AWS SSA Webinar 7 - Getting Started on AWS

© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Getting started with AWS
O n l i n e W e b i n a r – 2 0 2 0 / 0 4 / 2 1
Cobus Bernard
Sr Developer Advocate
Amazon Web Services
@cobusbernard
cobusbernard
cobusbernard

Agenda
Global infrastructure
Security
Networking
Compute
Storage
Q&A

AWS global platform
AWS global infrastructure
• 22 Regions with 70 Availability Zones
• 5 Regions coming soon: Indonesia, Italy,
South Africa, Spain and Osaka
216 CloudFront PoPs
• 205 edge locations
• 11 Regional edge caches
• 245 Countries & territories served
AWS global network
• Redundant 100 GbE network
• 100% encrypted between facilities
• Private network capacity between
all AWS Regions except China
SLA of
99.99% availability

AWS Region and availability zones
Region
Availability zone a Availability zone b Availability zone c
data center
data center
data center
2 or more AZs per region (new regions min 3)
data center
data center
data center
data center
data center
data center
1 or more data centers per AZ

Availability in parallel
Component Availability Downtime
X 99% (2-nines) 3 days 15 hours
Two X in parallel 99.99% (4-nines) 52 minutes
Three X in parallel 99.9999% (6-nines) 31 seconds

AWS Identity and Access Management
Security before the cloud Security in the cloud
Corporate data center AWS Cloud


IAM roles for nonhuman access
AWS account Use IAM roles for access to
AWS resources:
• From your application
running on an AWS
compute environment,
e.g., EC2 instance, Lambda
function, etc.
• To grant permission to an
AWS service to access your
resources (not shown)
EC2 instance
Lambda
function
Amazon S3
buckets
Amazon
DynamoDB table

There are many security services in AWS
AWS Identity and Access Management (IAM)

Private IP address range for your VPC – IPv4
• ”CIDR” range?
• Classless inter-domain routing
• No more class A, B, C
• RFC1918
• 192.168.0.0 /16
• 172.16.0.0 /12
• 10.0.0.0 /8
• How much?
• /16
• /28

Subnet Subnet
Subnet Subnet
VPC
Availability Zone
US-EAST-1A
Availability Zone
US-EAST-1B
Amazon VPC (Virtual Private Cloud)
172.31. 172.31.
172.31. 172.31.
Subnet
Subnet
Availability Zone
US-EAST-1C
172.31.
172.31.
172.31.0.0/16:
172.31.0.1
to
172.31.255.254
=
65534 host IPs
/24 = 254 hosts
/20 = 4096 hosts

Subnet
Subnet Subnet
VPC
Availability Zone
US-EAST-1A
Availability Zone
US-EAST-1B
172.31. 172.31.
172.31. 172.31.
Subnet
Subnet
Availability Zone
US-EAST-1C
172.31.
172.31.
Application server
security group

Subnet
Subnet
VPC
Availability Zone
US-EAST-1A
172.31.
172.31.
Subnet
Subnet
172.31.
172.31.
Web server
security group
Application server
security group
Availability Zone
US-EAST-1C

What is Amazon CloudFront?
CloudFront is the AWS content delivery network
It securely delivers data, videos, applications, and APIs to
customers globally with low latency and high transfer speeds
CloudFront is integrated with AWS; physical locations are
directly connected to the AWS Global Cloud Infrastructure
and other AWS services
It features a global network of >200 points of presence (PoPs)

Latency benefits with PoP launches
Argentina
55% Latency reduction
79 ms  35 ms
Chile
104 ms  28 ms
PoP launches ensure connectivity with majority views
and redundant AWS backbone
Bahrain:
38 ms  27 ms

Learn networking with AWS Training and Certification
Free digital courses cover topics related to networking and
content delivery, including Introduction to Amazon CloudFront
and AWS Transit Gateway Networking and Scaling
Resources created by the experts at AWS to help you build and validate cloud networking skills
Validate expertise with the AWS Certified Advanced Networking –
Specialty exam
Visit the advanced networking learning path at aws.amazon.com/training/path-advanced-networking

AWS manages Customer manages
Data source integrations
Physical hardware, software,
networking, and facilities
Provisioning
Application code
Container orchestration, provisioning
Cluster scaling
Physical hardware, host OS/kernel,
Application code
Security config
and updates
Network config
Management tasks
Container orchestration control plane
Application code
Work clusters
Security config and updates,
network config, firewall, and
management tasks
Application code
Scaling
Security config and updates
Network config
Management tasks
Provisioning, managing scaling
and patching of servers
Serverless operations with AWS Fargate and Lambda
AWS Lambda
Serverless functions
AWS Fargate
Serverless containers
Amazon ECS/EKS
Container-management
-as-a-service
Amazon EC2
Infrastructure-as-a-service
Less
More
Opinionated

Amazon EC2
Virtual servers in the cloud
Physical servers in
AWS global Regions
Guest 1 Guest 2 Guest n
Hypervisor
Host server
EC2 instances

