Hint: I used AWS US-EAST-1 as my default region.
This automation mechanism requires the following components to be already available.
- Packer
- Terraform
- AWS Cli
- Your AWS account configured:
$aws configure
, with environment variables set.
Generate your personal keys (Pub, Priv) if you don't have it already:
ssh-keygen -t rsa -C "[email protected]" -f ./the-keys
if you have them already place both your keys in the ./packer/
directory and update the file names inside ./packer/image.pkr.hcl
The default region is us-east-1
and IaaS Provider is AWS. If you want another region update them in ./packer/image.pkr.hcl
in the region
block and ./terraform/variables.tf
in the region
block.
Execute the following command from inside ./packer/
directory:
packer build image.pkr.hcl
The last line shows the name of new ami ID alongside with its deployment region that can be used for the deployment. Copy it.
Go to the ami_id
variable block of ./terraform/variables.tf
and replace your ami ID with the old one.
review ./terraform/variables.tf
throughly and update it accordingly, setting the value for Certificate ARN is a must!
then from the directory where main.tf
exists execute this command:
terraform init && terraform plan -out=main.plan
if you are happy with what you see then you can execute terraform apply "main.plan"
to make the service available.
- hint: If you want to connect to the server for some reason:
ssh theuser@$(terraform output -raw public_ip) -i ./packer/the-keys
- hint2: In case you get an error stating that you are using two subnets in the same region, destroy the deployment with
terraform destroy
and again useterraform plan -out=main.plan
and apply it
Once the deployment was successful, go to AWS Route53 and create a A
record, set its destination as alias then select Alias to Application and Classic Load Balancer fill the form to your deployment region, you should see a new load balancer ID with the name of lb-sentry mentioned in it. select it and create the record.
Once the record is created give it some few seconds and the navigate to your created address using https://.
- hint: if you don't want to use the service anymore just go to the same directory of
./terraform/
and execute this command:terraform destroy
and then typeyes