a

AWS Cloud Practitioner - 2

Compute, storage and networking

Subhi Dweik. Chapter Eindhoven '22 X Rockademy
a

Index

  • Lambda
  • S3
  • Cloudfront and Acceleration
  • EC2
  • VPC
  • Load Balancing
  • Storage
  • Questions
a

Lambda - Overview

  • "Serverless" event processing
  • Use either one of the supported languages, bring your own, or use a docker container
  • Used in other services
    • e.g. Custom AWS Config rules
  • Can run in VPC's
  • Cold/warm starts
a

Lambda - P2

  • Pricing per GB-month and invocation
  • CPU is dependant on RAM
  • 15 minute max runtime
  • Uses an execution role for permissions
  • Trigger from SNS/SQS/S3/Cloudwatch...
a

S3

  • "malloc for the internet"
  • Backs a host of AWS services
  • Supports static site hosting
  • Total size limited by your wallet
  • 11 9's of durability (NOT Availability)
  • Max 5TB object size
a

Object and block storage

a

S3 Storage tiers

  • Different tiers, different pricing models
  • Standard is for stuff served regularly
  • IA variants are for stuff you need within milliseconds, but not constantly
  • Glacier variants are really for archiving
a

More S3 Features

  • Routing Rules
  • "Requester pays" supported
  • Signed urls
  • Bucket policies
  • MFA Delete
  • Versioning
  • Replication
  • Lifecycle policies
a

Cloudfront and acceleration

  • CloudFront is AWS' CDN
  • Usually what you put in front of an s3 bucket
  • Can serve multiple origins, and supports OAI/OAC
  • Global Accelerator gives you fixed ips that act as an entrypoint into the AWS Backbone
  • Transfer acceleration is basically GA for S3
a

EC2

  • VMs in AWS
  • Always run in a VPC
  • Back a bunch of other AWS services (ECS/EKS/RDS/ElastiCache...)
  • Run AMIs
  • Instance families for different use-cases
  • There's a marketplace for AMIs
  • Spot for temp/interruptable workloads
  • Reserved for constant usage over years
a

EC2 Adjacent services

  • Autoscaling
    • CPU/Memory load
    • Schedule
    • Anything with a lambda
  • Autoscaling supports multiple placement types depending on usage
  • Network throughput depends on size and instance type
  • Instance connect
a

VPC

a

CIDR Notation - 10.2.0.0/16

Classless Inter-Domain Routing notation

  • An Ipv4 is 4x8 bits
    • 10.2.33.5
    • 00001010.00000010.0010001.11111110
  • The /something denotes the number of bits from the left that are set/static
  • /16 has 254 /24 blocks
a

VPC Usage

  • Main CIDR block subdivided into N subnets
  • A subnet is part of a single AZ
  • Security groups are stateful "firewall" rules
  • Being in the same secgroup doesn't imply everything can access each other
  • NACLs are stateless and on network level
  • A Route table tells the traffic where to go. Defined per subnet
a

Load balancing

  • Application load balancer, Layer 7. Supports path routing and SSL certs
  • NLB, Layer 4 routing. More performant, supports TCP/UDP connections
  • Load balancer points to target group, target group points to targets
  • Supports health checking
a

OSI Model

a

Storage - EBS

  • EBS - Elastic block storage
    • Essentially a harddrive/SSD plugged into a VM
    • Storage and IOPS are the two important metrics
  • Instance store. Storage physically attached to the host of your VM
    • EPHEMERAL
    • Data removed when: Storage device fails, instance stops/hibernates/terminates
a

Storage - Others

  • EFS - Elastic file storage
    • NAS for your AWS services
    • Throughput scales with stored files
  • FSx
    • Various flavors, high performance distributed file systems
a

Storage gateway

  • Storage gateways
    • Proxy between AWS and on prem
    • Can cache locally, uses S3 in the backend
  • File gatway
    • Pretends to be a network share
  • Volume gateway
    • Pretends to be a block device
  • Tape gateway
    • Pretends to be a tape device
a

Backups

  • AWS Backup
    • One stop shop for aws backups
    • DynamoDB/EBS/S3/Etc
  • EBS Snapshots
a

Questions?