ALB+EC2+MySQL

概要

组件：一个VPC，两个AZ，AZ-1中创建两个Subnet，分别放EC2和RDS，AZ-2中创建1个Subnet，放EC2，ALB下接这2个EC2。

功能：通过外网访问ALB公共地址，更新MySQL中的表数据。

实施

网络部分

创建VPC

名称：VPC_Minato

IPv4 CIDR	IPv6 CIDR
192.168.0.0/16	No

创建Internet Getway

名称：IGW-Minato

Name	VPC
IGW-Minato	VPC_Minato

创建Route Table

1.用于VPC的主路由

名称：RT_Minato

送信先	Target
192.168.0.0/16	local

2.用于外网访问的次路由

名称：RT_Minato_Internet

送信先	Target
192.168.0.0/16	local
0.0.0.0/0	IGW-Minato

创建Subnet

Name	IPv4 CIDR	AZ	Route Table
VPC_Minato_Subnet_A	192.168.0.0/24	AZ-1	RT_Minato_For_Internet
VPC_Minato_Subnet_B	192.168.1.0/24	AZ-1	RT_Minato
VPC_Minato_Subnet_C	192.168.2.0/24	AZ-2	RT_Minato_For_Internet

创建SG

1.用于EC2

名称：SG-Minato
Inbound:

Type	Protocal	Port	Source
HTTP	TCP	80	192.168.0.0/16
SSH	TCP	22	0.0.0.0/0

Outbound:

Type	Protocal	Port	Source
ALL	ALL	ALL	0.0.0.0/0

2.用于RDS

名称：RDS-Security-Group
Inbound:

Type	Protocal	Port	Source
MYSQL/Aurora	TCP	3306	192.168.0.0/16

Outbound:

Type	Protocal	Port	Source
ALL	ALL	ALL	0.0.0.0/0

3.用于ALB

名称：LB_SG_for_Internet
Inbound:

Type	Protocal	Port	Source
HTTP	TCP	80	0.0.0.0/0

Outbound:

Type	Protocal	Port	Source
ALL	ALL	ALL	0.0.0.0/0

实例部分

创建EC2

Name	AZ	Subnet	Key Name	Security Group
Server-A	AZ-1	VPC_Minato_Subnet_A	Linux_key	SG-Minato
Server-C	AZ-2	VPC_Minato_Subnet_C	Linux_key	SG-Minato

创建ALB

Name	AZ	skim	type	Security Group
LB-Minata	AZ-1,AZ-2	internet-facing	application	LB_SG_for_Internet

Target Group	Target type	protocol:port
Target-GP	instance	HTTP：80

---

以下参照：https://docs.aws.amazon.com/ja_jp/AmazonRDS/latest/AuroraUserGuide/CHAP_Tutorials.WebServerDB.CreateWebServer.html

如下操作分别在Server-A 和Server-B 上实施：

安装Apache

[ec2-user ~]$ sudo yum update -y
[ec2-user ~]$ sudo yum install -y httpd24 php56 php56-mysqlnd
[ec2-user ~]$ sudo service httpd start
[ec2-user ~]$ sudo chkconfig httpd on

Apache Web Server 的文件访问权限设置

[ec2-user ~]$ sudo groupadd www
[ec2-user ~]$ sudo usermod -a -G www ec2-user
[ec2-user ~]$ exit

[ec2-user ~]$ groups
[ec2-user ~]$ sudo chgrp -R www /var/www
[ec2-user ~]$ sudo chmod 2775 /var/www
[ec2-user ~]$ find /var/www -type d -exec sudo chmod 2775 {} +
[ec2-user ~]$ find /var/www -type f -exec sudo chmod 0664 {} +

Apache Web Server 连接数据库实例

[ec2-user ~]$ cd /var/www
[ec2-user ~]$ mkdir inc
[ec2-user ~]$ cd inc
[ec2-user ~]$ >dbinfo.inc
[ec2-user ~]$ nano dbinfo.inc

<?php

define('DB_SERVER', 'db_cluster_writer_endpoint');
define('DB_USERNAME', 'tutorial_user');
define('DB_PASSWORD', 'master password');
define('DB_DATABASE', 'sample');

