diff --git a/examples/tectonic.aws.yaml b/examples/tectonic.aws.yaml index 373bf986c07..51cb0a89e1b 100644 --- a/examples/tectonic.aws.yaml +++ b/examples/tectonic.aws.yaml @@ -8,12 +8,6 @@ aws: # If name is not provided the installer will construct the name using "name", current AWS region and "baseDomain" # assetsS3BucketName: - # (optional) Extra AWS tags to be applied to created autoscaling group resources. - # This is a list of maps having the keys `key`, `value` and `propagate_at_launch`. - # - # Example: `[ { key = "foo", value = "bar", propagate_at_launch = true } ]` - # autoScalingGroupExtraTags: - # (optional) AMI override for all nodes. Example: `ami-foobar123`. # ec2AMIOverride: diff --git a/installer/pkg/config/aws/aws.go b/installer/pkg/config/aws/aws.go index 0e1793e1842..579eec846dc 100644 --- a/installer/pkg/config/aws/aws.go +++ b/installer/pkg/config/aws/aws.go @@ -20,7 +20,6 @@ const ( // AWS converts AWS related config. type AWS struct { - AutoScalingGroupExtraTags []map[string]string `json:"tectonic_autoscaling_group_extra_tags,omitempty" yaml:"autoScalingGroupExtraTags,omitempty"` EC2AMIOverride string `json:"tectonic_aws_ec2_ami_override,omitempty" yaml:"ec2AMIOverride,omitempty"` Endpoints Endpoints `json:"tectonic_aws_endpoints,omitempty" yaml:"endpoints,omitempty"` Etcd `json:",inline" yaml:"etcd,omitempty"` diff --git a/modules/aws/master-asg/master.tf b/modules/aws/master/main.tf similarity index 57% rename from modules/aws/master-asg/master.tf rename to modules/aws/master/main.tf index 16df02cb77f..a078a12e3ac 100644 --- a/modules/aws/master-asg/master.tf +++ b/modules/aws/master/main.tf @@ -10,66 +10,7 @@ module "ami" { release_version = "${var.container_linux_version}" } -resource "aws_autoscaling_group" "masters" { - name = "${var.cluster_name}-masters" - desired_capacity = "${var.instance_count}" - max_size = "${var.instance_count * 3}" - min_size = "${var.instance_count}" - launch_configuration = "${aws_launch_configuration.master_conf.id}" - vpc_zone_identifier = ["${var.subnet_ids}"] - - load_balancers = ["${var.aws_lbs}"] - - tags = [ - { - key = "Name" - value = "${var.cluster_name}-master" - propagate_at_launch = true - }, - { - key = "kubernetes.io/cluster/${var.cluster_name}" - value = "owned" - propagate_at_launch = true - }, - { - key = "tectonicClusterID" - value = "${var.cluster_id}" - propagate_at_launch = true - }, - "${var.autoscaling_group_extra_tags}", - ] - - lifecycle { - create_before_destroy = true - } -} - -resource "aws_launch_configuration" "master_conf" { - instance_type = "${var.ec2_type}" - image_id = "${coalesce(var.ec2_ami, module.ami.id)}" - name_prefix = "${var.cluster_name}-master-" - security_groups = ["${var.master_sg_ids}"] - iam_instance_profile = "${aws_iam_instance_profile.master_profile.arn}" - associate_public_ip_address = "${var.public_endpoints}" - user_data = "${var.user_data_ign}" - - lifecycle { - create_before_destroy = true - - # Ignore changes in the AMI which force recreation of the resource. This - # avoids accidental deletion of nodes whenever a new CoreOS Release comes - # out. - ignore_changes = ["image_id"] - } - - root_block_device { - volume_type = "${var.root_volume_type}" - volume_size = "${var.root_volume_size}" - iops = "${var.root_volume_type == "io1" ? var.root_volume_iops : 0}" - } -} - -resource "aws_iam_instance_profile" "master_profile" { +resource "aws_iam_instance_profile" "master" { name = "${var.cluster_name}-master-profile" role = "${var.master_iam_role == "" ? @@ -115,30 +56,29 @@ resource "aws_iam_role_policy" "master_policy" { "Version": "2012-10-17", "Statement": [ { - "Action": "ec2:*", + "Action": "ec2:Describe*", "Resource": "*", "Effect": "Allow" }, { - "Action": "elasticloadbalancing:*", - "Resource": "*", - "Effect": "Allow" + "Effect": "Allow", + "Action": "ec2:AttachVolume", + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": "ec2:DetachVolume", + "Resource": "*" }, { "Action" : [ - "s3:GetObject", - "s3:HeadObject", - "s3:ListBucket", - "s3:PutObject" + "s3:GetObject" ], "Resource": "arn:${local.arn}:s3:::*", "Effect": "Allow" }, { - "Action" : [ - "autoscaling:DescribeAutoScalingGroups", - "autoscaling:DescribeAutoScalingInstances" - ], + "Action": "elasticloadbalancing:*", "Resource": "*", "Effect": "Allow" } @@ -146,3 +86,46 @@ resource "aws_iam_role_policy" "master_policy" { } EOF } + +resource "aws_instance" "master" { + count = "${var.instance_count}" + ami = "${coalesce(var.ec2_ami, module.ami.id)}" + + iam_instance_profile = "${aws_iam_instance_profile.master.name}" + instance_type = "${var.ec2_type}" + subnet_id = "${element(var.subnet_ids, count.index)}" + user_data = "${var.user_data_ign}" + vpc_security_group_ids = ["${var.master_sg_ids}"] + associate_public_ip_address = "${var.public_endpoints}" + + lifecycle { + # Ignore changes in the AMI which force recreation of the resource. This + # avoids accidental deletion of nodes whenever a new CoreOS Release comes + # out. + ignore_changes = ["ami"] + } + + tags = "${merge(map( + "Name", "${var.cluster_name}-master-${count.index}", + "kubernetes.io/cluster/${var.cluster_name}", "owned", + "tectonicClusterID", "${var.cluster_id}" + ), var.extra_tags)}" + + root_block_device { + volume_type = "${var.root_volume_type}" + volume_size = "${var.root_volume_size}" + iops = "${var.root_volume_type == "io1" ? var.root_volume_iops : 0}" + } + + volume_tags = "${merge(map( + "Name", "${var.cluster_name}-master-${count.index}-vol", + "kubernetes.io/cluster/${var.cluster_name}", "owned", + "tectonicClusterID", "${var.cluster_id}" + ), var.extra_tags)}" +} + +resource "aws_elb_attachment" "masters" { + count = "${length(var.aws_lbs) * var.instance_count}" + elb = "${var.aws_lbs[count.index / var.instance_count]}" + instance = "${aws_instance.master.*.id[count.index % var.instance_count]}" +} diff --git a/modules/aws/master-asg/outputs.tf b/modules/aws/master/outputs.tf similarity index 62% rename from modules/aws/master-asg/outputs.tf rename to modules/aws/master/outputs.tf index 6dbea153ecb..74488bdbcbf 100644 --- a/modules/aws/master-asg/outputs.tf +++ b/modules/aws/master/outputs.tf @@ -1,7 +1,3 @@ -output "aws_launch_configuration" { - value = "${aws_launch_configuration.master_conf.id}" -} - output "subnet_ids" { value = "${var.subnet_ids}" } diff --git a/modules/aws/master-asg/variables.tf b/modules/aws/master/variables.tf similarity index 92% rename from modules/aws/master-asg/variables.tf rename to modules/aws/master/variables.tf index e6ea8da7789..7f9f019bb46 100644 --- a/modules/aws/master-asg/variables.tf +++ b/modules/aws/master/variables.tf @@ -1,9 +1,3 @@ -variable "autoscaling_group_extra_tags" { - description = "Extra AWS tags to be applied to created autoscaling group resources." - type = "list" - default = [] -} - variable "base_domain" { type = "string" description = "Domain on which the ELB records will be created" diff --git a/modules/aws/worker-asg/worker.tf b/modules/aws/worker/main.tf similarity index 54% rename from modules/aws/worker-asg/worker.tf rename to modules/aws/worker/main.tf index 5a2fbfbdb56..3617669313f 100644 --- a/modules/aws/worker-asg/worker.tf +++ b/modules/aws/worker/main.tf @@ -10,70 +10,7 @@ module "ami" { release_version = "${var.container_linux_version}" } -resource "aws_launch_configuration" "worker_conf" { - instance_type = "${var.ec2_type}" - image_id = "${coalesce(var.ec2_ami, module.ami.id)}" - name_prefix = "${var.cluster_name}-worker-" - security_groups = ["${var.sg_ids}"] - iam_instance_profile = "${aws_iam_instance_profile.worker_profile.arn}" - user_data = "${var.user_data_ign}" - - lifecycle { - create_before_destroy = true - - # Ignore changes in the AMI which force recreation of the resource. This - # avoids accidental deletion of nodes whenever a new CoreOS Release comes - # out. - ignore_changes = ["image_id"] - } - - root_block_device { - volume_type = "${var.root_volume_type}" - volume_size = "${var.root_volume_size}" - iops = "${var.root_volume_type == "io1" ? var.root_volume_iops : 0}" - } -} - -resource "aws_autoscaling_group" "workers" { - name = "${var.cluster_name}-workers" - desired_capacity = "${var.instance_count}" - max_size = "${var.instance_count * 3}" - min_size = "${var.instance_count}" - launch_configuration = "${aws_launch_configuration.worker_conf.id}" - vpc_zone_identifier = ["${var.subnet_ids}"] - - tags = [ - { - key = "Name" - value = "${var.cluster_name}-worker" - propagate_at_launch = true - }, - { - key = "kubernetes.io/cluster/${var.cluster_name}" - value = "owned" - propagate_at_launch = true - }, - { - key = "tectonicClusterID" - value = "${var.cluster_id}" - propagate_at_launch = true - }, - "${var.autoscaling_group_extra_tags}", - ] - - lifecycle { - create_before_destroy = true - } -} - -resource "aws_autoscaling_attachment" "workers" { - count = "${length(var.load_balancers)}" - - autoscaling_group_name = "${aws_autoscaling_group.workers.name}" - elb = "${var.load_balancers[count.index]}" -} - -resource "aws_iam_instance_profile" "worker_profile" { +resource "aws_iam_instance_profile" "worker" { name = "${var.cluster_name}-worker-profile" role = "${var.worker_iam_role == "" ? @@ -144,16 +81,50 @@ resource "aws_iam_role_policy" "worker_policy" { ], "Resource": "arn:${local.arn}:s3:::*", "Effect": "Allow" - }, - { - "Action" : [ - "autoscaling:DescribeAutoScalingGroups", - "autoscaling:DescribeAutoScalingInstances" - ], - "Resource": "*", - "Effect": "Allow" } ] } EOF } + +resource "aws_instance" "worker" { + count = "${var.instance_count}" + ami = "${coalesce(var.ec2_ami, module.ami.id)}" + + iam_instance_profile = "${aws_iam_instance_profile.worker.name}" + instance_type = "${var.ec2_type}" + subnet_id = "${element(var.subnet_ids, count.index)}" + user_data = "${var.user_data_ign}" + vpc_security_group_ids = ["${var.sg_ids}"] + + lifecycle { + # Ignore changes in the AMI which force recreation of the resource. This + # avoids accidental deletion of nodes whenever a new CoreOS Release comes + # out. + ignore_changes = ["image_id"] + } + + tags = "${merge(map( + "Name", "${var.cluster_name}-worker-${count.index}", + "kubernetes.io/cluster/${var.cluster_name}", "owned", + "tectonicClusterID", "${var.cluster_id}" + ), var.extra_tags)}" + + root_block_device { + volume_type = "${var.root_volume_type}" + volume_size = "${var.root_volume_size}" + iops = "${var.root_volume_type == "io1" ? var.root_volume_iops : 0}" + } + + volume_tags = "${merge(map( + "Name", "${var.cluster_name}-master-${count.index}-vol", + "kubernetes.io/cluster/${var.cluster_name}", "owned", + "tectonicClusterID", "${var.cluster_id}" + ), var.extra_tags)}" +} + +resource "aws_elb_attachment" "workers" { + count = "${length(var.load_balancers) * var.instance_count}" + elb = "${var.load_balancers[count.index / var.instance_count]}" + instance = "${aws_instance.worker.