2. Introduction
• 30+ Years in Digital Media.
• 20+ Years in Web Development.
• 7 Years AWS Development.
• Currently a DevOps Engineer for
Capgemini, working at HMRC Digital.
John Dalziel
@crashposition
3. What we’ll cover
• Amazon Web Services
• AWS Architectures:
Virtual Machines, Containers
and Serverless
• Q&A
John Dalziel
@crashposition
4.
5.
6. • Launched in 1995
• World’s biggest online retailer.
• Handles one third of all US e-commerce.
• Amazon is valued in excess of $1 trillion.
9. MANAGED WEB SERVICES
A Web Service is any cloud-based, managed service:
examples:
• Web Hosting (e.g. Wix, Squarespace)
• Web Mail (e.g. GMail)
• Web Storage (e.g. Dropbox)
10. • Security and Compliance is a shared responsibility between
AWS and the customer.
• System architecture choices can greatly influence this balance.
SHARED RESPONSIBILITY
11. MANAGED WEB SERVICES
SaaS
Least Control Most Control
Least Responsibility Most Responsibility
PaaS IaaS
Software as a Service Infrastructure as a ServicePlatform as a Service
Wix, Squarespace,
Shopify
AWS, Google Cloud,
Microsoft Azure
Heroku, GoDaddy
Software
YOUR RESPONSIBILITIES
Operating System
Hardware
Software
Operating System
Hardware
Software
Operating System
Hardware
12. INFRASTRUCTURE AS A SERVICE
• Amazon Web Services (launched 2002)
• Google Cloud (launched 2004)
• Microsoft Azure (launched 2009)
Market Leaders
20. WEB SERVICES are MODULAR
• Web Services are modular and self contained.
• Web Services have no external dependencies.
• Communication is through a well defined API
(Application Programming Interface).
21. AWS is MODULAR
• Each service has a dedicated team.
• Each service is self-contained.
(no external dependencies)
• Each service exposes an API.
22. AMAZON is MODULAR
• All teams will henceforth expose their data and
functionality through service interfaces.
• Teams must communicate with each other
through these interfaces.
• There will be no other form of interprocess
communication allowed: no direct linking, no
direct reads of another team's data store, no
shared-memory model, no back-doors
whatsoever. The only communication allowed is
via service interface calls over the network.
Excerpts from a Jeff Bezos memo c2002. • It doesn't matter what technology they use.
HTTP, Corba, Pubsub, custom protocols --
doesn't matter. Bezos doesn't care.
• All service interfaces, without exception,
must be designed from the ground up to be
externalizable. That is to say, the team must
plan and design to be able to expose the
interface to developers in the outside world.
No exceptions.
• Anyone who doesn't do this will be fired.
• Thank you; have a nice day!
32. AWS is available in 22 Geographical Regions (4 more planned)
Each region contains multiple Availability Zones (AZ’s)
Each AZ can span one or more data centres.
PRIVATE NETWORK
33. PRIVATE NETWORK
Region
Availability Zone Availability Zone Availability Zone
VPC
Public Subnet
Private Subnet
Public Subnet
Private Subnet
Public Subnet
Private Subnet
34. VPC: Virtual Private Cloud
PRIVATE NETWORK
Public
Subnets
Private
Subnets
Routing
Tables
Internet
Gateway
VPN
Gateway
37. EC2: Elastic Compute
SERVERS
Virtual Machines
Instance Type
CPU, Memory,
Network I/O
OS
Linux or
Windows
Location
Region & AZ
Firewall Rules
Security Groups
42. Route 53
DNS
• Highly Available Public and Private DNS.
• Full support for IPv4 and IPv6.
• DNS Failover, DNS Health Checks, Latency
Based Routing, Geo DNS, Geoproximity…
79. AWS Services to expose an API
WEB API
API Gateway
Internet Gateway
for APIs
API Gateway provides a unified front end to a wide range of back end services.
EC2 ECS Lambda