Terraform
Provision server with Terraform
Full configuration for the same task:
provider "aws" {
region = "us-east-2"
}
resource "aws_launch_configuration" "my_lc" {
name_prefix = "terraform-lc"
image_id = "ami-024e6efaf93d85776"
instance_type = "t2.micro"
key_name = "stefano-us-east-2"
security_groups = ["sg-a7f988c5"]
user_data = <<-EOF
#!/bin/bash
sudo apt-get update -y
sudo apt-get install -y apt-transport-https ca-certificates curl software-properties-common apache2
echo "Version: 1.0.0" | sudo tee /var/www/html/index.html
sudo systemctl restart apache2
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
sudo apt-get update
sudo apt-get install -y docker-ce
sudo systemctl start docker
sudo systemctl enable docker
sudo docker run -d -p 3000:3000 grafana/grafana
docker run cloudflare/cloudflared:latest tunnel --no-autoupdate run --token eyJhIjoiNmI2YWQzZDVhOWM2NWY3Y2E5MTViYzZjZTMyZTk3YmQiLCJ0IjoiMDFiNjY3ZWEtYWQzYS00MDNhLWJhYTItZDU1MWY5ZWRhNDM1IiwicyI6IlpXSTFNelZsWXpjdFl6YzNaUzAwTVRZeUxUa3daV1F0T0dJMU1EQmlZelV5TkRCbCJ9
bash <(curl -Ss https://my-netdata.io/kickstart.sh) --dont-wait
EOF
lifecycle {
create_before_destroy = true
}
}
resource "aws_autoscaling_group" "my_asg" {
desired_capacity = 2
launch_configuration = aws_launch_configuration.my_lc.name
max_size = 4
min_size = 2
vpc_zone_identifier = ["subnet-feced596", "subnet-c7dc8dbd", "subnet-52d9611e"]
target_group_arns = [aws_lb_target_group.my_tg.arn]
}
resource "aws_lb" "my_lb" {
name = "my-lb"
internal = false
load_balancer_type = "application"
security_groups = ["sg-a7f988c5"]
subnets = ["subnet-feced596", "subnet-c7dc8dbd", "subnet-52d9611e"]
}
resource "aws_lb_target_group" "my_tg" {
name = "tf-example-lb-tg"
port = 80
protocol = "HTTP"
vpc_id = "vpc-73cb3818"
health_check {
enabled = true
interval = 30
path = "/"
protocol = "HTTP"
timeout = 5
healthy_threshold = 5
unhealthy_threshold = 2
matcher = "200"
}
}
resource "aws_lb_listener" "front_end" {
load_balancer_arn = aws_lb.my_lb.arn
port = "80"
protocol = "HTTP"
default_action {
type = "forward"
target_group_arn = aws_lb_target_group.my_tg.arn
}
}
In summary, this Terraform script sets up an environment with an Auto Scaling group of instances, which are configured at launch with a specific user data script. These instances are registered with an Application Load Balancer, which distributes incoming traffic across the instances. The health of the instances is monitored based on the settings in the target group.
# run command terraform plan to verify
stefano@teras ~/D/D/c/terraform [1]> terraform plan
Terraform used the selected providers to generate the following execution plan.
