As an application engineer, I haven't had much experience in infrastructure design in my daily work, but I was impressed that I could easily build an infrastructure infrastructure even though I had almost zero knowledge of infrastructure through AWS. This time, for the same beginners as me, I will share the procedure from building the AWS cloud environment to deploying the Spring Boot app.
For the AWS configuration, we will adopt a redundant configuration using two Availability Zones (AZ) within the Tokyo region. EC2 instances will be distributed in the two AZs, and access will be distributed via ALB (load balancer). In addition, the RDS instance will be configured in Multi-AZ so that it will be distributed in two AZs as in EC2.
Each instance in AWS must be assigned an IP address and properly routed so that it can reach the instances in AWS from the external network. The service that provides such a virtual network is called Amazon Virtual Private Cloud (VPC).
Although it is practice, we are aiming for a VPC environment that is close to the actual battle. This VPC consists of two types: ** public subnet ** for internet communication and ** private subnet ** that is blocked from the internet. Apply different security groups to each to control access to the two subnets. The AP server is built on the public subnet, and the DB server is built on the private subnet.
After registering a new AWS account, the default VPC environment was already created, but this time I will build the following VPC from scratch without using it.
⇒ Click
VPC ⇒ Select
VPCfrom the menu on the left ⇒ Press the
Create VPC` button.Yes, create
button.
Create a subnet inside the VPC above. Since a subnet cannot be created across multiple AZs, be sure to specify one AZ when creating it. For load distribution and redundancy, build two subnets for AP server and two subnets for DB server.
Subnet
from the menu on the left ⇒ Click the Create Subnet
button.Subnet | AZ | IPv4 CIDR block |
---|---|---|
public-subnet1 | ap-northeast-1a | 10.0.0.0/24 |
public-subnet2 | ap-northeast-1c | 10.0.1.0/24 |
private-subnet1 | ap-northeast-1a | 10.0.2.0/24 |
private-subnet2 | ap-northeast-1c | 10.0.3.0/24 |
Subnet list screen after completion
The ** Internet Gateway (IGW) **, as the name implies, is the gateway to the Internet and is installed to communicate between the VPC and the external network. Also, whether the subnet created above is a public subnet or a private subnet is determined by the ** route table ** applied to that subnet. Destination: The subnet to which the route table with IGW set as the target of 0.0.0.0/0 is applied is the public subnet. On the other hand, the subnet to which the route table (default) without IGW is set as the target of destination: 0.0.0.0/0 is a private subnet.
Internet Gateway
from the menu on the left ⇒ Click the Create Internet Gateway
button.Yes, create
button.
Attach to VPC
button to link with the VPC.
Route Table
from the menu on the left ⇒ Press the Create Route Table
button.Yes, create
button.
A security group can control inbound (inbound) and outbound (outbound) access with a firewall for each instance in AWS. You must apply at least one security group to each instance.
Security Group
from the menu on the left ⇒ Press the Create Security Group
button.Yes, create
button.
This completes the VPC construction.
RDS is a relational database manager service. The following 6 types of database engines can be selected with RDS. ・ Amazon Aurora ・ MySQL ・ MariaDB ・ PostgreSQL -Oracle · MS SQL Server This time we will build Aurora DB. Aurora is AWS's proprietary relational DB engine that is compatible with MySQL and is said to have up to five times the throughput of MySQL and three times the performance of PostgreSQL throughput.
You must specify a DB subnet group in your VPC as a prerequisite for creating a DB instance. A DB subnet group requires subnets in at least two Availability Zones within a particular region. You must select a DB subnet group when you create a DB instance in your VPC. Amazon RDS uses its DB subnet group and preferred Availability Zone to select a subnet and the IP addresses within that subnet to associate with your DB instance.
⇒ Click
RDS ⇒ Select
Subnet Groupfrom the menu on the left ⇒ Press the
Create Subnet Group` button.Create
button.
instance
from the menu on the left ⇒ Press the Start DB Instance
button.Next step
button.Finally, I arrived at EC2. Amazon Elastic Compute Cloud (EC2) is a virtual server on AWS. This time, we will build two instances for load distribution.
⇒ ʻEC2
⇒ Select Instance
from the menu on the left ⇒ Press the Create Instance
button.Create Instance
button to complete the instance creation.
An ELASTIC IP assignment is required to assign a static public IP address to the above EC2 instances.
from the menu on the left ⇒ Press the
Assign New Address` button.
Enter the above ELASTIC IP using an SSH client such as Tera Term to access your EC2 instance. Use the "ec2-user" user to log in with the key you downloaded earlier.
#Update to the latest software
$ sudo yum update -y
#Host name change
$ sudo hostname ec2-1-cinpo1
$ sudo vim /etc/sysconfig/network
HOSTNAME=ec2-cinpo1;
#Edited the host file and issued from AWS<Private IP>write.
$ echo "17X.XX.X.X30 ec2-cinpo1" |sudo tee -a /etc/hosts
#Host name confirmation
$ hostname -f
#Time zone change
# /etc/sysconfig/Edit clock
$ echo -e 'ZONE="Asia/Tokyo"\nUTC=false' | sudo tee /etc/sysconfig/clock
#Change timezone file
$ sudo ln -sf /usr/share/zoneinfo/Asia/Tokyo /etc/localtime
#Check the result
$ date
#Java 8 installation
$ sudo yum install java-1.8.0-openjdk.x86_64
#Java 8 choice
$ sudo alternatives --config java
#Check the result
$ java -version
Follow the same steps as above to build a second EC2 instance.
#Install the MySQL client to connect to the Aurora server.
$ sudo yum install mysql
#Connect to Aurora server to create new database and port data.
$ mysql -h <RDS instance endpoint> -u username -p
$ create database sampleDB
...The following is omitted...
$ java -jar XXXXXXXX.jar
Finally, apply a load balancer (Application Load Balancer [ALB]) to achieve load balancing of the AP server.
As a prerequisite for applying ALB, you need to register the EC2 instance as a target in the target group. ALB acts as a single destination for clients, distributing inbound traffic to registered targets.
⇒ ʻEC2
⇒ Select Target Group
from the menu on the left ⇒ Press the Create Target Group
button.
Load Balancer
from the menu on the left ⇒ Press the Create Load Balancer
button and select Application Load Balancer.
This completes everything from building the AWS environment to deploying the app. http://<ALBのDNS名>:ポート/にアクセスすれば、アプリ画面が表示されたら完成です。
Recommended Posts