How to Configure an Nginx Web Server Using the AWS CLI.
In today’s article, we’ll work on the AWS Command Line Interface (AWS CLI). Today we will launch an Amazon EC2 Instance with an Nginx web server, all in the AWS CLI. Grab your laptop, and let’s get ready to put in some work.
What is Nginx?
NGINX is an open-source software for web serving, reverse proxying, caching, load balancing, media streaming, and more. It started as a web server designed for maximum performance and stability. In addition to its HTTP server capabilities, NGINX can function as a proxy server for email (IMAP, POP3, and SMTP) and a reverse proxy and load balancer for HTTP, TCP, and UDP servers.
PREREQUISITES:
- An account with AWS
- Installed AWS CLI version 2. Use this link if you need the getting started and install information: https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html
Tasks
1. Create a t2.micro EC2 instance with the OS of your choice (Make sure it is free tier).
2. In the user-data field, use a script that updates all packages, installs NGINX and starts the service.
3. Verify that the instance has the NGINX webserver downloaded and installed through the public IP.
4. Make an Amazon Machine Image (AMI) from the instance you create earlier.
5. Launch the instance and verify you can reach your web server from the newly created EC2 instance.
STEP 1: Configure Aws CLI
Before running commands and launching our web server, we’ll need to set up our default credentials. We can use the following command to do just that:
aws configure
You’ll be asked for your AWS Access Key ID, your AWS Secret Access Key, the Default region name, and the Default output format.
The Access Key Id and the Secret Access Key are your account credentials and should never be shared with anyone. If you don’t have access keys, you can create them. Find out more here: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html.
For the Default region name I used us-east-1.
In the Default output format, I selected JSON, which is JavaScript Object Notation.
STEP 2: Create a Security Group
We must create a security group as our virtual firewall for our instance to control inbound and outbound traffic.
We need our VPC (Virtual Private Cloud) ID to create this security group. Our security group will be assigned to this VPC. To find the VPC ID use the following command:
aws ec2 describe-vpcs
This will help us to find and copy the VPC ID to add it to our security group setup.
We will use the command below to create our security group:
aws ec2 create-security-group --group-name <Your_Project_Name> --description <Your_Description> --vpc-id <Your_VPC>
We will copy this Group ID to paste it later when we create our instance.
STEP 3: Add rules to the security group
Next, we will add rules to our security group to control the inbound traffic that’s allowed to reach our web server. We can also control the outbound traffic that leaves our webserver. We will set our NGINX webserver to port 22 and port 80. Port 22 allows inbound SSH access from IPv4 addresses in our network, and port 80 allows inbound HTTP access from all IPv4 addresses.
To do this, we will use these two commands below:
aws ec2 authorize-security-group-ingress --group-id <Your_Group_ID> --protocol tcp --port 22 --cidr 0.0.0.0/0
and
aws ec2 authorize-security-group-ingress --group-id <Your_Group_ID> --protocol tcp --port 80 --cidr 0.0.0.0/0
If we use the commands above, we should get the image below.
STEP 4 :Create a Key Pair
A key pair comprises a public key used to encrypt data and a private key to decrypt data. Public key cryptography enables you to securely access your instances using a private key instead of a password. We’ll need to specify the key pair when we launch our instance.
To create our key pair, we will use the command below:
aws ec2 create-key-pair --key-name <Your_Key_Pair_Name>
we can confirm the key pair by using the following command;
aws ec2 describe-key-pairs --key-name <Your_Key_Pair_Name>
Now that we have our key pair, we can move on to the next step.
STEP 5: Create a script for Nginx
In this step, we will create a Bash script that updates all packages, installs Nginx, and starts the service.
Since I am currently using Powershell, I will need to install vim on my powershell to write this script. To install vim editor on powershell, use this link:
https://www.freecodecamp.org/news/vim-windows-install-powershell/
To create this script, we will run the command below;
vim nginx_script.sh
We will input the script below in the vim editor;
STEP 6: Obtain Your AMI ID
One last piece of information, and then we can launch. We need to find our AMI (Amazon Machine Image).
To do this, we need to go to our AWS EC2 Dashboard. We will select Launch Instance, scroll down to the Application and OS Images (Amazon Machine Image) section, and copy the AMI ID. Be sure to select from the region you used to configure with.
The aim id is highlighted in blue in the image above.
STEP 7:Launch Our Ec2 Instance
We now have all we need to create our EC2 instance.
To run the instance from the CLI, we will need the following information:
- AMI ID
- Key Pair Name
- Security Group ID
- BASH Script file name
We should have these all from the previous steps of the tutorial.
To launch our EC2 web server enter the following command:
aws ec2 run-instances --image-id <Your_AMI> --count 1 --instance-type t2.micro --key-name <Your_Key_Pair_Name> --security-group-ids <Your_Security_Group_ID> --user-data <Your_Script_File>
Let’s run this command now to check and see if EC2 is up and running
aws ec2 describe-instances
Here you can see a partial screenshot of what you’ll see if your instance launched correctly.
STEP 8: Test the Nginx server
Lastly, we’ll want to copy the IP address from our AWS EC2 Dashboard.
Take your public IP address and copy and paste it into your browser.
If you are seeing the Nginx page, you have successfully launched Nginx web server using the CLI. Congratulations!
As always, feel free to join me on this journey of learning the cloud. Whether you come back to this blog, follow me on social media, or reach out to me directly, I would love to continue the conversation and help you learn more about the exciting world of cloud computing.
Thank you for reading, and I look forward to hearing from you soon.