Skip to main content
HashnodeSREngineered - Shubham Rasal

Command Palette

Search for a command to run...

Launching AWS EC2 Webserver Instance in Terraform.

Published
3 min read
Launching AWS EC2 Webserver Instance in Terraform.
S
Shubham Rasal

We have already created an EC2 instance using Terraform. Now its time to configure that instance as a webserver.
Let us discuss what we are going to do. The plan is simple we want the webserver with our custom security group which will have our Github repository code.

1: Configure AWS

provider “aws” {
region = “ap-south-1”
profile = “shubham”
}

for more information check how to configure and launch ec2

2: Create a Key Pair

resource “tls_private_key” “webserver_private_key” {
algorithm = “RSA”
rsa_bits = 4096
}
resource “local_file” “private_key” {
content = tls_private_key.webserver_private_key.private_key_pem
filename = “webserver_key.pem”
file_permission = 0400
}

resource “aws_key_pair” “webserver_key” {
key_name = “webserver”
public_key = tls_private_key.webserver_private_key.public_key_openssh
}

Here you need to do first terraform init to download plugins. We are creating a private key and storing it locally so we can access the server using ssh.

3.Create a Security Group

resource “aws_security_group” “allow_http_ssh” {
name = “allow_http”
description = “Allow http inbound traffic”

ingress {
description = “http”
from_port = 80
to_port = 80
protocol = “tcp”
cidr_blocks = [“0.0.0.0/0”]

}
ingress {
description = “ssh”
from_port = 22
to_port = 22
protocol = “tcp”
cidr_blocks = [“0.0.0.0/0”]
}
egress {
from_port = 0
to_port = 0
protocol = “-1”
cidr_blocks = [“0.0.0.0/0”]
}

tags = {
Name = “allow_http_ssh”
}
}

Ingress rules are for the traffic that enters the boundary of a network. Egress rules imply to traffic exits instance or network.

4. Create Instance and configure.

resource “aws_instance” “webserver” {
ami = “ami-0447a12f28fddb066”
instance_type = “t2.micro”
key_name = aws_key_pair.webserver_key.key_name
security_groups=[“${aws_security_group.allow_http_ssh.name}”]
user_data = <<-EOF

#! /bin/bash
sudo yum install httpd -y
sudo yum install git -y
sudo rm -rf /var/www/html/*
git clone https://github.com/ShubhamRasal/demo.git /var/www/html/
sudo systemctl start httpd
sudo systemctl enable httpd
EOF
tags = {
Name = “webserver_githubcode”
}
}

Here we created an instance of amazon Linux (ami-0447a12f28fddb066).
We used user_data to configure our instance.
We cloned our code files from GitHub and extract into the root folder of the webserver. To clone successfully /var/www/html folder should be empty so sudo rm -rf /var/www/html/* will delete old files.

output “webserver-ip”{
value=aws_instance.webserver.public_ip
}

above code will give us the IP of our webserver.

5. Check Output

Now time to run our code: terraform apply. You will get output like below.

Outputs:

webserver-ip = 13.234.217.119

Copy the IP into the browser to see the output.

output

For simplicity, I am providing a whole code again.

//webserver.tf
provider "aws" {
region = "ap-south-1"
profile = "shubham"
}
resource "tls_private_key" "webserver_private_key" {
algorithm = "RSA"
rsa_bits = 4096
}
resource "local_file" "private_key" {
content = tls_private_key.webserver_private_key.private_key_pem
filename = "webserver_key.pem"
file_permission = 0400
}

resource "aws_key_pair" "webserver_key" {
key_name = "webserver"
public_key = tls_private_key.webserver_private_key.public_key_openssh
}

resource "aws_security_group" "allow_http_ssh" {
name = "allow_http"
description = "Allow http inbound traffic"

ingress {
description = "http"
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]

}
ingress {
description = "ssh"
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}

tags = {
Name = "allow_http_ssh"
}
}
resource "aws_instance" "webserver" {
ami = "ami-0447a12f28fddb066"
instance_type = "t2.micro"
key_name = aws_key_pair.webserver_key.key_name
security_groups=["${aws_security_group.allow_http_ssh.name}"]
user_data = <<-EOF

#! /bin/bash
sudo yum install httpd -y
sudo yum install git -y
sudo rm -rf /var/www/html/*
git clone https://github.com/ShubhamRasal/demo.git /var/www/html/
sudo systemctl start httpd
sudo systemctl enable httpd
EOF

tags = {
Name = "webserver_task1"
}
}
output "webserver-ip"{
value=aws_instance.webserver.public_ip
}

To destroy what we created just simply do: terraform destroy

Conclusion

We have created a simple EC2 instance webserver which will clone code from our GitHub repository.

More from this blog

SREngineered - Shubham Rasal

26 posts

SREngineered Shubham Rasal - Inviting pragmatic engineers passionate about the craft. Delve into Kubernetes, AWS, Docker, Ansible, Golang, and more. Let's master engineering together!