Simi's Blog
Deploying a High Availability Web Application on AWS

Deploying a High Availability Web Application on AWS

Fredrick Simi's photo
Fredrick Simi
·

8 min read

Introduction

Most web system applications that are built locally can handle their intended tasks or purposes. When the project is still young and the users are very few, the application will be able to handle the workload within its allocated resources. With time, if the number of users increases along with the workload, the application might be unable to sustain and serve stably.

Objectives & Significance of AWS Services

To counter this hiccup, most companies or startups can deploy their applications to cloud providers such as Amazon Web Services which specialize in enhancing the scalability and availability of such applications. For instance, AWS has a lot of services that might help you depending on the needs of your project. For example, the EC2 service helps in providing the necessary computing needs that will fit your project. AWS also offers an Object Storage solution, S3, that is highly scalable and even RDS, a database service that has features such as automatic backups and redundancy. These are just a few of the services AWS has to offer for your needs. The project we developed relies on the AWS infrastructure to run smoothly and is highly available.

Literature Review

Over the years with the rise of Cloud Computing, there have been several projects that have been developed to utilize cloud services. Some of these services include EC2, Load Balancing, VPC etc.

For example, streaming services such as Netflix utilize cloud computing architecture to deliver their services globally with 99.99% uptime availability. They utilize services like Load Balancing, network security, Security Groups, etc.

Overall, utilizing cloud computing services offered by companies such as AWS offers numerous benefits. Some of these benefits include:

  • Scalability

  • VPC

  • EC2 AutoScaling Groups

  • Security Groups

  • Subnets

  • Elastic Load Balancer

All these enable developers to ensure high availability and network security for their web applications.

Methodology

The following services helped us in creating our infrastructure to make our application highly available. We used CloudFormation Scripts together with CircleCI to achieve the final architecture, but here is an individual breakdown of the services used in the project.

Creating a VPC

A Virtual Private Cloud (VPC) is a custom virtual network that you'd operate in your data centre or one provided by a cloud provider. The VPC provides isolation of your environment for hosting your applications.

To create a VPC, we must define the range of IP addresses that would be used to create subnets within the VPC. We then proceed by creating subnets within the same VPC. We also have to configure route tables to manage the traffic that flows within the subnets and the internet.

Once the VPC creation has been successful, we then configure security groups that manage inbound/outbound traffic to the instances within the VPC. Security groups help us to define the incoming/outgoing traffic based on the ports and IP Addresses provided.

By following these steps, we can create a secure and isolated environment for hosting our highly available web application on AWS.

Resources:
  VPC:
    Type: AWS::EC2::VPC
    Properties:
       CidrBlock: !Ref VpcCIDR
       EnableDnsHostnames: true
       Tags:
         - Key: Name
           Value: !Ref EnvironmentName

Creating Subnets

To create a subnet within AWS, we should first have a VPC already created and running correctly. We would need its ID to create subnets within it.

During the setup of the subnet, we should assign it to an Availability zone. We should then assign it an IPV4 CIDR block and finally hit the Create subnet button.

  PublicSubnet1:
    Type: AWS::EC2::Subnet
    Properties:
       VpcId: !Ref VPC
       AvailabilityZone: !Select [0, !GetAZs '']
       CidrBlock: !Ref PublicSubnet1CIDR
       MapPublicIpOnLaunch: true
       Tags:
         - Key: Name
           Value: !Sub ${EnvironmentName} Public Subnet (AZ1)

  PublicSubnet2:
    Type: AWS::EC2::Subnet
    Properties:
       VpcId: !Ref VPC
       AvailabilityZone: !Select [1, !GetAZs '']
       CidrBlock: !Ref PublicSubnet2CIDR
       MapPublicIpOnLaunch: true
       Tags:
         - Key: Name
           Value: !Sub ${EnvironmentName} Public Subnet (AZ2)

Creating an Internet Gateway

An internet Gateway is a crucial component that allows communication between your VPC and the internet. In this project, the Internet Gateway will be used to enable inbound/outbound traffic to and from the Internet.

