RedHat Panacia

Linux | Cloud | DevOps | Scripting

  •

    • Breaking

    Sunday 19 May 2019

    Home AWS VPC How to Create Amazon Virtual Private Cloud (VPC)

    How to Create Amazon Virtual Private Cloud (VPC)



    We can create Amazon VPC by using the following steps:

    1. Create a VPC
    2. Create an Internet Gateway (IGW)
    3. Attach IGW to VPC
    4. Create Two Subnets:
      Public Subnet (Subnet-1) and Private Subnet (Subnet-2)
    5. Enable Auto-assign IP settings for Public Subnet
    6. Create a Route Table and associate to subnet-1
    7. Create Tow Instances:
      Web Server (First instance for public subnet) and DB Server (Second instance for private subnet)
    8. Verify internet access on web server
    9. Create a NAT Gateway
    10. Create a Route table for NAT Gateway and associate to Subnet-2
    11. Verify internet access on DB server. 


    How to Create AWS VPC?
    AWS VPC Struct

    Step 1: Create a VPC:

    As VPC is a region-specific service, first we need to make sure in which region we are creating VPC. In this practical, we are creating a VPC in North Virginia Region for a web solution company, named 'websol'. One default VPC is also running there. So, I suggest, do not delete or change inside default VPC. Create your own VPC named 'websol-vpc'.

    AWS ➔ Services➔ VPC ➔ Your VPCs ➔ Create VPC ➔ Name tag: websol-vpc ➔ IPv4 CIDR block: 10.0.0.0/16 ➔ [*] No IPv6 CIDR Block ➔ Tenancy: default ➔ Create ➔ Close.

    This will create a new VPC named 'websol-vpc' in North Virginia region.

    Step 2: Create an Internet Gateway (IGW):

    AWS ➔ Services ➔ VPC ➔ Internet Gateways ➔ Create Internet Gateway ➔ Name tag: websol-igw ➔ Create ➔ Close.

    Step 3: Attach IGW to VPC:

    AWS ➔ Services ➔ VPC ➔ Internet Gateways ➔ Select 'websol-igw' gateway ➔ Actions ➔ Attach to VPC ➔ VPC: Select 'websol-vpc' ➔ Attach.

    In the state section, we can verify that Internet Gateway 'websol-igw' is attached to 'websol-vpc' VPC.

    Step 4: Create Two Subnets:


    • Create the first Subnet for Web Server:

    AWS ➔ Services ➔ VPC ➔ Subnets ➔ Create subnet ➔ Name tag: websol-sub1-pub ➔ VPC: websol-vpc ➔ Availability Zone: us-east-1a ➔ IPv4 CIDR block: 10.0.1.0/24 ➔ Create ➔ Close.

    • Create the second Subnet for Database Server:

    AWS ➔ Services ➔ VPC ➔ Subnets ➔ Create subnet ➔ Name tag: websol-sub2-pvt ➔ VPC: websol-vpc ➔ Availability Zone: us-east-1b ➔ IPv4 CIDR block: 10.0.2.0/24 ➔ Create ➔ Close.

    Step 5: Enable Auto-Assign IP settings for public subnet:

    AWS ➔ Services ➔ VPC ➔ Subnets ➔ Select Subnet 'websol-sub1-pub' ➔ Actions ➔ Modify auto-assign IP settings ➔ [*] Enable auto-assign public IPv4 address ➔ Save.

    Step 6: Create a Route Table and associate to subnet-1:


    • Create a route table to get attached IGW to subnet1, which belongs to Web Server:

    AWS ➔ Services ➔ VPC ➔ Route Tables ➔ Create Route Table ➔ Name tag: websol-rt-pub ➔ VPC: websol-vpc ➔ Create ➔ Close.

    • Make Route Entries:

    AWS ➔ Services ➔ VPC ➔ Route Tables ➔ Select 'websol-rt-pub' Route Table ➔ Routes ➔ Edit routes ➔ Destination: 0.0.0.0/0 ➔ Target: 'websol-igw' ➔ Save routes ➔ Close.

    • Associate Route Table to Subnet-1:

    AWS ➔ Services ➔ VPC ➔ Route Tables ➔ Select 'websol-rt-pub' Route Table ➔ Subnet Associations ➔ Edit Subnet Associations ➔ Select 'websol-sub1-pub' subnet ➔ Save.

