TerraJet follows AWS best practices to help your infrastructure archives reliability, security, performance, and cost optimization. Save your time on researching and deploying. TerraJet provide the easiest way to approach Infrastructure as Code (IaC) frameworks like Terraform.
Table of Contents
- 🌱 Features
- 🏗 Design Diagram
- 📦 Provided Modules
- 🛠 Installation
- 🧹 Cleanup
- 📌 Extra step for Production
- ❔ FAQ
- Support deploying Single-page application (React, Angular, Vue) to S3 and cached by CloudFront.
- Support deploying SQL database to RDS.
- Support deploying and automatic scaling Dockerized API to ECS cluster.
- Enable Role-Based Access Control for API app.
- Enable spot instance mode in ECS to save computing cost.
- Provide TLS/SSL certificate with ACM
- Provide Microservices adaptability for your future growth.
These AWS Terraform modules are provided by current version.
Name | Description |
---|---|
IAM | Identity and Access Management |
Policy | IAM Policy |
VPC | Virtual Private Cloud |
SecurityGroup | Security Group |
S3 | S3 |
CloudFront | CloudFront |
RDS | Relational Database Service (RDS) |
KeyPair | EC2 KeyPair |
EC2 | EC2 |
ECR | Elastic Container Registry |
ECS | Elastic Container Service |
ELB | Elastic Load Balancer |
Logs | CloudWatch Logs |
Route53 | Route 53 |
Route53 Record | Route 53 Record |
ACM | AWS Certificate Manager |
This instruction can be used for all environments with Development (Dev) environment as an example.
-
Install Terraform, AWS CLI, Docker to your machine.
-
Create AWS account and bind credit card.
-
Prepare a domain.
-
Create IAM user with AdministratorAccess policy and save AWS credentials to local machine with aws-terrajet-dev profile name
-
Set up environment variables in envs/dev.tf
-
Create 2 ssh keys for ECS and EC2 bastion
ssh-keygen -t ed25519 -f ~/.ssh/terrajet_dev_ecs ssh-keygen -t ed25519 -f ~/.ssh/terrajet_dev_bastion
-
Clone template.secrets.env.yaml secret template in /secrets folder with name secrets.dev.yaml
-
Update RDS username, password and public key of 2 ssh keys created above to secrets.dev.yaml
-
Run
terraform init
-
Run
terraform apply
, then type'yes'
-
Update information of created services in Output section to domain provider and deploy section.
api_domain = "<your-domain>" bastion_dns = "<url>" db_endpoint = "<url>" ecr_repository_urls = { "api" = "<url>" } route_53_ns = tolist([ "<ns>", "<ns>", "<ns>", "<ns>", ]) s3_web_app_bucket_name = "terrajet-dev-static-web-app"
- Update Route53 NS to your domain provider.
- Go to /apps folder and update deploy.sh file with above values.
-
Go to /apps folder and run deploy.sh to deploy API and web app
-
Access your 'domain' and 'api.domain' URL to check the app is running.
- Run
terraform destroy
, then type'yes'
- Delete your AWS account.
- Move your Terraform state to safe backend like S3 or Terraform Cloud
Deploying an app on AWS using EC2 is a commonly used and straightforward approach. However, it can be challenging to maintain and scale, particularly when working with Docker containers. On the other hand, ECS cluster may appear more complex at first glance, but it actually simplifies the process. With ECS, you leave all the container control tasks for it, allowing you to focus on your code.
Although Kubernetes is popular and strongest for container clusters, but it's not necessary for our regular workload. It's resource-intensive and better suited for large-scale projects with a dedicated DevOps team. ECS is simpler and suitable for small to medium-sized monolithic apps.