Photo Credit: Davendra Kanade

Create an EC2 Instance and install Apache Web Server using AWS Cloud9 CLI

AWS Cloud9 is an integrated development environment (IDE) a developer can use to manage code via a browser and collaborate with other developers. It is a simple as that. Cloud9 supports several programming languages like Python, JavaScript and PHP. Cloud9 is cloud based so you can run and work on your project from anywhere.

I struggled with this project using Windows command line, with Cloud9 it was seamless as there was no need for any environment configuration. For more information about AWS Cloud9 read documentation here. Now let’s jump right into the project!!!

Prerequisites:

1. AWS Console IAM User
2. AWS Cloud9

Objectives:

1. Create a t2.micro EC2 instance.
2. Pass user-data to updates all packages, install, start and enable Apache
3. Verify that the instance has the Apache web server downloaded and installed through the public IP.

Project Steps:

1. Setting up AWS Cloud 9 Environment

a. Log into your AWS console as an IAM user. Search for Cloud9 in the “Services” and hit enter. Select “Cloud9”. If you already have AWS Cloud9 setup, skip to Section 2. Using AWS Cloud9 CLI.

b. You will see the Cloud9 dashboard. Click on “Create environment” on the top right.

c. Create a name for your environment and a short description and click on “Next step”.

d. On the “Configure settings” page, leave everything as default and scroll to the “Network settings (advanced)” section, click on the drop-down arrow. Select the default VPC and a default subnet. You can also create a new VPC and subnet, but for the purpose of this project I will keep it simple and use the default. Click on “Next step”.

e. Review the environment name and settings and then click “Create environment”. You should see a message “We are creating your AWS Cloud9 environment. This can take a few minutes.” If successful, you will be presented with a terminal and welcome screen. You can close out the welcome screen and extend the terminal window.

e. If you login to your AWS Console you should see an instance running at this point with a name starting with “aws-cloud9…” The reason is that AWS creates an instance with the environment.

• AWS Cloud9 EC2 environment: Enables you to launch a new Amazon EC2 instance that Cloud9 connects to. By default, these instances stop 30 minutes after you close the IDE and start automatically when you open the IDE.
• AWS Cloud9 SSH environment: Enables you to connect an existing Linux server with Cloud9. There are certain dependencies that are required on the Linux server that you want to use with Cloud9 SSH environments.

In addition, a security group will be created by default. Don’t worry about it. We will be creating our EC2 instance, security groups and key pairs all from scratch.

2. Using AWS Cloud9 CLI

a. The first thing you will notice is that the screen is divided into two. On the left you have the directory where you can see all the folders and files in a tree like structure. There should be a READ.me file created by default. It contains a welcome note from AWS and a link to Cloudd9 documentation.

The right part of the screen has the terminal/bash environment with the host ip address.

b. The first step is to obtain the AMI ID of the image you will be using. AWS has lots of images and you will be using the Amazon Linux 2 image. To do that, run the command below.

aws ec2 describe-images --owners amazon --filters "Name=name,Values=amzn2-ami-hvm-2.0.????????.?-x86_64-gp2" "Name=state,Values=available" --query "reverse(sort_by(Images, &Name))[:1].ImageId" --output text

The result will be an AMI ID. Save it in a notepad as we will need it later to create the EC2 instance.

c. The next step is to create a script that will build the Apache server. For this you will be using a text editor called Vim. Type the following command to start vim.

vim apache.txt

This will open up the vim editor. If you are new to vim, don’t worry I will walk you through how to get in and out. If you want to deep dive on the vim editor click here for more information.

Vim defaults to the “Normal mode”. You cannot make any edits in the normal mode. Click on “i” on the keyboard to switch to “Insert” mode, this will allow you edit the file. Paste the following code into the text editor.

