Amazon Cloud Front
For this task, we need basic knowledge of three things
- EC2: Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides secure, resizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers. Amazon EC2’s simple web service interface allows you to obtain and configure capacity with minimal friction.
- S3: S3 is the only object storage service that allows you to block public access to all of your objects at the bucket or the account level with S3 Block Public Access. S3 maintains compliance programs, such as PCI-DSS, HIPAA/HITECH, FedRAMP, EU Data Protection Directive, and FISMA, to help you meet regulatory requirements.
- Cloud Front: Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds, all within a developer-friendly environment.
Task Description :
- Webserver configured on EC2 Instance.
- . Document Root(/var/www/html) made persistent by mounting on EBS Block Device.
- Static objects used in code such as pictures stored in S3.
- Setting up a Content Delivery Network using CloudFront and using the origin domain as an S3 bucket.
- Finally, place the Cloud Front URL on the web app code for security and low latency.
For the same, we create a key-pair, security group and launch an instance. We use the concept of remote login through ssh protocol and configure the webserver there. Create a html file using vi filename.html . We also create partitions after creating and attaching EBS volume to the instance. Next, we create an S3 bucket add an object in it . Used that object / image in html file. Next create the cloud front services to create a URL and use it to access the same file.
Creating a key pair
The given command creates a key and saves it in the .pem extension which is further required to remote login.
aws ec2 create-key-pair — key-name ‘myaws’ — query “KeyMaterial”— output text > myaws.pem
Creating a security group
Use the given command for creating a security group. You can reach the command using AWS ec2 help option.
aws ec2 create-security-group — description “Allow 22 & 80 Ports” — group-name “awsecurity”
The security group needs specific rules to allow inbound traffic. Since we are working using ssh, HTTP protocols. Allow their respective port numbers in the rules.
SSh =22 HTTP = 80
aws ec2 authorize-security-group-ingress — group-name “awssecurity” — protocol “tcp” — port 22 — cidr “0.0.0.0/0”
aws ec2 authorize-security-group-ingress — group-name “awssecurity” — protocol “tcp” — port 80 — cidr “0.0.0.0/0”
use the above-created key and security group to launch an instance.
aws ec2 run-instances --image-id "ami-052c08d70def0ac62" --instance-type "t2.micro" --key-name "myaws" --security-groups "awssecurity"
Always remember to create the volume in the same region where the instance is launched.
aws ec2 create-volume --availability-zone "ap-south-1a" --size 1
It's necessary to attach the created volume to use it as external storage.
aws ec2 attach-volume — device “xvdb” — instance-id “i-06c8c6f22e54aa323” — volume-id “vol-0b3306753e956ac19”
To use any external storage we follow three basic steps 💾
For this purpose, we do remote login through ssh and create partitions.
For logging into ssh give access to your key by using
chmod 400 keyname.pem
ssh -i keyname.pem ec2-user@instance_public_ip
Once you landed remotely use sudo su — root. Install the following commands to configure the webserver.
# yum install httpd -y
Start the httpd service using the command 🍀
# systemctl status httpd
use fdisk -l command to check the hard disk. The highlighted harddisk is the attached volume which needs to be partitioned.
Create partition :
Formatting Harddisk :
Format the storage using the below-mentioned command. Formatting creates an inode table that contains the basic data of the stored files.
[root@ip-172-31-42-171 ec2-user]# mkfs.ext4 /dev/xvdbb1
After formatting the volume mount it using the below command with directory /var/www/html where all the code of webpage .
mount /dev/xvdb1 /var/www/html
You can come out of remote login using exit.
Create S3 bucket :
aws s3 mb s3://bucketname
Now upload the data in your S3 bucket. Make sure to publicize the rules of the S3 bucket.
Create a cloud front :
Create a cloud front to distribute this data image in my case to Edge locations.
aws cloudfront create-distribution — origin-domain-name bucketname.s3.amazomaws.com
This command creates the domain name. Place this domain name in the place of data in the html file created.
You can reach the customer easily without any content delay !!!
Cloud front service hence helps avoid latency by creating CDN content delivery network.