This is a demo of how to create a multi-tier ASG in pure Terraform.
The terraform/ directory contains the basic code, utilizing external modules,
to:
- Create a VPC with public subnets.
- Create private subnets, matching the public subnets' availability zones, with NAT for outbound access.
- ALB connected to the public subnets.
- An ASG connected to the ALB. The instances in the launch configuration will find the latest hvm-ebs Amazon Linux instance, and then will bootstrap the instance with a test webpage based on pure user data. This setup does not require an AMI to be pre-built.
The config prints the ALB hostname and the security groups as outputs.
This example leans heavily on Terraform's modules feature to demonstrate the power of a repeatable configuration.
The modules we make use of are:
terraform_aws_vpcterraform_aws_private_subnetterraform_aws_albterraform_aws_asgterraform_aws_security_group
All you need to use this repo is Terraform itself, and make.
By default, the stack will deploy to us-west-2. To deploy it, run
make infrastructure
Valid AWS credentials will need to be available in your credential chain, either
as environment variables (ie: AWS_ACCESS_KEY, AWS_SECRET_ACCESS_KEY and
AWS_SESSION_TOKEN), or your credentials in your ~/.aws directory.
You can also control the build process through the following environment variables:
AWS_DEFAULT_REGIONTo control the region to deploy to (defaultus-west-2).TF_CMDTo control the Terrafrom command (defaultapply. Change this todestroyto tear down the infrastructure).TF_DIRTo control the Terrafrom directory (defaultterraform).
This is an evolution of a lot of other work I've done on creating a deployment pipeline pattern that heavily relies on Terraform. For my previous work, see:
- https://www.awsadvent.com/2016/12/06/just-add-code-fun-with-terraform-modules-and-aws/
- https://github.com/vancluever/advent_demo
- https://github.com/vancluever/packer-terraform-example
- https://vancluevertech.com/2016/02/02/aws-world-detour-packer-and-terraform/
Copyright 2016 Chris Marchesi
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.