Week 2 of #10Weeksofcloudops

 Design a three - tier architecture in AWS

Topis\Services Used - 

  • VPC -  VPC is a Virtual Private Cloud which is built around the AWS resources. VPC is can also be defined as a network service which we use to establish boundaries between AWS resources.

  • Subnets - Subnets is a portion of VPC which contains AWS services. It is a section of VPC where we can group the AWS resources based on security and operational needs/requirements. There are two types of Subnets - Public Subnet and Private Subnet.
  1. Public Subnet - It is a subnet which is internet facing. These subnets have internet connection. These subnets consists of resources that should be accessible by the public via internet.
  2. Private Subnet - It is a subnet which does not have internet connection. These subnets consists of resources that should not be accessible by internet but only through a private connection.

  •  NACL (Network Access Control List) - It is a virtual firewall which controls inbound and outbound traffic at subnet level. These are stateless packet filtering. By default NACL allows all inbound and outbound traffic, but can be modified by adding rules.

  • Security Groups - It is a virtual firewall to control inbound and outbound traffic from any EC2 instances. These are for stateful packet filtering. By default it blocks all the inbound and allows all outbound traffic. They always follow previous decisions made for the incoming packets.

  • Amazon Route 53 - It is a DNS service - DNS means Domain Name Service, which can translate any URL/Domain name to IP Address. This is like a phonebook for IP Addresses.

  • Amazon Cloud Front -  It is a Global content delivery network. Basically it routes the requests to closest region and low latency region.

  







A Three tier architecture basically consists of Presentation Tier (Client), Logic Tier (Server) and Data Tier (Database).



Creating the VPC - 
  • Open the AWS management console.
  • Search for "VPC" in the search option.
  • Click on "Create VPC".
  • In the VPC settings - Give a name to the VPC.
  • And enter IPV4 CIDR Block - 10.32.0.0/16




 Creating Subnets - 
  • In the same page, navigate to subnets.
  • Click "Create Subnet".
  • In the page, select the VPC created.
  • Provide a name for the subnet
  • Provide CIDR for the subnet.



Similarly create 3 more subnets (2 private subnets and 1 public subnet).



Creating Internet Gateway - 
  • Navigate to Internet Gateway.
  • Click "Internet Gateway"
  • Provide a name to the internet gateway and create the internet gateway.

Attaching the Internet Gateway to the VPC - 
  • Select the VPC created.
  • Click on the "Actions".
  • Select "Attach to VPC".
  • Select the VPC and click "Attach Internet Gateway".


Creating NAT Gateway - 

  • Navigate to NAT Gateways.
  • Click "Create NAT Gateway".
  • Provide the name.
  • Select the Public subnet.
  • Select "Public" for connectivity type.
  • Click "Allocate Elastic IP". 
  • And click "Create NAT Gateway".

Create Route Tables - 
  • Navigate to Route tables.
  • Provide the name for the route table.
  • Select the VPC.
  • Click create route table.

Similarly, create route table for another subnet as well.



Configuring Internet Gateway, Subnets and NAT Gateway.

  • Select the Route table.
  • In the Actions, select "Edit Route".
  • Select "Add Route", 
  • In the Destination, add 0.0.0.0/0.
  • Select the Internet Gateway created. 
  • Click "Save Changes".
Subnet associations.



Similarly, configure subnet association for private subnet as well.

Once the subnet associations are configured, the mapping can be viewed by Selecting the VPC -> Resource Map.



Creating the Load Balancer - 

  • In the search bar of the main page of AWS management console, search for EC2, navigate to Load balancer and select it.
  • Click on "Create Load Balancer".
  • Select "Application Load Balancer".
  • Provide a name for the Load Balancer.
  • In the scheme, select Internet Facing.
  • Select IPV4 in IP address type.

In the Network mapping, Select the VPC created and the public subnet configured.


In the security Group, select the VPC that has been created and configured. Select the port number which has to be configured along with the protocol.




Click on the "Create Load Balancer", this creates the load balancer.


**  Delete the Resources once created after the challenge is completed **

Comments

Post a Comment

Popular posts from this blog

Week 1 of #10Weeksofcloud

Image
Hosting a Static Website using AWS Services used – Amazon S3 AWS Cloud Front Route 53 Creating the bucket –   Login to AWS account in the AWS Management console - https://aws.amazon.com/console/ Sign in using the valid credentials if you already have an account, else you can create a free tier account by signing up. Once logged in to the account, you can locate Amazon S3 in the services listed out, Or you can search Amazon S3 using the Search option in the left top corner of the AWS Management console.   Once the Amazon S3 opens, click “Create Bucket” on the top right side of the page. Enter the “Bucket Name”, Bucket name should be globally unique. I have given the name as “cloudopsbootcamp” Select the closest AWS region in the “AWS Region”, I have selected “Asia Pacific (Mumbai) ap-south-1, which is the closest region to me since I am trying to host the website from India. Keeping the default settings and create the bucket by clicking “create bucket”. ...
Read more

Week 3 of #10Weeksofcloudops

Image
 Implement a 2-tier architecture in AWS using Terraform. Terraform -  Terraform is an open source service that allows us to build infrastructure as a code to provision resources from any infrastructure provider. Terraform creates and manages resources on cloud platforms and other services through their application programming interfaces (APIs). Providers enable terraform to work with virtually any platform or service with an accessible API. It lets us define resources and infrastructure in human-readable, declarative configuration files, rather than through a graphical user interface.  Prerequisites -  AWS Account  AWS CLI Terraform AWS Access key and Security Key. Microsoft Visual Studio code. Creating providers.tf -  This defines a web application, including a Provider block, VPC with its networking components, Security block, Instances block (EC2 instance for Compute & RDS instance for database), an Application Load Balancer block and an Outputs bloc...
Read more