Merge pull request #8986 from psevestre/master

[BAEL-3793][BAEL-3935] Code snippets

terraform/best-practices/README.md

@@ -0,0 +1,10 @@
+# Terraform Sample Code
+
+This folder contains Terraform project samples that illustrates topics covered in the
+"Best practices when using Terraform" article. Setup instructions are available in each sample's folder.
+
+List of available samples:
+
+  * k8s-basic: "Hello world" project that just connects to a Kubernetes cluster and create a new namespace.
+  * ec2-basic: "Hello world" project that creates a single EC2 instance
+  * k8s-modules: A more elaborate sample that creates a simple set of services in a Kubernetes cluster

terraform/best-practices/ec2-simple/.gitignore

@@ -0,0 +1,4 @@
+*.tfvars
+*.tfstate
+*.tfstate.backup
+.terraform

terraform/best-practices/ec2-simple/SETUP.md

@@ -0,0 +1,23 @@
+# EC2 Basic Sample
+
+This Terraform sample project creates a single EC2 instance in the configured region.
+
+IMPORTANT NOTICE: In order to run this sample you must have an active AWS Account. As you probably know, creating resources on AWS
+may result in additional charges in your bill. We recommend creating a test account to run this test as you can then use AWS's free tier
+to play around. When finished, ALWAYS REMEMBER TO DESTROY YOUR RESOURCES !!!
+
+# Setup instructions
+
+1. Make sure you have a working AWS environment. Use a simple command such as _aws ec2 describe-instances_ and check its output.
+   If you get a list of existing EC2 instances, you're good to go. Otherwise, please refer to AWS documentation in order to setup your CLI.
+2. Download the Terraform package for your environment from Hashicorp's site. Unzip it and put the _terraform_ binary somewhere
+   in the OS's PATH.
+3. Open a command prompt and _cd_ into this folder
+4. Run the following commands:
+'''
+  $ terraform init
+  $ terraform apply -auto-approve
+'''
+5. Wait until Terraform create all resources and run _aws ec2 describe-instances_. The output should list the newly creates EC2 instance
+6. Run _terraform destroy_ to remove the previously creates namespace.
+

terraform/best-practices/ec2-simple/main.tf

@@ -0,0 +1,33 @@
+#
+# Resource definitions
+#
+
+data "aws_ami" "apache" {
+  filter {
+    name   = "name"
+    values = [var.ami_name]
+  }
+
+  filter {
+    name   = "virtualization-type"
+    values = ["hvm"]
+  }
+
+  owners = [var.ami_owner]
+
+  most_recent = true
+}
+
+resource "aws_instance" "web" {
+  ami = data.aws_ami.apache.id
+  instance_type = "t2.micro"
+  subnet_id = aws_subnet.frontend.id
+}
+resource "aws_subnet" "frontend" {
+  vpc_id = aws_vpc.apps.id
+  cidr_block = "10.0.1.0/24"
+}
+
+resource "aws_vpc" "apps" {
+  cidr_block = "10.0.0.0/16"
+}

terraform/best-practices/ec2-simple/providers.tf

@@ -0,0 +1,6 @@
+#
+# Providers definitions
+#
+provider "aws" {
+  version = "~> 2.53"
+}

terraform/best-practices/ec2-simple/variables.tf

@@ -0,0 +1,15 @@
+#
+# Variables
+#
+
+variable "ami_name" {
+    type = string
+    description = "AMI name to use for our EC2 instance. Defaults to Ubuntu 18.04 (Bionic)"
+    default = "ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-*"
+}
+
+variable "ami_owner" {
+    type = string
+    description = "AMI Owner ID to use for our EC2 instance. Defaults to 099720109477 (Canonical)"
+    default = "099720109477"
+}

terraform/best-practices/k8s-basic/.gitignore

@@ -0,0 +1,4 @@
+*.tfvars
+*.tfstate
+*.tfstate.backup
+.terraform

terraform/best-practices/k8s-basic/SETUP.md

@@ -0,0 +1,14 @@
+# Setup instructions
+
+1. Make sure you have a working Kubernetes environment. Use a simple command such as _kubectl get nodes_ and check its output.
+   If you get a list of nodes that contains at least one _ready_ module, you're good to go
+2. Download the Terraform package for your environment from Hashicorp's site. Unzip it and put the _terraform_ binary somewhere
+   in the OS's PATH.
+3. Open a command prompt and _cd_ into this folder
+4. Run the following commands:
+'''
+  $ terraform init
+  $ terraform apply -auto-approve
+'''
+5. Wait until Terraform create all resources and run _kubectl get namespaces_. The output should now have a new "hello-terraform" namespace.
+6. Run _terraform destroy_ to remove the previously creates namespace.

