1. Create VPC:-
***************
$aws ec2 create-vpc --cidr-block 192.168.0.0/28 --query Vpc.VpcId
"vpc-89e1b9ec"
***************
NOTE - /28 VPC is the smallest allowed cidr block in Amazon VPC. You cannot subdivide this VPC into private and public subnet because each subnet has 5 reserved host addresses (16 - 5 = 11 available hosts) in this VPC. Refer to AWS documentation - http://aws.amazon.com/vpc/faqs/
2. Create Internet Gateway:-
***************
$aws ec2 create-internet-gateway
{
"InternetGateway": {
"Tags": [],
"InternetGatewayId": "igw-958019f0",
"Attachments": []
}
}
***************
3.Attach an Internet Gateway to VPC:-
***************
$aws ec2 attach-internet-gateway --internet-gateway-id igw-958019f0 --vpc-id vpc-89e1b9ec
***************
4. Creating a Subnet
***************
$aws ec2 create-subnet --vpc-id vpc-89e1b9ec --cidr-block 198.162.0.0/28
{
"Subnet": {
"VpcId": "vpc-89e1b9ec",
"CidrBlock": "198.162.0.0/28",
"State": "pending",
"AvailabilityZone": "us-east-1d",
"SubnetId": "subnet-4d8df83a",
"AvailableIpAddressCount": 11
}
}
***************
NOTE - the first 4 and the last host addresses are reserved for AWS use. As expected "AvailableIpAddressCount" show 11 available host addresses instead of 16.
5. Create Route Table that needs to be associated with each subnet
***************
$aws ec2 create-route-table --vpc-id vpc-89e1b9ec
{
"RouteTable": {
"Associations": [],
"RouteTableId": "rtb-348ebf51",
"VpcId": "vpc-89e1b9ec",
"PropagatingVgws": [],
"Tags": [],
"Routes": [
{
"GatewayId": "local",
"DestinationCidrBlock": "198.162.0.0/28",
"State": "active",
"Origin": "CreateRouteTable"
}
]
}
}
***************
$aws ec2 create-vpc --cidr-block 192.168.0.0/28 --query Vpc.VpcId
"vpc-89e1b9ec"
***************
NOTE - /28 VPC is the smallest allowed cidr block in Amazon VPC. You cannot subdivide this VPC into private and public subnet because each subnet has 5 reserved host addresses (16 - 5 = 11 available hosts) in this VPC. Refer to AWS documentation - http://aws.amazon.com/vpc/faqs/
2. Create Internet Gateway:-
***************
$aws ec2 create-internet-gateway
{
"InternetGateway": {
"Tags": [],
"InternetGatewayId": "igw-958019f0",
"Attachments": []
}
}
***************
3.Attach an Internet Gateway to VPC:-
***************
$aws ec2 attach-internet-gateway --internet-gateway-id igw-958019f0 --vpc-id vpc-89e1b9ec
***************
4. Creating a Subnet
***************
$aws ec2 create-subnet --vpc-id vpc-89e1b9ec --cidr-block 198.162.0.0/28
{
"Subnet": {
"VpcId": "vpc-89e1b9ec",
"CidrBlock": "198.162.0.0/28",
"State": "pending",
"AvailabilityZone": "us-east-1d",
"SubnetId": "subnet-4d8df83a",
"AvailableIpAddressCount": 11
}
}
***************
NOTE - the first 4 and the last host addresses are reserved for AWS use. As expected "AvailableIpAddressCount" show 11 available host addresses instead of 16.
5. Create Route Table that needs to be associated with each subnet
***************
$aws ec2 create-route-table --vpc-id vpc-89e1b9ec
{
"RouteTable": {
"Associations": [],
"RouteTableId": "rtb-348ebf51",
"VpcId": "vpc-89e1b9ec",
"PropagatingVgws": [],
"Tags": [],
"Routes": [
{
"GatewayId": "local",
"DestinationCidrBlock": "198.162.0.0/28",
"State": "active",
"Origin": "CreateRouteTable"
}
]
}
}
***************
6. Attach Route table to subnet in that VPC
***************
$aws ec2 associate-route-table --route-table-id rtb-348ebf51 --subnet-id subnet-4d8df83a
{
"AssociationId": "rtbassoc-bd3ddcd9"
}
***************
7. Add a route to the route table to associate internet gateway so that traffic is allowed from internet to the instances in the vpc.
***************
$aws ec2 create-route --route-table-id rtb-348ebf51 --destination-cidr-block 0.0.0.0/0 --gateway-id igw-958019f0
***************
8. Create security group within VPC
***************
$aws ec2 create-security-group --vpc-id vpc-89e1b9ec --group-name TestVPC-sg --description "Test VPC sg"
{
"GroupId": "sg-7ad9a61e"
}
***************
9. Create inbound security group rules
***************
$aws ec2 authorize-security-group-ingress --group-id sg-7ad9a61e --protocol tcp --port 22 --cidr 0.0.0.0/0
***************
10. Launch an instance into the test VPC
***************
$aws ec2 run-instances --image-id ami-12663b7a --count 1 --instance-type t2.micro --key-name <key-name> --security-group-ids sg-7ad9a61e --subnet-id subnet-4d8df83a --associate-public-ip-address
{
...
"Instances": [
{
...
"State": {
"Code": 0,
"Name": "pending"
},
...
"InstanceId": "i-52a60faf",
"ImageId": "ami-12663b7a",
....
"InstanceType": "t2.micro",
....
"RootDeviceName": "/dev/sda1",
"VirtualizationType": "hvm",
...
}
]
}
***************
11. Run describe instances to check whether the instance is in "running" state
***************
$aws ec2 describe-instances --instance-ids i-52a60faf --query Reservations[0].Instances[0].{State:State}
{
"State": {
"Code": 16,
"Name": "running"
}
}
***************
12. Get the public url for the instance
***************
$aws ec2 describe-instances --instance-ids i-52a60faf --query Reservations[0].Instances[0].PublicIpAddress --output text
***************
Now you should be able to log into the machine using the key and the public ip of the machine.
No comments:
Post a Comment