Differences

This shows you the differences between two versions of the page.

--- linux_wiki:terraform [2018/06/14 22:27]
billdozor [File Contents: Site Module Files]
+++ linux_wiki:terraform [2019/05/25 23:50]
@@ Line 1: / Line 1: @@
-====== Terraform ======
-**General Information**
-"Terraform enables you to safely and predictably create, change, and improve infrastructure. It is an open source tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned."
-Site
-  * Official Site: https://www.terraform.io/
-  * Downloads: https://www.terraform.io/downloads.html
-  * Getting started: https://www.terraform.io/intro/getting-started/install.html
-**Checklist**
-  * AWS Account
-----
-====== Install Terraform ======
-Installing Terraform on Linux.
-  * Visit downloads page: https://www.terraform.io/downloads.html
-  * Copy download link
-  * On Linux server, wget the link to download (example link)<code bash>wget https://releases.hashicorp.com/terraform/0.11.7/terraform_0.11.7_linux_amd64.zip</code>
-  * Unzip single binary, move into /usr/local/bin<code bash>unzip terraform_0.11.7_linux_amd64.zip
-mv terraform /usr/local/bin/</code>
-  * Verify<code bash>terraform --version</code>
-----
-====== Configure AWS Credentials for Use ======
-  * Login to your AWS account, create access keys for CLI use and download the file.
-  * Create an AWS credentials file in your home directory<code bash>vim ~/.aws/credentials
-# AWS Credentials
-[default]
-aws_access_key_id = "access-key-id-here"
-aws_secret_access_key = "secret-key-here"</code>
-    * The profile name is "default" and can now be referenced in the terraform config files.
-  * Lock down permissions<code bash>chmod 600 ~/.aws/credentials</code>
-====== Terraform Example: 2 Tier VPC ======
-Creating a 2-tier VPC (public and private subnets), utilizing 3 availability zones in US-West (Oregon).
-This will create the all of the virtual infrastructure to start creating services inside of.
-===== File Structure =====
-Files can be named anything, as long as it ends in a ".tf". Terraform will load all files in a directory structure below it that end in that.
-Example Structure
-<code bash>
-├── main.tf      # Terraform root config (does not have to be 'main.tf')
-├── outputs.tf   # Output data that can be displayed
-├── site         # A local defined module called "site"
-│   ├── nat_gateway.tf
-│   ├── outputs.tf
-│   ├── routes.tf
-│   ├── security_groups.tf
-│   ├── subnets.tf
-│   ├── variables.tf
-│   └── vpc.tf
-├── terraform.tfstate  # Terrform creates this file to keep track of resource state
-├── terraform.tfstate.backup  # And this is just a backup of state
-└── variables.tf    # Variables defined here that can be used or passed into modules
-</code>
-----
-===== File Contents =====
-Contents of the above config files.
-==== File Contents: Root Files ====
-Files in the top level directory. Ordered in a way that is easier to follow.
-<code bash main.tf># Title: main.tf
-# Description: Main terraform config file. Define provider and load other modules
-#              AWS Credentials auto loaded from ~/.aws/credentials
-## AWS Provider and Region
-provider "aws" {
-  region = "${var.region}"
-  profile = "default"
-}
-## Module: Site Infrastructure Setup
-module "site" {
-  source = "./site"
-  availability_zones = "${var.availability_zones}"
-  public_subnet01_cidr = "${var.public_subnet01_cidr}"
-  public_subnet02_cidr = "${var.public_subnet02_cidr}"
-  public_subnet03_cidr = "${var.public_subnet03_cidr}"
-  private_subnet01_cidr = "${var.private_subnet01_cidr}"
-  private_subnet02_cidr = "${var.private_subnet02_cidr}"
-  private_subnet03_cidr = "${var.private_subnet03_cidr}"
-  vpc_cidr = "${var.vpc_cidr}"
-}</code>
-<code bash variables.tf># Title: variables.tf
-# Description: Root defined variables
-####-- Global Variables --####
-# AWS Region To Use
-variable "region" {
-  default = "us-west-2"
-}
-# Availability Zones To Use
-variable "availability_zones" {
-  type = "list"
-  default = [ "us-west-2a" , "us-west-2b" , "us-west-2c" ]
-}
-####-- VPC Variables --####
-# VPC Network
-variable "vpc_cidr" {
-  description = "CIDR for the whole VPC"
-  # /21 = 2046 IPs, 10.0.0.1 - 10.0.7.254
-  default = "10.0.0.0/21"
-}
-# Public Subnet 01 (with IGW)
-variable "public_subnet01_cidr" {
-  description = "CIDR for the Public Subnet"
-  # /25 = 126 IPs, 10.0.0.1 - 10.0.0.126
-  default = "10.0.0.0/25"
-}
-# Public Subnet 02 (with IGW)
-variable "public_subnet02_cidr" {
-  description = "CIDR for the Public Subnet"
-  # /25 = 126 IPs, 10.0.0.129 - 10.0.0.254
-  default = "10.0.0.128/25"
-}
-# Public Subnet 03 (with IGW)
-variable "public_subnet03_cidr" {
-  description = "CIDR for the Public Subnet"
-  # /25 = 126 IPs, 10.0.1.1 - 10.0.1.126
-  default = "10.0.1.0/25"
-}
-# Private Subnet 01 (no IGW)
-variable "private_subnet01_cidr" {
-  description = "CIDR for the Private Subnet"
-  # /23 = 510 IPs, 10.0.2.1 - 10.0.3.254
-  default = "10.0.2.0/23"
-}
-# Private Subnet 02 (no IGW)
-variable "private_subnet02_cidr" {
-  description = "CIDR for the Private Subnet"
-  # /23 = 510 IPs, 10.0.4.1 - 10.0.5.254
-  default = "10.0.4.0/23"
-}
-# Private Subnet 03 (no IGW)
-variable "private_subnet03_cidr" {
-  description = "CIDR for the Private Subnet"
-  # /23 = 510 IPs, 10.0.6.1 - 10.0.7.254
-  default = "10.0.6.0/23"
-}</code>
-<code bash outputs.tf># Title: outputs.tf
-# Description: Outputs from resources saved as variables
-# Pull the VPC ID from the site module
-output "vpc_id" {
-  value = "${module.site.vpc_id}"
-}</code>
-==== File Contents: Site Module Files ====
-Files in the site/ module directory. Ordered in a way that is easier to follow.
