Unit – 4: Cloud Applications and AWS Cloud Platform

CLOUD COMPUTING
UNIT 4 – AWS
CLOUD
PLATFORM

Shreetha Bhat Assistant Professor, School of CSA, RUPage 1

 Unit – 4: Cloud Applications and AWS Cloud Platform

1. Introduction
Cloud computing has gained huge popularity in industry due to its ability to host applications for
which the services can be delivered to consumers rapidly at minimal cost.

Shreetha Bhat Assistant Professor, School of CSA, RUPage 2

Unit – 4: Cloud Applications and AWS Cloud Platform

Shreetha Bhat Assistant Professor, School of CSA, RUPage 3

Unit – 4: Cloud Applications and AWS Cloud Platform

Shreetha Bhat Assistant Professor, School of CSA, RUPage 4

Unit – 4: Cloud Applications and AWS Cloud Platform

Shreetha Bhat Assistant Professor, School of CSA, RUPage 5

Unit – 4: Cloud Applications and AWS Cloud Platform

Shreetha Bhat Assistant Professor, School of CSA, RUPage 6

Unit – 4: Cloud Applications and AWS Cloud Platform

Shreetha Bhat Assistant Professor, School of CSA, RUPage 7

Unit – 4: Cloud Applications and AWS Cloud Platform

Shreetha Bhat Assistant Professor, School of CSA, RUPage 8

Unit – 4: Cloud Applications and AWS Cloud Platform

Shreetha Bhat Assistant Professor, School of CSA, RUPage 9

Unit – 4: Cloud Applications and AWS Cloud Platform

Shreetha Bhat Assistant Professor, School of CSA, RUPage 10

 Unit – 4: Cloud Applications and AWS Cloud Platform

2. Amazon Web Services

Amazon Web Services (AWS) is a platform that allows the development of flexible applications by
providing solutions for elastic infrastructure scalability, messaging, and data storage. The platform is
accessible through SOAP or RESTful Web service interfaces and provides a Web-based console
where users can handle administration and monitoring of the resources required, as well as their
expenses computed on a pay-as-you-go basis.

Figure 9.1 shows all the services available in the AWS ecosystem. At the base of the solution stack
are services that provide raw compute and raw storage: Amazon Elastic Compute (EC2) and Amazon
Simple Storage Service (S3). These are the two most popular services, which are generally
complemented with other offerings for building a complete system. At the higher level, Elastic
MapReduce and AutoScaling provide additional capabilities for building smarter and more elastic
computing systems. On the data side, ElasticBlockStore(EBS), Amazon SimpleDB, AmazonRDS, and
Amazon Elasti Cache provide solutions for reliable data snapshots and the management of structured
and semistructured data. Communication needs are covered at the networking level by
AmazonVirtualPrivateCloud(VPC), Elastic Load Balancing, AmazonRoute53, and Amazon Direct
Connect. More advanced services for connecting applications are Amazon Simple Queue Service
(SQS), Amazon Simple Notification Service(SNS), and Amazon Simple E-mail Service (SES) Other
services include:
 Amazon CloudFront content delivery network solution
 Amazon CloudWatch monitoring solution for several Amazon services

Shreetha Bhat Assistant Professor, School of CSA, RUPage 11

 Unit – 4: Cloud Applications and AWS Cloud Platform

 Amazon Elastic Bean Stalk and Cloud Formation flexible application packaging and
deployment

1. Compute Services

The fundamental service in this space is Amazon EC2, which delivers an IaaS solution that has served
as a reference model for several offerings from other vendors in the same market segment. Amazon
EC2 allows deploying servers in the form of virtual machines created as instances of a specific image.
Images come with a preinstalled operating system and a software stack, and instances can be con-
figured for memory, number of processors, and storage. Users are provided with credentials to
remotely access the instance and further configure or install software if needed.

