Movie Ticket Booking System (AWS 3-Tier Architecture)

Movie Ticket Booking System - AWS 3-Tier Architecture

Cloud-based web application with high availability, security, and scalability

View Full Project on GitHub

📌 Introduction

The Movie Ticket Booking System is a web-based application designed with AWS 3-Tier Architecture to ensure scalability, security, and high availability.

It allows users to:

  • Browse movies
  • Select show timings
  • Choose seats
  • Book tickets online

All booking and user data are securely stored in Amazon RDS (MySQL).

This project demonstrates how to deploy a real-world web application on AWS by separating the Web Layer, Application Layer, and Database Layer.

🏗️ Architecture Overview

Tier Purpose Subnet Type Language / Stack EC2 Role
Tier 1 Frontend (UI) Public Subnet HTML, CSS, JS, NGINX Handles browser requests
Tier 2 Application (Logic) Private Subnet PHP, NGINX Executes business logic
Tier 3 Database (Storage) Private Subnet MySQL Database Stores persistent data

🌐 VPC & Subnet Setup

Create a VPC

  • Name: movie-tickets-VPC
  • CIDR block: 10.0.0.0/16
  • DNS Hostnames: Enabled

Create Subnets

Subnet Name CIDR Block Availability Zone Type
Public-Subnet 10.0.16.0/24 ap-south-1a Public
Private-App 10.0.32.0/24 ap-south-1a Private
Private-DB 10.0.48.0/24 ap-south-1a Private
Private-DB-2 10.0.64.0/24 ap-south-1b Private

Note: Enable Auto-Assign Public IP for Public Subnet.

Create Internet Gateway

  • Name: movie-internet-Gateway
  • Attach to movie-tickets-vpc

Create Route Tables

Public Route Table

  • Name: movie-Public-Table
  • Associate with: Public-Subnet
  • Add Route: 0.0.0.0/0 → Internet Gateway

Private Route Table

  • Name: movie-private-Table
  • Associate with: Private-App, Private-DB
  • No external route initially

🌐 NAT Gateway Setup

The NAT Gateway (Network Address Translation Gateway) allows instances in private subnets to access the internet for tasks like software updates, package installations, and external communications — without exposing them directly to the public internet.

Why NAT Gateway?

  • Private subnets cannot directly access the internet for security reasons
  • A NAT Gateway acts as a bridge, allowing outbound internet traffic while blocking all inbound traffic

Setup Steps

1. Allocate Elastic IP

  • Go to VPC Console → Elastic IPs → Allocate Elastic IP
  • This IP will be attached to your NAT Gateway

2. Create NAT Gateway

  • Subnet: Public-Subnet (must be in a public subnet for internet access)
  • Elastic IP: Attach the allocated Elastic IP
  • Name: movie-NAT-Gateway

3. Update Private Route Table

Add a route to direct outbound traffic from private subnets to the NAT Gateway:

Destination Target
0.0.0.0/0 movie-NAT-Gateway

🛡️ Security Groups

Security Groups act as virtual firewalls to control inbound and outbound traffic for each tier.

SG Name Attached To Inbound Rules Outbound
Web Frontend EC2 22 (SSH), 80 (HTTP) — Anywhere (0.0.0.0/0) All Traffic
App Web Server (Tier 2) 22 (SSH) — From Web SG only All Traffic
DB-RDS Database (Tier 3) 3306 (MySQL) — From App SG only All Traffic

Rule Explanation

  • Web SG (Frontend): Allows SSH (22) and HTTP (80) traffic from anywhere
  • App SG (Application Layer): Only SSH (22) allowed from Web SG
  • DB-RDS SG (Database Layer): MySQL (3306) allowed only from App SG

🌐 Elastic IP (EIP)

An Elastic IP (EIP) is a static public IPv4 address provided by AWS that you can associate with EC2 instances, NAT Gateways, or other resources.

Why Use Elastic IP?

