Amazon Web Services
2006: Amazon launched Amazon Web Service (AWS) on a utility computing basis although the initial released dated back to July 2002.
Amazon Web Services (AWS) is a collection of remote computing services (also called web services) that together make up a cloud computing platform, offered over the Internet by Amazon.com.
The most central and well-known of these services are Amazon EC2 (Elastic Compute Cloud )and Amazon S3 (Simple Storage Service).
Book:
Amazon Web Services is based on SOA standards, including HTTP, REST, and SOAP transfer protocols, open source and commercial operating systems, application servers, and browser-based access.
Topics:
1. Amazon EC2
2. Amazon EC2 Container Registry
3. Amazon EC2 Container Service
4. AWS Elastic Beanstalk
5. AWS Lambda
6. Auto Scaling
7. Elastic Load Balancing
8. Amazon VPC (Virtual Private Cloud)
https://www.youtube.com/watch?v=lioD902fOOQ
1). Amazon EC2 - Virtual Servers in the Cloud
· Amazon EC2 is a Web Service that provides Scalable Computing Capacity in the Amazon Web Services (AWS) cloud.
· Amazon EC2 is a web service that provides Resizable Computing Capacity—literally, servers in Amazon's data centers—that you use to build and host your software systems.
· Using Amazon EC2 eliminates your need to invest in hardware up front, so you can develop and deploy applications faster.
· You can use Amazon EC2 to Launch Virtual Servers as you need, configure security and networking, and manage storage.
· Amazon EC2 enables you to scale up or down to handle changes in requirements or spikes in popularity, reducing your need to forecast traffic.
Features:
· Instances - Virtual computing environments, known as instances
· Amazon Machine Images (AMIs) - Preconfigured templates for your instances, known as AMIs, that package the bits you need for your server (including the operating system and additional software)
· Instance Types - Various configurations of CPU, Memory, Storage, and Networking Capacity for your instances, known as Instance Types
· Secure login information for your instances using key pairs (AWS stores the public key, and you store the private key in a secure place)
· Instance Store Volumes - Storage volumes for temporary data that's deleted when you stop or terminate your instance, known as Instance Store Volumes
· Amazon EBS volumes - Persistent storage volumes for your data using Amazon Elastic Block Store (Amazon EBS), known as Amazon EBS volumes
· Regions And Availability Zones - Multiple physical locations for your resources, such as Instances and Amazon EBS volumes, known as regions and Availability Zones
· A firewall that enables you to specify the protocols, ports, and source IP ranges that can reach your instances using security groups
· Elastic IP addresses - Static IP addresses for dynamic cloud computing, known as Elastic IP addresses
· Metadata, known as tags, that you can create and assign to your Amazon EC2 resources
· Virtual Private Clouds (VPCs) - Virtual networks you can create that are logically isolated from the rest of the AWS cloud, and that you can optionally connect to your own network, known as virtual private clouds (VPCs)
· AWS Management Console -
Accessing Amazon EC2:
UI – Amazon EC2 Console.
Command Line:
o AWS Command Line Interface (CLI)
o Amazon EC2 Command Line Interface (CLI) Tools
o AWS Tools for Windows PowerShell
2). Amazon EC2 Container Registry (ECR)
· Amazon EC2 Container Registry (Amazon ECR) is a fully managed Docker Container Registry that makes it easy for developers to store, manage, and deploy Docker Container Images.
· Amazon ECR is a managed AWS Docker registry service that is secure, scalable, and reliable .
· Amazon ECR supports private Docker repositories with resource-based permissions using AWS IAM so that specific users or Amazon EC2 instances can access repositories and images.
· Developers can use the Docker CLI to push, pull, and manage images.
Components
· Registry - An Amazon ECR registry is provided to each AWS account; you can create image repositories in your registry and store images in them.
· Authorization token –
o Your Docker client needs to authenticate to Amazon ECR registries as an AWS user before it can push and pull images.
o The AWS CLI get-login command provides you with authentication credentials to pass to Docker.
· Repository - An Amazon ECR image repository contains your Docker images.
· Repository policy - You can control access to your repositories and the images within them with repository policies. For more information, see Amazon ECR Repository Policies (p. 17).
