3

I have created an EBS volume that I can attach to EC2 instances using Terraform, but I cannot work out how to get the EBS to connect to an EC2 created by an autoscaling group.

Code that works:

resource "aws_volume_attachment" "ebs_name" {
  device_name = "/dev/sdh"
  volume_id   = aws_ebs_volume.name.id
  instance_id = aws_instance.server.id
}

Code that doesn't work:

resource "aws_volume_attachment" "ebs_name" {
  device_name = "/dev/sdh"
  volume_id   = aws_ebs_volume.name.id
  instance_id = aws_launch_template.asg-nginx.id
}

What I am hoping for is an auto-scaling launch template that adds an EBS that already exists, allowing for a high-performance EBS share instead of a "we told you not to put code on there" EFS share.

Edit: I am using a multi-attach EBS. I can attach it manually to multiple ASG-created EC2 instances and it works. I just can't do it using Terraform.

Edit 2: I finally settled on a user_data entry in Terraform that ran an AWS command line bash script to attach the multi-attach EBS.

Script:

#!/bin/bash
[…aws keys here…]
aws ec2 attach-volume --device /dev/sdxx --instance-id `cat /var/lib/cloud/data/instance-id` --volume-id vol-01234567890abc
reboot

Terraform:

data "template_file" "shell-script" {
  template = file("path/to/script.sh")
}
data "template_cloudinit_config" "script_sh" {
  gzip = false
  base64_encode = true
  part {
    content_type = "text/x-shellscript"
    content      = data.template_file.shell-script.rendered
  }
}
resource "aws_launch_template" "template_name" {
  […]
  user_data = data.template_cloudinit_config.mount_sh.rendered
  […]
}

The risk here is storing a user's AWS keys in a script, but as the script is never stored on the servers, it's no big deal. Anyone with access to the user_data already has access to better keys than the one you're using here keys.

Jared Earle
  • 31
  • 1
  • 3
  • This doesn't work. If it did work, what would you expect to happen if the ASG cycled out the instance? You can run stateful applications in an ASG, but I would not try reusing EBS volumes – jordanm Jul 16 '20 at 18:07
  • I am using a Multi-Attach EBS that's designed to be attached to multiple EC2 instances. – Jared Earle Jul 16 '20 at 18:13

1 Answers1

0

This would require Terraform being executed every time a new instance is created as part of a scaling event, which would require automation to invoke.

Instead you should look at adding a lifecycle hook for your autoscaling group.

You could configure the topic to trigger an SNS notification that invokes a Lambda function to attach to your new instance.

Chris Williams
  • 32,215
  • 4
  • 30
  • 68
  • This looks like the only way that will work. It's a shame several pages of Terraform and about a dozen resources are needed instead of just one line in an ASG resource, but that's life. I suspect this is because attaching EBS volumes is done from the EBS, not the EC2. – Jared Earle Jul 16 '20 at 23:23