Shashikant shah

Sunday 17 January 2021

VPC EFS OpenVPN RDS

 



Web server ---à s3 bucket (vpc endpoint)

Subnets

IPs

Zone

VPC myvpc

10.0.0.0/16

NA

Public-sub01

10.0.1.0/24

ap-south-1a

Public-sub02

10.0.3.0/24

ap-south-1b

Private-sub01

10.0.2.0/24

ap-south-1a

Private-sub02

10.0.4.0/24

ap-south-1b


 






VPC :-
1 ) create a VPC :-
# name :- myvpc (10.0.0.0/16)
2) create Public and Private subnet.
# name :- Public-sub01 à Select myvpc  à 10.0.1.0/24
# name :- Public-sub02 à Select myvpc  à 10.0.3.0/24
# name :- Private-sub01 àSelect myvpc à 10.0.2.0/24
# name :- Private-sub02 àSelect myvpc à 10.0.4.0/24
 
3) Create a internet gateway.
# name :- my-internet-gateway à Attached à myvpc
4) create a NAT gateway.
# name :- my-NAT-gateway à subnet “public-sub” à Elastic IP.
5) Create a Route table.
 i) name :- Private-RT à myvpc
  Routes à 0.0.0.0/0  à NAT (my-NAT-gateway)
  Subnet Associations à Private-sub01,Private-sub02
ii) name :- public-route à myvpc
  Routes à 0.0.0.0/0  à IG (my-internet-gateway)
  Subnet Associations à Public-sub01,Public-sub02
 
 
EFS :-
EFS only access select AZ(a,b,c).
i)Create file system à EFS_group
ii)Select VPC à myVPC
iii)network (details)
iv) security group allow NFS port.
v) go to attach option:-
Client side install :-
# yum install -y amazon-efs-utils
# mkdir efs
# sudo mount -t efs -o tls fs-fa68122b:/ efs
# sudo mount -t nfs4 -o nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport fs-fa68122b.efs.ap-south-1.amazonaws.com:/ efs

Create Multiple EFS :-
Access points :
File system :-  EFS_group
Name :- nfs-store
Root directory path :- /nfs-store
User ID :- 1001
Group ID :- 1001
Owner user ID :- 1001
Owner group ID :- 1001
OK
# Client Side
# mkdir efs-store
# sudo mount -t efs -o tls,accesspoint=fsap-00d06dfe8f1c61fb3 fs-fa68122b:/ efs-store

##### create new instance add EFS mount path ###





OpenVPN side to Client :-

VPN public add openVpn

Openvpn













Select t2.micro










Network select :- myVPC

Subnet select :- subnet-public

Auto-assign Public IP























ssh OpenVPN server

Username :- openvpnas

# all Yes

Reset password :-

# sudo passwd openvpn

Any setting in VPN

Admin  UI: https://65.1.3.195:943/admin

Download software from Link.

Client UI: https://65.1.3.195:943/

Login :- username :- openvpn

              Password :- password@123





































 RDS :-

1.Create a subnet for rds .

# subnet groups à name:- rdssubnet à select:- myvpc

# Availability Zones :-

ap-south-1a

ap-south-1b

 

 

# Subnets select :-

Private-sub01

Private-sub02

 

 

Create database :-
# Mysql à Connectivity à myvpc à rdssubnet
# Public access à NO
# VPC Security group à RDS-SG
# Ok
 
Create LB
1.Create RDS  --ok
2.Nginx with php setup --ok
3. check connection from code to RDS -- ok
4. changes code insert query.  – ok


Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)