The web is a hostile environment. There are good and bad actors. Bad actors can try to poke holes in your security or try to bring down your website with a Distributed Denial of Service (DDoS) attack. Good actors, if you're lucky, will love your website and won't stop using it. They'll shower you with recommendations to improve your site, but also, they may run into bugs and they may be so enthusiastic that your site may slow down to a crawl due to high traffic. Real-world deployments on the web require a lot of expertise to get it right. As a full-stack developer, you can only know about so many nuances of hardware, software, and networking. Luckily, with the advent of cloud service providers, a lot of this expertise has been translated into software configurations, with the difficult hardware and networking concerns...
You're reading from Angular 6 for Enterprise-Ready Web Applications
Creating a secure AWS account
Account access and control is of paramount importance in any cloud service, and this includes AWS as well. After initial account creation, you will have your root credentials, which is your email and password combination.
Let's start by creating an AWS account:
- Start by navigating to https://console.aws.amazon.com
- If you don't have one, create a new account
- If you are new to AWS, you can get 12 months of free tier access to various services, as shown on the sign-up screen here:
Your AWS billing is tied to your root credentials. If compromised, a lot of damage can be done on your account before you can gain back access.
- Ensure that you enable 2FA on your root credentials:
To add another layer of security, going forward, you need to stop logging in to your AWS account using your root credentials. You can create user...
Right-sizing infrastructure
The point of optimizing your infrastructure is to protect your companies revenue, while minimizing the cost of operating your infrastructure. Your goal should be to ensure that users don't encounter high-latency, otherwise known as bad performance or worse, unfulfilled or dropped requests, all the while making your venture remains a sustainable endeavor.
The three pillars of web application performance are as follows:
- CPU utilization
- Memory usage
- Network bandwidth
I have intentionally left disk access out of the key consideration metrics, since only particular workloads executed on an application server or data store are affected by it. Disk access would rarely ever impact the performance of serving a web application as long as application assets are delivered by a Content Delivery Network (CDN). That said, still keep an eye on any unexpected...
Deploy to AWS ECS Fargate
AWS Elastic Container Service (ECS) Fargate is a cost effective and an easy-to-configure way to deploy your container in the cloud.
ECS consists of four major parts:
- Container Repository, Elastic Container Registry (ECR), where you publish your Docker images
- Services, Tasks and Task Definitions, where you define runtime parameters and port mappings for your container as a task definition that a service runs as tasks
- Cluster, a collection of EC2 instances, where tasks can be provisioned and scaled out or in
- Fargate, a managed cluster service, that abstracts away EC2 instances, load balancer, and security group concerns
Our goal is to create a highly-available blue-green deployment, meaning that at least one instance of our application will be up and running in the event...
AWS Billing
My highly-available deployment of LemonMart on AWS Fargate cost roughly $45 a month. Here's the breakdown:
Description | Cost |
Amazon Simple Storage Service (S3) |
$0.01 |
AWS Data Transfer |
$0.02 |
Amazon CloudWatch |
$0.00 |
Amazon EC2 Container Service (ECS Fargate) |
$27.35 |
Amazon Elastic Compute Cloud (EC2 Load Balancer instances) |
$16.21 |
Amazon EC2 Container Registry (ECR) |
$0.01 |
Amazon Route 53 |
$0.50 |
Total |
$44.10 |
Note that the bill is very detailed, but it does accurate all the AWS services we end up using. The major costs are running two instances of our web server on EC2 Container Service (ECS) and running load balances on Elastic Compute Cloud (EC2). Objectively speaking, $45/month may seem like a lot of money to host one web application. It is possible to get...
Summary
In this chapter, you learned about the nuances and various security considerations in properly protecting your AWS account. We went over the concepts of right-sizing your infrastructure. You conducted simple load testing in an isolated manner to find out relative differences in performance between two web servers. Armed with an optimized web server, you configured an AWS ECS Fargate cluster to achieve a highly-available cloud infrastructure. Using npm Scripts for AWS, you learned how to script repeatable and reliable no-downtime Blue-Green deployments. Finally, you became aware of the basic costs of running your infrastructure on AWS and other cloud providers such as Heroku, Zeit Now, and Digital Ocean.
In the next and final chapter, we will complete our coverage of the breadth of topics that a full-stack web developer should know about when deploying applications on the...