AWSome Day Online 2019 - Module 2 CoreServices

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Core Services
Ric Harvey
Technical Developer Evangelist
Amazon Web Services
rjh@amazon.com
@ric__Harvey
https://gitlab.com/ric_harvey/
Sweden
Paris
AWS GovCloud East
Milan
AWS
REGIONS
20 Regions 60 AZs
Over 160 Global CloudFront Cape Town
First 5 years: 4 regions Amazon Global Network

PoPs
Next 5 years: 7 regions • Redundant 100GbE network
89 Direct Connect Locations • Redundant private capacity
2016–2020: 13 regions between all Regions except China
The broadest and deepest cloud platform
Amazon VPC
• Private, virtual network in the AWS Cloud

• Similar constructs as on-premises network
• You choose your own subnet
• Customizable network configurations to meet your needs
• Its possible to have public and private subnets
• Control traffic between subnets with NACLs Amazon VPC
Common VPC Deployment
AWS Cloud
Region Availability Zone Availability Zone Availability Zone

VPC Public subnet Public subnet Public subnet
Private subnet Private subnet Private subnet
VPC Summary
VPC concepts:
• Regions + Availability Zones
• An internet gateway
• Public subnet
• Private subnet
• Route Tables
• NAT Gateways
Resources:
• Overview: https://aws.amazon.com/vpc/
• Documentation: https://docs.aws.amazon.com/vpc/index.html#lang/en_us
Further concepts:
• Transit gateway: https://aws.amazon.com/transit-gateway/
• AWS VPN: https://aws.amazon.com/vpn/
• AWS Direct Connect: https://aws.amazon.com/directconnect/
Security is job zero!
Security Groups
• Security groups
• Act as built-in firewalls
• Instances or groups of instances
• Control accessibility to instances
• Ingress
• Egress Security Groups
Security Groups
AWS Cloud
Region Availability Zone Availability Zone Availability Zone

VPC Public subnet Public subnet Public subnet
Private subnet Private subnet Private subnet
Security Groups
Public subnet Private subnet
Users
EC2
Core Compute unit:
 Application Server
 Web Server
 Database Server
 Game Server
 Mail Server
 Media Server
 Catalog Server
 File Server
 Computing Server
 Proxy Server
EC2
Powered by • Choose between processors on AWS general purpose and memory optimized instances
M5a R5a • 10% lower prices on AMD-based instances
• Most applications can run on AMD-based variants with little to no modification
X1
Amazon
Lightsail
T3 M5 D2 H1 R5
X1e Z1 I3 I3m C5 G3 P3 F1
Virtual General Memory Memory High- Bare Metal Compute Graphics General FPGA
Burstable Dense Big Data High
Private Purpose Memory High I/O Intensive Intensive Purpose
Storage Optimized Optimized Intensive I/O
Servers Intensive GPU
M5d R5d Z1d C5d
• NVMe-based SSD block level instance storage physically connected to the host server
• High-speed, low latency local block storage
EC2 A1 Instances
Up to 45% lower cost for scale-out workloads
Choosing the Right Amazon EC2 Instances
EC2 Instance types are optimized for different use cases, workloads & come in
multiple sizes. This allows you to optimally scale resources to your workload
requirements.
Consider the following when choosing your instances: core count, memory size,
storage size & type, network performance, I/O requirements & CPU technologies.
Choosing the Right Amazon EC2 Instances
$0.107 per
$0.0456 perHour
Hour
EC2 Instances Powered by Intel Technologies
Compute Optimized General Purpose Memory Optimized Storage Optimized

EC2 Instance
Type
C5 C4 M5 M4 T2 X1 X1e R4 H1 I3 D2
Xeon Xeon Xeon E5

Xeon E5 Xeon Xeon E7 Xeon E7 Xeon E5 Xeon E5 Xeon E5 Xeon E5
Intel Processor Platinum Platinum 2686 v4
2666 v3 Family 8880 v3 8880 v3 2686 v4 2686 v4 2686 v4 2676 v3
8175M 8175M 2676 v3
Intel Processor Broadwell

Skylake Haswell Skylake Yes Haswell Haswell Broadwell Broadwell Broadwell Haswell
Technology Haswell
Intel AVX Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes
Intel AVX2 Yes Yes Yes Yes - Yes Yes Yes Yes Yes Yes
Intel AVX-512 Yes - Yes - - - - - - - -
Intel Turbo
Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes
Boost
SSD SSD
Storage EBS-only EBS-only EBS-only EBS-only EBS-only - HDD SSD HDD
EBS-Opt EBS-Opt
C5: Compute Optimized Instances
25% price/performance improvement Based on 3.0 GHz Intel Xeon Scalable Processors (Skylake)
over C4
Up to 72 vCPUs and 144 GiB of memory (2:1 Memory:vCPU ratio)
25 Gbps NW bandwidth
Support for Intel AVX-512
“We saw significant performance improvement on

