Tuesday, June 20, 2023

Build a developer environment with AWS and Terraform

 


Terraform AWS provider

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
    }
  }
}

Creating a provider.tf file in a dev environment is done by creating a text document and naming it “provider.tf”. This file can then be placed in the root directory of the development project. Once the file is created, you can copy and paste the code provided above into the file.

When creating the provider.tf file, it is important to remember to remove the version information from the code. This will allow the file to be used for different versions of the software being developed.


Shared Credential files provider

provider "aws" {

region                              = "us-east-1"

        shared_credentials_files = "~/.aws/credentials"

         profile                            = "vscode"

}

Copy and paste it in the providers.tf and change the


In order to open a new terminal and enter the command "terraform init," follow these steps:

1 Open the terminal by pressing Ctrl + Shift +  `

  1. Enter the command "terraform init"
  2. Press the Enter key to execute the command.

You should see a confirmation message that the initialization succeeded. You can now use terraform to create and manage resources.



In VS Code, we need to add resources to a file called main.tf. To do this, we can use the following code:

        resource "aws_vpc" "ct_vpc" {

        cidr_block = "10.123.10.10/16"

        enable_dns_hostnames = true

        enable_dns_support = true

        tags = {

                Name = "dev"

    }

        }



To execute the above code, we will use Terraform Plan. This will provide us with data regarding the resources that will be deployed in the AWS Dev environment. This information will include the type of resources, such as EC2 instances, Auto Scaling groups, S3 buckets, etc., as well as the necessary configurations for those resources. This data will be used to ensure that the deployment of the resources is successful and that the end result is as expected. The Terraform Plan will also provide us with a preview of the resources that will be created in the AWS Dev environment, so we can review and validate the changes before the deployment is completed. Once the Terraform Plan is executed, the resources will be deployed in the AWS Dev environment.


Running the terraform apply command will initiate the actual execution of the Terraform code written in the configuration files. This command will create or modify the resources according to the configuration files. It will begin by displaying a plan of the planned operations and will then prompt for confirmation before proceeding further. After confirmation, it will create the necessary resources. Terraform will then display the state of the resources after execution.



To connect to your AWS resources and manage them using VS Code, you'll need to open the AWS icon on the left menu of VS Code. From there, select the appropriate profile for the resources you want to manage. If you want to manage an Amazon Elastic Compute Cloud (EC2) Virtual Private Cloud (VPC), select the AWS::EC2::VPC profile. Once you've connected to the resource, you'll be able to see important information, such as the VPC ID and other details related to the VPC.


After successfully connecting to the resource, you will be able to see the VPC ID, which is a unique identifier assigned to the Virtual Private Cloud. With this information, you can then access and manage other important aspects of the VPC such as the subnets, security groups, and route tables. Additionally, you can also view the VPC's IP address range, which defines the range of IP addresses used by the VPC. This range can be customized to fit the specific needs of your organization, providing greater control and flexibility over your network infrastructure.


Type terraform state list to show all the resources in AWS.


Terraform show is a command that displays the current state of your infrastructure resources. This includes the resources that are currently being managed by Terraform, such as Amazon Web Services (AWS) resources. It can show the details of the resources by retrieving their attributes from the current state. By using this command, you can check the configuration of the resources that Terraform is managing and ensure that they are up to date and in line with your desired state. Furthermore, you can use the output of the Terraform show command to help troubleshoot any issues that may arise with your infrastructure resources. Therefore, it is a useful command to know and utilize as a part of your infrastructure management toolkit.


Let's delete the VPC that we have created. This process will remove the virtual private cloud from our network infrastructure. After deleting the VPC, any resources that were associated with it will no longer be available in the system. Therefore, it is important to make sure that all necessary data and resources have been transferred to another VPC or storage location before proceeding with the deletion process. Additionally, it is essential to check and ensure that there are no dependencies or connections to the VPC from other systems or applications that may be affected by the deletion. Once all necessary preparations have been made, we can proceed with the deletion process by navigating to the VPC management console and selecting the option to delete the VPC.


