Cloudschool 2014 140306035011 Phpapp01

2013 Amazon Web Servlces, lnc. and lLs amllaLes. All rlghLs reserved.
AWS Cloud School

AWS Cloud School
Sbastien Stormacq
stormacq@amazon.lu
@sebsto
CopyrlghL 2013 Amazon Web Servlces, lnc. and lLs amllaLes. All rlghLs reserved.
1hls work may noL be reproduced or redlsLrlbuLed, ln whole or ln parL, wlLhouL prlor wrluen permlsslon from Amazon Web Servlces, lnc.
Commerclal copylng, lendlng, or selllng ls prohlblLed.
Cuesuons? Lmall us aL aws-Lralnlng-lnfo[amazon.com.
AWS Cloud School
2
[sebsLo
We value your feedback !
#cloudschool
AWS Cloud School
Course Overview | Training Agenda
AWS
Introduction
1
AWS Storage
2
AWS Compute
& Networking
3
Deployment
Management
5
Managed
Services &
Database

4
3
AWS Cloud School
1
This module describes the history and fundamental elements of Amazon Web
Services (AWS), as well as how to navigate the AWS Management Console and
identify its security features and basic principles.
2 3 5 4
Introduction
to AWS
AWS Storage Managed
Services &
Database

Deployment
Management
AWS Compute
& Networking
Course Overview | Training Agenda Module 1
4
AWS Cloud School
1 2 3 5 4
This module describes the fundamental elements of AWS Storage with a focus on
Amazon Simple Storage Service (S3) and Amazon Elastic Block Store (EBS).
AWS Storage Managed
Services &
Database

Deployment
Management
AWS Compute
& Networking
Introduction
to AWS
3
AWS Cloud School
1 2 3 5 4
This module describes the fundamental elements of AWS Compute and Networking,
with a focus on Amazon Elastic Compute Cloud. This module will build off what you
learned in Module 2 by verifying how to use Amazon Elastic Block Storage.
AWS Compute
& Networking
AWS Storage Managed
Services &
Database

Deployment
Management
Introduction
to AWS
6
AWS Cloud School
1 2 3 5 4
This module describes the fundamental elements of AWS Managed Services and
Databases (RDS). This module will focus on key aspects of Amazon Relational
Database Service and how to execute Amazon RDS.
Managed
Services &
Database
AWS Storage AWS Compute
& Networking
Deployment
Management
Introduction
to AWS
7
AWS Cloud School
1 2 3 5 4
This module describes the fundamental elements of AWS deployment management
products and services.
Deployment
Management
Introduction
to AWS
AWS Storage Managed
Services &
Database

AWS Compute
& Networking
8
AWS Cloud School
Module 1: Introduction to AWS
CopyrlghL 2013 Amazon Web Servlces, lnc. and lLs amllaLes. All rlghLs reserved.
1hls work may noL be reproduced or redlsLrlbuLed, ln whole or ln parL, wlLhouL prlor wrluen permlsslon from Amazon Web Servlces, lnc.
Commerclal copylng, lendlng, or selllng ls prohlblLed.
Cuesuons? Lmall us aL aws-Lralnlng-lnfo[amazon.com.
AWS Cloud School
Introduction to AWS | Overview
Module Overview
This module describes the history and fundamental elements of Amazon Web
Services (AWS), as well as how to navigate the AWS Management Console
and identify its security features and basic principles.
10
AWS Cloud School
Introduction to AWS | Learning Objectives
1
Navigate the AWS Management Console.
2
Recognize AWS Global Infrastructure.
Describe the security measures AWS provides.
3
By the end of this module you will be able to:
11
AWS Cloud School
Introduction to AWS | Cloud Computing
Compute
Storage
Security
Scaling
Database
Networking
Monitoring
Messaging
Workflow
DNS
Load Balancing
Backup
CDN
12
AWS Cloud School
AWS History
AWS Cloud School
Introduction to AWS | Amazon History
14
AWS Cloud School
Introduction to AWS | History of Amazon Web Services
13
AWS Cloud School
Introduction to AWS | AWS Cloud Computing
On Demand
}
Uniform
Pay As You Go
Available
Compute
Storage
Security
Scaling
Database
Networking
Monitoring
Messaging
Workflow
DNS
Load Balancing
Backup
CDN
16
AWS Cloud School
Introduction to AWS | AWS Core Infrastructure and Services
Traditional Infrastructure Amazon Web Services
!"#$%&'(
*"'+,%-
!"%."%/
!',%01" 2 30'040/"
RDMS
uAS SAn nAS
!"#$%&'(
*"'+,%-
!"%."%/
!',%01" 2 30'040/"
Security Groups NACLs Access Mgmt
EBS S3
vC
VPC
EC2 Classic
Public
567
RDS ElastiCache
ELB
Lxpand
On-Demand
rovlslon
AMI
Instances
17
AWS Cloud School
Introduction to AWS | Amazon Web Services
Your Applications
Deployment & Management
AWS Management
Console
Web Interface
Application Services & Networking
Compute, Storage & Database
CloudWatch
Monitoring
IAM
Identity & Access
Content Delivery
CloudFront
Distributed Computing
Amazon EMR Auto Scaling
Compute
Amazon EC2
Storage
Amazon S3 Amazon Clacler Amazon EBS
Database
Amazon Redshift DynamoDB Amazon RDS ElastiCache
Elastic Load
Balancing Route 53 Amazon VPC
Networking
AWS Direct Connect
AWS
CloudFormation
Elastic Beanstalk
Deployment & Automation
OpsWorks
18
AWS Cloud School
Introduction to AWS | Amazon Web Services
AWS Management
Console
Demonstration
19
AWS Cloud School
Global Infrastructure
AWS Cloud School
Introduction to AWS | Regions and Edge Locations
10 AWS Regions
51 AWS Edge Locations
21
AWS Cloud School
US Regions Global Regions
AZ - A AZ - B
AZ - C
EU (Ireland)
AZ - A AZ - B
South America
(Sao Paulo)
AZ - A AZ - B
Asia Pacific (Sydney)
AZ - A AZ - B
GovCloud (US)
AZ - A AZ - B
AZ - C AZ - D
US East (VA)
AZ - A AZ - B
US West (CA)
AZ - A AZ - B
Asia Pacific (Singapore)
AZ - A AZ - B
AZ - C
Asia Pacific (Tokyo)
AZ - A AZ - B
AZ - C
US West (OR)
Customer Decides Where Applications and Data Reside
Note: Conceptual drawing only. The number of Availability Zones (AZ) may vary.
Introduction to AWS | AWS Regions and Availability Zones (AZ)
22
AWS Cloud School
Introduction to AWS | AWS Regions and Availability Zones Cont.
Region
Availability
Zone - A
Availability
Zone - B
Availability
Zone - C
23
AWS Cloud School
Security
AWS Cloud School
Introduction to AWS | Shared Responsibility
Foundation Services
Compute Storage Database Network
AWS Global
Infrastructure
Regions
Availability Zones
Edge
Locations
Client-side Data Encryption &
Data Integrity Authentication
Server-side Encryption
(File System and/or Data)
Network Traffic Protection
(Encryption/Integrity/Identity)
Platform, Applications, Identity & Access Management
Operating System, Network & Firewall Configuration
Customer Data
A
W
S

