Nowadays using cloud computing has become an essential part of a business. We are automating the cloud with terraform which makes it easier for us to manage the code .In this practical we have launched a webserver in aws with the help of terraform.
Problem statement:
- Create a security group which allows the port 80 and 2049.
- Launch an ec2 instance and attach an existing key.
- Launch one volume using the EFS service and attach it to your vpc and mount the volume into /var/www/html.
- Developer uploaded the code in github,copy it in /var/www/html.
- Create s3 bucket and deploy the images into the bucket and change the permission to readable.
- Create the cloudfront using s3 bucket and and update the url in /var/www/html
Step 1: we login to the aws account using a profile
Step 2: We create security group to allow port 80 so that user can connect to this port to access our website.
resource "aws_security_group" "my-security-group" {
name = "my-security-group"
description = "Allow httpd and ssh traffic and nfs protocol"ingress {
description = "allow nfs traffic"
from_port = 2049
to_port = 2049
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
description = "allow http traffic"
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
description = "allow ssh traffic"
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}tags = {
Name = "my-security-group"
}
}
Step 3: Launch an ec2 instance instance with the about security group.
Step 4:Create a EFS (Elastic File System) volume to attach to the ec2 instance and mount it on /var/www/html to make the data in this folder persistent.It uses nfs protocol to share the storage.In this service aws launches some instances for us through which we share the storage on port 2049.The ec2 instances we launched contacts to the efs instances on port 2049.We used Efs instead of Ebs(Elastic block storage) as in “efs” unlike “ebs” we can connect the same storage to many instances at the same time.We have to attach the efs in the same vpc ,subnet and apply the same security group on the mount targets.
Step 5:We install some softwares like httpd,git,amazon-efs-utils to use Efs service,nfs and mount the efs volume to /var/www/html folder
resource "null_resource" "nullremote1" {
depends_on = [
aws_efs_file_system.sahil-efs,
aws_efs_mount_target.efs-mount
]
connection {
type = "ssh"
user = "ec2-user"
private_key = file("C:/Users/sahil/Downloads/mykey11.pem")
host = aws_instance.my-webserver.public_ip
}
provisioner "remote-exec" {
inline = [
"sudo yum install httpd git php amazon-efs-utils nfs-utils -y",
"sudo systemctl restart httpd",
"sudo systemctl enable httpd",
"sudo mount -t nfs4 -o nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport ${aws_efs_mount_target.efs-mount.dns_name}:/ /var/www/html/",
"sudo rm -rf /var/www/html/*",
"sudo git clone https://github.com/sahil2019/myrepo.git /var/www/html/"
]
}
}Step 6: Create an s3 bucket to upload the image and give the permission as public redable.
Step 7:We connect to our instance and provide the cloudfront url.We use remote-exec as we executed these command on aws instance.We do not want to use any resource of aws so null resource is used to run commands on the remote linux systems.
Final Website:
Run the commands:
- >terraform init
- >terraform apply -auto-approve
Web server created.
EFS(Elastic file system)created.
Security group created.
S3 bucket created.
Cloudfront created.
Efs volume is mounted /var/www/html.
To delete the whole setup.
terraform destroy -auto-approve
GIThub link:
