Case Study on a secured and Scalable E-commerce Cloud Hosting Application on Amazon web solutions (AWS).
The first question that you should ask concerns the value of moving a classic web application hosting solution into the AWS Cloud, If you decide that the cloud is right for you, you’ll need a suitable architecture.
If you are responsible for running a web application, you face a variety of infrastructure and architectural issues for which AWS can provide seamless and cost-effective solutions. The following are just some of the benefits of using AWS over a traditional hosting model.
Customers are using AWS various services for their eCommerce web portal and application, their eCommerce site provides products on furniture and food products for the wholesale buyers, registered buyers place orders online for the given products requirement.
With Amazon Web Services, you can build a secure and highly available checkout service for your e-commerce website that scales with your business. Managing the checkout process involves many steps, which have to be coordinated. Some steps, such as credit card transactions, are subject to specific regulatory requirements.
Other parts of the process involve manual labor, such as picking, packing, and shipping items from a warehouse. This architecture involves the following services of AWS viz. In three-tier model
- EC2 – Elastic Cloud compute
- ELB & AutoScaling – Elastic Load Balancer for better optimization of instances and scalability both at the application and network level.
- WAF – Web Application Firewall. By custom defining web security rules to prevent or block or to allow web traffic to your web application.
- ElastiCache – It is a managed web service that helps deploy and run Memcached or Redis protocol-compliant cache clusters in the cloud easily. In our case, Redis protocol improves the performance of web applications by allowing retrieval of information from a fast, managed, in-memory caching system, instead of relying entirely on slower disk-based databases.
- ElastiCache provides in-memory caching which can significantly lower latency and improve throughput for many
The client uses either an HTTP/HTTPS based browser or mobile application for accessing this application.
DNS services which are Route53 allow traffic to route to either of the ELB services, in our case we have used an Application load balancer. The integration of ELB and Route53 routing is done in such a way that it detects the healthy/ unhealthy state of the instance and routes the traffic to the healthy instance.
It also has latency differentiation features which help in faster opening of web portal when access from the web or mobile application.
In this scenario, ELB is configured facing ROUTE53 with public subnet and autoscaling services to optimize the CPU utilization when traffic goes beyond 70% providing high availability to the application.
Achieved HA with the help of deployment of NATGateway.
EC2 instances are mounted with EFS (Elastic File System ) which is provides simple, scalable file storage for use with Amazon EC2. With Amazon EFS, storage capacity is elastic, growing and shrinking automatically as you add and remove files, so your applications have the storage they need when they need it.
Amazon EFS has a simple web services interface that allows you to create and configure file systems quickly and easily. The service manages all the file storage infrastructure for you, meaning that you can avoid the complexity of deploying, patching, and maintaining complex file system configurations. Providing a more intact and consistent secure file system with encryption and decryption policy features.
ElastiCache Redis type provides 15 times read replica facility with a real-time feature that keeps RDS Aurora secure and robust databases.
WAF helps in preventing DDOS attacks like cross-site scripting and SQL injection, etc…
This setup is configured with CI/ CD services which fetch code from Github and moves the same to the Code Deploy which in turn puts the code in an appropriated directory of a server.
Backtrack configuration is enabled in order to recover the RDS database if wrongly deleted or erased. Parallelly, EFS data is taken as backup on S3 therefore same will be recovered fully from S3 if deleted from EFS.
For the monitoring purpose, Cloudwatch is being used with a log notification feature at every 1 minute level from S3 log retrieval.
This solution has given an automation feature to the client which requires much less manual work for any update of the application.