In this hands-on lab, we are going to build a highly available web application, along with a highly available Bastion host architecture.
Learning Objectives
Successfully complete this lab by achieving the following learning objectives:
- Launch an RDS Database
Create a DB Subnet group and launch a multi-AZ RDS database using the provided RDS backup image (containing the WordPress site data).
Database Snapshot ARN:arn:aws:rds:us-east-1:892710030684:snapshot:sysops-certification-la-course
- Create Security Groups
- Navigate to VPC and create four security groups with inbound rules. One Security Group for the Bastion which should accept SSH traffic from anywhere, a Security Group for the Application Load Balancer that allows HTTP and HTTPS traffic from anywhere, a Security Group for the WebServers that allows SSH access from the Bastion Security Group and HTTP and HTTPS traffic from the Application Load Balancer Security Group, and a Security Group for the RDS Database that allows MySQL traffic from the Webserver Security Group.
- Create Launch Configurations and Auto Scaling Groups
Create a Launch Template for the Bastion using Amazon Linux 2 of type t3.micro and a Launch Template for webservers using Amazon Linux 2 of type t3.micro. Additonally, add the User Data script provided in the GitHub Repo.
Create two Auto Scaling Groups using the Launch Templates. The Bastion should have a minimum, maximum, and desired capacity of one and the Webserver should have a minimum, maximum, and desired value of two.
- Modify Database Security Groups and Create an Application Load Balancer
Create an Application Load Balancer and distribute traffic to the webservers. Modify the Database to use the Database Security Group created earlier.
- Browse Web Application
Navigate to the DNS of the Application Load Balancer and go through the setup of WordPress to ensure the webservers can access the back end database.