AWS Cloud Practitioner

Benefits

  1. Trade upfront expense for variable expense:
  • Upfront expense: refers to data centers, physical servers, and other resources that you would need to invest in before using them.
  • Variable expense: means you only pay for computing resources you consume
  1. Stop spending money to run and maintain data centers

What is cloud computing?

Is the on-demand delivery of IT resources over the internet with pay-as-you-go pricing

Cloud Computing Deployment Models

Cloud-based deployment:

  • Run all parts of the application in the cloud
  • Migrate existing applications to the cloud
  • Design and build new applications in the cloud

On-premises deployment (private cloud deployment):

  • Deploy resources by using virtualization and resource management tools
  • Increase resource utilization by using application management and virtualization technologies.

Hybrid deployment:

  • Connect cloud-based resources to on-premises infrastructure.
  • Integrate cloud-based resources with legacy IT applications
  1. Stop guessing capacity
  1. Benefit from massive economies of scale
  1. Increase speed and agility
  1. Go global in minutes:
  • The global footprint of the AWS Cloud enables you to deploy applications to customers around the world quickly.

Types of cloud computing

1. Infrastructure as a Service (IaaS):

  • Contains the basic building blocks for cloud IT
  • Provide access to networking features, computers, data storage space.
  • Highest level of flexibility and management control over IT resources.
  • The most similar to existing IT resources that devs are familiar with

2. Platform as a Service (PaaS) :

  • Remove the need to manage the underlying infrastructure (hardware, operating systems)
  • Allow to focus on the deployment and management of the application.
  • No need to worry about resource procurement, capacity planning, software maintenance, patching,..etc..

3. Software as a Service (SaaS):

  • Provide a completed product that is run and managed by the service provider.
  • Only need to think about how you will use that particular piece of software.

Module 2: Amazon Elastic Compute Cloud (EC2):
Provides secure, resizable compute capacity in the cloud as EC2 instances.

Scalability and Elasticity

EC2 instance types

1. General Purpose instances:

  • Provide a balance of compute, memory, networking resources.
  • Can be used for :
      ✅ application servers
    ✅ gaming servers
    ✅ backend servers for enterprise applications
    ✅ small and medium databases
  • Suitable for an application which the resource needs for compute, memory, and networking are roughly equivalent, because it does not require optimization in any single resource area.

2. Compute optimized instances

  • Ideal for compute-bound applications that benefit from high-performance processors.
  • Can be used for:
    ✔ high-performance web servers
    ✔ compute-intensive applications servers
    ✔ dedicated gaming servers
    ✔ batch processing workloads that require processing many transactions in a single group

3. Memory optimized instances

  • Designed to deliver fast performance for workloads that process large datasets in memory.
  • Ideal for a workload that requires large amounts of data to be preloaded before running an application. This might be a high-performance database or a workload that involves performing real-time processing of a large amount of unstructured data.
  • Memory optimized instances enable you to run workloads with high memory needs and receive great performance.

4. Accelerated computing instances

  • Use hardware accelerators, or coprocessors, to perform some functions more efficiently than is possible in software running on CPUs.
  • Examples: floating-point number calculations, graphics processing, data pattern matching.
  • Ideal for workloads such as graphics applications, game streaming and application streaming.

5. Storage optimized instances

  • Designed for workloads that require high, sequential read and write access to large datasets on local storage.
  • Example:
    ✅ Distributed file systems
    ✅ data warehousing applications
    ✅ high-frequency online transaction processing (OLTP) systems
  • Input/output operations per second (IOPS) is a metric that measures the performance of a storage device.
  • Designed to deliver tens of thousands of low-latency, random IOPS to applications.

EC2 Pricing

1. On-Demand

  • Ideal for short-term, irregular workloads that cannot be interrupted.
  • No upfront costs or minimum contracts apply.
  • The instances run continuously until you stop them, and pay for only the compute time you use.
  • Sample use cases: developing and testing applications and running applications that have unpredictable usage patterns.
  • Not recommended for workloads that last a year or longer.

2. Saving Plans

  • Reduce compute costs by committing to a consistent amount of compute usage for a 1 yr or 3 yrs term.
  • Savings up to 72% over On-Demand costs.
  • Any usage up to the commitment is charged at the discounted rate. Any usage beyond the commitment is charged at regular On-Demand rates.

3. Reserved Instances

  • Billing discount to the use of On-Demand Instances.
  • Can purchase Standard Reserved and Convertible Reserved Instances for 1yr or 3yrs term, and Scheduled Reserved Instances for a 1yr term.

4. Spot Instances

  • Ideal for workloads with flexible start and end times, or can withstand interruptions.
  • Save up to 90% off of On-Demand prices.
  • AWS can take back the EC2 capacity at anytime.

