DEV Community

Cover image for AWS Setting up VPC Transit Gateway and EC2 Instances With Terraform
yadanaresh
yadanaresh

Posted on

AWS Setting up VPC Transit Gateway and EC2 Instances With Terraform

Introduction

In the dynamic landscape of cloud infrastructure, managing network communication and deploying resources across multiple VPCs can be a complex task. AWS provides a solution in the form of the VPC Transit Gateway, streamlining the connectivity between VPCs and on-premises environments. Automating these setups becomes easier and more efficient using Terraform, an Infrastructure as Code tool. In this blog post, I'll guide you through the process of setting up a VPC Transit Gateway and deploying EC2 instances across distinct VPCs, interconnected via the gateway, all orchestrated using Terraform.

In this guide, I aim to provide a comprehensive walk-through for two scenarios simultaneously: performing each task manually in the AWS Management Console and, in parallel, furnishing the corresponding Terraform script for automating each individual task. This dual approach will offer readers a clear understanding of executing actions within the AWS Console while simultaneously illustrating the equivalent infrastructure setup in Terraform for automation.

Task 1: Creating VPCs, Subnets, Route Tables and Internet Gateways

Virtual Private Clouds (VPCs) form the foundation of network isolation within AWS, allowing segmentation of resources. We'll define VPCs with unique CIDR blocks, create subnets spread across multiple availability zones to ensure high availability, and establish Internet Gateways for external connectivity.

Creating VPC with different CIDR IP Range
AWS Management Console:

  • Log in to the AWS Management Console.
  • Navigate to the VPC service by either searching for "VPC" in the AWS Management Console's search bar or finding it under the "Networking & Content Delivery" section.
  • Once in the VPC dashboard, click on "Your VPCs" from the left-hand navigation pane.
  • Click on the "Create VPC" button.
  • Provide a name vpc1 for the VPC and enter the CIDR block range, for instance, "10.1.0.0/16".
  • Choose an availability zone, for example, "us-west-2".
  • Click "Create" to set up the first VPC.
  • Follow the same steps for other 2 VPC (vpc2,vpc3) creation as per first VPC, but ensure that you use distinct CIDR blocks for the second and third VPCs. For example, "10.2.0.0/16" and "10.3.0.0/16" respectively, while selecting the same availability zone ("us-west-2" in this case)

Creating 3 Subnets Associated with Different VPCs

  • In the VPC dashboard, select "Subnets" from the left-hand navigation pane.
  • Click on "Create Subnet".
  • Choose the appropriate VPC in the "VPC" dropdown list.
  • Provide a name subnet1 for the subnet and select the availability zone.
  • Enter the CIDR block for the first subnet, ensuring it falls within the CIDR block range of the chosen VPC.
  • Click "Create" to generate the first subnet.
  • Repeat the same process, but for each new subnet, select a different VPC in the "VPC" dropdown list, name the subnet, select an availability zone, and define unique CIDR blocks for each of the second and third subnets.
  • Ensure each subnet belongs to its respective VPC and the CIDR blocks don't overlap with other subnets or VPCs.
  • Click "Create" to generate the additional subnets.

Creating Internet Gateways and Attaching to VPCs:

  • In the VPC dashboard, select "Internet Gateways" from the left-hand navigation pane.
  • Click on "Create Internet Gateway".
  • Provide a name igw1 for the Internet Gateway and click "Create" to generate the first Internet Gateway.
  • Attaching the First Internet Gateway to a VPC:
  • After creating the Internet Gateway, select it from the list.
  • From the "Actions" menu, click on "Attach to VPC".
  • Choose the VPC to which you want to attach this Internet Gateway and click "Attach".

Creating the Second igw2 and Third igw3 Internet Gateways:

  • Repeat the above steps to create two additional Internet Gateways, providing unique names for each gateway.
  • Attaching Each Internet Gateway to Its Respective VPC:
  • Select each newly created Internet Gateway.
  • From the "Actions" menu, click "Attach to VPC".
  • Choose the corresponding VPC for each Internet Gateway and click "Attach".

