This post will finish up building the AWS VPC peering topology example described in part 5 of this Terraform series. For context, it is recommended to check that out.
To make the description of the steps clearer and the code readable, I've structured the code as follows.
.
├── main.tf
├── vpc_subnets.tf
├── security_grps.tf
├── instances.tf
├── temp_remote_access.tf
├── routing.tf
├── peering.tf
├── changing.tfvars
├── variables.tf
The different VPC components are separated into their own files. You will see a vpc_subnets.tf, routing.tf, instances.tf etc. If you wanted to customize the infrastructure or add another VPC such as a "web" to play around with, this modularity makes it easy.
The code is uploaded over here on GitHub. What each block of code does is commented on to make it easy to read and understand why it's there.
https://github.com/valarnet/terraform-aws-vpc-peering-example
The subnets in this example are private subnets. Therefore, to access the instances over SSH, I define elastic IPs and associate them to the network interfaces. There's a small cost associated with using elastic IPs but since this is a playground that is to be destroyed right after going through the exercise, that will be minimal.
The temp_remote_access.tf file defines the Internet gateway, AWS default route, and elastic IP resources needed to be able to reach EC2 instances.
There are only a few steps to run it. You can customize it before running it if you're comfortable.
cd Documents/terraform/vpc-peering-example
export AWS_ACCESS_KEY_ID="your_access_key"
export AWS_SECRET_ACCESS_KEY="your_secret_key"
export AWS_DEFAULT_REGION="aws_region"
terraform init
terraform plan -var-file=changing.tfvars
terraform apply -var-file=changing.tfvars
ssh -i "my_ec2_key.cer" ec2-user@34.235.21.121
[ec2-user@ip-172-23-0-4 ~]$ ping 172.23.0.4
PING 172.23.0.4 (172.23.0.4) 56(84) bytes of data.
64 bytes from 172.23.0.4: icmp_seq=1 ttl=255 time=0.023 ms
64 bytes from 172.23.0.4: icmp_seq=2 ttl=255 time=0.036 ms
64 bytes from 172.23.0.4: icmp_seq=3 ttl=255 time=0.032 ms
64 bytes from 172.23.0.4: icmp_seq=4 ttl=255 time=0.030 ms
64 bytes from 172.23.0.4: icmp_seq=5 ttl=255 time=0.031 ms
[ec2-user@ip-172-23-0-4 ~]$ ping 172.24.0.4
PING 172.24.0.4 (172.24.0.4) 56(84) bytes of data.
64 bytes from 172.24.0.4: icmp_seq=1 ttl=255 time=1.48 ms
64 bytes from 172.24.0.4: icmp_seq=2 ttl=255 time=1.53 ms
64 bytes from 172.24.0.4: icmp_seq=3 ttl=255 time=1.48 ms
64 bytes from 172.24.0.4: icmp_seq=4 ttl=255 time=1.59 ms
64 bytes from 172.24.0.4: icmp_seq=5 ttl=255 time=1.48 ms
[ec2-user@ip-172-23-0-4 ~]$ ping 172.24.1.4
PING 172.24.1.4 (172.24.1.4) 56(84) bytes of data.
^C
--- 172.24.1.4 ping statistics ---
6 packets transmitted, 0 received, 100% packet loss, time 5112ms
This is the last post in the Terraform series. Obviously, we have only scratched at the surface of what Terraform can do and there are many concepts we haven't explored. But I hope this offered a starter for anyone looking into it.