The Cloud Computing
Client-Server System
In a client-server system, a central server provides resources or services to multiple clients (devices or programs). The server handles client requests and returns the required data or service.
For example, A bank's database server handles requests from ATMs (clients) to retrieve account information and process transactions.
Cloud Computing
When that server is placed in a remote location accessed via the internet, it becomes cloud computing.
Cloud computing delivers computing services like storage, databases, software, and processing power over the internet (the "cloud") on a pay-as-you-go basis.
It eliminates the need for physical hardware and allows users to access resources from anywhere. For example, Google Drive allows users to store and access files online without needing local storage.
Deployment Models for Cloud Computing
Cloud-Based Deployment
On-Premises Deployment
Hybrid Deployment
Benefits of Cloud Computing
Trade upfront expense for variable expense
Stop spending money to run and maintain data centers
Stop guessing capacity
Benefit from massive economies of scale
Increase speed and agility
Go global in minutes
Amazon Compute in the Cloud
Amazon Elastic Compute Cloud (EC2)
Amazon EC2, a service that lets you run virtual servers in the cloud
Provision instances (virtual servers)
Upload your code.
Continue to manage the instances while your application is running.
Amazon EC2 instance types
General Purpose Instances
Provide a balance of computing, memory, and networking resources.
Compute Optimized Instances
Memory Optimized Instances
More ideal for workloads that process large datasets in memory, such as high-performance databases.
Accelerated Computing Instances
Storage Optimized Instances
Designed for workloads that require high, sequential read and write access to large datasets on local storage.
Amazon EC2 Pricing
On-Demand
Reserved Instances (Standard Reserved Instances, Convertible Reserved Instances)
Reserved Instances require a commitment of either 1 year or 3 years. The 3-year option offers a larger discount
EC2 Instance Savings Plans
Spot Instances
Dedicated Hosts
Scalability
You can scale instances vertically and horizontally
Amazon EC2 Auto Scaling (Automated Horizontal Scaling of Instances)
Dynamic Scaling
Predictive Scaling
How to configure scaling
Minimum Capacity
Desired Capacity
Maximum Capacity
Managing Incoming Traffic
(Load Balancing)
Elastic Load Balancing (Decouple the architecture): AWS service that automatically distributes incoming application traffic across multiple resources, such as Amazon EC2 instances.
Before Elastic Load Balancing
Post Elastic Load Balancing
Messaging & Queing
Monolithic Application > Leads to cascading failure >> Change to Loosely Coupled Architecture > Via Microservices
Two services facilitate application integration in AWS:
Amazon Simple Notification Service (Amazon SNS)
Publishes messages to subscribers
Subscribers can be web servers, email addresses, AWS Lambda functions, or several other options.
Amazon Simple Queue Service (Amazon SQS)
Message queuing service
For decoupled applications and microservices, Amazon SQS enables you to send, store, and retrieve messages between components
AWS Additional Computing Services
The term “serverless” means that your code runs on servers, but you do not need to provision or manage these servers.
AWS Lambda - is a service that lets you run code without needing to provision or manage servers.
In AWS, you can also build and run containerized applications. Containers provide you with a standard way to package your application's code and dependencies into a single object. Container orchestration services help you to deploy, manage, and scale your containerized applications.
AWS has two services that provide container orchestration
Amazon Elastic Container Service (For Docker Software Platform)
Amazon Elastic Kubernetes Service.
AWS Fargate
Is a serverless compute engine for containers. It works with both Amazon ECS and Amazon EKS. AWS Fargate manages your server infrastructure for you.
AWS Global Infrastructure
Selecting a region – Regions are geographically isolated areas
Availability Zone - A single data center or group of data centers within a Region
Planning for failure and deploying applications across multiple Availability Zones is an important part of building a resilient and highly available architecture.
Amazon CloudFront is a content delivery service
Edge location: this is a site that Amazon CloudFront uses to store cached copies of your content closer to your customers for faster delivery.
AWS Outposts: Datacenters setup, managed by Amazon in the client's building.
Provision AWS Resources
Ways to interact with AWS services (Use APIs to interact)
AWS Management Console
AWS Command Line Interface (AWS CLI)
Software development kits (SDKs)
AWS Elastic Beanstalk (Settings & Configurations)
AWS CloudFormation (Infrastructure as code)
Networking
Amazon Virtual Private Cloud (Amazon VPC)
The subnet is a section of a VPC that can contain resources such as Amazon EC2 instances.
Public Subnet
Private Subnet
Internet gateway: allow public traffic from the internet to access your VPC
Virtual private gateway: allows traffic into the VPC only if it is coming from an approved network
AWS Direct Connect: Establish a dedicated private connection between your data center and a VPC
A packet is a unit of data sent over the internet or a network.
Security
Network ACL (access control list) is a virtual firewall that controls inbound and outbound traffic at the subnet level.
Network ACLs perform stateless packet filtering
Security group: is a virtual firewall that controls inbound and outbound traffic for an Amazon EC2 instance.
Security groups perform stateful packet filtering
Client > Domain Name System (DNS) > Amazon Route 53 (DNS Web service) > Client > Amazon CloudFront (access data)
Database & Storage
Instance Store - provides temporary block-level storage for an Amazon EC2 instance, once instance terminated you lose all the data. Hence use -
Amazon Elastic Block Store (Amazon EBS) - Service that provides block-level storage volumes that you can use with Amazon EC2 instances.
You can take incremental backups of EBS volumes by creating Amazon EBS snapshots.
Amazon Simple Storage Service
Object storage - each object consists of data, metadata, and a key.
Amazon Simple Storage Service (Amazon S3)
S3 Standard
Amazon S3 Standard-IA (infrequent Access)
S3 One Zone-IA
S3 Intelligent-Tiering
S3 Glacier Instant Retrieval
S3 Glacier Flexible Retrieval
S3 Deep Archive
Amazon S3 Outposts
Amazon Elastic File System (Amazon EFS): is a scalable file system used with AWS Cloud services and on-premises resources. As you add and remove files, Amazon EFS grows and shrinks automatically.
Amazon Relational Database Service (Amazon RDS) is a service that enables you to run relational databases in the AWS Cloud.
Database engine
Amazon Aurora (enterprise-class relational database. It is compatible with MySQL and PostgreSQL relational databases)
PostgreSQL
MySQL
MariaDB
Oracle Database
Microsoft SQL Server
Amazon DynamoDB is a key-value database service (NoSQL databases). It delivers single-digit millisecond performance at any scale.
Amazon Redshift is a data warehousing service that you can use for big data analytics. It offers the ability to collect data from many sources and helps you to understand relationships and trends across your data.
AWS Database Migration Service (AWS DMS) enables you to migrate relational databases, nonrelational databases, and other types of data stores.
Additional Database Services
Amazon DocumentDB is a document database service that supports MongoDB workloads. (MongoDB is a document database program.)
Amazon Neptune is a graph database service.
Amazon Quantum Ledger Database (Amazon QLDB) is a ledger database service.
Amazon Managed Blockchain is a service that you can use to create and manage blockchain networks with open-source frameworks.
Amazon ElastiCache is a service that adds caching layers on top of your databases to help improve the read times of common requests.
Amazon DynamoDB Accelerator (DAX) is an in-memory cache for DynamoDB.
Security
AWS Shared Responsibility Model
AWS Identity and Access Management (IAM)
AWS account root user
IAM user
IAM policy
IAM groups
IAM roles
Multi-factor authentication (MFA)
Identity Federation
AWS Organizations – A central location to manage multiple AWS accounts (like developer, billing, business, etc)
Service control policies (SCPs)
Organizational units (OUs)
AWS Compliance (3rd party auditor audits AWS)
AWS Artifact
AWS Artifact Agreements
AWS Artifact Reports.
Customer Compliance Center
Denial-of-service (DoS) attack
Distributed denial-of-service attack (DDOS)
AWS Shield
AWS Shield Standard
AWS Shield Advance
Additional Security Services
AWS Key Management Service (AWS KMS)
AWS WAF
Amazon Inspector
GuardDuty
Monitoring & Analytics
Amazon CloudWatch (access all your metrics from a central location)
Amazon CloudWatch Alarm
CloudWatch Dashboard
AWS CloudTrail (Comprehensive API Auditing tool, it records all API calls)
CloudTrail Insights
AWS Trusted Advisor
Cost Optimization
Security
Performance
Fault Tolerance
Service Limits
AWS Pricing and Support
Pricing
AWS Free Tier
Types
Always Free
12 Months Free
Trials
Cost Estimator
AWS Pricing Works
Pay for what you used
Pay less when you reserve
Pay less with volume-based discounts when you use more
AWS Billing & Cost Management dashboard
Consolidated Billings (For AWS Organizations)
AWS Budgets
AWS Cost Explorer
Default Reports
Custom Reports
Support
Basic Support (Free for all)
a limited selection of AWS Trusted Advisor checks
AWS Personal Health Dashboard
Developer Support (24 hours)
Business Support (1 hour downtime, Normal time – 4 Hours)
AWS Enterprise On-Ramp Support (30 Mins Support)
Technical Account Manager (TAM)
AWS Enterprise Support (15 mins Support)
Technical Account Manager (TAM)
Technical Account Manager (TAM)
AWS Market Place - Digital catalog that includes thousands of software listings from independent software vendors
Several categories, such as Infrastructure Software, DevOps, Data Products, Professional Services, Business Applications, Machine Learning, Industries, and Internet of Things (IoT)
Migration and Innovations
Migrations
AWS Cloud Adoption Framework (AWS CAF)
The Business, People, and Governance Perspectives focus on business capabilities
The platform, Security, and Operations Perspectives focus on technical capabilities
6 R's of Migrations
Rehosting
Replatforming
Retire
Retain
Repurchasing
Refactoring
AWS Snow Family (secure & Temper resistant in premise or in transit)
AWS Snow Cone (It features 2 CPUs, 4 GB of memory, and up to 14 TB of usable storage)
AWS Snowball Edge
Storage Optimized (80 TB of hard disk drive (HDD))
Compute Optimized
AWS Snow Mobile (100 petabytes of data per Snowmobile, a 45-foot long ruggedized shipping container, pulled by a semi-trailer truck)
Innovations
VMWare Cloud on AWS
Amazon Sage Maker (ML/AI Modelling)
Amazon Augmented AI (Amazon A2I)
Amazon Transcribe
Amazon Comprehend
Amazon Fraud Detector
Amazon Lex (Heart of Alexa – Interactive chatbot)
Amazon Textract (used to extract data from documents)
AWS Deepracer (Reinforcement learning in ML)
Internet of Things
AWS Ground Station
Amazon Q Developer (AI Powered code generators)
The Cloud Journey
AWS Well Architecture Framework
Operational Excellence
Security
Reliability
Performance Efficiency
Cost Optimization
Sustainability
AWS Well Architecture Tool
AWS Benefits
AWS Services
AWS Terminology
Benefits of AWS Cloud
Trade upfront expense for variable expense.
Benefit from massive economies of scale.
Stop guessing capacity.
Increase speed and agility.
Stop spending money running and maintaining data centers.
Go global in minutes.
The content is referred from the AWS Cloud Practitioner Essential Certificate Program.
The END.
Comments