AWS questions

Post by **Cakedaddy** » Sun Feb 18, 2024 6:28 pm

The app I'm working on can be put on AWS. I'm currently working with it via Docker Desktop. Which is a containerizing thing. Creates a virtual machine on my PC and that machine is running Apache, and other pieces. It also might be running MYSQL or MariaDB, but I've just been using my own old MYSQL setup my email uses since it was all setup and I knew how to manage it.

So the questions are:

How much is AWS? How does is charge?

I'm assuming since the application platform I'm using talks about how to host your stuff on AWS that AWS has the ability to run the DB, the web server, etc. So I have no in house hardware in the mix. I'd like to put this all on AWS because I don't know how secure Docker is, along with everything else. I don't know enough about network security to start opening up ports like 80, etc. I also don't know how secure Docker is from a hacking standpoint. Pretty much everything I'm using is open source (except the actual programming platform).

I was going to start playing with hosting this on AWS, but I wanted to know their pricing structure and if it can cover all the pieces.

Post by **TheCatt** » Sun Feb 18, 2024 6:38 pm

Cakedaddy wrote: ↑Sun Feb 18, 2024 6:28 pm How much is AWS? How does is charge?

Man... that's so complicated a question. AWS isn't super user friendly to simple use cases. Billing or user-wise.

I've heard Google Cloud is easier for things like this: https://cloud.google.com/run

ECS might be the best of the 30+ ways to run containers on AWS: https://aws.amazon.com/getting-started/ ... ontainers/

Lightsail is another cheap/easy AWS service to consider: https://docs.aws.amazon.com/en_us/light ... vices.html

AWS' guide to options: https://aws.amazon.com/getting-started/ ... to-choose/

(Containers are not my daily world, so I don't know a ton)

Post by **Cakedaddy** » Sun Feb 18, 2024 6:57 pm

Prerequisites

Amazon Web Services (AWS) account. If you don't have one, Create an AWS Account.
An Amazon EC2 key pair. If you don't have one, Generate an SSH Key pair.
An Amazon Security group with ports 80, 443, and 22 accessible. If you don't have one, Create a Security Group.
To enable port access, add an inbound rule for the port ranges 80, 443, and 22 to the security group you created above.
Ensure you have created the security group and the SSH key pair in the same region.

This leads me to believe it's using ECS and also hosts the webserver. Only question now is, where is the DB. I have to believe AWS would host that too given this whole thing is about creating web based apps.

It also has a google cloud option which requires an external DB (which also leads me to believe AWS covers this since it doesn't list DB stuff as a prerequisite). Cool thing about this is GC offers $300 in credit, and 90 days to spend it. The MongoDB service also offers a free use scenario. So I'll be able to play with this stuff to find a usage baseline so I can better estimate my costs. I'm finding you pay per transaction, but it's like $0.10 per million, with each transaction being 256kb, etc, etc. My app with 6 people using it, I'm guessing, is going to cost pennies per month to host. Basically, I'll be paying the minimums each month.

Post by **TheCatt** » Sun Feb 18, 2024 7:05 pm

Cakedaddy wrote: ↑Sun Feb 18, 2024 6:57 pm This leads me to believe it's using ECS and also hosts the webserver. Only question now is, where is the DB. I have to believe AWS would host that too given this whole thing is about creating web based apps.

You can host via RDS (managed DB), or an EC2 instance (unmanaged, you do it). You might be able to host your DB on the container.

Cakedaddy wrote: ↑Sun Feb 18, 2024 6:57 pm The MongoDB service also offers a free use scenario.

If you can use a document style database, DynamoDB on AWS is typically very cheap or free.

Post by **thibodeaux** » Mon Feb 19, 2024 3:07 pm

You say you want to run containers on AWS? Good news!

https://www.lastweekinaws.com/blog/17-f ... ontainers/

Post by **Cakedaddy** » Tue Feb 20, 2024 3:52 pm

Ok. So at least 51 ways to do containers. I'll have to look at each one to figure out which is best. . .

Post by **TheCatt** » Tue Feb 20, 2024 4:40 pm

Cakedaddy wrote: ↑Tue Feb 20, 2024 3:52 pm Ok. So at least 51 ways to do containers. I'll have to look at each one to figure out which is best. . .

Thib's post is basically a joke, but yeah... there's so many ways to do it.