To create a public subnet using Terraform, follow these steps:

  1. Define the VPC and subnet resources in your Terraform code.
  2. Set the "map_public_ip_on_launch" attribute of the subnet to "true".
  3. Associate the subnet with a route table that has an internet gateway as a target.
  4. Apply the Terraform code to create the subnet.

After these steps, you should have a public subnet in your infrastructure that can be used for hosting resources with public-facing IP addresses.

            resource "aws_subnet" "ct_public_subnet" {

                 vpc_id = aws_vpc.ct_vpc.id

                  cidr_block = "10.123.1.0/24"

                  map_public_ip_on_launch = true

                  availability_zone = "us-east-1a"

                  tags = {

                        Name = "dev-public"

                      }

                }


Run terraform run and check whether the given parameters are present.

After verifying the resources run terraform apply to run resources on the instance This will create the resources specified in the terraform configuration.

AWS can be accessed from the left menu of VS code. Select resources and click on settings, then add AWS::EC2::subnetNetworkAclAssociation and then click on OK.


now add internet gateway to the vpc by adding resource of igw to the main.tf file. enter the below terraform code to add resources. Run terraform plan and terraform apply to see the changes

resource "aws_internet_gateway" "ct_internet_gateway" {

      vpc_id = aws_vpc.ct_vpc.id

      tags = {

            Name = "dev-igw"

          }

}



Similarly, you can add an aws internet gateway to the resources menu as mentioned above.

In order to flow traffic to the VPC and Internet gateway, let us create a route table. We need two resources to add this time. Please paste the following code to add resources.

        resource "aws_route_table" "ct_public_rt" {
              vpc_id = aws_vpc.ct_vpc.id

              tags = {
                    Name = "dev_public_rt"
                  }
           }

            resource "aws_route" "default_route" {
                  route_table_id = aws_route_table.ct_public_rt.id
                  destination_cidr_block = "0.0.0.0/0"
                  gateway_id = aws_internet_gateway.ct_internet_gateway.id
            }

You can now run the Terraform plan and apply to add resources. To view the details of the route table, add the route table to the menu of the Amazon Web Services resources in Visual Studio Code.





we are going to bridge the gap between route table and subnet by providing route table association. write below code and run terraform plan and terraform apply

        resource "aws_route_table_association" "ct_public_association" {
              subnet_id         = aws_subnet.ct_public_subnet.id
              rouroute_table_id = aws_route_table.ct_public_rt.id
            }


A very important resource is now being added to AWS and it is the security group.

Add the following code to main.tf for incoming and outgoing traffic For ingress, we need to use the IP address of the access computer, which can be a user's IP address, and egress should be 0.0.0.0/0 for outbound traffic to any machine. and run terraform plan and apply respectively.

        resource "aws_security_group" "ct_sg" {
              name        = "dev-sg"
              description = "dev security group"
              vpc_id      = aws_vpc.ct_vpc.id

              ingress {
                from_port   = 0
                to_port     = 0
                protocol    = "-1"
                cidr_blocks = ["0.0.0.0/0"]
              }

              egress {
                 from_port   = 0
                 to_port     = 0
                 protocol    = "-1"
                 cidr_blocks = ["0.0.0.0/0"]
              }



We now need to add an EC2 instance to our AWS account, so I'm using an Ubuntu server running on EC2. To do this, we must copy the ami ID, which is underlined in the image below.


paste the ami id under ec2→AMIs and search. now copy the owner number.


copy the ami name from details below.


Now create a new file in vs code as datasources.tf and copy the below code in vs code and change owner according to you and paste AMI name in filter value and change the ending server number with * . After making changes run terraform plan and terraform apply.


        data "aws_ami" "server_ami" {

                most_recent = true

                owners = ["099720109477"]


                filter {

                      name = "name"

                      values = ["ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-*"]

                    }

                }



Lets create a public key using built-in key generator by using following command

type as:

C:\\Users\\Chait/.ssh/"any name" hit enter.

