Automating Infrastructure Deployment with Terraform (AWS example)

Automating Infrastructure Deployment with Terraform (AWS example)

Zakaria S. Zakaria S.

Zakaria S.

Software Developer with DevOps & Cloud Focus | JavaScript | React | AWS Certified | CI/CD & Cloud Automation

发布日期: 2023年12月15日
+ 关注

As part of my journey embracing DevOps culture and tools, Terraform and its companions in the realm of Infrastructure as Code (IaC) naturally became integral waypoints on my roadmap. Embracing the principles of DevOps involves not just a mindset shift but also a strategic adoption of tools that enhance efficiency, scalability, and reproducibility.

Let's dive in and deploy some ressources to AWS using terraform.

Prerequisites :

  1. An AWS account , aws cli and running aws configure to set credentials
  2. Terraform installed in your local environment

Terraform code - main.tf file

  • Provider configuration :

We start by defining the required AWS provider and setting the region to whichever region you chose : 

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
    }
  }
}

provider "aws" {
  region = "Enter-your-region-here"
}

  • Setup and configure the ec2 intsance

Now, we define the AWS EC2 instance with configurations such as AMI, instance type, and key name. 

resource "aws_instance" "Enter a name for you instance job here" {
  ami                    = "ami-0505148b3591e4c07" #ubuntu ami id
  instance_type          = "t2.micro" #the instance type 
  key_name               = var.ssh_key_name #your keypair to ssh
  vpc_security_group_ids = [aws_security_group.sg.id]

#optional tags
  tags = {
    Name = var.prefix
  }

#this is optionnal , it runs a defined script on instance startup
  user_data = data.template_file.userdata.rendered

  connection {
    type        = "ssh"
    user        = "ec2-zs"
    password    = ""
    private_key = file(var.ssh_private_key)
    host        = self.public_ip
  }

  provisioner "file" {
    source      = "~/setup.sh"
    destination = "/tmp/setup.sh"
  }

  provisioner "remote-exec" {
    inline = [
      "chmod +x /tmp/setup.sh",
      "sudo /tmp/setup.sh",
    ]
  }
#this is optional , it runs a defined script on instance startup
}

  • Creating a security group

We're creating a security group to be the bouncer of our EC2 party. Open some cool ports for traffic, you know, for good vibes only.

领英推荐

#set the ports you need for you apps and env to run
locals {
  ingress_ports = [22, 8080, 9000, 3000, 3306, 5137, 443]
}

#create the security group from the array of ports
resource "aws_security_group" "sg" {
  name = "${var.prefix}-sg"

  dynamic "ingress" {
    for_each = local.ingress_ports
    iterator = port
    content {
      from_port   = port.value
      protocol    = "tcp"
      to_port     = port.value
      cidr_blocks = ["0.0.0.0/0"]
    }
  }

  egress {
    from_port   = 0
    protocol    = -1
    to_port     = 0
    cidr_blocks = ["0.0.0.0/0"]
  }
}

  • OPTIONAL : Giving Our EC2 Instance a Script to run on start

#replace setup.sh with your own file and path
data "template_file" "userdata" {
  template = file("${abspath(path.module)}/setup.sh")
}

  • Variables.tf file : Always be careful and use security best practices when storing secret keys env variables, for this example we will just be setting up non sensible variables in the file.

variable "prefix" {
  default = "Whatever you want here"
}

variable "ssh_key_name" {
  default = "your keypair name"
}


variable "ssh_private_key" {
  description = "Path to the SSH private key file"
  type        = string
  default     = "/path/path/keypair.pem"
}

  • outputs.tf file , to make your life easier after the instance startupIn this file, you can set variables and commands to run after the instance is up and echo out for example the ssh command to connect to the instance 


output "SSH_Command" {
  value = "ssh -i ${var.ssh_private_key}${var.ssh_key_name}.pem ec2-user@${aws_instance.instance-job-name-you-entered.public_ip}"
}

  • Running the terraform commands

terraform init
terraform plan -out main.plan
terraform apply "main.plan"

#after you're done, remember to destroy your infra
terraform destroy

And there you have it! Terraform makes setting up AWS instances a breeze. No more manual setups. let Terraform do the heavy lifting, so you can focus on the fun stuff.

If you want to dive deeper :

#devops #aws #iac #terraform


要查看或添加评论,请登录

Zakaria S.的更多文章

社区洞察

其他会员也浏览了