CODEWITHSUNDEEP
rubypostgresqlamazon-web-servicesamazon-ec2amazon-rds
ma11hew28
ma11hew28

Reputation: 126547

AWS Elastic Beanstalk in a VPC with Amazon RDS

I want to run a simple Ruby Rack app (a REST API) that takes Internet requests (from iPhone clients), talks to a PostgreSQL database, and responds with JSON.

How exactly should I set this up on Amazon Web Services (AWS)?

  1. I want the app to be able to scale to serve a growing number of clients, so I think I should use Auto Scaling with Elastic Load Balancing.

  2. Should I use Elastic Beanstalk or manually set everything up myself?

    How does the question Manual deployment vs. Amazon Elastic Beanstalk apply when setting up a Ruby Rack server with PostgreSQL?

  3. Default vs Custom VPC

    Should I just use the default VPC and use security groups to prevent direct Internet access to the EC2 & DB instances? Or, should I create a custom VPC and use private subnets, as described in Example: Launching an Elastic Beanstalk in a VPC with Amazon RDS?

Upvotes: 1

Views: 610

Answers (1)

Dave Maple
Dave Maple

Reputation: 8432

Using the concept of public and private subnets adds a fantastic layer of security to your AWS application. By placing your database and application server instances in private subnets you can by design protect them from external penetration and accidental exposure.

I would recommend that you start by provisioning a VPC in 2 AZs with 1 public and 1 private subnet in each Availability Zone (4 subnets in all).

Place a NAT instance in each public subnet and update the main route table for your private subnets to send all non-vpc traffic to the NAT. This will allow instances launched into your private subnets to communicate with the WAN Internet even though they are not publicly addressable themselves.

I would recommend that you use a Multi-AZ RDS deployment for your Postgres deployment with the RDS instances in your private subnets within each AZ. This will maximize security (Postgres is not publicly accessible) and will provide you with fault tolerance (an AZ failure will not take down your app).

I would setup your Ruby app on Elastic Beanstalk. This will provide you with fault tolerance and auto-scaling. Your Elastic Beanstalk load balancers will reside in the public subnet of each AZ and your Elastic Beanstalk EC2 instances will reside in the private subnets.

Upvotes: 4

Related Questions