1.1 Amazon machine Images (AMI)

Amazon Machine Images (AMI) are templates from which it is possible to create a virtual
machine. They are stored in Amazon S3 and identified by a unique identifier in the form of ami-
xxxxxx and a manifest XML file. An AMI contains a physical file system layout with a predefined
operating system installed. These are specified by the Amazon Ramdisk Image (ARI, id: ari-
yyyyyy) and the Amazon Kernel Image (AKI, id: aki-zzzzzz) which are part of the configuration
of the template. AMIs are either created from scratch or “bundled” from existing EC2 instances. A
common prac- tice is to prepare new AMIs to create an instance from a preexisting AMI, log into
it once it is booted and running, and install all the software needed. Using the tools provided by
Amazon, we can convert the instance into a new image. Once an AMI is created, it is stored in an
S3 bucket and the user can decide whether to make it available to other users or keep it for
personal use. Finally, it is also possible to associate a product code with a given AMI, thus
allowing the owner of the AMI to get revenue every time this AMI is used to create EC2 instances.

1.2 EC2 Instance

EC2 instances represent virtual machines. They are created using AMI as templates, which are
specialized by selecting the number of cores, their computing power, and the installed memory.
The processing power is expressed in terms of virtual cores and EC2 Compute Units (ECUs). The
ECU is a measure of the computing power of a virtual core. Table 9.2 shows all the currently
available configurations for EC2 instances. We can identify six major categories:
1. Standard Instances: This class offers a set of configurations that are suitable for most
applications. EC2 provides three different categories of increasing computing power, storage,
and memory.
2. Micro Instances: This class is suitable for those applications that consume a limited amount of
computing power and memory and occasionally need bursts in CPU cycles to process surges
in the workload. Micro instances can be used for small Web applications with limited traffic.

Shreetha Bhat Assistant Professor, School of CSA, RUPage 12

Unit – 4: Cloud Applications and AWS Cloud Platform

3. High-memory Instances: This class targets applications that need to process huge workloads
and require large amounts of memory. Three-tier Web applications characterized by high
traffic are the target profile. Three categories of increasing memory and CPU are available,
with memory proportionally larger than computing power.
4. High-CPU Instances: This class targets compute-intensive applications. Two configurations
are available where computing power proportionally increases more than memory.
5. Cluster Compute Instances: This class is used to provide virtual cluster services. Instances in
this category are characterized by high CPU compute power and large memory and an
extremely high I/O and network performance, which makes it suitable for HPC applications.
6. Cluster GPU Instances: This class provides instances featuring graphic processing units
(GPUs) and high compute power, large memory, and extremely high I/O and network
performance. This class is particularly suited for cluster applications that perform heavy
graphic computations, such as rendering clusters.

1.3 EC2 Environment

EC2 instances are executed within a virtual environment, which provides them with the services
they require to host applications. The EC2 environment is in charge of allocating addresses,

Shreetha Bhat Assistant Professor, School of CSA, RUPage 13

 Unit – 4: Cloud Applications and AWS Cloud Platform

attaching storage volumes, and configuring security in terms of access control and network
connectivity.
By default, instances are created with an internal IP address, which makes them capable of
communicating within the EC2 network and accessing the Internet as clients. It is possible to
associate an Elastic IP to each instance, which can then be remapped to a different instance over
time. Elastic IPs allows instances running in EC2 to act as servers reachable from the Internet and,
since they are not strictly bound to specific instances, to implement failover capabilities. Together
with an external IP, EC2 instances are also given a domain name that generally is in the form ec2-
xxx-xxx-xxx.compute-x.amazonaws.com, where xxx-xxx-xxx normally represents the four parts
of the external IP address separated by a dash, and compute-x gives information about the
availability zone where instances are deployed. Currently, there are five availability zones that are
priced differently: two in the United States (Virginia and Northern California), one in Europe
(Ireland), and two in Asia Pacific (Singapore and Tokyo).

