Scribd
Upload
6 views21 pages

Deploy Two Tier Architecture in AWS

15 Days of Terraform – Curated by Shaik Hari Sadia Anjum Deploy Two Tier Architecture in AWS using Terraform Components: VPC, Internet Gateway, Subnets - Private and public subnets Load balancer, Route tables, RDS MySQL

Uploaded by

samuele.annulli
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
6 views21 pages

Deploy Two Tier Architecture in AWS

15 Days of Terraform – Curated by Shaik Hari Sadia Anjum Deploy Two Tier Architecture in AWS using Terraform Components: VPC, Internet Gateway, Subnets - Private and public subnets Load balancer, Route tables, RDS MySQL

Uploaded by

samuele.annulli
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 21

15 Days of Terraform – Curated by Shaik Hari Sadia Anjum

Deploy Two Tier Architecture in AWS using


Terraform

Components:

1. VPC
2. Internet Gateway
3. Subnets - Private and public subnets
4. Load balancer
5. Route tables
6. RDS MySQL

Creating Provider.tf file:


provider "aws" {

region = "ap-south-1"

Creating VPC.tf
resource "aws_vpc" "vpc" {

cidr_block = "10.0.0.0/16"

tags = {

name = "Two-tier-vpc"

resource "aws_internet_gateway" "igw" {

vpc_id = aws_vpc.vpc.id

tags = {

name = "two-tier-vpc-igw"

resource "aws_subnet" "public_1" {

vpc_id = aws_vpc.vpc.id

cidr_block = "10.0.1.0/24"

availability_zone = "ap-south-1a"

map_public_ip_on_launch = true

tags = {

name = "public-1"

resource "aws_subnet" "public_2" {

vpc_id = aws_vpc.vpc.id

cidr_block = "10.0.2.0/24"
availability_zone = "ap-south-1b"

map_public_ip_on_launch = true

tags = {

name = "public-2"

resource "aws_subnet" "private_1" {

vpc_id = aws_vpc.vpc.id

cidr_block = "10.0.3.0/24"

availability_zone = "ap-south-1a"

map_public_ip_on_launch = false

tags = {

name = "private-1"

resource "aws_subnet" "private_2" {

vpc_id = aws_vpc.vpc.id

cidr_block = "10.0.4.0/24"

availability_zone = "ap-south-1b"

map_public_ip_on_launch = false

tags = {

name = "private-2"

}
Creating Security-resources.tf
resource "aws_security_group" "alb-sg" {

name = "alb-sg"

description = "security grp for ALB"

vpc_id = aws_vpc.vpc.id

ingress {

from_port = "0"

to_port = "0"

protocol = "-1"

cidr_blocks = ["0.0.0.0/0"]

egress {

from_port = "0"

to_port = "0"

protocol = "-1"

cidr_blocks = ["0.0.0.0/0"]

# create ALB

resource "aws_lb" "two_tier_alb" {

name = "two-tier-alb"

internal = false

load_balancer_type = "application"
security_groups = [aws_security_group.alb-sg.id]

subnets = [aws_subnet.public_1.id, aws_subnet.public_2.id]

# Create ALB target group

resource "aws_lb_target_group" "alb-tg" {

name = "alb-tg"

port = 80

protocol = "HTTP"

vpc_id = aws_vpc.vpc.id

depends_on = [aws_vpc.vpc]

resource "aws_lb_target_group_attachment" "tg-attach1" {

target_group_arn = aws_lb_target_group.alb-tg.arn

target_id = aws_instance.webserver_1.id

port = 80

depends_on = [aws_instance.webserver_1]

resource "aws_lb_target_group_attachment" "tg-attach2" {

target_group_arn = aws_lb_target_group.alb-tg.arn

target_id = aws_instance.webserver_2.id

port = 80

depends_on = [aws_instance.webserver_2]

