Map domain name to multiple AWS Elastic Beanstalk instances - amazon-web-services

The company I work for has multiple elastic beanstalk applications. We have setup a domain (eg. http://applications.ourcompany.com ) that currently directs to one of these instances. This works fine, the user enters http://applications.ourcompany.com and they end up at this ELB instance. However what we would really like to to is have something like the following:
http://applications.ourcompany.com/appone - maps to http://appone.elasticbeanstalk.com
http://applications.ourcompany.com/apptwo - maps to http://apptwo.elasticbeanstalk.com
and so on. I have been reading the AWS Documentation but it isn't immediately obvious if this is possible, or how to go about it. This is further complicated by our need to use HTTPS for at least one of these instances. We currently have a certificate for http://applications.ourcompany.com in IAM. Any help or guidance hugely appreciated.

You have to do this with a custom proxy server. The path ('/appone', '/apptwo') is passed to the application, not checked by the DNS. So you could set up an HAProxy server or nginx or something on http://applications.ourcompany.com and have it proxy requests to the different apps on https://appone.elastibeanstalk.com (notice I added HTTPS there).

Related

How do I setup SSL for a php single instance on AWS Elastic Beanstalk?

This is my first time setting up a dynamic website, so bare with me. My goal is to have SSL/https working on my php single instance aws Elastic beanstalk web app.
I already know that with a load balancer SSL is easy to set up and ACM certificates only work with load balancer.
I want single instance since it is cheaper. My project is small, don't expect a lot of traffic at most 1 user per day.
... back to problem, I did some research and came across this link, which is a "how to" from amazon:
https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/https-singleinstance-php.html
The problem I'm running into is the part where I'm suppose to put my "certificate contents here".
From research what goes here is a SSL certificate from a third party. When I purchased my domain from namecheap , I also purchased PostivieSSL. Now where I'm confused is how to create this "cerificate contents". I found this link on namecheap:
https://www.namecheap.com/support/knowledgebase/article.aspx/9446/14/generating-csr-on-apache-opensslmodsslnginx-heroku/
I know that I have to generate a CSR through SSH with commands ,where they will ask info about my site which is needed to make the request and get the certificate. It says I have to do this where I'm hosting my website. My question is how do I do this in elastic beanstalk? or is there another way to do this or am I understanding wrong. I'm a bit lost here
I've spent 2 days researching but cant find how to do this. I've found some people linking GitHub repositories doing this in some other similar questions but they don't seem to help me understand how to do this.
I was more or less in your shoes, but with the Java app instead of PHP. The way I see it, you have got three broad tasks to solve.
Generate proper certificate. You can either go for the one you already have from PositiveSSL or generate a free one for test purposes with Let's Encrypt and certbot (this might give you more control and understanding over what (sub)domain you're using it for). The end result is a set of certificate and key for the desired domain.
Make sure the certificate and key are on the Elastic Beanstalk instance in question and are being picked up by your web server. For this you need to properly package your app before deploying it, paying attention to the paths and the AWS docs for the single instance which you mentioned. Paste your certificate data in .ebextensions/https-instance.config, and it will be deployed as files under specified paths. Once you're done with the whole process later on, consider sourcing private certs and keys from your S3, never commit private data to version control.
Make sure the HTTPS traffic flows through. For this you'll need to make sure that your Elastic Beanstalk VPC security group has an inbound rule for port 443 (also covered in the AWS docs).

