Global Traffic Manager

In this case, we will use a DNS record to point at the public IP addresses of both instances. This creates a Global Traffic Manager (GTM) service in front of them by adding this to the bottom of main.tf:

# Global Traffic Management using DNS
resource "aws_route53_record" "www" {
  zone_id = "${aws_route53_zone.book.zone_id}"
  name = "www.book.cloudpatterns.cuk"
  type = "A"
  ttl = "300"
  records = [
    "${aws_instance.cheap_worker.public_ip}",
    "${aws_instance.cheap_worker_west.public_ip}"
  ]
}

Run your terraform plan command and then terraform apply -auto-approve (since I'm getting tired of typing yes at the prompt). You should see an instance running in each region and a new DNS record in Route 53. Let's try to access the https://www.book.cloudpatterns.uk URL. The Bitnami image listens on port 80 and 443 by default, but you can't get to them! We need to allow inbound traffic on the HTTP(S) ports. Let's create our first security groups. We want one in each region—use vpc.tf for this:

resource "aws_default_security_group" "default" {
  vpc_id = "${aws_vpc.mainvpc.id}"
  
  ingress {
    from_port = 80
    to_port = 80
    protocol = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }
  ---------------------------------------------------------------------

  egress {
    from_port = 0
    to_port = 0
    protocol = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }
}

resource "aws_default_security_group" "default_west" {
  vpc_id = "${aws_vpc.mainvpc_west.id}"
  provider = "aws.west"
  
  ingress {
    from_port = 80
    to_port = 80
    protocol = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }
  
-----------------------------------------------------------------------

  egress {
    from_port = 0
    to_port = 0
    protocol = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }
}

Chapter 4, Security - Ensuring the Integrity of Your Systems, will explain what's happening in that code. Re-run your plan and apply it. Refresh your browser and you should see the welcome screen:

Now you have a globally distributed WordPress deployment. Unfortunately, you have to wait until the Persistence Patterns section for us to be able to keep the data synchronized.