Cloud

Use AWS CloudFormation to create a highly available cluster

Nick Hardiman shows you the step-by-step procedure to creating a high-availability cluster for a SaaS app using the AWS CloudFormation template.

In my quest to get my SaaS trouble ticket app up and running, I've already outlined some of the preliminary business plan and design decisions and decided on the IaaS platform that I'm going to use - Amazon Web Services. In the last post, I introduced the CloudFormation templates that AWS offers. Now it's time to create my cluster.

First of all, be careful with your cash. The monthly cost of running a high availability cluster like this is over $100 for the EC2 machines and over $100 for the RDS database. If you are just giving the service a test run, don't leave it running when you have finished. In this post, I'll show you how to build a cluster and then destroy it after you've given it a demo.

Create your new cluster

  1. Open the AWS console. A list of Amazon Web Services appears.
  2. Navigate to the CloudFormation page. Amazon Web Services | Deployment and Management | CloudFormation. The CloudFormation Stacks page appears and the URL changes to https://console.aws.amazon.com/cloudformation/home?region=us-east-1#
  3. Click the Create Stacks button in the navigation bar or the Create New Stack button in the middle. They both lead to the same place. A modal Create Stack window opens.
  4. Type a stack name. I chose SupportTicket (this will be converted to lower case).
  5. Pick a sample template. Find Drupal Content Management System in the Highly Available, Multi-AZ Samples section (Drupal is also mentioned in Single Instance Samples and Samples using Amazon RDS - don't choose one of them).
  6. Press the Continue button. The Specify Parameters page appears.
  7. Fill in the parameters form. Stick to alphanumeric characters.
    • SiteName supportTicket
    • WebServerCapacity 2
    • DBUsername stdbadmin
    • MultiAZDatabase true
    • DBClass db.m1.small
    • SiteEMail nick@internetmachines.co.uk
    • DBAllocatedStorage 5
    • InstanceType m1.small
    • DBPassword IL0veD4ta
    • SiteAdmin stsiadmin
    • SitePassword Saa5MeansCash
    • DBName stdrupaldb
    • KeyName im-aws-keypair-01
  8. Read the I acknowledge that this template may create IAM resources security warning and tick the box.
  9. Add tags (don't bother for now, we're going to destroy this in a few minutes).
  10. Review. Read the You will be billed for AWS resources used cost warning. You are about to start paying real money to AWS.
  11. Click the Cost link to find out how much. The AWS simple monthly calculator appears in another browser tab or window.
  12. Click the Continue button.
  13. Wait a minute or two. A confirmation message appears.
  14. Click the Close button. The modal window closes, showing the CloudFormation Stacks page. The status is CREATE_IN_PROGRESS.
  15. Wait a few more minutes. Status changes to CREATE_COMPLETE.

Log into your new web site

  1. Click the Outputs tab in the lower Stack pane. The WebsiteURL key appears. The URL looks something like http://supportti-ElasticL-1DR7AISBTPPRE-2019153927.eu-west-1.elb.amazonaws.com.
  2. Click the URL. The site appears in a new browser tab. The default Welcome to supportTicket front page appears.
  3. Type in your SiteAdmin and SitePassword values. The default Welcome to supportTicket front page now has the black admin toolbar at the top.
  4. Log out of the Drupal site.

It works!

Check your database

  1. Use the AWS console.
  2. Navigate to the Amazon RDS Console Dashboard page.
  3. Find out what you are paying for:
    • 1 new DB Instance (a MySQL 5.5 database)
    • 1 DB Snapshot
    • 2 DB Security Group (for Frontend Access)
    • 1 DB Parameter Group (MySQL configuration)

Find the configuration of your new machines

You will need the Public DNS name and RSA key fingerprints to access the CLI. You can also check the machines have been created in different availability zones.