C
u
s
t
o
m
e
r

23
AWS Cloud School
Introduction to AWS | Physical Security
24x7 trained security guards
Locations in nondescript,
undisclosed facilities
Two-factor authentication for ingress
Authorization for data center access
26
AWS Cloud School
Introduction to AWS | Hardware, Software and Network
Automated change control process
Bastion servers that record all
access attempts
Firewall and other boundary devices
AWS monitoring tools
27
AWS Cloud School
IMPLEMENTATION
DATA
DAILY
SOFTWARE
SYSTEM
COPY
RECOVERY
LOCATION
VALIDATION
COMPRESSION
STORAGE
MEDIA
WEEKLY
DEVICE
INCREMENTAL
REMOTE REPORTING
POLICY
LOCAL
LOG
SERVER
DEFFERENTIAL
PROTECTION
FULL
SCHEDULING
ONLINE
MONTHLY MONITORING
MANAGING
CATALOG DATABASE
SECURITY
BACKUP
OFF-LINE PROCESS
RESTORE
INDEX PROCEDURE
Introduction to AWS | Security and Compliance Resources
Secure API access points for
encrypted transmission over HTTPS
using SSL
Cryptographic keys and certificates
are required for any user or software
program to access an AWS API
Security Groups to let you control
external access to your instances
28
AWS Cloud School
User Accounts

Create individual
IAM accounts so that
each of your users
has their own
security credentials

IAM
Introduction to AWS | SSL Endpoints
Subnet Control

Create low level
networking
constraints for
resource access,
such as public and
private subnets,
internet gateways,
and NATs

VPC
Secure
Transmission

Establish secure
communication
sessions (HTTPS)
using SSL

SSL Endpoints
Instance Firewalls

Configure firewall
settings on instances
via Security Groups

Security Groups
29
AWS Cloud School
Introduction to AWS | Security Groups
Subnet Control

Create low level
networking
constraints for
resource access,
such as public and
private subnets,
internet gateways,
and NATs

VPC
Secure
Transmission

Establish secure
communication
sessions (HTTPS)
using SSL

SSL Endpoints
Instance Firewalls

Configure firewall
via Security Groups

Security Groups
User Accounts

Create individual
each of your users
has their own

IAM
30
AWS Cloud School
Introduction to AWS | AWS Multi-tier Security Groups
HTTP
SSH
DB-sync
Ports 80 and 443 only
open to the internet
Engineering staff
have SSH access to
the App Tier, which
acts as Bastion
Authorized 3
rd
parties
can be granted SSH
access, such as the
Database Tier
All other internet ports
blocked by default
EC2
EC2
EC2
EBS
W
e
b
T
ie
r

31
AWS Cloud School
Introduction to AWS | Identity and Access Management (IAM)
Subnet Control

Create low level
networking
constraints for
resource access,
such as public and
private subnets,
internet gateways,
and NATs

VPC
Secure
Transmission

Establish secure
communication
sessions (HTTPS)
using SSL

SSL Endpoints
Instance Firewalls

Configure firewall
via Security Groups

Security Groups
User Accounts

Create individual
each of your users
has their own

IAM
32
AWS Cloud School
Introduction to AWS | Account Control
AWS Identify and Access Management (IAM)
AWS Identity and Access Management (IAM) enables you to securely control
access to AWS services and resources for your users. Using IAM, you can
create and manage AWS users and groups and use permissions to allow and
deny their permissions to AWS resources. First time users should visit the
IAM best practices section online.
Note: Master IAM accounts should not be used for production systems!!!
33
AWS Cloud School
Introduction to AWS | Virtual Private Cloud (VPC)
Subnet control

