𧱠Architecture Overview
π Networking Layer
Custom VPC
Public subnets (for ALB & NAT Gateway)
Private subnets (for EC2 instances)
Internet Gateway
Route tables for controlled traffic flow
βοΈ Load Balancing
Application Load Balancer (ALB)
Target groups with health checks
Listener forwarding traffic to healthy EC2 instances
π Compute & Scaling
Launch Template with:
AMI
Security groups
User data script
Auto Scaling Group:
Min, max, desired capacity
CPU-based scaling policies
Multi-AZ EC2 placement
π³ Application Deployment
Django web app
Docker installed via EC2 user data
Container launched automatically at instance startup
π Security Design
EC2 instances do not have public IPs
Instances are reachable only via ALB
Private subnets isolate application servers
NAT Gateway allows:
Docker image pulls
OS updates
Outbound internet access only
This aligns with least-exposure security principles.
π§ͺ Testing & Validation
β
High Availability Test
Application remains accessible via ALB
Individual EC2 instance failure does not break the app
Traffic automatically reroutes to healthy instances
π Autoscaling Test
Load generated using Apache JMeter
CPU-based scaling policies evaluated
Observed that CPU alone may not reflect real traffic load
Highlights need for memory / request-based metrics in production
π Private Access Test
Direct SSH blocked due to private subnet placement
EC2 Instance Connect Endpoint used for secure access
No public exposure of application servers
π Conclusion
Day 24 demonstrates how real production web platforms are built on AWS.
This is not about launching a single EC2 instance β itβs about:
Availability
Fault tolerance
Security
Scalability
Automation
By combining ALB, Auto Scaling Groups, private networking, and Docker, Terraform enables a robust, enterprise-grade hosting solution.
This project forms a strong foundation for extending into full three-tier architectures with databases, caching, and CI/CD pipelines.
Top comments (0)