devopsacademyau · williamchrisp · Aug 26, 2022
@@ -0,0 +1,13 @@
+# C04-IAC04
+
+## Command Execution Output
+- [output.txt](output.txt)
+- [terraform-apply.txt](terraform-apply.txt)
+- [terraform-code/](terraform-code/)
+
+## Questions:
+- What is the benefit of having the Terraform code for the resources within the module you've created?
+> It allows terraform to be more modular and allows code to be reused in other areas. It also indirectly allows the code to be more flexible if written correctly.
+
+***
+Answer for exercise [c04-iac04](https://github.com/devopsacademyau/academy/blob/c41e824fb2a2c55e3a30b2371a87e3a7551b6741/classes/04class/exercises/c04-iac04/README.md)
@@ -0,0 +1,2 @@
+curl williamdaalb-1091858441.us-west-2.elb.amazonaws.com
+“Hello World from ip-10-0-1-168.us-west-2.compute.internal”
@@ -0,0 +1,11 @@
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 4.16"
+    }
+  }
+
+  required_version = ">= 1.2.0"
+
+}
@@ -0,0 +1,4 @@
+# Provider Configuration
+provider "aws" {
+  region = "us-west-2"
+}
@@ -0,0 +1,34 @@
+#Load balancer for the web application
+resource "aws_lb" "web_alb" {
+  name               = "williamdaalb"
+  internal           = false
+  load_balancer_type = "application"
+  security_groups    = [aws_security_group.lb_sg.id]
+  subnets            = [aws_subnet.subnet_public_a.id, aws_subnet.subnet_public_b.id]
+
+  enable_deletion_protection = false
+}
+
+# Target group for the ec2 instances
+resource "aws_lb_target_group" "tg" {
+  name     = "williamda-tg"
+  port     = 80
+  protocol = "HTTP"
+  vpc_id   = aws_vpc.vpc.id
+}
+
+# Listener for front end of web app
+resource "aws_lb_listener" "front_end" {
+  load_balancer_arn = aws_lb.web_alb.arn
+  port              = "80"
+  protocol          = "HTTP"
+
+  default_action {
+    type             = "forward"
+    target_group_arn = aws_lb_target_group.tg.arn
+  }
+}
+
+output "alb_fqdn" {
+  value = aws_lb.web_alb.dns_name
+}
@@ -0,0 +1,33 @@
+# Cloudwatch cpu usage alarm for high usage
+resource "aws_cloudwatch_metric_alarm" "web_cpu_up" {
+    alarm_name = "web_cpu_up"
+    comparison_operator = "GreaterThanOrEqualToThreshold"
+    evaluation_periods = "2"
+    metric_name = "CPUUtilization"
+    namespace = "AWS/EC2"
+    period = "120"
+    statistic = "Average"
+    threshold = var.high_cpu_threshold
+    dimensions = {
+        autoscaling_group_name = aws_autoscaling_policy.up.name
+    }
+
+    alarm_actions = [ aws_autoscaling_policy.up.arn]
+}
+
+# Cloudwatch cpu usage alarm for low usage
+resource "aws_cloudwatch_metric_alarm" "web_cpu_down" {
+    alarm_name = "web_cpu_down"
+    comparison_operator = "LessThanOrEqualToThreshold"
+    evaluation_periods = "2"
+    metric_name = "CPUUtilization"
+    namespace = "AWS/EC2"
+    period = "120"
+    statistic = "Average"
+    threshold = var.low_cpu_threshold
+    dimensions = {
+        autoscaling_group_name = aws_autoscaling_policy.down.name
+    }
+
+    alarm_actions = [ aws_autoscaling_policy.down.arn]
+}
@@ -0,0 +1,49 @@
+# Launch configuration for ec2 instances
+resource "aws_launch_configuration" "app" {
+  name_prefix   = "williamda-"
+  image_id      = var.ami
+  instance_type = "t2.micro"
+  key_name = var.key_pair
+  security_groups = [aws_security_group.ec2_sg.id]
+  associate_public_ip_address = true
+
+  user_data = file("./iac-04-module/userdata.sh")
+
+  lifecycle {
+    create_before_destroy = true
+  }
+}
+
+# Autoscaling group for web
+resource "aws_autoscaling_group" "app_asg" {
+  name                 = "williamda-asg"
+  launch_configuration = aws_launch_configuration.app.name
+  min_size             = 1
+  max_size             = 2
+  desired_capacity = 1
+
+  health_check_type         = "ELB"
+  vpc_zone_identifier = [aws_subnet.subnet_public_a.id, aws_subnet.subnet_public_b.id]
+  target_group_arns = [aws_lb_target_group.tg.arn]
+
+  lifecycle {
+    create_before_destroy = true
+  }
+}
+
+# Policy for the autoscaling group
+resource "aws_autoscaling_policy" "up" {
+  name                   = "asg_up"
+  scaling_adjustment     = 1
+  adjustment_type        = "ChangeInCapacity"
+  cooldown               = 300
+  autoscaling_group_name = aws_autoscaling_group.app_asg.name
+}
+
+resource "aws_autoscaling_policy" "down" {
+  name                   = "asg_down"
+  scaling_adjustment     = -1
+  adjustment_type        = "ChangeInCapacity"
+  cooldown               = 300
+  autoscaling_group_name = aws_autoscaling_group.app_asg.name
+}
@@ -0,0 +1,47 @@
+# Create security group to allow SSH
+resource "aws_security_group" "lb_sg" {
