Launching RDS and EC2 instances in a VPC using Terraform
In this article we’ll use terraform to launch a VPC with a public and a private subnet, a RDS instance in the private subnet and one EC2 instance in both public and private subnet.
Terraform is a tool for building, changing, and versioning infrastructure safely and efficiently. Configuration files describe to terraform the components needed to run a single application or your entire datacenter. Terraform generates an execution plan describing what it will do to reach the desired state, and then executes it to build the described infrastructure. As the configuration changes, Terraform is able to determine what changed and create incremental execution plans which can be applied.
Let’s see the architecture which we will be deploying using the terraform template.
For creating the resources mentioned in the architecture diagram, we will first create modules for different services like VPC, Public subnet, Private subnet, RDS, and EC2 Instance. Once these modules are created, We will call these modules from our main configuration file.
In these modules we define three different files:
1. main.tf : This file define one or more infrastructure objects that the module will manage.
2. outputs.tf : The file return results to the calling module, which it can then use to populate arguments elsewhere.
3. vars.tf : The file accept values from the calling module.
These modules are then called from the main.tf present at the root level which further defines the resources that needs to be created and the dependencies. The main configuration file of our architecture is as below:
Following resources are created using the template defined:
1. A Virtual Private Cloud with CIDR range 10.0.0.0/16.
2. One public subnet with CIDR 10.0.1.0/24. A subnet is created first and to make it public an internet gateway, a route table is created with a route to 0.0.0.0/0. The route table is then associated with the internet gateway.
3. Private subnet with CIDR range 10.0.2.0/24 and 10.0.3.0/24.
4. One EC2 Instance in Public Subnet with Internet Connectivity. The instance is launched in the public subnet and thereby we would be able to access internet from the instance.
5. One EC2 Instance in Private Subnet. The instance is launched in private subnet without access to internet making it a private EC2 instance.
6. One RDS Instance in Private Subnet.
The code for launching the resources can also be downloaded from here.
Follow the below mentioned steps to deploy the template.
- After downloading the code. Modify the values in the “terraform.tfvars“ file as per your requirement. Once done, We can proceed with the next steps.
The directory structure should look like this:
2. Once downloaded, execute “terraform init” to initialize a working directory containing terraform configuration files. This is the first command that we should run after writing a new terraform configuration or cloning an existing one. You’ll see an output similar to this.
3. Validate the syntax of terraform files in the directory using “terraform validate”. It will display an error if any of the files doesn’t validate.
4. Execute “terraform plan” which creates an execution plan. By default, creating a plan consists of reading the current state of any already-existing remote objects to make sure that the Terraform state is up-to-date. Comparing the current configuration to the prior state and noting any differences.
5. Finally execute “terraform apply” to executes the actions proposed in the terraform plan.
We have successfully created the resources described in the architecture above. In the next article, We will try to access internet from the private EC2 instance through NAT Gateway.
Resources:
https://registry.terraform.io/providers/hashicorp/aws/latest/docs
