Introduction to AWS tools

2,446 views
2,322 views

Published on

An introduction to the tools available for making use of the AWS cloud.

Published in: Technology
0 Comments
8 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
2,446
On SlideShare
0
From Embeds
0
Number of Embeds
301
Actions
Shares
0
Downloads
37
Comments
0
Likes
8
Embeds 0
No embeds

No notes for slide

Introduction to AWS tools

  1. 1. E P I S O D E 1 Getting Started with Amazon Web Services Matt Wood T E C H N O L O G Y E VA N G E L I S T
  2. 2. Hello.
  3. 3. Thank you.
  4. 4. 4
  5. 5. Cloud Foundations concepts 4Maximising Security value in the Cloud
  6. 6. 1Cloud concepts Or: five things I wish I’d known before getting started
  7. 7. 1. Signing up
  8. 8. On the web
  9. 9. Free tierFor new customers
  10. 10. 750 hours of compute 10Gb network storage Free tier 5Gb SimpleDB, queues,Simple Storage Service notications
  11. 11. 2. Interacting
  12. 12. API driven
  13. 13. RESTAPI driven SOAP
  14. 14. CLI
  15. 15. ec2-run-instances
  16. 16. ec2-terminate-instances
  17. 17. SDK
  18. 18. RubyJava .Net SDK iOS Android PHP
  19. 19. Management console
  20. 20. Linux
  21. 21. Certificate based root access
  22. 22. mza$ ssh -i web/us-east/aws-web.pemroot@ec2-204-236-247-169.compute-1.amazonaws.comLast login: Wed Jun 22 11:15:20 2011 from 82.26.6.99 __| __|_ ) CentOS _| ( / v5.4 ___|___|___| HVMx64 Welcome to an EC2 Public Image :-)[root@ip-10-17-135-244 ~]#
  23. 23. Windows
  24. 24. Administrator access
  25. 25. 3. Storage options
  26. 26. Ephemeral storage
  27. 27. Included with compute Ephemeral storage Lost at Not backed uptermination
  28. 28. When it’s gone, it’s gone
  29. 29. Elastic Block Store
  30. 30. Network attached Mount as volumeElastic Block Store Snapshot Persistent
  31. 31. PersistentRoot partitions. Mount as volumes.
  32. 32. S3
  33. 33. Highly durable Highly available S3 Tolerant to two simultaneous failures
  34. 34. 99.999999999% durability
  35. 35. 4. Payment options
  36. 36. Pay as you go
  37. 37. Gb/month
  38. 38. ECU/hour
  39. 39. No minimum
  40. 40. No subscriptions
  41. 41. Pricing tiers
  42. 42. Consolidated billing
  43. 43. Options
  44. 44. On-demand
  45. 45. Reservedcapacity
  46. 46. Spot instances
  47. 47. On-demand: $0.57 per hour
  48. 48. Bandwidth
  49. 49. Free inbound
  50. 50. Reducedoutbound
  51. 51. Pricing calculator
  52. 52. calculator.s3.amazonaws.com/calc5.html
  53. 53. 5. Availability Zones
  54. 54. us-east us-west eu-westap-southeastap-northeast
  55. 55. eu-west-1aeu-west-1beu-west-1c
  56. 56. 2Foundations
  57. 57. Compute
  58. 58. Elastic Compute Cloud
  59. 59. Windows + Linux instances
  60. 60. Instance sizes
  61. 61. High memoryMicro High CPU Instance sizes Standard Cluster Compute
  62. 62. Dual “Nehalem” 1.7Tb disk HVM
  63. 63. Amazon Machine Image
  64. 64. State Config Code ServicesAmazon Machine Image ami-219387e
  65. 65. Pre-configured
  66. 66. Custom
  67. 67. Private Custom Public
  68. 68. Elastic Block Stora
  69. 69. m1.large
  70. 70. m1.large100Gb
  71. 71. m1.large Persistent 100Gb ScalableElastic block store Snapshot
  72. 72. m1.large AMISNAPSHOT 100Gb
  73. 73. Template m1.large AMI AMISNAPSHOT 100Gb SNAPSHOT
  74. 74. Template m1.large AMI AMISNAPSHOT 100Gb SNAPSHOT Private, stored securely
