In this article, I am going to create a highly available web site for EC2 instances with a custom VPC in 3 public subnets using Amazon's built-in capabilities such as Application Load Balancer, Availability zones and an Auto-Scaling group.
You can find all the projects related to EC2, in my GitHub Repository.
Let's get started!
Objectives:
- A Custom VPC, 3 public subnets in 3 Availability Zones for High Availability
- Create a Key Pair, a Security Group
- A launch template for EC2 instances
- Create an Auto scaling Group with a minimum of 2 EC2 instances and maximum of 5.
- Create one Target Group and register both the EC2 instances.
- Add an Application Load Balancer. Ensure the launch template includes an EC2 instance that has a web server
- Attach the Load Balancer to the Auto scaling group
- Terminate 1 EC2 Instance to show how Auto scaling works
- Cleanup
- What we have done so far
Pre-Requisites:
- An AWS Account (not root account)
- An IAM user with an admin privileges
Resources Used:
Know how to create EC2 instances, Sub Groups, and Key pairs.
I have referred the AWS documentation to create Custom VPCs and setting up Auto-scaling coupled with Application Load Balancer.
Steps for implementation of this project:
A Custom VPC, 3 public subnets in 3 Availability Zones for High Availability
On the AWS Management Console
VPC Dashboard
Navigate to VPC
Click Create VPC from the top
Under VPC settings - VPC and more
Auto-generate - check and name "project"
IPv4 CIDR block - set to 10.0.0.0/16
Number of Availability Zones (AZs) - 3
Number of public subnets - 3
Number of private subnets - 0
DNS options
- Enable DNS hostnames to get IPV4 addresses
- Enable DNS Resolution to get the hostnames provisioned automatically
Click Create VPC
Click View VPC
Create Key Pair
From the AWS Management Console
On the EC2 Dashboard
On the side bar, under Network & Security
Click Key Pairs
Click Create Key Pair
Under Create key pair
Name - project-KP
Take default settings
Click Create Key pair
Create Security Group
A security group acts as a virtual firewall for your EC2 instances to control incoming and outgoing traffic.
From the AWS Management Console
On the EC2 Dashboard
On the side bar, under Network & Security
Click Security Groups
Click Create security group
Under Basic details
Security group name - project-WebSG
Description - project-WebSG
VPC - select project-VPC
Inbound rules
Add rule
- open ports 80 (HTTP) and 22 (SSH) to outside 0.0.0.0/16
- acts as a virtual firewall for your EC2 instances to control incoming and outgoing traffic
Take the default settings
Click Create security group
Launch Template
Create a launch template that contains the configuration information which will be later used in Auto-Scaling Group to launch an EC2 instance, with a policy to scale in or out depending on demand with a minimum of 2 instances and a maximum of 5.
I have referred the AWS documentation for — How to create a Launch Template
From the AWS Management Console
On the EC2 Dashboard
On the side bar, under Instances, click Launch Templates
Click Create launch template
Under Launch template name and description
Launch template name - project-TMPL
Under Application and OS Images (Amazon Machine Image)
Select Amazon Linux - Amazon Linux 2 AMI
Instance type - t2.micro
Key pair (login) - project-KP
Under Firewall (security groups)
Select existing security group - checked
Select existing security group — project-WebSG
Under Advanced network configuration
Auto-assign public IP - Enable
Take default settings
Click Create Launch Template
Create Auto-scaling Group
I have referred the AWS documentation for — How to Create Auto-scaling Group
From the AWS Management Console
On the EC2 Dashboard
On the side bar, under Auto Scaling
Click Auto Scaling Groups
Click Auto Scaling group
Under Choose launch template or configuration
Under Name
Auto Scaling group name - project-ASG
Under Launch template
select Launch Template — project-TMPL
Click Next
Under Network
Under vpc
Select - project-vpc
Under Availability Zones and subnets
Select 3 Public subnets in 3 different Availability Zones
- project-subnet-public1-us-east-1a 10.0.0.0/20
- project-subnet-public2-us-east-1b 10.0.16.0/20
- project-subnet-public3-us-east-1c 10.0.32.0/20
Click Next
Under Additional settings - optional
Under Monitoring
Enable group metrics collection within CloudWatch - check
Click Next
Under Configure group size and scaling policies
Under Group size
- Desired capacity - 2
- Minimum capacity - 2
- Maximum capacity - 5
Under Scaling policies - optional
Target tracking scaling policy - check
Take default settings
Click Next/Next/Next
Review
Create Auto Scaling group
Auto scaling group — details
Click Activity tab
Activity History - 2 minimum EC2 instances launched successfully
On the EC2 Dashboard
Click Instances on the side bar
To see 2 minimum EC2 instances are being launched
Their Instance state shows “Running”
In different Availability zones — us-east-1b and us-east-1c
Create Target Group
I have referred the AWS documentation for — How to create Target Group
As per Amazon "You register your targets with a target group. By default, the load balancer sends requests to registered targets using the port and protocol that you specified for the target group."
