diff --git a/classes/04class/exercises/c04-iac04/williamchrisp/README.md b/classes/04class/exercises/c04-iac04/williamchrisp/README.md new file mode 100644 index 000000000..35bd89b10 --- /dev/null +++ b/classes/04class/exercises/c04-iac04/williamchrisp/README.md @@ -0,0 +1,13 @@ +# C04-IAC04 + +## Command Execution Output +- [output.txt](output.txt) +- [terraform-apply.txt](terraform-apply.txt) +- [terraform-code/](terraform-code/) + +## Questions: +- What is the benefit of having the Terraform code for the resources within the module you've created? +> It allows terraform to be more modular and allows code to be reused in other areas. It also indirectly allows the code to be more flexible if written correctly. + +*** +Answer for exercise [c04-iac04](https://github.com/devopsacademyau/academy/blob/c41e824fb2a2c55e3a30b2371a87e3a7551b6741/classes/04class/exercises/c04-iac04/README.md) \ No newline at end of file diff --git a/classes/04class/exercises/c04-iac04/williamchrisp/output.txt b/classes/04class/exercises/c04-iac04/williamchrisp/output.txt new file mode 100644 index 000000000..4521857e1 --- /dev/null +++ b/classes/04class/exercises/c04-iac04/williamchrisp/output.txt @@ -0,0 +1,2 @@ +curl williamdaalb-1091858441.us-west-2.elb.amazonaws.com +“Hello World from ip-10-0-1-168.us-west-2.compute.internal” \ No newline at end of file diff --git a/classes/04class/exercises/c04-iac04/williamchrisp/terraform-apply.txt b/classes/04class/exercises/c04-iac04/williamchrisp/terraform-apply.txt new file mode 100644 index 000000000..104eff6b1 --- /dev/null +++ b/classes/04class/exercises/c04-iac04/williamchrisp/terraform-apply.txt @@ -0,0 +1,550 @@ +terraform apply -var-file=main.tfvars +module.web_app.data.aws_availability_zones.available: Reading... +module.web_app.data.aws_availability_zones.available: Read complete after 1s [id=us-west-2] + +Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the +following symbols: + + create + +Terraform will perform the following actions: + + # module.web_app.aws_autoscaling_group.app_asg will be created + + resource "aws_autoscaling_group" "app_asg" { + + arn = (known after apply) + + availability_zones = (known after apply) + + default_cooldown = (known after apply) + + desired_capacity = 1 + + force_delete = false + + force_delete_warm_pool = false + + health_check_grace_period = 300 + + health_check_type = "ELB" + + id = (known after apply) + + launch_configuration = (known after apply) + + max_size = 2 + + metrics_granularity = "1Minute" + + min_size = 1 + + name = "williamda-asg" + + name_prefix = (known after apply) + + protect_from_scale_in = false + + service_linked_role_arn = (known after apply) + + target_group_arns = (known after apply) + + vpc_zone_identifier = (known after apply) + + wait_for_capacity_timeout = "10m" + } + + # module.web_app.aws_autoscaling_policy.down will be created + + resource "aws_autoscaling_policy" "down" { + + adjustment_type = "ChangeInCapacity" + + arn = (known after apply) + + autoscaling_group_name = "williamda-asg" + + cooldown = 300 + + enabled = true + + id = (known after apply) + + metric_aggregation_type = (known after apply) + + name = "asg_down" + + policy_type = "SimpleScaling" + + scaling_adjustment = -1 + } + + # module.web_app.aws_autoscaling_policy.up will be created + + resource "aws_autoscaling_policy" "up" { + + adjustment_type = "ChangeInCapacity" + + arn = (known after apply) + + autoscaling_group_name = "williamda-asg" + + cooldown = 300 + + enabled = true + + id = (known after apply) + + metric_aggregation_type = (known after apply) + + name = "asg_up" + + policy_type = "SimpleScaling" + + scaling_adjustment = 1 + } + + # module.web_app.aws_cloudwatch_metric_alarm.web_cpu_down will be created + + resource "aws_cloudwatch_metric_alarm" "web_cpu_down" { + + actions_enabled = true + + alarm_actions = (known after apply) + + alarm_name = "web_cpu_down" + + arn = (known after apply) + + comparison_operator = "LessThanOrEqualToThreshold" + + dimensions = { + + "autoscaling_group_name" = "asg_down" + } + + evaluate_low_sample_count_percentiles = (known after apply) + + evaluation_periods = 2 + + id = (known after apply) + + metric_name = "CPUUtilization" + + namespace = "AWS/EC2" + + period = 120 + + statistic = "Average" + + tags_all = (known after apply) + + threshold = 30 + + treat_missing_data = "missing" + } + + # module.web_app.aws_cloudwatch_metric_alarm.web_cpu_up will be created + + resource "aws_cloudwatch_metric_alarm" "web_cpu_up" { + + actions_enabled = true + + alarm_actions = (known after apply) + + alarm_name = "web_cpu_up" + + arn = (known after apply) + + comparison_operator = "GreaterThanOrEqualToThreshold" + + dimensions = { + + "autoscaling_group_name" = "asg_up" + } + + evaluate_low_sample_count_percentiles = (known after apply) + + evaluation_periods = 2 + + id = (known after apply) + + metric_name = "CPUUtilization" + + namespace = "AWS/EC2" + + period = 120 + + statistic = "Average" + + tags_all = (known after apply) + + threshold = 60 + + treat_missing_data = "missing" + } + + # module.web_app.aws_internet_gateway.igw will be created + + resource "aws_internet_gateway" "igw" { + + arn = (known after apply) + + id = (known after apply) + + owner_id = (known after apply) + + tags = { + + "Name" = "williamda-IGW" + } + + tags_all = { + + "Name" = "williamda-IGW" + } + + vpc_id = (known after apply) + } + + # module.web_app.aws_launch_configuration.app will be created + + resource "aws_launch_configuration" "app" { + + arn = (known after apply) + + associate_public_ip_address = true + + ebs_optimized = (known after apply) + + enable_monitoring = true + + id = (known after apply) + + image_id = "ami-0c2ab3b8efb09f272" + + instance_type = "t2.micro" + + key_name = "williamchrisp-us-west-2" + + name = (known after apply) + + name_prefix = "williamda-" + + security_groups = (known after apply) + + user_data = "ab7cc434fa8115be1291ddacd1ebd0ab7aca2141" + + + ebs_block_device { + + delete_on_termination = (known after apply) + + device_name = (known after apply) + + encrypted = (known after apply) + + iops = (known after apply) + + no_device = (known after apply) + + snapshot_id = (known after apply) + + throughput = (known after apply) + + volume_size = (known after apply) + + volume_type = (known after apply) + } + + + metadata_options { + + http_endpoint = (known after apply) + + http_put_response_hop_limit = (known after apply) + + http_tokens = (known after apply) + } + + + root_block_device { + + delete_on_termination = (known after apply) + + encrypted = (known after apply) + + iops = (known after apply) + + throughput = (known after apply) + + volume_size = (known after apply) + + volume_type = (known after apply) + } + } + + # module.web_app.aws_lb.web_alb will be created + + resource "aws_lb" "web_alb" { + + arn = (known after apply) + + arn_suffix = (known after apply) + + desync_mitigation_mode = "defensive" + + dns_name = (known after apply) + + drop_invalid_header_fields = false + + enable_deletion_protection = false + + enable_http2 = true + + enable_waf_fail_open = false + + id = (known after apply) + + idle_timeout = 60 + + internal = false + + ip_address_type = (known after apply) + + load_balancer_type = "application" + + name = "williamdaalb" + + preserve_host_header = false + + security_groups = (known after apply) + + subnets = (known after apply) + + tags_all = (known after apply) + + vpc_id = (known after apply) + + zone_id = (known after apply) + + + subnet_mapping { + + allocation_id = (known after apply) + + ipv6_address = (known after apply) + + outpost_id = (known after apply) + + private_ipv4_address = (known after apply) + + subnet_id = (known after apply) + } + } + + # module.web_app.aws_lb_listener.front_end will be created + + resource "aws_lb_listener" "front_end" { + + arn = (known after apply) + + id = (known after apply) + + load_balancer_arn = (known after apply) + + port = 80 + + protocol = "HTTP" + + ssl_policy = (known after apply) + + tags_all = (known after apply) + + + default_action { + + order = (known after apply) + + target_group_arn = (known after apply) + + type = "forward" + } + } + + # module.web_app.aws_lb_target_group.tg will be created + + resource "aws_lb_target_group" "tg" { + + arn = (known after apply) + + arn_suffix = (known after apply) + + connection_termination = false + + deregistration_delay = "300" + + id = (known after apply) + + ip_address_type = (known after apply) + + lambda_multi_value_headers_enabled = false + + load_balancing_algorithm_type = (known after apply) + + name = "williamda-tg" + + port = 80 + + preserve_client_ip = (known after apply) + + protocol = "HTTP" + + protocol_version = (known after apply) + + proxy_protocol_v2 = false + + slow_start = 0 + + tags_all = (known after apply) + + target_type = "instance" + + vpc_id = (known after apply) + + + health_check { + + enabled = (known after apply) + + healthy_threshold = (known after apply) + + interval = (known after apply) + + matcher = (known after apply) + + path = (known after apply) + + port = (known after apply) + + protocol = (known after apply) + + timeout = (known after apply) + + unhealthy_threshold = (known after apply) + } + + + stickiness { + + cookie_duration = (known after apply) + + cookie_name = (known after apply) + + enabled = (known after apply) + + type = (known after apply) + } + } + + # module.web_app.aws_route_table.route_table_public will be created + + resource "aws_route_table" "route_table_public" { + + arn = (known after apply) + + id = (known after apply) + + owner_id = (known after apply) + + propagating_vgws = (known after apply) + + route = [ + + { + + carrier_gateway_id = "" + + cidr_block = "0.0.0.0/0" + + core_network_arn = "" + + destination_prefix_list_id = "" + + egress_only_gateway_id = "" + + gateway_id = (known after apply) + + instance_id = "" + + ipv6_cidr_block = "" + + local_gateway_id = "" + + nat_gateway_id = "" + + network_interface_id = "" + + transit_gateway_id = "" + + vpc_endpoint_id = "" + + vpc_peering_connection_id = "" + }, + ] + + tags = { + + "Name" = "PublicRoutingTable" + } + + tags_all = { + + "Name" = "PublicRoutingTable" + } + + vpc_id = (known after apply) + } + + # module.web_app.aws_route_table_association.route_public_a will be created + + resource "aws_route_table_association" "route_public_a" { + + id = (known after apply) + + route_table_id = (known after apply) + + subnet_id = (known after apply) + } + + # module.web_app.aws_route_table_association.route_public_b will be created + + resource "aws_route_table_association" "route_public_b" { + + id = (known after apply) + + route_table_id = (known after apply) + + subnet_id = (known after apply) + } + + # module.web_app.aws_security_group.ec2_sg will be created + + resource "aws_security_group" "ec2_sg" { + + arn = (known after apply) + + description = "Managed by Terraform" + + egress = [ + + { + + cidr_blocks = [ + + "0.0.0.0/0", + ] + + description = "" + + from_port = 0 + + ipv6_cidr_blocks = [ + + "::/0", + ] + + prefix_list_ids = [] + + protocol = "-1" + + security_groups = [] + + self = false + + to_port = 0 + }, + ] + + id = (known after apply) + + ingress = [ + + { + + cidr_blocks = [] + + description = "" + + from_port = 80 + + ipv6_cidr_blocks = [] + + prefix_list_ids = [] + + protocol = "tcp" + + security_groups = (known after apply) + + self = false + + to_port = 80 + }, + ] + + name = "williamDA_ec2_sg" + + name_prefix = (known after apply) + + owner_id = (known after apply) + + revoke_rules_on_delete = false + + tags = { + + "Name" = "williamDA_ec2_sg" + } + + tags_all = { + + "Name" = "williamDA_ec2_sg" + } + + vpc_id = (known after apply) + } + + # module.web_app.aws_security_group.lb_sg will be created + + resource "aws_security_group" "lb_sg" { + + arn = (known after apply) + + description = "Managed by Terraform" + + egress = [ + + { + + cidr_blocks = [ + + "0.0.0.0/0", + ] + + description = "" + + from_port = 0 + + ipv6_cidr_blocks = [ + + "::/0", + ] + + prefix_list_ids = [] + + protocol = "-1" + + security_groups = [] + + self = false + + to_port = 0 + }, + ] + + id = (known after apply) + + ingress = [ + + { + + cidr_blocks = [ + + "0.0.0.0/0", + ] + + description = "" + + from_port = 80 + + ipv6_cidr_blocks = [ + + "::/0", + ] + + prefix_list_ids = [] + + protocol = "tcp" + + security_groups = [] + + self = false + + to_port = 80 + }, + ] + + name = "williamDA_lb_sg" + + name_prefix = (known after apply) + + owner_id = (known after apply) + + revoke_rules_on_delete = false + + tags = { + + "Name" = "williamDA_lb_sg" + } + + tags_all = { + + "Name" = "williamDA_lb_sg" + } + + vpc_id = (known after apply) + } + + # module.web_app.aws_subnet.subnet_public_a will be created + + resource "aws_subnet" "subnet_public_a" { + + arn = (known after apply) + + assign_ipv6_address_on_creation = false + + availability_zone = "us-west-2a" + + availability_zone_id = (known after apply) + + cidr_block = "10.0.1.0/24" + + enable_dns64 = false + + enable_resource_name_dns_a_record_on_launch = false + + enable_resource_name_dns_aaaa_record_on_launch = false + + id = (known after apply) + + ipv6_cidr_block_association_id = (known after apply) + + ipv6_native = false + + map_public_ip_on_launch = false + + owner_id = (known after apply) + + private_dns_hostname_type_on_launch = (known after apply) + + tags = { + + "Name" = "public-a" + } + + tags_all = { + + "Name" = "public-a" + } + + vpc_id = (known after apply) + } + + # module.web_app.aws_subnet.subnet_public_b will be created + + resource "aws_subnet" "subnet_public_b" { + + arn = (known after apply) + + assign_ipv6_address_on_creation = false + + availability_zone = "us-west-2b" + + availability_zone_id = (known after apply) + + cidr_block = "10.0.2.0/24" + + enable_dns64 = false + + enable_resource_name_dns_a_record_on_launch = false + + enable_resource_name_dns_aaaa_record_on_launch = false + + id = (known after apply) + + ipv6_cidr_block_association_id = (known after apply) + + ipv6_native = false + + map_public_ip_on_launch = false + + owner_id = (known after apply) + + private_dns_hostname_type_on_launch = (known after apply) + + tags = { + + "Name" = "public-b" + } + + tags_all = { + + "Name" = "public-b" + } + + vpc_id = (known after apply) + } + + # module.web_app.aws_vpc.vpc will be created + + resource "aws_vpc" "vpc" { + + arn = (known after apply) + + cidr_block = "10.0.0.0/16" + + default_network_acl_id = (known after apply) + + default_route_table_id = (known after apply) + + default_security_group_id = (known after apply) + + dhcp_options_id = (known after apply) + + enable_classiclink = (known after apply) + + enable_classiclink_dns_support = (known after apply) + + enable_dns_hostnames = (known after apply) + + enable_dns_support = true + + id = (known after apply) + + instance_tenancy = "default" + + ipv6_association_id = (known after apply) + + ipv6_cidr_block = (known after apply) + + ipv6_cidr_block_network_border_group = (known after apply) + + main_route_table_id = (known after apply) + + owner_id = (known after apply) + + tags = { + + "Name" = "williamda" + } + + tags_all = { + + "Name" = "williamda" + } + } + +Plan: 18 to add, 0 to change, 0 to destroy. + +Changes to Outputs: + + alb_fqdn = (known after apply) + +Do you want to perform these actions? + Terraform will perform the actions described above. + Only 'yes' will be accepted to approve. + + Enter a value: yes + +module.web_app.aws_vpc.vpc: Creating... +module.web_app.aws_vpc.vpc: Creation complete after 3s [id=vpc-0948d55dc3cdeb04c] +module.web_app.aws_internet_gateway.igw: Creating... +module.web_app.aws_subnet.subnet_public_a: Creating... +module.web_app.aws_subnet.subnet_public_b: Creating... +module.web_app.aws_lb_target_group.tg: Creating... +module.web_app.aws_security_group.lb_sg: Creating... +module.web_app.aws_subnet.subnet_public_a: Creation complete after 1s [id=subnet-0005b80ab4e0b9693] +module.web_app.aws_internet_gateway.igw: Creation complete after 1s [id=igw-073c212f5ad444a47] +module.web_app.aws_route_table.route_table_public: Creating... +module.web_app.aws_subnet.subnet_public_b: Creation complete after 1s [id=subnet-088f35bd39d051de6] +module.web_app.aws_lb_target_group.tg: Creation complete after 2s [id=arn:aws:elasticloadbalancing:us-west-2:152848913167:targetgroup/williamda-tg/83321fb35f93c729] +module.web_app.aws_route_table.route_table_public: Creation complete after 2s [id=rtb-0797f3e82985d3187] +module.web_app.aws_route_table_association.route_public_b: Creating... +module.web_app.aws_route_table_association.route_public_a: Creating... +module.web_app.aws_security_group.lb_sg: Creation complete after 3s [id=sg-0934995d056812298] +module.web_app.aws_lb.web_alb: Creating... +module.web_app.aws_security_group.ec2_sg: Creating... +module.web_app.aws_route_table_association.route_public_b: Creation complete after 1s [id=rtbassoc-0161ff90393d0e2cc] +module.web_app.aws_route_table_association.route_public_a: Creation complete after 1s [id=rtbassoc-08855f1b0fd6b4c4b] +module.web_app.aws_security_group.ec2_sg: Creation complete after 4s [id=sg-0b22feec6a305a7d3] +module.web_app.aws_launch_configuration.app: Creating... +module.web_app.aws_launch_configuration.app: Creation complete after 2s [id=williamda-20220826024040079900000001] +module.web_app.aws_autoscaling_group.app_asg: Creating... +module.web_app.aws_lb.web_alb: Still creating... [10s elapsed] +module.web_app.aws_autoscaling_group.app_asg: Still creating... [10s elapsed] +module.web_app.aws_lb.web_alb: Still creating... [20s elapsed] +module.web_app.aws_autoscaling_group.app_asg: Still creating... [20s elapsed] +module.web_app.aws_lb.web_alb: Still creating... [30s elapsed] +module.web_app.aws_autoscaling_group.app_asg: Still creating... [30s elapsed] +module.web_app.aws_lb.web_alb: Still creating... [40s elapsed] +module.web_app.aws_autoscaling_group.app_asg: Still creating... [40s elapsed] +module.web_app.aws_lb.web_alb: Still creating... [50s elapsed] +module.web_app.aws_autoscaling_group.app_asg: Still creating... [50s elapsed] +module.web_app.aws_lb.web_alb: Still creating... [1m0s elapsed] +module.web_app.aws_autoscaling_group.app_asg: Still creating... [1m0s elapsed] +module.web_app.aws_lb.web_alb: Still creating... [1m10s elapsed] +module.web_app.aws_autoscaling_group.app_asg: Still creating... [1m10s elapsed] +module.web_app.aws_lb.web_alb: Still creating... [1m20s elapsed] +module.web_app.aws_autoscaling_group.app_asg: Creation complete after 1m15s [id=williamda-asg] +module.web_app.aws_autoscaling_policy.down: Creating... +module.web_app.aws_autoscaling_policy.up: Creating... +module.web_app.aws_autoscaling_policy.up: Creation complete after 1s [id=asg_up] +module.web_app.aws_cloudwatch_metric_alarm.web_cpu_up: Creating... +module.web_app.aws_autoscaling_policy.down: Creation complete after 1s [id=asg_down] +module.web_app.aws_cloudwatch_metric_alarm.web_cpu_down: Creating... +module.web_app.aws_cloudwatch_metric_alarm.web_cpu_down: Creation complete after 1s [id=web_cpu_down] +module.web_app.aws_cloudwatch_metric_alarm.web_cpu_up: Creation complete after 1s [id=web_cpu_up] +module.web_app.aws_lb.web_alb: Still creating... [1m30s elapsed] +module.web_app.aws_lb.web_alb: Still creating... [1m40s elapsed] +module.web_app.aws_lb.web_alb: Still creating... [1m50s elapsed] +module.web_app.aws_lb.web_alb: Still creating... [2m0s elapsed] +module.web_app.aws_lb.web_alb: Creation complete after 2m4s [id=arn:aws:elasticloadbalancing:us-west-2:152848913167:loadbalancer/app/williamdaalb/d91792536937daed] +module.web_app.aws_lb_listener.front_end: Creating... +module.web_app.aws_lb_listener.front_end: Creation complete after 0s [id=arn:aws:elasticloadbalancing:us-west-2:152848913167:listener/app/williamdaalb/d91792536937daed/76dbe5272d96ec67] + +Apply