To create an internet Gateway, follow these steps:

  • On the AWS Console, search for Internet Gateway

  • Click 'Create Internet Gateway' and select 'Attach to VPC'

  • Select the VPC you want to attach the Internet Gateway to

  InternetGateway:
    Type: AWS::EC2::InternetGateway
    Properties:
       Tags:
         - Key: Name
           Value: !Ref EnvironmentName

  InternetGatewayAttachment:
    Type: AWS::EC2::VPCGatewayAttachment
    Properties:
      InternetGatewayId: !Ref InternetGateway
      VpcId: !Ref VPC

Creating Security Groups

A security group is an AWS service that acts as a firewall, with rules to determine what network traffic can enter and leave the resource.

To create security groups, you need to have created a VPC that is running correctly.

You need to then add/enable the rules in the security group to allow incoming/outgoing traffic. e.g TCP port 22 or HTTP port 8000

  InstanceSecurityGroup:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupName: !Sub ksgproject-${ID}
      VpcId: !Ref VPC
      GroupDescription: Allow port 22 and port 8000.
      SecurityGroupIngress:
        - IpProtocol: tcp
          FromPort: 22
          ToPort: 22
          CidrIp: 0.0.0.0/0
        - IpProtocol: tcp
          FromPort: 80
          ToPort: 80
          CidrIp: 0.0.0.0/0
        - IpProtocol: tcp
          FromPort: 8000
          ToPort: 8000
          CidrIp: 0.0.0.0/0
      SecurityGroupEgress:
      - IpProtocol: tcp
        FromPort: 0
        ToPort: 65535
        CidrIp: 0.0.0.0/0

Configuring Elastic Load Balancer, Listener Rules & the Target Group

The work of a load balancer is to distribute traffic throughout the EC2 Instances.

We selected the Application Load Balancer for our project. We then created a target group that has all of our running instances

Once the target group has been created, we can then proceed by creating a load balancer. During its creation, we specify the VPC and the subnets where the load balancer will reside. The security group of the load balancer should also be specified.

After the load balancer has been created, the listener rules need to be configured that will determine how the load balancer distributes traffic to the target group. We then tested the load balancer to ensure that the traffic flowed smoothly

  WebAppGroup:
    Type: AWS::AutoScaling::AutoScalingGroup
    Properties:
      VPCZoneIdentifier: [ !Ref PublicSubnet1, !Ref PublicSubnet2 ]
      LaunchTemplate:
        LaunchTemplateId: !Ref WebAppLaunchConfig
        Version: !GetAtt WebAppLaunchConfig.LatestVersionNumber
      MinSize: '3'
      MaxSize: '5'
      TargetGroupARNs: [!Ref WebAppTargetGroup]

  WebAppLB:
    Type: AWS::ElasticLoadBalancingV2::LoadBalancer
    Properties:
      Subnets:
        - !Ref PublicSubnet1
        - !Ref PublicSubnet2
      SecurityGroups:
      - !Ref LBSecGroup

  Listener:
    Type: AWS::ElasticLoadBalancingV2::Listener
    Properties:
      DefaultActions:
      - Type: forward
        TargetGroupArn:
          !Ref WebAppTargetGroup
      LoadBalancerArn:
        !Ref WebAppLB
      Port: '80'
      Protocol: HTTP

  ALBListenerRule:
    Type: AWS::ElasticLoadBalancingV2::ListenerRule
    Properties:
      Actions:
      - Type: forward
        TargetGroupArn: !Ref 'WebAppTargetGroup'
      Conditions:
      - Field: path-pattern
        Values: [/]
      ListenerArn: !Ref 'Listener'
      Priority: 1

  WebAppTargetGroup:
    Type: AWS::ElasticLoadBalancingV2::TargetGroup
    Properties:
      HealthCheckIntervalSeconds: 10
      HealthCheckPath: /
      HealthCheckProtocol: HTTP
      HealthCheckTimeoutSeconds: 8
      HealthyThresholdCount: 2
      Port: 8000
      Protocol: HTTP
      UnhealthyThresholdCount: 5
      VpcId: !Ref VPC

Results

The project aimed to deploy a high-availability web application on AWS. The services that were used included a combination of Elastic Load Balancer, VPC, and EC2 Auto Scaling groups.

The ELB was used to distribute traffic across EC2 instances which were managed by the EC2 Autoscaling group. This always had the application in a highly available state even during server failures. The VPC and security groups ensured network security, with access only granted to authorized resources/users.

Additionally, the project used EC2 Launch Templates for easy deployment and management of the EC2 instances. This allowed for quick scaling and replacement of instances when necessary. The project also utilized Elastic Load Balancing Target Groups for routing requests to specific sets of instances based on rules and conditions.

Overall, the deployment of the high-availability application on AWS was successful. The architecture ensured scalability, cost-effectiveness and reliability. While the project used various AWS services, the infrastructure provided network security and showcased the benefits of deploying web applications that are highly available in AWS.

EC2 Instances in our VPC

The Load Balancer serving our Instances

The Load Balancer Listener

Our Target Group

Our Autoscaling Group

CircleCI Pipeline

Successful CloudFormation Stack

CloudFormation Stack Resources

Architecture Diagram

Discussion

The implications of the project's results show us that using cloud services such as AWS proves to be reliable, scalable and cost-effective. The services we used in this project helped in ensuring that the application was always available, even during high traffic or server failures. The use of these services also ensured network security making our infrastructure and architecture more secure.

One benefit of using a provider like AWS is that it offers services that can scale on demand. The use of EC2 Auto Scaling groups and Elastic Load Balancers allows the project to handle spiking traffic or server failures comfortably.

The integration of VPC and security groups also adds an extra layer of security to the application, helping to prevent unauthorized access.

However, the project also has some limitations. The infrastructure setup using AWS services can add up quickly especially if there is a significant amount of traffic which leads to resources being scaled higher to accommodate the demand. Additionally, the project only focused on a specific set of services and did not cover the entire AWS ecosystem.

Conclusion

In conclusion, deploying a high-availability web application using AWS services such as the ones used in the project above, has numerous benefits. The project has shown that the use of AWS services can provide a scalable and reliable infrastructure for deploying web applications that can handle a high volume of traffic while ensuring high availability and uptime.

The project also demonstrated the ease of use of AWS services and the benefits of automating the deployment process using EC2 Launch Templates.

The findings of this project highlight the importance of considering AWS services as a viable solution for deploying high-availability web applications. The project has shown that AWS services can significantly reduce the complexity of deploying high-availability web applications and provide a reliable and cost-effective solution for organizations of all sizes.

References

  1. Amazon Web Services. (2021). What is Amazon Elastic Load Balancing? Retrieved from https://aws.amazon.com/elasticloadbalancing/

  2. Amazon Web Services. (2021). Amazon VPC. Retrieved from https://aws.amazon.com/vpc/

  3. Amazon Web Services. (2021). EC2 Security Groups. Retrieved from https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html

  4. Amazon Web Services. (2021). Elastic Load Balancing Target Groups. Retrieved from https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-target-groups.html

  5. Amazon Web Services. (2021). EC2 Launch Templates. Retrieved from https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html

  6. Amazon Web Services. (2021). Internet Gateways. Retrieved from https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Internet_Gateway.html

  7. Amazon Web Services. (2021). Route Tables. Retrieved from https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html

  8. Amazon Web Services. (2021). Subnets. Retrieved from https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html

  9. Liu, C., Li, H., Wang, Y., & Li, G. (2019). Design and implementation of high availability architecture of web applications in cloud computing. Journal of Physics: Conference Series, 1291(1), 012131. https://doi.org/10.1088/1742-6596/1291/1/012131

  10. Shah, J. (2020). Deploying a High-Availability Web Application in AWS. Retrieved from https://d1.awsstatic.com/whitepapers/aws-high-availability-web-applications.pdf

AWSci-cdWeb DevelopmentCloudGitHub