Flying Through the Clouds:
Piloting in the World of AWS
Presented by Eric Tendian
Eric Tendian

@EricTendian
/in/erictendian
ERIC@TENDIAN.IO
ABOUT ME
Chief Technology Officer for YSFlight Headquarters
Web Solutions Consultant for Tendian.io
Hacker, tinkerer, deve...
YSFLIGHT HEADQUARTERS
YSFLIGHT HEADQUARTERS
Online community for flight
simulator pilots
Discussion forums
Based around the game YSFlight
YSFHQ....
OUR PHILOSOPHY
Make the users work to get what they want
Bugs are fun!
Approach the cloud with caution
Windows Server FTW!
JUST KIDDING.
Our real philosophy:
Give the user the best experience, always
Pilots want fast & free
Fix, test, deploy
Use cloud wheneve...
What it really looks like
HOW DID WE ACCOMPLISH THIS?
AMAZON WEB SERVICES
http://www.youtube.com/watch?v=jOhbTAU4OPI
OUR SETUP
One EC2 micro instance
One RDS micro instance
Multiple S3 buckets
Cloudflare DNS
WHAT WE LEARNED
Start small
Make use of all AWS resources
Cloud is $$$ when managed poorly
Developers love AWS
HOW CAN I USE AWS?
Development machine(s)
Testing on the cloud
Side projects
Startups
Static website
EXCITED? LET’S GET STARTED.
Getting Started with AWS
Eric Tendian

Web Solutions Consultant, Tendian.io
Launching an
instance
Regions

Region
Regions

Region

US-WEST (N.
California)

EU-WEST (Ireland)
ASIA PAC
(Tokyo)

GOV CLOUD

US-EAST (Virginia)

US-WEST (Oreg...
Launch Wizard

Wizard
Launch Wizard

Choose
operating
system
Launch

Launch!
Launch Confirmation
Public Address

Instance
DNS name
SSH

Instance
DNS name
SSH
EC2
Compute
Vertical Scaling
From $0.02/hr

Elastic Compute Cloud (EC2)
Basic unit of compute capacity
Range of CPU, memory & ...
EC2 instance types
High I/O 4XL 60.5 GB
35 EC2 Compute Units
16 virtual cores
2*1024 GB SSD-based local instance
storage

...
EC2 instance types

Memory (GB)

Special
Storage

Light
Spiky

EC2 Compute Units
EC2 terminology

Instanc
e

AMI
EBS

Amazon Machine
Image

Running or
Stopped
machine

EBS

EBS

EBS

EBS

EBS

Availabili...
More details!
Sign up

1

2

3

4

5

Sign up:
aws.amazon.com
Sign up

1

2

3

4

5
Sign up

1

2

3

4

5
Sign up

1

2

3

4

5

You will need
Credit card information – you won’t pay unless you use resources
A telephone – on wh...
Sign up

1

2

3

4

5

You will need
Credit card information – you won’t pay unless you use resources
A telephone – on wh...
Sign up

1
Free tier

2

3

4

http://aws.amazon.com/free/

750 hours of Amazon EC2 Linux/RedHat/Suse Micro Instance usage...
Sign up

1

2

3

4

5
Sign up

Key pairs

1

2

3

4

5

Logging in to an
instance
Sign up

Key pairs

1

2

3

Instance key pairs
Standard SSH RSA Key pair
Public/Private Keys

4

5
Public Key

Inserted b...
Sign up

Key pairs

1

2

3

Instance key pairs
Standard SSH RSA Key pair
Public/Private Keys

4

5
Public Key

Inserted b...
Sign up

Key pairs

1

2

3

4

5

AWS generated keys
Select your region
Create keys
Give them a name
Private key is gener...
Sign up

Key pairs

1

2

3

4

5

1. Linux Launch (First Boot)
1. Instance initialization scripts insert public
key into ...
Sign up

Key pairs

1

2

3

4

5

1. Linux Launch (First Boot)
1. Instance initialization scripts insert public
key into ...
Sign up

Key pairs

1

2

3

4

5

1. Linux Launch (First Boot)
1. Instance initialization scripts insert public
key into ...
Sign up

Key pairs

1

2

3

4

5

1. Windows Launch (First Boot Sequence)
2. Instance initialization scripts:
a) Creates ...
Sign up

1

Choose key
pair when
launching
instance

Key pairs

2

3

4

5
Sign up

Key pairs

1

2

3

4

5

Keep
secure

Do not
share

Rotate

Need to
know
Sign up

Key pairs

1

2

3

4

5
Sign up

Key pairs

Access

1

2

3

4

5

Allowing access
to the instance
Sign up

Key pairs

Access

1

2

3

4

5

Let’s install something

sudo yum -y install httpd

Install apache web server

...
Sign up

Key pairs

Access

1

2

3

4

5

Security groups
Port 22
(SSH)
Port 80
(HTTP)

