Aws for Java Developers Part 1
Cloud Computing
The practice of using a network of remote servers hosted on the Internet to store, manage, and process data, rather than a local server or a personal computer.
Types of cloud
- Private
- Public
- Hybrid
Benefits of Using AWS over traditional data center
- Switch from Capital Expenditure to Operational Expenditure
- Cost benefit from massive economies of scale
- No need to guess required infrastructure capacity
- Increased speed and agility
- Global access
Accessing AWS services
- AWS management console
- AWS command line interface (CLI)
- AWS software development kits (SDKs)
- Query APIs
AWS global infrastructure (Regions and AZs)
- The AWS infrastructure is connected and isolated in the form of Region, Availability Zone (AZs) and edge Locations based on geography.
- An AWS region is a physical location spread across globe to host your data to reduce latency. In each region there are at least two AZs for fault tolerance e.g Asia pacific (Tokyo), Asia Pacific (Singapore), US East (N. Virginia), China (Beijing) etc.
- An AZ is the combination of one or more data centers in a region e.g Asia Pacific (Tokyo) can have ap-northeast-1a, ap-northeast-1b, ap-northeast-1c and US West (Oregon) can have us-west-2a, us-west-2b, us-west-2c
- A Data Center is the location where actual physical dat resides
- An Edge location is basically a small setup in different locations that provides low latency connectivity by providing static contents to be available from nearest location of the request.
- What happens is that instead of getting the information from the source it just routes to the nearest edge location and delivers the information reducing the latency.
IAM
- AWS IAM is a global service that is specifically designed to create and manage users, groups, roles and policies
- Creating an AWS account also creates a root user
- Email and password supplied at the time of creating AWS account becomes the username and password of the root user
- The root user has complete unristricted access
- Root user is a supreme user and its permissions cannot be altered
Elements of IAM
- User : A user is an person or application that requires access to various AWS resources to perform designated tasks.
- Access Key : An access key is a 20 character alphanumeric key that acts a a user ID.
- Secret Key : A secret key is a 40 character alphanumeric key that act as a password and secret key.
- Access Key and Secret Key are used together for initiating API, SDK and CLI authentication.
- Password policy : Password policy defines the complexity requirement of a password
- Multi-Factor Authentication : It is an extra layer of security protection for user authentication that requires user to enter 6-digit token at the top of username and password.
- Group : A group is a collection of IAM users.
- Role : A role is an IAM entity that constitutes one or more IAM policies defining resource permissions.
- Policy : A policy is an document written in JSON format that formally states one or more permissions as per the IAM policy standards.
Creating an IAM user
- Step 1: Go to https://aws.amazon.com/
- Step 2 : Click on Sign In to the console and login with root credentials.
- Step 3 : Once you login you will be landed to AWS dashboard. Search for IAM in Find services search box.
- Step 4 : Customize IAM users sign-in link by click on the Customize link next to IAM user link and write provide the account alias in the textbox
- Step 5 : Configure password for new user
Step 6 : Attach administrative policy for the user
Step 7 : Hit the Create user Button
Note down all the details for user login and download the .csv file
Login with the newly created user
Exercise 1
- Create a new user from your root account with Administrative access.
- Download the credentials.csv file
- Send the login details over the email.
- Login from the newly created user.
Elastic Compute Cloud (EC2)
- Amazon EC2 is a storage service that provides an on demand and scalable computing service on the cloud.
- It eliminates the need for upfront investment on the hardware with the pay as you go model.
- You only pay for what you use.
- If you do not require the provisioned instances, you can terminate them at will.
Important aspects of EC2
- Amazon EC2 is a virtualized environment on the cloud.
- A provisional EC2 resource is called an instance
- You can create a new instance based on AMI
- It provides various combination of CPU, Memory, storage and networking. These combinations are called instance types.
- Amazon provides multiple physical location for provisioning EC2 instances known as AZs.
- It provides firewall to your instance using security groups.
- It provides a static IPv4 address for your instances, which is called elastic IP address.
Pricing for EC2
- If you just want to get started working on EC2 and learn. Amazon provides EC2 in free tier. It offers a t2.micro instance type to run for upto 750 hours per month.
- Following are the different ways to pay form amazon EC2 instance
- On Demand
- Spot Instance
- Reserved Instance
- Dedicated Host
EC2 instance life cycle
- Launch Instance
- When an instance is provisioned, it immediately gets into the pending state.
- The instance is launched using the AMI you choose for provisioning.
- Once the instance is ready to use it gets into the running state
- Instance stop and start
- When you stop an instance, AWS initiates the OS shutdown process and the instance enters in stopping state.
- As soon as the OS shutdown process completes, the instance enters into the stopped state.
- Every time an instance transitions from the stopped to running state, AWS charges a full billing hour.
- Instance reboot
- When an instance reboots, it remains on the same host computer in virtualized environment.
- It retains its IP addresses and public DNS name.
- It also retains Its IP addresses and public DNS name.
- It also retains Data on its instance store.
- Instance termination
- If an EC2 instance is no longer required, you can terminate the instance.
- AWS provides an option called termination protection. If this option is enabled users cannot terminate an instance without disabling the termination protection.
AMI (Amazon Machine Image)
- An AMI contains a set of information to launch an instance:
- It contains a template that includes information such as operating system, application server and any other application software.
- It contains launch permissions describing which AWS account can use the AMI to spin up new instance.
- It also contains block device mapping, describing the volume information to be attached to the instance while launching.
