From 65b1c1fd3feb6d335ea6609f45cf81188ff75709 Mon Sep 17 00:00:00 2001 From: dsk-minchulahn Date: Tue, 21 Nov 2023 14:17:37 +0900 Subject: [PATCH] =?UTF-8?q?terrafrom=20-=20aws=20instance=20-=20monitoring?= =?UTF-8?q?=20=EC=B5=9C=EC=8B=A0=ED=99=94?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- terraform/aws_instance/00-old/grafana/ec2.tf | 60 ---- .../00-old/grafana/terraform.tfstate.backup | 98 ------ .../.terraform.lock.hcl | 0 terraform/aws_instance/monitoring/ec2.tf | 109 ++++++ .../{00-old/grafana => monitoring}/main.tf | 0 .../aws_instance/monitoring/terraform.tfstate | 312 ++++++++++++++++++ .../terraform.tfstate.backup} | 2 +- .../grafana => monitoring}/variables.tf | 0 8 files changed, 422 insertions(+), 159 deletions(-) delete mode 100644 terraform/aws_instance/00-old/grafana/ec2.tf delete mode 100644 terraform/aws_instance/00-old/grafana/terraform.tfstate.backup rename terraform/aws_instance/{00-old/grafana => monitoring}/.terraform.lock.hcl (100%) create mode 100644 terraform/aws_instance/monitoring/ec2.tf rename terraform/aws_instance/{00-old/grafana => monitoring}/main.tf (100%) create mode 100644 terraform/aws_instance/monitoring/terraform.tfstate rename terraform/aws_instance/{00-old/grafana/terraform.tfstate => monitoring/terraform.tfstate.backup} (99%) rename terraform/aws_instance/{00-old/grafana => monitoring}/variables.tf (100%) diff --git a/terraform/aws_instance/00-old/grafana/ec2.tf b/terraform/aws_instance/00-old/grafana/ec2.tf deleted file mode 100644 index 056db6e..0000000 --- a/terraform/aws_instance/00-old/grafana/ec2.tf +++ /dev/null @@ -1,60 +0,0 @@ -resource "aws_security_group" "grafana-allow-security" { - name = "grafana-allow-security-new" - description = "Allow inbound traffic" - vpc_id = var.VPC_ID - - ingress { - description = "SSH" - from_port = 22 - to_port = 22 - protocol = "tcp" - cidr_blocks = ["118.223.123.161/32"] - } - - ingress { - description = "TLS from grafana" - from_port = 443 - to_port = 443 - protocol = "tcp" - cidr_blocks = ["118.223.123.161/32"] - } - - ingress { - description = "http fron grafana" - from_port = 80 - to_port = 80 - protocol = "tcp" - cidr_blocks = ["118.223.123.161/32"] - } - - egress { - from_port = 0 - to_port = 0 - protocol = "-1" - cidr_blocks = ["0.0.0.0/0"] - ipv6_cidr_blocks = ["::/0"] - } - - tags = { - Name = "grafana-allow-security" - } -} - -resource "aws_instance" "grafana" { - ami = "ami-0409b7ddbc59e3222" - instance_type = "t3.small" - key_name = "kp-jay-bastion-datasaker" - vpc_security_group_ids = [aws_security_group.grafana-allow-security.id] - availability_zone = "ap-northeast-2c" - subnet_id = var.Public_Subnet_ID_3 - - root_block_device { - delete_on_termination = true - volume_size = 30 - } - - tags = { - Name = "grafana" - } -} - diff --git a/terraform/aws_instance/00-old/grafana/terraform.tfstate.backup b/terraform/aws_instance/00-old/grafana/terraform.tfstate.backup deleted file mode 100644 index 835d514..0000000 --- a/terraform/aws_instance/00-old/grafana/terraform.tfstate.backup +++ /dev/null @@ -1,98 +0,0 @@ -{ - "version": 4, - "terraform_version": "1.3.7", - "serial": 4, - "lineage": "816258a5-69eb-6967-f105-8709f7e2588d", - "outputs": {}, - "resources": [ - { - "mode": "managed", - "type": "aws_security_group", - "name": "grafana-allow-security", - "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", - "instances": [ - { - "schema_version": 1, - "attributes": { - "arn": "arn:aws:ec2:ap-northeast-2:508259851457:security-group/sg-0aa579ce45269425a", - "description": "Allow inbound traffic", - "egress": [ - { - "cidr_blocks": [ - "0.0.0.0/0" - ], - "description": "", - "from_port": 0, - "ipv6_cidr_blocks": [ - "::/0" - ], - "prefix_list_ids": [], - "protocol": "-1", - "security_groups": [], - "self": false, - "to_port": 0 - } - ], - "id": "sg-0aa579ce45269425a", - "ingress": [ - { - "cidr_blocks": [ - "118.223.123.161/32" - ], - "description": "SSH", - "from_port": 22, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [], - "self": false, - "to_port": 22 - }, - { - "cidr_blocks": [ - "118.223.123.161/32" - ], - "description": "TLS from grafana", - "from_port": 443, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [], - "self": false, - "to_port": 443 - }, - { - "cidr_blocks": [ - "118.223.123.161/32" - ], - "description": "http fron grafana", - "from_port": 80, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [], - "self": false, - "to_port": 80 - } - ], - "name": "grafana-allow-security-new", - "name_prefix": "", - "owner_id": "508259851457", - "revoke_rules_on_delete": false, - "tags": { - "Name": "grafana-allow-security" - }, - "tags_all": { - "Name": "grafana-allow-security" - }, - "timeouts": null, - "vpc_id": "vpc-00ba2b0e9ad59f0ed" - }, - "sensitive_attributes": [], - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6OTAwMDAwMDAwMDAwfSwic2NoZW1hX3ZlcnNpb24iOiIxIn0=" - } - ] - } - ], - "check_results": null -} diff --git a/terraform/aws_instance/00-old/grafana/.terraform.lock.hcl b/terraform/aws_instance/monitoring/.terraform.lock.hcl similarity index 100% rename from terraform/aws_instance/00-old/grafana/.terraform.lock.hcl rename to terraform/aws_instance/monitoring/.terraform.lock.hcl diff --git a/terraform/aws_instance/monitoring/ec2.tf b/terraform/aws_instance/monitoring/ec2.tf new file mode 100644 index 0000000..41d2d8b --- /dev/null +++ b/terraform/aws_instance/monitoring/ec2.tf @@ -0,0 +1,109 @@ +resource "aws_security_group" "grafana-allow-security" { + name = "grafana-allow-security-new" + description = "Allow inbound traffic" + vpc_id = var.VPC_ID + + ingress { + description = "SSH" + from_port = 22 + to_port = 22 + protocol = "tcp" + cidr_blocks = ["118.223.123.161/32"] + } + + ingress { + description = "TLS from grafana" + from_port = 443 + to_port = 443 + protocol = "tcp" + cidr_blocks = ["118.223.123.161/32"] + } + + ingress { + description = "" + from_port = 443 + to_port = 443 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + ingress { + description = "" + from_port = 80 + to_port = 80 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + ingress { + description = "TLS from teleport" + from_port = 30168 + to_port = 30168 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + ingress { + description = "" + from_port = 32084 + to_port = 32084 + protocol = "tcp" + cidr_blocks = ["172.0.0.0/8"] + } + + ingress { + description = "loki" + from_port = 31768 + to_port = 31768 + protocol = "tcp" + cidr_blocks = ["172.24.0.0/16"] + } + + ingress { + description = "" + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["172.31.0.0/16"] + } + + ingress { + description = "nlb-securitygroup" + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = [] + security_groups = ["sg-0c46bbbbc5ecc2786"] + } + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + ipv6_cidr_blocks = ["::/0"] + } + + tags = { + Name = "monitoring-allow-security" + } +} + +resource "aws_instance" "grafana" { + ami = "ami-0409b7ddbc59e3222" + instance_type = "m5.large" + key_name = "kp-jay-bastion-datasaker" + vpc_security_group_ids = [aws_security_group.grafana-allow-security.id] + availability_zone = "ap-northeast-2c" + subnet_id = var.Public_Subnet_ID_3 + + root_block_device { + delete_on_termination = true + volume_size = 30 + } + + tags = { + Name = "monitoring.kr.datasaker.io" + } +} + diff --git a/terraform/aws_instance/00-old/grafana/main.tf b/terraform/aws_instance/monitoring/main.tf