Information on how to public a website

It's the first time I will be publishing a website and have no idea on how this works.
Here's a few details on what I'm trying to achieve.
I have created a sample website in nodejs and uploaded it to docker (two containers, one for nodejs and the other one for mongodb database)
Now I would like to upload this on aws but not really sure where to start and what I need to know.
In addition, I want a domain, the price is quite high for the .com domain I am looking.
My questions are as follow:
If I buy a domain, how do I hookup the domain so it's routed to the aws server where I have my website deign, logic and database, how exactly does this work?
What's the best way to buy a domain? does anyone have any experience and advice on the best approach?
Thanks
You'll need to setup your vm and begin hosting your site w/ the custom ec2 URL, then configure the Amazon dns server (Route 53) with your domain to point at the correct vm.
Step 1
Get an ec2 box running (whatever size you think you'll need for traffic/storage). When you go through the portal, you'll need to Authorize Inbound Traffic.
Now you can sign into your ec2 vm, download any dependencies you'll need (npm for instance) and run your site just like you would locally in a terminal. Here's a sample that may help if you have trouble.
Step 2
You now need to the dns servers to translate the domain you owned into the ip of your ec2 vm. You can use the Route 53 service to do this.
Alternatives
You can also use Azure's App Services to do this. It's a cloud app hosting service that's meant to help you get your app on the cloud and scale it without much trouble. Here's a Node.js Sample.
...And here's the instructions on how to setup a custom domain.

Multiple dockers and multiple domains on elastic beanstalk

I have 10 low-traffic websites, all with different domains and I want to run all of them on one elastic beanstalk environment.
I'm a developer with zero experience with docker but from reading other answers I got the idea that a multicontainer docker environment could be what I need.
http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/create_deploy_docker_ecs.html
Can someone who have done it before (multiple domains on an EB environment) confirm that I'm on the right direction? If so, is there somewhere a tutorial on doing a multi-domain environment for people who never used docker?
AWS EB doesn't handle routing based on domain names. You can expose multiple ports. 80 and 9000 are exposed in the graphic below. But the visitor must type to port into the url, that's very ugly.
In order to route traffic to a container based on the domain you need a proxy. Nginx Proxy can do that for you.

Setting up a loadbalancer behind a proxy server on Google Cloud Compute engine

I am looking to build a scalable REST webservice on the Google Cloud Compute Engine but have a couple of requirements that I am not sure how best to implement.
Structure so far:
2 Instances running a REST webservice connected to a MySQL Cloud database.
(number of instances to scale up in the future)
Load balancer to split request between the two or more Instances.
this part is fine.
What I need next is that the traffic (POST requests from instances to an external webservice) must come from a single IP address. I assume these requests can not route back through the public IP of the load balancer?
I get the impression the solution to this is to route all requests from instances though a 3rd instance running squid. Is this the best way to do this? (side question)
Now to my main question:
I have been reading about ApiAxle which sounds like a nice proxy for Web Services, giving some good access control, throttling and reporting capabilities.
Can I have an instance running ApiAxle followed by a google cloud Load Balancer which shares the request from the proxy to the backend instances that do the leg work and feed the response back through the ApiAxle proxy, thus having everything though a single IP visible to clients using the API? (letting me add new instances to the pool to add capacity.)
and Would the proxy be much of a bottle neck?
Thanks in advance.
/Dave
(new to this, so sorry if its a stupid question because I cant find anything like this on the web)
Sounds like you need to NAT on your outbound traffic so it appears to come from one IP address. You need to do that via a third instance since Google LB stack doesn't provide this. GCLB works only with inbound connections on the load-balanced IP.
You can setup source-NAT using advanced routing, or you can use a proxy as you suggested.

Can I specify different set of upstream directives for different routes in Amazon ELB

I am currently using Nginx server for my load balancer. But in order to use the Amazon's Load balancing feature I want to move to Amazon ELB. But the problem is my application has different routes or locations (same domain name with different sub-urls) that are handled by different ec2 instances. Like for example. (abc.com/ is handled by a set of ec2 instances while abc.com/xyz/* is handled by another set of instances). For now I use nginx to specify different upstream lists and and locations they handle. I tried to look at that in Amazon ELB but I didn't find it. So is it possible to do that in Amazon ELB or is there any way around that?
Sorry - other than supporting sticky sessions, there is no request-based routing logic in ELB.