Amazon EC2 C5, with up to a 140% performance
improvement in industry standard CPU benchmarks
over C4.”
“We are eager to migrate onto the AVX-512 enabled

c5.18xlarge instance size… . We expect to decrease the
processing time of some of our key workloads by more
C4 C5 than 30%.”
M5: Next-Gen General Purpose instance
14% price/performance improvement

With M5
Powered by 2.5 GHz Intel Xeon
Scalable Processors (Skylake)
New larger instance size—m5.24xlarge with
96 vCPUs and 384 GiB of memory
(4:1 Memory:vCPU ratio)
Improved network and EBS performance on smaller
instance sizes
Support for Intel AVX-512 offering up to twice the
M4 M5
performance for vector and floating point workloads
Lightsail
Container Services
What is a container?
Running containers at scale
Scheduling and Orchestration
Cluster Manager Placement Engine
EC2 Instance EC2 Instance EC2 Instance
ECS Docker ECS ECS Docker ECS ECS Docker ECS

agent agent AMI agent agent AMI agent agent AMI
Serverless
No Server Management Flexible Scaling
$
High Availability No Idle Costs
Serverless
Languages Custom Runtimes AWS OPEN SOURCE

Bring any Linux compatible
language runtime
PARTNER SUPPORTED
+Lambda
+ offered by offered by
support for
Ruby offered b y
offered b y
Serverless Bennifits
Uptime
Scale
Performance
Management
Safe deploys
Concurrency controls
Elastic Load Balancing Products
Classic(Elastic) Load Balancer

Application Load Balancer (ALB) Network Load Balancer (NLB)
(CLB/ELB)
HTTP TCP PREVIOUS GENERATION

HTTPS TLST for HTTP, HTTPS, and TCP
• Flexible application management • Extreme performance and static

• Existing application that was built
• Advanced load balancing of HTTP IP for your application
within the EC2-Classic network
and HTTPS traffic • Load balancing of TCP traffic
• Operates at both the request
• Operates at the request level • Operates at the connection level
level and connection level
(Layer 7) (Layer 4)
Application Load Balancer Use Cases
Application Load Balancer Use Cases
Application
Load Balancer
Rule Listener Rule Listener Rule
Target Target Target Target Target Target Target
Target Group Health Health Target Group Target Group Health

Check © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Check Check
Network Load Balancer Use Cases
• Sudden and volatile traffic patterns

• Single static IP address per Availability Zone
• Ideal for applications that require extreme performance
What Is Auto Scaling?
Helps you verify that you have the desired number

of Amazon EC2 instances available to handle the
load for your application
Capacity Management
}
Auto Scaling adjusting
Unused
← capacity as needed
Capacity
Capacity Capacity
Su M T W Th F Sa Su M T W Th F Sa
Day of the Week Day of the Week
Available Capacity Available Capacity
Scaling Out and Scaling In
Elastic Load
Balancing
Auto Scaling group Auto Scaling group Auto Scaling group
Base Configuration Scaling Out Scaling In

Launch Instances Terminate Instances
Amazon CloudWatch to monitor performance
Auto Scaling to add or remove EC2 instances
Auto Scaling Components
• Launch Configuration
• Auto Scaling groups
• Auto Scaling Policy
Launch Configuration: What will be scaled?
Launch settings
• AMI
• Instance type
• Security groups
• Roles
Auto Scaling Group: Where will it take place?
Deployment settings
• VPC and subnets
• Load balancer
• Minimum instances
• Maximum instances
• Desired capacity
Auto Scaling Policy: When will it take place?
Policy settings
• Scheduled
• On-demand
• Scale-out policy
• Scale-in policy
Dynamic Auto Scaling
CloudWatch Alarm for Auto Scaling
Whenever: CPU Utilization

is: >= 80
for: 1 consecutive period(s)
AutoScaling Action Delete
Whenever this alarm: State is ALARM
From resource type: AutoScaling

to
From the: IREASG
Take this action: Increase Group Size – Add 2 instances
Summary
Auto Scaling Group: Where will it take place?

