Skip to content

Instantly share code, notes, and snippets.

resource "google_compute_instance" "elastic-instance-1" {
name = "elastic-instance-1"
machine_type = var.machine_type
zone = var.region_zone_d
allow_stopping_for_update = true
tags = var.network_tags
boot_disk {
initialize_params {
image = var.gce_image
size = 200
resource "google_compute_instance" "my-elastic-kibana" {
name = "my-elastic-kibana"
machine_type = var.machine_type_medium
zone = var.region_zone_d
tags = var.kibana_tags
allow_stopping_for_update = true
boot_disk {
initialize_params {
image = var.gce_image
size = 100
project_name = "my-project"
region = "europe-west1"
region_zone_c = "europe-west1-c"
region_zone_d = "europe-west1-d"
machine_type = "n1-standard-2" // Min req for ES
machine_type_medium = "e2-medium" // for Kibana
network_tags = ["my-special-tag"]
kibana_tags = ["kibana-tag","http-server","https-server"]
ports_to_open = ["80","9200","443","9300","3000"]. // for loadbalancer
machine_access_scopes = ["cloud-platform","userinfo-email", "compute-ro", "storage-rw", "monitoring-write", "logging-write", "https://www.googleapis.com/auth/trace.append"]
resource "google_project_iam_custom_role" "elastic-backup" {
role_id = "Custom-elastic-role"
title = "Elastic role"
description = "Role for serviceaccounts used by elastic-vms"
permissions = ["iam.serviceAccountKeys.get","storage.objects.get","storage.buckets.get","storage.buckets.create","storage.objects.create","storage.objects.list","storage.objects.delete"]
}
resource "google_project_iam_member" "elastic-backup" {
role = "projects/${var.project_name}/roles/Custom-elastic-role"
member = "serviceAccount:elastic-backup@${var.project_name}.iam.gserviceaccount.com"
####### APPEND TO ELASTICSEARCH CONFIGURATION FILE ########
echo "node.name: ${node_name}" >> /etc/elasticsearch/elasticsearch.yml
echo "network.host : 0.0.0.0" >> /etc/elasticsearch/elasticsearch.yml
echo "discovery.seed_hosts:" >> /etc/elasticsearch/elasticsearch.yml
echo " - ${elastic_host_1}" >> /etc/elasticsearch/elasticsearch.yml
echo " - ${elastic_host_2}" >> /etc/elasticsearch/elasticsearch.yml
echo " - ${elastic_host_3}" >> /etc/elasticsearch/elasticsearch.yml
echo "cluster.name: elasticsearch" >> /etc/elasticsearch/elasticsearch.yml
echo "cluster.initial_master_nodes:" >> /etc/elasticsearch/elasticsearch.yml
echo " - ${master_node}" >> /etc/elasticsearch/elasticsearch.yml
################### INSTALL PREREQUISITIES #####################
sudo apt update
sudo apt -y install default-jre curl jq
wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -
sudo apt -y install apt-transport-https
echo "deb https://artifacts.elastic.co/packages/7.x/apt stable main" | sudo tee /etc/apt/sources.list.d/elastic-7.x.list
sudo apt -y install elasticsearch
#! /bin/bash
FILE=/usr/share/elasticsearch/credentials.json
if [ -f "$FILE" ]; then
echo "$FILE exist"
exit 0
fi
resource "google_compute_firewall" "allow-all-internal" {
name = "allow-all-internal"
network = google_compute_network.my-elastic-network.name
allow {
protocol = "tcp"
}
allow {
protocol = "udp"
}
allow {
resource "google_compute_instance_group" "eu-elastic-ig-zone-d" {
name = "eu-elastic-ig-zone-d"
network = google_compute_network.my-elastic-network.self_link
instances = [
google_compute_instance.my-elastic-instance-1.self_link,
google_compute_instance.my-elastic-instance-2.self_link,]
zone = var.region_zone_d
}
resource "google_compute_instance_group" "eu-elastic-ig-zone-c" {
resource "google_vpc_access_connector" "elastic-connector" {
name = "vpc-elastic-connector"
provider = "google-beta"
region = var.region
ip_cidr_range = "10.8.0.0/28"
network = "${var.project_name}-elastic-vpc"
min_throughput = "200"
max_throughput = "800"
}