Thanks for suggesting, interesting.. Can you pls describe a lit-bit more how would it work. The typical use case, you have some kind of API hosted in EKS, EC2, ECS or even lambda and static files such as pictures loaded from s3. If you give me more information I can make tutorial quicker.
This looks very complex for a small deployment! what are the advantages compared with deploying in vercel which takes only a few commands on the terminal? Is Terraform really needed for a small project (that will eventually scale)?
GitOps is a standard in my world. Even the Google SRE books highly suggest always keeping not only the source code but also the config under version control. So, I would say, if you need to manage infrastructure, always use Terraform.
Usually you would use your CI tool that already used across the company, maybe github actions, circle etc. For the EC2 you would use packer and build images and terraform to apply those images
Depends on the database, if you host your db you would need to open security group. If it's something like RDS or dynamo you need to add IAM permissions to the EC2 instance profile (role)
@@AntonPutra Thanks for the answer. In my case, I want to use MongoDB. I discovered that I can actually buy a dedicated cluster hosted by AWS and link it to my VPC using something called VPC link.
Hi Anton, wouldn't it be better to target backend protocol http instead of using TCP on the Network Load Balancer? I encountered cases where the app may be 'running' yet is in a stale mode not being able to receive more traffic as it was unable to open any more threads and close existing ones. The LB could still see the target healthy as it would telnet the port yet http was unavailable.
For network load balancer you need to create target group with TCP protocol, however you can define HTTP health checks. You can run arbitrary logic to verify the health of your app including testing database connections if any.
Hi Anton, thank you for the video, it was very helpful. I am struggling trying to connect to the ec2 instance in option 2 using the "connect" button in the EC2 dashboard. How can I get ssh access to the ec2 instance if it is inside the VPC?
The easiest way to use aws session manager, for that your EC2 instance can be located in private subnets. You need to attach this "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore" policy to your EC2 instance profile.
🔴 - To support my channel, I’d like to offer Mentorship/On-the-Job Support/Consulting - me@antonputra.com
Practical, detailed and very professional coverage of the topic. Thanks for you time and effort. Subscribed.
thank you!
You are my life savior!!!
welcome! :)
this is exactly what i was looking for thank you
Great guide again. Thanks Anton.
Please share a video on how to integrate Rest API Gateway with AWS Eventbridge
Thanks, will do!
You just saved me days of work, thanks!
Cool thanks for visiting
Great and educational. Thanks, Anton
My pleasure!
Thank you. U help me a lot understanding api gateway.
cool, welcome!
BLESS YOU this is so helpful!!!
Thanks @hemedtov2764!
Incredible tutorial, keep going
Thanks HICHEM!
you can also access restful service on private EC2 from lambda if: 1. Both are deployed in the same VPC 2. Use private DNS name of an EC2
Awesome. Thank you
Thanks Saqib!
Anton, please consider a tutorial on integrating s3 bucket for static and ECS or EC2 for dynamic content to a cloudfront. Nobody has done this yet.
Thanks for suggesting, interesting..
Can you pls describe a lit-bit more how would it work. The typical use case, you have some kind of API hosted in EKS, EC2, ECS or even lambda and static files such as pictures loaded from s3. If you give me more information I can make tutorial quicker.
This looks very complex for a small deployment! what are the advantages compared with deploying in vercel which takes only a few commands on the terminal? Is Terraform really needed for a small project (that will eventually scale)?
GitOps is a standard in my world. Even the Google SRE books highly suggest always keeping not only the source code but also the config under version control. So, I would say, if you need to manage infrastructure, always use Terraform.
thanks, that was useful
You're welcome!
Thank you!
Welcome!
👉 How to Manage Secrets in Terraform - ruclips.net/video/3N0tGKwvBdA/видео.html
👉 Terraform Tips & Tricks - ruclips.net/video/7S94oUTy2z4/видео.html
👉 ArgoCD Tutorial - ruclips.net/video/zGndgdGa1Tc/видео.html
Thank you so much
Thanks for visit!
Thanks Anton, it is very helpful. How can I do if I want to deploy more than an app, for example in ports 8080 and 3000 with the same API Gateway
Welcome! It's been a while since I recorded this tutorial, so I don't really remember all the details.
Thanks! Whats the way to set up ci/cd with this setup? Struggling to deploy to the private ec2
Usually you would use your CI tool that already used across the company, maybe github actions, circle etc. For the EC2 you would use packer and build images and terraform to apply those images
Thank you so much for the awesome tutorial Anton! What if I want all my EC2 instance to connect to a database? How would I go about doing that?
Depends on the database, if you host your db you would need to open security group. If it's something like RDS or dynamo you need to add IAM permissions to the EC2 instance profile (role)
@@AntonPutra Thanks for the answer. In my case, I want to use MongoDB. I discovered that I can actually buy a dedicated cluster hosted by AWS and link it to my VPC using something called VPC link.
Hi Anton, wouldn't it be better to target backend protocol http instead of using TCP on the Network Load Balancer? I encountered cases where the app may be 'running' yet is in a stale mode not being able to receive more traffic as it was unable to open any more threads and close existing ones. The LB could still see the target healthy as it would telnet the port yet http was unavailable.
For network load balancer you need to create target group with TCP protocol, however you can define HTTP health checks. You can run arbitrary logic to verify the health of your app including testing database connections if any.
Thanks you
Welcome
Hi Anton, thank you for the video, it was very helpful. I am struggling trying to connect to the ec2 instance in option 2 using the "connect" button in the EC2 dashboard. How can I get ssh access to the ec2 instance if it is inside the VPC?
The easiest way to use aws session manager, for that your EC2 instance can be located in private subnets. You need to attach this "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore" policy to your EC2 instance profile.
What is the use of network load balancer here? Can the API Gateway talk to the auto scaling group directly?
no, you need load balancer between
is it possible for me to use application load balancer since i need path based routing. but my application is hosted on port 8080
Sure you can use application load balancer for all http traffic on any port. You can't use it if you have a custom tcp protocol not http.
@@AntonPutra nice content subscribing you. Please keep posting such content.