Creating an EC2 Autoscaling Group with an Application Load Balancer
This week’s project was to create an ASG in Amazon AWS for high availability. This ASG is comprised of 3 separate EC2 instances in 3 separate subnets. I then implemented a load balancer to distribute traffic across all 3 EC2 instances.
STEP 1: Create a Virtual Private Cloud with three public subnets
A VPC is basically a big network that houses all of my AWS resources in a region. It is necessary to have one to deploy resources on AWS. To get started I logged into my AWS account and searched ‘VPC’ to access the VPC dashboard. Then I clicked on the ‘Create VPC’ button.
Next I set the parameters for my VPC and Subnets in the creation menu:
- VPC CIDR set to 10.10.0.0/16
- 3 Public Subnets with CIDR of 10.10.1.0/24, 10.10.2.0/24 and 10.10.3.0/24
Once I completed the configuration settings I clicked the ‘create’ button at the bottom and waited for the VPC to create the resources.
STEP 2: Create an autoscaling group with EC2 instances
To create the EC2 instances I opted to use a launch template since they will be indentical in function. To do so I searched ‘launch template’ in AWS and chose the option appeared under the ‘Features’ results for EC2.
On the following page I clicked the ‘create launch template’ button to access the configuration menu. I gave it a name and chose Amazon Linux for the OS version and t2.micro as the instance type.
Next I had to choose a key pair, which I had already created, and assigned it to one of our newly created public subnets. After that, I created a security group in the network settings section, gave it a name and assigned it to my newly created VPC. I also enabled ‘Auto assign public IP’ from advanced network settings. The final step in the process is to scroll down to the bottom of the menu and access the ‘Advanced Details’ section. I opened the sub-menu and scrolled down to the very bottom once again until I saw a text field labeled ‘User Data’.
Once there, I input the following code:
#!/bin/bash
#StartApacheScript
sudo yum check-update
sudo yum update
sudo yum -y install httpd
sudo systemctl enable httpd.service
sudo systemctl start httpd.service
sudo systemctl status httpd
sudo yum -y install firewalld
sudo systemctl start firewalld
systemctl status firewalld
sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https
sudo firewall-cmd --reload
echo "This is a test page!" >> /var/www/html/index.txt > /var/www/html/index.html
The above code does the following:
- checks for and installs updates for the OS running on each EC2 instance
- installs, enables and starts Apache web services on each EC2 instance
- enables a firewall service that allows HTTP(S) traffice on each EC2 instance
- Creates a web page that will display a message when each EC2 instance is accessed via the internet
Once this is complete I clicked the create launch template button
Now that my template was created I needed to make an auto scaling group. To do this I accessed the ‘auto scaling group’ menu from the left-panel options in the EC2 dashboard. On the resulting page, I clicked the ‘create auto scaling group button’.
On the next page I named my group and selected my new template. Then i clicked ‘next’ button.
On the next page, I slected my new VPC and the 3 new public availability zones that I created and clicked the ‘next’ button.
On the next screen I chose to create a new application load balancer and create a new target group for my ASG. I had to make sure that this load balancer was internet facing and included the 3 public subnets from my new VPC. Then I proceeded to the next page.
On this page, I set the minimum capacity of the ASG to 2 and the maximum capacity to 5. Then I proceeded to skip to the review page and click the ‘create auto scaling group’ button.
STEP 5: Create web server security group that allows inbound traffic from HTTP from the load balancer
Next I assigned several security groups to my load balancer that allow for HTTP(S) traffic to access it. To do so I accessed the Load Balancers page from the left panel menu in the EC2 dashboard. Once there, I clicked the checkbox next to my new application load balancer, clicked ‘Actions’ and selected edit security groups.
On the next page, I assigned several security groups that give permission for HTTPS access from the internet and for HTTP traffic to go to my ASG from the load balancer.
Once this is done it’s time to test our functionality of the load balancer. To do so we need to collect the load balancers DNS name. This can be done by going to the ‘Load Balancers’ page in the EC2 dashboard. There you will find the DNS name listed next to the new load balancer.
Next I copied and pasted the DNS name into a web browser and got the following result on the web page:
DONE! (Don’t forget to terminate your EC2 instances to avoid incurring cost)
