8. Network Setup 01: VPCs, Internet Gateways, and Subnets
Introduction
In this session, we will dive into deploying Virtual Private Clouds (VPCs), internet gateways, and subnets using Terraform for our project. A prerequisite for this setup includes having the S3 backend and two separate AWS providers configured, as detailed in previous course videos.
Setting Up the Network Environment
Our network architecture spans across two AWS regions: eu-west-1 and eu-west-2. The setup involves deploying VPCs in both regions, establishing two public subnets in eu-west-1, and one in eu-west-2. Additionally, we will be creating and attaching internet gateways to each VPC.
Creating the VPCs and Subnets
1. VPC Creation: Utilizing Terraform's aws_vpc resource, we create VPCs in both regions with distinct CIDR blocks to prevent overlap during VPC peering. We enable DNS and hostname support within each VPC and assign meaningful names for easy identification.
2. Subnet Deployment: We deploy subnets in the defined VPCs. A critical step here is fetching the availability zones using Terraform's data source resource, enabling us to assign subnets to these zones accurately.
3. Internet Gateway Integration: Each VPC gets an internet gateway attached, facilitating external communication. The gateways are tied to the respective VPCs using their IDs.
Terraform File Structure and Execution
File Creation: The implementation involves creating a
networks.tffile in our Terraform project folder.Resource Tagging and Providers: Each resource, like VPCs and subnets, is tagged with labels and linked to the correct AWS provider (us-east-1 or us-west-2) using Terraform's provider parameter.
providers.tf
provider "aws" {
profile = var.profile
region = var.region-master
alias = "region-master"
}
provider "aws" {
profile = var.profile
region = var.region-worker
alias = "region-worker"
}
networks.tf
# Create VPC in eu-west-1
resource "aws_vpc" "vpc_master" {
provider = aws.region-master
cidr_block = "10.0.0.0/16"
enable_dns_support = true
enable_dns_hostnames = true
tags = {
Name = "master-vpc-jenkins-node"
}
}
# Create VPC in eu-west-2
resource "aws_vpc" "vpc_master_london" {
provider = aws.region-worker
cidr_block = "192.168.0.0/16"
enable_dns_support = true
enable_dns_hostnames = true
tags = {
Name = "worker-vpc-jenkins-node"
}
}
# Create IGW in eu-west-1
resource "aws_internet_gateway" "IGW" {
provider = aws.region-master
vpc_id = aws_vpc.vpc_master.id
}
# Create IGW in eu-west-2
resource "aws_internet_gateway" "IGW-london" {
provider = aws.region-worker
vpc_id = aws_vpc.vpc_master_london.id
}
# Get all avaialabe AZ's in VPC for master region
data "aws_availability_zones" "azs" {
provider = aws.region-master
state = "available"
}
# Create subnet 01 in eu-west-1
resource "aws_subnet" "subnet_1" {
provider = aws.region-master
availability_zone = element(data.aws_availability_zones.azs.names, 0)
vpc_id = aws_vpc.vpc_master.id
cidr_block = "10.0.1.0/24"
}
# Create subnet 02 in eu-west-1
resource "aws_subnet" "subnet_2" {
provider = aws.region-master
vpc_id = aws_vpc.vpc_master.id
availability_zone = element(data.aws_availability_zones.azs.names, 1)
cidr_block = "10.0.2.0/24"
}
# Create subnet 02 in eu-west-2
resource "aws_subnet" "subnet_1_london" {
provider = aws.region-worker
vpc_id = aws_vpc.vpc_master_london.id
cidr_block = "192.168.1.0/24"
}
-
Validation and Application: After defining the resources, we use
terraform fmtto ensure code consistency, followed byterraform validatefor syntax and configuration checks. Finally,terraform planandterraform applyare executed to create the actual resources in AWS.
Next Steps:
In the following lesson, we will progress to setting up subnet associations, and route tables, and establishing VPC peering to interconnect our network components.
Top comments (0)