- Newest
- Most votes
- Most comments
I'm assuming you don't have a tunnel in place or any sort of VPN connectivity to your AWS environment at this time.
You should really really consider doing this 'right' in terms of best practices, from a security and resiliency standpoint. This will be more work to learn, but worth it in the term.
You should then consider setting up an application load balancer (you only need one for all the subdomains, and pointing your DNS to the CNAME of the load balancer. The security group of the ALB should accept incoming traffic on port 80/443 from 0.0.0.0/0. You then setup the listeners for 80 and 443 as necessary, and target groups for your schools.
Setup the EC2 instances in a public subnet (since you don't have a vpn to access). Don't worry about the Elastic IPs, but have it generate a public ip (that's a checkbox when spinning up the systems): Have the security group of the EC2 accept 80 and 443 ONLY from security group of the ALB above.
You can also open up port 22 to your specific IP address(es) for ssh control, etc.
the EC2s then get registered in the target groups created above. Then, in the ALB listeners, you create rules to route traffic based on the host header (e.g. subdomain) to the different target groups.
Complete the solution by actually spinning up the EC2s in autoscale groups..you don't actually need to implement autoscale policies, but if an EC2 dies (fyi: EC2 DO DIE, and you should actually never run just one of anything as a best practice), a new one will spin up in it's place: If your AMIs are ready to serve up traffic, or you have some configuration management that will automate the configuration of that EC2, then everything self-heals in the event of an issue.
Alternatively, you can look at Elastic Beanstalk, which automates some of the above for you.
fyi, the EIP is a soft limit..you can request more..but you really want a load balancer in there for this use case.
Probably more than what you were looking for, but I hope it helps.
Relevant content
- asked 10 months ago
- asked 9 months ago
- asked 6 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 19 days ago
- AWS OFFICIALUpdated 2 years ago