Security
Group

Name
Description
...
Sign up

Key pairs

Access

1

2

3

4

5

Open our security group

Security
groups
Added port 80
to group
Sign up

Key pairs

Access

1

2

3

4

5

T it by hitting the public DNS name of
est
the instance
Sign up

Key pairs

Access

1

2

3

4

5
Sign up

Key pairs

Access

Image

1

2

3

4

Reuse your
instance!

5
Sign up

Key pairs

Access

Image

1

2

3

4

Makes a snapshot of the instance
Creates an image that is private to you

S...
Sign up

Key pairs

Access

Image

1

2

3

4

Create
image

5
Sign up

Key pairs

Access

Image

1

2

3

4

Name it
and
create

5
Sign up

Access

Image

1

Your
AMI

Key pairs

2

3

4

5
Sign up

Access

Image

1

…and
launch a
new
instance
from the
AMI

Key pairs

2

3

4

5
Sign up

Key pairs

Access

Image

1

2

3

4

5
Sign up

Key pairs

Access

Image

IAM users

1

2

3

4

5

Who can start
an instance?
Sign up

Key pairs

Access

Image

IAM users

1

2

3

4

5

Identity and Access Management:
Securely control access to AW...
Sign up

Key pairs

Access

Image

IAM users

1

2

3

4

5

Account owner
Access to all subscribed services
Access to bil...
Sign up

Key pairs

Access

Image

IAM users

1

2

3

4

5

Account owner
Access to all subscribed services
Access to bil...
Sign up

Key pairs

Access

Image

IAM users

1

2

3

4

5

Account

Administrators

Developers

Applications

Jim

Brad
...
Sign up

Key pairs

Access

Image

IAM users

1

2

3

4

5

Groups

Account

Administrators

Developers

Applications

Ji...
Sign up

Key pairs

Access

Image

IAM users

1

2

3

4

5
Roles

Account

Administrators

Developers

Applications

Jim
...
Sign up

Key pairs

Access

Image

IAM users

1

2

3

4

5

{
"Statement": [
{
"Effect": "Allow",
"Action": [
"elasticbea...
Sign up

Key pairs

Access

Image

IAM users

1

2

3

4

5
Next Steps
Auto Scaling
Automatic re-sizing of compute clusters
based upon demand

Elastic Load Balancing
Create highly sc...
Next Steps
aws.amazon.com
get started with the free tier
Thanks!
Q & A?
For more info, please visit:
http://engineering.ysfhq.com
http://aws.amazon.com/
Upcoming SlideShare
Loading in …5
×

Flying Through the Clouds: Piloting in the World of AWS

1,396 views

Published on

In this talk I gave at IIT ITMO TechTalks 2013, I discussed how YSFlight Headquarters is using Amazon Web Services to give more reliable service to its users, while keeping costs down and maintenance time minimal. After discussing what I learned when using AWS for YSFHQ, I delved into how to get started with Amazon Web Services and some of the neat things you can do.
--
Eric Tendian (eric@tendian.io)
Web Solutions Consultant, Tendian.io
Chief Technology Officer, YSFlight Headquarters
Bachelor of Info. Tech. and Mgmt., Illinois Institute of Technology (c/o 2017)
Website: tendian.io

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,396
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Flying Through the Clouds: Piloting in the World of AWS

  1. 1. Flying Through the Clouds: Piloting in the World of AWS Presented by Eric Tendian
  2. 2. Eric Tendian @EricTendian /in/erictendian ERIC@TENDIAN.IO
  3. 3. ABOUT ME Chief Technology Officer for YSFlight Headquarters Web Solutions Consultant for Tendian.io Hacker, tinkerer, developer AVIATION
  4. 4. YSFLIGHT HEADQUARTERS
  5. 5. YSFLIGHT HEADQUARTERS Online community for flight simulator pilots Discussion forums Based around the game YSFlight YSFHQ.com
  6. 6. OUR PHILOSOPHY
  7. 7. Make the users work to get what they want Bugs are fun! Approach the cloud with caution Windows Server FTW!
  8. 8. JUST KIDDING.
  9. 9. Our real philosophy: Give the user the best experience, always Pilots want fast & free Fix, test, deploy Use cloud whenever possible
  10. 10. What it really looks like
  11. 11. HOW DID WE ACCOMPLISH THIS?
  12. 12. AMAZON WEB SERVICES http://www.youtube.com/watch?v=jOhbTAU4OPI
  13. 13. OUR SETUP One EC2 micro instance One RDS micro instance Multiple S3 buckets Cloudflare DNS
  14. 14. WHAT WE LEARNED Start small Make use of all AWS resources Cloud is $$$ when managed poorly Developers love AWS
  15. 15. HOW CAN I USE AWS? Development machine(s) Testing on the cloud Side projects Startups Static website
  16. 16. EXCITED? LET’S GET STARTED.
  17. 17. Getting Started with AWS Eric Tendian Web Solutions Consultant, Tendian.io
  18. 18. Launching an instance
  19. 19. Regions Region
  20. 20. Regions Region US-WEST (N. California) EU-WEST (Ireland) ASIA PAC (Tokyo) GOV CLOUD US-EAST (Virginia) US-WEST (Oregon) ASIA PAC (Singapore) SOUTH AMERICA (Sao Paulo) ASIA PAC (Sydney)
  21. 21. Launch Wizard Wizard
  22. 22. Launch Wizard Choose operating system
  23. 23. Launch Launch!
  24. 24. Launch Confirmation
  25. 25. Public Address Instance DNS name
  26. 26. SSH Instance DNS name
  27. 27. SSH
  28. 28. EC2
  29. 29. Compute Vertical Scaling From $0.02/hr Elastic Compute Cloud (EC2) Basic unit of compute capacity Range of CPU, memory & local disk options 18 Instance types available, from micro to cluster compute Feature Details Flexible Run Windows or Linux distributions Scalable Wide range of instance types from micro to cluster compute Machine Images Full control Secure Configurations can be saved as machine images (AMIs) from which new instances can be created Full root or administrator rights Full firewall control via Security Groups Monitoring Publishes metrics to Cloud Watch Inexpensive On-demand, Reserved and Spot instance types VM Import/Export Import and export VM images to transfer configurations in and out of EC2
  30. 30. EC2 instance types High I/O 4XL 60.5 GB 35 EC2 Compute Units 16 virtual cores 2*1024 GB SSD-based local instance storage 256 Memory (GB) 32 Cluster Compute 4XL 23 GB 33.5 EC2 Compute Units Extra Large 15 GB 8 EC2 Compute Units 4 virtual cores 16 2 Cluster Compute 8XL 60.5 GB 88 EC2 Compute Units Hi-Mem 2XL 34.2 GB 13 EC2 Compute Units 4 virtual cores Hi-Mem XL 17.1 GB 6.5 EC2 Compute Units 2 virtual cores 64 4 Hi-Mem Cluster Compute 8XL 244 GB 88 EC2 Compute Units 16 virtual cores 240 GB SSD Hi-Mem 4XL 68.4 GB 26 EC2 Compute Units 8 virtual cores 128 8 High Storage 8XL 117 GB 35 EC2 Compute Units, 24 * 2 TB ephemeral drives 10 GB Ethernet Medium 3.7 GB, 2 EC2 Compute Units 1 virtual core M3 XL 15 GB 13 EC2 Compute Units 4 virtual cores EBS storage only Large 7.5 GB 4 EC2 Compute Units 2 virtual cores Small 1.7 GB, 1 EC2 Compute Unit 1 virtual core Micro 613 MB Up to 2 ECUs (for short bursts) 1 1 2 4 8 High-CPU Med 1.7 GB 5 EC2 Compute Units 2 virtual cores 16 32 M3 2XL 30 GB 26 EC2 Compute Units 8 virtual cores EBS storage only Cluster GPU 4XL 22 GB 33.5 EC2 Compute Units, 2 x NVIDIA Tesla “Fermi” M2050 GPUs High-CPU XL 7 GB 20 EC2 Compute Units 8 virtual cores 64 EC2 Compute Units 128 256
  31. 31. EC2 instance types Memory (GB) Special Storage Light Spiky EC2 Compute Units
  32. 32. EC2 terminology Instanc e AMI EBS Amazon Machine Image Running or Stopped machine EBS EBS EBS EBS EBS Availability Zone AZ EBS Snapshots S3 Region S3 Buckets
  33. 33. More details!
  34. 34. Sign up 1 2 3 4 5 Sign up: aws.amazon.com
