How to make Web Services public - web-services

i created an android application that requires use of web service
i want it to be able to access the app everywhere therefore i need
my web services to be public with an external ip so i can access
what is the best way to do it?
I have an Amazon Web Services account i dont know if created an instance and run the web services there will be the best solution
My big problem with Amazon instance is that it takes a while to show in the app the result of the web service
Any ideas in how to make my web service public?

It appears that your requirement is:
Expose a public API endpoint for use by your Android application
Run some code when the API is called
There are two ways you could expose an API:
Use Amazon API Gateway, which that can publish, maintain, monitor, and secure APIs. It takes care of security and throttling. A DNS name is provided, which should be used for API calls. When a request is receive, API Gateway can pass the request to a web server or can trigger an AWS Lambda function to execute code without requiring a server.
Or, run an Amazon EC2 instance with your application. Assign an Elastic IP Address to the instance, which is a static IP address. Create an A record in Amazon Route 53 (or your own DNS server) that points a DNS name to that IP address.

Related

Is it possible to create some kind of virtual private cloud between my AWS apis/lambda and a non-AWS server provider?

Right now I'm using AWS lamba and AWS EC2 and I'm relying on VPC to share data between a lambda function and a server when lambda needs something from the server.
With the right settings in Secure Groups the server accepts only requests from that special lambda and I don't have to do secure the connection between the two because it's like the server and the lambda function are the only two things in their network.
But I'm trying to move my server to another provider, and this means i have to find a way to secure the server
My question: is there something like a VPC I can create between lambda and a server hosted somewhere else AWS? what kind of tecnologies do i need?
I started looking for VPNs and certificates

Cloud Service like Reverse Proxy?

Anyone can tell me what kind of service fits on this use case below:
I want to expose a public IP that receive HTTPS/HTTP requests and forward the traffic to my services I have in on-prem.
Looking for Azure, AWS, etc, etc, are there some service that serve to my problem?
Regards...
If you are using using Azure and you want HTTPS based request to be sent to your backend APIs (which can be on prem or on any cloud) you can check for Azure API Management (APIM).
You can use the APIM with or without VNET.
APIM can be used in External Mode if you want to integrate a VNET to perform data plane operations which will expose a Public IP as well as a Gateway URL which you can be used to send HTTPS traffic.
Reference:
https://learn.microsoft.com/en-us/azure/api-management/api-management-using-with-vnet?tabs=stv2
https://learn.microsoft.com/en-us/azure/api-management/api-management-key-concepts#scenarios
Additionally, you can also check out Application Gateway
Reference:
https://learn.microsoft.com/en-us/azure/architecture/example-scenario/gateway/firewall-application-gateway

How can a beginner use AWS services to host a public server and create endpoints for a web application

I have been in the front end development before, but this is my first time researching how to use AWS services to host a public server for our web application. Currently, I have trouble understanding how does EC2 and API gateway work with each other. And I also have some trouble understanding how does public server host a web application in this case. I have reads a number of tutorials, but I have trouble understanding where does this API endpoint generate in this case. I saw that API gateway could generate an endpoint, but in this case, do I still use EC2 to host the web application? And how can the url from these 2 connect to each other? Yeah, I think I got messy on understanding this web app structure especially on server side. Coud someone help me on breif explain on these 2 services and maybe some useful tutorial that I could reference? As a beginner, everything is so confusing to me. Thank you so much!!
The simple approach is deploy your web/app server in EC2 instance and check on which port yours service is running e.g. 8080 , go to attached securty group of that EC2 instance and open port for 8080, you can also attach the elastic IP so that even after restart EC2 instance your IP will never change and then access your application publically using http;//<elastic-ip>:8080/<>
btw best approach is to use ELB on ECS/EKS and then use API gateway deploy your static content in S3 and use cloudfront.

