In previous article we created an RDS instance using two of the private subnets. In this article we will convert remaining private subnet into a public subnet. Once the public subnet is configured we will install an EC2 instance for Drupal Front-End.
Let's create a public subnet first.
Private - to - Public
We will use drupalvpc-10.0.1.0 for our Drupal Front End. But this subnet is still private and there are series of steps we need to perform before it is a public subnet. We will perform below mentioned steps in sequence:
- Create an Internet Gateway
- Create a Route Table
- Attach the Internet Gateway to Route Table
- Attach the Route Table to private subnet
- Create an EC2 Instance
- Create & associate Elastic IP Address with the EC2 instance
Diagram below is a visual presentation of these steps.
Looking at these steps: One would say it's complex. But once you are used to these steps it's a walk in the park. Believe me!
My Gateway To The Internet
According to Amazon Web Services,
An Internet gateway is a horizontally scaled, redundant, and highly available VPC component that allows communication between instances in your VPC and the Internet.
Truly it is a gateway to the Internet.
From the VPC console, select "Internet Gateways" and then click "Create Internet Gateway". We will name our Internet Gateway: ig-drupalvpc.
Fill in the form on your screen and click "Yes, Create". Now you should have an Internet Gateway created in the console. Notice, that gateway is not attached to anything yet.
Next we will create a Route Table and attach an Internet Gateway to the Route Table.
Create A Route Table for DrupalVPC
From the VPC Console click on Route Tables and click Create Route Table. We will name our Route Table rt-drupalvpc and attach it to our DrupalVPC. By doing so, all subnets in the DrupalVPC will have access to the Internet Gateway. This allows you to pick and choose which subnets you wish to make public. With me?
Fill in the form with the values below.
With Route Table in place, now let's attach Internet Gateway to the Route Table.
Attach Internet Gateway to the Route Table
Select the Route Table you just created, then click on "Routes" tab and edit the Route. Add a route for the Internet Gateway. As you see in the image below I have added igw-#### as one of the routes in the Route Table.
Our Route Table is now equipped with the Internet Gateway.
Next we will attach the Route Table to private subnet: drupalvpc-10.0.1.0.
Attach the Route Table to private subnet
From the VPC console click "Subnets". Select drupalvpc-10.0.1.0 subnet. Click on "Route Table" tab and click "Edit". Select our Route Table with Internet Gateway attached to it: rt-drupalvpc and then click "Save".
With VPC and subnet configured, next we will launch an EC2 instance in drupalvpc-10.0.1.0 subnet.
EC2: Launch My Instance
We will use this EC2 instance for Drupal Front-End.
From AWS console click on EC2 and then select Instances. From the Instances Console click Launch Instance. Select Linux AMI from the free tier.
Next we will select General Purpose, t2.micro instance.
Next we will configure Instance details. Please note, we are picking DrupalVPC as the VPC for our new instance and selecting drupalvpc-10.0.1.0 as our subnet. Which is a public subnet.
Next we will configure storage for our instance. I am going to assign General Purpose 20GB as storage.
Next we will tag our instance. Sure enough we will name this instance Drupal-Dev.
Next we will configure security group. To start with we will add three rules to our security group.
- SSH: I want to be able to ssh to this instance from my machine. Add your IP address to this rule
- HTTP: Any HTTP traffic
- HTTPS: Any HTTPS traffic
Click Review & Launch.
Note:I am assuming you already have a secured key. Use this key to launch the instance. If you do not have the key then go to IAM console and create a new key. Key must be in your possession before you can launch the instance else you will not be able to connect to the instance.
Where is my IP?
As you know we launched the EC2 instance in the public subnet. One would think now we can connect to this instance from outside of the VPC, right? Well, not really. After placing an instance in a public network we must assign an Elastic IP Address or Elastic Load Balancer to this instance.
Let's create and associate the EIP with our new instance.
From EC2 dashboard select Elastic IPs and then click Allocate New Address. Select VPC from the list and then click Yes, Allocate.
Right Click on Drupal-Dev instance and associate this new IP address with the instance. And now we are ready to make a connection to this instance.
SSH into EC2 Instance
Go to terminal and locate your secured key. At the terminal enter SSH command as below.
Riteshs-MacBook-Pro-2:SMX rpatel$ ssh -i rpatel-kp.pem firstname.lastname@example.org
Where rpatel-kp.pem is my secure key. You should have your .pem file as well.
And voila, I am connected to the EC2 instance now.
It is a good practice to run updates as soon as you connect to your instance. Therefore, I will run sudo yum update. Our new EC2 instance is updated with the most recent patches now.
Next we will install MySql client.It is a command line utility for MySql databases.
Now it's time to test the connection to our MySql RDS instance. Remember, our RDS instance is on the private subnet, but because the subnet for our EC2 instance is in the same VPC as RDS instance we can easily connect to our database.
Let's install MySql client. At the terminal specify sudo yum install mysql.
AWS will show you packages to be downloaded and installed. Say yes. You should see a message Complete!. Which means MySql client is installed. Verify MySql client by entering mysql --version
[root@ip-10-0-1-165 etc]# mysql --version
mysql Ver 14.14 Distrib 5.5.42, for Linux (x86_64) using readline 5.1
Before we connect to our database we must add the private IP address of our EC2 instance to RDS instance's security group. From AWS Console click RDS and then select drupalmysql instance.
Select the security group of the RDS instance and add the rule as below. Now of course you will have to replace the IP with your EC2 instance's private IP address.
Almost there. Now from your RDS instance get the endpoint. Here is what it looks like.
Of course endpoint for the RDS instance at your end will look a bit different than mine, but you get the gist! Enter the command below with your RDS endpoint at the terminal.
mysql -h drupalmysql.cwrdcab4ee8c.us-east-1.rds.amazonaws.com -P 3306 -u admin -p
It will prompt you for the password. Enter the password and voila! I have successfully connected to the RDS database from the EC2 instance. This ensures that our Drupal Front-End will be able to connect to the back-end seamlessly.
This exercise was very critical before we will install Drupal on the EC2 instance. During installation Drupal silently creates database objects. Therefore, we must ensure that EC2 instance is able to connect to the RDS instance.
I am ecstatic! Let's recap what we did.
- Converted private subnet into a public subnet
- Installed an EC2 instance in the public subnet
- Created & Attached Elastic IP Address with the instance
- Modified RDS security group to allow connection from EC2 instance
- Installed MySql client
- Verified connectivity to the RDS instance using MySql client
Phew! That was a lot. But I truly appreciate your patience.
In the next tutorial we will configure Apache, PHP, phpMyAdmin & install Drupal CMS.
See you then!