Cloud Formation is an AWS tool that allows you to script a complete environment to be setup (and as we will see - then change it) via a template design, rather than manually setting up all the components. Great for something that you need to roll out in a repeated (or scalable) fashion, and then have the ability easily to remove all the components once done with the project, so you don't have to go in to each area and delete each resource (and possible leave some resource(s) in place costing you wasted money!).
In our LAB here we will go through and initially build a Linux instance with a web server within a VPC, with internet access via a public IP. A similar walk through from AWS on this design can be found here:
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/working-with-templates-cfn-designer-walkthrough-createbasicwebserver.html
In our case we will make some slightly different options and methods, as well as use the GUI Designer to make it a bit more graphical and easy to understand what is connecting to where for the resources. Once the lab is build, then we can go to the template editor and add our options/parameters in to the YAML code and build it.
The design we will create looks like this:
The components we need to make up our lab are:
- A VPC to encompass the instance, rules and routes
- A EC2 linux instance to run the web server
- In and Out ACL rules
- An Inbound Security Group
- An EIP
- An Internet Gateway
You will need to log in to your AWS account, and go to CloudFormation (just search it on the main home page). Once in to the CloudFormation page, click on Create stack, then Create template in Designer. You should now be in the drag-n-drop designer, where we can place our resources and build our connections.
From here you can build templates in virtually all AWS services - for us on the left go to EC2. All the resources we will use for this LAB are located under this heading.
As per the above design picture, you now need to add in a VPC. Within the VPC add a SecurityGroup, a Route Table (then a Route inside the RouteTable), a Subnet (then an instance inside the subnet) and a NetworkACL (with 2 NetworkACLEntries inside it).
Outside the VPC add an EIP and an Internet Gateway.
Once that's setup, you should have something looking like this:
You can download the template up to this stage from HERE
To make things easier, from here go through and rename a few of the resources, just so they make more sense when you read the template.
Right click on the following resources, click on the Eye picture, then in the box at the bottom of the screen chose YAML on the right and Components at the bottom tab, and change the name below the 'Resources' line:
- InternetGateway: IGW (just type over the EC2IG2UXKH string in the example above)
- EIP: EIP
- ROUTE: Route
- Left ACL entry: ACLIN
- Right ACL entry: ACLOUT
- SecurityGroup: PublicSecurity
- Instance: wwwInstance
- Subnet: Subnet
Last thing for this section is to link the resources together. For this you will use the purple and pink dots around each resource. If you hover your mouse over each one around a specific resource, you will find it relates to different functions. Link the following by putting your mouse over the relevant dot around the resource, click and drag it to the related resource, as per the following:
- EIP - to wwwInstance
- wwwInstance - 'SecurityGroup' to PublicSecurity
- NetworkACL - 'SubnetNetworkAclAssociation' to Subnet
- RouteTable - 'SubnetRouteTableAssociation' to Subnet
- Route - 'InternetGateway' to IGW
- IGW - 'VPCGatewayAttachement' to VPC
- Route - 'Depends on' link 'VPCGatewayAttachement to VPC'
You can download the updated template from HERE
In Part2 we will look at setting up the required options in the template to then allow us to build the LAB !
MGA at The Casino | drmcd
ReplyDeleteWelcome 군포 출장마사지 to MGA 사천 출장마사지 at The Casino, our dedicated online slot machine gaming venue! Play your 평택 출장안마 favorite classic Mega Drive/Genesis video slots and 보령 출장샵 Rating: 4.1 안동 출장마사지 · 3 reviews