1

  • CAPEX - Capital expense

  • OPEX - Operating expense

  • AWS Service offerings:

    • Compute

    • Storage

    • Network security

    • Bockchain

    • Machine learning

    • AI

    • Robot development

    • Video production

    • Orbital satellites

EC2 Elastic Comput Cloud(EC2)

EC2 instance families

  • General purpose

  • Compute optimized

  • Memory optimized

  • Storage optimized

  • Accelerated computing ( for graphics, or floating point )

EC2 purchase options

  • On-Demand

  • Savings Plans (advance claim for 1 or 3 year) - Hourly spend commitment for 1 or 3 year to specific instance family)

  • Reserved Instances

    • Standard Reserved Instance (you specify fixed ec2 family, size, region)

    • Convertible Reserved Instance (you can change family, size etc but pricing changes)

  • Spot Instances (are unused EC2 instances, savings upto 90%, but has interruptions)

  • Dedicated Hosts (no body will share tenancy of their host)

Scaling EC2

Elastic Load Balancing (ELB)

  • Has regional construct(runs at dedicated region and its not per ec2 instance or group)

  • Has auto scaling(wit no additional cost) and high availability(so can handle small to large traffic)

  • Its a service and has no deps on ec2 and can scale up to handle large requests and doesn't charge extra.

SQS (Simple Queue Service)

SNS (Simple notification Service)

  • Works on pub-sub model, where message is send to a topic and all subscribers to that topic get notified.

Serverless using AWS Lambda

ECS (Elastic Container Service)

EKS (Elastic Kubernetes Service)

AWS Fargate Serverless platform for ECS or EKS

  • instead of provisioning ec2 to build ecs or eks cluster, user can use AWS Fargate(cluster managed by AWS at scale) runs container on serverless platform

Global Infrastructure and reliability

AWS Regions

  • A region is group of AZ

  • A region consists of 3 or more AZs

Four factors into chosing regions:

  • Compliance (data must live in - region)

  • Proximity (closer to your customer base)

  • Feature availability

  • Pricing (for some features it varies from region to region)

Availability Zone

  • One or more group of data centers

  • best practice to run accross 2 AZ in a region for disaster recovery

  • Region service(eg ELB) are by default in HA zone (on 2 or more AZ)

CDN

A content delivery network (CDN) is a geographically distributed group of servers that caches content close to end users. A CDN allows for the quick transfer of assets needed for loading Internet content, including HTML pages, JavaScript files, stylesheets, images, and videos.

AWS CloudFront

Is the CDN service by aws.

  • AWS CloudFront uses Edge Locations.

  • Edge Locations are different from Region.

  • You can push content from inside region to collection of edge locations to boost your content

Edge Locations

  • Runs CloudFront, Route 53 and more services

AWS OutPosts

  • Installs AWS mini region inside customers infrastructure(data center)

AWS ElasticBeanstalk

  • End-to-End web application management

  • You directly deploy your application(your code)

  • Helps to provision EC2 based envs

  • We can give the desired en in configuration format and beanstalk will provision it.

  • Its reusable

  • Adjust capacity

  • Load balancing

  • Automatic scaling

  • Application health monitoring

AWS CloudFormation

  • IAC (Infrastructure as Code) tool

  • Lets you define your desired aws resources in json or yaml format(cloud formation template).

AWC VPC (Virtual Private Cloud)

  • Its your private network in aws

  • Lets you define yourt own IP range

  • Lets you define your own virtual network, where you can deploy aws resources.

  • Public and Private grouping are known as subnets

  • Public Subnet where we deploy public exposed service(like our web apps)

  • Private Subnet where we deploy private services(like databases)

  • Internet Gateway: is used to allow public traffic inside a VPC.

  • Virtual Private Gateway - VPN service

AWS Direct Connect

  • Allows you to connect directly from your data center to your AWS VPC

  • This is done using direct connect partner in your area to establish this connection

  • Its an actual physical connection from your datacenter to your VPC

Subnets

  • VPC is connected to private Subnets

  • Internet Gateway is used to connect with public Subnets

Network(Network ACL):

  • Network ACL is stateless packet flitering, and allows all inbound and outbound traffic bydefault.

  • If applied check packets while entering the subnet boundary(in or out)

SecurityGroups

  • Is used to restrict network at Service level within Subnet(e.g restrict what comes in n out to an ec2 instance)

  • Bydefault all inbound is blocked and outbound is allowed

  • Every ec2 instance has its own SecurityGroup

  • SecurityGroups are stateful packet filtering

Global networking

Route 53

  • DNS Service by AWS

  • Converts domain name to its IP address

  • Can redirect to different endpoins, depending on the defined route policy

    • Latency-based routing

    • Geolocation DNS

    • Geoproximity routing

    • Weighted round robin

Previouscloud_practitionerNext2

Last updated