AWS offers managed services that work with applications to support queuing, streaming, and notifications, to send emails, to search content, and even to manage your applications' APIs. In this open round table and whiteboard chalk talk session, you have an opportunity to meet with AWS solutions architects and ask technical questions about AWS application services. You can also learn about the most common solutions and architectures using a message queue service (Amazon SQS), workflow service (Amazon SWF), app streaming (Amazon AppStream), transcoding (Amazon Elastic Transcoder), email (Amazon SES), search (Amazon CloudSearch), and API management (Amazon API Gateway).
AWS offers managed services that work with applications to support queuing, streaming, notifications, send emails, search content and even manage API’s of your applications.
In this open round table and whiteboard chalk talk session you have an opportunity to meet with AWS Solutions Architects and ask technical questions about AWS application services. Also learn from the most common solutions and architectures using Message Queue Service (Amazon SQS), Workflow (Amazon SWF), App Streaming (Amazon AppStream), Transcoding (Amazon Elastic Transcoder), Email (Amazon SES), Search (Amazon CloudSearch), API Management (Amazon API Gateway).
Application Services
Services that wrap software you’d commonly install and manage yourself
Customers currently using one or more AWS Application Services
What is Amazon API Gateway?
Amazon API Gateway allows developers to:
Host multiple versions and stages of APIs
Create and distribute API Keys to developers
Leverage AWS Sigv4 to authorize access to APIs
Throttle and monitor requests to protect the backend
Leverage AWS Lambda
Manage cache to store API responses
Reduce latency and DDoS protection through CloudFront
SDK Generation for iOS, Android, and JavaScript
Swagger support
Request / Response data transformation and API mocking
What problem are we solving
Customers asked for tools to help them create and operate APIs so they didn’t have to build and manage the infrastructure themselves. Amazon API Gateway provides a simple, flexible, fully-managed, pay-as-you-go service that handles all aspects of creating and operating robust APIs for application backends. Customers can launch new services with APIs faster with reduced investment so they can focus their energy on building their core services.
Value?
Managing multiple versions and stages of an API is difficult
Monitoring 3rd party developers’ access is time consuming
Access authorization is a challenge
Traffic spikes create operational burden
What if I don’t want servers at all?
Amazon API Gateway was built to help with these aspects of creating and operating APIs:
Security Amazon API Gateway gives developers multiple tools to authenticate API users and control service operation access. Developers can authenticate API calls with AWS Identity and Access Management (IAM), public or private identity providers via Amazon Cognito, or simply by using API keys generated by Amazon API Gateway.
Resiliency Applications, especially mobile, can operate on high latency connections, and each round-trip to the server degrades the user experience. With Amazon API Gateway, developers can optimize performance by minimizing round-trips to the server with web service calls that combine multiple backend operations, and aggregate, filter, and compress the response to the client. With traffic management rules for caching, throttling and quotas, developers can manage the load from heavy traffic so that backend operations can withstand traffic spikes.
The first thing we want to look at is the standard flow of an API call, including all components in the system
1) First, a request comes in from a client, this could be a mobile device, a web application or a backend service
2) The requests arrives at one of our CloudFront PoP locations, it’s accepted and routed through to the API Gateway in the customer’s region
3) The API Gateway receives the request, then checks for records in the dedicated cache (if it is configured). If there are no cached records available then it will forward the request to the backend for processing.
4) The backend can be a Lambda function, a web service running on Amazon EC2, or any other publicly accessible web service
5) Once the backend has processed the request the API call metrics are logged in Amazon CloudWatch and the content is returned to the client
What is the Amazon AppStream STX Protocol?
It is a proprietary protocol used to stream application audio and video over a variety of network conditions. It also sends user input over TCP back to the app. Network conditions are measured throughout and the data is sent back to the server so the streaming video and audio can be altered accordingly.
