DEV Community: Uwadone Joshua

Implement a GitLab CI pipeline to deploy a Spring Boot app.

Uwadone Joshua — Tue, 28 Oct 2025 07:40:13 +0000

A complete, step-by-step guide to implement a GitLab CI/CD pipeline to:

✅ Deploy a Spring Boot Java application
✅ Use a specific GitLab Runner on an EC2 t2.medium instance with Docker executor
✅ Use Maven Docker image for builds
✅ Host a SonarQube dashboard on the same EC2 instance

🔧 PREREQUISITES
GitLab account and repository (your Spring Boot app should be in GitLab)
AWS EC2 instance (Ubuntu 22.04 LTS, t2.medium, security group open to ports 22, 8080, 9000, and 22)
A domain/subdomain (optional) if you want to expose SonarQube externally.

STEP 1: Launch & Prepare EC2 Instance
First, you need to fork the source code of this project from my GitLab repo. You can download it into your local machine by running the command git clone https://gitlab.com/uwadon1/Jenkins-Zero-To-Hero.git, and then cd into the directory.

a. Launch an Ubuntu EC2 (t2.medium)
Navigate to the AWS console and launch an instance. We will launch an Ubuntu instance that will serve as the runner, and give it the name "Gitlab-server" and select the AMI server to be Ubuntu Server 22.04 LTS

We will select the instance type t2.medium and make use of an existing keypair named "devopsapp" and leave the network settings as default.

We will leave the other options as default and click launch instance (we will leave the Security group setting for now and come back to make necessary adjustments to our S.G)

We will navigate to the SG overview page to make the manual adjustments to our security group settings to allow necessary traffic.
We will open the following traffic and allow access to IPv4 anywhere:
22 (SSH)
80 (Http)
443 (Https)
9000 (SonarQube)

b. SSH into the instance
Now we will SSH into the instance we just created, using the command below:
ssh -i ~/.ssh/devopsapp.pem ubuntu@35.91.67.242
(Ensure to replace with your instance IP address)

c. Update and install dependencies
We will first need to update the instance and install Docker using the command sudo apt update

We will also install Docker using the command
sudo apt install docker.io

Next, we will install JDK, which is a prerequisite for installing Jenkins, using the command

sudo apt install openjdk-17-jre
Sudo apt update
sudo apt install openjdk-11-jre

STEP 2: Set up and Configure SonarQube on EC2
To install SonarQube, we need to ensure Java is already installed.
The next thing we will have to do is move to the root directory, so that we can have admin privileges, using the commands below:

sudo su -
apt install unzip

adduser sonarqube
sudo su - sonarqube

wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-9.4.0.54424.zip

unzip *

chmod -R 755 /home/sonarqube/sonarqube-9.4.0.54424

chown -R sonarqube:sonarqube /home/sonarqube/sonarqube-9.4.0.54424

cd sonarqube-9.4.0.54424/bin/linux-x86–64/

./sonar.sh start

We can verify the status of SonarQube via this command: ./sonar.sh status

Wait for SonarQube to start (2–3 minutes), then access your SonarQube on your browser via http://54.245.159.36:9000/ {ensure to input your EC2 IP address)
The Default login details will be: admin/admin. You will need to change the default password to a new one in the next tab.

Next, we will generate a Sonar Token. To do that, navigate to 'my account' at the top right corner, then go to the settings tab, and click on generate token to generate a token to allow GitLab CI/CD to communicate with your SonarQube server.

STEP 3: Secure Your CI/CD
We will input the SonarQube token into our GitLab variables. To do this, we will go to the settings tab on GitLab, select CICD and click on variables. Go to GitLab → Settings → CI/CD → Variables

Add the token API key to the GitLab CICD variables:
Key = SONAR_LOGIN
Value = cd14b6f8bb12f8a7a94127f3ce1044516d33a5fa

Configure GitLab CI/CD Variables
Add these variables (mask sensitive ones):

SONAR_HOST_URL: http://<your-ec2-public-ip>:9000
SONAR_LOGIN: The token you generated in SonarQube
DOCKER_USENAME: (if pushing to Docker registry)
DOCKER_PASSWORD: (if pushing to Docker registry)

STEP 4: Register GitLab Runner on EC2
We will have to create a runner, so we can always have backend access to it and be in full control of the runner. We will install the runner on our instance. To set up the runner, we will navigate to the settings, then CICD, then runners: Settings → CI/CD → Variables

a. Install GitLab Runner

# Download the binary for your system
sudo curl -L - output /usr/local/bin/gitlab-runner https://gitlab-runner-downloads.s3.amazonaws.com/latest/binaries/gitlab-runner-linux-amd64

# Give it permission to execute
sudo chmod +x /usr/local/bin/gitlab-runner

# Create a GitLab Runner user
sudo useradd - comment 'GitLab Runner' - create-home gitlab-runner - shell /bin/bash

# Install and run as a service
sudo gitlab-runner install - user=gitlab-runner - working-directory=/home/gitlab-runner

sudo gitlab-runner start

Command to register runner
sudo gitlab-runner register - url https://gitlab.com - token glrt-92fA16tAk07hUeItqxgyj286MQpwOjE2Y2QwYwp0OjMKdTpneHBzNhg.01.1j1fxtc8g

Follow prompts:
GitLab URL: https://gitlab.com/
Registration token: (get from GitLab project → Settings → CI/CD → Runners → Expand)
Description: my-runner
Tags: Docker
Executor: docker
Docker image: uwadon01/maven-uwadon1-docker-agent:v1

An equivalent Dockerfile sample that replicates the uwadon01/maven-uwadon1-docker-agent:v1 image with modern best practices:
Reconstructed Dockerfile

dockerfile

# Start with the same base as the original (Ubuntu-based)
FROM ubuntu:20.04
# Set environment variables to match original
ENV LANG=en_US.UTF-8 \
LANGUAGE=en_US:en \
LC_ALL=en_US.UTF-8 \
JAVA_VERSION=jdk-11.0.11+9 \
JAVA_HOME=/opt/java/openjdk \
MAVEN_VERSION=3.8.1 \
MAVEN_HOME=/usr/share/maven \
MAVEN_CONFIG=/root/.m2
# Install base dependencies (matches original apt commands)
RUN apt-get update && \
apt-get install -y - no-install-recommends \
curl \
ca-certificates \
gnupg \
git \
bash \
docker.io \
&& rm -rf /var/lib/apt/lists/*
# Install AdoptOpenJDK 11 (matches original version)
RUN mkdir -p /opt/java/openjdk && \
curl -L https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.11+9/OpenJDK11U-jdk_x64_linux_hotspot_11.0.11_9.tar.gz | \
tar -xz -C /opt/java/openjdk - strip-components=1
# Install Maven 3.8.1 (matches original)
RUN mkdir -p /usr/share/maven /usr/share/maven/ref && \
curl -L https://archive.apache.org/dist/maven/maven-3/${MAVEN_VERSION}/binaries/apache-maven-${MAVEN_VERSION}-bin.tar.gz | \
tar -xz -C /usr/share/maven - strip-components=1 && \
ln -s /usr/share/maven/bin/mvn /usr/bin/mvn
# Copy the original maven entrypoint script (recreated from inspection)
RUN echo $'#!/bin/sh\n\
# Licensed to the Apache Software Foundation (ASF) under one\n\
# or more contributor license agreements. See the NOTICE file\n\
# distributed with this work for additional information\n\
# regarding copyright ownership. The ASF licenses this file\n\
# to you under the Apache License, Version 2.0 (the\n\
# "License"); you may not use this file except in compliance\n\
# with the License. You may obtain a copy of the License at\n\
#\n\
# http://www.apache.org/licenses/LICENSE-2.0\n\
#\n\
# Unless required by applicable law or agreed to in writing,\n\
# software distributed under the License is distributed on an\n\
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY\n\
# KIND, either express or implied. See the License for the\n\
# specific language governing permissions and limitations\n\
# under the License.\n\
\n\
# For backwards compatibility with older versions of Docker\n\
if [ "$1" = "mvn" ]; then\n\
shift\n\
fi\n\
exec "$@"' > /usr/local/bin/mvn-entrypoint.sh && \
chmod +x /usr/local/bin/mvn-entrypoint.sh
# Set working directory and entrypoint
WORKDIR /workspace
ENTRYPOINT ["/usr/local/bin/mvn-entrypoint.sh"]
CMD ["mvn"]
# Verify installations
RUN mvn - version && \
java - version && \
docker - version

How to Build and Use

Build the image: docker build -t maven-uwadon1-docker-agent:v1 .
Verify it matches the original: docker run -it - rm maven-uwadon1-docker-agent:v1 bash -c "mvn - version; docker - version; java - version"
Push to your registry: docker tag maven-uwadon1-docker-agent:v1 yourusername/maven-yourname-docker-agent:v1

docker push yourusername/maven-yourname-docker-agent:v1

For GitLab CI/CD Usage

In your .gitlab-ci.yml:

yaml
image: uwadon01/maven-uwadon1-docker-agent:v1
services:
- docker:dind
variables:
DOCKER_HOST: tcp://docker:2375
DOCKER_TLS_CERTDIR: ""
build:
script:
- mvn clean install
- docker build -t myapp .

This Dockerfile image sample provides the same functionality as the original but with a more maintainable and transparent construction.
PS: You can decide to use my Docker image, but you have to retag it; here's how to retag an existing image for use:
Pull the original image:

docker pull uwadon01/maven-uwadon1-docker-agent:v1

Retag the image (to your own registry or for local use): docker tag uwadon01/maven-uwadon1-docker-agent:v1 yourusername/maven-yourname-docker-agent:v1
Push to your registry (if needed) docker push yourusername/maven-yourname-docker-agent:v1 You can view the runner that was just created. You will see a green dot beside it, which shows it is now active.

STEP 5: Create/Edit the .gitlab-ci.yml in your Spring Boot repo

image: 'uwadon01/maven-uwadon1-docker-agent:v1'
variables:
DOCKER_HOST: tcp://docker:2375
DOCKER_TLS_CERTDIR: ''
# SONAR_HOST_URL: http://54.237.226.245:9000
# SONAR_LOGIN: ${SONAR_LOGIN}
# Define the default working directory for the pipeline
before_script:
- cd java-maven-sonar-argocd-helm-k8s/spring-boot-app
stages:
- build
- test
- sonarqube
# - dockerization
build-job:
stage: build
tags:
- docker
script:
- echo "Compiling the code…"
- mvn clean package
unit-test-job:
stage: test
tags:
- docker
script:
- echo "Running unit tests… This will take about 60 seconds."
- mvn test
code-quality-job:
stage: sonarqube
tags:
- docker
script:
- echo "scanning code"
- mvn sonar:sonar -Dsonar.host.url=${SONAR_HOST_URL} -Dsonar.login=${SONAR_LOGIN}
#docker:
# stage: dockerization
# image: docker:19.03
# services:
# - name: docker:dind
# script:
# - whoami
# - docker build -t gitlab-cicd-demo:latest .
# - docker login -u $DOCKER_USERNAME -p $DOCKER_PASSWORD
# - docker tag gitlab-cicd-demo:latest $DOCKER_USERNAME/gitlab-cicd-demo:latest
# - docker push $DOCKER_USERNAME/gitlab-cicd-demo:latest

STEP 6: Push and Trigger Pipeline

git add .gitlab-ci.yml

git commit -m "Add GitLab CI/CD pipeline"

git push origin main

The pipeline will now run the various commands listed in your .gitlab.yml file
You can view the progress in the pipeline dashboard

This command will build the Spring Boot app using our Docker image, run the unit tests and send code analysis to SonarQube. You can view the result by logging in to your SonarQube project dashboard

✅ TROUBLESHOOTING
Issue & Solution

Runner says "no tags match"
Make sure your job has the correct tags: matching your runner
SonarQube is not accessible
Ensure port 9000 is open and the container is running
App not reachable
Make sure your app binds to 0.0.0.0:8080, not localhost
Docker permission issues
Ensure the user is in the Docker group
SonarQube Issues
Check logs: docker logs sonarqube, Ensure enough memory (t2.medium should be sufficient)
Maven Build Issues
Clear cache: mvn dependency:purge-local-repository, Check network connectivity from EC2

NB: To edit the runner configuration:
sudo nano /etc/gitlab-runner/config.toml

Afterwards, you can restart the runner:
sudo gitlab-runner restart
Ensure your Spring Boot project has:

pom.xml with required dependencies and .gitlab-ci.yml at the root

This comprehensive guide provides a complete walkthrough to set up a GitLab CI/CD pipeline for a Spring Boot Java application using a specific GitLab Runner on an EC2 t2.medium instance with Docker executor, Maven image, and hosting SonarQube on the same instance.

