From bd97437216c597bb5bca7ec5b05e4993ad2b7c3a Mon Sep 17 00:00:00 2001 From: James Green Date: Fri, 6 Oct 2023 16:19:49 +0100 Subject: [PATCH 1/2] Deploy multible nodes Updated the bastion module to allow more than 1 load testing node. --- buildspec.yml | 1 + main.tf | 13 +++++++------ modules/bastion/bastion.tf | 1 + modules/bastion/variables.tf | 5 +++++ scripts/aws_ssm_get_parameters.sh | 2 ++ variables.tf | 4 ++++ 6 files changed, 20 insertions(+), 6 deletions(-) diff --git a/buildspec.yml b/buildspec.yml index 3a669760..312f60e1 100644 --- a/buildspec.yml +++ b/buildspec.yml @@ -43,6 +43,7 @@ env: TF_VAR_byoip_pool_id: "/staff-device/dns/$ENV/public_ip_pool_id" TF_VAR_enable_corsham_test_bastion: "/staff-device/dns-dhcp/$ENV/enable_bastion" TF_VAR_enable_load_testing: "/staff-device/dns-dhcp/$ENV/enable_load_testing" + TF_VAR_number_of_load_testing_nodes: "/staff-device/dns-dhcp/$ENV/number_of_load_testing_nodes" TF_VAR_allowed_ip_ranges: "/staff-device/dns-dhcp/admin/$ENV/allowed_ip_ranges" ROLE_ARN: "/codebuild/pttp-ci-infrastructure-core-pipeline/$ENV/assume_role" TF_VAR_api_basic_auth_username: "/codebuild/dhcp/admin/api/basic_auth_username" diff --git a/main.tf b/main.tf index 773d416d..a98a37ee 100644 --- a/main.tf +++ b/main.tf @@ -270,11 +270,12 @@ module "load_testing_label" { } module "load_testing" { - source = "./modules/bastion" - prefix = module.load_testing_label.id - vpc_id = module.servers_vpc.vpc.vpc_id - vpc_cidr_block = module.servers_vpc.vpc.vpc_cidr_block - private_subnets = module.servers_vpc.vpc.private_subnets + source = "./modules/bastion" + prefix = module.load_testing_label.id + vpc_id = module.servers_vpc.vpc.vpc_id + vpc_cidr_block = module.servers_vpc.vpc.vpc_cidr_block + private_subnets = module.servers_vpc.vpc.private_subnets + number_of_bastions = var.number_of_load_testing_nodes //bastion_allowed_ingress_ip = var.bastion_allowed_ingress_ip tags = module.load_testing_label.tags @@ -283,7 +284,7 @@ module "load_testing" { } depends_on = [module.servers_vpc] - + // Set in SSM parameter store, true or false to enable or disable this module. count = var.enable_load_testing == true ? 1 : 0 } diff --git a/modules/bastion/bastion.tf b/modules/bastion/bastion.tf index f1faca46..e1365019 100644 --- a/modules/bastion/bastion.tf +++ b/modules/bastion/bastion.tf @@ -10,6 +10,7 @@ terraform { resource "aws_instance" "bastion" { ami = data.aws_ami.ubuntu.id instance_type = "t3a.small" + count = var.number_of_bastions vpc_security_group_ids = [ aws_security_group.bastion.id diff --git a/modules/bastion/variables.tf b/modules/bastion/variables.tf index b45f82ca..f8af40c4 100644 --- a/modules/bastion/variables.tf +++ b/modules/bastion/variables.tf @@ -32,3 +32,8 @@ variable "log_retention" { description = "The amount of days the logs need to be kept" default = 30 } + +variable "number_of_bastions" { + type = number + default = 1 +} diff --git a/scripts/aws_ssm_get_parameters.sh b/scripts/aws_ssm_get_parameters.sh index d0384967..a7b74013 100755 --- a/scripts/aws_ssm_get_parameters.sh +++ b/scripts/aws_ssm_get_parameters.sh @@ -7,6 +7,7 @@ export PARAM=$(aws ssm get-parameters --region eu-west-2 --with-decryption --nam "/codebuild/dhcp/$ENV/db/password" \ "/codebuild/pttp-ci-infrastructure-core-pipeline/$ENV/azure_federation_metadata_url" \ "/staff-device/dns-dhcp/$ENV/enable_load_testing" \ + "/staff-device/dns-dhcp/$ENV/number_of_load_testing_nodes" \ --query Parameters) export PARAM2=$(aws ssm get-parameters --region eu-west-2 --with-decryption --names \ @@ -56,6 +57,7 @@ params["azure_federation_metadata_url"]="$(echo $PARAM | jq '.[] | select(.Name params["dhcp_db_username"]="$(echo $PARAM | jq '.[] | select(.Name | test("db/username")) | .Value' --raw-output)" params["dhcp_db_password"]="$(echo $PARAM | jq '.[] | select(.Name | test("db/password")) | .Value' --raw-output)" params["enable_load_testing"]="$(echo $PARAM | jq '.[] | select(.Name | test("enable_load_testing")) | .Value' --raw-output)" +params["number_of_load_testing_nodes"]="$(echo $PARAM | jq '.[] | select(.Name | test("number_of_load_testing_nodes")) | .Value' --raw-output)" params["admin_db_username"]="$(echo $PARAM2 | jq '.[] | select(.Name | test("admin/db/username")) | .Value' --raw-output)" params["admin_db_password"]="$(echo $PARAM2 | jq '.[] | select(.Name | test("admin/db/password")) | .Value' --raw-output)" diff --git a/variables.tf b/variables.tf index c3befdb9..9196699e 100644 --- a/variables.tf +++ b/variables.tf @@ -191,3 +191,7 @@ variable "enable_load_testing" { type = bool default = false } + +variable "number_of_load_testing_nodes" { + type = number +} From a5d536a1fa6f206f0a255bfa67f103c536094c4c Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Fri, 6 Oct 2023 15:27:42 +0000 Subject: [PATCH 2/2] Commit changes made by code formatters --- modules/bastion/bastion.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/bastion/bastion.tf b/modules/bastion/bastion.tf index e1365019..c5ef7e4e 100644 --- a/modules/bastion/bastion.tf +++ b/modules/bastion/bastion.tf @@ -10,7 +10,7 @@ terraform { resource "aws_instance" "bastion" { ami = data.aws_ami.ubuntu.id instance_type = "t3a.small" - count = var.number_of_bastions + count = var.number_of_bastions vpc_security_group_ids = [ aws_security_group.bastion.id