Professional Documents
Culture Documents
Module objectives
2
Module 6: Compute
Amazon EC2 Amazon EC2 Amazon Elastic Amazon Elastic VMware Cloud
Auto Scaling Container Registry Container Service on AWS
(Amazon ECR) (Amazon ECS)
AWS Elastic AWS Lambda Amazon Elastic Amazon Lightsail AWS Batch
Beanstalk Kubernetes Service
(Amazon EKS)
• The optimal compute service or services that you use will depend on your
use case
• Some aspects to consider –
• What is your application design?
• What are your usage patterns?
• Which configuration settings will you want to manage?
• Selecting the wrong compute solution for an architecture can lead to lower
performance efficiency
• A good starting place—Understand the available compute options
6
Module 6: Compute
Application server
Web server
Database server
Game server
Mail server
Media server
Catalog server
Photo by Taylor Vick on Unsplash File server
Computing server
Proxy server
9
Launching an Amazon EC2 instance
10
1. Select an AMI
11
Creating a new AMI: Example
AWS Cloud
AMI details
Region A
Connect to the instance
and manually modify it or
run a script that modifies
Quick Start or
the instance (for
other
Launch an example, upgrade Capture as
existing AMI
Starter instance installed software) a new AMI
AMI
1 2 3
Unmodified Modified New
Instance Instance AMI
12
2. Select an instance type
13
EC2 instance type naming and sizes
t3.large 2 8 EBS-Only
t3.xlarge 4 16 EBS-Only
t3.2xlarge 8 32 EBS-Only
14
Select instance type: Based on use case
15
Instance types: Networking features
16
3. Specify network settings
1. AMI
• Should a public IP address be automatically assigned?
2. Instance Type • To make it internet-accessible
3. Network settings
AWS Cloud
4. IAM role
Region
5. User data
Availability Zone 1 Availability Zone 2
6. Storage options
VPC
7. Tags
Public subnet
8. Security group Example: specify
9. Key pair to deploy the
instance here Instance
Private subnet
17
4. Attach IAM role (optional)
Choices made by using the • Will software on the EC2 instance need to interact with other AWS
Launch Instance Wizard: services?
• If yes, attach an appropriate IAM Role.
1. AMI
• An AWS Identity and Access Management (IAM) role that is attached
2. Instance Type
to an EC2 instance is kept in an instance profile.
3. Network settings
4. IAM role • You are not restricted to attaching a role only at instance launch.
5. User data • You can also attach a role to an instance that already exists.
6. Storage options
7. Tags
8. Security group Example: Application on
9. Key pair attached to instance can
access
Role that grants Amazon
S3 bucket
Simple Storage Service Instance
with objects
(Amazon S3) bucket access
permissions
18
5. User data script (optional)
19
6. Specify storage
20
Amazon EC2 storage options
21
Example storage options
22
7. Add tags
Choices made by using the • A tag is a label that you can assign to an AWS
Launch Instance Wizard: resource.
• Consists of a key and an optional value.
1. AMI
2. Instance Type • Tagging is how you can attach metadata to an EC2
3. Network settings instance.
4. IAM role
5. User data • Potential benefits of tagging—Filtering,
6. Storage options automation, cost allocation, and access control.
7. Tags
8. Security group
9. Key pair
Example:
23
8. Security group settings
Choices made by using the • A security group is a set of firewall rules that control
Launch Instance Wizard: traffic to the instance.
• It exists outside of the instance's guest OS.
1. AMI
2. Instance Type • Create rules that specify the source and which ports
3. Network settings that network communications can use.
4. IAM role • Specify the port number and the protocol, such as
5. User data Transmission Control Protocol (TCP), User Datagram
6. Storage options Protocol (UDP), or Internet Control Message Protocol
7. Tags (ICMP).
8. Security group • Specify the source (for example, an IP address or another
9. Key pair security group) that is allowed to use the rule.
Example rule:
24
9. Identify or create the key pair
Choices made by using the • At instance launch, you specify an existing key
Launch Instance Wizard: pair or create a new key pair.
1. AMI • A key pair consists of – mykey.pem
2. Instance Type • A public key that AWS stores.
3. Network settings • A private key file that you store.
4. IAM role
5. User data • It enables secure connections to the instance.
6. Storage options • For Windows AMIs –
7. Tags
• Use the private key to obtain the administrator
8. Security group
password that you need to log in to your instance.
9. Key pair
• For Linux AMIs –
• Use the private key to use SSH to securely connect to
your instance.
25
Amazon EC2 console view of a running EC2
instance
26
Another option: Launch an EC2 instance with
the AWS Command Line Interface
• EC2 instances can also be created
programmatically.
AWS Command Line
Interface (AWS CLI)
27
Amazon EC2 instance lifecycle
Launch Start
pending
AMI
Reboot Stop
rebooting running stopping stopped
Stop-
Hibernate
Terminate
shutting-
down
Terminate
terminated
28
Consider using an Elastic IP address
Elastic IP
Address
30
EC2 instance metadata
31
Amazon CloudWatch for monitoring
• Basic monitoring
• Default, no additional cost
• Metric data sent to CloudWatch every 5 minutes
• Detailed monitoring
• Fixed monthly rate for seven pre-selected metrics
• Metric data delivered every 1 minute
32
• Amazon EC2 enables you to run Windows and Linux
Section 2 key virtual machines in the cloud.
