DevOps(Day 66) -  Project: Building an entire infrastructure through Terraform

DevOps(Day 66) - Project: Building an entire infrastructure through Terraform

AIM

Build Your Own AWS Infrastructure with Ease using Infrastructure as Code (IaC) Techniques

Welcome back to our Terraform journey.

In the previous tasks, you have learned about the basics of Terraform, its configuration file, and creating an EC2 instance using Terraform. Today, we will explore more about Terraform and create multiple resources.

Subtasks:

Task 1: Create a VPC

  • Create a VPC (Virtual Private Cloud) with CIDR block 10.0.0.0/16

    1. Create a vpc.tf file and mention the required CIDR block with the name tag of VPC.

    2. Below are the prerequisites for building any aws infrastructure is to define providers.

    3. Execute terraform apply to build the VPC.

    4. We can check in the AWS console for the new VPC created with name as "main".

Task 2: Create a private subnet

  • Create a private subnet with CIDR block 10.0.1.0/24 in the above VPC.

    1. Create a subnet.tf file to define the private subnet with the required configuration tag.

    2. Use terraform apply to create the private subnet.

    3. We can verify the private subnet in the subnet section in AWS management console.

Task 3: Create a public subnet

  • Create a public subnet with CIDR block 10.0.2.0/24 in the above VPC.

    1. Similarly, in the subnet.tf file that we created above define the public subnet block.

    2. Use terraform apply to create the public subnet.

    3. We can verify the subnet creation in the AWS console.

Task 4: Create an Internet Gateway

  • Create an Internet Gateway (IGW) and attach it to the VPC.

    1. Create a internetgateway.tf file and define the internet gateway with the required configurations to attach it to VPC

    2. Use terraform apply to create the internet gateway.

    3. We can verify the internet gateway that is created in AWS console.

Task 5: Create a Route table

  • Create a route table for the public subnet and associate it with the public subnet. This route table should have a route to the Internet Gateway.

    1. Create a routetable.tf file to define the route table configuration in association with the public subnet.

    2. Use terraform apply to create the route table.

    3. We can verify the route table in AWS console along with the public subnet which is associated in the subnet association section.

Task 6: Create a security group

  • Security group: Allow SSH access and HTTP access from anywhere

      resource "aws_security_group" "web_server" {
        name_prefix = "web-server-sg"
        vpc_id = aws_vpc.main.id
        ingress {
          from_port   = 80
          to_port     = 80
          protocol    = "tcp"
          cidr_blocks = ["0.0.0.0/0"]
        }
        ingress {
          from_port   = 22
          to_port     = 22
          protocol    = "tcp"
          cidr_blocks = ["0.0.0.0/0"]
      }
      egress {
          from_port   = 0
          to_port     = 0
          protocol    = -1
          cidr_blocks = ["0.0.0.0/0"]
      }
      }
    

Task 7: Create an Elastic IP

  • Create an Elastic IP and associate it with the EC2 instance.

      resource "aws_eip" "ip" {
        instance = aws_instance.server_terraform.id
        vpc      = true
        tags = {
          Name = "elastic-ip"
        }
      }
    

Task 8: Create user data to install Apache

  • User data: Use a shell script to install Apache and host a simple website

      user_data = <<-EOF
                    #!/bin/bash
                    sudo apt-get update -y
                    sudo apt-get install -y apache2
                    sudo systemctl start apache2
                    sudo systemctl enable apache2
                    echo "<html><body><h1>Hi, This is Bandan.</h1></body>          </html>" > /var/www/html/index.html
                    sudo systemctl restart apache2
                    EOF
    

Task 9: Create an EC2 instance

  • Launch an EC2 instance in the public subnet with the following details:

  • AMI: ami-0557a15b87f6559cf

  • Instance type: t2.micro

  • Open the website URL in a browser to verify that the website is hosted successfully.

  1. Combine all the configurations to spin up the EC2 instance.

     resource "aws_security_group" "web_server" {
       name_prefix = "web-server-sg"
       vpc_id = aws_vpc.main.id
       ingress {
         from_port   = 80
         to_port     = 80
         protocol    = "tcp"
         cidr_blocks = ["0.0.0.0/0"]
       }
       ingress {
         from_port   = 22
         to_port     = 22
         protocol    = "tcp"
         cidr_blocks = ["0.0.0.0/0"]
     }
     egress {
         from_port   = 0
         to_port     = 0
         protocol    = -1
         cidr_blocks = ["0.0.0.0/0"]
     }
     }
    
     resource "aws_instance" "server_terraform" {
       ami           = "ami-007855ac798b5175e"
       instance_type = "t2.micro"
       key_name      = "instance"
       subnet_id = aws_subnet.public_subnet.id
       security_groups = [
         aws_security_group.web_server.id
       ]
    
       user_data = <<-EOF
                   #!/bin/bash
                   sudo apt-get update -y
                   sudo apt-get install apache2
                   sudo systemctl start apache2
                   sudo systemctl enable apache2
                   echo "<html><body><h1>Hi, This is Bandan.</h1></body></html>" > /var/www/html/index.html
                   sudo systemctl restart apache2
                   EOF
         tags = {
             Name = "terraform_server"
         }
     }
     resource "aws_eip" "ip" {
       instance = aws_instance.server_terraform.id
       vpc      = true
       tags = {
         Name = "elastic-ip"
       }
     }
    

  2. Use terraform apply to spin up the infrastructure.

  3. Now, we can see in the AWS console for the new EC2 instance which is created.

  4. We can verify the security group along with the rules created.

  5. We can verify the elastic IP which is created.

Task 10: Access the website

  • We can verify the website that is created through Apache web server.

This Terraform hands-on task is designed to test proficiency in using Terraform for Infrastructure as Code (IaC) on AWS. we will be tasked with creating a VPC, subnets, an internet gateway, and launching an EC2 instance with a web server running on it. This task will showcase our skills in automating infrastructure deployment using Terraform. It's a popular interview question for companies looking for candidates with hands-on experience in Terraform. That's it for today.

Thanks for reading my article. Have a nice day.

You can follow me on LinkedIn for my daily updates:- linkedin.com/in/bandan-kumar-sahoo-131412203