AWS 101 Event London - Feb 2014

  • 2,110 views
Uploaded on

 

More in: Technology , Business
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
2,110
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
111
Comments
0
Likes
6

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. What is AWS? Ian Massingham - Technical Evangelist @IanMmmm
  • 2. Before we start… …we’d love your feedback!
  • 3. background
  • 4. Consumer Business Seller Business IT Infrastructure Business Tens of millions of active customer accounts Sell on Amazon websites 8 countries: US, UK, Germany, Japan, France, Canada, China, Italy Use Amazon technology for your own retail website Cloud computing infrastructure for hosting web-scale solutions Leverage Amazon’s massive fulfillment center network Hundreds of thousands of registered customers in over 190 countries
  • 5. About Amazon Web Services How did Amazon… Deep experience in building and operating global web scale systems ? …get into cloud computing?
  • 6. AWS Mission Enable businesses and developers to use web services* to build scalable, sophisticated applications. *What people now call “the cloud”
  • 7. Not excess capacity!
  • 8. Powering the Most Popular Internet Businesses Find out more at : aws.amazon.com/solutions/case-studies
  • 9. Trusted by Enterprises Find out more at : aws.amazon.com/solutions/case-studies
  • 10. Each day AWS adds the equivalent server capacity to power Amazon when it was a global, $7B enterprise
  • 11. Objects in S3 Trillions of Objects (000,000,000,000s) Servicing over 2 million requests per Second
  • 12. utility computing
  • 13. Utility computing On demand Uniform Pay as you go Available
  • 14. Utility computing On demand Uniform Pay as you go Available
  • 15. Utility computing
  • 16. Utility computing On demand Compute Scaling Pay as you go Security CDN Backup DNS Database Storage Load Balancing Workflow Monitoring Networking Uniform Messaging Available
  • 17. On a global footprint Region US-WEST (N. California) EU-WEST (Ireland) ASIA PAC (Tokyo) GOV CLOUD US-EAST (Virginia) US-WEST (Oregon) ASIA PAC (Singapore) SOUTH AMERICA (Sao Paulo) ASIA PAC (Sydney)
  • 18. At the end of a web service aws ec2 run-instances --image-id ami-a813fadf --count 3 --placement AvailabilityZone=eu-west-1a --instance-type m1.small aws ec2 run-instances --image-id ami-a813fadf --count 5 --placement AvailabilityZone=eu-west-1c --instance-type m1.medium
  • 19. and a rich Management Console
  • 20. elasticity
  • 21. Elastic capacity Traditional IT capacity Capacity Time Your IT needs
  • 22. Elastic capacity On and Off Fast Growth Variable peaks Predictable peaks
  • 23. Elastic capacity WASTE On and Off Fast Growth Variable peaks Predictable peaks CUSTOMER DISSATISFACTION
  • 24. Elastic capacity On and Off Fast Growth Variable peaks Predictable peaks
  • 25. From one instance…
  • 26. …to thousands
  • 27. and back…
  • 28. exploiting elasticity
  • 29. Typical weekly traffic to Amazon.com Sunday Monday Tuesday Wednesday Thursday Friday Saturday
  • 30. November traffic to Amazon.com November
  • 31. November traffic to Amazon.com Provisioned capacity November
  • 32. November traffic to Amazon.com 76% Provisioned capacity November 24%
  • 33. November 10th 2010 Turned off last physical web server of Amazon.com
  • 34. November 10th 2010 Turned off last physical web server of Amazon.com October 31st 2011 Turned off last web servers supporting European business
  • 35. November traffic to Amazon.com November
  • 36. 40 servers to 5000 in 3 days Number of EC2 Instances EC2 scaled to peak of 5000 instances “Techcrunched” Launch of Facebook modification Steady state of ~40 instances 4/12/2008 4/13/2008 4/14/2008 4/15/2008 4/16/2008 4/17/2008 4/18/2008 4/19/2008 4/20/2008
  • 37. Building a Top500 HPC Cluster on AWS
  • 38. the toolbox
  • 39. Reference Model security Deployment & Administration App Services Compute Storage Database Networking AWS Global Infrastructure
  • 40. Global infrastructure Deployment & Administration App Services Compute Storage Database Networking AWS Global Infrastructure Regions An independent collection of AWS resources in a defined geography A solid foundation for meeting location-dependent privacy and compliance requirements
  • 41. Global infrastructure Deployment & Administration App Services Compute Storage Database Networking AWS Global Infrastructure Availability Zones Designed as independent failure zones Physically separated within a typical metropolitan region
  • 42. Global infrastructure London(2) Seattle South Bend Amsterdam (2) Stockholm New York (3) Newark Dublin Palo Alto Seoul San Jose Tokyo (2) Frankfurt(2) Paris(2) Ashburn(3) Jacksonvill e Los Angeles (2) Chennai Milan Madrid Osaka Hong Kong (2) Dallas(2) Mumbai St.Louis Deployment & Administration App Services Compute Storage Miami Singapore(2) Sao Paulo Database Networking AWS Global Infrastructure Sydney Edge Locations To deliver content to end users with lower latency A global network of edge locations Supports global DNS infrastructure (Route53) and Cloud Front CDN
  • 43. Networking Direct Connect Dedicated connection to AWS VPN Connection Secure internet connection to AWS Deployment & Administration App Services Compute Storage Virtual Private Cloud Private, isolated section of the AWS Cloud Database Networking AWS Global Infrastructure Route 53 Highly available and scalable Domain Name Service
  • 44. Compute Vertical Scaling From $0.02/hr Elastic Compute Cloud (EC2) Basic unit of compute capacity Range of CPU, memory & local disk options 13 Instance types available, from micro to cluster compute Feature Deployment & Administration Flexible Run windows or linux distributions Scalable App Services Wide range of instance types from micro to cluster compute Machine Images Compute Storage Details Database Full control Secure Networking AWS Global Infrastructure Configurations can be saved as machine images (AMIs) from which new instances can be created Full root or administrator rights Full firewall control via Security Groups Monitoring Publishes metrics to Cloud Watch Inexpensive On-demand, Reserved and Spot instance types VM Import/Export Import and export VM images to transfer configurations in and out of EC2
  • 45. Compute Trigger autoscaling policy aws autoscaling create-auto-scaling-group --auto-scaling-group-name MyGroup --launch-configuration-name MyConfig --availability-zones eu-west-1a --min-size 4 --max-size 200 Deployment & Administration App Services Compute Storage Auto-scaling Automatic provisioning of compute resources based upon Database demand, configuration or schedule Feature Networking Control Integrated to CloudWatch AWS Global Infrastructure Instance types Details Define minimum and maximum instance pool sizes and when scaling and cool down occurs Use metrics gathered by CloudWatch to drive scaling Run auto scaling for on-demand instances and spot. Compatible with VPC
  • 46. Compute Elastic Load Balancing Create highly scalable applications Distribute load across EC2 instances in multiple availability zones Deployment & Administration Feature App Services Compute Storage Auto-scaling Database Available Health checks Networking AWS Global Infrastructure Session stickiness Secure sockets layer Monitoring Details Automatically scales to handle request volume Load balance across instances in multiple availability zones Automatically checks health of instances and takes them in or out of service Route requests to the same instance Supports SSL offload from web and application servers with flexible cipher support Publishes metrics to Cloud Watch
  • 47. Storage S3 - Durable storage, any object 99.999999999% durability of objects Feature Details Unlimited storage of objects of any type Flexible object store Buckets Up to 5TB size per object act like drives, folder structures within Deployment & Administration Access control Server-side encryption App Services Multi-part uploads Object versioning Compute Storage Database Object expiry Access logging Networking AWS Global Infrastructure Web content hosting Notifications Import/Export Granular control over object permissions 256bit AES encryption of objects Improved throughput & control Archive old objects and version new ones Automatically remove old objects Full audit log of bucket/object actions Serve content as web site with built in page handling Receive notifications on key events Physical device import/export service
  • 48. Storage Elastic Block Store High performance block storage device 1GB to 1TB in size Mount as drives to instances Deployment & Administration App Services Feature High performance file system Compute Storage Database Flexible size Secure Networking AWS Global Infrastructure Available Backups Monitoring Details Mount EBS as drives and format as required Volumes from 1GB to 1TB in size Private to your instances Replicated within an Availability Zone Volumes can be snapshotted for point in time restore Detailed metrics captured via Cloud Watch