  35. 35. Sign up 1 2 3 4 5
  36. 36. Sign up 1 2 3 4 5
  37. 37. Sign up 1 2 3 4 5 You will need Credit card information – you won’t pay unless you use resources A telephone – on which to receive an automated security call
  38. 38. Sign up 1 2 3 4 5 You will need Credit card information – you won’t pay unless you use resources A telephone – on which to receive an automated security call Best practice Setup billing alerts so you can be notified when levels of spend are reached If you have existing accounts, consider using consolidated billing to bring them together under one payment
  39. 39. Sign up 1 Free tier 2 3 4 http://aws.amazon.com/free/ 750 hours of Amazon EC2 Linux/RedHat/Suse Micro Instance usage 750 hours of Amazon EC2 Microsoft Windows Server Micro Instance usage 750 hours of an Elastic Load Balancer 30 GB of Amazon Elastic Block Storage 5 GB of Amazon S3 standard storage 100 MB of storage, 5 units of write capacity, and 10 units of read capacity for Amazon DynamoDB* 25 Amazon SimpleDB Machine Hours and 1 GB of Storage 1,000 Amazon SWF workflow executions* 1,000,000 Requests of Amazon Simple Queue Service* 1,000,000 Requests, 100,000 HTTP and 1,000 email notifications for Amazon Simple Notification Service* 10 Amazon CloudWatch metrics, 10 alarms, and 1,000,000 API requests* 15 GB of bandwidth out aggregated across all AWS services 750 hours of Amazon RDS for SQL Server Micro DB Instance usage 20 GB of RDS database storage 10 million RDS I/Os 20 GB of backup storage for your automated RDS database backups and any user-initiated DB Snapshots 20 minutes of SD transcoding or 10 minutes of HD transcoding in Amazon Elastic Transcoder* 5
  40. 40. Sign up 1 2 3 4 5
  41. 41. Sign up Key pairs 1 2 3 4 5 Logging in to an instance
  42. 42. Sign up Key pairs 1 2 3 Instance key pairs Standard SSH RSA Key pair Public/Private Keys 4 5 Public Key Inserted by Amazon into each EC2 instance that you launch Public key provided by AWS to EC2 instance for secure, personalized, initial, non-generic access Supports NIST and other security standards for providing non-default user access EC2 Instance Comms secured with private key Private Key Downloaded and stored by you
  43. 43. Sign up Key pairs 1 2 3 Instance key pairs Standard SSH RSA Key pair Public/Private Keys 4 5 Public Key Inserted by Amazon into each EC2 instance that you launch Public key provided by AWS to EC2 instance for secure, personalized, initial, non-generic access Supports NIST and other security standards for providing non-default user access Private keys are not stored by AWS EC2 Instance Comms secured with private key Private Key Downloaded and stored by you
  44. 44. Sign up Key pairs 1 2 3 4 5 AWS generated keys Select your region Create keys Give them a name Private key is generated and downloaded by your browser immediately Create 1 key pair for all resources or as many as you like (e.g 1 per server type) Import your own keys You supply only the public key to AWS
  45. 45. Sign up Key pairs 1 2 3 4 5 1. Linux Launch (First Boot) 1. Instance initialization scripts insert public key into ~/.ssh/authorized_keys 2. User connects with SSH using their Private Key ssh –I eu-west.pem ec2-user@publicdns.amazonaws.com
  46. 46. Sign up Key pairs 1 2 3 4 5 1. Linux Launch (First Boot) 1. Instance initialization scripts insert public key into ~/.ssh/authorized_keys ssh –I eu-west.pem ec2-user@publicdns.amazonaws.com 2. User connects with SSH using their Private Key You can’t log into a Linux instance without key
  47. 47. Sign up Key pairs 1 2 3 4 5 1. Linux Launch (First Boot) 1. Instance initialization scripts insert public key into ~/.ssh/authorized_keys ssh –I eu-west.pem ec2-user@publicdns.amazonaws.com 2. User connects with SSH using their Private Key Don’t lose it
  48. 48. Sign up Key pairs 1 2 3 4 5 1. Windows Launch (First Boot Sequence) 2. Instance initialization scripts: a) Creates a random Administrator password b) Encrypts random password with Public Key c) Reports encrypted password to Windows System Log 3. User retrieves the encrypted password and decrypts it with their Private Key (using AWS Console or API Call)
