Terraform VPC - on AWS : Three tier architecture design

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

We are going to build a three tier architecture as follows.

 


AWS Management Console : First Build manually 
  1. We are going to build a VPC \
  2. We are going to create public and private subnets under two different available zone .
  3. Two more private subnets for database.
  4. In addition to that we are going to create an InternetGateway. 
  5. And add the routes for the public subnets where by incoming traffics are also allowed by this public subnets.
  6. In addition to that we will create NAT Gateway with elastic IPs. Therefore the EC2 instances in the private subnet can communicate to the internet world using the NAT gateway created on the Public subnets.


 Above diagram represents what we are planning to build.

We will learn about Terraform Modules and Local Values. 

 




43 . Building VPC Manually using AWS Console.

https://github.com/stacksimplify/terraform-on-aws-ec2/tree/main/06-AWS-VPC/06-01-AWS-VPC-using-Mgmt-Console

44. Introduction to Terraform Modules.

Modules are containers for multiple resources that are used together . A module consists of a collection of .tf files that are kept together in a directory. 

You can create your own modules and place it in the terraform registry. If needed, 

https://registry.terraform.io/    -- Terraform registry site .


There is another way where you can create a module of your own. or another way where you can create a "resource" of terraform directly.

Type in Google -- terraform vpc resource.

  1.  You can use the Module available in the Terraform regitsry -- first option
  2. You can create your custom module
  3. You can use the terraform resources to create .


45 . Create Basic VPC Module.

vpc.tf file we will create step by step.

we will go to the modules page on the Terraform registry 

Provision Instructions

Copy and paste into your Terraform configuration, insert the variables, and run terraform init: 

module "vpc" {
  source  = "terraform-aws-modules/vpc/aws"
  version = "2.78.0"
}


46 . Test Basic terraform module with terraform commands.

The below is created using module .

-- vpc.tf  


# Create VPC terraform Module
module "vpc" {
  source  = "terraform-aws-modules/vpc/aws"
  version = "2.78.0"

# VPC Information
name = "vpc-sreejith"
cidr = "10.0.0.0/16"
azs                 = ["ap-south-1a", "ap-south-1b"]
private_subnets     = ["10.0.1.0/24", "10.0.2.0/24"]
public_subnets      = ["10.0.101.0/24", "10.0.102.0/24"]

#Database subnet
create_database_subnet_group = true
create_database_subnet_route_table = true
database_subnets    = ["10.0.151.0/24", "10.0.152.0/24"]
#create_database_nat_gateway_route = true
#create_database_internet_gateway_route = true

 # NAT Gateways - Outbound Communication
enable_nat_gateway = true
single_nat_gateway = true

# VPC DNS Parameters
enable_dns_hostnames = true
# enable_dns_support = true

public_subnet_tags = {
    Type = "public-subnets"
}

private_subnet_tags = {
    Type = "private-subnets"
}

database_subnet_tags = {
    Type = "database-subnets"
}

tags = {
    Owner = "sreejith"
    Environment = "dev"
}

}






 Used the latest version of the module and that was successful too.

# Create VPC terraform Module
module "vpc" {
  source  = "terraform-aws-modules/vpc/aws"
  version = "3.19.0"
 

# Create VPC terraform Module
module "vpc" {
  source  = "terraform-aws-modules/vpc/aws"
  version = "3.19.0"


# VPC Information
name = "vpc-sreejith"
cidr = "10.0.0.0/16"
azs                 = ["ap-south-1a", "ap-south-1b"]
private_subnets     = ["10.0.1.0/24", "10.0.2.0/24"]
public_subnets      = ["10.0.101.0/24", "10.0.102.0/24"]

#Database subnet
create_database_subnet_group = true
create_database_subnet_route_table = true
database_subnets    = ["10.0.151.0/24", "10.0.152.0/24"]
#create_database_nat_gateway_route = true
#create_database_internet_gateway_route = true

 # NAT Gateways - Outbound Communication
enable_nat_gateway = true
single_nat_gateway = true

# VPC DNS Parameters
enable_dns_hostnames = true
# enable_dns_support = true

public_subnet_tags = {
    Type = "public-subnets"
}

private_subnet_tags = {
    Type = "private-subnets"
}

database_subnet_tags = {
    Type = "database-subnets"
}

tags = {
    Owner = "sreejith"
    Environment = "dev"
}

}






 

 version.tf


terraform {
  required_providers {
    aws = {
      source = "hashicorp/aws"
      version = "4.59.0"
    }
  }
}

# Provider Block
provider "aws" {
  region  = var.aws_region
  profile = "default"
}
/*
Note-1:  AWS Credentials Profile (profile = "default") configured on your local desktop terminal  
C:\Users\sreejith_b\.aws\credentials
*/


generic-variable.tf


# Input Variables

# AWS Region
variable "aws_region" {
  type = string
  default = "ap-south-1"  
  description = "Region in which AWS Resources to be created"
}



47 : Standardizing TF Code Generic variables and terraform.tfvars





Comments

Post a Comment

Popular posts from this blog

Terraform : AWS : Terraform on AWS with SRE & IaC DevOps | Section 2 : Terraform basics

Image
 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Username :sreejith.awsspace@gmail.com Password : E  +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ How to run Ansible playbook from Terraform | Terraform Ansible Integration | WhatsAPP No-8817442344  +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Learning Path Terraform  -- Whatever we do in AWS is all the services we will present Ansible -- configuration with jenkins with oracle script Linux Shell  Patching AWS SysOps last DevOps : Pipeline Terraform Basics : 4. Step-01: MacOS: Install Terraform  Install Terraform CLI  : Terraform binary which we need to install on our local desktop   AWS CLI : If we are using AWS as the provider to provision the infrastructure on AWS cloud the AWS CLI needs to be installed. VS code editor has the IDE for writing terraform configuration file  Terraform syntax related language ...
Read more

Terraform : AWS : Terraform on AWS | Section 4: Terraform Input Variables and Datasources

Image
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++   ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++   25. Step-01: Introduction to Variables Section From the terraform perspective . we are going to learn the following on the left and from AWS perspective  We are going to dynamically get the latest AMI id from AWS, using data source terraform concept and then create the EC2 Instance . In addition to that we are also going to associate an existing Key pair to for whatever is present in our EC2 key Pairs to our EC2 instance when it is creating . Earlier we manually configured the NSG - Network security group. here we are going to create two resources called VPC-SSH , VPC-Web,  so that can be used to access the EC2 instance . So using ssh you should be able to access the EC2 instance and using VPC Web security will be used to access the web server. We also need to understand why are we creating two security groups ...
Read more