如何在EC2中部署节点服务器

在 AWS EC2 上部署 Node.js 服务器使您可以利用 AWS 的可靠基础设施、可扩展性和灵活性来高效托管您的应用程序。本指南将引导您逐步设置 EC2 实例、安装 Nginx 和 PM2 等基本工具，以及使用 Let's Encrypt 通过 HTTPS 保护您的应用程序。在本指南结束时，您将拥有一个在安全的 EC2 环境上运行的功能齐全的 Node.js 服务器，准备好处理生产流量。

大纲

• 要求
• 设置 EC2 实例
• 通过 SSH 或 Putty 连接到 EC2
• 安装必要的软件包和工具
• 为 Node.js 应用程序设置 PM2
• 将 Nginx 配置为反向代理
• 使用公网IP访问服务器
• 了解 HTTPS 的需求
• 设置域名和 SSL 证书
• 使用 Nginx 安装 SSL Certbot
• 将域名映射到公共 IP
• 测试服务器和最终检查

要求

开始之前，请确保您具备以下条件：

• AWS 帐户。
• Linux 命令行基础知识。
• 注册域名（用于设置 HTTPS）。
• PuTTY（如果您使用的是 Windows，则用于通过 SSH 访问 EC2 实例）。

设置 EC2 和初始脚本以安装 PM2 和 Nginx

• 登录您的 AWS 管理控制台。
• 导航到 EC2 仪表板并单击启动实例。
• 提供实例的名称。
• 选择 Ubuntu Server 22.04 LTS (HVM)、SSD 卷类型。
• 选择实例类型（例如，t2.micro 表示免费套餐）。
• 生成密钥对（.pem）并保存，稍后我们会用到。
• 配置安全组以允许端口 22 (SSH)、80 (HTTP) 和 443 (HTTPS) 上的入站流量。

启动实例时，您可以提供用户数据脚本来自动安装必要的软件包。

• 在“高级详细信息”部分中，找到“用户数据”字段。
• 选择“作为文本”并在提供的文本区域中输入您的用户数据脚本。

#!/bin/bash
sudo apt update
sudo apt install nginx -y
sudo apt-get install curl
curl -sL https://deb.nodesource.com/setup_18.x | sudo -E bash -
sudo apt-get install -y nodejs
curl -sL https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add -
echo "deb https://dl.yarnpkg.com/debian/ stable main" | sudo tee /etc/apt/sources.list.d/yarn.list
sudo apt-get update
sudo apt-get install yarn -y
sudo npm i -g pm2
sudo cp /etc/nginx/sites-available/default /etc/nginx/sites-available/default.bkp
sudo rm /etc/nginx/sites-available/default
sudo echo "server {
    listen 80 default_server;
    listen [::]:80 default_server;

    # The server_name can be changed to your domain or left as-is for IP-based access
    server_name YOUR_DOMAIN;  # Use your domain or public IP if no domain is configured

    # Proxy requests to the backend server running on port 3000
    location / {
        proxy_pass http://127.0.0.1:3000;  # Your backend port here
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
        proxy_redirect off;
    }

    # Optional: serve static files directly from a directory if needed
    # location /static {
    #     alias /path/to/static/files;  # Uncomment and set path if you have static files
    #     expires 30d;
    #     access_log off;
    # }

    # This is commented out because we are not serving any frontend files from /var/www/html
    # root /var/www/html;
    # index index.html index.htm index.nginx-debian.html;
}
" > /etc/nginx/sites-available/default
sudo rm /var/www/html/index.nginx-debian.html
sudo apt-get update

初始代码说明

系统更新和安装：

• sudo apt update：更新 Ubuntu 的软件包列表。
• sudo apt install nginx -y：安装 Nginx，一个 Web 服务器。
• sudo apt-get install curl：安装curl，一个从服务器传输数据或向服务器传输数据的工具。

安装 Node.js 和 Yarn：

• 卷曲-sL https://deb.nodesource.com/setup_18.x | sudo -E bash -：添加 Node.js 18 存储库。
• sudo apt-get install -y nodejs：安装 Node.js。
• 卷曲-sL https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add -：添加 Yarn 存储库密钥。
• echo "deb https://dl.yarnpkg.com/debian/ stable main" | sudo tee /etc/apt/sources.list.d/yarn.list：添加 Yarn 存储库。
• sudo apt-get update：更新包列表以包含 Yarn。
• sudo apt-get install yarn -y：安装 Yarn，一个包管理器。

安装PM2：

• sudo npm i -g pm2：全局安装 PM2 以管理 Node.js 应用程序。

Nginx 配置备份和设置：

• sudo cp /etc/nginx/sites-available/default /etc/nginx/sites-available/default.bkp：备份默认的 Nginx 配置文件。
• sudo rm /etc/nginx/sites-available/default：删除原来默认的Nginx配置文件。
• sudo echo“服务器{...}”> /etc/nginx/sites-available/default：创建新的 Nginx 配置：
  • 监听端口 80。
  • 将 server_name 设置为域或公共 IP。
  • 将请求代理到在 http://127.0.0.1:3000 上运行的后端服务器。
  • 用于提供静态文件和前端内容的注释部分。