  1. ssh-keygen -t ed25519 hit enter.

now type as ls ~/.ssh . now ctkey.pub is my public key.


add key pair to the main.tf file with new resource name and mention public key and run terraform plan and terraform apply.

I would like to add a new instance to our AWS account and define the AMI, Key_name, VPC_security_group_ids, and subnet_id as shown below. The user can also change the default volume provided by the AWS account by adding root_block_device, the volume of which is 10GB, to the instance.

        resource "aws_instance" "dev_node" {
              instance_type = "t2.micro"
              ami           = data.aws_ami.server_ami.id

              tags = {
                    Name = "dev-node"
              }

              key_name               = aws_key_pair.ct_auth.id
              vpc_security_group_ids = [aws_security_group.ct_sg.id]
              subnet_id              = aws_subnet.ct_public_subnet


              root_block_device {
                volume_size = 10
              }


add user data as below mentioned into a new file and name it as userdata.tpl to vs code for installation of docker on ec2 instance.
#!/bin/bash 
sudo apt-get update -y && 
sudo apt-get install -y \
apt-transport-https \ 
ca-certificates \ 
curl \ 
gnupg-agent \ 
software-properties-common && 
curl -fsSl https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -&& 
sudo add-apt-repository "deb [arch-amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" && 
sudo apt-get update -y && 
sudo sudo apt-get install docker-ce docker-ce-cli containerd.io -y && 
sudo usermod -aG docker ubuntu

    resource "aws_instance" "dev_node" {
          instance_type = "t2.micro"
          ami           = data.aws_ami.server_ami.id
          key_name               = aws_key_pair.ct_auth.id
          vpc_security_group_ids = [aws_security_group.ct_sg.id]
          subnet_id              = aws_subnet.ct_public_subnet.id
          user_data = file("userdata.tpl")
          root_block_device {
                volume_size = 10
              }
   
          tags = {
                Name = "dev-node"
              }
        }


ssh into the ec2 instance using below command.

ssh -i C:\\Users\\Chait\\.ssh\\ctkey [ubuntu@100.26.150.177]

create a new file for configuration name it as windows-ssh-config.tpl

    add-content -path c:/users/Chait/.ssh/config -value @'

    Host ${hostname}

      hostName ${hostname}

      User ${user}

      IdentityFile ${identityfile}

      '@


In main.tf add provisioner in that add hostname, user and identityfile as mentioned below


    provisioner "local-exec" {

            command = templatefile("windows-ssh-config.tpl", {

              hostname     = self.public_ip,

              user         = "ubuntu",

              identityfile = "~/.ssh/ctkey"

            })

            interpreter = ["Powershell", "-command"]

          }

        }

after making changes run the terraform code as terraform apply -replace aws_instance.dev_node

now in terminal enter command as cat ~/.ssh/config


in command palette search for ssh and click on connect to host.


copy the host Ip address and paste in the remote ssh. Select Linux because ours is a ubuntu machine after there is a pop showing as continue hit on continue.


User can see that vs code had ssh into the Ec2 instance.


now users can share files remotely and has full access to ec2 instance.


hit on trust and user can view the directory of ubuntu files


here is my Ec2 Instance connected to the vs code.


after completing the whole process destroy the resource which we have create for that enter the command as terraform destroy -auto-approve

we have now successfully created developer environment using AWS and terraform.

Saturday, March 25, 2023

Create an ec2- instance in Amazon Web services using Terraform code.

Terraform is used to create an ec2-instance in Amazon Web Services.

Create an ec2- instance using Terraform code.

Copy the AMI id from the AWS management console's launch Instance. It also specifies the instance type as t2.micro.



Also, here is the HTML script for showcasing the webpage on the instance mention the directory of the webpage. sh. Furthermore, the tag Ec2 Demo is mentioned.