?>
                

[ec2-user ~]$ cd /var/www/html
[ec2-user ~]$ >SamplePage.php
[ec2-user ~]$ nano SamplePage.php

<?php include "../inc/dbinfo.inc"; ?>
<html>
<body>
<h1>Sample page</h1>
<?php

  /* Connect to MySQL and select the database. */
  $connection = mysqli_connect(DB_SERVER, DB_USERNAME, DB_PASSWORD);

  if (mysqli_connect_errno()) echo "Failed to connect to MySQL: " . mysqli_connect_error();

  $database = mysqli_select_db($connection, DB_DATABASE);

  /* Ensure that the EMPLOYEES table exists. */
  VerifyEmployeesTable($connection, DB_DATABASE);

  /* If input fields are populated, add a row to the EMPLOYEES table. */
  $employee_name = htmlentities($_POST['NAME']);
  $employee_address = htmlentities($_POST['ADDRESS']);

  if (strlen($employee_name) || strlen($employee_address)) {
    AddEmployee($connection, $employee_name, $employee_address);
  }
?>

<!-- Input form -->
<form action="<?PHP echo $_SERVER['SCRIPT_NAME'] ?>" method="POST">
  <table border="0">
    <tr>
      <td>NAME</td>
      <td>ADDRESS</td>
    </tr>
    <tr>
      <td>
        <input type="text" name="NAME" maxlength="45" size="30" />
      </td>
      <td>
        <input type="text" name="ADDRESS" maxlength="90" size="60" />
      </td>
      <td>
        <input type="submit" value="Add Data" />
      </td>
    </tr>
  </table>
</form>

<!-- Display table data. -->
<table border="1" cellpadding="2" cellspacing="2">
  <tr>
    <td>ID</td>
    <td>NAME</td>
    <td>ADDRESS</td>
  </tr>

<?php

$result = mysqli_query($connection, "SELECT * FROM EMPLOYEES");

while($query_data = mysqli_fetch_row($result)) {
  echo "<tr>";
  echo "<td>",$query_data[0], "</td>",
       "<td>",$query_data[1], "</td>",
       "<td>",$query_data[2], "</td>";
  echo "</tr>";
}
?>

</table>

<!-- Clean up. -->
<?php

  mysqli_free_result($result);
  mysqli_close($connection);

?>

</body>
</html>


<?php

/* Add an employee to the table. */
function AddEmployee($connection, $name, $address) {
   $n = mysqli_real_escape_string($connection, $name);
   $a = mysqli_real_escape_string($connection, $address);

   $query = "INSERT INTO EMPLOYEES (NAME, ADDRESS) VALUES ('$n', '$a');";

   if(!mysqli_query($connection, $query)) echo("<p>Error adding employee data.</p>");
}

/* Check whether the table exists and, if not, create it. */
function VerifyEmployeesTable($connection, $dbName) {
  if(!TableExists("EMPLOYEES", $connection, $dbName))
  {
     $query = "CREATE TABLE EMPLOYEES (
         ID int(11) UNSIGNED AUTO_INCREMENT PRIMARY KEY,
         NAME VARCHAR(45),
         ADDRESS VARCHAR(90)
       )";

     if(!mysqli_query($connection, $query)) echo("<p>Error creating table.</p>");
  }
}

/* Check for the existence of a table. */
function TableExists($tableName, $connection, $dbName) {
  $t = mysqli_real_escape_string($connection, $tableName);
  $d = mysqli_real_escape_string($connection, $dbName);

  $checktable = mysqli_query($connection,
      "SELECT TABLE_NAME FROM information_schema.TABLES WHERE TABLE_NAME = '$t' AND TABLE_SCHEMA = '$d'");

  if(mysqli_num_rows($checktable) > 0) return true;

  return false;
}
?>                        
                

数据库部分

创建RDS（MySQL）

创建Subnet Group：db-subnetgroup

AZ	Subnet
AZ-1	Subnet-B
AZ-2	Subnet-C（D）

创建Paremeter Group：Default

创建OptionGroup：Default

创建数据库

DB	Engine	AZ	Security Group	Admin USER	Admin PW
database-minato	MySQL Community	AZ-1	RDS-Security-Group	admin	admin-xxx