RSInfoMinds

In this post we will see how to create a private subnet using Terraform. I am going to create 3 files. 1) VPC Variables file. 2) VPC Module file. 3) VPC Output file. VPC variable holds all the variables like vpc name, cidr, subnet and az details which are passed as a variables. # Creating variable for VPC Name - testvpc variable "vpc_name" {   description = "VPC Name"   type = string   default = "testvpc"   } # VPC CIDR variable "vpc_cidr" {   type = string   default = "10.0.0.0/16" }   # VPC Availability Zone variable "vpc_az" {   type = list ( string )   default = [ "us-east-1a" , "us-east-1b" ] } # VPC Private Subnet variable "vpc_private_subnets" {   type = list ( string )   default = [ "10.0.1.0/24" , "10.0.2.0/24" ] } Next file contains the core VPC module file which uses the variable file to create a VPC. # Create VPC Terraform Module module ...

  Public Subnet A public subnet is a subnet that is associated with a route table that has a route to an Internet gateway. This connects the VPC to the Internet and to other AWS services. Private Subnet   A private subnet is a subnet that is associated with a route table that doesn’t have a route to an internet gateway. Instances in the private subnet are backend servers they don’t accept the traffic from the internet . I am going to create a private subnet via AWS console and refer that subnet IP in the terraform file to launch an EC2 Instance. # Terraform Block terraform {   required_providers {     aws = {       source   = "hashicorp/aws"     }   } } # Provider Block provider "aws" {   profile = "default" # AWS Credentials configured via AWS CLI.   region   = "us-east-1" } # Resource Block resource "aws_instance" "ec2demo" {   ami           = "ami-0b5eea769...

  All variables start with the keyword variable.  All the variables are in a file awsvars.tf. You can call the file whatever you want. 1) Simple Variables. 2) List. 3) Maps. A simple variable is like a key-value and can be declared as shown below. variable "ec2_image" {     description = "Image ID"     type = string     default = "ami-0b5eea76982371e91"     } variable "aws_region" {   description = "Region in which AWS resources to be created"   type         = string   default     = "us-east-1" } variable "ec2_instance_type" {   description = "EC2 Instance Type"   type         = string   default     = "t2.micro"   } variable "ec2_instance_name" {   description = "EC2 Instance Name"   type         = string   default     = "webserver"   } Line 1 – Declares the nam...

  Today we are going to see: 1) Launching a EC2 Instance. 2) Configure HTTP server using a script which will be executed once the EC2 instance created. 3) Update the Security Group to allow incoming traffic on port "80". 4) Finally verify accessing the public IP/index.html We are going to create a file which has the steps to configure HTTP server. #! /bin/bash sudo yum update -y sudo yum install -y httpd sudo systemctl enable httpd sudo service httpd start   sudo echo '<h1>Welcome to My App - APP-1</h1>' | sudo tee /var/www/html/index.html sudo mkdir /var/www/html/app1 sudo echo '<!DOCTYPE html> <html> <body style="background-color:rgb(250, 210, 210);"> <h1>Welcome to APP-1 </body></html>' | sudo tee /var/www/html/app1/index.html sudo curl http://169.254.169.254/latest/dynamic/instance-identity/document -o /var/www/html/app1/metadata.html ---------------------------------------------------------...

  etcd is a consistent and highly-available key value store used as Kubernetes' backing store for all cluster data. If your Kubernetes cluster uses etcd as its backing store, make sure you have a back up plan for those data. All Kubernetes objects are stored on etcd.  Periodically backing up the etcd cluster data is important to recover Kubernetes clusters under disaster scenarios, such as losing all control plane nodes.  The snapshot file contains all the Kubernetes states and critical information.  In order to keep the sensitive Kubernetes data safe, encrypt the snapshot files. Backing up an etcd cluster can be accomplished in two ways: etcd built-in snapshot and volume snapshot. Few things you should know about etcd from a Kubernetes perspective. It is a consistent, distributed, and a secure key-value store. It uses raft protocol. Supports highly available architecture with stacked etcd. It stores kubernetes cluster configurations, all API objects, object states, ...

  Before creating a TF File. Lets understand the blocks of the TF file. There are 3 basic blocks: 1) TF setting block. 2) Provider block. 3) Resource block. TF setting block: Each  terraform  block can contain a number of settings related to Terraform's behavior.  # Terraform Settings Block terraform {   required_providers {     aws = {       source   = "hashicorp/aws"     }   } } Here I am mentioning the required providers as AWS and it downloads the latest version of AWS providers. The  required_providers  block specifies all of the providers required by the current module, mapping each local provider name to a source address and a version constraint. If the version not mentioned it download the latest version. Providers (Plugins): Terraform relies on plugins called providers to interact with cloud providers, SaaS providers, and other APIs. Terraform configurations must declare which providers they r...

  Installing Terraform on Windows. 1) Download terraform binary for windows and move to C:\terraform folder. 2) I have created the folder called "terraform" under C:\terraform 3) Next open the Start menu and search for Environment variables.Open the Environment variables settings page. 4) Update PATH variables with C:\terraform for both SYSTEM and USER. 5) If needed, restart your system to apply the variable changes. C:\Users>terraform -version Terraform v1.3.7 on windows_386 C:\Users> I am going to use Visual Studio Code for TF development. https://code.visualstudio.com/docs/?dv=win Once we are done adding the Terraform plugin.  Lets configure AWS CLI on Windows. https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html Once the AWS CLI is installed. Login to AWS Console under IAM select "Security Credentials" and "Create Access Key".     

  Since I am using a single master node. I need downtime for upgrade. I cannot drain the pods on the master node. Let me check the current version. root@masterk8s:~# kubeadm version kubeadm version: &version.Info{Major:"1", Minor:"19", GitVersion:"v1.19.14", GitCommit:"0fd2b5afdfe3134d6e1531365fdb37dd11f54d1c", GitTreeState:"clean", BuildDate:"2021-08-11T18:06:31Z", GoVersion:"go1.15.15", Compiler:"gc", Platform:"linux/amd64"} root@masterk8s:~# I am running on v1.19.14 root@masterk8s:~# kubectl get nodes NAME        STATUS     ROLES    AGE   VERSION masterk8s   Ready      master   38d    v1.19.14 worker01    NotReady   <none>   32d    v1.19.14 root@masterk8s:~# root@masterk8s:~# dpkg -l | grep -i kube ii  kubeadm                                 ...