LAMP PHP PROJECT Deployment On VPC + EC2 + RDS + ALB + Autoscaling

LAMP-Stack Deployment on AWS EC2

 VPC | IGW | NAT | ROUTE | RDS | Bash Scripting | ALB | Auto Scaling

Prerequisite:

  • One VPC
  • Two Public Subnets and One Private Subnet
  • One Internet Gateway 
  • One Public Route
  • One NAT 
  • One Private Route
  • Create Application Instances by Auto-scaling
  • One Database AWS-Server instance
  • A PHP Project    

Project Roadmap:

  • VPC Create
  • Subnet Create under the VPC 
  • Allow “auto-assign public subnets”  two Public-Subnets 
  • IGW Create
  • Public Route create  
  • NAT Create
  • Private Route Create  
  • Database Server(RDS) Conf 
  • Instance Create by Auto Scaling
  • Application Servers Conf and Project Deployment by User Data and Launch Template in auto-scaling
  • ALB Deployment inside Auto Scaling

Step-01: 

Create a VPC:- 

  1. Select Zone
  2. Click on the Service 
  3. Click on the  VPC 
  1. Click on the Your VPCs
  2. Click on the Create VPC button 
  1. Enter the VPC Name (LAMP-VPC)
  2. Enter the VPC CIDR block (CIDR Block will be (10.0.0.0/16)
  3. Select the No IPv6 CIDR block (as you will use IPv4)
  4. Select Default Tenancy info 
  5. Then Click on the VPC Create Button 

===VPC Create Done ===

VPC successfully creation is done, now need to create three subnets (Two Public for APP-Server and One Private for DB-Server) under the newly created LAM-VPC 

Step-02: 

Creation Three Subnets:-

  • LAMP-APP-Public-Sub1 (10.0.1.0/24) Zone-1
  • LAMP-APP-Public-Sub2 (10.0.2.0/24) Zone-2
  • LAMP-DB-Private-Sub1 (10.0.3.0/24)

Tow Public Subnet should be created in the tow availability zone as it’s required for ELB

  1. Click on the Subnet option
  2. Click on the Create Subnet Button 
  1. Select/associate the newly created LAMP-VPC

Scroll down the page and follow the remaining steps 

 4. Enter your public subnet

 5. Select Availability zone (it will be required for ELB)

 6. Type CIDR Block (Assign smaller block than VPC)

7. Click on the Create Subnet Button 

Create Public Subnet-2 in the same way and select another availability zone

8.  Select and Create Private Subnet-1 in the same VPC

9.  Enter your private subnet

10. Select Availability zone

11. Type CICD Block

12. Click on Submit Button

After Creating Public Subnets You Have to Enable Auto-Assign-IP.

Go to Subnets interface and follow the following steps 

  1. Select Subnets Option 
  2. Select the Public-Subnet 
  3. Click on the Actions button and select Modify auto-assign IP settings   
  1. Enable auto-assign public IPv4 address
  2. Click on the Save button 

Note: Enable the “auto-assign public subnets” in the same way.

===Subnet Creation Done ===

Step-03: 

Create IGW (Internet gateway) and attach to public Subnets:

  1. Click on the Internet gateways option 
  2. Click on the Create Internet gateways button 
  1. Enter the IGW Name LAMP-IGW 
  2. Click on the Create Internet gateways button 
  1. Click on the Action button 
  2. Attached to the LAMP-VPC

Step-04: 

Create Public-Routable and Rule:

  1. Select the Route Tables option 
  2. Click on the Create route table 
  1. Enter the Route table Name “LAMP-Public-Routetable” 
  2. Select the VPC “LAMP-VPC”
  1. Click on the Create route table
  1. Click on the Subnets Associate button  from the
  2. Click on the  Edit subnet associations button to associate  “LAMP-Public-RouteTable”
  1. Select the “LAMP-Application-Public-Sub”
  2. Click on the Save associations button 
  1. Click on the routing interface on the same page

Add route rules(allow global access to anyone)

  1. Click on the Edit routes 
  1. Click on the Add route button 
  2. Add newly created “LAMP-IGW”
  3. Click on the Save changes 

Step-05: 

Create NAT (to get the internet connection from the LAMP-DB-Private-Sub1): 

  1. Select the NAT Gateways option 
  2. Click on the Create NAT gateway button 
  1. Enter the NAT Name “LAMP-NAT”
  2. Select the public subnet  “LAMP-APP-Public-Sub1” as the public subnet is connected to the internet and we need to get access internet for the DB prerequisite installation 
  3. Select Public Option 
  1. Create an Elastic IP Clicking by Allocate Elastic IP Button  
  2. Click on the Create NAT gateway 

