Thursday, November 17, 2022

AWS--Sree

 

 AWS
=========================================================================

Class:01

Introduction

Class:02

North Virginia  (Zone US-EAST-1)--------------> 6 Availability 

mslookup www.paytm.com

IP addressing:-

IPV4------------>32 Bit size----------------192.168.33.1 *************

IPV6------------>128 Bit Size---------------fe80::314f:50bb:42fa:743a%5


0.0.0.0 to 255.255.255.255------------------------>R F C 1918


  • Class A        1.0.0.1        to    126.255.255.254            {Public IP's}-----Hallticket No: ABCD1234
  •                     10.0.0.0      to    10.255.255.255              {Private IP's}----Roll no:56      
  • Class B       128.1.0.1     to    191.255.255.254
  • Class C       192.0.1.1     to   223.255.254.254
  • Class D       Reserved
  • Class E       Reserved


NAT:- (Network Address Translation)

  • Private IP is not internet routable,
  • To route to the internet, we are going to use a device called a Gateway router,
  • Which will convert Private IP addresses to public IPs wise versa, called Network Address Translation (NAT).

Subnetting:-

What is Subnetting?

Dividing a big network into a smaller network.

10.0.0.0

255.0.0.0-------or---/8      =========Net mask value  

  • 255.128.0.0------or---/9
  • 255.192.0.0------or---/10
  • 255.224.0.0------or---/11
  • 255.240.0.0------or---/12
  • 255.248.0.0------or---/13
  • 255.252.0.0------or---/14
  • 255.254.0.0------or---/15
  • 255.255.0.0------or---/16
  • 255.255.255.0---or---/24

  • 000---1
  • 001---2
  • 010---4
  • 011---8
  • 100---16
  • 101---32
  • 110---64
  • 111---128
  •                                             1+2+4+8+16+32+64+128 255

Create VPC & Sub-nets :-

  • Create_VPC
    •  Name
      • IPV4_CIDR
        • 10.1.0.0/16 - (16 to 28) [ 10.1.0.0/15 ----try this one in AWS console ]
Web_servers
App_Servers
DB_Servers



 



Each one (Hypervisor) has an individual OS.
          In a public network, underlying architecture will be shared.
  • VPC is a logically boundary
  • No default communication between VPCs
  • Every VPC must have IGW in order to communicate to the Internet.
  • When we create a VPC by default
Security Group
Routing Table
Nacl 
will be created automatically



Every VPC Should have IGW.
Which is required in order to communicate to the internet.

Class:03

VPC Creating:

  • It's a logical boundary.
  • Public Cloud:
      • AWS
      • GCP
      • Azure
  • Private Cloud:
      • VMWare
      • VCloud
      • OpenStack

Region------->Rack.1 (Physical Servers)------->Hypervisior---Instance(VM).

10.1.0.0/16
10.1.1.0/24
10.1.2.0/24
10.1.3.0/24

VPC Creating:

1. Create VPC

  • Services
    • Networking & Content Delivery
    • VPC
      • Name: BHARAT-BIOTECH-----SERUM
      • IPV4:  10.1.0.0/16
        • 10.1.1.0/24 --------------------Subnet
        • 10.1.2.0/24
        • 10.1.3.0/24 
    • Action
      • Edit_DNS_hostnames
        • Enable

    • VPC cannot be extended between the regions
    • VPC can be extended between the availability zones

2. Create Sub-nets

  • Subnets
    • VPC ID
    • Subnet Name:  Subnet1
    • Availability Zone:
    • Ipv4 CIDR block : 10.1.1.0/24
          •  10.1.2.0/24
          •  10.1.3.0/24 
    • Goto each Subnet
      • Action
        • Modify_Auto-assign_IP_Seetings
          • Enable_Auto-assign_public_IPV4_Address
  • If you won't Enable while deploying the machine you need to manually enable.

3. Create an Internet Gateway

Every VPC Should have IGW.
Which is required in order to communicate on the internet.