  75. 75. m1.large AMI AMISNAPSHOT 100Gb SNAPSHOT
  76. 76. m1.large AMI m1.largeSNAPSHOT 100Gb 100Gb
  77. 77. m1.large m1.large m1.large m1.large100Gb 100Gb 100Gb 100Gbm1.large m1.large m1.large m1.large100Gb 100Gb 100Gb 100Gb
  78. 78. cc1.4xlarge
  79. 79. cc1.4xlarge 100Gb
  80. 80. Mount, and away you go...
  81. 81. Oracle
  82. 82. Oracle E-business suite Oracle FusionOracle Database middleware 11G OracleOracle Enterprise Oracle on manager RDS Oracle Enterprise Linux
  83. 83. Licence on EC2 OracleUse existing licences
  84. 84. Days to minutes
  85. 85. Certified +supported
  86. 86. SAP
  87. 87. Rapid Deployment SAP Solutions BusinessObjects SAP Use existingLicence for EC2 licences
  88. 88. Storage
  89. 89. Simple Storage Service
  90. 90. Files in directories
  91. 91. Objects in buckets
  92. 92. http://s3.amazonaws.com/bucketname/objectid http://bucketname.s3.amazonaws.com/objectid
  93. 93. https://s3.amazonaws.com/bucketname/objectidhttps://bucketname.s3.amazonaws.com/objectid
  94. 94. Large objects 5Tb
  95. 95. Import/Export
  96. 96. S3 websites
  97. 97. Databases
  98. 98. Flexibility
  99. 99. AMI SNAPSHOTPackaged +ready to roll
  100. 100. Oracle 11g 32 and 64 bit
  101. 101. IBM DB2 32 and 64 bit
  102. 102. SQL Server 32 and 64 bit
  103. 103. PostgreSQL and EnterpriseDB
  104. 104. oracle-corporation
  105. 105. running
  106. 106. Configure, optimise
  107. 107. Snapshots + backup
  108. 108. RelationalDatabase Service
  109. 109. MySQL OracleRelational Database Service
  110. 110. Managed
  111. 111. Rapid
  112. 112. Scalable storage
  113. 113. Scalable instance
  114. 114. Synchronous replication eu-west-1a eu-west-1bHigh availability. Multi-AZ.
  115. 115. Asynchronous replication Read replicas
  116. 116. Remove the “muck”
  117. 117. Extraservices
  118. 118. Simple Queue Service
  119. 119. SimpleNotification Service
  120. 120. ElasticMapReduce
  121. 121. S3Input data
  122. 122. S3 Input dataCode Elastic MapReduce
  123. 123. S3 Input dataCode Elastic Name MapReduce node
  124. 124. S3 Input dataCode Elastic Name MapReduce node Elastic cluster
  125. 125. S3 Input dataCode Elastic Name MapReduce node HDFS Elastic cluster
  126. 126. S3 Input dataCode Elastic Name MapReduce node Queries HDFS + BI Via JDBC, Pig, Hive Elastic cluster
  127. 127. S3 Input dataCode Elastic Name Output MapReduce node S3 + SimpleDB Queries HDFS + BI Via JDBC, Pig, Hive Elastic cluster
  128. 128. S3 Input data Elastic OutputMapReduce S3 + SimpleDB
  129. 129. Undifferentiated heavy lifting
  130. 130. Platform grows with you
  131. 131. Premium support Bronze, Silver, Gold, Platinum
  132. 132. 3Maximising Value
  133. 133. Elasticity
  134. 134. Design for elasticity
  135. 135. Horizontal scale
  136. 136. “Everything fails, all the time” Werner Vogels
  137. 137. Build for failure
  138. 138. Build foravailability
  139. 139. Treat your data asyour royal garden
  140. 140. Compute as aninterchangeable resource
  141. 141. Auto-scaling
  142. 142. Elastic Load Balancer
  143. 143. Choice of instance sizes
  144. 144. Elastic by defaultSimpleDB, SQS, SNS, S3
  145. 145. Automatic
  146. 146. Applicationsin the cloud
  147. 147. 3 tiers
  148. 148. Application tierCode Configuration
