Multiple availability zones with terraform on AWS

amazon-web-services amazon-ec2 terraform availability-zone
ColOfAbRiX picture ColOfAbRiX · Sep 4, 2017 · Viewed 11.3k times · Source

The VPC I'm working on has 3 logical tiers: Web, App and DB. For each tier there is one subnet in each availability zone. Total of 6 subnets in the region I'm using.

I'm trying to create EC2 instances using a module and the count parameter but I don't know how to tell terraform to use the two subnets of the App tier. An additional constraint I have is to use static IP addresses (or a way to have a deterministic private name)

I'm playing around with the resource

resource "aws_instance" "app_server" {
  ...
  count = "${var.app_servers_count}"

  # Not all at the same time, though!
  availability_zone = ...
  subnet_id = ...
  private_ip = ...
}

Things I've tried/thought so far:

  • Use data "aws_subnet" "all_app_subnets" {...}, filter by name, get all the subnets that match and use them as a list. But aws_subnet cannot return a list;
  • Use data "aws_availability_zones" {...} to find all the zones. But I still have the problem of assigning the correct subnet;
  • Use data "aws_subnet_ids" {...} which looks like the best option. But apparently it doesn't have a filter option to match the networks namel
  • Pass the subnets IDs as list of strings to the module. But I don't want to hard code the IDs, it's not automation;
  • Hard code the subnets as data "aws_subnet" "app_subnet_1" {...}, data "aws_subnet" "app_subnet_2" {...} but then I have to use separate sets of variables for each subnet which I don't like;
  • Get information for each subnet like in the point above but then create a map to access it as a list. But it's not possibile to use interpolation in variables definition;
  • Not using modules and hard-code each instance for each environment. Mmmm... really?

I really ran out of ideas. It seems that nobody has to deploy instances in specific subnetworks and keep a good degree of abstration. I see only examples where subnetworks are not specified or where people just use default values for everything. Is this really something so unusual?

Thanks in advance to everyone.

Answer

Tom Lime picture Tom Lime · Aug 14, 2019

It is possible to evenly distribute instances across multiple zones using modulo.

variable "zone" {
  description = "for single zone deployment"
  default = "europe-west4-b"
}

variable "zones" {
  description = "for multi zone deployment"
  default = ["europe-west4-b", "europe-west4-c"]
}

resource "google_compute_instance" "default" {
  count = "${var.role.count}"
  ...
  zone = "${var.zone != "" ? var.zone: var.zones[ count.index % length(var.zones) ]}"
  ...
}

This distribution mechanism allow to distribute nodes evenly across zones.
E.g. zones = [A,B] - instance-1 will be in A, instance-2 will in B, instance-3 will be in A again.
By adding zone C to zones will shift instance-3 to C.

Related questions

Why can't terraform SSH in to EC2 Instance using supplied example?

I'm using the AWS Two-tier example and I've direct copy-n-pasted the whole thing. terraform apply works right up to where it tries to SSH into the created EC2 instance. It loops several times giving this output before finally failing. aws_…

Read More
How should I handle `deposed` resources in Terraform?

I am struggling to understand how I should handle deposed resources found in my TF state. In particular, when running an apply, I am now getting some errors like the below: Error applying plan: 11 error(s) occurred: * aws_instance.mongo-replica-01 (…

Read More
Error registering: NoCredentialProviders: no valid providers in chain ECS agent error

Im trying to use EC2 Container service. Im using terraform for creating it. I have defined a ecs cluster, autoscaling group, launch configuration. All seems to work. Except one thing. The ec2 instances are creating, but they are not register …

Read More