Open in app

Sign in

Write

Sign in

3-Tier Architecture Web App

Sheniell Sinclair
7 min readSep 13, 2022

--

In this article I will be designing a highly available 3 Tier Architecture.

Things I’ll need: An Amazon Web Services account and Windows Powershell. But first…

What is 3-Tier Architecture?

According to TechTarget.com “A 3-tier application architecture is a modular client-server architecture that consists of a presentation tier, an application tier and a data tier. The data tier stores information, the application tier handles logic and the presentation tier is a graphical user interface (GUI) that communicates with the other two tiers. The three tiers are logical, not physical, and may or may not run on the same physical server.”

  • The Presentation (Web) Tier is built with HTML5 (HyperText Markup Language), CSS (Cascading Style Sheets) and Javascript to create the GUI. The web tier communicates with the other tiers via API calls.
  • The Application Tier, aka Logic Tier, utilizes a programming language (e.g. Java, Python, PHP, Ruby) and contains the logic to run the application’s core functions. This tier can be hosted an array of ways, depending on use case. For my project I will host the application tier in AWS cloud on an AWS EC2 instance,
  • The Data(base) Tier, aka the Storage Tier, consists of… you guessed it, a database and often times a program to aid in read/writes to the database. It houses the data needed by the other tiers to successfully serve users.

What are the Benefits of a 3-Tier Architecture?

To put it simply, divide and conquer. Each Tier can be developed by a different team and won’t interfere with the others. This allows for continuous innovation and expansion. This Architecture is ideal for horizontal and vertical scalability and is also highly available.

[Before we get started Login to AWS account with appropriate permissions to gain access to the AWS Management Console. Make sure that you are in the N. Virgina Region.]

LET’S GET STARTED:

Phase 1: Create VPC and Subnets

Step 1: Navigate to the VPC Dashboard and click Create VPC. Select VPC only then give a name and IPv4 CIDR block. Click Create VPC.

  • 3TierGoldProject-vpc: 10.10.0.0/16.

Step 2: Create Internet Gateway for VPC. Internet gateways > Create internet gateway. Name and create GW. Select gateway, Actions> Attach to VPC.

  • 3TierGoldProject-IGW.

Step 3: Create the subnets. Subnets > Create subnets. Select the VPC and create subnets with information below.

Subnets in us-east-1a:

  • Web-Public-Subnet-1: 10.10.1.0/24.
  • App-Private-Subnet-1: 10.10.3.0/24.
  • RDS-Private-Subnet-1: 10.10.5.0/24.

Subnets in us-east-1b:

  • Web-Public-Subnet-2: 10.10.2.0/24.
  • App-Private-Subnet-2: 10.10.4.0/24.
  • RDS-Private-Subnet-2: 10.10.6.0/24.

(NOTE: For Public subnets select Actions > Edit subnet settings then Enable auto-assign public IPv4 address.)

Step 4: Create NAT gateways. NAT gateways > Create NAT gateway. Name it, select the subnet you want associated with the NAT GW (Web-Public-Subnet-1), and select an Elastic IP allocation ID. Finally Create NAT gateway. Do the same for the other public subnet.

Completed NAT gateways

Step 5: Create route tables. Create A public route then add an inbound rule to allow traffic from the internet gateway. Also edit subnet associations and add to the two public subnets.

(Do the same thing for the private subnets by AZ, edit inbound rules to allow traffic from NAT Gateways and add the associated subnets. You should have 2 Private Route Tables and 1 Public when complete.)

Completed Route Tables

Step 6: Create Security Groups for Each Tier.

  • WebTierSG — Allow inbound traffic from Internet Gateway. (Also Allow SSH from your IP for future verification.)
  • AppTierSG — Allow inbound traffic from WebTierSG. (Also Allow SSH & ICMPv4 from WebTierSG for future verification.)
  • RDSTierSG — Allow inbound traffic from AppTierSG.

Phase 2: Launch Instances from Autoscaling Groups for Web and App Tier.

Step 1: Head over to the EC2 Dashboard and create a Launch template. (For more information on how to create the template, reference Phase 2 of my pervious publication Auto Scaling Group of EC2 Instances).

  • Name template, then select Provide guidance to help me set up a template that I can use with EC2 Auto Scaling.
  • Select AMI.
  • Choose t2.micro instance.
  • Select Key Pair.
  • Choose WebTierSG for security group.
  • Add script to user data field under Advanced details.
#!/bin/bash
yum update -y
yum install -y httpd
systemctl start httpd
systemctl enable httpd
cd /var/www/html
echo '<center><h1> Hello World! This is the Web Tier of a 3 Tier Architecture</h1></center>' >> index.html
  • Review Summary then click Create launch template.

Step 2: Create Auto Scaling Group.

  • Name the ASG, then click Next.
  • Choose the Project VPC and the two public web subnets. Click Next until you arrive at Group size and scaling policies. Desired capacity (2), Minimum capacity (2), Maximum capacity (5). Click Skip to review the click Create Auto Scaling group.

(For the Application Tier Repeat this process.)

Web Tier ASG and successful launch of EC2 instances

Step 3: Modify Launch template for Application Tier. Launch templates> select the protect template > Actions > Modify template (Create new version). Just change the existing security group to AppTierSG and modify user data.

Step 4: Repeat the same process as Step 2. (NOTE: Make sure you select version 2 template.)

App Tier ASG and successful launch of EC2 instances.

Phase 3: Create Database for RDS Tier.

Step 1: Navigate to RDS Dashboard and click Subnet groups > Create DB subnet group.

  • Give the subnet group a Name and Description, then choose the project VPC.
  • Choose the Availability Zones (us-east-1a, us-east-1b).
  • For subnets, select the database subnets. Finally click Create.

Step 2: Navigate to Database then click Create database.

  • Select Standard create.
  • For Engine options select MySQL.
  • For Templates choose Free tier. (NOTE: If I were to select Production or Dev/Test, I would be able to configure a Multi-AZ read replica in the other subnet located in the other Availability Zone.)
  • In Settings, give the database a name and a password for Credentials settings.
  • For Instance configurations, under Burstable classes choose (db.t2.micro).
  • Leave everything in default for Storage.
  • In Connectivity select the VPC, the subnet group and choose RDSTierSG for Security Groups.
  • In Additional configurations un-select Enable automated backups for Backups and Enable auto minor version upgrade for Maintenance. Finally click Create database.

Verification:

Step 1: Plug the Public IPv4 of one of the Web Tier EC2 Instances into a web browser address bar.

Step 2: SSH into the instance we just put into the web browser from Windows Powershell

cd (path to directory containing key pair file)ssh -i "Key Pair file" ec2-user@(Public IP Address)

Now ping to your instance in the App Tier in the same Availability Zone with the private IPv4 address.

ping (Private IPv4 address of Instance in App Tier in same AZ)

THANK YOU

Connect with me on LinkedIn:

https://www.linkedin.com/in/sheniell-sinclair

Resources:

3 Tier Architecture on AWS — YouTube

AWS NAT Gateway — YouTube

AWS Project Step by Step | Three tier architecture AWS — YouTube

RDS Subnet Groups (rightscale.com)

What is a 3-Tier Application Architecture? Definition from SearchSoftwareQuality (techtarget.com)

--

--

Sheniell Sinclair

Written by Sheniell Sinclair

182 Followers

DevOps/Cloud Engineer. Here I’ll document my learning and projects in the Cloud. www.linkedin.com/in/sheniell-sinclair

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams