Highly available web site with EC2, Custom VPC in 3 Public Subnets

awsmine

Revathi Joshi

Posted on October 13, 2022

Highly available web site with EC2, Custom VPC in 3 Public Subnets

In this article, I am going to create a highly available web site for EC2 instances with a custom VPC in 3 public subnets using Amazon's built-in capabilities such as Application Load Balancer, Availability zones and an Auto-Scaling group.

You can find all the projects related to EC2, in my GitHub Repository.

Let's get started!

Objectives:

  • A Custom VPC, 3 public subnets in 3 Availability Zones for High Availability
  • Create a Key Pair, a Security Group
  • A launch template for EC2 instances
  • Create an Auto scaling Group with a minimum of 2 EC2 instances and maximum of 5.
  • Create one Target Group and register both the EC2 instances.
  • Add an Application Load Balancer. Ensure the launch template includes an EC2 instance that has a web server
  • Attach the Load Balancer to the Auto scaling group
  • Terminate 1 EC2 Instance to show how Auto scaling works
  • Cleanup
  • What we have done so far

Pre-Requisites:

Resources Used:

Know how to create EC2 instances, Sub Groups, and Key pairs.

I have referred the AWS documentation to create Custom VPCs and setting up Auto-scaling coupled with Application Load Balancer.

Steps for implementation of this project:

A Custom VPC, 3 public subnets in 3 Availability Zones for High Availability

On the AWS Management Console
VPC Dashboard
Navigate to VPC
Click Create VPC from the top
Under VPC settings - VPC and more
Auto-generate - check and name "project"
IPv4 CIDR block - set to 10.0.0.0/16
Number of Availability Zones (AZs) - 3
Number of public subnets - 3
Number of private subnets - 0
DNS options

  • Enable DNS hostnames to get IPV4 addresses
  • Enable DNS Resolution to get the hostnames provisioned automatically

Click Create VPC

Image description

Image description

Click View VPC

Image description

Create Key Pair

From the AWS Management Console
On the EC2 Dashboard
On the side bar, under Network & Security
Click Key Pairs
Click Create Key Pair
Under Create key pair
Name - project-KP
Take default settings
Click Create Key pair

Image description

Create Security Group

A security group acts as a virtual firewall for your EC2 instances to control incoming and outgoing traffic.

From the AWS Management Console
On the EC2 Dashboard
On the side bar, under Network & Security
Click Security Groups
Click Create security group
Under Basic details
Security group name - project-WebSG
Description - project-WebSG
VPC - select project-VPC
Inbound rules
Add rule

  • open ports 80 (HTTP) and 22 (SSH) to outside 0.0.0.0/16
  • acts as a virtual firewall for your EC2 instances to control incoming and outgoing traffic

Take the default settings
Click Create security group

Image description

Image description

Launch Template

Create a launch template that contains the configuration information which will be later used in Auto-Scaling Group to launch an EC2 instance, with a policy to scale in or out depending on demand with a minimum of 2 instances and a maximum of 5.
I have referred the AWS documentation for — How to create a Launch Template

From the AWS Management Console
On the EC2 Dashboard
On the side bar, under Instances, click Launch Templates
Click Create launch template
Under Launch template name and description
Launch template name - project-TMPL
Under Application and OS Images (Amazon Machine Image)
Select Amazon Linux - Amazon Linux 2 AMI
Instance type - t2.micro
Key pair (login) - project-KP
Under Firewall (security groups)
Select existing security group - checked
Select existing security group — project-WebSG
Under Advanced network configuration
Auto-assign public IP - Enable
Take default settings
Click Create Launch Template

Image description

Create Auto-scaling Group

I have referred the AWS documentation for — How to Create Auto-scaling Group

From the AWS Management Console
On the EC2 Dashboard
On the side bar, under Auto Scaling
Click Auto Scaling Groups
Click Auto Scaling group
Under Choose launch template or configuration
Under Name
Auto Scaling group name - project-ASG
Under Launch template
select Launch Template — project-TMPL
Click Next
Under Network
Under vpc
Select - project-vpc
Under Availability Zones and subnets
Select 3 Public subnets in 3 different Availability Zones

