From e63a0a945a775cfd7410be34da1417ba3fc0c303 Mon Sep 17 00:00:00 2001 From: jyoti1998-gehlot <74006741+jyoti1998-gehlot@users.noreply.github.com> Date: Sun, 10 Oct 2021 13:41:17 +0530 Subject: [PATCH 01/11] Create provider.tf --- aws/aws_application_load_balancer/provider.tf | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 aws/aws_application_load_balancer/provider.tf diff --git a/aws/aws_application_load_balancer/provider.tf b/aws/aws_application_load_balancer/provider.tf new file mode 100644 index 0000000..2f11e88 --- /dev/null +++ b/aws/aws_application_load_balancer/provider.tf @@ -0,0 +1,5 @@ +provider "aws" { + region = "Enter_Region" + access_key = "Enter_Your_Access_Key" + secret_key = "Enter_Secret_Key" +} From bfc6ad9c453d0dfad56ccd4bf6837c15c3e13cad Mon Sep 17 00:00:00 2001 From: jyoti1998-gehlot <74006741+jyoti1998-gehlot@users.noreply.github.com> Date: Sun, 10 Oct 2021 13:50:50 +0530 Subject: [PATCH 02/11] Create security_group.tf --- .../security_group.tf | 56 +++++++++++++++++++ 1 file changed, 56 insertions(+) create mode 100644 aws/aws_application_load_balancer/security_group.tf diff --git a/aws/aws_application_load_balancer/security_group.tf b/aws/aws_application_load_balancer/security_group.tf new file mode 100644 index 0000000..0cfb832 --- /dev/null +++ b/aws/aws_application_load_balancer/security_group.tf @@ -0,0 +1,56 @@ +resource "aws_security_group" "allow_http" { + name = "alb_http" + description = "Allow http traffic to alb" + vpc_id = "enter_your_vpc_id" + + ingress { + description = "http for alb" + from_port = 80 + to_port = 80 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } + + tags = { + Name = "allow_http_alb" + } +} + +resource "aws_security_group" "allow_http_instances" { + name = "instances_http" + description = "Allow http traffic to instances" + vpc_id = "vpc-0286b0e40e1e91265" + + ingress { + description = "http for instances" + from_port = 80 + to_port = 80 + protocol = "tcp" + security_groups = [aws_security_group.allow_http.id] + } + +ingress { + description = "ssh for instances" + from_port = 22 + to_port = 22 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } + + tags = { + Name = "allow_http_instaces" + } +} From e7946318443b6a41001682e9c37fba85ed073a5d Mon Sep 17 00:00:00 2001 From: jyoti1998-gehlot <74006741+jyoti1998-gehlot@users.noreply.github.com> Date: Sun, 10 Oct 2021 13:53:23 +0530 Subject: [PATCH 03/11] Create target_group_attach.tf --- .../target_group_attach.tf | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 aws/aws_application_load_balancer/target_group_attach.tf diff --git a/aws/aws_application_load_balancer/target_group_attach.tf b/aws/aws_application_load_balancer/target_group_attach.tf new file mode 100644 index 0000000..5cc2ee9 --- /dev/null +++ b/aws/aws_application_load_balancer/target_group_attach.tf @@ -0,0 +1,16 @@ +resource "aws_lb_target_group" "target-lb" { + name = "lb-tg" + port = 80 + protocol = "HTTP" + vpc_id = "enter-you-vpc-id" +} +resource "aws_lb_target_group_attachment" "test1" { + target_group_arn = aws_lb_target_group.target-lb.arn + target_id = aws_instance.web1.id + port = 80 +} +resource "aws_lb_target_group_attachment" "test2" { + target_group_arn = aws_lb_target_group.target-lb.arn + target_id = aws_instance.web2.id + port = 80 +} From 4ff9c30399a4a7b22753cf341042d424e40de76d Mon Sep 17 00:00:00 2001 From: jyoti1998-gehlot <74006741+jyoti1998-gehlot@users.noreply.github.com> Date: Sun, 10 Oct 2021 13:57:48 +0530 Subject: [PATCH 04/11] Create loadbalancer.tf --- .../loadbalancer.tf | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 aws/aws_application_load_balancer/loadbalancer.tf diff --git a/aws/aws_application_load_balancer/loadbalancer.tf b/aws/aws_application_load_balancer/loadbalancer.tf new file mode 100644 index 0000000..d7d947d --- /dev/null +++ b/aws/aws_application_load_balancer/loadbalancer.tf @@ -0,0 +1,27 @@ +resource "aws_lb" "my-lb" { + name = "lb-tf" + internal = false + load_balancer_type = "application" + security_groups = [aws_security_group.allow_http.id] + # Enter you subnet ids under vpc below + subnets = ["subnet-id1","subnet-id2","subnet-id3","subnet-id4"] + + enable_deletion_protection = false + + + + tags = { + name = "my-first-load-balancer" + } +} + +resource "aws_lb_listener" "front_end" { + load_balancer_arn = aws_lb.my-lb.arn + port = "80" + protocol = "HTTP" + + default_action { + type = "forward" + target_group_arn = aws_lb_target_group.target-lb.arn + } +} From 30a06c6323fee8050db7e308810a5172f92f3d66 Mon Sep 17 00:00:00 2001 From: jyoti1998-gehlot <74006741+jyoti1998-gehlot@users.noreply.github.com> Date: Sun, 10 Oct 2021 14:01:59 +0530 Subject: [PATCH 05/11] Create instances.tf --- .../instances.tf | 45 +++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 aws/aws_application_load_balancer/instances.tf diff --git a/aws/aws_application_load_balancer/instances.tf b/aws/aws_application_load_balancer/instances.tf new file mode 100644 index 0000000..5705b73 --- /dev/null +++ b/aws/aws_application_load_balancer/instances.tf @@ -0,0 +1,45 @@ +resource "aws_instance" "web1" { + ami = "enter-your-ami-id" + instance_type = "t2.micro" + subnet_id = "enter-subnet-id" + vpc_security_group_ids = [aws_security_group.allow_http_instances.id] + key_name = "enter-your-key-name" + provisioner "remote-exec" { + inline = [ + "sudo yum install httpd -y", + "sudo service httpd start", + "sudo chkconfig httpd on" + ] + + connection { + type = "ssh" + user = "ec2-user" + host = aws_instance.web.public_ip + private_key = file("${path.module}/key-name.pem") + } + +} +} + +resource "aws_instance" "web2" { + ami = "enter-ami-id" + instance_type = "t2.micro" + subnet_id = "enter-your-subnet-id" + vpc_security_group_ids = [aws_security_group.allow_http_instances.id] + key_name = "enter-your-key-name" + provisioner "remote-exec" { + inline = [ + "sudo yum install https -y", + "sudo service httpd start", + "sudo chkconfig httpd on" + ] + + connection { + type = "ssh" + user = "ec2-user" + host = aws_instance.web2.public_ip + private_key = file("${path.module}/kay-name.pem") + } + +} +} From afefec14eff9e4159e042324b808336be05d4c95 Mon Sep 17 00:00:00 2001 From: jyoti1998-gehlot <74006741+jyoti1998-gehlot@users.noreply.github.com> Date: Mon, 11 Oct 2021 12:01:34 +0530 Subject: [PATCH 06/11] Create README.md --- aws/aws_application_load_balancer/README.md | 43 +++++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100644 aws/aws_application_load_balancer/README.md diff --git a/aws/aws_application_load_balancer/README.md b/aws/aws_application_load_balancer/README.md new file mode 100644 index 0000000..14727ef --- /dev/null +++ b/aws/aws_application_load_balancer/README.md @@ -0,0 +1,43 @@ +# aws_application_load_balancer + +These templates implements a application load balancer, and associated necessary steps require for loadbalancing. This includes: + +- Security groups for instances and loadbalancer +- Target grout attachment for instances +- Template for launching instances +- Load balancer + +## Step 1: Provider.tf +First write down provider template, enter region you want to provision load-balancer and provide access key and secret key + +```tf +provider "aws" { + region = "Enter_Region" + access_key = "Enter_Your_Access_Key" + secret_key = "Enter_Secret_Key" +} +``` + +Assuming you have the [AWS provider](https://www.terraform.io/docs/providers/aws/index.html) set up, and a DNS zone for `example.com` configured on Route 53: + +```tf +# Lambda functions can only be uploaded as ZIP files, so we need to package our JS file into one +data "archive_file" "lambda_zip" { + type = "zip" + source_file = "${path.module}/index.js" + output_path = "${path.module}/lambda.zip" +} + +module "my_api" { + # Available inputs: https://github.com/futurice/terraform-utils/tree/master/aws_lambda_api#inputs + # Check for updates: https://github.com/futurice/terraform-utils/compare/v11.0...master + source = "git::ssh://git@github.com/futurice/terraform-utils.git//aws_lambda_api?ref=v11.0" + + api_domain = "api.example.com" + lambda_logging_enabled = true + + # lambda_zip.output_path will be absolute, i.e. different on different machines. + # This can cause Terraform to notice differences that aren't actually there, so let's convert it to a relative one. + # https://github.com/hashicorp/terraform/issues/7613#issuecomment-332238441 + function_zipfile = "${substr(data.archive_file.lambda_zip.output_path, length(path.cwd) + 1, -1)}" +} From 9c5181da6fe40a30d18dc6d52fb1c7cd96c41e1d Mon Sep 17 00:00:00 2001 From: jyoti1998-gehlot <74006741+jyoti1998-gehlot@users.noreply.github.com> Date: Tue, 12 Oct 2021 09:43:16 +0530 Subject: [PATCH 07/11] Update README.md --- aws/aws_application_load_balancer/README.md | 40 +++++---------------- 1 file changed, 9 insertions(+), 31 deletions(-) diff --git a/aws/aws_application_load_balancer/README.md b/aws/aws_application_load_balancer/README.md index 14727ef..c29929f 100644 --- a/aws/aws_application_load_balancer/README.md +++ b/aws/aws_application_load_balancer/README.md @@ -1,43 +1,21 @@ # aws_application_load_balancer -These templates implements a application load balancer, and associated necessary steps require for loadbalancing. This includes: +These templates implements a application load balancer, and associated necessary steps require for loadbalancing. We used below services : - Security groups for instances and loadbalancer - Target grout attachment for instances - Template for launching instances - Load balancer -## Step 1: Provider.tf -First write down provider template, enter region you want to provision load-balancer and provide access key and secret key -```tf -provider "aws" { - region = "Enter_Region" - access_key = "Enter_Your_Access_Key" - secret_key = "Enter_Secret_Key" -} -``` +-- Mention your region, secret and access keys, vpc_id, subnet_ids and ami_id required in the templates. -Assuming you have the [AWS provider](https://www.terraform.io/docs/providers/aws/index.html) set up, and a DNS zone for `example.com` configured on Route 53: - -```tf -# Lambda functions can only be uploaded as ZIP files, so we need to package our JS file into one -data "archive_file" "lambda_zip" { - type = "zip" - source_file = "${path.module}/index.js" - output_path = "${path.module}/lambda.zip" -} +To run these templates, clone the repository and run `terraform apply` within its own directory. -module "my_api" { - # Available inputs: https://github.com/futurice/terraform-utils/tree/master/aws_lambda_api#inputs - # Check for updates: https://github.com/futurice/terraform-utils/compare/v11.0...master - source = "git::ssh://git@github.com/futurice/terraform-utils.git//aws_lambda_api?ref=v11.0" +For example: - api_domain = "api.example.com" - lambda_logging_enabled = true - - # lambda_zip.output_path will be absolute, i.e. different on different machines. - # This can cause Terraform to notice differences that aren't actually there, so let's convert it to a relative one. - # https://github.com/hashicorp/terraform/issues/7613#issuecomment-332238441 - function_zipfile = "${substr(data.archive_file.lambda_zip.output_path, length(path.cwd) + 1, -1)}" -} +```tf +$ git clone https://github.com/futurice/terraform-examples.git +$ cd terraform-examples/aws/aws_application_load_balancer/ +$ terraform apply +``` From 401a7c1309fd9a2a3797e55b447b6785ce49d8ad Mon Sep 17 00:00:00 2001 From: jyoti1998-gehlot <74006741+jyoti1998-gehlot@users.noreply.github.com> Date: Tue, 12 Oct 2021 09:44:07 +0530 Subject: [PATCH 08/11] Update instances.tf --- aws/aws_application_load_balancer/instances.tf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/aws/aws_application_load_balancer/instances.tf b/aws/aws_application_load_balancer/instances.tf index 5705b73..a47b5c1 100644 --- a/aws/aws_application_load_balancer/instances.tf +++ b/aws/aws_application_load_balancer/instances.tf @@ -1,9 +1,9 @@ resource "aws_instance" "web1" { - ami = "enter-your-ami-id" + ami = "enter-ami-id" instance_type = "t2.micro" subnet_id = "enter-subnet-id" vpc_security_group_ids = [aws_security_group.allow_http_instances.id] - key_name = "enter-your-key-name" + key_name = "enter-key-name" provisioner "remote-exec" { inline = [ "sudo yum install httpd -y", @@ -26,7 +26,7 @@ resource "aws_instance" "web2" { instance_type = "t2.micro" subnet_id = "enter-your-subnet-id" vpc_security_group_ids = [aws_security_group.allow_http_instances.id] - key_name = "enter-your-key-name" + key_name = "enter-key-name" provisioner "remote-exec" { inline = [ "sudo yum install https -y", From ffafd33cf433c0af8de8346a75dffea7d9c7fc58 Mon Sep 17 00:00:00 2001 From: jyoti1998-gehlot <74006741+jyoti1998-gehlot@users.noreply.github.com> Date: Tue, 12 Oct 2021 09:44:57 +0530 Subject: [PATCH 09/11] Update provider.tf --- aws/aws_application_load_balancer/provider.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aws/aws_application_load_balancer/provider.tf b/aws/aws_application_load_balancer/provider.tf index 2f11e88..640bc03 100644 --- a/aws/aws_application_load_balancer/provider.tf +++ b/aws/aws_application_load_balancer/provider.tf @@ -1,5 +1,5 @@ provider "aws" { region = "Enter_Region" - access_key = "Enter_Your_Access_Key" + access_key = "Enter_Access_Key" secret_key = "Enter_Secret_Key" } From 12c8c1d68a7ff83f1f027eef0fc37c37a9feee08 Mon Sep 17 00:00:00 2001 From: jyoti1998-gehlot <74006741+jyoti1998-gehlot@users.noreply.github.com> Date: Tue, 12 Oct 2021 09:46:00 +0530 Subject: [PATCH 10/11] Update security_group.tf --- aws/aws_application_load_balancer/security_group.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/aws/aws_application_load_balancer/security_group.tf b/aws/aws_application_load_balancer/security_group.tf index 0cfb832..19e3ce2 100644 --- a/aws/aws_application_load_balancer/security_group.tf +++ b/aws/aws_application_load_balancer/security_group.tf @@ -1,7 +1,7 @@ resource "aws_security_group" "allow_http" { name = "alb_http" description = "Allow http traffic to alb" - vpc_id = "enter_your_vpc_id" + vpc_id = "enter_vpc_id" ingress { description = "http for alb" @@ -26,7 +26,7 @@ resource "aws_security_group" "allow_http" { resource "aws_security_group" "allow_http_instances" { name = "instances_http" description = "Allow http traffic to instances" - vpc_id = "vpc-0286b0e40e1e91265" + vpc_id = "enter_vpc_id" ingress { description = "http for instances" From 6419f2805271453108012ec391995b4e16acc7eb Mon Sep 17 00:00:00 2001 From: jyoti1998-gehlot <74006741+jyoti1998-gehlot@users.noreply.github.com> Date: Tue, 12 Oct 2021 09:46:35 +0530 Subject: [PATCH 11/11] Update target_group_attach.tf --- aws/aws_application_load_balancer/target_group_attach.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aws/aws_application_load_balancer/target_group_attach.tf b/aws/aws_application_load_balancer/target_group_attach.tf index 5cc2ee9..25b085f 100644 --- a/aws/aws_application_load_balancer/target_group_attach.tf +++ b/aws/aws_application_load_balancer/target_group_attach.tf @@ -2,7 +2,7 @@ resource "aws_lb_target_group" "target-lb" { name = "lb-tg" port = 80 protocol = "HTTP" - vpc_id = "enter-you-vpc-id" + vpc_id = "enter_vpc_id" } resource "aws_lb_target_group_attachment" "test1" { target_group_arn = aws_lb_target_group.target-lb.arn