AWS Elastic File System EFS: Fully managed by
AWS, designed only for Linux workloads. Supports petabytes(massive amount of
storage), across multiple Azs.
Amazon Elastic File
System (Amazon EFS) provides simple, scalable file storage for use with more
than one Amazon EC2 instances in the AWS Cloud.
AWS Storage Gateway is a hybrid storage service
that enables your on-premises applications to seamlessly use AWS cloud storage.
AWS Elastic Load Balancer - Routes to various services/applications
based on the request url/data. Can add multiple instances supporting
application. Routing to those instances can be taken care by LB.
3 types of
ELB 1. Application LB 2. Network LB 3. Classic LB
AWS Lambda - Runs set function/application/code
based on triggers. SO you don't need to worry about Infrastructure or patching.
Purely pay the compute time used by your code.
Deployment
configuration types to specify how traffic is shifted from the original AWS
Lambda function version to the new AWS Lambda function version:
-Canary: Traffic is shifted in two increments.
You can choose from predefined canary options that specify the percentage of
traffic shifted to your updated Lambda function version in the first increment
and the interval, in minutes, before the remaining traffic is shifted in the
second increment.
-Linear: Traffic is shifted in equal increments
with an equal number of minutes between each increment. You can choose from
predefined linear options that specify the percentage of traffic shifted in
each increment and the number of minutes between each increment.
-All-at-once: All traffic is shifted from the
original Lambda function to the updated Lambda function version at once.
Typical Cloud Watch metrics for LAMBDA:
Lambda@Edge is a feature of Amazon CloudFront
that lets you run code closer to users of your application, which improves
performance and reduces latency. With Lambda@Edge, you don't have to provision
or manage infrastructure in multiple locations around the world.
AWS Step Functions provides serverless
orchestration for modern applications. Orchestration centrally manages a
workflow by breaking it into multiple steps, adding flow logic, and tracking
the inputs and outputs between the steps. As your applications execute, Step
Functions maintains application state, tracking exactly which workflow step
your application is in, and stores an event log of data that is passed between
application components.
AWS SQS : By default retention period is 4 days
and default
AWS RDS Relational Database Services - You
manage data leave Platform to AWS.
DB instances for
Amazon RDS for MySQL, MariaDB, PostgreSQL, Oracle, and Microsoft SQL Server use
Amazon Elastic Block Store (Amazon EBS) volumes for database and log storage.
AWS RDS with Multi AZ does maintain a
synchronous secondary .While failing over Amazon RDS simply flips the canonical
name record (CNAME) for your DB instance to point at the standby, which is in
turn promoted to become the new primary.
Amazon RDS Read Replicas provide enhanced performance and durability for database (DB)
instances. This feature makes it easy to elastically scale out beyond the
capacity constraints of a single DB instance for read-heavy database workloads. But this is asynchronous and not used for DR.
AWS RDS
Read-Replica provides a Asynchronous DB instance where as AWS RDS Multi-AZ
provides synchronous read-replica which can be used in case of DR.
Enhanced RDS Monitoring will give precise
information on disk usage and memory usage of each database process.
RDS child
processes – Shows a summary of the RDS processes
that support the DB instance
RDS
processes – Shows a summary of the resources used
by the RDS management agent, diagnostics monitoring processes, and other AWS
processes that are required to support RDS DB instances.
OS
processes – Shows a summary of the kernel and
system processes, which generally have minimal impact on performance.
Please
know that above metrics are not obtained from Custom Cloudwatch , as custom
cloud watch can look into instance level eg: RAM, DISK Usage. So you need to
use Enhanced RDS Monitoring for above metrics.
For MySQL in RDS: InnoDB
is the recommended storage engine for MySQL. However, in case you require
intense, full-text search capability, use MyISAM storage engine instead.
A DB parameter group acts as a
container for engine configuration values that are applied to one or more DB
instances.
IAM database authentication provides the
following benefits:
- Network traffic to and from the database is encrypted using Secure Sockets Layer (SSL).
- You can use IAM to centrally manage access to your database resources, instead of managing access individually on each DB instance.