Amazon EC2 instance store
Local to instance
Nonpersistent data store
Data not replicated
(by default)
No snapshot support
SSD or HDD
Physical host machine
EC2 instances
Instance store
or

Amazon EBS
EC2
instance
EBS
volume
EBS
snapshot
gp2 io1
st1 sc1
EBS SSD-
backed
volumes
EBS
HDD-
backed
volumes
Amazon S3
Block storage as a service
Create, attach, modify through an API
Select storage and compute based
on your workload
Detach and attach between instances
Choice of magnetic and SSD-based
volume types
Supports snapshots: Point-in-time
backup of modified volume blocks

Amazon EC2 14+ years ago…
Scale up or down
quickly, as needed
Pay for what
you use
“One size fits all”
M1

Amazon EC2 instance characteristics
M5d.xlarge
Instance family
Instance
generation
Instance size
Instance type
CPU
Memory
Storage
Network performance
Additional
capabilities

Categories Capabilities Options
Broadest and deepest platform choice
General purpose
Burstable
Compute intensive
Memory intensive
Storage (high I/O)
Dense storage
GPU compute
Graphics intensive
Amazon Elastic Block Store
Amazon Elastic Inference
270+instance types
for virtually every
workload and
business need
Choice of processor
(AWS, Intel, AMD)
Fast processors
(up to 4.0 GHz)
High-memory footprint
(up to 12 TiB)
Instance storage
(HDD and NVMe)
Accelerated computing
(GPUs and FPGA)
Networking
(up to 100 Gbps)
Bare metal
Size
(Nano to 32xlarge)
How do you select the right
instance to launch and optimize?

Instance Discovery AWS Compute Optimizer
New search and discovery experience
to easily find EC2 instance types
Quicker and easier for you to find and compare
different instance types and project costs
Machine learning–based service that
recommends optimal AWS resources
Recommends optimal EC2 instances and
Amazon EC2 Auto Scaling group config
Lower costs Optimize performance Get started quickly

Containers and Docker
A container is a standard unit of software that packages up code and all
its dependencies so the application runs quickly and reliably from one
computing environment to another.1
1 https://www.docker.com/resources/what-container
Server
Operating System
Docker Engine
AppA
AppB
AppC
AppD

Amazon ECS key components
Development cluster
Container instance Container instance
Container instance
Productioncluster
Container instance Container instance
Container instance
AmazonElastic Container Service
(AmazonECS)
Container
Container
Volume
Taskdefinition
AmazonElastic Container Registry

ECS
agent
Docker
agent
OS
Amazon Elastic
Compute Cloud
(Amazon EC2) instance
ECS
agent
Docker
agent
OS
EC2 instance
ECS
agent
Docker
agent
OS
EC2 instance
Amazon Elastic Container Service
(Amazon ECS)

Anatomy of an AWS Lambda function
Handler() function
Function to be executed
upon invocation
Event object
Data sent during Lambda
function invocation
Context object
Methods available to
interact with runtime
information (request ID,
log group, more)
import json
def lambda_handler(event, context):
# TODO implement
return {
'statusCode': 200,
'body': json.dumps('Hello World!')
}

Serverless applications
Event source Function
Node.js
Python
Java
C#
Go
Ruby
Powershell
Runtime API
Changes in
data state
Requests to
endpoints
Changes in
resource state

Anatomy of an AWS Lambda function
Function myhandler(event, context) {
<Event handling logic> {
result = SubfunctionA()
}else {
result = SubfunctionB()
return result;
}
Your handler

Anatomy of a Lambda functionImport sdk
Import http-lib
Import ham-sandwich
Pre-handler-secret-getter()
Pre-handler-db-connect()
}else {
return result;
}
Your handler

Import http-lib
Import ham-sandwich
}else {
return result;
}
Your handler
Dependencies, configuration information,
common helper functions

Import http-lib
Import ham-sandwich
}else {
return result;
}
Function Pre-handler-secret-getter() {
}
Function Pre-handler-db-connect(){
}
Your handler

Import http-lib
Import ham-sandwich
}else {
return result;
}
}
}
Function subFunctionA(thing){
## logic here
}
Function subFunctionB(thing){
## logic here
}
Business logic sub-functions
Your handler
Common helper functions

Anatomy of a serverless application
/orders
/forums
/search
/lists
/user
/...
Amazon API
Gateway
AWS Secrets
Manager /
Parameter Store
Amazon
DynamoDB
Import sdk
Import http-lib
Import ham-sandwich
}else {
return result;
}
}
}
## logic here
}
## logic here
}
Dependencies, configuration
information, common helper functions
Your handler
Import sdk
Import http-lib
Import ham-sandwich
}else {
return result;
}
}
}
## logic here
}
## logic here
}
Your handler
Import sdk
Import http-lib
Import ham-sandwich
}else {
return result;
}
}
}
## logic here
}
## logic here
}
Your handler
Import sdk
Import http-lib
Import ham-sandwich
}else {
return result;
}
}
}
## logic here
}
## logic here
}
Your handler
Import sdk
Import http-lib
Import ham-sandwich
}else {
return result;
}
}
}
## logic here
}
## logic here
}
Your handler
Import sdk
Import http-lib
Import ham-sandwich
}else {
return result;
}
}
}
## logic here
}
## logic here
}
Your handler

