DevOps(Day 66) - Project: Building an entire infrastructure through Terraform
Table of contents
- AIM
- Subtasks:
- Task 1: Create a VPC
- Task 2: Create a private subnet
- Task 3: Create a public subnet
- Task 4: Create an Internet Gateway
- Task 5: Create a Route table
- Task 6: Create a security group
- Task 7: Create an Elastic IP
- Task 8: Create user data to install Apache
- Task 9: Create an EC2 instance
- Task 10: Access the website
AIM
Build Your Own AWS Infrastructure with Ease using Infrastructure as Code (IaC) Techniques
Welcome back to our Terraform journey.
In the previous tasks, you have learned about the basics of Terraform, its configuration file, and creating an EC2 instance using Terraform. Today, we will explore more about Terraform and create multiple resources.
Subtasks:
Task 1: Create a VPC
Create a VPC (Virtual Private Cloud) with CIDR block 10.0.0.0/16
Create a vpc.tf file and mention the required CIDR block with the name tag of VPC.
Below are the prerequisites for building any aws infrastructure is to define providers.
Execute terraform apply to build the VPC.
We can check in the AWS console for the new VPC created with name as "main".
Task 2: Create a private subnet
Create a private subnet with CIDR block 10.0.1.0/24 in the above VPC.
Create a subnet.tf file to define the private subnet with the required configuration tag.
Use terraform apply to create the private subnet.
We can verify the private subnet in the subnet section in AWS management console.
Task 3: Create a public subnet
Create a public subnet with CIDR block 10.0.2.0/24 in the above VPC.
Similarly, in the subnet.tf file that we created above define the public subnet block.
Use terraform apply to create the public subnet.
We can verify the subnet creation in the AWS console.
Task 4: Create an Internet Gateway
Create an Internet Gateway (IGW) and attach it to the VPC.
Create a internetgateway.tf file and define the internet gateway with the required configurations to attach it to VPC
Use terraform apply to create the internet gateway.
We can verify the internet gateway that is created in AWS console.
Task 5: Create a Route table
Create a route table for the public subnet and associate it with the public subnet. This route table should have a route to the Internet Gateway.
Create a routetable.tf file to define the route table configuration in association with the public subnet.
Use terraform apply to create the route table.
We can verify the route table in AWS console along with the public subnet which is associated in the subnet association section.
Task 6: Create a security group
Security group: Allow SSH access and HTTP access from anywhere
resource "aws_security_group" "web_server" { name_prefix = "web-server-sg" vpc_id = aws_vpc.main.id ingress { from_port = 80 to_port = 80 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] } ingress { from_port = 22 to_port = 22 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] } egress { from_port = 0 to_port = 0 protocol = -1 cidr_blocks = ["0.0.0.0/0"] } }
Task 7: Create an Elastic IP
Create an Elastic IP and associate it with the EC2 instance.
resource "aws_eip" "ip" { instance = aws_instance.server_terraform.id vpc = true tags = { Name = "elastic-ip" } }
Task 8: Create user data to install Apache
User data: Use a shell script to install Apache and host a simple website
user_data = <<-EOF #!/bin/bash sudo apt-get update -y sudo apt-get install -y apache2 sudo systemctl start apache2 sudo systemctl enable apache2 echo "<html><body><h1>Hi, This is Bandan.</h1></body> </html>" > /var/www/html/index.html sudo systemctl restart apache2 EOF
Task 9: Create an EC2 instance
Launch an EC2 instance in the public subnet with the following details:
AMI: ami-0557a15b87f6559cf
Instance type: t2.micro
Open the website URL in a browser to verify that the website is hosted successfully.
Combine all the configurations to spin up the EC2 instance.
resource "aws_security_group" "web_server" { name_prefix = "web-server-sg" vpc_id = aws_vpc.main.id ingress { from_port = 80 to_port = 80 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] } ingress { from_port = 22 to_port = 22 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] } egress { from_port = 0 to_port = 0 protocol = -1 cidr_blocks = ["0.0.0.0/0"] } } resource "aws_instance" "server_terraform" { ami = "ami-007855ac798b5175e" instance_type = "t2.micro" key_name = "instance" subnet_id = aws_subnet.public_subnet.id security_groups = [ aws_security_group.web_server.id ] user_data = <<-EOF #!/bin/bash sudo apt-get update -y sudo apt-get install apache2 sudo systemctl start apache2 sudo systemctl enable apache2 echo "<html><body><h1>Hi, This is Bandan.</h1></body></html>" > /var/www/html/index.html sudo systemctl restart apache2 EOF tags = { Name = "terraform_server" } } resource "aws_eip" "ip" { instance = aws_instance.server_terraform.id vpc = true tags = { Name = "elastic-ip" } }
Use terraform apply to spin up the infrastructure.
Now, we can see in the AWS console for the new EC2 instance which is created.
We can verify the security group along with the rules created.
We can verify the elastic IP which is created.
Task 10: Access the website
We can verify the website that is created through Apache web server.
This Terraform hands-on task is designed to test proficiency in using Terraform for Infrastructure as Code (IaC) on AWS. we will be tasked with creating a VPC, subnets, an internet gateway, and launching an EC2 instance with a web server running on it. This task will showcase our skills in automating infrastructure deployment using Terraform. It's a popular interview question for companies looking for candidates with hands-on experience in Terraform. That's it for today.
Thanks for reading my article. Have a nice day.
You can follow me on LinkedIn for my daily updates:- linkedin.com/in/bandan-kumar-sahoo-131412203