HIGH AVAILABILITY ARCHITECTURE WITH AWS CLI

The present generation is shifting to the online world and day by day cloud services are used at peak. AWS is one of the greatest cloud services to be used. In the world of automation AWS CLI is used widely on servers. Major advantage of AWS CLI is it helps us to access AWS services via our command line instead of going on AWS console.

AWS provides a useful service known as EBS(Elastic Block Storage) which is a block storage. EBS is used as a root drive where we install operating systems. In the current world our data is very important and to keep our data safe from losses we use extra storage(EBS) to save the data and can be retrieved back on sudden termination of an EC2 instance.

In this fast paced world data retrieving should be fast enough and people who are accessing our website may face some latency issues due to distance between client and provider. To enhance this process we use CloudFront service provided by AWS. CloudFront is a service in AWS which provides content delivery as a service. CloudFront helps us to host our website worldwide on AWS servers as a cache which is like an image stored in different AWS regions so clients can access the website(image) from the nearest Edge Location.

What is AWS ?

Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform, offering over 175 fully featured services from data centers globally. Millions of customers — including the fastest-growing startups, largest enterprises, and leading government agencies — are using AWS to lower costs, become more agile, and innovate faster.

What is AWS CLI ?

The AWS Command Line Interface (CLI) is a unified tool to manage your AWS services. With just one tool to download and configure, you can control multiple AWS services from the command line and automate them through scripts.

What is EBS ?

Amazon Elastic Block Store (EBS) is an easy to use, high performance block storage service designed for use with Amazon Elastic Compute Cloud (EC2) for both throughput and transaction intensive workloads at any scale.

What is S3 ?

Object storage built to store and retrieve any amount of data from anywhere. Get started with Amazon S3. Request more information. Amazon Simple Storage Service (Amazon S3) is an object storage service that offers industry-leading scalability, data availability, security, and performance.

What is CloudFront ?

Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds, all within a developer-friendly environment.

So lets begin this task !!

🔅 The architecture includes 🔅

• Create IAM User.
• Configure Profile for AWS CLI
• Create a Key Pair.
• Create a Security Group.
• Launch a EC2 Instance using the above Key Pair and Security Group.
• Create a EBS Volume of 1GB.
• Attach the above create volume to the Instance created.
• Configure a Webserver on EC2 Instance.
• Mount /var/www/html to the attached EBS volume (Block Device) to make the location persistent.
• Create S3 Bucket and place the static object in the bucket and make it publicly accessible.
• Create and setup Content Delivery Network using CloudFront using the origin domain of S3 bucket .
• Use the Cloud Front Domain in the webapp instead of S3 domain name for security and low latency during access.

Before starting our work we require you to set up your system to have a smooth sail throughout this article. Its gonna be a little long so stay with us and you will see it all working at the end.

Pre-requisites:

1. Install and Configure AWS CLI version 2.

Installing or updating the latest version of the AWS CLI

2. Create AWS IAM User.

Steps to Create AWS IAM User -

• Login to the AWS Management Console as a root user.

Cloud Computing Services - Amazon Web Services (AWS)

• Search for a IAM in AWS Services.

• Click on the users and then click on Add User.

• Enter unique Username, select Access Type based on the requirements, choose auto-generated password, uncheck Require password reset.

Access Type :-

Programmatic access — Enables an access key ID and secret access key for the AWS API, CLI, SDK, and other development tools.

AWS Management Console access — Enables a password that allows users to sign-in to the AWS Management Console.

• Click on Next Permission, then click Attach existing policies directly and select AdministratorAccess.

AdministratorAccess — Provide all the powers to users except billing.

• Click Next Tags and add appropriate tags. Ex — Name: TechBoutique

Note: There is no limit for tags, we can add n no. of tags.

• Review the User Permissions and click the Create User once user is created download the CSV contains Access Key ID and Secret Access Key.

Note: Keep the CSV safe, don’t share the Access Key ID and Secret Access Key with anybody.

Amazing! 👏 you are done with the pre-requisite setup.

Step 1

Configure the AWS Command Line Interface (AWS CLI) and specify the settings for interacting with AWS.

Here we will configure the AWS CLI for rest of the work.

• We will setup the AWS Access Key Id, present in the CSV downloaded during pre-requisite.
• We will setup the AWS Secret Access Key.
• We will setup the Default Region Name.
• We will setup the Default Output Format.

Note: This step we need to do only once.

# run only once and enter the details
aws configure

Step 2

Here we will create a new Key Pair using a AWS CLI, and save the private key(.pem) in a file which will be needed at the later point of time.

Key Pair — A key pair, consisting of a private key and a public key, is a set of security credentials that you use to prove your identity when connecting to an instance.

aws ec2 create-key-pair --key-name awscsakey --query "keyMaterial" > awscsakey.pem

Output

• Local File System

• AWS Management Console

Step 3

This step we will be creating a Security Group which we named as SecurityGroupForCLI.

Security Group — A security group acts as a virtual firewall for your instance to control inbound and outbound traffic. When you launch an instance in a VPC, you can assign up to five security groups to the instance.

aws ec2 create-security-group --description Security_group_using_AWS_CLI --group-name SecurityGroupForCLI

Output

Note: The Security Group is created but there is no inbound and outbound rules are attached by default .

Step 4

Once the security group is created, we need to add the rules for Inbound and Outbound, in our case we added the rules for inbound where we allowed all traffic from anywhere (entire world) using the AWS CLI.

aws ec2 authorize-security-group-ingress --group-id sg-0d489a16b56da793e --protocol  all --cidr 0.0.0.0/0

Output

Step 5

Now once the Key pair and Security Group is created and also the inbound and outbound rules are added, its a right time to create a AWS EC2 instance.

EC2 — Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides secure, resizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers.