Create low level
networking
constraints for
resource access,
such as public and
private subnets,
internet gateways,
and NATs

VPC
Secure
transmission

Establish secure
communication
sessions (HTTPS)
using SSL

SSL Endpoints
Instance firewalls

Configure firewall
via Security Groups

Security Groups
8/"% 0##,$9'/

CreaLe lndlvldual lAM
accounLs so LhaL each
of your users has Lhelr
own securlLy
credenuals

IAM
34
AWS Cloud School
Introduction to AWS | Certifications and Accreditations
AWS publishes a Service
Organization Controls SOC 1 report
AWS has achieved ISO 27001
certification
AWS has achieved FedRAMP
compliance, received authorization
from the U.S.
FISMA Moderate level
Authorities to Operate (ATOs) under
the Defense Information Assurance
Certification and Accreditation
Program (DIACAP)
33
AWS Cloud School
Additional Resources
Introduction to AWS | Additional Resources
Here are some additional resources:
More details and up to date information on Global Infrastructure can be found
online: http://aws.amazon.com/about-aws/globalinfrastructure/
AWS Management Console: https://console.aws.amazon.com/console/home.
AWS Security Assurance and Compliance Programs:
https://aws.amazon.com/compliance/
Security Center: http://aws.amazon.com/security
IAM Best Practices:
http://docs.aws.amazon.com/IAM/latest/UserGuide/IAMBestPractices.html
36
AWS Cloud School
Introduction to AWS | Module Completion and Summary
Summary
You have reached the end of this training module. In summary, you have learned:
How to navigate the AWS Management Console
Describe the security measures AWS provides
What is Global Infrastructure
37
AWS Cloud School
Module 2: AWS Storage

AWS Cloud School
AWS Storage | Overview
Module Overview
This module describes the fundamental elements of AWS Storage with a
focus on Amazon Simple Storage Service (S3) and Amazon Elastic Block
Store (EBS).
39
AWS Cloud School
AWS Storage | Learning Objectives
1
Identify key AWS storage options.
2
Describe Amazon Elastic Block Store.
Create an Amazon S3 bucket and manage associated objects.
3
By the end of this training you will be able to:
40
AWS Cloud School
AWS Storage | AWS Storage Products and Services
Amazon
Simple
Storage
Service
Amazon
Import/
Export
Amazon
Glacier
AWS
Storage
Gateway
Amazon
Elastic
Block Store
41
AWS Cloud School
AWS Storage | AWS Storage Products and Services
Amazon
Simple
Storage
Service
Amazon
Elastic
Block Store
Amazon
Import/
Export
Amazon
Glacier
AWS
Storage
Gateway
42
AWS Cloud School
AWS Storage | Amazon Simple Storage Service (S3)
Amazon
Simple
Storage
Service
Storage for the Internet. Natively online,
HTTP access
Store and retrieve any amount of data,
any time, from anywhere on the web
Highly scalable, reliable, fast
and durable
43
AWS Cloud School
AWS Storage | Amazon S3 Storage Concepts
Amazon S3 Concepts
Amazon
S3
Bucket
with
Objects
Bucket
Object
Amazon S3 stores data as
objects within buckets
An object is comprised of a file
and optionally any metadata that
describes that file
You can have one or more
buckets in your account
You can manage control access
to the bucket
44
AWS Cloud School
AWS Storage | Amazon S3 Concepts - Buckets
Amazon S3 Buckets
A bucket is a logical container for objects stored in Amazon S3. Every object
is contained in a bucket. For example, if the object named photos/puppy.jpg
is stored in the johnsmith bucket, then it can be accessed using the URL:

Organize Amazon S3 namespace at highest level
Identify account storage and data transfer charges
Access Control
Unit of aggregation for usage reporting
http://johnsmith.s3.amazonaws.com/photos/puppy.jpg
Amazon S3 Bucket
43
AWS Cloud School
AWS Storage | Amazon S3 Concepts - Objects
Amazon S3 Objects
Objects are the fundamental entities stored in Amazon S3. When using the
console, you can think of them as being files. Objects consist of data and
metadata. The data portion is opaque to Amazon S3. The metadata is a set
of name-value pairs that describe the object.
Default metadata such as the date last modified
Standard HTTP metadata such as Content-Type
Custom metadata at the time the object is stored
An object is uniquely identified within a bucket by a key (name)
Object
Bucket w/Objects
46
AWS Cloud School
AWS Storage | Amazon S3
Lifecycle Management
Lifecycle management defines how Amazon S3 manages objects during their
lifetime. Some objects that you store in an Amazon S3 bucket might have a well-
defined lifecycle:

