I spent over a week reading about cloud deployment models and service models, AWS compute services, its security and compliance. I have started with explaining what do you mean by cloud and it's benefits.
Q.What is cloud?
It refers to servers that are accessed over the Internet or Ethernet cables, an on-demand shared resources offering compute, storage, databases, analytics and much more that can be deployed and scaled with ease. By using cloud computing, users and companies don't have to manage physical servers themselves or run software applications on their own machines, they can focus on their own application code.
AWS is a cost-effective solution for businesses as its a pay-as-you-go model.
- You can access as much or as little resources/services as you need, and scale up and down as required with only a few minutes’ notice. You can scale horizontally or vertically.
- Increase in agility for the organization, since the cost and time it takes to experiment and develop is significantly lower.
- Cloud computing lets you focus on your own customers, rather than on the heavy lifting of racking, stacking, and powering servers. So you can focus on your code and it's efficiency.
- Easily deploy your application in multiple regions around the world. This means you can provide lower latency and a better experience for your customers at minimal cost.
Q.What do you mean by Compute?
Compute can be thought of as processing power required by application to process and execute it's tasks. A physical server within a data center would be considered a Computer resource as it may have multiple CPU's and many Gigabytes of RAM.
Q.What is Cloud Computing?
Cloud computing provides a simple way to access servers, storage, databases and a broad set of application services over the Internet.
A cloud services platform such as Amazon Web Services owns and maintains the network-connected hardware required for these application services, while you provision and use what you need via a web application. You can access as many resources as you need, almost instantly, and only pay for what you use.
There are different cloud deployment models, a simple problem statement can be you wanting to travel from point A to point B, now options available are,
Public provider owns and operates all the hardware needed to run a public cloud. For our problem statement think of it as using a bus for transportation.
- Low cost for the ticket
- Limited tickets and, less reliability and security in reaching the place on time.
Private cloud belongs to a specific organization. That organization controls the system and manages it in a centralized fashion. For our problem statement think of it as using your own car for transportation.
- High cost and maintenance required.
- Fixed spacing but Highly secure in reaching the place.
- Full control over the device.
Hybrid cloud is a combination of two or more infrastructures, every model within a hybrid is a separate system, but they are all a part of the same architecture. For our problem statement think of it as renting a private taxi.
- Cost effective while comparing with your own car.
- Secure and Flexible up-to certain extent.
- Can be very complex and may cater to specific use cases or destinations.
There are different cloud service models, Each type of cloud service, and deployment method, provides you with different levels of control, flexibility, and management.
A simple problem statement can be you wanting to eat pizza, now options available are,
In traditional on-premises services, you will have to make everything at home. From setting dining table, owning a oven, making the pizza dough, tomato sauce and other ingredients.
Infrastructure as a Service (IaaS) provides you with the highest level of flexibility and management control over your IT resources. For our problem statement, which is eating pizza,
- Vendor will manage getting all the ingredients from the market such as pizza dough and tomato sauce. You have to focus on resources you already own such as dinning table and oven.
Platform as a Service (PaaS) manages the underlying infrastructure ( hardware and operating systems) and allow you to focus on the deployment and management of your applications. For our problem statement, which is eating pizza,
- Vendor will manage getting all the ingredients from the market and using an oven to make it for you. You have to focus on managing the dining table for the pizza.
Software as a Service (SaaS), a completed product that is run and managed by the service provider. With a SaaS offering you do not have to think about how the service is maintained or how the underlying infrastructure is managed, you only need to think about how you will use that particular piece software.
- Vendor will manage getting all the ingredients from the market and using an oven to make it for you, and setting up the dining table. You have to focus on enjoying the pizza.
A few AWS Cloud computing services,
1.Elastic Compute cloud (EC2): Allows you to deploy virtual servers within your AWS environment. Most people will require an Ec2 instance within their environment as a part of at least one of their solutions. Configuration of EC2 depends on,
- Amazon machine image(AMIs): a template of pre-configured EC2 instances, to quickly launch your instance.
- Instance types: depends on the parameters such as CPU's, memory, storage ...
- Instance Purchasing Options: You can choose your ec2 instances from on-demand, spot, reserved, .. purchasing options.
- Storage options: Depending on your instance selected, you can select
- Persistent storage
- Ephemeral storage
For more information on EC2, https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/concepts.html
Q.What is a container?
