├── _config.yml ├── terraform ├── gcp │ ├── instance │ │ ├── output.tf │ │ └── instance.tf │ ├── bucket │ │ ├── image.png │ │ └── bucket.tf │ ├── provider.tf │ ├── variables.tf │ ├── main.tf │ └── gke │ │ └── gke.tf └── aws │ ├── provider.tf │ ├── main.tf │ ├── output.tf │ ├── variables.tf │ ├── lambda │ └── lambda.tf │ └── ec2 │ └── ec2.tf ├── .gitignore ├── Vagrantfile ├── playbooks ├── rhel │ └── ec2-configure.yml └── ubuntu │ ├── k8s.yml │ ├── openshift.sh │ ├── gce-configure.yml │ ├── consul.yml │ ├── nomad.yml │ ├── ec2-configure.yml │ ├── openshift-gce.yml │ ├── hashistack.yml │ ├── hystrix.yml │ └── jenkins.yml ├── LICENSE └── README.md /_config.yml: -------------------------------------------------------------------------------- 1 | theme: jekyll-theme-dinky 2 | -------------------------------------------------------------------------------- /terraform/gcp/instance/output.tf: -------------------------------------------------------------------------------- 1 | output "ip" { 2 | value = "${google_compute_address.sample.address}" 3 | } 4 | 5 | -------------------------------------------------------------------------------- /terraform/gcp/bucket/image.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramitsurana/terraform-ansible-setup/HEAD/terraform/gcp/bucket/image.png -------------------------------------------------------------------------------- /terraform/aws/provider.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | access_key = "${var.access_key}" 3 | secret_key = "${var.secret_key}" 4 | region = "${var.region}" 5 | } 6 | 7 | -------------------------------------------------------------------------------- /terraform/gcp/provider.tf: -------------------------------------------------------------------------------- 1 | provider "google" { 2 | credentials = "${file("${var.account_file}")}" 3 | project = "${var.google_project_id}" 4 | region = "${var.region}" 5 | } 6 | -------------------------------------------------------------------------------- /terraform/aws/main.tf: -------------------------------------------------------------------------------- 1 | module "ec2" { 2 | source = "./ec2" 3 | } 4 | 5 | #module "s3" { 6 | # source = "./s3" 7 | #} 8 | 9 | module "lambda" { 10 | source = "./lambda" 11 | } 12 | -------------------------------------------------------------------------------- /terraform/gcp/variables.tf: -------------------------------------------------------------------------------- 1 | variable "google_project_id" { default = "gkr-demo" } 2 | variable "account_file" { default = "account.json" } 3 | variable "region" { default = "us-east1" } 4 | 5 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Local .terraform directories 2 | **/.terraform/* 3 | 4 | # .tfstate files 5 | *.tfstate 6 | *.tfstate.* 7 | 8 | # .tfvars files 9 | *.tfvars 10 | 11 | *.retry 12 | playbooks/*.swp 13 | -------------------------------------------------------------------------------- /terraform/gcp/main.tf: -------------------------------------------------------------------------------- 1 | module "instance" { 2 | source = "./instance" 3 | } 4 | 5 | #module "gke" { 6 | # source = "./gke" 7 | #} 8 | 9 | #module "bucket" { 10 | # source = "./bucket" 11 | #} 12 | 13 | -------------------------------------------------------------------------------- /terraform/aws/output.tf: -------------------------------------------------------------------------------- 1 | #output "instance" { 2 | # value = "${module.ec2.aws_instance.launch_instance.instance_type}" 3 | #} 4 | 5 | output "public_ip" { 6 | value = "${module.ec2.aws_instance.aws_instance.public_ip}" 7 | } 8 | -------------------------------------------------------------------------------- /terraform/aws/variables.tf: -------------------------------------------------------------------------------- 1 | variable "access_key" { 2 | description = "The AWS access key." 3 | default = "" 4 | } 5 | 6 | variable "secret_key" { 7 | description = "The AWS secret key." 8 | default = "" 9 | } 10 | 11 | variable "region" { 12 | description = "The AWS region to create resources in." 13 | default = "ap-southeast-2" 14 | } 15 | 16 | -------------------------------------------------------------------------------- /Vagrantfile: -------------------------------------------------------------------------------- 1 | Vagrant.configure("2") do |config| 2 | config.vm.define "server1" do |server1| 3 | server1.vm.box = "ubuntu/precise64" 4 | server1.vm.hostname = 'server1' 5 | server1.vm.box_url = "ubuntu/precise64" 6 | 7 | server1.vm.network :private_network, ip: "192.168.56.101" 8 | 9 | end 10 | 11 | config.vm.define "server2" do |server2| 12 | server2.vm.box = "precise64" 13 | server2.vm.hostname = 'server2' 14 | server2.vm.box_url = "ubuntu/precise64" 15 | 16 | automate.vm.network :private_network, ip: "192.168.56.102" 17 | end 18 | end 19 | -------------------------------------------------------------------------------- /terraform/gcp/gke/gke.tf: -------------------------------------------------------------------------------- 1 | variable "zone" { default = "us-east1-b" } 2 | 3 | resource "google_container_cluster" "gke1" { 4 | name = "gke1" 5 | zone = "${var.zone}" 6 | initial_node_count = 2 7 | 8 | master_auth { 9 | username = "admin" 10 | password = "admin" 11 | } 12 | 13 | node_config { 14 | oauth_scopes = [ 15 | "https://www.googleapis.com/auth/compute", 16 | "https://www.googleapis.com/auth/devstorage.read_only", 17 | "https://www.googleapis.com/auth/logging.write", 18 | "https://www.googleapis.com/auth/monitoring" 19 | ] 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /terraform/gcp/bucket/bucket.tf: -------------------------------------------------------------------------------- 1 | resource "google_storage_bucket" "image-store" { 2 | name = "store-bucket" 3 | location = "US" 4 | 5 | website { 6 | main_page_suffix = "index.html" 7 | not_found_page = "404.html" 8 | } 9 | } 10 | 11 | #Not Working Due to Change in method of ACL policies in gcp bucket 12 | #Ref: https://cloud.google.com/storage/docs/access-control/iam?hl=en_US#project-level_roles_vs_bucket-level_roles 13 | #resource "google_storage_bucket_object" "picture" { 14 | # name = "gcp-sample-image" 15 | # source = "/home/ramit/image.png" 16 | # bucket = "image-store" 17 | #} 18 | 19 | -------------------------------------------------------------------------------- /playbooks/rhel/ec2-configure.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Configure EC2 instance 4 | hosts: ec2 5 | connection: ssh 6 | sudo: true 7 | 8 | 9 | tasks: 10 | - name: Update the machine 11 | command: yum update -y 12 | 13 | - name: Installing essentials 14 | become: yes 15 | command: yum install yum-utils wget -y 16 | 17 | - name: Configuring Yum 18 | become: yes 19 | command: yum-config-manager --enable rhui-REGION-rhel-server-extras 20 | 21 | - name: Installing docker 22 | become: yes 23 | command: yum install docker -y 24 | 25 | - name: Restarting docker service 26 | become: yes 27 | command: service docker restart 28 | 29 | - name: Update the machine 30 | command: yum update -y 31 | 32 | 33 | -------------------------------------------------------------------------------- /playbooks/ubuntu/k8s.