AWS ESSENTIALS STUDENT GUIDE 1 - Amazon S3Essentials+Student...AWS ESSENTIALS STUDENT GUIDE 1.8 1 ... Once logged in to AWS Console, navigate to the EC2 Section of the console. 2.
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Welcome to AWS Essentials! This guide will walk you through the hands-on lab portions of this course. If you have any questions as you move through these hands-on labs, please don’t hesitate to ask your instructor for assistance.
Training Agenda
Start End Agenda Name
9:00 9:15 Intro
9:15 10:30 Cloud Paradigm
10:30 10:45 Morning Break
10:45 12:00 Cloud Storage
12:00 1:00 Lunch
1:00 3:00 Cloud Compute
3:00 3:15 Afternoon Break
3:15 4:00 Operations & Managed Services
4:00 4:30 Wrap-up
4:30 5:00 Open Forum / Q&A
2 AWS ESSENTIALS STUDENT GUIDE 1.8 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved
AWS Storage Services
Amazon Simple Storage Service – S3
Storage for the Internet. Natively online, HTTP access
Store and retrieve any amount of data, any time, from anywhere on the web
Highly scalable, reliable, fast and durable
Stores objects
Amazon Glacier
Extremely low-cost storage
Secure, durable storage for data archiving and backup
Optimized for data that is infrequently accessed
Archives data
Amazon Elastic Block Storage - EBS
Block storage volumes for use with Amazon EC2 instances
Attach to running instance and expose as a block device
Off-instance storage that persists independently of Amazon EC2 instances
Snapshots stored durably in Amazon S3
Primary storage
Amazon Storage Gateway
Connect an on-premises software appliance with cloud-based storage
Securely upload data to the AWS cloud for cost effective backup and rapid disaster recovery
Back up point-in-time snapshots of your on-premises application data to Amazon S3 for future recovery
Mirror your on-premises data to Amazon EC2 instances
Amazon Import Export
Accelerates moving large amounts of data into and out of Amazon S3 or Amazon EBS
Transfers your data directly onto and off of storage devices
It can take some time for the Java applet to download and run. If this is the first
time you have used this particular Java SSH client (MindTerm), you may be
prompted to accept the MindTerm license. Additionally you may be asked a series
of questions such as:
- Create known hosts directory?
- Grant access to the app?
Click “Yes” or “Accept” for these prompts. Keep in mind, depending on your configuration and whether MindTerm has been used before on your computer or not, you may or may not get all of these prompts. 19. You may also be asked if you want to store the host key for your Instance. At
this point you have the option to verify the host key MindTerm is seeing with the
host key provided by the AWS console to verify that you are connecting directly to
your EC2 instance and not some third-party in the middle. Select Yes if
prompted.
20. And finally, you should be logged into your Instance:
22 AWS ESSENTIALS STUDENT GUIDE 1.8 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved
21. Once logged in, we’re going to modify the default web page to display
information about this instance.
Hint: For the following sections, it might be useful for you to use the
“Edit Paste” command from the MindTerm menu.
Configure the Linux Instance
22. The AMI has already been customized with the installation of Apache and
PHP from the script you entered as User Data when the instance was launched.
Modify the web server by adding the following index.php file. The following must
be typed at the $ prompt in the screen shot above.
cd /var/www/html
sudo vi index.php
23. If you are an experienced Linux user, you should know the basics of vi, the
default text editor. Otherwise you may want to check out some vi basics.
Press “i” to turn on insert mode.
Enter the following. If copying, you might want to cut and paste to notepad first,
31. Now, verify the new IP address of your web server in a browser:
Congratulations! You now have successfully:
Learned about the basic concepts and terminology of the Amazon Elastic
Compute Cloud (EC2) service,
Created your own Amazon EC2 server instance running Linux in the AWS
cloud,
Modified it to run a web server with a page that displays machine-specific
information,
Assigned a fixed public IP address (Elastic IP) to your instance.
28 AWS ESSENTIALS STUDENT GUIDE 1.8 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved
AWS Networking, Monitoring and Deployment & Management Services
Amazon Elastic Load Balancer - ELB
Supports the routing and load balancing of HTTP, HTTPS, and TCP traffic to Amazon EC2 instances
Supports health checks to ensure detect and remove failing instances
Dynamically grows & shrinks required resources based on traffic
Seamlessly integrates with Auto Scaling to add and remove instances based on scaling activities
Single CNAME provides stable entry point for DNS configuration
AWS Identity and Access Management - IAM
Create and manage AWS users and groups and use permissions to allow / deny their permissions to resources
Enables identity federation between your corporate directory and AWS services
Use existing corporate identities to grant secure access to AWS resources, such as Amazon S3 buckets, without creating new AWS identities for those users
Amazon CloudWatch
Visibility into resource utilization, operational performance, and overall demand patterns
Metrics including CPU utilization, disk reads and writes, and network traffic
Custom application-specific metrics of your own
Accessible via AWS Management Console, APIs, SDK, or CLI
Amazon Elastic Beanstalk
• Simply upload your application • Automatically handles the deployment details of capacity
provisioning, load balancing, auto scaling, & application health monitoring
• Keep full control over AWS resources powering your app
Congratulations. You have now been able to create an Elastic Load Balancer
backed by multiple EC2 servers. In normal operation we would advise that these
servers be located in separate availability zones to enable your application to be
fault tolerant. You have also briefly seen how you can monitor the ELB metrics in
Cloud Watch.
