If you are reading this, you are going good. We have already created EC2 instance using terraform and then configured webserver using user data via terraform.
Now its the time for attaching ebs volume to ec2 instance using terraform. AWS EBS volume should be used to store data irrespective of lifecycle of ec2 instance.
An Amazon EBS volume is a durable, block-level storage device that you can attach to a single EC2 instance. You can use EBS volumes as primary storage for data that requires frequent updates, such as the system drive for an instance or storage for a database application. You can also use them for throughput-intensive applications that perform continuous disk scans. EBS volumes persist independently from the running life of an EC2 instance.
After a volume is attached to an instance, you can use it like any other physical hard drive. EBS volumes are flexible. For current-generation volumes attached to current-generation instance types, you can dynamically increase size, modify the provisioned IOPS capacity, and change volume type on live production volumes.
Amazon EBS provides the following volume types: General Purpose SSD (gp2), Provisioned IOPS SSD (io1), Throughput Optimized HDD (st1), Cold HDD (sc1), and Magnetic (standard, a previous-generation type).
Benefits of using EBS Volumes
1. Data availability
When you create an EBS volume in an Availability Zone, it is automatically replicated within that zone to prevent data loss due to failure of any single hardware component. After you create a volume, you can attach it to any EC2 instance in the same Availability Zone. After you attach a volume, it appears as a native block device similar to a hard drive or other physical device. At that point, the instance can interact with the volume just as it would with a local drive. The instance can format the EBS volume with a file system, such as ext3, and then install applications.
2. Data persistence
An EBS volume is off-instance storage that can persist independently from the life of an instance. You continue to pay for the volume usage as long as the data persists.
EBS volumes that are attached to a running instance can automatically detach from the instance with their data intact when the instance is terminated if you uncheck the Delete on Termination checkbox when you configure EBS volumes for your instance on the EC2 console. The volume can then be reattached to a new instance, enabling quick recovery.
By default, the root EBS volume that is created and attached to an instance at launch is deleted when that instance is terminated. You can modify this behavior by changing the value of the flag DeleteOnTermination to false when you launch the instance. This modified value causes the volume to persist even after the instance is terminated, and enables you to attach the volume to another instance.
3. Data encryption
For simplified data encryption, you can create encrypted EBS volumes with the Amazon EBS encryption feature. All EBS volume types support encryption. You can use encrypted EBS volumes to meet a wide range of data-at-rest encryption requirements for regulated/audited data and applications. Amazon EBS encryption uses 256-bit Advanced Encryption Standard algorithms (AES-256) and an Amazon-managed key infrastructure.
4. Snapshots
Amazon EBS provides the ability to create snapshots (backups) of any EBS volume and write a copy of the data in the volume to Amazon S3, where it is stored redundantly in multiple Availability Zones. The volume does not need to be attached to a running instance in order to take a snapshot. As you continue to write data to a volume, you can periodically create a snapshot of the volume to use as a baseline for new volumes. These snapshots can be used to create multiple new EBS volumes or move volumes across Availability Zones. Snapshots of encrypted EBS volumes are automatically encrypted.
Amazon EBS Volume Types
Amazon EBS provides the following volume types, which differ in performance characteristics and price, so that you can tailor your storage performance and cost to the needs of your applications. The volumes types fall into two categories:
1. SSD-backed volumes optimized for transactional workloads involving frequent read/write operations with small I/O size, where the dominant performance attribute is IOPS
2. HDD-backed volumes optimized for large streaming workloads where throughput (measured in MiB/s) is a better performance measure than IOPS
Now lets start attaching ebs volume to ec2 instance using terraform. I will divide the whole terraform into 4 steps. Create a file ec2-elb-instance.tf using your favourite editor. I am using “vim”
Attaching EBS Volume to EC2 Instance using Terraform
Step #1 – Selecting the AWS region you want your ec2 instance. I am using India region (ap-south-1)
provider "aws" {
region = "ap-south-1"
}
Step #2 – Configuring security group to allow ssh and http access. Though we need only ssh access to verify the attached ebs volume.
Use the code if you don’t wish to type now. But I won’t recommend it. Still go ahead 🙂
resource "aws_security_group" "morning-ssh-http" {
name = "morning-ssh-http"
description = "allow ssh and http traffic"
ingress {
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}
Step #3 – Create the aws instance using terraform. Must specify the availability zone and note the value, as we will be using the same AZ to have our ebs volume. As a general rule, the ec2 instance and ebs volume must be in the same AZ to avoid latency issues.
Use the code to create aws instance using terraform
resource "aws_instance" "good-morning" {
ami = "ami-5b673c34"
instance_type = "t2.micro"
availability_zone = "ap-south-1a"
security_groups = ["${aws_security_group.morning-ssh-http.name}"]
key_name = "zoomkey"
user_data = <<-EOF
#! /bin/bash
sudo yum install httpd -y
sudo systemctl start httpd
sudo systemctl enable httpd
echo "<h1>Sample Webserver Network Nuts" | sudo tee /home/573855.cloudwaysapps.com/hfjzxghgzg/public_html/html/index.html
EOF
tags = {
Name = "webserver"
}
}
Step #4 – Finally, create the ebs volume and connect it to our ec2 instance using terraform code.
Use the code to complete attaching ebs volume to ec2 instance using terraform.
resource "aws_ebs_volume" "data-vol" {
availability_zone = "ap-south-1a"
size = 1
tags = {
Name = "data-volume"
}
}
#
resource "aws_volume_attachment" "good-morning-vol" {
device_name = "/dev/sdc"
volume_id = "${aws_ebs_volume.data-vol.id}"
instance_id = "${aws_instance.good-morning.id}"
}
The final complete terraform code should look like this.
#selecting our region for instance
provider "aws" {
region = "ap-south-1"
}
#creating security group
resource "aws_security_group" "morning-ssh-http" {
name = "morning-ssh-http"
description = "allow ssh and http traffic"
ingress {
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}
#creating aws instance
resource "aws_instance" "good-morning" {
ami = "ami-5b673c34"
instance_type = "t2.micro"
availability_zone = "ap-south-1a"
security_groups = ["${aws_security_group.morning-ssh-http.name}"]
key_name = "zoomkey"
user_data = <<-EOF
#! /bin/bash
sudo yum install httpd -y
sudo systemctl start httpd
sudo systemctl enable httpd
echo "<h1>Sample Webserver Network Nuts" | sudo tee /home/573855.cloudwaysapps.com/hfjzxghgzg/public_html/html/index.html
EOF
tags = {
Name = "webserver"
}
}
#creating and attaching ebs volume
resource "aws_ebs_volume" "data-vol" {
availability_zone = "ap-south-1a"
size = 1
tags = {
Name = "data-volume"
}
}
#
resource "aws_volume_attachment" "good-morning-vol" {
device_name = "/dev/sdc"
volume_id = "${aws_ebs_volume.data-vol.id}"
instance_id = "${aws_instance.good-morning.id}"
}
Finally, run the “terraform apply” and check the instance alongwith the elb volume. Checking attaching ebs volume to ec2 instance.
Open up your AWS dashboard, get the ssh command and use the ssh to confirm the creation and attachment of aws elb volume to our ec2 instance.
Once you are inside your ec2 instance. We can use the “fdisk -l” command to see ebs volume of 1 GiB alongwith root volume.
In next post we will see how to create partition on this ebs volume, create filesystem and mount it.
Recent Comments