5. Dedicated Hosts

  • Physical servers with Amazon EC2 instance capacity that is fully dedicated to your use.
  • Can purchase On-Demand Dedicated Hosts and Dedicated Hosts Reservations.
  • Scalability involves beginning with only the resources you need and designing your architecture to automatically respond to changing demand by scaling out or in.
    -Amazon EC2 Auto Scaling service helps to automatic the scaling process.
  • Two approaches:
    ⭐ Dynamic scaling: responds to changing demand
    ⭐ Predictive scaling: automatically schedules the right number of EC2 instances based on predicted demand.
  • To scale faster, you can use dynamic and predictive scaling together.
  • Elastic Load Balancing (ELB) is the AWS service that automatically distributes incoming application traffic across multiple resources, such as EC2.
  • ELB is a load balancer acts as a single point of contact for all incoming web traffic to your Auto Scaling Group.

image

Messaging and Queuing

Monolithic applications:

  • An application with tightly coupled components.
  • If a single component fails, other component fail, and possibly the entire application fails.
    image

Microservices applications:

  • An application with loosely coupled components.
  • If single component fails, the other components continue to work, prevent the entire application from failing.
    image

Amazon Simple Notification Service (SNS:

  • Is a publish/subscribe service. Using this service, a publisher publishes messages to subscribers.
  • In Amazon SNS, subscribers can be web servers, email addresses,...etc..

Amazon Simple Queue Service (SQS):

  • Is a message queuing service.
  • Using SQS, you can send, store and receive messages between software components, without losing messages or requiring other services to be available.

Additional compute services

Serverless computing:

  • Serverless means that your code runs on servers, but you do not need to provision or manage these servers.
  • An AWS service for serverless computing is AWS Lamda
    image

Containers:

  • provide you with a standard way to package your application's code and dependencies into a single object.
  • Container orchestration services help you to deploy, manager, and scale your containerized application.
  • Two services that provide container orchestration:
    ✅ Amazon Elastic Container Service (ECS)
    ✅ Amazon Elastic Kubernetes Service (EKS)

Amazon Elastic Kubernets Service (EKS):

  • is a fully managed service that you can use to run Kubernetes on AWS
  • Kubernetes is open-source software that enables you to deploy and manage containerized applications at scale.

Amazon Elastic Container Service (ECS):

  • is a highly scalable, high-performance container management system that enables you to run and scale containerized applications on AWS.

AWS Lambda:

  • Is a service lets you run code without needing to provision or manage servers.
  • While using Lambda, you pay only for the compute time that you consume.
  • How AWS Lambda works:
    ☀ Upload code to Lambda
    ☀ Set code to trigger from an event source
    ☀ Code runs only when triggered
    ☀ Pay only for the compute time you use

AWS Fargate:

  • is a serverless compute engine for containers. It works with both ECS and EKS.

Use case:
🚩 Use EC2

  • Host traditional applications
  • Want full access to the underlying operating system like Linux or Windows
    🚩 Use Serverless Lambda
  • Host short running functions, service-oriented or event driven applications
  • Don't want to manage the underlying env at all
    🚩 choose orchestration tool ECS or EKS, then choose to manage on EC2 or serverless Fargate
  • Run Docker container-based workloads

Module 3: Global Infrastructure And Reliablity

Key Business Factors:

  • Compliance with data governance and legal requirements
  • Proximity
  • Feature availability
  • Pricing
    Depends on which factor is primary to your business, then you can choose which AWS region you want to deploy your business.
    Each AWS region has different pricing, and isolated from each other. Data in each region remains confidential unless written request to grant permission to export data to other regions.
  • Each AWS Region has multiple availability zones.
  • Availability Zone is a single data center or a group of data centers within a Region.
  • Each zones are located tens of miles apart from each other.

Edge Location is a site that Amazon CloudFront uses to store caches copies of your content closer to your customers for faster delivery.
AWS Outposts is a service that enables you to run infrastructure in a hybrid cloud approach.

Ways to interact with AWS services:

  • AWS Management Console
  • AWS Command Line Interface
  • Software Development Kits
  • AWS Elastic Beanstalk
  • AWS CloudFormation

Module 4: Networking

Amazon Virtual Private Cloud (VPC):

  • Is a networking service that you can use to establish boundaries around your AWS resources.
  • A subnet is a section of a VPC that can contain resources such as Amazon EC2 instances.
  • VPC enables you to provision and isolated section of the AWS Cloud. In this isolated section, you can launch resources that you define.
  • Within VPC, you can organize your resources into subnets, such as public subnets or private subnets.

Internet gateway:

  • It is like a front door of the coffee house, Internet gateway is a door to allow public traffic from the internet to access your VPC.

image

Virtual private gateway:

  • To access private resources in a VPC, you can use a virtual private gateway.
  • Virtual private gateway is the component that allows protected internet traffic to enter into the VPC, it enables you to establish a virtual private network (VPN) connection between your VPC and a private network. It only allows traffic into the VPC if it is comming from an approved network.

AWS Direct Connect:

  • Is a service that enables you to establish a dedicated private connection between your data center and a VPC.
  • The private connection that AWS Direct Connect provides helps you to reduce network costs and increase the amount of bandwidth that can travel through your network.

Packet is a unit of data sent over the internet or a network.
Network access control list (ACL): is a virtual firewall that controls inbound and outbound traffic at the subnet level.

  • Network ACL perform stateless packet filtering. They remember nothing and check packets that cross the subnet border each way: inbound and outbound.


  • Security Group is a virtual firewall that controls inbound and outbound traffic for an Amazon EC2 instance.

  • By default, a security group denies all inbound traffic and allows all outbound traffic.
  • Security groups perform stateful packet filtering. They remember previous decisions made for incoming packets.

click to edit