Scribd
Upload
18 views

VPC Tutorial

Vpc tour

Uploaded by

rag.21.2k3
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
18 views

VPC Tutorial

Vpc tour

Uploaded by

rag.21.2k3
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 12

Cloud Plus Plus Services

Configure Custom Amazon VPC and provision web server in public subnet
of the VPC.

Objectives:

1. Learn to design and implement custom Amazon VPC.


2. Learn to provision a web server in public subnet.
3. Learn to provision NAT gateway.

Step 1: In AWS Management Console, go to VPC service. In VPC side Panel, click
Your VPCs. Your default VPC is visible in this window. Click on Create VPC.

In VPC settings:

Name tag – myVPC

IPv4 CIDR block – 10.0.0.0/16

Keep rest default, scroll down and click on Create VPC. In the next successful
creation window, click on Actions -> Edit DNS Hostnames.

www.cloud-plusplus.com/aws-training

Page 1|
Cloud Plus Plus Services
Check the Enable box and Save changes.

Step 2: Go back to VPC dashboard. Click on Subnets. Here there would be existing
subnets of default VPC. Click on Create Subnets.

Select myVPC from drop down.

Configure Subnet settings as follows:

Subnet Name: myPublicSN

Availability Zone: ap-south-1a

(The above values may vary according to your own region, subnets and
requirements)

IPv4 CIDRs: 10.0.0.0/24

www.cloud-plusplus.com/aws-training

Page 2|
Cloud Plus Plus Services

Keep the rest values default, scroll down and click on Create Subnet.

Select the myPublicSN, go to Actions -> Modify auto-assign IP settings

Check the Enable auto assign public IPv4 address. And click Save.

www.cloud-plusplus.com/aws-training

Page 3|
Cloud Plus Plus Services
Go back to Subnets, click on Create Subnets. Select myVPC from drop down.

Configure private subnet according to following configurations:

Subnet Name: myPrivateSN

Availability Zone: ap-south-1b

(The above values may vary according to your own region, subnets and
requirements)

IPv4 CIDRs: 10.0.1.0/24

Step 3: In VPC console side panel, go to Internet Gateways. Click on Create internet
gateway.

Provide Name tag – myIGW.

Keep the defaults as is, scroll down and click on Create internet gateway.

In the successful creation window, click on Actions -> Attach to VPC.

www.cloud-plusplus.com/aws-training

Page 4|
Cloud Plus Plus Services
Select myVPC from drop down and click on Attach internet gateway.

Step 4: Go back to VPC service console. Select Route Tables. Here we create 2 route
tables.

Click on Create route table.

Provide following configurations:

Name Tag – PublicRT

VPC – myVPC (from drop down)

Click on Create button.

www.cloud-plusplus.com/aws-training

Page 5|
Cloud Plus Plus Services
Follow the same procedure to create Private route table.

Go back to Route Tables. Click on Create route table.

Provide following configurations:

Name Tag – PrivateRT

VPC – myVPC (from drop down)

Click on Create button.

Step 5: Go back to Subnets. Select myPublicSN. Go to Actions -> Edit route table
associations.

Select the PublicRT from drop down. Click on Save.

Go to Actions -> Edit Routes.

www.cloud-plusplus.com/aws-training

Page 6|
Cloud Plus Plus Services
Configure as follows:

Destination: 0.0.0.0/0

Target: myIGW (from drop down)

Click on Save Routes.

Go back to Subnets. Select myPrivateSN. Go to Actions -> Edit route table


associations.

Select the PrivateRT from drop down. Click on Save.

Step 6: In VPC console side panel, click Security Groups under Security.

Click on Create security group.

Configure it as follows:

Security group name: MyWebServerSG

Description: Security Group for EC2 Webserver in custom VPC

Select myVPC from drop down.

www.cloud-plusplus.com/aws-training

Page 7|
Cloud Plus Plus Services
Add three rules under Inbound Rules:

1. Type: HTTP
Source: 0.0.0.0/0
2. Type: HTTP
Source: ::/0
3. Type: SSH
Source: 0.0.0.0/0

After adding the rules, scroll down and click on Create security group.

Now also create a database security group. Go to Security Groups under Security.

Click on Create security group. Configure it as follows:

Security group name: MyDatabaseSG

Description: Security Group for RDS Database in custom VPC

Select myVPC from drop down.

Add three rules under Inbound Rules:

1. Type: SSH
Source: 0.0.0.0/0
2. Type: MYSQL/Aurora
Source: MyWebServerSG (The Security group created above for ec2
webserver instance creation)

After adding the rules, scroll down and click on Create security group.

www.cloud-plusplus.com/aws-training

Page 8|
Cloud Plus Plus Services
Step 7: In VPC console, go to NAT Gateways. Click on Create NAT gateway.

Configure as follows:

Name: myNATGW

Subnet: myPublicSN

Elastic IP allocation ID: Select the Allocate Elastic IP option

Scroll down and click on Create NAT gateway.

Go back to Route Tables. Select PrivateRT. Go to Action -> Edit Routes.

Add route with following configuration:

Destination: 0.0.0.0/0

Target: myNATGW

Click on Save routes.

www.cloud-plusplus.com/aws-training

Page 9|
Cloud Plus Plus Services

Step 8: In AWS console go to EC2 services. Select Instances.

Click on Launch instances.

Select Linux 2 AMI.

In next step keep the default t2.micro.

In next step, Configure Instance Details, select:

Network: myVPC

Subnet: myPublicSN

Scroll down to Advanced Details. Under User data, in the text box, provide the
following script:

#!/bin/bash
yum -y update
yum -y install httpd
chkconfig httpd on
service httpd start
echo "<html><h1>Hello! How are You? This is your Web
Server!</h1></html>" > /var/www/html/index.html

www.cloud-plusplus.com/aws-training

P a g e 10 |
Cloud Plus Plus Services

In next step keep default storage selection.

In next step add tags as follows:

Key: Name

Value: MyWebServerForVPC

In next step, click on Select exiting security groups radio button. Select the
MyWebServerSG created previously.

Select the key pair, and launch the instance.

Copy the Public IPv4 address, run it in a different tab and test the web server
instance.

If you no longer need this infrastructure, make sure to dissociate and release the
elastic IP address, delete the EC2 instance, NAT gateway and the custom VPC.

www.cloud-plusplus.com/aws-training

P a g e 11 |
Cloud Plus Plus Services

Was this document helpful? YES / NO

Document Created by Version

Parag Deshpande 05-MAR-2020

www.cloud-plusplus.com/aws-training

P a g e 12 |

You might also like