This is an automated email from the ASF dual-hosted git repository.
kezhenxu94 pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/skywalking-terraform.git
The following commit(s) were added to refs/heads/main by this push:
new e6ba72d More enhancements to Terraform script and Ansible playbook
(#27)
e6ba72d is described below
commit e6ba72dc5a8e5ce2614b99c123ecf627c65497fe
Author: kezhenxu94 <[email protected]>
AuthorDate: Wed Aug 30 14:35:35 2023 +0800
More enhancements to Terraform script and Ansible playbook (#27)
- Polish the environment variables in Ansible playbook.
- Use Terraform template to render the Ansible inventory.
- Fine tune the security groups.
- Reorganize the Terraform scripts for different components.
- Add more Terraform output informations.
---
.gitignore | 2 +
README.md | 29 +++++
ansible/inventory/template/skywalking.yaml.tftpl | 36 ++++++
ansible/roles/skywalking/tasks/main.yml | 47 ++++----
.../skywalking/templates/skywalking-oap.env.j2 | 22 ++++
.../skywalking/templates/skywalking-ui.env.j2 | 25 ++++
.../skywalking/templates/skywalking-ui.service.j2 | 2 +-
ansible/roles/skywalking/vars/main.yml | 20 ++--
aws/ec2-main.tf | 67 +++++++++++
aws/ec2.tf | 130 ---------------------
aws/skywalking-oap-main.tf | 54 +++++++++
aws/skywalking-oap-output.tf | 21 ++++
aws/skywalking-ui-main.tf | 53 +++++++++
aws/skywalking-ui-output.tf | 20 ++++
aws/variables.tf | 1 +
15 files changed, 368 insertions(+), 161 deletions(-)
diff --git a/.gitignore b/.gitignore
index 6745ea4..ea6ebe3 100644
--- a/.gitignore
+++ b/.gitignore
@@ -15,4 +15,6 @@ aws/.terraform/
aws/.terraform.lock.hcl
aws/terraform.tfstate
aws/terraform.tfstate.backup
+ansible/local.var.yaml
ansible/inventory
+!ansible/inventory/template
diff --git a/README.md b/README.md
index 5c84e6c..9e0d319 100644
--- a/README.md
+++ b/README.md
@@ -167,3 +167,32 @@ After confirming connectivity, proceed to install Apache
SkyWalking using the An
```
ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -u ec2-user --private-key
"$SSH_KEY_FILE" playbooks/install-skywalking.yml
```
+
+### 4. Configurations
+
+The Ansible playbook can be customized to install Apache SkyWalking with
+different configurations. The following variables can be modified to suit your
+needs:
+
+> For full configurations, refer to the
+>
[ansible/roles/skywalking/vars/main.yml](ansible/roles/skywalking/vars/main.yml).
+> file.
+
+```yaml
+# `skywalking_tarball` can be a remote URL or a local path, if it's a remote
URL
+# the remote file will be downloaded to the remote host and then extracted,
+# if it's a local path, the local file will be copied to the remote host and
+# then extracted.
+skywalking_tarball:
"https://dist.apache.org/repos/dist/release/skywalking/9.5.0/apache-skywalking-apm-9.5.0.tar.gz";
+
+# `skywalking_ui_environment` is a dictionary of environment variables that
will
+# be sourced when running the skywalking-ui service. All environment variables
+# that are supported by SkyWalking webapp can be set here.
+skywalking_ui_environment: {}
+
+# `skywalking_oap_environment` is a dictionary of environment variables that
will
+# be sourced when running the skywalking-oap service. All environment variables
+# that are supported by SkyWalking OAP can be set here.