H.264 video and audio streaming uses Opus
Application streaming service that lets you stream resource intensive applications in the cloud
Using the SDK, output can be streamed to devices running FireOS, Android, Chrome, iOS, Mac, and Microsoft Windows
Render content in the cloud and scale on demand
Run existing Windows applications from the cloud without code modifications
Stream entire application or only part of the application
Use Case Highlights
Stream applications that leverage the compute power of AWS like CAD, 3D modeling, simulations, games, medical imaging, and life sciences applications that wouldn’t normally be possible due to constraints of low-powered devices
A game could use a hybrid scenario, in which you stream part of an application from Amazon AppStream and host part of the application natively on the device
use cases for the service are providing brief game demos and longer-term support for high-value applications, like CAD and medical imaging
Nvidia GRID drivers
http://www.nvidia.com/download/driverResults.aspx/64595/en-us
Troubleshooting
XSTX_STOP_REASON_SESSION_REQUEST_FAILED
Check if you have installed any Internet Security software. Some Internet Security software inspects the secure connections and breaks the application in this process. If you have AVG Internet Security just disable the option Scan encrypted (TLS and SSL) network traffic in Web Browsing Protection -> Online Shield -> Expert Settings If you have Avast! Look for the *SETTINGS* tab (the last one) -> *Active Protection* tab. In *Web Shield* click Customize. Uncheck Enable HTTPS scanning. OK, OK. If you have Bitdefender Go to *PROTECTION* -> Web Protection. Uncheck Scan SSL.
Uses cases
IMDB
Core Features
Amazon CloudSearch has been modified to use Apache Solr as the underlying text search engine.
Transcoding
What is Transcoding?
Direct digital to digital data conversion of one encoding to another, such as used to movie or audio files.
Windows media file (WMV) which will work on a version that works on iPhone or Android phone. Transcode to MP4
Go here for sample files: https://archive.org/
Encoder
System that converts into a message, image, video into coded form
Decoder
System that converts a coded data into a message, image, audio
Codec
Contractions of encoder and decoder
+++++++++++++++++++++++++++++++
Amazon Elastic Transcoder lets you convert media files that you have stored in Amazon Simple Storage Service (Amazon S3) into media files in the formats required by consumer playback devices. For example, you can convert large, high-quality digital media files into formats that users can play back on mobile devices, tablets, web browsers, and connected televisions.
Elastic Transcoder has three components:
Jobs
Jobs do the work of transcoding. Each job converts one file into one format. For example, if you want to convert a media file into six different formats, you create six jobs. When you create a job, you specify the name of the file that you want to transcode, the name that you want Elastic Transcoder to give to the transcoded file, and several other settings. You also specify a template, known as a preset (see below), that contains the audio and video settings that you want to use for the transcoded file.
Pipelines
Pipelines are queues that manage your transcoding jobs. When you create a job, you specify which pipeline you want to add the job to. Elastic Transcoder starts processing the jobs in a pipeline in the order in which you added them. Typically, you'll create at least two pipelines—one for standard-priority jobs, and one for high-priority jobs. Most jobs go into the standard-priority pipeline; you use the high-priority pipeline only when you need to transcode a file immediately. If there are other jobs in a pipeline when you create a job, Elastic Transcoder begins processing the new job when resources are available. A pipeline can process more than one job simultaneously, and the time required to complete a job varies significantly based on the size of the file you're converting and the job specifications. Accordingly, jobs don't necessarily complete in the order in which you create them. You can temporarily stop processing jobs by pausing the pipeline.
Example: you can have a pipeline for images at low resolution and a pipeline for high resolution
Presets
Presets are templates that contain most of the settings for transcoding media files from one format to another. Elastic Transcoder includes some default presets for common formats, for example, several iPod and iPhone versions. You can also create your own presets for formats that aren't included among the default presets. You specify which preset you want to use when you create a job.
Elastic Transcoder entities are subject to the following limitations:
Pipelines: 4 per AWS account
Jobs: 1,000 per pipeline
Presets: 50 user-defined presets per AWS account (system provided presets that don't count against the limit.)
Security
Encryption at rest: Server managed keys
Outputs are saved to Amazon S3 using S3 server side encryptionDownloaded media is not protected, it is decrypted as it is read from Amazon S3
Encryption at rest: Client provided keys
Inputs can be protected, client provides decryption keyOutputs can be encrypted, client provides encryption keyDownloaded media is protected (cannot play directly from S3 or Amazon CloudFront)
Protecting Keys
Amazon Elastic Transcoder only accepts AWS KMS protected keys Key is never written or stored in clear text
Encryption for HLS streams
Built on top of “client provided keys” APIAmazon Elastic Transcoder generates HLS playlists embedding URI for decryption key
Now Inbound and Outbound – September 2015
https://aws.amazon.com/blogs/aws/new-receive-and-process-incoming-email-with-amazon-ses/
Redundant infrastructure - GUARANTEES DELIVERY OF MESSAGE AT LEAST ONCE, CONCURRENT ACCESS TO MESSAGES, HIGH AVAILABLITY
The diagram shows that a single queue, which has its messages (labeled A-E), is redundantly saved across multiple Amazon SQS servers.