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Kubernetes 4 | hosts: ec2 for AWS, gce for Google Cloud 5 | connection: ssh 6 | 7 | tasks: 8 | - name: Installing from https://get.k8s.io 9 | command: export KUBERNETES_PROVIDER=gce/aws/azure; wget -q -O - https://get.k8s.io | bash 10 | 11 | - name: Installing kubectl 12 | command: curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl > kubectl 13 | 14 | - name: Changing Permissions 15 | command: chmod 750 kubectl 16 | 17 | - name: Setting up kubeconfig 18 | command: export KUBECONFIG=~/.kube/config 19 | 20 | - name: Changing kubectl path 21 | command: mv kubectl /usr/local/bin/ 22 | -------------------------------------------------------------------------------- /playbooks/ubuntu/openshift.sh: -------------------------------------------------------------------------------- 1 | set -x 2 | 3 | # Install KVM 4 | sudo apt install qemu-kvm libvirt-bin -y 5 | sudo gpasswd -a $(whoami) libvirtd -y 6 | sudo newgrp libvirtd 7 | 8 | # Install Driver 9 | curl -L https://github.com/dhiltgen/docker-machine-kvm/releases/download/v0.10.0/docker-machine-driver-kvm-ubuntu14.04 > /usr/local/bin/docker-machine-driver-kvm \ 10 | sudo chmod +x /usr/local/bin/docker-machine-driver-kvm 11 | 12 | # Clone the openshift-ansible repo, which contains the installer. 13 | wget /home/$USER/ https://github.com/minishift/minishift/releases/download/v1.2.0/minishift-1.2.0-linux-amd64.tgz 14 | tar xvzf /home/$USER/minishift-1.2.0-linux-amd64.tgz 15 | sudo mv /home/$USER/minishift .local/bin 16 | 17 | #Starting Minishift 18 | sudo minishift start 19 | sudo minishift dashboard 20 | -------------------------------------------------------------------------------- /terraform/aws/lambda/lambda.tf: -------------------------------------------------------------------------------- 1 | variable "zone" { default = "us-east1-b" } 2 | 3 | resource "aws_iam_role" "iam_for_lambda" { 4 | name = "iam_for_lambda" 5 | 6 | assume_role_policy = <nomad.log & 40 | -------------------------------------------------------------------------------- /playbooks/ubuntu/ec2-configure.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Configure EC2 instance 4 | hosts: ec2 5 | connection: ssh 6 | sudo: true 7 | 8 | 9 | tasks: 10 | - name: Update the machine 11 | command: sudo apt-get clean && update -y 12 | 13 | - name: Installing essentials 14 | command: apt-get install apt-transport-https ca-certificates curl software-properties-common -y 15 | 16 | - name: Installing Curl 17 | command: apt-get install curl -y 18 | 19 | - name: Installing docker 20 | command: sudo apt-get install docker.io -y 21 | 22 | - name: Adding docker user to group 23 | command: sudo usermod -aG docker ${USER} 24 | 25 | - name: Restarting docker service 26 | command: sudo service docker restart 27 | 28 | - name: Updating the machine 2 29 | command: sudo apt-get update 30 | 31 | - name: Installing Python Pip 32 | command: sudo apt-get install python-pip python-dev build-essential -y 33 | 34 | - name: Installing Docker compose 35 | command: sudo pip install docker-compose==1.3.0 36 | 37 | - name: apt update 38 | apt: update_cache=yes cache_valid_time=3600 39 | register: apt_result 40 | until: apt_result|success 41 | retries: 3 42 | delay: 1 43 | sudo: yes 44 | ignore_errors: yes 45 | 46 | - name: retry if needed using command apt-get update 47 | command: apt-get update 48 | sudo: yes 49 | when: apt_result|failed 50 | 51 | -------------------------------------------------------------------------------- /playbooks/ubuntu/openshift-gce.