}
resource "aws_lb_listener" "listener_lb" {

load_balancer_arn = aws_lb.two_tier_alb.arn

port = "80"

protocol = "HTTP"

default_action {

type = "forward"

target_group_arn = aws_lb_target_group.alb-tg.arn

# Create route table to internet gateway

resource "aws_route_table" "rt-igw" {

vpc_id = aws_vpc.vpc.id

route {

cidr_block = "0.0.0.0/0"

gateway_id = aws_internet_gateway.igw.id

tags = {

name = "rt-igw"

# Associate public subnets with route table

resource "aws_route_table_association" "public_route_1" {

subnet_id = aws_subnet.public_1.id

route_table_id = aws_route_table.rt-igw.id
}

resource "aws_route_table_association" "public_route_2" {

subnet_id = aws_subnet.public_2.id

route_table_id = aws_route_table.rt-igw.id

# Create security groups

resource "aws_security_group" "public_sg" {

name = "public-sg"

description = "Allow web and ssh traffic"

vpc_id = aws_vpc.vpc.id

ingress {

from_port = 80

to_port = 80

protocol = "tcp"

cidr_blocks = ["0.0.0.0/0"]

ingress {

from_port = 22

to_port = 22

protocol = "tcp"

cidr_blocks = ["0.0.0.0/0"]

egress {

from_port = 0

to_port =0
protocol = "-1"

cidr_blocks = ["0.0.0.0/0"]

resource "aws_security_group" "private_sg" {

name = "private-sg"

description = "Allow web tier and ssh traffic"

vpc_id = aws_vpc.vpc.id

ingress {

from_port = 3306

to_port = 3306

protocol = "tcp"

cidr_blocks = ["10.0.0.0/16"]

security_groups = [aws_security_group.public_sg.id]

ingress {

from_port = 22

to_port = 22

protocol = "tcp"

cidr_blocks = ["0.0.0.0/0"]

egress {

from_port = 0

to_port =0

protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]

Creating EC2.tf
resource "aws_instance" "webserver_1" {

ami = "ami-0e35ddab05955cf57"

instance_type = "t2.micro"

key_name = "two-tier-aws-terraform"

availability_zone = "ap-south-1a"

vpc_security_group_ids = [aws_security_group.public_sg.id]

associate_public_ip_address = true

subnet_id = aws_subnet.public_1.id

user_data = <<-EOF

#!/bin/bash

sudo apt update -y

sudo apt install nginx -y

sudo systemctl enable nginx

sudo systemctl start nginx

EOF

tags = {

name = "webserver-1"

}
}
resource "aws_instance" "webserver_2" {

ami = "ami-0e35ddab05955cf57"
instance_type = "t2.micro"

key_name = "two-tier-aws-terraform"

availability_zone = "ap-south-1b"

vpc_security_group_ids = [aws_security_group.public_sg.id]

associate_public_ip_address = true

subnet_id = aws_subnet.public_2.id

user_data = <<-EOF

#!/bin/bash

sudo apt update -y

sudo apt install nginx -y

sudo systemctl enable nginx

sudo systemctl start nginx

EOF

tags = {

name = "webserver-2"

}
}

Creating DB.tf
resource "aws_db_subnet_group" "db_subnet" {

name = "db_subnet"

subnet_ids = [aws_subnet.private-1.id, aws_subnet.private_2.id]

resource "aws_db_instance" “mydatabase" {

allocated_storage =5
engine = "mysql"

engine_version = "5.7"

instance_class = "db.t2.micro"

identifier = "db-instance"

db_name = "mydatabase"

username = "admin"

password = "password"

db_subnet_group_name = aws_db_subnet_group.db_subnet.id

vpc_security_group_ids = [aws_security_group.private_sg.id]

publicly_accessible = false

skip_final_snapshot = true

Let’s deploy!
configure aws through Vs code with Access Key ID and Secret Access Key

terraform init

we can see after initializing lock.hcl file has created


terraform plan
terraform apply
Confirm yes to create all resources
Go to the AWS console and verify
1. VPC and Network resources

2. EC2 instances
3. Load Balancer

4. Target Group

5. RDS MYSQL Database


terraform destroy

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy