DEV Community

Cover image for Host a website on Ec2 instance with SSL enabled using an Application Load Balancer & add a custom domain managed by Route53.
Surya Shankar
Surya Shankar

Posted on • Edited on

Host a website on Ec2 instance with SSL enabled using an Application Load Balancer & add a custom domain managed by Route53.

Amazon EC2: The Amazon Elastic Compute Cloud is a web service that helps you to run virtual machines in the cloud by configuring its capacity, security, and networking.

EC2 instance: A virtual server on Amazon’s Elastic Compute Cloud (EC2) to run your business software.

Create an EC2 instance and install a web server

  • First, you create an EC2 instance in the public subnet of your VPC. [Here we used a default public subnet and default VPC].

_
If you want To create Your own VPC and Subnet then follow :- https://dev.to/shankarsurya035/vpc-virtual-private-cloud-setup-vpc-endpoints-5feo
_

  • Choose EC2 Dashboard, and then choose Launch instance,
  • Choose the Amazon Linux 2 AMI.

Image description

  • Choose the t2.micro instance type, as shown following, and then choose Next: Configure Instance Details.
  • On the Configure Instance Details page : You can select number of instances you need and Go with Your Default setup or [Choose you VPC if you created].
  • Choose Next: Add Storage.
  • On the Add Storage page, keep the default values and choose

  • Next: Add Tags.

  • Choose Next: Configure Security Group.

  • On the Configure Security Group page, shown following, choose Select an existing security group.

Image description

  • Choose Review and Launch.
  • On the Select an existing key pair or create a new key pair

Image description

  • To launch your EC2 instance, choose Launch Instances.

  • Name those server as

Image description

  • Now connect these servers with xshell and so to root user.

Image description

  • sudo su , cd [command for root user]

Image description

  • In-order to host a website in ec2 , Ist you need to download web server [ Here we are going to install apache server ].

yum install httpd , type yes if required

Image description

  • We can use Github commands to clone our website code from our repo , so You need to install git. yum install git -y

Image description

Now we have to clone that repo to our web server folder name [ html ] as follow

Image description

cd /var/www/html [ path ].
Image description

  • We need to start Apache Server using command below Image description [In case if we stop and start our server , we need start our apache again , to avoid this we can simply enable that server]
  • Continue this process with 3 server [You can use single or multiple server ]
  • Paste public IP to browser , You can able to see your website

Image description

Some other ways to upload your website

You can use s3 bucket to upload your website and using IAM we can access to this or using WinSCP application you can simply copy paste your code to that folder.

What is a load balancer ?

  • A load balancer serves as the single point of contact for clients. The load balancer distributes incoming application traffic across multiple targets, such as EC2 instances, in multiple Availability Zones.
  • This increases the availability of your application. You add one or more listeners to your load balancer.
  • A listener checks for connection requests from clients, using the protocol and port that you configure. The rules that you define for a listener determine how the load balancer routes requests to its registered targets.

Image description

  • Each target group routes requests to one or more registered targets, such as EC2 instances, using the protocol and port number that you specify.

Elastic Load Balancing supports the following load balancers: Application Load Balancers, Network Load Balancers, Gateway Load Balancers, and Classic Load Balancers.

Create Load Balancer

  • Search for load balancer and click on create.

Image description

  • Select Application load balancer.

Image description

  • Name it as follow

Image description

  • Select VPC and subnet

Image description

  • Create a Security group enable ssh,http,https.

Image description

  • In the navigation pane, under Load Balancing, choose Target Groups.
  • Choose Create target group.

Image description

  • Under Basic configuration, keep the Target type as instance.

Image description

  • For Target group name, enter a name for the new target group.
  • Keep the default protocol (HTTP) and port (80).
  • Select the VPC containing your instances. Keep the protocol version as HTTP1.
  • For Health checks, keep the default settings.

Image description

  • Choose Next.

  • On the Register targets page, complete the following steps. This is an optional step for creating the load balancer. However, you must register this target if you want to test your load balancer and ensure that it is routing traffic to this target.

Image description

  • For Available instances, select one or more instances.
  • Keep the default port 80, and choose Include as pending below.

