Add Terraform templates

[baniol]

What did you implement:

Closes #316

How did you implement it:

How can we verify it:

Todos:

• Write tests
• Write documentation
• Fix linting errors
• Make sure code coverage hasn't dropped
• Provide verification commands / resources
• Enable "Allow edits from maintainers" for this PR
• Update the messages below

Is this ready for review?: YES
Is it a breaking change?: NO

[codecov]

Codecov Report

Merging #477 into master will not change coverage.
The diff coverage is n/a.

@@          Coverage Diff           @@
##           master    #477   +/-   ##
======================================
  Coverage    71.2%   71.2%           
======================================
  Files          37      37           
  Lines        2195    2195           
======================================
  Hits         1563    1563           
  Misses        571     571           
  Partials       61      61

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update c84ddec...b349a32. Read the comment docs.

[mthenw]

Hey @baniol,

that looks awesome. Thanks for the great PR. I have few comments though.

[mthenw]

Hey @baniol,

that looks awesome. Thanks for the great PR. I have few comments though.

[mthenw]

1. Can you move all those file to /contrib/terraform folder.
2. Ideally would be to expose it as a module that someone else can use. So I think this readme should be mainly about how to use this module.

[baniol]

Not a problem. I'll refactor it in that direction

[mthenw]

What do you think about using existing module for creating VPC and all network stuff https://registry.terraform.io/modules/terraform-aws-modules/vpc/aws/1.37.0?

[baniol]

You're right. Using some community modules makes sense.

[mthenw]

This module should probably simplify the setup here https://registry.terraform.io/modules/terraform-aws-modules/alb/aws/3.4.0?tab=resources

[baniol]

The problem with this module is that it doesn't seem to allow to control target group health checks. We need to overwrite the default "/" path with "/v1/status". What's more, the events API server doesn't expose any health check endpoint returning 200 code (the root returns 202).

[mthenw]

Good point but looks like it should be possible.

[baniol]

yes, I've missed the default section. Works perfectly with the alb module.

[mthenw]

What do you think about using existing module from CoreOS https://github.com/coreos/tectonic-installer/tree/track-1/modules/aws/etcd?

[baniol]

At first glance, it seems like an internal tectonic installer module, but might be useful. I'll check it.

[baniol]

This one will be harder to use as it is. Etcd is integrated with the k8s installer and has some internal dependencies, like dns, certs or s3 bucket with init scripts.
I need to take a deeper look.

[mthenw]

Could you change it to full github URL so people can just copy/paste?

[baniol]

sure, I'll do a little refactor and add a readme file when I'm done with the etcd module

[mthenw]

awesome thanks!

[mthenw]

we don't need this here if it's only a module

[baniol]

@mthenw A few notes regarding the latest commit:

• the coreos etcd module is a part of Kubernetes setup in Tectonic installer and has some dependencies, like certificates, coreos ignition, dns. I've extracted those dependencies into the etcd wrapper (modules/etcd)
• Tectonic Installer repo is under Apache v2 licence, so I've included the NOTICE file
• it's possible to use https for the etcd (tls_enabled param), however eg libkv store does not initialize with tls config. I don't think this it a big issue for now, as the etcd cluster runs in private subnets.

[mthenw]

@baniol overall looks good. We need few days to review it. Again, thanks for contribution.

[sebito91]

I think this looks good. Just like your other PR if you can please rebase against current commits we'll merge.