GithubHelp home page GithubHelp logo

cloud_task_2's Introduction

The Project

THE TASK DISCRIPTION

1. Create Security group which allow the port 80.

2. Launch EC2 instance.

3. In this Ec2 instance use the existing key or provided key and security group which we have created in step 1.

4. Launch one Volume using the EFS service and attach it in your vpc, then mount that volume into /var/www/html

5. Developer have uploded the code into github repo also the repo has some images.

6. Copy the github repo code into /var/www/html

7. Create S3 bucket, and copy/deploy the images from github repo into the s3 bucket and change the permission to public readable.

8 Create a Cloudfront using s3 bucket(which contains images) and use the Cloudfront URL to update in code in /var/www/html

STEPS :

1 :- First of all I create a VPC. It provide Virual Private Network

resource "aws_vpc" "vishnupal_vpc" {
  cidr_block           = "192.168.0.0/16"
  instance_tenancy     = "default"
  enable_dns_hostnames = true
  tags = {
    Name = "vpc_of_vishnupal"
  }
}

2 I create one subnet

resource "aws_subnet" "vishnupal_subnet" {
  vpc_id                  = "${aws_vpc.vishnupal_vpc.id}"
  cidr_block              = "192.168.0.0/24"
  availability_zone       = "ap-south-1a"
  map_public_ip_on_launch = "true"
  tags = {
    Name = "subnet_of_vishnupal"
  }
}

3 I create a Security Group. It is a virtual Firewall Using this we create Inbound And Outbound Rules

resource "aws_security_group" "sg_vishnupal" {

  name   = "vp_sg"
  vpc_id = "${aws_vpc.vishnupal_vpc.id}"


  ingress {

    from_port   = 80
    to_port     = 80
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]

  }
  ingress {
    description = "allow_https"
    from_port   = 443
    to_port     = 443
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }


  ingress {

    from_port   = 2049
    to_port     = 2049
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]

  }



  ingress {

    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]

  }




  egress {

    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }


  tags = {

    Name = "sg_of_vishnupal"
  }
}

4 Now, We Create A EFS volume

 resource "aws_efs_file_system" "vishnupal_efs" {
  creation_token = "vishnupal_efs"
  tags = {
    Name = "efs_of_vishnupal"
  }
}


resource "aws_efs_mount_target" "vishnupal_efs_mount" {
  file_system_id  = "${aws_efs_file_system.vishnupal_efs.id}"
  subnet_id       = "${aws_subnet.vishnupal_subnet.id}"
  security_groups = [aws_security_group.sg_vishnupal.id]
}

5 I Create internet gateway for connecting for Out side World

resource "aws_internet_gateway" "vishnupal_gw" {
  vpc_id = "${aws_vpc.vishnupal_vpc.id}"
  tags = {
    Name = "vishnupal_gw"
  }
}

6 creating routing Table Routing Table

resource "aws_route_table" "vishnupal_rt" {
  vpc_id = "${aws_vpc.vishnupal_vpc.id}"

  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = "${aws_internet_gateway.vishnupal_gw.id}"
  }

  tags = {
    Name = "vishnupal_rt"
  }
}


resource "aws_route_table_association" "vishnupal_rta" {
  subnet_id      = "${aws_subnet.vishnupal_subnet.id}"
  route_table_id = "${aws_route_table.vishnupal_rt.id}"
}

