Terraform example script

 main.tf file ==>


cat > main.tf <<EOF

terraform {

  required_providers {

    aws = {

      source  = "hashicorp/aws"

      version = "3.48.0"

    }

  }  

}

provider "aws" {

  region = "us-west-2" # Oregon

}



resource "aws_vpc" "web_vpc" {

  cidr_block = "192.168.100.0/24"

  enable_dns_hostnames = true

  tags = {

    Name = "Web VPC"

  }

}


resource "aws_subnet" "web_subnet" {

  # Use the count meta-parameter to create multiple copies

  count             = 2

  vpc_id            = "${aws_vpc.web_vpc.id}"

  # cidrsubnet function splits a cidr block into subnets

  cidr_block        = "${cidrsubnet(var.network_cidr, 1, count.index)}"

  # element retrieves a list element at a given index

  availability_zone = "${element(var.availability_zones, count.index)}"


  tags {

    Name = "Web Subnet ${count.index + 1}"

  }


}


resource "aws_instance" "web" {

  count         = "${var.instance_count}"

  # lookup returns a map value for a given key

  ami           = "${lookup(var.ami_ids, "us-west-2")}"

  instance_type = "t2.micro"

  # Use the subnet ids as an array and evenly distribute instances

  subnet_id     = "${element(aws_subnet.web_subnet.*.id, count.index % length(aws_subnet.web_subnet.*.id))}"

  

  # Use instance user_data to serve the custom website

  user_data     = "${file("user_data.sh")}"

  tags {

    Name = "Web Server ${count.index + 1}"

  }

}


EOF




===


cat > variables.tf <<'EOF'

# Example of a string variable

variable network_cidr {

  default = "192.168.100.0/24"

}


# Example of a list variable

variable availability_zones {

  default = ["us-west-2a", "us-west-2b"]

}


# Example of an integer variable

variable instance_count {

  default = 2

}


# Example of a map variable

variable ami_ids {

  default = {

    "us-west-2" = "ami-0fb83677"

    "us-east-1" = "ami-97785bed"

  }

}


EOF




===



cat > outputs.tf <<'EOF'

output "ips" {

  # join all the instance private IPs with commas separating them

  value = "${join(", ", aws_instance.web.*.private_ip)}"

}


EOF


===


cat >> user_data.sh <<'EOF'

#!/bin/bash

cat > /var/www/html/index.php <<'END'

<?php

$instance_id = file_get_contents("http://instance-data/latest/meta-data/instance-id");

echo "You've reached instance ", $instance_id, "\n";

?>

END

EOF



===


cat > networking.tf <<'EOF'

# Internet gateway to reach the internet

resource "aws_internet_gateway" "web_igw" {

  vpc_id = "${aws_vpc.web_vpc.id}"

}

# Route table with a route to the internet

resource "aws_route_table" "public_rt" {

  vpc_id = "${aws_vpc.web_vpc.id}"

  

  route {

    cidr_block = "0.0.0.0/0"

    gateway_id = "${aws_internet_gateway.web_igw.id}"

  }

  tags {

    Name = "Public Subnet Route Table"

  }

}

# Subnets with routes to the internet

resource "aws_subnet" "public_subnet" {

  # Use the count meta-parameter to create multiple copies

  count             = 2

  vpc_id            = "${aws_vpc.web_vpc.id}"

  cidr_block        = "${cidrsubnet(var.network_cidr, 2, count.index + 2)}"

  availability_zone = "${element(var.availability_zones, count.index)}"

  tags {

    Name = "Public Subnet ${count.index + 1}"

  }

}

# Associate public route table with the public subnets

resource "aws_route_table_association" "public_subnet_rta" {

  count          = 2

  subnet_id      = "${aws_subnet.public_subnet.*.id[count.index]}"

  route_table_id = "${aws_route_table.public_rt.id}"

}

EOF



===


cat > security.tf <<'EOF'

resource "aws_security_group" "elb_sg" {

  name        = "ELB Security Group"

  description = "Allow incoming HTTP traffic from the internet"

  vpc_id      = "${aws_vpc.web_vpc.id}"

  ingress {

    from_port   = 80

    to_port     = 80

    protocol    = "tcp"

    cidr_blocks = ["0.0.0.0/0"]

  }

  # Allow all outbound traffic

  egress {

    from_port = 0

    to_port = 0

    protocol = "-1"

    cidr_blocks = ["0.0.0.0/0"]

  }

}

resource "aws_security_group" "web_sg" {

  name        = "Web Server Security Group"

  description = "Allow HTTP traffic from ELB security group"

  vpc_id      = "${aws_vpc.web_vpc.id}"

  # HTTP access from the VPC

  ingress {

    from_port       = 80

    to_port         = 80

    protocol        = "tcp"

    security_groups = ["${aws_security_group.elb_sg.id}"]