terraform/best-practices/k8s-basic/main.tf

@@ -0,0 +1,12 @@
+#
+# Resource definitions
+#
+
+resource "kubernetes_namespace" "hello" {
+    metadata {
+        labels = {
+            terraform = "true"
+        }        
+        name = var.namespace_name
+    }
+}

terraform/best-practices/k8s-basic/providers.tf

@@ -0,0 +1,6 @@
+#
+# Providers definitions
+#
+provider "kubernetes" {
+    version = "~> 1.11"
+}

terraform/best-practices/k8s-basic/variables.tf

@@ -0,0 +1,9 @@
+#
+# Variables
+#
+
+variable "namespace_name" {
+    type = string
+    description = "Name to use for the created namespace"
+    default = "hello-terraform"
+}

terraform/best-practices/k8s-modules/.gitignore

@@ -0,0 +1,4 @@
+*.tfvars
+*.tfstate
+*.tfstate.backup
+.terraform

terraform/best-practices/k8s-modules/SETUP.md

@@ -0,0 +1,20 @@
+# Kubernetes multimodule sample
+
+This sample deploys two services behind a Kubernetes ingress.
+
+# Setup instructions
+
+1. Make sure you have a working Kubernetes environment. Use a simple command such as _kubectl get nodes_ and check its output.
+   If you get a list of nodes that contains at least one _ready_ module, you're good to go
+2. Download the Terraform package for your environment from Hashicorp's site. Unzip it and put the _terraform_ binary somewhere
+   in the OS's PATH.
+3. Open a command prompt and _cd_ into this folder
+4. Run the following commands:
+'''
+  $ terraform init
+  $ terraform apply -auto-approve
+'''
+5. Wait until Terraform create all resources and run _kubectl get services_. The output should now have a few services.
+6. Run _terraform destroy_ to remove the previously creates namespace.
+
+

terraform/best-practices/k8s-modules/main.tf

@@ -0,0 +1,27 @@
+/*
+ * Top-level definitions
+ */
+ 
+//================================================================== Ingress
+
+module "ingress_www_petshop_com_br" {
+ 	source = "./modules/ingress/www.petshop.com.br"
+  ingress_host = "www.petshop.com.br"
+} 
+ 
+//================================================================== Deployments
+
+module "SvcCustomer" {
+  source = "./modules/SvcCustomer"
+} 
+
+module "SvcFeedback" {
+  source = "./modules/SvcFeedback"
+} 
+
+
+
+
+
+
+

terraform/best-practices/k8s-modules/modules/SvcCustomer/main.tf

@@ -0,0 +1,68 @@
+/*
+ * SvcCustomer deployment resources
+ */
+
+resource "kubernetes_deployment" "SvcCustomer" {
+
+  metadata {
+    name = "svccustomer"
+    labels = {
+      app = "SvcCustomer"
+    }
+  }
+
+  spec {
+    replicas = 1
+
+    selector {
+      match_labels = {
+        app = "SvcCustomer"
+      }
+    }
+
+    template {
+      metadata {
+        labels = {
+	      app = "SvcCustomer"
+        }
+      }
+
+      spec {
+        image_pull_secrets {
+          name = "docker-config"
+        }
+        
+      
+        container {
+          image = "inanimate/echo-server"
+          name  = "svccustomer-httpd"
+          env {
+            name = "PORT"
+            value = "80"
+          }
+        }
+      }
+    }
+  }
+}
+
+resource "kubernetes_service" "SvcCustomer" {
+	metadata {
+	  name = "svccustomer"
+	}
+	
+	spec {
+	
+	  selector = {
+		app = "SvcCustomer"
+	  }
+	  
+	  session_affinity = "ClientIP"
+	  port {
+		port = 80
+	  }
+  
+	  //type = "LoadBalancer"
+	}
+  }
+  

