From 8d1486e2614e14ef4dce86b54a0f43e2d19709f7 Mon Sep 17 00:00:00 2001 From: sheikhug Date: Thu, 8 Aug 2024 14:09:27 +1000 Subject: [PATCH 01/40] first commit --- main.tf | 2 +- outputs.tf | 12 ++++++------ variables.tf | 8 ++++---- 3 files changed, 11 insertions(+), 11 deletions(-) diff --git a/main.tf b/main.tf index 9b32ce06b..0bfc35451 100644 --- a/main.tf +++ b/main.tf @@ -16,7 +16,7 @@ data "aws_ami" "app_ami" { resource "aws_instance" "web" { ami = data.aws_ami.app_ami.id - instance_type = "t3.nano" + instance_type = var.instance_type tags = { Name = "HelloWorld" diff --git a/outputs.tf b/outputs.tf index b35171bef..c429b19b4 100644 --- a/outputs.tf +++ b/outputs.tf @@ -1,7 +1,7 @@ -#output "instance_ami" { -# value = aws_instance.web.ami -#} +output "instance_ami" { + value = aws_instance.web.ami +} -#output "instance_arn" { -# value = aws_instance.web.arn -#} +output "instance_arn" { + value = aws_instance.web.arn +} diff --git a/variables.tf b/variables.tf index c750667e0..60856bc92 100644 --- a/variables.tf +++ b/variables.tf @@ -1,4 +1,4 @@ -#variable "instance_type" { -# description = "Type of EC2 instance to provision" -# default = "t3.nano" -#} +variable "instance_type" { + description = "Type of EC2 instance to provision" + default = "t3.nano" +} From ef3d895f01224fd63d180716bc3b5e883676cfd7 Mon Sep 17 00:00:00 2001 From: sheikhug Date: Thu, 8 Aug 2024 14:22:17 +1000 Subject: [PATCH 02/40] changed name --- main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.tf b/main.tf index 0bfc35451..a5284ea02 100644 --- a/main.tf +++ b/main.tf @@ -14,7 +14,7 @@ data "aws_ami" "app_ami" { owners = ["979382823631"] # Bitnami } -resource "aws_instance" "web" { +resource "aws_instance" "blog" { ami = data.aws_ami.app_ami.id instance_type = var.instance_type From 5d883c4cb02ad429c8f5a157a34537675bb819e5 Mon Sep 17 00:00:00 2001 From: sheikhug Date: Thu, 8 Aug 2024 14:24:06 +1000 Subject: [PATCH 03/40] corrected error --- outputs.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/outputs.tf b/outputs.tf index c429b19b4..7e9410b55 100644 --- a/outputs.tf +++ b/outputs.tf @@ -1,7 +1,7 @@ output "instance_ami" { - value = aws_instance.web.ami + value = aws_instance.blog.ami } output "instance_arn" { - value = aws_instance.web.arn + value = aws_instance.blog.arn } From a10570c7e2158514d49141dac21744acd9ab8c71 Mon Sep 17 00:00:00 2001 From: sheikhug Date: Thu, 8 Aug 2024 14:26:45 +1000 Subject: [PATCH 04/40] Update outputs.tf --- outputs.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/outputs.tf b/outputs.tf index 7e9410b55..d4990da66 100644 --- a/outputs.tf +++ b/outputs.tf @@ -4,4 +4,4 @@ output "instance_ami" { output "instance_arn" { value = aws_instance.blog.arn -} + From 13d52e801f730e81aed6dfc09ff1c3178f851f58 Mon Sep 17 00:00:00 2001 From: sheikhug Date: Thu, 8 Aug 2024 14:28:22 +1000 Subject: [PATCH 05/40] Update 2 to outputs.tf --- outputs.tf | 1 + 1 file changed, 1 insertion(+) diff --git a/outputs.tf b/outputs.tf index d4990da66..551894b1e 100644 --- a/outputs.tf +++ b/outputs.tf @@ -4,4 +4,5 @@ output "instance_ami" { output "instance_arn" { value = aws_instance.blog.arn +} From 16f13c6d5622b6f614344ea1422ba020ab6c49b2 Mon Sep 17 00:00:00 2001 From: sheikhug Date: Thu, 8 Aug 2024 16:45:54 +1000 Subject: [PATCH 06/40] create security groups --- main.tf | 48 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) diff --git a/main.tf b/main.tf index a5284ea02..231819c42 100644 --- a/main.tf +++ b/main.tf @@ -14,11 +14,59 @@ data "aws_ami" "app_ami" { owners = ["979382823631"] # Bitnami } + +data "aws_vpc" "default" { + default = true +} + resource "aws_instance" "blog" { ami = data.aws_ami.app_ami.id instance_type = var.instance_type + vpc_security_group_ids = [aws_security_group.blog.id] + tags = { Name = "HelloWorld" } } + + +resource "aws_security_group" "blog" { + name = "blog" + description = "Allow http and https in. Allow everything out. + + vpc_id = data.aws_vpc.default.id +} + + +resource "aws_security_group_rule" "blog_http_in" { + type = "ingress" + from_port = 80 + to_porot = 80 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + + security_group_id = aws_security_group.blog.id +} + +resource "aws_security_group_rule" "blog_https_in" { + type = "ingress" + from_port = 443 + to_porot = 443 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + + security_group_id = aws_security_group.blog.id +} + + +resource "aws_security_group_rule" "blog_http_out" { + type = "engress" + from_port = 0 + to_porot = 0 + protocol = -1 + cidr_blocks = ["0.0.0.0/0"] + + security_group_id = aws_security_group.blog.id +} + From 28153b8b940884aeaa6eaceb3d7ebe0d6dfd07bf Mon Sep 17 00:00:00 2001 From: sheikhug Date: Thu, 8 Aug 2024 16:47:44 +1000 Subject: [PATCH 07/40] corrected errors --- main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.tf b/main.tf index 231819c42..7faedf7f6 100644 --- a/main.tf +++ b/main.tf @@ -33,7 +33,7 @@ resource "aws_instance" "blog" { resource "aws_security_group" "blog" { name = "blog" - description = "Allow http and https in. Allow everything out. + description = "Allow http and https in. Allow everything out." vpc_id = data.aws_vpc.default.id } From 9c3fbf6d1f0721847ce6d9f303b0b50ee12488bb Mon Sep 17 00:00:00 2001 From: sheikhug Date: Thu, 8 Aug 2024 16:48:49 +1000 Subject: [PATCH 08/40] corrected_errors 2 --- main.tf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/main.tf b/main.tf index 7faedf7f6..ef302d34c 100644 --- a/main.tf +++ b/main.tf @@ -42,7 +42,7 @@ resource "aws_security_group" "blog" { resource "aws_security_group_rule" "blog_http_in" { type = "ingress" from_port = 80 - to_porot = 80 + to_port = 80 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] @@ -52,7 +52,7 @@ resource "aws_security_group_rule" "blog_http_in" { resource "aws_security_group_rule" "blog_https_in" { type = "ingress" from_port = 443 - to_porot = 443 + to_port = 443 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] @@ -63,7 +63,7 @@ resource "aws_security_group_rule" "blog_https_in" { resource "aws_security_group_rule" "blog_http_out" { type = "engress" from_port = 0 - to_porot = 0 + to_port = 0 protocol = -1 cidr_blocks = ["0.0.0.0/0"] From 4ceeb37e967f0d4d70a206e04e455010dcb38b9e Mon Sep 17 00:00:00 2001 From: sheikhug Date: Thu, 8 Aug 2024 16:49:34 +1000 Subject: [PATCH 09/40] corrected errors --- main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.tf b/main.tf index ef302d34c..faca53945 100644 --- a/main.tf +++ b/main.tf @@ -61,7 +61,7 @@ resource "aws_security_group_rule" "blog_https_in" { resource "aws_security_group_rule" "blog_http_out" { - type = "engress" + type = "egress" from_port = 0 to_port = 0 protocol = -1 From 5b2b144a04884e88facea5db2728797801fc73e0 Mon Sep 17 00:00:00 2001 From: sheikhug Date: Fri, 9 Aug 2024 10:47:36 +1000 Subject: [PATCH 10/40] Use module for security group --- main.tf | 46 +++++++++++----------------------------------- 1 file changed, 11 insertions(+), 35 deletions(-) diff --git a/main.tf b/main.tf index faca53945..79f7e8ea1 100644 --- a/main.tf +++ b/main.tf @@ -23,7 +23,7 @@ resource "aws_instance" "blog" { ami = data.aws_ami.app_ami.id instance_type = var.instance_type - vpc_security_group_ids = [aws_security_group.blog.id] + vpc_security_group_ids = [module.blog_sg.security_group_id] tags = { Name = "HelloWorld" @@ -31,42 +31,18 @@ resource "aws_instance" "blog" { } -resource "aws_security_group" "blog" { - name = "blog" - description = "Allow http and https in. Allow everything out." - - vpc_id = data.aws_vpc.default.id -} - - -resource "aws_security_group_rule" "blog_http_in" { - type = "ingress" - from_port = 80 - to_port = 80 - protocol = "tcp" - cidr_blocks = ["0.0.0.0/0"] - - security_group_id = aws_security_group.blog.id -} +module "blog_sg" { + source = "terraform-aws-modules/security-group/aws" + version = "5.1.2" + name = "blog_new" -resource "aws_security_group_rule" "blog_https_in" { - type = "ingress" - from_port = 443 - to_port = 443 - protocol = "tcp" - cidr_blocks = ["0.0.0.0/0"] + vpc_id = data.aws_vpc.default.id + + ingress_rules = ["http-80-tcp", "https-443-tcp"] + egress_cidr_blocks = ["0.0.0.0/0"] - security_group_id = aws_security_group.blog.id + egress_rules = ["all-all"] + eress_cidr_blocks = ["0.0.0.0/0"] } -resource "aws_security_group_rule" "blog_http_out" { - type = "egress" - from_port = 0 - to_port = 0 - protocol = -1 - cidr_blocks = ["0.0.0.0/0"] - - security_group_id = aws_security_group.blog.id -} - From 1c717ab7ad1047f71fb6ff3f463b1e6b3bf115f9 Mon Sep 17 00:00:00 2001 From: sheikhug Date: Fri, 9 Aug 2024 10:48:39 +1000 Subject: [PATCH 11/40] Use module for security group --- main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.tf b/main.tf index 79f7e8ea1..4e3715db6 100644 --- a/main.tf +++ b/main.tf @@ -42,7 +42,7 @@ module "blog_sg" { egress_cidr_blocks = ["0.0.0.0/0"] egress_rules = ["all-all"] - eress_cidr_blocks = ["0.0.0.0/0"] + egress_cidr_blocks = ["0.0.0.0/0"] } From 60a8f83ed34f6b21e0e830167dea84674c26b12d Mon Sep 17 00:00:00 2001 From: sheikhug Date: Fri, 9 Aug 2024 10:49:53 +1000 Subject: [PATCH 12/40] Use module for security group --- main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.tf b/main.tf index 4e3715db6..ccd599717 100644 --- a/main.tf +++ b/main.tf @@ -39,7 +39,7 @@ module "blog_sg" { vpc_id = data.aws_vpc.default.id ingress_rules = ["http-80-tcp", "https-443-tcp"] - egress_cidr_blocks = ["0.0.0.0/0"] + ingress_cidr_blocks = ["0.0.0.0/0"] egress_rules = ["all-all"] egress_cidr_blocks = ["0.0.0.0/0"] From bc0ed9d4a4c10f9ed58e1ce6183f929a2bf22427 Mon Sep 17 00:00:00 2001 From: sheikhug Date: Fri, 9 Aug 2024 11:16:39 +1000 Subject: [PATCH 13/40] Use module for VPC --- main.tf | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/main.tf b/main.tf index ccd599717..4ff9879de 100644 --- a/main.tf +++ b/main.tf @@ -15,15 +15,29 @@ data "aws_ami" "app_ami" { } -data "aws_vpc" "default" { - default = true + +module "blog_vpc" { + source = "terraform-aws-modules/vpc/aws" + + name = "blog-vpc" + cidr = "10.0.0.0/16" + + azs = ["us-west-2a", "us-west-2b", "us-west-2c"] + public_subnets = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"] + + tags = { + Terraform = "true" + Environment = "dev" + } } + resource "aws_instance" "blog" { ami = data.aws_ami.app_ami.id instance_type = var.instance_type vpc_security_group_ids = [module.blog_sg.security_group_id] + subnet_id = module.blog_vpc.public_subnets[0] tags = { Name = "HelloWorld" @@ -36,7 +50,7 @@ module "blog_sg" { version = "5.1.2" name = "blog_new" - vpc_id = data.aws_vpc.default.id + vpc_id = module.blog_vpc.vpc_id ingress_rules = ["http-80-tcp", "https-443-tcp"] ingress_cidr_blocks = ["0.0.0.0/0"] From fe468a4ba269b44f5eb7bf080b1aa147126b849c Mon Sep 17 00:00:00 2001 From: sheikhug Date: Fri, 9 Aug 2024 11:49:13 +1000 Subject: [PATCH 14/40] load balancer --- main.tf | 63 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 63 insertions(+) diff --git a/main.tf b/main.tf index 4ff9879de..f7ed0e60f 100644 --- a/main.tf +++ b/main.tf @@ -45,6 +45,69 @@ resource "aws_instance" "blog" { } +module "alb" { + source = "terraform-aws-modules/alb/aws" + + name = "blog-alb" + vpc_id = module.blog_vpc.vpc_id + subnets = module.blog_vpc.public_subnets + security_group = module.blog_sg.security_group_id + + # Security Group + security_group_ingress_rules = { + all_http = { + from_port = 80 + to_port = 80 + ip_protocol = "tcp" + description = "HTTP web traffic" + cidr_ipv4 = "0.0.0.0/0" + } + all_https = { + from_port = 443 + to_port = 443 + ip_protocol = "tcp" + description = "HTTPS web traffic" + cidr_ipv4 = "0.0.0.0/0" + } + } + security_group_egress_rules = { + all = { + ip_protocol = "-1" + cidr_ipv4 = "10.0.0.0/16" + } + } + + access_logs = { + bucket = "my-alb-logs" + } + + listeners = { + ex-http-https-redirect = { + port = 80 + protocol = "HTTP" + redirect = { + port = "443" + protocol = "HTTPS" + status_code = "HTTP_301" + } + } + } + + target_groups = { + ex-instance = { + name_prefix = "blog" + protocol = "HTTP" + port = 80 + target_type = "instance" + target_id = aws_instance.blog.id + } + } + + tags = { + Environment = "dev" + } +} + module "blog_sg" { source = "terraform-aws-modules/security-group/aws" version = "5.1.2" From d4318e20ed01500e322d6387ff4f5839f542a7b5 Mon Sep 17 00:00:00 2001 From: sheikhug Date: Fri, 9 Aug 2024 11:52:14 +1000 Subject: [PATCH 15/40] Load balancer --- main.tf | 1 - 1 file changed, 1 deletion(-) diff --git a/main.tf b/main.tf index f7ed0e60f..890b598f6 100644 --- a/main.tf +++ b/main.tf @@ -51,7 +51,6 @@ module "alb" { name = "blog-alb" vpc_id = module.blog_vpc.vpc_id subnets = module.blog_vpc.public_subnets - security_group = module.blog_sg.security_group_id # Security Group security_group_ingress_rules = { From 7c1add586976dc0fe3b9ea19b4287cb3cf1b63d5 Mon Sep 17 00:00:00 2001 From: sheikhug Date: Fri, 9 Aug 2024 11:55:30 +1000 Subject: [PATCH 16/40] Load balancer 2 --- main.tf | 26 +++----------------------- 1 file changed, 3 insertions(+), 23 deletions(-) diff --git a/main.tf b/main.tf index 890b598f6..33788e2ac 100644 --- a/main.tf +++ b/main.tf @@ -52,29 +52,9 @@ module "alb" { vpc_id = module.blog_vpc.vpc_id subnets = module.blog_vpc.public_subnets - # Security Group - security_group_ingress_rules = { - all_http = { - from_port = 80 - to_port = 80 - ip_protocol = "tcp" - description = "HTTP web traffic" - cidr_ipv4 = "0.0.0.0/0" - } - all_https = { - from_port = 443 - to_port = 443 - ip_protocol = "tcp" - description = "HTTPS web traffic" - cidr_ipv4 = "0.0.0.0/0" - } - } - security_group_egress_rules = { - all = { - ip_protocol = "-1" - cidr_ipv4 = "10.0.0.0/16" - } - } + security_group_name = module.blog_sg.security_group_id + + access_logs = { bucket = "my-alb-logs" From 2f2e61485473fd0190ea3489a843d5070436455e Mon Sep 17 00:00:00 2001 From: sheikhug Date: Fri, 9 Aug 2024 11:57:52 +1000 Subject: [PATCH 17/40] load balancer --- main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.tf b/main.tf index 33788e2ac..bd8a06dac 100644 --- a/main.tf +++ b/main.tf @@ -52,7 +52,7 @@ module "alb" { vpc_id = module.blog_vpc.vpc_id subnets = module.blog_vpc.public_subnets - security_group_name = module.blog_sg.security_group_id + security_groups = module.blog_sg.security_group_id From 2c915fa960531b02efdafd217a4fba35cff6f6de Mon Sep 17 00:00:00 2001 From: sheikhug Date: Fri, 9 Aug 2024 12:00:28 +1000 Subject: [PATCH 18/40] load balancer --- main.tf | 26 +++++++++++++++++++++++--- 1 file changed, 23 insertions(+), 3 deletions(-) diff --git a/main.tf b/main.tf index bd8a06dac..890b598f6 100644 --- a/main.tf +++ b/main.tf @@ -52,9 +52,29 @@ module "alb" { vpc_id = module.blog_vpc.vpc_id subnets = module.blog_vpc.public_subnets - security_groups = module.blog_sg.security_group_id - - + # Security Group + security_group_ingress_rules = { + all_http = { + from_port = 80 + to_port = 80 + ip_protocol = "tcp" + description = "HTTP web traffic" + cidr_ipv4 = "0.0.0.0/0" + } + all_https = { + from_port = 443 + to_port = 443 + ip_protocol = "tcp" + description = "HTTPS web traffic" + cidr_ipv4 = "0.0.0.0/0" + } + } + security_group_egress_rules = { + all = { + ip_protocol = "-1" + cidr_ipv4 = "10.0.0.0/16" + } + } access_logs = { bucket = "my-alb-logs" From 2116f4bb79ee06db70064134025b28f435e9e0d5 Mon Sep 17 00:00:00 2001 From: sheikhug Date: Fri, 9 Aug 2024 12:10:03 +1000 Subject: [PATCH 19/40] load balancer --- main.tf | 25 ++----------------------- 1 file changed, 2 insertions(+), 23 deletions(-) diff --git a/main.tf b/main.tf index 890b598f6..0f3236095 100644 --- a/main.tf +++ b/main.tf @@ -51,30 +51,9 @@ module "alb" { name = "blog-alb" vpc_id = module.blog_vpc.vpc_id subnets = module.blog_vpc.public_subnets + security_groups = [module.blog_sg.security_group_id] + - # Security Group - security_group_ingress_rules = { - all_http = { - from_port = 80 - to_port = 80 - ip_protocol = "tcp" - description = "HTTP web traffic" - cidr_ipv4 = "0.0.0.0/0" - } - all_https = { - from_port = 443 - to_port = 443 - ip_protocol = "tcp" - description = "HTTPS web traffic" - cidr_ipv4 = "0.0.0.0/0" - } - } - security_group_egress_rules = { - all = { - ip_protocol = "-1" - cidr_ipv4 = "10.0.0.0/16" - } - } access_logs = { bucket = "my-alb-logs" From 026b5b6df71e90c58a339a5964c773fac45be829 Mon Sep 17 00:00:00 2001 From: sheikhug Date: Fri, 9 Aug 2024 12:17:22 +1000 Subject: [PATCH 20/40] load balancer 2 --- main.tf | 5 ----- 1 file changed, 5 deletions(-) diff --git a/main.tf b/main.tf index 0f3236095..9c02a3ff0 100644 --- a/main.tf +++ b/main.tf @@ -54,11 +54,6 @@ module "alb" { security_groups = [module.blog_sg.security_group_id] - - access_logs = { - bucket = "my-alb-logs" - } - listeners = { ex-http-https-redirect = { port = 80 From 2e5b29f76eafafb1f741600fe0931f7794739200 Mon Sep 17 00:00:00 2001 From: sheikhug Date: Fri, 9 Aug 2024 12:35:21 +1000 Subject: [PATCH 21/40] autoscaling --- main.tf | 28 +++++++++++++++------------- outputs.tf | 8 -------- 2 files changed, 15 insertions(+), 21 deletions(-) diff --git a/main.tf b/main.tf index 9c02a3ff0..a9e5ef9cf 100644 --- a/main.tf +++ b/main.tf @@ -31,21 +31,25 @@ module "blog_vpc" { } } +module "blog_asg" { + source = "terraform-aws-modules/autoscaling/aws" -resource "aws_instance" "blog" { - ami = data.aws_ami.app_ami.id - instance_type = var.instance_type + # Autoscaling group + name = "blog" - vpc_security_group_ids = [module.blog_sg.security_group_id] - subnet_id = module.blog_vpc.public_subnets[0] + min_size = 1 + max_size = 2 + vpc_zone_identifier = module.blog_vpc.public_subnets + target_group_arns = module.blog_alb.target_group_arns + security_groups = [module.blog_sg.security_group_id] - tags = { - Name = "HelloWorld" - } -} + image_id = data.aws_ami.app_ami.id + instance_type = var.instance_type + +} -module "alb" { +module "blog_alb" { source = "terraform-aws-modules/alb/aws" name = "blog-alb" @@ -93,6 +97,4 @@ module "blog_sg" { egress_rules = ["all-all"] egress_cidr_blocks = ["0.0.0.0/0"] -} - - +} \ No newline at end of file diff --git a/outputs.tf b/outputs.tf index 551894b1e..e69de29bb 100644 --- a/outputs.tf +++ b/outputs.tf @@ -1,8 +0,0 @@ -output "instance_ami" { - value = aws_instance.blog.ami -} - -output "instance_arn" { - value = aws_instance.blog.arn -} - From 8d99edf61d61d3a1384a3c9237e03fd3ff058af7 Mon Sep 17 00:00:00 2001 From: sheikhug Date: Fri, 9 Aug 2024 12:38:03 +1000 Subject: [PATCH 22/40] autoscaling --- main.tf | 1 - 1 file changed, 1 deletion(-) diff --git a/main.tf b/main.tf index a9e5ef9cf..5a28d2a5c 100644 --- a/main.tf +++ b/main.tf @@ -76,7 +76,6 @@ module "blog_alb" { protocol = "HTTP" port = 80 target_type = "instance" - target_id = aws_instance.blog.id } } From 399c96fa57eba410910c0d6781b330e2ad574d01 Mon Sep 17 00:00:00 2001 From: sheikhug Date: Fri, 9 Aug 2024 12:43:51 +1000 Subject: [PATCH 23/40] autoscaling --- main.tf | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/main.tf b/main.tf index 5a28d2a5c..83f0d3d88 100644 --- a/main.tf +++ b/main.tf @@ -50,7 +50,8 @@ module "blog_asg" { } module "blog_alb" { - source = "terraform-aws-modules/alb/aws" + source = "terraform-aws-modules/alb/aws" + version = "9.10.0" name = "blog-alb" vpc_id = module.blog_vpc.vpc_id From c2d1fdd122e72c8697aa91eacf9b55aa08038834 Mon Sep 17 00:00:00 2001 From: sheikhug Date: Fri, 9 Aug 2024 12:46:58 +1000 Subject: [PATCH 24/40] autoscaling --- main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.tf b/main.tf index 83f0d3d88..b35cafa22 100644 --- a/main.tf +++ b/main.tf @@ -40,7 +40,7 @@ module "blog_asg" { min_size = 1 max_size = 2 vpc_zone_identifier = module.blog_vpc.public_subnets - target_group_arns = module.blog_alb.target_group_arns + #target_group_arns = module.blog_alb.target_group_arns security_groups = [module.blog_sg.security_group_id] From 74747f5252f39c75a37823f014b02300e01f17c2 Mon Sep 17 00:00:00 2001 From: sheikhug Date: Fri, 9 Aug 2024 14:03:31 +1000 Subject: [PATCH 25/40] asg --- main.tf | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/main.tf b/main.tf index b35cafa22..3648131b5 100644 --- a/main.tf +++ b/main.tf @@ -40,7 +40,7 @@ module "blog_asg" { min_size = 1 max_size = 2 vpc_zone_identifier = module.blog_vpc.public_subnets - #target_group_arns = module.blog_alb.target_group_arns + target_group_arns = module.blog_alb.target_group_arns security_groups = [module.blog_sg.security_group_id] @@ -71,14 +71,14 @@ module "blog_alb" { } } - target_groups = { - ex-instance = { - name_prefix = "blog" - protocol = "HTTP" - port = 80 - target_type = "instance" + target_groups = [ + { + name_prefix = "blog" + protocol = "HTTP" + port = 80 + target_type = "instance" } - } + ] tags = { Environment = "dev" From eb866dadcaf8f96afd12cf76aa474a247d80dba9 Mon Sep 17 00:00:00 2001 From: sheikhug Date: Fri, 9 Aug 2024 14:09:50 +1000 Subject: [PATCH 26/40] asg --- main.tf | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/main.tf