diff --git a/README.md b/README.md index 35e4ec7..34dfb97 100644 --- a/README.md +++ b/README.md @@ -10,13 +10,13 @@ If you don't already have the AWS PowerShell SDK installed, [install-awspowershe ``` I recommend using [Visual Studio Code with the PowerShell extension](https://benpiper.com/2017/08/visual-studio-code-as-a-powershell-integrated-scripting-environment/). It works on Linux, Mac, and Windows! -#### AWS Networking Deep Dive: Virtual Private Cloud (VPC) lab setup +#### Virtual Private Cloud (VPC) lab setup Refer to [vpc/lab-setup.md](vpc/lab-setup.md) for the lab setup for this course. -#### AWS Networking Deep Dive: Elastic Load Balancing (ELB) lab setup +#### Elastic Load Balancing (ELB) lab setup Refer to [elb/lab-setup.md](elb/lab-setup.md) for the lab setup for this course. -#### AWS Networking Deep Dive: Route 53 DNS lab setup +#### Route 53 DNS] lab setup Refer to [route53/lab-setup.md](route53/lab-setup.md) for the lab setup for this course. *Baked with love for PowerShell Core!* diff --git a/elb/README.md b/elb/README.md index 83ee50f..650bf9d 100644 --- a/elb/README.md +++ b/elb/README.md @@ -1 +1,4 @@ -[lab-setup.ps1](lab-setup.ps1) - Refer to lab-setup.md for instructions \ No newline at end of file + +Course link: [AWS Networking Deep Dive: Elastic Load Balancing (ELB)](https://pluralsight.pxf.io/6bXjBK) + +[lab-setup.ps1](lab-setup.ps1) - Refer to lab-setup.md for instructions diff --git a/elb/lab-setup.md b/elb/lab-setup.md index 7e3224d..d4bd8c9 100644 --- a/elb/lab-setup.md +++ b/elb/lab-setup.md @@ -1,4 +1,59 @@ + +## Automated lab setup 1. You will need the AWS PowerShell SDK installed and loaded. Run [install-awspowershell.ps1](/install-awspowershell.ps1) to take care of this, or do it manually. 2. Edit the file [_credentials.ps1](_credentials.ps1), replace the AWS secret key and access key with your own, and save the file as credentials.ps1 3. Edit [lab-setup.ps1](lab-setup.ps1) and modify the AWS region (default is us-east-1), SSH keypair name, and your public IP address accordingly. 4. Run [. ./lab-setup.ps1](lab-setup.ps1) + +## Manual lab setup + +VPC: webapp-vpc 172.31.0.0/16 + +Subnets: +web-1a 172.31.1.0/24 +web-1b 172.31.2.0/24 +App-1a 172.31.101.0/24 +App-1b 172.31.102.0/24 + +Internet gateway: webapp-igw + +Route tables: +webapp-rt (associate with all subnets): +Default IPv4 (0.0.0.0/0) and IPv6 (::0/0) routes with internet gateway as target + +Security groups: +web-sg: +Inbound tcp/80,443 from 0.0.0.0/0 +Inbound tcp/81 from 172.31.0.0/16 +Inbound tcp/22 (SSH) from your IP + +app-sg: +Inbound tcp/8080,8443 from 172.31.0.0/16 +Inbound tcp/22 (SSH) from your IP + +db-sg: +Inbound tcp/3306 (MySQL) from 172.31.101.0/24,172.31.102.0/24 +Inbound tcp/22 (SSH) from your IP + +Instances: +All instances use the AMI named "aws-elasticbeanstalk-amzn-2017.03.1.x86_64-ecs-hvm-201709251832" (AMI ID ami-c710e7bd in N. Virginia region) +Auto-assign all instances a public IP + +Web tier: +Assign the web-sg security group to all +Name, subnet, IP +Web1, web-1a, 172.31.1.21 +Web2, web-1b, 172.31.2.22 +Web3, web-1b, 172.31.2.23 + +App tier: +Assign the app-sg security