Skip to content

Commit

Permalink
Add security groups and enable SSH to controllers
Browse files Browse the repository at this point in the history
  • Loading branch information
@pecigonzalo
pecigonzalo committed Oct 26, 2019
1 parent 918bbbe commit 593b7b2
Show file tree
Hide file tree
Showing 2 changed files with 42 additions and 48 deletions.
45 changes: 21 additions & 24 deletions terraform/k8s-controllers.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,15 +17,14 @@ module "ctrl-0" {
ami = "${local.ami}"
ami_owner = "${local.ami_owner}"

vpc_id = "${module.vpc.vpc_id}"
subnet = "${module.dynamic_subnets.public_subnet_ids[0]}"
source_dest_check = false
associate_public_ip_address = false
assign_eip_address = false
create_default_security_group = "true" # TODO: Switch to false once we attach a SG
vpc_id = "${module.vpc.vpc_id}"
subnet = "${module.dynamic_subnets.public_subnet_ids[0]}"
source_dest_check = false
associate_public_ip_address = true
assign_eip_address = false

# security_groups = ["${var.security_groups}"]
private_ip = "${cidrhost(module.dynamic_subnets.public_subnet_cidrs[0], 10)}"
security_groups = ["${aws_security_group.k8s-external.id}"]
private_ip = "${cidrhost(module.dynamic_subnets.public_subnet_cidrs[0], 10)}"

ssh_key_pair = "${var.ssh_key_pair}"
instance_type = "${local.ctrl_instance_type}"
Expand All @@ -46,15 +45,14 @@ module "ctrl-1" {
ami = "${local.ami}"
ami_owner = "${local.ami_owner}"

vpc_id = "${module.vpc.vpc_id}"
subnet = "${module.dynamic_subnets.public_subnet_ids[1]}"
source_dest_check = false
associate_public_ip_address = false
assign_eip_address = false
create_default_security_group = "true" # TODO: Switch to false once we attach a SG
vpc_id = "${module.vpc.vpc_id}"
subnet = "${module.dynamic_subnets.public_subnet_ids[1]}"
source_dest_check = false
associate_public_ip_address = true
assign_eip_address = false

# security_groups = ["${var.security_groups}"]
private_ip = "${cidrhost(module.dynamic_subnets.public_subnet_cidrs[1], 10)}"
security_groups = ["${aws_security_group.k8s-external.id}"]
private_ip = "${cidrhost(module.dynamic_subnets.public_subnet_cidrs[1], 10)}"

ssh_key_pair = "${var.ssh_key_pair}"
instance_type = "${local.ctrl_instance_type}"
Expand All @@ -75,15 +73,14 @@ module "ctrl-2" {
ami = "${local.ami}"
ami_owner = "${local.ami_owner}"

vpc_id = "${module.vpc.vpc_id}"
subnet = "${module.dynamic_subnets.public_subnet_ids[2]}"
source_dest_check = false
associate_public_ip_address = false
assign_eip_address = false
create_default_security_group = "true" # TODO: Switch to false once we attach a SG
vpc_id = "${module.vpc.vpc_id}"
subnet = "${module.dynamic_subnets.public_subnet_ids[2]}"
source_dest_check = false
associate_public_ip_address = true
assign_eip_address = false

# security_groups = ["${var.security_groups}"]
private_ip = "${cidrhost(module.dynamic_subnets.public_subnet_cidrs[2], 10)}"
security_groups = ["${aws_security_group.k8s-external.id}"]
private_ip = "${cidrhost(module.dynamic_subnets.public_subnet_cidrs[2], 10)}"

ssh_key_pair = "${var.ssh_key_pair}"
instance_type = "${local.ctrl_instance_type}"
Expand Down
45 changes: 21 additions & 24 deletions terraform/k8s-workers.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,15 +18,14 @@ module "wrkr-0" {
ami = "${local.ami}"
ami_owner = "${local.ami_owner}"

vpc_id = "${module.vpc.vpc_id}"
subnet = "${module.dynamic_subnets.private_subnet_ids[0]}"
source_dest_check = false
associate_public_ip_address = false
assign_eip_address = false
create_default_security_group = "true" # TODO: Switch to false once we attach a SG
vpc_id = "${module.vpc.vpc_id}"
subnet = "${module.dynamic_subnets.private_subnet_ids[0]}"
source_dest_check = false
associate_public_ip_address = false
assign_eip_address = false

# security_groups = ["${var.security_groups}"]
private_ip = "${cidrhost(module.dynamic_subnets.private_subnet_cidrs[0], 10)}"
security_groups = ["${aws_security_group.k8s-internal.id}"]
private_ip = "${cidrhost(module.dynamic_subnets.private_subnet_cidrs[0], 10)}"

ssh_key_pair = "${var.ssh_key_pair}"
instance_type = "${local.wrkr_instance_type}"
Expand All @@ -48,15 +47,14 @@ module "wrkr-1" {
ami = "${local.ami}"
ami_owner = "${local.ami_owner}"

vpc_id = "${module.vpc.vpc_id}"
subnet = "${module.dynamic_subnets.private_subnet_ids[1]}"
source_dest_check = false
associate_public_ip_address = false
assign_eip_address = false
create_default_security_group = "true" # TODO: Switch to false once we attach a SG
vpc_id = "${module.vpc.vpc_id}"
subnet = "${module.dynamic_subnets.private_subnet_ids[1]}"
source_dest_check = false
associate_public_ip_address = false
assign_eip_address = false

# security_groups = ["${var.security_groups}"]
private_ip = "${cidrhost(module.dynamic_subnets.private_subnet_cidrs[1], 10)}"
security_groups = ["${aws_security_group.k8s-internal.id}"]
private_ip = "${cidrhost(module.dynamic_subnets.private_subnet_cidrs[1], 10)}"

ssh_key_pair = "${var.ssh_key_pair}"
instance_type = "${local.wrkr_instance_type}"
Expand All @@ -78,15 +76,14 @@ module "wrkr-2" {
ami = "${local.ami}"
ami_owner = "${local.ami_owner}"

vpc_id = "${module.vpc.vpc_id}"
subnet = "${module.dynamic_subnets.private_subnet_ids[2]}"
source_dest_check = false
associate_public_ip_address = false
assign_eip_address = false
create_default_security_group = "true" # TODO: Switch to false once we attach a SG
vpc_id = "${module.vpc.vpc_id}"
subnet = "${module.dynamic_subnets.private_subnet_ids[2]}"
source_dest_check = false
associate_public_ip_address = false
assign_eip_address = false

# security_groups = ["${var.security_groups}"]
private_ip = "${cidrhost(module.dynamic_subnets.private_subnet_cidrs[2], 10)}"
security_groups = ["${aws_security_group.k8s-internal.id}"]
private_ip = "${cidrhost(module.dynamic_subnets.private_subnet_cidrs[2], 10)}"

ssh_key_pair = "${var.ssh_key_pair}"
instance_type = "${local.wrkr_instance_type}"
Expand Down

0 comments on commit 593b7b2

Please sign in to comment.