gabriel
/
terraform-lab
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

Template for ALB

main
gabriel becker 1 year ago
parent
6be0f681b8
commit
009e3bca16
4 changed files with 177 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 6
      README.md
  2. 163
      aws_alb/main.tf
  3. 4
      aws_alb/outputs.tf
  4. 4
      aws_alb/variables.tf

6
README.md
Unescape View File

@ -0,0 +1,6 @@
# Terraform Lab
Provisioning scripts for personal learning.
References
- [gruntwork](https://blog.gruntwork.io/an-introduction-to-terraform-f17df9c6d180)

163
aws_alb/main.tf
Unescape View File

@ -0,0 +1,163 @@
terraform {
required_version = ">= 1.0.0, < 2.0.0"
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 4.0"
}
}
}
provider "aws" {
profile = "superuser"
region = "ap-southeast-2"
}
data "aws_ami" "aws_linux_ami" {
most_recent = true
owners = ["amazon"]
filter {
name = "name"
values = ["al*-ami-*-x86_64*"]
}
}
data "aws_vpc" "default" {
default = true
}
data "aws_subnets" "default" {
filter {
name = "vpc-id"
values = [data.aws_vpc.default.id]
}
}
resource "aws_launch_configuration" "server_ami" {
image_id = data.aws_ami.aws_linux_ami.id
instance_type = "t2.micro"
security_groups = [ aws_security_group.server-sg.id ]
key_name = "debin"
user_data = <<-EOF
#!/bin/bash
su -
sudo yum update -y
sudo yum install -y httpd.x86_64
echo "Hello, World " > /var/www/html/index.html
sudo systemctl start httpd.service
sudo systemctl enable httpd.service
EOF
lifecycle {
create_before_destroy = true
}
}
resource "aws_autoscaling_group" "server_group" {
min_size = 2
max_size = 10
launch_configuration = aws_launch_configuration.server_ami.name
vpc_zone_identifier = data.aws_subnets.default.ids
target_group_arns = [aws_lb_target_group.target_group.arn]
health_check_type = "ELB"
tag {
key = "Name"
value = "ASEC2"
propagate_at_launch = true
}
}
resource "aws_security_group" "server-sg" {
name = "alb_sec_group"
ingress {
description = "TLS from VPC"
from_port = var.server_port
to_port = var.server_port
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
ipv6_cidr_blocks = ["::/0"]
}
egress {
description = "all"
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
ipv6_cidr_blocks = ["::/0"]
}
}
resource "aws_lb" "load_balancer" {
name = "dummy-server-lb"
load_balancer_type = "application"
subnets = data.aws_subnets.default.ids
security_groups = [aws_security_group.alb_sg.id]
}
resource "aws_alb_listener" "http_endpoint" {
load_balancer_arn = aws_lb.load_balancer.arn
port = 80
protocol = "HTTP"
default_action {
type = "fixed-response"
fixed_response {
content_type = "text/plain"
message_body = "404"
status_code = 404
}
}
}
resource "aws_security_group" "alb_sg" {
name = "autogerenated-exmaple-alb"
ingress {
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}
resource "aws_lb_target_group" "target_group" {
name = "aws-target-group"
port = var.server_port
protocol = "HTTP"
vpc_id = data.aws_vpc.default.id
health_check {
path = "/"
protocol = "HTTP"
matcher = "200"
interval = 15
timeout = 3
healthy_threshold = 2
unhealthy_threshold = 2
}
}
resource "aws_lb_listener_rule" "expose_80" {
listener_arn = aws_alb_listener.http_endpoint.arn
priority = 100
condition {
path_pattern {
values = ["*"]
}
}
action {
type = "forward"
target_group_arn = aws_lb_target_group.target_group.arn
}
}

4
aws_alb/outputs.tf
Unescape View File

@ -0,0 +1,4 @@
output "url" {
value = aws_lb.load_balancer.dns_name
description = "URL linking to the alb endpoint."
}

4
aws_alb/variables.tf
Unescape View File

@ -0,0 +1,4 @@
variable "server_port" {
type = number
default = 80
}
Write Preview
Loading…
Cancel
Save