In this post,we’ll create the Infrastructure for Highly-Available WordPress website over AWS using Terraform and then install the WordPress using Ansible. If you don’t know about the Terraform, please check this link.
We’ll use the Terraform to create the fully operational AWS VPC infrastructure(subnets,routeing tables,igw etc), it will also create everything that need to be for creating EC2 and RDS instances (security key, security group, subnet group). It will also create the Elastic Load Balancer and add the EC2 instance(s) automatically to it as well as creating the Route53 entry for this wordpress site and add the ELB alias to it.
Ansible will be used to deploy the wordpress on the EC2 instances that have been created via Terraform, that will be fault tolerant and highly available.
AWS admin access
config file = /etc/ansible/ansible.cfg
configured module search path = Default w/o overrides
Before using the terraform, we need to export AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY as environment variables:
After doing/verifying all the above things, download this Repository from the GitHub:
git clone https://github.com/arbabnazar/terraform-ansible-aws-vpc-ha-wordpress.git
Terraform AWS Modules:
The purpose of Terraform AWS Modules are to create a fully operational AWS VPC infrastructure(subnets,routeing tables,igw etc), it will also create everything that need to be for creating EC2 and RDS instances (security key, security group, subnet group).
It will also create the Elastic Load Balancer and add the EC2 instance(s) automatically that were created using this playbook as well as creating the Route53 entry for this site and add the ELB alias to it.
Terraform AWS Modules Tasks:
- Create VPC with 4 x VPC subnets(2 x public, 2 x private) in different AZ zones inside the AWS region
- Create the AWS key pair with the provided public key
- Create 1 x security group for each(SSH,Webservers,RDS and ELB)
- Provision 2 x EC2 instances(Ubuntu 14.04 LTS) in 2 different public AZ
- Provision 1 x RDS instance in private subnets
- Launch and configure public facing VPC ELB (cross_az_load_balancing) and attach VPC subnets
- Register EC2 instances on ELB
- Take the ELB dnsname and register/create dns entry in Route53
All informations about VPC, Webserver, RDS, ELB, Route53 are defined in their respective modules.
Variables for your Infrastructure:
Rename the file called terraform.tfvars-sample into the terraform.tfvars and change the values as per your requirement:
mv terraform.tfvars-sample terraform.tfvars
To Generate and show an execution plan (dry run):
To Builds or makes actual changes in infrastructure:
To inspect Terraform state or plan:
To destroy Terraform-managed infrastructure:
Note: Terraform stores the state of the managed infrastructure from the last time Terraform was run. Terraform uses the state to create plans and make changes to the infrastructure.
After successful completion of terraform plan, login to the AWS Web Console and verify the resources:
Ansible Role after Terraform Provisioning:
Once the Terraform will create all the resources over AWS, you can use the Ansible to install the wordpress over the EC2 instance(s). To use the provided role, move into the ansible directory:
Provided role will install the wordpress on all the servers that have been created via the terraform. To use the provided role, run the following command:
ansible-playbook site.yml -e@../secret/secure.yml -e@../terraform-aws/tendo-dev.yml
and use this command if you are using encrypted file:
ansible-playbook site.yml -e@../secret/secure.yml -e@../terraform-aws/tendo-dev.yml --ask-vault-pass
secure.yml file will be used to overwrite the variables inside the role. This file must keep secure using ansible vault but I have left it encrypted so that you can take an idea that what it’s contain while
tendo-dev.yml contain the dnsname of the RDS and this file will create during the terraform execution and it’s name based on the values of these variables:
terraform.py is dynamic inventory created by CiscoCloud
After successful completion of these tasks, it will show you the summary, something like this:
Navigate to the site in web browser using the fqdn(in my case, it is http://www.rbgeek.com), and verify that the wordpress is installed successfully:
Hope this will help you!
Please Remember me in your prayers!