Saturday, May 10, 2025

Terraform and Maven

 Terraform and Maven

Class 20th Terraform and Maven May 10 th(Devops)

Last class ,We have done git changes committed, after committed change will move  automatically 

HCP terraform plan will executed and after confirm and apply AWS resources are creating  succefully

HCP we have some policies also

We have Cost estimation also in HCP while you creating AWS resource it will communicate to the AWS cost portal,took the detail and publish in HCP 

             Cost Estimation Process 

Step1: Settings> Go Organization >click top most left hand side Hashcorp Icon/logo

Enable the Cost estimation click update settings 


Whatevery your trying create resource it will give you rough estimation 

Step2: Create Ec2 server, modify in git .tf file ,Click commit changes

Step3: Plan completed Cost estimated 

Step4: I have added 2 count of instance ,it was below cost estimation Monthly  $17.26 Dollar 2 instance
,as of now we are in free , after 12 months it will charge 

                                                                     Policies
HCP >Settings >Click logo > Policies >Create new policy 

 We need give instruction to HCP before creating instance resource, instance type,configuration(VPC)  cdr block limitation ..etc, those purpose we use policies 

Policy (If you create the policy it will applicable to complete project level)
Sentinel (it is complete HCP related,it will support terraform )
Open Policy Agent (it is related generic )
Just reference 
https://github.com/hashicorp/terraform-sentinel-policies

here Advisory ( it give advice which is you not follow the policy)
       Soft mandatory(even not follow ,it will apply your process will not stop)
       Hard mandatory(restrict must follow the policy,if not process will fail)

Step1:


Below for S3 bucket policy give tags name,project mandatory, select hard mandatory

import "tfplan"

# Warning, this is case sensitive.  
# This is on purpose especially for organizations that do cost analysis on tag names.
# where case sensitivity will cause grouping issues

mandatory_tags = [
  "Name", 
  "Project",
]

# Get all AWS S3 buckets contained in all modules being used
get_aws_s3_buckets = func() {
    buckets = []
    for tfplan.module_paths as path {
        buckets += values(tfplan.module(path).resources.aws_s3_bucket) else []
    }
    return buckets
}
    
aws_s3_buckets = get_aws_s3_buckets()

# S3 bucket tag rule
s3_bucket_tags = rule {
    all aws_s3_buckets as _, buckets {
        all buckets as index, r {
            all mandatory_tags as t {
                r.applied.tags contains t
            }
        }
    }
}

main = rule {
    (s3_bucket_tags) else true
}
Past the code in policy code then click> create policy

Step2: After create policy, Need to create policy sets >Select Individually managed policies 
if give particular workspace , we can choose else complete globally for all workspaces, select globally 
click next 


 Choose your policy ,connect policy set 

 Sentinel Policy set done, Pratical

Step3: S3 bucket tags are mandatory, As above policy two tags are mandatory ,we can try give only one tag, see hard monitory, failed or not ,below git code committed

provider "aws" {
  region = "eu-west-1"
}
resource "aws_s3_bucket" "ccitbucket" {
  bucket = "ccitaprilmay11"
 tags = {
   Name = "cpbucket"
       }
}

You see below plan executed success but Sentinel policy failed
Step4: After added second tag porject and git commit,HCP Sentinel policy passed ,Confirmation to apply
provider "aws" {
  region = "eu-west-1"
}
resource "aws_s3_bucket" "ccitbucket" {
  bucket = "ccitaprilmay11"
 tags = {
   Name = "cpbucket"
   Project ="ccitproject"
       }
}
AWS console s3 bucket created
            
Ec2 Sentinel policy 

import "tfplan"

# Warning, this is case sensitive.  
# This is on purpose especially for organizations that do cost analysis on tag names.
# where case sensitivity will cause grouping issues

mandatory_tags = [
  "Name", 
  "Project",
]

# Get all AWS instances contained in all modules being used
get_aws_instances = func() {
    instances = []
    for tfplan.module_paths as path {
        instances += values(tfplan.module(path).resources.aws_instance) else []
    }
    return instances
}
    
aws_instances = get_aws_instances()

