Perform the task using EFS on the AWS
Create/launch Application using Terraform
1. Create Security group which allow the port 80.
2. Launch EC2 instance.
3. In this Ec2 instance use the existing key or provided key and security group which we have created in step 1.
4. Launch one Volume using the EFS service and attach it in your vpc, then mount that volume into /var/www/html
5. Developer have uploded the code into github repo also the repo has some images.
6. Copy the github repo code into /var/www/html
7. Create S3 bucket, and copy/deploy the images from github repo into the s3 bucket and change the permission to public readable.
8 Create a Cloudfront using s3 bucket(which contains images) and use the Cloudfront URL to update in code in /var/www/html
provider “aws” {
region =”ap-south-1"
profile =”mavericks”
}
resource “tls_private_key” “mykey2222”{
algorithm =”RSA”
}
module “key_pair” {
source = “terraform-aws-modules/key-pair/aws”
key_name = “mykey2222”
public_key = tls_private_key.mykey2222.public_key_openssh
}
#security group created
resource “aws_security_group” “mytask” {
name = “mytask”
description = “Allow TLS inbound traffic”
vpc_id = “vpc-9ce5f8f4”
egress {
from_port = 0
to_port = 0
protocol = “-1”
cidr_blocks = [“0.0.0.0/0”]
}
ingress {
description = “TLS from VPC”
from_port = 443
to_port = 443
protocol = “tcp”
cidr_blocks = [“0.0.0.0/0”]
}
ingress {
cidr_blocks=[“0.0.0.0/0”]
from_port = 80
to_port = 80
protocol = “tcp”
}
ingress {
cidr_blocks=[“0.0.0.0/0”]
from_port = 22
to_port = 22
protocol = “tcp”
}
tags = {
Name = “mytask”
}
}
resource “aws_instance” “mytaskinst” {
depends_on= [aws_security_group.mytask]
ami= “ami-052c08d70def0ac62”
instance_type= “t2.micro”
key_name= “mykey2222”
security_groups= [“mytask”]
tags = {
Name= “mytaskos”
}
connection {
type = “ssh”
user = “ec2-user”
private_key = tls_private_key.mykey2222.private_key_pem
host = aws_instance.mytaskinst.public_ip
}
provisioner “remote-exec” {
inline = [
“sudo yum install httpd php git -y”,
“sudo systemctl restart httpd”,
“sudo systemctl enable httpd”,
]
}
}
#efs created and attached
resource “aws_efs_file_system” “efsvolume” {
creation_token = “efstoken”
depends_on = [aws_instance.mytaskinst]
tags = {
Name = “efsvolume”
}
}
resource “aws_efs_mount_target” “volumetarget” {
depends_on = [
aws_efs_file_system.efsvolume
]
file_system_id = aws_efs_file_system.efsvolume.id
subnet_id = aws_instance.mytaskinst.subnet_id
security_groups = [aws_security_group.mytask.id]
}
resource “null_resource” “nullremote”{
depends_on=[aws_efs_mount_target.volumetarget]
connection{
type=”ssh”
user=”ec2-user”
private_key=tls_private_key.mykey2222.private_key_pem
host=aws_instance.mytaskinst.public_ip
}
provisioner “remote-exec”{
inline=[
“sudo mount -t ‘${aws_efs_file_system.efsvolume.id}’:/ /var/www/html”,
“sudo rm -rf /var/www/html/*”,
“sudo git clone https://github.com/abhya944/hybridcloud.git /var/www/html/”
]
}
}
//aws bucket create
resource “aws_s3_bucket” “s3bk” {
bucket = “mybucketabhya”
acl = “public-read”
}
//aws S3 bucket attach
resource “aws_s3_bucket_object” “object” {
depends_on = [aws_s3_bucket.s3bk]
bucket = aws_s3_bucket.s3bk.bucket
key = “buggati.jpg”
source = “/Users/abhya/Downloads/buggati.jpg”
acl =”public-read”
}
//cloud front
resource “aws_cloudfront_distribution” “s3_distribut” {
origin {
domain_name = “mybucketabhya.s3.amazonaws.com”
origin_id = “S3-mybucketabhya”
custom_origin_config {
http_port = 80
https_port = 80
origin_protocol_policy = “match-viewer”
origin_ssl_protocols = [“TLSv1”, “TLSv1.1”, “TLSv1.2”]
}
}
enabled = true
default_cache_behavior {
allowed_methods = [“DELETE”, “GET”, “HEAD”, “OPTIONS”, “PATCH”, “POST”, “PUT”]
cached_methods = [“GET”, “HEAD”]
target_origin_id = “S3-mybucketabhya”
forwarded_values {
query_string = false
cookies {
forward = “none”
}
}
viewer_protocol_policy = “allow-all”
min_ttl = 0
default_ttl = 3600
max_ttl = 86400
}
restrictions {
geo_restriction {
restriction_type = “none”
}
}
viewer_certificate {
cloudfront_default_certificate = true
}
}
//opening web page
resource “null_resource” “nulllocal1” {
depends_on = [
aws_cloudfront_distribution.s3_distribut
]
provisioner “local-exec” {
command = “open http://${aws_instance.mytaskinst.public_ip}"
}
}
output “myout”{
value = aws_instance.mytaskinst.public_ip
}
