LAUNCHING WEB SERVER ON THE TOP OF AWS WITH TERRAFORM

What is Cloud Computing?

Cloud computing is a term referred to storing and accessing data over the internet. It doesn't store any data on the hard disk of your personal computer. In cloud computing, you can access data from a remote server.

What is AWS?

Amazon web service is a platform that offers flexible, reliable, scalable, easy-to-use and cost-effective cloud computing solutions.

AWS is a comprehensive, easy to use computing platform offered Amazon. The platform is developed with a combination of infrastructure as a service (IaaS), platform as a service (PaaS) and packaged software as a service (SaaS) offerings.

AWS is a public cloud which provides multiple services to multiple users. A public cloud is an external cloud over the internet that provide services to different users/tenants under the same cloud infrastructure.There are multiple services provided by AWS such as EC2, IAM, Cloudfront, S3, Global accelerator, Amazon SageMaker etc.

What is EFS ?

Amazon Elastic File System (Amazon EFS) provides a simple, scalable, fully managed elastic NFS file system for use with AWS Cloud services and on-premises resources. It is built to scale on demand to petabytes without disrupting applications, growing and shrinking automatically as you add and remove files, eliminating the need to provision and manage capacity to accommodate growth.

Amazon EFS offers two storage classes: the Standard storage class, and the Infrequent Access storage class (EFS IA). EFS IA provides price/performance that's cost-optimized for files not accessed every day. By simply enabling EFS Lifecycle Management on your file system, files not accessed according to the lifecycle policy you choose will be automatically and transparently moved into EFS IA. The EFS IA storage class costs only $0.025/GB-month*.

What is Terraform?

Terraform is a tool for building, changing, and versioning infrastructure safely and efficiently. Terraform can manage existing and popular service providers as well as custom in-house solutions.

Configuration files describe to Terraform the components needed to run a single application or your entire datacenter. Terraform generates an execution plan describing what it will do to reach the desired state, and then executes it to build the described infrastructure. As the configuration changes, Terraform is able to determine what changed and create incremental execution plans which can be applied.

• terraform init (To install all the required plugins)
• terraform validate (To check the code)
• terraform apply -auto-approve (To apply all the resources and run the code)
• terraform destroy -auto-approve (To delete all services initiated by terraform code in a single go)

Problem Statement:

Perform the task-1 using EFS instead of EBS service on the AWS as,

Create/launch Application using Terraform

1. Create Security group which allow the port 80.

2. Launch EC2 instance.

3. In this Ec2 instance use the existing key or provided key and security group which we have created in step 1.

4. Launch one Volume using the EFS service and attach it in your vpc, then mount that volume into /var/www/html

5. Developer have uploded the code into github repo also the repo has some images.

6. Copy the github repo code into /var/www/html

7. Create S3 bucket, and copy/deploy the images from github repo into the s3 bucket and change the permission to public readable.

8 Create a Cloudfront using s3 bucket(which contains images) and use the Cloudfront URL to update in code in /var/www/html

Solution:

Before going to the solution firstly we have to configure the aws profile. We can configure the aws profile by typing aws configure command in cmd. In my case, I already configure my aws profile but you can configure your profile with the help of access key and secret key

Create the key using terraform code :

provider "aws" {
    region  =  "ap-south-1"
    profile  =  "nishant"
}
resource "tls_private_key" "mytask2key"  {
   algorithm  =  "RSA"
 }

resource "aws_key_pair" "keypair"  {
    key_name  =  "mytask2key"
    public_key  = tls_private_key.mytask2key.public_key_openssh
 
    depends_on  =  [
               tls_private_key.mytask2key
    ]
   
}

Now when we apply this code by typing terraform apply it will generate a key.

Create Security Group using terraform code :

This security group will allow port 80 and 22.Port 80 is used by httpd web server and port 22 is the port for ssh.

resource "aws_security_group" "mytask2_sec_group1" {
        name           =  "mytask2_sec_group1"
        description  =  "Allow SSH and HTTP"
        vpc_id = "vpc-00fa9f1cd88e82396"

        ingress {
           description   =  "SSH"
           from_port     =  22
           to_port         =  22
           protocol       =  "tcp"
           cidr_blocks  =  [ "0.0.0.0/0"]
         }
        
         ingress {
            description   =  "HTTP"
            from_port     =  80
            to_port         =  80
            protocol        =  "tcp"
            cidr_blocks   =  [ "0.0.0.0/0" ]
         }
         egress {
             from_port  =  0
             to_port      =  0
             protocol    =  "-1"
             cidr_blocks  =  [ "0.0.0.0/0" ]
        }
       tags  =  {
           Name  =  "mytask2_sec_group1"
        }
}

