Merge pull request #594 from crawford/nlb

data/aws: use nlbs instead of elbs

Gopkg.toml

@@ -59,4 +59,4 @@ ignored = ["github.com/openshift/installer/tests*"]
 
 [[constraint]]
   name = "github.com/openshift/hive"
-  revision = "ef6beb7b14eddb889a97cffc9d1a1d997da47ca7"
+  revision = "8c7844d9b61c35f53bab561f5ce4d879fef86ec6"

data/data/aws/bootstrap/main.tf

@@ -120,8 +120,16 @@ resource "aws_instance" "bootstrap" {
   volume_tags = "${var.tags}"
 }
 
-resource "aws_elb_attachment" "bootstrap" {
-  count    = "${var.elbs_length}"
-  elb      = "${var.elbs[count.index]}"
-  instance = "${aws_instance.bootstrap.id}"
+resource "aws_lb_target_group_attachment" "public" {
+  count = "${var.public_target_group_arns_length}"
+
+  target_group_arn = "${var.public_target_group_arns[count.index]}"
+  target_id        = "${aws_instance.bootstrap.private_ip}"
+}
+
+resource "aws_lb_target_group_attachment" "private" {
+  count = "${var.private_target_group_arns_length}"
+
+  target_group_arn = "${var.private_target_group_arns[count.index]}"
+  target_id        = "${aws_instance.bootstrap.private_ip}"
 }

data/data/aws/bootstrap/variables.tf

@@ -18,16 +18,6 @@ variable "cluster_name" {
   description = "The name of the cluster."
 }
 
-variable "elbs" {
-  type        = "list"
-  default     = []
-  description = "Elastic load balancer IDs to attach to the bootstrap node."
-}
-
-variable "elbs_length" {
-  description = "The length of the 'elbs' variable, to work around https://github.com/hashicorp/terraform/issues/12570."
-}
-
 variable "iam_role" {
   type        = "string"
   default     = ""
@@ -45,6 +35,26 @@ variable "instance_type" {
   description = "The EC2 instance type for the bootstrap node."
 }
 
+variable "private_target_group_arns" {
+  type        = "list"
+  default     = []
+  description = "The list of target group ARNs for the private load balancer."
+}
+
+variable "private_target_group_arns_length" {
+  description = "The length of the 'private_target_group_arns' variable, to work around https://github.com/hashicorp/terraform/issues/12570."
+}
+
+variable "public_target_group_arns" {
+  type        = "list"
+  default     = []
+  description = "The list of target group ARNs for the public load balancer."
+}
+
+variable "public_target_group_arns_length" {
+  description = "The length of the 'public_target_group_arns' variable, to work around https://github.com/hashicorp/terraform/issues/12570."
+}
+
 variable "subnet_id" {
   type        = "string"
   description = "The subnet ID for the bootstrap node."

data/data/aws/main.tf

@@ -6,7 +6,7 @@ locals {
 
 provider "aws" {
   region  = "${var.tectonic_aws_region}"
-  version = "1.8.0"
+  version = "1.39.0"
 
   assume_role {
     role_arn     = "${var.tectonic_aws_installer_role == "" ? "" : "${var.tectonic_aws_installer_role}"}"
@@ -17,16 +17,18 @@ provider "aws" {
 module "bootstrap" {
   source = "./bootstrap"
 
-  ami                         = "${var.tectonic_aws_ec2_ami_override}"
-  associate_public_ip_address = "${var.tectonic_aws_endpoints != "private"}"
-  bucket                      = "${aws_s3_bucket.bootstrap.id}"
-  cluster_name                = "${var.tectonic_cluster_name}"
-  elbs                        = "${module.vpc.aws_lbs}"
-  elbs_length                 = "${module.vpc.aws_lbs_length}"
-  iam_role                    = "${var.tectonic_aws_master_iam_role_name}"
-  ignition                    = "${var.ignition_bootstrap}"
-  subnet_id                   = "${module.vpc.master_subnet_ids[0]}"
-  vpc_security_group_ids      = ["${concat(var.tectonic_aws_master_extra_sg_ids, list(module.vpc.master_sg_id))}"]
+  ami                              = "${var.tectonic_aws_ec2_ami_override}"
+  associate_public_ip_address      = "${var.tectonic_aws_endpoints != "private"}"
+  bucket                           = "${aws_s3_bucket.bootstrap.id}"
+  cluster_name                     = "${var.tectonic_cluster_name}"
+  public_target_group_arns         = "${module.vpc.aws_lb_public_target_group_arns}"
+  public_target_group_arns_length  = "${module.vpc.aws_lb_public_target_group_arns_length}"
+  private_target_group_arns        = "${module.vpc.aws_lb_private_target_group_arns}"
+  private_target_group_arns_length = "${module.vpc.aws_lb_private_target_group_arns_length}"
+  iam_role                         = "${var.tectonic_aws_master_iam_role_name}"
+  ignition                         = "${var.ignition_bootstrap}"
+  subnet_id                        = "${module.vpc.master_subnet_ids[0]}"
+  vpc_security_group_ids           = ["${concat(var.tectonic_aws_master_extra_sg_ids, list(module.vpc.master_sg_id))}"]
 
