In modern cloud computing, building a robust and scalable architecture is key to ensuring seamless performance for web applications. The image above represents a classic 3-Tier Architecture on AWS, designed to deliver high availability, security, and fault tolerance.
Components that are used:
1. Internet Gateway
Purpose: Facilitates communication between the internet and resources within the Virtual Private Cloud (VPC).
Functionality:Allows public-facing components (e.g., web servers) to receive and send traffic from/to the internet.
Acts as an entry point for incoming traffic and an exit point for outgoing traffic.
2. Elastic Load Balancer (ELB):
Purpose: Distributes incoming traffic across multiple Amazon EC2 instances in the web tier.
Types Used Here: Application Load Balancer or Classic Load Balancer (based on the traffic type).
Functionality:Enhances application availability and fault tolerance by balancing load across multiple instances in different Availability Zones (AZs).
Automatically adjusts to traffic changes and ensures no single instance is overloaded.
3. Amazon EC2 Instances:
Purpose: Provide compute power for running applications in both the web tier and the app tier.
Functionality:Web Tier: Hosts web servers that handle HTTP/HTTPS traffic and serve user-facing content.
App Tier: Processes application logic securely, isolated from the public internet.
Deployment: In the Web Tier, instances are deployed in public subnets for internet-facing access.
In the App Tier, instances are deployed in private subnets for security and internal communication.
4. Amazon Aurora:
- Purpose: Managed relational database engine designed for high performance and scalability.
Key Features:
Primary DB: Handles write operations and provides a highly secure environment for storing application data.
Read Replica: Optimizes performance by offloading read-heavy workloads, ensuring scalability and reduced latency.
Automatic failover and self-healing capabilities enhance reliability.
5. Subnets:
Public Subnet:
Contains the resources in the Web Tier.
Associated with the Internet Gateway for direct internet access.
Private Subnet:
Hosts resources in the App Tier and Database Tier.
Isolated from direct internet access, ensuring data and application logic are secure.
6. Virtual Private Cloud (VPC):
- Purpose: Provides an isolated and secure network environment for resources.
Functionality:
Allows segmentation of tiers (Web, App, Database) into subnets.
Ensures communication between resources is secure and tightly controlled.
7. Availability Zones (AZs):
- Purpose: Geographically distinct data centers that ensure high availability and fault tolerance.
Usage:
- Resources are distributed across two AZs, minimizing downtime in case of hardware failures or natural disasters.
Architecture Flow
- Internet Gateway receives traffic from the internet.
- Traffic is directed to the Elastic Load Balancer (ELB), which distributes requests to Amazon EC2 instances in the Web Tier.
- Web Tier EC2 instances forward application logic processing to the App Tier EC2 instances hosted in private subnets.
- The App Tier interacts with the Database Tier (Amazon Aurora) for data storage and retrieval.
- Aurora Read Replica handles read-heavy workloads to improve scalability and reduce latency.
Implementation:
Go to the github and download the aws-three-tier-architecture-workshop code from that.
After downloading go to the AWS console and create a S3 bucket.
Then create a IAM role by giving the policies,
AmazonS3ReadOnlyAccess
AmazonSSMManagedInstanceCore
After creating IAM role go to the VPC and create one.
Then create 6 subnets, 3 subnets for availability zone 1, and 3 subnets for availability zone 2.
Both availability zones have one public subnet and two private subnets.
Create Internet Gateway
Create two NAT Gateway because there are two Availability zones and connect both NAT Gateway with the public subnets.
After creating NAT Gateway create public Route Tables and connect it with the internet gateway.
After connecting the internet gateway with the route table for the AZs1 then connect the public subnet with the route table.
Then again create a route table for the private subnets for the AZs1
and connect both the internet gateway and the private subnet.
After completing that go to the security group and create six security groups
Top comments (0)