Project: Two-Tier web application automation with Terraform, Ansible, and GitHub Actions

The project focuses on building a robust two-tier web application automation solution using Terraform, Ansible, and GitHub Actions, specifically designed for the Amazon Web Services (AWS) environment. The architecture comprises 6 Virtual Machines (VMs) distributed across 4 Public and 2 Private Subnets in distinct availability zones.

• Network Architecture: The infrastructure comprises four Public Subnets for accessibility and two Private Subnets for enhanced security. Webserver (VM #2) plays a crucial role as a Bastion host, facilitating secure access to VMs (#5 and #6) residing in Private subnets.
• Ansible Configuration Management: Utilizing Ansible Playbooks and Dynamic Inventory, the configuration of WebServers 3 and 4 in the Public Subnet involves comprehensive checks, including connectivity verification, service status validation, and patch updates.
• GitHub Collaboration: The entire project, encompassing both Terraform and Ansible code, is hosted on GitHub to ensure version control, collaboration, and traceability.
• GitHub Actions: GitHub Actions is used to perform security scan on each push to staging branch and when pull request is open to merge code into prod branch. Also it is employed to Automate future deployment of Terraform code for provisioning the Infrastucture resources and the first two Webservers.

To get started with the Two-Tier Web Application Automation framework, follow these simple steps:

1. Clone the repository in Cloud9:

   git init
   git clone https://github.com/solipkimm/two-tier-web-automation.git

2. Create S3 Bucket in AWS for Terraform State

3. Update Backend S3 configuration in the below files.

   • Network/config.tf
   • Webserver/config.tf
   • Webserver/main.tf

4. Create SSH key pairs for Prod (Make sure to have a public key in Prod/Webserver/)

   ssh-keygen -t rsa -f ~/.ssh/projectkey

5. Deploy the network infrastructure:

   alias tf=terraform
   cd Prod/Network
   tf fmt
   tf validate
   tf plan
   tf apply -auto-approve

6. Deploy the webserver infrastructure:

   cd Prod/Webserver
   tf fmt
   tf validate
   tf plan
   tf apply -auto-approve

7. Install Ansible and required dependencies:

   sudo yum install –y ansible
   sudo pip2.7 install boto3

8. Update ansible configuration:

   sudo vim /etc/ansible/ansible.cfg

   Add the following line inside the config file and save.

   enable_plugins = aws_ec2

9. Run the Ansible playbook:

   cd Ansible
   ansible-playbook -i aws_ec2.yaml playbook.yaml

10. GitHub Actions for Automation

    • Push to 'staging' branch and Pull request to 'prod' branch will scan security.
    • Pull request to 'prod' branch will deploy terraform.