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Openshift 4 | hosts: gce 5 | connection: ssh 6 | 7 | tasks: 8 | - name: Copy openshift.sh on host 9 | copy: src=openshift.sh dest=~/home/$USER/ 10 | 11 | - name: Chnaging Permissions 12 | command: sudo chmod +x ~/home/$USER/openshift.sh 13 | 14 | - name: Installations 15 | command: sudo apt install qemu-kvm libvirt-bin -y 16 | 17 | # - name: Installations 18 | # command: sudo gpasswd -a $(USER) libvirtd -y 19 | 20 | - name: Installing Drivers 21 | get_url: 22 | url: https://github.com/dhiltgen/docker-machine-kvm/releases/download/v0.10.0/docker-machine-driver-kvm-ubuntu14.04 23 | dest: /usr/local/bin/docker-machine-driver-kvm 24 | force_basic_auth: yes 25 | 26 | - name: Changing Permissions 27 | command: sudo chmod +x /usr/local/bin/docker-machine-driver-kvm 28 | 29 | - name: Installing Minishift tar 30 | command: sudo wget -P /home/$USER/ https://github.com/minishift/minishift/releases/download/v1.2.0/minishift-1.2.0-linux-amd64.tgz 31 | 32 | - name: Untar minishift 33 | command: tar xvzf /home/$USER/minishift-1.2.0-linux-amd64.tgz 34 | 35 | - name: Adding to BASH 36 | command: sudo mv /home/$USER/minishift /usr/local/bin/ 37 | 38 | - name: Starting minishfit 39 | command: sudo minishift start 40 | 41 | - name: Starting minishfit Dashboard 42 | command: sudo minishift console 43 | 44 | # - name: Running Openshift Script 45 | # command: sudo nohup ./home/$USER/openshift.sh > /dev/null 2>&1 & 46 | -------------------------------------------------------------------------------- /playbooks/ubuntu/hashistack.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Consul 4 | hosts: gce 5 | connection: ssh 6 | 7 | tasks: 8 | - name: Downloading Consul 9 | command: wget -P /home/$USER/ https://releases.hashicorp.com/consul/0.8.5/consul_0.8.5_linux_amd64.zip 10 | 11 | - name: Unzipping 12 | command: sudo unzip /home/$USER/consul_0.8.5_linux_amd64.zip 13 | 14 | - name: Adding permissions 15 | command: sudo chmod +x /home/$USER/consul 16 | 17 | - name: Changing dir 18 | command: sudo mv /home/$USER/consul /usr/bin/ 19 | 20 | - name: Creating Dir and changing dir 21 | command: mkdir /opt/consul-ui && cd /opt/consul-ui 22 | 23 | - name: Downloading Consul UI 24 | command: wget https://releases.hashicorp.com/consul/0.7.2/consul_0.7.2_web_ui.zip 25 | 26 | - name: Unzipping Consul UI 27 | command: unzip consul_0.7.2_web_ui.zip 28 | 29 | - name: Running consul UI. Check http://localhost:8500/ui 30 | command: consul agent -dev -ui -data-dir /tmp/consul 31 | 32 | - name: Runnning Consul 33 | command: consul agent -dev -data-dir=/tmp/consul -d 34 | 35 | - name: Installing Nomad 36 | command: wget -P /home/$USER/ https://releases.hashicorp.com/nomad/0.5.6/nomad_0.5.6_linux_amd64.zip 37 | 38 | - name: Unzipping 39 | command: sudo unzip /home/$USER/nomad_0.5.6_linux_amd64.zip 40 | 41 | - name: Adding permissions 42 | command: sudo chmod +x /home/$USER/nomad 43 | 44 | - name: Adding to BASH 45 | command: sudo mv /home/$USER/nomad /usr/local/bin/ 46 | 47 | - name: Creating nomad.d 48 | command: sudo mkdir -p /etc/nomad.d 49 | 50 | - name: Changing permissions nomad.d 51 | command: sudo chmod a+w /etc/nomad.d 52 | 53 | - name: Creating /opt/nomad/data 54 | command: sudo mkdir -p /opt/nomad/data 55 | 56 | - name: Creating /var/log/nomad/ 57 | command: sudo mkdir -p /var/log/nomad 58 | 59 | - name: Changing Permissions 60 | command: sudo chmod a+w /var/log/nomad 61 | 62 | - name: Copying server.hcl 63 | copy: src=server.hcl dest=~/home/$USER/ 64 | 65 | - name: Running Nomad Agent 66 | command: sudo nohup nomad agent -config /etc/nomad.d/server.hcl &>nomad.log & 67 | 68 | 69 | 70 | -------------------------------------------------------------------------------- /playbooks/ubuntu/hystrix.