So if you want to create AWS resources but not from the console, you can write a few lines of code which will create your infrastructure for you,i.e. using terraform. Terraform is the opensource infrastructure as a code software that helps you provision your whole infrastructure with the code. This tool is widely used in the industry by major companies.
I have tried creating a simple EC2 instance on AWS (EC2 is a server that can be used for any purpose like testing, development, hosting your web application etc. ).
But before directly creating an AWS EC2 instance, first, I have to create a network for my infrastructure, that is called AWS VPC, it has a CIDR network block (10.0.0.0/16).
All operations going forward will be happening inside this network block (10.0.0.0/16).
I also have to create a subnet, for example, I will take 10.0.1.0/24 as my subnet for placing my instances inside the subnet. Subnet here I have used is a public subnet, which means it is attached to Internet Gateway. So there are two types of subnets, public and private. I will write another blog for difference between those subnets. Here is my main terraform code which will create AWS resources.
provider "aws"{
region = "us-east-2"
}
resource "aws_vpc" "web_vpc" {
cidr_block = "10.0.0.0/16"
}
resource "aws_subnet" "web_subnet" {
cidr_block = "10.0.0.0/24"
vpc_id = "${aws_vpc.web_vpc.id}"
map_public_ip_on_launch = true
}
resource "aws_internet_gateway" "ig" {
vpc_id = "${aws_vpc.web_vpc.id}"
}
resource "aws_route_table" "route" {
vpc_id = "${aws_vpc.web_vpc.id}"
route {
cidr_block = "0.0.0.0/0"
gateway_id = "${aws_internet_gateway.ig.id}"
}
}
resource "aws_route_table_association" "ra" {
subnet_id = "${aws_subnet.web_subnet.id}"
route_table_id = "${aws_route_table.route.id}"
}
resource "aws_security_group" "web_sg" {
name = "web security group"
description = "security group is for web"
vpc_id = "${aws_vpc.web_vpc.id}"
ingress {
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
egress {
from_port = 0
to_port = 0
protocol = -1
cidr_blocks = ["0.0.0.0/0"]
}
}
resource "aws_instance" "webserver" {
instance_type = "t2.micro"
ami = "ami-0c55b159cbfafe1f0"
key_name = "${var.key_name}"
subnet_id = "${aws_subnet.web_subnet.id}"
vpc_security_group_ids = ["${aws_security_group.web_sg.id}"]
connection {
type = "ssh"
user = "ubuntu"
private_key = "${file("/root/ec2/awsshop.pem")}"
}
provisioner "file" {
source = "/root/ec2/run.sh"
destination = "/tmp/run.sh"
}
provisioner "remote-exec" {
inline = ["sudo chmod +x /tmp/run.sh",
"sudo sh /tmp/run.sh"]
}
}Resource like aws_security_group is used for creating ingress(inbound) rule and egress (outbound) rule for security groups. And we attach that security group to instances,
You can see last block provisioner file in that section, I am copying run.sh from my source machine to newly provisioned aws ec2 instance, and another block is of provisioner remote-exec, that is nothing but execution of commands after booting up of that newly provisioned aws ec2 instance. In my example, I have given the executable permission to the script which I copied in the previous step and executed that script.
Here is that script,
These are simple commands to install apache webserver. So after booting AWS EC2 instance, you are actually making it a webserver by installing the apache2 package.
#!/bin/sh
apt-get install apache2 -y
echo "Apache Server" > /var/www/html/index.html
systemctl restart apache2Here is the variable file, you can also ask user inputs, like key name to talk to aws account.
variable "key_name" {
description = "keypair"
}README
Prerequisites
Terraform must be installed on your machine
aws must be configured with access key and secret key
your private file must be present in current directory and then change the name of the private key accordingly
terraform init
terraform apply --auto-approve
Here is my github link for the above repository.
Thank you :D
Commentaires