+  name = "williamDA_lb_sg"
+  vpc_id = aws_vpc.vpc.id
+  ingress {
+    from_port        = 80
+    to_port          = 80
+    protocol         = "tcp"
+    cidr_blocks      = ["0.0.0.0/0"]
+    ipv6_cidr_blocks = ["::/0"]
+  }
+
+  egress {
+    from_port        = 0
+    to_port          = 0
+    protocol         = "-1"
+    cidr_blocks      = ["0.0.0.0/0"]
+    ipv6_cidr_blocks = ["::/0"]
+  }
+
+  tags = {
+    Name = "williamDA_lb_sg"
+  }
+}
+
+resource "aws_security_group" "ec2_sg" {
+  name = "williamDA_ec2_sg"
+  vpc_id = aws_vpc.vpc.id
+  ingress {
+    from_port        = 80
+    to_port          = 80
+    protocol         = "tcp"
+    security_groups = [aws_security_group.lb_sg.id]
+  }
+
+  egress {
+    from_port        = 0
+    to_port          = 0
+    protocol         = "-1"
+    cidr_blocks      = ["0.0.0.0/0"]
+    ipv6_cidr_blocks = ["::/0"]
+  }
+
+  tags = {
+    Name = "williamDA_ec2_sg"
+  }
+}
@@ -0,0 +1,6 @@
+#! /bin/bash
+yum update -y
+yum install -y httpd
+systemctl start httpd.service
+systemctl enable httpd.service
+echo “Hello World from $(hostname -f)” > /var/www/html/index.html
@@ -0,0 +1,28 @@
+# Variables
+variable "vpc_cidr" {
+  type = string
+}
+variable "subnet1_public_name" {
+  type = string
+}
+variable "subnet1_public_cidr" {
+  type = string
+}
+variable "subnet2_public_name" {
+  type = string
+}
+variable "subnet2_public_cidr" {
+  type = string
+}
+variable "ami" {
+  type = string
+}
+variable "high_cpu_threshold" {
+  type = string
+}
+variable "low_cpu_threshold" {
+  type = string
+}
+variable "key_pair" {
+  type = string
+}
@@ -0,0 +1,55 @@
+# Pulling AZ available
+data "aws_availability_zones" "available" {
+  state = "available"
+}
+
+# Creating VPC
+resource "aws_vpc" "vpc" {
+  cidr_block = var.vpc_cidr
+  tags = {
+    Name = "williamda"
+  }
+}
+
+# Create 2 private Subnets across two different AZs
+resource "aws_subnet" "subnet_public_a" {
+  vpc_id            = aws_vpc.vpc.id
+  cidr_block        = var.subnet1_public_cidr
+  availability_zone = data.aws_availability_zones.available.names[0]
+  tags = {
+    Name = var.subnet1_public_name
+  }
+}
+resource "aws_subnet" "subnet_public_b" {
+  vpc_id            = aws_vpc.vpc.id
+  cidr_block        = var.subnet2_public_cidr
+  availability_zone = data.aws_availability_zones.available.names[1]
+  tags = {
+    Name = var.subnet2_public_name
+  }
+}
+resource "aws_internet_gateway" "igw" {
+  vpc_id = aws_vpc.vpc.id
+  tags = {
+    Name = "williamda-IGW"
+  }
+}
+resource "aws_route_table" "route_table_public" {
+  vpc_id = aws_vpc.vpc.id
+  route {
+    cidr_block = "0.0.0.0/0"
+    gateway_id = aws_internet_gateway.igw.id
+  }
+  tags = {
+    Name = "PublicRoutingTable"
+  }
+}
+resource "aws_route_table_association" "route_public_a" {
+  subnet_id      = aws_subnet.subnet_public_a.id
+  route_table_id = aws_route_table.route_table_public.id
+}
+
+resource "aws_route_table_association" "route_public_b" {
+  subnet_id      = aws_subnet.subnet_public_b.id
+  route_table_id = aws_route_table.route_table_public.id
+}
@@ -0,0 +1,13 @@
+module "web_app" {
+  source = "./iac-04-module"
+
+  vpc_cidr            = var.vpc_cidr
+  subnet1_public_cidr = var.subnet1_public_cidr
+  subnet1_public_name = var.subnet1_public_name
+  subnet2_public_cidr = var.subnet2_public_cidr
+  subnet2_public_name = var.subnet2_public_name
+  ami                 = var.ami
+  key_pair            = var.key_pair
+  low_cpu_threshold   = var.low_cpu_threshold
+  high_cpu_threshold  = var.high_cpu_threshold
+}
@@ -0,0 +1,11 @@
+# Variables to be used
+vpc_cidr            = "10.0.0.0/16"
+subnet1_public_cidr = "10.0.1.0/24"
+subnet1_public_name = "public-a"
+subnet2_public_cidr = "10.0.2.0/24"
+subnet2_public_name = "public-b"
+## Ensure ami is in the correct region.
+ami                = "ami-0c2ab3b8efb09f272"
+key_pair           = "williamchrisp-us-west-2"
+high_cpu_threshold = "60"
+low_cpu_threshold  = "30"
@@ -0,0 +1,4 @@
+output "alb_fqdn" {
+  description = "Application Load Balancer FQDN"
+  value       = module.web_app.alb_fqdn
+}
@@ -0,0 +1,28 @@
+# Variables
+variable "vpc_cidr" {
+  type = string
+}
+variable "subnet1_public_name" {
+  type = string
+}
+variable "subnet1_public_cidr" {
+  type = string
+}
+variable "subnet2_public_name" {
+  type = string
+}
+variable "subnet2_public_cidr" {
+  type = string
+}
+variable "ami" {
+  type = string
+}
+variable "high_cpu_threshold" {
+  type = string
+}
+variable "low_cpu_threshold" {
+  type = string
+}
+variable "key_pair" {
+  type = string
+}