-
Notifications
You must be signed in to change notification settings - Fork 3
Unity Terraform Components
We currently support the following Terraform components, please check the documentation for specific Unity configuration notes.
Amazon EC2 Amazon OpenSearch Amazon MemoryDB Kubernetes via Helm Charts
- some ami
- some other ami
To access the EC2 instance you need to supply a public key as part of the authentication mechanism. To do this, generate a keypair on your local machine and then provide the public part as an aws_key_pair resource.
You can find instructions about creating a public key on multiple operating systems here
resource "aws_key_pair" "deployer" {
key_name = "deployer-key"
public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 [email protected]"
}
You can attach extra disks but invariably its easier to increase the root volume size. In the example below /dev/sda1 is the root disk and 50 is 50 Gigabytes. If you don't increase the root size, the default Linux drive size is 8GB.
resource "aws_instance" "unity-ec2-instance" {
ami = var.ami_id
instance_type = "t3.xlarge"
key_name = var.ami_key_pair_name
#security_groups = ["${aws_security_group.ingress-all-test.id}"]
vpc_security_group_ids = [aws_security_group.ingress-all-test.id]
ebs_block_device {
device_name = "/dev/sda1"
volume_size = 50
}
}
AWS uses an Elasticsearch fork called Opensearch. There are earlier versions of Elasticserch available on the platform up to version 7.10 after that they switch to Opensearch, which is compatible but requires you to use the Opensearch drivers due to political fallout from the fork decision.
resource "aws_elasticsearch_domain" "unity-sample" {
domain_name = "unityexample"
elasticsearch_version = "7.10"
cluster_config {
instance_type = "i2.xlarge.elasticsearch"
instance_count = 2
zone_awareness_enabled = true
zone_awareness_config {
availability_zone_count = 2
}
}
vpc_options {
security_group_ids = [aws_security_group.es.id]
}
ebs_options {
ebs_enabled = false
}
advanced_security_options {
enabled = true
internal_user_database_enabled = true
}
domain_endpoint_options {
enforce_https = true
tls_security_policy = "Policy-Min-TLS-1-2-2019-07"
}
node_to_node_encryption {
enabled = true
}
encrypt_at_rest {
enabled = true
}
access_policies = <<CONFIG
{
"Version": "2012-10-17",
"Statement": [
{
"Action": "es:*",
"Principal": "*",
"Effect": "Allow",
"Resource": "arn:aws:es:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:domain/unityexample/*"
}
]
}
CONFIG
}
data "aws_region" "current" {}
data "aws_caller_identity" "current" {}
MemoryDB is a Redis compatible database created by Amazon.
resource "aws_memorydb_cluster" "unity-db-sample" {
acl_name = "open-access"
name = "unity-cluster"
node_type = "db.t4g.small"
num_shards = 2
security_group_ids = [aws_security_group.redis_sg.id]
snapshot_retention_limit = 7
subnet_group_name = aws_memorydb_subnet_group.example.name
}
resource "aws_memorydb_subnet_group" "example" {
name = "my-subnet-group"
}