VPC project with public-private subnet

VPC project with public-private subnet

Introduction:

This example demonstrates how to create a VPC that you can use for servers in a production environment.

To improve resiliency, you deploy the servers in two Availability Zones, by using an Auto Scaling group and an Application Load Balancer. For additional security, you deploy the servers in private subnets. The servers receive requests through the load balancer. The servers can connect to the internet by using a NAT gateway. To improve resiliency, you deploy the NAT gateway in both Availability Zones.


        A VPC with subnets in two Availability Zones.

overview:

  1. The VPC has public subnets and private subnets in two Availability Zones.

  2. Each public subnet contains a NAT gateway and a load balancer node.

  1. The servers run in the private subnets, are launched and terminated by using an

  2. Auto Scaling group, and receive traffic from the load balancer.

  3. The servers can connect to the internet by using the NAT gateway.

Before we start we have to know about

  1. Auto scaling Group:

    An Auto Scaling Group (ASG) in AWS is used to automatically adjust the number of instances in a group based on demand. It ensures high availability, improves scalability, optimizes cost efficiency, simplifies management, and integrates with other AWS services for seamless scaling.

  2. Load balancer:

    A load balancer is a managed service that evenly distributes incoming application traffic across multiple instances or resources. It enhances the availability and fault tolerance of applications by intelligently routing requests to healthy instances. Load balancers handle traffic spikes, prevent overloading of individual instances, and provide a seamless experience for users.

  3. Target Group:
    A target group is a logical grouping of instances or resources that are registered with a load balancer. It allows the load balancer to efficiently route incoming traffic to the registered targets based on defined rules, such as URL paths or ports. Target groups are an essential component of Application Load Balancers (ALB) and Network Load Balancers (NLB) and help ensure the scalable and fault-tolerant distribution of traffic across instances or containers.

  4. Bastion host or jump server:

    A bastion host, or jump server, in AWS is a secure intermediary EC2 instance that allows administrators to access and manage resources within private subnets. Placed in a public subnet, it acts as a controlled entry point, reducing direct exposure to the internet for instances in private networks.

🌟🌟let's start the project implementation 🌟🌟

step 1: Create VPC

Go to the search bar and type vpc . click on create vpc once you clicked on create vpc and more

you can find something like this

Fill the blanks such as the name of the vpc and number of availability zones etc.

According to our configuration the diagram also changes

and now click on create vpc.

AWS creates a bunch of resources for the VPC it can take time to create nat gateway.

step 2: Now we need an auto-scaling group as well:

Navigate the autoscaling on ec2 or you can simply search.

Now click on Create auto scalling groups

you can find something like this :

Auto-scaling groups can't work without launch templates

To create Lunch templates Click on Create a Launch template

After clicking on the launch template you can find something like this and fill in the name and description.

after that choose the os you want and select the key-value pair.

next, fill the network settings

Here comes the most important concept you have to choose the new VPC you created and the security group

The next security group is the port number of your application. here my port number is 8000.

And click on the lunch template.

Now come to the Autoscaling group there you can see the lunch template is reflected and change the fill the configuration

Now click on the next button and choose the vpc you created

now choose availability zones and subnet

Click on next

Again click on next

select the auto-scaling group size

click on next.

again click on Next, nothing to change on this page.

Now click on Create auto scaling group.

This will take time.

Now go to ec2

There you can see 2 instances are created one in us-east 1a and another is us-east 1b

And one more important thing is that see there not have public IP of the instances.

So how do you login into this?

That's why Bastion or jumps hosts comes into the picture.

so, now create a bastion host server

click on lunch server and choose the same vpc you created.

step:3

Now you have to copy the key pair into the instances.

copy the key pair into your bastion-host server

if the .pem is not available here you will not be able to connect the instaces

To connect the instances simply copy the private IP of the instance and run this command

ssh -i "yourkeypair" ubuntu@yourinstanceip

create a simple index.html file

vim index.html
<!DOCTYPE html>
<html>
<body>

<h1>My First AWS PROJECT to demonstrate apps in private subnet</h1>
</body>
</html>

Run this command to run the page.

python3 -m http.server 8000

Step:4

Now create a load balancer

Navigate the load balancer and click on Create a load balancer

and let's create a target group for the load balancer

click on Next for which instances you want

click on includes as pending and click on create a load balancer

After that click on security groups and add a new rule as http

now copy the DNS name and paste into the browser

🥳🥳🥳🥳🥳congo! you did it.

For another AWS project.

Follow me on LinkedIn to see interesting posts like this : )

linkedin.com/in/prabir-kumar-mahatha-6a0025..

visit my git hub profile: github.com/PrabirKumarMahatha