  49. 49. Sign up 1 Choose key pair when launching instance Key pairs 2 3 4 5
  50. 50. Sign up Key pairs 1 2 3 4 5 Keep secure Do not share Rotate Need to know
  51. 51. Sign up Key pairs 1 2 3 4 5
  52. 52. Sign up Key pairs Access 1 2 3 4 5 Allowing access to the instance
  53. 53. Sign up Key pairs Access 1 2 3 4 5 Let’s install something sudo yum -y install httpd Install apache web server sudo chkconfig httpd on Set it to run as a service sudo /etc/init.d/httpd start Start the web server
  54. 54. Sign up Key pairs Access 1 2 3 4 5 Security groups Port 22 (SSH) Port 80 (HTTP) Security Group Name Description Protocol Port range IP Address, range, or another security group EC2 Classic Inbound only instance EC2 VPC (virtual private cloud) Inbound and outbound TCP UDP ICMP only , , Assigned at launch Modify anytime Any protocol Assigned at launch or when running Modify anytime
  55. 55. Sign up Key pairs Access 1 2 3 4 5 Open our security group Security groups Added port 80 to group
  56. 56. Sign up Key pairs Access 1 2 3 4 5 T it by hitting the public DNS name of est the instance
  57. 57. Sign up Key pairs Access 1 2 3 4 5
  58. 58. Sign up Key pairs Access Image 1 2 3 4 Reuse your instance! 5
  59. 59. Sign up Key pairs Access Image 1 2 3 4 Makes a snapshot of the instance Creates an image that is private to you Saves time in deployments and system setup 5
  60. 60. Sign up Key pairs Access Image 1 2 3 4 Create image 5
  61. 61. Sign up Key pairs Access Image 1 2 3 4 Name it and create 5
  62. 62. Sign up Access Image 1 Your AMI Key pairs 2 3 4 5
  63. 63. Sign up Access Image 1 …and launch a new instance from the AMI Key pairs 2 3 4 5
  64. 64. Sign up Key pairs Access Image 1 2 3 4 5
  65. 65. Sign up Key pairs Access Image IAM users 1 2 3 4 5 Who can start an instance?
  66. 66. Sign up Key pairs Access Image IAM users 1 2 3 4 5 Identity and Access Management: Securely control access to AWS services and resources for your users
  67. 67. Sign up Key pairs Access Image IAM users 1 2 3 4 5 Account owner Access to all subscribed services Access to billing reports Access to console, REST and SOAP APIs IAM users/groups Access to specific services Access to console and/or REST APIs and/or SOAP APIs
  68. 68. Sign up Key pairs Access Image IAM users 1 2 3 4 5 Account owner Access to all subscribed services Access to billing reports Access to console, REST and SOAP APIs Master user account – owns payment method Regular users IAM users/groups Access to specific services Access to console and/or REST APIs and/or SOAP APIs
  69. 69. Sign up Key pairs Access Image IAM users 1 2 3 4 5 Account Administrators Developers Applications Jim Brad Reporting Bob Mark Console Susan Tomcat Kevin
  70. 70. Sign up Key pairs Access Image IAM users 1 2 3 4 5 Groups Account Administrators Developers Applications Jim Brad Reporting Bob Mark Console Susan Tomcat Kevin Multi-factor authentication
  71. 71. Sign up Key pairs Access Image IAM users 1 2 3 4 5 Roles Account Administrators Developers Applications Jim Brad Reporting Bob Mark Console Susan Tomcat Kevin AWS system entitlements
  72. 72. Sign up Key pairs Access Image IAM users 1 2 3 4 5 { "Statement": [ { "Effect": "Allow", "Action": [ "elasticbeanstalk:*", "ec2:*", "elasticloadbalancing:*", "autoscaling:*", "cloudwatch:*", "s3:*", "sns:*" ], "Resource": "*" } ] Policy driven Declarative definition of rights for groups Policies control access to AWS APIs }
  73. 73. Sign up Key pairs Access Image IAM users 1 2 3 4 5
  74. 74. Next Steps Auto Scaling Automatic re-sizing of compute clusters based upon demand Elastic Load Balancing Create highly scalable applications Distribute load across EC2 instances in multiple availability zones Relational Database Service Database-as-a-Service No need to install or manage database instances Scalable and fault tolerant configurations
  75. 75. Next Steps
  76. 76. aws.amazon.com get started with the free tier
  77. 77. Thanks! Q & A? For more info, please visit: http://engineering.ysfhq.com http://aws.amazon.com/

×