The Sample Web Application depicted below will include Web Servers, App Servers and Database Servers
-
There are two Availability Zones (AZ) in the Sample Web Application, in order to
provide high redundancy and therefore high availability
-
Subnet is nothing but the range of IP addresses
in a VPC
-
Network ACLs stands for Network Access
Control Lists that are applied to subnets
-
Each AZ has one private subnet
and public subnet
-
All subnets within a VPC is designed to talk to each
other freely
-
Only public subnets are
accessible from the internet
-
Servers in the private subnet
can only make outbound calls to the Internet via the NAT server. No inbound
traffic is accepted.
-
NAT have only one purpose here ->
allows instances on private subnets to call out to the Internet to download
updates. Traffic from the Internet is not permitted to make inbound connections
-
Traffic is further restricted
via security groups
-
NAT Instance is relatively old
service and we have an alternative now called NAT Gateway, which was introduced
in Re-invent 2016
-
Basically NAT Instance is an
EC2 instance with certain configurations where you have to establish ASG to
scale-up or down and enable fault tolerance whereas in NAT Gateway both elasticity and
failover are handled by AWS.
-
AWS Internet Gateway - An Internet
gateway is a horizontally
scaled, redundant, and highly available VPC component that allows communication
between instances in your VPC and the Internet.
-
Amazon Route 53 (Route
53) is a scalable and highly available Domain Name System (DNS)
When the user access the website www.mycloudapp.com either from his computer or mobile, the request goes to Route 53, passes through Internet Gateway & Elastic Load Balancer before hitting the Web Servers in public subnet. The Application Servers and Database Servers are placed in private subnet which can be accessed only by Web Servers. These Servers in private subnet can make only outbound calls to the Internet where they get their software updates, which happens through VPC NAT Gateway.
What is an ELB?
- ELB stands for Elastic Load Balancing.
- Elastic Load Balancing automatically distributes incoming application traffic across multiple Amazon EC2 instances & multiple availability zones.
- ELB enables you to achieve greater levels of fault tolerance in your applications ensuring that only healthy Amazon EC2 instances receive traffic
- ELB can automatically scales its request-handling capacity to meet the demands of application traffic.