Reliable - Managed message queuing service that makes it simple to decouple cloud application components – developers can use SQS by using only five APIs: CreateQueue, SendMessage, ReceiveMessage, ChangeMessageVisibility, and DeleteMessage
Scalable - Transmit any volume of data without losing messages or requiring other services to always be available - to enable an unlimited number of services to read and write an unlimited number of messages at any time
Messages can be sent, received or deleted in batches of up to 10 messages or 256KB. Batches cost the same amount as single messages, meaning SQS can be even more cost effective for customers that use batching.
Messages can be retained in queues for up to 14 days
Distributed Queues - QUEUES FOR STORING MESSAGES IN FLIGHT BETWEEN ENDPOINTS DOES NOT REQUIRE HOST AVAILABILITY. Amazon Simple Queue Service (Amazon SQS) offers reliable and scalable hosted queues for storing messages as they travel between computers. By using Amazon SQS, you can move data between distributed components of your applications that perform different tasks without losing messages or requiring each component to be always available.
Cross-region resource sharing support - A queue can be created in any region
Multiple readers and writers - LOCKS MESSAGE DURING PROCESSING
Multiple parts of your system can send or receive messages at the same time
Amazon SQS locks the message during processing, keeping other parts of your system from processing the message simultaneously.
Configurable queues - EXAMPLE: VARIABLE PROCESSING TIME
All of your queues don't have to be exactly alike
For example, one queue can be optimized for messages that require a longer processing time than others.
Variable message size - can contain up to 256KB of text in any format. WHEN BIGGER HAVE SQS STORE A REF TO S3 OR DYNAMODB, SPLIT LONGER MESSAGES INTO SHORTER ONES
Your messages can be up to 262,144 bytes (256 KB) in size
For even larger messages, you can store the contents of the message using the Amazon Simple Storage Service (Amazon S3) or Amazon DynamoDB, and use Amazon SQS to hold a pointer to the Amazon S3 or Amazon DynamoDB object. Alternately, you can split the larger message into smaller ones.
The message payload can contain up to 256KB of text in any format. Each 64KB ‘chunk’ of payload is billed as 1 request. For example, a single API call with a 256KB payload will be billed as four requests.
Access control - supports resource based permissions – Access Policies, Authentication mechanisms are provided to ensure that messages stored in Amazon SQS queues are secured against unauthorized access
YOU CONTROL WHO CAN SEND OR RECEIVE
There are two types of permissions, user-based and resource-based. They are nearly identical in appearance and function but have some slight syntax differences. The difference between the two types of permissions is in where they are applied.
User-based resources are attached to the IAM user and indicate what the user is permitted to do. Resource-based permissions are attached to a resource and indicate what a specified user (or group of users) is permitted to do with it. Amazon Simple Storage Service (Amazon S3), Amazon Simple Queue Service (Amazon SQS), Amazon Simple Notification Service (Amazon SNS) and AWS OpsWorks are the only services that support resource-based permissions.
(AWS)
Delay queues - USER SET DELAY FOR ALL QUEUED MESSAGES
A delay queue is one which the user sets a default delay on a queue such that delivery of all messages enqueued will be postponed for that duration of time. You can set the delay value when you create a queue with CreateQueue, and you can update the value with SetQueueAttributes. If you update the value, the new value affects only messages enqueued after the update.
+++++++++++++++++++++++++++++++++++
Use cases
Batch Processing
Using SQS for durable Batch writes (batch API)
Discard stale messages
Managed message queuing service that makes it simple to decouple cloud application components
Transmit any volume of data without losing messages or requiring other services to always be available
Message payload can contain up to 256KB of text in any format
What is SWF?
Orchestration tool across your infrastructure
Enables scalable, resilient, truly distributed applications
Makes it easy to build applications that coordinate work across distributed components.
Durable, distributed state management
Asynchronous invocation and even-driven execution
Accessible anywhere from any programming language
Low cost, reliability, and scalability are all built in
Why SWF?