You need to look for one where you don't care about autoscaling/etc. Which is why I think lightsail is a good fit.

Post by **thibodeaux** » Tue Feb 20, 2024 8:43 pm

That was actually the cringe version but I meant to get the "real" one:
https://www.lastweekinaws.com/blog/the- ... rs-on-aws/

Which actually has some recommendations. TLDR:

If you’re running OpenShift already? Use ROSA. If you’re forced to use Kubernetes? EKS. You have a simple container you want to just have AWS manage for you? App Runner. You have a complex application and don’t want to drown in complexity? ECS. I’ll revise these judgements as time goes on.

It sounded like you just have a single container, so...App Runner? You could look at the pricing page for that:
https://aws.amazon.com/apprunner/pricing/

Or (see below...seems to contradict himself) Lightsail Containers:
https://community.aws/posts/lightsail-v ... calculator

More details:

2. App Runner
App Runner was announced last week, and is what sparked this whole thing. I’ve tested it myself, and it seems to work best for single-container workloads, or code repositories in JavaScript or Python that you want to shove into a container, then run automatically. I’d wait for other people to define the space before exploring it yourself, but keep aware of it for a while.

3. Lightsail containers
“Isn’t that like Lightsail Containers?” asked someone? Yes! It’s remarkably similar, and a bit more expensive than Lightsail’s container option to boot. Lightsail Containers are probably my goto answer for applications that fit in a single container.

6. EKS
When EKS, AWS’s managed Kubernetes service launched, it wasn’t great. That story has changed significantly; it’s faster to spin up than it was at launch, the permissions are marginally better than they used to be (at least, it no longer requires full admin permissions to spin up a cluster), and it can leverage underlying EC2 nodes or Fargate, both of which support Spot for cost purposes. It’s not horrible; if you force me to run Kubernetes, this is likely how I’d go about doing it barring outside constraints.

7. ECS
Amazon’s Elastic Container Service is a Kubernetes alternative, and is what I’d go for if I didn’t need to run Kubernetes itself. It takes a simplified view of how to orchestrate and run containers, and is pretty straightforward with respect to its adoption story. I purchased KubernetesTheEasyWay.com and pointed it to the ECS homepage for this reason–and also because nobody made a bid for me to point it to their offering instead. Yet.

13. Fargate [Thib's note: this isn't a "service" so much as a "pool of compute for one of the other services: ECS of EKS"]
Fargate is a serverless compute engine that takes the place of “nodes you manage yourself” when used with either ECS or EKS. AWS handles the scaling, placement, and underlying infrastructure issues. Given their support for Spot instances and the fact that Savings Plans now cover their usage, I’m a big fan of the platform. It may be one of the better innovations to come out of AWS’s container group.

Post by **Cakedaddy** » Tue Feb 20, 2024 9:06 pm

I knew his post was a joke, and I also would never take the time to investigate all 51. It was an attempt at some sarcasm at some assumed sarcasm.

It'll be a minute before I'm ready to actually host it anywhere. Every time I think I have something alpha'ish, I show it to someone, and they immediately break it. I need more error checking, and to make things more intuitive. Oh, and make it so they can't do stupid stuff. I wasn't checking for 'that' because you shouldn't have done 'that'.

Post by **Cakedaddy** » Sat Mar 23, 2024 6:34 pm

Took the plunge into AWS. Fuck AWS. It's hard.

I went with AWS EC2 stuff because that's what I was able to find support/documentation on. So it might not be the best choice, but not knowing anything about anything, I took the path that at least had some instructions. I'm, guessing I'll be at about $30/month just hosting the app. I haven't gotten into document/picture storage using an "S3 bucket" (or something like that).

At this point, I have an appsmith instance running and can log into it. I was supposed to "Log in and create a user to delete the default user account that gets created". So I had to learn Ubuntu commands to create a user, give it admin privileges, delete the default users account. I'm part way through that. I spent a few hours figuring out how to log into my server using SSH. Even though there was documentation showing how to setup it up on AWS, the docs were severely lacking some details. As far as the user stuff, according to Google, adding the user to the sudo group. However, the default user I'm logged in as (that I'm supposed to delete), is NOT a member of sudo. Or admin. Or root. So I'm still not sure my new user has admin privileges. I haven't deleted the original account yet. But, at least it was created with a randomly generated password.

