Hosting a Web App in AWS EC2

Introduction

There are many ways to host a web app in the AWS environment. Your web app could be either a traditional web site or API project. Both types of web projects will be called web apps from now on. Some of the ways that we can apply to host a web app in AWS are listed below:

1. Hosting a web app in S3 bucket
2. Hosting a web app in a container in ECS, EKS, or Fargete
3. Hosting a web app with Elastic BeansTalk
4. Hosting a web app directly in EC2

Although 1,2,3 are modern approaches to host a web content in AWS, we are dealing with something for people who did a lot of work in legacy systems, but want to jump to AWS environment with their old habits!

The aim is to make a quick introduction of flow for Route53, Application Load Balancer, Security Groups, etc. with EC2.

So, we will be investigating the last one in this article. There are many operating systems to be used in EC2. We will be using Linux with the lowest configuration that can be reached in Free Tier. For more about AWS Free Tier, click here.

Amazon EC2 can be used directly to host a web app. In this article, all steps to achieve such a task are explained step by step.

Background

• Amazon Security Group
• Amazon EC2
• Amazon Load Balancer
• Amazon Route53

What To Do

The main architecture can be as shown below:

Suppose the aim is to host your web site in an AWS EC2 machine. For the simplicity of the app, a static HTML page will be published into AWS EC2 in Apache Web server. We will make it possible to reach Apache default www klasor through ftp. Beside these requirements, a domain will be redirected to this web app through AWS Route53.

To design the architect shown in Image-001, we will be creating AWS items in the order of numbers in grey circles.

Suppose that our domain is WELR.com and we want to host its running items in EC2.

All steps to host WELR.com content in an AWS EC2 can be as below.

Step 1: Create a Security Group (SG-for-EC2-for-WELR) in AWS

This security group will be used for EC2. A security group can be thought of as a firewall of what it is bound to.

Set all inbound ports as shown below:

• 20-21 (FTP)
• 1024-1048 (FTP), optional
• 22(SSH)
• 80(HTTP)
• 8080(HTTP custom), optional
• 443(HTTPS)

The red rectangle in the image below is important to show flow from ALB to EC2 through related security groups.

Step 2: Create an EC2 (EC2-for-WELR) with SG-for-EC2-for-WELR

Creating an EC2 instance in AWS is a straightforward action. The connect button in the top-right side of the image below will be used to connect to EC2.

Install all requirements in EC2-for-WELR.

Firstly, you should connect to the EC2 command prompt. To be able to do this step, there are many ways. But the simplest one is to connect directly through the AWS web console.

After pressing the Connect button, you will be connected as ec2-user to the EC2 command prompt.

2.1- Install Apache

> sudo s
> yum update -
> yum install -y httpd.x86_6
> systemctl start httpd.servic
> systemctl enable httpd.service

All wep app files will be in apache default web folder.

Default web folder for apache is /var/www/html.

2.2 - Install ftp

> sudo su
> yum update -y
> yum install vsftpd
			
> sudo vi /etc/vsftpd/vsftpd.conf

You should make some changes in the ftp configuration file as shown below.

All these lines should exist in the configuration file as shown. To use vi editor, you should know how to use it. If it is the first time for you to use vi editor, check here.

# remove all # of the lines below
anonymous_enable=NO
#
local_enable=YES
#
write_enable=YES
#
local_umask=022
#
dirmessage_enable=YES
#
xferlog_enable=YES
#
connect_from_port_20=YES
#
chroot_local_user=YES
write_enable=YES
allow_writeable_chroot=YES
#
listen=NO
#
listen_ipv6=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
pasv_enable=YES
pasv_min_port=1024
pasv_max_port=1048
pasv_address=18.170.116.xxx

To restart vsftpd, one the following can be used.

> /etc/init.d/vsftpd restart

OR:

> systemctl restart vsftpd

To add a user for FTP, do the following in the EC2 command prompt.

> adduser awsftpuse
> passwd awsftpuse
> usermod -a -G root awsftpuser
> usermod -d /var/www/html/ awsftpuse
> chown -R awsftpuser /var/www/htm
> systemctl restart vsftpd

2.3 - Install ftp Client

e.g. Filezilla client on Windows.

After creating all items in AWS, try to connect and upload a file by an FTP client. You should be able to upload index.html to the web folder of ftp in EC2.

Step 3: Create a Security Group (SG-for-ALB-for-WELR) (will be used for ALB)

Set all inbound ports as shown below:

• 20-21 (FTP)
• 1024-1048 (FTP), optional
• 22(SSH)
• 80(HTTP)
• 8080(HTTP custom), optional
• 443(HTTPS)

Step 4: Create a Target Group TG-for-WELR including EC2-for-WELR

Step 5: Create Application Load Balancer with the Name ALB-for-WELR

This ALB should have the target group TG-for-WELR.

Target group is a group of EC2. But for now it includes only EC2-for-WELR.

Additionally, this ALB should have SG-for-ALB-for-WELR.

Step 6: Allow all TCP Request of SG-for-ALB-for-WELR to SG-for-EC2-for-WELR

Add inbound rules to SG-for-EC2-for-WELR so that it accepts all TCP requests from SG-for-ALB-for-WELR.

Step 7: Create a Route53 Hosted Zone

It should have four records as below:

• NS and SOA are created automatically
• Create Record A. As it is seen in the image below
• Create Record CNAME - to welr.com

NS addresses can be used in domain management UI to redirect the domain name to the web app you host in EC2 Apache.

Conclusion

As mentioned at the beginning of this article, there are many ways to host a web app in any cloud environment. We made some investigations in AWS EC2. As it is seen, we suppose that we deploy the running items of the web app to Apache through FTP manually. However, with any CI/CD tool, it can be automated using FTP commands as well.

The main idea of this article is to show how to host a web app in EC2 that is behind Route53 and Load Balancers in the AWS environment.

History

• 26^th September, 2022: Initial version