Merge pull request #1 from ManagedKube/vpc-environments

Adding default environments

.gitignore

@@ -0,0 +1,22 @@
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+
+# Ignore any .tfvars files that are generated automatically for each Terraform run. Most
+# .tfvars files are managed as part of configuration and so should be included in
+# version control.
+#
+# example.tfvars
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json

docs/cidr-ranges.md

@@ -9,13 +9,14 @@ http://www.subnet-calculator.com/cidr.php
 
 # Global
 
-| Name | CIDR |
-|------|------------|
+| Name                              | CIDR          |
+|-----------------------------------|---------------|
 | docker0                           | 172.26.0.0/16 |
+| Kubernetes - dev-example          | 10.9.0.0/16   |
 | Kubernetes - dev                  | 10.10.0.0/16  |
 | Kubernetes - qa                   | 10.11.0.0/16  |
 | Kubernetes - staging              | 10.12.0.0/16  |
-| Kubernetes - production           | 10.13.0.0/16  |
+| Kubernetes - prod                 | 10.13.0.0/16  |
 | Kubernetes - xxx                  | 10.14.0.0/16  |
 | Kubernetes - xxx                  | 10.15.0.0/16  |
 | Kubernetes - xxx                  | 10.16.0.0/16  |
@@ -27,13 +28,13 @@ application.  The following defines these ranges in a generic sense that can
 be applied to any of the above CIDRs.
 
 ## Kops
-| Name | CIDR | Address Range |
-|------|------------|------------|
+| Name             | CIDR         | Address Range |
+|------------------|--------------|---------------|
 | xxx              | 10.xx.0.0/16 | xxxxx - xxxxx |
 
 ## Services Subnets
-| Name | CIDR | Address Range |
-|------|------------|------------|
+| Name                                  | CIDR             | Address Range               |
+|---------------------------------------|------------------|-----------------------------|
 | RDS  - subnet 1                       | 10.xx.100.0/28   | 10.xx.100.0  - 10.xx.100.15 |
 | RDS  - subnet 2                       | 10.xx.100.16/28  | 10.xx.100.16 - 10.xx.100.31 |
 | Redshift subnet 1                     | 10.xx.100.32/28  | 10.xx.100.32 - 10.xx.100.47 |

ops/vpc.sh

@@ -0,0 +1,171 @@
+#!/bin/bash -e
+
+# create_vpc - A script to create a VPC
+
+##########################################
+##### Constants
+##########################################
+
+TIME_NOW=$(date +"%x %r %Z")
+
+TERRAFORM_VERSION="v0.11."
+TERRAGRUNT_VERSION="v0.18."
+
+##########################################
+##### Functions
+##########################################
+
+usage()
+{
+    echo "usage: create_vpc [[[-n vpc_name ] ] | [-h]]"
+}
+
+check_terraform_version()
+{
+  command=$(terraform --version)
+
+  if [[ "${command}" == *"${TERRAFORM_VERSION}"* ]]; then
+    echo "[INFO] Terraform version: ${command}"
+  else
+    echo "[ERROR] Terraform version expected: ${TERRAFORM_VERSION}"
+    echo "Got: ${command}"
+    exit 1
+  fi
+}
+
+check_terragrunt_version()
+{
+  command=$(terragrunt --version)
+
+  if [[ "${command}" == *"${TERRAGRUNT_VERSION}"* ]]; then
+    echo "[INFO] Terragrunt version: ${command}"
+  else
+    echo "[ERROR] Terragrunt version expected: ${TERRAGRUNT_VERSION}"
+    echo "Got: ${command}"
+    exit 1
+  fi
+}
+
+create()
+{
+  # Checks
+  if [ ! -f ../tf-environments/$vpc_name/_env_defaults/main.tf ]; then
+    echo "File does not exist: ../tf-environments/$vpc_name/_env_defaults/main.tf"
+    exit 1
+  fi
+
+  if [ ! -f ../tf-environments/$vpc_name/${cloud}/vpc/main.tf ]; then
+    echo "File does not exist: ../tf-environments/$vpc_name/${cloud}/vpc/main.tf"
+    exit 1
+  fi
+
+  echo "[INFO] Adding new VPC named: $vpc_name"
+
+  cd ../tf-environments/$vpc_name/${cloud}/vpc
+
+  terragrunt init
+  terragrunt plan
+
+  if [ "${dry_run}" == "false" ]; then
+    echo "[INFO] Applying..."
+    terragrunt apply -input=false -auto-approve
+  fi
+
+  echo "[INFO] Finished"
+
+}
+
+read()
+{
+  echo "[INFO] Reading vpc named: ${vpc_name}"
+}
+
+update()
+{
+  echo "[INFO] Updating vpc named: ${vpc_name}"
+}
+
+delete()
+{
+  echo "[INFO] Deleting vpc named: ${vpc_name}"
+
+  cd ../tf-environments/$vpc_name/${cloud}/vpc
+
+  if [ "${dry_run}" == "false" ]; then
+    echo "[INFO] Not a dry run"
+
+    terragrunt destroy -input=false -auto-approve
+
+  else
+    echo "[INFO] Dry run"
+    terragrunt destroy
+  fi
+}
+
+
+
+
+##########################################
+##### Main
+##########################################
+
+cloud="aws"
+
+vpc_name="none"
+dry_run="true"
+
+create="false"
+read="false"
+update="false"
+delete="false"
+
+while [ "$1" != "" ]; do
+    case $1 in
+        -n | --name )           shift
+                                vpc_name=$1
+                                ;;
+        -d | --dry-run )        shift
+                                dry_run=$1
+                                ;;
+        -c | --create )        shift
+                                create=true
+                                ;;
+        -r | --read )        shift
+                                read=true
+                                ;;
+        -u | --update )        shift
+                                update=true
+                                ;;
+        -x | --delete )        shift
+                                delete=true
+                                ;;
+        -h | --help )           usage
+                                exit
+                                ;;
+        * )                     usage
+                                exit 1
+    esac
+    shift
+done
+
+echo "[INFO] dry_run = ${dry_run}"
+echo "[INFO] vpc_name = $vpc_name"
+
+check_terraform_version
+check_terragrunt_version
+
+if [ "${create}" == "true" ]; then
+  create $vpc_name
+fi
+
+if [ "${read}" == "true" ]; then
+  read $vpc_name
+fi
+
+if [ "${update}" == "true" ]; then
+  update $vpc_name
+fi
+
+if [ "${delete}" == "true" ]; then
+  delete $vpc_name
+fi