Orchestration is a foundational need for business process implementations and distributed applications
Provides asynchronous interactions and loosely couple designs
Building reliable task dispatch & state management is hard
Lack of task based programming models
Developers should concentrate on building business functionality and not on building the plumbing for orchestration
Orchestration is a foundational need for business process implementations and distributed applications
Provides asynchronous interactions and loosely couple designs
Building reliable task dispatch & state management is hard
Lack of task based programming models
Developers should concentrate on building business functionality and not on building the plumbing for orchestration
Appstream – Overview
Client side application – Amazon AppStream Example Client
Enable the Service
AWS Entitlement Service
Stream application hosted on G2 instances
Request Authorization
Create Session
Return session ID to Entitlement service
Generate/Returns Entitlement URL
Access Entitlement URL
Stream Audio and Video to client and Steam User Input to Application
The file main.cpp is the source code for a sample implementation of a streaming application that can be streamed from Amazon AppStream. This sample is in the <SDK_dir>\example_src\server\windows\SimpleDirectXServer directory of the Amazon AppStream SDK.
The sample application uses DirectX for video rendering and XAudio2 for audio rendering. Walking through the sample code is useful in understanding how to construct an application.
http://docs.aws.amazon.com/appstream/latest/developerguide/appstream-build-app-sample.html
Amazon Elastic Transcoder
VOD – Video on Demand
Live Streaming
Media servers, application running on EC2. Wowza can encode and transport real time and deliver why HTTPS via CloudFront
Benefits
Automate workflow without using application servers.
Currently, we allow a maximum of 100,000 jobs per pipeline. Once you exceed this limit, you will receive a 429 Rate Limit Exception. If you require this limit to be raised, please contact us here.
Amazon Elastic Transcoder
Live Streaming
Media servers, application running on EC2. Wowza can encode and transport real time and deliver with HTTPS via CloudFront
Benefits
Automate workflow without using application servers.
Jobs
Jobs do the work of transcoding. Each job converts one file into one format. For example, if you want to convert a media file into six different formats, you create six jobs. When you create a job, you specify the name of the file that you want to transcode, the name that you want Elastic Transcoder to give to the transcoded file, and several other settings. You also specify a template, known as a preset (see below), that contains the audio and video settings that you want to use for the transcoded file.
Pipelines
Pipelines are queues that manage your transcoding jobs. When you create a job, you specify which pipeline you want to add the job to. Elastic Transcoder starts processing the jobs in a pipeline in the order in which you added them. Typically, you'll create at least two pipelines—one for standard-priority jobs, and one for high-priority jobs. Most jobs go into the standard-priority pipeline; you use the high-priority pipeline only when you need to transcode a file immediately. If there are other jobs in a pipeline when you create a job, Elastic Transcoder begins processing the new job when resources are available. A pipeline can process more than one job simultaneously, and the time required to complete a job varies significantly based on the size of the file you're converting and the job specifications. Accordingly, jobs don't necessarily complete in the order in which you create them. You can temporarily stop processing jobs by pausing the pipeline.
Example: you can have a pipeline for images at low resolution and a pipeline for high resolution
Presets
Presets are templates that contain most of the settings for transcoding media files from one format to another. Elastic Transcoder includes some default presets for common formats, for example, several iPod and iPhone versions. You can also create your own presets for formats that aren't included among the default presets. You specify which preset you want to use when you create a job.
Elastic Transcoder entities are subject to the following limitations:
Pipelines: 4 per AWS account
Jobs: 1,000 per pipeline
Presets: 50 user-defined presets per AWS account (system provided presets that don't count against the limit.)
Amazon Elastic Transcoder
ive Streaming
Media servers, application running on EC2. Wowza can encode and transport real time and deliver with HTTPS via CloudFront
Benefits
Automate workflow without using application servers.
Supported Formats
3GP (It is used on 3G mobile phones but can also be played on some 2G and 4G phones.)
AAC (AAC and MP3 are both lossy audio compression formats. AAC is the default format used by iTunes. It produces better audio quality than MP3 for a given data rate (e.g., 128 kbps) and is playable in almost all software that can play MP3 files).
AVI, WMV, FLV, MP4 and MPEG-2.
We do not support reading Apple ProRes files or raw camera formats like ARRI and RED at this time.
H.264, VP8, MPEG-2, and animated GIF.
File formats supported include MPEG-2 TS container (for HLS), fmp4 (for Smooth Streaming), MP4, WebM, FLV, MPG, and MXF (XDCAM-compatible).
We support the following audio codecs: AAC, MP3, MP2, PCM, FLAC, and Vorbis. Audio-only file formats supported include MP3, MP4, FLAC, OGA, and OGG.