48 AWS ESSENTIALS STUDENT GUIDE 1.8 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved
AWS Resources
Glossary
API is an abbreviation for application program interface. The interface (calling conventions) by which an application program accesses operating system and other services. An API is defined at source code level and provides a level of abstraction between the application and the kernel (or other privileged utilities) to ensure the portability of the code.
Web Services can convert your application into a Web-application, which can
publish its function or message to the rest of the world. The basic Web Services platform is XML + HTTP. Web services are application components.
HTTP is an abbreviation for Hypertext Transfer Protocol. It is designed to
enable communications between clients and servers. SDK is an abbreviation for Software Development Kits. It is used for popular
software programming languages to enable rapid development against AWS services without having to use the granular APIs directly. They provide a layer of abstraction on top of the APIs.
CLI are command line tools or programs that execute AWS APIs from the OS
prompt. This is a quick and easy way to create scripts. AWS does not stand still and features are being constantly introduced to make the AWS platform more powerful, hence the tools need to be updated to make use of the latest API improvements so CLI tools will need to be updated from time to time.
Asynchronous of a computer, means having each operation started only after
the preceding operation is completed. Tags are managed AWS resources. Tags are key, value pair that you define.
E.g. you can define NAME=PRODSERVER1 for an EC2 instance or DEPARTMENT=FINANCE to later run a report against DEPARTMENT tags for each resource to be used for cost allocation to different departments.
AMI is an abbreviation for Amazon Machine Image. An Amazon Machine Image (AMI) is an encrypted machine image stored in Amazon S3. It contains all the information necessary to boot instances of your software.
Instance is a result of running a system. After you launch an Amazon Machine Image (AMI), the resulting running system is referred to as an instance.
IaaS is an abbreviation for Infrastructure as a service. It is the "computing" in cloud computing.
Service Oriented Architectures use web services to programmatically
control infrastructure from within applications. This is “the model” for building large scale distributed and multi-tier complex systems.
Compute is a feature that allows one to take advantage of thousand of
networked servers. Utility Computing is the packaging of computing resources, such as
computation and storage, as a metered service similar to a traditional public utility (such as electricity, water, natural gas, or telephone network).
Eventual Consistency is one of the consistency models used in the domain
of parallel programming, for example in distributed shared memory, distributed transactions, and Optimistic replication.
Auto Scaling Group: An Auto Scaling group is a representation of multiple Amazon EC2 instances that share similar characteristics, and that are treated as a logical grouping for the purposes of instance scaling and management. For example, if a single application operates across multiple instances, you might want to increase or decrease the number of instances in that group to improve the performance of the application. You can use the Auto Scaling group to automatically scale the number of instances or maintain a fixed number of instances. An Auto Scaling group can contain EC2 instances that come from one or more EC2 Availability Zones.
Health Check: A health check is a call to check on the state of each instance
in an Auto Scaling group. Auto Scaling checks the state of the instances by making calls to Amazon EC2 Describe Instances action. If the instance returns any other state other than running, Auto Scaling considers the instance to be Unhealthy. Auto Scaling then terminates the instance and launches another one to take its place. This ensures that your Auto Scaling group is consistent and operating normally. For more information, see Maintaining Current Scaling Level.
Launch Configuration: A launch configuration captures the parameters
necessary to create new EC2 instances. You can attach only one launch configuration to an Auto Scaling group at a time. When you attach a new or updated launch configuration to your Auto Scaling group, any new instances will be launched using the new configuration parameters. Existing instances are not affected. When Auto Scaling needs to scale down, it first terminates instances that have an older launch configuration.
Tagging: Tagging is an Auto Scaling group tag is a tool for organizing your
Auto Scaling resources and providing additional information for your Auto Scaling group such as software version, role, or location. Auto Scaling group tags work like Amazon EC2 tags; Auto Scaling group tags provide search, group, and filter functionality. These tags have a key and value that you can modify. You can also remove Auto Scaling group tags any time.
Trigger: A trigger is a concept that combines two AWS features: a CloudWatch alarm (configured to watch a specified CloudWatch metric)
50 AWS ESSENTIALS STUDENT GUIDE 1.8 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved
and an Auto Scaling policy that describes what should happen when the alarm threshold is crossed. In most cases, you will need two triggers—one trigger for scaling up and another for scaling down. For example, if you want to scale up when your CPU usage increases to 80 percent, you need to configure a CloudWatch alarm and create an Auto Scaling policy. The alarm detects when the CPU usage has reached 80 percent and sends a message to Auto Scaling. Auto Scaling determines what to do by using the instructions in the scaling policy. If you also want to scale down when your CPU usage decreases to 40 percent, you need a second trigger. In other words, you need to configure a separate CloudWatch alarm to detect the 40 percent threshold and create a separate Auto Scaling policy that scales down.