  • 49. Database Relational Database Service Database-as-a-Service No need to install or manage database instances Scalable and fault tolerant configurations Deployment & Administration Feature Platform support App Services Preconfigured Compute Storage Database Automated patching Details Create MySQL, PostgreSQL, Microsoft SQL Server and Oracle RDBMS Get started instantly with sensible default settings Keep your database platform up to date automatically Backups AWS Global Infrastructure Backups Volumes can be snapshotted for point in time restore Failover Networking Automatic backups and point in time recovery and full DB backups Automated failover to slave hosts in event of a failure Replication Easily create read-replicas of your data and seamlessly replicate data across availability zones
  • 50. Database Amazon Relational Database Service (Amazon RDS) databases stores forum threads, site content, and project configuration data. High availability Multi-AZ database deployment to handle live game metadata and user-generated content. Deployment & Administration App Services Compute Storage Database Networking AWS Global Infrastructure Enterprise-grade fault tolerance for protecting customer data. By managing time-consuming database administration tasks, Amazon RDS allows SEGA to focus on business critical applications.
  • 51. Database DynamoDB Provisioned throughput NoSQL database Fast, predictable performance Fully distributed, fault tolerant architecture Deployment & Administration Feature Provisioned throughput App Services Compute Storage Predictable performance Database Strong consistency Fault tolerant Networking Monitoring Secure AWS Global Infrastructure Elastic MapReduce Details Dial up or down provisioned read/write capacity Average single digit millisecond latencies from SSD backed infrastructure Be sure you are reading the most up to date values Data replicated across availability zones Integrated to Cloud Watch Integrates with AWS Identity and Access Management (IAM) Integrates with Elastic MapReduce for complex analytics on large datasets
  • 52. Database RDS Dynamo DB Redshift Deployment & Administration Redshift App Services Managed Massively Parallel Petabyte Scale Data Compute Storage Database Warehouse Streaming Backup/Restore to S3 Networking AWS Global Infrastructure Extensive Security 2 TB -> 1.6 PB
  • 53. Application Services CloudFront 3 Served from S3 /images/* World-wide content distribution network Easily distribute content to end users with low latency, high data transfer speeds, and no commitments. 2 London Served from EC2 *.php Paris Deployment & Administration 1 Storage NY www.mysite.com App Services Compute Single CNAME Database Feature Fast Networking Integrated with other services Dynamic content AWS Global Infrastructure Streaming Details Multiple world-wide edge locations to serve content as close to your users as possible Works seamlessly with S3 and EC2 origin servers Supports static and dynamic content from origin servers Supports rtmp from S3 and includes support for live streaming from Adobe FMS and Microsoft Media Server
  • 54. Application Services Amazon SQS Processing results Reliable, highly scalable, queue Amazon SQS service for storing messages as they travel between instances Deployment & Administration Processing task/processing trig App Services Compute Storage Database Feature Reliable Networking AWS Global Infrastructure Simple Scalable Secure Details Messages stored redundantly across multiple availability zones Simple APIs to send and receive messages Unlimited number of messages Authentication of queues to ensure controlled access
  • 55. Application Services Simple Workflow 1 Reliably coordinate processing steps across 2 Task A applications Integrate AWS and non-AWS resources Manage distributed state in complex systems 3 Task B (Auto-scaling) Deployment & Administration Task C App Services Compute Storage Database Feature Process state Networking Tracking Consistency AWS Global Infrastructure Simple Details Maintain application state across complex workflows in a reliable and available manner Tracks executions and log process for audit purposes Ensures processing tasks are executed and duplicity of events does not occur Simple Decider and Task programming model for rapid integration