7 Now ,I run My AWS Instance with Install Php, git, Apache server (httpd).

resource "aws_instance" "task2_ins" {
  ami             = "ami-052c08d70def0ac62"
  instance_type   = "t2.micro"
  key_name        = "test_vpc"
  subnet_id       = "${aws_subnet.vishnupal_subnet.id}"
  security_groups = ["${aws_security_group.sg_vishnupal.id}"]


  connection {
    type        = "ssh"
    user        = "ec2-user"
    private_key = file("/home/vishnupal/Downloads/test_vpc.pem")
    host        = aws_instance.task2_ins.public_ip
  }

  provisioner "remote-exec" {
    inline = [
      "sudo yum install amazon-efs-utils -y",
      "sudo yum install httpd -y",
      "sudo yum install php -y",
      "sudo systemctl start httpd",
      "sudo systemctl enable httpd",
      "sudo yum install git -y",
      "sudo setenforce 0",
      "sudo yum -y install nfs-utils"
    ]
  }

  tags = {
    Name = "my_os"
  }
}

8 Now ,We Mount our EFS volume and Copy our data into Volume

resource "null_resource" "mount" {
  depends_on = [aws_efs_mount_target.vishnupal_efs_mount]
  connection {
    type        = "ssh"
    user        = "ec2-user"
    private_key = file("/home/vishnupal/Downloads/test_vpc.pem")
    host        = aws_instance.task2_ins.public_ip
  }
  provisioner "remote-exec" {
    inline = [
      "sudo mount -t nfs -o nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport ${aws_efs_file_system.vishnupal_efs.id}.efs.ap-south-1.amazonaws.com:/ /var/www/html",
      "sudo rm -rf /var/www/html/*",
      
      "sudo git clone https://github.com/vishnupal/Hybrid_cloud_task_1.git /var/www/html/",
      "sudo sed -i 's/url/${aws_cloudfront_distribution.web_cloud.domain_name}/g' /var/www/html/index.php"
    ]
  }
}

9 We Create a S3 bucket and apply Police On Bucket

resource "aws_s3_bucket" "s3_bucket" {
  bucket = "vishnupalbuck"
  acl    = "private"

  tags = {
    Name = "s3_bucket"
  }
}
resource "aws_s3_bucket_public_access_block" "s3_type" {
  bucket              = "${aws_s3_bucket.s3_bucket.id}"
  block_public_acls   = true
  block_public_policy = true
}

10 I Create A AWS CloudFront and Coonect with our S3 Bucket.

resource "aws_cloudfront_origin_access_identity" "origin_access_identity" {
  depends_on = [aws_s3_bucket.s3_bucket]
}
data "aws_iam_policy_document" "s3_policy" {
  statement {
    actions   = ["s3:GetObject"]
    resources = ["${aws_s3_bucket.s3_bucket.arn}/*"]
    principals {
      type        = "AWS"
      identifiers = [aws_cloudfront_origin_access_identity.origin_access_identity.iam_arn]
    }
  }
}
resource "aws_s3_bucket_policy" "policy" {
  bucket = aws_s3_bucket.s3_bucket.id
  policy = data.aws_iam_policy_document.s3_policy.json
}
locals {
  s3_origin_id = "myS3Origin"
}

resource "aws_cloudfront_distribution" "web_cloud" {
  origin {
    domain_name = "${aws_s3_bucket.s3_bucket.bucket_regional_domain_name}"
    origin_id   = "${local.s3_origin_id}"
    s3_origin_config{
      origin_access_identity = aws_cloudfront_origin_access_identity.origin_access_identity.cloudfront_access_identity_path
    }
  }
  enabled = true
  is_ipv6_enabled     = true
  default_cache_behavior {
    allowed_methods  = ["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"]
    cached_methods   = ["GET", "HEAD"]
    target_origin_id = "${local.s3_origin_id}"
forwarded_values {
      query_string = false
cookies {
        forward = "none"
      }
    }
viewer_protocol_policy = "allow-all"
    min_ttl                = 0
    default_ttl            = 3600
    max_ttl                = 86400
  }
restrictions {
    geo_restriction {
      restriction_type = "none"
    }
  }
viewer_certificate {
    cloudfront_default_certificate = true
  }
}

11 Apply Terraform

init

AWS instance

Security Group

VPC service

Subnet

EFS Volume

Internet Gateway

Routing Table

S3 Bucket

CloudFrount

Our Site

cloud_task_2's People

Contributors

vishnupal avatar

Watchers

James Cloos avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.