Configuring web server on AWS EC2 instance.
Our whole internet is dependent on various web servers or webapps that runs 24/7 to provide us with various websites or web pages. They also aid in running of various social media networks, banking services, online searches, etc.
So today we are going to configure a web server and make it so that it is optimized for distribution. For this we will require:-
1. EC2 instance for running the web server.
2. EBS volume for securing our web pages.
3. S3 bucket for storing web resources.
4. CloudFront for creating a web distribution resource.
1. Launching and connecting to an EC2 instance :-
I have already talked about launching an EC2 instance from cli in my previous article, so I will straight away launch the previously created instance and get down to configure a web server on it.
>>> Use 'aws ec2 describe-instances' to get the list of already created instances in your aws ec2 service.
>>> Use the instance-id that you get from the output you got from previous command and use it to start an instance. Use ‘aws ec2 start-instance –instance-ids <instance_id>’ to start the instance.
>>> Use ‘aws ec2 describe-instances –instance-ids <instance_id>’ to check if the instance launched correctly. Note the instance id, security group id and public IP of your instance.
>>> Add your public IP in the inbound rules of the security group of your instance: - ‘aws ec2 authorize-security-group-ingress --group-id <sg_id> --protocol tcp --port 22 --cidr <your_ip>/24’
>>> Use ‘ssh -i <key_pair_name>.pem ec2-user@<public_ip>’ to connect to your ec2 instance using ssh.
2. Installing the web server program :-
You can either install httpd (Apache server)or (as it is called on debian based systems) apache2 on the launched instance. To do that its quite simple. I am using Rhel-8 system so my command may be a little bit different but it is essentially the same.
>>> sudo yum install httpd
>>> Use ‘systemctl status httpd’ to check if the server installed and working correctly. The services would currently be disables. We can start it now, but we first need to do some other setting.
3. Create a EBS volume and attach it to the instance :-
Keeping the web contents (web pages) on the root volume is rather dangerous as the root has the highest possibility of being corrupted. It, in any way, doesn’t mean that we can’t keep web-pages in the root volume. Its just that keeping the web-pages in another volume secures them from potentially being lost if the root volume crashes. So we create an EBS general-purpose volume of size 1 gb (or any other size as per your requirement)and attach it to the launched instance.
>>> ‘aws ec2 create-volume --volume-type gp2 --size 1 --availability-zone <region_id>’
>>> ‘aws ec2 attach-volume --volume-id <volumne_id> --instance-id <instance_id> --device /dev/sdf’ to attach the volume.
4. Format and mount the volume on to the webserver root folder where webpages and webapps are kept :-
Now we format and mount the attached volume onto the folder where web pages and webapps are kept.
>>> fdisk -l
>>>mkfs.ext4 /dev/xvdf
>>>mount /dev/xvdf /var/www/html
>>>partprobe /dev/xvdf
>>>df -h
5. Creating an S3 bucket to store all static web resources like pics,videos,etc. :-
S3 or (Simple static storage) service is an object storing service. It is a global AWS service. It provides an efficient way to store object files and provides a way to distribute them using S3 bucket url that it creates for each resources present in there. It is easy to manage and secure.
To create an S3 bucket, we can use web console(recommended for first time users) or we can do using the cli :
>>>aws s3 mb s3://<globally_unique_bucket_name>
>>>aws s3 cp <path_to_object_on_local_os> s3://<bucket_name>/path/in/bucket --grants read=uri=http://acs.amazonaws.com/groups/global/AllUsers
'grants' has been used to give public read access to the object which are uploaded onto the bucket.
NOTE:-S3 bucket acts as the root folder so you can create sapareate folders inside it.
>>>’aws s3 ls s3://<bucket_name>’ lists the bucket contents.
6. Creating a CDN distribution using CloudFront :-
We use CloudFront service for creating a CDN distribution suing the previously created bucket as the domain.
>>> aws cloudfront create-distribution --origin-domain-name <bucket_name>.s3.amazonaws.com
NOTE:- you can copy the cloudfront distribution domain name from the output you get. It will be used to access the resource.
7. Create a web page in the web server root folder :-
We create a web page by using the url of the image we got from the cloudfront distribution we created. To do that we re-enter the instance then :-
>>> cd /var/www/html
>>> vi mywebpage.html
You can create your own web page or copy this :-
<html> <head> <title> MY WEB PAGE </title> </head> <body background = '<cdn_distribution_domain_name>/pic.png'> <p><h1>HI This Is My first HTTP Server.</h1> </body>
</html>
>>> cat mywebpage.html
To check if the data in page is correct.
8. Start the web service :-
To start the web service we use the follow in command:-
>>> systemctl stop firewalld
To stop the firewall.
>>> systemctl disable firewalld
To disable firewall i.e. to stop it from being auto-restarted.
>>> systemctl enable httpd
To enable auto-restarting of httpd service.
>>> systemctl start httpd
To start Httpd service.
>>> systemctl status httpd
To check if httpd server is started properly.
9. (Optional) In case SELinux security is forbidding you access to your web page you can do this:-
>>> getenforce
To check if SELinux security is being enforced.
>>> setenforce 0
To disable SELinux security.
>>> getenforce
To check if SELinux security is disabled.
10. The web service is startted we can check it by using the following url:-
>>> http://<your_server_public_IP>/mywebpage.html
The first time you access the web page it may show some latency. This is due to the web resources not being present in the local caches in edgs locations. From the second time the local caches would be containing a copy of the web resource stored in S3 bucket. This time the web page will open much faster.
THANK YOU!!!!!!!! For taking time to read my article.