1. VPC (Virtual Private Cloud) VPC - AWS
Practical Scenario 1:
(i) I want to launch two ec2 instances one will used for application server and
It will be accessed over the Internet
(ii) Second instance will be used for Database server. Access from outside world is restricted.
(iii) My application instance will connect to Database instance internally using VPC subnet
(iv) DB instance need to get updates through internet
VPC stands for Virtual Private Cloud, it is virtual private network and is isolated from other virtual networks in your
AWS account. It's similar to on-premises Data centre.
It is logically isolated from other virtual networks in the AWS Cloud.
The VPC consists of
1) Subnets
a) Public Subnet
b) Private Subnet
2) Routing Table
3) Internet Gateway
4) NAT Gateway
Subnets: The practice of dividing a network into two or more networks is called subnetting.
AWS provides two types of subnetting one is Public which allow the internet to access the machine and another is private
which is hidden from the internet. Instance is a virtual server in the AWS cloud.
Routing Table:
A route table contains a set of rules, called routes that are used to determine where network traffic is directed.
Internet Gateway:
An Internet gateway is a network "node" that connects two different networks that use different protocols (rules) for
communicating. If you have a Wi-Fi connection at home, your Internet gateway is the modem or modem/router
combination that your ISP provides so that you connect to the Internet through their network.
An Internet Gateway (IGW) in AWS is a logical connection between an Amazon VPC and the Internet. If a VPC does
not have an Internet Gateway, then the resources in the VPC cannot be accessed from the Internet
You can only have 1 Internet Gateway per VPC.
An Internet Gateway allows resources within your VPC to access the internet, and vice versa. In order for this to happen, there
needs to be a routing table entry allowing a subnet to access the IGW.
IGW allows resources within your public subnet to access the internet
NAT Gateway:
It allows resources in a private subnet to access the internet (think yum updates, external database connections, wget calls
A NAT Gateway does something similar, but with two main differences:
1. OS patch, etc
2. It only works one way. The internet at large cannot get through your NAT to your private resources unless you explicitly
allow it.
Security Groups cannot be associated with a NAT Gateway
You’ll need one in each Availability zone(AZ) since they only operate in a single AZ
Practical Scenario 1:
(i) I want to launch two ec2 instances one will used for application server and
It will be accessed over the Internet
(ii) Second instance will be used for Database server. Access from outside world is restricted.
(iii) My application instance will connect to Database instance internally using VPC subnet
(iv) DB instance need to get updates through internet
VPC stands for Virtual Private Cloud, it is virtual private network and is isolated from other virtual networks in your
AWS account. It's similar to on-premises Data centre.
It is logically isolated from other virtual networks in the AWS Cloud.
The VPC consists of
1) Subnets
a) Public Subnet
b) Private Subnet
2) Routing Table
3) Internet Gateway
4) NAT Gateway
Subnets: The practice of dividing a network into two or more networks is called subnetting.
AWS provides two types of subnetting one is Public which allow the internet to access the machine and another is private
which is hidden from the internet. Instance is a virtual server in the AWS cloud.
Routing Table:
A route table contains a set of rules, called routes that are used to determine where network traffic is directed.
Internet Gateway:
An Internet gateway is a network "node" that connects two different networks that use different protocols (rules) for
communicating. If you have a Wi-Fi connection at home, your Internet gateway is the modem or modem/router
combination that your ISP provides so that you connect to the Internet through their network.
An Internet Gateway (IGW) in AWS is a logical connection between an Amazon VPC and the Internet. If a VPC does
not have an Internet Gateway, then the resources in the VPC cannot be accessed from the Internet
You can only have 1 Internet Gateway per VPC.
An Internet Gateway allows resources within your VPC to access the internet, and vice versa. In order for this to happen, there
needs to be a routing table entry allowing a subnet to access the IGW.
IGW allows resources within your public subnet to access the internet
NAT Gateway:
It allows resources in a private subnet to access the internet (think yum updates, external database connections, wget calls
A NAT Gateway does something similar, but with two main differences:
1. OS patch, etc
2. It only works one way. The internet at large cannot get through your NAT to your private resources unless you explicitly
allow it.
Security Groups cannot be associated with a NAT Gateway
You’ll need one in each Availability zone(AZ) since they only operate in a single AZ
No comments:
Post a Comment