How to integrate Cloudfront , S3 , Apache Webserver using AWS CLI
In AWS there are 3 ways we can connect to AWS
- using AWS Console (WebGUI/WebAPP)
- AWS SDK
- AWS CLI
AWS CLI is a command line interface & we can download latest version i.e. version 2 from AWS site. URL to download AWS CLI :
https://awscli.amazonaws.com/AWSCLIV2.msi
After downloading it we can verify the version as below
We need to create HA Architecture using AWS CLI which consists of the following
- Webserver configured on EC2 instance
- Document root (/var/www/html) made persistent by mounting on EBS block device
- Static Objects used in code such as pictures stored in S3
- Setting up content delivery Network using CloudFront & using the origin domain as S3 bucket.
- Finally place the CloudFront URL on the webapp code for security & low latency.
Let’s launch Ec2 instance first for which we’ll need below details.
-AMI (image id)
-Instance type
-Subnet id
-EBS Storage
-Security group
-key pair name
we’ll first create key-pair using below AWS CLI command
In AWS Console we can verify its creation
Now we need to create security group
Before that we need to get the subnet id using below command
Let’s say we need to launch instance in “SubnetId”: “subnet-017cb1fff955684cf”within “AvailabilityZone”: “ap-south-1a”
Pls note that VPC id is “VpcId”: “vpc-7666791e”
Security group can be created as under
Verify Security Group in AWS Console as follows
Now we have all the details except AMI image id which we can get from AWS Console
Now we are all set to launch AWS EC2 instance.
Run the following command in CLI
aws ec2 run-instances — image-id ami-0e306788ff2473ccb — instance-type t2.micro — count 1 — subnet-id subnet-017cb1fff955684cf — security-group-ids sg-0139790bc185b1233 — key-name awscsa
It displays following
Also, we can note that security group is attached to the instance which is currently in pending state
We can confirm the details of running EC2 instance as follows
We have to now create an EBS volume of size 1 GIB & attach to this instance.
EBS Volume is regional specific i.e. we need to create EBS volume in the same Availability Zone in which the instance is running. In our case Availability Zone is ap-south-1a
To create EBS volume from AWS CLI we need to fire below command
Pls note the volumeId which we require while attaching this volume to EC2 instance.
In AWS Console we can verify this volume as follows
Now the next step is to attach this EBS volume to our EC2 instance.
Since above EBS volume is available we can attach to EC2 instance.
Before attaching the newly created EBS volume we can verify the storage of our EC2 instance as under
The AWS CLI command to attach EBS Volume to EC2 instance is :
aws ec2 attach-volume — volume-id vol-0745799d627bdf202 — instance-id i-0393a4c4fb8303ba4 — device /dev/sdf
In below picture, we can see /dev/xvdf is the new EBS volume of size 1 GiB is attached.
In below picture, we can see /dev/xvdf is the new EBS volume of size 1 GiB is attached.
Let’s create partition of 100 MiB under this new volume
Next step is to format the partition
We need to Mount this partition with the the folder /var/www/html/ (Document Root).
next task is to configure Webserver on EC2 instance
we’ll first install Apache Web Server on EC2 instance using following command
yum istall httpd -y
After installing httpd software we need to create our web page under /var/ww/html folder
Next step is to start httpd service using below command
We are done with Webserver configuration..
We can check the webpage using following url in browser
Now, let’s create S3 Bucket & Upload data inside it
Verify the bucket using AWS Console as under
Bucket is empty at the moment.
Make sure that the bucket has public access
We can copy local file to S3 using below AWS CLI command
Verify through AWS Console that the file has been uploaded to S3 bucket
We can try accessing the file using S3 URL given below
We’ll specify this URL in document root and try to access this again.
Now the last step is to Create CloudFront Distribution & Integrate with S3 & Web Server .
Typically packet routing over the internet poses below risks
Security threat as there might be possibility of cloning packets over public internet
Reliability issue in terms of Network speed (low latency)
Cloudfront service helps addresses these issues. Whenever client requests any data Cloudfront does following
1. It has built in intelligence using which it connects to the nearest edge location.
2. If the data is in the local cache of edge location then it pickup the data & delivers to the client through its own high fiber optic Amazon high speed network.
If the data is not present then it will fetch the data first time through the source (origin) & delivers to the client. At the same time it creates a local copy of the data (known as Cache) to serve future requests.
So irrespective of client locations it connects to the nearest edge location & serve the request thus reducing latency & further improves user experience.
Cloudfront uses Origin Access Identity (OAI) which restrict the access to S3 content. Edge locations are smaller size of data centers which serves the content across the globe using Amazon High Speed network.
Command to create CloudFront distribution is as under
From AWS console we can verify as under
We can use below Domain Name(CloudFront URL) to access the data from Edge Locations with less latency & high network speed.
Origin Domain name is listed below
Now we’ll place CloudFront URL on the webapp code for security & low latency.
We can now easily access the web page as we did by visiting the web server url
Thanks for going through the blog..
Hope you like the article & understood the CloudFront distribution concept.