Lab 9:To Configure Amazon Virtual Private Cloud(VPC)
Lab 9:To Configure Amazon Virtual Private Cloud(VPC)
Topology:
Pre-Requties:
User Should have AWS account ,or IAM user with VPCFullaccess
TASK:
Create your own VPC
Create public subnet
Create private Subnet
Create internet Gateway
Attach Internet gateway(IGW) to your VPC
Create public Routing Table,associate subnet and add routing rules
Create private Routing Table,associate subnet and add routing rules
Launch an instance in Public network
Launch an instance in Private network
Create NAT Gateway
Connect to public instance and check internet connectivity
Connect to private instance and check internet connectivity
Amazon Virtual Private Cloud(VPC) enables you to launch Amazon web Services (AWS) resources into Virtual network that you've defined.This Virtual network closely resources resembles a traditional network that you'd operate in your own data center,with the benefits of using the scalable infrastructure of AWS
1.Create your own VPC
Open AWS console
Click on services
Select Networking and content Delivery
Click on VPC
On VPC dashboard panel
click on your VPC
Click on Create VPC button
On"Create VPC",page
For Name tag---------------->HYDVPC
For IPV4 CIDR block---------------->192.168.0.0/16
Leave remaining field as default
Click on "Yes Create"button
verify HYDVPC is Created
2.To create public subnet
click on subnet
click on Create subnet button
On create subnet,page
For Name Tag--------------------->hyd-pub-subnet
For VPC -------------------------->HYDVPC
For IPV4 CLDR block--------------->192.168.0.0/16
Click on "Yes Create"button
verify hyd-pub subnet got Created
3.To create private subnet
click on subnet
click on Create subnet button
On create subnet,page
For Name Tag--------------------->hyd-pvt-subnet
For VPC -------------------------->HYDVPC
For IPV4 CLDR block--------------->192.168.20.0/24
Click on "Yes Create"button
verify hyd-pvt subnet got Created
4.Create Internet gateway(IGW) and attach your VPC
in vpc Dasshboard panel
click on Internet gateway
Click on Create internet gateway button
In Create internet gateway box
For Name Tag----------->HYDIGW
click on "yes create"button
verify internet gateway is created
Select HYDIGW
Click "Attach to vpc"
In "Attach to vpc" box
For VPC------->HYDVPC
click on "yes Attach"button
verify internet gateway is connected to your VPC
5.Create public Routing Table,associate subnet and add routing rules
on vpc Dashboard panel
Click on Route Table
click on "Create Route Table"button
On "create Route Table"box
For Name Tag----------->hyd-pub-route
For vpc------------->HYDVPC
click on "yes create"button
verify hyd-route is created
Click on "Subnet Association" button
Click on Edit Button
Select check box of hyd-pub-subnet ------------->192.168.10.0/24
Verify hyd-pub-subnet is associated with routing table.
Click on Route Button
Click on Edit Button
Click on "Add another route "button
For Destionation----------->0.0.0.0/0
For Target------------------>Select HYDIGW
Click on Save button
Verification public route is added through internet gateway
Verify status colomn show Active
6.Create private Routing Table,associate subnet and add routing rules
on vpc Dashboard panel
Select Route Tables
Click on "Create Route Table"
on "Create Route Table"button
For Name Tag----------->hyd-pvt-route
For vpc------------->HYDVPC
click on "yes create" button
Verify hyd-pvt-subnet is create
Click on Subnet Associate button
Click on Edit Button
Select Check box hyd-pvt-subnet-------------->192.168.20.0/24
Click on save Button
Verify hyd-pvt-subnet is associated with routing table.
Click on Route Button
Note: No need Add IGW in pvt route
7.To launch windows instance in public subnet
open the AWS Console
Click on services
Click on EC2 service
On the EC2 dashboard panel
Click on instance
Click on launch instance
Select AMI"Microsoft server 2012 Base -ami-a1c1dddg
Free tier eligible
On the "choose an instance type"page
Select"General purpose t2.micro"
Click on"Next configuration Instance Details" button
on the"Configuration instance Details"Page
For"Number of instance"---------->1
For"Network"---------------------->HYDVPC
For"Subnet"------------------------>hyd-pub-subnet
For"Auto assign public ip"----------->Enable
Click on"Next :add storage" button
on the "Add storage "page
Take default values
click on "Next:Add tags" button
Click on "Add tags" button
For "key"----------------->Name
For value--------->winpubvm
Click on "Next :Configure security Group"
On the "Configure security Group"page
Take Default values
Click on "Review and Launch"button
Click on "Launch" button
Select "create a new key pair"
For"key pair name"------------->winkey
click on "Download key pair"button
Click on "Launch instance "button
Check summary,Drag down
Click on "View instance"button
Verify that instance is running
8.To Launch windows instance in private subnet under HYDVPC VPC
open console
Click on Services
Click on EC2 Services
On the EC2 Dashboard panel
click on instance
Click on "Launch instance"button
on the "Choose an Amazon Machine image(AMI)"page
select AMI"Microsoft windows server 2012 R2 Base -ami-alc1dddg"
free tier Eligible
on the "Choose an instancetype"page
Select "General purpose t2.micro"
Click on "Next configuration Instance Details" button
on the"Configuration instance Details"Page
For"Number of instance"---------->1
For"Network"---------------------->HYDVPC
For"Subnet"------------------------>hyd-pvtsubnet
For"Auto assign public ip"----------->Diasble
Click on"Next :add storage" button
on the "Add storage " page
Take default values
click on "Next:Add tags"button
Click on "Add tags" button
