Provisionamento de Website na AWS

Prévia do material em texto

Ade Odusanya 
HAKORCONSULTING INC. 
DEPLOYING A WEBSITE 
ON AWS USING AN 
ARCHITECTURE DIAGRAM 
AS TEMPLATE 
 
 
1 
 
TABLE OF CONTENTS 
CHAPTER 1 - PROVISION YOUR VPC 4 
CHAPTER 2 - PROVISION YOUR SUBNETS 7 
CHAPTER 3 – CREATE YOUR INTERNET GATEWAY 12 
CHAPTER 4 – SPINNING UP INSTANCES 15 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
2 
 
 
 
 
USING THIS SIMPLE VPC ARCHITECTURE ABOVE WE ARE GOING TO 
PROVISION RESOURCES FOR A COMPANY WEBSITE. 
 
USE CASE PARAMETERS 
 
1. COMPANY NAME: ABSAI 
2. VPC CIDR BLOCK- 10.0.0.0/16 
3. SUBNET CIDR BLOCK – 10.0.0.0/20-PUBLIC 
 10.0.16.0/20-PRIVATE 
 
 
 
 
 
3 
 
NAMING CONVENTION 
 
1. VPC: COMPANYNAME-VPC 
2. SUBNETS: COMPANYNAME-WEBSERVER-PUBLIC 
 COMPANYNAME-DATABASE-PRIVATE 
3. INTERNET GATEWAY: COMPANYNAME-IGW 
4. INSTANCES: COMPANYNAME-WEBSERVER-EC2 
 COMPANYNAME-DATABASE-EC2 
5. SECURITY GROUP: COMPANYNAME-WEBSERVER-SG 
 COMPANYNAME-DATABASE-SG 
6. S3 BUCKET: COMPANYNAME-OBJECTS (NOTE: S3 BUCKET NAMES ARE GLOBAL, SO 
THEY ARE UNIQUE. 2 BUCKETS CAN’T HAVE THE SAME NAME) 
7. KEY PAIRS: WEBSERVER-KP 
 DATABASE-KP 
 
 
 
 
 
 
LET’S BEGIN 
CLOUDTICIANS… 
 
LOG INTO YOUR 
AWS 
DEVTEST ACCOUNT 
 
 
4 
 
 
 
 
CHAPTER 1- PROVISION YOUR VPC 
 
 
1. NAVIGATE TO YOUR VPC SERVICE DASHBOARD (WE WILL BE USING THE NEW VPC 
EXPERIENCE). 
2. SELECT YOUR VPCS ON THE LEFT-HAND SIDE 
 
 
 
3. CLICK ON CREATE VPC ON THE RIGHT-HAND SIDE (IF YOU ARE USING THE 
OLD EXPERIENCE IT WILL BE ON THE LEFT AND IT WILL BE BLUE) 
5 
 
 
 
 
4. ENTER UNDER NAME TAG 
ABSAI-WEBSITE-VPC 
IPV4 CIDR BLOCK 
10.0.0.0/16 
 
 
 
5. CLICK CREATE VPC (NOTE WITH THE NEW EXPERIENCE TAGS ARE ADDED 
AUTOMATICALLY) 
 
6 
 
 
 
6. A GREEN BAR WILL SHOW STATING THAT YOUR VPC IS CREATED. 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
7 
 
CHAPTER 2 PROVISION YOUR SUBNETS 
 
WE ARE GOING TO CREATE 2 SUBNETS HERE. A PUBLIC SUBNET WHERE OUR 
WEBSERVER WILL SIT AND A PRIVATE SUBNET WHERE OUR DATABASE WILL SIT. 
 
1. ON THE VPC DASHBOARD CLICK SUBNETS ON THE LEFT-HAND SIDE. 
 
 
 
 
 
 
 
 
 
 
 
2. CLICK ON CREATE SUBNET ON THE RIGHT-HAND SIDE. 
 
 
 
 
 
 
 
8 
 
3. SELECT THE VPC THAT WE CREATED. 
 
 
 
 
4. UNDER SUBNET 1 OF 1 ENTER THE FOLLOWING INFO 
 
SUBNET NAME: 
ABSAI-WEBSERVER-PUBLIC 
AVAILABILITY ZONE: 
US-EAST-1A 
IPV4 CIDR BLOCK 
10.0.0.0/20 
 
9 
 
 
 
(NOTE: IN THE NEW EXPERIENCE YOU CAN CREATE MULTIPLE SUBNETS AT ONCE) 
 
5. CLICK ON ADD NEW SUBNET TO CREATE THE PRIVATE SUBNET 
 
 
 
 
10 
 
6. UNDER SUBNET 2 OF 2 ENTER THE FOLLOWING 
 
SUBNET NAME: 
ABSAI-DATABASE-PRIVATE 
AVAILABILITY ZONE: 
US-EAST-1A 
IPV4 CIDR BLOCK 
10.0.16.0/20 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
11 
 
7. CLICK CREATE SUBNET 
 
 
 
 
 
8. YOU WILL SEE IN THE GREEN BOX THAT SUBNETS WERE SUCCESSFULLY 
CREATED. 
 
 
 
 
 
 
 
12 
 
CHAPTER 3 
 CREATE AN INTERNET GATEWAY 
 
 
 
