Attach EIP to server instance to handle nomad and consul provider configuration gracefully

Author: BrianMMcClain

aws-ec2-control_plane.tf

@@ -70,4 +70,15 @@ resource "aws_instance" "server" {
     http_endpoint          = "enabled"
     instance_metadata_tags = "enabled"
   }
-}
+
+  lifecycle {
+    create_before_destroy = true
+  }
+}
+
+
+resource "aws_eip" "nomad_consul" {
+  domain = "vpc"
+  instance = aws_instance.server[0].id
+}
+

aws-ec2-data_plane.tf

@@ -62,4 +62,8 @@ resource "aws_instance" "public_client" {
     http_endpoint          = "enabled"
     instance_metadata_tags = "enabled"
   }
+
+  lifecycle {
+    create_before_destroy = true
+  }
 }

terraform.tf

@@ -30,15 +30,17 @@ provider "aws" {
 
 provider "consul" {
   datacenter     = var.datacenter
-  address        = "${aws_instance.server[0].public_ip}:8443"
+  #address        = "${aws_instance.server[0].public_ip}:8443"
+  address = "${aws_eip.nomad_consul.public_ip}:8443"
   token          = random_uuid.consul_mgmt_token.result
   ca_pem         = tls_self_signed_cert.datacenter_ca.cert_pem
   scheme         = "https"
   insecure_https = true
 }
 
 provider "nomad" {
-  address     = "https://${aws_instance.server[0].public_ip}:4646"
+  #address     = "https://${aws_instance.server[0].public_ip}:4646"
+  address     = "https://${aws_eip.nomad_consul.public_ip}:4646"
   region      = var.domain
   secret_id   = random_uuid.nomad_mgmt_token.result
   ca_pem      = tls_self_signed_cert.datacenter_ca.cert_pem