Creating Route Tables and Associating Subnets:

  • In the VPC dashboard, select "Route Tables" from the left-hand navigation pane.
  • Click on "Create Route Table".
  • Provide a name for the route table and select the VPC with which this route table will be associated.
  • Click "Create" to generate the first route table. Associating the First Route Table with Subnet:
  • Under the "Route Tables" section, select the newly created route table.
  • Click on the "Subnet Associations" tab.
  • Click on "Edit subnet associations".
  • Choose the first subnet to associate with this route table and click "Save". Creating the Second and Third Route Tables
  • Repeat the above steps to create two additional route tables, each associated with a different VPC.
  • Make sure you select unique names for the route tables and associate them with their respective VPCs.
  • Associating Subnets with the Remaining Route Tables:
  • For each additional route table, go to the "Subnet Associations" tab and click "Edit subnet associations".
  • Choose the corresponding subnet to associate with each route table and save the changes.

Terraform script:

provider "aws" {
  region = "us-west-2" # Change to your preferred AWS region
}

# Create VPCs
resource "aws_vpc" "vpc1" {
  cidr_block = "10.1.0.0/16"
  enable_dns_support = true
  enable_dns_hostnames = true
}

resource "aws_vpc" "vpc2" {
  cidr_block = "10.2.0.0/16"
  enable_dns_support = true
  enable_dns_hostnames = true
}

resource "aws_vpc" "vpc3" {
  cidr_block = "10.3.0.0/16"
  enable_dns_support = true
  enable_dns_hostnames = true
}

# Create Internet Gateways
resource "aws_internet_gateway" "igw1" {
  vpc_id = aws_vpc.vpc1.id
}

resource "aws_internet_gateway" "igw2" {
  vpc_id = aws_vpc.vpc2.id
}

resource "aws_internet_gateway" "igw3" {
  vpc_id = aws_vpc.vpc3.id
}

resource "aws_route_table" "route_table1" {
  vpc_id = aws_vpc.vpc1.id
  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = "aws_internet_gateway.igw1.id"  # Replace with the actual internet gateway ID for VPC 1
  }
}
resource "aws_route_table" "route_table2" {
  vpc_id = aws_vpc.vpc2.id
  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = "aws_internet_gateway.igw2.id"  # Replace with the actual internet gateway ID for VPC2
  }
}
resource "aws_route_table" "route_table2" {
  vpc_id = aws_vpc.vpc3.id
  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = "aws_internet_gateway.igw3.id"  # Replace with the actual internet gateway ID for VPC3
  }
}

# Create Subnets and associating with route tables
resource "aws_subnet" "subnet1" {
  vpc_id     = aws_vpc.vpc1.id
  cidr_block = "10.0.1.0/24"
  availability_zone = "us-west-2a"
  route_table_id = aws_route_table.route_table1.id
}

resource "aws_subnet" "subnet2" {
  vpc_id     = aws_vpc.vpc2.id
  cidr_block = "10.1.1.0/24"
  availability_zone = "us-west-2b"
  route_table_id = aws_route_table.route_table2.id
}

resource "aws_subnet" "subnet3" {
  vpc_id     = aws_vpc.vpc3.id
  cidr_block = "10.2.1.0/24"
  availability_zone = "us-west-2c"
  route_table_id = aws_route_table.route_table3.id

# Create Internet Gateway Attachments
resource "aws_vpc_attachment" "igw_attachment1" {
  vpc_id = aws_vpc.vpc1.id
  internet_gateway_id = aws_internet_gateway.igw1.id
}

resource "aws_vpc_attachment" "igw_attachment2" {
  vpc_id = aws_vpc.vpc2.id
  internet_gateway_id = aws_internet_gateway.igw2.id
}

resource "aws_vpc_attachment" "igw_attachment3" {
  vpc_id = aws_vpc.vpc3.id
  internet_gateway_id = aws_internet_gateway.igw3.id
}
Enter fullscreen mode Exit fullscreen mode

Task 2: Provisioning EC2 Instances in Different VPCs**

EC2 instances play a pivotal role in hosting applications and services within VPCs. With Terraform, we'll automate the deployment of EC2 instances across these VPCs, setting up Apache web servers using user data. This automated configuration simplifies the initialization process, ensuring that each instance is ready for use upon launch.