terraform/best-practices/k8s-modules/modules/SvcCustomer/outputs.tf

@@ -0,0 +1,3 @@
+/*
+ * SvcCustomer output values
+ */

terraform/best-practices/k8s-modules/modules/SvcCustomer/variables.tf

@@ -0,0 +1,5 @@
+/*
+ * SvcCustomer deployment variables
+ */
+
+ 

terraform/best-practices/k8s-modules/modules/SvcFeedback/main.tf

@@ -0,0 +1,69 @@
+/*
+ * SvcFeedback deployment resources
+ */
+
+resource "kubernetes_deployment" "SvcFeedback" {
+
+  metadata {
+    name = "svcfeedback"
+    labels = {
+      app = "SvcFeedback"
+    }
+  }
+
+  spec {
+    replicas = 1
+
+    selector {
+      match_labels = {
+        app = "SvcFeedback"
+      }
+    }
+
+    template {
+      metadata {
+        labels = {
+	      app = "SvcFeedback"
+        }
+      }
+
+      spec {
+        image_pull_secrets {
+          name = "docker-config"
+        }
+        
+      
+        container {
+          image = "inanimate/echo-server"
+          name  = "svcfeedback-httpd"
+          env {
+            name = "PORT"
+            value = "80"
+          }
+        }
+
+      }
+    }
+  }
+}
+
+resource "kubernetes_service" "SvcFeedback" {
+	metadata {
+	  name = "svcfeedback"
+	}
+	
+	spec {
+	
+	  selector = {
+		app = "SvcFeedback"
+	  }
+	  
+	  session_affinity = "ClientIP"
+	  port {
+		port = 80
+	  }
+  
+	  //type = "LoadBalancer"
+	}
+  }
+  

terraform/best-practices/k8s-modules/modules/SvcFeedback/outputs.tf

@@ -0,0 +1,3 @@
+/*
+ * SvcFeedback output values
+ */

terraform/best-practices/k8s-modules/modules/SvcFeedback/variables.tf

@@ -0,0 +1,5 @@
+/*
+ * SvcFeedback deployment variables
+ */
+
+ 

terraform/best-practices/k8s-modules/modules/ingress/www.petshop.com.br/main.tf

@@ -0,0 +1,41 @@
+/*
+ * Kubernetes Ingress module
+ */
+locals {
+    iname = var.ingress_name == "" ? join("-",["ingress",sha1(uuid())]) : var.ingress_name
+}
+
+resource "kubernetes_ingress" "ingress" {
+    metadata {
+        name = local.iname
+        annotations = map(
+            "nginx.ingress.kubernetes.io/rewrite-target","/"
+        )
+    }
+    spec {
+        rule {
+            http {
+                path {
+                    backend {
+                        service_name = "svccustomer"
+                        service_port = 80
+                    }
+                    path = "/customers"
+                }
+                path {
+                    backend {
+                        service_name = "svcfeedback"
+                        service_port = 80
+                    }
+                    path = "/feedback"
+                }
+            }
+        }
+/*
+    tls {
+      secret_name = "tls-secret"
+    }
+*/
+  }
+}
+

terraform/best-practices/k8s-modules/modules/ingress/www.petshop.com.br/outputs.tf

@@ -0,0 +1,5 @@
+/*
+ * Output variables
+ */
+
+

terraform/best-practices/k8s-modules/modules/ingress/www.petshop.com.br/variables.tf

@@ -0,0 +1,20 @@
+/*
+ * Kubernetes Ingress module
+ */
+
+
+variable "ingress_name" {
+    type = string
+    description = "Ingress name. Defaults to a random name."
+    default = ""
+}
+
+variable "ingress_host" {
+    type = string
+    description = "Ingress hostname"
+    default = "www.petshop.com.br"
+}
+
+
+	
+

terraform/best-practices/k8s-modules/provider.tf

@@ -0,0 +1,13 @@
+#
+# Provider configurations
+# This file will *NOT* be overwriten upon regeneration, so it's safe
+# to add your own customizations
+#
+
+provider "kubernetes" {
+	version = "~> 1.10"
+}
+
+provider "random" {
+	version = "~> 2.2"
+}

terraform/hello-terraform/.gitignore

@@ -0,0 +1,6 @@
+*.tfvars
+*.tfstate
+*.tfstate.backup
+.terraform
+hello.txt
+

terraform/hello-terraform/main.tf

@@ -0,0 +1,7 @@
+provider "local" {
+  version = "~> 1.4"
+}
+resource "local_file" "hello" {
+  content = "Hello, Terraform"
+  filename = "hello.txt"
+}