+skywalking_oap_environment: {}
+
+```
diff --git a/ansible/inventory/template/skywalking.yaml.tftpl
b/ansible/inventory/template/skywalking.yaml.tftpl
new file mode 100644
index 0000000..59b2cbd
--- /dev/null
+++ b/ansible/inventory/template/skywalking.yaml.tftpl
@@ -0,0 +1,36 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+skywalking:
+ children:
+ skywalking_oap:
+ skywalking_ui:
+
+skywalking_oap:
+ hosts:
+%{ for oap in oap_instances ~}
+ ${oap.public_ip}:
+ private_ip: ${oap.private_ip}
+%{ endfor ~}
+
+skywalking_ui:
+ hosts:
+%{ for ui in ui_instances ~}
+ ${ui.public_ip}:
+ private_ip: ${ui.private_ip}
+%{ endfor ~}
diff --git a/ansible/roles/skywalking/tasks/main.yml
b/ansible/roles/skywalking/tasks/main.yml
index 5b9a0a3..b8c593b 100644
--- a/ansible/roles/skywalking/tasks/main.yml
+++ b/ansible/roles/skywalking/tasks/main.yml
@@ -23,14 +23,13 @@
group: skywalking
mode: "0755"
-- name: Download Apache SkyWalking tarball
+- name: Download remote Apache SkyWalking tarball
when: skywalking_tarball is match('^https?://.*')
get_url:
url: "{{ skywalking_tarball }}"
- timeout: 120
dest: /usr/local/skywalking/apache-skywalking-apm.tar.gz
-- name: Upload Local Apache SkyWalking tarball
+- name: Upload local Apache SkyWalking tarball
when: skywalking_tarball is not match('^https?://.*')
ansible.builtin.copy:
src: "{{ skywalking_tarball }}"
@@ -39,26 +38,39 @@
group: skywalking
mode: '0755'
-- name: Extract tar file
+- name: Extract tarball
unarchive:
src: /usr/local/skywalking/apache-skywalking-apm.tar.gz
- dest: "/usr/local/skywalking"
+ dest: /usr/local/skywalking
remote_src: yes
+ owner: skywalking
+ group: skywalking
extra_opts: [--strip-components=1]
+- name: Generate environment file for webui service
+ template:
+ src: skywalking-ui.env.j2
+ dest: /home/skywalking/webapp.env
+ owner: skywalking
+ mode: "0660"
+ when: inventory_hostname in groups['skywalking_ui']
+
+- name: Generate environment file for OAP service
+ template:
+ src: skywalking-oap.env.j2
+ dest: /home/skywalking/oap.env
+ owner: skywalking
+ mode: "0660"
+ when: inventory_hostname in groups['skywalking_oap']
+
- name: Check hostgroup size
set_fact:
group_size: "{{ groups['skywalking_oap'] | length }}"
- oap_standalone: "{{ [groups['skywalking_oap'][0]] }}"
- oap_bundled: "{{ groups['skywalking_oap'][1:] if groups['skywalking_oap']
| length > 1 else [] }}"
+ oap_init_node: "{{ [groups['skywalking_oap'][0]] }}"
- name: Run the OAPSericeInit script
- shell: "sudo -u skywalking /usr/local/skywalking/bin/oapServiceInit.sh"
- when: inventory_hostname in oap_standalone
-
-- name: Run the OAPSericeNoInit script
- shell: "sudo -u skywalking /usr/local/skywalking/bin/oapServiceNoInit.sh"
- when: inventory_hostname in oap_bundled
+ command: "sudo -u skywalking /usr/local/skywalking/bin/oapServiceInit.sh"
+ when: inventory_hostname in oap_init_node
- name: Generate systemd unit file for oap service
template:
@@ -76,14 +88,6 @@
mode: "0660"
when: inventory_hostname in groups['skywalking_ui']
-- name: Registration of OAP Server address within WebUI environment file
- ansible.builtin.lineinfile:
- path: "{{ env_file }}"
- line: "{{ item.key }}={{ item.value }}"
- create: yes
- loop: "{{ sw_ui_env_vars | dict2items }}"
- when: inventory_hostname in groups['skywalking_ui']
-
- name: Reload systemd
systemd:
daemon_reload: yes
@@ -111,3 +115,4 @@
name: skywalking-ui
state: started
when: inventory_hostname in groups['skywalking_ui']
+
diff --git a/ansible/roles/skywalking/templates/skywalking-oap.env.j2