group to all +Name, subnet, IP +App1, app-1a, 172.31.101.21 +App2, app-1b, 172.31.102.22 +App3, app-1b, 172.31.102.23 + +Database tier: +Assign the db-sg security group +Name, subnet, IP +db, app-1a, 172.31.101.99 diff --git a/route53/README.md b/route53/README.md index eb95937..5412268 100644 --- a/route53/README.md +++ b/route53/README.md @@ -1,3 +1,9 @@ +Course link: [AWS Networking Deep Dive: Route 53 DNS](https://pluralsight.pxf.io/n1jM96) + ## Lab setup -[lab-setup.ps1](lab-setup.ps1) - View [lab-setup.md](lab-setup.md) for instructions \ No newline at end of file +[lab-setup.ps1](lab-setup.ps1) - View [lab-setup.md](lab-setup.md) for instructions + +### Terraform (Optional) + +Emmanuel Ojeah has created Terraform templates for the course. You can find them at https://github.com/EOjeah/route53-ps diff --git a/route53/dnstest.ps1 b/route53/dnstest.ps1 index 5ec8f4a..686eba0 100644 --- a/route53/dnstest.ps1 +++ b/route53/dnstest.ps1 @@ -40,6 +40,7 @@ function Iterate-NSLookup { $responses.Add($ip,1) Write-Host Resolved unique IP: $ip } + Write-Progress -Activity "Resolving $hostname" -Status $ip -PercentComplete (($stepcounter++ / $iterations) * 100) Start-Sleep -seconds $sleeptime } @@ -54,6 +55,7 @@ function Iterate-NSLookup { return $recordlist } +$stepCounter = 0 $records = Iterate-NSLookup -hostname $hostname -nameserver $nameserver -iterations $iterations -sleeptime $sleeptime $records | Format-Table -Property ip,count,percent Write-Host $records.count "unique responses" for $hostname \ No newline at end of file diff --git a/route53/lab-cleanup.ps1 b/route53/lab-cleanup.ps1 index 5edc5da..ad59dfd 100644 --- a/route53/lab-cleanup.ps1 +++ b/route53/lab-cleanup.ps1 @@ -1,3 +1,5 @@ +Write-Warning "This will destroy AWS resources." -WarningAction Inquire + $cidr = "172.9.0.0/16" $region = "us-west-1" @@ -7,9 +9,28 @@ $instances = Get-EC2Instance foreach ($instance in $instances) { Remove-EC2Instance $instances.Instances.InstanceId -Force } Write-Host Proceed when instances are terminated pause +# Remove network interfaces +# Remove VPCs +$vpcs = Get-EC2Vpc -Region $region -Filter @( @{Name="cidr";Values=$cidr}) +foreach ($vpc in $vpcs) { Remove-EC2Vpc -VpcId $vpc.VpcId -Force } +# Remove resource record sets +# Remove zones +# Remove reusable delegation sets + + +$cidr = "172.3.0.0/16" +$region = "us-east-1" + +Set-DefaultAWSRegion $region +# Remove instances +$instances = Get-EC2Instance +foreach ($instance in $instances) { Remove-EC2Instance $instances.Instances.InstanceId -Force } +Write-Host Proceed when instances are terminated +pause +# Remove network interfaces # Remove VPCs -$vpc = Get-EC2Vpc -Region $region -Filter @( @{name="cidr";value=$cidr}) -Remove-EC2Vpc -VpcId $vpc.VpcId -Force +$vpcs = Get-EC2Vpc -Region $region -Filter @( @{Name="cidr";Values=$cidr}) +foreach ($vpc in $vpcs) { Remove-EC2Vpc -VpcId $vpc.VpcId -Force } # Remove resource record sets # Remove zones -# Remove reusable delegation sets \ No newline at end of file +# Remove reusable delegation sets diff --git a/route53/lab-setup.md b/route53/lab-setup.md index ce2d43c..ae291b9 100644 --- a/route53/lab-setup.md +++ b/route53/lab-setup.md @@ -1,3 +1,4 @@ + 1. You will need the AWS PowerShell SDK installed and loaded. Run [install-awspowershell.ps1](/install-awspowershell.ps1) as root/administrator to take care of this, or do it manually. 