Let's build the below vpc from scratch!!
Building this consists of 3 phases VPC, AUTO SCALING GROUP for ec2 servers , a JUMP HOST to manage them, and finally LOAD BALANCER to allow traffic.
STEP-1 : VPC
Go to vpc section in aws console and start creating with below configurations leaving rest of them with default values.
STEP-2: AUTO SCALING GROUP
Now as vpc is created with 2 private public sub nets, instead of manually creating 2 ec 2 instances, lets proceed to auto scaling groups in EC2 section, which can create as many instances we need in a single step.
So, beginning with creation of a launch template for auto scaling group with below configurations.
In security inbound rules, we have opened port 22 to ssh from jump host to install html web page, python server to our instances and port 8000 to receive user requests as python server is running on port 8000.
Now, lets complete the setup of the auto scaling group using this template.
In our newly created vpc, include both private sub nets as per diagram.
And next as per diagram select desired instances as 2 , minimum 2 and maximum 4 instances.
STEP-3: BASTION / JUMP HOST
Manually create another EC2 instance in a public subnet of our vpc so that it can connect to our instances in private subnets and install html code and initiate python server on port 8000 in them.
Remember not every instance can connect to those instances in private sub net as there is no route from internet gateway to private subnet, but as routing within subnets is possible instances in public subnet can connect to them and we can also connect to such instances at the same time.
So create an EC2 instance in guilded vpc, in any public subnet , with auto assign of public ip enabled, and open port 22 in inbound rules as we need to connect to it through ssh.
After creating a jump host lets copy key pair pem file from our local computer to bastion using command,
scp -i bastion-key-file ec2s-key-file ubuntu@bastion-public-ip
EG:
scp -i qwerty.pem qwerty.pem ubuntu@13.51.167.92:/home/ubuntu
Now login to bastion with
ssh -i qwerty.pem ubuntu@13.51.167.92
Now lets login into private subnet ec2 in bastion with their private ip address by
ssh -i qwerty.pem ubuntu@private-ip-address
Now, make any html code and start a python server with
vim index.html, python3 -m http.server 8000
STEP-4: LOAD BALANCER
Go to EC2 > LOAD BALANCER > CREATE LOAD BALANCER
start creating load balancer by:
Similar to the jump host,
We should create load balancers in the same vpc at public subnets so that users can access them and only open http port 80 in the load balncer security group to listen requests from users and finally create a target group on same vpc and give port value as 8000 as our python servers running on port 8000 and include the 2 instances created by auto scaling group in register targets section.
