AWS Architect Certification Notes



Amazon AWS useful CLI commands
ec2daa - ec2 describe account attributes
ec2daa max-elastic-ips, vpc-max-elastic-ips, max-instances, supported-platforms


Selecting the Best VPC Network Architecture (http://www.youtube.com/watch?v=m6Q5dWjFdiU)

Amazon EC2 to Amazon VPC: A case study (http://www.youtube.com/watch?v=jxvVYRFJCuc)



Elasticity, Scalability and Bootstrapping

Anti-Pattern:  Manual Process     
Pattern     :  Automated Process  

Anti-Pattern: Tightly-coupled  
Pattern     : Loosely-coupled (using Load Balancer)

Anti-Pattern: Stateful  (Challenging to scale horizontally)
Pattern     : Stateless (Move state to a shared, accessible location)

Anti-Pattern:  Vertical (more cpu,memory)     
Pattern     :  Horizontal

Bootstrapping - The process of automatically setting up your servers
eg: opening ports, installing software, copying data from s3, register with DNS
    update package, start service, reboot, register with LB, mount devices

Bootstrapping Tools - Scripts on instance (Bash, Powershell)
                      Config management tools (Chef, Puppet)

EC2 Metadata and UserData - every ec2 instance has access to local instance meta data and 
                            userdata service
access: http:/168.254.169.254/latest/meta-data/
instance has the following details: Host Name/ AMI ID/Instance ID/Public-Private DNS/Availability Zone

You can pass upto 16KB of text to an instance on launch

You can pass the user data as text, and have a Custom script on AMI which parses userdata and configures EC2 instance on boot.
eg: ROLE = App Server
    DB_ADDR = 10.28.117.88
    EIP_TO_ATTACH = 16.12.19.10
CloudInit executes UserData on first boot if UserData is in correct format other than
(#!(Linux) , <script> (Windows) technically, EC2Config not CloudInit, does this)

eg: UserData to install Apache and MySQL on boot, and attach an EIP
#!/bin/bash
#Install Apache, PHP and MYSQL
yum install -y httpd mysql-server

#Attach an Elastic IP to this instance
ec2-associate-address 23.34.45.56 -i $(curl http://168.243.212.254/latest/meta-data/instance-id)

3 MAJOR ways to Bootstrap AMIs
1. Fully-Functional
2. Partially Configured  - A 'Golden Image' is launched, with scripts fetching/installing app code and other supporting components on boot
3. Base OS, Config with Code - An AMI with minimal components, Chef/Puppet used for all configuration after instance launch

CloudFormation

Infrastructure as code - suitable for change management in version control
Define an entire application stack in a JSON template file
Define runtime parameters for a template
Generate templates from running environments with CloudFormer

  Anatomy
{
   "Description" : "Create an EC2 instance.",
   "Parameters" :{
       "UserKeyName" : {
           "Description" : "The EC2 key pair to allow SSH access",
   "Type" : "String"
        }
   },
   "Resources" : {
        "EC2Instance" : {
            "Type" : "AWS::EC2::Instance",
            "Properties" : {
                 "KeyName" : { "Ref" : "UserKeyName" },
                 "ImageId" : "ami-23g3444f",
                 "InstanceType" : "m1.medium"
             }       
         }
    }   
}

We can add parametes as follows with restrictions as well for eg:
InstanceType : { Description : EC2 Instance type to launch, 
                 Type  : String,
                 AllowedValues : [t1.micro, m1.small, m1.medium]
                }

You can have outpus as well,

Outputs : { InstancePublicDnsName : {
                Description : The public DNS name of Instance created,
                Value : { Fn::GetAtt : [ Ec2Instance, PublicDnsName ] }
          }    
   
You can bootstrap with data,

"UserData": {
        "Fn::Base64": {
              "Fn::Join": [
                   "",
                   [
                     "#!/bin/bash -ex\n",
                     "yum -y install git-core\n",
                     "yum -y install php-pear\n",
                     "pear install Crypt_HMAC2-1.0.0\n",
                     "pear install HTTP_Request-1.4.4\n",
                     "pear install aws/sdk\n",

