Archives

Securing your Infrastructure: Encrypting Terraform State Files with OpenTofu
Using the Terraform aws_route53_delegation_set, aws_route53_zone, and aws_route53_record resource blocks to configure DNS in AWS.
Using the Terraform aws_db_instance resource block to configure, launch, and secure RDS instances.
How to use the Terraform aws_instance resource block to configure, launch, and secure EC2 instances.
How to configure and use the Terraform aws_ami data source block to find and use AWS AMIs as templates (root volume snapshot with operating system and applications) for EC2 instances.
How to configure and use the Terraform aws_key_pair resource block to create and manage AWS Key Pairs for performing SSH Public Key Authentication into EC2 instances.
A public key is a cryptographic key that is part of a key pair used for public key cryptography. In the context of SSH (Secure Shell) and other cryptographic systems, a public key is associated with an entity (like a user or a server) and is shared openly.
Cloud-init is the industry standard multi-distribution method for cross-platform cloud instance initialisation
Cloud-init is a multi-distribution package that handles the early initialization of cloud instances. It is commonly used in cloud computing environments to perform various tasks during the instance's first boot.
Control traffic to AWS resources using security groups
How to configure and use the Terraform aws_security_group and aws_security_group_rule resource blocks to create and manage AWS Security Groups and secure the infrastructure.
AWS Routing Tables with Terraform
How to configure and use the Terraform aws_route_table, aws_route, and aws_main_route_table_association resource blocks to create and manage AWS Routing Tables.
AWS NAT Gateway
How to configure and use the Terraform aws_nat_gateway and aws_eip resource blocks to create and manage AWS NAT Gateway and its corresponding Public IPs inside each availability zone to enable Internet access from instances in private subnets.
An AWS NAT Gateway is a managed service that allows instances in a private subnet to connect to the Internet while keeping them secure. It provides network address translation (NAT) for outbound traffic, allowing resources in a private subnet to access the internet while maintaining a private IP address.
AWS Internet Gateway
How to configure and use the Terraform aws_internet_gateway resource block to create and manage AWS Internet Gateway inside a VPC to enable instances access to and from the Internet.
How to configure and use the Terraform aws_subnet resource block to create and manage AWS Subnets inside a VPC. AWS Subnets are a subdivision of the IP Network assigned to the VPC.
The Terraform official AWS provider acts as an abstraction layer that lets Terraform configurations written in HCL define AWS services and infrastructure using code (IaC). Internally Terraform and the AWS provider handle authentication, and make the necessary AWS API calls to query, create, modify, and destroy the resources.
AWS Identity and Access Management (IAM)
AWS Identity and Access Management (IAM) is a web service provided by Amazon Web Services (AWS) that enables users to securely control access to AWS services and resources. IAM allows administrators to manage users, groups, roles, and permissions within their AWS accounts, ensuring secure and fine-grained control over who can perform specific actions and access particular resources.
Amazon CloudFront is a content delivery network (CDN) service provided by AWS. It is designed to deliver content, including web pages, videos, images, and other static or dynamic assets, to users with low latency and high data transfer speeds. CloudFront accelerates content delivery by caching it at edge locations distributed globally.
AWS Route 53 DNS
Amazon Route 53 is a scalable and highly available Domain Name System (DNS) web service provided by Amazon Web Services (AWS). It is designed to route end-user requests to globally distributed endpoints, such as web applications or resources, and effectively connects user requests to the corresponding AWS resources.
AWS RDS
AWS RDS is a fully managed service provided by Amazon Web Services (AWS) that simplifies the setup, operation, and scaling of relational databases in the cloud.
AWS EBS
Block storage for persistent data for EC2 instances. Instance storage for the operating system uses EBS volumes.
AWS is the world’s leading cloud platform, used by startups and large enterprises. AWS offers a wide range of services, including computing, storage, database, networking, analytics, machine learning, and artificial intelligence.
How to start building AWS infrastructure with Terraform: Terraform is an Infrastructure as Code (IaC) tool used to provision and manage infrastructure. It helps define and deploy resources across various cloud providers using code, making it easier to maintain and scale infrastructure.
