|
1 | | -# terraform-EC2-RDS |
| 1 | +# Terraform 2-Tier Architecture with RDS |
| 2 | + |
| 3 | +Production-grade 2-tier web application infrastructure on AWS with VPC, ALB, Auto Scaling, and RDS Multi-AZ. |
| 4 | + |
| 5 | +## Architecture |
| 6 | + |
| 7 | +``` |
| 8 | +Internet --> ALB |
| 9 | + | |
| 10 | + v |
| 11 | + Public Subnets (2 AZs) |
| 12 | + [EC2 Auto Scaling Group] |
| 13 | + | |
| 14 | + v |
| 15 | + Private Subnets (2 AZs) |
| 16 | + [RDS MySQL Multi-AZ] |
| 17 | + | |
| 18 | + Secrets Manager |
| 19 | + (DB Credentials) |
| 20 | +``` |
| 21 | + |
| 22 | +## Key Features |
| 23 | + |
| 24 | +- **VPC** - 4 subnets across 2 AZs (2 public, 2 private) |
| 25 | +- **RDS Multi-AZ** - MySQL with automatic failover and Performance Insights |
| 26 | +- **Auto Scaling** - EC2 instances scale based on demand |
| 27 | +- **ALB** - Application Load Balancer with health checks |
| 28 | +- **Secrets Manager** - Secure, rotatable database credentials |
| 29 | +- **CloudWatch** - Alarms for CPU, connections, and storage |
| 30 | +- **NAT Gateway** - Secure outbound access from private subnets |
| 31 | + |
| 32 | +## Modules |
| 33 | + |
| 34 | +| Module | Purpose | |
| 35 | +|--------|---------| |
| 36 | +| `vpc` | VPC, subnets, NAT Gateway, route tables | |
| 37 | +| `database` | RDS MySQL Multi-AZ, parameter groups | |
| 38 | +| `ec2` | Launch template, ASG, ALB, target groups | |
2 | 39 |
|
3 | | -# CLOUDFORMATION-MySQLWebApp |
4 | | - |
5 | | -## Description: |
6 | | - |
7 | | - This is a Terraform template for configuring MySQL in an instance and access it through a server |
8 | | - placed in a Public Subnet. The MySQL Database is kept private and is accessed through the public |
9 | | - instances. Load balancers and Autoscaling groups are configured accordingly. |
10 | | - |
11 | | - |
12 | | -## INFRASTRUCTURE DIAGRAM: |
13 | | - |
14 | | - |
15 | | - |
16 | | -## About the Project |
17 | | - |
18 | | - This is an RDS implementation of complete AWS infrastructure of 2 tier database in which there are two |
19 | | - application in which there are two public and two private instances. |
20 | 40 | ## Prerequisites |
21 | 41 |
|
22 | | - In order to use this project completely, knowledge of some tools and skills are required along with |
23 | | - some useful resources. Those are stated below. |
24 | | - |
25 | | - - AWS account |
26 | | - - AWS services basic knowledge |
27 | | - - [Terraform](https://www.terraform.io/) knowledge |
28 | | - - [Cloudformation](https://aws.amazon.com/cloudformation/) knowledge. |
29 | | - is required |
30 | | - |
31 | | - |
32 | | -## Parameterization |
33 | | - |
34 | | - The code is fully parameterized and all your settings are to be parsed through variable file. |
35 | | - |
36 | | -## VPC-structure |
37 | | - |
38 | | - This repository contains 3 modules. Each module is dependent on the other so they will be uploaded in |
39 | | - the given order. |
40 | | - 1. vpc |
41 | | - 2. database |
42 | | - 3. ec2 |
43 | | - |
44 | | -### 1. vpc |
45 | | - In this file, a VPC is defined containing 4 subnets. Two of them are public and two is private. |
46 | | - An internet gateway is attached to the public subnets and NAT gateway is attached to the private |
47 | | - subnet. Routes were configured accordingly. The resources in the private subnet can only be |
48 | | - accessed through the public subnet. The network access control list is also defined which |
49 | | - whitelists all the IPs and can be edited to control access through any IP. Parameterization has |
50 | | - been done accordingly and are to be set according to the needs of the infrastructure. |
51 | | - |
52 | | -### 2. database |
53 | | - |
54 | | - This module contains a database which uses MySQL. It is placed in private subnet group. It can |
55 | | - only be accessed through the public subnet. |
56 | | - |
57 | | -### 3. ec2 |
58 | | - |
59 | | - The load balancer is configured in this file. It is an application balancer. It re-routes the |
60 | | - port 80 traffic of the Public instances. It is configured to operate in the public subnet. |
61 | | - Health checks are also set inside the load balancer. Parameterization has been |
62 | | - done accordingly and are to be set according to the needs of the infrastructure. The instances are |
63 | | - formed using launch configuration and deployed via auto-scaling-group. |
64 | | - |
65 | | -## Running the module |
66 | | - |
67 | | - By going to the repository folder and running the following commands, this will be depolyed on the |
68 | | - cloud. |
69 | | - ``` |
70 | | - terraform init |
71 | | - terraform plan -var-file="The path and name of the variables file" |
72 | | - terraform apply -var-file="The path and name of the variables file" |
73 | | - ``` |
74 | | -## State Management |
75 | | - |
76 | | - State Management has numerous advantages like |
77 | | - - Safer storage: Storing state on the remote server helps prevent sensitive information. State file |
78 | | - remains same but remote storage like S3 provides a layer to security like making S3 bucket private and |
79 | | - giving limited access. |
80 | | - - Auditing: Invalid access can be identified by enabling logging. |
81 | | - - Share data: Remote storage helps share state file with other members of team. |
82 | | - |
83 | | - The backend lock is placed inside the backend.tf file. It is better to make the bucket and DynamoDB table manuallly to |
84 | | - avoid any mishaps. |
85 | | - |
86 | | - |
87 | | - |
88 | | - |
89 | | - |
90 | | - |
91 | | - |
92 | | - |
93 | | - |
94 | | - |
| 42 | +- AWS CLI v2 |
| 43 | +- Terraform >= 1.5.0 |
95 | 44 |
|
| 45 | +## Deployment |
96 | 46 |
|
| 47 | +```bash |
| 48 | +terraform init |
| 49 | +terraform plan |
| 50 | +terraform apply |
| 51 | +``` |
97 | 52 |
|
| 53 | +## Cleanup |
98 | 54 |
|
| 55 | +```bash |
| 56 | +terraform destroy |
| 57 | +``` |
99 | 58 |
|
| 59 | +## License |
100 | 60 |
|
| 61 | +MIT |
0 commit comments