Skip to content

Latest commit

ย 

History

History
165 lines (118 loc) ยท 3.66 KB

[Terraform] ๋ชจ๋“ˆ(Module).md

File metadata and controls

165 lines (118 loc) ยท 3.66 KB
Raw

[Terraform] ๋ชจ๋“ˆ(Module)




๋ชจ๋“ˆ(Module)์ด๋ž€?

Module

Terraform AWS Module Github ์ €์žฅ์†Œ

ansible์—์„œ์˜ ์—ญํ• (role)๊ณผ ๋น„์Šทํ•˜๋ฉฐ, ์ž์ฃผ ์‚ฌ์šฉํ•˜๋Š” ๋ฆฌ์†Œ์Šค๋“ค์„ ๋ชจ์•„๋‘” ์ปจํ…Œ์ด๋„ˆ


๋ชจ๋“ˆ์˜ ์ข…๋ฅ˜

  • root ๋ชจ๋“ˆ : ๊ธฐ๋ณธ ์ž‘์—… ๋””๋ ‰ํ† ๋ฆฌ ์˜ ํŒŒ์ผ์— ์ •์˜๋œ ๋ฆฌ์†Œ์Šค
  • child ๋ชจ๋“ˆ : ๋ชจ๋“ˆ์— ์˜ํ•ด ํ˜ธ์ถœ๋œ ๋ชจ๋“ˆ

๋ชจ๋“ˆ ์ดˆ๊ธฐํ™”

์ดˆ๊ธฐํ™”ํ•ด์•ผ ๋ชจ๋“ˆ์ด ๋‹ค์šด๋กœ๋“œ ๋œ๋‹ค.

terraform init

์˜ˆ์‹œ

module "myvpc" {
	source = 

	...์ž…๋ ฅ ๋ณ€์ˆ˜...
}

resource "aws_instance" "web" {

  subnet_id = module.myvpc.<์ถœ๋ ฅ๊ฐ’>
}

๐Ÿ’ป VPC ๋ชจ๋“ˆ ์‚ฌ์šฉํ•ด๋ณด๊ธฐ

์—ฌ๊ธฐ์— ์ด์–ด์„œ ์ž‘์„ฑํ•œ ๊ฒƒ

๋ชจ๋“ˆ์„ ์‚ฌ์šฉํ•  ๋•Œ๋Š” output ๋ณ€์ˆ˜ ์ด๋ฆ„ ์ž˜ ํ™•์ธํ•ด์•ผํ•จโ• : [aws vpc module outputs](terraform-aws-modules/vpc/aws | Terraform Registry)


๐Ÿ“main.tf

module "app_vpc" {    #vpc ๋ชจ๋“ˆ
  source = "terraform-aws-modules/vpc/aws"

  name = "app_vpc"
  cidr = "10.0.0.0/16"

  azs = [
    "ap-northeast-2a",
    "ap-northeast-2b",
    "ap-northeast-2c",
    "ap-northeast-2d"
  ]
  public_subnets = [  #list๋กœ ์ž‘์„ฑํ•ด์•ผํ•จ
    "10.0.0.0/24",
    "10.0.1.0/24",
    "10.0.2.0/24",
    "10.0.3.0/24"
  ]
  private_subnets = [  #list๋กœ ์ž‘์„ฑํ•ด์•ผํ•จ
    "10.0.10.0/24",
    "10.0.11.0/24",
    "10.0.12.0/24",
    "10.0.13.0/24"
  ]
}

resource "aws_key_pair" "app_server_key" {    #๋ณด์•ˆ ๊ทธ๋ฃน
  key_name   = "app_server-key"
  public_key = file("/home/vagrant/.ssh/id_rsa.pub")
}

resource "aws_instance" "app_server" {     #EC2 ์ธ์Šคํ„ด์Šค
  ami           = var.aws_amazon_linux_ami[var.aws_region]
  instance_type = "t3.small"
  vpc_security_group_ids = [aws_security_group.app_server_sg.id]
  key_name               = aws_key_pair.app_server_key.key_name
  subnet_id              = module.app_vpc.public_subnets[0]   #์„œ๋ธŒ๋„ท

  tags = local.common_tags
}

resource "aws_instance" "app_server2" {
  ami           = var.aws_amazon_linux_ami[var.aws_region]
  instance_type = "t3.small"
  vpc_security_group_ids = [aws_security_group.app_server_sg.id]
  key_name               = aws_key_pair.app_server_key.key_name
  subnet_id              = module.app_vpc.public_subnets[1] #output value๋ฅผ ์ฐธ์กฐํ•œ๊ฒƒ

  tags = local.common_tags
}

resource "aws_eip" "app_server_eip" {
  vpc      = true
  instance = aws_instance.app_server.id
  tags     = local.common_tags
}

๐Ÿ“security_group.tf

๋ณด์•ˆ ๊ทธ๋ฃน์€ vpc์— ์†ํ•˜๋Š” ๊ฒƒ์ด๋ฏ€๋กœ, ๋ณด์•ˆ๊ทธ๋ฃน์˜ vpc๋ฅผ ์ˆ˜์ •ํ•ด์•ผํ•จ

resource "aws_security_group" "app_server_sg" {
  name = "Allow SSH & HTTP"
  vpc_id = module.app_vpc.vpc_id #output value ์ฐธ์กฐ

  ingress { #์ธ๋ฐ”์šด๋“œ ๊ทœ์น™
    from_port   = 80
    to_port     = 80
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  ingress { #์ธ๋ฐ”์šด๋“œ ๊ทœ์น™
    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
    cidr_blocks = ["๋‚ด IP/32"]
  }

  egress { #์•„์›ƒ๋ฐ”์šด๋“œ ๊ทœ์น™
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }
}

vpc ์ƒ์„ฑ ํ™•์ธ

image-20220422210940331

์„œ๋ธŒ๋„ท ์ƒ์„ฑ ํ™•์ธ

image-20220422211044119

์ธ์Šคํ„ด์Šค ์ƒ์„ฑ ํ™•์ธ

image-20220422211150412