3-Tier Apllication in AWS

-



1. Create VPC:

Create a new Virtual Private Cloud (VPC).



2. Create Subnets:

* Here 1st select vpc which was created recently

Create a total of 6 subnets:

  • 2 subnets for the web tier (public)
  • 2 subnets for the application tier (private)
  • 2 subnets for the database tier (private) 

*Creating webtier subnets as public subnets


For the web tier subnets:

Enable auto-assign IPv4 addresses.

After creating subnets select webtier subnet -->actions -->edit subnet settings -->enable auto assign IPv4

Do it for another webtier subnet also

*Now create subnets for application tier which are private subnets


*Now create subnets for database tier which are private subnets




3.  Create Internet Gateway (IGW):

Create an internet gateway and attach it to the VPC.




4.  Create Route Tables:

Create two route tables:

  • One for public subnets (web tier)
  • One for private subnets (application and database tiers)




Configure route tables:

  • For the public route table, associate it with public subnets and add a route for the internet gateway.
  • For the private route table, associate it with application tier private subnets.

So now after creating route tables go to the public route select it -->subnet association --> Edit subnet associations --> select public subnets -->save

Now again select public route -->Routes -->Edit routes --> attach internet gateway -->save


Go to the private route select it -->subnet association --> Edit subnet associations --> select applicateiontier private subnets -->save


5. Set Up NAT Gateway:

  • Create a NAT Gateway and allocate an Elastic IP.
  • Attach the NAT Gateway to the public subnets.

 Create NAT gateway and attach this to the subnets which is attached to the internet gateway so here  we are attached public subnets to the internet gateway and next allocate elastic ip for that and save the changes



After this go to the route table select private route table select it here i have connected applicationtier subnets so noe go to routes --> edit routes --> select NAT gateway which was created above and save the changes

6. Launch Template for Web Tier:
Create a launch template for the web tier instances:
  • Amazon Linux OS
  • Instance type: t2.micro
  • Existing keypair
  • Security Group: Allow HTTP and SSH
  • User data script to install and start a web server
Launch Template go to EC2 instance left side you can see the Launch Template navvigate that and create Launch template select OS as amazon linux--> instance type - t2.micro -->select existing keypair -->Network settings -->create Security Group --> Give 3tierapplication vpc -->select inbound rules http and ssh --> advanced details --> user data --> give this script 
#!/bin/bash
yum update -y
yum install httpd -y
systemctl start httpd
systemctl enable httpd
yum install git -y
git clone https://github.com/Ashoksana/explorewithashok.git /var/www/html/


7.Create Auto Scaling Group for Web Tier:
Create an Auto Scaling Group using the web tier launch template:
  • Specify the VPC and application tier subnets
  • Instances will be managed by the Auto Scaling Group
 select it and create Auto scaling group -->give the name -->select Launch template which was created above -->click next-->select vpc -->select webtier subnets --click next-->
Now instance was created by using autoscaling group 



Now we need to create another launch template to application tier go to the launch template -->create launch template and create Launch template select OS as amazon linux--> instance type - t2.micro -->select existing keypair -->Network settings -->create Security Group --> Give 3tierapplication vpc -->select inbound rules http and ssh  and mysql --> click launch template
 create Auto scaling group navvigate to the left side we can see at the botton Auto scaling group select it and create Auto scaling group -->give the name -->select Launch template which was created above -->click next-->select vpc -->select applicationtier subnets --click next-->
now instance was created by using autoscaling group 
8.Set Up RDS (Database):
Create a MySQL RDS instance:
  • Choose a version (Free Tier)
  • Set the password
  • Adjust instance configuration (t2.micro)
  • Select VPC and set public access to No
  • Create a new VPC security group

9.Update Security Group Rules:
Update the application tier security group to allow inbound MySQL traffic from the database security group.
Go to the security group you can see the database -sg so here i want to update for that go to EC2 dashboard there select application  instance select it and go to the security -->click on the security group edit inbound rules here in the mysql update the security group which was created above the database-sg
Go to terminal and connect your webtier machine and curl the application

10.Test Connectivity:
Ping private IPs of instances within the VPC.
now you ping another machine's ip but for that machine public ip will not be there so ping private ip .it is not pinging because one of the traffic is not added to the securit group that is icmp
so  exit from that and do cat for the pem file which was used from starting and copy that file
Connect the machine and create a folder so that we can store the pem file there and change the file permissions 
You can connect the machine which is in private ip by using ssh -i appkey ec2-user@privateip 
11. Connect Application to Database:
Install MySQL on the application instance and connect to the RDS database using the endpoint, port, username, and password.
Cconnect database to the application machine for that we need to grab the endpoint and copy that endpoint
for that we need to install mysql 
for installation follow this link 
https://tecadmin.net/install-mysql-on-amazon-linux/
Next connect the apptiermachine and connect the database using the command 
msql -h <endpoint> -P 3306 -u admin -p


Thank you

M. Nishitha (Intern),

DevOps Protectors,

Data Guard Team,

Enterprise Minds.


















 

























Location: Tirupati, Andhra Pradesh, India

Comments

Post a Comment

Popular posts from this blog

Using Trivy for Container Image Vulnerability Scanning in DevOps

-
Image
In this guide, we'll walk you through the process of using Trivy, an open-source vulnerability scanner, to identify vulnerabilities in container images as part of your DevOps practices. We'll focus on integrating Trivy with Docker, a popular DevOps tool, and provide step-by-step instructions for installation, scanning images, interpreting reports, and taking necessary actions based on the vulnerability findings. By following these steps, you can enhance the security of your applications and ensure that your containerized environments are well-protected against potential threats. Here's how you can use Trivy with Docker, one of the popular DevOps tools, in a step-by-step process: Step 1: Install Docker Make sure you have Docker installed on your system. You can download and install Docker from the official Docker website: https://www.docker.com/get-started sudo amazon-linux-extras install docker -y sudo service docker start sudo usermod -a -G docker ec2-user Step 2: Install ...
Read more

Database Backup Software - Feature Study

-
Core and Optional Features of Data backup And Restore It is imperative to have a backup of the database in case the original is corrupted or lost because of any reason. Using this backup, the database can be recovered as it was before the failure. Database backup basically means that a duplicate of the database information and data is created and stored in backup server just to be on the safe side. Transaction logs are also stored in the backup along with the database data because without them, the data would be useless. The restore process involves retrieving the backup copy of the database and restoring it to the original or another server. The restore process can be simple or complex, depending on the backup type and the complexity of the database. It is essential to test the restore process regularly to ensure that the backups are working correctly and the data can be restored in case of a disaster. Here are some core features of database backup and restore: BACKUP: Backup refers t...
Read more