High-Availability VPC With Terraform
High-Availability VPC With Terraform
The automation of Terraform makes creating, building, and destroying an Amazon VPC instance as easy as a few commands.
Join the DZone community and get the full member experience.Join For Free
In this blog, we will show you how to create high-availability Amazon VPC with multiple VPC subnets (private and public) in different AWS availability zones.
Amazon Virtual Private Cloud (Amazon VPC) enables us to launch AWS resources into an AWS virtual network that we define. This virtual network closely resembles a traditional network that we operate in our own data center. Terraform is an open-source tool to safely and predictably create, change, and improve the infrastructure of Amazon Cloud resources.
Pre-Requisites To Creating AWS VPC Using Terraform
We require AWS IAM API keys (access key and secret key) for creating and deleting permissions for AWS resources.
Terraform should be installed on the Ec2 Instance or Local Computer. If Terraform does not exist you can download and install it from here.
GitHub command line tools should be installed.
Amazon Resources Created Using Terraform
- AWS VPC with 10.0.0.0/16 CIDR.
- Multiple AWS VPC Subnets which contain Amazon VPC Private Subnets, instances that are not reachable from the internet.
- Amazon VPC Public Subnets: Instances in the public subnet would be reachable from the internet; which means traffic from the internet can hit a machine in the public subnet
- AWS VPC Internet GateWay and attach it to AWS VPC.
- Public and private AWS VPC Route Tables.
- AWS VPC NAT Gateway.
- Associating AWS VPC Subnets with VPC route tables.
Creating the Amazon VPC
In this step, we build the Amazon VPC using the Terraform script which is provided on GitHub. To get the Terraform script, clone or download from the GitHub repository provided below. It contains the complete infrastructure code to build a Amazon VPC.
Use the following command to clone or download the GitHub repository.
$ git clone https://github.com/vineet67sharma/AWS-Terraform
The GitHub repository contains the following files:
vpc-variable.tf: The vpc-variables.tf file contains the global variables required to build Amazon VPC. The variable file contains
availability_zone2. We can change the variable values according your requirement and values.
vpc-main.tf: The vpc-main.tf contains the complete code which is required to build the highly available Amazon VPC. The Terraform code launches the following resources in an Amazon account: Amazon VPC, subnets, Internet Gateway, route tables, and association route tables with route table and enabled route rules.
aws.tf: The aws.tf is the provider's configuration file. It contains the AWS API keys to communicate with AWS API to provision the resources.
terraform.tfvars: The Terraform.tfvars is the default name for the variable input file in Terraform.
Terraform reads the input values from the file. We need to place or replace the AWS API Key in the file.
Build Amazon VPC Infrastructure
- To initialize the working directory containing Terraform configuration files.
$ terraform initis the first command that should be run after writing a new Terraform configuration.
$terraform plan command is used to create an execution plan. It displays the resources which are its provisions.
terraform apply command is used to apply the changes required to reach the desired state of the configuration.
terraform apply -var-file terraform.tfvars
Destroy The Amazon VPC Infrastructure
terraform destroy command is used to destroy the Terraform-managed infrastructure. Run the following command to delete the Amazon VPC which is created above.
# terraform destroy -var-file terraform.tfvars
.tfstate.backup holds the last-known state of the infrastructure. We defined the state of an infrastructure in a group of files, bought it all up in a single command, and can track future changes with state files.
Opinions expressed by DZone contributors are their own.