Thursday, July 1, 2021

AWS Lab - Multi-Region Network

Hey folks,

In the last few weeks, I've been working in a lab to help me studying and testing new ideas.

The main requirements for me were to create a lab that was easy to deploy/destroy with one command so I would only pay for those resources while testing some ideas.

The Lab in the repo will help you to deploy and destroy a Global Network in AWS with only one command. It does require some initial setup but nothing too long or complicated.

Lab Features

- Isolation between Dev and Prod environments is achieved by using Transit Gateways Routing Tables.

- 4 Regions

- 2 x Dev VPCs + 2 x Prod VPCs per region

- Fully meshed TGW Peering for full redundancy

- You can access EC2s via SSH to test connectivity from region to region.

- Extra: Invoking an AWS Lambda from Terraform to tag the TGW Attachment Names. (Only used in cell0000 - eu-west-2)

While working in this lab, there were a few things I learned and noticed:

- The more I use Terraform, the more I like CDK. At some point, I'd love to migrate this deployment to CDK or Pulumi and see what challenges I find in the process.

- DRY code in Terraform is tough. There seem to be some ways to help with this problem, like Terragrunt or even using Terraform modules but my main focus was to build the lab and advance with my studies.

- Terraform does generally a great job at keeping the state and the dependencies of the resources, but sometimes you need to work around problems by using depends_on to tell Terraform to actually wait for other resources to be created.

- Prefix Lists in AWS: I could only use them for the TGW Peering Connections as the exit path would always go via the TGW Peering connection. However, I wish there was a way to create a prefix-list without a Next-hop. For example, a way to easily propagate all the Prod TGW Attachments by associating them with Prefix lists and then use that prefix-list to propagate routes into the Prod Transit Gateway Route Table. Similar to how you associate an ACL with a route-map and use that route-map to import routes into your routing table.

All in all, this has been a pretty fun experience. If you are learning about AWS, I'll leave you the repo so you can play with it and modify it to your liking.

https://github.com/danielmacuare/aws-net/tree/master/terraform/tgw-multi-region



at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)