b/ansible/roles/skywalking/templates/skywalking-oap.env.j2
new file mode 100644
index 0000000..f11517b
--- /dev/null
+++ b/ansible/roles/skywalking/templates/skywalking-oap.env.j2
@@ -0,0 +1,22 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+{% for key, value in skywalking_oap_environment.items() %}
+{{ key }}="{{ value }}"
+{% endfor %}
+
diff --git a/ansible/roles/skywalking/templates/skywalking-ui.env.j2
b/ansible/roles/skywalking/templates/skywalking-ui.env.j2
new file mode 100644
index 0000000..0ca001f
--- /dev/null
+++ b/ansible/roles/skywalking/templates/skywalking-ui.env.j2
@@ -0,0 +1,25 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+{% for key, value in skywalking_ui_environment.items() %}
+{{ key }}="{{ value }}"
+{% endfor %}
+
+SW_OAP_ADDRESS="{% for host in groups['skywalking_oap'] %}http://{{
hostvars[host].private_ip }}:{{ skywalking_ui_environment['SW_CORE_GRPC_PORT']
| default ('12800') }}{% if not loop.last %},{% endif %}{% endfor %}"
+SW_ZIPKIN_ADDRESS="{% for host in groups['skywalking_oap'] %}http://{{
hostvars[host].private_ip }}:{{
skywalking_ui_environment['SW_QUERY_ZIPKIN_REST_PORT'] | default ('9412') }}{%
if not loop.last %},{% endif %}{% endfor %}"
+
diff --git a/ansible/roles/skywalking/templates/skywalking-ui.service.j2
b/ansible/roles/skywalking/templates/skywalking-ui.service.j2
index c087c7a..ed36c73 100644
--- a/ansible/roles/skywalking/templates/skywalking-ui.service.j2
+++ b/ansible/roles/skywalking/templates/skywalking-ui.service.j2
@@ -19,7 +19,7 @@ After=network.target
[Service]
Type=simple
-EnvironmentFile=/usr/local/skywalking/webapp/sw_ui_env_file
+EnvironmentFile=/home/skywalking/webapp.env
User=skywalking
Group=skywalking
ExecStart=/usr/local/skywalking/bin/webappService.sh
diff --git a/ansible/roles/skywalking/vars/main.yml
b/ansible/roles/skywalking/vars/main.yml
index 9bb5661..198aa7e 100644
--- a/ansible/roles/skywalking/vars/main.yml
+++ b/ansible/roles/skywalking/vars/main.yml
@@ -14,17 +14,19 @@
# limitations under the License.
---
-# skywalking_tarball can be a remote URL or a local path, if it's a remote URL
+# `skywalking_tarball` can be a remote URL or a local path, if it's a remote
URL
# the remote file will be downloaded to the remote host and then extracted,
# if it's a local path, the local file will be copied to the remote host and
# then extracted.
skywalking_tarball:
"https://dist.apache.org/repos/dist/release/skywalking/9.5.0/apache-skywalking-apm-9.5.0.tar.gz";
-sw_ui_server_port: "8080"
-sw_oap_server_port: "12800"
-sw_zipkin_address: "9412"
-sw_ui_env_vars:
- SW_SERVER_PORT: "{{ sw_ui_server_port }}"
- SW_OAP_ADDRESS: "{% for host in groups['skywalking_oap'] %}http://{{
hostvars[host].inventory_hostname }}:{{ sw_oap_server_port }}{% if not
loop.last %},{% endif %}{% endfor %}"
- SW_ZIPKIN_ADDRESS: "{% for host in groups['skywalking_oap'] %}http://{{
hostvars[host].inventory_hostname }}:{{ sw_zipkin_address }}{% if not loop.last
%},{% endif %}{% endfor %}"
-env_file: /usr/local/skywalking/webapp/sw_ui_env_file
+# `skywalking_ui_environment` is a dictionary of environment variables that
will
+# be sourced when running the skywalking-ui service. All environment variables
+# that are supported by SkyWalking webapp can be set here.
+skywalking_ui_environment: {}
+
+# `skywalking_oap_environment` is a dictionary of environment variables that
will
+# be sourced when running the skywalking-oap service. All environment variables
+# that are supported by SkyWalking OAP can be set here.