  • Internet Gateway
    • Name:  BHARAT-BIO-IGW
  • Attach to a VPC
    • Select from dropdown
      • Attach to a VPC

4. Create Route Tabel (Default RT)

  •  Create Route Table
    • Name: BHARAT-NEW-TR
    • VPC:  Select from dropdown
  • Routes:
    • When you create a Route table by default you will get one default route.
    • Which is local.
      • Edit Routes
      • Add Route
        • 0.0.0.0/0 --------BHARAT-BIO-IGW
  • Subnet-Associations:
    • who is going to use these Routing Tables?
      • Edit Subnet-associations
      • Add all  subnets which belong to this

5. Create Security Groups                             [ Inbound rules ]

6. Create Keypair

    1. Public_Key          [ AWS ]
    2. Private_Key         [ Laptop ]

Class:04

VPC-Peering:-

UseCase:

  1. We have a Hub & Spock architucture.
  2. Wherever our all Management workload, 
    • Management VPCs 
    • Shared VPCs,
    • Hub VPCs from there we can manage all environments

    1. It can be a different account itself.
    2. The different regions themselves.

While Crete a VPC-Peering must have to notice(Rules)

  • No IP Addressing Overlapping.
  • VPC peering doesn't support Transit.------(Peering is one-to-one only)

Create Peering Connection:


Types of VPC Peerings:

    1. Single account & Single Region, Multi VPCs
    2. Single account & Multi-region.
    3. Multi-Account Peerings.

Class:05

NatGateway-Endpoints:

Network address translation gateway

Endpoints:

    Endpoints are nothing but it will allow internal connectivity from your VPC to the AWS Services.

  1. Interface
  2. Gateway--------S3, dynamodb 

  • EndPoints
    • Create Endpoint
        • Select Service Name
          • Select S3
          • Select VPC
          • Select Subnets
          • Security Group (Allow all)
Class:09

Ec2:

  • It is the place where you going to deploy your ,
  • servers
  • images
  • Storage
  • Load balancing
  • AutoScaling

Types of AMIs

  1. Quick Start
  2. My AMIs
  3. AWS Marketplace
  4. Community AMIs

AMI-------> Amazon Machine Image
  • The AMIs id will change across the region.
  1. Choose AMI
  2. Choose Instance Type
    • Family type
      • General Purpose
      • Computer Optimized
      • Memory Optimized
      • Storage Optimized
  3. Configure Instance
    • Placement Group
      • Cluster
      • Spread
      • Partition
    • CPU Option
    • Shutdown behavior
      • Enable termination protection
      • Monitoring
    • Tenancy
      • Shared
      • Dedicated
    • User data
  4. Add Storage
  5. Add Tags
  6. Configure Security Groups
  7. Review
Create ELB:

lsblk
  • Elastic Block Store
    • Volume
      • Volume Type (General Purpose)
      • Size
    • Goto ELB  -----> Right Click ----->Select Instance-----> Attach

    • Format disk using FDISK (xvdf) 
    • goto Linux machine
    • type -------->fdisk  /dev/xvdf
    • Press 4 times "n" for new partition
    • and press "w" for saving
      • Make file system on it using mkfs.ext3....    4
      • goto Linux machine
      • type ----> mkfs.ext3 /dev/xvdf1
      • done
        • Create a folder and mount the drive
        • df -h
        • mkdir  /EBSvol1

          • Add enyry in /etc/fstab








=============================================================================================

How to copy pem key one region to another region

-------------------------------------------------


goto linux

ec2-metadata (copy pem key information)

goto destination server

goto key Pairs

     Action------>Import Key pair---->Name (Past your key information here...!)

     

===============================================================================================




Ping Ipaddress

ec2-metadata----it will display private key information.

ping 8.8.8.8----Check Internet access

======================================

ssh -i DevOps.pem ec2-user@Public_DNS

           Public_IP

======================================

    




















posted by DevOps @ November 17, 2022   0 Comments

0 Comments:

Post a Comment

Subscribe to Post Comments [Atom]

<< Home