Terraform: Configuring A Three Tier AWS Architecture.
1. What is Terraform?
2. Prerequisites.
3. Let’s Build Our AWS Infrastructure with terraform.
1.What is Terraform?
Terraform allows infrastructure to be expressed as code in a simple, human readable language called HCL (HashiCorp Configuration Language). It reads configuration files and provides an execution plan of changes, which can be reviewed for safety and then applied and provisioned.
Extensible providers allow Terraform to manage a broad range of resources, including IaaS, PaaS, SaaS, and hardware services.
Write
- Write infrastructure as code using declarative configuration files. HashiCorp Configuration Language (HCL) allows for concise descriptions of resources using blocks, arguments, and expressions.
Plan
- Run
terraform planto check whether the execution plan for a configuration matches your expectations before provisioning or changing infrastructure.
Apply
- Apply changes to hundreds of cloud providers with
terraform applyto reach the desired state of the configuration.
2. Prerequisites.
- Install terraform.
- Install AWS CLI.
- Configure AWS credentials
Suggestions before getting started: I suggest using the write, plan, apply method for a couple resources at a time to get a good understanding of how terraform is used to deploy our resources.
Use the command:
terraform init: The terraform init command is used to initialize a working directory containing Terraform configuration files.
terraform fmt: to have terraform format your code in a clean way.
terraform plan: The terraform plan command creates an execution plan, which lets you preview the changes that Terraform plans to make to your infrastructure.
terraform apply: The terraform apply command performs a plan just like terraform plan does, but then actually carries out the planned changes to each resource.
3. Let’s Deploy Some Resources Using Terraform.
I will be deploying all my resources out of region us-east-2.
Let’s start by making a new directory in the cli.
mkdir terraform-project
In your favorite text editor, make a new folder named main.tf
Use the Amazon Web Services (AWS) provider to interact with the many resources supported by AWS. You must configure the provider with the proper credentials before you can use it.
Use the code below to build out our vpc with a cidr block of 10.0.0.0/16
Next we’ll need to configure our public subnets for our VPC.
We’ll give public-subnet-1 a cidr block of 10.0.1.0/24
We’ll give public-subnet-2 a cidr block of 10.0.2.0/24
Next lets configure our Private subnets for our MySql database
Here we’ll give private-subnet-1 a cidr block of 10.0.3.0/24
And we’ll give private-subnet-2 a cidrblock of 10.0.4.0/24
Next we’ll need to give our VPC a way of communicating with the internet by attatching an internet gateway.
We’ll also create a route table that will connect to the internet gateway.
We’ll give our route table a cidr block of 0.0.0.0/0
Next we need to associate the public subnets with the route table so that our resources inside our public subnet can communicate with the internet.
Next lets create some EC2 Instances and launch them in our public subnets.
Note: If you are not using region us-east-2, your ami id might be different than the one below.
Next we’ll need to configure a security group to allow HTTP inbound traffic from our VPC.
Next we’ll need to configure a security group to all inbound traffic from our application load balancers.
Next we’ll need to configure a security group for RDS database.
Next let’s create our Application Load Balancer.
We’ll launch it in our public subnets.
Next we’ll need to give our ALB a target group that maps to our EC2 Instances.
We’ll also need to add a listener to port 80.
Next we’ll need to create our RDS mysql database. and launch it in our private subnets.
There you have it! We have just created a three tier AWS architecture.
You can view your resources being deployed in real time in the AWS console
Use the command:
terraform destroy: to destory our infrastructure.
