gh-mirrors/devops-directive-terraform-course
1
0
Fork 0
mirror of https://github.com/sidpalas/devops-directive-terraform-course.git synced 2025-12-10 04:41:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

initial commit

Browse Source
This commit is contained in:
sid palas
2021-05-05 08:13:24 -07:00
commit 1d095e337a
28 changed files with 1168 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

71
04-variables-and-outputs/examples/README.md Normal file
View File

@@ -0,0 +1,71 @@
# Variables
## Variable block
must define variable block
```
variable "var_name" {
type = string
}
```
## Variable types
- string
- number
- bool
- list(<TYPE>)
- set(<TYPE>)
- map(<TYPE>)
- object({<ATTR NAME> = <TYPE>, ... })
- tuple([<TYPE>, ...])
## Variable files
`variables.tfvars` (or `<FILENAME>.auto.tfvars`) automatically applied
## Apply default
`terraform apply`
## Apply a different variable file
`terraform apply -var-file=another-variable-file.tfvars`
## Passing Variable via Prompt
If value not specified, Terraform will prompt for value. (this is okay for testing... but don't depend on it since you should be automating things!)
```
var.db_pass
password for database
Enter a value:
```
## Passing Variables via CLI
`terraform apply -var="db_pass=$DB_PASS_ENV_VAR"`
# Local Variables
Allows you to store the value of expression for reuse but doesn't allow for passing in values
```
locals {
extra_tag = "extra-tag"
}
```
# Output Variables
Allows you to output some value (which might not be known ahead of time).
For example it might be useful to know the IP address of a VM that was created:
```
output "instance_ip_addr" {
value = aws_instance.instance.private_ip
}
```
Sample output:
```
db_instance_addr = "terraform-20210504182745335900000001.cr2ub9wmsmpg.us-east-1.rds.amazonaws.com"
instance_ip_addr = "172.31.24.95"
```
Will be output after `terraform apply` or `terraform output`

1
04-variables-and-outputs/examples/another-variable-file.tfvars Normal file
View File

@@ -0,0 +1 @@
instance_name = "hello-world-2"

47
04-variables-and-outputs/examples/main.tf Normal file
View File

@@ -0,0 +1,47 @@
terraform {
backend "s3" {
bucket = "devops-directive-tf-state"
key = "04-variables-and-outputs/examples/terraform.tfstate"
region = "us-east-1"
dynamodb_table = "terraform-state-locking"
encrypt = true
}
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 3.0"
}
}
}
provider "aws" {
region = "us-east-1"
}
locals {
extra_tag = "extra-tag"
}
resource "aws_instance" "instance" {
ami = var.ami
instance_type = var.instance_type
tags = {
Name = var.instance_name
ExtraTag = local.extra_tag
}
}
resource "aws_db_instance" "db_instance" {
allocated_storage = 20
storage_type = "gp2"
engine = "postgres"
engine_version = "12.4"
instance_class = "db.t2.micro"
name = "mydb"
username = var.db_user
password = var.db_pass
skip_final_snapshot = true
}

7
04-variables-and-outputs/examples/outputs.tf Normal file
View File

@@ -0,0 +1,7 @@
output "instance_ip_addr" {
value = aws_instance.instance.private_ip
}
output "db_instance_addr" {
value = aws_db_instance.db_instance.address
}

3
04-variables-and-outputs/examples/terraform.tfvars Normal file
View File

@@ -0,0 +1,3 @@
instance_name = "hello-world"
ami = "ami-011899242bb902164" # Ubuntu 20.04 LTS // us-east-1
instance_type = "t2.micro"

30
04-variables-and-outputs/examples/variables.tf Normal file
View File

@@ -0,0 +1,30 @@
# should specify optional vs required
variable "instance_name" {
description = "Name of ec2 instance"
type = string
}
variable "ami" {
description = "Amazon machine image to use for ec2 instance"
type = string
default = "ami-011899242bb902164" # Ubuntu 20.04 LTS // us-east-1
}
variable "instance_type" {
description = "ec2 instance type"
type = string
default = "t2.micro"
}
variable "db_user" {
description = "username for database"
type = string
default = "foo"
}
variable "db_pass" {
description = "password for database"
type = string
sensitive = true
}