After apply this code we got the output

Launch AWS EC2 Instance :

resource "aws_instance"  "myinstan"  {
    ami   =  "ami-0447a12f28fddb066"
    instance_type  =  "t2.micro"
    key_name  =  aws_key_pair.keypair.key_name
    security_groups  =  [ "mytask2_sec_group1" ]
   
    
   
    connection  {
              agent   =  "false"
              type     =  "ssh"
              user     =  "ec2-user"
              private_key  =  tls_private_key.mytask2key.private_key_pem
              host     =  aws_instance.myinstan.public_ip
          }
    provisioner  "remote-exec" {
             inline  =  [
                   "sudo  yum install httpd  php  git  -y",
                   "sudo  systemctl  restart  httpd",
                   "sudo systemctl  enable httpd",
               ]
         }
 
   tags  =  {
        Name = "myinstan"
     }
}

After applying we got the output

Create the EFS:

resource "aws_efs_file_system" "myefs" {
   creation_token = "myefs"
   performance_mode = "generalPurpose"
 tags = {
     Name = "myefs"
   }
 
}

Now when we apply this code we got the output

Mounting EFS:

resource "aws_efs_mount_target" "myefsmount" {
   file_system_id  = aws_efs_file_system.myefs.id
   subnet_id = aws_instance.myinstan.subnet_id
   security_groups = ["${aws_security_group.mytask2_sec_group1.id}"]
 }

Configure EC2 For EFS Mount:

resource  "null_resource"  "mounting" {
      depends_on = [
            aws_efs_mount_target.myefsmount,
      ]
      connection {
             type  =  "ssh"
             user  =  "ec2-user"
             private_key  =  tls_private_key.mytask2key.private_key_pem
             host  =  aws_instance.myinstan.public_ip
       }
      provisioner  "remote-exec" {
             inline  =  [
                 "sudo echo ${aws_efs_file_system.myefs.dns_name}:/var/www/html  efs  defaults, _netdev 0 0 >> sudo  /etc/fstab",
                 "sudo mount ${aws_efs_file_system.myefs.dns_name}:/ /var/www/html",
                 "sudo git clone https://github.com/Nishantsingh70/awsterraformtask2.git    /var/www/html"
             ]
         }
    
}

Create S3 Bucket :

resource "aws_s3_bucket"  "mytask2bucket"  {
            bucket  =  "mybucket23433"
            acl  =  "private"
            region = "ap-south-1"
        versioning {
                       enabled  =  true
        }
       tags  =  {
           Name  =  "mytask2bucket23433"
        }
}

After apply the code we got the output

Download object/image in S3 bucket:

resource "aws_s3_bucket_object"  "mytask2bucket_object"  {
         depends_on = [aws_s3_bucket.mytask2bucket , ]
          bucket  =  aws_s3_bucket.mytask2bucket.id
          key   =  "img.jpg"
          source  =  "awsterraformtask2/img.jpg"
          acl  =  "public-read"
   
}

After running this command it will download the image from github and store it in the bucket.

Create Cloudfront for the s3 bucket:

resource "aws_cloudfront_distribution" "mytask2cloudfront" {
        origin {
                domain_name = "mybucket.s3.amazonaws.com"
                origin_id   = "S3-mybucket23433-id"
                custom_origin_config  {
                      http_port  =  80
                      https_port  =  80
                      origin_protocol_policy  =  "match-viewer"
                      origin_ssl_protocols  =  [ "TLSv1" , "TLSv1.1" ,"TLSv1.2" ]
           }
}
enabled  =  true
default_cache_behavior {
            allowed_methods  =  ["DELETE" , "GET" , "HEAD" , "OPTIONS" ,"PATCH" , "POST" , "PUT" ]
            cached_methods = ["GET" , "HEAD"]
            target_origin_id  =  "S3-mybucket23433-id"
        
            forwarded_values  {
                query_string  =  false
                 cookies {
                               forward = "none"
                 }
 }
viewer_protocol_policy  =  "allow-all"
min_ttl  =  0
default_ttl  =  3600
max_ttl  =  86400
}
restrictions  {
             geo_restriction {
                              restriction_type = "none"
          }
}
viewer_certificate  {
           cloudfront_default_certificate = true
           }

   provisioner  "local-exec"  {
           command  =  "chrome ${aws_instance.myinstan.public_ip}"
   }
}

When we apply this code we got the output

When I run the complete code

First we initialize the terraform plugins

Secondly we have to validate the code

Now we apply the code

We get the ouput on http web server

Successfully Deployed the Infrastructure with a

combination of Github+Terraform+AWS Cloud

GitHub Link:

THANK YOU!!!