Add all files

.github/CODEOWNERS

@@ -0,0 +1 @@
+*	@yahel2410

.gitignore

@@ -27,3 +27,8 @@ override.tf.json
 
 # Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
 # example: *tfplan*
+
+.idea/
+.terraform.lock.hcl
+terraform.tfvars
+config/

README.md

@@ -1 +1,30 @@
-# opsschool-logging
+# opsschool-logging
+
+[WIP]
+## Getting Started
+
+1. Clone the project
+   ```shell
+   git clone https://github.com/yahel2410/opsschool-logging
+   cd opsschool-logging
+   ```
+2. Create a file called `terraform.tfvars` with the required variables (replace `<>` with your values):
+   ```
+   aws_account_id = "<>"
+   aws_region     = "<>"
+   ssh_key_name   = "<>"        # ec2 key-pair name
+   prefix_name    = "<>"        # your name
+   aws_profile    = "<>"        # optional
+   ```
+
+3. Run
+   ```shell
+   terraform init
+   terraform apply
+   ```
+
+4. If everything went well, `terraform` will output the public ip of the instance and the Kibana url.
+
+   Notice: It takes 3-5 minutes for the ELK services to start
+
+5. Access your instance via ssh or Kibana url

main.tf

@@ -0,0 +1,75 @@
+# ---------------------------------------------------------------------------------------------------------------------
+# data
+# ---------------------------------------------------------------------------------------------------------------------
+# get default vpc id
+data "aws_vpc" "default" {
+  default = true
+}
+# get subnet ids
+data "aws_subnet_ids" "subnets" {
+  vpc_id = data.aws_vpc.default.id
+}
+# get latest ubuntu 18 ami
+data "aws_ami" "ami" {
+  owners      = ["099720109477"] # canonical
+  most_recent = true
+  filter {
+    name   = "name"
+    values = ["ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-*"]
+  }
+  filter {
+    name   = "virtualization-type"
+    values = ["hvm"]
+  }
+}
+# get my external ip
+data "http" "myip" {
+  url = "http://ifconfig.me"
+}
+
+# ---------------------------------------------------------------------------------------------------------------------
+# security group
+# ---------------------------------------------------------------------------------------------------------------------
+module "security-group" {
+  source  = "terraform-aws-modules/security-group/aws"
+  version = "3.17.0"
+
+  name   = "${var.prefix_name}-elk"
+  vpc_id = data.aws_vpc.default.id
+
+  ingress_cidr_blocks = ["${data.http.myip.body}/32"]
+  ingress_rules = [
+    "elasticsearch-rest-tcp",
+    "elasticsearch-java-tcp",
+    "kibana-tcp",
+    "logstash-tcp",
+    "ssh-tcp"
+  ]
+  ingress_with_self = [{ rule = "all-all" }]
+  egress_rules      = ["all-all"]
+
+}
+
+# ---------------------------------------------------------------------------------------------------------------------
+# ec2
+# ---------------------------------------------------------------------------------------------------------------------
+module "ec2-instance" {
+  source  = "terraform-aws-modules/ec2-instance/aws"
+  version = "2.16.0"
+
+  instance_count              = var.instance_count
+  name                        = "${var.prefix_name}-elk"
+  instance_type               = "t3.medium"
+  ami                         = data.aws_ami.ami.id
+  key_name                    = var.ssh_key_name
+  subnet_id                   = tolist(data.aws_subnet_ids.subnets.ids)[0]
+  vpc_security_group_ids      = [module.security-group.this_security_group_id]
+  associate_public_ip_address = true
+  user_data = templatefile("./userdata.sh.tmpl", {
+  })
+
+  tags = {
+    Terraform   = "true"
+    Environment = "dev"
+  }
+}

outputs.tf

@@ -0,0 +1,6 @@
+output "public_ip" {
+  value = module.ec2-instance.public_ip[0]
+}
+output "kibana_url" {
+  value = "http://${module.ec2-instance.public_ip[0]}:5601"
+}

provider.tf

@@ -0,0 +1,19 @@
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 3.0"
+    }
+    http = {
+      source  = "hashicorp/http"
+      version = "2.0.0"
+    }
+  }
+}
+
+# Configure the AWS Provider
+provider "aws" {
+  allowed_account_ids = [var.aws_account_id]
+  region              = var.aws_region
+  profile             = var.aws_profile
+}

userdata.sh.tmpl

@@ -0,0 +1,26 @@
+#!/bin/bash
+set -e
+
+echo "INFO: userdata started"
+
+# elasticsearch
+wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-oss-7.10.2-amd64.deb
+dpkg -i elasticsearch-*.deb
+systemctl enable elasticsearch
+systemctl start elasticsearch
+
+# kibana
+wget https://artifacts.elastic.co/downloads/kibana/kibana-oss-7.10.2-amd64.deb
+dpkg -i kibana-*.deb
+echo 'server.host: "0.0.0.0"' > /etc/kibana/kibana.yml
+systemctl enable kibana
+systemctl start kibana
+
+# filebeat
+wget https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-oss-7.11.0-amd64.deb
+dpkg -i filebeat-*.deb
+
+#TODO: add preconfigured filebeat.yml
+#sudo mv /etc/filebeat/filebeat.yml /etc/filebeat/filebeat.yml.BCK
+
+echo "INFO: userdata finished"

variables.tf

@@ -0,0 +1,20 @@
+variable "aws_account_id" {
+  type = string
+}
+variable "aws_region" {
+  type = string
+}
+variable "aws_profile" {
+  type    = string
+  default = "default"
+}
+variable "ssh_key_name" {
+  type = string
+}
+variable "prefix_name" {
+  type = string
+}
+variable "instance_count" {
+  type    = number
+  default = 1
+}