NEW: first commit

.gitignore

@@ -0,0 +1,4 @@
+*.tfstate  
+*.tfstate.backup
+terraform.tfvars
+.terraform

README.md

@@ -0,0 +1,3 @@
+With the new terraform, repeative tasks are modulised. Making the code much cleaner.
+
+See a list of terraform aws modules - https://registry.terraform.io/modules/terraform-aws-modules

ec2-ssm/ec2.tf

@@ -0,0 +1,14 @@
+resource "aws_instance" "web" {
+  ami           = "ami-49bbfa38"
+  instance_type = "t3.micro"
+  key_name = "kfong-aws"
+  vpc_security_group_ids = ["sg-053612d40f966eec7"]
+  subnet_id = "subnet-0a4edc273558afaab"
+  associate_public_ip_address = true
+  iam_instance_profile = "AmazonSSMRoleForInstancesQuickSetup"
+
+  tags = {
+    Name = "kf-ssm-test"
+    ssm-enabled = "yes"
+  }
+}

ec2-ssm/provider.tf

@@ -0,0 +1,10 @@
+variable "aws_access_key" {}
+variable "aws_secret_key" {}
+variable "aws_region" {}
+
+provider "aws" {
+  access_key = var.aws_access_key
+  secret_key = var.aws_secret_key
+  region     = var.aws_region
+  version = ">= 2.28.1"
+}

kubernetes/sshd/.gitignore

@@ -0,0 +1,2 @@
+*tfstate*
+provider.tf

kubernetes/sshd/nginx-deploy.tf

@@ -0,0 +1,66 @@
+resource "kubernetes_deployment" "nginx" {
+  metadata {
+    name = "scalable-nginx-example"
+    labels = {
+      App = "ScalableNginxExample"
+    }
+  }
+
+  spec {
+    replicas = 2
+    selector {
+      match_labels = {
+        App = "ScalableNginxExample"
+      }
+    }
+    template {
+      metadata {
+        labels = {
+          App = "ScalableNginxExample"
+        }
+      }
+      spec {
+        container {
+          image = "nginx:latest"
+          name  = "example"
+
+          port {
+            container_port = 60080
+          }
+
+          resources {
+            limits {
+              cpu    = "0.5"
+              memory = "512Mi"
+            }
+            requests {
+              cpu    = "250m"
+              memory = "50Mi"
+            }
+          }
+        }
+      }
+    }
+  }
+}
+
+resource "kubernetes_service" "nginx" {
+  metadata {
+    name = "nginx-example"
+  }
+  spec {
+    selector = {
+      App = kubernetes_deployment.nginx.spec.0.template.0.metadata[0].labels.App
+    }
+    port {
+      port        = 60080
+      target_port = 60080
+    }
+
+    type = "LoadBalancer"
+  }
+}
+
+output "lb_ip" {
+  value = kubernetes_service.nginx.load_balancer_ingress[0].ip
+}

kubernetes/sshd/provider.tf-example

@@ -0,0 +1,25 @@
+variable "kubernetes_client_certificate"{
+  type = string
+  default = "xxx"
+}
+
+variable "kubernetes_client_key"{
+  type = string
+  default = "xxx"
+}
+
+variable "kubernetes_cluster_ca_certificate"{
+  type = string
+  default = "xxx"
+}
+
+provider "kubernetes" {
+  load_config_file = "false"
+
+  host = "https://192.168.86.51:6443"
+
+  client_certificate     = base64decode(var.kubernetes_client_certificate)
+  client_key             = base64decode(var.kubernetes_client_key)
+  cluster_ca_certificate = base64decode(var.kubernetes_cluster_ca_certificate)
+}
+

openstack/provider.tf

@@ -0,0 +1,9 @@
+# Configure the OpenStack Provider
+provider "openstack" {
+  user_name   = "admin"
+  tenant_name = "demo"
+  password    = "your-password"
+  auth_url    = "URL-to-keystone"
+  region      = "RegionOne"
+}
+

openstack/vm.tf

@@ -0,0 +1,45 @@
+resource "openstack_compute_secgroup_v2" "test-sg1" {
+  name = "test-sg1"
+  description = "Allow all"
+  rule {
+    from_port = -1
+    to_port = -1
+    ip_protocol = "icmp"
+    cidr = "0.0.0.0/0"
+  }
+
+  rule {
+    from_port = 1
+    to_port = 65535
+    ip_protocol = "tcp"
+    cidr = "0.0.0.0/0"
+  }
+
+  rule {
+    from_port = 1
+    to_port = 65535
+    ip_protocol = "udp"
+    cidr = "0.0.0.0/0"
+  }
+}
+
+resource "openstack_compute_instance_v2" "tfvm1" {
+  name            = "tfvm1"
+  flavor_id       = "b8159937-a5f9-46fb-97eb-2d59b67cfedd"
+  key_pair        = "opc-key"
+  security_groups = ["${openstack_compute_secgroup_v2.test-sg1.name}"]
+
+  block_device {
+    uuid                  = "871c021d-baef-4010-ba8e-2a900a48f41c"
+    source_type           = "image"
+    volume_size           = 10
+    boot_index            = 0
+    destination_type      = "volume"
+    delete_on_termination = true
+  }
+
+  network {
+    name = "shared"
+  }
+}
+

vpc-subnets/README.md

@@ -0,0 +1,13 @@
+# terraform.tfvars example
+```
+aws_access_key = "..."
+aws_secret_key = "..."
+aws_region = "ap-east-1"
+default-tags = {
+    "owner" = "KF"
+    "terraform" = "initial-deployment-only"
+    "environment" = "demo"
+    "project" = "project1"
+    "application" = "network"
+}
+```

vpc-subnets/m.random/main.tf

@@ -0,0 +1,17 @@
+resource "random_string" "string" {
+  length  = 4
+  special = false
+}
+
+resource "random_integer" "number" {
+  min     = 1000
+  max     = 9999
+}
+
+output "string" {
+	value = random_string.string.result
+}
+
+output "number" {
+	value = random_integer.number.result
+}

vpc-subnets/tags.csv

@@ -0,0 +1,6 @@
+name,value
+owner,KF
+terraform,initial-deploy-only
+environment,demo
+project,project1
+application,network

vpc-subnets/var-def.tf

@@ -0,0 +1,12 @@
+variable "aws_access_key" {}
+variable "aws_secret_key" {}
+variable "aws_region" {}
+
+provider "aws" {
+  access_key = var.aws_access_key
+  secret_key = var.aws_secret_key
+  region     = var.aws_region
+  version = ">= 2.28.1"
+}
+
+variable "default-tags" {}

vpc-subnets/vpc.tf

@@ -0,0 +1,23 @@
+data "aws_availability_zones" "available" {}
+
+module "random" {
+  source = "./m.random"
+}
+
+module "vpc" {
+  source  = "terraform-aws-modules/vpc/aws"
+  version = "2.6.0"
+
+  name                 = "demo-vpc-${module.random.number}"
+  cidr                 = "172.16.0.0/16"
+  azs                  = data.aws_availability_zones.available.names
+  private_subnets 	= cidrsubnets("172.16.18.0/23", 1, 1)
+  public_subnets 	= cidrsubnets("172.16.20.0/23", 1, 1)
+  enable_nat_gateway   = false
+  single_nat_gateway   = true
+  enable_dns_hostnames = true
+
+  tags = var.default-tags
+
+}
+