33
Module 6: Compute
Per second billing available for On-Demand Instances, Reserved Instances, and
Spot Instances that run Amazon Linux or Ubuntu.
35
Amazon EC2 pricing models: Benefits
36
Amazon EC2 pricing models: Use cases
37
The four pillars of cost optimization
Cost Optimization
38
Pillar 1: Right size
39
Pillar 2: Increase elasticity
40
Pillar 3: Optimal pricing model
Pillars: Leverage the right pricing model for your use case
41
Pillar 4: Optimize storage choices
42
Measure, monitor, and improve
• Recommendations –
• Define and enforce cost allocation tagging.
43
• Amazon EC2 pricing models include On-Demand
Section 3 key Instances, Reserved Instances, Spot Instances,
Dedicated Instances, and Dedicated Hosts.
takeaways
• Spot Instances can be interrupted with a 2-minute
notification. However, they can offer significant cost
savings over On-Demand Instances.
44
Module 6: Compute
46
What is Docker?
47
Containers versus virtual machines
Three virtual machines on three EC2 instances
Example
VM 1 VM 2 VM 3
Three containers on one EC2 instance Container
App 1 App 2 App 3
Container Container Container
Bins/Libs Bins/Libs Bins/Libs
instance 1 instance 2 instance 3
Hypervisor
Part of
Host operating system AWS Global
Infrastructure
Physical server
48
Amazon Elastic Container Service (Amazon
ECS)
• Amazon Elastic Container Service (Amazon ECS) –
• A highly scalable, fast, container management service
• Integrated with features that are familiar to Amazon EC2 service users –
• Elastic Load Balancing
• Amazon EC2 security groups
• Amazon EBS volumes
• IAM roles
49
Amazon ECS orchestrates containers
EC2 instance
Requests to run containers
x3 x2
Container A
EC2 instance
Container B
Amazon Elastic Container Service
(Amazon ECS)
ECS cluster 50
Amazon ECS cluster options
• Key question: Do you want to manage the Amazon ECS cluster that runs the containers?
• If yes, create an Amazon ECS cluster backed by Amazon EC2 (provides more granular control over
infrastructure)
• If no, create an Amazon ECS cluster backed by AWS Fargate (easier to maintain, focus on your
applications)
Containers
Amazon ECS cluster Container instance Container instance Container instance
Amazon ECS cluster
backed by Amazon 1 2 3 backed by Fargate
EC2 App 1 App 2 App 3
You manage
Bins/Libs Bins/Libs Bins/Libs
You manage
Docker engines (one per OS in the cluster)
AWS manages
VM guest operating systems in the Amazon ECS cluster
51
What is Kubernetes?
53
Amazon Elastic Container Registry (Amazon
ECR)
Amazon ECR is a fully managed Docker container registry that
makes it easy for developers to store, manage, and deploy
Docker container images. Amazon ECS integration
Docker support
Team collaboration
Amazon Elastic
Container Registry Access control
Third-party integrations
Image Registry
54
© 2019 Amazon Web Services, Inc. or its Affiliates. All rights reserved.
• Containers can hold everything that an application
Section 4 key needs to run.
55
Module 6: Compute
56
AWS Lambda: Run code without servers
AWS Lambda is a serverless compute service.
AWS HTTP
services endpoints Your code Pay only for the
Mobile apps
runs only when it is compute time that
Run your code on a schedule
triggered you use
or in response to events
57
Benefits of Lambda
58
AWS Lambda event sources
Event sources Configure other AWS services as event sources to invoke
your function as shown here.
59
AWS Lambda function configuration
Lambda function configuration
Function code
Amazon
Execution role CloudWatch
60
Schedule-based Lambda function example:
Start and stop EC2 instances
Stop instances example
Stop
IAM role
Time-based
1 CloudWatch 2 Lambda function 3 EC2 instances stopped
event triggered
Start
IAM role
Time-based
4 5 Lambda function 6 EC2 instances
CloudWatch
triggered started
event
61
© 2019 Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Event-based Lambda function example:
Create thumbnail images
AWS Cloud
1
2 3
User
Source Lambda 4
bucket
Execution
5
role
Access
policy
Target
bucket Lambda
function
62
AWS Lambda limits
Additional limits also exist. Details are in the AWS Lambda Limits documentation.
63
© 2019 Amazon Web Services, Inc. or its Affiliates. All rights reserved.
• Serverless computing enables you to build and run
Section 5 key applications and services without provisioning or
takeaways managing servers.
67
Benefits of Elastic Beanstalk
68
Module summary
69
Complete the knowledge check
70
Sample exam question
Which AWS service helps developers quickly deploy resources which can
make use of different programming languages, such as .NET and Java?
A. AWS CloudFormation
B. AWS SQS
71
Additional resources
72