My journey following this Reddit post's walkthrough on how to become a Cloud Engineer
I deployed a "Fortune of The Day" web app using AWS and Terraform, architected in three different ways: traditional, microserviced and serverless.
During my journey, I used AWS Free Tier, so most of the costs (not all) of running these labs were on the house. I highly recommend you leverage Free Tier or keep close track of the costs of running this.
- An Amazon Web Services account with a marginal amount of money to spend
- A domain name (eg:
domain.com) - Terraform installed in your workstation (howto)
- An Access Key set up on your workstation (howto)
In all architectures, the web app design looks like this:
All architectures...
- ...are scalable by default
- ...use all Availability Zones for a given region (if applicable)
- ...use the latest official Ubuntu 16.04 AMI (if applicable)
- ...use Principle of Least Privilege roles through strict IAM policies
- ...use CloudFront for the distribution layer
- ...use DynamoDB for the data layer
- ...use Route 53 for DNS
The traditional model serves both the static assets and the fortunes, on the same servers.
This model requires the administration of every piece of the app, from the OS to the application.
The microserviced approach splits the static assets and the content in two, serving the static files from S3 and the content from our servers.
This model still requires server administration, but offloads our servers a great deal and keeps our application simpler. Instead of a full-blown web server we only have to write a RESTful API.
This is the most interesting of all. Serverless splits static assets and content too, but now the content is served from AWS Lambda, which then talks to DynamoDB.
Serverless design removes all administration tasks and leaves it to the guys at Amazon Web Services.
- Add your domain to Route 53 (howto)
- Change to the desired architecture's directory (eg.
cd serverless) - Run
terraform init - Run
terraform apply
Go to https://www.architecture.domain.com (replace architecture with traditional, microservices or serverless) and domain.com with your domain (eg. www.serverless.example.com)
Note: (Serverless only), AWS Lambda files must be world-readable, run chmod 644 src/api/*.py if Lambda throws Permission denied errors.
- Run
terraform destroy(inside the architecture's directory)
Once finished with the labs, I highly suggest you remove your domain name from Route 53 or else you will be charged every month (see Pricing) for a hosted zone.
Note: if destroying CloudFront distributions fails, run terraform destroy again, this is an issue with Terraform and/or CloudFront.
- Scaling up to Your First 10 Million Users (2017), a great (yearly) talk at AWS re:Invent on running services at scale
- The System Design Primer, a good introduction to system design and architecture