Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/bjwrd/three-tier-architecture

Highly Available, Fault Tolerant, Three-Tier-Architecture on AWS provisioned via Terraform
https://github.com/bjwrd/three-tier-architecture

aws fault-tolerant highly-available terraform terraform-aws

Last synced: about 2 months ago
JSON representation

Highly Available, Fault Tolerant, Three-Tier-Architecture on AWS provisioned via Terraform

Awesome Lists containing this project

README 

        
# Three-Tier-Architecture



# Architecture

This network architecture has three subnet tiers split across three availability zones. The web subnets also have a VPC routing table that will provide it access to the internet. The application and database tiers will not have such access; their routing tables will only allow internal network communication.





# Prerequisites

* An AWS Account with an IAM user capable of creating resources – `AdminstratorAccess`

* A locally configured AWS profile for the above IAM user

* Terraform installation - [steps](https://learn.hashicorp.com/tutorials/terraform/install-cli)

* AWS EC2 key pair - [steps](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html)

* Environment Variables for AWS CLI - [steps](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-envvars.html)

* tfupdate installation - [steps](https://github.com/antonbabenko/pre-commit-terraform#how-to-install)

* tfsec installation - [steps](https://github.com/antonbabenko/pre-commit-terraform#how-to-install)



# How to Apply/Destroy

This section details the deployment and teardown of the three-tier-architecture. **Warning: this will create AWS resources that costs money**



## Deployment Steps



#### 1.	Clone the repo

    git clone https://github.com/BJWRD/three-tier-architecture && cd three-tier-architecture

    

#### 2. Update the s3 bucket name to your own - `versions.tf`



    backend "s3" {

      bucket = "ENTER HERE"

      key    = "terraform.tfstate"

      region = "eu-west-2"

    }

    



#### 3. Update `versions.tf`

    tfupdate terraform versions.tf && tfupdate provider aws versions.tf

    

#### 4. Access the relevant environment 

    cd dev

    

**NOTE:** The environment you choose is dependent on whether you plan to provision resources which are adequate for a `dev/stage/prod` environment.



#### 5.	Initialise the TF directory

    terraform init



#### 5. Ensure the terraform code is formatted and validated 

    terraform fmt && terraform validate



#### 6. `tfsec` - vulnerability check

    tfsec

    

#### 7. Create an execution plan

    terraform plan



#### 8. Execute terraform configuration 

    terraform apply --auto-approve

    

image



## Verification Steps 



#### 1. Check AWS Infrastructure

Check the infrastructure deployment status, by enter the following terraform command -



     terraform show



image



**NOTE:** You may want to ouput `terraform show` to a .txt file for easier viewing i.e. terraform show > tf_infrastructure.txt



Alternatively, log into the AWS Console and verify your AWS infrastructure deployment from there.



#### VPC Verification



image



#### EC2 Verification



image



####  RDS Verification



image



#### 2. Verify bjwrd/app.py webapp is running via Docker 

SSH onto one of the EC2 hosts and verify that the bjwrd/app.py docker container is running -



    docker ps

    

image



Alternatively, you can retrieve the ALB DNS address and search within your browser.



## Teardown Steps



####  1. Destroy the deployed AWS Infrastructure 

`terraform destroy --auto-approve`



image



## Requirements

| Name          | Version       |

| ------------- |:-------------:|

| terraform     | ~>1.3.9       |

| aws           | ~>3.50.0      |



## Providers

| Name          | Version       |

| ------------- |:-------------:|

| aws           | ~>3.50.0      |



## Modules

| Name | Source |

|------|--------|

|  [vpc](#module\_vpc) | three-tier-architecture/modules/vpc |

|  [ec2](#module\_ec2) | three-tier-architecture/modules/ec2 |

|  [rds](#module\_rds) | three-tier-architecture/modules/rds |



## Resources

| Name          | Type       |

| ------------- |:-------------:|

| [aws_launch_template](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/aws_launch_template) | resource |

| [aws_db_instance](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/aws_db_instance) | resource |

| [aws_vpc](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/aws_vpc) | resource |

| [aws_subnet](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/aws_subnet) | resource |

| [aws_internet_gateway](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/aws_internet_gateway) | resource |

| [aws_route_table](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/aws_route_table) | resource |

| [aws_route_table_association](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/aws_route_table_association) | resource |

| [aws_lb](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/aws_lb) | resource |

| [aws_lb_listener](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/aws_lb_listener) | resource |

| [aws_lb_target_group](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/aws_lb_target_group) | resource |

| [aws_autoscaling_group](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/aws_autoscaling_group) | resource |

| [aws_db_subnet_group](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/aws_db_subnet_group) | resource |

| [aws_security_group](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/aws_security_group) | resource |