Skip to content

Commit e43d3fc

Browse files
knorrusknorrus
committed
Added elasticsearch module
1 parent 6586f9b commit e43d3fc

File tree

7 files changed

+384
-144
lines changed

7 files changed

+384
-144
lines changed

modules/elasticsearch/ec2.tf

Lines changed: 129 additions & 73 deletions
Original file line numberDiff line numberDiff line change
@@ -1,107 +1,163 @@
1-
resource "aws_instance" "elasticsearch_instance" {
2-
count = "${var.instances_count}"
3-
depends_on = ["aws_ebs_volume.elasticsearch_volume"]
4-
ami = "${var.ami_id}"
5-
instance_type = "${var.instance_type}"
6-
subnet_id = "${element(var.vpc_subnets, count.index)}"
7-
key_name = "${var.instance_key_name}"
8-
iam_instance_profile = "${aws_iam_instance_profile.elasticsearch.name}"
9-
vpc_security_group_ids = ["${concat(var.security_groups, list(aws_security_group.elasticsearch.id))}"]
10-
associate_public_ip_address = false
11-
source_dest_check = false
12-
disable_api_termination = "${var.enable_termination_protection}"
13-
instance_initiated_shutdown_behavior = "stop"
14-
15-
tags {
16-
Env = "${var.env_name}"
17-
Name = "${var.env_name}: ${var.verbose_name} Elasticsearch ${count.index}"
18-
}
19-
user_data = <<USER_DATA_END
20-
#cloud-config
21-
write_files:
22-
- path: /usr/bin/install-unix-tools
23-
encoding: b64
24-
content: ${base64encode(file("${path.module}/../resources/install-unix-tools.sh"))}
25-
owner: root:root
26-
permissions: '0755'
27-
- path: /etc/dive-in-docker.conf
28-
content: elasticsearch
29-
- path: /etc/ecs/ecs.config
30-
content: |
31-
ECS_CLUSTER=${var.ecs_cluster_name}
32-
ECS_AVAILABLE_LOGGING_DRIVERS=["json-file","syslog","journald","gelf","awslogs"]
33-
- path: /etc/sysctl.d/01-elasticsearch.conf
34-
content: |
35-
:syslogtag, startswith, "${var.syslog_tag_prefix}" /var/log/${var.docker_log_file_name}
36-
runcmd:
37-
- [ cloud-init-per, once, "install-unix-tools", "install-unix-tools", "-t", "1.0", "full"]
38-
- [ cloud-init-per, once, "set-hostname", "aws-set-hostname", "${lower(var.verbose_name)}-elasticsearch-{count.index}", "-s"]
39-
- [ cloud-init-per, once, "read-custom-syslog", "sysctl", "-p", "/etc/sysctl.d/01-elasticsearch.conf"]
40-
- [ cloud-init-per, once, "docker-stop", "service", "docker", "stop"]
41-
- [ cloud-init-per, once, "mount-ebs", "mount-ebs", "${var.data_volume_device}", "${var.data_volume_path}", "0777" ]
42-
- [ cloud-init-per, once, "docker-start", "service", "docker", "start"]
43-
- [ cloud-init-per, once, "start-ecs", "start", "ecs"]
44-
USER_DATA_END
45-
}
46-
47-
resource "aws_ebs_volume" "elasticsearch_volume" {
48-
count = "${length(var.instances_count)}"
49-
availability_zone = "${element(var.availability_zones, count.index)}"
50-
size = "${var.storage_size}"
51-
52-
tags {
53-
Env = "${var.env_name}"
54-
Name = "${var.env_name}: ${var.verbose_name} Elasticseach Volume ${count.index}"
55-
}
56-
}
57-
58-
resource "aws_volume_attachment" "elasticsearch_volume_attachement" {
59-
count = "${length(var.instances_count)}"
60-
device_name = "${var.data_volume_device}"
61-
force_detach = true
62-
volume_id = "${element(aws_ebs_volume.elasticsearch_volume.*.id, count.index)}"
63-
instance_id = "${element(aws_instance.elasticsearch_instance.*.id, count.index)}"
64-
}
65-
66-
67-
resource "aws_security_group" "elasticsearch" {
68-
name = "${lower(var.env_name)}-${lower(var.verbose_name)}-elasticsearch"
1+
resource "aws_security_group" "elasticsearch_sg" {
2+
name = "${lower(var.env_name)}-${lower(var.verbose_name)}-elasticsearch-access"
693
vpc_id = "${var.vpc_id}"
704