Policy: A policy is a set of instructions for Auto Scaling that tells the service
how to respond to CloudWatch alarm messages. You can configure a CloudWatch alarm to send a message to Auto Scaling whenever a specific metric has reached a triggering value. When the alarm sends the message, Auto Scaling executes the associated policy on an Auto Scaling group to scale the group up or down.
Schedule Update: A scheduled update is a call to Auto Scaling that is scheduled for a future time. Currently, updates are supported only to min-, max-, and desired capacity. For more information about the supporting API action, go to PutScheduledUpdateGroupAction in the Auto Scaling API Reference.
Scaling Activity: A scaling activity is a long-running process that implements
a change to your Auto Scaling group, such as changing the size of the group. It can also be a process to replace an instance, or to perform any other long-running operations supported by the service. Cooldown is the period of time after Auto Scaling initiates a scaling activity during which no other scaling activity can take place. A cooldown period allows the effect of a scaling activity to become visible in the metrics that originally triggered the activity. This period is configurable, and gives the system time to perform and adjust to any new scaling activities (such as scale-in and scale-out) that affect capacity.
Alarm: Alarm is an Amazon CloudWatch alarm, an object that watches over a
single metric. An alarm can change state depending on the value of the metric. When an alarm changes state it executes one or more actions. To create an alarm, use the Amazon CloudWatch PutMetricAlarm action to specify the metric to watch, the threshold values for the metric, the number of evaluation periods, and, optionally, one or more Amazon Simple Notification Service actions to perform when the alarm changes state.
Metric: A metric is the fundamental concept for Amazon CloudWatch and
represents a time-ordered set of data points. Either you or AWS products publish metric data points into Amazon CloudWatch and you retrieve statistics about those data points as an ordered set of time-series data. You can think of a metric as a variable that you want to
monitor. The data points represent the values of that variable over time. For example, the CPU usage of a particular Amazon EC2 instance is one metric, and the latency of an elastic load balancer is another. Amazon CloudWatch stores your metric data for two weeks. You can publish metric data from multiple sources, such as incoming network traffic from dozens of different Amazon EC2 instances, or requested page views from several different web applications. You can request statistics on metric data points that occur within a specified time window.
Namespaces: Amazon CloudWatch namespaces are conceptual containers for metrics. Metrics in different namespaces are isolated from each other, so that metrics from different applications are not mistakenly aggregated into the same statistics. Dimension.
Dimensions: A dimension is a name/value pair that helps you to uniquely identify a metric. Every metric has specific characteristics that describe it, and you can think of dimensions as categories for those characteristics. Dimensions help you design a conceptual structure for your statistics plan. Because dimensions are part of the unique identifier for a metric, whenever you add a unique name/value pair to one of your metrics, you are creating a new metric.
Time Stamp: with Amazon CloudWatch, each metric data point must be marked with a time stamp. The time stamp can be up to two weeks in the past and up to one day in the future. If you do not provide a time stamp, Amazon CloudWatch creates a time stamp for you based on the time the data element was received.
Units: represent your statistic's unit of measure. For example, the units for the
Amazon EC2 Networking metric is Bytes because Networking tracks the number of bytes that an instance receives on all network interfaces.
Statistics: are metric data aggregations over specified periods of time. Amazon CloudWatch provides statistics based on the metric data points you or AWS products have provided to Amazon CloudWatch. Aggregations are made using the namespace, metric name, dimensions, and the data point unit of measure, within the time period you specify. The following table describes the available statistics.
Period: is the length of time associated with a specific Amazon CloudWatch statistic. Each statistic represents an aggregation of the metrics data collected for a specified period of time. You can adjust how the data is aggregated by varying the length of the period. A period can be as short as one minute (60 seconds) or as long as two weeks (1,209,600 seconds)
Region: Each Amazon Region is designed to be completely isolated from the other Amazon Regions. This achieves the greatest possible failure independence and stability, and it makes the locality of each Amazon resource unambiguous.
52 AWS ESSENTIALS STUDENT GUIDE 1.8 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved
Appendix A. - Creating an AWS Account
AWS Management Console
1. Create an AWS Account 2. Sign Up for AWS Services 3. Find Your AWS Account Number 4. Find Your AWS Access Keys 5. Redeem Your AWS Credits
Create an AWS Account:
1. Go to the AWS web site at http://aws.amazon.com.
2. Click to get to the Amazon Web Services Sign In page.
3. On the Amazon Web Services Sign In page, in the My e-mail address is box,
type your e-mail address.
4. Click I am a new user.
5. Click
6. On the Login Credentials page type your name and type your e-mail
address in My e-mail address is text box and again in Type it again text box
below to confirm your email address is the same is both text boxes.