Run multiple servers with interconnection on Amazon AWS

We are developing applications and devices that communicate with our servers. We have one "main" Java Spring server which handles almost all the HTTP requests including user authentication, storing relevant user data and giving that data to the applications. Furthermore, we have a few smaller HTTP servers (written in golang) which are both used by the "main" server to perform certain tasks but also have some public API's that apps and devices use directly.
In our current non-production setup we run all the servers locally on one machine with an apache2 in front which directs the requests. So the servers can be accessed via the apache2 by a user by their respective subdomains but they also perform some communication between each other. When doing so, currently we simply send the request to localhost:{PORT} since they all run on the same machine. They furthermore all utilize the same mysql-server running on that same machine.
We are now looking to get it more production-ready and are looking to deploy it to AWS. They are currently not containerized so a solution that requires containerization (ECS? K8s?) would most likely require more work. What would be the most straightforward way to do the following:
Deploy a number of servers on AWS where they are exposed publicly with their respective domains but can also communicate internally with one another (or would they just communicate with one another using their public domains?)
Deploy a managed SQL database (Amazon RDS?) which is accessible for all the servers.
Setup the routing of the requests. Currently run our own configured apache2 but I assume we can add a managed API Gateway in AWS and configure it for our servers.
Q. Deploy a number of servers on AWS where they are exposed publicly
with their respective domains but can also communicate internally with
one another (or would they just communicate with one another using
their public domains?)
On AWS you create a VPC(1st default VPC is created when you login for the first time).
You can deploy a number of EC2 instances(virtual servers) with just private IP addresses and without any public access and put them behind an ELB(elastic load balancer). The ELB will take all the traffic and distribute the load onto the servers based on endpoint.
However the EC2 instances won't have public IPs A VPC(virtual Private Gateway) allows your services to communicate to each other via private IPs (something like 172.31.xx.xx), You can also provide domain/sub-domain names to these private IP addresses using Route53 service of AWS.
For example You launch 2 servers:
Your Java Application - on 172.31.1.1 (you name it
xyz.myjavaapp.something.com on Route53)
Your Angular Application - on 172.31.1.2
The angular application can reach your java application on 172.31.1.1:8080 or
xyz.myjavaapp.something.com:8080
Q. Deploy a managed SQL database (Amazon RDS?) which is accessible for
all the servers.
Yes you can deploy an SQL database on RDS and it will be available to the EC2 instances. Just make sure you create proper security groups to allow only your servers to access it, and not leave it open for public internet.
Example for a VPC only security group entry is 172.31.0.0/16 This will allow only ther servers in you VPC to connect to the RDS DB. given that your VPC subnet has the range 172.31.x.x
Q. Setup the routing of the requests. Currently run our own configured
apache2 but I assume we can add a managed API Gateway in AWS and
configure it for our servers.
You can set up public/private APIs and manage different endpoints using API Gateway.
Another way it to put your application server behind an Application ELB. The ELB can take care of load balancing as well as endpoint management.
for example :
if you decide to deploy 2 servers for /getData and 1 server for /doSomethingElse. It can be easily managed by ELB.
I would suggest you use at-least servers for critical services and load balance them behind and ELB for production env.
On another note, containerizing and deploying to kubernetes is not that difficult or time consuming. But yes it has got some learning curve, but the benefits outweigh it.
Feel free to ask questions.

Private IP address of Azure VM being returned as address in WSDL file when accessing WSDL file from browser connected to an Azure Application Gateway

I have a SOAP Service running on tomcat that is deployed in an Azure Scaling Set. I have an Azure Application gateway that is font ending the scale set. When I try to access the wsdl (/service?wsdl) file via a web browser using the Application Gateway DNS, the wsdl that is returned has the private IP addresses of the VM that processed the file in it. This prevents the endpoints from being accessed since they are private. If I access the wsdl going directly to the back end VM's DNS name, the address returned contains the public host name of the VM that I sent the request to and can be accessed since its public. I don't have this problem when I deploy a similar deployment in the AWS environment using AWS ELB in front of the scaling group.
I am able to get this to work by configuring tomcat connector to use proxyName and proxyPort to specify the host name of the Azure Application Gateway. However, there are other SOAP clients that are required to access the back end VMs directly on that same connector, and by specifying the proxy parameters for the connector forces them to go through the Azure application gateway as well.
I realize that a different tomcat connector can be configured to address this, but this is not an optimal solution for the back end application.
So to the question. Is there some Azure Application gateway configuration setting that I can change, so I can make this work like AWS ELB and not have to use the proxyName tomcat parameter?
Thanks.