Amazon Web Services
Build your own VPC and launch a web server

Welcome to Chronicles, let' explore Amazon Virtual Private cloud and launch a webserver.

Description

Amazon VPC enables you to deploy AWS resources into a virtual network, mimicking traditional data center networks with the scalability of AWS infrastructure. This guide will walk you through creating a VPC, subnets, configuring security groups, and launching an EC2 instance within the VPC.

Fig.-1:AWS Cloud Architecture

Task 1: Create Your VPC

  1. Confirm VPC Settings:

    • VPC: lab-vpc
    • Subnets:
      • us-east-1a
        • Public subnet name: lab-subnet-public1-us-east-1a
        • Private subnet name: lab-subnet-private1-us-east-1a
    • Route tables:
      • lab-rtb-public
      • lab-rtb-private1-us-east-1a
    • Network connections:
      • lab-igw
      • lab-nat-public1-us-east-1a

  2. Create VPC:

    • Click "Create VPC" at the bottom of the screen.

Fig.-2: Creating a VPC

Task 2: Create Additional Subnets

  1. Navigate to Subnets in the left navigation pane.

Fig.-3: Creating a subnet

  1. Create Second Public Subnet:

    • Configure:
      • VPC ID: lab-vpc
      • Subnet name: lab-subnet-public2
      • Availability Zone: Select the second Availability Zone (e.g., us-east-1b)
      • IPv4 CIDR block: 10.0.3.0/24

  2. Create Second Private Subnet:

    • Configure as before but for the second private subnet.

  3. In the left navigation pane, choose Route tables. Fig-4. Creating Route Table

  4. Select the lab-private1-us-east-1a route table.

  5. In th lower pane, choose Routes tab. Fig-5. Editing routes in the route table

  6. Choose the Subnet associations tab.

  7. In the Explicit subnet associations area, choose Edit subnet associations

  8. Leave lab-subnet-public1-us-east-1a selected, but also select lab-subnet-public2.

  9. Choose Save associations

Fig.-6 Changing subnet association

Your VPC now has public and private subnets configured in two Availability Zones. The route tables you created in task 1 have also been updated to route network traffic for the two new subnets.

Task 3: Create a VPC Security Group

In this task, you will create a VPC security group, which acts as a virtual firewall. When you launch an instance, you associate one or more security groups with the instance. You can add rules to each security group that allow traffic to or from its associated instances.

  1. Go to Security groups in the left navigation pane.

  2. Create security group:

    • Security group name: Web Security Group
    • Description: Enable HTTP access
    • VPC: Choose lab-vpc

  3. Add Inbound Rule:

    • Type: HTTP
    • Source: Anywhere-IPv4
    • Description: Permit web requests

  4. Scroll to the bottom of the page and choose Create security group

Fig.-7: Creating the internet gateway

You will use this security group in the next task when launching an Amazon EC2 instance.

Task 4: Launch a Web Server Instance

When you name your instance, AWS creates a tag and associates it with the instance. A tag is a key value pair. The key for this pair is Name, and the value is the name you enter for your EC2 instance.

  1. Choose an AMI from which to create the instance:
    • In the list of available Quick Start AMIs, keep the default Amazon Linux selected.
    • Also keep the default Amazon Linux 2023 AMI selected.

The type of Amazon Machine Image (AMI) you choose determines the Operating System that will run on the EC2 instance that you launch.

  1. Choose an Instance type:
    • In the Instance type panel, keep the default t2.micro selected.

The Instance Type defines the hardware resources assigned to the instance.

  1. Select the key pair to associate with the instance:

    • From the Key pair name menu, select vockey.

  2. Configure the Network settings:
  • Next to Network settings, choose Edit, then configure:
  • Network: lab-vpc
  • Subnet: lab-subnet-public2 (not Private!)
  • Auto-assign public IP: Enable
  1. Configure a script to run on the instance when it launches:
    • Expand the Advanced details panel.
    • Scroll to the bottom of the page and then copy and paste the code shown below into the User data box:
#!/bin/bash
# Install Apache Web Server and PHP
sudo dnf install -y httpd wget php mariadb105-server
# Download Lab files
wget https://aws-tc-largeobjects.s3.us-west-2.amazonaws.com/CUR-TF-100-ACCLFO-2-9026/2-lab2-vpc/s3/lab-app.zip
unzip lab-app.zip -d /var/www/html/
# Turn on web server
chkconfig httpd on
service httpd start

This script will run with root user permissions on the guest OS of the instance. It will run automatically when the instance launches for the first time. The script installs a web server, a database, and PHP libraries, and then it downloads and installs a PHP web application on the web server.

  1. At the bottom of the Summary panel on the right side of the screen choose Launch instance

  2. Select Web Server 1.

  3. Copy the Public IPv4 DNS value shown in the Details tab at the bottom of the page.

Open a new web browser tab, paste the Public DNS value and press Enter. You should see a web page displaying the AWS logo and instance meta-data values. The complete architecture you deploy

Congratulations!! You have successfully explored the features of AWS VPC and successfully created, an EC2 instance which is launched within it. The instance serves as a web server accessible via its Public IPv4 DNS value.

Exploring S3 bucketBuild a database server in AWS