211
04-variables-and-outputs/web-app/main.tf Normal file
View File

@@ -0,0 +1,211 @@
terraform {
# Assumes s3 bucket and dynamo DB table already set up
# See /code/03-basics/aws-backend
backend "s3" {
bucket = "devops-directive-tf-state"
key = "04-variables-and-outputs/web-app/terraform.tfstate"
region = "us-east-1"
dynamodb_table = "terraform-state-locking"
encrypt = true
}
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 3.0"
}
}
}
provider "aws" {
region = var.region
}
resource "aws_instance" "instance_1" {
ami = var.ami
instance_type = var.instance_type
security_groups = [aws_security_group.instances.name]
user_data = <<-EOF
#!/bin/bash
echo "Hello, World 1" > index.html
python3 -m http.server 8080 &
EOF
}
resource "aws_instance" "instance_2" {
ami = var.ami
instance_type = var.instance_type
security_groups = [aws_security_group.instances.name]
user_data = <<-EOF
#!/bin/bash
echo "Hello, World 2" > index.html
python3 -m http.server 8080 &
EOF
}
resource "aws_s3_bucket" "bucket" {
bucket = var.bucket_name
force_destroy = true
versioning {
enabled = true
}
server_side_encryption_configuration {
rule {
apply_server_side_encryption_by_default {
sse_algorithm = "AES256"
}
}
}
}
data "aws_vpc" "default_vpc" {
default = true
}
data "aws_subnet_ids" "default_subnet" {
vpc_id = data.aws_vpc.default_vpc.id
}
resource "aws_security_group" "instances" {
name = "instance-security-group"
}
resource "aws_security_group_rule" "allow_http_inbound" {
type = "ingress"
security_group_id = aws_security_group.instances.id
from_port = 8080
to_port = 8080
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
resource "aws_lb_listener" "http" {
load_balancer_arn = aws_lb.load_balancer.arn
port = 80
protocol = "HTTP"
# By default, return a simple 404 page
default_action {
type = "fixed-response"
fixed_response {
content_type = "text/plain"
message_body = "404: page not found"
status_code = 404
}
}
}
resource "aws_lb_target_group" "instances" {
name = "example-target-group"
port = 8080
protocol = "HTTP"
vpc_id = data.aws_vpc.default_vpc.id
health_check {
path = "/"
protocol = "HTTP"
matcher = "200"
interval = 15
timeout = 3
healthy_threshold = 2
unhealthy_threshold = 2
}
}
resource "aws_lb_target_group_attachment" "instance_1" {
target_group_arn = aws_lb_target_group.instances.arn
target_id = aws_instance.instance_1.id
port = 8080
}
resource "aws_lb_target_group_attachment" "instance_2" {
target_group_arn = aws_lb_target_group.instances.arn
target_id = aws_instance.instance_2.id
port = 8080
}
resource "aws_lb_listener_rule" "instances" {
listener_arn = aws_lb_listener.http.arn
priority = 100
condition {
path_pattern {
values = ["*"]
}
}
action {
type = "forward"
target_group_arn = aws_lb_target_group.instances.arn
}
}
resource "aws_security_group" "alb" {
name = "alb-security-group"
}
resource "aws_security_group_rule" "allow_alb_http_inbound" {
type = "ingress"
security_group_id = aws_security_group.alb.id
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
resource "aws_security_group_rule" "allow_alb_all_outbound" {
type = "egress"
security_group_id = aws_security_group.alb.id
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
resource "aws_lb" "load_balancer" {
name = "web-app-lb"
load_balancer_type = "application"
subnets = data.aws_subnet_ids.default_subnet.ids
security_groups = [aws_security_group.alb.id]
}
resource "aws_route53_zone" "primary" {
name = var.domain
}
resource "aws_route53_record" "root" {
zone_id = aws_route53_zone.primary.zone_id
name = var.domain
type = "A"
alias {
name = aws_lb.load_balancer.dns_name
zone_id = aws_lb.load_balancer.zone_id
evaluate_target_health = true
}
}
resource "aws_db_instance" "db_instance" {
allocated_storage = 20
storage_type = "standard"
engine = "postgres"
engine_version = "12.5"
instance_class = "db.t2.micro"
name = var.db_name
username = var.db_user
password = var.db_pass
skip_final_snapshot = true
}

11
04-variables-and-outputs/web-app/outputs.tf Normal file
View File

@@ -0,0 +1,11 @@
output "instance_1_ip_addr" {
value = aws_instance.instance_1.public_ip
}
output "instance_2_ip_addr" {
value = aws_instance.instance_2.public_ip
}
output "db_instance_addr" {
value = aws_db_instance.db_instance.address
}

5
04-variables-and-outputs/web-app/terraform.tfvars Normal file
View File

@@ -0,0 +1,5 @@
bucket_name = "devops-directive-web-app-data"
domain = "mysuperawesomesite.com"
db_name = "mydb"
db_user = "foo"
# db_pass = "foobarbaz"

55
04-variables-and-outputs/web-app/variables.tf Normal file
View File

@@ -0,0 +1,55 @@
# General Variables
variable "region" {
description = "Default region for provider"
type = string
default = "us-east-1"
}
# EC2 Variables
variable "ami" {
description = "Amazon machine image to use for ec2 instance"
type = string
default = "ami-011899242bb902164" # Ubuntu 20.04 LTS // us-east-1
}
variable "instance_type" {
description = "ec2 instance type"
type = string
default = "t2.micro"
}
# S3 Variables
variable "bucket_name" {
description = "name of s3 bucket for app data"
type = string
}
# Route 53 Variables
variable "domain" {
description = "Domain for website"
type = string
}
# RDS Variables
variable "db_name" {
description = "Name of DB"
type = string
}
variable "db_user" {
description = "Username for DB"
type = string
}
variable "db_pass" {
description = "Password for DB"
type = string
sensitive = true
}