Merge pull request #63 from hferentschik/issue-62

Issue #62 Using Elastic IPs for the AWS instances allowing for instan…
dwmkerr · Oct 23, 2018 · 72069ea · 72069ea
2 parents 5fbee04 + 228667b
commit 72069ea
Show file tree

Hide file tree

Showing 7 changed files with 45 additions and 40 deletions.
diff --git a/README.md b/README.md
@@ -136,7 +136,7 @@ The url will be something like `https://a.b.c.d.xip.io:8443`.
 The master node has the OpenShift client installed and is authenticated as a cluter administrator. If you SSH onto the master node via the bastion, then you can use the OpenShift client and have full access to all projects:
 
 ```
-$ make ssh-master # or if you prefer: ssh -t -A ec2-user@$(terraform output bastion-public_dns) ssh master.openshift.local
+$ make ssh-master # or if you prefer: ssh -t -A ec2-user@$(terraform output bastion-public_ip) ssh master.openshift.local
 $ oc get pods
 NAME                       READY     STATUS    RESTARTS   AGE
 docker-registry-1-d9734    1/1       Running   0          2h
@@ -180,7 +180,7 @@ Now check the address of the Docker Registry. Your Docker Registry url is just y
 https://54.85.76.73.xip.io:8443
 ```
 
-In the example above, my registry url is `https://docker-registry-default.54.85.76.73.xip.io:8443`. You can also get this url by running `oc get routes -n default` on the master node.
+In the example above, my registry url is `https://docker-registry-default.54.85.76.73.xip.io`. You can also get this url by running `oc get routes -n default` on the master node.
 
 You will need to add this registry to the list of untrusted registries. The documentation for how to do this here https://docs.docker.com/registry/insecure/. On a Mac, the easiest way to do this is open the Docker Preferences, go to 'Daemon' and add the address to the list of insecure regsitries:
 
@@ -308,7 +308,7 @@ source="/var/log/containers/counter-1-*"  | rex field=source "\/var\/log\/contai
 Ugh, stupid OpenShift docker version vs registry version issue. There's a workaround. First, ssh onto the master:
 
 ```
-$ ssh -A ec2-user@$(terraform output bastion-public_dns)
+$ ssh -A ec2-user@$(terraform output bastion-public_ip)
 
 $ ssh master.openshift.local
 ```

diff --git a/main.tf b/main.tf
@@ -21,15 +21,9 @@ module "openshift" {
 output "master-url" {
   value = "https://${module.openshift.master-public_ip}.xip.io:8443"
 }
-output "master-public_dns" {
-  value = "${module.openshift.master-public_dns}"
-}
 output "master-public_ip" {
   value = "${module.openshift.master-public_ip}"
 }
-output "bastion-public_dns" {
-  value = "${module.openshift.bastion-public_dns}"
-}
 output "bastion-public_ip" {
   value = "${module.openshift.bastion-public_ip}"
 }
diff --git a/makefile b/makefile
@@ -7,33 +7,33 @@ openshift:
 	# Add our identity for ssh, add the host key to avoid having to accept the
 	# the host key manually. Also add the identity of each node to the bastion.
 	ssh-add ~/.ssh/id_rsa
-	ssh-keyscan -t rsa -H $$(terraform output bastion-public_dns) >> ~/.ssh/known_hosts
-	ssh -A ec2-user@$$(terraform output bastion-public_dns) "ssh-keyscan -t rsa -H master.openshift.local >> ~/.ssh/known_hosts"
-	ssh -A ec2-user@$$(terraform output bastion-public_dns) "ssh-keyscan -t rsa -H node1.openshift.local >> ~/.ssh/known_hosts"
-	ssh -A ec2-user@$$(terraform output bastion-public_dns) "ssh-keyscan -t rsa -H node2.openshift.local >> ~/.ssh/known_hosts"
+	ssh-keyscan -t rsa -H $$(terraform output bastion-public_ip) >> ~/.ssh/known_hosts
+	ssh -A ec2-user@$$(terraform output bastion-public_ip) "ssh-keyscan -t rsa -H master.openshift.local >> ~/.ssh/known_hosts"
+	ssh -A ec2-user@$$(terraform output bastion-public_ip) "ssh-keyscan -t rsa -H node1.openshift.local >> ~/.ssh/known_hosts"
+	ssh -A ec2-user@$$(terraform output bastion-public_ip) "ssh-keyscan -t rsa -H node2.openshift.local >> ~/.ssh/known_hosts"
 