You can embed and re-use templates
   "AppDatabase": {"Type": "AWS::CloudFormation::Stack",
                   "Metadata": { … },
                   "Properties": {
                        "TemplateURL": {
                             "Fn::Join": [
                                   "/",
                                   [
                                      { … },
                                     "RDS_MySQL_55.template"
                                   ]
                              ]
                    },
Metadata and cfn-init

"Ec2Instance": {
"Metadata": {
"AWS::CloudFormation::Init": {
"config": {
 "sources" : {
   "/usr/local/bin/s3cmd" : "https://github.com/s3tools/s3cmd”
  },
  "packages": {
     "yum": { "git": [] }
  }
}
}
}

AutoScaling




CIDR -


Internet Gateway - 
NAT Instance     - allows instance in the private network to talk to internet


AWS APIs

REST API             - S3  / RDS  / AutoScaling   - uses Access Key/Secret Key 
Managment Console    - S3  / RDS  / AutoScaling ? - User Name, Password
SOAP API             - S3  /                      - X.509 Certificate

MFA - Physical  / Virtual (Android/iOS/Windows/Blackberry)

Best Practice-
Do Not use master account keys
Apply a physical MFA to Management Console login
Use IAM - Identity and Access Management

Within Master Account - Create
1. Users
2. Groups
3. Roles

Credentials embedded in the code vs Credentials automatically retrieved from IAM role

......



Amazon Route 53
highly available and scalable domain name system (DNS) web service.
helps applications by translating www.exmaple.com into the numeric IP addresses.


MPP - Massively Parallel Processing Databases - Red shift, horizontally scallable, column based
SMP - Symmetric Multi Processing Databases - Relational DB - vertically scallable, row based,

HDFS                                         S3
Configurable   - Durability - Built in
Higher             - Cost          - Lower
Add Nodes     - Scaling      - Automatic
Fastest            - Speed        - Fast




Comments

Post a Comment

Popular posts from this blog

API design best practices

API Design summary 1. Use two base URLs per resource 2. Keep verbs out of your base URLs 3. Use HTTP verbs to operate on the collections and elements 4. Be consistent either use plural nouns or singular nouns 5. Use concreate names rather than abstract names     An intuitive API uses plural rather than singular nouns, and concrete rather than abstract names 6. keep your API intuitive by simplifying the associations between resources, and sweeping parameters and other complexities under the rug of the HTTP question mark. Handling errors Errors boil down to Everything worked - ok The application did something wrong – client error The API did something wrong – server error In summary, be verbose and use plain language descriptions. Add as many hints as your API team can think of about what's causing an error. eg: HTTP Status Code: 401 {"status" : "401", "message":"Authenticate","code": 20003, "...
Read more

DB Connection Issues

1. Application gives "1c86bdf0 SharedPool I J2CA0086W: Shareable connection MCWrapper id 686bbdf9 Managed connection com.ibm.ws.rsadapter.spi.WSRdbManagedConnectionImpl@6156bdf9 State:STATE_TRAN_WRAPPER_INUSE" message when trying to do a db update within loop which is querying a view and carrying out some operations. In IBM this problem is documented under the topic " Application hangs with prior J2CA0086W warning messages" The solutions are  1. The application must be modified to use serial reuse or 2. The connection pool can be changed to unshareable. Shareable connections are not allowed within a local transaction containment boundary. The above scenario suggests a possible problem in the application logic and how it is using the connection code. The J2CA0086 message is telling you that your application is using a shared connection in a LocalTransaction. Since the connection is enlisted in a Local Transaction, and not a Global Transaction, di...
Read more

Reading Excel Sheet on client side and processing it

Image
If you ever want to process excel sheets on the client side (on the browser) then this will be useful for you.  This uses  http://oss.sheetjs.com  coed and the source files are in ( https://github.com/SheetJS/js-xls ,  https://github.com/SheetJS/js-xlsx ) it is licensed under Apache Licence, Version 2.0 (refer attached licence in the libraries in github) Steps to Follow, JS Files required: Copy the code for following files and make corresponding files locally, or download them from github,                 https://raw.github.com/SheetJS/js-xlsx/master/xlsx.js                 https://raw.github.com/SheetJS/js-xls/master/xls.js                 http://stuk.github.io/jszip/ We will be taking some javascript already in oss.sheetjs.com for our example particularly on the main page of oss.sheetjs.com. Sample Excel Sheet: Our exce...
Read more