- Select that instance you will find, list of tabs below, choose security tab. After that click on security group.
- Right side it shows “Edit inbound rules” click on it. Add below rules.
- SSH (Type)-TCP (protocol)-22 (Port range)-source (Ipv4)
- HTTP (Type)-TCP (protocol)-80 (Port range)-source (Ipv4)
- All traffic (All)-TCP (protocol)-All (Port range)-source (Ipv4)
- All traffic (All)-TCP (protocol)-All (Port range)-source (Ipv6)
Connect to the Gitbash using ssh command
- Select the instance on the top list click on “connect”.
- Then you can see list of tabs from them choose “SSH Client”.
- Then it shows the command for connecting “Gitbash”.
Example:
- ssh -i “thecorpwork.pem” ubuntu@ec2-65-0-26-45.ap-south-1.compute.amazonaws.com
- Copy the above command past in gitbash to connect.
- Before pasting that command you need to be in your “.pem” file path.
- Then only the above ssh command will work other wise it will not connect.
Apache installation and folder structure creation
- In Gitbash command line follow the below steps
- sudo su
- above command for root user permission
- sudo chmod -R 777 /var
- folder permission to create anything in var folder
- we need to create a folder structure www->html
- cd /var/www/html
- sudo apt update
- sudo apt install apache2
- sudo ufw app list
- sudo ufw allow ‘Apache’
- sudo ufw status
- sudo systemctl status apache2
How to move files from local to ec2 instace
To move files to Ec2 instance html folder we need to connect to the winscp
- From above click on “Edit” button, Then click on “Advanced ” button.
- After clicking the Advanced button new pop window will be opened.
SSH:
- KEY EXCHANGE
- AUTHENTICATION
- BUGS
- We need to click on “Authentication”
- No need to worry about the .ppk file, here your password is .pem file only which, we have
- Downloaded while creation of our EC2 instance, the winscp will convert automatically to .ppk file to login.
- After successfully connecting to the “winscp” you need to just drag your local files to the
/var/www/html folder path.
- You need to delete “index.html” file , after installing the Apache it will be created in the
/var/www/html folder . We need to delete that file or else rename it.
- Now we need to check our local files are working or not in the “EC2” .
- To Know that we need to click on “EC2” . instance
- Below we can see list of tabs from them click on “Details”
- Public IPv4 address: 65.0.26.45
- Copy that and past in browser now site will not be opened why because, default it will take
- https: which we are not configured yet.
- So, manually we need to make the Ip as http://65.0.26.45
- Then site will show your project out put.
Database creation using RDS
- Now we need database for our project.
- Go the “Ec2” instance dashboard in search bar search for “RDS”
- After clicking the “RDS” right side one button will be their named “create database”
- Click on it,
- Standard create (choose this one)
- Easy create
- Engine options (Choose below one)
- Mysql
- After clicking the “RDS” right side one button will be their named “create database”
- Settings:
DB cluster identifierInfo
- database-1
- Credentials Settings
- Credentials Settings :
- Master username
- Master password
Give user name and password based on your choice or else use default password.
- Public access :
- Yes (We need to choose this one)
- no
Now create your database no need to change anything except above changes.
SSL certificate Generation in AWS
STEP 1: Go to the AWS dashboard, in search bar search for “Certificate Manager”
We are going to see 3 options.
- Request a certificate
- Import a certificate
- Create a Private CA
Choose “Request a certificate” option from above
- Certificate type
- Request a public certificate
- Request a private certificate
Choose “Request a public certificate” option from above
- Domain names
Fully qualified domain name
c) Select validation method
- DNS validation – recommended
- Email validation
Choose email validation if you the domain registered email address for verification.
If you don’t have the Email details proceed with DNS Validation.
D) Tags
Tag key
- thecorpwork
After choosing your choice click on “Request” Button.
Note : If we choose “Import a certificate” option, then we need to follow below links.
- https://help.zerossl.com/hc/en-us/articles/360060120373-Installing-SSL-Certificate-on-Ubuntu
- https://blog.tcmhack.in/how-to-install-ssl-certificates-on-amazon-ec2-ubuntu-server/
STEP 2: Route 53
- After clicking the “Request” you will get 3 CNAME records, you need to add them
- In your hosted zone.
- To add them in you hosted zone you need to click “create records in Route 53”
- Then all your CNAME Records will be added to the zone automatically.
- It will to 5 minutes to validate the records.
- If all records are validated means you can see the status as success.
STEP 3: Load Balancer
Click on “Create load Balancer” button:
Load balancer types
- Application Load balancer
- Network Load balancer
- Gateway Load balancer
Choose “Application Load Balancer”
- Scheme
- Internet-facing
- IP address type
- IPv4
- Network mapping
- ap-south-1
- ap-south-1b
- Security groups
- Default and launch-wizard-1 (two groups selected)
- Listeners and routing
EC2->Target groups
Add below two groups
- Listener HTTP:80
- Listener HTTPs:443
- Secure listener settings
Security policy (Below one selected)
- ELBSecurityPolicy-2012-08
- Default SSL/TLS certificate
- from ACM->thecorpwork.com(2c4…) (selected)
- Choose a target type
- Instances
- Target group name
- protocol->HTTPS->443
- Health checks
- HTTPS (Selected)
- We need to add the sub domain rules after clicking on “edit rules”
