# Deploy a secure and highly available Node.js application to EC2.
###### tags: `AWS`, `AutoScaling Group`, `ELB`, `Deployment`, `SSL`
> How to securely deploy a Node js application with Auto Scaling functionality and SSL.
<!-- > Type on the left :arrow_left: and see the rendered result on the right. :arrow_right: -->
## :Computer: Let's get started
### Step 0: Create a Node.js application
#### Create a new github repo
#### Clone the repo to local
#### npm init and install express
#### Add app.js file to your Node.js root directory with your favorite text editor
#### Push local changes to GitHub
#### (Optional) Make sure it runs locally
:::info
:bulb: You can also clone this repo ➜ [Repo Link](https://github.com/tim61114/node-js-example)
:::
### Step 0.5: Get Domain name and register on Route53
#### We'll first create a hosted zone for our domain name. I got my domain from name.com but I chose not to use their hosted service.
#### Get the nameserver from Route53
#### Pass it to the name server from name.com
:::info
:smile: Don't forget to save changes!
:::
### Step 1: Create SSL Certificate
We will then create an SSL certificate for our webpage. We create that using Amazon Certificate Manager with a registered domain name.
#### Request a public certificate
#### Pass your domain name, validate with either DNS or Email
#### Wait till the request gets verified.
#### Verified!
:::info
:bulb: Be sure you create records in Route53. If not, click on the "create records in Route53"
:::
### Step 2: Create Security Group, Launch Template for our EC2
#### We'll create a security group for our Autoscaling Application before we create our EC2 VMs
The SSH is for accessing the VM, if you don't want that, just remove it.
The Custom TCP is for accessing the Node application.
#### Create Launch Template for our AutoScaling Group
#### We'll be using the Amazon AMI for our EC2 Operating System
#### Choose the Instance of your choice. I'm poor. Please don't judge
**Create a Key Pair is required if you want to Access your VM safely.**
**Choose the Security Group we previously created. Mine is called *Auto-Scaling-Nodejs-sg***
#### Setup user data in Advanced Section
**This allows us to put our code into the EC2 VMs when it starts.**
Here's the code. Be sure you modify the git clone and cd command correctly.
```bash
#!/bin/bash -ex
exec > >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.38.0/install.sh | bash
. /.nvm/nvm.sh
nvm install node
export NVM_DIR="/.nvm"
[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"
[ -s "$NVM_DIR/bash_completion" ] && \. "$NVM_DIR/bash_completion"
sudo yum upgrade -y
sudo yum install git -y
cd /home/ec2-user
git clone https://YOUR_REPO_HERE
cd YOUR_REPO_DIR_HERE
sudo chmod -R 755 .
npm install
node app.js > app.out.log 2> app.err.log < /dev/null &
```
### Step 3: Create Auto Scaling Group and Application Load Balancer
#### Choose the Launch Template we created in Step 2
#### Choose Launch Options
**I created mine in the default VPC, with support in three Availability Zones**
#### Create a new Load Balancer (ALB in this case)
**We also create a target group at the same time at the bottom**
#### Configure the size of your ASG. Mine is default 2, maximum 3
**The scaling policy checks the utilization of the CPU. You can use other metrics.**
#### The rest are optional.
#### My EC2 VMs are now running. (Almost)
#### Accessing my EC2 VMs via port 3000 to check if it's working
#### Check my ALB. We'll check if this works as well
#### Go to port 3000 of my ALB DNS. It works!
### Step 4: Enable SSL certificate on my ALB
**This is the ALB I created in Step 3**
#### Click on Add listener under 'Listeners and rules'.
#### Select Forward traffic to HTTPS 443 and forward to target group.
**We created the target group when creating the ALB**
**Choose the SSL certificate we created in Step 1**
#### Now let's see if we can visit the Applciation using HTTPS.
**YES!**
(Although my browser is crying about this https certificate is not safe.)
### Step 5: Add ALB URL to DNS
#### Head back to Route 53
#### We'll create a new record. Click Create record
#### Create record using Alias. I specified a subdomain for my website but it's not required.
Pick Alias to Load Balancers, choose your region (Mine is US East 1), and Load Balancer.
#### DONE
Look at that, isn't that beautiful?
## Let's review what we did.
1. We created a Node.js Application
2. Setup a Domain name, update Namespace servers, and create hosted zones in Route 53
3. Create SSL certificate
4. Create Security group for our EC2 VMs and Launch Template
5. Create AutoScaling Group and Application Load Balancer
6. Enable SSL certificate on Application Load Balancer
7. Forward traffic from domain name to our ALB with SSL enabled.
**EZPZ right?**
Sign in with Wallet
Connect another wallet