DEV Community

sravanre
sravanre

Posted on • Updated on

Terraform: Create a 3 tier application infrastructure on AWS.

Terraform code to deploy a multinode web server application behind a load-balancer with host based routing .

File 1 : ** main.tf **

`+++++++++++++++++++++++++++++++++++++++++++

provider "aws" {
  profile = "default"
  region  = "us-east-1"
}



resource "aws_vpc" "vpc" {
  cidr_block = "10.0.0.0/16"
  tags = {
    "Name" = "main-sravan-VPC"
  }
}

data "aws_availability_zones" "available" {}



resource "aws_internet_gateway" "gateway" {
  vpc_id = aws_vpc.vpc.id

  tags = {
    Name = "terraform-example-internet-gateway"
  }
}


resource "aws_route_table" "public_rt" {
  vpc_id = aws_vpc.vpc.id
  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = aws_internet_gateway.gateway.id
  }
  tags = {
    Name = "publicRouteTable"
  }
}



resource "aws_subnet" "main" {
  count                   = "${length(data.aws_availability_zones.available.names)}"
  vpc_id                  = "${aws_vpc.vpc.id}"
  cidr_block              = "10.0.${count.index}.0/24"
  map_public_ip_on_launch = true
  availability_zone       = "${element(data.aws_availability_zones.available.names, count.index)}"

  tags = {
    Name = "public-${element(data.aws_availability_zones.available.names, count.index)}"
  }
}

resource "aws_route_table_association" "route_table_association" {
  count                   = "${length(data.aws_availability_zones.available.names)}"
  subnet_id      = element(aws_subnet.main.*.id, count.index)
  route_table_id = aws_route_table.public_rt.id
}


resource "aws_security_group" "default-sg" {
  name        = "terraform_security_group"
  description = "Terraform example security group"
  vpc_id      = "${aws_vpc.vpc.id}"

  ingress {
    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  ingress {
    from_port = 80
    to_port = 80
    protocol = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  # Allow outbound internet access.
  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }


  tags = {
    Name = "terraform-example-security-group"
  }
}




# alb security group 
resource "aws_security_group" "alb-sg" {

  name        = "terraform_alb_security_group"
  description = "Terraform load balancer security group"
  vpc_id      = "${aws_vpc.vpc.id}"

  ingress {
    from_port   = 443
    to_port     = 443
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  ingress {
    from_port   = 80
    to_port     = 80
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  # Allow all outbound traffic.
  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }

tags = {
  Name = "terraform_alb_security_group"
  }

}



resource "aws_alb" "alb" {
  name            = "terraform-example-alb"
  security_groups = ["${aws_security_group.alb-sg.id}"]
  subnets         = "${aws_subnet.main.*.id}"     ## all subnets added to the ALB 
  tags = {
    Name = "terraform-example-alb"
  }
}

#Create a new target group for the application load balancer. Traffic will be routed to target 
#web server instances on HTTP port 80. We will also define a health check for targets which will expect a "200 OK" response for the login page of our web application:
resource "aws_alb_target_group" "group" {
  name     = "terraform-example-alb-target"
  port     = 80
  protocol = "HTTP"
  vpc_id   = "${aws_vpc.vpc.id}"
  stickiness {
    type = "lb_cookie"
  }
  # Alter the destination of the health check to be the login page.
  health_check {
    #path = "/login"
    path = "/order/index.html"
    port = 80
  }
}


resource "aws_alb_target_group" "group-2" {
  name     = "terraform-alb-target-payment"
  port     = 80
  protocol = "HTTP"
  vpc_id   = "${aws_vpc.vpc.id}"
  stickiness {
    type = "lb_cookie"
  }
  # Alter the destination of the health check to be the login page.
  health_check {
    #path = "/login"
    path = "/payment/index.html"
    port = 80
  }
}


#listener for the TG

resource "aws_alb_listener" "listener_http" {
  load_balancer_arn = "${aws_alb.alb.arn}"
  port              = "80"
  protocol          = "HTTP"

  default_action {
    target_group_arn = "${aws_alb_target_group.group.arn}"
    type             = "forward"
  }

}

#listener rule 

resource "aws_alb_listener_rule" "static" {
  listener_arn = aws_alb_listener.listener_http.arn
  priority     = 100

  action {
    type             = "forward"
    target_group_arn = aws_alb_target_group.group.arn
  }

  condition {
    path_pattern {
      values = ["/order/*"]
    }
  }

}



resource "aws_instance" "server-1" {
  ami = "ami-04ad2567c9e3d7893"
  instance_type = "t2.micro"
  user_data = "${file("server-script.sh")}"
  subnet_id = element(aws_subnet.main.*.id, 1)
  security_groups = ["${aws_security_group.default-sg.id}"]
  key_name = "jenkins-key-22"

  tags = {
    Name = "web-server-1"
  }
}

resource "aws_instance" "server-2" {
  ami = "ami-04ad2567c9e3d7893"
  instance_type = "t2.micro"
  user_data = file("server-script.sh")
  subnet_id = element(aws_subnet.main.*.id, 2)
  security_groups = ["${aws_security_group.default-sg.id}"]
  key_name = "jenkins-key-22"

  tags = {
    Name = "web-server-2"
  }
}

resource "aws_alb_target_group_attachment" "alb_TG_instance" {
  target_group_arn = "${aws_alb_target_group.group.arn}"
  target_id        = "${aws_instance.server-1.id}"  
  port             = 80
}


resource "aws_alb_target_group_attachment" "alb_TG_instance-2" {
  target_group_arn = "${aws_alb_target_group.group-2.arn}"
  target_id        = "${aws_instance.server-2.id}"  
  port             = 80
}


#outputs

output "subnet_name" {
  #value = aws_subnet.main.*.id
  value = aws_subnet.main.*.availability_zone
}

output "subnet-id" {
  value = aws_subnet.main.*.id
}

output "public-ip-server-1" {
  value = aws_instance.server-1.public_ip
}

output "public-ip-server-2" {
  value = aws_instance.server-2.public_ip
}



++++++++++++++++++====`
Enter fullscreen mode Exit fullscreen mode

File 2: server-script.sh

!/bin/bash

sudo yum update
sudo yum install -y httpd
sudo systemctl enable httpd
sudo systemctl start httpd
mkdri -p /var/www/html/order
echo -e "

Hello from Terraform, this is created by SRAVAN, $(hostname -f)

" >>sudo tee /var/www/html/order/index.html
sudo systemctl restart httpd

download the code from
https://github.com/sravanre/terraform_alb_sravan.git

Top comments (0)