删除默认的 Nginx 内容：

• sudo rm /var/www/html/index.nginx-debian.html：删除默认的 Nginx 欢迎页面。

再次更新包列表：

• sudo apt-get update：运行另一个更新以确保所有软件包列表都是最新的。

此脚本设置一个包含 Nginx、Node.js、Yarn 和 PM2 的环境，并将 Nginx 配置为充当在端口 3000 上运行的后端服务器的反向代理。

之后点击启动实例按钮来创建实例。

使用 PuTTY 或终端通过 SSH 连接到 EC2 并克隆您的 Node.js 存储库

实例运行后，使用终端通过 SSH 连接到您的 EC2 实例（适用于 macOS/Linux）：

ssh -i path/to/your-key.pem ubuntu@<your-ec2-public-ip>

如果您使用的是 Windows，您可以使用 putty 登录 - 登录步骤。

After that it may ask for username which is usually by default - "ubuntu" if not set anything else.

Next use the following command to switch to the root user:

sudo su

Clone your Node.js application from GitHub or any other repository:

git clone <your-repo-url>
cd <your-repo-directory>

Switch to your prodution branch, pull the latest code and install node_modules.

Once done return back to the main directory using cd..

Setting Up ecosystem.config.js and Starting the Server with PM2

PM2 is a popular process manager for Node.js that keeps your application running in the background and helps with load balancing and monitoring.

Create ecosystem.config.js file in your project root:

touch ecosystem.config.js

Open the file in a text editor and add your configuration:

nano ecosystem.config.js

Add the configuration and save the file:

module.exports = {
  apps: [{
    name: "project_name",
    script: "npm start",
    cwd: "/home/ubuntu/repo",
    env: {
      "MONGO_URL": "mongodb+srv://<credentials>",
      "PORT": 3000,
      "NODE_ENV": "prod",
    }
  }]
};

Save and exit the editor (for nano, press Ctrl + X, then Y to confirm saving, and Enter to exit).

Explanation of ecosystem.config.js File

The ecosystem.config.js file is a configuration file for PM2, a process manager for Node.js applications. It defines how the application should be managed, including its environment variables, working directory, and startup script.

Breakdown of the Configuration:

• module.exports: Exports the configuration object so that PM2 can use it to manage the application.

• apps: An array of application configurations. This allows PM2 to manage multiple applications using a single configuration file.

  • name: "project_name" The name of the application, as it will appear in PM2's process list. You can set this to your project name.
  • script: "npm start" The command to run the application. Here, it uses npm start to start the application, which typically runs the start script defined in your package.json.
  • cwd: "/home/ubuntu/repo" The "Current Working Directory" where PM2 will look for the application. This is the directory path where your Node.js application code (repository) is located.
  • env: An object defining environment variables that will be available to the application when it is running. These variables can be accessed in your Node.js code using process.env.

Let's move next to starting our server:

Start the Application Using PM2:

pm2 start ecosystem.config.js

You can check the logs using:

pm2 logs

Accessing the Server by Changing Security Rules Using Public IP

Ensure your security group allows inbound traffic on port 3000 (or any port your server is running on). Access your server using:

http://<your-ec2-public-ip>:3000

The Problem with HTTP Server and the Need for HTTPS

HTTP is not secure for transmitting sensitive data. HTTPS, on the other hand, ensures that all data transmitted between the server and client is encrypted. Therefore, it's essential to secure your Node.js server with HTTPS, especially for production environments.

Requirements for HTTPS: Domain and SSL

To set up HTTPS, you need:

• A domain name pointing to your EC2 public IP.
• SSL certificate to encrypt the traffic.

SSL Using Certbot and Setting Up Nginx

Install Certbot on EC2:

sudo apt install certbot python3-certbot-nginx -y

Run Certbot to Obtain SSL Certificate:

sudo certbot --nginx -d YOUR_DOMAIN

Follow the prompts to complete the certificate installation. Certbot will automatically update your Nginx configuration to redirect HTTP traffic to HTTPS.

You can check your updated nginx config. Go to this directory:

cd /etc/nginx/sites-available/

Open the default file using nano, and it should look something like this:

server {
    listen 80;
    server_name YOUR_DOMAIN;

    # Redirect HTTP to HTTPS
    location / {
        return 301 https://$host$request_uri;
    }
}

server {
    listen 443 ssl;
    server_name YOUR_DOMAIN;

    ssl_certificate /etc/letsencrypt/live/YOUR_DOMAIN/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/YOUR_DOMAIN/privkey.pem;
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers HIGH:!aNULL:!MD5;

    location / {
        proxy_pass http://127.0.0.1:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }
}

After SSL setup it should reload Nginx server automatically but you can manually reload using:

nginx -s reload

Domain Mapping to Public IP

Ensure that your domain/subdomain is correctly mapped to your EC2 instance's public IP using A records in your domain DNS settings.

Testing the Server and Finishing Up

Visit https://YOUR_DOMAIN in your browser to verify the HTTPS setup. Your Node.js server should now be accessible securely via HTTPS.

以上是如何在EC2中部署节点服务器的详细内容。更多信息请关注PHP中文网其他相关文章！