I have instances created in a private subnet using terraform. Each instance in its own AZ. The instances were created using for each. I am now attaching ebs volumes to each of the instances and am running into an error specifying the instances created with for each. Below is the code and variables for the resources and the error.
resource "aws_instance" "private" {
for_each = var.priv_subnet
ami = var.ec2_amis[var.region]
instance_type = each.value.instance_type
key_name = aws_key_pair.main.key_name
subnet_id = aws_subnet.private[each.key].id
vpc_security_group_ids = [
aws_security_group.main_sg.id,
aws_security_group.instance_sg.id
]
tags = {
Name = each.value.tag
}
}
resource "aws_ebs_volume" "partition" {
for_each = var.volumes
availability_zone = each.value.availability_zone
size = each.value.size
tags = {
Name = each.key
}
}
resource "aws_volume_attachment" "ebs_att" {
for_each = aws_ebs_volume.partition
device_name = contains(["Primary", "Worker1", "Worker2"], each.key) ? "/dev/sdf" : "/dev/sdg"
volume_id = each.value.id
instance_id = aws_instance.private.id
}
Variables
variable "volumes" {
type = map(object({
size = string
availability_zone = string
}))
default = {
"Primary" = {
size = "200"
availability_zone = "us-west-2a"
}
"PrimarySecondary" = {
size = "100"
availability_zone = "us-west-2a"
}
"Worker1" = {
size = "200"
availability_zone = "us-west-2b"
}
"Worker1Secondary" = {
size = "100"
availability_zone = "us-west-2b"
}
"Worker2" = {
size = "200"
availability_zone = "us-west-2c"
}
"Worker2Secondary" = {
size = "100"
availability_zone = "us-west-2c"
}
}
}
variable "priv_subnet" {
type = map(object({
instance_type = string
subnet = string
tag = string
}))
default = {
"us-west-2a" = {
instance_type = "m4.2xlarge"
subnet = 4
tag = "Primary"
}
"us-west-2b" = {
instance_type = "m4.4xlarge"
subnet = 5
tag = "Worker1"
}
"us-west-2c" = {
instance_type = "m4.4xlarge"
subnet = 6
tag = "Worker2"
}
}
}
Error
Error: Unsupported attribute
on vpc.tf line 51, in resource "aws_volume_attachment" "ebs_att":
51: instance_id = aws_instance.private[each.value.tag].id
|----------------
| each.value is object with 12 attributes
This object does not have an attribute named "tag".
I had to specify:
instance_id = aws_instance.private[each.value.availability_zone].id
in aws_volume_attachment resource
Related
I am unable to implement the creation of multiple instances with a attached multiple network interface. I have a code where three instances are created and 3 network interfaces are attached. I would like to do this using count, for_each. I could no5 find implemented methods on the Internet. I ask you to help me how to implement the code using count
resource "aws_network_interface" "private_elasticsearch" {
subnet_id = aws_subnet.private_subnets.id
private_ips = ["10.245.10.6"]
security_groups = [aws_security_group.elastic_traffic.id,
aws_security_group.general.id]
tags = {
Environment = "Test"
Project = "test"
Name = "elasticsearch-interface"
}
}
resource "aws_network_interface" "private_elasticsearch2" {
subnet_id = aws_subnet.private_subnets.id
private_ips = ["10.245.10.7"]
security_groups = [aws_security_group.elastic_traffic.id, aws_security_group.general.id]
tags = {
Environment = "Test"
Project = "test"
Name = "elasticsearch-interface2"
}
}
resource "aws_network_interface" "private_elasticsearch3" {
subnet_id = aws_subnet.private_subnets.id
private_ips = ["10.245.10.8"]
security_groups = [aws_security_group.elastic_traffic.id, aws_security_group.general.id]
tags = {
Environment = "Test"
Project = "test"
Name = "elasticsearch-interface3"
}
}
resource "aws_instance" "dev-elasticsearch" {
ami = "ami-08bdc08970fcbd34a"
availability_zone = "eu-north-1a"
instance_type = "t3.micro"
network_interface {
device_index=0
network_interface_id = aws_network_interface.private_elasticsearch.id
}
tags = {
Environment = "Test"
Project = "test"
Name = "elasticsearch-instance-dev"
}
}
resource "aws_instance" "dev-elasticsearch-2" {
ami = "ami-08bdc08970fcbd34a"
availability_zone = "eu-north-1a"
instance_type = "t3.micro"
network_interface {
device_index=0
network_interface_id = aws_network_interface.private_elasticsearch2.id
}
tags = {
Environment = "Test"
Project = "test"
Name = "elasticsearch-instance-dev-2"
}
}
resource "aws_instance" "dev-elasticsearch-3" {
ami = "ami-08bdc08970fcbd34a"
availability_zone = "eu-north-1a"
instance_type = "t3.micro"
network_interface {
device_index=0
network_interface_id = aws_network_interface.private_elasticsearch3.id
}
tags = {
Environment = "Test"
Project = "test"
Name = "elasticsearch-instance-dev-3"
}
You can do it with count (for_each also possible):
locals {
ips = ["10.245.10.6", "10.245.10.7", "10.245.10.8"]
}
resource "aws_network_interface" "private_elasticsearch" {
count = length(local.ips)
subnet_id = aws_subnet.private_subnets.id
private_ips = [local.ips[count.index]]
security_groups = [aws_security_group.elastic_traffic.id,
aws_security_group.general.id]
tags = {
Environment = "Test"
Project = "test"
Name = "elasticsearch-interface${count.index}"
}
}
resource "aws_instance" "dev-elasticsearch" {
count = length(local.ips)
ami = "ami-08bdc08970fcbd34a"
availability_zone = "eu-north-1a"
instance_type = "t3.micro"
network_interface {
device_index=0
network_interface_id = aws_network_interface.private_elasticsearch[count.index].id
}
tags = {
Environment = "Test"
Project = "test"
Name = "elasticsearch-instance-dev${count.index}"
}
}
Subnets are created from the below code:
resource "aws_subnet" "Private" {
for_each = var.subnet_cidrs_private
vpc_id = aws_vpc.vpc.id
cidr_block = each.value
availability_zone = each.key
tags = {
Name = format("%s-%s-%s", var.environment, "Pri-Subnet", substr(each.key, -2, -1))
}
}
Trying to create 1 instance with count parameter.
resource "aws_instance" "visualapp" {
instance_type = "t2.micro"
ami = var.visualapp-ami
key_name = var.key_pair
vpc_security_group_ids = [aws_security_group.visualapp.id]
subnet_id = element(aws_subnet.Private[*].id, count.index)
count = 1
tags = {
Name = format("%s-%s", var.environment, "mage-varnish-${count.index + 1}")
}
}
Getting the below error:
subnet_id = element(aws_subnet.Private[*].id, count.index)
This object does not have an attribute named "id".
Variables:
variable "subnet_cidrs_private" {
default = {
eu-west-1a = "172.26.3.0/24",
eu-west-1b = "172.26.4.0/24"
}
}
Can anyone help me?.
element would be used if you had used count. Since you've used for_each you need to use values first:
subnet_id = element(values(aws_subnet.Private)[*].id, count.index)
I'm trying to create multiple EC2 instance but they have different AMIs, instance types and should be in different availability zones as shown below. I've tried a few different ways but can't make it work.
locals {
az_ami = [
{Name = "host1", type = "t3a.medium", az = "eu_west_2a", ami_id = "ami-01234abc"},
{Name = "host2", type = "t3a.micro", az = "eu_west_2b", ami_id = "ami-01234def"},
{Name = "host3", type = "t3a.medium", az = "eu_west_2b", ami_id = "ami-01234gef"},
{Name = "host4", type = "t3a.medium", az = "eu_west_2a", ami_id = "ami-01234hty"}
]
}
#variable "ami_id" {}
resource "aws_instance" "myinstance" {
count = length(local.az_ami)
for_each = [{ for i in local.az_ami: }]
dynamic "ec2_instance"{
for_each = local.az_ami[count.index]
content {
instance_type = "ec2_instance.value.Name"
availability_zone = "ec2_instance.value.az"
ami = "ec2_instance.value.ami_id"
}
}
}
If you want to use count, then it should be:
resource "aws_instance" "myinstance" {
count = length(local.az_ami)
instance_type = local.az_ami[count.index].type
availability_zone = local.az_ami[count.index].az
ami = local.az_ami[count.index].ami_id
tags = {
Name = local.az_ami[count.index].Name
}
}
But with for_each it could be:
resource "aws_instance" "myinstance2" {
for_each = {for idx, val in local.az_ami: idx => val}
instance_type = each.value.type
availability_zone = each.value.az
ami = each.value.ami_id
tags = {
Name = each.value.Name
}
}
Sorry for long post but hope that will provide good background.
