Giter Club home page Giter Club logo

infrastructure's Introduction

infrastructure

Repository for AWS Infrastructure

Credential:

  • no secrets set up in secrets
  • export AWS_PROFILE in local machine to use the credential

Instructions for setting up infrastructure using Terraform:

  • docs
  • Install Terraform:
    • curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add -
    • sudo apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main"
    • sudo apt-get update && sudo apt-get install terraform
  • Verify the installation
    • terraform -help
  • Initialize the directory
    • terraform init && terraform plan
  • Format and validate the configuration
    • terraform fmt
    • terraform validate
  • Create infrastructure
    • terraform apply
  • Inspect state
    • terraform show
  • Destroy Infrastructure
    • terraform destroy

Demo commands:

  • build vpc:
    • go to /VPCs/0x/
    • export AWS_PROFILE=prod //for dev: export AWS_PROFILE=dev
    • terraform init && terraform plan
    • terraform apply
    • terraform destroy
  • build all resources:
    • cd modules/services
    • export AWS_PROFILE=prod
    • alias t=terraform
    • t init && t plan -var 'env=prod'
    • t apply -var 'env=prod'//for dev: t apply -var 'env=dev'

Policy:

  • CodeDeploy-EC2-S3 - CodeDeployEC2ServiceRole
    • get object from s3 bukcet codedeploy.prod.bh7cw.me
  • GH-Upload-To-S3 - cicd
    • get/put object from s3 bucket
  • GH-Code-Deploy - cicd
  • gh-ec2-ami - ghactions

SSL:

  1. prepare ssl: get private key and CSR
sudo openssl genrsa -out private.key 2048 # generate the private key
sudo openssl req -new -key private.key -out csr.pem # generate CSR based on the Private Key
  1. activate on namecheap
  2. set up CNAME in DNS, in my case: it's in aws route53
  3. install ssl: import in aws certificate manager
  1. Set up in load balancer: two options
  • Load Balancers menu >> Listeners >> View/edit certificates
  • Command:
aws elb set-load-balancer-listener-ssl-certificate --load-balancer-name my-loadbalancer --load-balancer-port 443 --ssl-certificate-id arn:aws:iam::123456789012:server-certificate/certificate_object_name

Parameter my-loadbalancer is the name of your load balancer.

infrastructure's People

Contributors

bh7cw avatar

Watchers

avatar

Forkers

bh7cw

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.