You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
AWS ALB Context Path based Routing using Terraform
Step-00: Pre-requisites
You need a Registered Domain in AWS Route53 to implement this usecase
Lets discuss more about it
Go to AWS Services -> Route53 -> Domains -> Registered Domains -> Register Domain
Choose a domain name: abcabc.com and click on Check
If available, click on Add to Cart and Click on Continue
Provide Contact Details for Your 1 Domain and Click on Continue
Terms and Conditions: Check and click on Complete Order
Go back to Billing and complete the payment for the domain to be approved
Copy your terraform-key.pem file to terraform-manifests/private-key folder
Step-01: Introduction
We are going to implement Context Path based Routing in AWS Application Load Balancer using Terraform.
To achieve that we are going to implement many series of steps.
Our core focus in the entire section should be primarily targeted to two things
Listener Indexes:https_listener_index = 0
Target Group Indexes:target_group_index = 0
If we are good with understanding these indexes and how to reference them, we are good with handling these multiple context paths or multiple header based routes or anything from ALB perspective.
We are going to implement the following using AWS ALB
# Get DNS information from AWS Route53
data "aws_route53_zone""mydomain" {
name = "devopsincloud.com"
}
# Output MyDomain Zone ID
output "mydomain_zoneid" {
description = "The Hosted Zone id of the desired Hosted Zone"
value = data.aws_route53_zone.mydomain.zone_id
}
Step-05: c7-04-ec2instance-private-app1.tf
We will change the module name from ec2_private to ec2_private_app1
We will change the name to "${var.environment}-app1"
# EC2 Instances that will be created in VPC Private Subnets for App1
module "ec2_private_app1" {
depends_on = [ module.vpc ] # VERY VERY IMPORTANT else userdata webserver provisioning will fail
source = "terraform-aws-modules/ec2-instance/aws"
version = "2.17.0"# insert the 10 required variables here
name = "${var.environment}-app1"
ami = data.aws_ami.amzlinux2.id
instance_type = var.instance_type
key_name = var.instance_keypair
#monitoring = true
vpc_security_group_ids = [module.private_sg.this_security_group_id]
#subnet_id = module.vpc.public_subnets[0]
subnet_ids = [
module.vpc.private_subnets[0],
module.vpc.private_subnets[1]
]
instance_count = var.private_instance_count
user_data = file("${path.module}/app1-install.sh")
tags = local.common_tags
}
Step-06: c7-05-ec2instance-private-app2.tf
Create new EC2 Instances for App2 Application
Module Name: ec2_private_app2
Name:"${var.environment}-app2"
User Data:user_data = file("${path.module}/app2-install.sh")
# AWS EC2 Instance Terraform Module# EC2 Instances that will be created in VPC Private Subnets for App2
module "ec2_private_app2" {
depends_on = [ module.vpc ] # VERY VERY IMPORTANT else userdata webserver provisioning will fail
source = "terraform-aws-modules/ec2-instance/aws"
version = "2.17.0"# insert the 10 required variables here
name = "${var.environment}-app2"
ami = data.aws_ami.amzlinux2.id
instance_type = var.instance_type
key_name = var.instance_keypair
#monitoring = true
vpc_security_group_ids = [module.private_sg.this_security_group_id]
#subnet_id = module.vpc.public_subnets[0]
subnet_ids = [
module.vpc.private_subnets[0],
module.vpc.private_subnets[1]
]
instance_count = var.private_instance_count
user_data = file("${path.module}/app2-install.sh")
tags = local.common_tags
}
Step-07: c7-02-ec2instance-outputs.tf
Update App1 and App2 Outputs based on new module names
# App1 - Private EC2 Instances## ec2_private_instance_ids
output "app1_ec2_private_instance_ids" {
description = "List of IDs of instances"
value = module.ec2_private_app1.id
}
## ec2_private_ip
output "app1_ec2_private_ip" {
description = "List of private IP addresses assigned to the instances"
value = module.ec2_private_app1.private_ip
}
# App2 - Private EC2 Instances## ec2_private_instance_ids
output "app2_ec2_private_instance_ids" {
description = "List of IDs of instances"
value = module.ec2_private_app2.id
}
## ec2_private_ip
output "app2_ec2_private_ip" {
description = "List of private IP addresses assigned to the instances"
value = module.ec2_private_app2.private_ip
}
# DNS Registration
resource "aws_route53_record""apps_dns" {
zone_id = data.aws_route53_zone.mydomain.id
name = "apps9.devopsincloud.com"
type = "A"
alias {
name = module.alb.this_lb_dns_name
zone_id = module.alb.this_lb_zone_id
evaluate_target_health = true
}
}
Step-11: Execute Terraform Commands
# Terraform Initialize
terraform init
# Terraform Validate
terraform validate
# Terraform Plan
terraform plan
# Terraform Apply
terraform apply -auto-approve
# Verify
Observation:
1. Verify EC2 Instances for App1
2. Verify EC2 Instances for App2
3. Verify Load Balancer SG - Primarily SSL 443 Rule
4. Verify ALB Listener - HTTP:80 - Should contain a redirect from HTTP to HTTPS
5. Verify ALB Listener - HTTPS:443 - Should contain 3 rules
5.1 /app1* to app1-tg
5.2 /app2* to app2-tg
5.3 /* return Fixed response
6. Verify ALB Target Groups App1 and App2, Targets (should be healthy)
5. Verify SSL Certificate (Certificate Manager)
6. Verify Route53 DNS Record
# Test (Domain will be different for you based on your registered domain)# Note: All the below URLS shoud redirect from HTTP to HTTPS
1. Fixed Response: http://apps.devopsincloud.com
2. App1 Landing Page: http://apps.devopsincloud.com/app1/index.html
3. App1 Metadata Page: http://apps.devopsincloud.com/app1/metadata.html
4. App2 Landing Page: http://apps.devopsincloud.com/app2/index.html
5. App2 Metadata Page: http://apps.devopsincloud.com/app2/metadata.html