# Instance tag rule
instance_tags = rule {
    all aws_instances as _, instances {
    all instances as index, r {
            all mandatory_tags as t {
                r.applied.tags contains t
            }
        }
    }
}

main = rule {
    (instance_tags) else true
}

Step1: Create new policy and policy set in Workspace  
Created Instance-sentinel-policy 

Set the existing policy sets 
Step2: Git code modified and do commit, if any previous runs pending discard and continue

provider "aws" {
  region = "eu-west-1"
}
resource "aws_instance" "aws_instanceind" {
ami = "ami-04e7764922e1e3a57"
instance_type= "t2.micro"
subnet_id     = "subnet-0477e85088645156b"
}


Step3:
provider "aws" {
  region = "eu-west-1"
}
resource "aws_instance" "aws_instanceind" {
ami = "ami-04e7764922e1e3a57"
instance_type= "t2.micro"
subnet_id     = "subnet-0477e85088645156b"
tags = {
   Name = "cpbucket"
   Project ="ccitproject"
       }
}
Sentinel Passed  after added tags in git commited and confirm apply


See new instance create successfully


For Destroy ,Same process after plan completed ,confirm apply

 AWS console and destroy in workspace applied instance terminated successfully.


Terraform  many limitation on based on usages


                                                             -- Terraform completed 

                                                                 Maven
Maven is Build tools for the java, whatevery you source code once you build run files are create,
those run file ,we can use and host the application( only run time file only)
microsoft msbuild the use
encrypted file 
java - .jar /.war/ .ear build files 
.net  .dll 

Maven:

Maven Installation

https://downloads.apache.org/maven/maven-3/3.9.9/binaries/ 

Copy link adddress 

wget https://downloads.apache.org/maven/maven-3/3.9.9/binaries/apache-maven-3.9.9-bin.tar.gz

[root@ip-10-0-1-168 ~]# mkdir mywebapp

[root@ip-10-0-1-168 mywebapp]# wget https://downloads.apache.org/maven/maven-3/3.9.9/binaries/apache-maven-3.9.9-bin.tar.gz

apache-maven-3.9.9-bin.tar.gz

[root@ip-10-0-1-168 ~]# tar -xvzf apache-maven-3.9.9-bin.tar.gz

[root@ip-10-0-1-168 ~]# sudo mv apache-maven-3.9.9  /opt/maven

[root@ip-10-0-1-168 mywebapp]# export M2_HOME=/opt/maven

[root@ip-10-0-1-168 mywebapp]# export PATH=$M2_HOME/bin:$PATH

[root@ip-10-0-1-168 mywebapp]# source ~/.bashrc

[root@ip-10-0-3-152 ec2-user]# yum install -y java-17-amazon-corretto-devel
[root@ip-10-0-1-168 mywebapp]# mvn --version
Apache Maven 3.9.9 (8e8579a9e76f7d015ee5ec7bfcdc97d260186937)
Maven home: /opt/maven
Java version: 17.0.15, vendor: Amazon.com Inc., runtime: /usr/lib/jvm/java-17-amazon-corretto.x86_64
Default locale: en_US, platform encoding: UTF-8
OS name: "linux", version: "5.10.236-227.928.amzn2.x86_64", arch: "amd64", family: "unix"
[root@ip-10-0-1-168 mywebapp]# cat  vim pom.xml
cat: vim: No such file or directory
<project xmlns="http://maven.apache.org/POM/4.0.0"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">

  <modelVersion>4.0.0</modelVersion>

  <!-- Inherit from Spring Boot Parent -->
  <parent>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-parent</artifactId>
    <version>3.0.5</version>
    <relativePath/>
  </parent>

  <groupId>com.example</groupId>
  <artifactId>mywebapp</artifactId>
  <version>0.0.1-SNAPSHOT</version>
  <packaging>jar</packaging>

  <name>My Spring Boot Web App</name>
  <description>Cloud Computing in Telugu Web Application</description>

