Logo

dev-resources.site

for different kinds of informations.

AWS VPC with Public and Private Subnets & NAT Gateway

Published at
12/24/2024
Categories
aws
vpc
ec2
cloud
Author
taha_sumeer
Categories
4 categories in total
aws
open
vpc
open
ec2
open
cloud
open
Author
11 person written this
taha_sumeer
open
AWS VPC with Public and Private Subnets & NAT Gateway

VPC ARCHITECTURE

This architecture describe what we’re going to implement. This is a most recommended AWS approach to deploy your application securely on ec2 instances. Let’s start.

A Virtual Private Cloud (VPC) in AWS is a private, isolated network within the AWS cloud where you can launch resources like EC2 instances. It allows you to define and control network configurations, including subnets, route tables, and security settings.
Why it's used:

  1. Isolation: Provides a secure and private environment for resources.
  2. Customizability: Enables custom IP addressing, subnets, and routing.
  3. Security: Supports security groups, network ACLs, and VPNs.
  • First of all Open the Amazon VPC console and create VPC. To set vpc configuration, please look below images.

set vpc configuration

  • After creating your VPC. Your diagram should exactly look like these.

VPC DIAGRAM

Now that we've completed the VPC, if you look in architecture so we need to create Auto scaling group. Again open new console and go ec2 instance dashboard where you can find auto scaling group. A auto scaling concept is nothing but scale your ec2 instance.

ASG

  • Before creating auto scaling group we need to create launch template. A launch template is a resource that contains configuration information for launching an instance.

LT

  • Note: Don't forget to create key pair and attach it.

LT

SHH
Once you created so auto scaling group able to find it and now select and click next.
Create Auto scaling group

When you create an Auto Scaling group, you must specify the necessary information to configure the Amazon EC2 instances, the Availability Zones and VPC subnets for the instances, the desired capacity, and the minimum and maximum capacity limits etc.

  • To configure Amazon EC2 instances that are launched by your Auto Scaling group, you can specify a launch template or a launch configuration. The following procedure demonstrates how to create an Auto Scaling group using a launch template.

ASG

Here a catch, Let’s say you want 2 ec2 instance but when when holiday arrive so probably your site hitting more traffic so auto scaling group does automate increase ec2 instance as your reequipments and your site won’t down. It’s amazing, isn’t?

EC2

Now click next next and next and tada your auto scaling group is created. When you look in ec2 instance so we have 2 instance created automatically, who create obviously *auto scaling group. *

ec2

  • However, let's create a simple application within an EC2 instance. ? Wait. how do we login? Because is there no public ipv4. That’s a whole project about.this instance have to be secured. So you have rights to ask me taha how do we login?

The answer is very easy, make another ec2 instance and it’s a mediator between public and private subnet. I’ll ssh the mediator called instance from public subnet and the I’ll ssh the private host to login our main ec2 instance.

Mediator

  • Note: The mediator called ec2 instance create same like other 2 ec2 instance and does forget to change VPC and enable ip address. I'll def login mediator, before other 2 ec2 instance but i need to copy pem file to mediator and then login. so open your terminal and run this command to copy your pem file into mediator so this way to helping us to login other ec2 instance

scp –i "login.pem" "login.pem" [email protected]:/home/ubuntu

  • What is Scp? Copy file to host machine into another host machine.

git
Successfully copy and login in mediator ec2 instance now using "login.pem" file and this mediator we able to login our private ec2 instances.

CHMOD
Hooray!Finally we login in private ec2 instance how beautiful is this. Isn’t it?

  • Now create a simple python application so see. First of all make a simple html page. Using vim index.html

vim

  • Now Run this command. python3 server

This last thing to do is creating a load balancer. Again open a new tab and go ec2 instance dashboard where you can see load balancer.

LB

This below images describe a load balancer configuration.

Im

Image

Ima

DN

TG

TG

The Target group is getting ready and it’s Successfully created. Put it on load balancer.

TG
Put it on Load balancer and click next.
TG
Now load balancer is created. However is takes 2-3 mint to getting ready to use. Once the load balancer is provisioned let’s try to access the outside world.

The last thing to do is add security group because application does not listening on port 8000.
Follow below pictures to add security group.
LB

BL

LB

Almost done, After clicking send rules access the application outside world.

final

Let’s go. Our application is running. Congrats you have implement AWS VPC project.

  • Note: I deployed application on only one ec2 instance what you can do to see load balancing concept go other ec2 instance and deploy a other application so sometimes you can see my application and sometimes other. This is only for understanding a concept of load balancing.

Thank you for reading my documentation and yeah don’t forget to clean resources otherwise you'll get surprise AWS bill.

vpc Article's
30 articles in total
Favicon
VPN Peering "Region to Region "
Favicon
Customize VPCs with CloudFormation Conditions
Favicon
AWS VPC with Public and Private Subnets & NAT Gateway
Favicon
Understanding AWS Networking Services: A Comprehensive Guide
Favicon
SECURITY GROUP IN AWS VPC
Favicon
IPs Explained: The Address of the Internet
Favicon
I am a wall - Call me a VPC
Favicon
AWS Private Zones To The Max
Favicon
High Availability Database Architecture on AWS: A Deep Dive
Favicon
Build a Virtual Private Cloud
Favicon
Subnet Settings in AWS: A Subtle Configuration That Can Cause Big Headaches
Favicon
Exploring Advanced Networking Concepts in the Cloud: VPC and Subnets
Favicon
A Beginners Guide to AWS (VPS) Virtual Private Cloud
Favicon
VPC y Subredes en AWS - Parte 2: Configuración de Conectividad Segura entre Recursos y hacia Internet
Favicon
Demystifying an interesting relation between ECR and S3
Favicon
Secure AWS VPC using Public and Private Subnets
Favicon
What is VPC Flow Log ? How to Enable VPC Log
Favicon
Cloud Networking - VPC Peering
Favicon
AWS VPC Peering: A Comprehensive Guide
Favicon
How to Create AWS VPC Using Terraform
Favicon
Deploy an EC2 instance inside a custom VPC using Terraform.
Favicon
Explaining Elastic IP Addresses in AWS
Favicon
Networking Essentials for Cloud Specialists
Favicon
Fundamentos de Redes en AWS: VPC y Subredes - Parte 1
Favicon
Transit Gateway v/s Direct Connect v/s Site-to-Site VPN
Favicon
AWS Networking - VPC
Favicon
AWS Client VPN Caveat: Knowing this can save you hours of troubleshooting
Favicon
Understanding AWS Availability Zones: Boosting SaaS Resilience and Uptime
Favicon
AWS VPC Limits
Favicon
AWS Networking, VPC, and Application Deployment: A Step-by-Step Guide

Featured ones: