Working with Terraform Resources 🚀[Day 64 Task]

#trainwithshubham # 90DaysOf DevopsChallenge #devops/terraform

When you define a resource in Terraform, you specify the type of resource, a unique name for the resource, and the attributes that define the resource. Terraform uses the resource block to define resources in your Terraform configuration.

Tasks

1. Create an EC2 Instance In AWS, and along with that create a key-pair to access that Instance & also a Security Group

2. Add some user data inside of that Instance and try to access your website.

To create any aws resource with terraform first install aws-cli in your terminal and configure it with access and secret access key .

After that as a first step create a directory and go inside of it into your terraform server.

Step 1:

Create three files as main.tf ,output.tf & variable.tf .

Now, open main.tf and mention your provider here, Don't forget to mention the region where you want to create your resources in AWS.

Step 2:

As we are creating an EC2 instance in aws so we will need an ssh-key pair and a security group to access the instance.

So, to create a key-pair to access the instance first we will need a public and private key into our system.

Generate a key into terraform server, just type ssh-keygen to generate a public and private key. We will attach the public key with our New instance and the through the private key will try to access the instance from Terraform server.

Create the key-pair resource now.

As I don't want to see public key contents to others, for that here will need a file function that will read the public key's content and path.module will point to its current directory where the public key is stored.

Give your key a suitable name , here it is key-tf.

## Create the key-pair

resource "aws_key_pair" "key-tf" {
  key_name   = "key-tf"
  public_key = file("${path.module}/id_rsa.pub")

}

Step 3:

Create the Security Group to allow your inbound and outbound rules .

For the inbound rule, we use an ingress block and for the outbound rule, we use an egress block.

Here, I have allowed all the ports, and traffic to each rule just as an example but in real time you have to allocate it as per the requirement.

Give a name to your security group as per your choice.

###Create Security Group

resource "aws_security_group" "demo-security-group" {
  name        = "demo-security-group"
  description = "Allow TLS inbound traffic"


  ingress {
    description = "Allow all tls"
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]  ## All traffic
  }

  egress {
    from_port   = 0
    to_port     = 0  ## all port
    protocol    = "-1"   ## all protocol
    cidr_blocks = ["0.0.0.0/0"]
  }

  tags = {
    Name = "Example-Security-group"
 }
}

Step 4:

## It's time to create the EC2 Instance

Mention your ami id [here I have defined the ubuntu ami id and as a variable]

Mention the Instance type as t2.micro [ defined as variable]

Attach the key-pair and security group to the Instance.

Userdata: AWS user data is the set of commands/data you can provide to an instance at launch time. For example, if you are launching an ec2 instance and want to have docker installed on the newly launched ec2, then you can provide a set of bash commands in the user data field of the aws ec2 config page.

I want to install nginx at the time of launch of the Instance and access the webpage outside the server. In the case of terraform we have to define the user data like the below code.

##Create an EC2 Instance

resource "aws_instance" "demo-Instance" {
  ami           = "${var.ami}"   ###us-east-1
  instance_type = "${var.instance_type}"
  key_name = "${aws_key_pair.key-tf.key_name}"
  vpc_security_group_ids = ["${aws_security_group.demo-security-group.id}"]
  tags = {
    Name = "Example-Ec2"
  }

  user_data = <<-EOF
             #!/bin/sh
                apt-get update
                apt-get install nginx -y
                echo "Hello Tanaya" >/var/www/html/index.nginx-debian.html

              EOF
}

Step 5:

If I want to print the output of the security group Id and the Key-name just as a reference inside of output.tf file.

To print the output of the security group and the key name just print like this:

block label1 of security group.label2.id and the same for key-name.

Step 6:

This is the variable.tf file.

This is the whole main.tf file.

provider "aws" {
  region ="us-east-1"
}

##Create an EC2 Instance

resource "aws_instance" "demo-Instance" {
  ami           = "${var.ami}"   ###us-east-1
  instance_type = "${var.instance_type}"
  key_name = "${aws_key_pair.key-tf.key_name}"   ## give reference to the key-name like this or you can mention its name directly
  vpc_security_group_ids = ["${aws_security_group.demo-security-group.id}"]
  tags = {
    Name = "Example-Ec2"
  }

  user_data = <<-EOF
             #!/bin/sh
                apt-get update
                apt-get install nginx -y
                echo "Hello Tanaya" >/var/www/html/index.nginx-debian.html

              EOF
}


## Create the key-pair

resource "aws_key_pair" "key-tf" {
  key_name   = "key-tf"
  public_key = file("${path.module}/id_rsa.pub")

}
## Create the key-pair

resource "aws_key_pair" "key-tf" {
  key_name   = "key-tf"
  public_key = file("${path.module}/id_rsa.pub")

}



###Create Security Group

resource "aws_security_group" "demo-security-group" {
  name        = "demo-security-group"
  description = "Allow TLS inbound traffic"


  ingress {
    description = "Allow all tls"
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]  ## All traffic
  }

  egress {
    from_port   = 0
    to_port     = 0  ## all port
    protocol    = "-1"   ## all protocol
    cidr_blocks = ["0.0.0.0/0"]
  }

  tags = {
    Name = "Example-Security-group"
 }
}

Step 7:

Now, execute the terraform init command to initialize the backend.

Execute the terraform plan command to check what's going to create after apply.

Run the terraform apply command and check the security group id and the key-name has printed as the output.

The instance has been created successfully 🥳🥳, now try to access it from the terminal through ssh.

ssh -i id_rsa ubuntu@public ip of instance.

[id_rsa is the private key that has been generated previously to access the instance ]

Check the nginx hasbeen installed successfully or not and try to access the webpage from outside .

This is the webpage.

Destroy all the resources if required, run terraform destroy command .

Thank You For Reading ...😇