    Step 7: Create Instances:

    Create two instances; one for Web Server in Subnet-1 and another instance for Database Server in Subnet-2.
    • Create first instance in Subnet-1 named 'win-web-srv':
    AWS ➔ Services ➔ EC2 ➔ Instances ➔ Launch Instance ➔ [*] Free Tier only ➔ Select 'windows Server 2008' AMI ➔ Instance Type: t2.micro ➔ Next ➔ Number of instances: 1 ➔ Network: select own created 'websol-vpc' VPC ➔ Subnet: As we are creating this instance for subnet-1, which we are using for a web server, select us-east-1a ➔ Auto-assign Public IP: We have already enable auto-assign in subnet, so there is no need to change this ➔ Next ➔ Next: tags ➔ Name: win-web-srv ➔ Next: SG ➔ [*] Create a new Security Group ➔ Security group name: win-sg ➔ Description: win-sg is created to access windows instances ➔ Rule ➔ RDP: TCP: 3389: Anywhere ➔ Add Rule ➔ HTTP: TCP: 80: Anywhere ➔ Add Rule ➔ HTTPS: TCP: 443: Anywhere ➔ Review and Launch ➔ Launch ➔ Create a new key-pair OR select any existing key pair ➔ Launch Instances ➔ View Instances.
    • Create second instance in Subnet-2 named 'win-db-srv':
    AWS ➔ Services ➔ EC2 ➔ Instances ➔ Launch Instance ➔ [*] Free Tier only ➔ Select 'windows Server 2008' AMI ➔ Instance Type: t2.micro ➔ Next ➔ Number of instances: 1 ➔ Network: select own created 'websol-vpc' VPC ➔ Subnet: As we are creating this instance for subnet-2, which we are using for a Database Server, select us-east-1b ➔ no need for enabling Auto-assign Public IP as we are creating this instance for private subnet ➔ Next ➔ Next: tags ➔ Name: win-db-srv ➔ Next: SG ➔ [*] Create a new Security Group ➔ Security group name: win-db-sg ➔ Description: win-db-sg is created to access windows DB instances ➔ Rule ➔ RDP: TCP: 3389: Custom: 10.0.0.0/16 (here, we gave CIDR for security purposes) ➔ Review and Launch ➔ Launch ➔ Create a new key-pair OR select any existing key pair ➔ Launch Instances ➔ View Instances.
    • Generate passwords of both instances and copy them in notepad:
    For Web Server:
    AWS ➔ Services ➔ Instances ➔ Select Instance 'win-web-srv' ➔ Actions ➔ Get Windows Password ➔ Browse ➔ (Provide Private IP) ➔ Decrypt Password ➔ Copy this password in notepad.

    For DB Server:
    AWS ➔ Services ➔ Instances ➔ Select Instance 'win-db-srv' ➔ Actions ➔ Get Windows Password ➔ Browse ➔ (Provide Private IP) ➔ Decrypt Password ➔ Copy this password in notepad.

    Step 8: Verify internet access on Web Server:

    Run ➔ type 'mstsc' ➔ Computer: paste public IP from EC2 Dashboard ➔ Connect ➔ Username: Administrator ➔ Password: Paste from notepad, where we saved it ➔ Connect ➔ (this will login us to our web-server instance) ➔ Run ➔ cmd ➔ type 'ping www.google.com' ➔ If we get a reply, means we got the connection.

    Step 9: Create a NAT Gateway:

    AWS ➔ Services ➔ VPC ➔ NAT Gateways ➔ Create NAT Gateway ➔ Subnet: Select public subnet 'websol-sub1-pub' ➔ Elastic IP Allocation ID: Click on Create New EIP (this will assign and allocate a Public Elastic IP to NAT Gateway) ➔ Create a NAT Gateway ➔ Close.

    Allow some moments to get the status from pending to available, because NAT Gateway takes some time to create.

    Step 10: Create Route Table for NAT Gateway and Associate to Subnet-2:

    • Create a route table to get attached with NAT Gateway:
    AWS ➔ Services ➔ VPC ➔ Route Tables ➔ Create Route Table ➔ Name tag: websol-rt-nat ➔ VPC: websol-vpc ➔ Create ➔ Close.
    • Make Route Entries:
    AWS ➔ Services ➔ VPC ➔ Route Tables ➔ Select 'websol-rt-nat' Route Table ➔ Routes ➔ Edit routes ➔ Destination: 0.0.0.0/0 ➔ Target: Select NAT Gateway ➔ Save routes ➔ Close.
    • Associate Route Table to Subnet-2:
    AWS ➔ Services ➔ VPC ➔ Route Tables ➔ Select 'websol-rt-nat' Route Table ➔ Subnet Associations ➔ Edit Subnet Associations ➔ Select 'websol-sub2-pvt' subnet ➔ Save.

    Step 11: Verify internet access on DB server:

    • First login to the web-server:
    Run ➔ type 'mstsc' ➔ Computer: paste public IP of web-server from EC2 Dashboard ➔ Connect ➔ Username: Administrator ➔ Password: Paste from notepad, where we saved it ➔ Connect ➔ this will login us to our web-server instance.
    • Open RDP from the web server and login to the DB-Server using private IP:
    In Web-Server ➔ Run ➔ type 'mstsc' ➔ Computer: paste private IP of DB-server from EC2 Dashboard ➔ Connect ➔ Username: Administrator ➔ Password: Paste from notepad, where we saved it ➔ Connect ➔ this will login us to our DB-Server ➔ Open Run ➔ type command 'cmd' ➔ ping www.google.com.