similarity index 100% rename from terraform/aws_instance/00-old/grafana/main.tf rename to terraform/aws_instance/monitoring/main.tf diff --git a/terraform/aws_instance/monitoring/terraform.tfstate b/terraform/aws_instance/monitoring/terraform.tfstate new file mode 100644 index 0000000..c3425d1 --- /dev/null +++ b/terraform/aws_instance/monitoring/terraform.tfstate @@ -0,0 +1,312 @@ +{ + "version": 4, + "terraform_version": "1.5.7", + "serial": 8, + "lineage": "816258a5-69eb-6967-f105-8709f7e2588d", + "outputs": {}, + "resources": [ + { + "mode": "managed", + "type": "aws_instance", + "name": "grafana", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 1, + "attributes": { + "ami": "ami-0409b7ddbc59e3222", + "arn": "arn:aws:ec2:ap-northeast-2:508259851457:instance/i-08af287265bd05022", + "associate_public_ip_address": true, + "availability_zone": "ap-northeast-2c", + "capacity_reservation_specification": [ + { + "capacity_reservation_preference": "open", + "capacity_reservation_target": [] + } + ], + "cpu_core_count": 1, + "cpu_threads_per_core": 2, + "credit_specification": [ + { + "cpu_credits": "unlimited" + } + ], + "disable_api_stop": false, + "disable_api_termination": true, + "ebs_block_device": [ + { + "delete_on_termination": false, + "device_name": "/dev/sdf", + "encrypted": false, + "iops": 600, + "kms_key_id": "", + "snapshot_id": "", + "tags": {}, + "throughput": 0, + "volume_id": "vol-0a2e83f6a2d3d12b3", + "volume_size": 200, + "volume_type": "gp2" + } + ], + "ebs_optimized": true, + "enclave_options": [ + { + "enabled": false + } + ], + "ephemeral_block_device": [], + "get_password_data": false, + "hibernation": false, + "host_id": "", + "host_resource_group_arn": null, + "iam_instance_profile": "AmazonSSMRoleForInstancesQuickSetup", + "id": "i-08af287265bd05022", + "instance_initiated_shutdown_behavior": "stop", + "instance_state": "running", + "instance_type": "m5.large", + "ipv6_address_count": 0, + "ipv6_addresses": [], + "key_name": "kp-jay-bastion-datasaker", + "launch_template": [], + "maintenance_options": [ + { + "auto_recovery": "default" + } + ], + "metadata_options": [ + { + "http_endpoint": "enabled", + "http_put_response_hop_limit": 1, + "http_tokens": "required", + "instance_metadata_tags": "disabled" + } + ], + "monitoring": false, + "network_interface": [], + "outpost_arn": "", + "password_data": "", + "placement_group": "", + "placement_partition_number": 0, + "primary_network_interface_id": "eni-073cf0ad9107c09ab", + "private_dns": "i-08af287265bd05022.ap-northeast-2.compute.internal", + "private_dns_name_options": [ + { + "enable_resource_name_dns_a_record": true, + "enable_resource_name_dns_aaaa_record": false, + "hostname_type": "resource-name" + } + ], + "private_ip": "172.24.2.212", + "public_dns": "ec2-3-38-1-96.ap-northeast-2.compute.amazonaws.com", + "public_ip": "3.38.1.96", + "root_block_device": [ + { + "delete_on_termination": true, + "device_name": "/dev/sda1", + "encrypted": false, + "iops": 100, + "kms_key_id": "", + "tags": {}, + "throughput": 0, + "volume_id": "vol-0153e1bed3b29f8b2", + "volume_size": 30, + "volume_type": "gp2" + } + ], + "secondary_private_ips": [], + "security_groups": [], + "source_dest_check": true, + "subnet_id": "subnet-0073a61bc56a68a3e", + "tags": { + "Name": "monitoring.kr.datasaker.io" + }, + "tags_all": { + "Name": "monitoring.kr.datasaker.io" + }, + "tenancy": "default", + "timeouts": null, + "user_data": null, + "user_data_base64": null, + "user_data_replace_on_change": false, + "volume_tags": null, + "vpc_security_group_ids": [ + "sg-0aa579ce45269425a" + ] + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMCwidXBkYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==", + "dependencies": [ + "aws_security_group.grafana-allow-security" + ] + } + ] + }, + { + "mode": "managed", + "type": "aws_security_group", + "name": "grafana-allow-security", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:ap-northeast-2:508259851457:security-group/sg-0aa579ce45269425a", + "description": "Allow inbound traffic", + "egress": [ + { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "", + "from_port": 0, + "ipv6_cidr_blocks": [ + "::/0" + ], + "prefix_list_ids": [], + "protocol": "-1", + "security_groups": [], + "self": false, + "to_port": 0 + } + ], + "id": "sg-0aa579ce45269425a", + "ingress": [ + { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "", + "from_port": 443, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [], + "self": false, + "to_port": 443 + }, + { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "", + "from_port": 80, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [], + "self": false, + "to_port": 80 + }, + { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "TLS from teleport", + "from_port": 30168, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [], + "self": false, + "to_port": 30168 + }, + { + "cidr_blocks": [ + "118.223.123.161/32" + ], + "description": "SSH", + "from_port": 22, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [], + "self": false, + "to_port": 22 + }, + { + "cidr_blocks": [ + "118.223.123.161/32" + ], + "description": "TLS from grafana", + "from_port": 443, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [], + "self": false, + "to_port": 443 + }, + { + "cidr_blocks": [ + "172.0.0.0/8" + ], + "description": "", + "from_port": 32084, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [], + "self": false, + "to_port": 32084 + }, + { + "cidr_blocks": [ + "172.24.0.0/16" + ], + "description": "loki", + "from_port": 31768, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [], + "self": false, + "to_port": 31768 + }, + { + "cidr_blocks": [ + "172.31.0.0/16" + ], + "description": "", + "from_port": 0, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "-1", + "security_groups": [], + "self": false, + "to_port": 0 + }, + { + "cidr_blocks": [], + "description": "nlb-securitygroup", + "from_port": 0, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "-1", + "security_groups": [ + "sg-0c46bbbbc5ecc2786" + ], + "self": false, + "to_port": 0 + } + ], + "name": "grafana-allow-security-new", + "name_prefix": "", + "owner_id": "508259851457", + "revoke_rules_on_delete": false, + "tags": { + "Name": "monitoring-allow-security" + }, + "tags_all": { + "Name": "monitoring-allow-security" + }, + "timeouts": null, + "vpc_id": "vpc-00ba2b0e9ad59f0ed" + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6OTAwMDAwMDAwMDAwfSwic2NoZW1hX3ZlcnNpb24iOiIxIn0=" + } + ] + } + ], + "check_results": null +} diff --git a/terraform/aws_instance/00-old/grafana/terraform.tfstate b/terraform/aws_instance/monitoring/terraform.tfstate.backup similarity index 99% rename from terraform/aws_instance/00-old/grafana/terraform.tfstate rename to terraform/aws_instance/monitoring/terraform.tfstate.backup index f591daa..b00949d 100644 --- a/terraform/aws_instance/00-old/grafana/terraform.tfstate +++ b/terraform/aws_instance/monitoring/terraform.tfstate.backup @@ -1,6 +1,6 @@ { "version": 4, - "terraform_version": "1.3.7", + "terraform_version": "1.5.7", "serial": 6, "lineage": "816258a5-69eb-6967-f105-8709f7e2588d", "outputs": {}, diff --git a/terraform/aws_instance/00-old/grafana/variables.tf b/terraform/aws_instance/monitoring/variables.tf similarity index 100% rename from terraform/aws_instance/00-old/grafana/variables.tf rename to terraform/aws_instance/monitoring/variables.tf