-<code bash variables.tf># Title: site/variables.tf
-# Description: Required input variables from the parent file (../main.tf)
-# Availability Zones: Pass in from main variables
-variable "availability_zones" { type = "list" }
-# VPC CIDR: Pass in from main variables
-variable "vpc_cidr" {}
-# Public Subnets (with IGW): Pass in from main
-variable "public_subnet01_cidr" {}
-variable "public_subnet02_cidr" {}
-variable "public_subnet03_cidr" {}
-# Private Subnets (no IGW): Pass in from main
-variable "private_subnet01_cidr" {}
-variable "private_subnet02_cidr" {}
-variable "private_subnet03_cidr" {}</code>
-<code bash vpc.tf># Title: vpc.tf
-# Description: Create a VPC and attach an internet gateway
-####-- VPC --####
-# VPC: Creation
-resource "aws_vpc" "myvpc" {
-  cidr_block = "${var.vpc_cidr}"
-  enable_dns_hostnames = true
-  tags {
-    Name = "myvpc"
-  }
-}
-# VPC: Internet Gateway
-resource "aws_internet_gateway" "myigw" {
-  vpc_id =  "${aws_vpc.myvpc.id}"
-  tags {
-    Name = "myigw"
-  }
-}</code>
-<code bash subnets.tf># Title: subnets.tf
-# Description: Create subnets
-####-- Subnets --####
-# Public Subnet 01
-resource "aws_subnet" "subnet01-public" {
-  vpc_id = "${aws_vpc.myvpc.id}"
-  cidr_block = "${var.public_subnet01_cidr}"
-  availability_zone = "${element(var.availability_zones, 0)}"
-  tags {
-    Name = "subnet_public01"
-  }
-}
-# Public Subnet 02
-resource "aws_subnet" "subnet02-public" {
-  vpc_id = "${aws_vpc.myvpc.id}"
-  cidr_block = "${var.public_subnet02_cidr}"
-  availability_zone = "${element(var.availability_zones, 1)}"
-  tags {
-    Name = "subnet_public02"
-  }
-}
-# Public Subnet 03
-resource "aws_subnet" "subnet03-public" {
-  vpc_id = "${aws_vpc.myvpc.id}"
-  cidr_block = "${var.public_subnet03_cidr}"
-  availability_zone = "${element(var.availability_zones, 2)}"
-  tags {
-    Name = "subnet_public03"
-  }
-}
-# Private Subnet 01
-resource "aws_subnet" "subnet01-private" {
-  vpc_id = "${aws_vpc.myvpc.id}"
-  cidr_block = "${var.private_subnet01_cidr}"
-  availability_zone = "${element(var.availability_zones, 0)}"
-  tags {
-    Name = "subnet_private01"
-  }
-}
-# Private Subnet 02
-resource "aws_subnet" "subnet02-private" {
-  vpc_id = "${aws_vpc.myvpc.id}"
-  cidr_block = "${var.private_subnet02_cidr}"
-  availability_zone = "${element(var.availability_zones, 1)}"
-  tags {
-    Name = "subnet_private02"
-  }
-}
-# Private Subnet 03
-resource "aws_subnet" "subnet03-private" {
-  vpc_id = "${aws_vpc.myvpc.id}"
-  cidr_block = "${var.private_subnet03_cidr}"
-  availability_zone = "${element(var.availability_zones, 2)}"
-  tags {
-    Name = "subnet_private03"
-  }
-}</code>
-<code bash nat_gateway.tf></code>
-<code bash outputs.tf></code>
-<code bash routes.tf></code>
-<code bash security_groups.tf></code>
-----