2

I would like to know, how can we completely migrate from NGiNX to AWS ELB including SSL(AWS certificate) ?

I have following NGiNX configuration for one of my domain(for example, example.com)

server { listen 80; server_name *.example.com; root /home/ubuntu/angularApp; index index.html index.htm; location / { try_files $uri $uri/ /index.html; } } server { listen 80; server_name example.com; root /home/ubuntu/website; index index.html index.htm; location / { try_files $uri $uri/ /index.html; } location ~ ^/api/(v1|v2)/ { proxy_pass http://backend_service$request_uri; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Host $server_name; proxy_set_header X-Google-Real-IP $remote_addr; } }

I have mainly 2-query,

Query#1 :- How to configure a setting(in ELB) for Angular-App pages if requested URL contains/belongs subdomain otherwise refer other directory's index.html file instead of Angular-App.

Query#2 :- How to configure a setting(in ELB) to point API which is running on someother port on the same server(EC2) if incoming request's URI contain /api/v1/ or /api/v2/

NOTE - I have already approved AWS SSL Certificate which we can configure in ELB. so regarding SSL Certificate there won't be any issue. Currently I am using other than AWS's SSL certificate which is configured into NGiNX but have planned to use AWS ACM since all other things belongs to within AWS.

Any help would be really appreciable !!

Improve this question

1 Answer 1

Reset to default
2

You need to do the following:

  1. Make sure the LB will have access to the machine. Here you need to keep present public vs private subnet, Security Groups, etc.
  2. Go to the create loadbalancer interface. Choose the type of load balancer you want. For web applications the current recommended way is ALB (the first of the three options).enter image description here. You can also use Clasic LB.
  3. Then configure the basis of the LB, name, listeners on 80 and 443, VPC and the right subnet.enter image description here
  4. Next you get to Choose existing certs or put your certificate if new. enter image description here Here is valid to mention if you have multiple domains, you need a certificate that is valid for all of the domains you are going to use. For this you can get wildcard certificates, etc.
  5. The next is to select the security groups(SG from now on). you need to make sure you chose SGs that allow connections on http and https.enter image description here
  6. Then make sure to point to the right target group. enter image description here. Here Keep present that one of the advantages of ALBs is that you can have different target groups for different subdomains, etc. This is a very important advantage from the other type of classic LBs. In your case if you do not have multiple subdomains, then you just pass it all to the same machine on a TCP port, could just be 80, where nginx or other server will listen and decide what to do with the diferent requests. Say /api/v1/ or /api/v2/ can go to different backends. Here when you configure you could choose IP of the target backend IF you prefer that instead of choosing instances (Which is the default).
  7. Then you choose the target instances or IPs on the next step. If for instance you choose instances you should be able to see the desired instance or instances.
  8. By now you should be done. Go to the review step, check that all is good and create you LB.
  9. The next is to check that after sometime (a minute or so) the backend(s) should appear as healthy.

I hope this answers your questions to certain extent. The oficial docs are here for more information or feel free to ask further.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.