Deploying a Secure Static Website using AWS EC2, Route 53, and Certbot in AWS

Uwadone Joshua — Tue, 15 Jul 2025 13:31:32 +0000

A Comprehensive Walkthrough to deploy a secure, high-performance static website

✅ Overview of Architecture

This guide provides a step-by-step, real-world approach to deploying a static website on AWS using:
Host a static website using Nginx (Web Server) on an EC2 instance (Virtual Server)..

Point a custom domain from Route 53 (DNS & Domain Management) to that server.

Secure it with SSL/TLS certificates using Certbot & Let’s Encrypt.

📌 Prerequisites

✅ AWS account: free-tier eligible (with necessary permissions to use EC2, Route 53, and Security Groups)

✅ Domain name (already registered via Route 53)

✅ Basic static website files (HTML/CSS/JS)

✅ SSH key pair to access the EC2 instance

✅ AWS CLI & access to terminal (e.g., VS Code terminal or local shell)

✅ Basic Linux CLI Knowledge (SSH, file editing)

🚀 Step-by-Step Guide

🟩 Step 1: Launch a Secure EC2 Instance

1. Launched an Ubuntu EC2 Instance named “jodinho_agency_server” with AMI of 24.04 LTS (HVM) in the us-west-2 region using the AWS console.

2. Gave it the instance type of t2.micro which is within the free-tier. Created SSH key pair named jodinho-kp to access the instance on port 22. The default VPC and Subnet were used for the networking configuration.

3. The security group was configured with the following inbound rules:

Allow traffic on port 22 (SSH) with source IP addresses from any location.
Allow traffic on port 443 (HTTPS) with source from anywhere on the internet.
Allow traffic on port 80 (HTTP) with source from anywhere on the internet.
And we’ll leave the storage at default, 8GB GP3 volume storage. Then we hit the launch instance button.

4. First, we need to move the keypair file from the download folder into the .ssh folder;
cp ~/Downloads/jodinho-kp.pem ~/.ssh/

The private SSH key that got downloaded has now been moved, the permission was changed for the private key file and then used to connect to the instance by running the following commands;

chmod 400 ~/.ssh/jodinho-kp.pem

ssh -i ~/.ssh/jodinho-kp.pem ubuntu@54.212.87.210
Where username=ubuntu and public ip address=54.212.87.210

🟩 Step 2: Update & Install Nginx

Step 1 - Install Nginx web server

1. Update and upgrade the server’s package index

Run a sudo apt update to download package information from all configured sources.

sudo apt update

Run a sudo apt upgrade to upgrade the package

sudo apt upgrade -y

2. Install nginx

Run a sudo apt install nginx -y to install nginx

sudo apt install nginx -y

3. Verify that nginx is active and running

To verify Nginx server has been installed and is running, we will run the following command

sudo systemctl status nginx

If it's green and running, then nginx is correctly installed

4. Access nginx locally on the Ubuntu shell

Accessing the default nginx web server block to see if everything works correctly. curl the local IP address of our local machine, which in most cases is 127.0.0.1 or the DNS name localhost, on any web browser on our local machine:

curl http://54.212.87.210
curl http://localhost

The below result shows Nginx has been properly set up, and we can deploy our web application.

5. Test with the public IP address if the Nginx server can respond to requests from the internet using the URL in a browser.

http://54.212.87.210

This shows that the web server is correctly installed and is accessible through the firewall.

🟩 Step 3: Upload Static Website Files

1. So we will clone the website from our Gitlab repo here using the command below:
Git clone https://gitlab.com/uwadon1-group/jodinho-digital-website.git Next, we will change directory into the just cloned repo using the command cd jodinho-digital-website.

2. Nginx has its default page where it serves its contents. We can move into the folder for the Nginx default page to check it out using the command: cd /var/www/html. When we type LS, we can see the Nginx default HTML page, e.g index.nginx-debian.html. To see the content, we type in cat index.nginx-debian.html and see the exact content we saw on the browser earlier, but in HTML format.

3. Now, we will copy all our files nginx /var/www/html directory to replace the default page that was initially served. To do that, we will use the following command:
sudo cp -r jodinho-digital-website/* /var/www/html. But before then, we will have to remove the default file nginx index page, using the command: sudo rm index.nginx-debian.html.

4. We will input our IP address into the browser again, other things being equal, the website we replaced on Nginx should reflect this time, even without restarting the Nginx server.

🟩 Step 4: Point Route 53 Domain to EC2

1. What we want to do now is to link our IP address to our domain name, so instead of sharing IP addresses with visitors of your website, the best practice is to give them your domain name to input into the browser. We already have a domain name, so what we will do now is to map it to the IP address. If you need guidance on creating a domain on Route 53, this guide should help you

We will search for Route 53 service from the AWS search bar, and click on hosted zone, you will see your domain name, click on it and select create record. Input your record name, e.g, jodinho.uwhadone.click, Record Type: A, in the space of values, input your IP address, e.g, 54.212.87.210, leave the other options as default and click create record.

We will wait a few minutes, then visit our domain via the browser http://jodinho.uwhadone.click.

Now, we have to make our website more secure via HTTPS rather than HTTP.

2. We will head back to our terminal and go to the directory serving our nginx configuration file located at /etc using the command:
cd /etc/nginx. Type LS to see a list of all the files and folders here. Our major concern here would be sites-enabled, that's where we can find the list of sites. We want our Nginx server to serve visitors. We will cd into this directory and delete the default configuration file there and create a new one to replace it, using this command: sudo rm default.

We will create a new nginx config file via the vim editor using the command below:

sudo vim default

And paste the following commands:

   server {
       listen 80;
       server_name jodinho.uwhadone.click;

       root /var/www/html;
       index index.html;

       location / {
           try_files $uri $uri/ =404;
       }
   }

4. We can verify the syntax of our nginx configuration file is correct and also reload the nginx server using the commands below:

sudo nginx -t 
&& 
sudo systemctl reload nginx

🟩 Step 6: Install Certbot & Enable HTTPS

1. Now we need to get rid of HTTP and make use of HTTPS in order to make our website more secure. We will have to install certbot (this is a free software that enables us to configure nginx to use TLS & SSL certificates for HTTPS)

We will install certbot using the following command:
sudo apt install certbot python3-certbot-nginx -y

Next, we will type in this command sudo certbot --nginx -d jodinho.uwhadone.click. (What this command would do is to look through the Nginx configuration file and enable HTTPS.
A prompt will come up to type in your email address, type in yes for the remaining options, and you will see an update that it is requesting a certificate for your domain.

2. Now we will navigate back to our nginx config file to observe some changes in it. You will observe that certbot has made some adjustments to our nginx config file. You will also observe the SSL keys placed beside the nginx configuration

3. Now we will have to restart nginx to observe the change in our website from being unsecured to HTTPS secured.

Run the command: sudo systemctl restart nginx

✅ Deployment Complete!

🎉 Final Result
Static site hosted on AWS EC2
Custom domain via Route 53
Free SSL (HTTPS) via Certbot

MEAN Stack (WEB STACK) Implementation in AWS

Uwadone Joshua — Fri, 25 Apr 2025 07:29:48 +0000

MEAN WEB STACK IMPLEMENTATION IN AWS

Introduction

The MEAN stack is a popular JavaScript stack used for building web applications. It stands for MongoDB, Express.js, AngularJS (or Angular), and Node.js. Here's a brief overview of each component:

MongoDB: MongoDB is a NoSQL database that stores data in a flexible, JSON-like format. It is a popular choice for web applications because of its scalability, flexibility, and performance.

Express.js: Express.js is a web application framework for Node.js. It provides a set of features for building web applications and APIs, including routing, middleware support, and templating engines. Express.js simplifies the process of building web applications with Node.js by providing a high-level abstraction over the HTTP protocol.

AngularJS (or Angular): AngularJS is a JavaScript framework maintained by Google for building dynamic web applications. It extends HTML with additional attributes and provides a set of built-in directives for creating interactive user interfaces. AngularJS follows the Model-View-Controller (MVC) architecture, making it easy to organize code and build complex web applications.

Node.js: Node.js is a JavaScript runtime built on Chrome's V8 JavaScript engine. It allows developers to run JavaScript code outside of a web browser, making it possible to build server-side applications with JavaScript. Node.js is known for its event-driven, non-blocking I/O model, which makes it well-suited for building scalable and high-performance web applications.

Step 0: Prerequisites

1. Launched an Ubuntu EC2 Instance named “Mean_Stack_Server” with AMI of 22.04 LTS (HVM) in the us-west-2 region using the AWS console.

2. Gave it the instance type of t3.small.

The choice of the instance type was based on the following:

Memory: The t3.small instance offers more memory than the t2.micro, which is advantageous for applications that require more memory to operate efficiently.
Burst Capability: While both instances offer burstable CPU performance, the t3 instances have a more flexible burst model, allowing for more sustained performance during burst periods. This is important for workloads that require consistent performance over longer periods.
Performance: While both instances offer burstable performance, the t3.small typically provides better baseline performance compared to the t2.micro. This might be necessary for applications that require a bit more processing power.

Created SSH key pair named mean_stack to access the instance on port 22. The default VPC and Subnet were used for the networking configuration.

3. The security group was configured with the following inbound rules:

Allow traffic on port 22 (SSH) with source from any IP address.
Allow traffic on port 443 (HTTPS) with source from anywhere on the internet.
Allow traffic on port 80 (HTTP) with source from anywhere on the internet. (All these would be set by default, later we would go into the security group to set the remaining 2 inbound rules manually.) *- Allow traffic on port 3300 (Custom TCP) with source from anywhere. *- Allow traffic on port 27017 (Custom TCP) with source from anywhere.

We will leave the storage at default; 8gb gp3 volume storage. Then we hit the launch instance button.

4. First, we need to move the keypairs file from the download folder into the .ssh folder;
cp ~/Downloads/mean_stack.pem ~/.ssh/

The private SSH key that got downloaded has now been moved, permission was changed for the private key file and then used to connect to the instance by running the following commands;

chmod 400 ~/.ssh/mean_stack.pem

ssh -i ~/.ssh/mean_stack.pem ubuntu@52.32.32.193

Where username=ubuntu and public ip address=52.32.32.193

Step 1 - Install Nodejs

Node.js is a JavaScript runtime built on Chrome’s V8 JavaScript engine. Node.js is used in this tutorial to set up the Express routes and AngularJS controllers.

1. Update and Upgrade ubuntu

sudo apt update && sudo apt upgrade -y

2. Add certificates

sudo apt -y install curl dirmngr apt-transport-https lsb-release ca-certificates

curl -sL https://deb.nodesource.com/setup_18.x | sudo -E bash -

.3 Install NodeJS

sudo apt-get install -y nodejs

Step 2 - Install MongoDB

For this application, Book records were added to MongoDB that contain books name, ISBN number, author, and number of pages.

1. Download the MongoDB public GPG key

curl -fsSL https://pgp.mongodb.com/server-7.0.asc | sudo gpg --dearmor -o /usr/share/keyrings/mongodb-archive-keyring.gpg

2. Add the MongoDB repository

echo "deb [ signed-by=/usr/share/keyrings/mongodb-archive-keyring.gpg ] https://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/7.0 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-7.0.list

3. Update the package database and install MongoDB

sudo apt-get update

sudo apt-get install -y mongodb-org

4. Start and enable MongoDB

sudo systemctl start mongod

sudo systemctl enable mongod

sudo systemctl status mongod

5. Install body-parser package

body-parser package is needed to help process JSON files passed in requests to the server.

sudo npm install body-parser

6. Create the project root folder named ‘Books’

mkdir Books && cd Books

Initialize the root folder

npm init

Add file named server.js to Books folder

vim server.js

Copy and paste the web server code below into the server.js file.

const express = require('express');
const bodyParser = require('body-parser');
const mongoose = require('mongoose'); // Make sure mongoose is installed and required
const path = require('path'); // To handle static file serving
const app = express();

// Connect to MongoDB
mongoose.connect('mongodb://localhost:27017/test')
  .then(() => console.log('MongoDB connected'))
  .catch(err => console.error('MongoDB connection error:', err));


// Middleware
app.use(bodyParser.json());
app.use(express.static(path.join(__dirname, 'public')));

// Routes
require('./apps/routes')(app);

// Start the server
app.set('port', 3300);
app.listen(app.get('port'), () => {
  console.log('Server up: http://localhost:' + app.get('port'));
});

Step 3 - Install Express and set up routes to the server

Express was used to pass book information to and from our MongoDB database.
Mongoose package provides a straightforward schema-based solution to model the application data. Mongoose was used to establish a schema for the database to store data of the book register.

1. Install express and mongoose

sudo npm install express mongoose

2. In Books folder, create a folder named ‘apps’

mkdir apps && cd apps

In apps, create a file named routes.js

vim routes.js

Copy and paste the code below into routes.js

const Book = require('./models/book');
const path = require('path');

module.exports = function(app) {
  // Get all books
  app.get('/book', async (req, res) => {
    try {
      const books = await Book.find({});
      res.json(books);
    } catch (err) {
      console.error(err);
      res.status(500).json({ error: 'Internal Server Error' });
    }
  });

  // Add a new book
  app.post('/book', async (req, res) => {
    try {
      const book = new Book({
        name: req.body.name,
        isbn: req.body.isbn,
        author: req.body.author,
        pages: req.body.pages
      });
      const result = await book.save();
      res.json({
        message: "Successfully added book",
        book: result
      });
    } catch (err) {
      console.error(err);
      res.status(500).json({ error: 'Internal Server Error' });
    }
  });

  // Update a book
  app.put('/book/:isbn', async (req, res) => {
    try {
      const updatedBook = await Book.findOneAndUpdate(
        { isbn: req.params.isbn },
        req.body,
        { new: true }
      );
      if (!updatedBook) {
        return res.status(404).json({ error: 'Book not found' });
      }
      res.json({
        message: "Successfully updated the book",
        book: updatedBook
      });
    } catch (err) {
      console.error(err);
      res.status(500).json({ error: 'Internal Server Error' });
    }
  });

  // Delete a book
  app.delete('/book/:isbn', async (req, res) => {
    try {
      const result = await Book.findOneAndRemove({ isbn: req.params.isbn });
      if (!result) {
        return res.status(404).json({ error: 'Book not found' });
      }
      res.json({
        message: "Successfully deleted the book",
        book: result
      });
    } catch (err) {
      console.error(err);
      res.status(500).json({ error: 'Internal Server Error' });
    }
  });

  // Serve static files
  app.get('*', (req, res) => {
    res.sendFile(path.join(__dirname, '../public', 'index.html'));
  });
};

3. In the ‘apps’ folder, create a folder named models

mkdir models && cd models

In models, create a file named book.js

vim book.js

Copy and paste the code below into book.js

const mongoose = require('mongoose');

const bookSchema = new mongoose.Schema({
  name: { type: String, required: true },
  isbn: { type: String, required: true, unique: true },
  author: { type: String, required: true },
  pages: { type: Number, required: true }
});

module.exports = mongoose.model('Book', bookSchema);

Step 4 - Access the routes with AngularJS

In this project, AngularJS was used to connect the web page with Express and perform actions on the book register.

1. Change the directory back to ‘Books’ and create a folder named ‘public’

cd ../..

mkdir public && cd public

Add a file named script.js into public folder

vim script.js

Copy and paste the code below (controller configuration defined) into the script.js file.

var app = angular.module('myApp', []);

app.controller('myCtrl', function($scope, $http) {
  // Get all books
  function getAllBooks() {
    $http({
      method: 'GET',
      url: '/book'
    }).then(function successCallback(response) {
      $scope.books = response.data;
    }, function errorCallback(response) {
      console.log('Error: ' + response.data);
    });
  }

  // Initial load of books
  getAllBooks();

  // Add a new book
  $scope.add_book = function() {
    var body = {
      name: $scope.Name,
      isbn: $scope.Isbn,
      author: $scope.Author,
      pages: $scope.Pages
    };
    $http({
      method: 'POST',
      url: '/book',
      data: body
    }).then(function successCallback(response) {
      console.log(response.data);
      getAllBooks();  // Refresh the book list
      // Clear the input fields
      $scope.Name = '';
      $scope.Isbn = '';
      $scope.Author = '';
      $scope.Pages = '';
    }, function errorCallback(response) {
      console.log('Error: ' + response.data);
    });
  };

  // Update a book
  $scope.update_book = function(book) {
    var body = {
      name: book.name,
      isbn: book.isbn,
      author: book.author,
      pages: book.pages
    };
    $http({
      method: 'PUT',
      url: '/book/' + book.isbn,
      data: body
    }).then(function successCallback(response) {
      console.log(response.data);
      getAllBooks();  // Refresh the book list
    }, function errorCallback(response) {
      console.log('Error: ' + response.data);
    });
  };

  // Delete a book
  $scope.delete_book = function(isbn) {
    $http({
      method: 'DELETE',
      url: '/book/' + isbn
    }).then(function successCallback(response) {
      console.log(response.data);
      getAllBooks();  // Refresh the book list
    }, function errorCallback(response) {
      console.log('Error: ' + response.data);
    });
  };
});

2. In ‘public’ folder, create a file named index.html

vim index.html

Copy and paste the code below into index.html file

<!DOCTYPE html>
<html ng-app="myApp" ng-controller="myCtrl">
<head>
  <script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.6.4/angular.min.js"></script>
  <script src="script.js"></script>
  <style>
    /* Add your custom CSS styles here */
  </style>
</head>
<body>
  <div>
    <table>
      <tr>
        <td>Name:</td>
        <td><input type="text" ng-model="Name"></td>
      </tr>
      <tr>
        <td>Isbn:</td>
        <td><input type="text" ng-model="Isbn"></td>
      </tr>
      <tr>
        <td>Author:</td>
        <td><input type="text" ng-model="Author"></td>
      </tr>
      <tr>
        <td>Pages:</td>
        <td><input type="number" ng-model="Pages"></td>
      </tr>
    </table>
    <button ng-click="add_book()">Add</button>
    <div ng-if="successMessage">{{ successMessage }}</div>
    <div ng-if="errorMessage">{{ errorMessage }}</div>
  </div>
  <hr>
  <div>
    <table>
      <tr>
        <th>Name</th>
        <th>Isbn</th>
        <th>Author</th>
        <th>Page</th>
        <th>Action</th>
      </tr>
      <tr ng-repeat="book in books">
        <td>{{ book.name }}</td>
        <td>{{ book.isbn }}</td>
        <td>{{ book.author }}</td>
        <td>{{ book.pages }}</td>
        <td><button ng-click="del_book(book)">Delete</button></td>
      </tr>
    </table>
  </div>
</body>
</html>

3. Change the directory back up to ‘Books’ and start the server

cd ..

node server.js

The server is now up and running, Connection to it is via port 3300. A separate Putty or SSH console to test what curl command returns locally can be launched.

The Book Register web application can now be accessed from the internet with a browser using the Public IP address or Public DNS name.

Add more books to the register

Get the JSON view

Conclusion

The MEAN stack—comprising MongoDB, Express.js, AngularJS (or Angular), and Node.js—provides a powerful and cohesive set of technologies for building modern web applications.

Together, these technologies allow developers to use JavaScript throughout the entire development process, from front-end to back-end, promoting a unified and streamlined development workflow.

LEMP Stack (WEB STACK) Implementation in AWS

Uwadone Joshua — Mon, 21 Apr 2025 00:16:12 +0000

WEB STACK IMPLEMENTATION (LEMP STACK) IN AWS

Introduction:

The LEMP Stack is a popular open-source web development platform that consists of four main components: Linux, (E)Nginx, MySQL, and PHP (or sometimes Perl or Python). This documentation outlines the setup, configuration, and usage of the LEMP stack.

A LEMP Stack application is an application which as opposed to a LAMP Stack Application makes use of Nginx as the web server for hosting the web application. NGINX is an open source software for web serving, reverse proxying, caching, load balancing, media streaming, and more.

Step 0: Prerequisites

1. Launched an Ubuntu EC2 Instance named “Lemp_Stack_Server” with AMI of 24.04 LTS (HVM) in the us-west-2 region using the AWS console.

2. Gave it the instance type of t2.micro which is within the free-tier. Created SSH key pair named lemp_stack to access the instance on port 22. The default VPC and Subnet were used for the networking configuration.

3. The security group was configured with the following inbound rules:

Allow traffic on port 22 (SSH) with source from any IP address. This is opened by default.
Allow traffic on port 443 (HTTPS) with source from anywhere on the internet.
Allow traffic on port 80 (HTTP) with source from anywhere on the internet. And will leave the storage at default; 8gb gp3 volume storage. Then we hit the launch instance button.

4. First, we need to move the keypair file from the download folder into the .ssh folder;
cp ~/Downloads/lemp_stack.pem ~/.ssh/

The private ssh key that got downloaded has now been moved, permission was changed for the private key file and then used to connect to the instance by running the following commands;

chmod 400 ~/.ssh/lemp_stack.pem

ssh -i ~/.ssh/lemp_stack.pem ubuntu@35.95.39.71

Where username=ubuntu and public ip address=35.95.39.71

Step 1 - Install Nginx web server

1. Update and upgrade the server’s package index

Run a sudo apt update to download package information from all configured sources.

sudo apt update

Run a sudo apt upgrade to upgrade the package

`sudo apt upgrade -y
``

![Upgrade Packages](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/pss8cqig7yruyt72fxvj.png)


__2.__ __Install nginx__

Run a sudo apt install nginx -y to install nginx

sudo apt install nginx -y


![Install Nginx](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/f9ir8e2e9azspo1uuf5y.png)


__3.__ __Spin up Nginx and verify that nginx is active and running__

Spin up the nginx server and ensure it automatically starts on system reboot by running the following commands

sudo systemctl start nginx
sudo systemctl enable nginx

And

sudo systemctl status nginx


If it's green and running, then nginx is correctly installed

![Nginx Status](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/va11jjkb611955fe4bvn.png)

__4.__ __Access nginx locally on the Ubuntu shell__

Accessing the default nginx web server block to see if everything works correctly. curl the local IP address of our local machine which in most cases is 127.0.0.1 or the DNS name localhost on any web browser on our local machine:

curl http://127.0.0.1:80
curl http://localhost:80



The below result shows Nginx has been properly set up and we can deploy our web application.



![[Local URL](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/5xcqw2qptno8yxg81z5h.png)

__5.__ __Test with the public IP address if the Nginx server can respond to requests from the internet using the URL on a browser.__

http://35.95.39.71:80


![Nginx Default Page](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/cx4ajxm3lvgl40478dkv.png)

This shows that the web server is correctly installed and it is accessible through the firewall.


__6.__ __Another way to retrieve the public IP address rather than check the aws console__

TOKEN=$(curl -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600")
curl -H "X-aws-ec2-metadata-token: $TOKEN" -s http://169.254.169.254/latest/meta-data/public-ipv4


![Obtain-ip](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/qsebn8h939ci4utf8cfz.png)

Or enable IMDSv1 in your instance settings:
Go to EC2 Console → Instances → Select your instance.
Actions → Instance Settings → Modify Metadata Options.
Set Metadata version to V1 and V2.
Change the __IMDSv2__ from __Required__ to __Optional__.

The command was run,and the public IP address was displayed. Thing is AWS now defaults to IMDSv2 (Instance Metadata Service Version 2), which requires token.

Step 2 - Install MySQL

1. Install a relational database (RDB)

We have succeeded in setting up our nginx webserver and ensured its accessible over the internet. Next is to install mySQL which is a relational database management server to help store data and manage content on our web application.

sudo apt install mysql-server

2. Log in to mysql console

sudo mysql

This connects to the MySQL server as the administrative database user root inferred by the use of sudo when running the command.

3. Set a password for root user using mysql_native_password as default authentication method.

Here, the user's password was defined as "Admin007$"

ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'Admin007$';

Exit the MySQL shell

exit

4. Run an Interactive script to secure MySQL

The security script comes pre-installed with mysql. This script removes some insecure settings and locks down access to the database system.

sudo mysql_secure_installation

5. After changing root user password, log in to MySQL console.

A command prompt for password was noticed after running the command below.

sudo mysql -p

Exit MySQL shell

exit

Step 3 - Install PHP

1. Install php

Install php-fpm (PHP fastCGI process manager) and tell nginx to pass PHP requests to this software for processing. Also, install php-mysql, a php module that allows PHP to communicate with MySQL-based databases. Core PHP packages will automatically be installed as dependencies.

We use php to dynamically display contents of our webpage to users who make requests to the webserver.
php-fpm : which stands for PHP FastCGI Process Manager is a web tool used for speeding up the performance of a website by handling tremendous amounts of load simultaneously.

The following were installed:

php-fpm (PHP fastCGI process manager)
php-mysql

sudo apt install php-fpm php-mysql -y

Step 4 - Configure nginx to use PHP processor

1. Create a root web directory for your_domain

To serve our web content on our web server, we create a directory for our project inside the /var/www/ directory.
sudo mkdir /var/www/projectlemp Then we change permissions of the projectlemp directory to the current user system
sudo chown -R $USER:$USER /var/www/projectlemp

sudo mkdir /var/www/projectlemp

2. Assign the directory ownership with $USER which will reference the current system user

sudo chown -R $USER:$USER /var/www/projectlemp

3. Create a new configuration file in Nginx’s “sites-available” directory.

sudo nano /etc/nginx/sites-available/projectlemp

Paste in the following bare-bones configuration:

server {
  listen 80;
  server_name projectlemp www.projectlemp;
  root /var/www/projectlemp;

  index index.html index.htm index.php;

  location / {
    try_files $uri $uri/ =404;
  }

  location ~ \.php$ {
    include snippets/fastcgi-php.conf;
    fastcgi_pass unix:/var/run/php/php8.3-fpm.sock;
  }

  location ~ /\.ht {
    deny all;
  }
}

Here’s what each directive and location block does:

listen - Defines what port nginx listens on. In this case, it will listen on port 80, the default port for HTTP.
root - Defines the document root where the files served by this website are stored.
index - Defines in which order Nginx will prioritize the index files for this website. It is a common practice to list index.html files with a higher precedence than index.php files to allow for quickly setting up a maintenance landing page for PHP applications. You can adjust these settings to better suit your application needs.
server_name - Defines which domain name and/or IP addresses the server block should respond for. Point this directive to your domain name or public IP address.
location / - The first location block includes the try_files directive, which checks for the existence of files or directories matching a URI request. If Nginx cannot find the appropriate result, it will return a 404 error.
location ~ .php$ - This location handles the actual PHP processing by pointing Nginx to the fastcgi-php.conf configuration file and the php7.4-fpm.sock file, which declares what socket is associated with php-fpm.
location ~ /.ht - The last location block deals with .htaccess files, which Nginx does not process. By adding the deny all directive, if any .htaccess files happen to find their way into the document root, they will not be served to visitors.

4. Activate the configuration by linking to the config file from Nginx’s sites-enabled directory

sudo ln -s /etc/nginx/sites-available/projectlemp /etc/nginx/sites-enabled/

This will tell Nginx to use this configuration when next it is reloaded.

5. Test the configuration for syntax error

sudo nginx -t

6. Disable the default Nginx host that currently configured to listen on port 80

Currently, our new server block has been created and configured but the default server block is the default block that comes with nginx install. To unlink it we run the command: sudo unlink /etc/sites-available/default.
We then reload nginx for all configurations to take effect sudo reload nginx.
Create an index.html file inside projectlemp directory and write in contents to be accessed over the internet. Paste public IP address on a browser to see contents.

sudo unlink /etc/nginx/sites-enabled/default

7. Reload Nginx to apply the changes

sudo systemctl reload nginx

8. The new website is now active but the web root /var/www/projectlemp is still empty. Create an index.html file in this location so to test the virtual host work as expected.

sudo echo ‘Hello LEMP from hostname’ $(curl -s http://169.254.169.254/latest/meta-data/public-hostname) ‘with public IP’ $(curl -s http://169.254.169.254/latest/meta-data/public-ipv4) > /var/www/projectlemp/index.html

sudo bash -c "echo 'Hello LEMP from hostname $PUBLIC_HOSTNAME with public IP $PUBLIC_IP' > /var/www/projectlemp/index.html"

TOKEN=$(curl -X PUT "http://169.254.169.254/latest/api/token" \
  -H "X-aws-ec2-metadata-token-ttl-seconds: 21600")

PUBLIC_HOSTNAME=$(curl -H "X-aws-ec2-metadata-token: $TOKEN" -s http://169.254.169.254/latest/meta-data/public-hostname)
PUBLIC_IP=$(curl -H "X-aws-ec2-metadata-token: $TOKEN" -s http://169.254.169.254/latest/meta-data/public-ipv4)

Open the website on a browser using IP address

http://35.95.39.71:80

Open it with public DNS name (port is optional)

http://<public-DNS-name>:80

This file can be left in place as a temporary landing page for the application until an index.php file is set up to replace it. Once this is done, remove or rename the index.html file from the document root as it will take precedence over index.php file by default.

The LEMP stack is now fully configured.
At this point, the LEMP stack is completely installed and fully operational.

Step 5 - Test PHP with Nginx

Test the LEMP stack to validate that Nginx can handle the .php files off to the PHP processor.

1. Create a test PHP file in the document root. Open a new file called info.php within the document root.

Create an info.php file inside the /var/www/projectlemp directory.

sudo nano /var/www/projectlemp/info.php

Paste in the command below;:

<?php
phpinfo();

2. Access the page on the browser and attach /info.php

http://18.209.18.61/info.php

After checking the relevant information about the server through this page, It’s best to remove the file created as it contains sensitive information about the PHP environment and the ubuntu server. It can always be recreated if the information is needed later.

sudo rm /var/www/projectlemp/info.php

Step 6 - Retrieve Data from MySQL database with PHP

Create a new user with the mysql_native_password authentication method in order to be able to connect to MySQL database from PHP.

Create a database named todo_database and a user named todo_user

1. First, connect to the MySQL console using the root account.

sudo mysql -p

2. Create a new database

CREATE DATABASE todo_database;

3. Create a new user and grant the user full privileges on the new database.

CREATE USER 'todo_user'@'%' IDENTIFIED WITH mysql_native_password BY 'Admin123$';

GRANT ALL ON todo_database.* TO 'todo_user'@'%';

exit

4. Login to MySQL console with the user custom credentials and confirm that you have access to todo_database.

mysql -u todo_user -p

SHOW DATABASES;

The -p flag will prompt for passwords used when creating the example_user

5. Create a test table named todo_list.

From MySQL console, run the following:

CREATE TABLE todo_database.todo_list (
  item_id INT AUTO_INCREMENT,
  content VARCHAR(255),
  PRIMARY KEY(item_id)
);

6. Insert a few rows of content to the test table.

INSERT INTO todo_database.todo_list (content) VALUES ("My first important item");

INSERT INTO todo_database.todo_list (content) VALUES ("My second important item");

INSERT INTO todo_database.todo_list (content) VALUES ("My third important item");

INSERT INTO todo_database.todo_list (content) VALUES ("and this one more thing");

7. To confirm that the data was successfully saved to the table run:

SELECT * FROM todo_database.todo_list;

exit

Create a PHP script that will connect to MySQL and query the content.

1. Create a new PHP file in the custom web root directory

sudo nano /var/www/projectlemp/todo_list.php

The PHP script connects to MySQL database and queries for the content of the todo_list table, displays the results in a list. If there’s a problem with the database connection, it will throw an exception.

Copy the content below into the todo_list.php script.

<?php
$user = "todo_user";
$password = "Admin123$";
$database = "todo_database";
$table = "todo_list";

try {
  $db = new PDO("mysql:host=localhost;dbname=$database", $user, $password);
  echo "<h2>TODO</h2><ol>";
  foreach($db->query("SELECT content FROM $table") as $row) {
    echo "<li>" . $row['content'] . "</li>";
  }
  echo "</ol>";
} catch (PDOException $e) {
    print "Error!: " . $e->getMessage() . "<br/>";
    die();
}
?>

2. Now access this page on the browser by using the domain name or public IP address followed by /todo_list.php

http://35.95.39.71/todo_list.php

Access this page on the browser by using the domain name followed by /todo_list.php

Troubleshoot

One of the major errors I encountered when implementing this project was after I adjusted my PHP file and wanted to view my IP address with the path /info.php. I got a 502 error, but after much back-and-forth troubleshooting, I realized where the issue was from. I didn't take note of the PHP version that was installed, hence, the exact version was not referenced while I was populating this file ‘/etc/nginx/sites-available/projectlemp’ so I kept getting 502 error until I corrected this line ‘fastcgi_pass unix:/var/run/php/php8.3-fpm.sock;’

Conclusion

The LEMP stack provides a robust platform for hosting and serving web applications. By leveraging the power of Linux, Nginx, MySQL (or MariaDB), and PHP, developers can deploy scalable and reliable web solutions.

LAMP Stack (WEB STACK) Implementation in AWS

Uwadone Joshua — Wed, 16 Apr 2025 10:38:43 +0000

WEB STACK IMPLEMENTATION (LAMP STACK) IN AWS

Introduction:

The LAMP stack is a popular group of open-source software that consists of four main components: Linux, Apache, MySQL, and PHP (or sometimes Perl or Python). It is typically installed together in order to enable a server to host dynamic websites and web apps written in PHP.
This term is an acronym which represents the Linux operating system with the Apache web server.
The site data is stored in a MySQL database, and dynamic content is processed by PHP. This documentation outlines the setup, configuration, and usage of the LAMP stack.

Linux

Linux is the foundational layer of the LAMP stack, providing the operating system on which all the other components run. As an open-source, Unix-like operating system,
Linux offers a highly customizable and secure platform that powers most of the world's servers.
Its compatibility with other open-source software and widespread community support make it the preferred choice for web hosting environments.
Popular Linux distributions used in LAMP stacks include Ubuntu, CentOS, and Debian.

Apache

Apache is the web server software that handles serving web pages to users.
It processes HTTP requests from client browsers and delivers content such as HTML pages, images, and scripts.
Apache also supports advanced features including virtual hosting, secure connections (SSL/TLS), and URL rewriting.
Key Features of Apache:
Modular Design: Apache allows administrators to enable or disable different modules, such as SSL for encryption or mod_rewrite for URL manipulation.
Virtual Hosting: Apache can host multiple websites on a single server, each with its own domain name and directory.
SSL/TLS Support: Apache can secure connections between the server and clients using SSL (Secure Sockets Layer) and TLS (Transport Layer Security).
Cross-Platform: Although it runs best on Linux, Apache is also compatible with other operating systems like Windows and macOS.

MySQL (or MariaDB)

MySQL is a relational database management system (RDBMS) used for storing and managing structured data in web applications.
Its client-server architecture supports multiple clients performing operations such as data retrieval, manipulation, and deletion.
MariaDB, a fork of MySQL, provides additional features and performance enhancements while maintaining compatibility with MySQL.

PHP (or Perl/Python)

PHP is a server-side scripting language designed to create dynamic web content.
Embedded within HTML code, PHP executes on the web server to generate content dynamically before sending it to the client.
It interacts with databases, processes forms, and performs various tasks necessary for developing interactive web applications.
Alternative scripting languages like Perl and Python can also be used in place of PHP, depending on the specific needs of the application.

Use Cases for LAMP Stack

Content Management Systems (CMS): Platforms like WordPress, Drupal, and Joomla run on the LAMP stack.
E-commerce Websites: Many online stores use the LAMP stack to manage dynamic content, handle payments, and process user data.
Web Applications: From social networking sites to business applications, the LAMP stack provides the necessary infrastructure to support complex web-based platforms.
Custom Web Development: Developers can use the LAMP stack for custom web applications that require robust back-end support with PHP and MySQL, such as blogs, forums, or project management tools.

Step 0: Prerequisites

1. Launched an Ubuntu EC2 Instance named “Lamp_Stack_Server” with AMI of 24.04 LTS (HVM) in the us-west-2 region using the AWS console.

2. Gave it the instance type of t2.micro which is within the free-tier. Created SSH key pair named lamp_stack to access the instance on port 22. The default VPC and Subnet were used for the networking configuration.

3. The security group was configured with the following inbound rules:

Allow traffic on port 22 (SSH) with source from any IP address. This is opened by default.
Allow traffic on port 443 (HTTPS) with source from anywhere on the internet.
Allow traffic on port 80 (HTTP) with source from anywhere on the internet. And will leave the storage at default; 8gb gp3 volume storage. Then we hit the launch instance button.

4. First, we need to move the keypair file from the download folder into the .ssh folder;
cp ~/Downloads/lamp_stack.pem ~/.ssh/

The private ssh key that got downloaded has now been moved, permission was changed for the private key file and then used to connect to the instance by running the following commands;

chmod 400 ~/.ssh/lamp_stack.pem

ssh -i ~/.ssh/lamp_stack.pem ubuntu@35.93.146.45

Where username=ubuntu and public ip address=35.93.146.45

Step 1 - Install Apache and Update the Firewall

1. Update and upgrade list of packages in package manager

sudo apt update

![Update Packages](./images/apt-update.png)

sudo apt upgrade -y

2. Run apache2 package installation

sudo apt install apache2 -y

3. Enable and verify that apache is running on as a service on the OS.

sudo systemctl enable apache2
sudo systemctl status apache2

sudo systemctl enable apache2: Configures Apache to start on boot (so it survives a restart).

If it green and running, then apache2 is correctly installed

4. The server is running and can be accessed locally in the ubuntu shell by running the command below:

curl http://localhost:80
OR
curl http://127.0.0.1:80

5. Test with the public IP address if the Apache HTTP server can respond to request from the internet using the url on a browser.

http://35.93.146.45:80

This shows that the web server is correctly installed and it is accessible through the firewall.

6. Another way to retrieve the public ip address rather than check the aws console

TOKEN=$(curl -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600")
curl -H "X-aws-ec2-metadata-token: $TOKEN" -s http://169.254.169.254/latest/meta-data/public-ipv4

Or enable IMDSv1 in your instance settings:
Go to EC2 Console → Instances → Select your instance.
Actions → Instance Settings → Modify Metadata Options.
Set Metadata version to V1 and V2.
Change the IMDSv2 from Required to Optional.

The command was run,and the public IP address was displayed. Thing is AWS now defaults to IMDSv2 (Instance Metadata Service Version 2), hich requires token.

TOKEN=$(curl -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600")
curl -H "X-aws-ec2-metadata-token: $TOKEN" -s http://169.254.169.254/latest/meta-data/public-ipv4

Step 2 - Install MySQL

1. Install a relational database (RDB)

MySQL was installed in this project. It is a popular relational database management system used within PHP environments. We use MySQl as a relational database to store and manage data on our website.

sudo apt install mysql-server

When prompted, install was confirmed by typing y and then Enter.

2. Enable and verify that mysql is running with the commands below

sudo systemctl enable --now mysql
sudo systemctl status mysql

NB: sudo systemctl enable --now mysql: --now starts MySQL immediately, and enable ensures it runs at boot.

3. Log in to mysql console

sudo mysql

This connects to the MySQL server as the administrative database user root infered by the use of sudo when running the command.

4. Set a password for root user using mysql_native_password as default authentication method.

Here, the user's password was defined as "Admin007$"

ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'Admin007$';

Exit the MySQL shell

exit

5. Run an Interactive script to secure MySQL

The security script comes pre-installed with mysql. This script removes some insecure settings and lock down access to the database system.

NB: The command below launches an interactive script that:
Sets password validation rules (if chosen).

Removes test users and databases.

Disables root login remotely (optional).

Reloads privilege tables.

sudo mysql_secure_installation

We use the sudo mysql_secure_installation command to remove insecure default settings and enable protection for the database.

Regardless of whether the VALIDATION PASSWORD PLUGIN is set up, the server will ask to select and confirm a password for MySQL root user.

6. After changing root user password, log in to MySQL console.

A command prompt for password was noticed after running the command below.

sudo mysql -p

Exit MySQL shell

exit

Step 3 - Install PHP

1. Install php
Apache is installed to serve the content and MySQL is installed to store and manage data.
PHP is the component of the set up that processes code to display dynamic content to the end user.

The following were installed:

php: The scripting language.
php-mysql: PHP module that allows PHP to communicate with MySQL-based databases.
libapache2-mod-php: Module to run PHP with Apache and enable Apache to handle PHP files.

sudo apt install php libapache2-mod-php php-mysql

Confirm the PHP version

php -v

At this point, the LAMP stack is completely installed and fully operational.

To test the setup with a PHP script, it's best to set up a proper Apache Virtual Host to hold the website files and folders. Virtual host allows to have multiple websites located on a single machine and it won't be noticed by the website users.

Step 4 - Create a virtual host for the website using Apache

1. The default directory serving the apache default page is /var/www/html. Create your document directory next to the default one.

Apache webserver serves a website by the way of server blocks inside its /var/www/ directory, and it can support multiple of this server blocks to host other websites.

Here we create a new directory called ‘projectlamp’ inside the /var/www/ directory using "mkdir" command

sudo mkdir /var/www/projectlamp

Assign the directory ownership with $USER environment variable which references the current system user, i.e we change the permissions of the projectlamp directory to the current user system..

sudo chown -R $USER:$USER /var/www/projectlamp

NB: This command changes ownership to your user (so you can easily modify files).

2. __ The projectlamp directory represents the directory which will contain files related to our website as it represents a new server block on the apache webserver. In order to spin up this server block we need to configure it by creating a .conf file.

Create and open a new configuration file in apache’s “sites-available” directory using vim.__

sudo vim /etc/apache2/sites-available/projectlamp.conf

The following represents the configuration needed to spin up the server block. Copy and paste in the bare-bones configuration below into the editor.:

<VirtualHost *:80>
  ServerName projectlamp
  ServerAlias www.projectlamp
  ServerAdmin webmaster@localhost
  DocumentRoot /var/www/projectlamp
  ErrorLog ${APACHE_LOG_DIR}/error.log
  CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

3. Show the new file in sites-available

sudo ls /etc/apache2/sites-available

Output:
000-default.conf default-ssl.conf projectlamp.conf

With the VirtualHost configuration, Apache will serve projectlamp using /var/www/projectlamp as its web root directory.

4. Enable the new virtual host

sudo a2ensite projectlamp

So, we run sudo a2ensite projectlamp to activate the server block.
NB: Activates your config by creating a symbolic link in sites-enabled.

5. Disable apache’s default website.

This is because Apache’s default configuration will overwrite the virtual host if not disabled. This is required if a custom domain is not being used.

sudo a2dissite 000-default

We run ‘sudo a2dissite 000-default’ to deactivate the default webserver block that comes with apache on default.
NB: Prevents Apache from using the default config, this is important to avoid conflicts.

6. Ensure the configuration does not contain syntax error

The command below was used:

sudo apache2ctl configtest

7. Reload apache for changes to take effect.

sudo systemctl reload apache2

8. The new website is now active but the web root /var/www/projectlamp is still empty. Create an index.html file in this location, so as to test the virtual host work as expected.

sudo echo 'Hello LAMP from hostname' $(curl -s http://169.254.169.254/latest/meta-data/public-hostname) 'with public IP' $(curl -s http://169.254.169.254/latest/meta-data/public-ipv4) > /var/www/projectlamp/index.html

sudo bash -c "echo 'Hello LAMP from hostname' \$(curl -H \"X-aws-ec2-metadata-token: $TOKEN\" -s http://169.254.169.254/latest/meta-data/public-hostname) 'with public IP' \$(curl -H \"X-aws-ec2-metadata-token: $TOKEN\" -s http://169.254.169.254/latest/meta-data/public-ipv4) > /var/www/projectlamp/index.html"

9. Open the website on a browser using the public IP address.

http://35.93.146.45:80

10. Open the website with public dns name (port is optional)

http://<public-DNS-name>:80

This file can be left in place as a temporary landing page for the application until an index.php file is set up to replace it. Once this is done, the index.html file should be renamed or removed from the document root as it will take precedence over index.php file by default.

Step 5 - Enable PHP on the website

With the default DirectoryIndex setting on Apache, index.html file will always take precedence over index.php file. This is useful for setting up maintenance page in PHP applications, by creating a temporary index.html file containing an informative message for visitors. The index.html then becomes the landing page for the application. Once maintenance is over, the index.html is renamed or removed from the document root bringing back the regular application page.
If the behaviour needs to be changed, /etc/apache2/mods-enabled/dir.conf file should be edited and the order in which the index.php file is listed within the DirectoryIndex directive should be changed.

NB: By default, the webserver has a preference for serving an index.html file based on the order of precedence by default in the DirectoryIndex settings of Apache.
To serve an index.php containing the server-side code, you’ll need to edit the /etc/apache2/mods-enabled/dir.conf file and change the order in which the index.php file is listed within the DirectoryIndex.

1. Open the dir.conf file with vim to change the behaviour

sudo vim /etc/apache2/mods-enabled/dir.conf

<IfModule mod_dir.c>
  # Change this:
  # DirectoryIndex index.html index.cgi index.pl index.php index.xhtml index.htm
  # To this:
  DirectoryIndex index.php index.html index.cgi index.pl index.xhtml index.htm
</IfModule>

NB: We want to prioritize index.php over index.html

2. Reload Apache

Apache is reloaded so the changes takes effect.

sudo systemctl reload apache2

3. Create a php test script to confirm that Apache is able to handle and process requests for PHP files.

A new index.php file was created inside the custom web root folder.

vim /var/www/projectlamp/index.php

Add the text below in the index.php file

<?php
phpinfo();

NB: phpinfo() shows your PHP environment info in browsers, this is useful for confirming PHP is working correctly.

4. Now refresh the page

This page provides information about the server from the perspective of PHP. It is useful for debugging and to ensure the settings are being applied correctly.

sudo rm /var/www/projectlamp/index.php

Conclusion:

The LAMP stack provides a robust and flexible platform for developing and deploying web applications. By following the guidelines outlined in this documentation, It was possible to set up, configure, and maintain a LAMP environment effectively, enabling the creation of powerful and scalable web solutions.

LAMP Stack (WEB STACK) Implementation in AWS

Uwadone Joshua — Wed, 16 Apr 2025 09:57:50 +0000

WEB STACK IMPLEMENTATION (LAMP STACK) IN AWS

Introduction:

Linux

Apache

MySQL (or MariaDB)

PHP (or Perl/Python)

Use Cases for LAMP Stack

Step 0: Prerequisites

1. Launched an Ubuntu EC2 Instance named “Lamp_Stack_Server” with AMI of 24.04 LTS (HVM) in the us-west-2 region using the AWS console.

3. The security group was configured with the following inbound rules:

Allow traffic on port 22 (SSH) with source from any IP address. This is opened by default.
Allow traffic on port 443 (HTTPS) with source from anywhere on the internet.
Allow traffic on port 80 (HTTP) with source from anywhere on the internet. And will leave the storage at default; 8gb gp3 volume storage. Then we hit the launch instance button.

4. First, we need to move the keypair file from the download folder into the .ssh folder;
cp ~/Downloads/lamp_stack.pem ~/.ssh/

The private ssh key that got downloaded has now been moved, permission was changed for the private key file and then used to connect to the instance by running the following commands;

chmod 400 ~/.ssh/lamp_stack.pem

ssh -i ~/.ssh/lamp_stack.pem ubuntu@35.93.146.45

Where username=ubuntu and public ip address=35.93.146.45

Step 1 - Install Apache and Update the Firewall

1. Update and upgrade list of packages in package manager

sudo apt update


![Update Packages](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/0zxegjkabpl6ti9ixmn6.png)

sudo apt upgrade -y

2. Run apache2 package installation

sudo apt install apache2 -y

3. Enable and verify that apache is running on as a service on the OS.

sudo systemctl enable apache2
sudo systemctl status apache2

sudo systemctl enable apache2: Configures Apache to start on boot (so it survives a restart).

If it green and running, then apache2 is correctly installed

4. The server is running and can be accessed locally in the ubuntu shell by running the command below:

curl http://localhost:80
OR
curl http://127.0.0.1:80

5. Test with the public IP address if the Apache HTTP server can respond to requests from the internet using the url on a browser.

http://35.93.146.45:80

This shows that the web server is correctly installed and it is accessible through the firewall.

6. Another way to retrieve the public IP address other than check the aws console

TOKEN=$(curl -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600")
curl -H "X-aws-ec2-metadata-token: $TOKEN" -s http://169.254.169.254/latest/meta-data/public-ipv4

![Obtain IP via the CLI](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/zrhwd5jhuq74uf7qq21t.png)![imds option](./images/imds-option.png)

The command was run,and the public IP address was displayed. Thing is AWS now defaults to IMDSv2 (Instance Metadata Service Version 2), which requires token.

TOKEN=$(curl -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600")
curl -H "X-aws-ec2-metadata-token: $TOKEN" -s http://169.254.169.254/latest/meta-data/public-ipv4

Step 2 - Install MySQL

1. Install a relational database (RDB)

MySQL was installed in this project. It is a popular relational database management system used within PHP environments. We use MySQl as a relational database to store and manage data on our website.

sudo apt install mysql-server

When prompted, install was confirmed by typing y and then Enter.

2. Enable and verify that mysql is running with the commands below

sudo systemctl enable --now mysql
sudo systemctl status mysql

NB: sudo systemctl enable --now mysql: --now starts MySQL immediately, and enable ensures it runs at boot.

3. Log in to mysql console

sudo mysql

This connects to the MySQL server as the administrative database user root inferred by the use of sudo when running the command.

4. Set a password for root user using mysql_native_password as default authentication method.

Here, the user's password was defined as "Admin007$"

ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'Admin007$';

Exit the MySQL shell

exit

5. Run an Interactive script to secure MySQL

The security script comes pre-installed with mysql. This script removes some insecure settings and lock down access to the database system.

NB: The command below launches an interactive script that:
Sets password validation rules (if chosen).

Removes test users and databases.

Disables root login remotely (optional).

Reloads privilege tables.

sudo mysql_secure_installation

We use the sudo mysql_secure_installation command to remove insecure default settings and enable protection for the database.

Regardless of whether the VALIDATION PASSWORD PLUGIN is set up, the server will ask to select and confirm a password for MySQL root user.

6. After changing root user password, log in to MySQL console.

A command prompt for password was noticed after running the command below.

sudo mysql -p

Exit MySQL shell

exit

Step 3 - Install PHP

1. Install php
Apache is installed to serve the content and MySQL is installed to store and manage data.
PHP is the component of the set-up that processes code to display dynamic content to the end user.

The following were installed:

php: The scripting language.
php-mysql: PHP module that allows PHP to communicate with MySQL-based databases.
libapache2-mod-php: Module to run PHP with Apache and enable Apache to handle PHP files.

sudo apt install php libapache2-mod-php php-mysql

Confirm the PHP version

php -v

At this point, the LAMP stack is completely installed and fully operational.

Step 4 - Create a virtual host for the website using Apache

1. The default directory serving the apache default page is /var/www/html. Create your document directory next to the default one.

Apache webserver serves a website by way of server blocks inside its /var/www/ directory, and it can support multiple of this server blocks to host other websites.

Here we create a new directory called ‘projectlamp’ inside the /var/www/ directory using "mkdir" command

sudo mkdir /var/www/projectlamp

Assign the directory ownership with $USER environment variable which references the current system user, i.e we change the permissions of the projectlamp directory to the current user system..

sudo chown -R $USER:$USER /var/www/projectlamp

NB: This command changes ownership to your user (so you can easily modify files).

Create and open a new configuration file in apache’s “sites-available” directory using vim.__

sudo vim /etc/apache2/sites-available/projectlamp.conf

The following represents the configuration needed to spin up the server block. Copy and paste in the bare-bones configuration below into the editor.:

<VirtualHost *:80>
  ServerName projectlamp
  ServerAlias www.projectlamp
  ServerAdmin webmaster@localhost
  DocumentRoot /var/www/projectlamp
  ErrorLog ${APACHE_LOG_DIR}/error.log
  CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

3. Show the new file in sites-available

sudo ls /etc/apache2/sites-available

Output:
000-default.conf default-ssl.conf projectlamp.conf

With the VirtualHost configuration, Apache will serve projectlamp using /var/www/projectlamp as its web root directory.

4. Enable the new virtual host

sudo a2ensite projectlamp

So, we run sudo a2ensite projectlamp to activate the server block.
NB: Activates your config by creating a symbolic link in sites-enabled.

5. Disable apache’s default website.

This is because Apache’s default configuration will overwrite the virtual host if not disabled. This is required if a custom domain is not being used.

sudo a2dissite 000-default

6. Ensure the configuration does not contain syntax error

The command below was used:

sudo apache2ctl configtest

7. Reload apache for changes to take effect.

sudo systemctl reload apache2

The new website is now active but the web root /var/www/projectlamp is still empty. Create an index.html file in this location, so as to test the virtual host work as expected.

sudo echo 'Hello LAMP from hostname' $(curl -s http://169.254.169.254/latest/meta-data/public-hostname) 'with public IP' $(curl -s http://169.254.169.254/latest/meta-data/public-ipv4) > /var/www/projectlamp/index.html

sudo bash -c "echo 'Hello LAMP from hostname' \$(curl -H \"X-aws-ec2-metadata-token: $TOKEN\" -s http://169.254.169.254/latest/meta-data/public-hostname) 'with public IP' \$(curl -H \"X-aws-ec2-metadata-token: $TOKEN\" -s http://169.254.169.254/latest/meta-data/public-ipv4) > /var/www/projectlamp/index.html"

Open the website on a browser using the public IP address.

http://35.93.146.45:80

10. Open the website with public dns name (port is optional)

http://<public-DNS-name>:80

Step 5 - Enable PHP on the website

1. Open the dir.conf file with vim to change the behaviour

sudo vim /etc/apache2/mods-enabled/dir.conf

<IfModule mod_dir.c>
  # Change this:
  # DirectoryIndex index.html index.cgi index.pl index.php index.xhtml index.htm
  # To this:
  DirectoryIndex index.php index.html index.cgi index.pl index.xhtml index.htm
</IfModule>

NB: We want to prioritize index.php over index.html

2. Reload Apache

Apache is reloaded so the changes takes effect.

sudo systemctl reload apache2

3. Create a php test script to confirm that Apache is able to handle and process requests for PHP files.

A new index.php file was created inside the custom web root folder.

vim /var/www/projectlamp/index.php

Add the text below in the index.php file

<?php phpinfo();

NB: phpinfo() shows your PHP environment info in browsers, this is useful for confirming PHP is working correctly.

Now refresh the page

This page provides information about the server from the perspective of PHP. It is useful for debugging and to ensure the settings are being applied correctly.

sudo rm /var/www/projectlamp/index.php

Conclusion:

Build and Deploy a C.R.U.D REST API on Lambda using DynamoDB

Uwadone Joshua — Tue, 17 Dec 2024 15:37:23 +0000

In this tutorial, I will walk you through the process of building a serverless API that enables the creates, reads, updates, and deletes of items stored in a DynamoDB table. By following the steps outlined below, you will be able to develop a scalable and efficient API using AWS Lambda, API Gateway, and DynamoDB.
You can do it within the AWS Free Tier.

Here are the high-level steps we’ll follow:

Step 1: Create a DynamoDB table
Step 2: Create a Lambda function
Step 3: Create an API gateway
Step 4: Test your API
Step 5: Monitor your Logs and Insights

Here is a link to my github repo: https://github.com/Uwadon1/AWS_RestLambdaAPI

Step-by-Step Tutorial: Build a REST API (CRUD)

Step ONE: Create a DynamoDB table

Set Up the Environment

Create a DynamoDB Table

From the AWS dashboard, search for DynamoDb, then click on the DynamoDB service to navigate into the dynamo db dashboard.

Click on the “create table icon

Fill in the necessary details and give your table a name (e.g employee_info or any name of your choice). You can specify the partition key as employeeid (string). Let the table setting remain as default.

Leave the remaining options as default and click “create table.”

By following these steps, you will successfully create a DynamoDB table named “employee_info” with the partition key set to “employeeid”.

Step TWO: Create a Lambda function
Create Lambda Functions

For this project, we will be using AWS Lambda for our backend logic:
From the AWS Management Console, search for AWS Lambda service.

Click on “create a function”:

In the “create a function” dashboard, select “author from scratch.” In the basic information section, give your lambda a function name e.g api_processing, we will select Python 3.13 as our runtime

For Permission, in the execution role section, we will opt for the third/last option: “create a new role from AWS policy templates.”
This new role should give us the opportunity to attach policy that grants full acces to DynamoDb and Cloudwatch or a custom policy with limited access to dynamo db. Afterwards, we will click on ‘create function’

We will be brougth to the lambda dashboard, showing function successfully created.

Right now, we’ll need to tweak the permission for our IAM role. Navigate to the configuration section, and select the permission button. Next you’ll need to click on the link in the role name section.

You will be redirected to the IAM service tab, you will notice by default we already have a policy that has AWSLambdaBasicExecutionRole, we will need to attach more policies like Dynamodb full access and Cloudwatchlog full access

Next we will need to attach our desired policies to this role, first we’ll add “AwsDynamoDBFullAccess”

We will add the next policy to this role, which is: “CloudWatchLogsFullAccess”

Policies have been added, hence our lambda now has the required access to interact with DynamoDB and to get logs from out Cloudwatch.

By following these steps, you will have created a Lambda function named “api_processing” and set up a new role with the appropriate permissions to interact with DynamoDB.
Step THREE: Create an API gateway

In the AWS dashboard, search for API Gateway and click on it.

You will be brought straight to Create API dashboard, choose REST API and click on build

Choose “new API” and give it a name (e.g., serverless-demo`).
Leave the description section blank and select regional as the API endpoint type. Then click on create api

Next, we are going to create resources: Click on “Create Resource”

We’ll need to give a resource a name, in the resource name section, write status and in the resource path select /. Ensure to check the button to enable CORS for cross-origin requests. And click create resource.

As seen below, the resource has been successfully created, next we’ll create methods for the status resource:

When you click on the “Create Method” icon, you will be brought to the tab below, select the method “get” and click the checkmark. Select lambda function as the Integration type. Ensure to click on the button to turn on lambda proxy integration.

Specify your Lambda function name (api_processing), leave the other options as default. Click ‘create method”.

The get method for resource status has been successfully created.

We’ll need to create a new resource and give it the name employee and in the resource path select /. Ensure to check the button to enable CORS for cross-origin requests. And click create resource.

The newly created resource should look like this.

We’ll need to create a new resource and give it the name employees and in the resource path select /. Ensure to check the button to enable CORS for cross-origin requests. And click create resource.

The newly created resource should look like this, next we’ll create ‘get’ method for the employees resource:

Click on the “Create Method” icon, you will be brought to the tab below, select the method “get” and click the checkmark. Select lambda function as the Integration type. Ensure to click on the button to turn on lambda proxy integration.

Specify your Lambda function name (api_processing), leave the other options as default. Click ‘create method’, then confirm.

The newly created get method for the /employees resource should look like this.

Lastly we will need to create the CRUD methods for the employee resource. For each HTTP method (GET, POST, DELETE, PATCH):
“Click on create Method” icon, you will be brought to the tab below, select the method “get” and click the checkmark. Select lambda function as the Integration type. Ensure to click on the button to turn on lambda proxy integration.

Specify your Lambda function name (api_processing), leave the other options as default. Click ‘create method’, then confirm.

The newly created get method should look like this.

In the “Create Method” icon, you will be brought to the tab below, select the method “post” and click the checkmark. Select lambda function as the Integration type. Ensure to click on the button to turn on lambda proxy integration. Specify your Lambda function name (api_processing), leave the other options as default. Click ‘create method’, then confirm.

The newly created post method should look like this.

In the “Create Method” icon, you will be brought to the tab below, select the method “delete” and click the checkmark. Select lambda function as the Integration type. Ensure to click on the button to turn on lambda proxy integration. Specify your Lambda function name (api_processing), leave the other options as default. Click ‘create method’, then confirm.

The newly created delete method should look like this.

In the “Create Method” icon, you will be brought to the tab below, select the method “patch” and click the checkmark. Select lambda function as the Integration type. Ensure to click on the button to turn on lambda proxy integration. Specify your Lambda function name (api_processing), leave the other options as default. Click ‘create method’, then confirm.

The newly created patch method should look like this.

Resources: These are endpoints in your API (e.g., /employee or /status). They represent logical containers for HTTP methods and map directly to backend operations.
Methods: These are the HTTP operations (like GET, POST, PUT, DELETE) applied to a resource. They determine what action is performed on the resource. For example:
GET: Fetch data.
POST: Create data.
PUT: Update existing data.
DELETE: Remove data.
API Gateway integrates these resources and methods with AWS Lambda to execute backend logic or interact with a database like DynamoDB

Click on deploy API
In the deploy API overview, a box would pop up for you to choose a stage (New Stage), and then type in a stage name (dev), you can fill in the description box or leave it blank, it is optional. Then click on deploy.

By following these steps, you will have successfully created a REST API named “serverless-demo” that serves as an HTTP endpoint for your Lambda function. In the subsequent steps. Take note of the invoke URL, we will need it later.

Step FOUR: Test your API

This right here is the code editor overview, and we have the default lambda code, so we will try to run the invoke url code to test its functionality. You can use tools like Postman or a browser to make API requests. We should get the response “Hello from Lambda!” on our screen.

Here is the invoke url code on our browser, we will include the pathway to our status resource (e.g /status) at the end of the URL code. The essence of the status resource is to test the functionality..

This is what we got on browser, “Hello from Lambda!” which shows that everything in our application and code is working fine.

Preferably we will also try the invoke url code on postman, we will also include the pathway to our status resource (e.g /status) at the end of the URL code. We will also select the “get” option and click on send..

This is the output on lambda: “Hello from Lambda!”

Next we will need to open the lambda dashboard and navigate to the code editor’s tab and replace the existing code with the following code snippet:
Here, we will write a logic for each CRUD operation:

POST: Insert a new record in DynamoDB.
GET: Fetch all or a specific record from DynamoDB.
UPDATE: Update a record.
DELETE: Remove a record.

You can write or upload your code on the console editor:

Here is the link to the Code on my github

This function serves as a robust backbone for employee management, leveraging the power of AWS Lambda and DynamoDB in a RESTful architecture.

