Introduction:
This example demonstrates how to create a VPC that you can use for servers in a production environment.
To improve resiliency, you deploy the servers in two Availability Zones, by using an Auto Scaling group and an Application Load Balancer. For additional security, you deploy the servers in private subnets. The servers receive requests through the load balancer. The servers can connect to the internet by using a NAT gateway. To improve resiliency, you deploy the NAT gateway in both Availability Zones.
overview:
The VPC has public subnets and private subnets in two Availability Zones.
Each public subnet contains a NAT gateway and a load balancer node.
The servers run in the private subnets, are launched and terminated by using an
Auto Scaling group, and receive traffic from the load balancer.
The servers can connect to the internet by using the NAT gateway.
Before we start we have to know about
Auto scaling Group:
An Auto Scaling Group (ASG) in AWS is used to automatically adjust the number of instances in a group based on demand. It ensures high availability, improves scalability, optimizes cost efficiency, simplifies management, and integrates with other AWS services for seamless scaling.
Load balancer:
A load balancer is a managed service that evenly distributes incoming application traffic across multiple instances or resources. It enhances the availability and fault tolerance of applications by intelligently routing requests to healthy instances. Load balancers handle traffic spikes, prevent overloading of individual instances, and provide a seamless experience for users.
Target Group:
A target group is a logical grouping of instances or resources that are registered with a load balancer. It allows the load balancer to efficiently route incoming traffic to the registered targets based on defined rules, such as URL paths or ports. Target groups are an essential component of Application Load Balancers (ALB) and Network Load Balancers (NLB) and help ensure the scalable and fault-tolerant distribution of traffic across instances or containers.Bastion host or jump server:
A bastion host, or jump server, in AWS is a secure intermediary EC2 instance that allows administrators to access and manage resources within private subnets. Placed in a public subnet, it acts as a controlled entry point, reducing direct exposure to the internet for instances in private networks.
🌟🌟let's start the project implementation 🌟🌟
step 1: Create VPC
Go to the search bar and type vpc . click on create vpc once you clicked on create vpc and more
you can find something like this
Fill the blanks such as the name of the vpc and number of availability zones etc.
According to our configuration the diagram also changes
and now click on create vpc.
AWS creates a bunch of resources for the VPC it can take time to create nat gateway.
step 2: Now we need an auto-scaling group as well:
Navigate the autoscaling on ec2 or you can simply search.
Now click on Create auto scalling groups
you can find something like this :
Auto-scaling groups can't work without launch templates
To create Lunch templates Click on Create a Launch template
After clicking on the launch template you can find something like this and fill in the name and description.
after that choose the os you want and select the key-value pair.
next, fill the network settings
Here comes the most important concept you have to choose the new VPC you created and the security group
The next security group is the port number of your application. here my port number is 8000.
And click on the lunch template.
Now come to the Autoscaling group there you can see the lunch template is reflected and change the fill the configuration
Now click on the next button and choose the vpc you created
now choose availability zones and subnet
Click on next
Again click on next
select the auto-scaling group size
click on next.
again click on Next, nothing to change on this page.
Now click on Create auto scaling group.
This will take time.
Now go to ec2
There you can see 2 instances are created one in us-east 1a and another is us-east 1b
And one more important thing is that see there not have public IP of the instances.
So how do you login into this?
That's why Bastion or jumps hosts comes into the picture.
so, now create a bastion host server
click on lunch server and choose the same vpc you created.
step:3
Now you have to copy the key pair into the instances.
copy the key pair into your bastion-host server
if the .pem is not available here you will not be able to connect the instaces
To connect the instances simply copy the private IP of the instance and run this command
ssh -i "yourkeypair" ubuntu@yourinstanceip
create a simple index.html file
vim index.html
<!DOCTYPE html>
<html>
<body>
<h1>My First AWS PROJECT to demonstrate apps in private subnet</h1>
</body>
</html>
Run this command to run the page.
python3 -m http.server 8000
Step:4
Now create a load balancer
Navigate the load balancer and click on Create a load balancer
and let's create a target group for the load balancer
click on Next for which instances you want
click on includes as pending and click on create a load balancer
After that click on security groups and add a new rule as http
now copy the DNS name and paste into the browser
🥳🥳🥳🥳🥳congo! you did it.
For another AWS project.
Follow me on LinkedIn to see interesting posts like this : )