  149. 149. Application tier Code Configuration Service tier Integration Operating system settings Services +Launch configuration configuration
  150. 150. Application tier Code Configuration Service tier Integration Operating system settings Services +Launch configuration configuration Infrastructure tier AMIs Architecture Multi-AZScaling rules Security groups Middleware
  151. 151. Value baked into each tier
  152. 152. Value inapplication
  153. 153. Value inservice tier
  154. 154. Optimisation Configuration Value in service tier Technology choices
  155. 155. Value ininfrastructure
  156. 156. Engine room Optimised Value in infrastructure Scalable Fault tolerant
  157. 157. Maximising Automationmaximises this value value
  158. 158. Automateeverything
  159. 159. CloudFormation
  160. 160. Template
  161. 161. Define a fullinfrastructure stack
  162. 162. Auto-scaling RDS EC2 SNS SimpleDB SQS ResourcesElastic Beanstalk CloudWatch Security groups Tags
  163. 163. Template CloudFormation Provisioned resources
  164. 164. Completedefinition
  165. 165. Atomic
  166. 166. Idempotent
  167. 167. FreeOnly pay for the provisioned resources
  168. 168. JSON
  169. 169. Perfect forPlain text version control JSON Validate-able
  170. 170. Declarative language
  171. 171. { "AWSTemplateFormatVersion" : "2010-09-09", "Description" : "Create an EC2 instances", "Parameters" : { "KeyName" : { "Description" : "Name of an existing EC2 KeyPair to enable SSH access to the instance", "Type" : "String" } }, "Mappings" : { "RegionMap" : { "us-east-1" : { "AMI" : "ami-76f0061f" }, "us-west-1" : { "AMI" : "ami-655a0a20" }, "eu-west-1" : { "AMI" : "ami-7fd4e10b" }, "ap-southeast-1" : { "AMI" : "ami-72621c20" }, "ap-northeast-1" : { "AMI" : "ami-8e08a38f" } } }, "Resources" : { "Ec2Instance" : { "Type" : "AWS::EC2::Instance", "Properties" : { "KeyName" : { "Ref" : "KeyName" }, "ImageId" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "AMI" ]}, "UserData" : { "Fn::Base64" : "80" } } } }, "Outputs" : { "InstanceId" : { "Description" : "InstanceId of the newly created EC2 instance", "Value" : { "Ref" : "Ec2Instance" } }, "AZ" : { "Description" : "Availability Zone of the newly created EC2 instance", "Value" : { "Fn::GetAtt" : [ "Ec2Instance", "AvailabilityZone" ] } }, "PublicIP" : { "Description" : "Public IP address of the newly created EC2 instance", "Value" : { "Fn::GetAtt" : [ "Ec2Instance", "PublicIp" ] } } }}
  172. 172. { "AWSTemplateFormatVersion" : "2010-09-09", "Description" : "Create an EC2 instances", Headers Parameters "Parameters" : { "KeyName" : { "Description" : "Name of an existing EC2 KeyPair to enable SSH access to the instance", "Type" : "String" } }, "Mappings" : { "RegionMap" : { "us-east-1" : { "AMI" : "ami-76f0061f" }, "us-west-1" : { Mappings "AMI" : "ami-655a0a20" }, "eu-west-1" : { "AMI" : "ami-7fd4e10b" }, "ap-southeast-1" : { "AMI" : "ami-72621c20" }, "ap-northeast-1" : { "AMI" : "ami-8e08a38f" } } }, "Resources" : { "Ec2Instance" : { "Type" : "AWS::EC2::Instance", Resources "Properties" : { "KeyName" : { "Ref" : "KeyName" }, "ImageId" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "AMI" ]}, "UserData" : { "Fn::Base64" : "80" } } } }, "Outputs" : { "InstanceId" : { "Description" : "InstanceId of the newly created EC2 instance", "Value" : { "Ref" : "Ec2Instance" } }, Outputs "AZ" : { "Description" : "Availability Zone of the newly created EC2 instance", "Value" : { "Fn::GetAtt" : [ "Ec2Instance", "AvailabilityZone" ] } }, "PublicIP" : { "Description" : "Public IP address of the newly created EC2 instance", "Value" : { "Fn::GetAtt" : [ "Ec2Instance", "PublicIp" ] } } }}
