Creating an Auto-Scaling Group of EC2 Instances for High Availability Using a VPC
Do you know how to create an auto-scaling group of EC2 instances for high availability using a VPC? If the answer is no, I will be more than happy to walk you through the steps needed to do so with this week’s article.
In my previous publication, I touched on launching a t2.micro EC2 instance using the AWS command line interface with an Apache web server. This week I will be detailing how to create an auto-scaling group of EC2 instances using a VPC for high availability.
1. ) Creating a VPC in the AWS Console:
To get started, you will need to log into the AWS Console in order to create your VPC. *Remember to log in to your AWS account as an IAM user and not as a root user!*
In the console search bar, type “VPC” to be directed to the VPC dashboard and select “Create VPC.”
For the VPC settings, select “VPC only,” under “Resources to create”
For this walkthrough, I decided to give my VPC a tag, however, this is completely optional. I then added 10.10.0.0/16 for the IPv4 CIDR.
The CIDR block partitions the space IP addresses occupy and allows subnetworks with different host counts to be created.
2.) Creating subnets
In the VPC dashboard, on the left hand side of the navigation panel, select Subnets to create the subnets needed.
Select the VPC you created in the previous step, name your subnet, choose an availability zone (AZ), and designate an IPV4 CIDR block.
I created three public subnets with CIDR blocks:
10.10.1.0/24
10.10.2.0/24
10.10.3.0/24
Each subnet was also given a different availability zone as well: us-east-1a, us-east-1b, and us-east-1c.
After configuring the settings and selecting “Create subnet,” you should see them listed in your Subnets list with a green “Available” state.
Below, are my 3 public subnets that I created:
3. Configure Subnet IP settings
Now you will need to configure the IP settings for each subnet to be able to transmit and receive internet traffic. In order to do this, from your Subnet list, check the box of one of your subnets. Under “Actions” in the top right-hand corner, choose “Edit subnet settings.”
Check “Enable auto-assign public IPv4 address” and Save.
*I enabled this setting for the three public subnets I created.*
4.) Creating and Attaching an Internet Gateway
It’s time to create an internet gateway. The internet gateway is a VPC component that permits subnet resources with an IPv4 or IPv6 Ip address to connect to the internet.
In the VPC dashboard, scroll down to Internet gateways, on the next screen, you will need to select “Create internet gateway.”
Name your gateway and Create!
The following screen should then display a green message stating the internet gateway has been created, with the option to “Attach to a VPC.”
Attach to a VPC and choose an available VPC from the drop down menu.
A successful VPC attachment should look like the screen below:
5.) Creating a Launch Template
Before we can create an auto-scaling group, we will need to create a launch template first. A launch template gives us the ability to set and store parameters so we do not have to set them each time we launch a new instance.
Let’s go back to the EC2 dashboard, and on the left hand side of the navigation menu, scroll down to “Launch templates” and on the subsequent screen “Create launch template.”
Give your launch template a name and description and further down on the page under Application and OS Images (Amazon Machine Image), make sure the “Quick Start” tab is chosen. Select the Amazon Linux server (free-tier!)
For instance type, let’s go with the free tier, t2.micro instance.
For key pair (login), you can either choose to select a previously created key pair or create a new one. I opted to create a new one: wk7keypair
If you decide to create a new key pair, leave the key pair type as RSA and “Private key file format” as .pem
*Be sure to save the key pair, as you will need it to authenticate your EC2 instances when you have to connect to them via SSH*
Further down for Network settings, we need to Create a security group that controls the traffic that reaches our instances.
Name the security group, give the security group a description, and select a VPC.
For Inbound security group rules, security group rules need to be added:
Open Port 80 for HTTP and Port 22 for SSH
The source type for both ports should be Anywhere
Towards the bottom of the page we will need to add the script that installs Apache, checks random IP addresses, and produces a test page to the Advanced details section. In User data-optional box enter:
#!/bin/bash
yum update -y
yum install -y httpd
systemctl start httpd
systemctl enable httpd
6.) Creating an Autoscaling Group
Let’s proceed with creating an auto scaling group using t2.micro instances. On the EC2 dashboard, scroll allllll the way to the bottom and select “Auto scaling groups.”
Name your Auto Scaling group, and select the launch template you created from the Launch template drop down.
Click “Next”
Select your VPC and availability zones and subnets:
I selected the three I made: us-east-1a, us-east-1b, us-east-1c and proceed to the next screen.
On the Load balancing-optional page, select “Attach to a new load balancer” and choose “Application Load Balancer” for HTTP, HTTPS.
Then select your availability zones and subnets
Under Listeners and routing, select a default routing (forward to) target group and ensure the Protocol is set to HTTP.
On the Group size-optional screen, I made the desired capacity: 2, the minimum capacity: 2, and the maximum capacity:
Bypass the Add notifications and Add tags screens. Once you get to the review page, make sure all of your information is correct and choose Next.
You should see a green banner, that successfully shows your Launch Template has been created and you will see the template listed:
We’re almost at the finish line!
Now for the final step we need to go back to the “Load Balancing” and change the settings. On the left hand side of the navigation menu of the EC2 dashboard, go to Load Balancing:
Under “Actions” select “edit security groups” and make sure the security group you recently created is selected instead of the default. This allows us to use the DNS url of the application load balancer in our browser to verify the site can be reached.
Under the Application Load Balancer Description, we see our DNS name:
In your web browser, copy and paste the DNS name and you should see your test page!!!
*Disregard my DNS name lol. I created a ton of security groups, VPCs, subnets, and launch templates trying to get everything to work. Each week the projects become harder, but I am thankful for the challenge.*
