Automated MultiCloud Setup on GCP & AWS - Deploying Wordpress on Kubernetes GCP cluster and DB on AWS Cloud.

Howdy People!

In this article, I've tried to build a MultiCloud setup using Terraform, GCP and AWS. Here we've deployed Wordpress over K8s on GCP and Mysql Database over AWS service.

Let's get started.

What is GCP?

Google Cloud Platform (GCP), by "Google" , is a suite of cloud computing services that runs on the same infrastructure that Google uses internally for its end-user products, such as Google Search, Gmail, file storage, and YouTube. Alongside a set of management tools, it provides a series of modular cloud services including computing, data storage, data analytics and machine learning. Registration requires a credit card or bank account details.

Task description-

• Create VPC in AWS and GCP Cloud
• Create two Subnet in AWS and one Subnet in GCP Cloud
• Create Internet Gateway , Route Table in AWS Cloud
• Associate Subnets to Router Table in AWS Cloud
• Create Security Group for Database in AWS Cloud
• Creation of Firewall in GCP Cloud
• Created one database Subnet group in AWS Cloud
• Created Database in Custom VPC and Security Group in AWS Cloud
• Created Google Container Cluster - K8s Cluster in GCP Cloud
• Launched WordPress on the top of K8s Cluster with LoadBalancer in GCP Cloud
• Attached Database running in AWS Cloud and WordPress Application running in GCP Cloud

Let's first begin with AWS Cloud-

provider "aws" {
    region = "ap-south-1"
    profile = "vibhav1"
}

//creating vpc
resource "aws_vpc" "tf_vpc" {
  cidr_block       = "192.168.0.0/16"
  instance_tenancy = "default"
  enable_dns_hostnames = true
  tags = {
    Name = "mytf-vpc"
  }
}

//two subnets in different AZ
resource "aws_subnet" "tf_subnet" {
  vpc_id     = aws_vpc.tf_vpc.id
  cidr_block = "192.168.0.0/24"
  availability_zone = "ap-south-1a"
  map_public_ip_on_launch = true


  tags = {
    Name = "subnet-1"
  }
}


resource "aws_subnet" "tf_subnet2" {
  vpc_id     = aws_vpc.tf_vpc.id
  cidr_block = "192.168.1.0/24"
  availability_zone = "ap-south-1b"
  map_public_ip_on_launch = true


  tags = {
    Name = "subnet-2"
  }
}

//creating internet gateway
resource "aws_internet_gateway" "tf_gw" {
  vpc_id = aws_vpc.tf_vpc.id


  tags = {
    Name = "my-ig"
  }
}

//creating route table
resource "aws_route_table" "tf_rt" {
    vpc_id = aws_vpc.tf_vpc.id


    route {
        gateway_id = aws_internet_gateway.tf_gw.id
        cidr_block = "0.0.0.0/0"
    }


    tags = {
        Name = "my_rt"
    }
}

//connecting route table to subnets
resource "aws_route_table_association" "tf_sub_a" {
    subnet_id      = aws_subnet.tf_subnet.id
    route_table_id = aws_route_table.tf_rt.id
}


resource "aws_route_table_association" "tf_sub_b" {
    subnet_id      = aws_subnet.tf_subnet2.id
    route_table_id = aws_route_table.tf_rt.id
}

//creating security group 

resource "aws_security_group" "tf_sg2" {
  depends_on = [ aws_vpc.tf_vpc ]
  name        = "db-sg"
  vpc_id      = aws_vpc.tf_vpc.id


  ingress {
    description = "MYSQL"
    from_port   = 3306
    to_port     = 3306
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }


  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }


  tags = {
    Name = "mysql_sg"
  }
}


resource "aws_db_subnet_group" "subnetdb" {
  name       = "db-subnet"
  subnet_ids = [ aws_subnet.tf_subnet.id , aws_subnet.tf_subnet2.id ]
}

//creating db instance
resource "aws_db_instance" "mydb" {
  
  identifier        = "mydb-tf"
  engine            = "mysql"
  engine_version    = "5.7.30"
  instance_class    = "db.t2.micro"
  allocated_storage = 10


  db_subnet_group_name    = aws_db_subnet_group.subnetdb.id


  name     = "mydb"
  username = "root"
  password = "itisme1234"
  port     = 3306


  vpc_security_group_ids = [ aws_security_group.tf_sg2.id ]


  publicly_accessible = true


  iam_database_authentication_enabled = true


  parameter_group_name = "default.mysql5.7"


  tags = {
      Name = "vibhavdb"
  }
}

Thereafter, applying "terraform init" and "terraform apply --auto-approve", our half setup will be complete.