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Hystrix 4 | hosts: ec2 5 | connection: ssh 6 | sudo: yes 7 | 8 | tasks: 9 | - name: Upgrading System 10 | command: sudo apt-get upgrade -y 11 | 12 | - name: Install wget 13 | apt: pkg=wget 14 | apt: pkg=git 15 | apt: pkg=openjdk-8-jdk 16 | apt: unzip 17 | 18 | - name: Installing gradle package 19 | command: wget https://services.gradle.org/distributions/gradle-3.4.1-bin.zip 20 | 21 | - name: Making Dir gradle 22 | command: sudo mkdir /opt/gradle 23 | 24 | - name: Making Dir gradle 25 | command: sudo unzip -d /opt/gradle gradle-3.4.1-bin.zip 26 | 27 | - name: Exporting PATH 28 | command: export PATH=$PATH:/opt/gradle/gradle-3.4.1/bin 29 | 30 | - name: Installing erlang package 31 | command: wget http://packages.erlang-solutions.com/ubuntu/erlang_solutions.asc 32 | 33 | - name: Adding erlang key 34 | command: sudo apt-key add erlang_solutions.asc -y 35 | 36 | - name: Updating system 37 | command: sudo apt-get update -y 38 | 39 | - name: Installing erlang 40 | apt: pkg=erlang 41 | apt: pkg=erlang-nox 42 | 43 | - name: Enabling rabbitmq app repo 44 | command: echo "deb http://www.rabbitmq.com/debian/ testing main" >> /etc/apt/sources.list 45 | 46 | - name: Getting public key for rabbitmq 47 | command: wget https://www.rabbitmq.com/rabbitmq-signing-key-public.asc 48 | 49 | - name: Adding public key for rabbitmq 50 | commad: sudo apt-key add rabbitmq-signing-key-public.asc 51 | 52 | - name: Updating system 53 | command: sudo apt-get update -y 54 | 55 | - name: Updating system 56 | command: sudo apt-get install rabbitmq-server -y 57 | 58 | - name: Enabling rabbitmq-server 59 | command: systemctl enable rabbitmq-server 60 | 61 | - name: Start rabbitmq-server 62 | command: systemctl start rabbitmq-server 63 | 64 | - name: Start rabbitmq plugins 65 | command: sudo rabbitmq-plugins enable rabbitmq_management 66 | 67 | - name: Installing git and gradle 68 | command: sudo rabbitmq-plugins enable rabbitmq_management 69 | 70 | - name: Cloning Hystrix git repo 71 | command: git clone git@github.com:Netflix/Hystrix.git 72 | 73 | - name: Changing dir 74 | command: cd Hystrix/hystrix-dashboard 75 | 76 | - name: Running hystix-dashboard.Check 127.0.0.1/7979/hystrix-dashboard 77 | command: ../gradlew jettyRun 78 | -------------------------------------------------------------------------------- /terraform/gcp/instance/instance.tf: -------------------------------------------------------------------------------- 1 | variable "zone" { default = "us-east1-b" } 2 | variable "tags" { default = ["sample", "sample1", "sample2"] } 3 | variable "image" { default = "ubuntu-1404-trusty-v20170703" } 4 | variable "machine_type" { default = "n1-standard-1" } 5 | 6 | resource "google_compute_instance" "sample" { 7 | count = "${length(var.tags)}" 8 | name = "sample-${count.index+1}" 9 | machine_type = "${var.machine_type}" 10 | zone = "${var.zone}" 11 | tags = ["${var.tags[count.index]}"] 12 | 13 | disk = { 14 | image = "${var.image}" 15 | } 16 | 17 | network_interface { 18 | network = "default" 19 | access_config { 20 | // Ephemeral IP 21 | } 22 | } 23 | } 24 | 25 | resource "google_compute_address" "sample" { 26 | name = "tf-sample-address" 27 | } 28 | 29 | resource "google_compute_target_pool" "sample" { 30 | name = "tf-sample-target-pool" 31 | instances = ["${google_compute_instance.sample.