1

I have deployed nodejs app on ec2 instance. I have used atlas for mongoDB, load balancer, Aws ssl to secure the connection and pm2. As iam already using aws load balancer should i need to use nginx. What is the best practice of deploying nodejs app on ec2. if i need to use ngnix where to configure http to https redirect?

Improve this question
2
  • You usually setup your http->https on your LB. Commented Aug 14, 2020 at 4:28
  • yes i have redirected all http to https in LB. should i need to use nginx? Commented Aug 14, 2020 at 5:56

1 Answer 1

Reset to default
3

Looks like you need a web application to be developed. I would suggest below architecture. enter image description here. This will eliminate pain of hosting/maintaining servers.

All AWS components can be programmatically integrated using AWS SDK and Amplify is a wrapper on top of this.

Develop your UI in any JavaScript framework and host it in AWS S3. Using CloudFront you can cache the UI layer. Put an API gateway layer which will intercept all the traffic from your UI. Using AWS Amplify can very much simplify your UI development with a lot of built-in wrapper components. It comes with CLI which can be used for deployment as well.

Host your Spring Boot+DB Driver (or NodeJS/C#/PHP/Python/etc.) Application with Rest API in AWS Beanstalk. BeanStalk can be configured with Load Balancing, Auto Scaling Group, etc. If AWS Beanstalk seems complicated for you, consider using AWS Lambda (Serverless, microservices) architecture.

AWS DocumentDB is a MongoDB extension and maybe you can leverage it. Which is again a highly scalable, very flexible NoSQL in this case.

You can leverage AWS Cognito (https://www.slideshare.net/awsugkochi/acdkochi19-enterprise-grade-security-for-web-and-mobile-applications-on-aws)to store User credentials in groups and add permissions and authenticate/authorise the users.

In API Gateway you can configure AWS Cognito Authoriser and protect the APIs from un-authorised calls.

Some of the auxiliary services can be used to integrate email/SMS etc. AWS SNS (Pub/Sub) + SQS (Queue) -> If you want to decouple any process, you can use SNS + SQS. You can send e-mails using AWS SES. AWS Route53 is the DNS and your domain can be hosted here.

If you have to upload any files to cloud and store it for users, leverage AWS S3.

You need to protect internet-facing components like API Gateway and Cloudfront using AWS WAF.

All these systems generate logs and it can be accessed from AWS cloudwatch. Your APIs can be monitored for performance and errors using AWS X-Ray.

enter image description here

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

i need to know should i need to use both nginx and aws LB
API gateway will replace your nginx

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.