Canarys | IT Services

Blogs

Provisioning AWS EC2 Virtual Machine using Terraform

Share

In the ever-evolving landscape of cloud infrastructure, automation is key. If you’re looking to deploy your application’s on AWS, Terraform provides a powerful solution for infrastructure as code (IaC). Let’s dive into the process of provisioning an AWS Linux instance using Terraform for seamless for DotNET Core application deployment.

Before starting with configuration lets understand what is terraform and how it’s written

Terraform uses a configuration language called HCL (HashiCorp Configuration Language) for defining infrastructure. HCL is designed to be easy to read and write.

Blocks: Terraform configurations consist of blocks, each serving a specific purpose. The example above contains two blocks: provider and resource. Blocks are defined using curly braces {}.

Something like this

Img(i)

Arguments and Parameters: Inside a block, you define various arguments and parameters. In the example above, region and ami are arguments, and their values are specified using the = sign.

Resources: Resources represent the infrastructure components you want to manage. They are defined using the resource block.

Providers: Providers are plugins that define how Terraform interacts with a specific infrastructure platform (e.g., AWS, Azure, Google Cloud). You configure providers at the beginning of your Terraform configuration.

Provisioners: The provisioner block allows you to define actions like running scripts, executing commands, or using configuration management tools to set up or configure a resource after it has been created. Provisioners are commonly used for tasks such as initializing databases, installing software, or performing any post-creation configuration steps.

Data Sources:

Data sources allow you to fetch information from external sources and use it in your Terraform configuration.

Outputs: The output block allows you to define values that will be printed after Terraform applies your configuration. This is useful for exposing information about your infrastructure.

Modules: Modules allow you to organize and reuse Terraform configurations. They are defined in separate directories and can be used as building blocks for larger infrastructures.

Now let’s get started with provisioning Infrastructure!   

Prerequisites

Step 1: Install Terraform

Ensure you have Terraform installed on your local machine. You can download the latest version from the official Terraform website.

Step 2: Set Up Your Terraform Configuration

Create a new directory for your Terraform files and create files named as main.tf, variables.tf and terraform.tfvars. These files contain your Terraform configuration.

This is how the infrastructure is going to looks like

Img(1)

These are variables and values for our configuration!

Img(2)

Img(3)

Now let’s first Configure Provider Block{}

Img(4)

Here we are going to define what Provider will be used for our deployment. In this case it’s AWS and I am using eu-north-1 region for my infrastructure Img(1).

Now configure VPC as pictured in above infrastructure.

Img(5)

Name of VPC is eShop-vpc and has (Class-Less Inter Domain routing) CIDR as a variable which’s value Is stored in terraform.tfvars file Img(2)&Img(3).

and VPC comes with three different public subnet and they scattered in two availability zones eu-north-1b & eu-north-1c.

Img(6)

Now let’s add internet gateway for VPC to get traffic form internet!

Img(7)

An Internet Gateway is a horizontally scalable, redundant, and highly available VPC component that allows communication between instances in your Virtual Private Cloud (VPC) and the Internet. It essentially enables your VPC to connect to the Internet and allows instances within the VPC to send and receive traffic to and from the Internet.

Now we add Route table for VPC.

Img(8)

a route table is a set of rules, often referred to as routes, that is used to determine where network traffic is directed. In cloud computing platforms like Amazon Web Services (AWS), a route table is associated with a virtual network (VPC) and is used to control the traffic leaving and entering the VPC.

Let’s add Security Group!

Img(9)

In this resource block we are allowing some ports to connect with our VPC, they are 80, 8080, 22 & 1433 this type of rule is called ingress which Is inbound rules. And I am going to add egress rule to manage traffic form VPC to internet, its basically not defining any rule for out bond connection.

Now we will be creating AWS EC2 Virtual machine.

We are going to use Data source block for fetching amazon machine image (ami) id of latest amazon Linux image.

Img(10)

Img(11)

We will be using output block in our Ec2 configuration.

We need to assign key pair for our Ec2, and we are creating one here with the name server key with location if it in local workspace.

Img(12)

This is aws ec2 configuration with the name of “eShop-server” and we are fetching ami id by data source and I have mentioned instance type as t3.micro by using it as a variable form variables.tf file, attached VPC availability zone and made it as public. I am also going to add the key we just created in above image 11 and 12. While creating ec2 there is a feature called user data (User data often includes scripts or commands that are executed when an instance is launched. These scripts can be used for various purposes, such as configuring software, installing applications, or initializing the instance) by using this we are installing dotnet sdk and runtime and creating folder for artifact with suitable permissions

Img(13)

We are also using Provisioner block to execuite other commands and Bash files

As you can see In image 14 and 15 I am using file provisioner for creating service

Img(14)

This bash file I executed by file provisioner will create a service file in /var/www/eshop directory which will run the DotNet dll file on port 5000.

Img(15)

And I am using remote -exec provisioner launching the application

Img(16)

This remote exec provisioner will move service file form temp directory to system directory, then we are going to reload daemon (it is a background process in Linux that runs continuously and performs specific tasks without direct user interaction) and start the application.

Now let’s figure out how to provision data bases and make connections to EC2!

Img(17)

I am adding data bases to subnet 2 different subnet groups and giving them name as MSSQL SUBNET GROUP

Now let’s see how to provision databases.

Img(18)

Img(19)

Here I am using database as a module for configuring Database. This database will store login details and second one  stores the catalog and product details.

Conclusion:
The outlined process automates the deployment of a .NET Core application on AWS using Terraform. It covers infrastructure aspects like VPC, EC2 instances, security groups, and databases. Adapt configurations based on specific application and infrastructure requirements. Stay updated with Terraform and AWS practices for ongoing optimization

Reach Us

With Canarys,
Let’s Plan. Grow. Strive. Succeed.