  173. 173. Elastic Beanstalk
  174. 174. Java webapplications
  175. 175. Upload WAR
  176. 176. Your Application Application Service Java Web Platform HTTP Service TomcatLanguage Interpreter Java Operating System Linux Server Amazon EC2
  177. 177. Best practice
  178. 178. Highly available
  179. 179. Customisable
  180. 180. Flexible
  181. 181. FreeOnly pay for the provisioned resources
  182. 182. Monitored
  183. 183. Insight
  184. 184. CloudWatch
  185. 185. Free5 minute resolution
  186. 186. Detailedmonitoring 1 minute resolution
  187. 187. CPUUtlization DiskReadBytes DiskReadOps DiskWriteBytes DiskWriteOps NetworkIn NetworkOutDatabaseConnections FreeStorageSpace ReadLatency ReadThroughput SwapUsage WriteLatency WriteThroughput
  188. 188. Custom metrics
  189. 189. Price aware
  190. 190. Mix On-demand,Reserved Capacity and Spot
  191. 191. Relate tobusiness metrics
  192. 192. Cost per user
  193. 193. Cost peroperation
  194. 194. White papers:aws.amazon.com/ whitepapers
  195. 195. Prematureoptimisation
  196. 196. Maximise value
  197. 197. 4Security inthe Cloud
  198. 198. Sharedresponsibility
  199. 199. Requirementbased access
  200. 200. Certification
  201. 201. ISO 27001 +SAS 70 Type II
  202. 202. PCI DSS Level 1
  203. 203. Control objectivesSecurity organisation Employee lifecycle Logical security Secure data handling Physical security Environmental safeguardsChange management Incident handling Availability and Data integrity redundancy
  204. 204. DDOSMan in the Middle IP spoofing
  205. 205. Data access control
  206. 206. Detailed logging
  207. 207. Data stays local
  208. 208. Identity andaccess control
  209. 209. API level rights management
  210. 210. Account
  211. 211. BillingAccount credentials Account MFA
  212. 212. AccountDBA Developer Sys admin Finance Roles
  213. 213. AccountDBA Developer Sys admin Finance Roles Sally Robert Users Chris
  214. 214. Security credentials Multifactor authenticationManagement console access Data read/write access API level access
  215. 215. AccountDBA Developer Sys admin Finance Roles Sally Robert Users Chris
  216. 216. Networkisolation
  217. 217. Virtual Private Cloud
  218. 218. Virtual network topology
  219. 219. Public, privateIP address range subnetsVirtual network topology Route tables Network gateways
  220. 220. Network access control
  221. 221. Inbound OutboundNetwork access control S3 access VPN
  222. 222. Dedicatedinstances
  223. 223. Public subnetPublic facing website
  224. 224. Public subnet Network ACLs + security groups Private subnetMulti-tier applications
  225. 225. Public subnet Private subnet IPsec VPN On-premiseExtend your data centre
  226. 226. Private subnet IPsec VPN On-premiseExtend your data centre
  227. 227. DR
  228. 228. Backup to EC2 and EBS DR VM import
  229. 229. aws.amazon.com/security
  230. 230. aws.amazon.com
  231. 231. Thank you!
  232. 232. QUESTIONS + FEEDBACK:matthew@amazon.com @mza O N T W I T T E R

×