Launching Web Portal on Cloud using VPC
Problem Statement: We have to create a web portal for our company with all the security as much as possible.
So, we use Wordpress software with dedicated database server.Database should not be accessible from the outside world for security purposes.We only need to public the WordPress to clients.
So here are the steps for proper understanding!
Steps:
1) Write an Infrastructure as code using terraform, which automatically create a VPC.
2) In that VPC we have to create 2 subnets:
a) public subnet [ Accessible for Public World! ]
b) private subnet [ Restricted for Public World! ]
3) Create a public facing internet gateway for connect our VPC/Network to the internet world and attach this gateway to our VPC.
4) Create a routing table for Internet gateway so that instance can connect to outside world, update and associate it with public subnet.
5) Launch an ec2 instance which has Wordpress setup already having the security group allowing port 80 so that our client can connect to our wordpress site.
Also attach the key to instance for further login into it.
6) Launch an EC2 instance which has MYSQL setup already with security group allowing port 3306 in private subnet so that our wordpress vm can connect with the same.
Also attach the key with the same.
Note: Wordpress instance has to be part of public subnet so that our client can connect our site.
mysql instance has to be part of private subnet so that outside world can’t connect to it.
Step-by-step Implementation
At first,Let us know what is VPC??
Amazon Virtual Private Cloud (Amazon VPC) enables you to launch AWS resources into a virtual network that you’ve defined. This virtual network closely resembles a traditional network that you’d operate in your own data center, with the benefits of using the scalable infrastructure of AWS.
Now,I will create a VPC using terraform code ,for which we have to give provider.
provider “aws” {
region = “ap-south-1”
profile = “arifiya”
}And then we can do anything we want in aws.So,I will create VPC using the below given code.
To run the code.firstly we have to initialize using command
Terraform init
and then we will use the below command to run our code
Terraform apply
On creating,your screen will appear something like this.
so now we may also check through GUI ,whether our VPC has been created or not.
Then,The next step that we have to do is creating a private and a public subnet.For which I will use the below written code.
And then we will find that Our Subnet is created.Also I will keep on checking the same from the GUI.
Now,we are done with our second step.Time to go for the third one where I have to Create a public facing internet gateway to connect our VPC/Network to the internet world and attach this gateway to our VPC.
For creating Internet gateway ,I am using this code:-
#internet_gatewayresource “aws_internet_gateway” “Natgw”{
vpc_id = “${aws_vpc.vpc1.id}”
tags = {
Name = “NatGateway”
}
And I have attached this internet gateway to my VPC.
So,As you can see that my internet gateway has been created,
Moving to the next step, where I have to Create a routing table for Internet gateway so that instance can connect to the outside world, then update and associate it with public subnet.
I am using this code for creating routing table and associating it with public subnet
Now,let’s check from GUI.
Now to launch the instance for wordpress and mysql,we need to create security groups for both and a key pair.
So,first of all I need to create a key pair.For this,I am using the below written code
#creating a key pairvariable “keyname” {
default = “Task3_Key”
}
resource “tls_private_key” “Key” {
algorithm = “RSA”
rsa_bits = 4096
}
module “key_pair” {
source = “terraform-aws-modules/key-pair/aws”
key_name = “Task3_Key”
public_key = tls_private_key.Key.public_key_openssh
}
Remember that to create key,we again have to use the command
terrform init
to download the plugins required for creating a key pair.After initializing screen will appear like this.
Now ,we can check our key through GUI.
Yes it is successfully created.
Now,time to create security groups.
- For creating security groups for wordpress,I am using this code for allowing HTTP,SSH and HTTPS
2. For creating a security group for mysql, I am using this code to allow port 3306 for mysql.
Now my both the security groups are created,checking through GUI.
Now we can launch an instance for wordpress and mysql separately.
I will launch instances using security groups created for them and key pair.
For launching instance for wordpress.
#creating wordpress instanceresource “aws_instance” “task3_ec2_instance1” {
ami = “ami-004a955bfb611bf13”
instance_type = “t2.micro”
subnet_id = “${aws_subnet.public-subnet.id}”
key_name = “Task3_Key”
vpc_security_group_ids = [“${aws_security_group.Task3_sg1.id}”]tags = {
Name = “Web_task3”
}
}
For launching instance for mysql
#creating os for mysqlresource “aws_instance” “task3_ec2_instance_2” {
ami = “ami-08706cb5f68222d09”
instance_type = “t2.micro”
subnet_id = “${aws_subnet.public-subnet.id}”
key_name = “Task3_Key”
vpc_security_group_ids = [“${aws_security_group.NewTask3_sg.id}”]tags = {
Name = “Mysql_task3”
}
}
After this,I will check through GUI whether my instances have been created successfully or not.
As now,Both the instances are created.
I can easily launch my wordpress by using the public IP of wordpress instance.
Now,The whole task is accomplished.
To delete the whole setup.Instead of deleting it though GUI or deleting it separately,we may delete the whole thing we have created by using just one command.
terraform destroy
Thank you For reading!!
Hope my blog would help.😊
Happy Learning!