For "key"----------------->Name
For value--------->winpvtvm
Click on "Next :Configure security Group"
Take Default values
Click on "Review and Launch"button
Drag Down
Click on "Launch" button
Select "Choose an Existing key pair"
For "key pair name"------->winkey
select i acknowledge check box
Click on "Launch instance"button
Check summary,Drag Down
Click on "view instance "button
Verify that instance is Running
verification
output shows that both instance in public & private subnet are Running
Now to connect an instance in private subnet first connect an instance in public network then from
there connect to an instance in private subnet as shown in diagram
9.To configure to public subnet instance
First locate the public IP of a public instance
click on "connect" button
click on "Download Remote Desktop file"
Click on "Get Password"
Provide the path of the key file
Click on Choose file button
select the key file
click on open button
Now click on " Decrypt password "button
Verification
Password is generated copy in notepad
Click on Close button
Double click on RDP file
Provide windows user name------------->Administrator
password-------------->"28.pEY$TG",as shown above
click on " Connect " button
paste the password
click on ok button
Click on "YES" button
verify
verificataion
Now you are connected to windows public instance
On windows Desktop public and private both IP's are displayed
10.To connect to private subnet instance
Go to Ec2 Dashboard
Select private instance
Getthe private ip of the instance
click on "connect " button
To get the password
Click on "Get password "button
Click on "Decrypt password"
Verify
IP and password of private subnet instances is provided
Now logging to public instance
Open Run and type mstc to connect to windows private instance
Provide private instance
private IP------->192.168.20.87
user name------------->Administrator
password-------------->"G-oV;n$@i"
Now provide Username and password
verification
check private IP at right top cornor
Now you are connected to windows private instance
11.To connect Linux instance in private subnet
Launch instance in public subnet------------>hyd-pub-subnet
Open AWS console
Click on services
Click on instance
Click on "Launch instance" button
On the "Choose an Amazon Machine image(AMI)"page
Select AMI"Amazon Linix AMI 2017.03.1(HVM),SSD volume Type-ami-6df1e514
Click on select button
On the "Choose an instance type"page
Select "General purpose"
Type------------>t2.micro
Click on"Next:configure instance Details"
On the "Configure instance Details"page
Number of instance----------->1
Network------------------------->HYDVPC
subnet--------------------------->hyd-pub-subnet
Auto-assign public ip-------->Enable
on the "Add Storage "page
Leave the values as default
Click on"Next:Add Tags"button
On the "Add tags"page
Key-------------------->Name
Value------------------>linuxpubvm
Click on"Next:Configure Security Group"button
On the "Configure Security Group"page
Assigna security group----------->Create a new security group
Leave remaining values as a default
Click on "Review and Launch" button
On the "Review instance Launch"page
Click on Launch button
on the "Select an existing Key pair or create a new key pair"page
select Create a new key pair
key pair name------------------------>linuxvmkey1
click on "Launch Instance"button
Check the summary
Click on View instance button
Verification
Linux instance in public subnet is launched
12.To connect to linux instance in priavate subnet
Launch linux instance in private subnet------------>hyd-pvt-subnet
Open AWS console
Click on services
Click on instance
Click on "Launch instance" button
On the "Choose an Amazon Machine image(AMI)"page
Select AMI"Amazon Linix AMI 2017.03.1(HVM),SSD volume Type-ami-6df1e514
Click on select button
On the "Choose an instance type"page
Select "General purpose"
Type------------>t2.micro
Click on "Next:Configure Security Group"button
On the "Configure instance Details"page
Number of instance----------->1
Network------------------------->HYDVPC
subnet--------------------------->hyd-pub-subnet
Auto-assign public ip-------->Disable
on the "Add Storage "page
Leave the values as default
Click on"Next:Add Tags"button
Click on Add Tag
On the "Add tags"page
Key-------------------->Name
Value------------------>linuxpvtvm
Click on "Next:Configure Security Group"button
On the "Configure Security Group"page
Assigna security group----------->Create a new security group
Leave remaining values as a default
Click on "Review and Launch" button
On the "Review instance Launch"page
Click on Launch button
on the "Select an existing Key pair or create a new key pair"box
select Create a new key pair
key pair name------------------------>linuxvmkey1
click on "Launch Instance"button
Check the summary
Click on View instance button
Verification
Linux instance in public subnet is launched
To connect to linux private instance
First copy the key to linux instance in public subnet
Now connect to linux instance in public
Then connect to linux instance in private
open mobaterm
coping *.pem file to linux instance in public
select public linux instance click on connect
verify the guide lines
Use the above the public IP of instance in mobaxterm
Copy *.pem file to linux instance using scp command
Verify Use command ,pwd is to check *.pem file
Now connect to public instance using ssh command
Select private instance and get private IP
view the details of private instance
verification
Run ssh command to login to private instance
Now you are connected to private instance in private subnet
This comment has been removed by the author.
ReplyDelete