- You can specify the AMI while launching the instance. An AMI can be used to launch as many instances as required; however, an instance can be based on a single AMI
- All AMIs are internally stored in S3 bucket.
- AWS protects these AMIs and these AMIs are not directly visible on S3.
Creating an EC2 Instance
Step 1: Login with the previously created user and on the home page search bar search for EC2
Step 2: You will be landed to the screen below, hit the Launch Instance
Step 3 : Click on browse more APIs Select ubuntu server AMI instance which is Free tier eligible
Step 4 : Choose the free tier instance type and hit
Next : Configuration Details
Create new pem file by clicking on Create new key pair
Edit network settings
Step 7 : Add custom TCP rule for port 8080 and open it for outside world and Click on Launch
You can see now instance in up and running
Connecting to EC2 instance type
Place the line below in application.properties spring.application.name=Spring Application on EC2
Now hit http://<IPV4-IP>:8080/
Change Instance Type
Creating AMI
Terminate Instance
Exercise 2
- Create a free tier ubuntu instance and open the port 8080 for that instance.
- After launching the instance connect to the instance with pem file
- update the ubuntu and install Java 8
- Create a spring boot application which simply prints application name via RestController on the browser.
- Create a Jar of Spring Boot application and copy the jar to the instance.
- Run the jar on the instance and access you application on <InstanceIP>:8080
- Create the AMI for the instance
- Terminate the instance
Introduction to Elastic Block Store (EBS)
EBS is an AWS block storage service, that provides block level, persistent storage volumes for EC2 instance
- General Purpose SSD (Solid State Drive)
- It is recommended for almost all workload types
- Can be used as an root volume for operating system
- Can be attached to a virtual desktop
- In interactive apps requires low latency storage
- Development workloads
- Testing environment
- Provisional IOP SSD
- It can be used in mission critical applications
- Business critical application requiring consistent performance
- It can be used in large database workloads such as SQL, Oracle
- Throughput Optimized HDD
- Application require consistent and fast throughput at a low cost
- Big Data
- Data warehouse
- Log Processing
- Cold HDD
- It can be used in a throughput oriented storage
- Use it for large volume of data when you don't need to access it frequently
- In applications needs where there is need to lower storage cost
Snapshot
- EBS snapshot is an AWS service that provides a mechanism to backup EBS volumes.
- AWS provides a way to back up your EBS data on S3 by taking a point in time snapshot
- Snapshots are incremental in nature.
- It only saves data blocks that are changed after the last snapshot backup taken from the volume.
Create the new Instance from AMI
Adding Volume to an instance and launch the instance
In the volume Section you will see two volumes attached to NewInstance
You will observe that the jar we created earlier is already on thew instance
Run the jar and try to access the app over public IP
Connect to the instance using pem file
Hit the command below You will be able to see the attached EBS
Modify the volume
Detach Volume
You cannot detach root volume when instance is running
Try Detaching the volume other than root
Delete the volume which is detached
Lets create a file in the New Instance
Create the snapshot of the root volume of new instance
In the Snapshots section you will see your newly created Snapshot
Create new volume from the snapshot
While creating the volume from the snapshot please make sure that you select the availability zone of the instance and Volume should be same
In the volume section you will be able to see newly created instance from Snapshot
Launch a New Instance from AMI with only root volume
Connect with the instance and see its content
stop the AnotherInstance
Detach the root volume of AnotherInstance
Attach SnapShot Volume to Another Instance
Start the AnotherInstance
Now Check the AnotherInstance you must file file.txt file there
Exercise 3
- Launch the new instance with AMI with 2 EBS volumes.
- Connect to instance and run command fdisk -l to check the attached disks.
- Change the volume of Root Disk.
- Detach the non root disk and delete it.
- Create a file in the another new instance and put some text in the file.
- Now create the snapshot of Root Volume
- Launch One more instance and detach its root volume and attach the volume create by snapshot as the root volume for this instance.
- Now check for the file you created in the previous instance it should be present in the instance which we have created later.
Elastic IP
Whenever we restart the instance the public IP of instance changes and we need to use the changed public IP in order to connect with the instance we can avoid this by using elastic IPs.
Connect to instance using elastic IP and start the Spring Boot App
Access App Using elastic IP
Now if you restart the instance again you will see that you will be able to connect with the instance using same elastic IP
AWS for Java Developers part-2
Elastic Load balancer
- Elastic Load Balancer is an AWS service that automatically distributes incoming network or application traffic to a number of EC2 instances.
- It monitors the health of each of the EC2 instances associated with it and forwards the traffic only to health instances
- Following are the benefits of ELB:
- High availability
- Fault Tolerance
- Elasticity
- Security
- We will launch two instances with the Spring Boot Application which we created earlier.
- We will change the names of applications to Spring Application 1 and Spring Application 2
Command to trigger
java -jar spring-ec2-0.0.1-SNAPSHOT.jar --spring.application.name=instance-2 &
java -jar spring-ec2-0.0.1-SNAPSHOT.jar --spring.application.name=instance-1 &
Now try hitting the the public DNS for the load balancer and you should be able to see response from both the instances
Auto Scaling
API gateway
An API gateway is an API management tool that sits between a client and a collection of backend services. An API gateway acts as a reverse proxy to accept all application programming interface (API) calls, aggregate the various services required to fulfill them, and return the appropriate result.
Aws Basics
By Pulkit Pushkarna
Aws Basics
- 1,525