Skip to content
/ tf-aws-infra Public

Answer to an IaC challange to create an AWS infrastructure, with different subnets, Load balancers, Internet Gateway, Instances using a golden image.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

fboaventura/tf-aws-infra

BranchesTags

Repository files navigation

Terraform AWS Challenge

The challenge is to create an AWS infrastructure, using IaC to match the following diagram:

AWS Infrastructure

Requirements

  • Two types of subnets should exist:
    • Public subnets. Attached instances and resources have public IP addresses.
    • Private subnets. Attached instances and resources don’t have public IP addresses.
  • The total number of private subnets that must exist is N/2, and the total number of public subnets must also be N/2 where N is the maximum number of subnets that can exist in the VPC and N will always be less than or equal to 6. Each private subnet will have a T2.micro instance attached, and one attached bastion host (also T2.micro) on one of the public subnets (any public subnet). The bastion host (a.k.a. Jump Server) will be used to connect to other instances on private subnets by SSH connection. All instances must use the same SSH key pairs to log in.
  • The Internet Outbound for the instances on private subnets will be reached using a NAT Gateway. The instances on public subnets can connect through an Internet Gateway or NAT Gateway whichever the candidate prefers.
  • Finally, an Application Load Balancer (a.k.a. ALB) will be used to forward all HTTP traffic to all instances working on private subnets by round-robin balancing. However, the ALB will have to be attached to each public subnet.
  • Once an HTTP connection is attempted to the public DNS created in the creation of this exercise, the following message should be response:
“Hello World at <date>
  • The clause must be replaced by the date of creation of the golden image.

Code Organization

The code is organized in the following way:

main
├── docs
│   └── images
├── modules
│   ├── golden_image
│   │   └── packer
│   ├── instances
│   └── network
└── results

9 directories
  • main is the root module, which is the entry point for the Terraform execution.
  • docs contains the documentation for the project.
  • modules contains the modules used by the root module.
    • modules/golden_image contains the Packer template to create the golden image.
      • modules/golden_image/packer contains the Packer template to create the golden image.
    • modules/instances contains the Terraform code to create the instances.
    • modules/network contains the Terraform code to create the network.
  • results contains the results of the execution of the root module.

Execution

The execution of the root module is dependant on the following variables:

# The number of subnets to create (must be >= 2 and <= 6)
N_Subnets = 5

# Base name for the resources created by this module
Name = "ffbdev"

# The network IP address configuration on CIDR format
Network_CIDR = "10.35.0.0/16"

# Tags to apply to the resources created by this module
Tags = {
  "owner" = "Frederico Freire Boaventura"
  "environment" = "staging"

}

# Path to the Manifest file generated by Packer
# May be relative to the root module or absolute path to the actual file.
Manifest_path = "./resources/manifest.json"

Results

The files that will be saved to the results directory are:

  • manifest.json is the Packer manifest file.
  • ${var.Name}-key.pem is the private key to connect to the instances, which can also be .

AWS Infrastructure

This is the main Terraform file for the AWS infrastructure.

This module will call the following modules:

Providers

Name Version
http 3.3.0

Requirements

Name Version
terraform >= 1.4.0
aws 5.0.1

Inputs

Name Description Type Default Required
Manifest_path Path to the Packer resulting manifest.json file string n/a yes
N_Subnets The number of subnets to create number n/a yes
Name Base name for the resources string n/a yes
Network_CIDR The network IP address configuration on CIDR format string n/a yes
Tags Tags to apply to the resources map(string) {} no
local_ip Local IP address to allow SSH access string "" no
vpc_id VPC ID to deploy the builder instance string "" no

Outputs

Name Description
Bastion_Host_IP Bastion Host public IP address
Load_blanacer_HTTP_Content Load balancer public DNS name
Private_instances_IP_addresses Private IP addresses of instances
SSH_key_content SSH key content
Usernames Usernames for instances

Modules

Name Source Version
golden_image ./modules/golden_image n/a
instances ./modules/instances n/a
network ./modules/network n/a

Resources

Name Type
http_http.local_ip data source

Known Issues

These issues are known and don't have a straightforward and easy solution at the moment, if at all.

  • Sometimes the Golden Image creation process fails due to some Ubuntu update/upgrade/install errors. If this happens, you can try to run the process again and it will probably work.
  • There is a minimal chance of multiple subnets end up being created at the same AZ, which will incur in error when creating the ALB and attaching it to the public subnets, since it won't be able to attach to the same AZ twice. This is due to the random nature of the AZ selection. If this happens, you can try to run the process again and it will probably work.

About

Answer to an IaC challange to create an AWS infrastructure, with different subnets, Load balancers, Internet Gateway, Instances using a golden image.

Topics

packer terraform code-challenge golden-image iac-terraform

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Contributors 2

  •  
  •  

Languages