 	# Copy our inventory to the master and run the install script.
-	scp ./inventory.cfg ec2-user@$$(terraform output bastion-public_dns):~
-	cat install-from-bastion.sh | ssh -o StrictHostKeyChecking=no -A ec2-user@$$(terraform output bastion-public_dns)
+	scp ./inventory.cfg ec2-user@$$(terraform output bastion-public_ip):~
+	cat install-from-bastion.sh | ssh -o StrictHostKeyChecking=no -A ec2-user@$$(terraform output bastion-public_ip)
 
 	# Now the installer is done, run the postinstall steps on each host.
-	cat ./scripts/postinstall-master.sh | ssh -A ec2-user@$$(terraform output bastion-public_dns) ssh master.openshift.local
-	cat ./scripts/postinstall-node.sh | ssh -A ec2-user@$$(terraform output bastion-public_dns) ssh node1.openshift.local
-	cat ./scripts/postinstall-node.sh | ssh -A ec2-user@$$(terraform output bastion-public_dns) ssh node2.openshift.local
+	cat ./scripts/postinstall-master.sh | ssh -A ec2-user@$$(terraform output bastion-public_ip) ssh master.openshift.local
+	cat ./scripts/postinstall-node.sh | ssh -A ec2-user@$$(terraform output bastion-public_ip) ssh node1.openshift.local
+	cat ./scripts/postinstall-node.sh | ssh -A ec2-user@$$(terraform output bastion-public_ip) ssh node2.openshift.local
 
 # Open the console.
 browse-openshift:
 	open $$(terraform output master-url)
 
 # SSH onto the master.
 ssh-bastion:
-	ssh -t -A ec2-user@$$(terraform output bastion-public_dns)
+	ssh -t -A ec2-user@$$(terraform output bastion-public_ip)
 ssh-master:
-	ssh -t -A ec2-user@$$(terraform output bastion-public_dns) ssh master.openshift.local
+	ssh -t -A ec2-user@$$(terraform output bastion-public_ip) ssh master.openshift.local
 ssh-node1:
-	ssh -t -A ec2-user@$$(terraform output bastion-public_dns) ssh node1.openshift.local
+	ssh -t -A ec2-user@$$(terraform output bastion-public_ip) ssh node1.openshift.local
 ssh-node2:
-	ssh -t -A ec2-user@$$(terraform output bastion-public_dns) ssh node2.openshift.local
+	ssh -t -A ec2-user@$$(terraform output bastion-public_ip) ssh node2.openshift.local
 
 # Create sample services.
 sample:

diff --git a/modules/openshift/06-nodes.tf b/modules/openshift/06-nodes.tf
@@ -12,6 +12,12 @@ data "template_file" "setup-master" {
   }
 }
 
+// Create Elastic IP for master
+resource "aws_eip" "master_eip" {
+  instance = "${aws_instance.master.id}"
+  vpc      = true
+}
+
 //  Launch configuration for the consul cluster auto-scaling group.
 resource "aws_instance" "master" {
   ami                  = "${data.aws_ami.rhel7_2.id}"
@@ -42,7 +48,7 @@ resource "aws_instance" "master" {
   }
 
   key_name = "${aws_key_pair.keypair.key_name}"
-  
+
   //  Use our common tags and add a specific name.
   tags = "${merge(
     local.common_tags,
@@ -60,6 +66,17 @@ data "template_file" "setup-node" {
   }
 }
 
