/project19

Automate Infrastructure With IAC Using Terraform Part 4 – Terraform Cloud

Automate Infrastructure With IAC Using Terraform Part 4 – Terraform Cloud

AWS Cloud Solution For 2 Company Websites Using A Reverse Proxy Technology

WARNING: This infrastructure set up is NOT covered by AWS free tier. Therefore, ensure to DELETE ALL the resources created immediately after finishing the project. Monthly cost may be shockingly high if resources are not deleted. Also, it is strongly recommended to set up a budget and configure notifications when your spendings reach a predefined limit. Watch this video to learn how to configure AWS budget.

The sole aim of this project to build the infrastructure in AWS using terraform.

We will build a secure infrastructure inside AWS VPC (Virtual Private Cloud) network for a fictitious company (Choose an interesting name for it) that uses WordPress CMS for its main business website, and a Tooling Website for their DevOps team. As part of the company's desire for improved security and performance, a decision has been made to use a reverse proxy technology from NGINX to achieve this.

Cost, Security, and Scalability are the major requirements for this project. Hence, implementing the architecture designed below, ensure that infrastructure for both websites, WordPress and Tooling, is resilient to Web Server's failures, can accomodate to increased traffic and, at the same time, has reasonable cost.

The tooling code is stored in this repository.

Always refer to the given diagram.

Architecture

Install graphviz

sudo apt install graphviz

Use the command below to generate dependency graph:

terraform graph -type=plan | dot -Tpng > graph.png
terraform graph  | dot -Tpng > graph.png

Read More abot terraform graph:

https://www.terraform.io/docs/cli/commands/graph.html

Action Plan for project 19

  • Build images using packer.

  • Confirm the AMIs in the console.

  • Update terrafrom script with new ami IDs generated from packer build.

  • Create terraform cloud account and backend.

  • Run terraform script.

  • Update ansible script with values from teraform output.

  • RDS endpoints for wordpress and tooling.

  • Database name, password and username for wordpress and tooling.

  • Access point ID for wordpress and tooling.

  • Internal load balancee DNS for nginx reverse proxy.

  • Run ansible script

  • Check the website

Draw back in the scripts

  • Direct hardcoding of values

  • Inputting credentials directly in the script

Useful links for windows users