AWS High Availability Architecture with CLI

Vikash kaushik
10 min readNov 1, 2020
cloudfront structure

Here we gonna create high availability arch. with cli

🔰 Create High Availability Architecture with AWS CLI 🔰

🔅The architecture includes-

- Web Server configured on EC2 Instance

- Document Root(/var/www/html) made persistent by mounting on EBS Block Device.

- Static objects used in code such as pictures stored in S3

- Setting up a Content Delivery Network using CloudFront and using the origin domain as S3 bucket.

- Finally place the CloudFront URL on the webapp code for security and low latency.

AWS — Amazon Web Services is a Public Cloud Service by Amazon Company.

👉 AWS provides Infrastructure As A Service, Platform As A Service, and Software As A Service.

👉 In This Task I am going to use AWS CLI,EC2 ,EBS, S3,Cloudfront.

👉 AWS Provides High Availability,Isolation and Security of services used by us.

👉 AWS Provide each service with minimal cost.

👉 AWS works on a pay-as-we-go model.

PUBLIC CLOUD — Public cloud allows us to use provider’s Resources on Rent.

EC2 — Elastic Compute Cloud -> EC2 provides a compute unit to the tenant.By using EC2 a tenant launches Bootable Instance within seconds. EC2 provides a good service while working in a company. We need to install and uninstall Operating Systems many times but due to AWS fast service we can do this thing fastly with addons.

👉 Provides RAM + CPU

👉 Create Security Group

👉 Create Key

👉 Generate Elastic IP

👉 many more

EBS — Elastic Block Storage -> Block storage is used to store data and we can launch an operating system system on it.EBS is a kind of pen drive which can be removed from one operating system and attached to another.

S3 — Simple Storage Service -> S3 is an Object Storage which stores data permanently but we can’t install an Operating system on On=bject Storage.Daily example of Object Storage is Google Drive.

CLOUDFRONT — It is a Content Delivery Network As A Service which provides edge locations to store caches for low latency.It requires an origin means a storage which can store data so that by accessing that it will create caches for good user experience.

So let’s get started!!

______________________________

THE MOST POWERFUL COMMAND IN AWS CLI -

“aws help” is the very helpful command I used for this task.

______________________________

AWS CONFIGURE -

Before starting anything we need to configure. Configuration is done by us because it will connect our Command Line to AWS IAM User Account so that we can launch our services there.

“ aws configure ” is the command for configuration.

_____________________________

KEY PAIR -

We need to generate a keypair because when we launch an instance it needs a key.Now why key not any password?? Key is used by the machine to login into the instance so that we can perform our task there.

It is the same as for every Lock there is a Key so here Lock Resembles Instance and Key is our Private Key.

This is the Command for generating key and storing on our given location for local P.C.->

“ aws ec2 create-key-pair — key-name vk_key— query “KeyMaterial” — output text > vk_key.pem”

The Key is Created.

______________________________

SECURITY GROUP -

Security Group is very important in AWS as this is the best way to provide security to our instance.Security group have two rule — Ingress and egress.Ingress means allow only those IP which is allowed by admin and egress means instance can access only those IPs which are allowed by admin.

“ aws ec2 create-security-group — group-name vkrule — description “sg for perform task” — vpc-id vpc-de130aa4” -> This is the command to create a security group but there is one issue that it only give egress rule as allow all traffic but does not give any ingress rule so we have to create an ingress rule.

Security Group is Created.

“ aws ec2 authorize-security-group-ingress — group-name vkrule — protocol tcp — port 22 — cidr 0.0.0.0/0 ” -> This is the command to create an ingress rule for above created security group to allow SSH in instance.

Rule is Created

“>aws ec2 authorize-security-group-ingress — group-name vkrule — protocol tcp — port 80 — cidr 0.0.0.0/0” -> This is the command to create an ingress rule for above created security group to allow HTTP in instance.

Rule is created

EC2 INSTANCE -

For web server configuration we require an instance so the command to launch a instance is “ aws ec2 run-instances — image-id ami-0947d2ba12ee1ff75 — count 1 — instance-type t2.micro — key-name vk_key — security-group-ids sg-0d1aad5f3c2cc3100 — subnet-id subnet-69df120f ”. In this instance I have used the created Key and Security Group.