*.self_link}"] 32 | health_checks = ["${google_compute_http_health_check.http.name}"] 33 | } 34 | 35 | resource "google_compute_forwarding_rule" "http" { 36 | name = "tf-sample-http-forwarding-rule" 37 | target = "${google_compute_target_pool.sample.self_link}" 38 | ip_address = "${google_compute_address.sample.address}" 39 | port_range = "80" 40 | } 41 | 42 | resource "google_compute_forwarding_rule" "tcp" { 43 | name = "tf-sample-tcp-forwarding-rule" 44 | target = "${google_compute_target_pool.sample.self_link}" 45 | ip_address = "${google_compute_address.sample.address}" 46 | port_range = "8080" 47 | } 48 | 49 | resource "google_compute_forwarding_rule" "https" { 50 | name = "tf-sample-https-forwarding-rule" 51 | target = "${google_compute_target_pool.sample.self_link}" 52 | ip_address = "${google_compute_address.sample.address}" 53 | port_range = "443" 54 | } 55 | 56 | resource "google_compute_http_health_check" "http" { 57 | name = "tf-sample-http-basic-check" 58 | request_path = "/" 59 | check_interval_sec = 1 60 | healthy_threshold = 1 61 | unhealthy_threshold = 10 62 | timeout_sec = 1 63 | } 64 | 65 | resource "google_compute_firewall" "sample" { 66 | name = "tf-sample-firewall" 67 | network = "default" 68 | 69 | allow { 70 | protocol = "tcp" 71 | ports = ["80", "443", "8080"] 72 | } 73 | 74 | source_ranges = ["0.0.0.0/0"] 75 | target_tags = ["sample-node"] 76 | } 77 | output "sample" { 78 | value = "${google_compute_instance.sample.public_ip}" 79 | } 80 | -------------------------------------------------------------------------------- /playbooks/ubuntu/jenkins.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Jenkins 4 | hosts: gce1 5 | connection: ssh 6 | sudo: yes 7 | ignore_errors: yes 8 | 9 | tasks: 10 | - name: Installing Software Properties 11 | become: yes 12 | command: apt-get install software-properties-common -y 13 | 14 | - name: Add Oracle Java Repository 15 | become: yes 16 | apt_repository: repo='ppa:webupd8team/java' 17 | 18 | - name: Add repo2 19 | command: echo "deb http://ppa.launchpad.net/webupd8team/java/ubuntu trusty main" | tee /etc/apt/sources.list.d/webupd8team-java.list 20 | 21 | - name: Adding repo3 22 | command: echo "deb-src http://ppa.launchpad.net/webupd8team/java/ubuntu trusty main" | tee -a /etc/apt/sources.list.d/webupd8team-java.list 23 | 24 | - name: Adding Key 1 25 | command: apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys EEA14886 26 | 27 | - name: apt update 28 | apt: update_cache=yes cache_valid_time=3600 29 | register: apt_result 30 | until: apt_result|success 31 | retries: 3 32 | delay: 1 33 | sudo: yes 34 | ignore_errors: yes 35 | 36 | - name: retry if needed using command apt-get update 37 | command: apt-get update 38 | sudo: yes 39 | when: apt_result|failed 40 | 41 | - name: Fixing dpkg 42 | command: sudo dpkg --configure -a 43 | 44 | - name: Echoing java 8 45 | become: yes 46 | debconf: name='oracle-java8-installer' question='shared/accepted-oracle-license-v1-1' value='true' vtype='select' 47 | 48 | - name: Installing Java 8 Installer 49 | become: yes 50 | command: apt-get install oracle-java8-installer -y 51 | 52 | - name: Installing Java 8 53 | command: sudo apt-get install oracle-java8-set-default ca-certificates -y 54 | 55 | - name: Configure apt key for jenkins repository 56 | action: apt_key url=http://pkg.jenkins-ci.org/debian/jenkins-ci.org.key state=present 57 | 58 | - name: Add jenkins APT repository 59 | action: apt_repository repo='deb http://pkg.jenkins-ci.org/debian-stable binary/' state=present 60 | 61 | - name: apt update 62 | apt: update_cache=yes cache_valid_time=3600 63 | register: apt_result 64 | until: apt_result|success 65 | retries: 3 66 | delay: 1 67 | sudo: yes 68 | ignore_errors: yes 69 | 70 | - name: retry if needed using command apt-get update 71 | command: apt-get update 72 | sudo: yes 73 | when: apt_result|failed 74 | 75 | - name: Fixing unmet dependency 76 | command: sudo apt-get -f install -y 77 | 78 | - name: Installing Jenkins 79 | command: sudo apt-get install jenkins -y 80 | 81 | - name: Starting Jenkins 82 | command: sudo service jenkins restart 83 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | **WARNING:** The files may be outdated as of today (June 2019) . Kindly use it with precaution. 