Contents

1. Introduction ...................................................................................................................... 4

2. Why Terraform ................................................................................................................ 6

3. Objective(s) ....................................................................................................................... 8

4. Project Design ................................................................................................................... 9

5. Implementation............................................................................................................... 10

6. Results ............................................................................................................................. 14

7. Conclusions ..................................................................................................................... 18

8. Scope for further work ................................................................................................... 19

9. References ....................................................................................................................... 20

2
 LIST OF FIGURES

Fig1: Terraform to connect to multiple CSP ............................................................4

Fig2: Three stages of Terraform ............................................................................... 6

Fig3: Generic three tier architecture ........................................................................ 8

Fig4: Flow chart of three tier architecture ................................................................ 9

Fig5: Implementation of VPC using terraform......................................................... 14

Fig6: Initializing the resources using “terraform init” command............................. 16

Fig7: Planning the resources using “terraform plan” command............................... 16

Fig8: Deploying the resources using “terraform apply” command.......................... 17

3
1.Introduction:
A 3-tier architecture in AWS refers to the use of a front-end web server, a middleware server,
and a back-end database server. The front-end web server handles the user interface and interacts with
the user. The middleware server handles all the business logic and provides a layer of security. The
back-end database server stores the user’s data.
In a 3-tier architecture, the front-end web server is typically a web server that runs on the
customer’s premises. The middleware server is typically a server that is housed in AWS and is used to
process the requests from the back-end database server. The back-end database server is typically a
server that is housed in AWS and is used to store the user’s data. HashiCorp Terraform is an
infrastructure as code tool that lets you define both cloud and on-prem resources in human-readable
configuration files that you can version, reuse, and share. You can then use a consistent workflow to
provision and manage all of your infrastructure throughout its lifecycle. Terraform can manage low-
level components like compute, storage, and networking resources, as well as high-level components
like DNS entries and SaaS features.
Terraform is one of the most popular Infrastructure-as-code (IaaC) tool, used
by DevOps teams to automate infrastructure tasks. It is used to automate the provisioning of your
cloud resources. Terraform is an open-source, cloud-agnostic provisioning tool developed by
HashiCorp and written in GO language.
Terraform creates and manages resources on cloud platforms and other services
through their application programming interfaces (APIs). Providers enable Terraform to work with
virtually any platform or service with an accessible API.

Figure1: Terraform to connect to multiple CSP.

4
HashiCorp and the Terraform community have already written thousands of providers to manage
many different types of resources and services. You can find all publicly available providers on
the Terraform Registry, including Amazon Web Services (AWS), Azure, Google Cloud Platform
(GCP), Kubernetes, Helm, GitHub, Splunk, DataDog, and many more.

The core Terraform workflow consists of three stages:

• Write: You define resources, which may be across multiple cloud providers and services. For
example, you might create a configuration to deploy an application on virtual machines in a
Virtual Private Cloud (VPC) network with security groups and a load balancer.

• Plan: Terraform creates an execution plan describing the infrastructure it will create, update, or
destroy based on the existing infrastructure and your configuration.

• Apply: On approval, terraform performs the proposed operations in the correct order,
respecting any resource dependencies. For example, if you update the properties of a VPC and
change the number of virtual machines in that VPC, terraform will recreate the VPC before
scaling the virtual machines.

5
Figure2: Three stages of Terraform.

6
2. Why Terraform?

HashiCorp co-founder and CTO Armon Dadgar explains how Terraform solves infrastructure
challenges.

Manage any infrastructure

Find providers for many of the platforms and services you already use in the Terraform Registry. You
can also write your own. Terraform takes an immutable approach to infrastructure, reducing the
complexity of upgrading or modifying your services and infrastructure.

Track your infrastructure

Terraform generates a plan and prompts you for your approval before modifying your infrastructure. It
also keeps track of your real infrastructure in a state file, which acts as a source of truth for your
environment. Terraform uses the state file to determine the changes to make to your infrastructure so
that it will match your configuration.

Automate changes

Terraform configuration files are declarative, meaning that they describe the end state of your
infrastructure. You do not need to write step-by-step instructions to create resources because
Terraform handles the underlying logic. Terraform builds a resource graph to determine resource
dependencies and creates or modifies non-dependent resources in parallel. This allows Terraform to
provision resources efficiently.

Standardize configurations

Terraform supports reusable configuration components called modules that define configurable
collections of infrastructure, saving time and encouraging best practices. You can use publicly
available modules from the Terraform Registry, or write your own.

7
 Collaborate

Since your configuration is written in a file, you can commit it to a Version Control System (VCS) and
use Terraform Cloud to efficiently manage Terraform workflows across teams. Terraform Cloud runs
Terraform in a consistent, reliable environment and provides secure access to shared state and secret
data, role-based access controls, a private registry for sharing both modules and providers, and more.

Prerequisites:

• Access to AWS Console

• Understand of AWS services; VPCs and its components, Storage groups (firewall rules), EC2
auto scaling groups and Load balancers.

8
3. Objective:

To implement a multi-tier architecture, that consists of a single presentation tier, a logic tier, and a
data tier. The following figure shows an example of a simple, generic three-tier application.

Figure3: Generic three tier architecture

Our object here is to build the following resources using terraform.