  • Static Public IP – Your frontend server or NAT Gateway can be accessed reliably using the same IP
  • High Availability – If an EC2 instance fails, you can quickly remap the EIP to another instance
  • Consistent DNS – Easier to point a domain to your EC2 instance without IP changes
  • Required for NAT Gateway – NAT Gateways need an Elastic IP to provide internet access to private subnets

How to Allocate and Associate an Elastic IP

Step 1: Allocate Elastic IP

  • Go to AWS Console → VPC → Elastic IPs → Allocate Elastic IP
  • Click Allocate and note the allocated IP

Step 2: Associate Elastic IP

  • For Frontend EC2: Select Elastic IP → Actions → Associate Elastic IP → Choose EC2 Instance
  • For NAT Gateway: Select Elastic IP → Actions → Associate with NAT Gateway

🚀 Launch EC2 Instances

Role AMI Subnet Instance Type Ports Key Pair
Frontend NGINX Public-Subnet t2.micro 22 (SSH), 80 (HTTP) movie-key
Backend NGINX Private-App t2.micro 22 (SSH), 80 (HTTP) movie-key

Instance Role Details

  • Frontend EC2 (Public Subnet): Runs the user interface using NGINX
  • Backend EC2 (Private Subnet): Handles business logic and connects to the database

🗄️ Launch RDS Database

Role Subnet Type Ports
Database Private Subnet t2.micro 22, 3306

Create RDS MySQL Instance

  • Go to AWS Console → RDS → Create Database
  • Engine Type: MySQL
  • Deployment Option: Standard Create
  • Templates: Free Tier (for testing)
  • DB Instance Identifier: movie-db
  • Master Username: root
  • Master Password: mahesh05
  • VPC: Select your project VPC
  • Subnet Group: Choose Private-DB subnets
  • Public Access: No (Keep private for security)
  • Security Group: Allow port 3306 only from the App SG

Configure Security Group

Type Protocol Port Range Source
MySQL/Aurora TCP 3306 App Security Group

Connect to RDS from Backend EC2

mysql -h <RDS-ENDPOINT> -u root -p

🔑 Copy Private Key to Frontend Server

Step 1: Copy the Key Using SCP

scp -i movie-key.pem movie-key.pem ec2-user@<frontend-public-ip>:/home/ec2-user/

Step 2: SSH Into the Frontend Server

ssh -i movie-key.pem ec2-user@<frontend-public-ip>
chmod 400 movie-key.pem

🖥️ Backend Setup (Private-App)

SSH to Backend

ssh -i movie-key.pem ec2-user@<frontend-public-ip>
ssh -i movie-key.pem ec2-user@<backend-private-ip>

Install Dependencies

sudo yum update
sudo yum install nginx PHP8.4 -y

Service Start

sudo systemctl start nginx
sudo systemctl enable nginx
sudo systemctl start PHP-fpm

Verify

curl http://public-ip/

🌐 Frontend Setup with Nginx

Install Nginx

sudo yum update
sudo yum install nginx -y

Nginx Configuration

Create/edit the Nginx configuration file:

server {
    listen 80;
    server_name _;

    location ~ \.php$ {
        proxy_pass http://<backend-private-ip>;
    }
}

Restart Nginx

sudo systemctl restart nginx

🚀 Access the Application

Visit your application at:

http://frontend-public-ip

The application should display:

  • Movie listing page
  • Show timing selection
  • Seat selection interface
  • Booking confirmation

🎬 Project Summary

The Movie Ticket Booking System is a cloud-based web application designed using AWS 3-Tier Architecture for high availability, security, and scalability.

🌟 Key Features

  • Frontend Layer (UI): Built with HTML, CSS, JavaScript, hosted on EC2 instances in public subnet
  • Application Layer (Logic): Powered by PHP running on EC2 in private subnet
  • Database Layer (Storage): AWS RDS MySQL for persistent storage in private subnet
  • Networking & Security: VPC with public/private subnets, NAT Gateway, Elastic IPs, Security Groups
  • High Availability: Multi-AZ deployment for minimal downtime
  • Secure Access: EC2 instances managed via SSH keys with strict permissions

🏗️ AWS Architecture Overview

  • Public Subnet: Frontend EC2, NAT Gateway
  • Private Subnet: Backend EC2, RDS MySQL
  • Internet Gateway & Elastic IPs for reliable public access
  • Security Groups enforce controlled traffic flow between layers

This project demonstrates modern cloud architecture best practices while providing a full-stack, functional movie booking application.

View Complete Project on GitHub

MAHIBLOG

Posted by MAHIBLOG