PHP app with RDS and SNS

Sample PHP WebApp to store contact info.

The app uses AWS RDS to store contact info.

Target architecture

Step-by-step

Create Network

Login into AWS Console.
On Services type VPC and select the service.
Select Create VPC and complete with below parameters.
- Resources to create: VPC and more
- Auto-generate: db
- IPv4 CIDR block: 30.0.0.0/16
- Number of Availability Zones (AZs): 2
- Customize AZs
  - First availability zone: us-east-1a
  - Second availability zone: us-east-1b
- Number of public subnets: 2
- Number of private subnets: 2
- Customize subnets CIDR blocks
  - Public subnet CIDR block in us-east-1a: 30.0.1.0/24
  - Public subnet CIDR block in us-east-1b: 30.0.3.0/24
  - Private subnet CIDR block in us-east-1a: 30.0.2.0/24
  - Private subnet CIDR block in us-east-1b: 30.0.4.0/24
- NAT gateways: None
- VPC endpoints: None
Click Create VPC.

Create Firewall

Public Firewall

On Services type VPC and select the service.
In the left side menu click Security Groups.
Click Create security group and complete with below parameters.
- Security group name: db-sg-pub
- Description: DB Security Group public
- VPC: db-vpc
- Inbound rules (Click Add rule for each rule below)
  - Rule 1
    - Type: All traffic
    - Source: 30.0.0.0/16
  - Rule 2
    - Type: HTTP
    - Source: 0.0.0.0/0
  - Rule 3
    - Type: SSH
    - Source: 0.0.0.0/0
Click Create security group.

Private Firewall

On Services type VPC and select the service.
In the left side menu click Security Groups.
Click Create security group and complete with below parameters.
- Security group name: db-sg-priv
- Description: DB Security Group private
- VPC: db-vpc
- Inbound rules (Click Add rule)
  - Rule 1
    - Type: All traffic
    - Source: 30.0.0.0/16
Click Create security group.

Create Database

On Services type RDS and select the service.

Create Subnet Group

In the left panel menu click Subnet groups.
Click Create DB subnet group and complete with below parameters.
- Name: db-sn-group
- Description: DB Subnet Group
- VPC: db-vpc
- Availability Zones: us-east-1a and us-east-1b
- Subnets: 30.0.2.0/24 and 30.0.4.0/24
Click Create.

Create Parameter Group

In the left panel menu click Parameter groups.
Click Create parameter group and complete with below parameters.
- Parameter group name: db-param-group
- Description: DB Parameter Group
- Engine Type: MySQL Community Edition
- Parameter group family: mysql8.0
Click Create.

Config Parameter Group for parameter character_set_server

In the left panel menu click Parameter groups.
Click in the link db-param-group.
Click Edit.
In the Filter Parameters search field, type character_set_server.
In the Value field, type utf8.
Click Save changes.

Config Parameter Group for parameter character_set_database

In the left panel menu click Parameter groups.
Click in the link db-param-group.
Click Edit.
In the Filter Parameters search field, type character_set_database.
In the Value field, type utf8.
Click Save changes.

Create database

In the left panel menu click Databases.
Click Create database and complete with below parameters.
- Engine options
  - Engine type: MySQL
- Availability and durability
  - Deployment options: Multi-AZ DB instance
- Settings
  - DB instance identifier: db-instance-id
  - Master username: dbadmin
  - Credentials management: selected
    - Self managed
    - Master password: dbpassword
    - Confirm master password: dbpassword
- Instance configuration
  - DB instance class: Burstable classes (includes t classes)
- Storage
  - Storage type : gp2
  - Storage autoscaling
    - Enable storage autoscaling: disabled
- Connectivity
  - Virtual private cloud (VPC): db-vpc
  - DB subnet group: db-sn-group
  - Existing VPC security groups: db-sg-priv
    
    Note: Remove the default security group if selected.
- Monitoring
  - Enable Enhanced monitoring: disabled
- Additional configuration
  - Initial database name: dbname
  - DB parameter group: db-param-group
  - Enable automated backups: disabled
  - Enable encryption: disabled
  - Enable auto minor version upgrade: disabled
  - Enable deletion protection: disabled
Click Create database.

