AWS(for the Java Developer)
@rorypreddy
Meet Rory
• Developer in R&D team at BBD– Training for 500 Developers– Most Languages & Frameworks
• Organizer for the Jozi-JUG
• Not related to Tyrion Lannister• Don’t do kids parties
Agenda• The “Cloud”
• Core AWS Services
• Tooling
• Billing
• Monitoring
• Demos
6 Cloud Benefits
1. Trade capital expense for flexible expense. 2. Economies of scale.3. Eliminate guessing capacity needs.4. Speed and agility.5. Stop spending money on running and
maintaining data centers.6. Global quickly.
Move
Signing up for an AWS account
• Sign up through https://aws.amazon.com• You will need a credit card• There will be a telephone verification• Choose a zone
• try and stick to one • Ireland is Best!
Core Services
Security
Network
Security
Network
Security Groups NACLs Access Mgmt
VPCVPCEC2 “Classic”
“Public”
ELBOn-Demand
Provision
Traditional Infrastructure Amazon Web Services
ServersAmazon EC2 InstancesOn-Premises Servers
SecuritySecurity Groups Network ACLs AWS IAMFirewalls ACLs Administrators
NetworkingVPCELBRouter Network Pipeline Switch
Storage and
DatabaseRDBMSSAN Amazon
EBSAmazon
EFSAmazon
S3Amazon
RDS
S3
Simple Storage Service (S3)• Cloud based file storage• Simple API to CRUD files• Unlimited capacity• Great for static web content
EC2
Elastic Compute Cloud (EC2)• Hardware virtualization in the cloud• Various sized servers• All major operating systems• Provision, configure, start and stop
machines from Java App!• Full operating system access via SSH and
Security Groups
SSH key pair
• SSH keys are used for secured access to EC2 instances• SSH keys avoid password weaknesses• You can import your own key or have AWS generate a key pair for you.• AWS does not store the private part of the key pair
Security Group
• Security Groups are firewalls for your instances• By default, they block all traffic• You can choose what protocols and ports to open
• You can use port ranges (e.g. 22-24)
• You can choose who the ports are open to• Create rules groups of IP addresses• Create rules that specify Security Groups for other EC2 Instances
Databases
Relational Database Service (RDS)• MySQL, Oracle, SQL Server, PostGres• Automated backups• Live replication for fail-over support• No difference for JDBC based apps• DB provisioning from your browser or from within your Java
app. NOSQL databases• SimpleDB – small amounts of structured data 10GB limit per
table• DynamoDB – hosted on SSD – no size or request limitations
Elastic Beanstalk
• Deploy and scale web applications
• Languages: Java, .NET, PHP, Node.js, Python, Ruby
• Servers: Apache, Nginx, Tomcat , IIS
• Upload your code; AWS handles:
Deployment
Capacity Provisioning
Load balancing
Auto scaling
Health Monitoring
EC2 Container Service
• Run Docker containers in EC2 cluster
• API controlled
• Support Images from private Docker repositories
• Compatible with other services and features, security
groups
• Docker CE and EE for AWS
• Docker swarm for Cloud
Lambda
• Runs stateless, request-driven code called Lambda functions: – NodeJS, Java , Python and C#
• Triggered by events (state transitions) in other AWS services
• Charged per 100ms execution time
• Upload your code; Lambda handles:
Capacity
Scaling
Deployment
Fault tolerance
Monitoring
Logging
Web service front end
Security patching
API Gateway• RESTful API gateway service• Provides DDoS protection and throttling
capabilities• Multiple API stages that you define(e.g., dev, test, prod)• Works well with Lambda functions
Tooling• AWS and EB CLI
• IDE integration – Eclipse, IntelliJ, Visual Studio
• AWS Java SDK• API to manage AWS services• Use services from within your
application or Maven
• Android and IOS app
AWS Pipelines• CodeCommit or GitHub or BitBucket• CodeBuild or Jenkins• CodeDeploy or Jenkins
• CodePipeline
Billing
Free Tier• Free for 12 months• EC2 - run 1 micro instance x 1 month or 2 micro
instances x half a month• S3 - 5 GB of Standard Storage• RDS - 750 Hours• Lambda - 1,000,000 free requests per month
And a lot more….
Billing
• Keep a close handle on what you are running in the cloud
• Measure what you are spending• Alarms and Reports
• Calculate Return On Investment
• Minimize what you don’t need
• Protect yourself from EDoS
MonitoringService Type
Continuous logging
Continuous evaluations
On-demand evaluations
Periodic evaluations
Actions in response to APIs and state change
Inspector
Config Rules
Trusted Advisor
CloudTrail
CloudWatch Events
Demos
• Beanstalk– Spring boot + AngularJS+ DynamoDB
• Plain Java 8 - no servers!– Tomcat
• Java Lambda Function
• Api Gateway
Best Practices
• Storage is cheap• Leverage built-in tools for monitoring
and compliance• Use “Cloud Native” before Manual
• Beanstalk before EC2• Docker CE over doing it yourself
Questions?
@rorypreddy