  <properties>
    <java.version>17</java.version>
  </properties>

  <dependencies>
    <!-- Spring Boot Web Starter (includes embedded Tomcat) -->
    <dependency>
      <groupId>org.springframework.boot</groupId>
      <artifactId>spring-boot-starter-web</artifactId>
    </dependency>
    <!-- Thymeleaf Starter for HTML templating -->
    <dependency>
      <groupId>org.springframework.boot</groupId>
      <artifactId>spring-boot-starter-thymeleaf</artifactId>
    </dependency>
  </dependencies>

  <build>
    <plugins>
      <!-- Spring Boot Maven Plugin to build an executable jar -->
      <plugin>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-maven-plugin</artifactId>
      </plugin>
    </plugins>
  </build>

</project>

[root@ip-10-0-1-168 mywebapp]# mkdir -p src/main/java/com/example
[root@ip-10-0-1-168 mywebapp]# vim src/main/java/com/example/App.java
[root@ip-10-0-1-168 mywebapp]# cat src/main/java/com/example/App.java
package com.example;

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.GetMapping;

@SpringBootApplication
@Controller
public class App {

    public static void main(String[] args) {
        SpringApplication.run(App.class, args);
    }

    @GetMapping("/")
    public String home(Model model) {
        // Pass the header text to the view
        model.addAttribute("header", "Cloud Computing in Telugu");
        return "index"; // Return the index.html template
    }
}
[root@ip-10-0-1-168 mywebapp]# mvn clean package

[INFO] Replacing main artifact with repackaged archive
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time:  11.507 s
[INFO] Finished at: 2025-05-13T19:57:59Z
[INFO] ------------------------------------------------------------------------
[root@ip-10-0-1-168 mywebapp]# yum install tree -y
[root@ip-10-0-1-168 mywebapp]# tree
.
├── apache-maven-3.9.9-bin.tar.gz
├── pom.xml
├── src
│   └── main
│       └── java
│           └── com
│               └── example
│                   └── App.java
└── target
    ├── classes
    │   └── com
    │       └── example
    │           └── App.class
    ├── generated-sources
    │   └── annotations
    ├── maven-archiver
    │   └── pom.properties
    ├── maven-status
    │   └── maven-compiler-plugin
    │       └── compile
    │           └── default-compile
    │               ├── createdFiles.lst
    │               └── inputFiles.lst
    ├── mywebapp-0.0.1-SNAPSHOT.jar
    └── mywebapp-0.0.1-SNAPSHOT.jar.original

[root@ip-10-0-1-168 mywebapp]# mvn spring-boot:run
[root@ip-10-0-1-168 mywebapp]#mkdir -p src/main/resources/templates/
[root@ip-10-0-1-168 mywebapp]# cd src/main/resources/templates/
[root@ip-10-0-1-168 mywebapp]#vi index.html
<!DOCTYPE html>
<html xmlns:th="http://www.thymeleaf.org">
<head>
    <title>Home</title>
</head>
<body>
    <h1 th:text="${header}">Fallback Header</h1>
</body>
</html>
[root@ip-10-0-1-168 mywebapp]# java -jar target/mywebapp-0.0.1-SNAPSHOT.jar --server.address=0.0.0.0 --server.port=8080

Take Public IP:



[root@ip-10-0-1-168 target]# aws s3 cp "./mywebapp-0.0.1-SNAPSHOT.jar" "s3://ccitsamplebucket123" --region "eu-west-1"
upload: ./mywebapp-0.0.1-SNAPSHOT.jar to s3://ccitsamplebucket123/mywebapp-0.0.1-SNAPSHOT.jar

Move the .jar file  s3 bucket prior you need admin role attached to Ec2 instance 
using this .jar with maven  build ,just execute the java file launch the website.

[root@ip-10-0-1-168 target]# aws s3 cp "./mywebapp-0.0.1-SNAPSHOT.jar" "s3://ccitsamplebucket123" --region "eu-west-1"
upload: ./mywebapp-0.0.1-SNAPSHOT.jar to s3://ccitsamplebucket123/mywebapp-0.0.1-SNAPSHOT.jar
aws S3 bucker console 


Build file using that launch the website

For Java build file .jar 

Dotnet .ddl 

Alternatives for maven (Gradle,Apache Ant,Bazel,Buildr)

 --Thanks 




                                                                                                                     
by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)