Create High Availability Architecture with AWS CLI.

Ec2+EBS+S3+Cloud Front

Mukul Jeveriya
7 min readAug 1, 2021

Let’s Have a Look What I gonna do…

🔰 Create High Availability Architecture with AWS CLI 🔰
🔅The architecture includes-

  • Webserver configured on EC2 Instance
  • Document Root(/var/www/html) made persistent by mounting on EBS Block Device.
  • Static objects used in code such as pictures stored in S3
  • Setting up Content Delivery Network using CloudFront and using the origin domain as S3 bucket.
  • Finally place the Cloud Front URL on the webapp code for security and low latency.

Prerequisite: I believe You all are familiar with AWS CLI & Aws services like EC2, EBS, S3 and Cloud Front etc.

Let’s Start….

Configure the AWS user Profile in Aws Cli.

In this image we setup a user (named as tridha) profile in aws cli. And also this is my default user for AWS Cli. We can add, many profile as we can in AWS cli.

$ aws configure --profile <profile name>
Command to show profiles.

Create a keypair.

This is my EC2 dashboard summary. In this you can see I have a single key-pair and security groups. Lets come to our topic now create a key-pair.

This is the key which is already created in AWS Account we can confirm it in AWS console image. Lets create a new one.

$ aws ec2 create-key-pair --key-name <keynmae>
This command is only for creating key-pair
$ aws ec2 create-key-pair --key-name <keynmae> --query KeyMaterial
--output text > filename.pem

This command is for saving key in a file.

In this Image you can confirm that the key created successfully.

Create a Security Group for our instance.

In this image we can see all the security group we have.

$ aws ec2 describe-security-groups
Command to describe all security groups we have.

In the above image You can confirm it that a Security Group created.

$ aws ec2 create-security-group --group-name <anyname> --description "anything you want"
Command for creating a Security Group.
$ aws ec2 decribe-security-groups --group-name <sg_group_name>
Command for describing particular security group.

Lets add some inbound rule in Security Group.

Here I am add some inbound rule in Security group which allow all traffic on port no 22 which is for ssh and port no 80 which is for web server.

$ aws ec2 authorize-security-group-ingress --group-name <sg-name>   --ip-permissions IpProtocol=tcp,FromPort=22,ToPort=22,IpRanges=[{CidrIp=}] IpProtocol=tcp,FromPort=80,ToPort=80,IpRanges=[{CidrIp=}]Command for adding inbound rules.

Now launch an EC2 instance.

Above image showing that right now no instance running.

$ aws ec2 describe-instances --filters "Name=instance-state-name,Values=running"
This is command for describing ec2 instances.

Will launch an ec2 instance using the created keypair and security group. we had attached the security group that has rule for port no 80 so that the web page which we create in this instance can be accessed by the client and for port no 22 so we can do ssh.

$ aws ec2 run-instances --image-id ami-06a0b4e3b7eb7a300 --count 1 --instance-type t2.micro --key-name <keyname> --security-group-ids <sg-name> --subnet-id <subnetid>Command for launch a ec2 instance.

Here we can confirm it the instance is launched.

Now configuring the webserver in this instance.

For configuring a http web server we have to perform these steps :-

# yum install httpd
Command for installing httpd software
# vim /var/www/html/<pgaename>
Command for creating a page in default httpd path
# systemctl start httpd
Command for starting httpd services

Yupp here this is the output.

Create a ebs volume and attach it to the /var/www/html dir of the ec2instance:-

Here I am going to create a extra EBS volume for storing webserver pages so if may be our instance goes down so our website code will be safe.

$ aws ec2 create-volume --volume-type gp2 --size 1 --availability-zone ap-south-1aCommand for creating EBS volume.
$ aws ec2 describe-volumesCommand for describing all the volumes available.

Now attach the volume with instance.

$ aws ec2 attach-volume --instance-id <launched_inastanceid> --volume-id <Volume-id> --device /dev/sdfCommand for attaching volume to instance.

From the above image we can confirm it that the Volume is attached with the instance.

Now mount the /var/www/html folder with EBS volume.

For connecting the EBS volume to the /var/www/html we have to perform three steps i.e

  • First we have to create the partition in the disk(/dev/xvdf is the disk name in our case),
  • Than format the partition
  • After this we can mount the drive to any directory(in our case directory will be /var/www/html).

Let’s do it the same…

# fdisk -l
Command for listing all volume attached.
# fdisk /dev/xvdf
command for doing something on particular volume.
# mkfs.ext4 /dev/xvdf1
Command for format the volume.
# mount /dev/xvdf1 /var/www/html/
Command for mount the Volume with particular dir.

From here we can confirm it that the above volume is mounted with the path.

Create a S3 bucket and put object in the Bucket.

$ aws s3api create-bucket --bucket <any-unique-bucket> --region ap-south-1 --acl public-read --create-bucket-configuration LocationConstraint=ap-south-1Command for creating S3 volume in particular region.
$ aws s3api put-object --bucket tridha-bucket --content-type image/png --acl public-read --key fb.jpg --body fb.jpgCommand for putting and object from system (--body for image path from system) to bucket.

From this image we can confirm it.

Launch a Cloudfront with origin as the s3 bucket.

$ aws cloudfront create-distribution --origin-domain-name tridha-bucket.s3.amazonaws.comCommand for creating Cloud Front

From above image we can confirm it.

Now change in the Website Code and add images which is store in s3 and provided by Cloud Front.

Let’s See the Result…

Here we can see the image on website. It load on the website so fast the latency was so low this can happen with the help of cloud front.

Thanks for reading , I hope you like the Blog!!!