AWS Architecture Training
Agenda and Plan
Day 1:
Cloud and AWS : Overview
AWS Core Services.
Best Practices.
High Availability.
Day 2:
Scaling
Automation
Loose coupling
Storage.
Day 3:
AWS Architecture Framework
Troubleshooting
Large Scaling Platform management.
Student Guide Slide: Download from (Lumeris shared network folder)
P:\amahapatra\AWS Training guide v5.3
All the notes below are covered in details in this PDF
Cloud and AWS : Overview
- Why AWS. How Big. High level overview of services.
- Managed Service Vs Unmanaged service: Advantage and Disadvantages of these services on AWS.
AWS Core Services:
VPC:
. Relationship to Region and Availability Zones.
EC2:
. Which one to choose and why.
. Security Group
. Instance family groups, Optimised insances (network/EBS/etc)
. Feature of each family. (C5/ F1/ T2/etc)
. Pricing families and their features (On demand, Spot, Reserved and Dedicated Instances)
. Spot Instance and Hibernation agent- How to manage spot instance and back it up with EBS volumes .(find documents online)
S3:
. General feature and availability
. S3 notification and where to use them (Lambda, SQS)
. S3 Analytics for access patterns (read online)
. S3 Standard access, S3 Infrequent access
. Move objects based on age of storage through policies on bucket.
EBS:
. How to use with EC2 as a persistent boot volume.
. Snapshoting( point in time backup to S3) and its uses. (Unmanaged feature)
. Options of back-end hardware to choose (SSD/ HDD) and their use cases.
EFS:
. How it is different from EBS (access to multiple EC2)
. How to start/stop EFS connection to EC2
Glacier:
. Why differnet from s3
. Features
RDS:
. Managed service
. Supported Engines(Oracle , MySQL, etc)
. Scalability, Automated redundancy,
. When to / not to use RDS
DynamoDB:
. Managed service.
. On-demand backups
. Latency feature.
. Global Tables and their features (availability across regions)
. Read/Write capacity unit
. Auto Scaling throughput .
AWS IAM:
. IAM entities (Account, Users, Groups,Roles )and policies
. Roles vs policies
. Pass role and when to use it
. Policies (allow/deny)
. Federated user — Attached to Role — Roles gets policies
. Security handshakes and STS(security token service)
. Cloudtrail and its use cases.
AWS Lab 1:(30 Mins)
Deploy a php app on EC2, fetching content from s3, DynamoDB.
Overview of steps:
. Create IAM role and give it access to s3 and dynamoDB
. Create a s3 bucket
. Create a DynamoDB table
. Create a VPC, Subnet, Internet Gteway.
. Create Public route table.
. Launch an EC2 instance and in the start-up script, copy files to S3 and DynamoDB table.
. Examine the public IP of instance to reflect all resources of S3 and DynamoDb table.
AWS Best Practices
. Choosing Region (Price and Proximity)
. Choose AZ (how many should we have)
. VPC (how many and why)
. VPC design pattern (multi VPC design/ multi Account design)
. NAT Instance/ NAT Gateway / Internet Gateway
. Virtual Private Gateway
. VPC Peering
. Security groups (public and private)
. Elastic Network Interface. ( Elastic IP )
. Network Access Control List
. AWS Direct Connect
AWS Training day-2
AWS High Availability
. Services which are inherently available (s3, cloudformation) and not inherently avaialble(EC2,etc)
ELB:
.Classic LB vs Application LB vs Network LB
. Cross zone load balancing
. Connection draining
. Internal vs External LB
Elastic IP:
. May also get ENI for application need
Route 53:
. Latency based routing
. Geolocation routing.
. Failure over based routing
AWS Direct Connect:
- Use cases
AWS LAB 2: (45–60 mins):
Create AMI and launch a new instance.
Expand VPC to include more AZ.
Launch new insances into new AZ
Create VPC Subnets, NAT tables and route tables
Create Load Balancer and Auto scaling groups .
AWS Automation:
AWS Cloudwatch:
. Predefined hypervisor metrics
. Custom metrics
. Cloudwatch alarm + Autoscaling
AWS AutoScaling:
. through Cloudwatch
. through Scheduling
. automated autoscaling
. valid scenarios and autoscaling thrash
EC2 Auto Recovery:
. triggering through cloudwatch
Scaling RDS:
. scaling instance sizes(vertical)
. horizontal scaling through replica
AutoScaling DynamoDB:
. scaling through cloudwatch
AWS Lambda:
. scheduled
. parameters
. scenarios
AWS LAB 3: (30 mins):
Create a Lambda function. Create a SNS topic subscribed to an Autoscaling group. Trigger the Autoscaling. SNS should capture the new instance info and trigger a lambda which then snapshots the volume attached to the new instance.
Automating Infrastructure
Cloud formation
. resource grouping/sharing (security. )
. careful about sharing templates
. features: parameter, mapping,resources, etc
. custom resource
. CHAINING STACK (trigger one stack from another)
Beanstalk:
. feature and generated cloudformation
. blue green deployments
AWS OpsWork:
. Recipes / Cook book
EC2 Run command:
CLOUDFORMER:
. Reverse Engineering a cloud formation from resources.
Loose Coupling:
. Lambda serverless provisioning
. SOA to microservices
. going stateless
. Communicating with SQS for async processing.
SQS:
. Features(buffer batch operation, fan out, auto scaling the servers watching the queue)
.Short polling/ long polling
. visibility timeout
. security and encryption
SNS:
. non persistent queue.
. protocols
DynamoDB:
API Gateway:
Lambda:
. AWS Lambda step function : chaining multiple lambda of higher processing time.
AWS Training day-3
AWS Architecture Framework :
5 Sections:
- Operational Excellence
AWS CICD framework
Cloud Formation
Cloudwatch
Cloudtrail - Security
AWS Gaurd duty
AWS Shield
AWS Inspectors
AWS Key Management Service
AWS CloudHSM
AWS Iam
AWS Directory service…. - Reliability
SnowBall — usps data to aws
pilot light
low capacity stand by
multi site active active
disaster recovery plans and runs - Performance Efficiency
Instance size
Storage selection and recovery - Cost Optimization
. Spot instance
. Trusted Advisor
.
AWS Lab 5:
Make a test cross region deployment and automatic fail over through route 53
Troubleshooting Scenarios:
- Instance timeouts
- poor network performance
- I/O on EBS is low
- CPU load on RDS too high
- Access Denied
Sample Architectures :
Scenarios in diagram.
AWS Web-Scale Storage:
. Storing static contents on S3 and dynamic generation on EC2.
. S3 versioning.
. S3 Key design
. cloudfront and RTMP distribution
. NoSql vs Sql scaling
. dynamo dB features and best practices.
. RDS Security groups
. Aurora and its features