• Custom VPC

• 2 Subnets (Public)

• 1 Subnet (Private)

• Security Group

• Elastic IP

• NAT Gateway

• Internet Gateway

• Route Table

9
4. Project design status:
The multi-tier application (three-tier, n-tier, and so forth) has been a cornerstone architecture pattern
for decades, and remains a popular pattern for user-facing applications. Although the language used to
describe a multi-tier architecture varies, a multi-tier application generally consists of the following
components:

• Presentation tier – Component that the user directly interacts with (for example, webpages and
mobile app UIs).
• Logic tier – Code required to translate user actions to application functionality (for example, CRUD
database operations and data processing).
• Data tier – Storage media (for example, databases, object stores, caches, and file systems) that hold
the data relevant to the application.

The multi-tier architecture pattern provides a general framework to ensure decoupled and
independently scalable application components can be separately developed, managed, and maintained
(often by distinct teams).

Figure4: Flow chart of three tier architecture

10
5. Implementation:
ec2.tf
resource "aws_instance" "web" {
ami = "ami-0578f2b35d0328762"
instance_type = "t2.micro"
key_name = "deehan"
subnet_id = aws_subnet.public[count.index].id
vpc_security_group_ids = [aws_security_group.allow_tls.id]
associate_public_ip_address = true
count = 2

tags = {
Name = "WebServer"
}

provisioner "file" {
source = "./deehan.pem"
destination = "/home/ec2-user/deehan.pem"

connection {
type = "ssh"
host = self.public_ip
user = "ec2-user"
private_key = "${file("./deehan.pem")}"
}
}
}

11
vpc.tf
resource "aws_vpc" "main" {
cidr_block = "10.0.0.0/16"

tags = {
Name = "CustomVPC"
}
}

variables.tf
variable "cidr" {
type = list
default = ["10.0.1.0/24","10.0.2.0/24"]
}

variable "az" {
type = list
default = ["us-east-2a","us-east-2b"]
}

subnet.tf
resource "aws_subnet" "public" {
vpc_id = aws_vpc.main.id
cidr_block = var.cidr[count.index]
availability_zone = var.az[count.index]
count = 2

tags = {
Name = "public-sub"
}
}

resource "aws_subnet" "private" {

vpc_id = aws_vpc.main.id
12
 cidr_block = "10.0.3.0/24"
availability_zone = "us-east-2b"

tags = {
Name = "private-sub3"
}
}

data "aws_subnets" "sid" {

filter {
name = "vpc-id"
values = [aws_vpc.main.id]
}

tags = {
Tier = "Public"
}
}

route.tf
resource "aws_route_table" "rtb" {
vpc_id = aws_vpc.main.id

route {
cidr_block = "0.0.0.0/0"
gateway_id = aws_internet_gateway.gw.id
}

tags = {
Name = "MyRoute"
}
}

resource "aws_route_table_association" "a" {

13
 subnet_id = aws_subnet.public[count.index].id
route_table_id = aws_route_table.rtb.id
count = 2
}
/*
resource "aws_route_table_association" "b" {
subnet_id = aws_subnet.public2.id
route_table_id = aws_route_table.rtb.id
}
*/
//Adding NAT Gateway into the default main route table
resource "aws_default_route_table" "dfltrtb" {
default_route_table_id = aws_vpc.main.default_route_table_id

route {
cidr_block = "0.0.0.0/0"
gateway_id = aws_nat_gateway.natgw.id
}

tags = {
Name = "dfltrtb"
}
}

14
6. Results:

Figure5: Implementation of VPC using terraform.

After your infrastructure completes, Output will print out the requested
values.

1. We will use output to print out our ALB DNS so we can test our
web servers.

output "lb_dns_name" {
description = "The DNS name of the load balancer"
value = aws_lb.external-elb.dns_name
}

Provision Infrastructure

1. If you didn’t do so earlier or you just want to do it again, from the

terminal run terraform init .

15
2. Run terraform fmt. This ensures your formatting is correct and
will modify the code for you to match.

3. Run terraform validate to ensure there are no syntax errors.

4. Run terraform plan to see what resources will be created.

5. Run terraform apply to create your infrastructure. Type Yes when

prompted.

Testing

1. After your infrastructure has been created there should be an

Output displayed on your terminal for the Application Load
Balancer DNS Name.

2. Copy and paste (without quotations) into a new browser tab.

Refresh the page to see the load balancer switch between the two
instances.

Clean Up

1. To delete our infrastructure run terraform destroy. When

prompted type Yes. This command will delete all the
infrastructure that we created.

16
Figure6: Initializing the resources using “terraform init” command.

Figure7: Planning the resources using “terraform plan” command.

17
Figure8: Deploying the resources using “terraform apply” command.

18
8. Conclusions

Deployed the three-tier architecture successfully on AWS using terraform.

Terraform is cloud agnostic and can be used to create multi-cloud
infrastructure. It allows IaC in a human readable language called HashiCorp
Configuration Language (HCL).

19
9. Scope for further work

• Manage any Infrastructure

• Track your infrastructure
• Automate changes
• Standardize configurations

20
10. References

• Terraform by HashiCorp

• What is Terraform | Terraform | HashiCorp Developer

• GitHub - hashicorp/terraform: Terraform enables you to safely and predictably create, change,
and improve infrastructure. It is an open-source tool that codifies APIs into declarative
configuration files that can be shared amongst team members, treated as code, edited,
reviewed, and versioned.

• Documentation | Terraform | HashiCorp Developer

• Terraform Registry

21