2017 AWSome day Taichung sharing
Download as PPTX, PDF3 likes246 views
This document provides an overview of various AWS services including EC2, VPC, S3, EBS, RDS, IAM, CloudWatch, Auto Scaling and Load Balancing. It discusses concepts like regions, availability zones, instances, networking, storage, security and monitoring in AWS. It also provides tips on using services like S3, EBS, IAM roles and auto scaling configurations for scaling workloads on AWS.
2017 AWSome day Taichung sharing
- 1. 2017 AWSome day Taichung sharing Kimi 2017/02/24
- 2. Retro • EC2 • VPC • Load Balancer • Auto Scaling • VPC • CloudWatch • RDS • S3 • DynamoDB • IAM • CloudTrail • EBS • Glacier • AWS Architect
- 4. What is cloud? • On-demand • Resources • Pay-as-you-go
- 5. Cloud computing generation • Cost less • High ability • New skill to cloud • Amazon Web Service (AWS) • Microsoft Azure • Google Cloud Platform
- 6. Region, AZ and Edge • Region • Availability Zones • Edge
- 9. Edge • Route 53 - Domain name service • Cloud Front - Content Delivery Network (CDN)
- 10. Instance • Meta Data - Instance resume (e.g. Memory size) • User Data - User customize - e.g. pre-configuration script - Only execution at first launch (restart/reboot don’t take effect)
- 11. Muti-AZ Instance
- 12. EC2 pricing
- 13. VPC
- 14. S3 Tips • Bucket name - Unique of the world • Object limit - 5 TB
- 15. S3 Encryption • Server side - Cost on aws side • Client side - Cost on user side
- 16. Another cheaper storage solution • AWS Glacier - Cold Storage - Very Cheap
- 17. EBS Tips • Single AZ • Alive if EC2 instance terminated • Expensive than S3
- 18. EBS backup • Create a EBS snapshot • Store it into S3 • Create a new EBS volume • Attach snapshot to new EBS
- 20. Instance Storage Tips • Fast Read/Write IOPS • It's size based on EC2 instance type. • Automatically deletes when stop, fails or terminated
- 21. IAM • User • Role • Policy
- 22. IAM - User
- 23. IAM - User Permission
- 24. IAM - User Group
- 25. IAM Role • Access permission between AWS services • Not all of the AWS services have “Role” setting • Any actions must add permission in “Role”.
- 26. IAM Role use case - ECS ECS Front-end Back-end C2C ECR
- 27. IAM Role use case - ECS ECSEC2 ECR S3 1.
- 28. IAM Role use case - ECS ECSEC2 ECR ECR Access S3 1.
- 29. IAM Role use case - ECS ECSEC2 ECR ECR Access S3 1. ECSEC2 ECR ECR Access S3 2. S3 Access
- 30. IAM - Policy
- 31. Access service via Role • Hard code access key • High Risk awsConfig({ region: 'us-east-1' // explicitly set AWS region sslEnabled: true, // override whether SSL is enabled maxRetries: 3, // override the number of retries for a request accessKeyId: 'your_aws_access_key', // can omit access key and secret key secretAccessKey: 'your_secret_key' // if relying on a profile or IAM profile: 'profile_name', // name of profile from ~/.aws/credentials timeout: 15000 // optional timeout in ms. Will use AWS_TIMEOUT });
- 32. Cloud Tail • Records AWS API calls for accounts.
- 33. SQL vs NoSQL
- 34. RDS • Fast to deploy • Fast to scale • Easy to Backup - Automatic - Manual backup via Snapshots
- 35. Cross-Region DB
- 36. Multi-AZ RDS
- 40. Auto scaling
- 42. CloudWatch • A monitoring service • Visibility • Connecting a lots of AWS services
- 45. Scale Up vs Scale Down CPU: i5 MEM: 4GB CPU: i7*2 MEM: 16GB Scale Up Scale Down
- 46. Scale In vs Scale Out CPU: i5 MEM: 4GB CPU: i5 MEM: 4GB CPU: i5 MEM: 4GB… CPU: i5 MEM: 4GB Scale Out Scale In