AWS Management Console:
Navigate to the EC2 dashboard.

  • Click on "Launch Instance".
  • Choose an Amazon Machine Image (AMI) based on your requirements.
  • Select the instance type and configure the instance details, including the VPC and subnet.
  • Add storage, configure security groups, and define user data scripts for installation or configurations.
  • Launch the instance.

Terraform Script:

# Create EC2 Instances
resource "aws_instance" "ec2_instance1" {
  ami           = "ami-12345678" # Replace with RHEL desired AMI ID
  instance_type = "t2.micro" # Change as needed
  subnet_id     = aws_subnet.subnet1.id
  user_data     = <<-EOF
    #!/bin/bash
sudo yum update -y
sudo yum install -y httpd
sudo service httpd start
sudo chkconfig on
sudo chmod -R 755 /var/www/

cat <<HTML > /var/www/html/index.html
<!DOCTYPE html>
<html>
  <head>
    <title>Server Details</title>
  </head>
  <body>
    <h1>Server Details</h1>
    <p><strong>Hostname:</strong> hostname</p>
    <p><strong>IP Address:</strong> $(hostname -I | awk '{print $1}')</p>
  </body>
</html>
HTML
  EOF
}

# Repeat the above code for other 2 aws_instance with different subnet selection.
Enter fullscreen mode Exit fullscreen mode

Task 3:Implementing VPC Transit Gateway**

Implementing VPC Transit Gateway and Route Table Associations

In the Transit Gateway dashboard, select "Transit Gateways" from the left-hand navigation pane.
Click on "Create Transit Gateway".
Provide a name for the Transit Gateway and configure other settings as needed.
Click "Create" to generate the Transit Gateway.
Attach VPC,Subnet in transit gateway attchment

Terraform Script

# Create Transit Gateway
resource "aws_ec2_transit_gateway" "my_transit_gateway" {
  description = "My Transit Gateway"
}

# Create Transit Gateway Route Tables
resource "aws_ec2_transit_gateway_route_table" "route_table1" {
  transit_gateway_id = aws_ec2_transit_gateway.my_transit_gateway.id
}

# Associate Route Tables with Attachments
resource "aws_ec2_transit_gateway_route_table_association" "route_table_association1" {
  transit_gateway_attachment_id = aws_ec2_transit_gateway_vpc_attachment.vpc_attachment_ec2_1.id
  transit_gateway_route_table_id = aws_ec2_transit_gateway_route_table.route_table1.id
}

# Repeat the above code for other Transit Gateway route tables and associations
Enter fullscreen mode Exit fullscreen mode

Conclusion
Setting up a VPC Transit Gateway and deploying EC2 instances across VPCs with Terraform simplifies infrastructure management, ensuring scalability and security. This blog post aimed to guide you through the process and explain the importance of using Infrastructure as Code for AWS setups. We encourage further exploration into Terraform's capabilities for automating and managing AWS infrastructure.

Top comments (0)

Read next

alevm1710 profile image

tarman - tar.gz package manager

Alessandro Salerno -

palmuruganc profile image

Implementing the Prototype Design Pattern in Spring Boot

pal murugan -

empiree profile image

What Can You Build with .NET? A World of Possibilities!

Oleg Dubovoi -

574n13y profile image

Understanding CSMA/CD and CSMA/CA in Networking

Vivesh -