complete! Resources: 18 added, 0 changed, 0 destroyed. + +Outputs: + +alb_fqdn = "williamdaalb-1091858441.us-west-2.elb.amazonaws.com" +william.chrisp@contino.io@Williams-MBP terraform-code % \ No newline at end of file diff --git a/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/_backend.tf b/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/_backend.tf new file mode 100644 index 000000000..b2f6733b1 --- /dev/null +++ b/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/_backend.tf @@ -0,0 +1,11 @@ +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 4.16" + } + } + + required_version = ">= 1.2.0" + +} \ No newline at end of file diff --git a/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/_provider.tf b/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/_provider.tf new file mode 100644 index 000000000..e920397e1 --- /dev/null +++ b/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/_provider.tf @@ -0,0 +1,4 @@ +# Provider Configuration +provider "aws" { + region = "us-west-2" +} \ No newline at end of file diff --git a/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/iac-04-module/alb.tf b/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/iac-04-module/alb.tf new file mode 100644 index 000000000..a9aa2d887 --- /dev/null +++ b/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/iac-04-module/alb.tf @@ -0,0 +1,34 @@ +#Load balancer for the web application +resource "aws_lb" "web_alb" { + name = "williamdaalb" + internal = false + load_balancer_type = "application" + security_groups = [aws_security_group.lb_sg.id] + subnets = [aws_subnet.subnet_public_a.id, aws_subnet.subnet_public_b.id] + + enable_deletion_protection = false +} + +# Target group for the ec2 instances +resource "aws_lb_target_group" "tg" { + name = "williamda-tg" + port = 80 + protocol = "HTTP" + vpc_id = aws_vpc.vpc.id +} + +# Listener for front end of web app +resource "aws_lb_listener" "front_end" { + load_balancer_arn = aws_lb.web_alb.arn + port = "80" + protocol = "HTTP" + + default_action { + type = "forward" + target_group_arn = aws_lb_target_group.tg.arn + } +} + +output "alb_fqdn" { + value = aws_lb.web_alb.dns_name +} \ No newline at end of file diff --git a/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/iac-04-module/cw.tf b/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/iac-04-module/cw.tf new file mode 100644 index 000000000..209e60ffd --- /dev/null +++ b/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/iac-04-module/cw.tf @@ -0,0 +1,33 @@ +# Cloudwatch cpu usage alarm for high usage +resource "aws_cloudwatch_metric_alarm" "web_cpu_up" { + alarm_name = "web_cpu_up" + comparison_operator = "GreaterThanOrEqualToThreshold" + evaluation_periods = "2" + metric_name = "CPUUtilization" + namespace = "AWS/EC2" + period = "120" + statistic = "Average" + threshold = var.high_cpu_threshold + dimensions = { + autoscaling_group_name = aws_autoscaling_policy.up.name + } + + alarm_actions = [ aws_autoscaling_policy.up.arn] +} + +# Cloudwatch cpu usage alarm for low usage +resource "aws_cloudwatch_metric_alarm" "web_cpu_down" { + alarm_name = "web_cpu_down" + comparison_operator = "LessThanOrEqualToThreshold" + evaluation_periods = "2" + metric_name = "CPUUtilization" + namespace = "AWS/EC2" + period = "120" + statistic = "Average" + threshold = var.low_cpu_threshold + dimensions = { + autoscaling_group_name = aws_autoscaling_policy.down.name + } + + alarm_actions = [ aws_autoscaling_policy.down.arn] +} \ No newline at end of file diff --git a/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/iac-04-module/ec2.tf b/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/iac-04-module/ec2.tf new file mode 100644 index 000000000..a7a67533a --- /dev/null +++ b/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/iac-04-module/ec2.tf @@ -0,0 +1,49 @@ +# Launch configuration for ec2 instances +resource "aws_launch_configuration" "app" { + name_prefix = "williamda-" + image_id = var.ami + instance_type = "t2.micro" + key_name = var.key_pair + security_groups = [aws_security_group.ec2_sg.id] + associate_public_ip_address = true + + user_data = file("./iac-04-module/userdata.sh") + + lifecycle { + create_before_destroy = true + } +} + +# Autoscaling group for web +resource "aws_autoscaling_group" "app_asg" { + name = "williamda-asg" + launch_configuration = aws_launch_configuration.app.name + min_size = 1 + max_size = 2 + desired_capacity = 1 + + health_check_type = "ELB" + vpc_zone_identifier = [aws_subnet.subnet_public_a.id, aws_subnet.subnet_public_b.id] + target_group_arns = [aws_lb_target_group.tg.arn] + + lifecycle { + create_before_destroy = true + } +} + +# Policy for the autoscaling group +resource "aws_autoscaling_policy" "up" { + name = "asg_up" + scaling_adjustment = 1 + adjustment_type = "ChangeInCapacity" + cooldown = 300 + autoscaling_group_name = aws_autoscaling_group.app_asg.name +} + +resource "aws_autoscaling_policy" "down" { + name = "asg_down" + scaling_adjustment = -1 + adjustment_type = "ChangeInCapacity" + cooldown = 300 + autoscaling_group_name = aws_autoscaling_group.app_asg.name +} \ No newline at end of file diff --git a/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/iac-04-module/sg.tf b/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/iac-04-module/sg.tf new file mode 100644 index 000000000..fa021af5b --- /dev/null +++ b/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/iac-04-module/sg.tf @@ -0,0 +1,47 @@ +# Create security group to allow SSH +resource "aws_security_group" "lb_sg" { + name = "williamDA_lb_sg" + vpc_id = aws_vpc.vpc.id + ingress { + from_port = 80 + to_port = 80 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + ipv6_cidr_blocks = ["::/0"] + } + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + ipv6_cidr_blocks = ["::/0"] + } + + tags = { + Name = "williamDA_lb_sg" + } +} + +resource "aws_security_group" "ec2_sg" { + name = "williamDA_ec2_sg" + vpc_id = aws_vpc.vpc.id + ingress { + from_port = 80 + to_port = 80 + protocol = "tcp" + security_groups = [aws_security_group.lb_sg.id] + } + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + ipv6_cidr_blocks = ["::/0"] + } + + tags = { + Name = "williamDA_ec2_sg" + } +} \ No newline at end of file diff --git a/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/iac-04-module/userdata.sh b/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/iac-04-module/userdata.sh new file mode 100644 index 000000000..81fb21fb6 --- /dev/null +++ b/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/iac-04-module/userdata.sh @@ -0,0 +1,6 @@ +#! /bin/bash +yum update -y +yum install -y httpd +systemctl start httpd.service +systemctl enable httpd.service +echo “Hello World from $(hostname -f)” > /var/www/html/index.html \ No newline at end of file diff --git a/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/iac-04-module/variables.tf b/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/iac-04-module/variables.tf new file mode 100644 index 000000000..402705a0f --- /dev/null +++ b/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/iac-04-module/variables.tf @@ -0,0 +1,28 @@ +# Variables +variable "vpc_cidr" { + type = string +} +variable "subnet1_public_name" { + type = string +} +variable "subnet1_public_cidr" { + type = string +} +variable "subnet2_public_name" { + type = string +} +variable "subnet2_public_cidr" { + type = string +} +variable "ami" { + type = string +} +variable "high_cpu_threshold" { + type = string +} +variable "low_cpu_threshold" { + type = string +} +variable "key_pair" { + type = string +} \ No newline at end of file diff --git a/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/iac-04-module/vpc.tf b/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/iac-04-module/vpc.tf new file mode 100644 index 000000000..d40fc4a50 --- /dev/null +++ b/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/iac-04-module/vpc.tf @@ -0,0 +1,55 @@ +# Pulling AZ available +data "aws_availability_zones" "available" { + state = "available" +} + +# Creating VPC +resource "aws_vpc" "vpc" { + cidr_block = var.vpc_cidr + tags = { + Name = "williamda" + } +} + +# Create 2 private Subnets across two different AZs +resource "aws_subnet" "subnet_public_a" { + vpc_id = aws_vpc.vpc.id + cidr_block = var.subnet1_public_cidr + availability_zone = data.aws_availability_zones.available.names[0] + tags = { + Name = var.subnet1_public_name + } +} +resource "aws_subnet" "subnet_public_b" { + vpc_id = aws_vpc.vpc.id + cidr_block = var.subnet2_public_cidr + availability_zone = data.aws_availability_zones.available.names[1] + tags = { + Name = var.subnet2_public_name + } +} +resource "aws_internet_gateway" "igw" { + vpc_id = aws_vpc.vpc.id + tags = { + Name = "williamda-IGW" + } +} +resource "aws_route_table" "route_table_public" { + vpc_id = aws_vpc.vpc.id + route { + cidr_block = "0.0.0.0/0" + gateway_id = aws_internet_gateway.igw.id + } + tags = { + Name = "PublicRoutingTable" + } +} +resource "aws_route_table_association" "route_public_a" { + subnet_id = aws_subnet.subnet_public_a.id + route_table_id = aws_route_table.route_table_public.id +} + +resource "aws_route_table_association" "route_public_b" { + subnet_id = aws_subnet.subnet_public_b.id + route_table_id = aws_route_table.route_table_public.id +} diff --git a/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/main.tf b/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/main.tf new file mode 100644 index 000000000..6d9351f59 --- /dev/null +++ b/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/main.tf @@ -0,0 +1,13 @@ +module "web_app" { + source = "./iac-04-module" + + vpc_cidr = var.vpc_cidr + subnet1_public_cidr = var.subnet1_public_cidr + subnet1_public_name = var.subnet1_public_name + subnet2_public_cidr = var.subnet2_public_cidr + subnet2_public_name = var.subnet2_public_name + ami = var.ami + key_pair = var.key_pair + low_cpu_threshold = var.low_cpu_threshold + high_cpu_threshold = var.high_cpu_threshold +} \ No newline at end of file diff --git a/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/main.tfvars b/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/main.tfvars new file mode 100644 index 000000000..a24ea5422 --- /dev/null +++ b/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/main.tfvars @@ -0,0 +1,11 @@ +# Variables to be used +vpc_cidr = "10.0.0.0/16" +subnet1_public_cidr = "10.0.1.0/24" +subnet1_public_name = "public-a" +subnet2_public_cidr = "10.0.2.0/24" +subnet2_public_name = "public-b" +## Ensure ami is in the correct region. +ami = "ami-0c2ab3b8efb09f272" +key_pair = "williamchrisp-us-west-2" +high_cpu_threshold = "60" +low_cpu_threshold = "30" \ No newline at end of file diff --git a/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/output.tf b/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/output.tf new file mode 100644 index 000000000..674214542 --- /dev/null +++ b/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/output.tf @@ -0,0 +1,4 @@ +output "alb_fqdn" { + description = "Application Load Balancer FQDN" + value = module.web_app.alb_fqdn +} \ No newline at end of file diff --git a/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/variables.tf b/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/variables.tf new file mode 100644 index 000000000..402705a0f --- /dev/null +++ b/classes/04class/exercises/c04-iac04/williamchrisp/terraform-code/variables.tf @@ -0,0 +1,28 @@ +# Variables +variable "vpc_cidr" { + type = string +} +variable "subnet1_public_name" { + type = string +} +variable "subnet1_public_cidr" { + type = string +} +variable "subnet2_public_name" { + type = string +} +variable "subnet2_public_cidr" { + type = string +} +variable "ami" { + type = string +} +variable "high_cpu_threshold" { + type = string +} +variable "low_cpu_threshold" { + type = string +} +variable "key_pair" { + type = string +} \ No newline at end of file