 
 
1. CLICK INTERNET GATEWAY ON THE LEFT-HAND SIDE 
 
 
 
2. CLICK CREATE INTERNET GATEWAY ON THE RIGHT-HAND SIDE 
 
 
 
13 
 
3. ENTER THE INTERNETGATEWAY NAMETAG 
ABSAI-IGW 
 
 
 
 
4. THE GREEN BAR ON TOP WILL SHOW THE INTERNET GATEWAY HAS BEEN 
CREATED AND YOU NEED TO ATTACH IT TO A VPC. SO CLICK ATTACH TO A VPC 
IN THE GREEN BAR 
 
 
 
 
14 
 
5. SELECT THE VPC (ABSAI-VPC) AND CLICK ATTACH INTERNET GATEWAY ON 
THE BOTTOM RIGHT. 
 
 
 
6.THE GREEN BAR SHOWS THAT THE INTERNET GATEWAY HAS BEEN ATTACHED TO THE 
VPC. 
 
 
 
 
 
 
 
 
 
15 
 
CHAPTER 4 
SPINNING UP OF INSTANCES 
 
 
 
 
1. NAVIGATE TO THE EC2 SERVICE DASHBOARD. 
 
 
 
2. SELECT INSTANCES ON THE LEFT-HAND SIDE 
 
 
 
 
 
 
 
 
16 
 
3. SELECT LAUNCH INSTANCES IN THE RIGHT-HAND SIDE 
 
 
 
4. SELECT YOUR AMI (AMAZON MACHINE IMAGE) 
HERE WE ARE SELECTING THE AMAZON LINUX 2 AMI SSD VOLUME TYPE 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
17 
 
5. THEN WE CHOOSE AN INSTANCE TYPE (HERE WE CHOSE THE T2 MICRO) AND 
THEN WE SELECT THE NEXT CONFIGURE INSTANCE DETAILS. 
 
 
 
 
6. ON THIS STEP WE WILL SELECT 
NETWORK: ABSAI-VPC 
SUBNET: ABSAI-WEBSERVER-PUBLIC (BECAUSE THIS IS THE SUBNET FOR THE 
WEBSERVER) 
 
THEN WE CLICK ON NEXT: ADD STORAGE 
 
 
 
 
 
 
 
 
 
18 
 
 
 
 
7. ON THIS PAGE JUST SELECT NEXT ADD TAGS 
 
 
 
8. ADD A TAG HERE 
KEY: NAME 
VALUE: ABSAI-WEBSERVER-EC2 
 
NEXT: CONFIGURE SECURITY GROUP 
 
 
 
 
 
 
 
 
 
19 
 
9. CREATE A NEW SECURITY GROUP 
SECURITY GROUP NAME: ABSAI-WEBSERVER-SG 
DESCRIPTION: ABSAI-WEBSERVER-SG 
 
SSH ACCESS INTO THE WEBSERVER 
AND THEN CLICK REVIEW AND LAUNCH. 
 
 
 
 
10. HERE REVIEW THE INSTANCE AND THEN CLICK LAUNCH. 
 
 
 
 
 
 
20 
 
11. HERE CREATE A NEW KEY PAIR 
KEY PAIR NAME: WEBSERVER-KP 
 
DOWNLOAD KEY PAIR 
 
CLICK LAUNCH INSTANCES 
 
 
 
 
12. CLICK VIEW INSTANCES 
 
 
 
 
 
 
 
 
21 
 
 
 
13. WE NEED TO SPIN UP ANOTHER INSTANCE FOR THE DATABASE. CLICK LAUNCH 
INSTANCE. 
 
14. ON THIS PAGE CHECK THE FREE TIER ONLY FILTER ON THE LEFT-HAND SIDE 
 
 
 
15. HERE WE SELECTED MICROSOFT WINDOWS SERVER 2019 BASE AS OUR AMI 
 
 
 
 
 
 
 
 
 
 
 
 
22 
 
 
 
16. HERE WE ENTER 
NETWORK: ABSAI-VPC 
SUBNET: ABSAI-DATABASE-PRIVATE 
 
CLICK ADD STORAGE 
 
 
 
17. HERE JUST SELECT NEXT: ADD TAGS 
 
 
 
 
 
 
 
 
 
 
23 
 
 
 
 
18. HERE 
KEY: NAME 
VALUE: ABSAI-DATABASE-EC2 
 
CLICK NEXT CONFIGURE SECURITY GROUP 
 
 
 
 
19. HERE CREATE A NEW SECURITY GROUP 
SECURITY GROUP NAME: ABSAI-DATABASE-SG 
DESCRIPTION: ABSAI-DATABASE-SG CREATED -------- 
 
DESCRIPTION: RDP ACCESS INTO DATABASE 
 
REVIEW AND LAUNCH 
 
 
24 
 
 
 
 
 
20. HERE CLICK LAUNCH 
 
 
 
 
 
 
 
21. HERE CREATE A NEW KEY PAIR 
KEY PAIR NAME: DATABASE-KP 
 
DOWNLOAD KEY PAIR 
 
CLICK LAUNCH INSTANCES 
 
25 
 
 
 
22. CLICK VIEW INSTANCES 
 
 
 
23. NOW STOP YOUR INSTANCES FROM RUNNING.