Assuming that you have a set of EC2
instances running behind a load balancer. You want to setup maintenance page
whenever there is deployment or maintenance is planned for the instances.
So, let’s begin setting up maintenance
page. We will be setting up everything from scratch for demonstration purpose.
We will do following activities:
- Setup S3 Bucket and host static maintenance page.
- Launch 2 EC2 instances and setup a small web app on both instances.
- Launch and ELB and attach the EC2 instances with it.
- Configure Route 53 DNS failover to redirect to maintenance page when instances are unhealthy/down.
Setup S3 Bucket and host static maintenance
page:
Follow the below given steps:
v Create a S3 bucket e.g. ‘web.abhinav.com’.
To create an
S3 follow the steps below:
a- Sign in to the AWS Management Console and open
the Amazon S3 console at https://console.aws.amazon.com/s3
b- Select ‘Create Bucket’ from the menu.
c- On the create bucket form provide a name for
your bucket (e.g. web.abhinav.com) and choose the AWS Region (e.g. US West)
where you want the bucket to reside.
d- Click ‘Next’ to go to next section. It will
take you to set properties page.
e- You will see options such as Versioning,
Logging and Tags etc. At this point we don’t have to set these properties, so
click ‘Next’ to go to next page.
f- You will land to next page ‘Permissions’. Just
leave the default permissions as is and click ‘Next’.
g- You will land to a review page to review the
setup you did in previous steps. If everything looks good then Click ‘Create
Bucket’.
v Once the bucket is created, it will appear in
the list of buckets.
v Click on the bucket and you will see Objects,
Properties, Permissions and Management tabs.
v Create a static html page called
‘maintenance.html’ and keep maintenance message in it.
<html>
<head><title>App Under
Maintenance</title></head>
<body>
<h2>This site is under maintenance,
it will be available shortly.</h2>
</body>
</html>
|
v Upload this html page into the newly created
bucket ‘web.abhinav.com’
v Now, go to ‘Properties’ tab. You will see
options such as Versioning, Logging, Static website hosting etc. Here we are
interested in ‘Static website hosting’.
v Click on ‘Static website hosting’, you will
see a form asking for index document, error page, redirection rules etc. Here
we will just provide our maintenance page file name, note the end-point address
and click ‘Save’.
v Now, you need to allow the page to be accessed
over internet. Go to ‘Permissions’ tab which is next to ‘Properties’
v You will see Access Controlled List, Bucket
Policy and CROS Configuration. We need to allow the file to be accessed
publicly. In order to do that we need to setup bucket policy.
v Click on ‘Bucket Policy’, you will see bucket
policy editor.
v Copy and paste below given JSON configuration.
You can also generate the policy using a GUI provided by Amazon.
{
"Version":
"2012-10-17",
"Statement": [
{
"Sid":
"PublicReadForGetBucketObjects",
"Effect": "Allow",
"Principal": "*",
"Action":
"s3:GetObject",
"Resource":
"arn:aws:s3:::web.abhinav.com/*"
}
]
}
|
v Click ‘Save’ to save the bucket policy. Now
you are all set.
v To test whether you are able to access the
maintenance page uses the endpoint which we noted down while setting static
website hosting configuration. In this case the end-point was:
If you
forgot to note down the end point then you can simply do this:
http://<your-bucket-name>.s3-website-<region>.amazonaws.com (Note
the highlighted areas)
v Let’s open the maintenance page. Access the
following url:
|
|
You will
land to your maintenance page.
Note: The
bucket name should exactly match the domain name of the primary instance (e.g.
