From building an AWS cloud environment to deploying a Spring Boot app (for beginners)

As an application engineer, I haven't had much experience in infrastructure design in my daily work, but I was impressed that I could easily build an infrastructure infrastructure even though I had almost zero knowledge of infrastructure through AWS. This time, for the same beginners as me, I will share the procedure from building the AWS cloud environment to deploying the Spring Boot app.

Environmental configuration diagram

For the AWS configuration, we will adopt a redundant configuration using two Availability Zones (AZ) within the Tokyo region. EC2 instances will be distributed in the two AZs, and access will be distributed via ALB (load balancer). In addition, the RDS instance will be configured in Multi-AZ so that it will be distributed in two AZs as in EC2.

First, build a VPC!

Each instance in AWS must be assigned an IP address and properly routed so that it can reach the instances in AWS from the external network. The service that provides such a virtual network is called Amazon Virtual Private Cloud (VPC).

About VPC configuration

Although it is practice, we are aiming for a VPC environment that is close to the actual battle. This VPC consists of two types: ** public subnet ** for internet communication and ** private subnet ** that is blocked from the internet. Apply different security groups to each to control access to the two subnets. The AP server is built on the public subnet, and the DB server is built on the private subnet. VPC構成詳細.jpg

VPC creation

After registering a new AWS account, the default VPC environment was already created, but this time I will build the following VPC from scratch without using it. vpc構成図.jpg

    1. ʻAWS Management Console⇒ ClickVPC ⇒ Select VPCfrom the menu on the left ⇒ Press theCreate VPC` button.
  1. Enter an appropriate name in the VPC creation screen, and enter the IP address range in the CIDR block field. (Enter "10.0.0.0/16" this time.)
    1. Press the Yes, create button. VPC作成.jpg

Subnet creation

Create a subnet inside the VPC above. Since a subnet cannot be created across multiple AZs, be sure to specify one AZ when creating it. For load distribution and redundancy, build two subnets for AP server and two subnets for DB server. subnet構成.jpg

    1. Select Subnet from the menu on the left ⇒ Click the Create Subnet button.
  1. On the subnet creation screen, enter an appropriate name, select the VPC created above, and enter the CIDR block. (Subnet1 is "10.0.0.0/24".) subnet1作成.jpg
    1. Follow the same procedure as above to build Subnet2, Subnet3, and Subnet4.
Subnet AZ IPv4 CIDR block
public-subnet1 ap-northeast-1a 10.0.0.0/24
public-subnet2 ap-northeast-1c 10.0.1.0/24
private-subnet1 ap-northeast-1a 10.0.2.0/24
private-subnet2 ap-northeast-1c 10.0.3.0/24

Subnet list screen after completion subnetList.jpg

Creating an internet gateway (IGW) and route table

The ** Internet Gateway (IGW) **, as the name implies, is the gateway to the Internet and is installed to communicate between the VPC and the external network. Also, whether the subnet created above is a public subnet or a private subnet is determined by the ** route table ** applied to that subnet. Destination: The subnet to which the route table with IGW set as the target of 0.0.0.0/0 is applied is the public subnet. On the other hand, the subnet to which the route table (default) without IGW is set as the target of destination: 0.0.0.0/0 is a private subnet. igw&rtb.jpg

    1. Select Internet Gateway from the menu on the left ⇒ Click the Create Internet Gateway button.
  1. Enter an appropriate name and press the Yes, create button. igw.jpg
    1. Press the Attach to VPC button to link with the VPC. igw attache.jpg
  2. Select Route Table from the menu on the left ⇒ Press the Create Route Table button.
  3. To create a route table for Subnet1, which is a public subnet, enter an appropriate name, link it with a VPC, and press the Yes, create button. rtb1.jpg
  4. Follow the same procedure as above to build public-rtb2. This time, instead of creating a route table for the private subnet, we will use the default route table.
  5. Register the IGW as the target of the default gateway (destination 0.0.0.0/0) in the route table for the public subnet. route.jpg The route information "10.0.0.0/16 local" in the route table cannot be changed or deleted with the default settings. This default setting means that communication within a VPC cannot be controlled by the route table, which means that subnets within the same VPC can communicate between subnets.

Creating a security group

A security group can control inbound (inbound) and outbound (outbound) access with a firewall for each instance in AWS. You must apply at least one security group to each instance. VPC構成詳細.jpg

    1. Select Security Group from the menu on the left ⇒ Press the Create Security Group button.
  1. To create a security group for the AP server, enter an appropriate name, link it to the VPC, and press the Yes, create button. sg作成.jpg
    1. Follow the same steps as above to create a security group for your DB server. private sg.jpg
  2. Create inbound and outbound rules for each security group. By default, inbound is not allowed, so it will not accept access from anywhere. On the other hand, outbound has rules that allow access to all destinations / port numbers by default. Keep the SSH port 22 and the web app 8085 port open in the security group for the AP server so that they can be accessed from the outside. public inbound.jpg On the other hand, the security group for DB server keeps Aurora port 3306 open to allow only DB access from the AP server. private sg rule.jpg

This completes the VPC construction.

