Customize a VPC to include EC2s, Subnets, a Route Table, an Internet Gateway, and a Security Group. Then put it all into an Auto Scaling Group for high availability and fault tolerance.
Building a VPC (Virtual Private Cloud) in AWS gives you full control over your virtual networking environment. A virtual network is very similar to building a traditional network that you might operate in a data center, but with a virtual network, you have the added benefits of being able to simply and quickly add scalable infrastructure to your network.
Building your own virtual network gives you the opportunity to define resource placement, connectivity, and security. And within minutes, you can add services like Load Balancing and Auto Scaling which gives your network the ability to expand and scale as necessary. Pretty cool.
For today’s project, we’ll build a VPC that will include EC2s, Subnets, a Route Table, an Internet Gateway, and a Security Group. We will also use an Auto Scaling Group, a Load Balancer, and Target Groups so that we can ensure high availability and fault tolerance. We’ll top it all off by using a stress tool to stress the instances, and see if the autoscaling group is working effectively.
The first thing we are going to do is head to our AWS console and search for the VPC in Services. We will create a new VPC that will house all of our infrastructure for this project.
On the dashboard click on VPCs and then on Create VPC. We will select VPC only and give our VPC a name. We will leave the IPv4 CIDR block radio on manual input and will assign 10.0.0.0/16 to the IPv4 CIDR. We’ll leave the rest as is and hit the Create VPC button.
Now, we will create our subnets. For this project, we will only need two. We’ll put each of these subnets into their own Availability Zones.
On the left-hand side of the console, we will see Subnets in the navigation bar. Go ahead and click on it and then on Create subnet. On the next screen, we select the VPC that we just created, give our subnet a name, choose an Availability Zone, and assign it an IPv4 CIDR.
Now that the first one is created we will click the Add new subnet option towards the bottom and use this same process to create another subnet. Just be sure to put the two subnets you are working on in different Availability Zones.
You’ll also want to check the box to enable auto-assign public IPv4 addresses for both subnets after they have been created. You can do that by going to Actions and Edit subnet settings.
Next, we will set up the Internet Gateway. This will enable resources in our public subnets to connect to the internet. We will simply choose Internet Gateway on the left-hand side of the console. From there, select Create internet gateway. We will name our gateway and select Create internet gateway. Once created will need to attach our internet gateway to our VPC by choosing Actions and then Attach to VPC.
On the next screen, we will select our newly created VPC and click on Attach internet gateway. And now you can see they are attached.
Up next, let’s tackle our route table. Our route table will contain a set of rules, called routes that will determine where network traffic from your subnet or gateway is directed.
On the left-hand side of the console choose Route Tables and Create Route Table. We will then name our table, choose the VPC for this project, and then select Create route table.
After you create your route table, look for the Subnet associations tab and click the Edit subnet associations button. We will select the two subnets we’d like to be associated with our route table and choose Save associations.
Once back on the screen that shows information about our route table we will also want to go to the Routes tab and then select Edit routes. We need to make sure the table is set up to reach our Internet Gateway. Fill in that information and click on Save changes.
A Load Balancer will evenly distribute network traffic to different web servers in our resource pool to ensure no single server will become overworked and therefore unreliable.
Once again, from our counsel, we will find Load Balancers. We’ll use the Create Load Balancer button and hit Create on the Application Load Balancer section. We will name our Load Balancer, leave it on Internet-facing and IPv4. We’ll choose our custom VPC and select both Availability Zones under Mappings.
We will then choose the Create security group option and on the next screen we will give our Security Group a name, add a description, and then we will select the appropriate VPC. Then we will set the inbound rules for SSH and HTTP. Under source for SSH I will select my own IP. After selecting those options hit Create security group.
One the Listeners and routing section, we’ll choose Create target group. We will configure these Target Groups for Instances, give our Target Group a name, and use the drop-down box to select our new VPC. We’ll select HTTP and click Next and click Create Target Group.
