This project demonstrates the automation of deploying a secure and scalable web application infrastructure using Terraform, Ansible, and GitHub Actions. The focus is on showcasing advanced infrastructure as code practices with Terraform, including modularization, distributed state management, and the utilization of functions, conditions, and loops.
To successfully complete this project, the following prerequisites are required:
-
AWS Account
-
Terraform: Installation of Terraform on your local machine.
-
Basic Knowledge of AWS Services: VPC (Virtual Private Cloud): Understanding of VPCs, subnets, route tables, and security groups. EC2 (Elastic Compute Cloud): Familiarity with launching and managing EC2 instances. VPC Peering: Knowledge of VPC peering for connecting VPCs. Elastic Load Balancer: Basic understanding of load balancing concepts.
-
Terraform Skills: Modular Configuration, State Management, Functions, Conditions, and Loops, variable and output Management
-
Ansible: dynamic inventory, ansible playbook to deploy website on the webservers remotely
-
AWS S3 Bucket: You should have S3 bucket that stores Terraform state.
For creating S3 bucket: https://docs.aws.amazon.com/AmazonS3/latest/userguide/creating-bucket.html
Create two S3 buckets with unique names. The buckets will store Terraform state. The names of the buckets should start with the {env}-. -
SSH Keys: SSH key should be pre-created and updated in the code under keyname or prefix value.
Final_Project/
├── aws_network
├── ansible
├── prod
├── .git
├── .github
-
Update the config.tf in prod subfolders to reflect the bucket names.
-
Update the desired input varibles in prod.
To deploy this project run in sequence:- Go to Settings (click your profile picture in the top-right corner and select Settings).
- Navigate to Developer settings > Personal access tokens.
- Click Generate new token.
- Configure Token Scopes:
- Give your token a name (e.g., "Cloud9 Access").
- Select the scopes or permissions you need
- Click Generate token.
- Copy the Token.
- Configure Git to Use the Personal Access Token:
- git clone https://<YOUR_GITHUB_USERNAME>:<YOUR_PERSONAL_ACCESS_TOKEN>@github.com/username/repository.git
- git remote set-url origin https://<YOUR_GITHUB_USERNAME>:<YOUR_PERSONAL_ACCESS_TOKEN>@github.com/username/repository.git
- Push Changes to GitHub:
- git add .
- git commit -m "Your commit message"
- git push origin main
- Pull Changes from GitHub:
- git pull origin main
- The workflow file is already uploaded in github in .github folder.
- Push the code to github and it will auto trigger the pipeline created using github actions.
-
Install ansible using: pip install ansible.
-
The inventory used will be dynamic using aws_ec2 plugin.
To deploy the Webserver follow the steps:- The files should be uploaded in the Cloud9 environment.
- Navigate to ansible folder in Final_project directory.
- Run the below commands:
- ansible-inventory -i aws_ec2.yaml --list
- ansible-inventory -i aws_ec2.yaml --graph
- ansible-playbook -i aws_ec2.yaml website.yaml --private-key=/home/ec2-user/.ssh/prod
By following the above your webserver will be deployed on the VMs and it will be load balanced.
- Go to Cloud9 IDE and navigate to Final_project.
- Navigate to webservers folder and run the below command:
- terraform init
- terraform destroy -auto-approve
- Navigate to network folder and run the below command:
- terraform init
- terraform destroy -auto-approve
This project demonstrates the application of Terraform, Ansible, and GitHub Actions to deploy a secure and scalable cloud infrastructure in AWS. The setup includes creating one VPC for production environments, and deploying EC2 instances with specific security rules. The use of Terraform highlights modular infrastructure as code practices with environment-specific configurations and optional load balancing for enhanced reliability.
Ansible is employed to automate the configuration and management of the deployed EC2 instances, ensuring consistent and repeatable setups. GitHub Actions are integrated to automate the CI/CD pipeline, including Terraform plan and apply steps. This integration demonstrates proficiency in automating infrastructure deployment and configuration while emphasizing secure networking practices and efficient resource management in cloud environments.