Chore: Refactor module (#5)

* move vpc to module * Feature: Terraform CI (#4) * add tf workflow * update ci * update exit command * update return code * update exit code * fmt * update readme * add module * update vpc module * add vm module * add main * fmt * refactor * fmt * simplify vpc route table * fmt * Revert "simplify vpc route table" This reverts commit a8f22db. * update vars * update output
guyzsarun · Dec 18, 2023 · 5b968eb · 5b968eb
1 parent 89c4946
commit 5b968eb
Show file tree

Hide file tree

Showing 10 changed files with 129 additions and 83 deletions.
diff --git a/.gitignore b/.gitignore
@@ -5,6 +5,7 @@
 # .tfstate files
 *.tfstate
 *.tfstate.*
+kubeconfig*
 
 # Crash log files
 crash.log

diff --git a/bastion.tf b/bastion.tf
diff --git a/main.tf b/main.tf
@@ -0,0 +1,27 @@
+module "bastion" {
+  source       = "./modules/vm"
+  ssh_key_pair = var.ssh_key_pair
+
+  vm_name   = "bastion_vm"
+  subnet_id = aws_subnet.main-vpc-subnet-public[0].id
+
+  init_script = "./helper/init.sh"
+
+  security_group_ids = [
+    aws_security_group.allow_ssh.id,
+    aws_security_group.allow_egress.id
+  ]
+}
+
+module "private_bastion" {
+  source       = "./modules/vm"
+  ssh_key_pair = var.ssh_key_pair
+
+  vm_name   = "private_vm"
+  subnet_id = aws_subnet.main-vpc-subnet-private[0].id
+
+  security_group_ids = [
+    aws_security_group.allow_ssh.id,
+    aws_security_group.allow_egress.id
+  ]
+}
diff --git a/modules/vm/main.tf b/modules/vm/main.tf
@@ -0,0 +1,20 @@
+resource "aws_key_pair" "ssh_key_pair" {
+  key_name   = "${var.vm_name}-key"
+  public_key = var.ssh_key_pair
+}
+
+resource "aws_instance" "vm" {
+  ami           = var.vm_ami
+  instance_type = var.instance_type
+  key_name      = aws_key_pair.ssh_key_pair.key_name
+  monitoring    = true
+
+  subnet_id = var.subnet_id
+
+  user_data = var.init_script != null ? file(var.init_script) : null
+
+  vpc_security_group_ids = var.security_group_ids
+  tags = {
+    Name = var.vm_name
+  }
+}
diff --git a/modules/vm/outputs.tf b/modules/vm/outputs.tf
@@ -0,0 +1,11 @@
+output "id" {
+  value = aws_instance.vm.id
+}
+
+output "public_ip" {
+  value = aws_instance.vm.public_ip
+}
+
+output "private_ip" {
+  value = aws_instance.vm.private_ip
+}
diff --git a/modules/vm/variables.tf b/modules/vm/variables.tf
@@ -0,0 +1,29 @@
+variable "ssh_key_pair" {
+  type      = string
+  sensitive = true
+}
+
+variable "vm_ami" {
+  default = "ami-02453f5468b897e31" #amazon linux
+}
+
+variable "instance_type" {
+  default = "t2.micro"
+}
+
+variable "vm_name" {
+  type = string
+}
+
+variable "subnet_id" {
+  type = string
+}
+
+variable "security_group_ids" {
+  type = list(string)
+}
+
+variable "init_script" {
+  type    = string
+  default = null
+}
diff --git a/output.tf b/output.tf
diff --git a/outputs.tf b/outputs.tf
@@ -0,0 +1,30 @@
+output "bastion-vm" {
+  value = {
+    id         = module.bastion.id
+    private_ip = module.bastion.private_ip
+    public_ip  = module.bastion.public_ip
+  }
+}
+
+output "private-bastion-vm" {
+  value = {
+    id         = module.private_bastion.id
+    private_ip = module.private_bastion.private_ip
+  }
+}
+
+
+output "nat-gateway" {
+  value = {
+    public_ip  = aws_nat_gateway.nat-gw.public_ip
+    private_ip = aws_nat_gateway.nat-gw.private_ip
+  }
+}
+
+output "eks" {
+  value = {
+    cluster_name           = module.eks.cluster_name
+    cluster_endpoint       = module.eks.cluster_endpoint
+    get_kubeconfig_command = "aws eks update-kubeconfig --name ${module.eks.cluster_name}"
+  }
+}
diff --git a/variables.tf b/variables.tf
@@ -1,5 +1,6 @@
-variable "vm_ami" {
-  default = "ami-02453f5468b897e31"
+variable "vpc_name" {
+  type    = string
+  default = "default-vpc"
 }
 
 variable "aws_credentials" {

diff --git a/vpc.tf b/vpc.tf
@@ -4,7 +4,7 @@ resource "aws_vpc" "main-vpc" {
   enable_dns_hostnames = true
 
   tags = {
-    Name = "main-vpc"
+    Name = var.vpc_name
   }
 }
 
@@ -20,7 +20,7 @@ resource "aws_subnet" "main-vpc-subnet-private" {
   map_public_ip_on_launch = false
 
   tags = {
-    Name = "main-vpc-${data.aws_availability_zones.available.names[count.index]}-private"
+    Name = "${var.vpc_name}-${data.aws_availability_zones.available.names[count.index]}-private"
     Type = "private"
   }
 }
@@ -33,7 +33,7 @@ resource "aws_subnet" "main-vpc-subnet-public" {
   map_public_ip_on_launch = true
 
   tags = {
-    Name = "main-vpc-${data.aws_availability_zones.available.names[count.index]}-public"
+    Name = "${var.vpc_name}-${data.aws_availability_zones.available.names[count.index]}-public"
     Type = "public"
   }
 }
@@ -47,7 +47,7 @@ resource "aws_route_table" "main-vpc-public-routetable" {
   }
 
   tags = {
-    Name = "main-vpc-public-routetable"
+    Name = "${var.vpc_name}-public-routetable"
   }
 }
 
@@ -60,7 +60,7 @@ resource "aws_route_table" "main-vpc-private-routetable" {
   }
 
   tags = {
-    Name = "main-vpc-private-routetable"
+    Name = "${var.vpc_name}-private-routetable"
   }
 }
 
@@ -86,14 +86,14 @@ resource "aws_internet_gateway" "gw" {
   vpc_id = aws_vpc.main-vpc.id
 
   tags = {
-    Name = "internet-gw"
+    Name = "${var.vpc_name}-internet-gw"
   }
 }
 
 resource "aws_eip" "nat" {
   domain = "vpc"
   tags = {
-    Name = "nat"
+    Name = "${var.vpc_name}-nat"
   }
 }
 
@@ -103,7 +103,7 @@ resource "aws_nat_gateway" "nat-gw" {
   subnet_id     = aws_subnet.main-vpc-subnet-public[0].id
 
   tags = {
-    Name = "nat-gw"
+    Name = "${var.vpc_name}-nat-gw"
   }
 
   depends_on = [aws_internet_gateway.gw]