# Terraform with Docker Reading

### Introduction

So far we have seen how we can use terraform to set up our infrastructure.  We have used Docker to create EC2 instances, and set up security groups.  However, the services we established on those EC2 instances have been relatively simple so far.

Well, in this lesson we'll see how we can both set up an EC2 instance, and use Docker to set up our running services.

### Exploring the Terraform File

You can begin by looking at the terraform already set up in `main.tf`.

There you'll see our typical work of creating an EC2 instance (`aws_instance.backend_server`), and associating that server with security groups that allow for both ssh and http access.

```bash
resource "aws_instance" "backend_server" {
  ami           = "ami-0d7a109bf30624c99"
  instance_type = "t2.micro"
  key_name = "example" # replace with your key name
  
  vpc_security_group_ids = [aws_security_group.http_backend_security.id,
   aws_security_group.ssh_backend_security.id]
   ...
```

So those initial steps set up our aws infrastructure -- giving us an EC2 machine that's exposing the correct ports.  (The security groups are defined further down in the file).

However, the next step is to set up docker on the EC2 machine.  That's what occurs in the next set up of lines.

```python
user_data = <<-EOF
              #!/bin/bash
              sudo yum update -y 
              sudo yum install docker -y
              sudo systemctl start docker
              sudo docker pull jek2141/foursquare_backend -y
              sudo docker run --platform=linux/amd64 -p 80:80 jek2141/foursquare_backend
              EOF
```

Ok, so above, we update yum, use it to install docker, then we start docker, and pull down the required image.  Finally, we boot up our container with the `sudo docker run` command. 

**Your turn** The one step that you will need to do, is use the correct `key_name`.  Update that value with the a key that you have a corresponding pem file for.

Ok, so give this a shot:

```bash
terraform init
terraform apply
```

### Checking it out

Ok, so with this level of automation, it's good to confirm things are set up properly.

So ssh into the ec2 instance.

```bash
ssh -i something.pem ec2-user@dns.compute-1.amazonaws.com
```

And ensure that docker is setup and the image is downloaded onto the ec2 instance.

> `sudo docker image ls`

> <img src="./docker-setup.png" width="80%">

We can also confirm that the container is running properly.

> `sudo docker ps`

> <img src="./docker-ps.png" width="100%">

Ok, so this looks good.  If we look at `PORTS` we can see that we are mapping port 80 on our EC2 machine to port 80 in our docker container.  This is because of the the last line in our `user_data` string:

```bash
user_data = <<-EOF
...
sudo docker run --platform=linux/amd64 -p 80:80 jek2141/foursquare_backend
EOF
```

And in our terraform file, we also have a security group that is making port 80 public for http access.

```bash
resource "aws_security_group" "http_backend_security" {
  name = "new backend security"
  ingress {
    from_port   = 80
    to_port     = 80
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }
}
```

Ok, so we exposed port 80 on our ec2 machine to any computer on the web, and we exposed port 80 in our docker container to the ec2 machine.  And you can also [see here](https://hub.docker.com/layers/jek2141/foursquare_backend/latest/images/sha256-d40422cd2f3cd2919d4740146cf0b883a51be535b81cc095f9cf5780c5a45cec?context=repo) that the Dockerfile is set up to run flask on port 80.

```dockerfile
CMD ["flask" "run" "--host=0.0.0.0" "--port=80"]
```

Ok, so with all of these steps aligned, and our flask app up and running, we should be able to go to our application running on our domain name.

`http://domain-name/locations`

<img src="./deployed-app.png" width="50%">

* Clean up 

Run `terraform destroy` to remove the EC2 image.  We can always run `terraform apply` again if we want to boot up anything.

### Summary

In this lesson, we walked through setting up terraform to run an application on Docker.  To accomplish this, we needed to keep our initial set up of declaring an EC2 machine, and associating with security groups that allowed for ssh and http access.  In the security group, we specified that the http access was allowed on port 80 to any computer.  

We also took advantage of the `user_data` variable in terraform to, install docker, pull down the image and boot up the container.

```bash
user_data = <<-EOF
              #!/bin/bash
              sudo yum update -y 
              sudo yum install docker -y
              sudo systemctl start docker
              sudo docker pull jek2141/foursquare_backend -y
              sudo docker run --platform=linux/amd64 -p 80:80 jek2141/foursquare_backend
              EOF
```

We then confirmed that these steps worked by sshing into our ec2 machine, and using docker commands to see that our image was downloaded and that our container was up and running.