TASK-1 DESCRIPTION
: Have to create/launch Application using Terraform
- Create the key and security group which allow the port 80.
2. Launch EC2 instance.
3. In this Ec2 instance use the key and security group which we have created in step 1.
4. Launch one Volume (EBS) and mount that volume into /var/www/html
5. Developer have uploded the code into github repo also the repo has some images.
6. Copy the github repo code into /var/www/html
7. Create S3 bucket, and copy/deploy the images from github repo into the s3 bucket and change the permission to public readable.
8 Create a Cloudfront using s3 bucket and use the Cloudfront URL to update in code in /var/www/html
THE OUTPUTS ARE ATTACHED BELOW :
- create the key and security group which allow port 80
provider “aws”{
region =”ap-south-1"
profile=”abhyaprofile”
}
//private key create
resource “tls_private_key” “mykey2222”{
algorithm=”RSA”
}
module “key_pair” {
source = “terraform-aws-modules/key-pair/aws”
key_name = “mykey2222”
public_key = tls_private_key.mykey2222.public_key_openssh
}
//creating security_group
resource “aws_security_group” “mytask” {
name = “mytask”
description = “Allow TLS inbound traffic”
vpc_id = “vpc-9ce5f8f4”
egress {
from_port = 0
to_port = 0
protocol = “-1”
cidr_blocks = [“0.0.0.0/0”]
}
ingress {
cidr_blocks=[“0.0.0.0/0”]
from_port = 80
to_port = 80
protocol = “tcp”
}
ingress {
cidr_blocks=[“0.0.0.0/0”]
from_port = 22
to_port = 22
protocol = “tcp”
}
tags = {
Name = “mytask”
}
}
2.LAUNCH EC2 INSTANCE .In the ec2 instance use the key and security group which we have created in step 1
//aws instance create
resource “aws_instance” “mytaskinst” {
depends_on=[aws_security_group.mytask]
ami=”ami-07a8c73a650069cf3"
instance_type=”t2.micro”
key_name=”mykey2222"
security_groups=[“mytask”]
tags = {
Name=”mytaskos”
}
connection {
type = “ssh”
user = “ec2-user”
private_key = tls_private_key.mykey2222.private_key_pem
host = aws_instance.mytaskinst.public_ip
}
provisioner “remote-exec” {
inline = [
“sudo yum install httpd php git -y”,
“sudo systemctl restart httpd”,
“sudo systemctl enable httpd”,
]
}
}
3.launch one ebs volume (ebs) and mount that volume into /var/www/html
//creating ebs volume
resource “aws_ebs_volume” “ebs” {
availability_zone = aws_instance.mytaskinst.availability_zone
size = 1
tags = {
Name = “taskebs”
}
}
//attaching volume to instance
resource “aws_volume_attachment” “ebs_att” {
depends_on=[aws_ebs_volume.ebs,aws_instance.mytaskinst]
device_name = “/dev/sdd”
volume_id = aws_ebs_volume.ebs.id
instance_id = aws_instance.mytaskinst.id
force_detach = true
}
resource “null_resource” “nullremote” {
depends_on = [
aws_volume_attachment.ebs_att,
]
connection {
type = “ssh”
user = “ec2-user”
private_key = tls_private_key.mykey2222.private_key_pem
host = aws_instance.mytaskinst.public_ip
}
provisioner “remote-exec” {
inline = [
“sudo mkfs.ext4 /dev/xvdd”,
“sudo mount /dev/xvdd /var/www/html”,
“sudo rm -rf /var/www/html/*”,
“sudo git clone https://github.com/abhya944/hybridcloud.git /var/www/html/”
]
}
}
4-developer have uploaded the code into github repo also the repo has some images
5. Copy the github repo code into /var/www/html
6.create S3 bucket ,and copy/deploy the images from github repo into the s3 bucket and change the permission to public readable.
//aws bucket create
resource “aws_s3_bucket” “s3bk” {
bucket = “mybucketabhya”
acl = “public-read”
}
//aws S3 bucket attach
resource “aws_s3_bucket_object” “object” {
depends_on=[aws_s3_bucket.s3bk]
bucket = aws_s3_bucket.s3bk.bucket
key = “buggati.jpg”
source = “/Users/abhya/Downloads/buggati.jpg”
acl =”public-read”
}
7-create a clounfront using s3 bucket and use the cloudfront url to update in code in /var/www/html
//cloud front
resource “aws_cloudfront_distribution” “s3_distribut” {
origin {
domain_name = “mybucketabhya.s3.amazonaws.com”
origin_id = “S3-mybucketabhya”
custom_origin_config {
http_port=80
https_port=80
origin_protocol_policy=”match-viewer”
origin_ssl_protocols=[“TLSv1”, “TLSv1.1”, “TLSv1.2”]
}
}
enabled = true
default_cache_behavior {
allowed_methods = [“DELETE”, “GET”, “HEAD”, “OPTIONS”, “PATCH”, “POST”, “PUT”]
cached_methods = [“GET”, “HEAD”]
target_origin_id = “S3-mybucketabhya”
forwarded_values {
query_string = false
cookies {
forward = “none”
}
}
viewer_protocol_policy = “allow-all”
min_ttl = 0
default_ttl = 3600
max_ttl = 86400
}
restrictions {
geo_restriction {
restriction_type = “none”
}
}
viewer_certificate {
cloudfront_default_certificate = true
}
}
//opening web page
resource “null_resource” “nulllocal1” {
depends_on = [
null_resource.nullremote,aws_cloudfront_distribution.s3_distribut
]
provisioner “local-exec” {
command = “open http://${aws_instance.mytaskinst.public_ip}"
}
}
output “myout”{
value = aws_instance.mytaskinst.public_ip
}
cli commands
run terraform
destroy terraform
