsUzM4UVFyczVwdEdpUFo5WTF0WEZHajF4Ym1NNjMzQWRIUjc2M2FHRjk4L1RPb3JTelJUTEkya1RyeGNOYTBmRzladWJLRThBYzdsZ2NISUFSL0piYkJNa1p5Vy95bFFWL2dnOHpBbVRUWXdRTGRMV0tZL1E2WkM5YjhKZEJudlExOW9NRnozcGVLNlZTZzMxVzZxQkFoemt5Q1QyN25IVnUycms3R3I3Vy9GNWxBY0g2UFFsWHFjOWxOMTdVQ05KQWRmLzdYenhsajVoWmZxdzY4TUMrYVNLQkUrS1g0U201WGtSVGtQemNZYXN5SFBodVpYYlhmSTVrOUNEUG93bTRMRWt2RlFjZ29jblZCN0E4N1pJcUw5Y0hUVVMvaW04QnBqaHl1TFpWdGdNZ2VjRDFyaVNzaXJFaGVjb0hPVnh5SW1XTWUyM1VsRXdpWjNHeDBRYWtZaUtaSVQ0OUVOb1hyVDdlS0lTbGRGTWRQRU5IZXFOckFrM2JHVWVHdnQ1MEVZcmkzYjdqUVpOWmFENVYwTFlDcnJEVzU1T0ZnSHFrNWFVY1oxVW02bVhyKzdWRHpZM2ZJamY2VFhlNXJzNE1semZaYU5lamdYc1c1RElvVVluSmc4a3didGpkQkJmeU5kWE1PQ1pvMnRsTXN6VWwxd1VMMFF1dXJVaVIycmRlcEZqVEhPZ2FVKzJQeEcvWDJYMFdZOXQ1aUJxUERJa2thekkwZVZ5YlErNXZGY0NjbnVzdlQ4QnRlOEc0REJvOU5hL1VVMUlxNkZoSFk1VWRsQndRb2JhME13Mytvb2pkQXBaK3hOQnprZnczMmhWVFNSTlRMSVNNRHVjMVFSejR0UVM3N3JsYkNmc2xZaDZRc3BUc2Iwd1VCZEdBRUEzd3ZIVWhyZWJoUVVkY2h4emEyYnRlb0tDc092N1ZQY0RUdGhhSFloUWVPeHZtbDBWS0JIMXczc3lraXdkQzFzajg0SE5MZW9xUlYvd1NLQVJxa2hoWnlGL21SWkRQZ09MTDdmQWZaZGpIQ09TbS9DQUtIOU9QMkN2cDhlR3ZkNmdKanhHODlQdkNpTGwyR2U1RE5tdTR1NWV0STFhQkpIWk8zS0k0TGFOMUJ1bWJBK2dEOWx0eWVyZVNBWkpwVnNtTnZvcW9Xdk1TUU5ZdTFWRStTT1BudjRzTFplaWRJMWdRbW1ub2JGeTdnSXpwTERwOUQwUkI4OVNWZ082SXZFNS9LQnZtVkt1RVVMa296M2IxbWlKRCtxU3pGSFJFY3Q3bEI5eko5bHI0MG9CTEw1eklTa29sdmlScUdrK2NzWWhTUzNERGFvNVRKeWtSc0pCR1lrb2dBM0UwbmtiREtKWVFGOWUvU2tJbHlJbmp2eVdla0pWR0dmcUIrY3czcTRDOFJOeW1WVzVZSmlNN0k5RzlPS3JaUFFudGVVR1hJdXNBRjVCbkVreE1zNGVtc0crbjd3WEFJeE5IZkRDQnM2Y21mVDlYNWhsK2R4QTd3NmxQZ000djVTczQ0UDRwdFJtU2p5WlhQN2Q2OWE4bDBpVlNRUWdHVktvcTJXRjZBLzU3TUNFWTl1Tk5PKzJKV3FiM2hJZjBaQlpBSXQwV1JYYU9Jczk5UUg5eFdqcTNldktWallMRDJ1QjJiYzFJUXJYMXZpZnpMY0JLVGhWR2QvUHczSHBES0dRbzNHM3RVem41Kyt1NFpnPT0iLCJkYXRha2V5IjoiQVFFQkFIaHdtMFlhSVNKZVJ0Sm01bjFHNnVxZWVrWHVvWFhQZTVVRmNlOVJxOC8xNHdBQUFINHdmQVlKS29aSWh2Y05BUWNHb0c4d2JRSUJBREJvQmdrcWhraUc5dzBCQndFd0hnWUpZSVpJQVdVREJBRXVNQkVFREJ0UXdqWXdSOXpldWdFcmpRSUJFSUE3UEUxaTIxZzdyUzdZc1NIaTNtTHgwLzRJY3BPU09Va1hJakxWNGFwQm1PUWNKRUVFblBMY0w5dFdGWnlySTF6WmVyYW9JL01ZNVN2N0JnST0iLCJ2ZXJzaW9uIjoiMiIsInR5cGUiOiJEQVRBX0tFWSIsImV4cGlyYXRpb24iOjE1MTEwMTI5NjZ9 https://007044232879.dkr.ecr.us-east-1.amazonaws.com

