AWS CLOUDFRONT SETUP

 

AWS NEW BLOG


πŸ‘‰ Everything is done by AWS CLI

πŸ‘‰ Each change is shown in this Blog.



πŸ”° Create High Availability Architecture with AWS CLI πŸ”°


πŸ”…The architecture includes- 

- Web Server configured on EC2 Instance

- Document Root(/var/www/html) made persistent by mounting on EBS Block Device.

- Static objects used in code such as pictures stored in S3

- Setting up a Content Delivery Network using CloudFront and using the origin domain as an S3 bucket. 

- Finally, place the CloudFront URL on the web app code for security and low latency.


AWS - Amazon Web Services is a Public Cloud Service by Amazon Company.

πŸ‘‰ AWS provides Infrastructure As A Service, Platform As A Service, and Software As A Service.

πŸ‘‰ In This Task, I am going to use AWS CLI, EC2, EBS, S3, Cloudfront.

πŸ‘‰ AWS Provides High Availability, Isolation, and Security of services used by us.

πŸ‘‰ AWS Provides each service with minimal cost.

πŸ‘‰ AWS works on a pay-as-we-go model.


PUBLIC CLOUD - Public cloud allows us to use the provider’s Resources on Rent.


EC2 - Elastic Compute Cloud -> EC2 provides a compute unit to the tenant. By using EC2 a tenant launches Bootable Instance within seconds. EC2 provides a good service while working in a company. We need to install and uninstall Operating Systems many times but due to AWS fast service, we can do this thing fastly with addons.

πŸ‘‰ Provides RAM + CPU

πŸ‘‰ Create a Security Group

πŸ‘‰ Create Key

πŸ‘‰ Generate Elastic IP

πŸ‘‰ many more


EBS - Elastic Block Storage -> Block storage is used to store data and we can launch an operating system on it.EBS is a kind of pen drive which can be removed from one operating system and attached to another.


S3 - Simple Storage Service -> S3 is an Object Storage which stores data permanently but we can’t install an Operating system on On=bject Storage. The daily example of Object Storage is Google Drive. 


CloudFront - It is a Content Delivery Network As A Service that provides edge locations to store caches for low latency.It requires an origin means storage which can store data so that by accessing that it will create caches for good user experience.


So let’s get started!!


______________________________


THE MOST POWERFUL COMMAND IN AWS CLI -

aws help” is the very helpful command I used for this task. 

______________________________


AWS CONFIGURE -

Before starting anything we need to configure. The configuration is done by us because it will connect our Command-Line to AWS IAM User Account so that we can launch our services there.

aws configure ” is the command for configuration.


______________________________


KEY PAIR -

We need to generate a keypair because when we launch an instance it needs a key. Now why key not any password?? The Key is used by the machine to login to the instance so that we can perform our task there.

It is the same as for every Lock there is a Key so here Lock Resembles Instance and Key is our Private Key.


This is the Command for generating key and storing on our given location for local P.C.->

aws ec2 create-key-pair --key-name MyKey --query "KeyMaterial" --output text > MyKey.pem



The Key is Created.


______________________________


SECURITY GROUP -

Security Group is very important in AWS as this is the best way to provide security to our instance. The security group has two rules - Ingress and egress. Ingress means allow only those IP which is allowed by admin and egress means instance can access only those IPs which are allowed by admin.


aws ec2 create-security-group --group-name myRule --description "security group for task" --vpc-id vpc-939d80fb” -> This is the command to create a security group but there is one issue that it only gives egress rule as allowing all traffic but does not give any ingress rule so we have to create an ingress rule.


Security Group is Created.


aws ec2 authorize-security-group-ingress --group-name myRule  --protocol tcp --port 22 --cidr 0.0.0.0/0 ” -> This is the command to create an ingress rule for above created security group to allow SSH in instance.



Rule is Created.


“>aws ec2 authorize-security-group-ingress --group-name myRule  --protocol tcp --port 80 --cidr 0.0.0.0/0” -> This is the command to create an ingress rule for the above-created security group to allow HTTP in an instance.



The rule is created.


______________________________


EC2 INSTANCE -

For web server configuration we require an instance so the command to launch a instance is “ aws ec2 run-instances --image-id ami-0e306788ff2473ccb --count 1 --instance-type t2.micro --key-name MyKey --security-group-ids sg-08f468e03ce8fbdbb --subnet-id subnet-73e0da1b ”. In this instance I have used the created Key and Security Group. 


Now to give a tag to my instance i have used this command “ aws ec2 create-tags --resources i-0264e8c0a7598f838 --tags Key=Name,Value=MyInstance  ”



Instance is created.


Volume is Created.


______________________________


SSH -

For entering into any instance from Windows/Linux command line we use SSH.SSH is used to do Remote Login into the O.S.

The command used is “ ssh -l ec2-user -i MyKey.pem 15.206.116.178


______________________________


EBS VOLUME -

By default one 8Gib volume is attached to EC2 Instance where the instance is installed and that root volume is the main drive aka “/”. But when instances corrupt the only drive that surely gets corrupt with it is Root so to secure the data from corruption EBS Volume is made and mounted to a folder.

The command to create EBS Volume is “ aws ec2 create-volume --availability-zone ap-south-1a  --volume-type gp2  --size 1 ”.



Volume is Created but not attached.



