feat(rancher): AWS - Switch Rancher Server public ip to EIP

This keeps the public ip static. Changes to the instance, e.g. shutdown/start, will not cause an assignment of a new public IP address anymore. Solves issues were destroy failed at 'rancher2_bootstrap' and 'rancher2_cluster_v2' because the public ip was already removed. Fixes: rancher#223 Fixes: rancher#242
wombelix · Nov 4, 2024 · 0388039 · 0388039
1 parent 11ad74a
commit 0388039
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 3 deletions.
diff --git a/rancher/aws/infra.tf b/rancher/aws/infra.tf
@@ -92,6 +92,13 @@ resource "aws_security_group" "rancher_sg_allowall" {
   }
 }
 
+# EIP resource for Rancher Server
+resource "aws_eip" "rancher_server" {
+  domain   = "vpc"
+
+  depends_on = [aws_internet_gateway.rancher_gateway]
+}
+
 # AWS EC2 instance for creating a single node RKE cluster and installing the Rancher server
 resource "aws_instance" "rancher_server" {
   depends_on = [
@@ -130,11 +137,17 @@ resource "aws_instance" "rancher_server" {
   }
 }
 
+# EIP explicit allocation for Rancher Server
+resource "aws_eip_association" "rancher_server" {
+  instance_id   = aws_instance.rancher_server.id
+  allocation_id = aws_eip.rancher_server.id
+}
+
 # Rancher resources
 module "rancher_common" {
   source = "../rancher-common"
 
-  node_public_ip             = aws_instance.rancher_server.public_ip
+  node_public_ip             = aws_eip_association.rancher_server.public_ip
   node_internal_ip           = aws_instance.rancher_server.private_ip
   node_username              = local.node_username
   ssh_private_key_pem        = tls_private_key.global_key.private_key_pem
@@ -144,7 +157,7 @@ module "rancher_common" {
   rancher_version         = var.rancher_version
   rancher_helm_repository = var.rancher_helm_repository
 
-  rancher_server_dns = join(".", ["rancher", aws_instance.rancher_server.public_ip, "sslip.io"])
+  rancher_server_dns = join(".", ["rancher", aws_eip_association.rancher_server.public_ip, "sslip.io"])
 
   admin_password = var.rancher_server_admin_password
 

diff --git a/rancher/aws/output.tf b/rancher/aws/output.tf
@@ -3,7 +3,7 @@ output "rancher_server_url" {
 }
 
 output "rancher_node_ip" {
-  value = aws_instance.rancher_server.public_ip
+  value = aws_eip.rancher_server.public_ip
 }
 
 output "workload_node_ip" {