*.id[count.index % var.instance_count]}" +} diff --git a/modules/aws/worker-asg/outputs.tf b/modules/aws/worker/outputs.tf similarity index 63% rename from modules/aws/worker-asg/outputs.tf rename to modules/aws/worker/outputs.tf index 42214d08429..2c98db9a290 100644 --- a/modules/aws/worker-asg/outputs.tf +++ b/modules/aws/worker/outputs.tf @@ -1,7 +1,3 @@ -output "aws_launch_configuration" { - value = "${aws_launch_configuration.worker_conf.id}" -} - output "subnet_ids" { value = "${var.subnet_ids}" } diff --git a/modules/aws/worker-asg/variables.tf b/modules/aws/worker/variables.tf similarity index 91% rename from modules/aws/worker-asg/variables.tf rename to modules/aws/worker/variables.tf index ce546d01fea..131088984c5 100644 --- a/modules/aws/worker-asg/variables.tf +++ b/modules/aws/worker/variables.tf @@ -48,12 +48,6 @@ variable "extra_tags" { default = {} } -variable "autoscaling_group_extra_tags" { - description = "Extra AWS tags to be applied to created autoscaling group resources." - type = "list" - default = [] -} - variable "region" { type = "string" diff --git a/steps/joining_workers/aws/workers.tf b/steps/joining_workers/aws/workers.tf index 7e0ceba33ab..d4bdb498886 100644 --- a/steps/joining_workers/aws/workers.tf +++ b/steps/joining_workers/aws/workers.tf @@ -17,25 +17,24 @@ module "container_linux" { } module "workers" { - source = "../../../modules/aws/worker-asg" + source = "../../../modules/aws/worker" - autoscaling_group_extra_tags = "${var.tectonic_autoscaling_group_extra_tags}" - cluster_id = "${var.tectonic_cluster_id}" - cluster_name = "${var.tectonic_cluster_name}" - container_linux_channel = "${var.tectonic_container_linux_channel}" - container_linux_version = "${module.container_linux.version}" - ec2_type = "${var.tectonic_aws_worker_ec2_type}" - extra_tags = "${var.tectonic_aws_extra_tags}" - instance_count = "${var.tectonic_worker_count}" - load_balancers = "${var.tectonic_aws_worker_load_balancers}" - region = "${var.tectonic_aws_region}" - root_volume_iops = "${var.tectonic_aws_worker_root_volume_iops}" - root_volume_size = "${var.tectonic_aws_worker_root_volume_size}" - root_volume_type = "${var.tectonic_aws_worker_root_volume_type}" - sg_ids = "${concat(var.tectonic_aws_worker_extra_sg_ids, list(local.sg_id))}" - subnet_ids = "${local.subnet_ids}" - worker_iam_role = "${var.tectonic_aws_worker_iam_role_name}" - ec2_ami = "${var.tectonic_aws_ec2_ami_override}" - base_domain = "${var.tectonic_base_domain}" - user_data_ign = "${file("${path.cwd}/${var.tectonic_ignition_worker}")}" + cluster_id = "${var.tectonic_cluster_id}" + cluster_name = "${var.tectonic_cluster_name}" + container_linux_channel = "${var.tectonic_container_linux_channel}" + container_linux_version = "${module.container_linux.version}" + ec2_type = "${var.tectonic_aws_worker_ec2_type}" + extra_tags = "${var.tectonic_aws_extra_tags}" + instance_count = "${var.tectonic_worker_count}" + load_balancers = "${var.tectonic_aws_worker_load_balancers}" + region = "${var.tectonic_aws_region}" + root_volume_iops = "${var.tectonic_aws_worker_root_volume_iops}" + root_volume_size = "${var.tectonic_aws_worker_root_volume_size}" + root_volume_type = "${var.tectonic_aws_worker_root_volume_type}" + sg_ids = "${concat(var.tectonic_aws_worker_extra_sg_ids, list(local.sg_id))}" + subnet_ids = "${local.subnet_ids}" + worker_iam_role = "${var.tectonic_aws_worker_iam_role_name}" + ec2_ami = "${var.tectonic_aws_ec2_ami_override}" + base_domain = "${var.tectonic_base_domain}" + user_data_ign = "${file("${path.cwd}/${var.tectonic_ignition_worker}")}" } diff --git a/steps/masters/aws/main.tf b/steps/masters/aws/main.tf index d04b852d3ce..c841d863479 100644 --- a/steps/masters/aws/main.tf +++ b/steps/masters/aws/main.tf @@ -22,28 +22,27 @@ module "container_linux" { } module "masters" { - source = "../../../modules/aws/master-asg" + source = "../../../modules/aws/master" - autoscaling_group_extra_tags = "${var.tectonic_autoscaling_group_extra_tags}" - aws_lbs = "${local.aws_lbs}" - base_domain = "${var.tectonic_base_domain}" - cluster_id = "${var.tectonic_cluster_id}" - cluster_name = "${var.tectonic_cluster_name}" - container_images = "${var.tectonic_container_images}" - container_linux_channel = "${var.tectonic_container_linux_channel}" - container_linux_version = "${module.container_linux.version}" - ec2_type = "${var.tectonic_aws_master_ec2_type}" - extra_tags = "${var.tectonic_aws_extra_tags}" - instance_count = "${var.tectonic_bootstrap == "true" ? 1 : var.tectonic_master_count}" - master_iam_role = "${var.tectonic_aws_master_iam_role_name}" - master_sg_ids = "${concat(var.tectonic_aws_master_extra_sg_ids, list(local.sg_id))}" - private_endpoints = "${local.private_endpoints}" - public_endpoints = "${local.public_endpoints}" - region = "${var.tectonic_aws_region}" - root_volume_iops = "${var.tectonic_aws_master_root_volume_iops}" - root_volume_size = "${var.tectonic_aws_master_root_volume_size}" - root_volume_type = "${var.tectonic_aws_master_root_volume_type}" - subnet_ids = "${local.subnet_ids}" - ec2_ami = "${var.tectonic_aws_ec2_ami_override}" - user_data_ign = "${file("${path.cwd}/${var.tectonic_ignition_master}")}" + aws_lbs = "${local.aws_lbs}" + base_domain = "${var.tectonic_base_domain}" + cluster_id = "${var.tectonic_cluster_id}" + cluster_name = "${var.tectonic_cluster_name}" + container_images = "${var.tectonic_container_images}" + container_linux_channel = "${var.tectonic_container_linux_channel}" + container_linux_version = "${module.container_linux.version}" + ec2_type = "${var.tectonic_aws_master_ec2_type}" + extra_tags = "${var.tectonic_aws_extra_tags}" + instance_count = "${var.tectonic_bootstrap == "true" ? 1 : var.tectonic_master_count}" + master_iam_role = "${var.tectonic_aws_master_iam_role_name}" + master_sg_ids = "${concat(var.tectonic_aws_master_extra_sg_ids, list(local.sg_id))}" + private_endpoints = "${local.private_endpoints}" + public_endpoints = "${local.public_endpoints}" + region = "${var.tectonic_aws_region}" + root_volume_iops = "${var.tectonic_aws_master_root_volume_iops}" + root_volume_size = "${var.tectonic_aws_master_root_volume_size}" + root_volume_type = "${var.tectonic_aws_master_root_volume_type}" + subnet_ids = "${local.subnet_ids}" + ec2_ami = "${var.tectonic_aws_ec2_ami_override}" + user_data_ign = "${file("${path.cwd}/${var.tectonic_ignition_master}")}" } diff --git a/steps/variables-aws.tf b/steps/variables-aws.tf index 9f8fe05e99d..8316a69d9b5 100644 --- a/steps/variables-aws.tf +++ b/steps/variables-aws.tf @@ -156,18 +156,6 @@ EOF default = {} } -variable "tectonic_autoscaling_group_extra_tags" { - type = "list" - default = [] - - description = < jq -r '.AutoScalingGroups[] | select(.AutoScalingGroupName | contains("'${CLUSTER_NAME}'")) | .Instances[].InstanceId' | -> xargs aws ec2 describe-instances --instance-ids | -> jq '.Reservations[].Instances[] | select(.PublicIpAddress != null) | .PublicIpAddress' -"52.15.184.15" - +$ aws ec2 describe-instances --query "Reservations[].Instances[] | [?Tags[? Key == 'Name' && Value == '${CLUSTER_NAME}-master-0']].PublicIpAddress" | jq . +[ + "52.15.184.15" +] $ ssh -A core@52.15.184.15 ```