期中實作 - HackMD

# 期中實作 ![1](https://hackmd.io/_uploads/rJJ1fxbda.jpg) --- ## **1.建立vpc** ![1.1](https://hackmd.io/_uploads/HynNfgZuT.png) ## **2.新增三個subnet**(public subnet 需開啟 auto asign ipv4且 az要設定一下) ![2](https://hackmd.io/_uploads/HJW_flZ_a.png) ![2.2](https://hackmd.io/_uploads/Sy9Yfxb_a.png) ## **3.建立igwc和route table並且attach到該VPC** ![3](https://hackmd.io/_uploads/HJPqMg-da.png) ## **4.將public subnet(兩個)放入其中與route table建立關聯之後edit route，將所有流量(0.0.0.0/0)導入到igw以連接網路** ![4](https://hackmd.io/_uploads/BJeszlWup.png) ## **5.建立EC2** **for public ec2(分別對應不同subnet)** **security group 新增HTTP 並改為Anyway** ![5](https://hackmd.io/_uploads/rkW1XlZdp.png) ![6](https://hackmd.io/_uploads/ry92GgWdp.png) **每一個public ec2內的userdata輸入以下指令:** ``` #!/bin/bash ######################################## ##### USE THIS WITH AMAZON LINUX 2 ##### ######################################## # get admin privileges sudo su # install httpd (Linux 2 version) yum update -y yum install -y httpd.x86_64 systemctl start httpd.service systemctl enable httpd.service echo "Hello World from $(hostname -f)" > /var/www/html/index.html ``` **for private ec2 的 security group** ![7](https://hackmd.io/_uploads/HJEZQgWOp.png) ## **6.建立一個NAT Gateway(需Allocate 一個 elastic ip)** ![8](https://hackmd.io/_uploads/By2Z7eb_p.png) ## **7.在建立一個Route table** **與private subnet associate，edit route，edit route將所有流量導入到NAT gateway** ![9](https://hackmd.io/_uploads/HyAcXgZ_T.png) ## **8.local連到public ec2連入private ec2** **連到public** ``` ssh-agent bash ssh-add ~/testkey.pem ssh-add -L ssh -A ec2-user@44.192.118.155 ``` **連到private** ``` ssh <private ipv4> ``` ![10](https://hackmd.io/_uploads/rk1YVxWd6.png) ![10-1](https://hackmd.io/_uploads/HkL5Vgb_6.png) ## **9.安裝DB，登入SQL建立user並設定** ``` #更新套件 sudo dnf update #安裝資料庫 sudo dnf install mariadb105-server #啟動資料庫 sudo systemctl start mariadb #允許機器重啟自動啟動資料庫 sudo systemctl enable mariadb #查詢資料庫狀態 sudo systemctl status mariadb #資料庫設定 sudo mysql_secure_installation 選擇n、y(設定密碼123456)、y、n、y、y #登入測試 mysql -u root -p ``` ``` #root登入 mysql -u root -p #建立user CREATE USER user@'%' IDENTIFIED BY 'user'; (帳號密碼都是user) #給予user權限 GRANT ALL PRIVILEGES ON * . * TO 'user'@'%'; #更新 FLUSH PRIVILEGES; ``` ## **10.回public ec2 安裝套件** ``` sudo yum install mariadb105 ``` **登入user** ``` mysql -u user -p -h 192.168.2.39 #密碼user ``` ## **重新打開全部ec2，刪除NATGate way、刪除private RT、release elastic ip並且使用root進入DB(先進public後連線到private)** ![11](https://hackmd.io/_uploads/S1Jp7xZO6.png) ## **11.創建資料庫** ``` #創建資料庫 CREATE DATABASE testdb; #使用資料庫 USE testdb; #創建資料表 CREATE TABLE addressbook(name varchar(50) not null,phone char(10)); #建立資料 INSERT INTO addressbook(name,phone) value ("tom","0912123456"); INSERT INTO addressbook(name,phone) value ("soober","0963000000"); #查看資料 SELECT * FROM addressbook; #離開資料庫 exit ``` ![12](https://hackmd.io/_uploads/SkD6mg-_T.png) **切換到public ec2登入database的user且查看db** ![13](https://hackmd.io/_uploads/SkXJNx-_a.png) ## **12.安裝http伺服器** ``` sudo yum install httpd -y sudo yum install php8.1 php8.1-fpm.x86_64 php8.1-mysqlnd.x86_64 -y cd /var/www/html ``` ## **13.輸入vim index.php(注意權限是否為root)** ``` <?php $servername="192.168.2.39"; $username="user"; $password="user"; $dbname="testdb"; $conn = new mysqli($servername, $username, $password, $dbname); if($conn->connect_error){ die("connection failed: " . $conn->connect_error); } else{ echo "connect OK!" . "<br>"; } $sql="select name,phone from addressbook"; $result=$conn->query($sql); if($result->num_rows>0){ while($row=$result->fetch_assoc()){ echo "name: " . $row["name"] . "\tphone: " . $row["phone"] . "<br>"; } } else { echo "0 record"; } ?> ``` ![14](https://hackmd.io/_uploads/SkcV4lZ_p.png) ## 第二個ec2重複第12.13步 ## **14.設立target group、建立ELB** **內含有兩個public subnet後將ELB指向tg後就會平均分配流量到兩個subnet中的兩個ec2** ![15](https://hackmd.io/_uploads/S17rNebOT.png) ## **15.建立ALB** ![16](https://hackmd.io/_uploads/ryYSVgZOa.png) ### **複製dns後就可以看到跟第13步一樣的結果** ### **不同的地方就在於它是由2台ec2分配流量**