Image description

  • Choose Create target group Image description
  • Leave default setup
  • Create load balancer

Image description

  • Paste that DNS name of your load balancer in browser you can see your website.

Image description

  • Demo

Image description

How to attach a domain name

  • you require a free or purchased domain to fully complete all the steps. If you already have a domain, then awesome, if not, don't worry, you can get a free domain! You can visit the following site and get yourself a free domain. https://www.freenom.com/en/index.html?lang=en

Image description

  • Once you sort out your domain, you should go back to the AWS console and navigate to the “Route 53” service. You should then navigate to “Hosted zones” and create a new hosted zone.

Amazon Route 53 is a highly available and scalable Domain Name System (DNS) web service. You can use Route 53 to perform three main functions in any combination: domain registration, DNS routing, and health checking.

Image description

Image description

Image description

  • You have to make sure to enter the exact domain name and select “Public hosted zone” for the type when creating the new hosted zone.

Image description

  • Once you have created the hosted zone, it should contain two records, NS (Name Server) record and SOA (Start Of Authority) record. You will need to use the NS record in the next step!

Image description

  • Next, you should head over to the admin panel of your domain provider, in my case it is freenom.com. You should find the section which enables you to configure the name servers for the domain! For different domain providers, this would look a bit different!

Image description

_- You should be aware that sometimes Nameservers takes a couple of hours to Sync in. So if your domain doesn't work at the end of this article, be patient and try again in a few hours _

  • You can also create record name , record type , record traffic

Image description

Image description
After that you can type www.yourDomainName.ml in browser , But its not secured , to make it secured we need to attach a SSL to it.

Image description

How to attach a SSL to our domain

AWS Certificate Manager is a service that lets you easily provision, manage, and deploy public and private Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS services and your internal connected resources

  • Search for Certificate Manager

Image description

  • Request a public certificate

Image description

Image description

  • Enter your domain name you can use * before your domain name for host based routing.

Image description

  • Click on certificate and create records

Image description

  • Create DNS records in Amazon Route 53.

Image description

  • A CNAME record is added to your record

Image description

  • After that go to load balancer .. Click listener and Add Listener.

Image description

  • Add HTTPS Protocol 443 port , Select the target group .

Image description

  • In default SSL certificate part :- Add the certificate [ That certificate you have created in Certificate Manager ]

Image description

  • Edit the HTTP part Click on add condition select Host add www.domanname.ml and redirect to HTTPS 443 port [save it] add domanname.ml and redirect to HTTPS 443 port [save it]

Image description

  • Now it will be redirect to HTTPS protocol,

Image description

Image description

Image description

Image description

Some Other Concepts

Connection Draining

When Connection Draining is enabled and configured, the process of deregistering an instance from an Elastic Load Balancer gains an additional step. For the duration of the configured timeout, the load balancer will allow existing, in-flight requests made to an instance to complete, but it will not send any new requests to the instance. During this time, the API will report the status of the instance as InService, along with a message stating that “Instance deregistration currently in progress.” Once the timeout is reached, any remaining connections will be forcibly closed.

Stickyness

Suppose two separate web browsers each request three separate web pages in turn. Each request can go to any of the EC2 instances behind the load balancer, like this:

Image description
When a particular request reaches a given EC2 instance, the instance must retrieve information about the user from state data that must be stored globally. There’s no opportunity for the instance to cache any data since the odds that several requests from the same user / browser will go down as more instances are added to the load balancer.
With the new sticky session feature, it is possible to instruct the load balancer to route repeated requests to the same EC2 instance whenever possible.

Image description

In this case, the instances can cache user data locally for better performance.
A series of requests from the user will be routed to the same EC2 instance if possible.
If the instance has been terminated or has failed a recent health check, the load balancer will route the request to another instance.

Top comments (4)

Collapse
 
atm_06 profile image
Ashutosh Mallick

Good documentation 👍🏻

Collapse
 
shankarsurya035 profile image
Surya Shankar

Thanks😁

Collapse
 
priyadixitt profile image
PriyaDixit

Hey your documentation is really amazing I just want you help as I'm facing some issues in this. Could you please help me out with this?

Collapse
 
shankarsurya035 profile image
Surya Shankar

Yeah sure... In which part?