+skywalking_oap_environment: {}
+
diff --git a/aws/ec2-main.tf b/aws/ec2-main.tf
new file mode 100644
index 0000000..1f2ea25
--- /dev/null
+++ b/aws/ec2-main.tf
@@ -0,0 +1,67 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+provider "aws" {
+ region = var.region
+ access_key = var.access_key
+ secret_key = var.secret_key
+}
+
+resource "aws_security_group" "ssh-access" {
+ name = "ssh-access"
+ description = "Allow SSH access from the Internet"
+ ingress = [
+ {
+ from_port = 22
+ to_port = 22
+ protocol = "tcp"
+ cidr_blocks = ["0.0.0.0/0"]
+ description = "Allow SSH access from the Internet"
+ ipv6_cidr_blocks = []
+ prefix_list_ids = []
+ security_groups = []
+ self = false
+ }
+ ]
+ tags = var.extra_tags
+}
+
+resource "aws_security_group" "public-egress-access" {
+ name = "public-egress-access"
+ description = "Allow access to the Internet"
+ egress = [
+ {
+ from_port = 0
+ to_port = 0
+ protocol = -1
+ cidr_blocks = ["0.0.0.0/0"]
+ description = "Allow access to the Internet"
+ ipv6_cidr_blocks = []
+ prefix_list_ids = []
+ security_groups = []
+ self = false
+ }
+ ]
+ tags = var.extra_tags
+}
+
+resource "local_file" "inventories" {
+ filename = "${path.module}/../ansible/inventory/skywalking.yaml"
+ file_permission = "0600"
+ content =
templatefile("${path.module}/../ansible/inventory/template/skywalking.yaml.tftpl",
{
+ oap_instances = aws_instance.skywalking-oap
+ ui_instances = aws_instance.skywalking-ui
+ })
+}
diff --git a/aws/ec2.tf b/aws/ec2.tf
deleted file mode 100644
index eb23151..0000000
--- a/aws/ec2.tf
+++ /dev/null
@@ -1,130 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-provider "aws" {
- region = var.region
- access_key = var.access_key
- secret_key = var.secret_key
-}
-
-resource "aws_instance" "skywalking-oap" {
- count = var.oap_instance_count
- ami = data.aws_ami.amazon-linux.id
- instance_type = var.instance_type
- tags = merge(
- {
- Name = "skywalking-oap"
- Description = "Installing and configuring SkyWalking OAPService on AWS"
- },
- var.extra_tags
- )
- key_name = aws_key_pair.ssh-user.id
- vpc_security_group_ids = [
- aws_security_group.ssh-access.id,
- aws_security_group.public-egress-access.id,
- aws_security_group.ui-to-oap-communication.id
- ]
-}
-
-resource "aws_instance" "skywalking-ui" {
- count = var.ui_instance_count
- ami = data.aws_ami.amazon-linux.id
- instance_type = var.instance_type
- tags = merge(
- {
- Name = "skywalking-ui"
- Description = "Installing and configuring SkyWalking UI on AWS"
- },
- var.extra_tags
- )
- key_name = aws_key_pair.ssh-user.id
- vpc_security_group_ids = [
- aws_security_group.ssh-access.id,
- aws_security_group.public-egress-access.id
- ]
-}
-
-resource "aws_security_group" "ssh-access" {
- name = "ssh-access"
- description = "Allow SSH access from the Internet"
- ingress = [
- {
- from_port = 22
- to_port = 22
- protocol = "tcp"
- cidr_blocks = ["0.0.0.0/0"]
- description = "SSH access rule"
- ipv6_cidr_blocks = []
- prefix_list_ids = []
- security_groups = []
- self = false
- }
- ]
- tags = var.extra_tags
-}
-
-resource "aws_security_group" "public-egress-access" {
- name = "public-egress-access"
- description = "Allow access to the Internet"
- egress = [
- {
- from_port = 0
- to_port = 0
- protocol = -1
- cidr_blocks = ["0.0.0.0/0"]
- description = "Allow access to the Internet"
- ipv6_cidr_blocks = []
- prefix_list_ids = []
- security_groups = []
- self = false
- }
- ]
- tags = var.extra_tags
-}
-
-resource "aws_security_group" "ui-to-oap-communication" {
- name = "ui-to-oap-communication"
- description = "Allow communication from SkyWalking UI to SkyWalking OAP"
- ingress {
- from_port = 0
- to_port = 12800
- protocol = "tcp"
- cidr_blocks = ["0.0.0.0/0"]
- security_groups = [aws_security_group.public-egress-access.id]
- }
- tags = var.extra_tags
-}
-
-resource "local_file" "oap_instance_ips" {