  1. Stay with the AWS console.
  2. Open the EC2 Dashboard page.
  3. Count your new resources. The Resources list shows more things.
    • 2 more Running Instances (the two small virtual machines)
    • 2 Volumes (the 8GB disks attached to your new VMs)
    • 1 new Load Balancer
    • 1 Security Group (a new port 80 access group in addition to the default)
  4. Click Instances.
  5. Click the checkbox at the start of the row. A lot of information appears in the pane below the table.
  6. Find the Public DNS name. It is something like ec2-12-34-56-78.eu-west-1.compute.amazonaws.com.
  7. Open the system log. Actions | Get System Log. A modal window displaying 500 lines of crazy typing opens.
  8. Find the new RSA key warning fingerprints. They are towards the bottom and look like this:

cloud-init:  sshec2:
ec2: #############################################################
ec2: -----BEGIN SSH HOST KEY FINGERPRINTS-----
ec2: 2048 c4:af:98:2e:2b:16:6d:ad:ff:75:10:c3:32:f1:b0:37 /etc/ssh/ssh_host_rsa_key.pub (RSA)
ec2: 1024 0c:0b:88:19:1b:95:71:26:b6:ef:24:dd:5e:b2:0b:59 /etc/ssh/ssh_host_dsa_key.pub (DSA)
ec2: -----END SSH HOST KEY FINGERPRINTS-----
ec2: #############################################################
[  OK  ]

Log in to an EC2 machine

  1. Use an SSH client. Use the Public DNS name.
  2. If your OS is Linux or FreeBSD (that includes Mac OS X) enter an OpenSSH command like this at a CLI. ssh -i ./aws-privkey-for-planetlarg.pem ec2-user@ec2-12-34-56-78.eu-west-1.compute.amazonaws.com
  3. Read the RSA key warning.
  4. Check the fingerprint against the ones in the system log.
  5. Click Yes to store the fingerprint permanently. The motd (Message of the Day) and prompt appear:

       __|  __|_  )
       _|  (     /   Amazon Linux AMI
      ___|\___|___|
https://aws.amazon.com/amazon-linux-ami/2012.03-release-notes/
There are 17 security update(s) out of 120 total update(s) available
Run "sudo yum update" to apply all updates.
Amazon Linux version 2012.09 is available.
[ec2-user@ip-10-2-3-4 ~]$

Look around the CLI

  1. Change to the directory where the Drupal code is, in /var/www/html.
  2. Look at the top of the file CHANGELOG.txt. The first line says Drupal 7.8, 2011-08-31. Oh dear! This version is very old!
  3. Check the Drupal web site http://drupal.org/start for the current version. Many releases have happened since then.
  4. Change to the directory where the drush code is, in /home/ec2-user/drush.
  5. Look at the file owner. Oh no! Everything is owned by root!
  6. Don't log out of the CLI. We can use it to check resources are being destroyed.

Destroy your new cluster

  1. Use the AWS console.
  2. Find the CloudFormation Stacks page.
  3. Tick your firststack line.
  4. Click the Delete stack and Yes, delete buttons. The status changes to DELETE_IN_PROGRESS.
  5. A message appears in the CLI about impending doom, then the connection closes:

    Broadcast message from root@ip-10-248-29-231         (unknown) at 1:50 ...

    The system is going down for power off NOW!
  6. Wait a few minutes. The original
  7. Check the EC2 and RDS dashboard pages. Make sure the resource counts have gone down again.
  8. Close the console.
  9. Check your new Drupal site. The web browser is unable to find it.

Complete, with issues

This website is running on a highly available cluster of machines. This is a pretty sophisticated configuration and it was created, complete with working Drupal service and separate data store, in minutes. That is amazing.

This is a demo site, and it shows. Drupal is woefully out of date, drush is broken and who knows what else is wrong. To fix this means spending time with the CloudFormation template, understanding the code and changing it to meet our needs. Next time, we'll get into editing the template to better fit our needs.

About

Nick Hardiman builds and maintains the infrastructure required to run Internet services. Nick deals with the lower layers of the Internet - the machines, networks, operating systems, and applications. Nick's job stops there, and he hands over to the ...

1 comments
rduncan
rduncan

....it's too simple for words, I tested a HA sharepoint farm, the cloudformation stack created, -a SharePoint 3 tier farm (all of the EC2 servers) -an active directory forest -load balancers -security groups -subnets -a VPC -elastic IP's -storage volumes -EBS Optimised volumes -it takes about 3 hours to deploy! you can customise the stack as you are deploying it, it's speced for 500 concurrent users and would cost approx $2,500 per month the stack could handle 500 concurrent users

Editor's Picks