Deploying Apps to AWS with Terraform - Network Setup 01

8. Network Setup 01: VPCs, Internet Gateways, and Subnets

Introduction

In this session, we will dive into deploying Virtual Private Clouds (VPCs), internet gateways, and subnets using Terraform for our project. A prerequisite for this setup includes having the S3 backend and two separate AWS providers configured, as detailed in previous course videos.

Setting Up the Network Environment

Our network architecture spans across two AWS regions: eu-west-1 and eu-west-2. The setup involves deploying VPCs in both regions, establishing two public subnets in eu-west-1, and one in eu-west-2. Additionally, we will be creating and attaching internet gateways to each VPC.

Creating the VPCs and Subnets

1. VPC Creation: Utilizing Terraform's aws_vpc resource, we create VPCs in both regions with distinct CIDR blocks to prevent overlap during VPC peering. We enable DNS and hostname support within each VPC and assign meaningful names for easy identification.

2. Subnet Deployment: We deploy subnets in the defined VPCs. A critical step here is fetching the availability zones using Terraform's data source resource, enabling us to assign subnets to these zones accurately.

3. Internet Gateway Integration: Each VPC gets an internet gateway attached, facilitating external communication. The gateways are tied to the respective VPCs using their IDs.

Terraform File Structure and Execution

• File Creation: The implementation involves creating a networks.tf file in our Terraform project folder.

• Resource Tagging and Providers: Each resource, like VPCs and subnets, is tagged with labels and linked to the correct AWS provider (us-east-1 or us-west-2) using Terraform's provider parameter.

providers.tf

provider "aws" { profile = var.profile region = var.region-master alias = "region-master" } provider "aws" { profile = var.profile region = var.region-worker alias = "region-worker" } 

networks.tf

# Create VPC in eu-west-1 resource "aws_vpc" "vpc_master" { provider = aws.region-master cidr_block = "10.0.0.0/16" enable_dns_support = true enable_dns_hostnames = true tags = { Name = "master-vpc-jenkins-node" } } # Create VPC in eu-west-2 resource "aws_vpc" "vpc_master_london" { provider = aws.region-worker cidr_block = "192.168.0.0/16" enable_dns_support = true enable_dns_hostnames = true tags = { Name = "worker-vpc-jenkins-node" } } # Create IGW in eu-west-1 resource "aws_internet_gateway" "IGW" { provider = aws.region-master vpc_id = aws_vpc.vpc_master.id } # Create IGW in eu-west-2 resource "aws_internet_gateway" "IGW-london" { provider = aws.region-worker vpc_id = aws_vpc.vpc_master_london.id } # Get all avaialabe AZ's in VPC for master region data "aws_availability_zones" "azs" { provider = aws.region-master state = "available" } # Create subnet 01 in eu-west-1 resource "aws_subnet" "subnet_1" { provider = aws.region-master availability_zone = element(data.aws_availability_zones.azs.names, 0) vpc_id = aws_vpc.vpc_master.id cidr_block = "10.0.1.0/24" } # Create subnet 02 in eu-west-1 resource "aws_subnet" "subnet_2" { provider = aws.region-master vpc_id = aws_vpc.vpc_master.id availability_zone = element(data.aws_availability_zones.azs.names, 1) cidr_block = "10.0.2.0/24" } # Create subnet 02 in eu-west-2 resource "aws_subnet" "subnet_1_london" { provider = aws.region-worker vpc_id = aws_vpc.vpc_master_london.id cidr_block = "192.168.1.0/24" } 

• Validation and Application: After defining the resources, we use terraform fmt to ensure code consistency, followed by terraform validate for syntax and configuration checks. Finally, terraform plan and terraform apply are executed to create the actual resources in AWS.

Next Steps:

In the following lesson, we will progress to setting up subnet associations, and route tables, and establishing VPC peering to interconnect our network components.