Terraform and AWS

computing, devops, ,

Introduction:

My friend Donald Simpson recently pointed me to an entry on his blog about going through the Terraform startup instructions. I decided to follow them, and his notes; this is a description of how it went for me. Note that mine is a lot more verbose than Don’s – he’s a guru who assumes a depth of knowledge that I didn’t have! The main difference between his approach and mine is that I’ve used Windows 10 and PowerShell…

Setting up AWS:

I started this process from scratch – so, the first step for me was to set up my AWS account. I started at the How do I create and activate a new Amazon Web Services account? page – it wasn’t all plain sailing: the first problem was getting them to call me for the phone verification. How frustrating is it that you have to wait 12 hours after 3 failed attempts? Still, it was late when I started, so I paused and continued the next morning…

I created 2 users on the Management Console using the Creating Your First IAM Admin User and Group guide  – an ‘automation’ user and an ‘admin’ user – initially, I gave both admin (but, obviously, not root) access. I’m going to use the ‘automation’ user for this exercise. I set up Access Keys for them both – when you do this stage, make sure that you note the keys or download the csv file that contains them at creation time – you won’t get another chance (although you can just create a new key).

Installing Terraform:

I installed Terraform on my main PC as per the instructions in the guide – no problems there at all. I set a user environment variable TFORM to C:\Users\adam\TFORM. I checked everything was in place by running terraform:

C:\Users\adam\TFORM>terraform

terraform

Setting up the example build script:

I created a folder – terraform-intro – for this, and created the example.tf file with this content:

provider "aws" {
access_key = "ACCESS_KEY_HERE"
secret_key = "SECRET_KEY_HERE"
region = "us-east-1"
}

resource "aws_instance" "example" {
ami = "ami-2757f631"
instance_type = "t2.micro"
}

Obviously (I hope) I substituted the access key and secret key for the user I’d created. Note that the ami (Amazon Machine Image) identifier code that is captured here represents a specific machine image in a specific region – although you can use identical machine images in different regions, they will have unique identifiers.

Preparing to make the changes:

Next, I ran terraform init, then terraform plan:

C:\Users\adam\terraform-intro>terraform init

terraform-init

C:\Users\adam\terraform-intro>terraform plan

terraform-plan

The plan, if it’s not obvious, is what Terraform will look to do using the .tf file (any .tf that it finds). It uses a diff-like annotation – so ‘+‘, in this case, means an addition.

Creating AWS infrastructure:

Then I ran terraform apply to apply the changes:

C:\Users\adam\TFORM>terraform apply

terraform-apply-shortened.gif

(The sequence above has been shortened considerably) – it took about 70 seconds to run on my machine).

Confirming it worked:

Finally, I took a peek at what I’d achieved:

C:\Users\adam\TFORM>terraform show

terraform-show

Next, I took a look at the console to check what was there – I checked in EC2 section under ‘Services’: https://console.aws.amazon.com. At first, I struggled to identify my new instance using the AWS console – I couldn’t, for the life of me, understand why I couldn’t see my newly created instance on the console. What was I doing wrong? I was definitely looking at the EC2 console, but it showed 0 running instances…

aws-console-ec2

In the end it was obvious: in the top right corner you can see ‘London‘ and the URL is: https://eu-west-2.console.aws.amazon.com/ec2/v2/home?region=eu-west-2#Home:​ – but the example.tf file that was the basis of this terraform construction specified: region = "us-east-1" – changing that setting to ‘N. Virginia‘ showed a single running instance:

newinstance

Summary:

Terraform is a great way of creating infrastructure on any number of providers, and expressing it as code. Their ‘Getting Started’ example is easy to follow and there is heaps of good documentation on their site.

Next steps:

I’m going to playing with Terraform and AWS a lot in the near future, so I’ll try to get some more information about how the .tf files work, as well as some more complex examples.

MicroSoft OneNote

computing, tools

I just wanted to add a quick note about one of my new favourite tools: Microsoft OneNote. While this might not seem, at first glance, a particularly revolutionary tool, it is a simple idea that has been well-executed and it has become my first port-of-call for note taking.

Part of the reason for this is that it is available across most of the platforms I use – as well as my Windows PC and Surface tablet, it is available (for free) on Android and iPhone – it’s even available via a web interface. At some stage I’ll try to work out how to run it on Linux, but I’ll live with using it in a VM or via a browser for now.

It allows sharing of notes via OneDrive, which is a great way of collaborating. It’s a great place to collect resource URLs together. Crucially, it has a simple mechanism for creating links to its own pages, and that has allowed me to create my own internal wiki-like documents.

It supports text, handwriting, free-form diagrams, embedded images (and other media). On the surface, it supports the Pen. It will convert handwriting to text and hand drawn shapes to shape objects. It will convert hand written mathematical formulae, too. It has built in OCR that will convert text in images and make it searchable. I’m sure there is functionality that I’ve yet to discover…

And, best of all, it is totally free!

 

Our new home network

computing, ,

We live in an old – about 150 years – stone house in Edinburgh. We’ve long suffered from a poor wifi signal – the combination of several factors, including:

  • the old brick internal walls;
  • using a Virgin Media “Super”Hub;
  • the location where this sits.

Over several cycles of DIY I’ve run cat5e cabling to upstairs (where our home office was situated, in the spare bedroom) and the living room (where the TV, stereo and PS3 live). This made it possible to run gigabit ethernet, which made working from home much more palatable.

A few months ago, we decided to convert the box room downstairs from a general workshop and storage room into a proper home office, location for my small dev lab and for me to start playing around a bit more (and in a controlled environment!) with Arduino and my Raspberry Pi. At the same time, we discovered that some work our downstairs neighbour had done (badly) a few years ago meant that we needed to strip plaster to do some remediation work – it was a great opportunity to run some cable (cat6 this time) through to what would be the new office.DSC_0009_1

Once this was all finished, I decided that it was time to do something about the awful wifi. A small amount of research suggested that there was a crossover between the cheap end of commercial kit and the high-end of consumer kit and a bit more digging led me to an article on Ars Technica about Ubuiti Unifi.

I ended up getting 3 (total overkill, but I got a deal) AC Lite Access Points and a Security Gateway – the Virgin SuperHub was switched to modem only mode, and the Security Gateway took over routing. I set up the UniFi controller software on a Raspberry Pi, following these excellent instructions.

Now, not only do we have awesome wifi – the biggest issue is that phones remain connected to the network quite a way down the street, long after their puny radios can no longer send signals back – but the controller gives me a superb dashboard, including deep-packet inspection:

2017-11-07 16_07_34-UniFi.jpg

I’m still finding out what is possible…

An introduction

Uncategorized

Hi folks,

This blog is intended to capture some of my efforts to set up my home software development lab – I’m mostly interested in the technologies around DevOps – some small microelectronics projects using my Arduino board, playing with Raspberry Pis and the occasional nod to my love of cycling.

Adam…