We can verify what is done in our AWS web-console under RDS service.

Now, let's continue with Our Front-end, i.e Wordpress On GCP cloud with continuous monitoring with the help of Google Kubernetes Engine.

Let's begin with our code for GCP by giving provider in the very beginning.

provider "google" {
    //credentials = file(C:/Users/VIbhav/Desktop\Google_GCP/credentials/application_default_credentials.json)
    project     = "skilled-index-287206"
    region      = "asia-southeast1"

}

Next, create a VPC and initialise one subnet and it's firewall in it.

resource "google_compute_network" "vpc_network" {
  name                    = "myvpc-tf"
  auto_create_subnetworks = false
  routing_mode            = "REGIONAL"
}


// Subnet in Custom VPC


resource "google_compute_subnetwork" "subnet1" {
  network       = google_compute_network.vpc_network.id
  name          = "subnet-1" 
  ip_cidr_range = "192.168.0.0/24" 
  region        = "asia-southeast1"
  
}


// Firewall


resource "google_compute_firewall" "firewall" {
  name          = "firewall-tf"
  network       = google_compute_network.vpc_network.name
  source_ranges = [ "0.0.0.0/0" ]
  allow {
    protocol = "all"
  }

}

Creating container cluster and initialising node pool

resource "google_container_cluster" "gce" {
  name                     = "cluster-tf"
  location                 = "asia-southeast1"
  remove_default_node_pool = true
  initial_node_count       = 1


  network    = google_compute_network.vpc_network.name
  subnetwork = google_compute_subnetwork.subnet1.name


}

resource "google_container_node_pool" "node_pool" {
  location   = "asia-southeast1"
  name       = "mynode-tf"
  cluster    = google_container_cluster.gce.name
  node_count = 1


  node_config {
    machine_type = "n1-standard-1"
  }

}

Configuring and creating a Kubernetes cluser in which a wordpress pod would be launched

data "google_client_config" "provider" {}


data "google_container_cluster" "my_cluster" {
  name     = "cluster-tf"
  location = "asia-southeastS1"
}


provider "kubernetes" {
  load_config_file = false


  host  = "https://${data.google_container_cluster.my_cluster.endpoint}"
  token = data.google_client_config.provider.access_token
  cluster_ca_certificate = base64decode(
    data.google_container_cluster.my_cluster.master_auth[0].cluster_ca_certificate,
  )
}




resource "kubernetes_pod" "wppod" {
  metadata {
    name   = "wordpress-tf"
    labels = {
      app = "wordpress"
    }
  }


  spec {
    container {
      image = "wordpress"
      name  = "mytfwp"
    }
  }
  
}

Creating a Load Balancer Service for our K8s pod and out Public IP of Loadbalancer to access our Wordpress portal

resource "kubernetes_service" "wplb" {
  metadata {
    name = "wp-loadbalancer-tf"
  }
  spec {
    selector = {
      app    = "wordpress"
    }
    port {
      port        = 80
      target_port = 80
    }


    type = "LoadBalancer"
  }
}






output "loadbalancer_IP_Address" {
  value = "${kubernetes_service.wplb.load_balancer_ingress.0.ip}"
}

Then , We can apply the terraform Code to deploy these things .

$ "terraform apply -auto-approve"

We can access Wordpress portal by putting LoadBalancer IP in browser

Here we will provide our databse name, user, password and the aws rds hostip.

Now, we can configure our kubectl command to get nodes and pod of our GCP kubernetes Cluster by following commands.

gcloud container clusters get-credentials cluster-tf --region asia-southeast1 --project project-name 

kubectl get all

kubectl get nodes

Thanks for reading.

Do give a like, comment and a share for supporting.