Task 1: Creating a VPC
Step 1: Open Vocareum -> Click on the lab -> My Work -> Start Lab. A pop-up window will appear and when it says, “Lab status: ready”, close the window -> Click on AWS tab on top right navigation bar.
Step 2: Click “Services” -> Click on VPC -> Launch VPC Wizard.
Step 3: Click “VPC with Public and Private Subnets” on the left panel -> Click on “Select” -> Enter the name of VPC as “Lab VPC”, choose the first availability zone, public subnet as “Public Subnet 1”, private subnet as “Private Subnet 1”.
Step 4: Clcik on “Create VPC” -> Click on “OK”.
Task 2: Creating Subnets
Step 1: Click on Subnets -> Select “Create Subnet” -> Enter the Name tag as “Public Subnet 2”, VPC name as “Lab VPC”, availability zone as the second availability zone, IPv4 CIDR block as “10.0.2.0/24”.
Step 2: Click on “Create” -> “Close”.
Step 3: Click on Subnets -> Select “Create Subnet” -> Enter the Name tag as “Private Subnet 2”, VPC name as “Lab VPC”, availability zone as the second availability zone, IPv4 CIDR block as “10.0.3.0/24”.
Step 4: Click on “Create” -> “Close”.
Step 5: Click on “Route Tables” on the left panel -> Check the route table that has “Main= Yes” and the “Lab as Lab VPC”. Click on the “Routes” tab in the lower pane, we can see the destination IP address and the target address.
Step 6: Click under the name column for that route table -> Enter the name as “Private Route Table” -> Click on the tick mark.
Step 7: Click “Subnet Association” in the lower panel of “Route Table” -> Select “Edit subnet associations” -> Select “Private Subnet 1” and “Private Subnet 2” -> Click on “Save”.
Step 8: Click on “Route Tables” on the left panel -> Check the route table that has “Main= No” and the “Lab as Lab VPC”. Click on the “Routes” tab in the lower pane, we can see the destination IP address and the target address -> Click under the name column for that route table -> Enter the name as “Public Route Table” -> Click on the tick mark.
Step 9: Click “Subnet Association” in the lower panel of “Route Table” -> Select “Edit subnet associations” -> Select “Public Subnet 1” and “Public Subnet 2” -> Click on “Save”.
Task 3: Creating Security Group for VPC
Step 1: On the left panel, click on “Security Groups” -> Click “Create security group”.
Step 2: Enter the security group name as “Web Security Group”, description as “Enable HTTP access” and VPC as “Lab VPC”. Click on “Create” -> Click on “Close”.
Step 3: Select the “Web Security Group” -> Click on “Inbound Rules” -> Click on “Edit rules” -> Select “Add Rules” and enter the type as “HTTP”, source as “Anywhere” and description as “Permit web requests” -> Click on “Save rules” -> Click on “Close”.
Task 4: Launching a Web Server Instance
Step 1: Click on “Services” -> Select “EC2” -> Click on “Launch Instance” -> Select “Amazon Linux 2” which is at the top of the page -> Click on “Select”.
Step 2: From the “Type” column, select “t2.micro” -> Click on “Next: Configure Instance Details”
Step 3: Enter the Network as “Lab VPC”, Subnet as “Public Subnet 2”, “Auto-assign Public IP: Enable”. Click on “Advanced Details” -> Copy and paste the code provided in the lab instruction into the “User data” box -> Click on “Next: Add Storage”.
Step 4: Click on “Next: Add Tags” -> Select “Add Tag” and enter the key as “Name” and the value as “Web Server 1” -> Click on “Next: Configure Security Group” -> Select “Select an existing security Group” -> Check the “Web Security Group” -> Click on “Review and Launch” -> Click on “Continue” -> Select “Launch”
Step 5: Click on “Launch Instances” -> Select “View Instances” to check the status of “Web Server 1”.
Step 6: Click on “Web Server 1” -> Copy the “Public DNS” in the Description tab from the lower panel -> Open a new browser tab and paste the value we copied earlier. Press “Enter”. We should be able to see the AWS logo and the meta-data values of the instances.
Reflection and Critical Thinking
For this lab, I have learned how to create a VPC, create subnets for network, configure security group and finally being able to deploy an EC2 instance in a VPC.
For creating VPC, I provide the name, subnets name with CIDR and the availability zone. Then I had to create few more subnets which were Public and Private subnets. After that a routing table was needs to be created so that the private subnet can access internet, but the resources are hidden.
Then the next stage was creating a security group for the VPC. The security group allowed the VPC to have access to http and web requests from anywhere. Finally, I was trying to launch the instance of web server to complete the lab. For this, I had to enter the codes provided by the lab instruction into the user data box and I created a tag for it. While configuring it, we set the security group to the one which we created earlier in order to give the VPC the required permission. After that we copied the DNS IPv4 address and pasted in a web browser tab which shows that the deployment was successful because the name of the instance and its description was there in the web browser with the aws logo.
VPC allows users to deploy AWS resources in a virtual network that are defined by the users. Compared to the bare metal machines and networks that are built in data centres, VPC allows the users to benefit from the infrastructure of AWS which can be scalable. We can also use VPC to span across multiple availability zones.
King's Blog 