  • project-subnet-public1-us-east-1a 10.0.0.0/20
  • project-subnet-public2-us-east-1b 10.0.16.0/20
  • project-subnet-public3-us-east-1c 10.0.32.0/20

Click Next
Under Additional settings - optional
Under Monitoring
Enable group metrics collection within CloudWatch - check
Click Next
Under Configure group size and scaling policies
Under Group size

  • Desired capacity - 2
  • Minimum capacity - 2
  • Maximum capacity - 5

Under Scaling policies - optional
Target tracking scaling policy - check
Take default settings
Click Next/Next/Next
Review
Create Auto Scaling group

Auto scaling group — details

Image description

Click Activity tab
Activity History - 2 minimum EC2 instances launched successfully

Image description

On the EC2 Dashboard
Click Instances on the side bar
To see 2 minimum EC2 instances are being launched
Their Instance state shows “Running”
In different Availability zones — us-east-1b and us-east-1c

Image description

Create Target Group

I have referred the AWS documentation for — How to create Target Group

As per Amazon "You register your targets with a target group. By default, the load balancer sends requests to registered targets using the port and protocol that you specified for the target group."

From the AWS Management Console
On the EC2 Dashboard
On the side bar, under Load Balancing
Click Target Groups
Click Create Target group
Under Basic configuration
Choose a target type - Instances
Target group name - project-TG
VPC - project-vpc
Under Advanced health check settings
Healthy threshold - 3
Unhealthy threshold - 2
Timeout - 5
Take default settings
Click Next
Under Register targets
Under Available instances (2)

Check — 2 Available EC2 Instances to be registered to Target Group in us-east-1b and us-east-1c

Click “Include as pending below” to be registered to Target Group

Click Create Target group to finish registering the EC2 Instances to the Target Group

The Instances show “unused” till we assign this Target Group to the Application Load Balancer

Image description

Create Application Load Balancer

I have referred the AWS documentation for — How to create Application Load Balancer

From the AWS Management Console
On the EC2 Dashboard
On the side bar, under Load Balancing
Click Load Balancers
Click Create Load Balancer
Under Select load balancer type
For Load balancer types
Application Load Balancer - click Create
Under How Application Load Balancers work
Under Basic configuration
Load balancer name - project-ALB
Scheme - Internet-facing
Take defaults
Under Network mapping
VPC - select project-vpc

Check

  • us-east-1a
  • us-east-1b
  • us-east-1c

Security groups - select project-WebSG

Under Listeners and routing
Under Listener HTTP:80
Default action - select project-TG
Take default settings
Click Create load balancer

Takes 3-5 min to see the status of Application Load Balancer as "active"

Image description

Validate to see 2 EC2 Instances registered to the Target Group

  • project-TG

Image description

Attach the Load Balancer to the Auto scaling group

From the AWS Management Console
On the EC2 Dashboard
On the side bar, under Auto Scaling
Click Auto Scaling Groups
Check project-ASG - Edit
Under Edit project-ASG
Under Load balancing
For Load balancers

Check - Application, Network or Gateway Load Balancer target groups

Select Target Group - project-TG
Click Update

Under Activity History of Target Group - project-TG
the Instances are successfully launched

Image description

I lost the Internet connection. So created the same infrastructure again. Now the 2 EC2 instances are in us-east-1a and us-east-1b.

Image description

Now terminate 1 EC2 Instance to show how Auto scaling works

Click EC2 Instance in us-east-1a
Actions
Click Terminate instance

EC2 Console showing EC2 Instance in us-east-1a Terminated, us-east-1b is “Running”

Image description

Auto scaling group, Activity history showing EC2 Instance in us-east-1a Terminated

Image description

EC2 Console showing a NEW 2nd EC2 instance in a different AZ — us-east-1c

Image description

Image description

Auto scaling group launching a NEW 2nd EC2 instance — can be seen in ASG Active History

Image description

Cleanup:

  • Delete the AWS resources after it is complete

Delete Autoscaling Group
Application Load balancer
Tatget Group
VPCs
Terminate EC2

What we have done so far:

Created a highly available web site for EC2 instances with a custom VPC in 3 public subnets using Amazon's built-in capabilities such as Application Load Balancer, Availability zones and an Auto-Scaling group.

💖 💪 🙅 🚩
awsmine
Revathi Joshi

Posted on October 13, 2022

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related