AWS VPC with a public subnet, private subnet and Internet gateway by Terraform
VPC
VPC is like an office or a private space in which we can set up our labs/subnet for launching instances inside it.
This space looks real but it is virtual. This space is our own means private that is isolated from other spaces/office that’s the reason it is known as VPC- Virtual Private Computing.
Internet Gateway (IG)
It is the router in VPC. this router is public Facing Router. from this Router from the public can connect to instance running in subnet inside VPC. IG belongs to VPC. VPC has one IG. Through the Internet gateway, the public can be connected to private (instance) and private can also connect to the public.
Subnet
In AWS labs are known as Subnet. In VPC there are subnets. these subnets have a router, DHCP server that is connected switch. when we launch any instance inside subnet it will attach to switch and DHCP is the one who assigns IP to this instance.
We can’t directly launch the instance in the Amazon data center. We have to launch it inside the subnet. A subnet is inside any of the data centers.
Private Subnet
In this subnet, we do not associate the routing table so that all VM’S inside this subnet can’t go internet gateway for outside connectivity, and also public will not able to connect to VM’S inside this subnet.
Public Subnet
In this subnet, we attach the routing table so that all VM’S inside this subnet get connected to the outside or public world by using the internet gateway.
Let’s Start the process with Project
Steps:
- We have to tell who is your provider means from whom you will Terraform contact to taking the services. In our case providers are AWS.
2. Write an Infrastructure as code using Terraform, which automatically creates a VPC.
3.) In that VPC we have to create 2 subnets:
a) public subnet [ Accessible for Public World! ]
b) private subnet [ Restricted for Public World! ]
4) Create a public-facing internet gateway to connect our VPC/Network to the internet world and attach this gateway to our VPC.
5) Create a routing table for Internet gateway so that instance can connect to the outside world, update and associate it with the public subnet.
and associate it with the public subnet.
6) Create a security group allowing port 80 so that our client can connect to our WordPress site on an instance running on the public subnet. The client can also do ssh to this instance running with WordPress in the public subnet.
7) Launch an ec2 instance that has WordPress setup already having the security group allowing port 80 so that our client can connect to our WordPress site.
Also, attach the key to the instance for further login into it.
8) Launch an ec2 instance that has MYSQL setup already with security group allowing port 3306 in a private subnet so that our WordPress VM can connect with the same.
Also, attach the key with the same.
Note: WordPress instance has to be part of the public subnet so that our client can connect our site.
MySQL instance has to be part of a private subnet so that the outside world can’t connect to it.
Don’t forget to add auto IP assign and auto DNS name assignment options to be enabled.
So our setup is ready. so let’s perform the task
for applying the Terraform code that we have created, we have to first initialize it:
Command — terraform init
it might show one warning. but it is just one warning that neglects it. The code is fine.
Command — terraform apply — auto-aprove
So our setup is launched successfully.
Subnet inside this VPC
Route table inside this VPC
Internet gateway
Security groups
Instances
Now we use the public IP of WordPress instance we can connect to the WordPress Php website running on this instance.
It is the site running on WordPress instance.
Now we destroy our setup using just one command
command- terraform destroy — auto-approve
Task has been completed
Happy Learning.😊
Github URL — https://github.com/jaiswaldj/aws-task-3