  • 56. Deployment & Admin Elastic Beanstalk One-click deployment from Eclipse, Visual Studio and Git Rapid deployment of applications All AWS resources automatically created Deployment & Administration Feature App Services Platform support Details Containers for Java, .net and PHP Storage Database Networking AWS Global Infrastructure Resource creation Creates load balancer, instances, autoscaling and monitoring automatically Monitoring & Logs Compute Integrated with Cloud Watch and consolidates server logs Versioning Notifications Full resource access Manage versions of applications and easily rollback deployments Receive alerts on key events Access all underlying AWS resources as necessary
  • 57. Deployment & Admin OpsWorks DevOps focused managed application stacks Underlying Chef recipes allow for complete customisation Deployment & Administration App Services Feature Compute Storage Database Platform support Networking AWS Global Infrastructure Resource creation Layered Details Chef recipes allows for community expansion for platform components such as Solr, NgniX etc Customizable deployments, rollback, partial deployments, patch management, automatic instance scaling, and auto healing Manage logical application layers and combine into stacks.
  • 58. Deployment & Admin Deployment & Administration App Services Compute Storage Cloud Formation Automate creation of ‘stacks’ in a repeatable way Scripting framework for AWS resource creation Database Networking Feature Platform support Resource creation Declarative AWS Global Infrastructure Customizable Details Support for AWS resources from EC2 to IAM Creates AWS resources behind the scenes and reports on progress Specify stacks in JSON format and source control your environments Drive stack creation with parameters
  • 59. Deployment & Admin Identity & Access Management Granular control of user rights with AWS Automated granting of EC2 service rights Software Developer Kits Deployment & Administration Comprehensive support of programming models for using AWS services App Services Compute Storage Database Networking AWS Global Infrastructure
  • 60. + others Cloud Search Simple Email Service Simple Notification Service ElastiCache (Memcache & Redis) Elastic MapReduce CloudWatch …and more to come!
  • 61. security & compliance
  • 62. Amazon Shared responsibility Foundation Services Compute Storage Database Networking Availability Zones AWS Global Infrastructure Edge Locations Regions
  • 63. Shared responsibility You Customer Data Platform, Applications, Identity & Access Management Operating System, Network & Firewall Configuration Amazon Client-side Data Encryption & Data Integrity Authentication Server-side Encryption (File System and/or Data) Network Traffic Protection (Encryption/Integrity/Identity) Foundation Services Compute Storage Database Networking Availability Zones AWS Global Infrastructure Edge Locations Regions
  • 64. Security standards Certifications Physical Security HW, SW, Network SOC 1 Type 2 (formerly SAS70) Datacenters in nondescript facilities Systematic change management ISO 27001 Physical access strictly controlled Phased updates deployment PCI DSS for EC2, S3, EBS, VPC, RDS, ELB, IAM FISMA Moderate Compliant Controls HIPAA & ITAR Compliant Architecture Safe storage decommission Must pass two-factor authentication at least twice for floor access Physical access logged and audited Automated monitoring and selfaudit Advanced network protection http://aws.amazon.com/security
  • 65. So what are we going to build today?
  • 66. Instance Availability Zone Region
  • 67. Instance Availability Zone S3 Region
  • 68. Cloud Front Instance Availability Zone S3 Region
  • 69. Cloud Front S3 Instance RDS Availability Zone Region
  • 70. Cloud Front Elastic Load Balancer Instance Instance S3 RDS Availability Zone Region
  • 71. Cloud Front Elastic Load Balancer Instance Auto scaling Group Instance S3 RDS Availability Zone Region
  • 72. Time for a break, but come back at 11:00, and we’ll build it
  • 73. #AWS101 @AWS_UKI for local AWS events & news @AWScloud for Global AWS News and Announcements ©Amazon.com, Inc. and its affiliates. All rights reserved.