/tf-ec2-docker-host-instance/log_into_aws_docker.sh

#!/usr/bin/env bash

docker_login=$(aws ecr get-login --no-include-email --region us-east-1 --profile GR_GG_COF_AWS_STSdigital_Prod_ReadOnly)

echo "${docker_login}" > docker_login.sh
chmod +x docker_login.sh

./docker_login.sh

/tf-ec2-docker-host-instance/main.tf

module "aws-instance-module" {
  //source = "git::https://github.shc.cloudurable.com/jpAzar/tf-aws-infrastructure"
  source = "../tf-aws-instance"
  region = "${var.region}"
  // "us-east-1"
  environment = "${var.environment}"
  //"dev"
  unique_name = "${var.unique_name}"
  os = "${var.os}"
  az_letter = "${var.az_letter}"
  name = "${var.name}"
  role = "${var.role}"
  type = "ec2DockerHostInstance"
  cost-center = "${var.cost-center}"
  ci-group = "${var.ci-group}"
  owner_contact = "${var.owner_contact}"
  eni_id = "${var.eni_id}"
  os_install_packages = ["docker", "unzip", "wget"]
  volume_0_id = "${var.volume_0_id}"
  volume_0_device_name = "${var.volume_0_device_name}"
  volume_0_mount_point = "${var.volume_0_mount_point}"
  volume_1_id = "${var.volume_1_id}"
  volume_1_device_name = "${var.volume_1_device_name}"
  volume_1_mount_point = "${var.volume_1_mount_point}"
  volume_2_id = "${var.volume_2_id}"
  volume_2_device_name = "${var.volume_2_device_name}"
  volume_2_mount_point = "${var.volume_2_mount_point}"
  volume_3_id = "${var.volume_3_id}"
  volume_3_device_name = "${var.volume_3_device_name}"
  volume_3_mount_point = "${var.volume_3_mount_point}"
  volume_4_id = "${var.volume_4_id}"
  volume_4_device_name = "${var.volume_4_device_name}"
  volume_4_mount_point = "${var.volume_4_mount_point}"
  pub_key = "${var.pub_key}"
  http_proxy = "http://aws-proxy-${var.environment}.cloud.cloudurable.com:8099"
  no_proxy = "${var.no_proxy}"
  centrify_on = "${var.centrify_on}"
  centrify_group = "${var.centrify_group}"
  placement_group = "${var.placement_group}"
  user_data_list = [
    <<END
      # Install aws command line tools
      curl "https://s3.amazonaws.com/aws-cli/awscli-bundle.zip" -o "awscli-bundle.zip"
      unzip awscli-bundle.zip
      ./awscli-bundle/install -i /usr/share/aws -b /usr/bin/aws
      rm -rf ./awscli-bundle/install
    END
    ,
    <<END
      # Configure docker host system service
      mkdir -p /etc/systemd/system/docker.service.d
      echo "[Service]" >> /etc/systemd/system/docker.service.d/http-proxy.conf
      echo 'Environment="HTTP_PROXY=http://aws-proxy-${var.environment}.cloud.cloudurable.com:8099"' \
          >> /etc/systemd/system/docker.service.d/http-proxy.conf
      echo 'Environment="HTTPS_PROXY=http://aws-proxy-${var.environment}.cloud.cloudurable.com:8099"' \
          >> /etc/systemd/system/docker.service.d/http-proxy.conf
      echo 'Environment="NO_PROXY=${var.no_proxy}"' \
          >> /etc/systemd/system/docker.service.d/http-proxy.conf

    END
    ,
    <<END
      # Install and run docker as systemd service
      # Start docker on restart
      systemctl enable  docker
      # Start it now
      systemctl start  docker
      # Show it was started
      systemctl status  docker
      # Show proxy info
      systemctl show --property Environment docker | cat
    END
    ,
    "${data.template_file.docker_start.rendered}"
    ,
    "${var.user_data}"
  ]
}

data "template_file" "docker_start" {
  template = <<END
    docker run --name ${var.image_name} -d \
    --net=host \
    --restart always ${var.image_extra_docker_args} \
    $${volumes} $${env} ${var.image_repo}:${var.image_tag}
  END

  vars {
    env = "${length(var.image_environment_variables) > 0 ?
            "-e ${join("\\\n -e ", var.image_environment_variables)} \\\n" : ""}"
    volumes = "${length(var.image_volumes) > 0 ?
            "-v ${join("\\\n -v ", var.image_volumes)} \\\n" : ""}"
  }
}

