-
Notifications
You must be signed in to change notification settings - Fork 49
/
Copy pathsession-26.txt
125 lines (92 loc) · 2.43 KB
/
session-26.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
Module development
-------------------
DRY --> don't repeat yourself
min code
code reuse
variables -->
functions
write resource definition
left side options are from documentation, you can't change option names
right side are values, we can give as per project requirement.
keep variales and their default values
override if required
function --> block of code
call the function when require --> provide inputs if require
advantages
-----------
code reuse
best practices can be implemented and forced to use
easy to maintain/update
we can keep few restrictions based on company guidelines
Module developers --> they create tf code with best practices
Module users --> they use the module code
1. custom module development
2. open source modules
VPC(virtual private cloud)
--------------------------
they have to buy servers.
deploy the code in servers
development --> only dev servers
testing team --> only QA servers
production support --> limited access to prod servers
call center --> just internal apps
devops --> full access to all servers
linux admin --> all servers access
data center
--------------
space
watchman
network
resources
maintainance
logicial seperation of servers
power
VPC
----------------
VPC is like a mini data center for a project. resources created inside VPC are isolated and private to ourself.
VPC Name = village name
VPC CIDR = village pincode
subnets = streets
arch = internet gateway
routes = roads
public and private subnets
----------------------------
subnets which are connected to internet gateway are called public subnets
subnets which are not connected to internet gateway are called private subnets...
route tables and routes
192.168.1.3
Ip address --> 32 bits
4 octates --> each octate 8 bits
2^32 IP addresses possible
10.0.0.0/16 --> first 16 bits are fixed, you are not allowed to change
10.0 --> fixed
each octate range --> 0 - 255
10.0.0.1
10.0.0.2
.
.
.
.
10.0.0.255
10.0.1.0
10.0.1.1
.
.
10.0.1.255
256*256 = 2^16 = 64,000
10.0.1.0/24 --> 10.0.1 is fixed. You can change last octate
10.0.1.0, 10.0.1.1, 10.0.1.2 .... 10.0.2.255 --> 2^8 IP address possible
10.0.2.0/24, 10.0.3.0/24, 10.0.11.0/24
256 subnets can be created with this logic
created VPC
created igw
attached igw to VPC
created public subnet
created private subnet
create db subnet
frontend --> public
backend --> private
db --> private. we create in db subnet
2 subnets --> 1a and 1b
2 private subnets --> 1a and 1b
2 db subnets --> 1a and 1b