2. Edit the file [_credentials.ps1](_credentials.ps1), replace the AWS secret key and access key with your own, and save the file as credentials.ps1 3. Edit [lab-setup.ps1](lab-setup.ps1) and customize the variables for your preferred AWS regions, AMI IDs, IP range, keypair names, and instance type. diff --git a/route53/lab-setup.ps1 b/route53/lab-setup.ps1 index 6461d0b..eaffec4 100644 --- a/route53/lab-setup.ps1 +++ b/route53/lab-setup.ps1 @@ -211,6 +211,7 @@ $itype = "t3.micro" $sship.IpProtocol = "tcp" $sship.FromPort = 22 $sship.ToPort = 22 + $sship.IpRanges.Add("172.3.0.0/16") $sship.IpRanges.Add($myIP) Grant-EC2SecurityGroupIngress -GroupId $sg -IpPermissions @( $httpip, $httpsip, $sship ) diff --git a/route53/s3/index.html b/route53/s3/index.html index 426ff77..4d47f54 100644 --- a/route53/s3/index.html +++ b/route53/s3/index.html @@ -11,5 +11,5 @@ -All servers are down. Please try again later. ☹ +All servers are down. Please try again later. :( \ No newline at end of file diff --git a/vpc/README.md b/vpc/README.md index 83ee50f..d3626bb 100644 --- a/vpc/README.md +++ b/vpc/README.md @@ -1 +1,3 @@ -[lab-setup.ps1](lab-setup.ps1) - Refer to lab-setup.md for instructions \ No newline at end of file +Course link: [AWS Networking Deep Dive: VPC](https://pluralsight.pxf.io/c/1191775/424552/7490?subId1=github&u=https%3A%2F%2Fwww.pluralsight.com%2Fcourses%2Faws-networking-deep-dive-vpc) + +[lab-setup.ps1](lab-setup.ps1) - Refer to lab-setup.md for instructions diff --git a/vpc/lab-setup.md b/vpc/lab-setup.md index b2fc35f..ff91744 100644 --- a/vpc/lab-setup.md +++ b/vpc/lab-setup.md @@ -1,3 +1,4 @@ + 1. You will need the AWS PowerShell SDK installed and loaded. Run [install-awspowershell.ps1](/install-awspowershell.ps1) to take care of this, or do it manually. 2. Edit the file [_credentials.ps1](_credentials.ps1), replace the AWS secret key and access key with your own, and save the file as credentials.ps1 3. Edit [lab-setup.ps1](lab-setup.ps1) and modify the AWS region accordingly (default is us-east-1) diff --git a/vpc/lab-setup.ps1 b/vpc/lab-setup.ps1 index 53fb68b..92fbe96 100644 --- a/vpc/lab-setup.ps1 +++ b/vpc/lab-setup.ps1 @@ -3,8 +3,8 @@ #Import AWS credentials . ./credentials.ps1 #The credentials file should contain the following two variables: -# $AWSAccessKey="" # Your access key -# $AWSSecretKey="" # Your secret key +# $AWSAccessKey="AKIAYVP4CIPPKKEX3NUX" # Replace with your access key +# $AWSSecretKey="mpCNyY4qm3YvBH1f8WQjVQQ6j1Y7kiRkgvl4bbr+" # Replace with your secret key # Set AWS credentials and region $AWSProfileName="aws-networking-deep-dive-vpc" @@ -21,4 +21,4 @@ Set-DefaultAWSRegion -Region $AWSRegion Get-DefaultAWSRegion # Test functionality -if ((Get-EC2Vpc).count -ge 1) { Write-Host Connectivity to AWS established! } \ No newline at end of file +if ((Get-EC2Vpc).count -ge 1) { Write-Host Connectivity to AWS established! }