Log files
Archive documents
Digital media archives
Financial and healthcare records
Raw genomics sequence data
Long-term database backups
Data that must be retained for regulatory compliance
47
AWS Cloud School
AWS Storage | Amazon S3 Pricing
All data into AWS is free
First GB out each month is free
Additional data out starts at $.12 per
GB/month*
Bandwidth Used Capacity
$.085 per GB / Month, pricing for
US East (Northern Virginia) Region*
Review Pricing Calculator
* Pricing in the US at the time this training was developed.
48
AWS Cloud School
AWS Storage | Amazon S3 Facts
Amazon S3
Unlimited number of objects in up to 100 Buckets
Able to store unlimited number of Objects in a Bucket
Objects from 0B-5 TB; no bucket size limit
Designed for 99.999999999% durability and 99.99% availability of objects
over a given year
HTTP/S endpoint to store and retrieve any amount of data, at any time,
from anywhere on the web
Highly scalable, reliable, fast, and inexpensive
49
AWS Cloud School
AWS Storage | Amazon Glacier
Amazon
Glacier
Extremely low-cost storage
Secure, durable storage for
data archiving and backup
Optimized for data that is
infrequently accessed
30
AWS Cloud School
AWS Storage | Amazon Glacier Storage
Amazon Glacier
Offload the administrative burdens of operating and scaling archival storage
to AWS, and make retaining data for long periods, whether measured in
years or decades, especially simple.
Optimized for data that is infrequently accessed and for which retrieval times
of several hours are suitable.
Customers can reliably store large or small amounts of data for as little as
$0.01 per gigabyte per month (current pricing), a significant savings
compared to on-premises solutions, which makes this suitable for
information archival.
31
AWS Cloud School
AWS Storage | Amazon Elastic Block Store (EBS)
Amazon
Elastic
Block
Store
Attach to running instance and
expose as a block device
Block storage volumes
for use with Amazon
EC2 instances
Snapshots stored
durably in Amazon S3
32
AWS Cloud School
AWS Storage | Amazon EBS
Create
Vast amounts of
unused space
Call CreateVolume
1 GB to 1 TB
Attach
Deleted
Call AttachVolume to affiliate
with one EC2 instance
Attached
&
In Use
Format from EC2 instance OS
Mount formatted drive
CreateSnapshot
Snapshot to
Amazon S3
Detach
Call DetachVolume
Call DeleteVolume
33
AWS Cloud School
AWS Storage | Amazon EBS Facts
Facts about Amazon EBS
Use for persistent storage
Can use to create RAID configuration for a server
You can use RAID 0 or RAID 1+0 (RAID 10)
Off-instance block storage that persists independently
Volumes behave like unformatted block devices for Linux or Windows instances
34
AWS Cloud School
AWS Storage | Amazon EBS Use Case
Amazon EBS
OS Boot device / root file system; secondary volumes/filesystems
Typical basis for database storage
Raw block devices for RAID, some databases
33
AWS Cloud School
AWS Storage | Amazon EBS Pricing
* Pricing for US East (Northern Virginia) Region at
the time this training was developed. Check online
for current pricing for all areas.
Pay for what you Provision
$0.05 per GB/month for standard EBS volume
$0.05 per 1 million I/O requests
$0.125 per GB-month for IOPS EBS volume
$0.10 per provisioned IOPS-month
Review Pricing Calculator online
36
AWS Cloud School
AWS Storage | Amazon EBS Best Practices
Amazon EBS Volumes are in a Single Availability Zone
AvallablllLy Zone A
EBS Volume 1
AvallablllLy Zone 8
EBS Volume 2
37
AWS Cloud School
AWS Storage | Amazon EBS and Amazon S3
Amazon EBS Amazon S3
Paradigm File system Object store
Performance very fast fast
Redundancy Within data center Across data centers
Security Visible only to your EC2 Public Key / Private Key
Pricing * $0.10/GB/month allocated $0.095/GB/month stored
Access from the
Net?
No(2) Yes(1)
Typical use case Its a disk drive Write once, read many
(1) Only with proper credentials, unless ACLs are world readable
(2) Accessible from Net if mounted to server and set up as FTP, etc.
* Pricing in the US at the time of this training.
38
AWS Cloud School
AWS Storage | AWS Storage Gateway
AWS
Storage
Gateway
Mirror your on-premises data
to Amazon EC2 instances
Connect an on-premises
software appliance with
cloud-based storage
Securely upload data to the AWS
cloud for cost effective backup and
rapid disaster recovery
39
AWS Cloud School
AWS Storage | Amazon Import/Export
Amazon
Import/
Export
Uses Amazon high-
speed internal network
Accelerates moving large amounts
of data into and out of Amazon S3
or Amazon EBS
Transfers your data directly onto and
off of storage devices
60
AWS Cloud School
AWS Storage | AWS Import/Export Support
Import/Export Support
Accelerates moving large amounts of data into and out of Amazon S3 or Amazon EBS
Transfers your data directly onto and off of storage devices
Uses AWS high-speed internal network

Amazon
S3
AWS Import/
Export
Amazon
S3
Amazon EBS
AWS Import/
Export
AWS Import/
Export
Amazon Glacier
AWS Import/
Export
Import to Amazon S3
Export from Amazon S3
Import to Amazon EBS
Import to Amazon Glacier
AWS Import/Export supports:
61
AWS Cloud School
S3 Demo
AWS Cloud School
AWS Storage | Additional Resources
Yelp Amazon Case Study: http://aws.amazon.com/solutions/case-studies/yelp/
Getting Started with Amazon S3 Video:
http://www.youtube.com/watch?v=1qrjFb0ZTm8&feature=youtu.be
Online Pricing Calculator: http://calculator.s3.amazonaws.com/calc5.html
Glacier: http://aws.amazon.com/glacier/
63
AWS Cloud School
AWS Storage | Module Completion
Summary
The key AWS storage options
What is an Amazon Elastic Block Store
How to create an Amazon S3 bucket and manage associated objects
64
AWS Cloud School
Module 3: Compute Services
& Networking
AWS Cloud School
Compute Services & Networking | Overview
Module Overview
This module describes the fundamental elements of AWS Compute and
Networking, with a focus on Amazon Elastic Compute Cloud. This module will
build off what you learned in Module 2 by verifying how to use Amazon
Elastic Block Storage.
66
AWS Cloud School
Compute Services & Networking | Learning Objectives
1
Identify the different AWS compute and networking options.
2
Describe what Amazon Virtual Private Cloud is.
4
Verify how to use Amazon Elastic Block Storage.

