Setting up Infrastructure Using Terraform.
WHY TERRAFORM?
Terraform stands out as a widely embraced instrument in the realm of Infrastructure as Code (IaC), renowned for its capability to manage and provision infrastructure with remarkable efficiency. Organizations opt for Terraform due to a multitude of compelling reasons:
- Automation: Terraform allows you to automate the process of provisioning and managing infrastructure. This automation reduces the potential for human error and increases efficiency by eliminating manual processes.
- Consistency: With Terraform, infrastructure configuration is defined in code, making it easier to maintain consistency across different environments such as development, staging, and production. This ensures that the infrastructure deployed in different environments is identical, reducing the risk of discrepancies and errors.
- Scalability: Terraform is designed to manage infrastructure at scale. Whether you’re provisioning a single server or a complex network architecture, Terraform can handle the task efficiently.
- Version Control: Infrastructure code written in Terraform can be stored in version control systems like Git. This enables teams to track changes, collaborate effectively, and roll back to previous versions if necessary.
- Multi-Cloud Support: Terraform supports multiple cloud providers such as AWS, Azure, Google Cloud Platform, and others. This allows organizations to use a single tool to manage infrastructure across different cloud environments, reducing vendor lock-in and increasing flexibility.
- Modularity: Terraform encourages modularity and reusability of infrastructure code through the use of modules. Modules enable you to encapsulate and share common infrastructure configurations, making it easier to maintain and scale infrastructure as your organization grows.
- Infrastructure as Code (IaC): Terraform follows the principles of Infrastructure as Code, where infrastructure configuration is treated as code. This approach brings benefits such as versioning, testing, and collaboration, similar to software development practices.
- State Management: Terraform maintains a state file that keeps track of the current state of infrastructure. This allows Terraform to determine the changes required to align the actual infrastructure with the desired state defined in the configuration files.
Overall, Terraform provides a powerful and flexible solution for managing infrastructure, offering benefits such as automation, consistency, scalability, and multi-cloud support, while adhering to the principles of Infrastructure as Code.
Setting up Infra.
In this document, we’ll cover the step-by-step process to create and configure infrastructure using Infrastructure as Code (IAC) tools such as Terraform. We’ll create a private networking environment, set up an Elastic Kubernetes Service (EKS) cluster, deploy virtual machines (VMs).
1. Creating the Infrastructure with Terraform
Step 1: Define Infrastructure
•Create a Terraform configuration file (main.tf) to define the infrastructure components.
•Specify the networking environment, EKS cluster, and VMs.
Step 2: Network Configuration
•Define a private network environment using Terraform.
•Set up subnets, route tables, and security groups to ensure secure communication.
Step 3: Elastic Kubernetes Service (EKS)
•Configure Terraform to create an EKS cluster within the private network.
•Specify the desired configuration for the cluster, including node groups, instance types, and storage options.
Step 4: Virtual Machines
•Use Terraform to provision 4 virtual machines within the private network.
•Specify the instance types, operating system, and other necessary configurations.
Sample Terraform Script
Below is a Terraform script to achieve the mentioned requirements.
# Define AWS provider
provider "aws" {
region = "us-west-2" # Change to your desired AWS region
}
# Create VPC
resource "aws_vpc" "my_vpc" {
cidr_block = "10.0.0.0/16"
}
# Create private subnet
resource "aws_subnet" "private_subnet" {
vpc_id = aws_vpc.my_vpc.id
cidr_block = "10.0.1.0/24"
availability_zone = "us-west-2a" # Change to your desired availability zone
}
# Create EKS cluster
resource "aws_eks_cluster" "my_cluster" {
name = "my-eks-cluster"
role_arn = "arn:aws:iam::123456789012:role/eks-service-role" # Change to your EKS service role ARN
version = "1.21" # Change to your desired EKS version
vpc_config {
subnet_ids = [aws_subnet.private_subnet.id]
}
}
# Create EKS worker nodes
resource "aws_eks_node_group" "my_node_group" {
cluster_name = aws_eks_cluster.my_cluster.name
node_group_name = "my-node-group"
node_role_arn = "arn:aws:iam::123456789012:role/eks-node-role" # Change to your EKS node role ARN
subnet_ids = [aws_subnet.private_subnet.id]
instance_types = ["t2.medium"]
desired_capacity = 3
}
# Create Virtual Machines
resource "aws_instance" "my_instances" {
count = 4
ami = "ami-0c55b159cbfafe1f0" # Change to your desired AMI
instance_type = "t2.medium"
user_data = <<-EOF
#!/bin/bash
sudo apt update
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
EOF
tags = {
Name = "my-instance-${count.index + 1}"
}
}
# Paste public key in authorized_keys file of newly created VMs
resource "null_resource" "copy_ssh_key" {
depends_on = [aws_instance.my_instances]
provisioner "remote-exec" {
connection {
type = "ssh"
host = aws_instance.my_instances.*.public_ip[count.index]
user = "ubuntu" # Change to your desired username
private_key = file("~/.ssh/your_private_key.pem") # Change to your private key path
}
inline = [
"echo 'YOUR_PUBLIC_KEY' >> ~/.ssh/authorized_keys" # Change to your public key
]
}
}
Make sure to replace placeholders like region, availability zone, AMI, IAM role ARNs, and public/private key paths with your actual configurations.
Additionally, ensure that you have the necessary IAM roles and policies attached to your AWS account for EKS cluster creation and EC2 instance provisioning.