715
# Elasticsearch native transport protocol
726
ingress {
737
from_port = 9300
748
to_port = 9300
759
protocol = "tcp"
76-
cidr_blocks = ["${var.native_trusted_networks}"]
10+
cidr_blocks = ["${var.trusted_networks}"]
7711
}
7812

7913
# Elasticsearch HTTP service
8014
ingress {
8115
from_port = 9200
8216
to_port = 9200
8317
protocol = "tcp"
84-
cidr_blocks = ["${var.http_trusted_networks}"]
18+
cidr_blocks = ["${var.trusted_networks}"]
8519
}
8620

8721
# Elasticsearch native transport protocol
8822
egress {
8923
from_port = 9300
9024
to_port = 9300
9125
protocol = "tcp"
92-
cidr_blocks = ["${var.native_trusted_networks}"]
26+
cidr_blocks = ["${var.trusted_networks}"]
9327
}
9428

9529
# Elasticsearch HTTP service
9630
egress {
9731
from_port = 9200
9832
to_port = 9200
9933
protocol = "tcp"
100-
cidr_blocks = ["${var.http_trusted_networks}"]
34+
cidr_blocks = ["${var.trusted_networks}"]
10135
}
10236

10337
tags {
10438
Env = "${var.env_name}"
105-
Name = "${var.env_name}: ${var.verbose_name} Elasticsearch"
39+
Name = "${var.env_name}-${var.verbose_name}-Elasticsearch-Access"
40+
}
41+
}
42+
43+
data "template_file" "elasticsearch_master_cloudconfig" {
44+
template = "${file("${path.module}/resources/userdata.tpl")}"
45+
vars {
46+
configuration_script = "${base64encode(file("${path.module}/resources/install-unix-tools.sh"))}"
47+
cluster_name = "${var.ecs_cluster_name}"
48+
cluster_role = "elasticsearch-master"
49+
host_name = "${lower(var.verbose_name)}-elasticsearch"
50+
volume_device = "${var.data_volume_device}"
51+
volume_path = "${var.data_volume_path}"
52+
}
53+
}
54+
55+
data "template_file" "elasticsearch_data_cloudconfig" {
56+
template = "${file("${path.module}/resources/userdata.tpl")}"
57+
vars {
58+
configuration_script = "${base64encode(file("${path.module}/resources/install-unix-tools.sh"))}"
59+
cluster_name = "${var.ecs_cluster_name}"
60+
cluster_role = "elasticsearch-data"
61+
host_name = "${lower(var.verbose_name)}-elasticsearch"
62+
volume_device = "${var.data_volume_device}"
63+
volume_path = "${var.data_volume_path}"
10664
}
10765
}
66+
67+
resource "aws_instance" "elasticsearch_master_instance" {
68+
count = "${var.master_nodes_count}"
69+
ami = "${var.instance_ami}"
70+
instance_type = "${var.master_instance_type}"
71+
subnet_id = "${element(var.vpc_subnets, count.index)}"
72+
key_name = "${var.instance_key_name}"
73+
iam_instance_profile = "${aws_iam_instance_profile.elasticsearch.name}"
74+
vpc_security_group_ids = ["${concat(var.vpc_security_groups, list(aws_security_group.elasticsearch_sg.id))}"]
75+
associate_public_ip_address = false
76+
source_dest_check = false
77+
disable_api_termination = "${var.enable_termination_protection}"
78+
instance_initiated_shutdown_behavior = "stop"
79+
user_data = "${data.template_file.elasticsearch_master_cloudconfig.rendered}"
80+
tags {
81+
Env = "${var.env_name}"
82+
Name = "${var.env_name}-${var.verbose_name}-Elasticsearch-Master-Zone${count.index}"
83+
}
84+
}
85+
86+
resource "aws_instance" "elasticsearch_data_instance" {
87+
count = "${var.data_nodes_count}"
88+
depends_on = ["aws_ebs_volume.elasticsearch_data_volume"]
89+
ami = "${var.instance_ami}"
90+
instance_type = "${var.data_instance_type}"
91+
