6 | Written on Sun 19 April 2020. Posted in Nuggets | Richard Walker
Cloud Computing and Virtualisation
At the core of all cloud operations is Virtualisation, which allows hardware resources be dived into smaller units. A physical server can host multiple virtual machines running their own complete operating systems. Virtualisation makes it possible to provision a virtual server in a matter of seconds, run it for required periods of time and shut them down, freeing up resources for other workloads.
Major cloud providers like AWS have enormous server farms. A cloud computing platform offers on-demand, self-service access to pooled compute resources where your usage is metered and billed according to the volume consumed.
The cloud is a great choice for so many serious workloads because it's scalable, elastic and often more cost effective.
Scalability
A scalable infrastructure can efficiently meet unexpected increases in demand for you applications by automatically adding resources. This often means dynamically increasing the number of AWS instances (Virtual Machines) .
Elasticity
The principle of elasticity covers some of the same ground as scalability, both addressing the change in demand. However, while the images used in a scalable environment let capacity to be ramped up, an elastic infrastructure will automatically reduces capacity when demand drops.
Cost Management
Besides the ability to control expenses by managing the resources you use, cloud computing transitions you IT spending from a capital expenditure (capex) framework into something closer to operational expenditure (opex).
AWS provides a free Total Cost of Ownership (TCO) Calculator at:
https://aws.amazon.com/tco-calculator/
The AWS Cloud
As a solutions architect, your main focus should be on the core service categories. The following summaries and short definitions lie at the foundation of everything else required to know for becoming an AWS Certified Solutions Architect.
AWS Service Categories
| Category | Function |
|---|---|
| Compute | Services replicating the traditional role of local physical servers |
| Networking | Application connectivity, access control and enhanced remote connections |
| Storage | Various kinds of storage platforms designed to fit a range of both immediate accessibility and long-term backup needs |
| Database | Managed data solutions for use cases requiring multiple data formats (relational, NoSQL or caching) |
| Application Management | Monitoring, auditing and configuring AWS account services and running resources |
| Security and identity | Services for managing authentication and authorization, data and connection encryption and integration with third-party authentication systems. |
| Application integration | Tools for designing loosely coupled, integrated and API-friendly application development processes. |
Compute
Key compute services include:
- Elastic Compute Cloud (EC2)
- Lambda
- Auto Scaling
- Elastic Load Balancing
- Elastic Beanstalk
Networking
Key networking services include:
- Virtual Private Cloud (VPC)
- Direct Connect
- Route 53
- CloudFront
Storage
Key storage services include:
- Simple Storage Service (S3)
- Glacier
- Elastic Block Store (EBS)
- Storage Gateway
Database
Key database services include:
- Relational Database Service (RDS)
- DynamoDB
Application Management
Key application management service include:
- CloudWatch
- CloudFormation
- CloudTrial
- Config
Security and identity
Key security and identity services include:
- Identity and Access Management (IAM)
- Key Management Service (KMS)
- Directory Service
Application Integration
Key application integration services include:
- Simple Notification Service (SNS)
- Simple WorkFlow (SWF)
- Simple Queue Service (SQS)
- API Gateway
AWS Platform Architecture
AWS maintain data centres for its physical servers around the world. Network transfer latency can be reduced by hosting workloads geographically close to your users. It can also help manage compliance with regulations, keeping data within a particular legal jurisdiction.
At the time of writing there are 17 (non-government) regions.
| Region Name | Region |
|---|---|
| US East (Ohio) | us-east-2 |
| US East (N. Virginia) | us-east-1 |
| US West (N. California) | us-west-1 |
| US West (Oregon) | us-west-2 |
| Asia Pacific (Mumbai) | ap-south-1 |
| Asia Pacific (Seoul) | ap-northeast-2 |
| Asia Pacific (Osaka-Local) | ap-northeast-3 |
| Asia Pacific (Singapore) | ap-southeast-1 |
| Asia Pacific (Sydney) | ap-southeast-2 |
| Asia Pacific (Tokyo) | ap-northeast-1 |
| Canada (Central) | ca-central-1 |
| China (Beijing) | cn-north-1 |
| EU (Frankfurt) | eu-central-1 |
| EU (Ireland) | eu-west-1 |
| EU (London) | eu-west-2 |
| EU (Paris) | eu-west-3 |
| South America (Sao Paulo) | sa-east-1 |
Due to low-latency access being so important certain AWS services are offered from designated edge network locations. Services include Amazon CloudFront, Amazon Route 53, AWS Firewall Manager, AWS Shield and AWS WAF.
Physical AWS data centres are exposed within your AWS account as availability zones. There might be half dozen zones within a region., identified using names such as us-east-1a.
Resources from a region can be organized within one or more virtual private clouds (VPCs). A VPC is effectively a network address space with which subnets are created and associated with particular availability zones.
AWS Reliability and Compliance
AWS has a lot of basic regulatory, legal and security groundwork covered. Where applicable, resources on the AWS platform are compliant with standards, frameworks and certification including ISO 9001, DefRAMP, NIST and GDPR.
The AWS Shared Responsibility Model
Those AWS guarantees cover only the underlying AWS platform. The way you decide to use AWS resources is your business and therefore your responsibility. AWS customers are responsible for whatever happens within the AWS cloud.
The key thing to remember is that it's not if things will fail but when. Build applications to be geographically dispersed and fault tolerant.
Working with AWS
The browser-based management console is a good introduction to service features and seeing overviews. More serious work and all features are managed using the the AWS CLI.
The AWS CLI
The AWS Command Line Interface (CLI) lets you run complex AWS operations from a local command line. Installing and configuring the AWS CLI is supported on Linux, Windows or Mac.
AWS SDKs
AWS offers SDKs for nine languages including Java, .NET and Python.
Summary
Cloud computing is built on the ability to efficiently divide physical resources in to smaller but flexible virtual units. Those units can be "rented" on a pay-as-you-go basis in an affordable, scalable and elastic way.
AWS provides reliable and secure resources that are replicated and globally distributed. AWS infrastructure is designed to be compliant although the Shared Responsibility Model leave you in charge of what you place within the cloud.
The growing number of AWS service covers almost any digital need with core services addressing compute, networking, database, storage, security and application management and integration.
You can manage AWS resources from the management console, with the AWS CLI or through code with the AWS SDK.
Technical support is available through support plans.
Disclaimer
Information on this page was obtained from source: AWS Certified Solutions Architect Second Edition ISBN 978-1-119-50421-4
Notes taken are kept brief and for personal reference. I urge and highly recommend anyone using this page as a source of information to purchase the source material for the complete information. The original book is fantastic and includes exercises, practice questions, verbose explanations and extra learning resources.