What makes an auto scale group
• A launch configuration
• Auto Scaling group
• Auto Scaling policy
Triggered Auto Scaling

• Scheduled
• On-demand
EBS Volumes
Characteristics
• Persistent and customizable block storage for EC2 instances
• HDD and SSD types
• Provisioned IOPS (optional)
• Use Snapshots for backups
• Easy and transparent encryption
• Elastic
Usage: Instance attached storage (1-1)
EFS Volumes
Characteristics
• Network attached storage
• NFS (v4.0)
Usage: Instance attached storage (1-1)
FSx
Amazon S3
Features
• Fully managed cloud storage service
• Rich security controls
Functionality
• Store virtually unlimited number of objects
• Access any time, from anywhere
S3 Common Use Cases
• Storing application assets

• Static web hosting
• Backup and disaster recovery (DR)
• Staging area for big data
CloudFront
CloudFront Advantages:
• Offload assets from servers, reducing load
• Move content closer to end users
• Download distribution support
• Streaming distribution support
Route 53
• Fully hosted and managed gloabl DNS service

• Tight integration with AWS services
• CloudFront
• S3
• Load Balancers
• API Gateway
• ….
• Health checks
• Dynamic routing
AWS Database Services
Relational Key-value Document In-memory Graph Time series Ledger
RDS DynamoDB ElastiCache Neptune Timestream QLDB
Aurora Community Commercial
Amazon RDS
Easy to administer Available & durable Highly scalable Fast & secure
No need for infrastructure Automatic Multi-AZ data Scale database compute SSD storage and guaranteed
provisioning, installing and replication; automated backup, and storage with a few provisioned I/O; data
maintaining DB software snapshots, failover clicks with no encryption at rest and
application downtime in transit
Managed relational database service with a choice of six popular database engines
Amazon RDS on VMware (Preview)
RDS deployed as a service in on-premises VMware private data centers (vSphere)

Automates management of on-premises databases and hybrid backup and scaling
Scalability and Available and Secure and

Fully managed performance durable compliant
Easy to provision, monitor, and Scale storage, compute, and Enable hybrid features Automate management of
operate relational databases in memory of on-premises and tap into AWS for databases for workloads that
your private data center databases from a single, high availability, backup, must remain on-premises to
simple interface and restore adhere to strict data policies
How it works
Download and install RDS interface Automate database

Log in or create RDS on Vmware the connector Use the Amazon RDS management
AWS account Download & install the RDS console, APIs, or CLI to RDS on VMware
Deploy RDS on VMware
connector in your VMware provision databases automates database
Find RDS on VMware in in your private data
center and manage on- vSphere environment to management tasks
the console and choose establish secure VPN including provisioning,
AWS region premises databases using
a single RDS interface connection between AWS and patching, backups and
your private data center failover
Amazon Aurora
MySQL and PostgreSQL compatible relational database built for the cloud
Performance and availability of commercial-grade databases at 1/10th the cost
Performance Availability
and scalability and durability Highly secure Fully managed
5x throughput of standard Fault-tolerant, self-healing Network isolation, Managed by RDS:

MySQL and 3x of standard storage; six copies of data encryption at no hardware provisioning,
PostgreSQL; scale-out up to across three AZs; continuous rest/transit software patching, setup,
15 read replicas backup to S3 configuration, or backups
Amazon Aurora Delivering on customer needs
MySQL Physical MySQL 5.7- Parallel TLS Support for PostgreSQL -

Replication - Serverless compatible -
Serverless -
MySQL MySQL in OSU Fast Database
Parallel Query for
PREVIEW Preview Query PREVIEW
Serverless Cloning
MySQL - Preview
Auto Scaling Multiple cross- MySQL Serverless

PostgreSQL Read MySQL launch in HKG region read availability in all MySQL launch in SIN PostgreSQL in SFO
50+
Replicas in GovCloud replicas Aurora regions
PostgreSQL 2.0, PostgreSQL BAA Aurora PostgreSQL 1.1

HTTP SQL Endpoint for
PostgreSQL in PDT compatible with PostgreSQL in NRT Inclusion (HIPAA (compatible with
Serverless
PostgreSQL 10.4 PostgreSQL 9.6.6)
eligibility)
Support for DB Aurora 5.7
Cluster Stop / Backtrack MySQL launch in PDT PostgreSQL in ICN
Start – GA
features released since re:
MySQL General,
Encrypted MySQL
(on-premises/EC2)
Synchronous Slow, and Error Invent 2017 MySQL Custom PostgreSQL 1.3,
compatible with
Auto Scaling PostgreSQL
to Aurora Migration
Lambda for MySQL log Exports to Endpoints PostgreSQL 9.6.9
Read Replicas in Ningxia
CloudWatch Logs
PostgreSQL 1.2, PostgreSQL

compatible with Hash joins for
Encrypted Snapshot
Import from RDS for PostgreSQL 1.2, compatible
PostgreSQL in
YUL, FRA, SYD,
Auto Scaling
PostgreSQL MySQL nAZ Multi- Query Plan
PostgreSQL 9.6.8,
in GovCloud
MySQL PostgreSQL to Aurora
PostgreSQL
with PostgreSQL 9.6.8
and BOM
Read
Replicas
support
master Management -
Preview
*Projected number of launches to year-end 2017