tf-environments/dev-example/_env_defaults/main.tf

@@ -7,7 +7,7 @@ output aws_region {
 }
 
 output vpc_cidr {
-  value = "10.10.0.0/16"
+  value = "10.9.0.0/16"
 }
 
 output vpc_id {

tf-environments/dev/_env_defaults/main.tf

@@ -0,0 +1,27 @@
+output environment_name {
+  value = "dev"
+}
+
+output aws_region {
+  value = "us-east-1"
+}
+
+output vpc_cidr {
+  value = "10.10.0.0/16"
+}
+
+output vpc_id {
+  value = "vpc-fill-me-in-after-your-vpc-has-been-created"
+}
+
+output aws_availability_zone_1 {
+  value = "a"
+}
+
+output aws_availability_zone_2 {
+  value = "b"
+}
+
+output aws_availability_zone_3 {
+  value = "c"
+}

tf-environments/dev/aws/vpc/main.tf

@@ -0,0 +1,50 @@
+terraform {
+  backend "s3" {}
+}
+
+# Common modules
+module "env_defaults" {
+  source = "../../_env_defaults"
+}
+
+# Inputs
+variable "public_cidrs" {
+  description = "CIDR block for public subnets (should be the same amount as AZs)"
+  type        = "list"
+  default     = ["10.10.6.0/24", "10.10.7.0/24", "10.10.8.0/24"]
+}
+
+variable "private_cidrs" {
+  description = "CIDR block for private subnets (should be the same amount as AZs)"
+  type        = "list"
+  default     = ["10.10.1.0/24", "10.10.2.0/24", "10.10.3.0/24"]
+}
+
+# Main
+module "main" {
+  source                        = "../../../../tf-modules/aws/vpc/"
+
+  region                        = "${module.env_defaults.aws_region}"
+  vpc_cidr                      = "${module.env_defaults.vpc_cidr}"
+
+  availability_zones            = ["${module.env_defaults.aws_region}${module.env_defaults.aws_availability_zone_1}", "${module.env_defaults.aws_region}${module.env_defaults.aws_availability_zone_2}", "${module.env_defaults.aws_region}${module.env_defaults.aws_availability_zone_3}"]
+
+  public_cidrs                  = "${var.public_cidrs}"
+
+  private_cidrs                 = "${var.private_cidrs}"
+
+  tags = {
+    Name            = "${module.env_defaults.environment_name}",
+    Environment     = "${module.env_defaults.environment_name}",
+    Account         = "${module.env_defaults.environment_name}",
+    Group           = "devops",
+    Region          = "${module.env_defaults.aws_region}"
+    managed_by      = "Terraform"
+  }
+}
+
+
+# Outputs
+output "aws_vpc_id" {
+  value = "${module.main.aws_vpc_id}"
+}

tf-environments/dev/aws/vpc/terraform.tfvars

@@ -0,0 +1,5 @@
+terragrunt = {
+  include {
+    path = "${find_in_parent_folders()}"
+  }
+}

tf-environments/dev/terraform.tfvars

@@ -0,0 +1,12 @@
+terragrunt = {
+  remote_state {
+    backend = "s3"
+    config {
+      bucket     = "kubernetes-ops-123-terraform-state"
+      key        = "dev/${path_relative_to_include()}/terraform.tfstate"
+      region     = "us-east-1"
+      encrypt    = true
+      # dynamodb_table = "terraform-locks"
+    }
+  }
+}

tf-environments/prod/_env_defaults/main.tf

@@ -0,0 +1,27 @@
+output environment_name {
+  value = "prod"
+}
+
+output aws_region {
+  value = "us-east-1"
+}
+
+output vpc_cidr {
+  value = "10.13.0.0/16"
+}
+
+output vpc_id {
+  value = "vpc-fill-me-in-after-your-vpc-has-been-created"
+}
+
+output aws_availability_zone_1 {
+  value = "a"
+}
+
+output aws_availability_zone_2 {
+  value = "b"
+}
+
+output aws_availability_zone_3 {
+  value = "c"
+}