-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathec2.tf
More file actions
143 lines (122 loc) · 3.93 KB
/
ec2.tf
File metadata and controls
143 lines (122 loc) · 3.93 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
data "aws_instance" "monitoring_server" {
filter {
name = "tag:Name"
values = ["solid-connection-monitoring"]
}
filter {
name = "instance-state-name"
values = ["running"]
}
}
# CloudInit을 이용한 User Data 스크립트 구성
data "cloudinit_config" "app_init" {
gzip = true
base64_encode = true
# [Part 1] Docker 설치 스크립트
part {
content_type = "text/x-shellscript"
content = file("${path.module}/../common/scripts/docker_setup.sh")
filename = "1_docker_install.sh"
}
}
# API Server (EC2)
resource "aws_instance" "api_server" {
ami = var.ami_id
instance_type = var.instance_type
vpc_security_group_ids = [aws_security_group.api_sg.id]
key_name = var.key_name
associate_public_ip_address = true
user_data_base64 = data.cloudinit_config.app_init.rendered
tags = {
Name = "solid-connection-server-${var.env_name}"
}
user_data_replace_on_change = false
lifecycle {
ignore_changes = [
user_data,
user_data_base64,
user_data_replace_on_change,
ami,
key_name
]
}
}
# 설정 및 컨테이너 실행
# [리소스 1] Nginx 설정 변경 감지 및 실행
resource "null_resource" "update_nginx" {
depends_on = [aws_instance.api_server]
triggers = {
script_hash = sha256(templatefile("${path.module}/scripts/nginx_setup.sh.tftpl", {
domain_name = var.domain_name
email = var.cert_email
conf_file_name = var.nginx_conf_name
}))
}
connection {
type = "ssh"
user = "ubuntu"
host = aws_instance.api_server.public_ip
private_key = file(var.ssh_key_path)
}
provisioner "file" {
content = templatefile("${path.module}/scripts/nginx_setup.sh.tftpl", {
domain_name = var.domain_name
email = var.cert_email
conf_file_name = var.nginx_conf_name
})
destination = "/tmp/update_nginx.sh"
}
provisioner "remote-exec" {
inline = [
"cloud-init status --wait > /dev/null", # Docker 설치 대기
"chmod +x /tmp/update_nginx.sh",
"echo 'Running Updated Nginx Script...'",
"sudo /tmp/update_nginx.sh",
"rm /tmp/update_nginx.sh"
]
}
}
# [리소스 2] Side Infra 설정 변경 감지 및 실행
resource "null_resource" "update_side_infra" {
depends_on = [aws_instance.api_server]
triggers = {
script_hash = sha256(templatefile("${path.module}/scripts/side_infra_setup.sh.tftpl", {
work_dir = var.work_dir
alloy_env_name = var.alloy_env_name
alloy_config_content = templatefile("${path.module}/../../config/side-infra/config.alloy.tftpl", {
loki_ip = data.aws_instance.monitoring_server.private_ip
})
redis_version = var.redis_version
redis_exporter_version = var.redis_exporter_version
alloy_version = var.alloy_version
}))
}
connection {
type = "ssh"
user = "ubuntu"
host = aws_instance.api_server.public_ip
private_key = file(var.ssh_key_path)
}
provisioner "file" {
content = templatefile("${path.module}/scripts/side_infra_setup.sh.tftpl", {
work_dir = var.work_dir
alloy_env_name = var.alloy_env_name
alloy_config_content = templatefile("${path.module}/../../config/side-infra/config.alloy.tftpl", {
loki_ip = data.aws_instance.monitoring_server.private_ip
})
redis_version = var.redis_version
redis_exporter_version = var.redis_exporter_version
alloy_version = var.alloy_version
})
destination = "/tmp/update_side_infra.sh"
}
provisioner "remote-exec" {
inline = [
"cloud-init status --wait > /dev/null", # Docker 설치 대기
"chmod +x /tmp/update_side_infra.sh",
"echo 'Running Updated Side Infra Script...'",
"sudo /tmp/update_side_infra.sh",
"rm /tmp/update_side_infra.sh"
]
}
}