It holds everything an applications needs to run from within its container package.
2.EC2 Container Service(EBS): Runs Docker-enabled applications packaged as containers across a cluster of EC2 instances without a complex cluster management system.
An amazon ECS cluster is comprised of a collection of EC2 instances, these instances still operate in much the same was as a single EC2 instance. A Cluster can only scale in a single region.
For more information on EBS, https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AmazonEBS.html
3.Elastic Container Registry(ECR): Provides a secure location to store and manage your docker images.
This is a fully managed service, so you don't need to provision any infrastructure to allow you to create this registry of docker images.
For more information on ECR, https://docs.aws.amazon.com/AmazonECR/latest/userguide/what-is-ecr.html
4.Elastic Container service for Kubernetes (EKS): Kubernetes: Container orchestration tool designed to automate, deploy, scale and operate containerized applications.
EKS allows you to run Kubernetes across your AWS infrastructure without having to take care of provisioning and running the Kubernetes management infrastructure in what's referred to as the control plane.
For more information, https://docs.aws.amazon.com/eks/latest/userguide/what-is-eks.html
5.AWS Elastic Beanstalk: AWS managed service that takes your code of your web application code and automatically provisions and deploys the required resources with AWS to make the web application operational.
An ideal service for developers who are not familiar with necessary AWS skills.
For more information, https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/Welcome.html
6.AWS Lambda: It is a serverless compute service that allows you to run your application code without having to manage EC2 instances.
Serverless means that you do not need to worry about provisioning and managing your own compute resource to run your own code, instead this is managed and provisioned by AWS.
You only have to pay for computer power when lambda is in use via it's functions.
Components of AWS Lambda,
- The Lambda function is compiled of your own code that you want Lambda to invoke as per defined triggers.
- Event sources are AWS services that can be used to trigger your Lambda functions.
- A trigger is essentially an operation from an event source that causes the function to invoke.
- Downstream Resources are resources that are required during the execution of your lambda function.
- Log streams help to identify issues and troubleshoot issues with your lambda function.
For more information on AWS Lambda, https://docs.aws.amazon.com/lambda/latest/dg/welcome.html
7.AWS batch: Used to manage and run batch computing workloads within AWS.
Primarily used in specialist use cases which require a vast amount of compute power across a cluster of compute resources to complete batch processing executing a series of tasks.
- Jobs: Classed as the unit of work that is to be run by AWS batch.
- Job definition: Define specific parameters for the Jobs themselves and dictate how the job will run and with what configuration.
- Job queues: Scheduled are placed into a job queue when they run
- Job scheduling: Takes care of when a job should be run and from which compute environment.
For more information, https://docs.aws.amazon.com/batch/latest/userguide/what-is-batch.html
8.Lightsail: Much like an EC2 instance but without as many configurable steps throughout its creation.
It has been designed to be simple, quick and very easy to use at a ow cost point for small scale use cases by small businesses or for single users
For more information, https://lightsail.aws.amazon.com/ls/docs/en_us/articles/what-is-amazon-lightsail
Common use cases of cloud computing,
- Migration of Production services
- To avoid traffic bursting
- Backup and Disaster recovery
- Web hosting
- Big data analytics
Security and Compliance
In the cloud, you don’t have to manage physical servers or storage devices. Instead, you use software-based security tools to monitor and protect the flow of information into and of out of your cloud resources.
The AWS Cloud enables a shared responsibility model.
- AWS manages security of the cloud, you are responsible for security in the cloud.
- You retain control of the security you choose to implement to protect your own content, platform, applications, systems, and networks no differently than you would in an on-site data center.
Benefits of AWS Security
- The AWS infrastructure puts strong safeguards in place to help protect your privacy. All data is stored in highly secure AWS data centers.
- Cut costs by using AWS data centers. Maintain the highest standard of security without having to manage your own facility
- Security scales with your AWS Cloud usage. No matter the size of your business, the AWS infrastructure is designed to keep your data safe.
AWS Cloud Compliance enables you to understand the robust controls in place at AWS to maintain security and data protection in the cloud. As systems are built on top of AWS Cloud infrastructure, compliance responsibilities will be shared.
I will be spending next couple of weeks focusing on AWS storage and databases. Let me know where i could improve at.