AWS: how to deploy APIs on Amazon EC2?
Bkjia: We think Amazon is an excellent platform for running API application programming interfaces, because you can fully control the application stack. For those who are new to AWS Amazon Web Services, learning is quite difficult. So we sorted out several best practices for readers and made them into this short tutorial. In addition to Amazon EC2 Elastic Computing cloud), we will also use Ruby Grape, a micro-framework, to build API interfaces and use the Nginx proxy system to process access control. The best thing is that everything mentioned in this tutorial is completely free!
For this tutorial, you need to use Ruby-based APIs and Thin servers. If you do not have such an API, you only need to clone the sample software library. For details, see "deploy an application ).
Now, we will start building and configuring Amazon EC2 instances. If you already have an EC2 instance, whether it is a micro instance or not, you can directly jump to the next step: Prepare the deployed instance.
Build and configure EC2 instances
First, register Amazon Elastic Computing cloud Amazon EC2 ). As far as our requirements are concerned, the free service http://aws.amazon.com/free/is enough, so we can refer to all the basic requirements. Once an account is set up, go to the EC2 dashboard under the AWS console and click the Launch Instance to start the Instance. This will allow you to enter a pop-up window, where you can continue the next step:
• Select the classic wizard.
• Select AMIUbuntu Server 12.04.1 LTS 32-bit and micro-instances), Instance Details) and keep the default value as needed.
• Create a key pair and download it-this will be the key pair you use to establish an SSH connection with the server. The key pair is very important!
• Add inbound rules for the firewall. The source address is always the TCP port 3000 used by the 0.0.0.0/0 HTTP, HTTPS, all icmp, and Ruby Thin servers ).
Prepare the deployed instance
Now we have built and run the instance, And we can connect Windows users directly through the console through PuTTY ). Right-click the instance, Connect to the instance, and select Connect with a standalone SSH Client to Connect to the instance using an independent SSH Client ).
Follow these steps to change the user name to ubuntu instead of root in the instance ).
After completing this step, you connect to the instance. We also need to install new software packages. Some software packages require root login credential), so you need to set a new root Password: sudo passwd root. Then log on as the root user: su root.
Now that you have the root logon information, run:
Sudo apt-get update
Use the exit command to switch back to a common user and install all required software packages:
• Some libraries required for installing rvm, ruby, and git:
Sudo apt-get install build-essential git zlib1g-dev libssl-dev libreadline-gplv2-dev
Imagemagick libxml2-dev libxslt1-dev openssl zlib1g libyaml-dev libxslt-dev autoconf libc6-
Dev ncurses-dev automake libtool bison libpq-dev libpq5 libeditline-dev
Sudo apt-get install libreadline6 libreadline6-dev
• Install git on Linux, not from source files): http://www.git-scm.com/book/en/Getting-Started-Installing-Git
• Installing rvm: https://rvm.io/rvm/install/
• Install ruby
• Rvm install 1.9.3
• Rvm use 1.9.3 -- default
Deploy applications
Our example Sentiment API is located on Github. Try to clone the software library:
Git clone git@github.com: jerzyn/api-demo.git
Here you can review the code and tutorials for building and deploying the application again:
Http://www.3scale.net/2012/06/the-10-minute-api-up-running-3scale-grape-heroku-api-10-minutes/
And here:
Http://www.3scale.net/2012/07/how-to-out-of-the-box-api-analytics/
Note that we only use v1 for the changes, because the proxy system needs to complete verification ).
Now you can deploy the application by running the command: bundle install.
Now you can enable the Thin server: thin start.
If you want to directly access the API, there is no security or access control): your-public-dns: 3000/v1/words/awesome. json you can find your public DNS in the AWS EC2 dashboard> instance in the instance Details window ).
To use Nginx, you must create an elastic IP address. In the AWS EC2 dashboard, create an EIP in the same region as the instance and associate the EIP with it. You do not need to spend a penny on the EIP, as long as it is associated with instances in the same region ).
Option: If you want to assign a custom domain to an Amazon instance, you have to do one thing:
• Add A record to the domain's DNS record to match the domain with the elastic IP address you created earlier. Your domain provider should provide you with A way to set an IPv4 address for the record, or it will provide you with A way to edit the Domain Name Server. If the provider does not allow you to directly set A record, find a dns Management Service and register your domain as A zone on it ), this service will provide the name server you need to enter in the Management Panel of the domain provider. Then, you can add A record for the domain. Some possible DNS management services include ZoneEdit basic edition free of charge) and Amazon route 53.
