# Licensed to the Apache Software Foundation (ASF) under one # or more contributor license agreements. See the NOTICE file # distributed with this work for additional information # regarding copyright ownership. The ASF licenses this file # to you under the Apache License, Version 2.0 (the # "License"); you may not use this file except in compliance # with the License. You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, # software distributed under the License is distributed on an # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY # KIND, either express or implied. See the License for the # specific language governing permissions and limitations # under the License. resource "aws_security_group" "master" { name = "master" description = "Allow incoming connections" vpc_id = aws_vpc._.id ingress { from_port = 22 to_port = 22 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] description = "Allow incoming SSH connections (Linux)" } ingress { from_port = 5678 to_port = 5678 protocol = "tcp" security_groups = [aws_security_group.api.id] description = "Allow incoming HTTP connections" } egress { from_port = 0 to_port = 0 protocol = "-1" cidr_blocks = ["0.0.0.0/0"] } tags = merge(var.tags, { "Name" = "${var.name_prefix}-sg" }) } resource "aws_security_group_rule" "master_worker" { security_group_id = aws_security_group.master.id from_port = 5678 to_port = 5678 protocol = "tcp" type = "ingress" source_security_group_id = aws_security_group.worker.id } data "template_file" "master_user_data" { template = file("templates/cloud-init.yaml") vars = { "ssh_public_key" = aws_key_pair.key_pair.public_key "dolphinscheduler_version" = var.ds_version "dolphinscheduler_component" = "master-server" "database_address" = aws_db_instance.database.address "database_port" = aws_db_instance.database.port "database_name" = aws_db_instance.database.db_name "database_username" = aws_db_instance.database.username "database_password" = aws_db_instance.database.password "zookeeper_connect_string" = var.zookeeper_connect_string != "" ? var.zookeeper_connect_string : aws_instance.zookeeper[0].private_ip "alert_server_host" = "" "s3_access_key_id" = aws_iam_access_key.s3.id "s3_secret_access_key" = aws_iam_access_key.s3.secret "s3_region" = var.aws_region "s3_bucket_name" = module.s3_bucket.s3_bucket_id "s3_endpoint" = "" } } resource "aws_instance" "master" { count = var.ds_component_replicas.master ami = data.aws_ami.dolphinscheduler.id instance_type = var.vm_instance_type.master subnet_id = aws_subnet.public[0].id vpc_security_group_ids = [aws_security_group.master.id] source_dest_check = false associate_public_ip_address = var.vm_associate_public_ip_address.master user_data = data.template_file.master_user_data.rendered root_block_device { volume_size = var.vm_root_volume_size.master volume_type = var.vm_root_volume_type.master delete_on_termination = true encrypted = true tags = merge(var.tags, { "Name" = "${var.name_prefix}-rbd-master-${count.index}" }) } ebs_block_device { device_name = "/dev/xvda" volume_size = var.vm_data_volume_size.master volume_type = var.vm_data_volume_type.master encrypted = true delete_on_termination = true tags = merge(var.tags, { "Name" = "${var.name_prefix}-ebd-master-${count.index}" }) } tags = merge(var.tags, { "Name" = "${var.name_prefix}-master-${count.index}" }) }