exercise_a
Afrin4ik
terraform
3 months ago
5.2 kB
6
Indexable
terraform {
required_version = ">= 1.4.0"
required_providers {
yandex = {
source = "yandex-cloud/yandex"
version = ">= 0.110.0"
}
}
}
provider "yandex" {
token = var.yc_token
cloud_id = var.yc_cloud_id
folder_id = var.yc_folder_id
zone = var.zone
}
variable "yc_token" {
description = "Yandex Cloud OAuth token"
type = string
sensitive = true
}
variable "yc_cloud_id" {
description = "Yandex Cloud ID"
type = string
}
variable "yc_folder_id" {
description = "Yandex Cloud Folder ID"
type = string
}
variable "zone" {
description = "Default availability zone"
type = string
default = "ru-central1-a"
}
variable "ssh_public_key" {
description = "Public SSH key content"
type = string
}
locals {
static_vm_count = 3
startup_script = <<-EOT
#!/bin/bash
set -e
apt-get update -y
apt-get install -y nginx
echo "Hello from $(hostname)" > /var/www/html/index.html
systemctl enable nginx
systemctl restart nginx
EOT
}
data "yandex_compute_image" "ubuntu" {
family = "ubuntu-2204-lts"
}
resource "yandex_vpc_network" "main" {
name = "hw3-network"
}
resource "yandex_vpc_subnet" "main" {
name = "hw3-subnet"
zone = var.zone
network_id = yandex_vpc_network.main.id
v4_cidr_blocks = ["10.10.0.0/24"]
}
resource "yandex_compute_instance" "static" {
count = local.static_vm_count
name = "static-vm-${count.index + 1}"
resources {
cores = 2
memory = 2
}
boot_disk {
initialize_params {
image_id = data.yandex_compute_image.ubuntu.id
size = 10
}
}
network_interface {
subnet_id = yandex_vpc_subnet.main.id
nat = true
}
metadata = {
ssh-keys = "ubuntu:${var.ssh_public_key}"
user-data = local.startup_script
serial-port-enable = "1"
}
}
resource "yandex_lb_target_group" "static" {
name = "static-target-group"
dynamic "target" {
for_each = yandex_compute_instance.static
content {
subnet_id = yandex_vpc_subnet.main.id
address = target.value.network_interface[0].ip_address
}
}
}
resource "yandex_iam_service_account" "ig_sa" {
name = "hw3-ig-service-account"
}
resource "yandex_resourcemanager_folder_iam_member" "ig_editor" {
folder_id = var.yc_folder_id
role = "editor"
member = "serviceAccount:${yandex_iam_service_account.ig_sa.id}"
}
resource "yandex_compute_instance_group" "burst" {
name = "burst-preemptible-group"
folder_id = var.yc_folder_id
service_account_id = yandex_iam_service_account.ig_sa.id
depends_on = [yandex_resourcemanager_folder_iam_member.ig_editor]
instance_template {
platform_id = "standard-v3"
resources {
cores = 2
memory = 2
}
boot_disk {
initialize_params {
image_id = data.yandex_compute_image.ubuntu.id
size = 10
}
}
network_interface {
network_id = yandex_vpc_network.main.id
subnet_ids = [yandex_vpc_subnet.main.id]
nat = true
}
metadata = {
ssh-keys = "ubuntu:${var.ssh_public_key}"
user-data = local.startup_script
serial-port-enable = "1"
}
scheduling_policy {
preemptible = true
}
}
scale_policy {
auto_scale {
initial_size = 0
min_zone_size = 0
max_size = 6
cpu_utilization_target = 60
measurement_duration = 60
warmup_duration = 120
stabilization_duration = 120
}
}
allocation_policy {
zones = [var.zone]
}
deploy_policy {
max_unavailable = 1
max_creating = 3
max_expansion = 3
}
health_check {
interval = 15
timeout = 5
http_options {
port = 80
path = "/"
}
}
load_balancer {
target_group_name = "burst-target-group"
}
}
resource "yandex_lb_network_load_balancer" "main" {
name = "hw3-load-balancer"
listener {
name = "http-listener"
port = 80
target_port = 80
external_address_spec {
ip_version = "ipv4"
}
}
attached_target_group {
target_group_id = yandex_lb_target_group.static.id
healthcheck {
name = "static-http-check"
http_options {
port = 80
path = "/"
}
}
}
attached_target_group {
target_group_id = yandex_compute_instance_group.burst.load_balancer[0].target_group_id
healthcheck {
name = "burst-http-check"
http_options {
port = 80
path = "/"
}
}
}
}
output "load_balancer_ip" {
description = "Public IP of the load balancer"
value = yandex_lb_network_load_balancer.main.listener[0].external_address_spec[0].address
}Editor is loading...
Leave a Comment