├── LICENSE
├── README.md
├── base
    ├── main.tf
    ├── outputs.tf
    └── variables.tf
└── web
    ├── main.tf
    ├── outputs.tf
    └── variables.tf


/LICENSE:
--------------------------------------------------------------------------------
 1 | The MIT License (MIT)
 2 | 
 3 | Copyright (c) 2016 Avi Tzurel
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 
23 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # terraform-example-with-modules
2 | 
3 | This is an example of dividing terraform definitions into modules. Basically
4 | taking the `two-tier` example from the terraform repository and modulirizing
5 | it.
6 | 
7 | 
8 | You can read more about it in the blog post http://avi.io/blog/2016/01/05/using-modules-in-terraform/
9 | 


--------------------------------------------------------------------------------
/base/main.tf:
--------------------------------------------------------------------------------
 1 | # Specify the provider and access details
 2 | 
 3 | resource "aws_key_pair" "auth" {
 4 |   key_name   = "${var.key_name}"
 5 |   public_key = "${file(var.public_key_path)}"
 6 | }
 7 | 
 8 | provider "aws" {
 9 |   region = "${var.aws_region}"
10 | }
11 | 
12 | # Create a VPC to launch our instances into
13 | resource "aws_vpc" "default" {
14 |   cidr_block = "10.0.0.0/16"
15 | }
16 | 
17 | # Create an internet gateway to give our subnet access to the outside world
18 | resource "aws_internet_gateway" "default" {
19 |   vpc_id = "${aws_vpc.default.id}"
20 | }
21 | 
22 | # Grant the VPC internet access on its main route table
23 | resource "aws_route" "internet_access" {
24 |   route_table_id         = "${aws_vpc.default.main_route_table_id}"
25 |   destination_cidr_block = "0.0.0.0/0"
26 |   gateway_id             = "${aws_internet_gateway.default.id}"
27 | }
28 | 
29 | # Create a subnet to launch our instances into
30 | resource "aws_subnet" "default" {
31 |   vpc_id                  = "${aws_vpc.default.id}"
32 |   cidr_block              = "10.0.1.0/24"
33 |   map_public_ip_on_launch = true
34 | }
35 | 
36 | # Our default security group to access
37 | # the instances over SSH and HTTP
38 | resource "aws_security_group" "default" {
39 |   name        = "terraform_example"
40 |   description = "Used in the terraform"
41 |   vpc_id      = "${aws_vpc.default.id}"
42 | 
43 |   # SSH access from anywhere
44 |   ingress {
45 |     from_port   = 22
46 |     to_port     = 22
47 |     protocol    = "tcp"
48 |     cidr_blocks = ["0.0.0.0/0"]
49 |   }
50 | 
51 |   # HTTP access from the VPC
52 |   ingress {
53 |     from_port   = 80
54 |     to_port     = 80
55 |     protocol    = "tcp"
56 |     cidr_blocks = ["10.0.0.0/16"]
57 |   }
58 | 
59 |   # outbound internet access
60 |   egress {
61 |     from_port   = 0
62 |     to_port     = 0
63 |     protocol    = "-1"
64 |     cidr_blocks = ["0.0.0.0/0"]
65 |   }
66 | }
67 | 


--------------------------------------------------------------------------------
/base/outputs.tf:
--------------------------------------------------------------------------------
 1 | output "default_vpc_id" {
 2 |   value = "${aws_vpc.default.id}"
 3 | }
 4 | 
 5 | output "default_security_group_id" {
 6 |   value = "${aws_security_group.default.id}"
 7 | }
 8 | 
 9 | output "default_subnet_id" {
10 |   value = "${aws_subnet.default.id}"
11 | }
12 | 
13 | output "aws_key_pair_id" {
14 |   source "${aws_key_pair.id.auth.id}"
15 | }
16 | 


--------------------------------------------------------------------------------
/base/variables.tf:
--------------------------------------------------------------------------------
 1 | variable "public_key_path" {
 2 |   description = <<DESCRIPTION
 3 | Path to the SSH public key to be used for authentication.
 4 | Ensure this keypair is added to your local SSH agent so provisioners can
 5 | connect.
 6 | 
 7 | Example: ~/.ssh/terraform.pub
 8 | DESCRIPTION
 9 | }
10 | 
11 | variable "key_name" {
12 |   description = "Desired name of AWS key pair"
13 | }
14 | 
15 | variable "aws_region" {
16 |   description = "AWS region to launch servers."
17 |   default = "us-west-2"
18 | }
19 | 
20 | # Ubuntu Precise 12.04 LTS (x64)
21 | variable "aws_amis" {
22 |   default = {
23 |     eu-west-1 = "ami-b1cf19c6"
24 |     us-east-1 = "ami-de7ab6b6"
25 |     us-west-1 = "ami-3f75767a"
26 |     us-west-2 = "ami-21f78e11"
27 |   }
28 | }
29 | 


