If you are reading this, you are going good. We have already created EC2 instance using terraform and then configured webserver using user data via terraform.

Now its the time for attaching ebs volume to ec2 instance using terraform. AWS EBS volume should be used to store data irrespective of lifecycle of ec2 instance.

An Amazon EBS volume is a durable, block-level storage device that you can attach to a single EC2 instance. You can use EBS volumes as primary storage for data that requires frequent updates, such as the system drive for an instance or storage for a database application. You can also use them for throughput-intensive applications that perform continuous disk scans. EBS volumes persist independently from the running life of an EC2 instance.

After a volume is attached to an instance, you can use it like any other physical hard drive. EBS volumes are flexible. For current-generation volumes attached to current-generation instance types, you can dynamically increase size, modify the provisioned IOPS capacity, and change volume type on live production volumes.

Amazon EBS provides the following volume types: General Purpose SSD (gp2), Provisioned IOPS SSD (io1), Throughput Optimized HDD (st1), Cold HDD (sc1), and Magnetic (standard, a previous-generation type).

Benefits of using EBS Volumes

1. Data availability

When you create an EBS volume in an Availability Zone, it is automatically replicated within that zone to prevent data loss due to failure of any single hardware component. After you create a volume, you can attach it to any EC2 instance in the same Availability Zone. After you attach a volume, it appears as a native block device similar to a hard drive or other physical device. At that point, the instance can interact with the volume just as it would with a local drive. The instance can format the EBS volume with a file system, such as ext3, and then install applications.

2. Data persistence

An EBS volume is off-instance storage that can persist independently from the life of an instance. You continue to pay for the volume usage as long as the data persists.

EBS volumes that are attached to a running instance can automatically detach from the instance with their data intact when the instance is terminated if you uncheck the Delete on Termination checkbox when you configure EBS volumes for your instance on the EC2 console. The volume can then be reattached to a new instance, enabling quick recovery.

By default, the root EBS volume that is created and attached to an instance at launch is deleted when that instance is terminated. You can modify this behavior by changing the value of the flag DeleteOnTermination to false when you launch the instance. This modified value causes the volume to persist even after the instance is terminated, and enables you to attach the volume to another instance.

3. Data encryption

For simplified data encryption, you can create encrypted EBS volumes with the Amazon EBS encryption feature. All EBS volume types support encryption. You can use encrypted EBS volumes to meet a wide range of data-at-rest encryption requirements for regulated/audited data and applications. Amazon EBS encryption uses 256-bit Advanced Encryption Standard algorithms (AES-256) and an Amazon-managed key infrastructure.

4. Snapshots

Amazon EBS provides the ability to create snapshots (backups) of any EBS volume and write a copy of the data in the volume to Amazon S3, where it is stored redundantly in multiple Availability Zones. The volume does not need to be attached to a running instance in order to take a snapshot. As you continue to write data to a volume, you can periodically create a snapshot of the volume to use as a baseline for new volumes. These snapshots can be used to create multiple new EBS volumes or move volumes across Availability Zones. Snapshots of encrypted EBS volumes are automatically encrypted.

Amazon EBS Volume Types

Amazon EBS provides the following volume types, which differ in performance characteristics and price, so that you can tailor your storage performance and cost to the needs of your applications. The volumes types fall into two categories:

1. SSD-backed volumes optimized for transactional workloads involving frequent read/write operations with small I/O size, where the dominant performance attribute is IOPS

2. HDD-backed volumes optimized for large streaming workloads where throughput (measured in MiB/s) is a better performance measure than IOPS

Now lets start attaching ebs volume to ec2 instance using terraform. I will divide the whole terraform into 4 steps. Create a file ec2-elb-instance.tf using your favourite editor. I am using “vim”

Attaching EBS Volume to EC2 Instance using Terraform

Step #1 – Selecting the AWS region you want your ec2 instance. I am using India region (ap-south-1)

attaching ebs volume to ec2 instance using terraform
Choosing AWS region where to host our resource
provider "aws" {
  region = "ap-south-1"
}

Step #2 – Configuring security group to allow ssh and http access. Though we need only ssh access to verify the attached ebs volume.

aws security group using terraform
creating security group to allow access to ssh and http