#!/bin/bash
yum update -y
yum install -y httpd.x86_64
systemctl start httpd.service
systemctl enable httpd.service
echo "Hello World from $(hostname -f)" > /var/www/html/index.html

The script will update the packages, install, and start and enable the Apache server. Click on the “Esc” key to return to the “Normal” mode. Then enter :wqand then click “Enter” to save and exit. You should see the apache.txt file created on the folder/file list on the left.

d. This step you will create a key pair. A key pair, consisting of a public key and a private key, is a set of security credentials that you use to prove your identity when connecting to an EC2 instance. To accomplish this, run the following command.

aws ec2 create-key-aws pair --key-name MyKeyPair --query 'KeyMaterial' --output text > MyKeyPair.pem

This will create a key pair and save it in the home directory. You can verify the file has been created by running the following command.

aws ec2 describe-key-pairs

e. Next, you will need the Amazon VPC ID. Amazon Virtual Private Cloud (Amazon VPC) is a service that lets you launch AWS resources in a logically isolated virtual network that you define. If you didn’t create one, you can use the default VPC. In our case, we will use the default.

aws ec2 describe-vpcs

This command will list all the vpcs available. Select a vpc and record the vpc id in a notepad. You will need the id for the next step.

f. In this step, you will be creating a security group. You will need to control traffic in and out of your network and this is where a security group comes in handy. You can name your security group anything you want; I am using “MySecGroup”. Notice how the vpc id from the previous step has been introduced.

aws ec2 create-security-group --group-name MySecGroup --description "My security group" --vpc-id vpc-48974b32

Once again, record the GroupID on a notepad.

g. Next you will be adding rules to the security group. You want to allow SSH on port 22 and HTTP for our web server on port 80. For SSH, you want to allow traffic from only trusted ip. So you will configure this rule with your own ip address. To locate your ip, run the following command.

dig +short myip.opendns.com @resolver1.opendns.com

Allow traffic on port 22 for SSH by using the following command where 52.3.251.131/32 is your ip address.

aws ec2 authorize-security-group-ingress --group-id sg-0e646c1d020b7214 --protocol tcp --port 22 --cidr 52.3.251.131/32

Allow traffic on port 80 for HTTP by using the following command. Note that 0.0.0.0/0 means you will receive traffic from anywhere. This is necessary because it is a web server so inbound traffic is expected.

aws ec2 authorize-security-group-ingress --group-id sg-0e646c1d020b7214 --protocol tcp --port 80 --cidr 0.0.0.0/0

h. You are almost there! For this step you need to use or create subnets, again to make things simple I will be using the default subnet. If you created one, feel free to use it. You can view your subnets by typing the following command.

aws ec2 describe-subnets

For this project, I will use the subnet in the us-east-1a availability zone since it is closest to my region. Record the subnet id on a notepad and now you are ready to create our EC2 and Apache server.

h. To create the Apache server and EC2 instance, you will need the following.

• image id
• key pair name
• security group id
• subnet id
• File containing Apache script.

Copy the following code, substitute with your own parameters/credentials and paste into AWS Cloud9 terminal. Give it some time to run.

aws ec2 run-instances --image-id ami-0dc2d3e4c0f9ebd18 --count 1 --instance-type t2.micro --key-name MyKeyPair --security-group-ids sg-0e646c1d020b72147 --subnet-id subnet-d98000be --user-data file://apache.txt

The command will run an EC2 instance with the image id ami-0dc2d3e4c0f9ebd18 which is our Amazon Linux 2 image. — count 1 means it will spin just one instance.

The instance type will be t2.micro with a key pair of MyKeyPair. The security group with the id sg-0e646c1d020b72147 will be applied.

You have configures two rules in the security group to allow HTTP and SSH. Our default subnet will be used and finally our script located in the home directory will be used to create the Apache web server. So lets spin up the EC2 instance and view the Apache web server.

3. Verify that the instance has the Apache web server downloaded and installed through the public IP.

a. If you didn't get any error you are almost there. At this stage, you will view the instance you have just created and run the Apache server to view the html file that was imbedded in our script.

Run the following command to view your instances.

aws ec2 describe-instances

Match the instance with the same ami id if you have multiple instances. Copy the “PublicDnsName” and paste on your browser.

And there you have it folks! You have created an EC2 instance with Apache web server using AWS Cloud9 terminal. Please feel free to make comments and subscribe to get notifications for future projects.