Step-06: 

Create a Private Route Table:

  1. Select the Route Tables 
  2. Click on the Create route table button 
  1. Create with assign “LAMP-Private-RouteTable” Name
  2. Select the LAMP-VPC
  3. Click on the Create route table 
  1. Select the newly created “LAMP-Private-RouteTable” 
  2. Click on the Subnet Associations button
  3. Click on the Edit subnet associations button 
  1. Select the “LAMP-DB-Private-Sub1”
  2. Click on the Save associations Button
  1. Click on the Routes button 
  2. Then click on the Edit routes 
  1. Click on the Add route button 
  2. Allow to any host and Select the “LAMP-NAT”
  3. Click on the Save Changes button 

RDS

Install and Configuration 

Step-7:

 RDS Prepare:

  1. Select Service 
  2. Click on the RDS
  1. Click on the Create database 
  1. Select the standard create
  2. Select the MySQL 
  1. Select DB-Version 
  2. Select the templates as per your requirement 
  1. Assign the DB instance identifier name 
  2. Assign the Database muster username 
  1. Assign the master user password 
  2. Select the instance DB Configuration 
  1. Select the storage 
  2. Allocate the storage capacity (minimum size 20GB)
  3. No need to Enable auto-scaling storage as we prepare it for practice purpose 
  1. Select the LAMP-VPC 
  2. No need to select a subnet group 
  3. No need to select subnet groups as are allocated it in the private subnet 
  1. Select the Security group 
  2. Select an availability zone 
  1. Assign the LAMP-Project DatabaseName mlb2018
  1. Click on the Create Database button  

After successfully launching the RDS, collect the RDS endpoint URL to login into the RDS and  Connect to the application server. 

To log in/database import to the RDS Server, you have to install MySQL Client in your Linux terminal. Then import the Project Database into the mlb2018 database

Step-A: Install MySQL Client in any instance Terminal 

$ sudo apt install mysql-client-core-8.0

Step-B: Clone the project to get the database 

$ git clone https://github.com/vijaythapa333/phpmultilingualblog.git

Step-C: install unrar package to unrar the project database 

$ sudo apt install unrar

Step-D:

Navigate into the newly cloned project directory to unrar the database. 

$ cd phpmultilingualblog/

Step-E:unrar the project database to import 

$ sudo unrar e mlb2018.rar

Step-F: Log in and import the database using the following command.

(mysql -u [DB_UserName] -p -h [RDS-EndPoint-URL] -D [DB_Name] [DB_Name] < mlb2018.sql

$ mysql -u blog_user -p -h lamp-db.cio4rlhqebhe.us-east-2.rds.amazonaws.com -D mlb2018 < mlb2018.sql

Step-08: 

Let’s create Instances for LAMP-Application by Auto Scaling.

There are two stages

  1. Launch Template 
  2. Auto Scaling Group

Create Launch template for Auto Scaling Groups

  • Launch Templates from EC2 Dashboard’s side menu.
  1. Click on Launch Templates
  2. Click on Create launch template

Create launch template’s steps.

  1. Launch template name: LAMP-Template
  2. Template version description: LAMP-Projects
  3. Enable: Auto Scaling guidance
  4. Select: Ubuntu server 20.04 TLS
  5. Select Instance type: t2.micro
  6. Select Key pair name
  7. Select Networking platform
  8. Select a Security group
  9. Customize storage (optional)
  10. Give User data
  11. Click on Create launch template button

Under Advanced Details 

UserData:

#!/bin/bash

sudo apt update
sudo apt install -y lamp-server^
git clone https://github.com/vijaythapa333/phpmultilingualblog.git
cd phpmultilingualblog/admin/config/
export INSIP=”http://$(curl icanhazip.com)/”
export TMPURL=$(echo $INSIP | sed ‘s/\//\\\//g’)
export OLDURL=$(echo “http://localhost:8080/phpmultilingualblog/” | sed ‘s/\//\\\//g’)
sudo sed -i “s/$OLDURL/$TMPURL/g” constants.php
sudo sed -i “s/localhost/DBURL/g” constants.php
export PASSWORD=”‘password'”
sudo sed -i “s/”/$PASSWORD/g” constants.php
sudo sed -i ‘s/root/blog_user/g’ constants.php
cat constants.php
sudo cp -r ../../. /var/www/html/
sudo rm -rf /var/www/html/index.htmlsudo systemctl restart apache2

After successfully creating you’ll get a Success alert. And you can click on View launch templates.launc

h telat

Create Auto Scaling Groups

An Auto Scaling group contains a collection of Amazon EC2 instances that are treated as a logical grouping for the purposes of automatic scaling and management. … It maintains this number of instances by performing periodic health checks on the instances in the group.

