How to create Three-tier highly available architecture in AWS Cloud using AWS Console

All credit goes to @Piyush Sachdeva and his great team in the discord who are ready to help and make sure you understand the issue

## This is the week 2 project from Piyush’s weekly challenge, by this time his community had already gone to week 8 challenges, and Piyush himself put up videos on how to do stuff up to week5.

In case you are wondering what am talking about then visit Piyush’s GitHub- https://github.com/piyushsachdeva/10weeksofcloudops and follow his YouTube channel for the same

Things that need to be considered for a three-tier architecture:

Outside AWS:

1. Apptier,webtier code or package for installation
2. Nginx server
3. Pm2 process for Javascript high availability
4. Mysql software on EC2 Linux instance

Inside AWS:

1. AWS EC2 instances with Autoscalinggroup
2. VPC , Subnet and route table (1. 2subnets for Apptier in 2 AZ, 2. 2 subnets for web tier in 2 AZ, 3. 2 subnets for DB Tier in 2 AZ, 4. Internal and External load balancer)
3. Security group(1. 1 for Apptier, 2. 1 for Webtier 3. One for load balancer 4. 1 for the Database 5. Lodbalancer 6. Internal load balancer)
4. Security group is the stateful firewall for AWS services, hence it is important to restrict the Allow access only between security groups

i.e make sure the Inbound connect allow http in this order “internet SG -> Webtier SG -> Internel SG-> App Tier SG -> DB Tier SG”

what it means is that the Webtier SG will have Inbound as “HTTP from internet facing Security group only, this essentially avoids unwanted connection from the internet”

5. NAT Gateways for each App tier Security Group

6. Launch the template with the AMI created for Apptier and Webtier host after installing the necessary software on the server and testing if the connection is good

7. Target group for creating web and app server

8. RDS Aurora Database cluster

Follow the steps on the AWS page for creating a three-tier and follow the Youtube video of Piyush

There are some challenges during the course of the project

1. Session manager with an IAM role might not work for some instances while it works for some or if you re-start the instance or re-create an instance may work
2. pm2 start index.js — start backend- when installing Pm2 use this command before doing pm2 save as the actual command in the steps is not effective when you re-start the machine

Webtier load balancer showing the web page that has the three tier architecture

Backend Aurora DB and front Javascript web page for creating entries that can seamlessly get stored in underlying Aurora DB and with high security and availability

Created my custom VPC

Glance of how many VPC, Subnets, Security groups , Route table etc.,

Set of subnets

Set of Route tables

Subnet within the RDS console for the RDS Aurora cluster

Set of Security groups

Enable public IPv4 allocation on Public subnet incase the instances are not coming with Public IP address through autoscaling

Here are the instances:

AMI from the instances that have required tools and software installed

Launch templates from AMI

Autoscaling group

Target group

Loadbalancer