Setting up an Amazon AWS VPC – Virtual Private Cloud

Introduction

This blog is the first in a series sharing how I set up my web server on Amazon to host my websites. I’ve recorded this in the above video, and you’ll also find a step by step instruction here.

 

An Amazon Virtual Private Cloud (VPC) is a commercial cloud computing service where you provision a network where you can use Amazon Web Services (AWS). Think of it as building your own data centre. They provide a significant amount of documentation, and it is checking out the Virtual Private Cloud Documentation.

Prerequisites

♦ An account with Amazon AWS (register).

Step 1: Choose the region best for you and your customers.

There are some 16 geographic regions around the world to choose from and at the time of writing new ones planned in Bahrain, China, France, Hong Kong and Sweden.

You’re going to need to choose whats nearest. For example, I live in Switzerland. I tested both Ireland and Frankfurt in Germany until I decided what was better. I think the price differences minimal but I’m only running a couple of machines and see a 10 dollar difference per year.

Map shown AWS regions

https://aws.amazon.com/about-aws/global-infrastructure/

Select region in AWS console using drop down found in top right corner.

Step 2: Decide on the CIDR network IP range for the network.

You can think of this step like you are deciding on phone numbers. It’s not possible for two people to have the same telephone number and phone each other.  If you ever get into e-commerce, then most likely you’ll need or want VPN access to your systems on Amazon.

Showing CIDR addresses in a diagram of an office building and the AWS data centre.

Private IP address ranges you can choose from include

♦ 10.0.0.0 – 10.255.255.255

♦ 172.16.0.0 – 172.31.255.255

♦ 192.168.0.0 – 192.168.255.255

I would use the 10. range and change the second digit to a higher number which can be anything from 0 to 255.

An example of good CIDR ranges

Step 3: Create your VPC

Login to the AWS console and through the Service (top left next to the AWS icon) -> Select VPC -> then Select Your VPC -> “Create VPC”.

AWS VPC Management console

Specify your VPC Name and CIDR already discuss in step 2.

♦ VPC Name = Production environment

♦ IPV4 CIDR = 10.168.0.0/24

AWS VPC Create dialog

There is one further action required, and that is to activate DNS Hostname resolution. It will later allow you to connect to your web servers.

AWS VPC Management console activating DNS hostnames

Step 4: Create your Subnets

These provide for a high availability architecture, the how I’ll also be blogging on. Amazon covers this extensively in their white papers.

From the VPC Dashboard -> Select Subnets -> “Create Subnet”

AWS VPC Subnet management console

We will create three subnets in three availability zones, which will allow you later to adapt architecture when you need to.

♦ Subnet name = prod-1

♦ VPC = Production environment

♦ Choose the first availability zone from the drop down box

♦ IPV4 CIDR = 10.168.1.0/24

AWS Subnet create dialog

Already discussed in step 2, you’ll just increment the 3rd octet/digit of the IP for each subnet, i.e. 10.168.2.0/24 and 10.168.3.0/24.

Step 5: Hook up Subnet and Route table

From the VPC Dashboard -> Select Route Tables.

There should be an entry here already created for your VPC. If not then create it.  There are two things I would do.

♦ Name the route table (just click where the name is and type it in).

♦ Explicitly associate the subnets by checking the check boxes and saving.

AWS VPC Route table management console

The route table will look like this when the changes are made.

AWS VPC Route table management console with associated subnets

If you want to create a locked down area for backend servers, then you’ll want to read up on creating custom subnets with a virtual private gateway.

Step 5: Creating an Internet Gateway

From the VPCDashboard -> Select Internet Gateways -> “Create Internet Gateway”, then give in a meaningful name.

Many prefix the name with the word “gateway” or letters “igw”. You also need to hook it up to your VPC, where you simply click on “Attach to VPC”.

AWS VPC Internet gateway management console

Step 6: Setup Routing to Internet

In this final stage, we are going to set up the VPC so your web servers can reach the internet and server whatever they’re going to serve.

From the VPC Dashboard -> Select Route Tables -> Select your Route Table -> then Select the Route Tab -> Edit -> and “Add another route”.

Enter the destination “0.0.0.0/0” and in the target is the internet gateway you created. This just tells the router if it does not find the IP the server is looking for, then try the internet gateway.

AWS VPC Route table management console hooking up internet access

Click on save, and you have completed setting up your VPC.

Leave a Reply

Your email address will not be published. Required fields are marked *