The structure is that an web server is exposed to public, and the server is connected to mySQL server which resides on another network segment within VPC.
Here is an image:
And followings are brief glossary for each AWS resources.
| VPC | Virtual Private Cloud is an on-demand configurable pool of shared computing resources allocated within a public cloud environment. You define / design network segments, and deploy EC2 instances on VPC. |
| Subnets | Segmented network within VPC.
Appropriate route table setting is needed for connecting with other subnets or gateways. |
| Internet gateway | The gateway which your deployed servers access to the internet. |
| NAT gateway | The gateway provides the internet access to your servers resides on private subnet. |
| EC2 instance | Servers which are created from particular images. |
| Security group | Firewall setting associated with EC2 instance. SG's are stateful. Example: If you allow an incoming port 80, the outgoing port 80 will be automatically opened. |
| Network ACL | Firewall setting associated to with subnets. Unlike SG, network ACL is stateless. |
1. I am showing a video how we can setup VPC and two subnets.
2. Secondary, we provision an EC2 instance for web server.
sudo yum update -y
sudo yum install -y httpd24 php72 php72-mysqlnd
sudo service httpd start
sudo chkconfig httpd on
sudo usermod -a -G apache ec2-user
sudo chown -R ec2-user:apache /var/www
sudo chmod 2775 /var/www
find /var/www -type d -exec sudo chmod 2775 {} \;
find /var/www -type f -exec sudo chmod 0664 {} \;
sudo yum install php72-mbstring.x86_64 -y
sudo service httpd restart
cd /var/www/html
wget https://www.phpmyadmin.net/downloads/phpMyAdmin-latest-all-languages.tar.gz
mkdir phpMyAdmin && tar -xvzf phpMyAdmin-latest-all-languages.tar.gz -C phpMyAdmin --strip-components 1
sudo yum install -y httpd24 php72 php72-mysqlnd
sudo service httpd start
sudo chkconfig httpd on
sudo usermod -a -G apache ec2-user
sudo chown -R ec2-user:apache /var/www
sudo chmod 2775 /var/www
find /var/www -type d -exec sudo chmod 2775 {} \;
find /var/www -type f -exec sudo chmod 0664 {} \;
sudo yum install php72-mbstring.x86_64 -y
sudo service httpd restart
cd /var/www/html
wget https://www.phpmyadmin.net/downloads/phpMyAdmin-latest-all-languages.tar.gz
mkdir phpMyAdmin && tar -xvzf phpMyAdmin-latest-all-languages.tar.gz -C phpMyAdmin --strip-components 1
3. Next step is to provision EC2 instance for mySQL.
Since the instance is sitting on private subnet, NAT gateway and route table setting should be implemented for providing subnet_02 internet connection.
Here is a set of commands for initial setup for mySQL.
sudo yum install -y mysql57-server
sudo service mysqld start
sudo mysql_secure_installation
sudo chkconfig mysqld on
sudo service mysqld start
sudo mysql_secure_installation
sudo chkconfig mysqld on
4. Finally, we add required security group settings on subnet_02, and we can access to phpMyAdmin page via web browser with assigned global IP address.
No comments:
Post a Comment