Aurora Global Database (GA)
High-performance database for globally-distributed applications
Application
Single Global Database with cross region replication
Replication typically completes in less than a second
No impact on database performance
Write master in one region and read replicas in other regions
Storage Storage Cross-region disaster recovery

Replication <1s Local read latency for applications with global users
Primary Region Secondary Region
Amazon DynamoDB
Fast and flexible key value database service for any scale
Comprehensive Global database for

Performance at scale Serverless security global users and apps
Consistent, single-digit millisecond No hardware provisioning, Encrypts all data by default Build global applications with fast
response times at any scale; build software patching, or upgrades; and fully integrates with AWS access to local data by easily
applications with virtually unlimited scales up or down automatically; Identity and Access replicating tables across multiple
throughput continuously backs up your data Management for robust AWS Regions
security
Amazon DynamoDB Delivering on customer needs
February 2017 June 2017 February 2018
Time to Auto Encryption

Live (TTL) Scaling at rest
VPC
Endpoints Global tables
DynamoDB On-demand Point-in-time

Accelerator (DAX) backup recovery
April 2017 December 2017 March 2018
Thank you!
Ric Harvey
Technical Developer Evangelist
Amazon Web Services
rjh@amazon.com
@ric__Harvey
https://gitlab.com/ric_harvey/

AWSome Day Online 2019 - Module 2 CoreServices

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

AWSome Day Online 2019 - Module 2 CoreServices

Uploaded by

Copyright:

Available Formats

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.

First 5 years: 4 regions Amazon Global Network

• Private, virtual network in the AWS Cloud

Region Availability Zone Availability Zone Availability Zone

Private subnet Private subnet Private subnet

Region Availability Zone Availability Zone Availability Zone

Private subnet Private subnet Private subnet

Public subnet Private subnet

Core Compute unit:

M5d R5d Z1d C5d

Up to 45% lower cost for scale-out workloads

Compute Optimized General Purpose Memory Optimized Storage Optimized

Xeon Xeon Xeon E5

Intel Processor Broadwell

Intel AVX-512 Yes - Yes - - - - - - - -

“We saw significant performance improvement on

“We are eager to migrate onto the AVX-512 enabled

14% price/performance improvement

Scheduling and Orchestration

Cluster Manager Placement Engine

EC2 Instance EC2 Instance EC2 Instance

ECS Docker ECS ECS Docker ECS ECS Docker ECS

No Server Management Flexible Scaling

Languages Custom Runtimes AWS OPEN SOURCE

Classic(Elastic) Load Balancer

HTTP TCP PREVIOUS GENERATION

• Flexible application management • Extreme performance and static

Rule Listener Rule Listener Rule

Target Target Target Target Target Target Target

Target Group Health Health Target Group Target Group Health

• Sudden and volatile traffic patterns

Helps you verify that you have the desired number

Auto Scaling group Auto Scaling group Auto Scaling group

Base Configuration Scaling Out Scaling In

Launch Configuration: What will be scaled?

Auto Scaling Group: Where will it take place?

Auto Scaling Policy: When will it take place?

Whenever: CPU Utilization

for: 1 consecutive period(s)

AutoScaling Action Delete

Whenever this alarm: State is ALARM

From resource type: AutoScaling

Take this action: Increase Group Size – Add 2 instances

Auto Scaling Group: Where will it take place?

Triggered Auto Scaling

Usage: Instance attached storage (1-1)

Usage: Instance attached storage (1-1)

• Storing application assets

• Fully hosted and managed gloabl DNS service

Relational Key-value Document In-memory Graph Time series Ledger

RDS DynamoDB ElastiCache Neptune Timestream QLDB

Aurora Community Commercial

RDS deployed as a service in on-premises VMware private data centers (vSphere)

Scalability and Available and Secure and

Download and install RDS interface Automate database

5x throughput of standard Fault-tolerant, self-healing Network isolation, Managed by RDS:

MySQL Physical MySQL 5.7- Parallel TLS Support for PostgreSQL -

Auto Scaling Multiple cross- MySQL Serverless

PostgreSQL 2.0, PostgreSQL BAA Aurora PostgreSQL 1.1

PostgreSQL 1.2, PostgreSQL

*Projected number of launches to year-end 2017

High-performance database for globally-distributed applications

Replication typically completes in less than a second