0% found this document useful (0 votes)
12 views3 pages

IAAS Multi-Tier Web App

AWS for beginners

Uploaded by

a.hamoud6161
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
12 views3 pages

IAAS Multi-Tier Web App

AWS for beginners

Uploaded by

a.hamoud6161
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Capstone Project

Designing and deploying a custom VPC for a Mul9-Tier Web


Applica9on to be hosted inside AWS

Resources to be built:
• Custom VPC in AWS
• 4 subnets, 2 public and 2 private
• Internet Gateway to be created and a?ached to the VPC
• 2 EBS backed EC2 instances (Instance A and Instance B)
• 2 security groups WebSG and ALBSG
• A target group WebTG
• An applicaIon load balancer WebALB

Things to think about:


• Do you need one or more route tables? Why?
• How will the instances of the private subnet(s) connect to the internet and AWS
services?
• Can you place the Web/App Ier instances in private subnets 1 and 2?
• If you are to create the database, will you create it in private subnets or public subnets?
Why?
• What is required to connect to the database from your applicaIon Ier?

Required Steps:

Design a soluIon for a mulI-Ier web applicaIon that will be deployed in a custom AWS VPC.
Create a custom VPC with CIDR block 10.0.0.0/16 with:
• Two Public subnets in two different Availability Zones, US-east-1a and us-east-1B in US-
east-1 region.
Ø Use 10.0.10.0/24 and 10.0.20.0/24 ranges for these two subnets.
• Two Private subnets in the same AZs as above.
Ø Use 10.0.100.0/24 and 10.0.200.0/24. Create a separate route table for the
private subnets.
• 2 security groups, WebSG and ALBSG
• Target Group WebTG and an ApplicaIon load balancer WebALB

• Launch two EBS-backed EC2 instances, one in each of the two private subnets above
(10.0.100.0/24 and 10.0.200.0/24).
Ø The instances will serve as the web and applicaIon Iers.
Ø The instances will have the user data script (shown in the last slide) run at launch
Ime.
Ø The security group assigned to the instances should use the name webSG and
must allow ports ssh (22), h?p (80) and h?ps (443) in the inbound direcIon.

# The bash script (user data) to use for this hands on lab
#Web/app instance 1:

#!bin/bash
yum update -y
yum install h?pd -y # installs apache (h?pd) service
systemctl start h?pd # starts h?pd service
systemctl enable h?pd # enable h?pd to auto-start at system boot
echo " This is server *1* in AWS Region US-EAST-1 in AZ US-EAST-1B " >
/var/www/html/index.html
#Web/app instance 2:

#!bin/bash
yum update -y
yum install h?pd -y
systemctl start h?pd
systemctl enable h?pd
echo " This is server *2* in AWS Region US-EAST-1 in AZ US-EAST-1B " >
/var/www/html/index.html

• Create a target group with the name webTG and add the two applicaIon instances to it.
• The target group will use the port 80 (HTTP) for traffic forwarding and health checks.
• Launch an applicaIon load balancer (WebALB) that will load balance to these two
instances using HTTP.
Ø The applicaIon load balancer must be enabled in the two public subnets you
have configured above.

• Adjust the security group of the web/app instances to allow inbound traffic only from
the applicaIon load balance security group as a source.
• The ALB security group (ALBSG) must allow outbound h?p to the web/app security
group (webSG)
• The ALBSG must allow inbound traffic from the internet on port h?p.
• Configure a target tracking auto scaling group that will ensure elasIcity and cost
effecIveness. The Auto Scaling group should monitor to the two instances and be able
to add instances on-demand and replace failed instances.
• Test to ensure that you can get to the index.html message on the instances through the
load balancer. If it works, congratulaIons on finishing this amazing project on AWS.
• Once completed successfully, please remember to destroy your deployed resources to
avoid any surprise charges.

You might also like