aws-terraform

Terraform aws RHEL 7.5 and CentOS 7.5 latest in any region with disk - LVM

View the Project on GitHub dwaiba/aws-terraform

Table of Contents (AWS RHEL75/centos7 with disks farm with Terraform in any region)

  1. AWS user-data with Terraform - RHEL 7.5 and CentOS 7.5 in all regions with disk and with tools
  2. login
  3. Terraform graph
  4. Automatic provisioning
  5. Via Ansible terraform module
  6. Reporting bugs
  7. Patches and pull requests
  8. License
  9. Code of conduct

AWS user-data with Terraform - RHEL 7.5 and CentOS 7.5 in all regions with disk and with tools

  1. Download and Install Terraform
  2. Create new pair via EC2 console for your account and region (eu-central-1 default) and use the corresponding Key pair name value in the console for key_name value in variable.tfwhen performing terraform plan -out "run.plan". Please keep you private pem file handy and note the path.
  3. Collect your AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY="<< >>"

You can generate new ones from your EC2 console via the url for your <<account_user>> - https://console.aws.amazon.com/iam/home?region=eu-central-1#/users/<<account_user>>?section=security_credentials.

  1. Please add ingress allowance rule for port 22 over TCP in the default region VPC for remote-exe via ssh agentless to run locally in the project to target server - from the ec2 console for the region - eu-central-1 or any other region explicitly that you are passing as paramameter.
  2. git clone https://github.com/dwaiba/aws-terraform && cd aws-terraform && terraform init && terraform plan -out "run.plan" && terraform apply "run.plan".

Post provisioning Automatic curl http://169.254.169.254/latest/user-data|sudo sh - via terraform remote-exec executes prep-centos7.txt shell-script file contents of this repo available as user-data, post provisioning. Various type besides shell-script including direct cloud-init commands may be passed as multipart as part of the user-data via terraform remote-exec.

  1. To destroy terraform destroy

AWS RHEl 7.5 AMIs per regios as per aws ec2 describe-images --owners 309956199498 --query 'Images[*].[CreationDate,Name,ImageId]' --filters "Name=name,Values=RHEL-7.5?*GA*" --region <<region-name>> --output table | sort -r - Red Hat Soln. #15356

AWS CentOS AMIs per regions used in map is as per maintained CentOS Wiki

Login

As per Output intructions for each DNS output.

chmod 400 <<your private pem file>>.pem && ssh -i <<your private pem file>>.pem ec2-user/centos@<<public address>>

Terraform Graph

Please generate dot format (Graphviz) terraform configuration graphs for visual representation of the repo.

terraform graph | dot -Tsvg > graph.svg

Also, one can use Blast Radius on live initialized terraform project to view graph. Please shoot in dockerized format:

docker ps -a|grep blast-radius|awk '{print $1}'|xargs docker kill && rm -rf aws-terraform && git clone https://github.com/dwaiba/aws-terraform && cd aws-terraform && terraform init && docker run --cap-add=SYS_ADMIN -dit --rm -p 5002:5000 -v $(pwd):/workdir:ro 28mm/blast-radius && cd ../

A live example is here for this project.

:high_brightness: Automatic Provisioning

https://github.com/dwaiba/aws-terraform

:beginner: Pre-req:

  1. private pem file per region available locally and has chmod 400
  2. AWS Access key ID, Secret Access key should be available for aws account.

You can generate new ones from your EC2 console via the url for your <<account_user>> - https://console.aws.amazon.com/iam/home?region=eu-central-1#/users/<<account_user>>?section=security_credentials.

  1. Port 22 should be open for the Default Security group for the respective regions.

:beginner: Plan:

terraform init && terraform plan -var aws_access_key=<<your AWS_ACCESS_KEY_ID>> -var aws_secret_key=<<Your AWS_SECRET_ACCESS_KEY>> -var count_vms=3 -var disk_sizegb=50 -var distro=<<rhel75 or centos7>> -var key_name=testingdwai -var private_key_path=/data/testingdwai.pem -var region=eu-central-1 -var tag_prefix=toolsrhel75 -out "run.plan"

:beginner: Apply:

terraform apply "run.plan"

:beginner: Destroy:

terraform destroy -var aws_access_key=<<your AWS_ACCESS_KEY_ID>> -var aws_secret_key=<<Your AWS_SECRET_ACCESS_KEY>> -var count_vms=3 -var disk_sizegb=50 -var distro=<<rhel75 or centos7>> -var key_name=testingdwai -var private_key_path=/data/testingdwai.pem -var region=eu-central-1 -var tag_prefix=toolsrhel75

Via Ansible terraform module

Ansible now has a terraform module and a playbook yml file is included in this repository with a sample inventory with localhost

  1. Clone this repository in the ansible box as cd /data && git clone https://github.com/dwaiba/aws-terraform.

  2. Collect your AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY="<< >>"

  3. Change the variables as required in aws-terraform_playbook.yml.

  4. Kick as ansible-playbook -i inventory aws-terraform_playbook.yml.

  5. To destroy set state variable in aws-terraform_playbook.yml to absent.

Reporting bugs

Please report bugs by opening an issue in the GitHub Issue Tracker. Bugs have auto template defined. Please view it here

Patches and pull requests

Patches can be submitted as GitHub pull requests. If using GitHub please make sure your branch applies to the current master as a ‘fast forward’ merge (i.e. without creating a merge commit). Use the git rebase command to update your branch to the current master if necessary.

License

Code of Conduct