Deploying WordPress and MySQL inside our own VPC...
This is the 4th task of Hybrid Multi Cloud training..
This task is same as task 3 but in this task i have added some more extra feature..
Task objective in detail..
1. Write an Infrastructure as code using terraform, which automatically create a VPC.
2. In that VPC we have to create 2 subnets:
1. public subnet [ Accessible for Public World! ]
2. private subnet [ Restricted for Public World! ]
3. Create a public facing internet gateway for connect our VPC/Network to the internet world and attach this gateway to our VPC.
4. Create a routing table for Internet gateway so that instance can connect to outside world, update and associate it with public subnet.
5. Create a NAT gateway for connect our VPC/Network to the internet world and attach this gateway to our VPC in the public network
6. Update the routing table of the private subnet, so that to access the internet it uses the nat gateway created in the public subnet
7. Launch an ec2 instance which has Wordpress setup already having the security group allowing port 80 sothat our client can connect to our wordpress site. Also attach the key to instance for further login into it.
8. Launch an ec2 instance which has MYSQL setup already with security group allowing port 3306 in private subnet so that our wordpress vm can connect with the same. Also attach the key with the same.
Note: Wordpress instance has to be part of public subnet so that our client can connect our site.
mysql instance has to be part of private subnet so that outside world can't connect to it.
Don't forgot to add auto ip assign and auto dns name assignment option to be enabled.
I will perform all the above mention steps using terraform code..
Lets start doing the task..
Code for terraform provider..
Step :- 1 code for creating VPC.
Step 2 :-Creating Public subnet and private subnet..
Public subnet..
Private Subnet..
Step 3 :-Code for creating Internet gateway..
Step 4 :-Code for creating routing table..
Step 5 :- Attaching routing table with public subnet..
Step 6 :- Elastic IP..
Step 7 :- Nat gateway in public subnet..
Step 8 :- Routing table for Nat gateway..
Step 9 :- Attaching Nat gateway to the private subnet so that instance in private subnet will have outside connectivity and any body from the outside world will not able to connect to the instance inside private subnet..
Step 10 :- Security group for wordpress which allow port 80..
Step 11 :- Security group of Bastion host which allow port 22.
Step 12 :- Security group of MySQL which allow port 3306 and 22
Step 13 :- Wordpress instance in public subnet..
Step 14 :- MySQL instance in private subnet..
Step 15 :- Bastion host instance in public subnet..
Here I have created instance of WordPress and MySQL using my own created AMI..
Step 16 :- Getting the IP of WordPress , MySQL and Bastion host instance in output terminal..
Writing of terraform code part has been over now i will run the the code..
Before running the code i have to download plugin. I will download plugin by command using "terraform init" command..
Plugin has been downloaded successfully...
Now i wil run the terraform code by using "terraform apply -auto-approve" command..
Code has been run successfully and all the resources that i have mention in the code has been created successfully..
Now lets see the output of the code..
VPC has been created..
Subnet has been created..
Internet gateway has been created..
Elastic IP has been created..
NAT gateway has been created..
Routing table has been created..
Instances has been created..
Instance IP..
Now i will access the word press from the chorme...
Now i will connect the WordPress to MySQL..
I have set the database name , user name and password at the time of creating MySQL Image..
After clicking on submit button i will get a code then i have to go inside wordpress instance and create a file "wp-config.php" inside "/var/www/html" and copy the code inside the file..
Code has been copied inside the file "wp-config.php"
Reason of copying code
WordPress uses an Apache user behind the scene. And i have not given apache user any permission to go inside the file "/var/www/html" and do some changes their at the time of creating AMI this is the reason that i have manually done the changes by going inside the file..
After doing the above steps. I will get the below screen and here i have to give necessary details for getting login page..
Now i will give the username and password to go inside the dashboard..
Here comes the dashboard..
Use of Bastion Host instance
MySQL instance is running inside the private subnet we cannot connect MySQL from the public world. If we want to do any changes inside the MySQL instance then we have to go inside the MySQL instance and in this case here the role of bastion host instance come in play bastion host will go inside the MySQL instance and do the required changes their.
For going inside MySQL Bastion host instance required a key.
I will copy the key from my desktop to bastion host instance..
Now i will go inside the bastion host and from their i will go inside the MySQL instance..
I have landed inside the MySQL..
MySQL instance can go outside to the internet world. But no one can connect MySQL from the outer world apart from Wordpress insatnce and Bastion host instance..
After doing all the above setup i have successfully destroy the whole setup by just a single command "terraform destroy -auto-approve"
All the resources has been destroyed successfully..
Code used in this setup you will get from the below link..
https://github.com/AJAY487-star/aws-task-4