Next we hit the deploy button to update our new python code.

We will move, right away to test our Lambda function. We will need to choose our test event e.g: “test-crud” and save

We will retest the /status ‘get’ API endpoint with Postman. Using the invoke url code on our browser, we will include the pathway to our status resource (e.g /status) at the end of the URL code. We will get the output below.

Using the browser, we got this output. “Service is operational” which shows that everything in our application and code is working fine.

We will test the /employee ‘post’ API endpoint with Postman. Using the invoke url code on our browser, we will include the pathway to our employee resource (e.g employee) at the end of the URL code. We will choose the following options as shown below, choose ‘post’ option, and select body, then raw, and json format to insert in our command as json.

{ “Employeeid”: “102”, “job_title”: “CEO”, “full_name”: “John Tom”, “salary”: “1000000” }.

Note we changed the last endpoint from /status to /employee. We should see ‘200 okay’. Which shows everything is functional. We should also see our output in the down box.
We will follow the same steps to input two other values.

We will test the /employee ‘delete’ API endpoint with Postman. Using the invoke url code on our browser, we will include the pathway to our employee resource (e.g /employee) at the end of the URL code. We will choose the following options as shown below, choose ‘delete’ option, and type in our command as json:
{ “Employee”: “102” }.
We should see the output below “Operation”: “DELETE”, and ‘200 okay’. Which shows everything is functional.

We will test the /employee ‘patch’ API endpoint with Postman. Using the invoke url code on our browser, we will include the pathway to our employee resource (e.g /employee) at the end of the URL code. We will choose the following options as shown below, choose patch’ option, and type in our command as json:
{ “EmployeeId”: “103”, “updateKey”: “full_name”, “updateValue”: “Chioma Chukwu” }.
We should see the output below “Operation”: “UPDATE”, and ‘200 okay’. Which shows everything is functional.

Lastly, we will test the /employees ‘get’ API endpoint with Postman. Using the invoke url code on our browser, we will include the pathway to our employees resource (e.g /employees) at the end of the URL code. We will get the info output of all the employees in the company .

We will go into our Dynamo DB dashboard to verify if all we have created using our API and lambda would reflect inside our database

Step FIVE: Monitoring the logs and insights
Using cloudwatch we can monitor the logs for insights to check for errors and troubleshoot where necessary

Deploy an EC2 instance inside a custom VPC using Terraform.

Uwadone Joshua — Fri, 08 Nov 2024 13:43:10 +0000

Deploy an EC2 instance inside a custom VPC using Terraform.

This guide will set up the following:

A VPC with one Availability Zones (AZs).
In the AZ, there will be:
A public subnet for resources like NAT gateway and EC2 instance.
Internet Gateway for outbound internet traffic from public subnets.
Route Tables to handle routing within the subnets.
Security Groups to control traffic to/from instances. In this project, you will learn how to automatically deploy an EC2 instance inside a custom VPC using Terraform.

Prerequisites

An active AWS account with an IAM user already created
Text editor of your choice (VSCode Recommended)
Terraform Installed: Make sure you have Terraform installed on your machine, you should also have a basic knowledge of how it works.
AWS credentials: You should have AWS credentials configured locally using AWS CLI or through environment variables.
AWS Provider: This guide uses the AWS provider.
Bash scripting knowledge

As you should know by now, Terraform is an IaC tool that helps to automate processes which increase delivery time of software. In this tutorial, Terraform will be employed in setting up an ec2 instance in a VPC and all of its components

Setting up the project environment
The first step is to create a folder on your device and open it up in VSCode. We will be creating 4 terraform files for this project;
Your project directory can be structured like this:
terraform/
├── provider.tf
├── variables.tf
├── main.tf
├── outputs.tf

Here is the outline of all the resources, we will be creating.

Create a VPC folder and files
Define the Provider Block
Create the VPC Block
Create the Subnet(s)
Create an Internet Gateway
Create Route Tables
Associate Subnet with Route Tables
Create Security Groups
Create KeyPairs
Create EC2 Instance

Step-by-Step Terraform Configuration

1. Creating your Provider Configuration
The first step is to configure the AWS provider on your provider.tf file
hcl
#Create a Terraform Provider Block terraform { required_providers { aws = { source = “hashicorp/aws” version = “~>5.68.0” } } } provider “aws” { region = “us-east-1” # Select your desired region }

2. Creating your VPC Block

Create a VPC using the following block.
hcl
#Create the VPC Block resource"aws_vpc" "my_vpc" { cidr_block = var.vpc_cidr enable_dns_support = true enable_dns_hostnames = true tags = { Name = "my-vpc" } }

3. Creating your Subnet Block

For this demo, we will create only one subnet in one availability zone.
hcl
#Create the Subnet(s) resource "aws_subnet" "public_subnet" { vpc_id = aws_vpc.my_vpc.id cidr_block = var.public_subnet_cidr availability_zone = var.availability_zone map_public_ip_on_launch = true tags = { Name = "my-pub-sub" } }

4. Internet Gateway

An Internet Gateway will allow public subnets to have access to the internet.
hcl
#Create an Internet Gateway resource "aws_internet_gateway" "igw" { vpc_id = aws_vpc.my_vpc.id tags = { Name = "my-internet-gateway" } }

5. Route Tables

We need a route table for both public and private subnets. Public subnets route through the Internet Gateway, while private subnets route through a NAT Gateway.

hcl
#Create Route Tables resource "aws_route_table" "public_rt" { vpc_id = aws_vpc.my_vpc.id route { cidr_block = "0.0.0.0/0" gateway_id = aws_internet_gateway.igw.id } tags = { Name = "public-rt" } }

6. Associate public subnets with the public route table

hcl
#Associate Public Subnet with the Public Route Table resource "aws_route_table_association" "public_rt_association" { subnet_id = aws_subnet.public_subnet.id route_table_id = aws_route_table.public_rt.id }

7. Security Groups

Here’s a basic security group allowing inbound SSH access from your IP and allowing all outbound traffic.

hcl
#Create Security Groups resource "aws_security_group" "my-sg" { vpc_id = aws_vpc.my_vpc.id # Ensure the security group is created in the same VPC name = "my security group" description = "my security group" ingress { description = "HTTP" from_port = 80 to_port = 80 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] # Allow traffic from anywhere } ingress { description = "HTTPS" from_port = 443 to_port = 443 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] } ingress { description = "SSH" from_port = 22 to_port = 22 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] } egress { from_port = 0 to_port = 0 protocol = "-1" cidr_blocks = ["0.0.0.0/0"] } tags = { Name = "my-sg" } }

8. Key Pairs
A key pair is a set of cryptographic keys used for authentication and encryption. It consists of a public key and a private key.

Public Key: This key is freely shared and can be used to encrypt data. Only the corresponding private key can decrypt the data.
Private Key: This key is kept secret and should never be shared. It's used to decrypt data encrypted with the public key.

hcl Generate a new private key resource "tls_private_key" "terraform_kp" { algorithm = "RSA" rsa_bits = 4096 } Create AWS Key Pair using the public key generated above resource "aws_key_pair" "my-terraform-kp" { key_name = "terraform-kp" # New Key Pair Name public_key = tls_private_key.terraform_kp.public_key_openssh } To create a file or folder to save your Private Key resource "local_file" "terraform_kp" { content = tls_private_key.terraform_kp.private_key_pem filename = "terraform-kp.pem" # Save as a .pem file }

9. Create an EC Instance

#Create EC2 Instance with NGINX installation via user_data resource "aws_instance" "project_server" { depends_on = [aws_security_group.my-sg, aws_subnet.public_subnet] ami = "ami-0e86e20dae9224db8" # Amazon Ubuntu AMI instance_type = "t2.micro" subnet_id = aws_subnet.public_subnet.id associate_public_ip_address = true key_name = "terraform-kp" vpc_security_group_ids = [aws_security_group.my-sg.id] }

10. Outputs

You can create an outputs.tf to display useful information like the VPC ID and subnet IDs after deployment.
outputs.tf:

hcl Output Public IP output "project_server_public_ip" { value = aws_instance.project_server.public_ip } Output Public DNS output "aws_instance_public_dns" { value = aws_instance.project_server.public_dns }

11. Variables

You can create a variables.tf file to display your variables like the VPC ID and subnet IDs after deployment.

variable "vpc_cidr" { default = "10.0.0.0/16" } variable "public_subnet_cidr" { default = "10.0.1.0/24" } variable "private_subnet_cidr" { default = "10.0.3.0/24" } variable "availability_zone" { default = "us-east-1a" }

12. How to Deploy

Ø Initialize Terraform:
Navigate to your project directory and run:
bash
terraform init

Ø Plan the infrastructure:
Review the changes that Terraform will make:
bash
terraform plan

Ø Apply the configuration:
Deploy the resources by running:

bash
terraform apply

Ø Confirm:
Type yes when prompted to confirm the creation of resources.

13. Verify the Resources Created:

Navigate to your AWS management console and search for VPC to see the newly created VPC via terraform

From your AWS management console dashboard, search for EC2 to see the newly created EC2 via terraform

14. Clean Up Resources:

If you’re done and no longer need your resources, you can terminate them to avoid incurring charges.
Run the following command to clean your resources
bash
terraform destroy

You will see a prompt to type YES in order to confirm your destroy action. Type YES, and your resources would be deleted completely as shown below.

Conclusion
By following these steps and customizing the Terraform configuration to your specific needs, you can effectively launch EC2 instances in a VPC using Terraform, and you should be able to SSH into your website using the EC2 instance’s public IP.

If you find this helpful, please click the clap 👏 button below a few times to show your support for the author 👇

Launch an EC2 instance in a custom-made VPC using cloud formation

Uwadone Joshua — Fri, 08 Nov 2024 10:44:42 +0000

Infrastructure as Code (IaC): is a practice of managing and provisioning infrastructure through code instead of manual processes. By treating infrastructure as code, organizations can automate the creation, modification, and deletion of infrastructure resources, such as servers, networks, and storage e.t.c.

Problems Solved by IaC:

Manual Error Reduction:

Consistency: IaC ensures that infrastructure is provisioned consistently, reducing the risk of human error.
Repeatable Deployments: IaC scripts can be run multiple times to create identical environments.

Increased Efficiency:

Automation: IaC automates the provisioning process, saving time and effort.
Faster Time to Market: Infrastructure can be deployed quickly and efficiently.

Improved Collaboration:

Control: IaC uses version control systems like Git to track changes, enabling collaboration and rollback.
Shared Understanding: Code-based infrastructure is easier to understand and collaborate on.

Enhanced Security:

Configuration Drift Prevention: IaC helps maintain consistent configurations, reducing security vulnerabilities.
Auditing and Compliance: IaC provides a clear audit trail for compliance and security audits.

Popular IaC Tools:
Terraform: A popular open-source tool for managing infrastructure across multiple cloud providers.
Ansible: A configuration management tool that can be used for infrastructure automation.
Puppet: A configuration management tool for automating server and system administration tasks.
Chef: A configuration management tool for automating infrastructure and applications.
AWS Cloud Formation: This is an infrastructure-as-code tool that defines resources and their configurations in a standardized template -- either a JavaScript Object Notation (JSON) or YAML format. In general, YAML is the preferable option, as it's more concise; JSON requires a much higher number of characters. YAML also supports the ability to add comments, which JSON does not.

By adopting IaC, organizations can significantly improve their infrastructure management practices, reduce operational costs, and accelerate application delivery.

Alright! Let’s dive right into how to launch an EC2 instance in a VPC using AWS CloudFormation.

This guide covers creating a basic CloudFormation stack to provision a VPC, subnets, security groups, and an EC2 instance.

Step 1: Prepare Your CloudFormation Template

So the next thing we will need to do is, we’ll want to do is to create a CloudFormation template file (in YAML format) named ec2_vpc.yaml.

We will be using the below template to create an EC2 Instance by replacing the following defaults of SubnetId, SecurityGroupId, and ImageId with actual values that exist


`AWSTemplateFormatVersion: 2010-09-09
Description: My first Cloud Formation Template with YAML comments.