Do not know if that is a bug or my code is wrong. I want to create ECS cluster with EC2 spot instances with help of launch template and ASG. My code is as follows:
For ECS service, cluster, task definition:
resource "aws_ecs_cluster" "main" {
name = "test-ecs-cluster"
}
resource "aws_ecs_service" "ec2_service" {
for_each = data.aws_subnet_ids.all_subnets.ids
name = "myservice_${replace(timestamp(), ":", "-")}"
task_definition = aws_ecs_task_definition.task_definition.arn
cluster = aws_ecs_cluster.main.id
desired_count = 1
launch_type = "EC2"
health_check_grace_period_seconds = 10
load_balancer {
container_name = "test-container"
container_port = 80
target_group_arn = aws_lb_target_group.alb_ec2_ecs_tg.id
}
network_configuration {
security_groups = [aws_security_group.ecs_ec2.id]
subnets = [each.value]
assign_public_ip = "false"
}
ordered_placement_strategy {
type = "binpack"
field = "cpu"
}
}
resource "aws_ecs_task_definition" "task_definition" {
container_definitions = data.template_file.task_definition_template.rendered
family = "test-ec2-task-family"
execution_role_arn = aws_iam_role.ecs_task_exec_role_ec2_ecs.arn
task_role_arn = aws_iam_role.ecs_task_exec_role_ec2_ecs.arn
network_mode = "awsvpc"
memory = 1024
cpu = 1024
requires_compatibilities = ["EC2"]
lifecycle {
create_before_destroy = true
}
}
data "template_file" "task_definition_template" {
template = file("${path.module}/templates/task_definition.json.tpl")
vars = {
container_port = var.container_port
region = var.region
log_group = var.cloudwatch_log_group
}
}
Launch template:
resource "aws_launch_template" "template_for_spot" {
name = "test-spor-ecs-launch-template"
disable_api_termination = false
instance_type = "t3.small"
image_id = data.aws_ami.amazon_linux_2_ecs_optimized.id
key_name = "FrankfurtRegion"
user_data = data.template_file.user_data.rendered
vpc_security_group_ids = [aws_security_group.ecs_ec2.id]
monitoring {
enabled = var.enable_spot == "true" ? false : true
}
block_device_mappings {
device_name = "/dev/sda1"
ebs {
volume_size = 30
}
}
iam_instance_profile {
arn = aws_iam_instance_profile.ecs_instance_profile.arn
}
lifecycle {
create_before_destroy = true
}
}
data "template_file" "user_data" {
template = file("${path.module}/user_data.tpl")
vars = {
cluster_name = aws_ecs_cluster.main.name
}
}
ASG with scaling policy:
resource "aws_autoscaling_group" "ecs_spot_asg" {
name = "test-asg-for-ecs"
max_size = 4
min_size = 2
desired_capacity = 2
termination_policies = [
"OldestInstance"]
vpc_zone_identifier = data.aws_subnet_ids.all_subnets.ids
health_check_type = "ELB"
health_check_grace_period = 300
mixed_instances_policy {
instances_distribution {
on_demand_percentage_above_base_capacity = 0
spot_instance_pools = 2
spot_max_price = "0.03"
}
launch_template {
launch_template_specification {
launch_template_id = aws_launch_template.template_for_spot.id
version = "$Latest"
}
override {
instance_type = "t3.large"
}
override {
instance_type = "t3.medium"
}
override {
instance_type = "t3a.large"
}
override {
instance_type = "t3a.medium"
}
}
}
lifecycle {
create_before_destroy = true
}
}
resource "aws_autoscaling_policy" "ecs_cluster_scale_policy" {
autoscaling_group_name = aws_autoscaling_group.ecs_spot_asg.name
name = "test-ecs-cluster-scaling-policy"
policy_type = "TargetTrackingScaling"
adjustment_type = "ChangeInCapacity"
target_tracking_configuration {
target_value = 70
customized_metric_specification {
metric_name = "ECS-cluster-metric"
namespace = "AWS/ECS"
statistic = "Average"
metric_dimension {
name = aws_ecs_cluster.main.name
value = aws_ecs_cluster.main.name
}
}
}
}
EDIT:
I'm getting :
Error: InvalidParameterException: Creation of service was not idempotent. "test-ec2-service-qaz"
on ecs.tf line 5, in resource "aws_ecs_service" "ec2_service":
5: resource "aws_ecs_service" "ec2_service" {
EDIT2:
Changed ecs_service name to name = "myservice_${replace(timestamp(), ":", "-")}", still getting same error.