Build an RDS instance

RDS is a relational database manager service. The following 6 types of database engines can be selected with RDS. ・ Amazon Aurora ・ MySQL ・ MariaDB ・ PostgreSQL -Oracle · MS SQL Server This time we will build Aurora DB. Aurora is AWS's proprietary relational DB engine that is compatible with MySQL and is said to have up to five times the throughput of MySQL and three times the performance of PostgreSQL throughput. RDS.jpg

Creating a subnet group

You must specify a DB subnet group in your VPC as a prerequisite for creating a DB instance. A DB subnet group requires subnets in at least two Availability Zones within a particular region. You must select a DB subnet group when you create a DB instance in your VPC. Amazon RDS uses its DB subnet group and preferred Availability Zone to select a subnet and the IP addresses within that subnet to associate with your DB instance.

    1. ʻAWS Management Console⇒ ClickRDS ⇒ Select Subnet Groupfrom the menu on the left ⇒ Press theCreate Subnet Group` button.
  1. Enter the name etc. appropriately, add two DB subnets (private subnet1, private subnet2), and press the Create button. db subnet group1.jpg

Creating a DB instance

    1. Select instance from the menu on the left ⇒ Press the Start DB Instance button.
  1. Select Amazon Aurora on the engine selection screen. db1.jpg
    1. On the DB details screen, specify the DB instance class, etc., and click the Next step button.
  1. Specify the VPC, DB subnet group, preferred AZ, and security group. db3.jpg
  2. You can confirm that the DB instance is being created after the setting is completed. db4.jpg

Build an EC2 instance

Finally, I arrived at EC2. Amazon Elastic Compute Cloud (EC2) is a virtual server on AWS. This time, we will build two instances for load distribution. EC2.jpg

Creating an EC2 instance

    1. Click ʻAWS Management Console ⇒ ʻEC2 ⇒ Select Instance from the menu on the left ⇒ Press the Create Instance button.
  1. Select Amazon Linux as your instance type. ec21.jpg
    1. On the instance type selection screen, select the type for the free tier. ec22.jpg
  2. Specify the VPC and subnet on the advanced settings screen. ec23.jpg
  3. Add storage. ec24.jpg
  4. Specify the security group for the AP server. ec25.jpg
  5. Finally, download the key pair to log in to EC2 and press the Create Instance button to complete the instance creation. ec26.jpg

ELASTIC IP association

An ELASTIC IP assignment is required to assign a static public IP address to the above EC2 instances.

    1. Select ʻELASTIC IPfrom the menu on the left ⇒ Press theAssign New Address` button. eip1.jpg
  1. Associate with an EC2 instance. eip2.jpg

EC2 environment initialization

Enter the above ELASTIC IP using an SSH client such as Tera Term to access your EC2 instance. ec27.jpg Use the "ec2-user" user to log in with the key you downloaded earlier. ec28.jpg

tera term.jpg

If you can log in successfully, make the initial settings for EC2.

#Update to the latest software
$ sudo yum update -y
#Host name change
$ sudo hostname ec2-1-cinpo1
$ sudo vim /etc/sysconfig/network
HOSTNAME=ec2-cinpo1;
#Edited the host file and issued from AWS<Private IP>write.
$ echo "17X.XX.X.X30 ec2-cinpo1" |sudo tee -a /etc/hosts
#Host name confirmation
$ hostname -f
#Time zone change
# /etc/sysconfig/Edit clock
$ echo -e 'ZONE="Asia/Tokyo"\nUTC=false' | sudo tee /etc/sysconfig/clock
#Change timezone file
$ sudo ln -sf /usr/share/zoneinfo/Asia/Tokyo /etc/localtime
#Check the result
$ date
#Java 8 installation
$ sudo yum install java-1.8.0-openjdk.x86_64
#Java 8 choice
$ sudo alternatives --config java
#Check the result
$ java -version

Build a second EC2.

Follow the same steps as above to build a second EC2 instance.

Data porting to Aurora environment

#Install the MySQL client to connect to the Aurora server.
$ sudo yum install mysql
#Connect to Aurora server to create new database and port data.
$ mysql -h <RDS instance endpoint> -u username -p
$ create database sampleDB

...The following is omitted...

mysql.jpg

Deploy Spring Boot app

    1. Use SSH SCP transfer of Tera Term to upload the Spring Boot app locally to the above two EC2 instances.
  1. After completion, launch the Spring Boot app as before.
$ java -jar XXXXXXXX.jar

boot.jpg

    1. At this point, try accessing ELASTIC IP: 8085 and you should see the app screen.

Creating a load balancer

Finally, apply a load balancer (Application Load Balancer [ALB]) to achieve load balancing of the AP server. ALB.jpg

Building a target group

As a prerequisite for applying ALB, you need to register the EC2 instance as a target in the target group. ALB acts as a single destination for clients, distributing inbound traffic to registered targets.

