SpaceONE infrastructure automation provisioning code
- Based on AWS
- Implementation of Terraform and Ansible
- Guaranteed Terraform Version 0.14.2
- Separated workspace from each supported parts
- Thus, Each parts is must be executed separately
- mongodb
- bastion
- route53
- security_group
- shard_cluster
we recommended to use S3 Backend for state management and state locking.
backend.tfvars file looks like
# AWS S3 bucket name for backend
bucket = ""
# AWS S3 object key for tfstate file
key = ""
region = ""
# support locking via DynamoDB
dynamodb_table = ""Fill out backend.tfvars values and terraform init run
> terraform init --var-file=backend.tfvarsEach parts included .auto.tfvars files for your environment properly.
For example, mongodb parts included security_group.auto.tfvars and shard_cluster.auto.tfvars.
Let's see a security_group.auto.tfvars for instance.
# security_group.tfvars
region = ""
vpc_id = ""
mongodb_bastion_ingress_rule_admin_access_security_group_id = "" # From Source security group ID for Administrator access
mongodb_bastion_ingress_rule_admin_access_port = 0
mongodb_app_ingress_rule_mongodb_access_security_group_id = "" # From Source security group ID for Worker NodesYou can fill out all of .auto.tfvars in each parts.
Configure for Ansible in bastion instance automatically. Fill out SSH PEM Key string to access each nodes through bastion Ansible if you want. PEM Key string must be the same when deploy instances selected key pairs.
spaceone/terraform/modules/ssh_pem/mongodb.pem
# mongodb.pem
-----BEGIN RSA PRIVATE KEY-----
ENTER_YOUR_PRIVATE_KEY_STRING
-----END RSA PRIVATE KEY-----
if you don't set SSH Key, you must set PEM key in bastion manually for Ansible after deployment.
And then, make file for your environment.
We already add default.auto.tfvars for example.
default.auto.tfvars is simple. It looks like
environment = "dev"
region = ""Fill out the values in default.auto.tfvars.
It's time to run the Terraform plan !
If you run the mongodb with all of tfvars in mongodb parts,
> terraform planGo to build your spaceONE using launchpad !
> terraform apply- ubuntu_base
- mongodb_base
- mongod
- mongos
- config_replicaset
- data_node_replicaset
- shard_cluster
- bastion
- backup1_install_pbm
- backup2_db_backup_role
- backup3_shardwide_setting
- backup4_start_agent
We will use Ansible dynamic inventory. Configuration for using Ansible dynamic inventory is already filled except one thing - region.
spaceone/ansible/inventory/aws_ec2.yml
# aws_ec2.yml
plugin: aws_ec2
regions:
- us-west-1 # region where mongodb place
...Please check do ansible-inventory command.
> ansible-inventory --graph -i inventory/The result should look like this
@all:
|--@aws_ec2:
| |--mongodb-bastion
| |--mongodb-cfg1
| |--mongodb-cfg2
| |--mongodb-cfg3
...
spaceone/ansible/inventory/group_vars/mongodb.yml
We will run ansible playbook mongodb.yml only. This playbook is included variety roles for configuration MongoDB.
You must set variables in this playbook for use.
Ready to Run. It's simple! Run playbook now.
> ansible-playbook -i inventory/ mongodb.ymlbackup roles use the same variable file with mongodb.yml, fill out backup configuration part!
spaceone/ansible/inventory/group_vars/mongodb.yml
# Backup Configuration
backup_or_not: # True | False
region_of_S3: "" # <region of backup bucket>
bucket_name: "" # <backup bucket name>
...Run playbook!
> ansible-playbook -i inventory/ backup.yml