Learn compute with AWS Training and Certification
20+ free digital courses cover topics related to cloud compute,
including introduction to the following services:
Resources created by the experts at AWS to help you build cloud compute skills
Compute is also covered in the classroom offering, Architecting
on AWS, which features AWS expert instructors and hands-on
activities
• Amazon Elastic Compute Cloud
(Amazon EC2)
• Amazon EC2 Auto Scaling
• AWS Systems Manager
• AWS Inferentia and Amazon EC2
Inf1 instances
Visit the learning library at https://aws.training

Hardware and software installation
Database configuration, patching, and backups
Cluster setup and data replication for high availability
Capacity planning, and scaling clusters for compute and storage
Managing databases on-premises:
Time-consuming and complex

You
You
Fully managed services on AWS
Spend time innovating and building new applications, not managing infrastructure
AWS
Self-managed Fully managed
Schema design
Query construction
Query optimization
Automatic failover
Backup and recovery
Isolation and security
Industry compliance
Push-button scaling
Automated patching
Advanced monitoring
Routine maintenance
Built-in best practices

Challenge
They experienced service admin challenges with their original
provider and wanted to scale business to the next level.
Solution
They moved from self-managed MySQL to Amazon Aurora
MySQL. They use Aurora as the primary transactional database,
Amazon DynamoDB for personalized search, and Amazon
ElastiCache as in-memory store for sub-millisecond site rendering.
Result
Initially, the appeal of AWS was the ease of managing and
customizing the stack. It was great to be able to ramp up more
servers without having to contact anyone and without having
minimum usage commitments. AWS is the easy answer for any
Internet business that wants to scale to the next level.
—Nathan Blecharczyk, Cofounder and CTO of Airbnb
“
”
MOVE TO MANAGED →
Amazon
Aurora
Amazon
ElastiCache
Amazon
DynamoDB

Broad database and analytics services portfolio
Relational
databases
Non-relational
databases
Data
warehouses
Hadoop
and Spark
Amazon
Redshift
Amazon
EMR
Operational
analytics
Amazon
Elasticsearch
Service
Amazon
Aurora
Amazon
DynamoDB
Business
Intelligence
Amazon
QuickSight
Amazon
RDS
Amazon
DocumentDB
Amazon
ElastiCache
Real-time
analytics
Amazon
Managed
Streaming for
Apache Kafka
PostgreSQL
logstash
elasticsearch
kibana

Learn databases with AWS Training and Certification
25+ free digital training courses cover topics and services related to
relational and nonrelational databases
Resources created by the experts at AWS to help you build and validate database skills
Validate expertise with the AWS Certified Database – Specialty exam
The classroom offering, Planning and Designing Databases on AWS,
features AWS expert instructors and hands-on activities
Visit the databases learning path at aws.amazon.com/training/path-databases

Amazon RDS
Managed relational database service with a choice of popular databases
Easy to administer
Easily deploy and maintain
hardware, OS, and database
software; built-in monitoring
Available & durable
Automatic Multi-AZ data
replication; automated
backup, snapshots,
and failover
Performant & scalable
Scale compute
and storage with a
few clicks; minimal
downtime for your
application
Secure & compliant
Data encryption at rest
and in transit; industry
compliance and
assurance programs
PostgreSQL

Amazon Aurora
MySQL- and PostgreSQL-compatible relational database built for the cloud
Performance and availability of commercial-grade databases at 1/10th the cost
Performance
and scalability
Availability
and durability
Highly secure Fully managed
5x the throughput of standard
MySQL and 3x that of standard
PostgreSQL; scale out up to
15 read replicas
Fault-tolerant, self-healing
storage; six copies of data
across three Availability Zones;
continuous backup to Amazon S3
Network isolation,
encryption at
rest/transit, compliance
and assurance programs
Managed by Amazon RDS:
No server provisioning,
software patching, setup,
configuration, or backups

Sizing the database

Storage
Block
Amazon
EBS
Amazon FSx for
Windows File Server
Amazon FSx
for Lustre
Amazon
EFS
File
Amazon
S3
Object

Providing a fast, durable,
highly available, key-based
access to objects
Amazon S3

Providing a more reliable,
cost-effective, and cloud-
native NFS service
Amazon EFS

Thank you!
Cobus Bernard
Sr Developer Advocate
Amazon Web Services
@cobusbernard
cobusbernard
cobusbernard

AWS SSA Webinar 7 - Getting Started on AWS

Recommandé

Recommandé

Contenu connexe

Tendances

Tendances (20)

Similaire à AWS SSA Webinar 7 - Getting Started on AWS

Similaire à AWS SSA Webinar 7 - Getting Started on AWS (20)

Plus de Cobus Bernard

Plus de Cobus Bernard (20)

Dernier

Dernier (20)

AWS SSA Webinar 7 - Getting Started on AWS

Notes de l'éditeur