Now it is just created not attached to EC2 Instance So we need to attach it to EC2 Instance by this command “ aws ec2 attach-volume --volume-id vol-0509b3cb61afb5f42 --instance-id i-071d7b410c0f5a9d6 --device /dev/sdf ” 



Now Volume is attached to the instance.


Instance is successfully launched and also volume is attached.


______________________________


PARTITION -

We have successfully attached 1 Gib EBS Volume to EC2 Instance So we have to follow 3 steps now so that we will mount 1 Gib Volume to /var/www/html directory.

πŸ‘‰PARTITION

πŸ‘‰ FORMAT

πŸ‘‰ MOUNT


First check how many volumes are attached to this instance by the command “ fdisk -l



πŸ‘‰ PARTITION

The command to do partitioning is “ fdisk  /dev/xvdf” 



By entering “m” will open more options in front of you.



Press “n” to create a new partition.


Press “p” to create the primary partition.


Press “w” to save the partition made.


See the partition is created.


πŸ‘‰ FORMAT

mkfs.ext4 /dev/xvdf1 ” is the command to format the partition.



Before mounting, install httpd which is Apache Tool to make an instance as a web server.

The command to install httpd is “ yum install httpd -y


πŸ‘‰ MOUNT 

/var/www/html is by default a folder made by httpd as this is the main folder which is accessed by httpd while launching the website.

The command to mount partition is “mount /dev/xvdf1 /var/www/html


By “df -h” command you can see that /var/www/html is mounted to /dev/xvdf1.

______________________________



S3 - 

S3 here is used to store static files that are used in websites. AWS gives high Availability and Durability Guarantee on S3.

The Command to create S3 Bucket is “ aws s3api create-bucket --bucket manalibucket --region ap-south-1 --create-bucket-configuration LocationConstraint=ap-south-1



The bucket is Created.

aws s3 ls”  command is used to see how many buckets are present in s3.


The command to upload object in s3 is  “ aws s3 sync "C:\Users\Manali Jain\Desktop\AWS+ARTH task\Task key\image" s3://manalibucket



______________________________


CREATE A FILE -

Now create an HTML file so that it will be publicly accessible but the image URL used is of S3.

NOTE - create your program file in /var/www/html directory as httpd by default access that folder files.


This is the code that contains the S3 object URL.


Now start httpd as this is very important otherwise you will not be able to see your page.


Oh, where is the image??

Not to worry we forgot to make S3 Object Public Readable.

______________________________


S3 OBJECT PUBLIC READ-

Make S3 Object Publicly readable.

Now to make the object publicly readable use this command “ aws s3api put-object-acl --bucket manalibucket --key aws.png --acl public-read



Now you can see it publicly Visible.

______________________________


CloudFront - 

CloudFront plays a very important role in low latency. When the origin is far from the client then edge location is used to store cache so that it will be fastly accessible. As in CloudFront, we can set Time To Live [TTL] so that only for that time cache will be stored in edge location. Caches are temporary in nature.

The command to create CloudFront is “ aws cloudfront create-distribution --origin-domain-name manalibucket.s3.amazonaws.com --default-root-object aws.png


Distribution is Created.


I have accessed bit by this Url -

And you can see how the URL changed to the origin URL.


______________________________


CHANGE THE CODE URL TO CloudFront URL-


And now it's visible.

Comments

Post a Comment

Popular posts from this blog

HOW GOOGLE USES MACHINE LEARNING ??

Image
πŸ‘‰ MACHINE LEARNING  Humans have brains which means they can answer that question also whose answer is not known to them but how a human is able to answer it's just because he has a natural intelligence and past experience which helps them to predict the answer but the computer is hardware then how to give the brain to it ?? What do humans have? πŸ‘‰ Brain πŸ‘‰ Experience πŸ‘‰ Lots of data πŸ‘‰ Prediction power πŸ‘‰ The habit of not saying “no” What computers do not have? πŸ‘‰ Brain πŸ‘‰ Prediction Power πŸ‘‰ the answer to that question whose data does not exist. MACHINE LEARNING - It is an application of ARTIFICIAL INTELLIGENCE which provides machines to automatically learn and improve through experience. The more data brings more experience to the robot without explicitly programmed. It is of four types -   πŸ‘‰ SUPERVISED LEARNING - Supervisor means an instructor who instructs to do something. In supervised learning, the labeled data is used to train the computer for future prediction. Sentim
Read more

Terraform Replica Set Code

Image
                   TERRAFORM REPLICA SET KUBERNETES - Kubernetes is an open-source container orchestration system that manages the PODs 24 X 7. It Automatically Deploys, Scales, and is fault-tolerant.  REPLICA SET- Replica Set is used to make the replicas of PODs that are deleted. Replica Set uses Set Based Selector and Equality Based Selector. Replica Set is a New Version Of Replication Controller. TASK - Make a service that keep eye on PODs. Terraform code for Replica Set TERRAFORM CODE FOR SERVICE - This Kubernetes Service is used to access the PODs’ work by the tag. The Port took is 80 so that it will be publically accessible. TERRAFORM DEPLOYMENT CODE- Terraform Deployment Resources not only deploys the POD but also make a replica set. The "replica" taken is 3 and "match_labels" is "Equality Based Selector".The Image taken from the link . INITIALIZE TERRAFORM- The command “terraform init” will initialize the terraform and download all the releva
Read more