2 | 3 | # Terraform-ansible-setup 4 | Setting up your complete infrastructure on cloud premises using Infrastructure as a Code 5 | 6 | ## Prerequisites 7 | 8 | * Ansible 9 | * Terraform 10 | 11 | | Cloud | Requirements | Operating System | Region | 12 | | ------------- |:--------------------------------------:|:------------------------------------------------:|----------------| 13 | | AWS | *Nil* | Ubuntuv14.04(ami-21766642)/Rhelv7(ami-9a3322f9) | ap-southeast-2 | 14 | | GCP | gcloud cli, Apache-Libcloud(==1.2.0) | Ubuntu 14.04 (ubuntu-1404-trusty-v20170703) | us-east1-b | 15 | | Azure | *Coming Soon* | | | 16 | 17 | ## Design 18 | 19 | The idea of this project is to make easy deployment of our infrastructure using the concept of Infrastructure as a Code.For this purpose,I have used 2 tier architecture setup consisting of two different tools, Terraform and Ansible.Terraform is used in order to provision the required instances on Cloud.Whereas, ansible is used to configure our application. 20 | 21 | ![arch2](https://user-images.githubusercontent.com/8342133/28283464-6c37d870-6b4b-11e7-9cf0-ac46aed9c594.png) 22 | 23 | 24 | ## Setup 25 | 26 | * [Terraform](#terraform) 27 | * [Ansible](#ansible) 28 | 29 | ## Sample Video Demonstrations 30 | 31 | Sample video output can be found out for Google Cloud Platform [here](https://youtu.be/EE1Z_9F98vU) : 32 | 33 | IMAGE ALT TEXT HERE 34 | 35 | ### Terraform 36 | 37 | For getting started with ansible,choose your cloud premise: 38 | 39 | * [AWS-Terraform](#aws-terraform) 40 | * [GCP-Terraform](#gcp-terraform) 41 | 42 | 43 | 44 | #### [AWS-Terraform](#aws-terraform) 45 | 46 | ami-9a3322f9 - RedHat 7.3 Image 47 | 48 | 49 | For AWS usage you can create a universal Access and Secret Key ID at 50 | 51 | **IAM Console -> Access Keys (Access Key ID and Secret Access Key)** 52 | 53 | Replace your Access ID and Secret Key ID [here](https://github.com/ramitsurana/terraform-ansible-setup/blob/master/terraform/aws/variables.tf) 54 | 55 | The main.tf file contains the provisioning of ec2 instance including creation of security group. 56 | 57 | ##### [GCP-Terraform](#gcp-terraform) 58 | 59 | 1. Like in AWS,we have security credentials for accessing unlimited resources,in gcp we can use a security key in JSON format in order to use the resources.This can be generated by visiting 60 | 61 | **Google Cloud Dashboard -> IAM & Admin -> Service Accounts -> Choose a Service Account -> Options -> Create Key** 62 | 63 | 2. Download this json key and keep it under 64 | 65 | **terraform-ansible-setup -> GCP -> YOUR-ACCOUNT-ID.JSON** 66 | 67 | *For my reference,I have name it as account.json in my variables.tf file* 68 | 69 | 3. Connect your terminal with gcp via ssh using the following command: 70 | 71 | ```` 72 | $ sudo cat ~/.ssh/id_rsa.pub 73 | ```` 74 | 4. Copy and Paste the above output at 75 | 76 | **Google Cloud Dashboard -> Compute Engine -> Metadata -> SSH Keys -> Add New Key** 77 | 78 | 5. Install the gcloud cli using : 79 | 80 | ```` 81 | $ curl https://sdk.cloud.google.com | bash 82 | ```` 83 | 84 | 5. Make sure to authorize permissions: 85 | 86 | ```` 87 | $ sudo chown -R ${USER} /home/${USER}/.config/gcloud 88 | ```` 