New function: single-node-asg module supports binding EIP by itself.

Since it is single node, binding an EIP to the instance is possible. And it eases other things since the public interface is constant. Add assign_eip variable to single-node-asg. If turns it on, an EIP will be allocated, and assocated with the instance.
fpco · Apr 13, 2020 · 8474938 · 8474938
1 parent b1b7348
commit 8474938
Show file tree

Hide file tree

Showing 3 changed files with 63 additions and 15 deletions.
diff --git a/modules/single-node-asg/main.tf b/modules/single-node-asg/main.tf
@@ -52,37 +52,69 @@ module "service-data" {
   iam_instance_profile_role_name = module.instance_profile.iam_role_name
 }
 
+resource "aws_eip" "eip" {
+  count = var.assign_eip ? 1 : 0
+}
+
+resource "aws_iam_role_policy_attachment" "associate_eip" {
+  role       = module.instance_profile.iam_role_name
+  policy_arn = aws_iam_policy.associate_eip_policy.arn
+}
+
+resource "aws_iam_policy" "associate_eip_policy" {
+  name   = "associate_address"
+  policy = data.aws_iam_policy_document.associate_eip_policy_doc.json
+}
+
+data "aws_iam_policy_document" "associate_eip_policy_doc" {
+  statement {
+    sid    = ""
+    effect = "Allow"
+    actions = [
+      "ec2:AssociateAddress"
+    ]
+    resources = ["*"]
+  }
+}
+
 # Create an ASG with just 1 EC2 instance
 module "server" {
   source = "../asg"
 
-  ami       = var.ami
-  elb_names = var.load_balancers
-  key_name  = var.key_name
+  ami                = var.ami
+  elb_names          = var.load_balancers
+  key_name           = var.key_name
   # The IAM Instance Profile w/ attach_ebs role
-  iam_profile   = module.instance_profile.iam_profile_id
-  instance_type = var.instance_type
-  # 1 EC2 instance <> 1 EBS volume 
-  max_nodes       = 1
-  min_nodes       = 1
-  placement_group = var.placement_group
-  public_ip       = var.public_ip
+  iam_profile        = module.instance_profile.iam_profile_id
+  instance_type      = var.instance_type
+  # 1 EC2 instance <> 1 EBS volume
+  max_nodes          = 1
+  min_nodes          = 1
+  placement_group    = var.placement_group
+  public_ip          = var.public_ip
   # the prefix and suffix names are combined in
   # the `asg` module to create the full name
-  name_prefix = var.name_prefix
-  name_suffix = "${var.name_suffix}-${local.az}"
-
+  name_prefix        = var.name_prefix
+  name_suffix        = "${var.name_suffix}-${local.az}"
   root_volume_type   = var.root_volume_type
   root_volume_size   = var.root_volume_size
   security_group_ids = var.security_group_ids
   subnet_ids         = [var.subnet_id]
 
   user_data = <<END_INIT
 #!/bin/bash
+<<<<<<< HEAD
 # exec > /tmp/init.log
 # exec 2> /tmp/init-err.log
 # set -x
+=======
+apt update
+>>>>>>> 2b82522... New function: single-node-asg module supports binding EIP by itself.
 ${var.init_prefix}
+${module.init-install-awscli.init_snippet}
+while ! ${var.assign_eip ? "aws ec2 associate-address --instance-id \"$(ec2metadata --instance-id)\" --region \"${var.region}\" --allocation-id \"${element(aws_eip.eip.*.id, 0)}\"" : "true"}; do
+  sleep 1
+done
 ${module.init-attach-ebs.init_snippet}
 ${var.init_suffix}
 END_INIT
@@ -95,3 +127,9 @@ module "init-attach-ebs" {
   region    = var.region
   volume_id = module.service-data.volume_id
 }
+
+module "init-install-awscli" {
+  source = "../init-snippet-install-awscli"
+}
+
+
diff --git a/modules/single-node-asg/outputs.tf b/modules/single-node-asg/outputs.tf
@@ -12,3 +12,7 @@ output "data_volume_name_tag" {
   value       = "${local.data_volume_name_prefix}-${local.az}"
   description = "Name tag value for attached data volume"
 }
+
+output "eip_address" {
+  value = var.assign_eip ? aws_eip.eip.*[0].public_ip : ""
+}
diff --git a/modules/single-node-asg/variables.tf b/modules/single-node-asg/variables.tf
@@ -56,7 +56,7 @@ variable "data_volume_size" {
 variable "data_volume_encrypted" {
   default     = true
   description = "Boolean, whether or not to encrypt the EBS block device"
-  type        = string
+  type        = bool
 }
 
 variable "data_volume_kms_key_id" {
@@ -92,7 +92,7 @@ variable "init_suffix" {
 variable "public_ip" {
   default     = true
   description = "Boolean flag to enable/disable `map_public_ip_on_launch` in the launch configuration"
-  type        = string
+  type        = bool
 }
 
 variable "subnet_id" {
@@ -115,3 +115,9 @@ variable "load_balancers" {
   description = "The list of load balancers names to pass to the ASG module"
   type        = list(string)
 }
+
+variable "assign_eip" {
+  default     = false
+  description = "Whether or not associating an EIP with the node."
+  type        = bool
+}