Terraform: Deploy a Two-Tier Architecture
What is Terraform?
Terrraform is an open-source Infrastructure as Code (IaC) tool developed by HashiCorp. It is used to define and provision a complete infrastructure using a declarative language. IaC helps businesses automate their infrastructures by programmatically managing an entire technology stack through code.
Terraform core concepts:
- Variables: Also used as input-variables, it is key-value pair used by Terraform modules to allow customization.
- Provider: It is a plugin to interact with APIs of service and access its related resources. (We will be using AWS for this project)
- Module: It is a folder with Terraform templates where all the configurations are defined.
- Resources: refers to a block of one or more infrastructure objects (compute instances, virtual networks, etc.), which are used in configuring and managing the infrastructure.
- Output Values: These are return values of a terraform module that can be used by other configurations.
- Plan: It is one stage where it determines what needs to be created, updated, or destroyed.
- Apply: It is the last stage where it applies the changes of the infrastructure in order to move to the desired state.
Our scenario:
Your team needs you to diagram and deploy a two-tier architecture for your company. For the foundational project you are allowed to have all your code in a single main.tf file (known as a monolith) with hardcoded data.
- Deploy a VPC with CIDR 10.0.0.0/16 with 2 public subnets with CIDR 10.0.1.0/24 and 10.0.2.0/24. Each public subnet should be in a different AZ for high availability.
- Create 2 private subnet with CIDR ‘10.0.3.0/24’ and ‘10.0.4.0/24’ with an RDS MySQL instance (micro) in one of the subnets. Each private subnet should be in a different AZ.
- A load balancer that will direct traffic to the public subnets.
- Deploy 1 EC2 t2.micro instance in each public subnet.
Prerequisites:
- Install Terraform CLI
- Install AWS CLI
- GitHub account
- The main.tf & variables.tf files from our GitHub repo
- AWS account access
- https://registry.terraform.io/
Let’s get started!
1| Create main.tf file
For this project, I will be using the Amazon Web Services (AWS) Cloud9 environment. First, we will need to create our main.tf file. To do this, we will simply create a new directory, $cd into that directory and $touch main.tf file. The main.tf file will contain the main set of configuration for your module. This is where we’ll tell Terraform that we’re using AWS resources, and to create everything needed for two-tier architecture. Terraform allows you to use multiple providers, however, for this specific project, we will be only be using AWS for our provider today.
Save the main.tf file and run a $ terraform init to initialize the working directory and backend.
2| Create the VPC, 2 Public Subnets & 2 Private Subnets
Here we will be creating the following resources:
- VPC with CIDR 10.0.0.0/16
- 2 Public Subnets with CIDR 10.0.1.0/24 (us-east-1a) & 10.0.2.0/24 (us-east-1b)
- 2 Private Subnets with CIDR 10.0.3.0/24 (us-east-1a)and 10.0.4.0/24 (us-east-1b). For the Private subnets, we set the
map_public_ip_on_launch= falsewhich will in-turn make the subnets private.
3| Create Internet Gateway & Route Table
Here we will be creating the following resources:
- Internet Gateway
- Route Table so that we can route traffic through the internet gateway to allow for internet access. Simply put, our route table will tell the network packets which way they need to go to get to their destination.
- Route Table Association- We will associate the Public subnets with the route tables.
4| Create Security Groups
If you haven’t noticed by now, we are talking this project and breaking it down into smaller sections. Taking small bites of the elephant, if you will. Onward we go!
In this step, we will be creating the security group for the Application layer:
5| Create EC2 Instances & Application Load Balancer
Here we will be creating the following resources:
- An AWS t2.micro EC2 instance with Apache in the user_data. Both of our instances will launch in the Public subnet.
- Application Load Balancer that will point to our public subnets. *Note: make sure you set internal resource to “false” so that it will be internet-facing.
- Application Load Balancer listener, target group & target group attachment.
6|Create RDS MySQL
7|Terraform Init & Plan
After you have created the above files needed to successfully create a two-tier architecture, the first step is to initialize the terraform backend by using the terraform init command like we did in Step 1.
Sadly, sometimes… we get smacked in the face with some major roadblocks. Let’s go fix all of our errors and we’ll try this again!! Run terraform init command again…
Success!
Next, we will run the terraform plan command to evaluate the Terraform configuration.
Success! Now, we will run the terraform fmt & terraform validate command to ensure our formatting is perfect!
8|Terraform Apply
Finally! We will run the command terraform apply to apply the configuration and cross our wee fingers!!
If the build runs as planned, you will see a similar screen:
To double-check that everything deployed correctly, we will check around the AWS Console:
Success!
9|Terraform Destroy
The absolute BEST thing about Terraform (in my opinion!) is that you can takedown ALL of the resources you created with ONE single command:
terraform destroy
Congrats y’all! You’ve just created a 2-tier AWS architecture via Terraform.
