outyet example web service

An autoscaling, load balanced web service running on EC2 instances
EC2 AMI is built using Hashicorp Packer
AWS infrastructure is configured and maintained using Hashicorp Terraform
outyet application is sourced from the Golang examples repository

Table of contents

1.Prerequisites
2.Installation
3.Usage
4.Implementation details
5.Easy improvements

Prerequisites

• a valid AWS account with administrator privileges
• aws cli installed and configured using the aws configure command
  (https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html)
• an S3 bucket to manage the Terraform state file (enabling versioning is recommended)
• a domain registered in AWS Route53
• Hashicorp Packer installed and configured
  (https://www.packer.io/intro/getting-started/install.html)
• Hashicorp Terraform installed and configured
  (https://www.terraform.io/intro/getting-started/install.html)
• a local copy of the source code in this repository

Installation

git clone https://github.com/mircea-c/web-service-packer-terraform.git

Usage

The outyet AMI must be built first as Terraform will search for it when building the infrastructure

Building the outyet ami

• Navigate to the packer template directory
  cd web-service-packer-terraform\packer_template
• Build the AMI
  packer build outyet.json
• Verify that an ami named 'outyet-amzn2' has been registered

Deploying the application

• Navigate to the terraform directory
  cd web-service-packer-terraform\terraform
• Configure the terraform backend in the main.tf file (replace s3 bucket name and aws region with your own)

terraform {
   backend "s3" {
     bucket = "<s3 bucket name>"
     key = "terraform.tfstate"
     region = "<aws region>"
   }
 }

• Initialize Terraform
  terraform init
• Create the infrastructure (you will be promted to enter the route53 domain root)
  terraform apply
• Verify that the web service is accessible using the url http://outyet.<root.domain> where <root-domain> is replaced by your route53 registered domain.

Implementation details

• AMI configuration is initiated by Packer but mostly handled by Puppet. This model is more flexible and easier to maintain and debug than just by using Packer provisioners. It also reduces the ssh traffic that would have otherwise been generated by Packer.
• Additional puppet modules can be used by adding them to the packer_template\modules directory to to further configure systems like ntp, ssh, and so on
• The golang binary is simply built using the go get command. A systemd service that uses the generated binary is then created by Puppet, enabling the application to start on boot.

Easy improvements

• The handling of the outyet binary could be made more efficient by building the binary locally (or in a CI pipeline) and then adding it to the AMI. This would eliminate the need to install and configure git in the AMI which reduces size and build time.
• Terraform state file could be managed with a separate module (or Terraform Enterprise) to eliminate the need for manual editing of the terraform code
• AWS credentials could be retrieved from Hashicorp Vault to improve the security of the deployment