To create an Auto Scaling Group follow the steps below.

Click on Auto Scaling Groups from the EC2 Dashboard menu and then click on Create an Auto Scaling group button.

  • Step-1: Choose launch template or configuration. Example below,
  1. Auto Scaling group name: Lamp-asg
  2. Select a Launch template
  3. Click on the Next button

 tg

Step-2: Configure settings.

1. Instance purchase options: Adhere to launch template

2. Select vpc.

3. Select at least 2 (two) subnet

the purposes of automatic scaling and management. … It maintains this number of instances by performing periodic health checks on 

the instances in the group.

Step-3: Configure advanced options.

  • Load balancing: Attach to a new load balancer
  • Load Balancer Name: Give a name.
  • Health checks: Enable ELB
  • Health check grace period: 300 seconds
  • Click on Next button

Click on next 

 ff

f

To  Configure an Auto Scaling group size and scaling policies follow the steps below.

1. Group size, Desired capacity: 2

2. Minimum capacity: 1

3. Maximum capacity: 3

4. Scaling policies: None

5. Enable instance scale-in protection: Enable

6. Click on Next button

Step-5: Add notifications (Optional), add or Click on Next button.

Step-6: Add Tag(Optional).

1. Key: Name

2. Value: Lamp-asg

3. Click on the Next button

Step-7: Review and click on Create Auto Scaling group

After successfully creating it, you’ll get a success alert.

View Summary 

1. Click on Auto Scaling Groups from the EC2 Dashboard side menu. 

2. Select targeted Group 

3. Select the Activity tab and scroll down to view the summary.

The instance is created with the configurations that we have set, ALB will also be created.
Browse the DNS of LB.

===Tourblshooting on Failur===

Root points to dig down the failure cause:

  1. Auto Public IP Enable or not 
  2. Subnet, IGW / NAT, and Route associated or not 
  3. Security Group desired traffic allowed or not 
  4. Cloud Instance Log checking on the fly
  5. Template Userdata checking and version update with re-apply
  1. Way to Enable Auto-assign Public IP 

Select the Subnet > Click on the Action Button > Modify auto-assign IP settings > Enable auto-assign public IPv4 address

  1. Way to check Subnets, IGW/NAT, and Route association 
  • Check the IGW to VPC Associated or not
  • Check the RouteTables to Subnets Associated or not 
  • Check the Route to IGW allowed or not 
  1. Way to check security group
  • Go to Security group 
  • Select the newly created Security group which you have created under the VPC 
  • Check your desired traffic is allowed or not 
  1. Way to check running instance log or behavior 

There are two ways, one way is from AWS Management Console and another way is to log into the instance terminal. 

  • Select the desired instance > click on the Action Button > Click on the Monitor and Troubleshoot > Click on the Get System Log
  • Log-In into the Instance terminal > cd /var/log  > tail -f cloud-init-output.log (to see running installation process)

To see full log > cat cloud-init-output.log

  1. Way to edit template Userdata checking and version update with re-use
  • Go to the auto-scaling group 
  • Select the auto-scaling group 
  • Go to Details Tab 
  • Go to the launch template section 
  • Click on the template name 
  • Again select the template 
  • Click on the action button 
  • Click on the modify template(Create new version)
  • Assign the new modification version name
  • And edit the UserData as per your findings 
  • Click on the create template version 
  • Then go back to the autoscaling-management console and click on the Edit button and select the latest template version.

Select the Latest version

Then click on the update button.

After that, you have to refresh the instance from the following interface. 

  • Select the Autoscaling group 
  • Click on the Instance refresh button
  • Click on the start button 

===THE END===

Related Posts

AWS account has been compromised and large EC2 instances were created

If you suspect that your AWS account has been compromised and large EC2 instances were created by an unauthorized user, it’s critical to take immediate action to contain the breach and begin investigating. Follow these steps: 1. Immediate Containment 2. Secure Your Account 3. Investigate the Breach 4. Audit IAM Access and Keys 5. Take […]

Leave a Reply

Your email address will not be published. Required fields are marked *