Scribd
Upload
8 views

Aws Practice Lab Notes

Uploaded by

Roshan Ahmad Shaheen
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
8 views

Aws Practice Lab Notes

Uploaded by

Roshan Ahmad Shaheen
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 13

VPC

Create VPC
Resource to create: VPC Only
Name tag: xxxx
IPV4 CIDR block: IPV4 CIDR manual input
IPV4 CIDR: 10.0.0.0xxxxx

CREATE VPC
Select the created VPC, click on “ACTION”, then “EDIT VPC SETTINGS”
DNS settings: Enable DNS resolution and hostnames, then SAVE

Create Subnets
VPC ID: select the correct VPC
Subnet name: Public Subnet
Availability Zone: select the correct AZ
IPv4 VPC CIDR block: 10.0.0.0/24
CREATE Subnet
Select the created subnet, click on “ACTION”, then “EDIT SUBNET SETTINGS”

Auto-assign IP settings: ENABLE auto-assign public IPv4 address. then SAVE. It is for public subnet setting.
Create Private subnet

Create an internet gateway

Select the created Internet Gateway: “ATTATCH TO VPC”

Available VPCs: Select correct VPC


“ATTACH INTERNET GATEWAY” – now the vpc has internet

The router tables are critical to decide the traffic comes in or it goes out of a particular VPC subnets, it is
automatically created when we created the VPC. This is a private route table.
Create route table

Select the created Route table, then click “EDIT ROUTES”

Select “0.0.0.0/0” to allow anything and everything, target is “internet gateway”

Click: SAVE CHANGES


Then click “SUBNET ASSOCIATIONS”, then click “EDIT SUBNET ASSOCIATIONS”
Tick the box of “PUBLIC SUBNET”, then click “SAVE ASSOCIATTIONS”

Create security group


Security group name: APP-SGxxx
Description: Allow HTTP traffic
VPC: Select correct VPC

Click Create security group


Select “INBOUND RULES” tab, then click on “EDIT INBOUND RULES”. Click “ADD RULES”
Then select “TYPE” and “SOURCE TYPE”

Click Save Rules

Launching an application server in the public subnet – add EC2

Launch Instance
Name: APP Server
Network settings: Choose “EDIT” then under network settings: VPC (select the correct one), and Subnet
(select the correct one)

Under the FIREWALL, select “SELECT EXISTING SECURITY GROUP”, then tick box of the correct security
group.
Click on “ADVANCED DETAILS”, select IAM INSTANCE PROFILE, select “INVENTORY APP ROLE”

Then “Launch Instance”

Configure Auto Scaling


Go EC2, then find load balancer on the left, click on “LOAD BALANCER”
Create load balancer
Click on “CREATE” under APPLICATION LOAD BALANCER
Under NETWORK MAPPING
Make sure to select the correct VPC, AZ and public subnets

A new tab - Create a new security group, enter name, description. Need to “ADD RULES”

Back to the original tab for load balancer – refresh the security group, select the correct security group
(delete the default one if it’s there)
Under listeners and routing, click on “CREATE TARGET GROUP”, open a new tab

Enter the name, then click on “ADVANCED HEALTH CHECK SETTINGS”


Make changes as the instruction: Healthy threshold and Interval
Click “NEXT”
Then in the second half of the page, find “Review targets” part, click on “CREATE TARGET GROUP”

Back to the original tab for load balancer, refresh the listeners and routing, find the CREATED TARGET
GROUP

Then click on “CREATE LOAD BALANCER”


Web server AMI
Go to EC2 instance, there is WEBSERVER instance, select the instance and click on “ACTION” and scroll
down to “IMAGE AND TEMPLATE” and “CREATE IMAGE”. Enter name and other given information, Click on
“CREATE IMAGE”
Check AMIs from the options on the left of the page.

Create a launch template and an auto scaling group


Go to EC2 instance page, find “LAUNCH TEMPLATE” options on the left of the page. Click on “CREATE
LAUNCH TEMPLATE”
Then enter name, then scroll down to “MY AMIS” tab, make sure select the correct AMI. Select “INSTANCE
TYPE” and KEY PAIR – “VOCKEY”.
Under “Network settings”, select the correct “SECURITY GROUP”
Then scroll down to the “ADVANCED DETAILS”, select the correct “IAM INSTANCE PROFILE”

Enable the CloudWatch Monitoring

Then click on “CREATE LAUNCH TEMPLATE”, click on the link in the success message to open the template.
Then click on “ACTIONS”, select “CREATE AUTO SCALLING GROUP”

Enter name, click on “NEXT”


Then the next step is selecting correct VPC, AZs and subnets

Then click on “NEXT”


Select “ATTACH TO AN EXISTING LOAD BALANCER”

Make change in “HEALTH CHECKS” as per instruction


Tick box of “ENABLE GROUP METRICS COLLECTIONS WITHIN CLOUDWATCH”
Then click on “NEXT”
Then make change in GROUP SIZE and SCALING POLICIES as per instruction. Then click on “NEXT”
SCALING POLICIES: Schedule, dynamic and predictive (ML)

Can add notification if needed

Add a tag as instruction


After reviewing the settings, click on “CREATE AUTO SCALING GROUP”

Update security groups


22/09

You might also like