basic/basic_cluster_alb_ssl

A basic infrastructure for the Twitch Extension Sample which creates a Genvid cluster and required workers.

Important

The ALB SSL integration have two assumptions:

1. The web backend is served on port 30000 of the public nodes and have a health check on /health.
2. The leaf websocket is served on port 30001 of the public nodes and have a health check on /health.

Not all nodes need to run the services, but they will be discarded if not present.

Changed in version 1.26.0: removed variables public_subnets and private_subnets

Content of this module

• basic/basic_cluster_alb_ssl
  • Providers
  • Requirements
  • Inputs
  • Outputs

Providers

• aws (2.54.0)
• tls

Requirements

• terraform >= 0.12
• aws 2.54.0

Inputs

bastionid (string)

Id of this bastion instance

cluster (string)

Name of your cluster

trusted_cidr (string)

CIDR to be trusted. This should at least contain the external CIDR (<ip>/32) for the local machine. Otherwise, the provision and access to Consul/Nomad will fail.

admin_password (string)

Administrative password for the game machine.

ami_prefix (string)

Prefix of the game AMI.

ami_version (string)

Version prefix of the AMIs (both game and genvid) to use (ex: 1.20.0 will match both 1.20.0 and 1.20.0.0 versions).

In order to use an AMI with a version suffix, the whole version with the suffix must be specified (ex: 1.26.0.1.mysuffix)

azs (list(string))

A list of availability zones to use in the region. An empty list selects all available zones. Note: Changing the order of zones will result in the cluster being rebuilt. Appending to the list will not affect existing resources.

custom_tags (map(string))

Map of user defined tags to add to all cloud resources.

datacenter (string)

Consul/Nomad datacenter

domain_name (string)

Root domain name

instance_encoding_count (number)

Number of internal workers to spawn

instance_encoding_type (string)

Type of EC2 instance to use for encoding servers

instance_game_count (number)

Number of game instances to spawn

instance_game_type (string)

Type of EC2 instance to use for game servers

instance_internal_count (number)

Number of internal workers to spawn

instance_internal_type (string)

Type of EC2 instance to use for internal servers

instance_public_count (number)

Number of public workers to spawn

instance_public_type (string)

Type of EC2 instance to use for public servers

instance_server_count (number)

The number of supervisor servers. Must be an odd number. It is usually 3 for production deployment.

instance_server_type (string)

Type of EC2 instance to use for admin servers

leaf_port (number)

The port that Leaf service is running on that

leaf_stickiness_ttl (number)

Set the Leaf target group stickiness timeout

leaf_tg_stickiness_enabled (bool)

Set the Leaf target group stickiness enabled or disabled

region (string)

AWS deployment region

subdomain_name (string)

subdomain name. It will be used to create a zone in AWS (twitch.acme.com) Note: If changing/updating the subdomain on an existing cluster, the NS for the old subdomain needs to be manually deleted from the main domain in AWS Route53. The old NS record will not remove automatically.

subnet_cidr_block_size (number)

Set the size of the subnet CIDR blocks. Subnets are spanned across availability zones, and the total size of all the subnets must fit within the VPC’s CIDR block (10.0.0.0/16). This means that larger blocks could span fewer availability zones. Ex: Size 18 could span 2 availability zone. Size 27 would be able to span 2048 availability zones. Max size: 18, Min size: 27

toolbox_location (string)

Genvid Toolbox Wheel file.

Only required if you need to update the one from the AMI. An empty value indicates to not install the toolbox.

trusted_cidrs (list(string))

A list of CIDR to be trusted.

trusted_security_groups (list(string))

A list of security groups to be trusted.

use_drive_encryption (bool)

If you want to have encrypted EBS, select true. If you do not want to have encypted EBS, or you are upgrading the SDK version from 1.24 or below to 1.25 or higher, select false.

WARNING: your drives will be recreated if you toggle this feature with existing drives. Prior to 1.25, the drives were not encrypted. Starting with version 1.25 the encryption is enabled by default.

validation_method (string)

How you wish to validate your SSL Issued Certifcate from AWS (DNS, EMAIL, NONE)

web_health_check_path (string)

Health check endpoint path for Web service. It should match the path defined in the web.nomad.tmpl.

web_port (number)

The port that Web service is running on that

web_stickiness_ttl (number)

Set the Web target group stickiness timeout

web_tg_stickiness_enabled (bool)

Set the Web target group stickiness enabled or disabled

Outputs

ami_prefix

Prefix of the game AMI.

ami_version

Version of the AMIs (both game and genvid) to use.

azs_available

List of availability zones that were detected as available to use.

azs_selected

List of availability zones that were selected to use.

cluster

Name of your cluster

consul_nodes

The Console node

datacenter

Consul/Nomad datacenter

domain_name

The domain name that you wish to create and associate with your cluster

encoding_worker_private_ips

The private IP addresses of the Encoding instance(s)

encoding_worker_public_ips

The public IP addresses of the Encoding instance(s)

endpoint_leaf

The endpoint URL of the leaf service

endpoint_web

The endpoint URL of the web service

game_instance_profile_name

The instance profile name used by the Game instance(s)

game_private_ips

The private IP addresses of the Game instance(s)

game_public_ips

The public IP addresses of the Game instance(s)

internal_worker_private_ips

The private IP addresses of the Internal instance(s)

internal_worker_public_ips

The public IP addresses of the Internal instance(s)

leaf_port

Port that Leaf is listening on.

private_key_pem

The private key that can be used to connect to the instances with SSH or RDP

private_subnets

A list of private subnets inside the VPC

public_key

The public key for connecting to the instances used by AWS for authentication

public_subnets

A list of public subnets inside the VPC

public_worker_private_ips

The private IP addresses of the Public instance(s)

public_worker_public_ips

The public IP addresses of the Public instance(s)

region

AWS deployment region

server_instance_profile_name

The instance profile name used by the Server, Encoding, Internal, and Public instances

server_private_ips

The private IP addresses of the Server instance(s)

server_public_ips

The public IP addresses of the Server instance(s)

subnet_ids

Specifies an ordered list of subnets that was used.

vpc_id_selected

The ID of the selected VPC

web_health_check_path

Health check endpoint path for Web service.

web_port

Port that Web Service is listening on.