Search code examples
amazon-web-servicesdockerdocker-swarmterraform

Can Terraform set a variable from a remote_exec command?

I'm trying to build a Docker Swarm cluster in AWS using Terraform. I've successfully got a Swarm manager started, but I'm trying to work out how best to pass the join key to the workers (which will be created after the manager).

I'd like some way of running the docker swarm join-token worker -q command that can be set to a Terraform variable. That way, the workers can have a remote_exec command something like docker swarm join ${var.swarm_token} ${aws_instance.swarm-manager.private_ip}

How can I do this?

My config is below:

resource "aws_instance" "swarm-manager" {
  ami = "${var.manager_ami}"
  instance_type = "${var.manager_instance}"
  tags = {
    Name = "swarm-manager${count.index + 1}"
  }

  provisioner "remote-exec" {
    inline = [
      "sleep 30",
      "docker swarm init --advertise-addr ${aws_instance.swarm-manager.private_ip}"
      "docker swarm join-token worker -q" // This is the value I want to store as a variable/output/etc
    ]
  }
}

Thanks

Solution

  • You can use an external data source in supplement to your remote provisioning script.

    This can shell into your swarm managers and get the token after they are provisioned.

    If you have N swarm managers, you'll probably have to do it all at once after the managers are created. External data sources return a map of plain strings, so using keys that enable you to select the right result for each node is required, or return the whole set as a delimited string, and use element() and split() to get the right item.

    

resource "aws_instance" "swarm_manager" {
  ami = "${var.manager_ami}"
  instance_type = "${var.manager_instance}"
  tags = {
    Name = "swarm-manager${count.index + 1}"
  }
  provisioner "remote-exec" {
    inline = [
      "sleep 30",
      "docker swarm init --advertise-addr ${aws_instance.swarm-manager.private_ip}"
    ]
  }
}

data "external" "swarm_token" {
  program = ["bash", "${path.module}/get_swarm_tokens.sh"]
  query = {
    swarms = ["${aws_instance.swarm_manager.*.private_ip}"]
  }
}

resource "aws_instance" "swarm_node" {
  count = "${var.swarm_size}"
  ami = "${var.node_ami}"
  tags = {
    Name = "swarm-node-${count.index}"
  }
  provisioner "remote-exec" {
    inline = [
      "# Enrol me in the right swarm, distributed over swarms available",
      "./enrol.sh ${element(split("|", data.swarm_token.result.tokens), count.index)}"
    ]
  }
}