mirror of
https://github.com/puppetmaster/typhoon.git
synced 2025-07-23 00:11:38 +02:00
aws: Switch EC2 instances to use resource-based hostnames
* Use EC2 resource-based hostnames instead of IP-based hostnames. The Amazon DNS server can resolve A and AAAA queries to IPv4 and IPv6 node addresses * For example, nodes used to be named like `ip-10-11-12-13.us-east-1.compute.internal` but going forward use the instance id `i-0123456789abcdef.us-east-1.compute.internal` * Tag controller node EBS volumes with a name based on the controller node name
This commit is contained in:
Dalton Hubble
@ -20,11 +20,8 @@ resource "aws_instance" "controllers" {
|
||||
tags = {
|
||||
Name = "${var.cluster_name}-controller-${count.index}"
|
||||
}
|
||||
|
||||
instance_type = var.controller_type
|
||||
|
||||
ami = local.ami_id
|
||||
user_data = data.ct_config.controllers.*.rendered[count.index]
|
||||
ami = local.ami_id
|
||||
|
||||
# storage
|
||||
root_block_device {
|
||||
@ -32,7 +29,9 @@ resource "aws_instance" "controllers" {
|
||||
volume_size = var.controller_disk_size
|
||||
iops = var.controller_disk_iops
|
||||
encrypted = true
|
||||
tags = {}
|
||||
tags = {
|
||||
Name = "${var.cluster_name}-controller-${count.index}"
|
||||
}
|
||||
}
|
||||
|
||||
# network
|
||||
@ -40,6 +39,10 @@ resource "aws_instance" "controllers" {
|
||||
subnet_id = element(aws_subnet.public.*.id, count.index)
|
||||
vpc_security_group_ids = [aws_security_group.controller.id]
|
||||
|
||||
# boot
|
||||
user_data = data.ct_config.controllers.*.rendered[count.index]
|
||||
|
||||
# cost
|
||||
credit_specification {
|
||||
cpu_credits = var.controller_cpu_credits
|
||||
}
|
||||
|
||||
@ -47,17 +47,25 @@ resource "aws_route" "egress-ipv6" {
|
||||
resource "aws_subnet" "public" {
|
||||
count = length(data.aws_availability_zones.all.names)
|
||||
|
||||
vpc_id = aws_vpc.network.id
|
||||
availability_zone = data.aws_availability_zones.all.names[count.index]
|
||||
|
||||
cidr_block = cidrsubnet(var.host_cidr, 4, count.index)
|
||||
ipv6_cidr_block = cidrsubnet(aws_vpc.network.ipv6_cidr_block, 8, count.index)
|
||||
map_public_ip_on_launch = true
|
||||
assign_ipv6_address_on_creation = true
|
||||
|
||||
tags = {
|
||||
"Name" = "${var.cluster_name}-public-${count.index}"
|
||||
}
|
||||
vpc_id = aws_vpc.network.id
|
||||
availability_zone = data.aws_availability_zones.all.names[count.index]
|
||||
|
||||
# IPv4 and IPv6 CIDR blocks
|
||||
cidr_block = cidrsubnet(var.host_cidr, 4, count.index)
|
||||
ipv6_cidr_block = cidrsubnet(aws_vpc.network.ipv6_cidr_block, 8, count.index)
|
||||
|
||||
# Assign IPv4 and IPv6 addresses to instances
|
||||
map_public_ip_on_launch = true
|
||||
assign_ipv6_address_on_creation = true
|
||||
|
||||
# Hostnames assigned to instances
|
||||
# resource-name: <ec2-instance-id>.region.compute.internal
|
||||
private_dns_hostname_type_on_launch = "resource-name"
|
||||
enable_resource_name_dns_a_record_on_launch = true
|
||||
enable_resource_name_dns_aaaa_record_on_launch = true
|
||||
}
|
||||
|
||||
resource "aws_route_table_association" "public" {
|
||||
|
||||
@ -3,16 +3,14 @@ resource "aws_autoscaling_group" "workers" {
|
||||
name = "${var.name}-worker"
|
||||
|
||||
# count
|
||||
desired_capacity = var.worker_count
|
||||
min_size = var.worker_count
|
||||
max_size = var.worker_count + 2
|
||||
default_cooldown = 30
|
||||
health_check_grace_period = 30
|
||||
desired_capacity = var.worker_count
|
||||
min_size = var.worker_count
|
||||
max_size = var.worker_count + 2
|
||||
|
||||
# network
|
||||
vpc_zone_identifier = var.subnet_ids
|
||||
|
||||
# template
|
||||
# instance template
|
||||
launch_template {
|
||||
id = aws_launch_template.worker.id
|
||||
version = aws_launch_template.worker.latest_version
|
||||
@ -32,6 +30,10 @@ resource "aws_autoscaling_group" "workers" {
|
||||
min_healthy_percentage = 90
|
||||
}
|
||||
}
|
||||
# Grace period before checking new instance's health
|
||||
health_check_grace_period = 30
|
||||
# Cooldown period between scaling activities
|
||||
default_cooldown = 30
|
||||
|
||||
lifecycle {
|
||||
# override the default destroy and replace update behavior
|
||||
@ -60,8 +62,6 @@ resource "aws_launch_template" "worker" {
|
||||
enabled = false
|
||||
}
|
||||
|
||||
user_data = sensitive(base64encode(data.ct_config.worker.rendered))
|
||||
|
||||
# storage
|
||||
ebs_optimized = true
|
||||
block_device_mappings {
|
||||
@ -76,7 +76,13 @@ resource "aws_launch_template" "worker" {
|
||||
}
|
||||
|
||||
# network
|
||||
vpc_security_group_ids = var.security_groups
|
||||
network_interfaces {
|
||||
associate_public_ip_address = true
|
||||
security_groups = var.security_groups
|
||||
}
|
||||
|
||||
# boot
|
||||
user_data = sensitive(base64encode(data.ct_config.worker.rendered))
|
||||
|
||||
# metadata
|
||||
metadata_options {
|
||||
|
||||
Reference in New Issue
Block a user