From 038803991fddfaa5142fe25cde5d1801c22bbef5 Mon Sep 17 00:00:00 2001
From: Dominik Wombacher <dominik@wombacher.cc>
Date: Mon, 4 Nov 2024 15:23:18 +0000
Subject: [PATCH] feat(rancher): AWS - Switch Rancher Server public ip to EIP

This keeps the public ip static.

Changes to the instance, e.g. shutdown/start, will not cause an assignment of a new public IP address anymore.

Solves issues were destroy failed at 'rancher2_bootstrap' and 'rancher2_cluster_v2' because the public ip was already removed.

Fixes: https://github.com/rancher/quickstart/issues/223

Fixes: https://github.com/rancher/quickstart/issues/242
---
 rancher/aws/infra.tf  | 17 +++++++++++++++--
 rancher/aws/output.tf |  2 +-
 2 files changed, 16 insertions(+), 3 deletions(-)

diff --git a/rancher/aws/infra.tf b/rancher/aws/infra.tf
index a1ded029..23242ece 100644
--- a/rancher/aws/infra.tf
+++ b/rancher/aws/infra.tf
@@ -92,6 +92,13 @@ resource "aws_security_group" "rancher_sg_allowall" {
   }
 }
 
+# EIP resource for Rancher Server
+resource "aws_eip" "rancher_server" {
+  domain   = "vpc"
+
+  depends_on = [aws_internet_gateway.rancher_gateway]
+}
+
 # AWS EC2 instance for creating a single node RKE cluster and installing the Rancher server
 resource "aws_instance" "rancher_server" {
   depends_on = [
@@ -130,11 +137,17 @@ resource "aws_instance" "rancher_server" {
   }
 }
 
+# EIP explicit allocation for Rancher Server
+resource "aws_eip_association" "rancher_server" {
+  instance_id   = aws_instance.rancher_server.id
+  allocation_id = aws_eip.rancher_server.id
+}
+
 # Rancher resources
 module "rancher_common" {
   source = "../rancher-common"
 
-  node_public_ip             = aws_instance.rancher_server.public_ip
+  node_public_ip             = aws_eip_association.rancher_server.public_ip
   node_internal_ip           = aws_instance.rancher_server.private_ip
   node_username              = local.node_username
   ssh_private_key_pem        = tls_private_key.global_key.private_key_pem
@@ -144,7 +157,7 @@ module "rancher_common" {
   rancher_version         = var.rancher_version
   rancher_helm_repository = var.rancher_helm_repository
 
-  rancher_server_dns = join(".", ["rancher", aws_instance.rancher_server.public_ip, "sslip.io"])
+  rancher_server_dns = join(".", ["rancher", aws_eip_association.rancher_server.public_ip, "sslip.io"])
 
   admin_password = var.rancher_server_admin_password
 
diff --git a/rancher/aws/output.tf b/rancher/aws/output.tf
index 5d4be8ba..a45be8e9 100644
--- a/rancher/aws/output.tf
+++ b/rancher/aws/output.tf
@@ -3,7 +3,7 @@ output "rancher_server_url" {
 }
 
 output "rancher_node_ip" {
-  value = aws_instance.rancher_server.public_ip
+  value = aws_eip.rancher_server.public_ip
 }
 
 output "workload_node_ip" {