  }

  # Allow all outbound traffic

  egress {

    from_port = 0

    to_port = 0

    protocol = "-1"

    cidr_blocks = ["0.0.0.0/0"]

  }

}

EOF


====

creating elastic load balancer ==>


cat > load_balancer.tf <<'EOF'

resource "aws_elb" "web" {

  name = "web-elb"

  subnets = ["${aws_subnet.public_subnet.*.id}"]

  security_groups = ["${aws_security_group.elb_sg.id}"]

  instances = ["${aws_instance.web.*.id}"]


  # Listen for HTTP requests and distribute them to the instances

  listener { 

    instance_port     = 80

    instance_protocol = "http"

    lb_port           = 80

    lb_protocol       = "http"

  }

  # Check instance health every 10 seconds

  health_check {

    healthy_threshold = 2

    unhealthy_threshold = 2

    timeout = 3

    target = "HTTP:80/"

    interval = 10

  }

}


EOF


cat >> outputs.tf <<'EOF'

output "site_address" {

  value = "${aws_elb.web.dns_name}"

}


EOF




===


creating Application Load Balancer ==>


resource "aws_lb" "external-alb" {

  name               = "External-LB"

  internal           = false

  load_balancer_type = "application"

  security_groups    = [aws_security_group.web-sg.id]

  subnets            = [aws_subnet.public-subnet1.id, aws_subnet.public-subnet2.id]

}

resource "aws_lb_target_group" "target_elb" {

  name     = "ALB-TG"

  port     = 80

  protocol = "HTTP"

  vpc_id   = aws_vpc.siva.id

  health_check {

    path     = "/health"

    port     = 80

    protocol = "HTTP"

  }

}

resource "aws_lb_target_group_attachment" "ecomm" {

  target_group_arn = aws_lb_target_group.target_elb.arn

  target_id        = aws_instance.ecomm.id

  port             = 80

  depends_on = [

    aws_lb_target_group.target_elb,

    aws_instance.ecomm,

  ]

}

resource "aws_lb_target_group_attachment" "food" {

  target_group_arn = aws_lb_target_group.target_elb.arn

  target_id        = aws_instance.food.id

  port             = 80

  depends_on = [

    aws_lb_target_group.target_elb,

    aws_instance.food,

  ]

}

resource "aws_lb_listener" "listener_elb" {

  load_balancer_arn = aws_lb.external-alb.arn

  port              = 80

  protocol          = "HTTP"

  default_action {

    type             = "forward"

    target_group_arn = aws_lb_target_group.target_elb.arn

  }

}


Comments

Post a Comment

Popular posts from this blog

Terraform

Image
  Terraform is an infrastructure as code tool that lets you build, change, and version cloud and on-prem resources safely and efficiently. HashiCorp Terraform is an infrastructure as code tool that lets you define both cloud and on-prem resources in human-readable configuration files that you can version, reuse, and share. You can then use a consistent workflow to provision and manage all of your infrastructure throughout its lifecycle. Terraform can manage low-level components like compute, storage, and networking resources, as well as high-level components like DNS entries and SaaS features. How does Terraform work? Terraform creates and manages resources on cloud platforms and other services through their application programming interfaces (APIs). Providers enable Terraform to work with virtually any platform or service with an accessible API. HashiCorp and the Terraform community have already written  thousands of providers  to manage many different types of resources and services.
Read more

Scrum Master Interview help - Bootcamp

Understanding the MoSCoW prioritization | How to implement it into your project Projects, irrespective of their size or complexity, often juggle numerous tasks and requirements. In such a scenario,  MoSCoW prioritization  becomes essential to ensure the successful completion of the project.  Besides, it is also a very effective way to manage project priorities. With a straightforward and adaptable approach, the MoSCoW method helps manage stakeholder expectations and improve project outcomes. What is the MoSCoW prioritization technique?  The MoSCoW method is a prioritization matrix widely used in project management and software development. The term MoSCoW is an acronym that stands for  Must have ,  Should have ,  Could have , and  Won’t have , each denoting a level of priority. Here is the breakdown of the MoSCoW method:  Must have:  These are critical requirements that the project cannot be completed without them. If these are not fulfilled, the project is con
Read more

Kubernetes

  Using containers to host applications and other processes has gone mainstream. As more and more workload is moved into containers, management systems are needed to handle the demands of containerized applications at scale. One of the most popular options for managing  container-based workload is Kubernetes . Kubernetes combines container management automation with an extensible API to create a cloud-native application management powerhouse. At its core, Kubernetes manages the placement of pods, which can consist of one or more containers, on a Kubernetes cluster node. Additionally, if one of these pods crashes, Kubernetes can create a new instance of it. If a cluster node is removed, Kubernetes can move any affected workload to a different node in the cluster. On top of that, Kubernetes pods can be scaled to provide more or less throughput to meet scale demands and these scale operations can be triggered manually or automatically using Kuberentes horizontal pod auto-scaling. Finally,
Read more