ELB which is in front of web app instances will have a domain name, in route53
configuration we will be configuring primary and secondary domains. Static S3
site will be treated as secondary in case of failover, that’s why bucket should
match the domain name)
For more
details refer:
Launch 2 EC2 instances and setup a small web
app on both instances:
Follow the below given steps to launch
instance and setup a web page:
v Logon to AWS Console and go to EC2 dashboard.
v On the dashboard you will see ‘Resources’ and ‘Create
Instance’ sections. Resources section shows how many instances are running
already, how many volumes are available, how many snapshots are available etc.
v I already have a set of instances running so I
am not going to create them here, but let me document the high level steps
here.
a- Click on ‘Launch Instance’ button under
‘Create Instance’ section.
b- It will take you to a page where you will be
asked to select an AMI
(Amazon Machine Image). These are images with pre-installed software. You may
have your custom AMI so you can launch the instance using that as well (can be
found under ‘My AMIs’ section). Deepening on your account access (e.g. free
tier) choice you can select Linux or Windows version of AMI
c- Select an AMI e.g. "Amazon Linux AMI
2017.03.0 (HVM), SSD Volume Type - ami-8ca83fec".
d- It will ask to select the ‘Instance Type’.
Select the instance type based on your need.
Note: If you
have free account then make sure you select the Instance type applicable for
free tier. Or else you will end up being charged. Notice the label as given below.
a- You can click ‘Review and Launch’ button if
you want the default settings provided by Amazon else click on ‘Next: Configure
Instance Details’
b- It is step 3, in this step you will be asked
to ‘Configure Instance Details’ such as Number of Instances, Purchasing
options, select Network (VPC),
etc. Depending on need change the requested configuration or leave it as
default (if you have launched your instance using custom AMI then these steps
are not required to setup again, AMI will auto configure based on previous
setup).
c- Click ‘Next: Add Storage’ to add storage
details. It is Step 4 in the sequence.
d- Change/Update/Add volumes as per your need.
e- Click ‘Next: Add Tags’, It is Step 5 in the
sequence. You can add some tag keywords which you can use to search the
instances using these tags.
f- Click ‘Next: Configure Security Group’. It is
Step 6 in the sequence, here you can choose an existing security group or
create new. In case of new SG, provide the name and description. Add rules
(select type of rule, source etc.) and click ‘Review and Launch’. Refer here
for more details on Security Groups:
g- Review the launch configuration and click on
‘Launch’ if all looks good or cancel.
h- Once you click on ‘Launch’, your instance will
be available for use within a minute.
i-
If you want to
launch similar instance from EC2 instances section. Select the healthy and
running instance and ‘Right click’, you will see below given options. Select
‘Launch more like this’ and in just few clicks another similar instance will be
up and running.
Refer here for learning more about launching
instances:
v Now, instances are up and running. We will
setup a small app on both instances.
v Connect to the instance where you want to
setup the web app. Refer here for more details on connecting to various types
of instances:
I am connecting to instance via Putty.
v Here we will install Apache2 and create a
static html page for testing.
Follow the
below given steps:
a- Install apache2
sudo apt-get update
sudo apt-get install apache2
|
b- Check the status of installation. Below
command will show the status of apache2 as active. If it is active then your
instance is installed and working fine.
sudo service apache2 status
|
c- Now stop the apache2 service and increate a
static html page under ‘/var/www/html’ directory. Rename the existing
‘index.html’ as a backup.
sudo service apache2 stop
cd /var/www/html
sudo mv index.html index.html.bak
sudo vi index.html
|
d- Edit the index.html and add following static
html code.
<html>
<head><title>My
App</title></head>
<body>
<h2>I am instance 1</h2>
</body>
</html>
|
e- Test the setup on instance one, Copy your
Public IP or Public DNS from instance details page and copy to browser URL and
hit enter.
f- If works then repeat the same steps for
another instances. For example I setup another instance where I have following
html code.
<html>
<head><title>My
App</title></head>
<body>
<h2>I am
instance 2</h2>
</body>
</html>
|
g- Test the setup on instance two, Copy your
Public IP or Public DNS from instance details page and copy to browser URL and
hit enter.
h- Now both instances are ready.
