Distributed Node #11

AWS

$ whoami

Inna Ivashchuk

Senior Software Engineer

JS developer, music fan, movie-dependent and Star Wars fan 🤓

May the Force be with you!

3+ years with GlobalLogic

about 5 years in Web Development

        GitHub page

$ guest

Vladyslav Matus

Solution Architect

Agenda:

  • Amazon Web Services Overview

  • Account & IAM (Identity & Access Management)

  • Computing Services (EC2, ECS, EKS)

  • Storage Services

  • Other services

AWS Overview

I will add 128 GB RAM and more replace the CPU AMD Ryzen 9 3950X

Dinesh

Replacing hardware will require downtime, better to add some separate cheap servers

Gilfoyle

ANTON

Cloud computing with AWS

     Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform, offering over 200 fully-featured services from data centers globally. Millions of customers—including the fastest-growing startups, largest enterprises, and leading government agencies—are using AWS to lower costs, become more agile, and innovate faster.

What exactly is Cloud computing?

     Cloud computing is a term broadly used to define the on-demand delivery of IT resources and applications via the Internet, with pay-as-you-go pricing.

What is AWS?

  • AWS (Amazon Web Services) is a Cloud Provider
  • They provide you with servers and services that you can use on-demand and scale easily
  • AWS has revolutionized IT over time
  • AWS powers some of the biggest websites in the world:
    • Amazon.com
    •  Netflix

What is exactly AWS?

AWS services and features (2019)

Global network of AWS Regions

AWS has the most extensive global cloud infrastructure:

  • offers many Regions with multiple Availability Zones connected by low latency, high throughput, and highly redundant networking
  • has 80 Availability Zones within 25 geographic regions (+ 15 announced)

AWS Data centers

  • A single data center typically houses several thousands of servers
  • All data centers are online (no DC is "cold")
  • AWS custom network equipment:
    • multi-ODM sourced
    • Amazon custom protocol stack

Data center

AWS Availability Zones (AZ)

Each Availability Zone is:

  • Made up of one or more data centers
  • Designed for fault isolation
  • Interconnected with other Availability Zones using high-speed private links

Data center

Data center

Data center

Data center

Availability Zone

AWS Regions

  • Each region is made up of two or more Availability Zones
  • AWS has 20 regions worldwide
  • You enable and control data replication across regions
  • Communication between regions uses AWS backbone network connection infrastructure

Data center

Data center

Data center

Data center

AZ

AZ

AWS Regions

Cloud computing leadership

Gartner Research positions AWS in the Leaders quadrant of the new 2020 Magic Quadrant for Cloud Infrastructure & Platform Services (CIPS). CIPS, in the context of this Magic Quadrant, are defined as “standardized, highly automated offerings, in which infrastructure resources (e.g., compute, networking and storage) are complemented by integrated platform services.”

What about trends?

Trusted by millions of customers of all types

Enterprise

Startups

Public sector

Account & IAM

(Identity & Managment) 

What is IAM?

Users

Groups

Roles

Usually a physical person

Functions (admins, devops)
Teams (engineering, design...)

Contains users

Internal usage within AWS resources

Policies (JSON Document)

Defines what each of the above can and cannot do

IAM details

and don't forget to follow the rules

  • One IAM User per PHYSICAL PERSON
  • One IAM Role per Application
  • IAM credentials should NEVER BE SHARED
  • Never, ever, ever, ever, write IAM credentials in code. EVER
  • And even less, NEVER COMMIT YOUR IAM credentials
  •  Never use the ROOT account except for the initial setup
  • Never use ROOT IAM Credentials

Let's try IAM service

1. Create a user

2. Set permissions

3. Add tags

3. Review and submit

Sign-in URL for IAM users

Time to log-in with the new IAM user

Customized link can be used - https://js-procamp.signin.aws.amazon.com/console 

Just to compare Root and IAM user

Root

IAM

Computing Services (EC2, ECS, EKS)

  • EC2 - Elastic Compute Cloud
  • EC2 is one of the most popular services of AWS
  • It mainly consists in the capability of :
    • Renting virtual machines (EC2)
    • Storing data on virtual drives (EBS)
    • Distributing load across machines (ELB)
    • Scaling the services using an auto-scaling group (ASG)
  • Knowing EC2 is fundamental to understand how the Cloud works

What is EC2?

Let's try to create an EC2 instance

First, navigate to the EC2 service

Step 1: Choose an Amazon Machine Image (AMI)

Step 2: Choose an Instance Type

Step 3: Configure Instance Details

Step 4: Add Storage

Step 5: Add Tags

Step 6: Configure Security Group

Step 7: Review Instance Launch

Finally

and the result

Let's use SSH and connect to our Instance

Let's use SSH and connect to our Instance

$ ssh -i EC2tutorial.pem ec2-user@3.142.150.183
$ chmod 0400 EC2tutorial.pem
$ ssh -i EC2tutorial.pem ec2-user@3.142.150.183

Chmod 0400 (chmod a+rwx,u-wx,g-rwx,o-rwx,ug-s,-t) sets permissions so that, (U)ser / owner can read, can't write and can't execute. (G)roup can't read, can't write and can't execute. (O)thers can't read, can't write and can't execute.

Note: On Windows, PuTTy can be used

ECS is Amazon Elastic Container Service. ECS provides:

  • a highly secure, reliable, and scalable way to run containers
  • a fully managed container orchestration service. Customers such as Duolingo, Samsung, GE, and Cookpad use ECS to run their most sensitive and mission-critical applications because of its security, reliability, and scalability
  •  you can choose to run your ECS clusters using AWS Fargate, which is serverless compute for containers

What is ECS?

ECS Benefits

How Amazon ECS works

Use cases

Hybrid deployment

Machine Learning

Batch Processing

Web Applications

Customers using Amazon ECS

Ubisoft uses Amazon ECS to provide seamless multiplayer gaming

GoPro uses Amazon ECS to reduce its compute footprint by 70%

McDonalds launched Home Delivery in four months using microservices running on Amazon ECS

FOX uses containerized microservices running on AWS to build and deliver FOX NOW

The Washington Post built their publishing platform using microservices running on AWS

What is EKS?

EKS is Amazon Elastic Kubernetes Service. EKS provides:

  • flexibility to start, run, and scale Kubernetes applications in the AWS cloud or on-premises
  • highly-available and secure clusters and automates key tasks such as patching, node provisioning, and updates
  • runs upstream Kubernetes and is certified Kubernetes conformant for a predictable experience
  • easily migrate any standard Kubernetes application to EKS without needing to refactor your code

 

Benefits

Improve availability and observability

Provision and scale your resources efficiently

Get a more secure Kubernetes environmenty

EKS runs the Kubernetes control plane across multiple AWS Availability Zones, automatically detects and replaces unhealthy control plane nodes, and provides on-demand, zero downtime upgrades and patching. EKS offers a 99.95% uptime SLA. At the same time, the EKS console provides observability of your Kubernetes clusters so you can identify and resolve issues faster.

EKS automatically applies the latest security patches to your cluster’s control plane. AWS works closely with the community to address critical security issues and help ensure that every EKS cluster is secure.

With EKS managed node groups, you don’t need to separately provision compute capacity to scale your Kubernetes applications. You can also choose AWS Fargate to automatically provision on-demand serverless compute for your applications. For even more cost savings, EKS nodes on Amazon EC2 Spot instances reduce your cost for more efficiency.

How it works

Deploy applications with Amazon EKS in the cloud

How it works

Deploy applications with Amazon EKS anywhere

How it works

Deploy applications with  your own tools

Use cases

Hybrid deployment

Machine Learning

Batch Processing

Web Applications

Companies adopting Amazon EKS

Storage Service

AWS Storage Services

What is S3?

      Amazon Simple Storage Service (Amazon S3) is an object storage service that offers industry-leading scalability, data availability, security, and performance. This means customers of all sizes and industries can use it to store and protect any amount of data for a range of use cases, such as data lakes, websites, mobile applications, backup and restore, archive, enterprise applications, IoT devices, and big data analytics.

Amazon S3 provides easy-to-use management features so you can organize your data and configure finely-tuned access controls to meet your specific business, organizational, and compliance requirements. Amazon S3 is designed for 99.999999999% (11 9's) of durability, and stores data for millions of applications for companies all around the world.

 

Benefits

  • Industry-leading performance, scalability, availability, and durability
  • Wide range of cost-effective storage classes
  • Unmatched security, compliance, and audit capabilities
  • Easily manage data and access controls
  • Query-in-place and process on-request
  • Most supported cloud storage service

 

Use cases

Backup and restore

Disaster Recovery (DR)

Archive

Data lakes and big data analytics

Hybrid cloud storage

Cloud-native applications

Other Services

List of Top 10 AWS Services in 2021

Amazon

VPC

and + 5 very popular services

Q & A