/tf-ec2-docker-host-instance/outputs.tf

output "aws_instance_id" {
  value = "${module.aws-instance-module.aws_instance_id}"
}

output "private_ip" {
  value = "${module.aws-instance-module.private_ip}"
}

/tf-ec2-docker-host-instance/test.sh

#!/usr/bin/env bash

export TF_VAR_pub_key=`cat ../tf-aws-instance/resources/server/certs/test_rsa.pub`
#export TF_VAR_volume_0_id="vol-0f61e9b95a6b56830"
#export TF_VAR_volume_1_id="vol-0a66d09f1d134038e"
export TF_VAR_eni_id="eni-6f1673e3"
export TF_VAR_placement_group=diningcompanion-collection-service
export TF_VAR_image_repo="dockyard.cloud.cloudurable.com/ci-groupphoenix/emi-zookeeper"
export TF_VAR_image_tag="0.3"
export TF_VAR_image_name="zookeeper"

terraform $1 \
  -var 'volume_0_device_name=xvdf' \
  -var 'volume_0_mount_point=/opt/kafka/data' \
  -var 'volume_1_device_name=xvdg' \
  -var 'volume_1_mount_point=/opt/kafka/index' \
  -var 'environment=dev' \
  -var 'name=shopperTools' \
  -var 'role=kafkaNode0' \
  -var 'region=us-east-1' \
  -var 'os=centos' \
  -var 'az_letter=a' \
  -var "unique_name=abc123" \
  -var '[email protected]' \
  -var 'ci-group=CIGShoppingCart' \
  -var 'cost-center=ENVNPShoppingCart'

/tf-ec2-docker-host-instance/variables.tf

variable "name" {
  description = "Name of thing you are creating (app name or service name), i.e., sdp, matching-engine, shopper-tools."
}

variable "role" {
  description = "Role of thing you are creating, i.e., kafkaNode0, cassandraClusterNode1."
  default = ""
}

variable "owner_contact" {
  description = "Team contact"
}

variable "ci-group" {
  description = "CIG CI for the stack"
}

variable "cost-center" {
  description = "CostCenter tag"
}

variable "unique_name" {
  description = "unique name for system"
}

variable "environment" {
  description = "environment only, dev, qa, prod."
}

variable "region" {
  description = "region only"
}

variable "os" {
  description = "Operating system to use: centos, redhat, AWS Linux"
}

variable "az_letter" {
  description = "AZ letter a, b, c"
}

variable "pub_key" {
  default = ""
}

variable "no_proxy" {
  default = "169.254.169.254,.aws-code-dqa.cb4good.com,.shc.cloudurable.com,.ds.cloudurable.com,.dkr.ecr.us-east-1.amazonaws.com,.cloud.cloudurable.com,packages.us-east-1.amazonaws.com,127.0.0.1,localhost,/var/run/docker.sock"
}

variable "user_data_environment_variables" {
  default = ""
}

variable "image_repo" {
  description = "Repo of the image, e.g., dockyard.cloud.cloudurable.com/ci-groupphoenix/emi-zookeeper"
}

variable "user_data" {
  description = "user data"
  default = ""
}


variable "image_tag" {
  description = "Tag of the image (version), e.g., 0.3 or latest"
}

variable "image_name" {
  description = "name given to the image, e.g., zookeeper"
}

variable "image_extra_docker_args" {
  description = "Extra arguments"
  default = ""
}

variable "image_environment_variables" {
  description = "environment variables to pass to the image, zookeeper_quarom=123.45.67.55"
  type = "list"
  default = []
}

variable "image_volumes" {
  description = "Volume mappings to pass to the image, ec2disk:dockerdisk, /home/centos/logback.xml:/ops/env/dev/matching-engine/logback.xml"
  type = "list"
  default = []
}



variable "centrify_on" {
  default = "false"
}

variable "centrify_group" {

  default = "PAWS_ENVPR_HOMEPAGE_CG"
}


variable "placement_group" {
  default = ""
}

variable "eni_id" {
  default = ""
}


# -------------------------------------------------------------------------------- #
# volumes that you want to attach
# -------------------------------------------------------------------------------- #
variable "volume_0_id" {
  default = ""
}

variable "volume_0_mount_point" {
  default = ""
}

variable "volume_0_device_name" {
  default = ""
}

variable "volume_1_id" {
  default = ""
}

variable "volume_1_mount_point" {
  default = ""
}

variable "volume_1_device_name" {
  default = ""
}


variable "volume_2_id" {
  default = ""
}

variable "volume_2_mount_point" {
  default = ""
}

variable "volume_2_device_name" {
  default = ""
}

variable "volume_3_id" {
  default = ""
}

variable "volume_3_mount_point" {
  default = ""
}

variable "volume_3_device_name" {
  default = ""
}

variable "volume_4_id" {
  default = ""
}

variable "volume_4_mount_point" {
  default = ""
}

variable "volume_4_device_name" {
  default = ""
}


variable "volume_5_id" {
  default = ""
}

variable "volume_5_mount_point" {
  default = ""
}

variable "volume_5_device_name" {
  default = ""
}
Clone this wiki locally