  • 74. Ask questions (it will fill time when we wait for things to launch) There will be a recording of this demo on YouTube, so don’t worry if you miss anything
  • 75. Instance Availability Zone Region
  • 76. EC2 launch an instance
  • 77. bootstrapping passing data to an instance
  • 78. Instance request User data
  • 79. Instance request User data Meta-data service
  • 80. Instance request User data Meta-data service Instance
  • 81. Script executed on launch: <script> ipconfig /all > c:ipconfig.txt netstat > c:netstat.txt </script>
  • 82. Script executed on launch: #!/bin/sh yum -y install httpd php php-mysql chkconfig httpd on /etc/init.d/httpd start
  • 83. security groups instance firewalling
  • 84. Port 22 (SSH) Port 80 (HTTP) Security Group instance Name Description Protocol Port range IP Address, range, or another security group
  • 85. key pairs secure access
  • 86. Public Key Inserted by Amazon into each EC2 instance that you launch EC2 Instance Comms secured with private key Private Key Downloaded and stored by you
  • 87. index.php Reads instance meta-data
  • 88. Some php code that gets the data <?php // get the instance id $url = "http://169.254.169.254/latest/meta-data/instance-id"; $instance_id = file_get_contents($url); // get the AZ where the instance is running $url = "http://169.254.169.254/latest/meta-data/placement/availability-zone"; $zone = file_get_contents($url); // get the security group it is in $url = "http://169.254.169.254/latest/meta-data/security-groups"; $group = file_get_contents($url); // get the public DNS name $url = "http://169.254.169.254/latest/meta-data/public-hostname"; $hostname = file_get_contents($url); ?>
  • 89. And displays it Instance ID: <?php echo $instance_id; ?> Availability Zone: <?php echo $zone; ?> Security Group: <?php echo $group; ?>
  • 90. S3 For Static Website Hosting
  • 91. Instance Availability Zone S3 Region
  • 92. CloudFront Global CDN
  • 93. Cloud Front Instance Availability Zone S3 Region
  • 94. Amazon RDS Managed Relational DB
  • 95. Cloud Front S3 Instance RDS Availability Zone Region
  • 96. ELB elastic load balancer
  • 97. Cloud Front Elastic Load Balancer S3 Instance RDS Availability Zone Region
  • 98. Elastic Load Balancer Instance Instance Availability Zone Instance Instance Availability Zone Region Instance Instance Availability Zone
  • 99. Cloud Front Elastic Load Balancer Instance Auto scaling Group Instance S3 RDS Availability Zone Region
  • 100. auto-scaling elastic server pool
  • 101. Launch Configuration Auto-Scaling Group Auto-Scaling Policy Describes what Auto Scaling will create when adding Instances Auto Scaling managed grouping of EC2 instances Parameters for performing an Auto Scaling action AMI Instance Type Security Group Instance Key Pair Automatic health check to maintain pool size Scale Up/Down and by how much Only one active launch configuration at a time Auto Scaling will terminate instances with old launch configuration first rolling update Automatically scale the number of instances by policy – Min, Max, Desired ChangeInCapacity (+/- #) ExactCapacity (#) ChangeInPercent (+/- %) Cool Down (seconds) Automatic Integration with ELB Automatic distribution & balancing across AZs Policy can be triggered by CloudWatch events
  • 102. Cloud Front Elastic Load Balancer Instance Auto scaling Group Instance S3 RDS Availability Zone Region
  • 103. We’d love your feedback!
  • 104. #AWS101 Ian Massingham – Technical Evangelist @IanMmmm @AWS_UKI for local AWS events & news @AWScloud for Global AWS News and Announcements ©Amazon.com, Inc. and its affiliates. All rights reserved.