b/main.tf index 3648131b5..c487cd22d 100644 --- a/main.tf +++ b/main.tf @@ -40,7 +40,7 @@ module "blog_asg" { min_size = 1 max_size = 2 vpc_zone_identifier = module.blog_vpc.public_subnets - target_group_arns = module.blog_alb.target_group_arns + target_group_arns = module.blog_alb.target_groups["ex-instance"].arn security_groups = [module.blog_sg.security_group_id] @@ -71,14 +71,14 @@ module "blog_alb" { } } - target_groups = [ - { - name_prefix = "blog" - protocol = "HTTP" - port = 80 - target_type = "instance" + target_groups = { + ex-instance = { + name_prefix = "blog" + protocol = "HTTP" + port = 80 + target_type = "instance" } - ] + } tags = { Environment = "dev" From 22dec444073ba238aad2e39cd210b6c05f3b3dd4 Mon Sep 17 00:00:00 2001 From: sheikhug Date: Fri, 9 Aug 2024 14:12:21 +1000 Subject: [PATCH 27/40] asg --- main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.tf b/main.tf index c487cd22d..c529e0e99 100644 --- a/main.tf +++ b/main.tf @@ -40,7 +40,7 @@ module "blog_asg" { min_size = 1 max_size = 2 vpc_zone_identifier = module.blog_vpc.public_subnets - target_group_arns = module.blog_alb.target_groups["ex-instance"].arn + target_group_arns = [module.blog_alb.target_groups["ex-instance"].arn] security_groups = [module.blog_sg.security_group_id] From 7693ba0fd1444a8804eb18d4a4e438c5cacf3cf8 Mon Sep 17 00:00:00 2001 From: sheikhug Date: Fri, 9 Aug 2024 14:20:52 +1000 Subject: [PATCH 28/40] asg --- main.tf | 1 + 1 file changed, 1 insertion(+) diff --git a/main.tf b/main.tf index c529e0e99..ceacd364e 100644 --- a/main.tf +++ b/main.tf @@ -77,6 +77,7 @@ module "blog_alb" { protocol = "HTTP" port = 80 target_type = "instance" + target_id = module.blog_asg.target_id } } From 4d703fdaae95079c83fbf249ffc49fc38f72ddf8 Mon Sep 17 00:00:00 2001 From: sheikhug Date: Fri, 9 Aug 2024 14:22:30 +1000 Subject: [PATCH 29/40] asg2 --- main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.tf b/main.tf index ceacd364e..1ea303e60 100644 --- a/main.tf +++ b/main.tf @@ -40,7 +40,7 @@ module "blog_asg" { min_size = 1 max_size = 2 vpc_zone_identifier = module.blog_vpc.public_subnets - target_group_arns = [module.blog_alb.target_groups["ex-instance"].arn] + #target_group_arns = [module.blog_alb.target_groups["ex-instance"].arn] security_groups = [module.blog_sg.security_group_id] From e439a03a33a7c1d60f0200624a0ae42f02c1ca97 Mon Sep 17 00:00:00 2001 From: sheikhug Date: Fri, 9 Aug 2024 14:27:50 +1000 Subject: [PATCH 30/40] asg3 --- main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/main.tf b/main.tf index 1ea303e60..d1945fc91 100644 --- a/main.tf +++ b/main.tf @@ -40,7 +40,7 @@ module "blog_asg" { min_size = 1 max_size = 2 vpc_zone_identifier = module.blog_vpc.public_subnets - #target_group_arns = [module.blog_alb.target_groups["ex-instance"].arn] + target_group_arns = [module.blog_alb.target_groups["ex-instance"].arn] security_groups = [module.blog_sg.security_group_id] @@ -77,7 +77,7 @@ module "blog_alb" { protocol = "HTTP" port = 80 target_type = "instance" - target_id = module.blog_asg.target_id + create_attachment = false } } From 8b0cc0c1864dad4dc493cc6fcc808107ad00e970 Mon Sep 17 00:00:00 2001 From: sheikhug Date: Fri, 9 Aug 2024 14:52:11 +1000 Subject: [PATCH 31/40] asg 3 --- main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.tf b/main.tf index d1945fc91..022eedcf0 100644 --- a/main.tf +++ b/main.tf @@ -98,4 +98,4 @@ module "blog_sg" { egress_rules = ["all-all"] egress_cidr_blocks = ["0.0.0.0/0"] -} \ No newline at end of file +} From 6390943c9f0471a875d5238563ae73ab7982d87c Mon Sep 17 00:00:00 2001 From: sheikhug Date: Fri, 9 Aug 2024 15:55:17 +1000 Subject: [PATCH 32/40] Refactor to use variables --- main.tf | 24 ++++++++++++------------ variables.tf | 38 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 50 insertions(+), 12 deletions(-) diff --git a/main.tf b/main.tf index 022eedcf0..6510f23f2 100644 --- a/main.tf +++ b/main.tf @@ -3,7 +3,7 @@ data "aws_ami" "app_ami" { filter { name = "name" - values = ["bitnami-tomcat-*-x86_64-hvm-ebs-nami"] + values = [var.ami_filter.name] } filter { @@ -11,7 +11,7 @@ data "aws_ami" "app_ami" { values = ["hvm"] } - owners = ["979382823631"] # Bitnami + owners = [var.ami_filter.owner] } @@ -19,11 +19,11 @@ data "aws_ami" "app_ami" { module "blog_vpc" { source = "terraform-aws-modules/vpc/aws" - name = "blog-vpc" - cidr = "10.0.0.0/16" + name = var.environment.name + cidr = "${var.environment.network_prefix}.0.0/16" azs = ["us-west-2a", "us-west-2b", "us-west-2c"] - public_subnets = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"] + public_subnets = ["${var.environment.network_prefix}.101.0/24", "${var.environment.network_prefix}.102.0/24", "${var.environment.network_prefix}.103.0/24"] tags = { Terraform = "true" @@ -35,10 +35,10 @@ module "blog_asg" { source = "terraform-aws-modules/autoscaling/aws" # Autoscaling group - name = "blog" + name = "${var.environment.name}-blog" - min_size = 1 - max_size = 2 + min_size = var.asg_min_size + max_size = var.asg_max_size vpc_zone_identifier = module.blog_vpc.public_subnets target_group_arns = [module.blog_alb.target_groups["ex-instance"].arn] security_groups = [module.blog_sg.security_group_id] @@ -51,7 +51,7 @@ module "blog_asg" { module "blog_alb" { source = "terraform-aws-modules/alb/aws" - version = "9.10.0" + version = "9.${var.environment.network_prefix}" name = "blog-alb" vpc_id = module.blog_vpc.vpc_id @@ -73,7 +73,7 @@ module "blog_alb" { target_groups = { ex-instance = { - name_prefix = "blog" + name_prefix = "${var.environment.name}-" protocol = "HTTP" port = 80 target_type = "instance" @@ -82,15 +82,15 @@ module "blog_alb" { } tags = { - Environment = "dev" + Environment = var.environment.name } } module "blog_sg" { source = "terraform-aws-modules/security-group/aws" version = "5.1.2" - name = "blog_new" + name = "${var.environment.name}-blog" vpc_id = module.blog_vpc.vpc_id ingress_rules = ["http-80-tcp", "https-443-tcp"] diff --git a/variables.tf b/variables.tf index 60856bc92..20ac65294 100644 --- a/variables.tf +++ b/variables.tf @@ -2,3 +2,41 @@ variable "instance_type" { description = "Type of EC2 instance to provision" default = "t3.nano" } + +variable "ami_filter" { + description = "Name filter and owner of AMI" + + type = object({ + name = string + owner = string + }) + + default = { + name = "bitnami-tomcat-*-x86_64-hvm-ebs-nami" + owner = "979382823631" # Bitnami + } + +} + +variable "environment" { + description = "Development environment" + + type = object({ + name = string + network_prefix = string + }) + + name = "dev" + network_prefix = "10.0" +} + + +variable "asg_min_size" { + description = "Minimum number of instances in ASG" + default = 1 +} + +variable "asg_max_size" { + description = "Maximum number of instances in ASG" + default = 2 +} From 505d984a987cdd1a4f11828e9170ac2b316f4da5 Mon Sep 17 00:00:00 2001 From: sheikhug Date: Fri, 9 Aug 2024 16:01:18 +1000 Subject: [PATCH 33/40] Refactor to use variables 2 --- main.tf | 2 +- variables.tf | 8 +++++--- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/main.tf b/main.tf index 6510f23f2..cbe2f0817 100644 --- a/main.tf +++ b/main.tf @@ -51,7 +51,7 @@ module "blog_asg" { module "blog_alb" { source = "terraform-aws-modules/alb/aws" - version = "9.${var.environment.network_prefix}" + version = "9.10.0" name = "blog-alb" vpc_id = module.blog_vpc.vpc_id diff --git a/variables.tf b/variables.tf index 20ac65294..c42b40d75 100644 --- a/variables.tf +++ b/variables.tf @@ -25,9 +25,11 @@ variable "environment" { name = string network_prefix = string }) - - name = "dev" - network_prefix = "10.0" + + default = { + name = "dev" + network_prefix = "10.0" + } } From 7cc02c35ee2338a683c1971b5e74e31378db470f Mon Sep 17 00:00:00 2001 From: sheikhug Date: Fri, 9 Aug 2024 16:20:56 +1000 Subject: [PATCH 34/40] Modularise --- providers.tf => dev/providers.tf | 0 main.tf => modules/blog/main.tf | 0 modules/blog/outputs.tf | 3 +++ variables.tf => modules/blog/variables.tf | 0 outputs.tf | 0 5 files changed, 3 insertions(+) rename providers.tf => dev/providers.tf (100%) rename main.tf => modules/blog/main.tf (100%) create mode 100644 modules/blog/outputs.tf rename variables.tf => modules/blog/variables.tf (100%) delete mode 100644 outputs.tf diff --git a/providers.tf b/dev/providers.tf similarity index 100% rename from providers.tf rename to dev/providers.tf