   tags = "${merge(map(
       "Name", "${var.tectonic_cluster_name}-bootstrap",
@@ -37,25 +39,26 @@ module "bootstrap" {
 module "masters" {
   source = "./master"
 
-  elb_api_internal_id = "${module.vpc.aws_elb_api_internal_id}"
-  elb_api_external_id = "${module.vpc.aws_elb_api_external_id}"
-  elb_console_id      = "${module.vpc.aws_elb_console_id}"
-  base_domain         = "${var.tectonic_base_domain}"
-  cluster_id          = "${var.tectonic_cluster_id}"
-  cluster_name        = "${var.tectonic_cluster_name}"
-  ec2_type            = "${var.tectonic_aws_master_ec2_type}"
-  extra_tags          = "${var.tectonic_aws_extra_tags}"
-  instance_count      = "${var.tectonic_master_count}"
-  master_iam_role     = "${var.tectonic_aws_master_iam_role_name}"
-  master_sg_ids       = "${concat(var.tectonic_aws_master_extra_sg_ids, list(module.vpc.master_sg_id))}"
-  private_endpoints   = "${local.private_endpoints}"
-  public_endpoints    = "${local.public_endpoints}"
-  root_volume_iops    = "${var.tectonic_aws_master_root_volume_iops}"
-  root_volume_size    = "${var.tectonic_aws_master_root_volume_size}"
-  root_volume_type    = "${var.tectonic_aws_master_root_volume_type}"
-  subnet_ids          = "${module.vpc.master_subnet_ids}"
-  ec2_ami             = "${var.tectonic_aws_ec2_ami_override}"
-  user_data_ign       = "${var.ignition_master}"
+  public_target_group_arns         = "${module.vpc.aws_lb_public_target_group_arns}"
+  public_target_group_arns_length  = "${module.vpc.aws_lb_public_target_group_arns_length}"
+  private_target_group_arns        = "${module.vpc.aws_lb_private_target_group_arns}"
+  private_target_group_arns_length = "${module.vpc.aws_lb_private_target_group_arns_length}"
+  base_domain                      = "${var.tectonic_base_domain}"
+  cluster_id                       = "${var.tectonic_cluster_id}"
+  cluster_name                     = "${var.tectonic_cluster_name}"
+  ec2_type                         = "${var.tectonic_aws_master_ec2_type}"
+  extra_tags                       = "${var.tectonic_aws_extra_tags}"
+  instance_count                   = "${var.tectonic_master_count}"
+  master_iam_role                  = "${var.tectonic_aws_master_iam_role_name}"
+  master_sg_ids                    = "${concat(var.tectonic_aws_master_extra_sg_ids, list(module.vpc.master_sg_id))}"
+  private_endpoints                = "${local.private_endpoints}"
+  public_endpoints                 = "${local.public_endpoints}"
+  root_volume_iops                 = "${var.tectonic_aws_master_root_volume_iops}"
+  root_volume_size                 = "${var.tectonic_aws_master_root_volume_size}"
+  root_volume_type                 = "${var.tectonic_aws_master_root_volume_type}"
+  subnet_ids                       = "${module.vpc.master_subnet_ids}"
+  ec2_ami                          = "${var.tectonic_aws_ec2_ami_override}"
+  user_data_ign                    = "${var.ignition_master}"
 }
 
 module "iam" {
@@ -68,23 +71,19 @@ module "iam" {
 module "dns" {
   source = "./route53"
 