Jobs
Jobs do the work of transcoding. Each job converts one file into one format. For example, if you want to convert a media file into six different formats, you create six jobs. When you create a job, you specify the name of the file that you want to transcode, the name that you want Elastic Transcoder to give to the transcoded file, and several other settings. You also specify a template, known as a preset (see below), that contains the audio and video settings that you want to use for the transcoded file.
Pipelines
Pipelines are queues that manage your transcoding jobs. When you create a job, you specify which pipeline you want to add the job to. Elastic Transcoder starts processing the jobs in a pipeline in the order in which you added them. Typically, you'll create at least two pipelines—one for standard-priority jobs, and one for high-priority jobs. Most jobs go into the standard-priority pipeline; you use the high-priority pipeline only when you need to transcode a file immediately. If there are other jobs in a pipeline when you create a job, Elastic Transcoder begins processing the new job when resources are available. A pipeline can process more than one job simultaneously, and the time required to complete a job varies significantly based on the size of the file you're converting and the job specifications. Accordingly, jobs don't necessarily complete in the order in which you create them. You can temporarily stop processing jobs by pausing the pipeline.
Example: you can have a pipeline for images at low resolution and a pipeline for high resolution
Presets
Presets are templates that contain most of the settings for transcoding media files from one format to another. Elastic Transcoder includes some default presets for common formats, for example, several iPod and iPhone versions. You can also create your own presets for formats that aren't included among the default presets. You specify which preset you want to use when you create a job.
Elastic Transcoder entities are subject to the following limitations:
Pipelines: 4 per AWS account
Jobs: 1,000 per pipeline
Presets: 50 user-defined presets per AWS account (system provided presets that don't count against the limit.)
Use Cases
Work queues - Decouple components of a distributed application that may not all process the same amount of work simultaneously.
Buffer and Batch Operations - Add scalability and reliability to your architecture, and smooth out temporary volume spikes without losing messages or increasing latency.
Request Offloading - Move slow operations off of interactive request paths by enqueing the request
Fanout - Combine SQS with Simple Notification Service (SNS) to send identical copies of a message to multiple queues in parallel for simultaneous processing.
Autoscaling - You can use Amazon SQS queues to help determine the load on an application, and when combined with Auto Scaling, you can scale the number of Amazon EC2 instances out or in depending upon the volume of traffic.
Amazon SNS works closely with Amazon Simple Queue Service (Amazon SQS). Both services provide different benefits for developers.
Amazon SNS allows applications to send time-critical messages to multiple subscribers through a “push” mechanism, eliminating the need to periodically check or “poll” for updates.
Amazon SQS is a message queue service used by distributed applications to exchange messages through a polling model, and can be used to decouple sending and receiving components—without requiring each component to be concurrently available.
By using Amazon SNS and Amazon SQS together, messages can be delivered to applications that require immediate notification of an event, and also persisted in an Amazon SQS queue for other applications to process at a later time.
When you subscribe an Amazon SQS queue to an Amazon SNS topic, you can publish a message to the topic and Amazon SNS sends an Amazon SQS message to the subscribed queue. The Amazon SQS message contains the subject and message that were published to the topic along with metadata about the message in a JSON document. The Amazon SQS message will look similar to the following JSON document.
You can also create Email notifications which you can subscribe to which will alert if there is user input needed.
When using Amazon SNS, you (as the owner) create a topic and control access to it by defining policies that determine which publishers and subscribers can communicate with the topic.
A publisher sends messages to topics that they have created or to topics they have permission to publish to. Instead of including a specific destination address in each message, a publisher sends a message to the topic.
Amazon SNS matches the topic to a list of subscribers who have subscribed to that topic, and delivers the message to each of those subscribers. Each topic has a unique name that identifies the Amazon SNS endpoint for publishers to post messages and subscribers to register for notifications.
Subscribers receive all messages published to the topics to which they subscribe, and all subscribers to a topic receive the same messages.
Single published message - all notification messages will contain a single published message
Order is not guaranteed - The Amazon SNS service will attempt to deliver messages from the publisher in the order they were published into the topic. However, network issues could potentially result in out-of-order messages at the subscriber end.
No recall - Once a message was delivered successfully, there is no recall feature
HTTP/S retry - an SNS Delivery Policy can be used to control the retry pattern (linear, geometric, exponential backoff), maximum and minimum retry delays, and other parameters
64KB per message (non-SMS) - Plain text; format-less