subnet_id = "${element(var.vpc_subnets, count.index)}"
92+
key_name = "${var.instance_key_name}"
93+
iam_instance_profile = "${aws_iam_instance_profile.elasticsearch.name}"
94+
vpc_security_group_ids = ["${concat(var.vpc_security_groups, list(aws_security_group.elasticsearch_sg.id))}"]
95+
associate_public_ip_address = false
96+
source_dest_check = false
97+
disable_api_termination = "${var.enable_termination_protection}"
98+
instance_initiated_shutdown_behavior = "stop"
99+
user_data = "${data.template_file.elasticsearch_data_cloudconfig.rendered}"
100+
tags {
101+
Env = "${var.env_name}"
102+
Name = "${var.env_name}-${var.verbose_name}-Elasticsearch-Data-Zone${count.index}"
103+
}
104+
}
105+
106+
resource "aws_ebs_volume" "elasticsearch_data_volume" {
107+
count = "${var.data_nodes_count}"
108+
availability_zone = "${element(var.availability_zones, count.index)}"
109+
size = "${var.data_instance_storage_size}"
110+
111+
tags {
112+
Env = "${var.env_name}"
113+
Name = "${var.env_name}-${var.verbose_name}-Elasticseach-Volume-Zone${count.index}"
114+
}
115+
}
116+
117+
resource "aws_ebs_volume" "elasticsearch_master_volume" {
118+
count = "${var.master_nodes_count}"
119+
availability_zone = "${element(var.availability_zones, count.index)}"
120+
size = 10
121+
tags {
122+
Env = "${var.env_name}"
123+
Name = "${var.env_name}-${var.verbose_name}-Elasticseach-Volume-Zone${count.index}"
124+
}
125+
}
126+
127+
resource "aws_volume_attachment" "elasticsearch_data_volume_attachement" {
128+
count = "${var.data_nodes_count}"
129+
device_name = "${var.data_volume_device}"
130+
force_detach = true
131+
volume_id = "${element(aws_ebs_volume.elasticsearch_data_volume.*.id, count.index)}"
132+
instance_id = "${element(aws_instance.elasticsearch_data_instance.*.id, count.index)}"
133+
}
134+
135+
resource "aws_volume_attachment" "elasticsearch_master_volume_attachement" {
136+
count = "${var.master_nodes_count}"
137+
device_name = "${var.data_volume_device}"
138+
force_detach = true
139+
volume_id = "${element(aws_ebs_volume.elasticsearch_master_volume.*.id, count.index)}"
140+
instance_id = "${element(aws_instance.elasticsearch_master_instance.*.id, count.index)}"
141+
}
142+
143+
data "aws_route53_zone" "local" {
144+
zone_id = "${var.vpc_dns_zone_id}"
145+
}
146+
147+
resource "aws_route53_record" "elasticsearch_master_node_dns_records" {
148+
count = "${var.master_nodes_count}"
149+
zone_id = "${var.vpc_dns_zone_id}"
150+
name = "${var.master_nodes_count == 1 ? format("elasticsearch.master.%s", data.aws_route53_zone.local.name) : format("elasticsearch.master%d.%s", count.index, data.aws_route53_zone.local.name)}"
151+
type = "A"
152+
ttl = "60"
153+
records = ["${element(aws_instance.elasticsearch_master_instance.*.private_ip, 0)}"]
154+
}
155+
156+
resource "aws_route53_record" "elasticsearch_data_node_dns_records" {
157+
count = "${var.data_nodes_count}"
158+
zone_id = "${var.vpc_dns_zone_id}"
159+
name = "${var.data_nodes_count == 1 ? format("elasticsearch.%s", data.aws_route53_zone.local.name) : format("elasticsearch%d.%s", count.index, data.aws_route53_zone.local.name)}"
160+
type = "A"
161+
ttl = "60"
162+
records = ["${element(aws_instance.elasticsearch_data_instance.*.private_ip, 0)}"]
163+
}

