Construct and Deploy a 3-Tier Architecture using Terraform Modules Via Terraform Cloud CI/CD

3 Tier Architecture

A three tier architecture is a very popular implementation of the client-service software design. It consist of 3 different tiers that link together and provide different functions

The top-level tier is called the web tier. Web tier’s primary function is to show and gather user information. The application’s brains are located in the application tier. The business logic that handles user inputs is stored in this tier. The data or backend tier of a web application is the database tier. It is the location where the data handled by the program is maintained and saved.

What is Terraform Modules

A group of Terraform configuration files in a single directory make up a Terraform module. Such a directory is referred to as the root module when Terraform commands are executed directly from it. A Terraform module (often the root module of a configuration) can call other modules to add their resources to the configuration.

What is Terraform Cloud

Teams can use Terraform jointly with the aid of Terraform Cloud. Terraform Cloud can be used as a CI/CD tool. It oversees Terraform and ensures that it operates in a consistent and reliable environment. It also provides simple access to shared state and secret data, access controls for infrastructure changes, a private registry for exchanging Terraform modules, and intricate policy controls for regulating the contents of Terraform configurations.

Objective

• We have been tasked to design a highly available 3-tier architecture within Terraform
• Deploy this using Terraform Cloud as a CI/CD tool to check your build.
• Use module blocks for ease of use and re-usability.

Prerequisites

• AWS account with proper permissions
• Github account
• Terraform Cloud account
• Your preferred IDE (I will be using Cloud9)

Lets Begin…

Step 1: Configure the root module

In the main.tf file in my root module as you can see I will be referencing 6 different modules that I have created and configured to deploy all the resources I need for my 3-tier architecture. for the sake of demonstration I will provide the link to the all the configuration files within the modules I created for this project below for reference.

GitHub - ojomohalex/Terraform-CI-CD: terraform project

VPC- A VPC with three private and three public subnets is created via the VPC module. In order to direct internet traffic to public subnets, it constructs an internet gateway and generates route tables and route table associations.

Security-Groups- The Security-Groups module creates the security groups for each different tier and makes sure one tier can access the next tier

Nat-Gateway- The Nat-Gateway module creates a NAT gateway and elastic IP. it also creates more route tables and route table associations to direct private subnets through the NAT gateway.

Database- The Database module creates the resources for our RDS MySQL database instance and subnet group.

EC2- The EC2 module will be used to create our instances that out application and web tier will be hosting. this module will create the Launch templates and auto scaling groups necessary.

Load-Balancer- The Load-Balancer module will be used to create out Application load balancer This module creates the target audience, the listener, and the application load balancer for internet-facing applications. Traffic will be routed to the private subnets by the ALB, which is in the public subnets.

The variables and outputs of each module can be used to cross-reference one another. They work together as a team.

Step 2: Set up Terraform cloud

Now that our code is ready, we can start interacting with Terraform Cloud. You must create a new Organization in your Terraform Cloud account. Click Create Organization and give your organization a name. Then, when asked to create a workspace, select the Version control workflow option.

In the next step under Connect to VCS you will have to select GitHub connect to you GitHub account. Once connected Select the repository you would like terraform Cloud to reference under the Choose a repository tab. once you name your tab you can click Create Workspace

now that our workspace is set up we need to add input and environment variables to our workspace. for this project added the AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY as my envioremnt variables and saved them as sensitive. You can get your access key information by going to the Security Credentials under your username in the IAM Console in your AWS account

Next, I added input variables for the region and project name as well as every single subnet cidr and vpc cidr.

Step 3: Deploy configuration in Terraform Cloud

Now that all our variables are set up you can navigate to the upper right hand corner of the screen and select Actions then select Start New Run.

Step 4: Check Deployment

Now that we successfully deployed our resources it is time to head over to the AWS console and check our deployment and see if all our resources have been created

RDS MySQL database instance for data tier

EC2 instances for our web and application tier

3 Public and 3 Private subnets all within the VPC we created

Step 5: Test Network Connectivity

Now that our 3- tier architecture is complete we will now test the network connectivity and make sure each tier can connect to the tier directly above it.

Navigate to EC2 and to your web instance click connect go to the instance connect terminal

ping you app instance by running the following command

ping <private IP address of private app instance>

We have successfully accessed the private instance.

Step 6: Automation

Automation is a very important process in real world applications. if you wanted to make changes to the infrastructure we automate it within the cloud. To accomplish this, we must instruct Terraform Cloud to update our infrastructure whenever the code is modified. Go to Settings in your Terraform cloud workspace and change the Apply Method to Auto apply

make sure to click save settings when completed

To demonstrate how it works I will be editing the user data in my main.tf file in the ec2 module

script.sh file

as you can see I am bootstrapping a file in my user data field but had it commented out in my original deployment. The file is a script that will make my configuration display ‘Hello World” when accessing my webserver. In GitHub I will make changes to the file by uncommenting out the user data section and adding my script.sh file to my root directory then saving the changes.

as you can Terraform Cloud has automatically recognized the changes I’ve made in GitHub and is automatically updating my configuration.

The new instance will have the updated user data when I access my public webserver.

We have now Successfully automated out infrastructure, and used terraform cloud to make automatic updates!

Step 6: Destroy our infrastructure

to destroy our infrastructure select Settings > Destruction and Deletion > Queue destroy plan.

Our final step is complete!! we have successfully destroyed our resources.

Thank you for reading we have deployed a CI/CD pipeline using terraform and GitHub cloud with different modules I created within terraform.