Create an Amazon Elastic Compute Cloud instance.
3
67
AWS Cloud School
Compute Services & Networking | AWS Compute Products and Services
Amazon
Elastic
Compute
Cloud
Auto
Scaling
Amazon
Elastic
MapReduce
68
AWS Cloud School
Compute Services & Networking | AWS Compute Products and Services
Amazon
Elastic
Compute
Cloud
Auto
Scaling
Amazon
Elastic
MapReduce
69
AWS Cloud School
Compute Services & Networking | Amazon Elastic Compute Cloud (EC2)
Amazon
Elastic
Compute
Cloud
Resizable compute capacity
Complete control of your
computing resources
Reduces the time required to obtain and
boot new server instances to minutes
70
AWS Cloud School
Compute Services & Networking | Amazon EC2 Facts
Resizable compute capacity with several instance types
Reduces the time required to obtain and boot new server instances to minutes
or seconds
Scale capacity as your computing requirements change
Pay only for capacity that you actually use
Choose Linux or Windows
Deploy across Regions and Availability Zones for reliability
Facts about Amazon EC2
71
AWS Cloud School

Compute Services & Networking | Using Amazon EC2
How to Use Amazon EC2
Select a pre-configured, Amazon Machine Image (AMI) to get up and running
immediately. Or create an AMI containing your applications, libraries, data, and
associated configuration settings.
Configure security and network access on your Amazon EC2 instance.
Choose which instance type(s) you want, then start, terminate, and monitor as
many instances of your AMI as needed, using the web service APIs or the
variety of management tools provided.
Determine whether you want to run in multiple locations, utilize static IP
endpoints, or attach persistent block storage to your instances.
Pay only for the resources that you actually consume, like instance-hours
or data transfer.
72
AWS Cloud School
Compute Services & Networking | Amazon Machine Images (AMI)
AMIs
Building blocks of EC2 instances
An AMI is a template of a computer's root volume
Can be public or private
Create gold Images of your EC2 infrastructure
AMI
73
AWS Cloud School
Compute Services & Networking | Infrastructure and Applications
Oracle
SAP
Microsoft
AMI Marketplace
Infrastructure and Applications
74
AWS Cloud School
Compute Services & Networking | Amazon EC2 Instances
256
128
64

32

16

8

4

2

1

1 2 4 8 16 32 64 128
EC2 Compute Units (HP)
M
e
m
o
r
y

(
G
B
)

73
AWS Cloud School
Compute Services & Networking | Amazon EC2 Instances Pricing
Reserved Instances
1- or 3-year terms
Light/Medium/Heavy
Pay low up-front fee,
receive significant
hourly discount
Helps ensure
compute capacity is
available when
needed
On-Demand Instances
Unix/Linux instances
start at $0.02/hour
USD in the US
East Region
Pay as you go for
compute power
Pay only for what you
use, no up-front
commitments or long-
term contracts
On-Demand Instances
Bid on unused
EC2 capacity
Spot Price based on
supply/demand,
determined
automatically
Spot Price below
bid, instances start
Spot Price above
bid, instances stop
Spot Instances
A
W
S
F
r
e
e

U
s
a
g
e
T
ie
r

76
AWS Cloud School
Reserved Instances
Billing Options
:%#;&'"#<91 =&'; :=!
Designing for Cost |
AWS Cloud School
0
1000
2000
3000
4000
3000
6000
7000
Reserved Instances
On Demand
Spot
C
o
m
p
u
t
e

R
e
s
o
u
r
c
e
s

Compute Services & Networking | Leverage all 3 Instances
78
AWS Cloud School
Virtual Machine
Configuration
AMI
Running or
Stopped VM
Instances vC
EC2 Classic
Public
AZ Availability Zone
vC
Region
vC
EC2 Classic
Public
EBS EBS EBS EBS EBS EBS
Region
S3
EBS
Snapshots
S3 Buckets
Compute Services & Networking | Compute Example
79
AWS Cloud School
Elastic Compute Cloud Demo
AWS Cloud School
Compute Services & Networking | Amazon Elastic MapReduce (EMR)
Amazon
Elastic
MapReduce
Easily and cost-effectively
process vast amounts of data
Utilizes a hosted
Hadoop framework
Process vast
amounts of data
81
AWS Cloud School
Compute Services & Networking | Amazon EMR Example
Amazon EMR
Job Flow
Amazon Simple
Storage Service (S3)
Amazon
CloudWatch
Amazon EC2 Instance
The Amazon EMR
job flow runs on a
cluster of Amazon
EC2 Instances
Input Data
Output Results
M
e
t
r
i
c
s

82
AWS Cloud School
Compute Services & Networking | Amazon Auto Scaling
Auto
Scaling
Scale your Amazon EC2
capacity automatically
Available at no
additional charge
Well suited for applications
that experience variability
in usage
83
AWS Cloud School
Compute Services & Networking | Amazon Auto Scaling Cont.
Elastic Capacity
1
Ease of Use
2
Cost Savings
3
Actions
5
Geographic
4
84
AWS Cloud School
1
With Auto Scaling, you can ensure that the number of Amazon EC2 instances you are using
increases seamlessly during demand spikes to maintain performance, and decreases
automatically during demand lulls to minimize costs.
Ease of Use
2
Cost Savings
3
Actions
5
Geographic
4
Elastic Capacity
83
AWS Cloud School
1 2 3 5 4
Manage your instances spread across either one or several Availability Zones as a single
collective entity, using simple command line tools or programmatically via an easy-to-use web
service API. Replace lost or unhealthy instances automatically based on predefined thresholds.

