Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
my writeup of setting up an RDS-backed VPC

VPC + RDS

Setting up VPC

  • http://console.aws.amazon.com/vpc

  • "Create VPC" (blue button)

    • name tag: whatever
    • CIDR block: 10.0.0.0/16
    • Tenancy: Default
  • "Subnets" (sidebar) > "Create Subnet" (blue button)

    • name tag: whatever
    • VPC:
    • Availability Zone: No Preference
    • CIDR block: 10.0.0.0/24
  • "Create Subnet"

    • name tag: whatever
    • VPC:
    • Availability Zone: Something other than the last subnet's AZ
    • CIDR block: 10.0.1.0/24
  • Repeat last part for however many subnets you want

Create VPC security group (not DB security group!)

  • "Security Groups" (sidebar) > "Create Security Group" (blue button)

    • name: whatever
    • group name: whatever
    • description: description, blah
    • VPC: point to VPC created above
  • click on created SG, "Inbound Rules" tab

Type Protocol Port Range Source (notes)
SSH (22) TCP (6) 22 0.0.0.0/0 ssh
HTTP (80) TCP (6) 80 0.0.0.0/0 web
HTTPS (443) TCP (6) 443 0.0.0.0/0 https
HTTP\* (8080) TCP (6) 8080 0.0.0.0/0 dev
Custom TCP Rule TCP (6) 5432 0.0.0.0/0 psql

Create DB Subnet Group

  • http://console.aws.amazon.com/rds
  • "Subnet Groups" (sidebar) > "Create DB Subnet Group" (blue button)
    • Name: whatever (influence-explorerdb-subnet)
    • Description: whatever
    • VPC ID: select the one created above (influence-explorer)
    • Add subnets from at least two AZs
    • "Create"

Launch DB Instance

  • http://console.aws.amazon.com/rds

  • "Launch DB Instance" (blue button)

    • Pick PostgreSQL > "Select"

    • Select yes/no for pricey/regular (I picked no) > "Next Step"

    • Specifications:

      • DB Engine: postgres

        • License Model: postgresql-license
        • DB Engine Version: 9.3.5
        • DB Instance Class: (db.m3.large)
        • Multi-AZ Deployment: (no)
        • Storage Type: (General Purpose SSD)
        • Allocated Storage: (100GB)
        • DB Instance Identifier: influence-explorer-db
        • Master Username: influence
        • Password: (see keepass)
      • "Next Step"

    • Network & Security

      • VPC: name of VPC from earlier (influence-explorer)
      • Subnet Group: DB Subnet from earlier (influence-explorerdb-subnet)
      • Publicly Accessible: (no)
      • Availability Zone: (no preference)
      • VPC Security Groups: VPC SG from earlier (influence-explorer)
    • Database Options

      • Database Name: influenceexplorer
      • Database Port: 5432
      • DB Parameter Group: (default.postgres9.3)
      • Option Group: (not selectable?)
      • Enable Encryption: (no)
    • Backup

      • Backup Retention Period: (3 days)
      • Backup Window (No Preference)
    • Maintenance

      • Auto Minor Version Upgrade: (yes)
      • Maintenance Window: No Preference
  • "Launch DB Instance"

Launch EC2 Instances

  • Choose AMI (Ubuntu Server 14.04 LTS (PV), SSD Volume Type)
  • Choose Instance Type (m3.large)
  • Configure Instance Details
    • Number of Instances: (1)
    • Purchasing Option: (unchecked)
    • Network: the VPC from above (influence-explorer)
    • Auto-assign Public IP: Enable if you want to access directly (enabled)

Create Internet Gateway

  • https://console.aws.amazon.com/vpc

  • "Create Internet Gateway" (blue button)

    • Name: whatever (influence-explorerinternet-gateway)
  • "Create"

  • Right click on newly created internet gateway > Attach to VPC

  • select a VPC and attach

Create/Configure Route Table

  • https://console.aws.amazon.com/vpc
  • "Route Tables" (sidebar)
  • one should have been made automatically. select the one attached to your VPC
  • in the display window > "Routes" tab
  • add a new route targeted at the internet gateway (igw-7b20a81e)
Destination Target Status Propagated
10.0.0.0/16 local Active No
0.0.0.0/0 igw-7b20a81e Active No
  • in the display window > "Subnet Associations" tab
  • Edit
  • Add your subnets
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.