Easy Setup for a Node website with AWS EC2
After so many google searches on how to setup a node server in ec2, the sheer number of options available just about overloaded my internal CPU. Do I use apache or nginx? What load balancer should I use? Do I need to set up a proxy for my node server port? Should I attempt to override port 80? What happens when you need an SSL certificate? How do I proxy port 443 to 80 with a valid cert? These are only a few of the headaches I have dealt with in the past.
It’s hard to commit to one setup, when you aren’t sure it will even work for you. Thankfully, after hours of playing around, I discovered the true power of AWS and it’s Application Load Balancer. It’s basically a powerful, light, headache free set up for an application or web app. I’ll show you how to get everything set up and running in a matter of minutes, instead of hours!
The tech stack I will be using for this article is as follows:
- AWS EC2 with Ubuntu
- AWS Application Load Balancer (ALB)
- AWS Route 53
- Node.js Server
We will use an EC2 instance on AWS for hosting, set up an ALB, and use Route 53 to connect everything. Easy right? We will also be using PuTTY to SSH into our instance and PuTTYgen for our private key.
The Setup — EC2
First step is to set up an AWS account if you don’t already have one. Go to services and click on EC2. From there click Launch Instance. We will be using Ubuntu for this example. Select the option seen below:
Next, select the t2.micro instance (free tier eligible). We don’t need to go into anything extra for this tutorial, so select Review and Launch. Review the setup and select Launch again.
On the next screen, you will want to create a new key pair. This is for security, and is highly recommended. Simply type in a name, and hit Download Key Pair.
Note: Move the key to a secure location. It will be needed to access your instance. Obviously, don’t share this with anyone unless they need access.
Now select Launch Instances!
The Setup — PuTTY
Not too difficult, right? Select View Instances to see an overview of all of your instances. For this next step we will access the instance via SSH. A popular method (for windows) is PuTTY. If you are using mac or linux, AWS will recommend another option when you select your instance and press Connect.
So, press Connect.
You will see a screen that looks like this:
Ignore this for now. We need to install PuTTY and PuTTYgen.
PuTTY is an SSH client,a dn PuTTYgen is a PuTTY key generator that converts your private key into a format that works for PuTTY.
Now open PuTTY. Once you get past the 90’s design and interface, you will see a lot of options under Category. We will only be using two of these categories, Session and Connection > SSH > Auth. Let’s focus on Session.
Under Session, you will type in the name of your root user and the Public DNS AWS gave you in the above image. For our example, the root user, unless changed, will always be ‘ubuntu’. See below:
ubuntu@[insert public DNS here]
Leave the port as port 22. Below where it says connection type, select SSH.
Now go to Connection, then SSH, then Auth. Here is where we put the private key. Before we do that, let’s use PuTTYgen to make sure ours is compatible.
Open PuTTYgen. Here, hit Load next to load an existing private key. Go to where you stored the private key you downloaded earlier. It’s important to change the file type to All Files (*.*), otherwise the key won’t show. Once you select they key, hit Save Private Key. Continue without a password despite the warning, it is not needed for us. Save the file. It is now a .ppk files instead of a .pem. PuTTY reads .ppk files.
Close PuTTYgen and go back to the Auth category in PuTTY. Where it says “Private key file for authentication”, click browse and select the new file you generated. Now, before we open the session, go back to the Session category. Under Saved Sessions, type the name of this setup and hit save. From now on, you can just open PuTTY and select this session to open it. (If you get a PuTTY warning, just select yes and continue.)
Adding our Node Server
So, assuming you have a node server available, we will now SSH into our instance and get our node server running there. The only important thing is to make sure you know what port you set your server to listen. In this article, I will use port 3000. Note, this is my usual setup, so feel free to skip this part if you know what you are doing.
- clone your repo
- install dependencies (npm install)
- install pm2 (see below)
- run the app!
Here’s a quick tutorial on pm2 for those who don’t know.
pm2 is an npm install that allows you to continue running the server even after the close the SSH session. See the quick start docs below for help.
Essentially, just run these commands:
npm install -g pm2
pm2 start server.js (←- your server file)
Easy! Done! pm2 is an awesome tool that will handle restarts for you as well.
If you want to check the status, simply run:
If you want to terminate the servers, run:
The Application Load Balancer is the glue that puts everything together. It will handle our SSL certificate, connect traffic to our server, AND point to the port we are running our app on! All in a few quick steps.
There are two ways to access Load Balancers.
Once in the Load Balancer dashboard, click Create Load Balancers.
Then, click Create under Application Load Balancer.
In the fist page of the setup, all you really need to do is name the ALB, select availability zones, and add another listener to port 443.
On the next screen, you have the option to select your SSL certificate. I recommend requesting one from ACM (Amazon Certificate Manager). It’s free and easy as long as you own the domain. Even easier if you switched the nameservers of the domain to Route 53. If you guys would like a walkthrough of that, request one below in the comments.
For configuring the security groups, we can select default and click next.
Next we have to set up the target groups. This is where we configure the Load Balancer to route requests to different targets using the protocol selected here. In this case, we want HTTP, so select that protocol and make sure it is set to port 80. Name your target group, and press next to register the targets.
Here, all you have to do is select the instance you would like to target, and write down the port you are running your node server on. For example:
After writing the port, select the instance and click add to registered.
After it’s been created, there is still one more step. go to your Load Balancer dashboard, and select your new LB. We need to now route all traffic to port 443. Click on the Listeners tab. We need to edit the rules for HTTP.
Now we will edit the conditional logic to redirect to port 443. Click edit up top, then click the edit icon net to the port. Change the THEN logic to redirect. You will click HTTPS and then add port 443. Click update and it should look like this.
Done! Now we just need a static IP and we will connect the domain to the ALB!
For allocating an Elastic IP address, do the following, go to Elastic IPs under the EC2 dashboard.:
- Create new Elastic IP (Allocate)
- Select new IP
- Click actions
- Then choose an instance
- Press associate!
This is important, as it will give it a permanent IP address that does not change.
Under route 53 go to or create a new hosted zone. It’s quite easy to create, and I recommend migrating your nameservers here from your domain registrar. If you would like a quick tutorial on that, let me know in the comment section.
The key here is to set your main A record to your ALB.
You want test.com to point to the load balancer we created in the last step.
Your new record should look like this:
It’s very important to make sure you check Alias. After that:
- Select Alias to Application and Classic Load Balancer
- Select region the ALB you created is located in
- Select the ALB.
After you create the records, give it a moment to update.
Congrats! In just a few easy (relative) steps, we have a node app up and running! Test as much as you can, and if you have issues, check your Route 53 hosted zone setup. Also make sure the port you are using matches the previous steps in the ALB setup.
Quick summary of the steps:
- Set up EC2
- Set up SSH
- Import and run code on EC2
- Set up ALB
- set up SSL Cert with ACM
- Set up Target Group
- Set up Elastic IP
- Create A record pointing to the ALB as an Alias in your Route 53 Hosted Zone.