diff --git a/main.tf b/modules/blog/main.tf similarity index 100% rename from main.tf rename to modules/blog/main.tf diff --git a/modules/blog/outputs.tf b/modules/blog/outputs.tf new file mode 100644 index 000000000..9e7bbbce2 --- /dev/null +++ b/modules/blog/outputs.tf @@ -0,0 +1,3 @@ +output "environment_url" { + value = module.blog_alb.lb_dns_name +} \ No newline at end of file diff --git a/variables.tf b/modules/blog/variables.tf similarity index 100% rename from variables.tf rename to modules/blog/variables.tf diff --git a/outputs.tf b/outputs.tf deleted file mode 100644 index e69de29bb..000000000 From 631d7f1265f08485f4846f665309576be9f86e98 Mon Sep 17 00:00:00 2001 From: sheikhug Date: Fri, 9 Aug 2024 16:25:56 +1000 Subject: [PATCH 35/40] Define dev environment --- dev/main.tf | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 dev/main.tf diff --git a/dev/main.tf b/dev/main.tf new file mode 100644 index 000000000..dbcbcbee4 --- /dev/null +++ b/dev/main.tf @@ -0,0 +1,3 @@ +mondule "dev" { + source = "../modules/blog" +} \ No newline at end of file From 4bd4c9c7f61d4bbd6e064c5d634284de9584beab Mon Sep 17 00:00:00 2001 From: sheikhug Date: Fri, 9 Aug 2024 16:28:44 +1000 Subject: [PATCH 36/40] Define dev environment --- dev/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dev/main.tf b/dev/main.tf index dbcbcbee4..47edd2088 100644 --- a/dev/main.tf +++ b/dev/main.tf @@ -1,3 +1,3 @@ -mondule "dev" { +module "dev" { source = "../modules/blog" } \ No newline at end of file From 6c07215199b6d7eec657cb60dd4923e74ae9e8bf Mon Sep 17 00:00:00 2001 From: sheikhug Date: Fri, 9 Aug 2024 16:31:09 +1000 Subject: [PATCH 37/40] Define dev environment 2 --- modules/blog/outputs.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/blog/outputs.tf b/modules/blog/outputs.tf index 9e7bbbce2..43b99c861 100644 --- a/modules/blog/outputs.tf +++ b/modules/blog/outputs.tf @@ -1,3 +1,3 @@ output "environment_url" { - value = module.blog_alb.lb_dns_name + value = module.blog_alb.dns_name } \ No newline at end of file From 14af53827f5194ae3dd2dfe83c34fd1e311f0bc6 Mon Sep 17 00:00:00 2001 From: sheikhug Date: Fri, 9 Aug 2024 16:48:15 +1000 Subject: [PATCH 38/40] Define QA Environment --- qa/main.tf | 12 ++++++++++++ qa/outputs.tf | 3 +++ qa/providers.tf | 11 +++++++++++ 3 files changed, 26 insertions(+) create mode 100644 qa/main.tf create mode 100644 qa/outputs.tf create mode 100644 qa/providers.tf diff --git a/qa/main.tf b/qa/main.tf new file mode 100644 index 000000000..6ba1c2706 --- /dev/null +++ b/qa/main.tf @@ -0,0 +1,12 @@ +module "qa" { + source = "../modules/blog" + + environment = { + name = "qa" + networ_prefix = "10.1" + } + + asg_min_size = 1 + asg_max_size = 1 + +} \ No newline at end of file diff --git a/qa/outputs.tf b/qa/outputs.tf new file mode 100644 index 000000000..fae4b9f05 --- /dev/null +++ b/qa/outputs.tf @@ -0,0 +1,3 @@ +output "environment_url" { + value = module.qa.environment_url +} \ No newline at end of file diff --git a/qa/providers.tf b/qa/providers.tf new file mode 100644 index 000000000..c41e3650b --- /dev/null +++ b/qa/providers.tf @@ -0,0 +1,11 @@ +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + } + } +} + +provider "aws" { + region = "us-west-2" +} From 6bbb2f3b1c539d752b3682a104c628f34afa9787 Mon Sep 17 00:00:00 2001 From: sheikhug Date: Fri, 9 Aug 2024 17:05:39 +1000 Subject: [PATCH 39/40] Define dev environment 2 --- modules/blog/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/blog/main.tf b/modules/blog/main.tf index cbe2f0817..ef7caf788 100644 --- a/modules/blog/main.tf +++ b/modules/blog/main.tf @@ -27,7 +27,7 @@ module "blog_vpc" { tags = { Terraform = "true" - Environment = "dev" + Environment = var.environment.name } } From 5d25c38d73ab4b5827cb242fc97a324b0988b7db Mon Sep 17 00:00:00 2001 From: sheikhug Date: Fri, 9 Aug 2024 17:11:38 +1000 Subject: [PATCH 40/40] Define dev environment 4 --- qa/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/qa/main.tf b/qa/main.tf index 6ba1c2706..3033a0c03 100644 --- a/qa/main.tf +++ b/qa/main.tf @@ -3,7 +3,7 @@ module "qa" { environment = { name = "qa" - networ_prefix = "10.1" + network_prefix = "10.1" } asg_min_size = 1