Hosting Website using Amazon EFS

This is the extended part of task 1 here we will use EFS instead of EBS

Statement

1. Create a Security group that allows the port 80.

2. Launch EC2 instance.

3. In this Ec2 instance use the existing key or provided key and security group which we have created in task 1.

4. Launch one Volume using the EFS service and attach it in your VPC, then mount that volume into /var/www/html

5. The developer has uploaded the code into GitHub repo also the repo has some images.

6. Copy the GitHub repo code into /var/www/html

7. Create S3 bucket, and copy/deploy the images from GitHub repo into the s3 bucket and change the permission to public readable.

8 Create a Cloudfront using s3 bucket(which contains images) and use the Cloudfront URL to update in code in /var/www/html

We have implemented the whole scenario by using the terraform code.

We have implemented the whole scenario by using the terraform code.

Prerequisites-

1. AWS Account https://aws.amazon.com/premiumsupport/knowledge-center/create-and-activate-aws-account/
2. 2. Configure AWS CLI https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2-windows.html
3. It's recommended that we have an IAM User account https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_create.html
4. Terraform download = https://www.terraform.io/downloads.html
5. AWS cliv2 download = https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2-windows.html
6. Use AWS configure (setup for AWS users in the AWS CLI)

Commands to run the code are:-

"terraform init" - it will initialize all the plugins.

"terraform plan" - it will create an execution plan.

"terraform apply --auto-approve" - the apply command is used to execute the plan and the -auto-approve option tells terraform not to require interactive approval of the plan before applying it.

"terraform destroy --auto-approve" - the destroy command is used to destroy the infrastructure and the -auto-approve option tells terraform not to require interactive approval of the plan before destroying it.

Proposed Solution-

First will configure the AWS

# We will create an S3 bucket

An Amazon S3 bucket is a public cloud storage resource available in Amazon Web Services' (AWS) Simple Storage Service (S3), an object storage offering. Amazon S3 buckets, which are similar to file folders, store objects, which consist of data and its descriptive metadata.

Code

Run “terraform apply --auto-approve”

#Upload file to S3 Bucket

Code

Run “terraform apply --auto-approve”

#Create a Cloudfront and attach it to S3 bucket

Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds, all within a developer-friendly environment.

Code

Run “terraform apply --auto-approve”

#Create a VPC

Amazon Virtual Private Cloud (Amazon VPC) lets you provision a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define. You have complete control over your virtual networking environment, including the selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways. You can use both IPv4 and IPv6 in your VPC for secure and easy access to resources and applications.

Code

Run “terraform apply --auto-approve”

#Create a subnet in VPC

A subnetwork or subnet is a logical subdivision of an IP network. It is a range of IP addresses in your VPC. You can launch AWS resources into a specified subnet. If the user wants to launch an instance, directly user cannot launch an instance in Data Center they require subnet and while launching an instance they internally create a DHCP server.

Types of Subnet-

Public Subnet: A public subnet for resources that must be connected to the internet world

Private Subnet: A private subnet for resources that won't be connected to the internet.

Code

Run “terraform apply --auto-approve”

#Creating a Security Group

Security Groups provide a modular way to define and compose firewall rules. The rules are managed at the hypervisor level in order to restrict incoming and outgoing network traffic. Ingress gateway operates at the edge of a service mesh, receiving incoming HTTP/TCP connections while configuring ports, protocols, and virtual services. Firewalls are designed to decline the request unless there are specific policy and configuration that allows ingress connections. Here according to our need, we have taken HTTP and SSH. By default, AWS creates an ALLOW ALL egress rule when creating a new Security Group inside of a VPC.

Code

Run “terraform apply --auto-approve”

#Creating an EFS(Elastic File Storage)

Amazon Elastic File System (Amazon EFS) provides a simple, scalable, fully managed elastic NFS file system for use with AWS Cloud services and on-premises resources. It is built to scale on-demand to petabytes without disrupting applications, growing and shrinking automatically as you add and remove files, eliminating the need to provision and manage capacity to accommodate growth.

Code

Run “terraform apply --auto-approve”

#Mounting the EFS

Code

Run “terraform apply --auto-approve”

#Add Internet Gateway to enable the instances in VPC to communicate with the outside world

An internet gateway is a horizontally scaled, redundant, and highly available VPC component that allows communication between your VPC and the internet. An internet gateway serves two purposes: to provide a target in your VPC route tables for internet-routable traffic and to perform network address translation (NAT) for instances that have been assigned public IPv4 addresses.

Code

Run “terraform apply --auto-approve”

#Adding a Route Table

A routing table contains a set of rules, called routes, that are used to determine where network traffic from your VPC is directed. You can explicitly associate a subnet with a particular route table. Otherwise, the subnet is implicitly associated with the main route table. Each route in a routing table specifies the range of IP addresses where you want the traffic to go (the destination) and the gateway, network interface, or connection through which to send the traffic (the target).

Code

Run “terraform apply --auto-approve”

#Associating the Routing Table to Subnet

Code

Run “terraform apply --auto-approve”

#Launching of EC2 Instance having the code in /var/www/html

Code

Run “terraform apply --auto-approve”

Copy Instance's Public DNS IP in browser to view our website

Now we are destroying the setup that we have created by using just one command

Run “terraform destroy --auto-approve”

Please find the code using the below link-

Thanks!!!!

From:

Adnan A. Shaikh