Ease of Use Cost Savings Actions Geographic Elastic Capacity
86
AWS Cloud School
1 2 3 5 4
Save compute costs by terminating underused instances automatically and launching new
instances when you need them, without the need for manual intervention.
87
AWS Cloud School
1 2 3 5 4
Distribute, scale, and balance applications automatically over multiple Availability Zones within a
region to support scalability and geographic redundancy.

88
AWS Cloud School
1 2 3 5 4
Schedule scaling actions for future times and dates when you expect to need more or less
capacity.
89
AWS Cloud School
Compute Services & Networking | Trinity of Services
Amazon Auto Scaling
Elastic Load
Balancer
CloudWatch Auto Scaling
Utilization
Metrics
90
AWS Cloud School
Networking
AWS Cloud School
Compute Services & Networking | AWS Networking Products and Services
Amazon
Virtual
Private
Cloud
Amazon
Route 53
AWS Direct
Connect
Elastic
Load
Balancing
92
AWS Cloud School
Compute Services & Networking | AWS Networking Products and Services
Amazon
Route 53
AWS Direct
Connect
Amazon
Virtual
Private
Cloud
Elastic
Load
Balancing
93
AWS Cloud School
Compute Services & Networking | Amazon Virtual Private Cloud (VPC)
Amazon
Virtual
Private
Cloud
Provision a private, isolated section of the AWS
Cloud where you can launch AWS resources in a
virtual network that you define
You have complete control over your virtual networking
environment: selection of IP address range, creation of
subnets, configuration of route tables, and network gateways
Define a virtual network topology that closely
resembles a traditional network that you might
operate in your own datacenter
94
AWS Cloud School
Compute Services & Networking | Amazon VPC
Bridge your Amazon
VPC and your onsite IT
infrastructure with an
encrypted VPN
connection, extending
your existing security and
management policies to
your Amazon VPC
instances as if they were
running within your
infrastructure.
Attach an Amazon Elastic IP
address to any instance in your
VPC so it can be reached
directly from the Internet.
Store data in Amazon S3 and
set permissions such that the
data can only be accessed
from within your Amazon VPC.
Control inbound and
outbound access to
and from individual
subnets using network
access control lists.
Divide your Amazon VPCs
private IP address range into
one or more public or private
subnets to facilitate running
applications and services in
your VPC.
Create an Amazon Virtual
Private Cloud on AWS scalable
infrastructure, and specify its
private IP address range from
any range you choose.
:>0?,9 @A6
Internet
93
AWS Cloud School
Compute Services & Networking | Amazon Virtual Private Cloud (VPC)
96
AWS Cloud School
Compute Services & Networking | AWS Direct Connect
AWS Direct
Connect
All AWS services, including
Amazon EC2 and Amazon
S3 can be used with AWS
Direct Connect
Use the same connection to access public
resources such as objects stored in Amazon S3
Virtual interfaces can be
reconfigured at any time
98
AWS Cloud School
Compute Services & Networking | Networking with AWS Direct Connect
AWS Direct Connect
Create virtual interfaces directly to the
AWS cloud, bypassing Internet service
providers in your network path.
An AWS Direct Connect location provides
access to Amazon Web Services in the
region it is associated with.
Establish connections with AWS Direct
Connect locations in multiple regions.
A connection in one region does not
provide connectivity to other regions.
99
AWS Cloud School
Compute Services & Networking | Amazon Route 53
Amazon
Route 53
Route end users to
Internet applications
Provides secure and reliable routing
to your application instances
Answers DNS queries
with low latency by
using a global network
of DNS servers
100
AWS Cloud School
Compute Services & Networking | Networking with Amazon Route 53
Amazon Route 53
Answers DNS queries with low latency by using a global network of DNS servers.
Queries for your domain are automatically routed to the nearest DNS server, and
thus answered with the best possible performance.
You pay only for managing domains through the service and the number of
queries that the service answers.
101
AWS Cloud School
Compute Services & Networking | Elastic Load Balancing (ELB)
Elastic
Load
Balancing
Supports the routing and load balancing of HTTP,
HTTPS, and TCP traffic to Amazon EC2 instances
Dynamically grows and
shrinks required resources
based on traffic
Supports health checks to
ensure detect and remove
failing instances
102
AWS Cloud School
Compute Services & Networking | Amazon ELB
103
AWS Cloud School
Load Balancer Demo
AWS Cloud School
Compute Services & Networking | Additional Resources
Amazon EC2 Instance Types: http://aws.amazon.com/ec2/instance-types/
Service Documentation: http://aws.amazon.com/documentation
White Papers: http://aws.amazon.com/whitepapers
AWS Free Usage Tier: http://aws.amazon.com/free/
AWS Support: http://aws.amazon.com/premiumsupport/
APN Partners supporting AWS Direct Connect:
http://aws.amazon.com/directconnect/partners/
AWS Security Process:
http://d36cz9buwru1tt.cloudfront.net/pdf/AWS_Security_Whitepaper.pdf
103
AWS Cloud School
Summary
Compute Services & Networking | Module Completion
Amazon Virtual Private Cloud lets you provision a logically isolated section
with complete control over your virtual networking environment, including IP
address range, creation of subnets, and configuration of route tables and
network gateways
VPN and Direct Connect allows you to leverage the AWS cloud as an
extension of your corporate datacenter
Elastic Load Balancing service provides load balancing across multiple
instances in a region
Amazon Route 53 is a highly available scalable Domain Name System (DNS)
web service
106
AWS Cloud School
Module 4: Managed Services
& Database
AWS Essentials
AWS Cloud School
Managed Services & Database | Overview
Module Overview
This module describes the fundamental elements of AWS Managed Services
and Databases (RDS). This module will focus on key aspects of Amazon
Relational Database Service and how to execute Amazon RDS.

