consul cluster module

resource "aws_security_group" "consul_server" {
    name = "consul-server-security-group"
    description = "Consul internal traffic + maintenance."

    ingress {
        from_port = 8300
        to_port = 8300
        protocol = "tcp"
        cidr_blocks = ["${var.ingress_cidr_blocks}"]
    }

    ingress {
        from_port = 8301
        to_port = 8301
        protocol = "tcp"
        cidr_blocks = ["${var.ingress_cidr_blocks}"]
    }

    ingress {
        from_port = 8301
        to_port = 8301
        protocol = "udp"
        cidr_blocks = ["${var.ingress_cidr_blocks}"]
    }

    ingress {
        from_port = 8302
        to_port = 8302
        protocol = "tcp"
        cidr_blocks = ["${var.ingress_cidr_blocks}"]
    }

    ingress {
        from_port = 8302
        to_port = 8302
        protocol = "udp"
        cidr_blocks = ["${var.ingress_cidr_blocks}"]
    }

    ingress {
        from_port = 8400
        to_port = 8400
        protocol = "tcp"
        cidr_blocks = ["${var.ingress_cidr_blocks}"]
    }

    ingress {
        from_port = 8500
        to_port = 8500
        protocol = "tcp"
        cidr_blocks = ["${var.ingress_cidr_blocks}"]
    }

    ingress {
        from_port = 8600
        to_port = 8600
        protocol = "tcp"
        cidr_blocks = ["${var.ingress_cidr_blocks}"]
    }

    ingress {
        from_port = 8600
        to_port = 8600
        protocol = "udp"
        cidr_blocks = ["${var.ingress_cidr_blocks}"]
    }

    ingress {
        from_port = 0
        to_port = 0
        protocol = "-1"
        self = true
    }

    egress {
        from_port = 0
        to_port = 0
        protocol = "-1"
        cidr_blocks = ["0.0.0.0/0"]
    }
}

resource "template_file" "user_data" {
    template = "${file("${path.module}/user_data.sh")}"
    vars {
        cluster_count = "${var.no_of_nodes_in_cluster}"
        consul_server_1 = "${var.consul_domain_name_one}"
        consul_server_2 = "${var.consul_domain_name_two}"
        consul_server_3 = "${var.consul_domain_name_three}"
    }
}

resource "aws_instance" "consul_server" {
    ami = "${var.ami}"
    count = "${var.no_of_nodes_in_cluster}"
    instance_type = "${var.instance_type}"
    key_name = "${var.key_name}"
    security_groups = ["${aws_security_group.consul_server.name}", "${var.allow_bastion_security_group}"]
    subnet_id = "${element(split(",", var.private_subnets), count.index)}"
    user_data = "${template_file.user_data.rendered}"
    tags { Name = "consul-server-${count.index}" }
}

resource "aws_route53_record" "consul_server_instances" {
  count = "${var.no_of_nodes_in_cluster}"
  zone_id = "${var.private_hosted_zone_id}"
  name = "consul-${count.index}.${var.private_hosted_domain_name}"
  type = "A"
  ttl = "300"
  records = ["${aws_instance.consul_server.${count.index}.private_ip}"]
}

resource "aws_route53_record" "consul_server" {
  count = "${var.no_of_nodes_in_cluster}"
  zone_id = "${var.private_hosted_zone_id}"
  name = "consul.${var.private_hosted_domain_name}"
  type = "A"
  ttl = "300"
  records = ["${aws_instance.consul_server.*.private_ip}"]
}

user data

#!/bin/bash

# Set necessary constants
bootstrap_expect=${cluster_count}

# Obtain the ip address for this host.
host_ip=$(ifconfig eth0 | grep "inet addr" | awk '{split($2,a,":"); print a[2]}')

# Pull the consul image from Docker Hub (https://hub.docker.com/_/consul/)
sudo docker pull consul

# Create a consul server container
sudo docker run -d --name consul \
-p $host_ip:8300:8300 \
-p $host_ip:8301:8301 \
-p $host_ip:8301:8301/udp \
-p $host_ip:8302:8302 \
-p $host_ip:8302:8302/udp \
-p $host_ip:8400:8400 \
-p $host_ip:80:8500 \
-e 'CONSUL_LOCAL_CONFIG={"skip_leave_on_interrupt": true}' \
consul agent \
-server \
-ui \
-client=0.0.0.0 \
-bootstrap-expect $bootstrap_expect \
-advertise $host_ip \
-retry-join ${consul_server_1} \
-retry-join ${consul_server_2} \
-retry-join ${consul_server_3} \