    ACCESS GRANTED…ENJOY!!!

    CLEANUP:

    1. Terminate both instances
    2. Delete NAT Gateway
    3. Release Elastic IP which we used in NAT gateway
    4. Delete VPC

    Step 1: Terminate both instances:

    AWS ➔ Services ➔ EC2 ➔ Instances ➔ Select both instances ➔ Action ➔ Instance State ➔ Terminate.

    Step 2: Delete NAT Gateway:

    AWS ➔ Services ➔ VPC ➔ NAT Gateways ➔ Select NAT Gateway ➔ Actions ➔ Delete NAT Gateway ➔ Delete NAT Gateway.

    Again this will take some time to be deleted as it took at the time of creation.

    Step 3: Release Elastic IP which we used in NAT Gateway:

    AWS ➔ Services ➔ VPC ➔ Elastic IPs ➔ Select Elastic IP ➔ Actions ➔ Release addresses ➔ Release.

    Step 4: Delete VPC:

    AWS ➔ Services ➔ VPC ➔ Your VPCs ➔ Select your own created VPC (not default) ➔ Actions ➔ Delete VPC ➔ Delete VPC ➔ Close.





    Tags
    Share This
    Author Image

    About Divakar Rastogi

    By at
    Labels: ,

    18 comments:

    1. Bikash19 May 2019 at 09:23

      Good job...

      ReplyDelete
    2. Unknown23 May 2019 at 22:22

      Good explanation

      ReplyDelete
    3. Unknown25 May 2019 at 21:57

      Thanks Divakar.. I got first Lab working..

      ReplyDelete
      Replies
      1. Divakar26 May 2019 at 10:16

        Ok buddy!
        Soon I am going to upload docs about VPC-Endpoints. Be in touch.
        Thanks.

        Delete
    4. Satish Goud30 May 2019 at 18:19

      Thanks. GOOD job

      ReplyDelete
    5. Yousuf Zamindar31 May 2019 at 10:49

      Good Job...

      ReplyDelete
    6. Unknown1 June 2019 at 04:14

      Awesome

      ReplyDelete
    7. Amar2 June 2019 at 07:10

      Great initiative from you side
      I am amar and i am working as devops/cloud admin (aws/gcp) with kubernetes clustering setup cloud as well as om premise solutions , so please let me know if i can also contribute some thing on you initiative so others may get help.

      ReplyDelete
      Replies
      1. Divakar4 June 2019 at 03:02

        Thanks Amar!
        It's really grateful. Kindly provide me any of your contact information. My email ID is divakar.rastogi@gmail.com.

        Delete
    8. MS Azure21 July 2019 at 21:24

      Thanks for sharing this information to us.from this topic i got some knowledge.
      Best aws training in ameerpet| aws training in hyderabad

      ReplyDelete
    9. Priya16 September 2019 at 00:19

      Thank you for sharing useful information with us to get some idea about that content.
      Google Cloud Platform Training
      GCP Online Training
      Google Cloud Platform Training In Hyderabad

      ReplyDelete
    10. Sahir16 October 2019 at 03:46

      Good one thanks

      ReplyDelete
    11. Priya29 October 2019 at 05:25

      I like this post.Thanks for sharing.
      Google Cloud Platform Training
      GCP Online Training
      Google Cloud Platform Training In Hyderabad

      ReplyDelete
    12. Venkatesh30 October 2019 at 23:02

      have you included practical on VM migration on AWS?

      ReplyDelete
    13. Vishal B19 November 2019 at 09:35

      Thanks Divakar for sharing..

      ReplyDelete
    14. venkatesh20 December 2019 at 01:39

      Free Software Cracked Software, Backlinks, Tips&Tricks
      Spotify Free Premium Accounts
      Zee5 Premium Accounts
      Amazon prime Username And Passwords
      netflix username and passwords

      ReplyDelete
    15. sid seo10 July 2021 at 08:51

      Thanks For sharing this Superb article.I use this Article to show my assignment in college.it is useful For me Great Work. https://www.sorrisieservizi.it/internet/vpn-sicura-e-gratuita/

      ReplyDelete

    Subscribe to: Post Comments (Atom)

    About Me

    Hi, I am Divakar Rastogi.

    Pages

    About Me

    My name is Divakar Rastogi. I am RHCE certified Linux system Administrator having more than five years of experience in Linux along with more than nine years of total experience. I also have experience in Cloud (AWS & GCP) and some DevOps tools. I have state-of-the-art familiarity with computers. In academic I have completed BCA and MCA..
    Read More

    Recent News

    Contact Form

    Name

    Email *

    Message *

    Send Quick Message

    Name

    Email *

    Message *