Use the code if you don’t wish to type now. But I won’t recommend it. Still go ahead 🙂

resource "aws_security_group" "morning-ssh-http" {
  name        = "morning-ssh-http"
  description = "allow ssh and http traffic"

  ingress {
    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }


  ingress {
    from_port   = 80
    to_port     = 80
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  egress {
    from_port       = 0
    to_port         = 0
    protocol        = "-1"
    cidr_blocks     = ["0.0.0.0/0"]
  }
}

Step #3 – Create the aws instance using terraform. Must specify the availability zone and note the value, as we will be using the same AZ to have our ebs volume. As a general rule, the ec2 instance and ebs volume must be in the same AZ to avoid latency issues.

attaching ebs volume to ec2 instance using terraform
aws instance code using terraform

Use the code to create aws instance using terraform

resource "aws_instance" "good-morning" {
  ami               = "ami-5b673c34"
  instance_type     = "t2.micro"
  availability_zone = "ap-south-1a"
  security_groups   = ["${aws_security_group.morning-ssh-http.name}"]
  key_name = "zoomkey"
  user_data = <<-EOF
                #! /bin/bash
                sudo yum install httpd -y
                sudo systemctl start httpd
                sudo systemctl enable httpd
                echo "<h1>Sample Webserver Network Nuts" | sudo tee  /var/www/html/index.html
  EOF


  tags = {
        Name = "webserver"
  }

}

Step #4 – Finally, create the ebs volume and connect it to our ec2 instance using terraform code.

attaching ebs volume to ec2 instance using terraform
creating and attaching ebs volume of 1GiB to aws instance

Use the code to complete attaching ebs volume to ec2 instance using terraform.

resource "aws_ebs_volume" "data-vol" {
 availability_zone = "ap-south-1a"
 size = 1
 tags = {
        Name = "data-volume"
 }

}
#
resource "aws_volume_attachment" "good-morning-vol" {
 device_name = "/dev/sdc"
 volume_id = "${aws_ebs_volume.data-vol.id}"
 instance_id = "${aws_instance.good-morning.id}"
}

The final complete terraform code should look like this.

#selecting our region for instance
provider "aws" {
  region = "ap-south-1"
}

#creating security group
resource "aws_security_group" "morning-ssh-http" {
  name        = "morning-ssh-http"
  description = "allow ssh and http traffic"

  ingress {
    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  ingress {
    from_port   = 80
    to_port     = 80
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  egress {
    from_port       = 0
    to_port         = 0
    protocol        = "-1"
    cidr_blocks     = ["0.0.0.0/0"]
  }
}

#creating aws instance
resource "aws_instance" "good-morning" {
  ami               = "ami-5b673c34"
  instance_type     = "t2.micro"
  availability_zone = "ap-south-1a"
  security_groups   = ["${aws_security_group.morning-ssh-http.name}"]
  key_name = "zoomkey"
  user_data = <<-EOF
                #! /bin/bash
                sudo yum install httpd -y
                sudo systemctl start httpd
                sudo systemctl enable httpd
                echo "<h1>Sample Webserver Network Nuts" | sudo tee  /var/www/html/index.html
  EOF


  tags = {
        Name = "webserver"
  }

}

#creating and attaching ebs volume

resource "aws_ebs_volume" "data-vol" {
 availability_zone = "ap-south-1a"
 size = 1
 tags = {
        Name = "data-volume"
 }

}
#
resource "aws_volume_attachment" "good-morning-vol" {
 device_name = "/dev/sdc"
 volume_id = "${aws_ebs_volume.data-vol.id}"
 instance_id = "${aws_instance.good-morning.id}"
}

Finally, run the “terraform apply” and check the instance alongwith the elb volume. Checking attaching ebs volume to ec2 instance.

terraform training delhi
terraform apply command

Open up your AWS dashboard, get the ssh command and use the ssh to confirm the creation and attachment of aws elb volume to our ec2 instance.

confirm the creation of ec2 instance and do ssh

Once you are inside your ec2 instance. We can use the “fdisk -l” command to see ebs volume of 1 GiB alongwith root volume.

attaching ebs volume to ec2 instance using terraform
attaching ebs volume to ec2 instance using terraform

In next post we will see how to create partition on this ebs volume, create filesystem and mount it.