Adding EC2 Virtual Machines and Deploying the Web App
In this lab, we are going to move the DinoStore application from the local computer to AWS. By the end of this lab, the DinoStore will be completely working from the cloud.
Amazon Elastic Compute Cloud (Amazon EC2)
Amazone EC2 is the compute capacity provided by AWS, which a cloud-based web service. It is designed to do the web-scale cloud computing. Here we are using the EC2 instance to deploy the DinaoStore web app.
AWS Identity and Access Management (IAM)
IAM is a web service provided by AWS to manage users and user permissions in AWS. IAS is associated with the AWS services such as Amazon EC2, Amazon SimpleDB, and the AWS Management Console. In this project, we want to create roles that access to other Amazon services so that applications running on EC2 instances don’t have to have credentials baked into the code.
Here I have created a policy which allows dynamoDB to do delete item, describe table, get item, put item, update item.
I have given the policy name as 'DynamoSqsPolicy' and selected the functions in the actions menu for DynamoDB
I have inserted ARN of DynamoDB into the policy then allowed the selected functionalities.
Now we have to create a role and attach the policy so that this role can be attached to the instance. Once this role attached to an instance that instance will get the permissions from the policy.
Here I have created a role called WebserverRole and attached the policy which we have created before.
Next, we have to create a web server instance to host the website. I have used EC2 to create the instance.
I have selected t2 micro which is free up to 750hrs on my student account.
I have selected the previously created IAM role and given the name as Webserver for the instance.
Here I have created a new security group then allowed Web and RDP access for web server ec2 instance by selecting my IP.
Then created a new key pair, this will be used to login to the instance later on. Then downloaded the key pair and saved it on my local computer.
Now we are creating a new server for I have followed the same step and created a queue server instance. I have given the same IAM role and created a new security group which allowing RDP to the instance.
On the web server instance, right-click to get the windows password and choose the key and decrypt password.
This will be the password for the RDP session.
I have enabled the Webserver role in the instance.
Then install the asp.NET 4.5 (including developer stuff), HTTP connectors and windows authentication role services.
Once the web server is ready we need to import the DinoStore program to the instance from Visual studio.
I have published the project and saved it on my local machine, then I have copied it to the webserver instance.
Provided the root for the website.
Then I have used Notpad to edit the webconfig file and removed all the access keys. Now because of the rules the program gets these access automatically.
I hace tested it by entering the following URL http://169.254.169.254/latest/meta-data/iam/security-credentials/WebServerRole ,
Now we can run the web site by right clicking in the Default.aspx and brouse.
I have tested it on the public internet by entering the public DNS if the instance, after the url.
We can find the private IP of the server in the website.
Next, we have to put the oOrder processor to the Queue server. InVisual Studio clicks on the NET702.DinoStore.OrderProcessor and choose ‘Release’ from the Solutions Configuration pull-down at the top of the window. Then right click on the NET702.DinoStore.OrderProcessor and ‘Publish’ and save it in the queue server.
To run the program automatically, I have made a shortcut of the setup file and kept it in the startup folder of the server. Then run the startup to start queuing.
Now we have to chek the program by purchasing an item.
When I was purchasing I was getting an error on the website. The error was about the access permission to the SQS.
Then I found out that, in IAM policy I did not create permission for the SQS. I have deleted and created a new policy with DynamoDB and SQS.
Then it was successfully purchased from the website. Now we have to check the queue.
In the queue, I found another error, and I foud a problem in a security group. I was using a wrong security group in the policy, I have changed it and the queue was cleared.
Now I can see the item in the database.
Here I have created a policy which allows dynamoDB to do delete item, describe table, get item, put item, update item.
I have given the policy name as 'DynamoSqsPolicy' and selected the functions in the actions menu for DynamoDB
I have inserted ARN of DynamoDB into the policy then allowed the selected functionalities.
Now we have to create a role and attach the policy so that this role can be attached to the instance. Once this role attached to an instance that instance will get the permissions from the policy.
Here I have created a role called WebserverRole and attached the policy which we have created before.
Next, we have to create a web server instance to host the website. I have used EC2 to create the instance.
I have selected t2 micro which is free up to 750hrs on my student account.
Here I have created a new security group then allowed Web and RDP access for web server ec2 instance by selecting my IP.
Then created a new key pair, this will be used to login to the instance later on. Then downloaded the key pair and saved it on my local computer.
Now we are creating a new server for I have followed the same step and created a queue server instance. I have given the same IAM role and created a new security group which allowing RDP to the instance.
On the web server instance, right-click to get the windows password and choose the key and decrypt password.
This will be the password for the RDP session.
Now we have to login to the Instance, I have used the conditionals to log in.
I have enabled the Webserver role in the instance.
Then install the asp.NET 4.5 (including developer stuff), HTTP connectors and windows authentication role services.
Once the web server is ready we need to import the DinoStore program to the instance from Visual studio.
I have published the project and saved it on my local machine, then I have copied it to the webserver instance.
In IIS right click on your newly copied folder in wwwroot, and ‘Convert to Application’.
Provided the root for the website.
Security Groups we are going to allow instances in the RDP and WebRDP security groups to access instances in the RDS security group. This allows for easy scaling. I have selected the security group and added two new rules which allows the traffic from the security groups which we have created earlier.
Then I have used Notpad to edit the webconfig file and removed all the access keys. Now because of the rules the program gets these access automatically.
I hace tested it by entering the following URL http://169.254.169.254/latest/meta-data/iam/security-credentials/WebServerRole ,
Now we can run the web site by right clicking in the Default.aspx and brouse.
I have tested it on the public internet by entering the public DNS if the instance, after the url.
We can find the private IP of the server in the website.
Next, we have to put the oOrder processor to the Queue server. InVisual Studio clicks on the NET702.DinoStore.OrderProcessor and choose ‘Release’ from the Solutions Configuration pull-down at the top of the window. Then right click on the NET702.DinoStore.OrderProcessor and ‘Publish’ and save it in the queue server.
To run the program automatically, I have made a shortcut of the setup file and kept it in the startup folder of the server. Then run the startup to start queuing.
Now we have to chek the program by purchasing an item.
When I was purchasing I was getting an error on the website. The error was about the access permission to the SQS.
Then I found out that, in IAM policy I did not create permission for the SQS. I have deleted and created a new policy with DynamoDB and SQS.
Then it was successfully purchased from the website. Now we have to check the queue.
In the queue, I found another error, and I foud a problem in a security group. I was using a wrong security group in the policy, I have changed it and the queue was cleared.
Now I can see the item in the database.
No comments:
Post a Comment