· Image - You can push and pull Docker images to your repositories. You can use these images locally on your development system, or you can use them in Amazon ECS task definitions.
3). Amazon EC2 Container Service (Amazon ECS):
· Amazon ECS is a highly scalable, fast, Container Management Service, that makes it easy to run, stop, and manage Docker containers on a Cluster of Amazon EC2 instances.
· Amazon ECS lets you
o Launch and stop container-enabled applications with simple API calls,
o Allows you to get the state of your cluster from a centralized service, and
o Gives you access to many familiar Amazon EC2 features.
o Schedule the placement of containers across your cluster based on your resource needs, isolation policies, and availability requirements.
o Eliminates the need for you to operate your own cluster management and configuration management systems or worry about scaling your management infrastructure.
Components:
· Container instance - An Amazon EC2 instance that is running the Amazon ECS agent and has been registered into a cluster.
· Cluster - A logical grouping of container instances that you can place tasks on.
· Task definition - A description of an application that contains one or more container definitions.
· Scheduler - The method used for placing tasks on container instances.
· Service - An Amazon ECS service allows you to run and maintain a specified number of instances of a task definition simultaneously.
· Task - An instantiation of a task definition that is running on a container instance.
4). AWS Elastic Beanstalk
AWS comprises dozens of services, each of which exposes an area of functionality. While the variety of services offers flexibility for how you want to manage your AWS infrastructure, it can be challenging to figure out which services to use and how to provision them.
· With Elastic Beanstalk, you can quickly Deploy And Manage Applications in the AWS cloud without worrying about the infrastructure that runs those applications.
· AWS Elastic Beanstalk reduces management complexity without restricting choice or control.
· You simply upload your application, and Elastic Beanstalk automatically handles the details of Capacity Provisioning, Load Balancing, Scaling, And Application Health Monitoring.
· Elastic Beanstalk provides developers and systems administrators an easy, fast way to deploy and manage their applications without having to worry about AWS infrastructure.
You can also perform most deployment tasks, such as changing the size of your fleet of Amazon EC2 instances or monitoring your application, directly from the Elastic Beanstalk web interface.
After you create and deploy your application, information about the application—including metrics, events, and environment status—is available through the AWS Management Console, APIs, or Command Line Interfaces, including the unified AWS CLI.
5). AWS Lambda:
· AWS Lambda is a Compute Service where you can upload your code to AWS Lambda and the service can run the code on your behalf using AWS infrastructure.
· After you upload your code and create what we call a Lambda function, AWS Lambda takes care of provisioning and managing the servers that you use to run the code
· AWS Lambda runs your code on a high-availability compute infrastructure and performs all of the administration of the compute resources, including server and operating system maintenance, capacity provisioning and automatic scaling, code monitoring and logging.
· All you need to do is supply your code in one of the languages that AWS Lambda supports (currently Node.js, Java, and Python).
· AWS Lambda is an ideal Compute Platform for many application scenarios, provided that you can write your application code in languages supported by AWS Lambda (that is, Node.js, Java, and Python), and run within the AWS Lambda standard runtime environment and resources provided by Lambda.
· AWS Lambda executes your code only when needed and scales automatically, from a few requests per day to thousands per second.
· With these capabilities, you can use Lambda to easily build data processing triggers for AWS services like
o Amazon S3 and
o Amazon DynamoDB,
o Amazon Kinesis or
o Create your own back end that operates at AWS scale, performance, and security
6). Auto Scaling
· Auto Scaling is a web service designed to Launch Or Terminate Amazon EC2 instances automatically based on user-defined policies, schedules, and health checks.
· You create collections of EC2 instances, called Auto Scaling Groups.
· Auto Scaling helps you ensure that you have the correct number of EC2 instances available to handle the load for your application.
· You can specify the minimum/ maximum number of instances in each Auto Scaling group, and Auto Scaling ensures that your group never goes below/above this size.
· If you specify the desired capacity, either when you create the group or at any time thereafter, Auto Scaling ensures that your group has this many instances.
· If you specify scaling policies, then Auto Scaling can launch or terminate instances as demand on your application increases or decreases.
Components:
Groups –
Your EC2 instances are organized into groups so that they can be treated as a logical unit for the purposes of scaling and management.
When you create a group, you can specify its minimum, maximum, and, desired number of EC2 instances
Launch configurations
Your group uses a launch configuration as a template for its EC2 instances.
When you create a launch configuration, you can specify information such as the AMI ID, instance type, key pair, security groups, and block device mapping for your instances.
Scaling plans
A scaling plan tells Auto Scaling when and how to scale.
For example, you can base a scaling plan on the occurrence of specified conditions (dynamic scaling) or on a schedule
Accessing Auto Scaling:
UI – Amazon EC2 Console.
Command Line:
o AWS Command Line Interface (CLI)
o AWS Tools for Windows PowerShell
7). Elastic Load Balancing:
· Elastic Load Balancing automatically distributes your incoming application traffic across multiple Amazon EC2 instances.
· You can add and remove EC2 instances from your load balancer as your needs change, without disrupting the overall flow of information.
· It detects unhealthy instances and reroutes traffic to healthy instances until the unhealthy instances have been restored.
· If a failed EC2 instance is restored, Elastic Load Balancing restores the traffic to that instance.
· Elastic Load Balancing can also serve as the first line of defense against attacks on your network.
· You can offload the work of encryption and decryption to your load balancer so that your EC2 instances can focus on their main work.
Features:
· Configure the load balancer to accept traffic using the following protocols: HTTP, HTTPS (secure HTTP), TCP, and SSL (secure TCP).
· Configure your EC2 instances to accept traffic only from your load balancer. You can use the operating systems and instance types supported by Amazon EC2
· Configure your load balancer to distribute requests to EC2 instances in multiple Availability Zones, minimizing the risk of overloading one single instance. If an entire Availability Zone goes offline, the load balancer routes traffic to instances in other Availability Zones.
· No limit on the number of connections that your load balancer can attempt to make with your EC2 instances. The number of connections scales with the number of concurrent requests that the load balancer receives.
· Configure the health checks that Elastic Load Balancing uses to monitor the health of the EC2 instances registered with the load balancer so that it can send requests only to the healthy instances.
· You can use end-to-end traffic encryption on those networks that use secure (HTTPS/SSL) connections.
· [EC2-VPC] - You can create an Internet-Facing Load Balancer, which takes requests from clients over the Internet and routes them to your EC2 instances, or an internal-facing load balancer, which takes requests from clients in your VPC and routes them to EC2 instances in your private subnets. Load balancers in EC2-Classic are always Internet-Facing.
· [EC2-Classic] - Load balancers for EC2-Classic support both IPv4 and IPv6 addresses. Load balancers for a VPC do not support IPv6 addresses.
· You can monitor your load balancer using CloudWatch metrics, access logs, and AWS CloudTrail.
· You can associate your Internet-facing load balancer with your domain name. Because the load balancer receives all requests from clients, you don't need to create and manage public domain names for the EC2 instances to which the load balancer routes traffic. You can point the instance's domain records at the load balancer instead and scale as needed (either adding or removing capacity) without having to update the records with each scaling activity.
Accessing ELB:
· AWS Management Console— Provides a web interface that you can use to access Elastic Load Balancing.
· AWS Command Line Interface (CLI) — Provides commands for a broad set of AWS services, including Elastic Load Balancing, and is supported on Windows, Mac, and Linux.
· AWS SDKs — Provides language-specific APIs and takes care of many of the connection details, such as calculating signatures, handling request retries, and error handling.
· Query API— Provides low-level APIs that you call using HTTPS requests.
· SOAP API— Provides access to the Elastic Load Balancing web service using the SOAP web services messaging protocol.
· ELB CLI — Provides commands to access Elastic Load Balancing. However recommended is to use AWS CLI
8). Amazon VPC:
· Amazon VPC enables you to launch AWS resources into a virtual network that you've defined.
· This virtual network closely resembles a traditional network that you'd operate in your own data center, with the benefits of using the scalable infrastructure of AWS.
· A virtual private cloud (VPC) is a virtual network dedicated to your AWS account. It is logically isolated from other virtual networks in the AWS cloud.
· You can launch your AWS resources, such as Amazon EC2 instances, into your VPC.
· You can configure your VPC; you can select its IP address range, create subnets, and configure route tables, network gateways, and security settings.
Regards,
Arun Manglick