Saturday, April 25, 2015

DNS entry confusion for AWS ELB backed by Cloudfront with SNI


   I was not able to find any interactive and useful article on Internet for DNS entry modification when we use Cloudfront and AWS Elastic load balancer therefore i decided to write little bit about it for new amazonian administrators.

    Hear is the scenario, I have deployed a web-server with an elastic IP address (Public IP) and i have created A Record in GoDaddy for Webserver IP address (A Record: www.example.com = 200.168.20.58). Everything works well and users can access my website through HTTP port 80.


Now 2 new business requirement has been raised:
   1) Website Communication should be through HTTPS only
   2) Because of high web traffic autoscaling and load balancing need to be implemented
   3) Content delivery should be faster irrespective of user's location/

In order to fulfill above requirement i have created an autoscaling group for webserver with Load balancer .  To implement HTTPS in web traffic i have purchased SSL certificate from GoDaddy with *.example.com and installed certificate in Load balancer.

   In order to to provide fast content delivery I have implemented Cloudfront CDN for my web application. and i have configured ELB's DNS as CDN origin.



   Everything seems to be A OK...So whats the issue??
Well  AWS ELB and cloudfront does not provide Public IP address because it has multiple instance running in back end (no IP means no A RECORD). we will get domain name for ELB and cloudfront(ELB domain name: example-xxxxx.amazon.com, Cloudfront domain name: xxxxxxxxx.cloudfront.net)

     The issue is we can not create A RECORD in DNS service with domain name we need IP address. so now the solution is we have to create CNAME of cloudfront in Godaddy.

  eg.:CNAME in Godaddy: www.example.com = xxxxxxx.cloudfront.net

    Now all the Internet users will be directed to CDN edge for faster web content access instead of slow and far webserver.
In order to fulfill 1st requirement (HTTPS communication only) we have to configure default web behavior to redirect HTTP to HTTPS


   
    Now Every thing seems to be fine....Really!!! NO. Still when i open site (www.example.com) it shows SSL certificate validation error
   It shows this error because i purchased this certificate for *.example.com domain but when i installed this certificate in AWS ELB. ELB gave me its random domain name (example-xxxxx.amazon.com) therefore certificate is showing above mentioned error.

  To resolve this issue we have to create one more CNAME for loadbalancer (CNAME: elb.example.com = example-xxxxx.amazon.com) and then add elb.example.com as origin in Cloudfront settings.

   Now the DNS entry with architecture looks like follows.


Now the flow of user request for www.example.com as follows for first time request
   1) user request for http://www.example.com DNS resolution to DNS server
   2) DNS server response to user http://xxxxxx.cloudfront.net
   3) user request to http://xxxxxx.cloudfront.net for website request.
   4) cloudfront response to user (SNI) for http ot https redirection.
   5) user request as https://www.example.com to cloudfront.
   6) cloudfront will forward HTTPS request to ELB
   7) ELB will convert request from 443 to 80 and forward to Webserver
   8) webserver page response to cloudfront
   9) cloudfront cache will deliver webpage to user.

       Any next requests for the same page will be delivered directly from cloudfront.

Mission completed!!!!!!

Wednesday, April 1, 2015

HPC (Grid Computing) deployment process on AWS cloud

           Few months back i published a post where i mentioned why hpc on cloud. available here since then i  am doing  researching on HPC on cloud. 
       So i am writing this post  and I have found that there are many ways we can deploy HPC on cloud, each deployment can be different and the complexity is based on the platform we choose and the HPC requirement.  

      In my earlier post i have mentioned about IBM softlayer and other cloud service provider but I am focusing on AWS because of the detailed documentation is available for the same.In order to Kickstart with HPC the easiest way is to us automated deployment which everyone loves it.
      MIT has developed easy and powerful script to deploy hpc cluster (grid computing) on aws cloud. StarCluster  is the Simplest way to deploy HPC cluster(grid computing) on AWS Cloud.  You can watch the video for more technical detail.