+// Create Elastic IP for the nodes
+resource "aws_eip" "node1_eip" {
+  instance = "${aws_instance.node1.id}"
+  vpc      = true
+}
+
+resource "aws_eip" "node2_eip" {
+  instance = "${aws_instance.node2.id}"
+  vpc      = true
+}
+
 //  Create the two nodes. This would be better as a Launch Configuration and
 //  autoscaling group, but I'm keeping it simple...
 resource "aws_instance" "node1" {
@@ -99,6 +116,7 @@ resource "aws_instance" "node1" {
     )
   )}"
 }
+
 resource "aws_instance" "node2" {
   ami                  = "${data.aws_ami.rhel7_2.id}"
   instance_type        = "${var.amisize}"

diff --git a/modules/openshift/08-bastion.tf b/modules/openshift/08-bastion.tf
@@ -1,4 +1,9 @@
 //  Launch configuration for the consul cluster auto-scaling group.
+resource "aws_eip" "bastion_eip" {
+  instance = "${aws_instance.bastion.id}"
+  vpc      = true
+}
+
 resource "aws_instance" "bastion" {
   ami                  = "${data.aws_ami.amazonlinux.id}"
   instance_type        = "t2.small"

diff --git a/modules/openshift/09-inventory.tf b/modules/openshift/09-inventory.tf
@@ -5,7 +5,7 @@ data "template_file" "inventory" {
   vars {
     access_key = "${aws_iam_access_key.openshift-aws-user.id}"
     secret_key = "${aws_iam_access_key.openshift-aws-user.secret}"
-    public_hostname = "${aws_instance.master.public_ip}.xip.io"
+    public_hostname = "${aws_eip.master_eip.public_ip}.xip.io"
     master_inventory = "${aws_instance.master.private_dns}"
     master_hostname = "${aws_instance.master.private_dns}"
     node1_hostname = "${aws_instance.node1.private_dns}"

diff --git a/modules/openshift/99-outputs.tf b/modules/openshift/99-outputs.tf
@@ -1,9 +1,6 @@
 //  Output some useful variables for quick SSH access etc.
-output "master-public_dns" {
-  value = "${aws_instance.master.public_dns}"
-}
 output "master-public_ip" {
-  value = "${aws_instance.master.public_ip}"
+  value = "${aws_eip.master_eip.public_ip}"
 }
 output "master-private_dns" {
   value = "${aws_instance.master.private_dns}"
@@ -12,11 +9,8 @@ output "master-private_ip" {
   value = "${aws_instance.master.private_ip}"
 }
 
-output "node1-public_dns" {
-  value = "${aws_instance.node1.public_dns}"
-}
 output "node1-public_ip" {
-  value = "${aws_instance.node1.public_ip}"
+  value = "${aws_eip.node1_eip.public_ip}"
 }
 output "node1-private_dns" {
   value = "${aws_instance.node1.private_dns}"
@@ -25,11 +19,8 @@ output "node1-private_ip" {
   value = "${aws_instance.node1.private_ip}"
 }
 
-output "node2-public_dns" {
-  value = "${aws_instance.node2.public_dns}"
-}
 output "node2-public_ip" {
-  value = "${aws_instance.node2.public_ip}"
+  value = "${aws_eip.node2_eip.public_ip}"
 }
 output "node2-private_dns" {
   value = "${aws_instance.node2.private_dns}"
@@ -38,11 +29,8 @@ output "node2-private_ip" {
   value = "${aws_instance.node2.private_ip}"
 }
 
-output "bastion-public_dns" {
-  value = "${aws_instance.bastion.public_dns}"
-}
 output "bastion-public_ip" {
-  value = "${aws_instance.bastion.public_ip}"
+  value = "${aws_eip.bastion_eip.public_ip}"
 }
 output "bastion-private_dns" {
   value = "${aws_instance.bastion.private_dns}"