108
AWS Cloud School
Managed Services & Database | Learning Objectives
1
Describe Amazon DynamoDB.
2
Verify the key aspects of Amazon Relational Database Service.
Execute Amazon Relational Database Service.
3
109
AWS Cloud School
Amazon
ElastiCache

Amazon
Redshift
Managed Services & Database | Product and Services
Amazon
Relational
Database
Service
Amazon
DynamoDB
110
AWS Cloud School
Amazon
ElastiCache

Amazon
Redshift
Managed Services & Database | Product and Services
Amazon
Relational
Database
Service
Amazon
DynamoDB
111
AWS Cloud School
Managed Services & Database | Amazon Relational Database Service
Amazon
Relational
Database
Service
Cost-efficient and resizable capacity

Access to the full capabilities of a familiar MySQL,
PostgreSQL, Oracle and SQL Server database

Manages time-consuming
database administration tasks

112
AWS Cloud School
Managed Services & Database | Amazon RDS
Amazon Relational Database Services (RDS)
Easy to set up, operate, and scale a relational database in the cloud
Cost-efficient and resizable capacity while managing time-consuming
database administration tasks
Access to the full capabilities of a familiar MySQL database
Automatically patches the database software and backs up your database
Ability to scale the compute resources or storage capacity associated with
your relational database instance via a single API call.
113
AWS Cloud School
Managed Services & Database | Amazon RDS & VPC
Amazon RDS & VPC
You can select your own IP address range.
Create subnets, and configure routing and access control lists.
The basic functionality of Amazon RDS is the same whether it is running in a
VPC or not: Amazon RDS manages backups, software patching, automatic
failure detection, and recovery.
There is no additional cost to run your DB instance in a VPC.
114
AWS Cloud School
Managed Services & Database | Amazon DynamoDB
Store any amount of
data no limits

Easily provision and change the request
capacity needed for each table
Fast, predictable performance
using SSDs

Amazon
DynamoDB
113
AWS Cloud School
If You Need Consider Using

A relational database service
with minimal administration

Amazon RDS, a fully managed service that
offers a choice of MySQL, Oracle or SQL Server
database engines, scale compute & storage,
Multi-AZ availability and more.

A fast, highly scalable NoSQL
database service

Amazon DynamoDB, a fully managed service
that offers extremely fast performance, seamless
scalability and reliability, low cost and more.

A relational database you can
manage on your own
Your choice of relational AMIs on Amazon EC2
and Amazon EBS that provide scale compute &
storage, complete control over instances, and more.
Managed Services & Database | Database Considerations
116
AWS Cloud School
Managed Services & Database | Amazon RDS and DynamoDB
Factors Relational (RDS) NoSQL (DynamoDB)
Application
Type
Existing database apps
Business process-centric apps

Example: Financial transactions,
ERP apps, Multi-stage approval
flows
New Web scale applications
Large # of small writes and reads

Example: Web, social, mobile apps,
shopping cart, order mgt, user preferences
Application
Characteristics
Relational data models,
transactions
Complex queries, joins and
updates
Simple data models, transactions
Range queries, simple updates
Scaling
Application or DBA architected
(clustering, partitions, sharding)
Seamless, on-demand scaling per
application needs
QoS
Performance depends on
data model, indexing, query,
and storage optimization
Reliability and availability
Managed Durability Managed
Performance Automatically optimized by
the system
Reliability and availability Managed
Durability Managed
Skill Set
Existing programming skills
SQL + Programming languages
Web style programming queries managed
through programming and developers
117
AWS Cloud School
Amazon
ElastiCache

Managed Services & Database | Amazon ElastiCache

Seamlessly caches
in front of Amazon
RDS instances

Manages patching, cache node
failure detection and recovery
Memcached compliant cache
cluster on-demand
118
AWS Cloud School
Amazon
Redshift
Managed Services & Database | Amazon Redshift
Petabyte-scale service that manages all
the work need to set up, operate, and scale
a data warehouse cluster

Dramatically reduces IO

Continuously monitors the health of the
cluster and replaces any component

120
AWS Cloud School
Managed Services & Database | Amazon Redshift Facts
Amazon Redshift
Amazon Redshift manages all the work needed to set up, operate, and scale a
data warehouse cluster, from provisioning capacity to monitoring and backing up
the cluster, to applying patches and upgrades. Scaling a cluster to improve
performance or increase capacity is simple and incurs no downtime. The service
continuously monitors the health of the cluster and automatically replaces any
component, if needed.

