VPC creation steps:
On vpc, right click and enable dns autoassign to assign a hostname to an ec2 instance once created.if not selected, then instance machine public dns name should be set manually.
We can create multiple VPCs with same name as VPC id should be unique, not the name tag.
Similarly, on a subnet inside vpc, right click and select auto assign public ip to provide public ip addresses to instances.
Internet gateway should be assigned to a vpc to connect with or from outside network or internet.Create an internet gateway from vpc dashboard, internet gateway section.By default after creation, it would be in detached mode, edit it and select the vpc for it.
Only one internet gateway can be assigned to a vpc.In the background there are multiple gateways to provide fault tolerance.
We need to have a routing table assigned to vpc, so that the inbound and outbound traffic will be routed accordingly between instances.click on routing table and create routing table.When we create a routing table, a default routing table will be created automatically, we can use that or create our own.One of the routing tables are set as main(we can change that by right click on routing table and select as main), means default to pick.So that, if we don’t assign any routing table to subnets, this will be used.We can assign subnets to routing table explicitly by clicking on routing table and click on subnet associations and edit the associations to select subnets in the vpc.
Next we need to create routes to guide the network traffic.For example, below local for the ip range specifies that the traffic with this ip range should be routed in the local network.No need to route to internet gateway. 0.0.0.0/0 means other than the 10. Ip range we set first, all the route should be gone to the gateway we mentioned.
Every application uses a port in our environment.
HTTP =80
HTTPS =443
DNS= 53
Like these, we have 0 to 65000 ports
To connect to a linux server, we need 22 port.
For windows, RDP port:3389
To give access to these ports, we do in security groups.Default one is created for a VPC.
VPC Dashboard — security groups — create a security group (select the particular VPC in it)
Select the security group and add inbound and outbound rules.
We can allow all traffic/ selected ports for selected IP range.
outbound rule and outbound rule:
———
Type :All Traffic
Protocol , Port Range: ALL
Destination: 0.0.0.0/0
Keypair consists of public key(like LOCK) and private key(like KEY to LOCK).
services — EC2 — Network and security (left side) — Key Pairs
create key pair, will create a kay pair and give option to download .pem file.
EC2 — launch instance — AMI Linux image — select vpc in network and the subnet also.
private ip should be provided in the network interface section.
Once the machine is created, we need to use the public IP to connect to the machine.
If we want to connect with private IP, then we need to connect using jumpbox server with VPN.
Other than ec2, all the above options: VPC,subnets,security groups,etc are of free of cost.
DevOPs Diary 
Leave a comment