    1. Click ʻAWS Management Console ⇒ ʻEC2 ⇒ Select Target Group from the menu on the left ⇒ Press the Create Target Group button. ALB1.jpg
  1. Register the target in the selected target group on the target group list screen. ALB2.jpg
    1. Register the EC2 instance as a target in the target group. ALB3.jpg

Building ALB

    1. Select Load Balancer from the menu on the left ⇒ Press the Create Load Balancer button and select Application Load Balancer. ALB4.jpg
  1. Specify the name appropriately, and specify the listener, subnet, etc. ALB5.jpg
    1. Specify the security group. ALB6.jpg
  2. Specify the target group created earlier. ALB7.jpg
  3. It will be in the process of being created and will be available in a minute or two. ALB8.jpg

Operation check

This completes everything from building the AWS environment to deploying the app. http://<ALBのDNS名>:ポート/にアクセスすれば、アプリ画面が表示されたら完成です。 final1.jpg

Recommended Posts

From building an AWS cloud environment to deploying a Spring Boot app (for beginners)
[Spring Boot] How to create a project (for beginners)
From creating a Spring Boot project to running an application with VS Code
How to write a unit test for Spring Boot 2
Load an external jar from a Spring Boot fat jar
Try Spring Boot from 0 to 100.
Steps required to issue an asynchronous event for Spring Boot
[iOS] [Objective-C] How to update a widget from an Objective-C app
Introducing Spring Boot2, a Java framework for web development (for beginners)
How to make a hinadan for a Spring Boot project using SPRING INITIALIZR
Create an app with Spring Boot 2
02. I made an API to connect to MySQL (MyBatis) from Spring Boot
From building to deploying Ruby on Jets in docker-compose environment <Part 2>
From building to deploying Ruby on Jets in docker-compose environment <Part 1>
Create an app with Spring Boot
Upgrade spring boot from 1.5 series to 2.0 series
Create a Spring Boot web app that uses IBM Cloudant and deploy it to Cloud Foundry
How to display characters entered in Spring Boot on a browser and reference links [Introduction to Spring Boot / For beginners]
[For beginners] Laravel Docker AWS (EC2) How to easily deploy a web application (PHP) from 0 (free) ①-Overview-
Building an SAP system connection environment using JCo to a PC that even Java beginners can do
How to build a Ruby on Rails environment using Docker (for Docker beginners)
Steps to create a simple camel app using Apache Camel Spring Boot starters
[Docker] Building an environment to use Hugo
Story when moving from Spring Boot 1.5 to 2.1
Changes when migrating from Spring Boot 1.5 to Spring Boot 2.0
Changes when migrating from Spring Boot 2.0 to Spring Boot 2.2
[For beginners] Laravel Docker AWS (EC2) How to easily deploy Web application (PHP) from 0 (free) ②-Docker development environment construction-
03. I sent a request from Spring Boot to the zip code search API
[Spring Boot] How to get properties dynamically from a string contained in a URL
[Error resolution] Occurs when trying to build an environment for spring with docker
Book introduction: Spring Boot Recommended reference book for beginners!
Create a simple search app with Spring Boot
Building a Ruby environment for classes on Mac
How to add a classpath in Spring Boot
An introduction to Spring Boot + in-memory data grid
Build a Laravel environment on an AWS instance
[Rails] Building an environment for developing web applications
Create a Spring Boot development environment with docker
Temporarily move Docker environment from Mac to AWS
Create a web app that is just right for learning [Spring Boot + Thymeleaf + PostgreSQL]
[For beginners] Until building a Web application development environment using Java on Mac OS
A story that stumbled when deploying a web application created with Spring Boot to EC2
<Dot installation> What to do if you cannot proceed due to an error when building a development environment for Rails learning.
Plans to support JDK 11 for Eclipse and Spring Boot
Memo to build a Servlet environment on AWS EC2
How to set Dependency Injection (DI) for Spring Boot
How to use an array for a TreeMap key
Build a Ruby on Rails development environment on AWS Cloud9
A memorandum of addiction to Spring Boot2 x Doma2
How to create a Spring Boot project in IntelliJ
Customizer for Platform Transaction Manager added from Spring Boot 1.5
Push delivery from Spring application to Firebase Cloud Messaging
Spring boot Things that beginners tend to have (@ComponentScan)
Java development for beginners to start from 1-Vol.1-eclipse setup
[Introduction to Spring Boot] Submit a form using thymeleaf
App development beginners tried to make an Android calculator app
How to boot by environment with Spring Boot of Maven
Send a command to Spigot from an external process
The story of migrating a stray batch without an owner from EC2 to a Docker environment
A new employee tried to create an authentication / authorization function from scratch with Spring Security
What to do if the log using JUL is no longer output to the app log after deploying the Spring Boot app to Tomcat as a war