Was reading from other issues that it is becouse of usage lifecycle with create_before_destroy statement in ecs_service, but it is not declared in my code. Maybe it is something related to something else, can't say what.
Thanks #Marko E and #karnauskas on github with name = "myservice_${each.value}" was able to deploy three ECS services. With correction to sub-nets handling I was able to deploy all the "stuff" as required. Subnets:
data "aws_subnet_ids" "all_subnets" {
vpc_id = data.aws_vpc.default.id
}
data "aws_subnet" "subnets" {
for_each = data.aws_subnet_ids.all_subnets.ids
id = each.value
}
I read the Terraform spot fleet example usages from here.
What is the significance of "iam_instance_profile_arn" and what does it do in Example 1?
I'm getting the error "launch_specification.0: invalid or unknown key: tags" in some cases, while not in others so I thought maybe it is related to the iam_profile.
iam_instance_profile_arn = "${aws_iam_instance_profile.example.arn}"
Example 1:
# Request a Spot fleet
resource "aws_spot_fleet_request" "cheap_compute" {
iam_fleet_role = "arn:aws:iam::12345678:role/spot-fleet"
spot_price = "0.03"
allocation_strategy = "diversified"
target_capacity = 6
valid_until = "2019-11-04T20:44:20Z"
launch_specification {
instance_type = "m4.10xlarge"
ami = "ami-1234"
spot_price = "2.793"
placement_tenancy = "dedicated"
iam_instance_profile_arn = "${aws_iam_instance_profile.example.arn}"
}
launch_specification {
instance_type = "m4.4xlarge"
ami = "ami-5678"
key_name = "my-key"
spot_price = "1.117"
iam_instance_profile_arn = "${aws_iam_instance_profile.example.arn}"
availability_zone = "us-west-1a"
subnet_id = "subnet-1234"
weighted_capacity = 35
root_block_device {
volume_size = "300"
volume_type = "gp2"
}
tags {
Name = "spot-fleet-example"
}
}
}
Example 2:
resource "aws_spot_fleet_request" "foo" {
iam_fleet_role = "arn:aws:iam::12345678:role/spot-fleet"
spot_price = "0.005"
target_capacity = 2
valid_until = "2019-11-04T20:44:20Z"
launch_specification {
instance_type = "m1.small"
ami = "ami-d06a90b0"
key_name = "my-key"
availability_zone = "us-west-2a"
}
launch_specification {
instance_type = "m3.large"
ami = "ami-d06a90b0"
key_name = "my-key"
availability_zone = "us-west-2a"
}
depends_on = ["aws_iam_policy_attachment.test-attach"]
}
The instance profile is unrelated to the error. The error is saying this:
tags {
Name = "spot-fleet-example"
}
Part of the first example isnt recognized. You can read about what instance profiles are here:
An instance profile is a container for an IAM role that you can use to
pass role information to an EC2 instance when the instance starts.