-
Notifications
You must be signed in to change notification settings - Fork 5
/
ec_migrate.tf
104 lines (88 loc) · 3.41 KB
/
ec_migrate.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
locals {
es_snapshot_name = "es-snapshot-${random_id.id.dec}"
}
# Create a random id
resource "random_id" "id" {
byte_length = 8
}
# Add an access key to Elastic Cloud keystore to access a snapshot S3 bucket (if s3 access key is provided)
resource "ec_deployment_elasticsearch_keystore" "access_key" {
count = local.aws_access_key != null ? 1 : 0
deployment_id = ec_deployment.ec_minimal.id
setting_name = "s3.client.default.access_key"
value = local.aws_access_key
}
# Add a secret key to Elastic Cloud keystore to access a snapshot S3 bucket (if s3 access key is provided)
resource "ec_deployment_elasticsearch_keystore" "secret_key" {
count = local.aws_secret_key != null ? 1 : 0
deployment_id = ec_deployment.ec_minimal.id
setting_name = "s3.client.default.secret_key"
value = local.aws_secret_key
}
# Create a local repository and point to an S3 bucket (if local es url is provided)
resource "elasticsearch_snapshot_repository" "create_local_repo" {
count = var.local_elasticsearch_url != "" ? 1 : 0
name = var.local_elasticsearch_repo_name
type = "s3"
settings = {
bucket = var.existing_s3_repo_bucket_name != "" ? var.existing_s3_repo_bucket_name : aws_s3_bucket.es_s3_repo.id
region = var.region
role_arn = aws_iam_role.es_role.arn
}
depends_on = [aws_iam_role.es_role]
}
# Create a local one-off snapshot on the S3 repository (if local es url is provided)
resource "null_resource" "create_snapshot" {
count = var.local_elasticsearch_url != "" ? 1 : 0
provisioner "local-exec" {
command = <<EOT
curl -v XPUT "${var.local_elasticsearch_url}/_snapshot/${var.local_elasticsearch_repo_name}/${local.es_snapshot_name}?wait_for_completion=true" -H 'Content-Type: application/json' -d '
{
"indices": "*",
"ignore_unavailable": true,
"include_global_state": true
}
'
EOT
}
depends_on = [elasticsearch_snapshot_repository.create_local_repo]
}
# Create a repository on Elastic Cloud and points to the S3 bucket
resource "null_resource" "create_cloud_repo" {
count = var.local_elasticsearch_url != "" ? 1 : 0
provisioner "local-exec" {
command = <<EOT
curl -v XPUT -u ${ec_deployment.ec_minimal.elasticsearch_username}:${ec_deployment.ec_minimal.elasticsearch_password} "${ec_deployment.ec_minimal.elasticsearch[0].https_endpoint}/_snapshot/${var.local_elasticsearch_repo_name}" -H 'Content-Type: application/json' -d '
{
"type": "s3",
"settings": {
"bucket": "${var.existing_s3_repo_bucket_name != "" ? var.existing_s3_repo_bucket_name : aws_s3_bucket.es_s3_repo.id}",
"region": "${var.region}"
}
}
'
EOT
}
depends_on = [ec_deployment.ec_minimal, null_resource.create_snapshot]
}
# Check the Elastic Cloud repository status until it becomes available
resource "null_resource" "restore_snapshot" {
count = var.local_elasticsearch_url != "" ? 1 : 0
triggers = {
status = length(regexall(".*nodes.*", file("./ec_repo.status"))) > 0
}
provisioner "local-exec" {
command = data.template_file.run_rest_api.rendered
}
}
# Run REST API to restore a snapshot
data "template_file" "run_rest_api" {
template = file("ec_rest_api.sh")
vars = {
ec-user = local.es_credentials.elasticsearch_username
ec-pwd = local.es_credentials.elasticsearch_password
ec-url = ec_deployment.ec_minimal.elasticsearch[0].https_endpoint
ec-repo = var.local_elasticsearch_repo_name
ec-snapshot = local.es_snapshot_name
}
}