From 009e3bca16d790f7b8aee6ead4a33cf43556a654 Mon Sep 17 00:00:00 2001 From: gabriel becker Date: Mon, 14 Aug 2023 16:52:17 +1000 Subject: [PATCH] Template for ALB --- README.md | 6 ++ aws_alb/main.tf | 163 +++++++++++++++++++++++++++++++++++++++++++ aws_alb/outputs.tf | 4 ++ aws_alb/variables.tf | 4 ++ 4 files changed, 177 insertions(+) create mode 100644 README.md create mode 100644 aws_alb/main.tf create mode 100644 aws_alb/outputs.tf create mode 100644 aws_alb/variables.tf diff --git a/README.md b/README.md new file mode 100644 index 0000000..9d0168f --- /dev/null +++ b/README.md @@ -0,0 +1,6 @@ +# Terraform Lab + +Provisioning scripts for personal learning. + +References + - [gruntwork](https://blog.gruntwork.io/an-introduction-to-terraform-f17df9c6d180) \ No newline at end of file diff --git a/aws_alb/main.tf b/aws_alb/main.tf new file mode 100644 index 0000000..0d36750 --- /dev/null +++ b/aws_alb/main.tf @@ -0,0 +1,163 @@ +terraform { + required_version = ">= 1.0.0, < 2.0.0" + + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 4.0" + } + } +} + +provider "aws" { + profile = "superuser" + region = "ap-southeast-2" +} + +data "aws_ami" "aws_linux_ami" { + most_recent = true + owners = ["amazon"] + filter { + name = "name" + values = ["al*-ami-*-x86_64*"] + } +} + +data "aws_vpc" "default" { + default = true +} + +data "aws_subnets" "default" { + filter { + name = "vpc-id" + values = [data.aws_vpc.default.id] + } +} + +resource "aws_launch_configuration" "server_ami" { + image_id = data.aws_ami.aws_linux_ami.id + instance_type = "t2.micro" + security_groups = [ aws_security_group.server-sg.id ] + key_name = "debin" + + user_data = <<-EOF + #!/bin/bash + su - + sudo yum update -y + sudo yum install -y httpd.x86_64 + + echo "Hello, World " > /var/www/html/index.html + sudo systemctl start httpd.service + sudo systemctl enable httpd.service + EOF + + lifecycle { + create_before_destroy = true + } +} + +resource "aws_autoscaling_group" "server_group" { + min_size = 2 + max_size = 10 + launch_configuration = aws_launch_configuration.server_ami.name + vpc_zone_identifier = data.aws_subnets.default.ids + target_group_arns = [aws_lb_target_group.target_group.arn] + health_check_type = "ELB" + + tag { + key = "Name" + value = "ASEC2" + propagate_at_launch = true + } +} + +resource "aws_security_group" "server-sg" { + name = "alb_sec_group" + + ingress { + description = "TLS from VPC" + from_port = var.server_port + to_port = var.server_port + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + ipv6_cidr_blocks = ["::/0"] + } + egress { + description = "all" + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + ipv6_cidr_blocks = ["::/0"] + } +} + +resource "aws_lb" "load_balancer" { + name = "dummy-server-lb" + load_balancer_type = "application" + subnets = data.aws_subnets.default.ids + security_groups = [aws_security_group.alb_sg.id] +} + +resource "aws_alb_listener" "http_endpoint" { + load_balancer_arn = aws_lb.load_balancer.arn + port = 80 + protocol = "HTTP" + + default_action { + type = "fixed-response" + + fixed_response { + content_type = "text/plain" + message_body = "404" + status_code = 404 + } + } +} + +resource "aws_security_group" "alb_sg" { + name = "autogerenated-exmaple-alb" + ingress { + from_port = 80 + to_port = 80 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } +} + +resource "aws_lb_target_group" "target_group" { + name = "aws-target-group" + port = var.server_port + protocol = "HTTP" + vpc_id = data.aws_vpc.default.id + + health_check { + path = "/" + protocol = "HTTP" + matcher = "200" + interval = 15 + timeout = 3 + healthy_threshold = 2 + unhealthy_threshold = 2 + } +} + +resource "aws_lb_listener_rule" "expose_80" { + listener_arn = aws_alb_listener.http_endpoint.arn + priority = 100 + condition { + path_pattern { + values = ["*"] + } + } + action { + type = "forward" + target_group_arn = aws_lb_target_group.target_group.arn + } +} diff --git a/aws_alb/outputs.tf b/aws_alb/outputs.tf new file mode 100644 index 0000000..3d80024 --- /dev/null +++ b/aws_alb/outputs.tf @@ -0,0 +1,4 @@ +output "url" { + value = aws_lb.load_balancer.dns_name + description = "URL linking to the alb endpoint." +} \ No newline at end of file diff --git a/aws_alb/variables.tf b/aws_alb/variables.tf new file mode 100644 index 0000000..d0a6c51 --- /dev/null +++ b/aws_alb/variables.tf @@ -0,0 +1,4 @@ +variable "server_port" { + type = number + default = 80 +} \ No newline at end of file