Let's see how we can access AWS S3 (Simple Storage Services) bucket, and save file on it with aws command.
Also we will check that we can display saved image on S3 bucket referred by web page.
On this tutorial, we use below environment:
FYI:
S3 offers a robust and scalable storage service, and you can check further details of S3 on here.
Let's take a look each steps.
Check s3 bucket is being created and make it public.
Create s3 access role and attache it to EC2 instances.
Put an image file to the bucket.
Make the image file public on s3 console.
Get object URL of the image file.
Edit html file and refer the image by img tag.
Access to the web server, and check if the image is displayed.
Please take a look an actual operation on following video.
Let's see how we can construct high availability web server environment with the use of Loadbalancer on AWS.
The environment would be like below:
The users http requests is to be handled by Loadbalancer (WebLB01) which is exposed to public internet, and the handled requests passed to member servers under the Loadbalancer.
As two web servers are assigned, any visitors will not be affected even if one of them goes down.
First of all, two web servers must be prepared, it would be achieved by creating instance from the AMI image of previous session.
Let's take a look each steps of provisioning of Loadbalancer.
Check required instances and RDS are ready for this tutorial.
Navigate your self to "Load Balancers" section on left pane of EC2, and hit create "Load Balancer".
Select Classic Loadbalancer for this time.
Define Loadbalancer name, open HTTP port and assign subnets.
Assign security group.
Health check configuration uses default setting.
Assign EC2 instances to the Loadbalancer.
Make sure the Loadbalancer is facing to the internet.
After provisioned Loadbalancer, it would take a while the status of assigned instances to be availabled. Be patient.
After the instances get inservice status, you can check how the Loadbalancer allocate requests to each servers.
One important thing is that classic Loadbalancer do not keep the session on default. So that you need to set "stickiness" to be enabled.
Navigate yourself to Loadbalancer page and find "Port Configuration" on "Description" tab.
Hit "Edit stickness", then tick "Enable load balancer generated cookie stickness.
You finally see the Loadbalancer handles web session.
And also try to shutdown one of EC2 instance, and see how the requests to be handled by Loadbalancer.
Please take a look an actual operation on following video.
Let's see how we can create a spanshot of particular EC2 instance, and launch EC2 instance from create image.
We will take the snapshot of WebServer_01, and launch an EC2 instance as WebServer_02.
Navigate your self to Snapshots page on EC2, and create Snapshot.
It's going to take a while to create snapshot, please be patient.
After take the snapshot, you need to create an image for launching EC2 instance.
Now you can find the image is regisitered on AMIs page.
Let's launch another web server EC2 instance from created image.
You can access to another launched web server via assigned IPv4 address.
Let's also check if the web server is getting requests from outside.
Please take a look an actual operation on following video.
This time I will launch first Amazon RDS to replace existing mySQLserver on Subnet_02 which was created on previous session.
RDS is a database service available in AWS, and you can choose various types of database platform, such as mySQL, MS-SQL, Oracle or DynamoDB.
Using RDS means that you are free from launching EC2 instance, such as Linux / Windows for setting up database.
I will launch free version of RDS and choose mySQL as database platform,
and try to connect from web server sitting on Subnet_01.
Followings are brief description of each steps.
Navigate to RDS console.
Hit "Create Database" and make basic settings, such as choose database or set master user and password etc.
It will take a while to boot up the database.
Confirm DNS name assigned and login from each EC2 instances.
By default, security groups for your RDS needs to be corrected, otherwise you will not be able to connect and login to the database from remote servers.
After you confirm the connectivity has no problem, then try to login from phpMyAdmin via internet access. Don't forget to update your config.inc.php file with correct host name.
Let's create simple AWS VPC with two subnets and two instances.
The structure is that an web server is exposed to public, and the server is connected to mySQL server which resides on another network segment within VPC.
Here is an image:
And followings are brief glossary for each AWS resources.
VPC
Virtual Private Cloud is an on-demand configurable pool of shared computing resources allocated within a public cloud environment.
You define / design network segments, and deploy EC2 instances on VPC.
Subnets
Segmented network within VPC.
Appropriate route table setting is needed for connecting with other subnets or gateways.
Internet gateway
The gateway which your deployed servers access to the internet.
NAT gateway
The gateway provides the internet access to your servers resides on private subnet.
EC2 instance
Servers which are created from particular images.
Security group
Firewall setting associated with EC2 instance.
SG's are stateful.
Example: If you allow an incoming port 80, the outgoing port 80 will be automatically opened.
Network ACL
Firewall setting associated to with subnets.
Unlike SG, network ACL is stateless.
1. I am showing a video how we can setup VPC and two subnets.
2. Secondary, we provision an EC2 instance for web server.
I used following commands for setting up web service on provisioned EC2 instance.
mkdir phpMyAdmin && tar -xvzf phpMyAdmin-latest-all-languages.tar.gz -C phpMyAdmin --strip-components 1
3. Next step is to provision EC2 instance for mySQL.
Since the instance is sitting on private subnet, NAT gateway and route table setting should be implemented for providing subnet_02 internet connection.
Here is a set of commands for initial setup for mySQL.
sudo yum install -y mysql57-server
sudo service mysqld start
sudo mysql_secure_installation
sudo chkconfig mysqld on
4. Finally, we add required security group settings on subnet_02, and we can access to phpMyAdmin page via web browser with assigned global IP address.