- For applications running on Amazon EC2, you can use profile credentials specific to your EC2 instance to access your database instead of a password, for greater security
AWS Elastic Beanstalk - Its PAAS. You own the
code, aws own the platform. Choose platform and deploy your code.
Unlike
lambda you pay for all the time you host the service/code irrespective of
execution of it.
AWS SNS Simple Notification Services - Notifies
set users based on events or thresholds. 256k max message size. It uses
Subscribe model and sends out message/ mail to systems/people who subscribed.
AWS Cloud Watch - it is based on metrics both
OOTB and Custom, what you do in certain events/criteria.
Eg: For
autoscaling you need a CloudWatch to trigger based on metrics in this case
CPU
Utilization over/under for set time period. or EBS volume available disk space
to expand your storage.
AWS Cloud front - CDN content delivery network,
its used for content acceleration like video streaming, static assets and even
some dynamic content. You can use origin of the assets form any sources even a
S3 buckets placed in other regions.
AWS CloudFormation - Infrastructure as Code.
Its desired state configuration. AWS stack(dev/test/prod) will be created using
templates. This can be created using
Console, CLI or SDK/API. This is infrastructure as code.
Use
CloudFormation designer to create templates from scratch. Automated Infra
creation using AWS engine.
AWS Cloud trail :By default event log files are
encrypted using Amazon S3 server-side encryption (SSE) when saved onto S3. You
can use AWS KMS for encryption. You can even enable Data lifecycle management
to move or purge the logs.
AWS Elasticache: Read heavy DBs can benefit
from Elasticache. Lasts 6 mins TTL(time to live).
AWS Organizations APIs to automate the creation
and management of new AWS accounts. The Organizations APIs enable you to create
new accounts programmatically
AWS Workspaces: This service will make the
creation of virtual desktops for your organization in minutes. You pay monthly
or by hours. Please note that this is just for Virtual desktops, not servers
running apps and services.
AWS Trusted Advisor Gives you proactive
recommendations to optimize your AWS environment for cost, performance,
security, fault tolerance and service limits.
NACL:
network access control list is an
optional layer of security for your VPC that acts as a firewall for controlling
traffic in and out of one or more subnets.
Network ACL Rules are
evaluated by rule number, from lowest to highest, and executed immediately when
a matching allow/deny rule is found.
Security Groups act as a firewall for
associated Amazon EC2 instances, controlling both inbound and outbound traffic
at the instance level, while ACLs act at the subnet level.
AWS WAF (Web Application Firewall) helps
protect your web applications from common web exploits that could affect
application availability, compromise security, or consume excessive resources.
You can use AWS WAF to create custom rules that block common attack patterns,
such as SQL injection or cross-site scripting, and rules that are designed for
your specific application.
AWS TCO (Total Cost of Ownership) Calculator
provides directional guidance on possible realized savings when deploying AWS.
This tool is built on an underlying calculation model, that generates a fair
assessment of value that a customer may achieve given the data provided by the
user which includes the number of servers migrated to AWS, the server
type, the number of processors and so on.
Amazon EMR helps you analyse and process vast
amounts of data by distributing the computational work across a cluster of
virtual servers running in the AWS Cloud. The cluster is managed using an
open-source framework called Hadoop.
Eg: EMR
can be used to analyse large set of log files across a dynamic cluster of EC2
instances.
Amazon EMR provides a managed Hadoop framework
that makes it easy, fast, and cost-effective to process vast amounts of data
across dynamically scalable Amazon EC2 instances. It securely and reliably
handles a broad set of big data use cases, including log analysis, web indexing, data transformations (ETL), machine learning,
financial analysis, scientific simulation, and bioinformatics. You can
also run other popular distributed frameworks such as Apache Spark, HBase,
Presto, and Flink in Amazon EMR, and interact with data in other AWS data
stores such as Amazon S3 and Amazon DynamoDB.
AWS OpsWorks can be
used to automate one service which is EC2. This
works only with EC2 instances and uses either chef or puppet frameworks to
automate.
No comments:
Post a Comment