- VPC
- 3 Droplets
- 1 Bastion Droplet
- Load Balancer
- Managed MongoDB Database
- Firewalls
- Tags
- Project
Every resource is on the same VPC and on the Project that is created. The 3 droplets have a firewall that only allows connections from the Bastion server and HTTP/HTTPS connections. The Database is only accessible from those 3 droplets, and from the IP you configured in the terraform.tfvars
file.
-
Install Terraform. You can install it here: https://developer.hashicorp.com/terraform/tutorials/downloads
-
Get proper values for
terraform.tfvars
file. You will need an Access Key for Digital Ocean, and your public IP if you wish to access the database cluster from outside the network. -
Run the following command to initialize Terraform:
terraform init
You can create all the resources in the file by running the following command:
terraform apply
First, you have to add the key to your host machine.
ssh-add <path_to_key>
Then, connect to the Bastion droplet.
ssh -A root@<bastion_ip>
Now, you can connect to the other droplets through the Bastion droplet.
ssh root@<droplet_ip>
I am going to use MongoDB Compass to connect to the database. If you didn't configure the your_ip
variable, you will have to connect to it through a client on the internal droplets.
You can grab the database connection string on DigitalOcean's website, on the database cluster page.
The password can be found on the file terraform.tfstate
.
You can destroy all the resources in the file by running the following command:
terraform destroy