89 | 90 | 7. Use the below command to verify gcloud cli with your account: 91 | 92 | ```` 93 | $ sudo gcloud auth login 94 | ```` 95 | You can now check gcloud cli working by running any of the gcloud available commands such as gcloud compute machine-types list etc. 96 | 97 | 8. Now you can run your commands to kickstart 3 vm instaces (sample1,sample2,sample3) using 98 | 99 | ```` 100 | $ terraform get 101 | $ terraform plan 102 | $ terraform apply 103 | ```` 104 | 105 | ### Ansible 106 | 107 | In order to use ansible I am using the config at dynamic inventory located at /etc/ansible/ansible.cfg and /etc/ansible/hosts.Here are the changes I made after configuration: 108 | 109 | ```` 110 | [defaults] 111 | 112 | # some basic default values... 113 | 114 | inventory = /etc/ansible/hosts 115 | library = /usr/share/my_modules/ 116 | remote_tmp = $HOME/.ansible/tmp 117 | local_tmp = $HOME/.ansible/tmp 118 | forks = 5 119 | poll_interval = 15 120 | sudo_user = root 121 | #ask_sudo_pass = True 122 | #ask_pass = True 123 | #transport = smart 124 | remote_port = 22 125 | #module_lang = C 126 | #module_set_locale = True 127 | 128 | # uncomment this to disable SSH key host checking 129 | host_key_checking = False 130 | 131 | # if True, make ansible use scp if the connection type is ssh 132 | # (default is sftp) 133 | scp_if_ssh = True 134 | 135 | [selinux] 136 | # file systems that require special treatment when dealing with security context 137 | # the default behaviour that copies the existing context or uses the user default 138 | # needs to be changed to use the file system dependent context. 139 | #special_context_filesystems=nfs,vboxsf,fuse,ramfs 140 | 141 | # Set this to yes to allow libvirt_lxc connections to work without SELinux. 142 | libvirt_lxc_noseclabel = yes 143 | ```` 144 | 145 | /etc/ansible/hosts file: 146 | 147 | ```` 148 | [local] 149 | 127.0.0.1 ansible_connection=local 150 | 151 | [ec2] 152 | XX.XX.XX.XX ansible_user=ubuntu 153 | 154 | [gce] 155 | XX.XX.XX.XX ansible_ssh_user=ubuntu 156 | XX.XX.XX.XX ansible_ssh_user=ubuntu 157 | XX.XX.XX.XX ansible_ssh_user=ubuntu 158 | 159 | [gce1] 160 | XX.XX.XX.XX ansible_ssh_user=ubuntu 161 | ```` 162 | #### Ansible Playbooks Manual Configurations 163 | 164 | [Ref](https://github.com/ansible/ansible/issues/19584) 165 | 166 | ```` 167 | ssh-agent bash 168 | ssh-add 169 | ```` 170 | 171 | Set *hosts:* parameters according to the cloud provider you want,for example: 172 | 173 | ```` 174 | hosts: aws 175 | hosts: gce 176 | hosts: azure 177 | ```` 178 | 179 | | Files | AWS | GCP | Azure | 180 | | ------------- |:---------------------------------:|:------------------------------------------:|-----------------------------------------| 181 | | consul.yml | *Nil * | *Nil* | *Nil* | 182 | | k8s.yml | *export KUBERNETES_PROVIDER=aws* | *export KUBERNETES_PROVIDER=gce* | *export KUBERNETES_PROVIDER=azure* | 183 | 184 | * [AWS](aws) 185 | 186 | You can start by setting up your aws enviornment EC2 instance using ec2-configure.yml playbook present in playbooks directory,using the below command: 187 | 188 | ```` 189 | $ ansible all -m ping --ask-pass --ask-sudo-pass 190 | ```` 191 | 192 | ```` 193 | $ sudo ansible-playbook ec2-configure.yml -vv --private-key 194 | ```` 195 | 196 | * [GCP](gcp) 197 | 198 | For running ansible via local machine: 199 | 200 | ```` 201 | $ ansible all -m ping --ask-pass --ask-sudo-pass 202 | ```` 203 | 204 | ```` 205 | sudo ansible-playbook .yml --private-key = 206 | ```` 207 | ## License 208 | 209 | MIT License 210 | --------------------------------------------------------------------------------