Bonjour a tous. Hello everyone. This week’s learning material is about creating a three-tier architecture. The 3-tier architecture is the web tier, the application tier, and the database tier.
To begin with, supplying static information to users and responding to incoming requests fall under the purview of the web tier. Each instance running as part of the Auto Scaling Group is accessible via subnets from the internet. Second, by putting the EC2 instances on private subnets and enabling inbound traffic from the Web Server Security Group, the application tier, which manages payments, processes transactions, and communicates with the database, can prevent direct access from the internet. Last but not least, the database tier would save transaction records, product information, and customer information. By implementing Multi-AZ, you can guarantee that the database is highly available and can continue to function even if one availability zone is lost. In conclusion, the 3-tier architecture offers a scalable and trustworthy platform that can support a large volume of users and transactions. RDS and Auto Scaling Groups enable the platform to be implemented rapidly, effectively, and with little upkeep. Let’s start our breakdown demonstration.
Log into your console. On the search engine, type in VPC. Create VPC. Once on the creation of the VPC, do VPC only (it’s tempting to do VPC and more, but trust this process), follow the image below, and click Create VPC.
Following the VPC’s success notification, on the left-hand side, click on subnets to construct your subnets. Choose the already generated VPC. Name the subnet in the Subnet configuration (see illustration below).
This is the subnet’s initial illustration. There ought to be six subnets altogether. Two public subnets with varying availability zones and four private subnets with varying availability zones.
FORMATION OF THE ROUTE TABLE
Let’s look at the route table on the left after we’ve created the six subnets. When you’re on the route table’s main page, click Create Route Table. Once on the page, name it (PublicRoute-table) and select the correct VPC that was previously built.
Then create a route table by clicking on create route table. A success message will appear. Scroll down on the page to subnet association, click edit subnet association, and select the right public subnets, then save. Do this for the following other subnets: A summary of the associated subnets should look like the image below.
THE ESTABLISHMENT OF NAT GATEWAY
On the left-hand side, click on NAT Gateway and then Create NAT Gateway. image below,
Fill out the information for your NAT gateway, and then click create NAT gateway on the bottom right. The next stage is to build the internet gateway after the successful message.
INTERNET GATEWAY
On the left, select Internet Gateways. Once on the internet gateway's home page, on the right-hand side, click on create internet gateway. Name your internet gateway (3tierinternetgateway) and click create Internet Gateway. Now let’s connect it to a VPC. It will say “attach to VPC” on the green flag/banner. Toggle it on. Select your VPC from the drop-down menu on the Attach to VPC home page. Click on attach internet gateway when you’re finished.
BACK TO THE ROUTE TABLE WE GO!
On the left, under VPC, select route tables. On the route tables home page, choose your first route table (publicRoute-table) on the right-hand side, then click “Actions” from the drop-down menu to select “edit routes.”
After arriving at the edit route table screen, select add route. 0 should be the final destination. After making your selection, click save changes with the internet gateway as the target. The two private route tables go through the same process, but with a NAT gateway as the destination.
THE CONSTRUCTION OF THE JUMP BOX!
A device connected to two networks is known as a jump box, and most of the time it runs a single operating system. Jump boxes are typically employed when a system tool has to connect directly to the equipment in the concerned security zone.
We are currently on VPC and want to switch to EC2. On top of the search engine. Type in EC2. On the EC2 home page, on the left side of the screen, click on Instances. It will take you to the home page on the right side of the screen. Click on Launch Instance.
Name: THEBOX
Application and OS Image: Amazon Linux and Amazon Linux 2 AMI
Instance Type: t2.micro
Network Settings: (see image)
Security group rule 1: Type is shh and source type is anywhere.
scroll down to the Advance details drop down and scroll down to the user data box to write this script.
Review your work and then create your launch instance.
THE FOUNDATION OF THE GUARD (SECURITY GROUP)
Since you’re already on EC2, let’s go back to VPC. Search for VPC, then, on the VPC main page, click on security group. On the security group home page, on the left-hand side, click on create security group. The image below should follow the format.
As the box or jump box in the source won’t automatically be filled in, make sure you are choosing the correct VPC. The first rule is SSH, and the source is the box created earlier. The second rule is HTTP, and the source is anywhere. The third rule is IMCP-IPv4 customization, and the source is the box or jump box created earlier. After adding the three rules, scroll down to click on create security group. Our VPC is now guarded and secured.
LAUNCH OF THE TEMPLATE
Let's create our launch template, shall we? Go to EC2 on the left-hand side of the screen. Click on launch template.
Launch template name: Publicwebtemplate
Application and OS Images: click on quick start and select Amazon Linux, and on the drop-down menu, select Amazon Linux 2 AMI (HVM).
Instance Type: t2.micro
Key pair: Create a new pair.
Network Settings: follow image below
Click on the drop-down menu for Advanced network configuration. Change the Auto-assign public IP to enable.
When you reach the Advanced Details drop-down option, continue scrolling down. Use this script as demonstrated below by scrolling down to the user data section.
THE FOUNDATION OF AN AUTO SCALING GROUP
After launching the template, go to Auto scaling groups on the left-hand side.
Step 1:
step 2:
Step 3: Design your load balancer.
once change to internet-facing, scroll down to listeners and routing.
Step 4:
Skip 5 and 6.
Step 7. Review and submit it.
THE APPLICATION TIER BUILDER
Let's create an application tier. which are the private subnets. Go to the Launch Template and create it.
keep the same security group.
Select private subnet 1 and the VPC security group.
Scroll down to create your template. After the success message of the creation of the template. Let’s create an auto scaling group.
Auto Scaling Group. On the left-hand side, select the auto scaling group.
Step 1: Name the auto scaling group (Privatappscalinggroup).
Step 2: See the image below.
Step 3:
Step 4: 1, 1, and 2.
Skip 5 and 6.
Step 7: Review and submit.
LET US COMPLETE OUR DATABASE TIER
After creating the Application tier, let’s create the database tier. On the search engine at the top, type in RDS and click on create database. On the database creation home page, choose your creation method (standard create). Engine options (seen in the image below)
Credentials settings are a subcategory of the Settings section; see the figure below.
Instance Configuration: Change to db.t2.micro
Storage: uncheck enable storage autoscaling.
Connectivity:
Review your work. Once satisfied, click create database tier. It will take a couple minutes to create your database tier. Clicking on the database hyperlink will take you to the connectivity and security tab.
After the creation of your database tier, on the search bar, type in EC2. Go to instances. Go to your application instance ID hyperlink, scroll down to the security tab, and click on the security group hyperlink.
Once on the home page of editing inbound rules, click on new rule. On the drop-down menu, add MySQL, and in the custom drop-down, select the database security group.
That's a wrap!! You have completed the database tier. There should be a total of four rules in the application tier.
LET’S CONNECT
Reverting to the EC2, here select “instances” from the main page. The instance can be entered by clicking the instance ID hyperlink on the instance home page. The IPv4 address is public, so copy it. To display your customized message, open a new tab and paste the public IPv4 address.
Yes, it works!
Now open your terminal to check the work. First, copy the box or jump box .pem and paste it into your terminal. Once you see that you have entered the IP address itself. It should look like the image below.
Now go back to EC2, grab the web server's private IP address, and ping it. Image below
Yes!! it works!!
To stop or terminate the download, do ctrl + C.
Now let’s do the same for the application tier.
Et Voila!! You have switched from the web tier to the application tier.
CONGRATULATION!
You have built yourself a 3-tier architecture that is scalable, trustworthy, and can support a large volume of users and transactions.