# Resource: EC2 Instance
resource "aws_instance" "myec2" {
  ami           = "ami-00c39f71452c08778"
  instance_type = "t2.micro"
  user_data     = file("${path.module}/htmlscript.sh")
  tags = {
    "Name" = "Ec2 Demo"
  }
}

Next step is to create a versions file which is available in registry.terraform.io website

Mention the versions as per the latest or given once below

Also mentions the provider as aws and region in which we are creating Ec2- instance. 

# Terraform Block
terraform {
  required_version = "~> 1.3.8"
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 4.54.0"
    }
  }
}
# Provider Block
provider "aws" {
  region = "us-east-1"
}

The final step is to write an HTML script for the instance.

We are directly creating an HTML script, so no file sharing services are required.

The html script below is directly added to the user data of the Ec2 instance.

sudo yum update -y
sudo yum install -y httpd
sudo systemctl enable httpd
sudo service httpd start  
sudo echo '<h1>Welcome to Chaitanya AWS </h1>' | sudo tee /var/www/html/index.html
sudo mkdir /var/www/html/app1
sudo echo '<!DOCTYPE html> <html> <body style="background-color:rgb(255, 160, 122 );"> <h1>Welcome to Chaitanya AWS</h1> <p>Terraform Demo</p> <p>Application Version: V1</p> </body></html>' | sudo tee /var/www/html/app1/index.html
sudo curl http://169.254.169.254/latest/dynamic/instance-identity/document -o /var/www/html/app1/metadata.html

Following completion of all steps, follow the instructions below to create an ec2 instance in AWS using Terraform.

To install all of the required plugins, run terraform init.

Type terraform validate to see if there are any semantic errors in the code.

To get a detailed output of the instance we're creating, type terraform plan.

To create an instance in AWS, enter terraform apply -auto-approve. The task will then be completed in a matter of seconds.


Now, open the AWS management console and copy the public IPv4 address to a new browser window.



Now enter /app1/index.html after the ip address of the webpage then it will redirect to index.html page of the website



That's it; we've now created a webpage with Terraform.

Now, type terraform destroy -auto-approve to destroy the created instance; this will take a few seconds.




Wednesday, May 12, 2021

AWS Elastic Beanstalk

Creating Elastic Beanstalk Environment

we will deploy the Web Application directly to Elastic Beanstalk which is pre-created by the AWS 

1. Go to AWS management console from the Service menu click on Elastic Beanstalk

2. all the environments are shown on this page and it shows the existing BeanStalk application

Here we need to remember one thing if the health of the environment is not in green color then it is not reading wait for few moments it will change 

In some real situations, we choose blue and green. for green, we represent that it is active for the blue environment we represent it as underdevelopment or testing



3. Now click on the name of the environment shown above 

4. on top of the page Click on the URL the link ends with the elastic beanstalk

when you click on the URL a new browser tab opens it displays HTTP Status 404 - Not Found this is expected because it doesn't run any application on the server 


5. Now we need to deploy a sample application to Elastic Beanstalk for the sample application we can download it on AWS use the Below link to download the sample application

https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/samples/tomcat.zip

6. now open your Elastic Beanstalk and click on upload and deploy

7. upload the file that you have download to Elastic Beanstalk.

8. click deploy, it takes few moments to deploy the application.

8. after completing deployment, click on the URL on top of the screen 

9. the web application that you deploy shows 


10. the web application was successfully deployed

11. now click on the configuration it shows everything which is attached to the Elastic Beanstalk Ec2 Security group, and root volume, most important Amazon ec2 Instances which and what type of the instance and we can add Database in this at present any Database because this environment doesn't include Database

12. now go services and click on Ec2 instances there you can see Ec2 instance created for the web application using Elastic Beanstalk and in the security group port 80 is open to allow inbound traffic

13. Auto Scaling also created in case if any traffic increases the Auto Scaling group increases the ec2 instance to maintain high availability, load balance also created along with the Auto Scaling to distribute the traffic