Aws - Modern Web App Workshop

Note about the Aws project Build a Modern Web Application

• Code: aws-samples/aws-modern-application-workshop/tree/python

git clone -b python https://github.com/aws-samples/aws-modern-application-workshop.git
cd aws-modern-application-workshop
:: Taking the python code
git checkout python

aws s3 mb s3://web-app-modern

Create a static web hosting with cloudfront from this bucket

• set the index document

aws s3 website s3://web-app-modern --index-document index.html

• create an origin access identity and save the id

aws cloudfront create-cloud-front-origin-access-identity --cloud-front-origin-access-identity-config CallerReference=Mysfits,Comment=Mysfits

• create a bucket policy by replacing the previous origin-access-identify id in website-bucket-policy.json

aws s3api put-bucket-policy --bucket web-app-modern --policy file://module-1/aws-cli/website-bucket-policy.json

• Create a cloudfront distribution by replacing the origin-access-id in website-cloudfront-distribution.json

aws cloudfront create-distribution --distribution-config file://module-1/aws-cli/website-cloudfront-distribution.json

• Note the domain name from the create-distribution output. Example: http://dyxppm3sqxwc9.cloudfront.net/ This is the Website base URL
• Copy the index.html file

aws s3 cp module-1/web/index.html s3://web-app-modern/index.html

• Go to the website https://dyxppm3sqxwc9.cloudfront.net/

Module Two

• Docker build that packages a Python flask web app

cd module-2\app
docker build . -t REPLACE_ME_AWS_ACCOUNT_ID.dkr.ecr.REPLACE_ME_REGION.amazonaws.com/mythicalmysfits/service:latest

• Run it to test

docker run -p 8080:8080 REPLACE_ME_WITH_DOCKER_IMAGE_TAG

• Creates a new repository in the default AWS ECR registry of the Aws account.

aws ecr create-repository --repository-name mythicalmysfits/service

• authentication credentials for the Docker client (in order to push container images into the new repository)

aws ecr get-login --no-include-email
:: execute the output

# in bash
$(aws ecr get-login --no-include-email)

• push the image you created to the ECR repository

docker push REPLACE_ME_WITH_DOCKER_IMAGE_TAG

• list the images

aws ecr describe-images --repository-name mythicalmysfits/service

• create a cluster in the Amazon Elastic Container Service (ECS).

aws ecs create-cluster --cluster-name MythicalMysfits-Cluster

• Create a new log group in AWS CloudWatch Logs for the container logs to be pushed to. This is especially important when using AWS Fargate since you will not have access to the server infrastructure where your containers are running.

aws logs create-log-group --log-group-name mythicalmysfits-logs

Register an ECS task definition. Example: Aws - Elastic Container Service (Ecs)

aws ecs register-task-definition --cli-input-json file://module-2/aws-cli/task-definition.json

• Provisioning of a Network Load Balancer (NLB) to sit in front of the services

aws elbv2 create-load-balancer ^
  --name mysfits-nlb ^
  --scheme internet-facing ^
  --type network ^
  --subnets REPLACE_ME_PUBLIC_SUBNET_ONE REPLACE_ME_PUBLIC_SUBNET_TWO ^
> %HOME%/environment/nlb-output.json

Keep the output to extract:

• the DNSName,
• VpcId,
• and LoadBalancerArn

Create an NLB target group. You get back a TargetGroupArn.

aws elbv2 create-target-group ^
   --name MythicalMysfits-TargetGroup ^
   --port 8080 ^
   --protocol TCP ^
   --target-type ip ^
   --vpc-id REPLACE_ME_VPC_ID ^
   --health-check-interval-seconds 10 ^
   --health-check-path / ^
   --health-check-protocol HTTP ^
   --healthy-threshold-count 3 ^
   --unhealthy-threshold-count 3 ^
> %HOME%/environment/target-group-output.json

Create a load balancer listener for the network load balancer

A load balancer listener configure the forwarding of requests received on a specific port to targets that have registered to the target group.

aws elbv2 create-listener ^
  --default-actions TargetGroupArn=REPLACE_ME_NLB_TARGET_GROUP_ARN,Type=forward ^
  --load-balancer-arn REPLACE_ME_NLB_ARN ^
  --port 80 ^
  --protocol TCP

Steps:

• ECS configuration - Create A Service Linked Role For ECS
• Create a service

aws ecs create-service --cli-input-json file://module-2/aws-cli/service-definition.json

• Test the service with the DNS Name of the load balancer. (This Network Load Balancer only supports HTTP ) Example

http://mysfits-nlb-123456789-abc123456.elb.us-east-1.amazonaws.com/mysfits

Aws - Click Event Rest API (Capture user behavior)

• Build a Modern Web Application