AWS in Terraform
Now that we have seen all the networking steps required, let's put it all together. But one last thing to mention first: One thing we haven't talked about is public IP addresses. All the IP addresses I've mentioned so far are local to within the VPC, but you also need some sort of public IP address that people on the internet can visit to connect to your server. You can create an EC2 instance with a public IP address. The key thing to note with public IPs though, is whenever you stop your instance, the public IP will change, so it’s not a good idea to point your domain name to your public IP . For that you need an Elastic IP . Request an Elastic IP from AWS, and then you can attach it to a particular EC2 instance (or to a load balancer, or a NAT gateway). I’ll show how to do this below. With that explained, here is the complete Terraform code you need to get a server up and running on AWS. You can get the entire thing in one file from here: ec2 with public IP ec2 with elastic IP Here's a visual summary of what we're going to do: EC2 with public IP example Boilerplate terraform initialization code: This is just boilerplate code you will need when using Terraform with AWS. VPC Now let’s create the VPC. It needs a CIDR block. The CIDR block can be anything, but I recommend using as the suffix. Subnet Create the subnet and associate it with the VPC. Notice the CIDR block for the subnet is a subset of the CIDR block for the VPC. Now we want to create the EC2 instance and put it in the subnet. Every EC2 instance needs an AMI (Amazon Machine Image). You can get the ID for the AMI you want from AWS here: https://console.aws.amazon.com/ec2/ Or you can just look it up in Terraform like this: EC2 instance Now let's create an EC2 instance that uses that AMI. Security group We'll also create a security group that allows inbound HTTP traffic on port 80 from anywhere: IGW Create an internet gateway and associate it with the VPC Route table Create a new route table and route and add a route to the internet gateway Associate our public subnet with this route table: Finally, we need to output the public IP of the instance so we can connect to it. Put all that in a file called . Run and . I'm glossing over the details of how to use Terraform here, since there are other tutorials on that. After the changes apply, Terraform will print out the IP address and URL. Hit the url that gets printed out using . You may need to give it a few minutes for the instance to boot up. If you get an error: If you get an error right away, that means everything works and you can hit your instance, but the server isn't up for some reason. If there's a wait before you get the error, that means you weren't able to connect to your instance at all. This could be any number of things, such as the IP you're using is wrong, or your security group or NACL are not set up to allow traffic in. All of the above, plus: Request an Elastic IP and associate it with your instance: And that's it! That is my introductory guide to networking for AWS. To close out, please enjoy this drawing of Nicholas Cage. Back to index Thanks for reading DuckTyped! Subscribe for free to receive new posts and support my work. ec2 with public IP ec2 with elastic IP EC2 with public IP example Boilerplate terraform initialization code: This is just boilerplate code you will need when using Terraform with AWS. VPC Now let’s create the VPC. It needs a CIDR block. The CIDR block can be anything, but I recommend using as the suffix. Subnet Create the subnet and associate it with the VPC. Notice the CIDR block for the subnet is a subset of the CIDR block for the VPC. AMI for EC2 instance Now we want to create the EC2 instance and put it in the subnet. Every EC2 instance needs an AMI (Amazon Machine Image). You can get the ID for the AMI you want from AWS here: https://console.aws.amazon.com/ec2/ Or you can just look it up in Terraform like this: EC2 instance Now let's create an EC2 instance that uses that AMI. Security group We'll also create a security group that allows inbound HTTP traffic on port 80 from anywhere: IGW Create an internet gateway and associate it with the VPC Route table Create a new route table and route and add a route to the internet gateway Associate our public subnet with this route table: Finally, we need to output the public IP of the instance so we can connect to it. Try it! Put all that in a file called . Run and . I'm glossing over the details of how to use Terraform here, since there are other tutorials on that. After the changes apply, Terraform will print out the IP address and URL. Hit the url that gets printed out using . You may need to give it a few minutes for the instance to boot up. If you get an error: If you get an error right away, that means everything works and you can hit your instance, but the server isn't up for some reason. If there's a wait before you get the error, that means you weren't able to connect to your instance at all. This could be any number of things, such as the IP you're using is wrong, or your security group or NACL are not set up to allow traffic in.
DevOps
Cloud