I'm not sure where the DB is going yet. I found a platform called Supabase that will host the DB, and it seems pretty cheap. I actually moved my DB there using there free product. I'm going to see how that goes.

Even though I have it more or less up and running, I have NO idea what's going on in AWS.

Post by **thibodeaux** » Sat Mar 23, 2024 7:07 pm

Cakedaddy wrote: ↑Sat Mar 23, 2024 6:34 pm At this point, I have an appsmith instance running and can log into it. I was supposed to "Log in and create a user to delete the default user account that gets created". So I had to learn Ubuntu commands to create a user, give it admin privileges, delete the default users account. I'm part way through that. I spent a few hours figuring out how to log into my server using SSH. Even though there was documentation showing how to setup it up on AWS, the docs were severely lacking some details. As far as the user stuff, according to Google, adding the user to the sudo group. However, the default user I'm logged in as (that I'm supposed to delete), is NOT a member of sudo. Or admin. Or root. So I'm still not sure my new user has admin privileges. I haven't deleted the original account yet. But, at least it was created with a randomly generated password.

I don't disagree that using AWS can be hard to figure out sometimes, but...none of that is AWS.

Post by **Cakedaddy** » Sat Mar 23, 2024 8:40 pm

That's also part of the problem. Not sure where the line is, so it makes it difficult to find help/answers.

Post by **Cakedaddy** » Sun Mar 24, 2024 1:57 am

I have my app, sort of, up and running on AWS using supabase to host the DB. Converting from MYSQL to Postresql was a major pain in the ass. They were 'just' different enough that I had to do a TON of debugging. So far, building this app has been pretty fun. Adding features, making it do more and more. Fun stuff! But this entire day of fixing broken code. . . ssssuuuuperrrrr boooorrrrriiinnnnng. I don't know how you guys do it.

But, now that it's done, and the app is working NOT on my hardware, I can close all the holes on my network.

I said sort of up and running because I've only done the tech app so far (which is the high priority part), not the admin app. The admin app, so far, is just the bare minimum "create a ticket". It will probably get a bunch of rewriting done to it during this conversion. It was what I started the project with, so it has the most stuff done 'hacky' because I was learning. Major headache: I had a ton of gaps in my index field because I would delete records during testing, etc. Postresql started all of my auto incrementing fields at 1. So eventually, everything started getting duplicates. I had to learn how to reset the 'sequencer' for each index to a high enough number that there would be no duplicates. Tedious, but easy.

I haven't deleted the default appsmith user as they suggested. I still don't know how to do that, or really, technically, if I have to. I mean, who's gonna try to hack me?

Which does lead to a good point. . . I need to learn how to back all this shit up.

Post by **thibodeaux** » Sun Mar 24, 2024 6:01 pm

Cakedaddy wrote: ↑Sat Mar 23, 2024 8:40 pm That's also part of the problem. Not sure where the line is, so it makes it difficult to find help/answers.

EC2 is just a virtual machine. There's some networking things you can configure ("security groups" which is just a way to open ports between your EC2 machine and the world). But other than that, with EC2 it's almost 100% "not AWS." Actually with any other their "compute" services including the container ones we talked about, I'd say your problems would be mostly "not AWS."

I should qualify that some :p Out of the box, AWS gives you some default networking for EC2 (which they call "virtual private cloud" or VPC); if you wanted to muck around with networking you could find some nice rabbit holes.

They also have some services to help you load-balance and horizontally scale your EC2 machines, but you're not doing that. If you had some kind of SLA agreement on running this thing you're making, you might consider learning about that.

Finally, if the code on your EC2 machine wants to call *other* AWS services, you're gonna need to mess around with IAM roles. This looks like a great big blackhole of a rabbit hole :p but it's really not so bad. And again it doesn't sound like you're doing that.

Post by **thibodeaux** » Sun Mar 24, 2024 6:03 pm

Cakedaddy wrote: ↑Sun Mar 24, 2024 1:57 am Which does lead to a good point. . . I need to learn how to back all this shit up.

IF everything you want to back up is on the EC2 machine's disk, and IF that disk is one of their "Elastic Block Store" or EBS volumes, then you can pretty easily do backups of that disk.

https://repost.aws/knowledge-center/ebs-back-up-volumes