Route 53 failover policy with terraform

1
votes

I am tried creating a failover policy for a domain on AWS using terraform, The issue is It is attaching only one elb dns name behind both route53 resource as PRIMARY and SECONDARY. I actually want it to use North-Virginia elb name as PRIMARY and Oregon as SECONDARY.

This is a multi-region architecture and I have created the modules with the same source directory.

Filename: route53.tf

resource "aws_route53_record" "www1" {
  zone_id = "Zone-ID"
  name    = "www1"
  type    = "A"
  #ttl     = "5"

  failover_routing_policy {
    type = "PRIMARY"
  }

  set_identifier = "www1"
  #records        = ["${aws_elb.web.dns_name}"]
  alias {
    name                   = "${aws_elb.web.dns_name}"
    zone_id                = "${aws_elb.web.zone_id}"
    evaluate_target_health = true
  }

}
resource "aws_route53_record" "www2" {
  zone_id = "Zone-ID"
  name    = "www2"
  type    = "A"
  #ttl     = "5"

  failover_routing_policy {
    type = "SECONDARY"
  }

  set_identifier = "www2"
  #records        = ["${aws_elb.web.dns_name}"]
  alias {
    name                   = "${aws_elb.web.dns_name}"
    zone_id                = "${aws_elb.web.zone_id}"
    evaluate_target_health = true
  }
}

FileName: alb_elb.tf

resource "aws_elb" "web" {
  name               = "web-elb"
  availability_zones = "${var.az}"

  listener {
    instance_port     = 8000
    instance_protocol = "http"
    lb_port           = 80
    lb_protocol       = "http"
  }

  health_check {
    healthy_threshold   = 2
    unhealthy_threshold = 2
    timeout             = 3
    target              = "HTTP:8000/"
    interval            = 30
  }

  instances                   = ["${aws_instance.web.*.id}"]
  cross_zone_load_balancing   = true
  idle_timeout                = 400
  connection_draining         = true
  connection_draining_timeout = 400

  tags {
    Name = "foobar-terraform-elb"
  }
}

Filename: main.tf. 

module "north-virginia" {
  source = "./modules/production"
  region = "us-east-1"
  az = ["us-east-1a", "us-east-1b", "us-east-1c"]
}

module "oregon" {
  source = "./modules/production"
  region = "us-west-2"
  az = ["us-west-2a", "us-west-2b", "us-west-2c"]
}

Filename: ./production/module/main.tf

variable region { }

variable az { 
type = "list" 
}

provider "aws" {
  region = "${var.region}"
  profile = "personal"
  shared_credentials_file = "~/.aws/credentials"
}

data "aws_caller_identity" "current" {}

output "account_id" {
  value = "${data.aws_caller_identity.current.account_id}"
}

Directory Tree:

.
├── main.tf
└── modules
    ├── dev
    │   ├── ec2.tf
    │   ├── main.tf
    │   └── route53.tf
    ├── production
    │   ├── aws_elb.tf
    │   ├── aws_instance.tf
    │   ├── main.tf
    │   └── route53.tf
    └── qa
        ├── ec2.tf
        ├── main.tf
        └── route53.tf
1
terraformamazon-route53terraform-provider-aws
The question doesn't provide enough information to help answer it as it stands. Can you show a more complete example of what you're trying to do here? It would help to see all the relevant (but no more) Terraform code plus any specific structure to your code base. Right now we also need to see how you are creating both ELBs because your example seems to show 2 completely separate DNS records with primary and secondary set (incorrectly) and both pointing to the same ELB. If you are attempting to create an minimal reproducible example I'd suggest you first run it to check it exhibits the same issues as your real codeydaetskcoR
I have added code for elb and main.tf.m0hit
Are both alb_elb.tf and route53.tf in the module? What are you doing with the region variable? Are you using that to configure the provider blocks as well? Can you show that part too?ydaetskcoR
Yes, They are the part of the module. I am using region variable to get region name from main.tf which is to be used with the module. Yes, I am using it with provider block. I have updated the question with directory tree and main.tf.m0hit

1 Answers

1
votes

In your production/alb_elb.tf add the following:

output "dns_name" {
value = "${aws_elb.web.dns_name}"
}

This will output the DNS name.
In your main.tf create a separate module for route53.
that module should look like:

module "route53" {
  source = "./modules/route53"
  name1 = "${module.north-virginia.dns_name}"
  name2 = "${module.oregon.dns_name}"
}

your route53.tf should look something like:

variable "name1" ()
varibale "name2" ()
resource "aws_route53_record" "www1" {
  zone_id = "Zone-ID"
  name    = "www1"
  type    = "A"
  #ttl     = "5"

  failover_routing_policy {
    type = "PRIMARY"
  }

  set_identifier = "www1"
  #records        = ["${aws_elb.web.dns_name}"]
  alias {
    name                   = "${var.name1}"
    zone_id                = "${aws_elb.web.zone_id}"
    evaluate_target_health = true
  }

}
resource "aws_route53_record" "www2" {
  zone_id = "Zone-ID"
  name    = "www2"
  type    = "A"
  #ttl     = "5"

  failover_routing_policy {
    type = "SECONDARY"
  }

  set_identifier = "www2"
  #records        = ["${aws_elb.web.dns_name}"]
  alias {
    name                   = "${var.name2}"
    zone_id                = "${aws_elb.web.zone_id}"
    evaluate_target_health = true
  }
}