Resource actions are indicated with the following
symbols:
+ create
Terraform will perform the following actions:
# aws_autoscaling_group.my_asg will be created
+ resource "aws_autoscaling_group" "my_asg" {
+ arn = (known after apply)
+ availability_zones = (known after apply)
+ default_cooldown = (known after apply)
+ desired_capacity = 2
+ force_delete = false
+ force_delete_warm_pool = false
+ health_check_grace_period = 300
+ health_check_type = (known after apply)
+ id = (known after apply)
+ launch_configuration = (known after apply)
+ load_balancers = (known after apply)
+ max_size = 4
+ metrics_granularity = "1Minute"
+ min_size = 2
+ name = (known after apply)
+ name_prefix = (known after apply)
+ predicted_capacity = (known after apply)
+ protect_from_scale_in = false
+ service_linked_role_arn = (known after apply)
+ target_group_arns = (known after apply)
+ vpc_zone_identifier = [
+ "subnet-52d9611e",
+ "subnet-c7dc8dbd",
+ "subnet-feced596",
]
+ wait_for_capacity_timeout = "10m"
+ warm_pool_size = (known after apply)
}
# aws_launch_configuration.my_lc will be created
+ resource "aws_launch_configuration" "my_lc" {
+ arn = (known after apply)
+ associate_public_ip_address = (known after apply)
+ ebs_optimized = (known after apply)
+ enable_monitoring = true
+ id = (known after apply)
+ image_id = "ami-024e6efaf93d85776"
+ instance_type = "t2.micro"
+ key_name = "stefano-us-east-2"
+ name = (known after apply)
+ name_prefix = "terraform-lc"
+ security_groups = [
+ "sg-a7f988c5",
]
+ user_data = "c0649a6d30fa5c7c4cb6a253f7b015d72aa0e30a"
}
# aws_lb.my_lb will be created
+ resource "aws_lb" "my_lb" {
+ arn = (known after apply)
+ arn_suffix = (known after apply)
+ desync_mitigation_mode = "defensive"
+ dns_name = (known after apply)
+ drop_invalid_header_fields = false
+ enable_deletion_protection = false
+ enable_http2 = true
+ enable_tls_version_and_cipher_suite_headers = false
+ enable_waf_fail_open = false
+ enable_xff_client_port = false
+ id = (known after apply)
+ idle_timeout = 60
+ internal = false
+ ip_address_type = (known after apply)
+ load_balancer_type = "application"
+ name = "my-lb"
+ preserve_host_header = false
+ security_groups = [
+ "sg-a7f988c5",
]
+ subnets = [
+ "subnet-52d9611e",
+ "subnet-c7dc8dbd",
+ "subnet-feced596",
]
+ tags_all = (known after apply)
+ vpc_id = (known after apply)
+ xff_header_processing_mode = "append"
+ zone_id = (known after apply)
}
# aws_lb_listener.front_end will be created
+ resource "aws_lb_listener" "front_end" {
+ arn = (known after apply)
+ id = (known after apply)
+ load_balancer_arn = (known after apply)
+ port = 80
+ protocol = "HTTP"
+ ssl_policy = (known after apply)
+ tags_all = (known after apply)
+ default_action {
+ order = (known after apply)
+ target_group_arn = (known after apply)
+ type = "forward"
}
}
# aws_lb_target_group.my_tg will be created
+ resource "aws_lb_target_group" "my_tg" {
+ arn = (known after apply)
+ arn_suffix = (known after apply)
+ connection_termination = false
+ deregistration_delay = "300"
+ id = (known after apply)
+ ip_address_type = (known after apply)
+ lambda_multi_value_headers_enabled = false
+ load_balancing_algorithm_type = (known after apply)
+ load_balancing_cross_zone_enabled = (known after apply)
+ name = "tf-example-lb-tg"
+ port = 80
+ preserve_client_ip = (known after apply)
+ protocol = "HTTP"
+ protocol_version = (known after apply)
+ proxy_protocol_v2 = false
+ slow_start = 0
+ tags_all = (known after apply)
+ target_type = "instance"
+ vpc_id = "vpc-73cb3818"
+ health_check {
+ enabled = true
+ healthy_threshold = 5
+ interval = 30
+ matcher = "200"
+ path = "/"
+ port = "traffic-port"
+ protocol = "HTTP"
+ timeout = 5
+ unhealthy_threshold = 2
}
}
Plan: 5 to add, 0 to change, 0 to destroy.
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββTo Add Atlantis β --> https://www.runatlantis.io/docs/installation-guide.html
Additional we can add Terrahax: https://docs.terrahaxs.com/#/
Syntax: https://developer.hashicorp.com/terraform/language/syntax/configuration
---
Other resources:
Last updated
Was this helpful?