Nginx Reverse Proxy on AWS EC2 Amazon Linux 2

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
in this video we're going to look at how to install nginx as a reverse proxy on an ec2 instance running amazon linux 2. they talking like they don't know a king when they see one see him in person he take it back like a refund so usually we have a web app running on the virtual machine and we can make http requests to a port like 8080 or 3000 or something um but we don't want our web app that's written in like javascript or python or something to have privileged access to the system which is what you need to be able to accept connections on port 80. so we can set up a reverse proxy that has privileged access it can accept http requests and then just forward those requests onto our web app and there's a lot of benefits to doing this we put the reverse proxy at the very front of our app so nothing can access the actual web app the application code directly always has to go through the reverse proxy and that means the reverse proxy can handle anything to do with http it can handle caching we can set it up to handle ddos attacks and other things and we can even set up the reverse proxy to be a load balancer so instead of just forwarding network traffic to a single application instance we can have it forward it to really any number of application instances so there's lots of benefits to using a reverse proxy and it's a very easy thing to set up and a very standard thing to do for any web app and i'll include a few links in the description on more information about reverse proxies but this video i'm really just going to focus on how to set it up on an ec2 instance to start i'm going to go to my ec2 dashboard in my aws console and i'm just going to launch a new instance i'm going to select amazon linux 2 and i'm going to select t2 micro because it's the free tier and then we'll configure the instance details we can leave all of these things as the default settings unless you feel like changing them i'm going to add storage the default storage is fine i don't care about tags security group always important so by default the security group is going to allow me to connect the instance using ssh on port 22. and we need to open up port 80 for our reverse proxy because that's going to accept http requests on port 80. but for this i'm actually going to set up a rule that just allows any connection on any tcp port so that i can test that the app that's also running on the server with the reverse proxy works before i connect up the reverse proxy so i will change this later but for now i'm going to leave this completely open completely unsecure uh and from anywhere we're gonna allow connections from anywhere oh i should give this a name uh nginx i don't know good enough i'm getting lazy with my naming and description that is fine though uh okay so let's launch this instance i'm going to use my existing keypair if you don't have a key pair create a keypair and then we'll launch the instance so let's go view the new instance i'm just going to give this a name this is for the nginx reverse proxy and i'm just going to wait for this to be running so that i can connect to it so this is now running so i'm going to click the connect button go over to the ssh client tab and just copy and paste this line of code so that i can connect to the instance i just have to change the location of the key to my dot ssh directory and there we go i am now connected to the amazon linux 2 ec2 instance and before i set up nginx i'm going to have this act as a reverse proxy uh for a node application that i'm going to have running on this instance and i'm going to use a node application because it's easy for me but this could be any sort of web application accepting http requests on a port like 8080 or 3000 or whatever port you want so i'm going to quickly set that up off camera and i did this in a separate video if you want to watch me set up the node app i'll leave a link in the description but i'll set this up and then we'll install nginx and make sure everything works say they real but they clones of me have my cousin in the pen with more phones than me i got daily correspondence we tapping okay so i have the node app set up on the ec2 instance and it's running on port 8080 so if i go back to the instance uh let's see that i set up here there's the ip address i'm gonna be able to access this web app overport 8080 just so i would with any standard kind of node or python or ruby app or whatever so i have this application running i can access it on port 8080 now i just need to install that reverse proxy so that the reverse proxy accepts the http request from the public internet and then forwards them onto the node application in this case and then we can modify the security group on the ec2 instance so it only allows http request on port 80 and that just makes our ec2 instance more secure as well so we can install nginx on an amazon linux 2 ec2 instance through the amazon linux extras package manager so i'm just going to hit enter on that line and i'll put all code examples in the description and this will just install nginx it should only take a moment and then once that's done i want to enable nginx and start nginx using a system ctl so this just means the nginx should now be running and if my ec2 instance ever restarts it will make sure that nginx is running by the time everything's booted up so i'll just check that this is all working with status yep there we go nginx is running and by default if i now go to my ip address and i leave off the port 8080 so this is just making a request to port at standard http request this should go to the welcome to nginx default page and what we want to do now is configure nginx so that anytime we visit this ip address it forwards that request over to our application instance running on port 8080 so back in the ec2 instance i want to modify the file at c slash nginx slash nginx.conf and i'm just going to use vim to do this and we need root access to modify this file so if i hit enter here there's a lot of things going on in this file uh by default and for the most part we can get rid of a lot of this so i'm gonna leave all of these top pieces here the comments and the stuff that's uh handling logs and things so we're going to come down to this server section here and i just want to remove everything under server name in this block here so this is the code that accepts http requests on port 80 and then serves up that html file that we saw so instead of doing that i want to remove all of these lines of code here under server name just go down i don't have an error page location there we go and i'm going to define a new location so location slash this is any request to port 8080 i want to proxy pass that to localhost port 8080 so just forward those requests 8080 there we go forward those requests to localhost port 8080 which is where my node app is running and that's it i can just save this file now escape i need to restart nginx so i'll just do sudo systemctl restart nginx that didn't work because i messed up something right i need to put http it's an http request localized okay let's try that again wq let's restart engine next there we go all right so that did actually restart successfully this time so now if i go back into my web browser and i just hit enter again refresh that page and i don't have to specify port 8080 because i'm actually making a request to the reverse proxy and the reverse proxy is forwarding it on to the web application here so that's working perfectly if i look back at the comp file it is doing some logging in here you can configure other things so you could configure the maximum file upload and download size you can configure caching uh you can figure a whole bunch of things within this reverse proxy and it's really cool because you can have this manage anything to do with http while having your web app just deal with the logic of your web app and not have to worry about all those http things uh one thing that you will definitely want to do at some point is actually set up a tls certificate and enable https over port 443 on your web server and they have example code in the default configuration file right here for doing that not going to go over that in this video but it is a pretty simple process to get that working with https instead of just http so the final thing i want to do here is right now i'm accessing the site uh through the reverse proxy which is great but i have the security group the firewall set up in such a way that i can still access it on any point so i can still access this thing on port 8080 and i don't want that i only want to be able to access this server through port 80 through the reverse proxy i shouldn't be able to access the app directly so if we go back to the ec2 instance in the dashboard and i go over to security and select the security group i can scroll down and here are the inbound rules i'm allowing any connections on any tcp port so i'm just going to edit these inbound rules and i'm going to allow only let's see http requests uh on yeah http request uh from any ipv4 or ipv6 address and i'm also going to open up ssh so i can still connect to this using ssh from any ipv4 or ipv6 address there we go so i'll save those rules now that updates the firewall so i can only connect on port 22 or port 80. so if i go back to that web page hit enter i should not be able to connect on port 8080 it's just going to time out at some point because that connection won't work but i can still connect on port 80 which is the reverse proxy so i'm only allowing access through that reverse proxy and that's it for this video you should now be able to set up a reverse proxy on an ec2 instance running amazon linux 2. make sure you check the description because i'll leave links to other videos where you can set up things like a node app or a mysql database on an ec2 instance they talking like they don't know a king when they see one see him in person he take it back like a refund
Info
Channel: Sam Meech-Ward
Views: 1,750
Rating: undefined out of 5
Keywords: nginx reverse proxy, cloud computing, ec2 reverse proxy, nginx ec2 install, nginx express js
Id: _EBARqreeao
Channel Id: undefined
Length: 10min 26sec (626 seconds)
Published: Sat Sep 18 2021
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.