Resources:
  MyVPC:
    Type: AWS::EC2::VPC
    Properties:
      CidrBlock: 10.0.0.0/16
      Tags:
        - Key: Name
          Value: MyVPC

  PublicSubnet:
    Type: AWS::EC2::Subnet
    Properties:
      CidrBlock: 10.0.1.0/24
      VpcId: !Ref MyVPC
      MapPublicIpOnLaunch: true
      Tags:
        - Key: Name
          Value: PublicSubnet

  InternetGateway:
    Type: AWS::EC2::InternetGateway
    Properties:
      Tags:
        - Key: Name
          Value: MyInternetGateway`

`AttachGateway:
    Type: AWS::EC2::VPCGatewayAttachment
    Properties:
      VpcId: !Ref MyVPC
      InternetGatewayId: !Ref InternetGateway

  PublicRouteTable:
    Type: AWS::EC2::RouteTable
    Properties:
      VpcId: !Ref MyVPC
      Tags:
        - Key: Name
          Value: PublicRouteTable

  PublicRoute:
    Type: AWS::EC2::Route
    Properties:
      RouteTableId: !Ref PublicRouteTable
      DestinationCidrBlock: 0.0.0.0/0
      GatewayId: !Ref InternetGateway

  SubnetRouteTableAssociation:
    Type: AWS::EC2::SubnetRouteTableAssociation
    Properties:
      SubnetId: !Ref PublicSubnet
      RouteTableId: !Ref PublicRouteTable`

 `MySecurityGroup:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupDescription: Allow SSH and HTTP access
      VpcId: !Ref MyVPC
      SecurityGroupIngress:
        - IpProtocol: tcp
          FromPort: 22
          ToPort: 22
          CidrIp: 0.0.0.0/0
        - IpProtocol: tcp
          FromPort: 80
          ToPort: 80
          CidrIp: 0.0.0.0/0
        - IpProtocol: tcp
          FromPort: 443
          ToPort: 443
          CidrIp: 0.0.0.0/0
      Tags:
        - Key: Name
          Value: MySecurityGroup`

`MyEC2Instance:
    Type: AWS::EC2::Instance
    Properties:
      InstanceType: t2.micro
      KeyName: EC2-CTF-VPC  # Ensure this key pair exists in your AWS account
      ImageId: ami-06b21ccaeff8cd686  # Confirm this is valid for your target region
      NetworkInterfaces:
        - AssociatePublicIpAddress: true
          SubnetId: !Ref PublicSubnet
          DeviceIndex: 0
          GroupSet:
            - !Ref MySecurityGroup
      Tags:
        - Key: Name
          Value: MyEC2Instance
`

Step 2: Create the CloudFormation Stack:
After you input your login details, you will be brought to the dashboard, observe the search button at the top.

Next we’ll click on the search bar, and type “CLOUD FORMATION” you will see the Cloudformation resource as shown below.

When you clicked on the Cloudformation, you will be brought to the cloudformation dashboard, click on the “Create Stack"

Creating a New Stack, inside the stack section, you will see 3 options: “Choose an existing template, Use a sample template and Build from Infrastructure Composer.”
But for the sake of this projec, we will select the first option “Choose an existing template”.
Scroll down and specify the template to choose the file from.

We will choose the “upload a template file” option. Then click on choose file to upload our YAML file from our local machine.

Upload your ec2_vpc.yaml template file from your computer. Select the file and click open.

As seen below, after uploading your preferred file, click the next button

Next would be to enter a Stack name (e.g., EC2InVPCStack) and click on the next button.

Configure Stack Options: Choose any additional options if necessary (tags, permissions, etc.), or leave as default. We will give our stack a tag key-value pair as shown below and scroll down.

And leave the rest as default and click next.

Review and Create Stack: Review the details and check if all the configurations are set properly.

If everything is properly set, click on the ‘submit’ button.

Step 3: Wait for the Stack to Complete: CloudFormation will begin creating the resources. You can monitor the progress in the “Events” tab.

When the ‘Status’ shows CREATE_COMPLETE, your EC2 instance and VPC and other resources have been successfully launched.

Step 4: Verify the Resources

View Resources in CloudFormation:

In the CloudFormation console, select your stack and go to the Resources tab to see the created resources.

Check in EC2 and VPC Consoles:

Go to the EC2 console to see the running instance.

Go to the VPC console to verify the VPC, subnet, and security group.

This template creates a basic setup with a VPC, subnet, internet gateway, route table, security group, and an EC2 instance. You can customize the configurations further based on your requirements.

I also want to express that your feedback is always welcome. As I strive to provide accurate information and insights, I acknowledge that there’s always room for improvement. If you notice any mistakes or have suggestions for enhancement, I sincerely invite you to share them with me.

🤩 Thanks for being patient and following me. Keep supporting 🙏
Share a reaction 👏 if you liked this article.

For more exercises — please follow me below ✅!
https://dev.to/uwadon1

Step-by-step guide to containerize your full-stack MERN application, using Docker Compose.

Uwadone Joshua — Tue, 05 Nov 2024 15:57:48 +0000

Here’s a step-by-step guide to containerize your full-stack MERN application, building each stack component locally first and then moving to Docker Compose.

Step 1: Clone Your GitHub Repository and Navigate to Local Directories

Clone your GitHub repository: Copy your code from your github repository as shown below

Go to your terminal and run:bash git clone https://github.com/Uwadon1/dockerize-a-mern-stack-app.git``

Next you’ll have to move into the newly cloned directory

cd dockerize-a-mern-stack-app

Directory structure check: Ensure your project folders has the Frontend/Web-tier, Backend/app-tier and Database. If it has, our final set would most likely look like this, please note because we are deploying our database directly from the backend: ` project-directory/ ├── frontend/ ├── backend/ ├── database/ └── docker-compose.yml (this will be created later)

Best Practices: Consider using a .dockerignore file to exclude unnecessary files from the image

Step 2: Create Dockerfiles for Each Stack Component

Frontend (React)
- Navigate to the frontend folder and create a Dockerfile:

`dockerfile
# Dockerfile for frontend

Use the official image as a parent image
Description: Dockerfile for the client side of the MERN stack application

Use the official image as a parent image

FROM node:18.9.1

Set the working directory

WORKDIR /app

Copy the file from your host to your current location

COPY package.json .

Run the command inside your image filesystem

RUN npm install

Inform Docker that the container is listening on the specified port at runtime

EXPOSE 5173

Copy the rest of your app's source code from your host to your image filesystem

COPY . .

Run the specified command within the container

CMD ["npm", "run", "dev"]

Explanation: This Dockerfile installs dependencies, builds the frontend code, and uses serve to host the static files. Dockerfile Breakdown This Dockerfile builds a container image for a React frontend application, leveraging the Node.js environment. Let's break down each line:
1. FROM node:18.9.1: This line specifies the base image for the container. node:18.9.1 indicates that we're using the official Node.js 18.9.1 image as the starting point.
2. WORKDIR /app: This sets the working directory within the container to /app. This is where all subsequent commands will be executed.
3. COPY package.json .: This copies the package.json file from the host machine to the /app directory within the container. This file contains the project's dependencies and configuration.
4. RUN npm install: Executes the npm install command within the container to install all the dependencies listed in the package.json file.
5. EXPOSE 5173: Informs Docker that the container will listen on port 5173. This port is often used by development servers like Create React App.
6. COPY . .: Copies all the remaining files and directories from the host machine to the /app directory within the container. This includes the source code for your React application.
7. CMD ["npm", "run", "dev"]: Specifies the default command to be executed when the container starts. In this case, it runs the dev script defined in the package.json file. This script typically starts the development server for your React app.

Building and Running the Image: To build the Docker image, you would use the following command:
Bash
docker build -t mern-frontend .

This command will create an image named mern-frontend based on the Dockerfile in the current directory. NB: Please ensure your docker desktop is running before you build your docker image.
As shown below, you can see that our front end image has been built successfully

Before we run, we need to create a network so that our containers can communicate among themselves seamlessly. To create our docker network, we would use:
Bash
docker network create mern

Next, we will have to run our container, To run our container, we would use:
Bash
docker run --name=frontend --network=mern -d -p 5173:5173 mern-frontend

This command will start a container based on the mern-frontend image, mapping port 5173 of the container to port 5173 of your host machine. This allows you to access your React app in the browser at http://localhost:5173.

Backend (Node.js & Express)

It is best practice to always start a database container first, to avoid error.
Database (MongoDB)

For MongoDB, you don’t need a Dockerfile, as MongoDB has an official image available on Docker Hub.

To run our database container, we would use:
Bash
docker run --name=mongodb --network=mern -d -p 27017:27017 -v ~/opt/data:data/db mongo:latest

Navigate to the backend folder and create a Dockerfile:

`dockerfile
# Dockerfile for backend

FROM node:18.9.1

WORKDIR /app

COPY package.json .

RUN npm install

COPY . .

EXPOSE 5050

CMD ["npm", "start"]

Explanation: This sets up the backend service to listen on port 5000 and use npm start to initiate. Dockerfile Breakdown for the Backend This Dockerfile is designed to build a container image for a Node.js backend application. Let's break down each line:
1. FROM node:18.9.1: This line specifies the base image for the container. node:18.9.1 indicates that we're using the official Node.js 18.9.1 image as the starting point.
2. WORKDIR /app: Sets the working directory within the container to /app. This is where all subsequent commands will be executed.
3. COPY package.json .: Copies the package.json file from the host machine to the /app directory within the container. This file contains the project's dependencies and configuration.
4. RUN npm install: Executes the npm install command within the container to install all the dependencies listed in the package.json file.
5. COPY . .: Copies all the remaining files and directories from the host machine to the /app directory within the container. This includes the source code for your Node.js backend application.
6. EXPOSE 5050: Informs Docker that the container will listen on port 5050. This is the port that your Node.js server will be listening on.
7. CMD ["npm", "start"]: Specifies the default command to be executed when the container starts. In this case, it runs the start script defined in the package.json file. This script typically starts your Node.js server. Building and Running the Image: To build the Docker image, you would use the following command: Bash docker build mern-backend .

This command will create an image named mern-backend based on the Dockerfile in the current directory.

To run the container, you would use:
Bash
docker run --name=backend --network=mern -d -p 5050:5050 mern-backend

This command will start a container based on the mern-backend image, mapping port 5050 of the container to port 5050 of your host machine. This allows you to access your Node.js backend application at http://localhost:5050.

Haven built our containers and deployed our MERN stack locally, which really isn’t best practice, I’ll like to show how you can run all the commands in one single file and with just one command.:
Create a docker-compose.yml File

In your project root directory, create a docker-compose.yml to orchestrate all services together.

`yaml
services:
frontend:
build: ./mern/frontend
ports:
- "5173:5173"

networks:
- mern_network
environment:
REACT_APP_API_URL: http://backend:5050

backend:
build: ./mern/backend
ports:
- "5050:5050"
networks:
- mern_network
environment:
MONGO_URI: mongodb://mongo:27017/mydatabase

depends_on:
- mongodb

mongodb:
image: mongo:latest

ports:
- "27017:27017"

networks:
- mern_network
volumes:
- mongo-data:/data/db

networks:
mern_network:
driver: bridge

volumes:
mongo-data:
driver: local # Persist MongoDB data locally

Run Docker Compose

In the root project directory, run: `bash docker-compose up -d `

This setup should provide a fully functional MERN application running in Docker!

Let me know if you run into any issues or if you'd like more detail on specific parts of this process.

Access your services:
- Frontend: http://localhost:3000
- Backend: http://localhost:5000
- MongoDB is accessible to the backend container at database:27017.

Verify the Connection Between Services
Confirm that:

The frontend can send requests to the backend.
The backend connects to MongoDB using the MONGO_URI.

Manage and Stop Containers

To stop containers, press Ctrl + C.
To stop and remove containers, networks, and volumes created by docker-compose up, run: `bash docker-compose down `

Step 3: Cleaning Up Your Docker Environment (Optional)
When you're done working with the application, you can clean up your docker environments, using any of these commands:

`bash docker image prune -f `
This command removes all unused images.

`bash docker container prune -f `
This command removes all unused containers.

`bash docker network prune -f `
This command removes all unused network.

`bash docker compose down –volumes `
This command removes the associated volumes, freeing up disk space.

`bash docker system prune -f `
This command removes all unused resources at once.

Note: The -f flag forces the removal without prompting for confirmation. Use it with caution, as it will remove resources without confirmation.
By following these steps and using the appropriate commands, you can effectively clean up your Docker environment and keep it organized.

Additional Considerations

Environment Variables: In production, you should use Docker secrets or environment variable files (.env) to handle sensitive data like database credentials.
Scaling: You can scale services (like the backend) by modifying your docker-compose.yml: `yaml backend: ... deploy: replicas: 3 `
Multi-stage Builds: For more complex setups, consider using multi-stage builds in your Dockerfiles to optimize the size of your Docker images.

Conclusion
By following this guide, you now have a fully Dockerized three-tier web application, with the frontend, backend, and database running in isolated containers, all connected via Docker Compose. You can easily scale, share, and deploy your application using this setup.