# Terraform practice code

terraform {
required_version = ">=0.12"
backend "s3" {
bucket = "OneClick-DevOps"
key = "terraform/${var.env_prefix}-state.tfstate"
region = "us-east-1"
}
}

provider "aws" {
region = "us-east-1"
}

resource "aws_vpc" "TFC-vpc" {

cidr_block = var.vpc_cidr_block
tags = {
name = "${var.env_prefix}-vpc"
}
}

resource "aws_subnet" "TFC-subnet" {

vpc_id = aws_vpc.TFC-vpc.id
cidr_block = var.subnet_cidr_block
availability_zone = var.avail_zone
tags = {
name = "${var.env_prefix}-subnet"
}
}

resource "aws_internet_gateway" "TFC-igw" {

vpc_id = aws_vpc.TFC-vpc.id
tags = {
name = "${var.env_prefix}-igw"
}
}

resource "aws_default_route_table" "TFC-rtb" {

default_route_table_id = aws_vpc.TFC-vpc.default_route_table_id
route {
cidr_block = var.www_cidr_block
gateway_id = aws_internet_gateway.TFC-igw.id
}
tags = {
name = "${var.env_prefix}-rtb"
}
}

resource "aws_default_security_group" "TFC-sg" {

vpc_id = aws_vpc.TFC-vpc.id
ingress {
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = [var.my_ip]
}
ingress {
from_port = 8080
 to_port = 8080
protocol = "tcp"
cidr_blocks = [var.www_cidr_block]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = [var.www_cidr_block]
prefix_list_ids = []
}
tags = {
name = "${var.env_prefix}-sg"
}
}

data "aws_ami" "TFC-ami" {

most_recent = true
owners = ["amazon"]
filter {
name = "name"
values = [var.image_pattern]
}
filter {
name = "virtualization_type"
values = ["hvm"]
}
tags = {
name = "${var.env_prefix}-ami"
}
}

resource "aws_key_pair" "TFC-keypair" {

key_name = var.key_pair_name
public_key = file(var.public_key_location)
tags = {
name = "${var.env_prefix}-keypair"
}
}

resource "aws_instance" "TFC-instances" {

count = var.counter
subnet_id = aws_subnet.TFC-subnet.id
associate_public_ip_address = true
ami = data.aws_ami.TFC-ami
tags = {
name = "${var.env_prefix}-instance-${count.index + 1}"
}
vpc_security_group_ids = [aws_default_security_group.TFC-sg.id]
instance_type = var.ins_type
key_pair = aws_key_pair.TFC-keypair
user_data = file("entry_script.sh")

connection {
type = "ssh"
host = self.public_ip
user = "ec2-user"
private_key = file(var.private_key_location)
}
 provisioner "file" {
source = "./entry-script.sh"
destination = "/home/ec2-user/entry-script-on-ec2.sh"
}

provisioner "remote-exec" {
script = file("/home/ec2-user/entry-script-on-ec2.sh")
}

provisioner "local-exec" {
command = "echo ${self.public_ip} > output.txt"
}
}

output "public-ips-1" {
value = aws_instance.TFC-instances[*].public_ip
}

output "public-ips-2" {
value = {
for instance in aws_instance.TFC-instances:
instance.tags.name => instance.public_ip
}
}

===entry-script.sh===
!#/bin/bash
sudo yum upgrade -y && sudo yum install -y docker
sudo usermod -aG docker ec2-user
sudo systemctl start docker
docker run -p 8080 nginx

Important terraform commands

1. terraform init - Pulls the provider code block
2. terraform validate - Checks the correctness of the main module
3. terraform plan - Shows what its going to create or remove
4. terraform apply -auto-approve - provisions the infrastructure
5. terraform destroy -auto-approve - removes the infrastructure
6. terraform state list - shows the list of provisioned resources
7. terraform state show <resource_name> - shows more info about a particular
resource

Ansible Playbooks practice

command: ansible-playbook -i hosts.ini playbook.yaml

- hosts: web
become: true
remote_user: root
tasks:
- name: Install Apache
yum:
name: httpd
state: installed
- name: Start Apache
service:
name: httpd
state: started
- name: Remove Apache
 yum:
name: httpd
state: removed

command: ansible-playbook -i hosts.ini playbook.yaml

- hosts: web
become: true
remote_user: root
tasks:
- name: Update all packages
yum:
name: '*'
state: latest
- name: Install Apache
yum:
name: httpd
state: installed
- name: Create a html page
shell: echo "Hello World" > /var/www/html/index.html
args:
executable: /bin/bash
notify:
- Reload Apache
- name: Get Public IP address
shell:
cmd: curl https://169.254.169.254/latest/meta-data/public-
ipv4
register: PublicIP
- debug: var = PublicIP.stdout_lines

handlers:
- name: Reload Apache
service:
name: httpd
state: reloaded

command: ansible-playbook playbook.yaml

- hosts: localhost
vars:
- server_name = "DomainController"
- server_port = "8080"
tasks:
- name: Display the message
debug:
msg: "{{ server_name }} has its port open at {{ server_port
}}."

command:
- hosts: localhost
vars:
tools:
- ansible
- puppet
- chef
tasks:
- name: Display using arrays
debug:
msg: "{{ tools[0] }} is the agent less model tool for
configuration management."
command: ansible-playbook -i hosts.ini playbook.yaml
- hosts: web
become: true
remote_user: root
vars:
packages:
- httpd
- docker
- mysql
tasks:
- name: Install packages by parsing through the array list
yum:
name: {{ item }}
state: installed
loop: {{ packages }}
- name: Removing through the list of items
yum:
name:
- httpd
- docker
- mysql
state: removed

command: ansible-playbook playbook.yaml

- hosts: localhost
tasks:
- name: Displaying the variable from a vars file
debug:
msg: "{{ server_name }} has its port open at {{ server_port
}}."

command: ansible-playbook playbook.yaml

- hosts: localhost
vars_files:
- vars.yaml
tasks:
- name: Displaying the variable from a vars file
debug:
msg: "{{ server_name }} has its port open at {{ server_port
}}."

command: ansible-playbook playbook.yaml

- hosts: localhost
tasks:
- name: Displaying variables passed through CLI
debug:
msg: "{{ server_name }} has its port open at {{ server_port
}}}."

command: ansible-playbook -i hosts.ini playbook.yaml

- hosts: web
become: true
remote_user: root
tasks:
- name: Retrieve installed packages
yum:
list: installed
register: Packages
- name: Display installed packages
debug:
msg: "{{ item.name }}"
loop {{ Packages.results }}