DEV Community

Randika Madhushan Perera
Randika Madhushan Perera

Posted on

Deploying Apps to AWS with Terraform - Network Setup 01

8. Network Setup 01: VPCs, Internet Gateways, and Subnets

Introduction

In this session, we will dive into deploying Virtual Private Clouds (VPCs), internet gateways, and subnets using Terraform for our project. A prerequisite for this setup includes having the S3 backend and two separate AWS providers configured, as detailed in previous course videos.

Setting Up the Network Environment

Our network architecture spans across two AWS regions: eu-west-1 and eu-west-2. The setup involves deploying VPCs in both regions, establishing two public subnets in eu-west-1, and one in eu-west-2. Additionally, we will be creating and attaching internet gateways to each VPC.

Creating the VPCs and Subnets

1. VPC Creation: Utilizing Terraform's aws_vpc resource, we create VPCs in both regions with distinct CIDR blocks to prevent overlap during VPC peering. We enable DNS and hostname support within each VPC and assign meaningful names for easy identification.

2. Subnet Deployment: We deploy subnets in the defined VPCs. A critical step here is fetching the availability zones using Terraform's data source resource, enabling us to assign subnets to these zones accurately.

3. Internet Gateway Integration: Each VPC gets an internet gateway attached, facilitating external communication. The gateways are tied to the respective VPCs using their IDs.

Terraform File Structure and Execution

  • File Creation: The implementation involves creating a networks.tf file in our Terraform project folder.

  • Resource Tagging and Providers: Each resource, like VPCs and subnets, is tagged with labels and linked to the correct AWS provider (us-east-1 or us-west-2) using Terraform's provider parameter.

providers.tf

provider "aws" {
  profile = var.profile
  region  = var.region-master
  alias   = "region-master"
}

provider "aws" {
  profile = var.profile
  region  = var.region-worker
  alias   = "region-worker"
}
Enter fullscreen mode Exit fullscreen mode

networks.tf

# Create VPC in eu-west-1
resource "aws_vpc" "vpc_master" {
  provider             = aws.region-master
  cidr_block           = "10.0.0.0/16"
  enable_dns_support   = true
  enable_dns_hostnames = true
  tags = {
    Name = "master-vpc-jenkins-node"
  }
}

# Create VPC in eu-west-2
resource "aws_vpc" "vpc_master_london" {
  provider             = aws.region-worker
  cidr_block           = "192.168.0.0/16"
  enable_dns_support   = true
  enable_dns_hostnames = true
  tags = {
    Name = "worker-vpc-jenkins-node"
  }
}

# Create IGW in eu-west-1
resource "aws_internet_gateway" "IGW" {
  provider = aws.region-master
  vpc_id   = aws_vpc.vpc_master.id
}

# Create IGW in eu-west-2
resource "aws_internet_gateway" "IGW-london" {
  provider = aws.region-worker
  vpc_id   = aws_vpc.vpc_master_london.id
}

# Get all avaialabe AZ's in VPC for master region
data "aws_availability_zones" "azs" {
  provider = aws.region-master
  state    = "available"
}

# Create subnet 01 in eu-west-1
resource "aws_subnet" "subnet_1" {
  provider          = aws.region-master
  availability_zone = element(data.aws_availability_zones.azs.names, 0)
  vpc_id            = aws_vpc.vpc_master.id
  cidr_block        = "10.0.1.0/24"
}

# Create subnet 02 in eu-west-1
resource "aws_subnet" "subnet_2" {
  provider          = aws.region-master
  vpc_id            = aws_vpc.vpc_master.id
  availability_zone = element(data.aws_availability_zones.azs.names, 1)
  cidr_block        = "10.0.2.0/24"
}

# Create subnet 02 in eu-west-2
resource "aws_subnet" "subnet_1_london" {
  provider   = aws.region-worker
  vpc_id     = aws_vpc.vpc_master_london.id
  cidr_block = "192.168.1.0/24"
}
Enter fullscreen mode Exit fullscreen mode
  • Validation and Application: After defining the resources, we use terraform fmt to ensure code consistency, followed by terraform validate for syntax and configuration checks. Finally, terraform plan and terraform apply are executed to create the actual resources in AWS.

Next Steps:

In the following lesson, we will progress to setting up subnet associations, and route tables, and establishing VPC peering to interconnect our network components.

Top comments (0)