To create the EC2 instance using the AWS CLI. We need the following information.

• Image Id
• Instance type
• Security Group Id
• Subnet Id
• Key Name

aws ec2 run-instances --image-id ami-052c08d70def0ac62 --security-group-ids sg-0d489a16b56da793e --instance-type t2.micro --subnet-id subnet-6b1b7027 --key-name awscsakey

Output

• Console/Terminal

• AWS Management Console

Cross check the instance details that we have used the above created resources.

Step 6

Now we will create the EBS volume of 1 GB to make our code persistent or safe the code from any loss. Create the EBS volume in the region where EC2 instance is created.

EBS(Elastic Block Storage) — Amazon Elastic Block Store (EBS) is an easy to use, high performance block storage service designed for use with Amazon Elastic Compute Cloud (EC2) for both throughput and transaction intensive workloads at any scale.

aws ec2 create-volume --availability-zone ap-south-1b --size 1 --volume-type gp2

Output

• Console/Terminal

• AWS Management Console

Step 6

Once we are ready with EC2 instance and EBS Volume, now we need to connect them with each other. For that we need the following information.

• Instance Id
• Volume Id

aws ec2 attach-volume  --instance-id i-0e898efb2e8844ce4  --volume-id vol-0cb41c3d139b8a9a8  --device /dev/xvdh

Great! 👏 you have created EC2 instance, EBS Volume and successfully attach them together.

Now we are going to setup Cloud Front for Content Delivery Network.

Step 7

Login to the EC2 instance using SSH Protocol in case of Linux. In case of Windows use Putty to do SSH to the EC2 instance.

# Change the permission of private key file.
chmod 400 awscsakey.pem
# SSH to EC2 instance using Private Key.
ssh -i "awscsakey.pem" ec2-user@ec2-13-232-153-64.ap-south-1.compute.amazonaws.com

Step 8

Now we need to format, partition and mount the connected EBS disk to the folder in a instance.

Check the partitions available in the instance.

# command to check the partitions available in the instances
fdisk -l

First we need to format the disk attached to the instance.

mkfs.ext4 /dev/xvdh

Second we need to create and configure the partitions.

# command to start partition process
fdisk /dev/xvdh# write the following options
# select p to the the details of the partitions available
p# select n to create a new partition
n# select p for the primary or e for extended partition
p# Select the number of partitions 1-4
1# Starting of the first sector, starting from 2048 as a default.
Press Enter without any changes# Ending of the sector, ending at 2097151 as default(entire size)
Press Enter without any changes# Press p to see the details of the partition
p

Check the partitions available in the instance.

# command to check the partitions available in the instances
fdisk -l

Third format the recently created partition.

mkfs.ext4 /dev/xvdh1

Step 9

Now it’s a time to setup the httpd server, for that first we need to install the httpd server using the following command.

dnf install httpd

Output

To check whether the httpd server is running run the following command.

systemctl status httpd

Step 10

Once the httpd server is setup, we need to mount the formatted partitions created in the step 8 to the /var/www/html to make the location persistent.

mount /dev/xvdh1 /var/www/html

So, whatever we will store in /var/www/html location will be stored in 1GB EBS volume. So, in any failure we can easily retrieve the data.

Step 11

For store any object like images, videos, files etc we need to use S3 bucket. S3 is a global service we need not to worry about the region where to create. To create the same we need to run the following command.

aws s3api  create-bucket  --bucket arth-task-6-1523  --region ap-south-1   --create-bucket-configuration LocationConstraint=ap-south-1

Output

Once the bucket is ready, store some images or any data which you want to show or use in your website or web-application and provide the public access to it.

Step 12

For showing our website we need to create a code base for our website and then copy the files to /var/www/html, as httpd server reads the file from the same folder.

• change the dir to /var/www/html, create index.html and copy the below code.

# change to root user
sudo su 
cd /var/www/htmlvi
 index.html
# copy the code
# press esc
:wq# press enter

• restart the httpd server.

# restart the server
systemctl restart httpd
# html code
<!DOCTYPE html>
<html>
 <head>
  <meta name="viewport" content="width=device-width, initial-scale=1">
  <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">
<style>
.fa {
   padding: 20px;
     font-size: 30px;
       width: 30px;
         text-align: center;
    text-decoration: none;
      margin: 5px 2px;
        border-radius: 50%;
}.fa:hover {
     opacity: 0.4;
}
.fa-github {
   background: #24292E;
     color: white;
}
.fa-linkedin {
   background: #007bb5;
     color: white;
}
.fa-instagram {
   background: #125688;
     color: white;
}
.fa-medium {
   background: #117A65;
     color: white;
}
.fa-rss {
   background: #808080;
     color: black;
}img {
   border-radius: 50%;
}
.a {
 opacity: 0.9
 background: #808080;
}
</style>
 </head>
 &nbsp
 <p>
 <body bgcolor="white" class=a>
  <center><img src="http://d20poq3ti3l95r.cloudfront.net/TechBoutique.jpg" alt="Sami" style="width:200px">
   <h2><font face = "Verdana" size = "6">TechBoutique Automation Hub</font></h2>
   <h4><font face = "Verdana" size = "4">Blogger || Arth Learner || Developer </font></h4>
  </center>
        
 </body>
 </body>
</html>

Step 13

Finally after the completion of the previous steps its a time to move to the last step to create CloudFront and use the Cloud Front Domain to our code. For creating the cloudfront we need s3 domain.

aws cloudfront create-distribution  --origin-domain-name  arth-task-6-1523.s3.amazonaws.com

Output

Now use the CloudFront domain in place of s3 domain in image tag of html code.

Now access the website using the public domain or public ip of the EC2 instance.

Hurray!! you have successfully completed the entire process.