Index
1.1 프로젝트 목적
1.2 프로젝트 환경
1.3 아키텍처 설계
**2.1 vpc 구축
2.2 Bastion Host 구축
2.3 Web Server 구축
2.4 RDS 구축
2.5 2.5 AMI 생성
2.6 AutoScaling 및 Load Balancing
3.1 wordpress
1.1 프로젝트 목적
- AWS의 다양한 서비스를 사용하여 wordpres를 구현해 보는 것
1.2 프로젝트 환경
- EC2 (Elastic Copmpute Cloud)
- RDS (Relational Database Service)
- AutoScaling
- VPC
- Wordpress 버전 : 4.9.5
- Apache : 2.4.52-1.amzn2.x86_64
- php : 7.2.34-1.amzn2.x86_64
1.3 아키텍처 설계
1) vpc 구축 전 키 생성
2) VPC 마법사
- vpc 와 서브넷 생성
1) 보안 그룹 생성
2) EC2 인스턴스 생성
기존 생성해 놓은 보안 그룹 적용
기존 생성해 놓은 키 페어 적용
3) Bastion Host 확인
PS C:\Users\kiki1> ssh -i mykey.pem ec2-user@13.124.148.64
The authenticity of host '13.124.148.64 (13.124.148.64)' can't be established.
ECDSA key fingerprint is SHA256:7S/4ad6+U/zGDugfsUW9hL5iPGiAa9RmkK5Nrn2XWdM.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '13.124.148.64' (ECDSA) to the list of known hosts.
__| __|_ )
_| ( / Amazon Linux 2 AMI
___|\___|___|
https://aws.amazon.com/amazon-linux-2/
14 package(s) needed for security, out of 17 available
Run "sudo yum update" to apply all updates.
[ec2-user@ip-10-0-7-74 ~]$
AWS에서 생성하는 키페어를 사용 하는 경우, -i 옵션을 붙여서 키 파일을 적어줘야 적용 됨
1) web 인스턴스 생성
2) bastion host에서 접근 확인
[ec2-user@ip-10-0-7-74 ~]$ cd .ssh
[ec2-user@ip-10-0-7-74 .ssh]$ vim id_rsa
[ec2-user@ip-10-0-7-74 .ssh]$ chmod 400 id_rsa
[ec2-user@ip-10-0-7-74 .ssh]$ ssh ec2-user@10.0.137.80
The authenticity of host '10.0.137.80 (10.0.137.80)' can't be established.
ECDSA key fingerprint is SHA256:NWrSyp+3BwirI1x9vnhhJtFNtkf7/k3ItXp3OhA0ltY.
ECDSA key fingerprint is MD5:a2:16:fe:10:89:dd:aa:7b:78:80:bf:04:e7:db:53:0d.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.0.137.80' (ECDSA) to the list of known hosts.
__| __|_ )
_| ( / Amazon Linux 2 AMI
___|\___|___|
https://aws.amazon.com/amazon-linux-2/
14 package(s) needed for security, out of 17 available
Run "sudo yum update" to apply all updates.
[ec2-user@ip-10-0-137-80 ~]$
3) Wordpress 구성
[ec2-user@ip-10-0-137-80 ~]$ sudo yum install -y mysql
[ec2-user@ip-10-0-137-80 ~]$sudo yum install -y httpd
[ec2-user@ip-10-0-137-80 ~]$ sudo service httpd start
Redirecting to /bin/systemctl start httpd.service
[ec2-user@ip-10-0-137-80 ~]$ sudo systemctl enable httpd.service
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
[ec2-user@ip-10-0-137-80 ~]$ wget https://wordpress.org/latest.tar.gz
[ec2-user@ip-10-0-137-80 ~]$ sudo tar -xvzf latest.tar.gz -C /var/www/html
[ec2-user@ip-10-0-137-80 ~]$ ls /var/www/html
wordpress
[ec2-user@ip-10-0-137-80 ~]$ cd /var/www/html/wordpress/
[ec2-user@ip-10-0-137-80 ~]$ sudo cp wp-config-sample.php wp-config.php
[ec2-user@ip-10-0-137-80 ~]$ sudo vim wp-config.php
define( 'DB_NAME', 'wordpress' );
/** Database username */
define( 'DB_USER', 'wordpress' );
/** Database password */
define( 'DB_PASSWORD', '암호' );
/** Database hostname */
define( 'DB_HOST', '엔드포인트' );
/** Database charset to use in creating database tables. */
define( 'DB_CHARSET', 'utf8' );
/** The database collate type. Don't change this if in doubt. */
define( 'DB_COLLATE', '' );
[ec2-user@ip-10-0-137-80 wordpress]$ sudo amazon-linux-extras install -y lamp-mariadb10.2-php7.2 php7.2
1) DB 서브넷 그룹
가용영역 | CIDR 블록 |
---|---|
ap-northeast-2a | 10.0.128.0/20 |
ap-northeast-2b | 10.0.144.0/20 |
2) RDS 생성
3) EC2가 DB에 접근하게 허용
[ec2-user@ip-10-0-137-80 ~]$ export MYSQL_HOST=wordpress.cuqtsa49ab89.ap-northeast-2.rds.amazonaws.com
[ec2-user@ip-10-0-137-80 ~]$ mysql -u admin -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MySQL connection id is 19
Server version: 8.0.28 Source distribution
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MySQL [(none)]>
MySQL [(none)]> use wordpress;
Database changed
MySQL [wordpress]> CREATE USER wordpress IDENTIFIED BY 'dkagh1234!';
Query OK, 0 rows affected (0.01 sec)
MySQL [wordpress]> GRANT ALL PRIVILEGES ON wordpress.* TO wordpress;
Query OK, 0 rows affected (0.01 sec)
MySQL [wordpress]> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)
MySQL [wordpress]> exit
Bye
1) 시작 템플릿 생성
2) Auto scaling 그룹 생성
2) 보안그룹 생성
3) 로드 밸런서 보안 그룹 편집