- count = var.oap_instance_count
- content = join("\n", flatten([
- ["[skywalking_oap]"],
- aws_instance.skywalking-oap.*.public_ip,
- [""] # Adds an empty string for the trailing newline
- ]))
- filename = "${path.module}/../ansible/inventory/oap-server"
- file_permission = "0600"
-}
-
-resource "local_file" "ui_instance_ips" {
- count = var.ui_instance_count
- content = join("\n", flatten([
- ["[skywalking_ui]"],
- aws_instance.skywalking-ui.*.public_ip,
- [""] # Adds an empty string for the trailing newline
- ]))
- filename = "${path.module}/../ansible/inventory/ui-server"
- file_permission = "0600"
-}
diff --git a/aws/skywalking-oap-main.tf b/aws/skywalking-oap-main.tf
new file mode 100644
index 0000000..17c1b3a
--- /dev/null
+++ b/aws/skywalking-oap-main.tf
@@ -0,0 +1,54 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+resource "aws_instance" "skywalking-oap" {
+ count = var.oap_instance_count
+ ami = data.aws_ami.amazon-linux.id
+ instance_type = var.instance_type
+ key_name = aws_key_pair.ssh-user.id
+ vpc_security_group_ids = [
+ aws_security_group.skywalking-oap.id,
+ aws_security_group.ssh-access.id,
+ aws_security_group.public-egress-access.id
+ ]
+ tags = merge(
+ {
+ Name = "skywalking-oap"
+ Description = "Installing and configuring SkyWalking OAP on AWS"
+ },
+ var.extra_tags
+ )
+}
+
+resource "aws_security_group" "skywalking-oap" {
+ name = "skywalking-oap"
+ description = "Security group for SkyWalking OAP"
+ ingress {
+ from_port = 12800
+ to_port = 12800
+ protocol = "tcp"
+ security_groups = [aws_security_group.skywalking-ui.id]
+ description = "Allow incoming HTTP connections from SkyWalking UI"
+ }
+ ingress {
+ from_port = 9412
+ to_port = 9412
+ protocol = "tcp"
+ security_groups = [aws_security_group.skywalking-ui.id]
+ description = "Allow incoming HTTP connections from SkyWalking UI"
+ }
+ tags = var.extra_tags
+}
+
diff --git a/aws/skywalking-oap-output.tf b/aws/skywalking-oap-output.tf
new file mode 100644
index 0000000..5508145
--- /dev/null
+++ b/aws/skywalking-oap-output.tf
@@ -0,0 +1,21 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+output "skywalking_oap_ips" {
+ value = ["${aws_instance.skywalking-oap.*.public_ip}"]
+}
+
diff --git a/aws/skywalking-ui-main.tf b/aws/skywalking-ui-main.tf
new file mode 100644
index 0000000..8644fe0
--- /dev/null
+++ b/aws/skywalking-ui-main.tf
@@ -0,0 +1,53 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+resource "aws_instance" "skywalking-ui" {
+ count = var.ui_instance_count
+ ami = data.aws_ami.amazon-linux.id
+ instance_type = var.instance_type
+ key_name = aws_key_pair.ssh-user.id
+ vpc_security_group_ids = [
+ aws_security_group.skywalking-ui.id,
+ aws_security_group.ssh-access.id,
+ aws_security_group.public-egress-access.id
+ ]
+ tags = merge(
+ {
+ Name = "skywalking-ui"
+ Description = "Installing and configuring SkyWalking UI on AWS"
+ },
+ var.extra_tags
+ )
+}
+
+resource "aws_security_group" "skywalking-ui" {
+ name = "skywalking-ui"
+ description = "Security group for SkyWalking UI"
+ ingress = [
+ {
+ from_port = 8080
+ to_port = 8080
+ protocol = "tcp"
+ cidr_blocks = ["0.0.0.0/0"]
+ description = "Allow access from Intenet to SkyWalking UI"
+ ipv6_cidr_blocks = []
+ prefix_list_ids = []
+ security_groups = []
+ self = false
+ }
+ ]
+ tags = var.extra_tags
+}
+
diff --git a/aws/skywalking-ui-output.tf b/aws/skywalking-ui-output.tf
new file mode 100644
index 0000000..3b09582
--- /dev/null
+++ b/aws/skywalking-ui-output.tf
@@ -0,0 +1,20 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+output "skywalking_ui_ips" {
+ value = ["${aws_instance.skywalking-ui.*.public_ip}"]
+}
diff --git a/aws/variables.tf b/aws/variables.tf
index d85cc4e..4ed59fb 100644
--- a/aws/variables.tf
+++ b/aws/variables.tf
@@ -58,3 +58,4 @@ variable "extra_tags" {
type = map(string)
default = {}
}
+
