The Cloud

Evolution of the Custom Cloud: Part 2 "Building the Cloud"

In part 1 we covered our Architecture for the Custom Cloud.

Filed under:

In part 1 we covered our Architecture for the Custom Cloud. Now we’re going to walk through how we build one.

This will require access to the AWS Console.

Login to AWS and go to the VPC Dashboard.

Do NOT click on the VPC Wizard. Instead, select the “Your VPCs” on the left and click “create VPC”.

Fill-in the window that appears. For this example we will call the VPC “Blog” with a subnet of (I know when I first started in on AWS I thought I would never have to deal with network subnetting again. Surprise... it’s still here.)

Once the VPC is created, Edit the VPC and enable DNS Host Names.

Next select Internet Gateways on the left. Then Click “Create Internet Gateway”.

Fill-in the Gateway name. It makes it easier to identify components of a VPC if you use the VPC name whenever possible.

  • Select your new Internet Gateway and click “Attach to VPC”.
  • Select your VPC from the drop down and click attach.

If you notice, my menus are a little crowded. From this point on I recommend using filter by VPC on the left.  Simply select your VPC from the drop down and you will only see items connected to your VPC.

Next click "Subnets" on the left.

In this example we will create 4 subnets.

Note: for the Name I use the <VPC Name> <AZ> and DMZ (If it is one)

Make sure to select your VPC and Availability Zone from the drop downs.

When you are done you should have 4 Subnets. The names and CIDR block for mine are below.

  • Blog 2a DMZ:
  • Blog 2b DMZ:
  • Blog 2a:
  • Blog 2b:

Select Route Tables on the left.

Create two new Route Tables. Mine are called called Blog DMZ and Blog. Just enter the name and select your VPC.

Next associate the DMZ Subnets with the DMZ Route.

  • Select Blog DMZ
  • Select Subnet Association tab.
  • Click Edit.
  • Select the two DMZ subnets. (Blog 2a DMZ and Blog 2b DMZ)
  • Press Save.

Next Repeat the steps above with the Blog Route and the last two subnets.

Now we need to set-up routes for internet traffic.

  • Select the DMZ Route again.

  • Select the Routes Tab.
  • Add destination
  • Under target type igw and the Internet Gateway ID should appear.
  • Click save.

Before we setup and internet route for the internal address we need to start a NAT EC2 instance. Follow the instuction for setting up a  NAT instance here:

Once it is running, go back to VPC Routes.

  • Select the Route Blog.
  • Select the Routes Tab.
  • Add destination
  • Under target Enter the instance ID of the NAT instance you just created.
  • Click save.

There are a few last little steps to get squared away.

  • Define Security groups that fit your need. Simply select security group, and select your VPC from the drop down. I like to define one for the General DMZ and one for the private network.
  • Create an Elastic IP and associate it with you NAT instance.

Congratulations! you have a secure, scalable, and redundant  VPC.


Similar posts

Get notified on new marketing insights

Be the first to know about new B2B SaaS Marketing insights to build or refine your marketing function with the tools and knowledge of today’s industry.