🔵 Architecture |
To build and deploy a scalable, secure, and highly available Three-Tier Web Application Architecture on AWS using best practices, automation, and monitoring tools.
- 📌 AWS Account
- 📌 Basic knowledge of Linux
Purpose: Serve static files, handle user requests, and route traffic to the Application Tier.
| Service | Purpose |
|---|---|
| Amazon EC2 | Host Nginx web servers |
| Application Load Balancer (ALB) | Internet-facing ALB for traffic distribution |
| Amazon Route 53 | Domain management and DNS routing |
| Amazon ACM | Provision and manage HTTPS certificates |
| Auto Scaling Group | Ensure availability and scalability |
| Security Groups | Control inbound access (HTTP/HTTPS/SSH) |
| Amazon AMI | Golden image for web server setup |
Purpose: Execute application logic (Node.js), process API requests, and communicate with DB Tier.
| Service | Purpose |
|---|---|
| Amazon EC2 | Run Node.js app server |
| Auto Scaling Group | Maintain desired number of app servers |
| Internal ALB | Load balance traffic between app servers |
| Amazon S3 | Store zipped Node.js application package |
| Amazon IAM Role | Allow EC2 to access S3 and RDS securely |
| Amazon AMI | Golden image for app server setup |
| Security Groups | Restrict access only from Web Tier |
| PM2 | Process manager to run app persistently |
Purpose: Store and manage application data securely.
| Service | Purpose |
|---|---|
| Amazon RDS (MySQL) | Managed relational database |
| Multi-AZ Deployment | High availability & failover support |
| DB Subnet Group | Isolate RDS within private subnets |
| Security Groups | Allow traffic only from App Tier (port 3306) |
| Service | Purpose |
|---|---|
| Amazon VPC | Isolated network for the entire architecture |
| Subnets (Public/Private) | Separate workloads logically and securely |
| Internet Gateway | Enable internet access for web tier |
| NAT Gateway | Allow private instances (app/db) to access the internet |
| Elastic IP | Static IP for NAT Gateway |
| Route Tables | Control traffic routing between subnets |
| Amazon CloudWatch (optional) | Monitor instance performance, scaling policies |
🔵 Architecture |
🔵 Architecture |
Three main layers:
- Web Tier: Handles client requests and serves the front-end website.
- Application Tier: Processes API requests and handles the business logic.
- Database Tier: Manages data storage and retrieval.
- Role: Entry point for all client traffic.
- Functionality:
- Distributes requests to web tier EC2s.
- Performs health checks.
- Role: Serves front-end and routes API calls.
- Components: Nginx on EC2, React.js front-end.
- Functionality:
- Serve static files.
- Redirect API to internal ALB.
- Role: Manages traffic between Web and App Tier.
- Functionality:
- Routes API calls to App EC2s.
- Ensures high availability.
- Role: Handles business logic.
- Components: Node.js on EC2.
- Functionality:
- Process requests.
- Interact with DB.
- Return data to Web Tier.
- Role: Reliable data storage.
- Functionality:
- Structured data storage.
- Multi-AZ high availability.
- SQL queries and transactions.
- Ensures even traffic distribution.
- Implemented at both Web and App tiers.
- External ALB checks Web EC2s.
- Internal ALB checks App EC2s.
- Web Tier and App Tier auto-scale based on metrics.
- SSL/TLS for
learnaws.co.in. - Auto-renew and bind with external ALB.
- DNS management for
learnaws.co.in. - Routing and health-check-based failover.
This architecture ensures high availability, scalability, and reliability by:
- Load balancing traffic across tiers.
- Monitoring instance health.
- Auto-scaling based on usage metrics.
- Isolated networking via VPC and Subnets.