Now to give a tag to my instance i have used this command “ aws ec2 create-tags — resources i-0ea9eaaf6902c6e8a — tags Key=Name,Value=vk”

Instance is created.

______________________________

EBS VOLUME -

By default one 8Gib volume is attached to EC2 Instance where the instance is installed and that root volume is the main drive aka “/”. But when instances corrupt the only drive that surely gets corrupt with it is Root so to secure the data from corruption EBS Volume is made and mounted to a folder.

The command to create EBS Volume is “ aws ec2 create-volume — availability-zone us-east-1a — volume-type gp2 — size 1 ”.

Volume is Created but not attached

Now it is just created not attached to EC2 Instance So we need to attach it to EC2 Instance by this command “ aws ec2 attach-volume — volume-id vol-0509b3cb61afb5f42 — instance-id i-0ea9eaaf6902c6e8a— device /dev/sdc ”

Now Volume is attached to the instance.

Instance is successfully launched and also volume is attached.

SSH -

For entering into any instance from Windows/Linux command line we use SSH.SSH is used to do Remote Login into the O.S.

The command used is “ ssh -l ec2-user -ivk_key.pem 54.83.171.103 ”

______________________________

PARTITION -

We have successfully attached 1 Gib EBS Volume to EC2 Instance So we have to follow 3 steps now so that we will mount 1 Gib Volume to /var/www/html directory.

👉PARTITION

👉 FORMAT

👉 MOUNT

First check how many volumes are attached to this instance by the command “ fdisk -l ”

👉 PARTITION

The command to do partitioning is “ fdisk /dev/xvdc”

By entering “m” will open more options in front of you.

Press “n” to create a new partition.

Press “p” to create the primary partition.

Press “w” to save the partition made.

See the partition is created

👉 FORMAT

“ mkfs.ext4 /dev/xvdc1 ” is the command to format the partition.

Before mounting, install httpd which is Apache Tool to make an instance as a web server.

The command to install httpd is “ yum install httpd -y”

👉 MOUNT

/var/www/html is by default a folder made by httpd as this is the main folder which is accessed by httpd while launching the website.

The command to mount partition is “mount /dev/xvdc1 /var/www/html”

By “df -Th” command you can see that /var/www/html is mounted to /dev/xvdc1.

______________________________

S3 -

S3 here is used to store static files which are used in websites . AWS gives high Availability and Durability Guarantee on S3.

The Command to create S3 Bucket is “ aws s3api create-bucket — bucket vk-ka-bucket — region ap-south-1 — create-bucket-configuration LocationConstraint=ap-south-1 ”

Bucket is Created.

“ aws s3 ls” command is used to see how many buckets are present in s3.

The command to upload object in s3 is “ aws s3 sync “C:\Users\VIKASH KAUSHIK\Desktop” s3//vk-ka-bucket/

______________________________

CREATE A FILE -

Now create a HTML file so that it will be publicly accessible but the image URL used is of S3.

NOTE — create your program file in /var/www/html directory as httpd by default access that folder files.

This is the code which contains S3 object URL.

Now start httpd as this is very important otherwise you will not be able to see your page.

Oh where is the image??

Not to worry we forgot to make S3 Object Public Readable.

S3 OBJECT PUBLIC READ-

Make S3 Object Publicly readable.

Now to make the object publicly readable use this command “ aws s3api put-object-acl — bucket vk-ka-bucket — key 24929.jpg — acl public-read ”

Now you can see it publicly Visible.

______________________________

CLOUDFRONT -

CloudFront plays very important role for low latency.When origin is far from client then edge location is used to store cache so that it will be fastly accessible.As in cloudfront we can set Time To Live [TTL] so that only for that time cache will be stored in edge location.Caches are temporary in nature.

The command to create cloudfront is “ aws cloudfront create-distribution — origin-domain-name vikash-ka-bucket.s3.amazonaws.com — default-root-object 24929.jpg ”

Distribution is Created.

I have accessed bit by this Url -

and you can see how the URL changed to the origin URL.

______________________________

CHANGE THE CODE URL TO CLOUDFRONT URL-

And now it’s visible.

Thankyou for reading this . Hope you like this and feel free to make your queries in comment.

--

--