Terraform functions perform specific tasks on the data within the configuration files: Numeric Functions Perform mathematical operations like calculations, comparisons, and conversions on numbers. String Functions Manipulate text data, including formatting, searching, and transformations. Collection Functions Work with lists and maps, performing tasks like filtering, sorting, and aggregation. Encoding Functions Encode and decode data in […]
Ansible Terraform AWS
This Ansible AWS tutorial shows how to use Ansible and its dynamic inventory AWS plugin to provision the software and configuration of infrastructure that has been created with Terraform.
Ansible logo
How To Install The Ansible Control Node in Ubuntu.
Terraform Logo
Sharing infrastructure across multiple Terraform projects using Data Sources helps maintain consistency, reduce redundancy, and promote collaboration. Terraform Data Sources allow you to fetch and use external information within your configuration.
SSH, which stands for Secure Shell, is a cryptographic network protocol that allows for secure communication and data transfer between two computers over an insecure network. Usage: Key features of SSH: Applications of SSH: Next Steps:
Generation of an Ed25519 Key Pair for SSH Authentication on AWS Linux Machines and Uploading of Key Pairs with Terraform.
Terraform OpenTofu AWS EKS
This how-to demonstrates how to use Terraform to create an AWS EKS cluster and deploy an application along with a Load Balancer on top.
AWS Internet Gateway
An AWS Internet Gateway is a component that facilitates communication between instances within an Amazon Virtual Private Cloud (VPC) and the Internet
AWS Fargate
AWS Fargate is a serverless computing engine for containers.
Amazon Elastic Container Service (Amazon ECS) 
AWS ECS (Amazon Elastic Container Service) is a fully managed container orchestration service for deploying, managing, and scaling containerized applications using Docker containers
AWS VPC
AWS Subnets are segmented sections within an Amazon Virtual Private Cloud (VPC).
AWS VPC
An AWS VPC (Virtual Private Cloud) is a virtual network dedicated to an AWS account. It enables users to launch AWS resources, like EC2 instances, within a logically isolated section of the AWS Cloud.
AWS logo
How to install the AWS CLI (Command Line Interface) to interact with Amazon Web Services through the command line.
Terraform AWS ECS Fargate
How-to use Terraform or OpenTofu to create an AWS ECS (Elastic Container Service) running in Fargate and deploy a Docker container.
Terraform AWS Identity and Access Management (IAM)
Programmatically creating AWS users using IaC tools like Terraform & OpenTofu
GnuPG
Geneation of a PrettyGood Privacy (PGP) Key Pair for automated AWS IAM user access key creation with Terraform.
Terraform Kubernetes
How to publish multiple replicas of an Application (from the Docker Registry) and create a NodePort in Kubernetes using Terraform (in 10 seconds)
Terraform Migration to OpenTofu
How to migrate existing AWS Terraform-managed infrastructure that uses remote backend storage (e.g. S3) to OpenTofu.
Kubernetes NFS
How to use NFS Kubernetes Persistent Volumes for the storage of data. Postgres is used as an example.
Helm Kubernetes
Install Helm, the package manager for Kubernetes.
K3s Kubernetes
K3s.io is a Lightweight Kubernetes cluster perfect for development or edge deployments. K3s is a CNCF Sandbox Project Originally developed by Rancher.
OpenTofu & Kubernetes
How to publish multiple replicas of an Application (from the Docker Registry) and create a NodePort or a LoadBalancer in Kubernetes using OpenTofu (in 10 seconds)
OpenTofu
OpenTofu installation is done by downloading a package from OpenTofu's GitHub Releases repository and installing it on the target machine.
AWS logo
AWS Security Groups are virtual firewalls that control inbound and outbound traffic to and from Amazon Web Services (AWS) resources, such as EC2 and RDS instances.
Terraform AWS
Terraform and AWS resource naming should follow a company standard. Each company has different requirements and the standard should be adjusted.
Terraform Logo
Options and techniques for debugging Terraform and OpenTofu Infrastructure plans.
Ansible logo
Handling multiple infrastructure environments with Ansible by targeting the environment tag that included in the mandatory AWS Tags
Ansible logo
Ansible Roles Granularity We recommend building Ansible roles that are highly reusable by configuration, but we also recommend pragmatism as our highest priority. Roles for systems and applications designed to be standalone, or before the Cloud was around, are called "non-native cloud applications", often those are stateful applications that can not be clustered without sharing […]
Ansible logo
Define and apply a company-wide consistent structure for all your Ansible Playbooks that allows for easy understanding and maximum reutilization
Ansible logo
Generate inventory (host and group information) dynamically rather than statically defining it in a static inventory file
AWS logo
Effective infrastructure resource tagging can greatly improve management, IaC, monitoring and cost visibility in AWS.
Terraform Logo
HCL is a domain-specific language developed by HashiCorp, a company known for its infrastructure automation tools such as Terraform, Vault, Consul, and Nomad.
Terraform Migration to OpenTofu
IaC is an approach to managing and provisioning computing infrastructure through machine-readable code and automation, rather than manual processes.
AWS S3 Service
AWS S3, is a highly scalable and durable object storage used for data storage, backup, content distribution, data archiving, and as a foundation for building cloud-native applications.
AWS EC2 Service
Amazon Elastic Compute Cloud, is a web service offered by Amazon Web Services (AWS) that provides resizable and scalable compute capacity in the cloud. In simple terms, AWS EC2 allows you to launch and manage virtual machines, known as instances, in the AWS cloud.
AWS EC2 AMI
AWS AMI, or Amazon Machine Image, is a pre-configured virtual machine image used to create and launch Amazon Elastic Compute Cloud (EC2) instances
Network OSI model / Layers
The 7 layers of the OSI model The OSI model is a conceptual framework that is used to describe how a network functions. It identifies seven fundamental networking layers, from the physical hardware up to high-level software applications. Each layer in the model handles a specific networking function. The standard helps administrators to visualize networks, […]
Terraform Kubernetes
What are the Terraform Cloud Agents? With Terraform Cloud Agents, a company can manage its private infrastructure as code and benefit from all the functionality of Terraform in a SaaS scenario.
Kubernetes
Tutorial and full source code explaining how to create a Kubernetes cluster with Ansible and Vagrant for local development under 3 minutes.
Istio
How to install Istio in a Kubernetes Cluster to use it as a service mesh for a microservices architecture.
Kubernetes
How to install the Kubernetes Dashboard and manage the cluster after installation.
PostgreSQL Logo
How to create a Kubernetes persistent volume for Postgres long term storage of data using a NFS Volume
Terraform Logo
Techniques to prevent infrastructure destroy in Terraform by protecting selected instances and resources from being accidentally destroyed.
Terraform AWS
Obtain your public IP address and use it in Terraform to create AWS Security Rules.
AWS RDS
Tutorial and source code explaining how to create and manage MariaDB (or MySQL) RDS database with Terraform in AWS.
AWS EC2 Service
Tutorial and source code explaining how to manage AWS Route 53 DNS Service, create an register an EC2 instances and find an AMI with Terraform.
AWS VPC
Tutorial and source code explaining how to manage AWS EC2 Instances and Security with Terraform.
AWS Routing Tables
Tutorial and source code explaining how to create and manage AWS networking with Terraform.
AWS VPC
Tutorial and source code explaining how to provision and configure a VPC, Route 53, RDS MariaDB, Instances and security groups using Ansible and Terraform on AWS to run WordPress in an Ubuntu server with Nginx, PHP, and Let’s Encrypt.
Kubernetes
Kubernetes tutorial explaining how to use a NodePort to publish applications in a Kubernetes cluster running in VirtualBox with Vagrant and Ansible
AWS logo
Best practices for naming and using AWS Infrastructure with Terraform and Ansible.
Istio
How to split traffic in Kubernetes with Istio based on request headers, tutorial, and examples with source code.
Istio
Tutorial on how to use Istio on Kubernetes for releasing new versions of software to the Cloud.
Terraform AWS Identity and Access Management (IAM)
How to create AWS IAM users for programmatic access to the AWS Cloud API, to be used with Terraform / OpenTofu and Ansible demos.
AWS logo
In order to run the examples presented in IT Wonder Lab you will need accounts in different cloud providers. Most of the providers offer free tiers or some demo credits to test their services, be aware that running the examples might cost you money. Visit aws.amazon.com/free to understand what is included by AWS in its […]
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram