Deploying a Highly Available Web Application and a Bastion Host in AWS

1.5 hours
  • 5 Learning Objectives

About this Hands-on Lab

In this hands-on lab, we are going to build a highly available web application, along with a highly available Bastion host architecture.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Launch an RDS Database

Create a DB Subnet group and launch a multi-AZ RDS database using the provided RDS backup image (containing the WordPress site data).
Database Snapshot ARN: arn:aws:rds:us-east-1:892710030684:snapshot:sysops-certification-la-course

Create Security Groups
  1. Navigate to VPC and create four security groups with inbound rules. One Security Group for the Bastion which should accept SSH traffic from anywhere, a Security Group for the Application Load Balancer that allows HTTP and HTTPS traffic from anywhere, a Security Group for the WebServers that allows SSH access from the Bastion Security Group and HTTP and HTTPS traffic from the Application Load Balancer Security Group, and a Security Group for the RDS Database that allows MySQL traffic from the Webserver Security Group.
Create Launch Configurations and Auto Scaling Groups

Create a Launch Template for the Bastion using Amazon Linux 2 of type t3.micro and a Launch Template for webservers using Amazon Linux 2 of type t3.micro. Additonally, add the User Data script provided in the GitHub Repo.

Create two Auto Scaling Groups using the Launch Templates. The Bastion should have a minimum, maximum, and desired capacity of one and the Webserver should have a minimum, maximum, and desired value of two.

Modify Database Security Groups and Create an Application Load Balancer

Create an Application Load Balancer and distribute traffic to the webservers. Modify the Database to use the Database Security Group created earlier.

Browse Web Application

Navigate to the DNS of the Application Load Balancer and go through the setup of WordPress to ensure the webservers can access the back end database.

Additional Resources

Make sure you are using N. Virginia (us-east-1) as your region throughout the lab.

Database Snapshot ARN: arn:aws:rds:us-east-1:892710030684:snapshot:sysops-certification-la-course

  • Database Name: wordpressdb (not wordpress)
  • Username: wpuser
  • Password: Password1
  • Database Host: Use the RDS endpoint name
  • Table prefix: wp_

The user data script for the web server launch configuration is here.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?