Lab10: Terraform Provisioners - OT-TRAINING/TerraformAWS GitHub Wiki
In this lab, we will try to use different types of terraform provisioners.
- Create VM and a Firewall Resource in Terraform.
- Add Local Exec in the resource section of VM and Write Instance IP to a file called "{YOUR_TIME_NAME}-ip.txt".\
- Destroy the infrastructure after the validation.
- Create another resource that will use remote-exec as a previsioner and install nginx on it by these commands
sudo apt-get update -y
sudo apt-get install nginx -y
- Create a dummy HTML file with name index.html and update the existing resource by adding another provisioner to upload your HTML file at this location "var/www/html/index.html".
Create VM and a Firewall Resource in Terraform.
For this task we simply need to add code in main.tf and we are good to go by running plan and apply terraform command
Feel Free to use your old for for this and we would suggest use of DATA block for VPC so that we can using our old default VPC only
Now we are good to move to the next task.
Add Local Exec in the resource section of VM and Write Instance IP to a file called "{YOUR_TIME_NAME}-ip.txt".
We use local-exec block just to get values in our local system.
And the commands are executed once the resource is created.
First we need to add the code in our VM resource section of local-exec
provisioner "local-exec" {
command = "echo ${google_compute_instance.vm_instance.network_interface[0].access_config[0].nat_ip} >> opstree-ip.txt"
}
This code has to be under VM section only.
Full code will look like below in main.tf.
#Provider
provider "aws" {
region = var.zone_name
access_key = var.aws_access_key
secret_key = var.aws_secret_key
}
#Instance Creation
resource "aws_instance" "web-instance" {
ami = var.ami # us-west-2
instance_type = var.instance_type
tags = {
"name" = "web-server"
}
provisioner "local-exec" {
command = "echo ${aws_instanceweb-instance.public_ip} >> public_ips.txt"
}
}
#Security group creation
resource "aws_security_group" "my-security-group" {
name = "web_sg"
# vpc_id = aws_vpc.my_vpc.id
ingress {
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
from_port = 443
to_port = 443
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}
Now simply run all your the terraform commands and apply our infrastructure.
We have to make sure the {YOUR_TEAM_NAME}-ip.txt file is getting generated in our currect directory.
Now the another task for you is to print private ip instead of public ip using local-exec.
Please run the DESTROY command now
Create another resource that will use remote-exec as a provisioner and install nginx on it by these commands
For the beginning we can again use our basic old code that we used earlier to create VM and firewall.
In that code, Now we need to add section for remote-exec which will help us to run commands on VM that is getting created.
Code for remote-exec that we need to use is:
provisioner "remote-exec" {
inline = [
"sudo apt-get update -y",
"sudo apt-get install -y",
]
}
And our entire main.tf should look like below:
remote-exec code here
Now we are good to run all terraform commands
Just to confirm if our remote-exec worked fine we can simply hit public ip on internet and it should open Nginx Home Page.
image here
Create a dummy HTML file with name index.html and update the existing resource by adding another provisioner to upload your HTML file at this location "var/www/html/index.html".
Lets create one "index.html" file where we can put anything we want.
<html>
<body>
Name of my team is OPSTREE
</body>
</html>
And now we can move this file to our remote host using File Provisioner
We can add the file provisoner block in main.tf file
provisioner "file" {
source = "./index.html"
destination = "~/index.html"
connection {
type = "ssh"
host = aws_instance.web-instance1.public_ip
user = "opstree"
timeout = "500s"
private_key = "${file("~/.ssh/id_rsa")}"
}
}
Full code will look like below in main.tf file
Final code here
We are good to run all terraform commands now.
After completing the activity and can review if our nginx home page is getting open that we sent to remote server
final image here