So far, your API is open to the world. This is both a good thing and a bad thing-it is a good thing because you can share an API with others; it is a bad thing because if rate limit is not implemented ), several applications consume the resources of your server, and you do not know who is using your API or how to use it. The solution is to add some management functions for your API.
Enable API management with 3scale
We will make full use of the easy-to-use 3 scale API management service, instead of repetitive work, from the beginning to implement rate restrictions, access control and analysis. Sign up for a free 3scale account http://www.3scale.net/), activate and log on to the new instance through several provided links. When you log on for the first time, you can select this option: create some sample data so that you have some API keys that will be used later. Next, you may need to browse the system functions (optional) and then start to implement the work.
To get some results immediately, we should start with the sandbox proxy system used in the development process. Then, we will configure the Nginx proxy system, which can be scaled to adapt to the standard production deployment environment. For more information about the configuration of the API proxy system, see https://support.3scale.net/howtos/api-configuration/nginx-proxy. For more advanced configuration options, see https://support.3scale.net/howtos/api-configuration/nginx-proxy-advanced.
Once you enter the 3scale account, start your API on the main dashboard screen, or go to API-> Select Service 'API' Service API)-> Integration in the navigation bar) -> Proxy ).
Set the API backend address-this must be an elastic IP address, unless the custom domain has been set, including the http protocol and port 3000. Now, you can save and start the sandbox proxy system and access the sandbox endpoint to test the API. After creating some application logon information, you can: http: // sandbox-endpoint/v1/words/awesome. json? App_id = APP_ID & app_key = APP_KEY. APP_ID and APP_KEY are the IDs and keys of one of the sample applications created after you log on to the 3scale account for the first time. If you miss this step, you only need to create a developer account and the applications in the account ).
If you do not need to use the application to log on to the system, use the incorrect logon information. If the verification succeeds, try again within or outside of any rate limit you have defined. You need to download the configuration file for Nginx only when its performance is satisfactory.
Note: if an error occurs, check whether you can directly access the API: your-public-dns: 3000/v1/words/awesome. json. If the API is unavailable, check whether the AWS instance is running and whether the Thin server is running on the instance.
Deploy Nginx proxy system for access control
To simplify this step, we recommend that you install an excellent OpenResty Web application, which is basically bundled with the standard Nginx core and almost all the necessary third-party Nginx built-in modules.
Install dependencies: sudo apt-get install libreadline-dev libncurses5-dev perl
Compile and install Nginx:
• Cd ~
• Sudo wget http://agentzh.org/misc/nginx/ngx_openresty-1.2.3.8.tar.gz
• Sudo tar-zxvf ngx_openresty-1.2.3.8.tar.gz
• Ngx_openresty-1.2.3.8 cd/
•./Configure -- prefix =/opt/openresty -- with-luajit -- with-http_iconv_module-j2
• Make
• Sudo make install
Now, you can download the Nginx configuration file from the 3scale proxy page. In the configuration file, make the following changes:
• Edit the configuration file downloaded from nginx
• The last line on line 10 is the information for changing the server name.) enter your EIP or custom domain name in the correct domain)
• In row 78th, change the path to the. lua file downloaded with the configuration file.
We are almost done! The last step is to enable the NGINX proxy system to allow some traffic to pass through it. If it is not running yet, remember: You must first enable the Thin server), be sure to enter the terminal you used to connect to the EC2 instance through SSH), and then enable it now:
Sudo/opt/openresty/nginx/sbin/nginx-p/opt/openresty/nginx/-c/opt/openresty/nginx/conf/YOUR-CONFIG-FILE.conf
The last step is to verify that the traffic passes normally and the traffic passes the expected verification. To this end, access:
Http: // your-public-dns/v1/words/awesome. json? App_id = APP_ID & app_key = APP_KEY
APP_ID and APP_KEY are the keys and IDs of the application you want to access through API calls. Once it is confirmed that everything works properly, you need to prevent the public from accessing the API backend through port 3000, and port 3000 bypasses any access control mechanism.
If you have encountered some problems with Nginx configuration, or you need to introduce more detailed instructions, I encourage you to read this article on Nginx proxy system configuration: https://support.3scale.net/howtos/api-configuration/nginx-proxy. You can customize your API gateway. If you want to dig deeper into 3scale system configurations such as usage and API traffic monitoring, see the Quick Start Guide https://support.3scale.net/get-started/fast-track-integration) and practical guidance https://support.3scale.net/howtos/basics#manage-admins ).
English: http://www.3scale.net/2013/02/quickstart-tutorial-on-how-to-deploy-an-api-on-amazon-ec2-for-amazon-web-services-aws-rookies? Utm_source = Outbrain & utm_campaign = AWS-Q3