--------------------------------------------------------------------------------
/web/main.tf:
--------------------------------------------------------------------------------
 1 | module "base" {
 2 |   source = "../base"
 3 |   public_key_path = "${var.public_key_path}"
 4 |   key_name = "${var.key_name}"
 5 |   aws_region = "${var.aws_region}"
 6 | }
 7 | 
 8 | # A security group for the ELB so it is accessible via the web
 9 | resource "aws_security_group" "elb" {
10 |   name        = "terraform_example_elb"
11 |   description = "Used in the terraform"
12 |   vpc_id      = "${module.base.default_vpc_id}"
13 | 
14 |   # HTTP access from anywhere
15 |   ingress {
16 |     from_port   = 80
17 |     to_port     = 80
18 |     protocol    = "tcp"
19 |     cidr_blocks = ["0.0.0.0/0"]
20 |   }
21 | 
22 |   # outbound internet access
23 |   egress {
24 |     from_port   = 0
25 |     to_port     = 0
26 |     protocol    = "-1"
27 |     cidr_blocks = ["0.0.0.0/0"]
28 |   }
29 | }
30 | 
31 | resource "aws_elb" "web" {
32 |   name = "terraform-example-elb"
33 | 
34 |   subnets         = ["${module.base.default_subnet_id}"]
35 |   security_groups = ["${module.base.default_security_group_id}"]
36 |   instances       = ["${aws_instance.web.id}"]
37 | 
38 |   listener {
39 |     instance_port     = 80
40 |     instance_protocol = "http"
41 |     lb_port           = 80
42 |     lb_protocol       = "http"
43 |   }
44 | 
45 | }
46 | 
47 | resource "aws_instance" "web" {
48 |   # The connection block tells our provisioner how to
49 |   # communicate with the resource (instance)
50 |   connection {
51 |     # The default username for our AMI
52 |     user = "ubuntu"
53 | 
54 |     # The connection will use the local SSH agent for authentication.
55 |   }
56 | 
57 |   instance_type = "m1.small"
58 | 
59 |   # Lookup the correct AMI based on the region
60 |   # we specified
61 |   ami = "${lookup(var.aws_amis, var.aws_region)}"
62 | 
63 |   # The name of our SSH keypair we created above.
64 |   key_name = "${module.base.aws_key_pair_id}"
65 | 
66 |   # Our Security group to allow HTTP and SSH access
67 |   vpc_security_group_ids = ["${module.base.default_security_group_id}"]
68 | 
69 |   # We're going to launch into the same subnet as our ELB. In a production
70 |   # environment it's more common to have a separate private subnet for
71 |   # backend instances.
72 |   subnet_id = "${module.base.default_subnet_id}"
73 | 
74 |   # We run a remote provisioner on the instance after creating it.
75 |   # In this case, we just install nginx and start it. By default,
76 |   # this should be on port 80
77 |   provisioner "remote-exec" {
78 |     inline = [
79 |       "sudo apt-get -y update",
80 |       "sudo apt-get -y install nginx",
81 |       "sudo service nginx start"
82 |     ]
83 |   }
84 | }
85 | 


--------------------------------------------------------------------------------
/web/outputs.tf:
--------------------------------------------------------------------------------
1 | output "address" {
2 |   value = "${aws_elb.web.dns_name}"
3 | }
4 | 


--------------------------------------------------------------------------------
/web/variables.tf:
--------------------------------------------------------------------------------
 1 | variable "public_key_path" {
 2 |   description = <<DESCRIPTION
 3 | Path to the SSH public key to be used for authentication.
 4 | Ensure this keypair is added to your local SSH agent so provisioners can
 5 | connect.
 6 | 
 7 | Example: ~/.ssh/terraform.pub
 8 | DESCRIPTION
 9 | }
10 | 
11 | variable "key_name" {
12 |   description = "Desired name of AWS key pair"
13 | }
14 | 
15 | variable "aws_region" {
16 |   description = "AWS region to launch servers."
17 |   default = "us-west-2"
18 | }
19 | 
20 | # Ubuntu Precise 12.04 LTS (x64)
21 | variable "aws_amis" {
22 |   default = {
23 |     eu-west-1 = "ami-b1cf19c6"
24 |     us-east-1 = "ami-de7ab6b6"
25 |     us-west-1 = "ami-3f75767a"
26 |     us-west-2 = "ami-21f78e11"
27 |   }
28 | }
29 | 


--------------------------------------------------------------------------------