Day 66- 90DaysOfDevOps

Hey Learners! Welcome back. In this challenge, we'll dive deep into Terraform and create new resources on AWS using Terraform scripts. In this challenge, we'll walk through the process of creating and setting up a VPC, and Subnets, Launching an EC2 instance, and finally hosting a simple web page on the created EC2 instance using Apache. Let's start...

Steps to follow:-

1- Set up VPC and Subnets

2- Create Security Groups

3- Launch an EC2 Instance with Apache

4- Apply the changes using Terraform

5- Validation

Pre-requisite:-

Terraform must be installed locally or on an EC2 instance. I am using an EC2 instance.

AWS CLI must be configured.

As we already know we can write terraform configuration files as a single file like all the resources in main.tf or we can create different ".tf" files for different resources.

In this challenge, I am going to create different configuration files for different resources like VPC, SG, EC2, etc instead of main.tf.

Create a terraform.tf file and provide details for the provider.

Note - Use the terraform init command to initialize as we need to validate the script(s).

Step 1- Set up VPC and Subnets

To create a VPC we create a vpc.tf file including resources like Subnets, Internet Gateway, Rout Tables etc.

We'll define a VPC and its associated subnets with the desired CIDR blocks. We need to set up an internet gateway and also configure a route table for the public subnet and have to associate it to enable the internet.

resource "aws_vpc" "TestVPC" {
  cidr_block        = "10.0.0.0/16"
  instance_tenancy = "default"
  tags = {
    Name = "TestVPC"
  }
}

resource "aws_subnet" "PublicSN" {
  vpc_id     = aws_vpc.TestVPC.id
  cidr_block = "10.0.1.0/24"
  tags = {
    name = "PublicSN"
  }
}

resource "aws_subnet" "PrivateSN" {
  vpc_id     = aws_vpc.TestVPC.id
  cidr_block = "10.0.2.0/24"
  tags = {
    name = "PrivateSN"
  }
}

resource "aws_internet_gateway" "MyIG" {
  vpc_id = aws_vpc.TestVPC.id
  tags = {
    name = "MyIG"
  }
}
resource "aws_route_table" "PublicRT" {
  vpc_id = aws_vpc.TestVPC.id
  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = aws_internet_gateway.MyIG.id
  }
  tags = {
    name = "PublicRT"
  }
}
resource "aws_route_table_association" "PubliRTA" {
  subnet_id      = aws_subnet.PublicSN.id
  route_table_id = aws_route_table.PublicRT.id
}

2- Create Security Groups

Create SecurityGroups.tf file as shown below.

In this configuration file, we allow port numbers- 22(SSH), 80(http), and 443(https) in the MySG security group. We have to create one elastic IP as well and associate it with the EC2 instance.

resource "aws_security_group" "MySG" {
  vpc_id = aws_vpc.TestVPC.id

  ingress {
    from_port = 80
    to_port = 80
    protocol = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  ingress {
    from_port = 22
    to_port = 22
    protocol = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  ingress {
    from_port = 443
    to_port = 443
    protocol = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }  

  egress {
    from_port = 0
    to_port = 0
    protocol = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }
}

3- Launch an EC2 Instance with Apache

Let's create a configuration file for an EC2 instance with an Apache server and a sample web page.

Create an EC2.tf file as shown below.

resource "aws_instance" "Apache-server" {
  ami = "ami-0287a05f0ef0e9d9a"
  instance_type = "t2.micro"
  subnet_id = aws_subnet.PublicSN.id
  key_name = "nginxproject"
  vpc_security_group_ids = [
    aws_security_group.MySG.id
  ]
  user_data = <<-EOF
            #!/bin/bash
            sudo apt-get update -y
            sudo apt-get install apache2 -y
            sudo systemctl start apache2
            echo "This Web page is hosted on $(hostname -f) by Terraform" > /var/www/html/index.html
        EOF
  tags = {
    Name = "MyApache"
  }
}
resource "aws_eip" "MyEIP" {
  domain = "vpc"
  instance = aws_instance.MyApache.id
}