After we are done creating the Security Groups and Target Groups we’ll select Create load balancer to finish up. Time for the next step!
Let’s set up an Auto Scaling Group Launch template before we create the actual Auto Scaling Group. The Auto Scaling Group will contain our EC2 Instances and will help us to maintain optimal performance and availability. It will monitor and scale based on our desired performance levels.
To create the template for our Auto Scaling Group head to the EC2 dashboard and from the menu on the left select Launch Templates under Instances and then hit Create launch template. We will give our template a name and a description and then scroll down to complete the template.
Now we will choose an Amazon Linux 2 AMI and a t2.micro instance type.
After that, we will create a special key pair for this project, save it to our local machine (so we can SSH into it later), and move on to network settings. You could also use an existing key pair here if you’d like. Then we will select our newly created Security Group.
Lastly, we will scroll all the way to the bottom and find the Advanced details section where we will add some User data. We will create a bootstrap script that will launch an Apache webserver with our site details.
yum update -y
yum install -y httpd
systemctl start httpd
systemctl enable httpd
echo “<html><body><h1>Check out my Custom VPC Project page!</h1></body></html>” > /var/www/html/index.html
Once we select Create launch template we will get a Success message.
Now that our template is created, we can configure our Auto Scaling Groups. We will navigate to the left-hand side navigation menu again and find Auto Scaling Groups at the bottom. Click on Create Auto Scaling group.
We will name our Auto Scaling Group and select the template that we just created for that group and click Next.
On the following screen, we have the ability to select our VPC and subnets for this tier.
Hit that Next button and on the following screen, under Load Balancing, we will choose Attach to an existing load balancer. We will choose our previously created Load Balancer. I set health checks to 60 seconds (I might be a little impatient) and checked the box for CloudWatch. Only select this if you want to collect monitoring and operational data in the form of logs, metrics, and events. CloudWatch gives you an automated dashboard that will give you a view of your AWS resources. Then we hit Next again.
We’ll be brought to a spot where we can configure our Group size. For this project, we will use a desired capacity of 2, a minimum of 2, and a maximum of 5. We’ll select a Target tracking scaling policy, set our values, and hit Next.
Click through by hitting next. If everything looks good on the review page, we’ll finish by selecting Create Auto Scaling group.
If you want more on Auto Scaling Groups for EC2 Instances take a look at my article here: https://medium.com/towards-aws/aws-auto-scaling-groups-for-ec2-instances-8a48147a1d06
First, let’s check to see if the webpage, launched from our bootstrap script, is working. To do that, simply go to your EC2 instances and copy and paste the Public IPv4 address into a browser.
Success! Our instances have been created by the Auto Scaling Group, and our web server and our bootstrap script are working!
Alright, let’s put our instances through some stress so that we are able to test our Auto Scaling Group and be sure it’s working.
We’ll go to our local terminal and connect to our EC2. For more information on connecting with your EC2 and using the AWS CLI check this link out; https://aws.amazon.com/cli/
Once connected to our instance we’ll use the following commands to stress our instances;
sudo amazon-linux-extras install epel -y
sudo yum install stress -y
sudo stress --cpu 8
After giving it some time, our instances were terminated by the Auto Scaling Group. You can see here that my instance connection was closed.
And if we head on over to CloudWatch we can see metrics of the instance failing.
And on the EC2 dashboard, we can see the instances that have failed and we can also see the two that replace them are up and running and healthy. Looks like our Auto Scaling Group is working.
There you have it! You have just created a custom VPC and added subnets, a route table, target groups, a load balancer, a security group, and an auto-scaling group with EC2 instances running. If you followed along and were successful — Congrats!
Don’t forget to go and delete everything after you are done if you are not going to be using it. Also, note there are better ways to lock this system down and secure it but this was just a simple demo to share how to get a custom VPC up and running with some fun packed inside. Hope you enjoyed reading this and are ready to keep building more projects with me.
All the best,