Distributed Node #11
AWS
$ whoami
Inna Ivashchuk
Senior Software Engineer
JS developer, music fan, movie-dependent and Star Wars fan 🤓
May the Force be with you!
$ guest
Vladyslav Matus
Solution Architect
Agenda:
-
Amazon Web Services Overview
-
Account & IAM (Identity & Access Management)
-
Computing Services (EC2, ECS, EKS)
-
Storage Services
-
Other services
AWS Overview
I will add 128 GB RAM and more replace the CPU AMD Ryzen 9 3950X
Dinesh
Replacing hardware will require downtime, better to add some separate cheap servers
Gilfoyle
ANTON
Cloud computing with AWS
   Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform, offering over 200 fully-featured services from data centers globally. Millions of customers—including the fastest-growing startups, largest enterprises, and leading government agencies—are using AWS to lower costs, become more agile, and innovate faster.
What exactly is Cloud computing?
   Cloud computing is a term broadly used to define the on-demand delivery of IT resources and applications via the Internet, with pay-as-you-go pricing.
What is AWS?
- AWS (Amazon Web Services) is a Cloud Provider
- They provide you with servers and services that you can use on-demand and scale easily
- AWS has revolutionized IT over time
- AWS powers some of the biggest websites in the world:
- Amazon.com
- Â Netflix
What is exactly AWS?
AWS services and features (2019)
Global network of AWS Regions
AWS has the most extensive global cloud infrastructure:
- offers many Regions with multiple Availability Zones connected by low latency, high throughput, and highly redundant networking
- has 80 Availability Zones within 25 geographic regions (+ 15 announced)
AWS Data centers
- A single data center typically houses several thousands of servers
- All data centers are online (no DC is "cold")
- AWS custom network equipment:
- multi-ODM sourced
- Amazon custom protocol stack
Data center
AWS Availability Zones (AZ)
Each Availability Zone is:
- Made up of one or more data centers
- Designed for fault isolation
- Interconnected with other Availability Zones using high-speed private links
Data center
Data center
Data center
Data center
Availability Zone
AWS Regions
- Each region is made up of two or more Availability Zones
- AWS has 20 regions worldwide
- You enable and control data replication across regions
- Communication between regions uses AWS backbone network connection infrastructure
Data center
Data center
Data center
Data center
AZ
AZ
AWS Regions
Cloud computing leadership
Gartner Research positions AWS in the Leaders quadrant of the new 2020 Magic Quadrant for Cloud Infrastructure & Platform Services (CIPS). CIPS, in the context of this Magic Quadrant, are defined as “standardized, highly automated offerings, in which infrastructure resources (e.g., compute, networking and storage) are complemented by integrated platform services.”
What about trends?
Trusted by millions of customers of all types
Enterprise
Startups
Public sector
Account & IAM
(Identity & Managment)Â
What is IAM?
Users
Groups
Roles
Usually a physical person
Functions (admins, devops)
Teams (engineering, design...)
Contains users
Internal usage within AWS resources
Policies (JSON Document)
Defines what each of the above can and cannot do
IAM details
and don't forget to follow the rules
- One IAM User per PHYSICAL PERSON
- One IAM Role per Application
- IAM credentials should NEVER BE SHARED
- Never, ever, ever, ever, write IAM credentials in code. EVER
- And even less, NEVER COMMIT YOUR IAM credentials
- Â Never use the ROOT account except for the initial setup
- Never use ROOT IAM Credentials
Let's try IAM service
1. Create a user
2. Set permissions
3. Add tags
3. Review and submit
Sign-in URL for IAM users
Time to log-in with the new IAM user
Customized link can be used - https://js-procamp.signin.aws.amazon.com/consoleÂ
Just to compare Root and IAM user
Root
IAM
Computing Services (EC2, ECS, EKS)
- EC2 - Elastic Compute Cloud
- EC2 is one of the most popular services of AWS
- It mainly consists in the capability of :
- Renting virtual machines (EC2)
- Storing data on virtual drives (EBS)
- Distributing load across machines (ELB)
- Scaling the services using an auto-scaling group (ASG)
- Knowing EC2 is fundamental to understand how the Cloud works
What is EC2?