8edshl
8edshl
8edshl
121
AWS Cloud School
Amazon RDS Demo
AWS Cloud School
Managed Services & Database | Additional Resources
Service Documentation: http://aws.amazon.com/documentation
Pricing Calculator: http://aws.amazon.com/calculator/
Economics: http://aws.amazon.com/economics/
Pricing details for all services: http://aws.amazon.com/pricing/
Solutions Case Studies: http://aws.amazon.com/solutions/case-studies
Marketing Overview Materials: http://aws.amazon.com
Videos & Webinars: http://www.youtube.com/AmazonWebServices
AWS Blog: http://aws.typepad.com/
123
AWS Cloud School
Summary
Describe Amazon DynamoDB
Verify key aspects of Amazon Relational Database Service (RDS)
How to execute Amazon RDS
Managed Services & Database | Module Completion
124
AWS Cloud School
Module 5: Deployment
Management
AWS Essentials
AWS Cloud School
Deployment Management | Overview
Module Overview
This module describes the fundamental elements of AWS deployment
management products and services.
126
AWS Cloud School
Deployment Management | Learning Objectives
1
Identify AWS CloudFormation.
2
Describe Amazon CloudWatch metrics and alarms.
Describe Amazon IAM.
3
127
AWS Cloud School
Deployment Management | Product and Services
AWS Identity
and Access
Management
Amazon
Elastic
Beanstalk
Amazon
CloudFormation
Amazon
CloudWatch
128
AWS Cloud School
Deployment Management | AWS Identity and Access Management
AWS Identity
and Access
Management
Create and manage AWS users and groups
and use permissions to allow and deny their
permissions to AWS resources
Use existing corporate identities to grant
secure access to AWS resources, such as
Amazon S3 buckets, without creating new
AWS identities for those users
Enables identity federation between your
corporate directory and AWS services
129
AWS Cloud School
Deployment Management | Using AWS Identity and Access Management
Enable identity
federation to allow
existing identities
(e.g. users) in your
enterprise to access
the AWS
Management
Console, to call AWS
APIs, and to access
resources, without the
need to create an IAM
user for each identity..
3
Manage federated users
and their permissions
Create users in AWS
IAM, assign them
individual security
credentials or request
temporary security
credentials to provide
users access to AWS
services and resources.

Manage permissions
in order to control which
operations a user can
perform.
2
Manage AWS IAM users
and their access
1
Create roles in AWS
IAM, and manage
permissions to control
which operations can be
performed by the entity,
or AWS service, that
assumes the role.

Define which entity is
allowed to assume the
role.
Manage AWS IAM roles
and their permissions
130
AWS Cloud School
Deployment Management | Amazon CloudWatch
Amazon
CloudWatch
Visibility into resource
utilization, operational
performance, and overall
demand patterns
Accessible via AWS Management
Console, APIs, SDK, or CLI
Custom application-specific
metrics of your own
131
AWS Cloud School
Deployment Management | AWS CloudWatch Facts
AWS CloudWatch
Visibility into resource utilization, operational performance, and overall
demand patterns
Metrics including CPU utilization, disk reads and writes, and network traffic
Custom application-specific metrics of your own
Accessible via AWS Management Console, APIs, SDK, or CLI

132
AWS Cloud School
Deployment Management | Amazon Elastic Beanstalk
Amazon
Elastic
Beanstalk
Simply upload your
application
Automatically handles the
deployment details of capacity
provisioning, load balancing, auto
scaling, and application health
monitoring
Retain full control over the
AWS resources powering
your application
133
AWS Cloud School
Deployment Management | AWS Elastic Beanstalk Facts

AWS Elastic Beanstalk
Quickly deploy and manage applications in the AWS cloud without worrying
about the infrastructure that runs those applications.
Reduce management complexity without restricting choice or control.
134
AWS Cloud School
Deployment Management | Amazon CloudFormation
Create templates of stack
of resources
Use templates as a starting
point or create your own
Deploy stack from template
with runtime parameters
Amazon
CloudFormation
133
AWS Cloud School
Deployment Management | Deployment and Management
Amazon CloudFormation Deployment and Management
Templates are simple JSON formatted text files
CloudFormer supports generating templates from running environments
"Resources" : {
"Ec2Instance" : {
"Type" : "AWS::EC2::Instance",
"Properties" : {
"SecurityGroups" : [ { "Ref" : "InstanceSecurityGroup" } ],
"ImageId" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" },
"AMI" ]},
"Tags" : [{
"Key" : "MyTag",
"Value" : "TagValue"
}]
}
},
136
AWS Cloud School
Deployment Management | Deployment and Management
Amazon CloudFormation Deployment and Management
Use AWS CloudFormation s sample templates or create your own templates to
describe the AWS resources, and any associated dependencies or runtime
parameters, required to run your application.

Deploy and update a template and its associated collection of resources called
a stack via the AWS Management Console, AWS CloudFormation command
line tools or APIs. CloudFormation is available at no additional charge, and you
pay only for the AWS resources needed to run your applications.
1emplaLe AWS Cloudlormauon
SLack
137
AWS Cloud School
Deployment Management | Additional Resources
AWS CloudFormation Sample Templates:
https://aws.amazon.com/cloudformation/aws-cloudformation-templates/
AWS User Groups: http://aws.amazon.com/usergroups/
138
AWS Cloud School
Summary
The key fundamental elements of AWS deployment management
products and services.
Deployment Management | Module Completion
139
AWS Cloud School
Completion | Training Next Steps
140
AWS Cloud School
Thank You
Hope you enjoyed the training!
We value your feedback :
stormacq@amazon.lu
@sebsto

Cloudschool 2014 140306035011 Phpapp01

Загружено:

Сведения о документе

Исходное описание:

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Cloudschool 2014 140306035011 Phpapp01

Загружено:

Авторское право:

Доступные форматы

2013 Amazon Web Servlces, lnc. and lLs amllaLes. All rlghLs reserved.

AWS Cloud School

Вам также может понравиться