Launch
and ELB and attach the EC2 instances with it:
Follow the below given steps to Launch ELB and
attach existing instances with it:
v On the navigation bar, choose a region for
your load balancer. Be sure to select the same region that you selected for
your EC2 instances.
v On the navigation pane and under Load
Balancing, choose Load Balancers.
v Choose Application Load Balancer. You can
choose between “Application Load Balancer” & “Classic Load Balancer”. Here
we are working with web apps so we are selecting “Application Load Balancer”.
v You will be landed to ‘Configure Load Balancer’
page.
v Under “Basic Configuration Section”, provide
the Name, Scheme (here we will choose scheme as Internet-Facing as our target
users for the ELB are from internet and it is publicly accessible) and IP
address type (usually IPV4).
v Under “Listeners” section select Load Balancer
Protocol and Load Balancer Port based on your need. You can also add more
listeners e.g. if you want your ELB to use SSL then add HTTPS listener. Here we
will go with http listener.
v Select the VPC from the list and select the
availability zones depending on need. For example if your EC2 instances are in
different-2 zone then you can select those target AZs.
Refer here: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html
v In the tags section add tags for the ELB.
v Click “Next: Configure Security Settings”, you
will land to security configuration page. Since we have not opted for HTTPS you
will see following warning. You can click next to continue.
v Click “Next: Configure Security Groups”, you
will land to SG config page. You can select from an existing Security Group.
Here let’s create a new SG specific to ELB.
v Click “Next: Configure Routing”, you will be
landed to routing config page where you need to map the routing path and health
check configs for your apps with ELB.
v Provide
the name of Group and health check path mapping. Here we will keep path as ‘/’
which is default as we have configured index.html which is at root path ‘/’.
You can change the advance settings of
health check but let’s keep default values for now here. Remember to change the
target port if your web app is running on different port than 80.
v Click “Next: Register Targets” to tag target
EC2 instances.
v You can search and select the no. of instances
you want to REGISTER to this ELB which will listen to user’s request in front
of web apps at port 80. Note, you app may be running on different ports which
you would have configured at step 13 above. Select the instances and click “Add
to registered” button.
v Click “Next: Review” to review and finish the
configuration of ELB.
v Click “Create” to finish. Your ELB will be up
and running in few minutes. Initially it will show the status as “Provisioning”
but when it changes to “active”, then it is ready to use.
v Now, let’s test whether the ELB and Webapps
are talking each other or not. Go to Description page and find the DNS name of
the ELB. Copy the DNS name and paste in Browser URL field and hit enter. It
should take you automatically to your webapps depending on load and health
status.
v When I hit the URL first time it takes to
instance 1 and next time it takes me to instance 2 based on “round robin routing
algorithm for TCP listeners”.
Refer here for more details: https://aws.amazon.com/blogs/aws/new-aws-application-load-balancer/
Configure Route 53 DNS failover to redirect to
maintenance page when instances are unhealthy/down:
Follow the below given steps:
v Route 53 provides two types of health
checking.
a- Availability and performance monitoring
b- DNS failover
Here we are interested in DNS Failover; you
can refer here for more details:
v Click on “Create Health Check” button.
v In the ‘Configure health check’ section
provide the name and what to monitor. Here we will select “Endpoint” for
monitoring.
v In the ‘Monitor an endpoint’ section provide
the details of the endpoint which we want to monitor. Keep the Advance
configuration as is. You can choose between IP and Domain name. I have provided
domain name of ELB but we can also provide the Public IP or Elastic IP of the
ELB.
v In step 2 “Get notified when health check
fails” of health check configuration you can chose to get notification when
status is unhealthy. For now we are opting out.
v Click on “Create”, it will create the health
check in few minutes. Initially it shows status as ‘Unknown’ but once it’s
created properly it shows ‘Healthy’ upon checking the status of endpoint
configured. Here we have configured our ELB.
v Now in the left side Panel, go to ‘Hosted
Zone’ and create a new hosted zone.