Let's try to create an EC2 instance
First, navigate to the EC2 service
Step 1: Choose an Amazon Machine Image (AMI)
Step 2: Choose an Instance Type
Step 3: Configure Instance Details
Step 4: Add Storage
Step 5: Add Tags
Step 6: Configure Security Group
Step 7: Review Instance Launch
Finally
and the result
Let's use SSH and connect to our Instance
Let's use SSH and connect to our Instance
$ ssh -i EC2tutorial.pem ec2-user@3.142.150.183
$ chmod 0400 EC2tutorial.pem
$ ssh -i EC2tutorial.pem ec2-user@3.142.150.183
Chmod 0400Â (chmod a+rwx,u-wx,g-rwx,o-rwx,ug-s,-t) sets permissions so that, (U)ser / owner can read, can't write and can't execute. (G)roup can't read, can't write and can't execute. (O)thers can't read, can't write and can't execute.
Note: On Windows, PuTTy can be used
ECS is Amazon Elastic Container Service. ECS provides:
- a highly secure, reliable, and scalable way to run containers
- a fully managed container orchestration service. Customers such as Duolingo, Samsung, GE, and Cookpad use ECS to run their most sensitive and mission-critical applications because of its security, reliability, and scalability
- Â you can choose to run your ECS clusters using AWS Fargate, which is serverless compute for containers
What is ECS?
ECS Benefits
How Amazon ECS works
Use cases
Hybrid deployment
Machine Learning
Batch Processing
Web Applications
Customers using Amazon ECS
Ubisoft uses Amazon ECS to provide seamless multiplayer gaming
GoPro uses Amazon ECS to reduce its compute footprint by 70%
McDonalds launched Home Delivery in four months using microservices running on Amazon ECS
FOX uses containerized microservices running on AWS to build and deliver FOX NOW
The Washington Post built their publishing platform using microservices running on AWS
What is EKS?
EKS is Amazon Elastic Kubernetes Service. EKS provides:
- flexibility to start, run, and scale Kubernetes applications in the AWS cloud or on-premises
- highly-available and secure clusters and automates key tasks such as patching, node provisioning, and updates
- runs upstream Kubernetes and is certified Kubernetes conformant for a predictable experience
- easily migrate any standard Kubernetes application to EKS without needing to refactor your code
Â
Benefits
Improve availability and observability
Provision and scale your resources efficiently
Get a more secure Kubernetes environmenty
EKS runs the Kubernetes control plane across multiple AWS Availability Zones, automatically detects and replaces unhealthy control plane nodes, and provides on-demand, zero downtime upgrades and patching. EKS offers a 99.95% uptime SLA. At the same time, the EKS console provides observability of your Kubernetes clusters so you can identify and resolve issues faster.
EKS automatically applies the latest security patches to your cluster’s control plane. AWS works closely with the community to address critical security issues and help ensure that every EKS cluster is secure.
With EKS managed node groups, you don’t need to separately provision compute capacity to scale your Kubernetes applications. You can also choose AWS Fargate to automatically provision on-demand serverless compute for your applications. For even more cost savings, EKS nodes on Amazon EC2 Spot instances reduce your cost for more efficiency.
How it works
Deploy applications with Amazon EKS in the cloud
How it works
Deploy applications with Amazon EKS anywhere
How it works
Deploy applications with your own tools
Use cases
Hybrid deployment
Machine Learning
Batch Processing
Web Applications
Companies adopting Amazon EKS
Storage Service
AWS Storage Services
What is S3?
   Amazon Simple Storage Service (Amazon S3) is an object storage service that offers industry-leading scalability, data availability, security, and performance. This means customers of all sizes and industries can use it to store and protect any amount of data for a range of use cases, such as data lakes, websites, mobile applications, backup and restore, archive, enterprise applications, IoT devices, and big data analytics.
Amazon S3 provides easy-to-use management features so you can organize your data and configure finely-tuned access controls to meet your specific business, organizational, and compliance requirements. Amazon S3 is designed for 99.999999999% (11 9's) of durability, and stores data for millions of applications for companies all around the world.
Â
Benefits
- Industry-leading performance, scalability, availability, and durability
- Wide range of cost-effective storage classes
- Unmatched security, compliance, and audit capabilities
- Easily manage data and access controls
- Query-in-place and process on-request
- Most supported cloud storage service
Â
Use cases
Backup and restore
Disaster Recovery (DR)
Archive
Data lakes and big data analytics
Hybrid cloud storage
Cloud-native applications
Other Services
List of Top 10 AWS Services in 2021
Amazon
VPC
and + 5 very popular services
Q & A
Distributed Node #11
By Inna Ivashchuk
Distributed Node #11
AWS
- 459