From the AWS Management Console
On the EC2 Dashboard
On the side bar, under Load Balancing
Click Target Groups
Click Create Target group
Under Basic configuration
Choose a target type - Instances
Target group name - project-TG
VPC - project-vpc
Under Advanced health check settings
Healthy threshold - 3
Unhealthy threshold - 2
Timeout - 5
Take default settings
Click Next
Under Register targets
Under Available instances (2)
Check — 2 Available EC2 Instances to be registered to Target Group in us-east-1b and us-east-1c
Click “Include as pending below” to be registered to Target Group
Click Create Target group to finish registering the EC2 Instances to the Target Group
The Instances show “unused” till we assign this Target Group to the Application Load Balancer
Create Application Load Balancer
I have referred the AWS documentation for — How to create Application Load Balancer
From the AWS Management Console
On the EC2 Dashboard
On the side bar, under Load Balancing
Click Load Balancers
Click Create Load Balancer
Under Select load balancer type
For Load balancer types
Application Load Balancer - click Create
Under How Application Load Balancers work
Under Basic configuration
Load balancer name - project-ALB
Scheme - Internet-facing
Take defaults
Under Network mapping
VPC - select project-vpc
Check
- us-east-1a
- us-east-1b
- us-east-1c
Security groups - select project-WebSG
Under Listeners and routing
Under Listener HTTP:80
Default action - select project-TG
Take default settings
Click Create load balancer
Takes 3-5 min to see the status of Application Load Balancer as "active"
Validate to see 2 EC2 Instances registered to the Target Group
- project-TG
Attach the Load Balancer to the Auto scaling group
From the AWS Management Console
On the EC2 Dashboard
On the side bar, under Auto Scaling
Click Auto Scaling Groups
Check project-ASG - Edit
Under Edit project-ASG
Under Load balancing
For Load balancers
Check - Application, Network or Gateway Load Balancer target groups
Select Target Group - project-TG
Click Update
Under Activity History of Target Group - project-TG
the Instances are successfully launched
I lost the Internet connection. So created the same infrastructure again. Now the 2 EC2 instances are in us-east-1a and us-east-1b.
Now terminate 1 EC2 Instance to show how Auto scaling works
Click EC2 Instance in us-east-1a
Actions
Click Terminate instance
EC2 Console showing EC2 Instance in us-east-1a Terminated, us-east-1b is “Running”
Auto scaling group, Activity history showing EC2 Instance in us-east-1a Terminated
EC2 Console showing a NEW 2nd EC2 instance in a different AZ — us-east-1c
Auto scaling group launching a NEW 2nd EC2 instance — can be seen in ASG Active History
Cleanup:
- Delete the AWS resources after it is complete
Delete Autoscaling Group
Application Load balancer
Tatget Group
VPCs
Terminate EC2
What we have done so far:
Created a highly available web site for EC2 instances with a custom VPC in 3 public subnets using Amazon's built-in capabilities such as Application Load Balancer, Availability zones and an Auto-Scaling group.
Top comments (0)