Note: Validate database creation. Process should take 10-15 minutes. Wait until status is Available.
Click in the link with db-instance-id and capture the Endpoint value.

Note: It will be used on later steps.

Create Load Balancer with Autoscaling

Create EC2 Launch template

On Services type EC2 and select the service.
In the left panel menu, under Instances, click Launch Templates.

Select Create launch template and complete with below parameters.

Launch template name : ec2-launch-template
Application and OS Images (Amazon Machine Image)
- Quick start: Amazon Linux
- Amazon Machine Image (AMI) : Amazon Linux 2 AMI (HVM)
Instance type : t2.micro
Key pair : vockey (or any from your choice)
Network Settings
- Security groups : db-sg-pub
- Advanced network configuration
  - Add network interface
    - Auto-assign public IP : Enable

Advanced details

User data - optional

#!/bin/bash

# Update/Install required OS packages
yum update -y
yum install -y httpd wget php-fpm php-mysqli php-json php php-devel telnet tree git
amazon-linux-extras install -y php7.2 epel
yum install -y mysql php-mtdowling-jmespath-php php-xml

# Config PHP app Connection to Database
cat <<EOT >> /var/www/config.php
<?php
define('DB_SERVER', 'RDS_ENDPOINT');
define('DB_USERNAME', 'dbadmin');
define('DB_PASSWORD', 'dbpassword');
define('DB_DATABASE', 'dbname');
?>
EOT

# Deploy PHP app
cd /tmp
git clone https://github.com/kledsonhugo/app-notifier
cp /tmp/app-notifier/*.php /var/www/html/
rm -rf /tmp/app-notifier

# Config Apache WebServer
usermod -a -G apache ec2-user
chown -R ec2-user:apache /var/www
chmod 2775 /var/www
find /var/www -type d -exec chmod 2775 {} \;
find /var/www -type f -exec chmod 0664 {} \;

# Start Apache WebServer
systemctl enable httpd
service httpd restart

Note: Replace RDS_ENDPOINT with the value of the RDS service endpoint captured in previous steps.

Click Create launch template.

Create EC2 Auto Scaling Group

In the left panel menu, under Auto Scaling, click Auto Scaling Groups.
Select Create Auto Scaling group and complete with below parameters.
- Auto Scaling group name: ec2-auto-scaling-group
- Launch template: ec2-launch-template
Click Next.
Complete with below parameters.
- VPC: db-vpc
- Availability Zones and subnets: 30.0.1.0/24 and 30.0.3.0/24
Click Next.
Complete with below parameters.
- Load balancing
  - Attach to a new load balancer
- Attach to a new load balancer
  - Load balancer name: ec2-load-balancer
  - Load balancer scheme: Internet-facing
  - Listeners and routing
    - Default routing (forward to): Create a target group
    - New target group name: ec2-target-group
Click Next.
Complete with below parameters.
- Group size
  - Desired capacity: 2
Click Next.
Click Next.
Click Next.
Click Create Auto Scaling group.

Config Load Balancer Security Group

In the left panel menu, under Load Balancing, click Load Balancers.
Click on ec2-load-balancer to open the Load Balancer page details.
Click in the Security menu.
Click Edit.
Remove the default Security Group and add db-sg-pub.
Click Save Changes.

Validate Target Group

In the left panel menu, under Load Balancing, click Target Groups.
Click on ec2-target-group and validate if 2 instances are Healthy.

Note The instance registration process takes 5-10 minutes.

Validate Load Balancer

In the left panel menu, under Load Balancing, click Load Balancers.
Click on ec2-load-balancer and capture the value for field DNS name.
Open a browser tab and navigate to http://DNS_NAME. Replace DNS_NAME with the value captured on previous step.

Note: You should see a page like the example below. Add a new contact to validate the PHP web application is adding data into RDS successfully.

Congratulations

If you reach this point successfully, you completed the procedure.

Don´t forget to destroy all resources avoiding unnecessary costs.

kledsonhugo / app-notifier-aws Goto Github PK

app-notifier-aws's Introduction