Basic Networking Concepts using Linux on AWS(PART-I)

Published in

DevOps Engineering on Cloud

8 min readNov 11, 2022

This article will teach you about the concepts related to the provisioning of ec2 instances, Aws security groups, Types of IP addresses,

👨🏽‍💻🧑🏻‍💻For more ARTICLES, FOLLOW📍DevOps Engineering on Cloud

Let’s get started.

Provision EC2 Instance from AWS

provisioning ec2 instance from AWS with ubuntu 20.04 operating system to estimate the price of our instance go to AWS pricing calculator

🚨👉🏼 You can also check the complete udemy course (Linux Shell Commands for Absolute Beginners using Ubuntu 20x)🔗Referral link

Click on create an estimate, select the service and select the region, operating system, instance type, utilization, storage, and pricing strategy according to the requirement.

Click on configure

choosing the operating system and instance type by name

Choosing the no of instances and utilization and pricing strategy

Choosing the storage and viewing the total estimate

Now launch the virtual machine after navigating to your AWS account

create a new key pair in case you don't have any previous keypairs

Make network settings changes if needed by clicking on the Edit option

Select the number of instances and change the volume

Can change storage volume if needed and click on Launch instance. Now connect to the instance with public IP address

Copy public ipv4 DNS and connect to the terminal

use command :

ssh -i ~/Downloads/demo-key.pem ubuntu@public ipv4 address

Here demo-key .pem is my keypair

To get the CPU details of the instance use command

lscpu

To get the memory details of the instance

free -h

To get the storage details

df -h

A detailed explanation about the provisioning of Ec2 instance from AWS

Overview of AWS Security Groups

A security group acts as a virtual firewall for your EC2 instances to control incoming and outgoing traffic. Inbound rules control the incoming traffic to your instance, and outbound rules control the outgoing traffic. When you launch an instance, you can specify one or more security groups.

To get security group details from the ec2 instance, select the instance in the AWS console and select security.

Now click on the security groups, and you will be navigated to this page which has inbound and outbound rules.

Inbound rules control the incoming traffic to your instance, and outbound rules control the outgoing traffic.

Click on Edit inbound rules

Here the source is “Anywhere” (0.0.0.0/0 ). From “Anywhere” you can connect to this ssh service and this ec2 instance.

Now connect to the ec2 instance and verify the port

sudo service sshd status

Enter q to exit

To view the file which contains ssh behavior

sudo view /etc/ssh/sshd_config

Now let's delete the rule and try to connect to the instance

Click “delete” and select “save rules” to delete the rule.

Now let's try to connect to the ec2 instance

Let's try telnet

Telnet is a network protocol used to access a computer virtually and to provide a two-way, collaborative, and text-based communication channel between two machines.

It follows a user command Transmission Control Protocol/Internet Protocol (TCP/IP) networking protocol for creating remote sessions.

Now add the rule

Click on “Add rule” add ssh and source anywhere, and select save rules.

And now you can run the ssh command to connect the server

A detailed explanation of AWS Security Groups

Overview of Different Types of IP Addresses

You have 3 IP addresses. those are public IP address, private IP address, and localhost.

You can get details about the private IP address on any machine using the command IP addr

ip addr

public IP addresses are directly not connected to the ec2 instances, to access the public IP address check in the AWS ec2 console.

Localhost is an alias to a special IP address, a loopback device that TCP/IP applications can use to talk to themselves.” The default internal loop IP for the localhost is usually 127.0. 0.1.

for example, you want to connect to the local machine using ssh to see if you are able to talk to port 22 using localhost.

A detailed explanation of IP addresses

Install Apache Webserver on Ubuntu

To install any software on ubuntu based operating system one of the tools that can be used is “apt”. By using “apt” you can install, To run “apt” you should be a superuser or use sudo if the user has access to sudo.

To install the apache2 server in ubuntu

sudo apt install apache2

To validate the installation of apache2

sudo service apache2 status

To restart the apache2 service

sudo service apache2 restart

To stop the apache2 service

sudo service apache2 stop

To start the apache2 service

sudo service apache2 start

apache 2 application runs on port 80, you can connect to the application using telnet

You can also access the application locally using curl command

Accessing the application locally using “curl”

If you try to access the web application outside the ec2 instance it doesn't work, since you have not updated the security group.

To try accessing this web application in the ec2 instance you can use public IP4 public DNS. Now open a new tab and try http://ip4 public DNS

The application is not accessible even though the web server running on an ec2 instance as the security group is not updated to listen to port 80 it is not working.

A detailed explanation about installing the apache2 webserver

Update Security Group to access Apache Web Application

So to address the above issue is by updating the security group, so to update the security group.

Navigate to the ec2 instance in the AWS console and click on “Security”

Now click on security groups, and you will be navigated to this page

Now click on “Edit inbound rules”.

With this, you can access the application which is running inside the server from the external application the traffic is inbound in nature. you are getting the traffic from the external system into the server so it is considered inbound.

Edit inbound rules of selected security groups

Now click on “Add rule”.

Now select the type “HTTP”, Because you have set up the apache2 webserver.

By default, it will start the HTTP-based web application on port 80.

So choose HTTP and custom as “My IP” . so by choosing “My IP” you can access the web application only from this IP address. even if you share the public Ip address of the ec2 instance on which the web application is running cannot access it because you are restricting access.

Now click on “save rules”. you can validate it locally by using “telnet”

telnet public-ip address 80

This means you are able to listen to port 80 the remote host.

since telnet is working, Now open a new tab and search

http://ec2-publicip

As you have updated the inbound rules in security groups associated with the ec2 instance the application is accessible by both the telnet and the browser.

A detailed explanation about updating the security group to access the apache web application

Overview of Daemon or Background Processes and Ports

A daemon is a service process that runs in the background and supervises the system or provides functionality to other processes.

As of now, you have two daemon processes that are running on the remote machine sshd and apache2. The sshd is running by using port 22 and apache2 is running by using port 80.

For every daemon process that is running in the background, it is supposed to be accessed from the external systems. For that, you need to have ports open as part of the security groups.

As of now, you have two daemon processes, one is added by us which is apache2 and another is sshd which is there by default.

you can monitor this process by using the command