-  api_external_elb_dns_name = "${module.vpc.aws_elb_api_external_dns_name}"
-  api_external_elb_zone_id  = "${module.vpc.aws_elb_api_external_zone_id}"
-  api_internal_elb_dns_name = "${module.vpc.aws_elb_api_internal_dns_name}"
-  api_internal_elb_zone_id  = "${module.vpc.aws_elb_api_internal_zone_id}"
-  api_ip_addresses          = "${module.vpc.aws_lbs}"
-  base_domain               = "${var.tectonic_base_domain}"
-  cluster_id                = "${var.tectonic_cluster_id}"
-  cluster_name              = "${var.tectonic_cluster_name}"
-  console_elb_dns_name      = "${module.vpc.aws_console_dns_name}"
-  console_elb_zone_id       = "${module.vpc.aws_elb_console_zone_id}"
-  elb_alias_enabled         = true
-  master_count              = "${var.tectonic_master_count}"
-  private_zone_id           = "${local.private_zone_id}"
-  external_vpc_id           = "${module.vpc.vpc_id}"
-  extra_tags                = "${var.tectonic_aws_extra_tags}"
-  private_endpoints         = "${local.private_endpoints}"
-  public_endpoints          = "${local.public_endpoints}"
+  api_external_lb_dns_name = "${module.vpc.aws_lb_api_external_dns_name}"
+  api_external_lb_zone_id  = "${module.vpc.aws_lb_api_external_zone_id}"
+  api_internal_lb_dns_name = "${module.vpc.aws_lb_api_internal_dns_name}"
+  api_internal_lb_zone_id  = "${module.vpc.aws_lb_api_internal_zone_id}"
+  base_domain              = "${var.tectonic_base_domain}"
+  cluster_name             = "${var.tectonic_cluster_name}"
+  elb_alias_enabled        = true
+  master_count             = "${var.tectonic_master_count}"
+  private_zone_id          = "${local.private_zone_id}"
+  external_vpc_id          = "${module.vpc.vpc_id}"
+  extra_tags               = "${var.tectonic_aws_extra_tags}"
+  private_endpoints        = "${local.private_endpoints}"
+  public_endpoints         = "${local.public_endpoints}"
 }
 
 module "vpc" {

data/data/aws/master/main.tf

@@ -113,20 +113,16 @@ resource "aws_instance" "master" {
   ), var.extra_tags)}"
 }
 
-resource "aws_elb_attachment" "masters_internal" {
-  count    = "${var.private_endpoints ? var.instance_count : 0}"
-  elb      = "${var.elb_api_internal_id}"
-  instance = "${aws_instance.master.*.id[count.index]}"
-}
+resource "aws_lb_target_group_attachment" "public" {
+  count = "${var.public_endpoints ? var.instance_count * var.public_target_group_arns_length : 0}"
 
-resource "aws_elb_attachment" "masters_external" {
-  count    = "${var.public_endpoints ? var.instance_count : 0}"
-  elb      = "${var.elb_api_external_id}"
-  instance = "${aws_instance.master.*.id[count.index]}"
+  target_group_arn = "${var.public_target_group_arns[count.index % var.public_target_group_arns_length]}"
+  target_id        = "${aws_instance.master.*.private_ip[count.index / var.public_target_group_arns_length]}"
 }
 
-resource "aws_elb_attachment" "masters_console" {
-  count    = "${var.instance_count}"
-  elb      = "${var.elb_console_id}"
-  instance = "${aws_instance.master.*.id[count.index]}"
+resource "aws_lb_target_group_attachment" "private" {
+  count = "${var.private_endpoints ? var.instance_count * var.private_target_group_arns_length : 0}"
+
+  target_group_arn = "${var.private_target_group_arns[count.index % var.private_target_group_arns_length]}"
+  target_id        = "${aws_instance.master.*.private_ip[count.index / var.private_target_group_arns_length]}"
 }

data/data/aws/master/variables.tf

@@ -46,21 +46,29 @@ variable "private_endpoints" {
   default     = true
 }
 
+variable "private_target_group_arns" {
+  type        = "list"
+  default     = []
+  description = "The list of target group ARNs for the private load balancer."
+}
+
+variable "private_target_group_arns_length" {
+  description = "The length of the 'private_target_group_arns' variable, to work around https://github.com/hashicorp/terraform/issues/12570."
+}
+
 variable "public_endpoints" {
   description = "If set to true, public-facing ingress resources are created."
   default     = true
 }
 
-variable "elb_api_internal_id" {
-  type = "string"
-}
-
-variable "elb_api_external_id" {
-  type = "string"
+variable "public_target_group_arns" {
+  type        = "list"
+  default     = []
+  description = "The list of target group ARNs for the public load balancer."
 }
 
-variable "elb_console_id" {
-  type = "string"
+variable "public_target_group_arns_length" {
+  description = "The length of the 'public_target_group_arns' variable, to work around https://github.com/hashicorp/terraform/issues/12570."
 }
 
 variable "root_volume_iops" {