To begin with, Terraform allows you to manage and automate your infrastructure and the services that are on there. Terraform is also an IaC, or an Infrastructure as Code, which means that the infrastructure can largely be managed through code. When paired with another tool, Amazon Web Services (AWS), the user can automatically launch servers that can host different types of services. In this post I will be discussing the process of how I automated the process of launching a WordPress website by hosting it through AWS.
To start, Terraform must have all its code in a file with the extension, “.tf”. This extension is to simply signify that this is a Terraform file. The name of the file can be arbitrarily named, but in this case I named it to be “main.tf”. Then I had to determine a provider which allows the user to define what set of APIs they can use. In this case, I defined my provider to be AWS so I could use the AWS plugins to create EC2 instances, security groups, etc. Because AWS has a fleet of datacenters, I specified which region of datacenters I would like to connect to, “us-west-1”. Below this I had to specify the access key and secret key (which are disabled now) in order to login into my AWS account to provision the resources needed to deploy a WordPress site. I also created a key pair in AWS which allows the user to access the instances launched, which I named “main-key.pem” (disabled now).
The VPC and IGW
Next, I created a VPC, or virtual private cloud, a virtual network that allows you to connect to multiple virtual servers. The CIDR block, or the classless inter-domain routing, is a range of IP addresses a network uses. Here I set it to be an Elastic IP where any IP can access it for testing purposes. Then I created an internet gateway which allows communication between the VPC and the internet.
Route Table and Security Groups
After this I made the route table which determines where each IP is directed to. I specified the CIDR blocks to accept any IP address and route it directly to the ID of the AWS internet gateway, which defaults to the VPC. Then I created a subnet that allows network traffic to travel faster and linked it to the route table. Next, I built the security group for WordPress and SQL that defines which ports are allowed to access the site and set it so that all IP addresses are allowed for now. In Production, you will want to lock down these ports further.
AMI Instance Creation
Finally I linked a WordPress and mySQL instance with my subnet that I had created earlier. AMI stands for Amazon Machine Image which is an image maintained by AWS that provides the information required to launch an instance. Here I used the AMI ID of a mySQL and WordPress instance. For the instance type I used a t2.micro since this is an instance type that is included in the free tier of AWS. A t2.micro instance provides the instance with some amount of CPU to run the overall site. After this, I referenced the subnet ID and VPC security group IDs to link the AMI instance to them. It was here that I would use the key pair (disabled now) that I created from the beginning. After that, I ran a few Terraform commands and my WordPress site was launched.