Use Terraform to create a PHP tech stack with CDN and Application Security from Akamai in less than 30 minutes
'Build, Deliver and Secure with Akamai', a series of developer use-cases optimizing their tech stack with Cloud Computing, CDN, and App & API Security
In 2022, I helped Ludum Dare, the largest online game jam community, improve their web application and API microservices architecture to be better performing, more secure, and more scalable.
I outlined the 'why' in a previous blog post. Today, I will show you how to easily replicate this architecture using the Terraform code examples I created for this project.
Here’s a quick refresher on the Ludum Dare architecture. Ludum Dare uses Linode, Akamai's Cloud Computing platform to manage several PHP servers that host the web application and API microservices.
DNS, HTTPS Certificates, Content Delivery, and perhaps most importantly, Web Application and API Protection are all managed by Akamai.
Akamai and Linode both have Verified HashiCorp Terraform providers to manage your infrastructure as code making it the perfect tool to spin up everything we need in one go. No need to login to multiple UIs and click around, all we need is a code editor and Terraform installed.
We need valid Akamai and Linode accounts and API tokens set up of course to authenticate everything.
Time to build
You can find the Terraform Code Examples that I created on the Akamai GitHub Terraform Code Example on GitHub
There is a 10-minute video tutorial that you can watch that shows all the steps in action as well.
Let's recap on what this creates. This template is used together with the Akamai Terraform Provider and the Linode Terraform Provider and will create:
- A Linode instance
- An Akamai CDN configuration
- An Akamai Application Security configuration
DNS is not included, but you could easily use Akamai Edge DNS, Linode DNS, or any type of DNS record management tool to map your hostname to Akamai.
The GitHub README will have specific step-by-step instructions and recommendations on how to fill in the Terraform variables that help spin up the Linode PHP server and set up the Akamai CDN and AppSec configurations, so I won't repeat them here.
The importance of Infrastructure as Code
The power of Terraform really lies in how easy it is to tie things together. After creating the Linode server, you can use the Linode IP address as the Origin Server setting in the Akamai CDN configuration. All of this can be automated with variables. You can also use Linode StackScripts to fully script any type of action, software installation, or patching you want done on new cloud server.
Of course, as a seasoned DevOps and DevSecOps engineer, I make sure to back up this entire project on GitHub, relying on the VSCode plugins.
Starting with a single server is where it all starts for many of us to host our web applications or API microservices. Having a fully integrated content delivery and application security solution running on top of it to have a better performing, highly available, and more secure tech stack will be critical as you grow your infrastructure in size and users.
In the decade that I have worked at Akamai, I have seen many start-ups or small organizations whose tech stack buckled when they achieve global growth or they risk getting attacked.
Preventive measures are typically recommended as they prevent brand and financial damage. These days, with data leaks being fined by governments, it is important to secure your applications and data properly.
Luckily, Terraform is there to make it all a lot easier to manage these solutions.
I hope you have enjoyed this first installment of "Build, Deliver and Secure with Akamai" highlighting the work I have done with Ludum Dare in 2022. In 2023, I am looking to do more installments and highlight different developer use cases that rely on Akamai.
If you missed any of the previous videos or blogs, you can find them here:
With this being the last video and blog from my side in 2022, I just wanted to thank you for your support throughout the year! When this year started, there was no blog up and running yet. Looking at the views and stats, it shows that the content I create is of interest to you and I hope it has been educational.
If there is anything I can do to help you improve your infrastructure, feel free to reach out to me! See you all again in 2023 as there is plenty more to ... Build, Deliver and Secure! /Mike