Note:
Failover cannot be configured in private hosted zones. It must be public hosted
zones.
v Click on ‘Create Hosted Zone’
v Provide the Domain name e.g. ‘abhinav.com’ and
Click ‘Create’. It will create a record set for the given domain.
Note:
There should be a valid domain name in order to use DNS Failover service. e.g.
‘abhinav.com’ should be a valid domain name registered with either any domain
name provider or directly via route 53.
Refer to register
a domain:
v You will your newly created hosted zone.
v Now, click on the newly created hosted zone
‘abhinav.com’. You will be landed to hosted zone record set page.
Refer here for more info on record sets: http://docs.aws.amazon.com/Route53/latest/DeveloperGuide/rrsets-working-with.html
v You can see two record sets created by
default. We need to create our record sets for DNS failover.
v Click on “Create Record Set” button to create
a new record set. We will create 2 record sets (one for primary site and one
for secondary site).
v You will see a form in right hand panel.
a. Provide the name of the record. (We need to
make sure that static web page domain name matches with the record name. e.g.
if static web page bucket is “web.abhinav.com” then record name should be “web”
which will be appended with “.abhinav.com” sub domain since we are creating the
record in “abhinav.com” hosted zone).
b. Keep the type as is (A-IPV4 Address).
c. Keep the ‘Alias’ as ‘No’.
d. Change TTL to 60 seconds as recommended by
Route 53. Or you can keep the default value as is.
e. In the “Value” section provide the Elastic IP
of your load balancer (you can use Public IP as well if don’t have Elastic IP
but you may have to change the config again if Public IP changes next time).
e.g. 56.153.54.11 is the Elastic IP in my case.
f.
Select the
“Routing Policy” as “Failover”
g. Keep the “Failover Record Type” as “Primary”
h. Provide the “Set Id” as needed or keep it
default e.g. web-Primary (recordsetname-Primary).
i.
Set “Evaluate
Target Health” to “Yes”.
j.
Click on “Yes”
for Associate with Health Check.
k. Once you click ‘Yes’ for Health Check, you
need to select the health check created above in Step 3.
l.
Click “Create” to
save the record set.
a. Now your primary record set is ready. We need
to create another record, where in case of unhealthy instance Route 53 will
redirect users to static maintenance page.
b. Click on “Create Record Set” button to create
a new record set.
c. Provide the name of the record. (We need to
make sure that static web page domain name matches with the record name. e.g.
if static web page bucket is “web.abhinav.com”).
d. Keep the type as is (A-IPV4 Address).
e. Select the ‘Alias’ as ‘Yes’, and select the
“Alias Target” as S3 bucket static website.
f.
Select the “Routing
Policy” as “Failover”
g. Select the “Failover Record Type” as
“Secondary”
h. Provide the “Set Id” as needed or keep it
default e.g. web-Secondary (recordsetname-Secondary).
i.
Set “Evaluate
Target Health” to “No”.
j.
Keep on “No” for Associate
with Health Check, as we have to redirect request to secondary hence health
check is not required. We will assume that static website is always healthy.
k. Click on “Create” to create the record set.
Now we are all set with Route 53 configuration.
v Now before testing failover check whether your
primary site is responding or not.
v Hip “http://web.abhinav.com” in browser URL
and your primary site should respond.
v You can see the ELB is responding and one
after one we got response from both instances.
v Now to test the failover we need to stop the
apache2 service running on both EC2 instances which we launched earlier. Connect
to each EC2 instance and run following command:
sudo service
apache2 stop
|
v Once you stop the service, in few seconds
(based on health check configuration) the status will show as “Unhealthy”. We
configured 30 seconds for checking the health status.
v Now, hit “web.abhinav.com” in Browser URL and
it will redirect you to S3 site where we did setup of maintenance page. Before
that press “CTRL+F5” to clear the browser cache because sometimes some browser
caches the old response.
You can see Route 53 is redirecting to
maintenance page when ELB is returning unhealthy response to health checks.
No comments:
Post a Comment
Thanks for your comments/Suggestions.