modules/elasticsearch/ecs.tf

Lines changed: 75 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1,15 +1,83 @@
1+
resource "aws_ecs_cluster" "elasticsearch_cluster" {
2+
name = "${var.ecs_cluster_name}"
3+
}
4+
5+
resource "aws_ecs_task_definition" "elasticsearch_master_task" {
6+
family = "${lower(var.env_name)}-elasticsearch-master"
7+
container_definitions = "${data.template_file.elasticsearch_master_config.rendered}"
8+
volume {
9+
name = "elasticseach-data"
10+
host_path = "${var.data_volume_path}"
11+
}
12+
}
13+
14+
resource "aws_ecs_task_definition" "elasticsearch_data_task" {
15+
family = "${lower(var.env_name)}-elasticsearch-data"
16+
container_definitions = "${data.template_file.elasticsearch_data_config.rendered}"
17+
volume {
18+
name = "elasticseach-data"
19+
host_path = "${var.data_volume_path}"
20+
}
21+
}
22+
23+
resource "aws_ecs_service" "elasticsearch_master_service" {
24+
depends_on = ["aws_iam_role_policy.docker_policy", "aws_ecs_task_definition.elasticsearch_master_task"]
25+
name = "${lower(var.env_name)}-${lower(var.verbose_name)}-elasticsearch-master"
26+
cluster = "${aws_ecs_cluster.elasticsearch_cluster.id}"
27+
task_definition = "${aws_ecs_task_definition.elasticsearch_master_task.arn}"
28+
desired_count = "${var.master_nodes_count}"
29+
placement_constraints {
30+
type = "memberOf"
31+
expression = "attribute:cluster_role == elasticsearch-master"
32+
}
33+
}
34+
35+
resource "aws_ecs_service" "elasticsearch_data_service" {
36+
depends_on = ["aws_iam_role_policy.docker_policy", "aws_ecs_task_definition.elasticsearch_master_task"]
37+
name = "${lower(var.env_name)}-${lower(var.verbose_name)}-elasticsearch-data"
38+
cluster = "${aws_ecs_cluster.elasticsearch_cluster.id}"
39+
task_definition = "${aws_ecs_task_definition.elasticsearch_data_task.arn}"
40+
desired_count = "${var.data_nodes_count}"
41+
placement_constraints {
42+
type = "memberOf"
43+
expression = "attribute:cluster_role == elasticsearch-data"
44+
}
45+
}
46+
147
data "template_file" "elasticsearch_master_config" {
248
template = "${file("${path.module}/resources/elasticsearch.json")}"
349
vars {
4-
container_name = "elasticsearch-master"
550
elasticsearch_version = "${var.elasticsearch_version}"
6-
memory = "${var.container_memory_limit}"
7-
node_name = "${var.verbose_name}-elasticsearch-master"
8-
elasticsearch-cluster-name = "${var.elasticsearch_cluster_name}"
9-
volume_name = "elasticseach-data"
51+
container_name = "elasticsearch-master"
52+
container_memory = 512
1053
native_transport_port = 9300
11-
http_service_port = 9200
12-
extra-options = ""
54+
http_transport_port = 9200
55+
cluster_name = "${var.elasticsearch_cluster_name}"
56+
node_name = "${lower(var.verbose_name)}-elasticsearch-master"
57+
is_master = "true"
58+
is_data = "false"
59+
min_master_nodes = "${var.master_nodes_count == 0 ? (var.master_nodes_count / 2) + 1 : 0}"
60+
master_nodes_addresses = ""
61+
heap_size = 256
62+
volume_name = "elasticseach-data"
1363
}
1464
}
1565

66+
data "template_file" "elasticsearch_data_config" {
67+
template = "${file("${path.module}/resources/elasticsearch.json")}"
68+
vars {
69+
elasticsearch_version = "${var.elasticsearch_version}"
70+
container_name = "elasticsearch-data"
71+
container_memory = "${var.elasticsearch_memory_limit}"
72+
native_transport_port = 9300
73+
http_transport_port = 9200
74+
cluster_name = "${var.elasticsearch_cluster_name}"
75+
node_name = "${lower(var.verbose_name)}-elasticsearch-data"
76+
is_master = "${var.is_data_nodes_master_eiligible == 1 ? "true" : "false"}"
77+
is_data = "true"
78+
master_nodes_addresses = "${join(", ", concat(var.external_masters_addresses, aws_route53_record.elasticsearch_master_node_dns_records.*.name))}"
79+
min_master_nodes = "${(var.master_nodes_count / 2) + 1 }"
80+
heap_size = "${var.elasticsearch_memory_limit / 2}"
81+
volume_name = "elasticseach-data"
82+
}
83+
}

modules/elasticsearch/iam.tf

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,11 +1,11 @@
11
resource "aws_iam_instance_profile" "elasticsearch" {
2-
name = "${lower(var.env_name)}-${var.verbose_name}-elasticsearch"
2+
name = "${lower(var.env_name)}-${lower(var.verbose_name)}-elasticsearch"
33
role = "${aws_iam_role.elasticsearch_role.name}"
44
}
55

66
resource "aws_iam_role" "elasticsearch_role" {
77
name = "${lower(var.env_name)}-${var.verbose_name}-elasticsearch"
8-
assume_role_policy = "${data.aws_iam_policy_document.ec2_assume_policy}"
8+
assume_role_policy = "${data.aws_iam_policy_document.ec2_assume_policy.json}"
99
}
1010

1111
resource "aws_iam_role_policy" "docker_policy" {

modules/elasticsearch/output.tf

Lines changed: 12 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,21 @@
11
output "private_ips" {
2-
value = ["${aws_instance.elasticsearch_instance.*.private_ip}"]
2+
value = ["${aws_instance.elasticsearch_data_instance.*.private_ip}"]
3+
}
4+
5+
output "elasticseacrch_master_addresses" {
6+
value = "${formatlist("%s:%s", aws_route53_record.elasticsearch_master_node_dns_records.*.name)}"
7+
}
8+
9+
output "elasticseacrch_node_addresses" {
10+
value = "${formatlist("%s:%s", aws_route53_record.elasticsearch_data_node_dns_records.*.name)}"
311
}
412

513
output "instance_ids" {
6-
value = ["${aws_instance.elasticsearch_instance.*.id}"]
14+
value = ["${aws_instance.elasticsearch_data_instance.*.id}"]
715
}
816

917
output "elasticsearch_sg_id" {
10-
value = "${aws_security_group.elasticsearch.id}"
18+
value = "${aws_security_group.elasticsearch_sg.id}"
1119
}
1220

1321
output "instance_profile_id" {
@@ -16,4 +24,4 @@ output "instance_profile_id" {
1624

1725
output "iam_role_id" {
1826
value = "${aws_iam_role.elasticsearch_role.id}"
19-
}
27+
}

0 commit comments

Comments
 (0)