1.4. Advanced Compute Services

Amazon Web Services provide more sophisticated services that allow the easy packaging and
deploying of applications and a computing platform that supports the execution of MapReduce-
based applications.
a) AWS CloudFormation :
AWS CloudFormation constitutes an extension of the simple deployment model that
characterizes EC2 instances. CloudFormation introduces the concepts of templates which
are JSON formatted text files that describe the resources needed to run an application or a
service in EC2 together with the relations between them. CloudFormation allows easily and
explicitly linking EC2 instances together and introducing dependencies among them.
Templates provide a simple and declarative way to build complex systems and integrate
EC2 instances with other AWS services such as S3, SimpleDB, SQS, SNS, Route 53,
Elastic Beanstalk, and others.
b) AWS elastic beanstalk:
AWS Elastic Beanstalk constitutes a simple and easy way to package applications and
deploy them on the AWS Cloud. This service simplifies the process of provisioning
instances and deploying application code and provides appropriate access to them.
Currently, this service is available only for Web applications developed with the
Java/Tomcat technology stack. Developers can conveniently package their Web application
into a WAR file and use Beanstalk to automate its deployment on the AWS Cloud.
c) Amazon elastic MapReduce:

Shreetha Bhat Assistant Professor, School of CSA, RUPage 14

 Unit – 4: Cloud Applications and AWS Cloud Platform

Amazon Elastic MapReduce provides AWS users with a cloud computing platform for
MapReduce applications. It utilizes Hadoop as the MapReduce engine, deployed on a virtual
infrastructure com- posed of EC2 instances, and uses Amazon S3 for storage needs.

2. Storage Services
AWS provides a collection of services for data storage and information management. The core service
in this area is represented by Amazon Simple Storage Service (S3). This is a distributed object store
that allows users to store information in different formats. The core components of S3 are two:
buckets and objects.
Buckets represent virtual containers in which to store objects; objects represent the content that is
actually stored. Objects can also be enriched with metadata that can be used to tag the stored content
with additional information.

2.1 S3 Key Concepts

S3 has been designed to provide a simple storage service that’s accessible through a
Representational State Transfer (REST) interface which is quite similar to a distributed file system
but which presents some important differences that allow the infrastructure to be highly efficient:
 The storage is organized in a two-level hierarchy: S3 organizes its storage space into buckets that
cannot be further partitioned. This means that it is not possible to create directories or other
kinds of physical groupings for objects stored in a bucket. Despite this fact, there are few
limitations in naming objects, and this allows users to simulate directories and create logical
groupings.
 Stored objects cannot be manipulated like standard files: S3 has been designed to essentially provide
storage for objects that will not change over time. Therefore, it does not allow renaming,
modifying, or relocating an object. Once an object has been added to a bucket, its content and
position is immutable, and the only way to change it is to remove the object from the store and
add it again.
 Content is not immediately available to users: The main design goal of S3 is to provide an
eventually consistent data store. As a result, because it is a large distributed storage facility,
changes are not immediately reflected.
 Requests will occasionally fail: Due to the large distributed infrastructure being managed, requests
for object may occasionally fail. Under certain conditions, S3 can decide to drop a request by
returning an internal server error. Therefore, it is expected to have a small failure rate during
day-to-day operations, which is generally not identified as a persistent failure.

Access to S3 is provided with RESTful Web services. These express all the operations that can be
performed on the storage in the form of HTTP requests (GET, PUT, DELETE, HEAD, and POST )

Shreetha Bhat Assistant Professor, School of CSA, RUPage 15

Unit – 4: Cloud Applications and AWS Cloud Platform

which operate differently according to the element they address. As a rule of thumb PUT/ POST
requests add new content to the store, GET/HEAD requests are used to retrieve content and
information, and DELETE requests are used to remove elements or information attached to them.

a) Resource Naming:
Buckets, objects, and attached metadata are made accessible through a REST interface.
Therefore, they are represented by uniform resource identifiers (URIs) under the
s3.amazonaws.com domain. All the operations are then performed by expressing the entity they
are directed to in the form of a request for a URI. Amazon offers three different ways of
addressing a bucket:
Canonical form: http://s3.amazonaws.com/bukect_name/. The bucket name is expressed as a path
component of the domain name s3.amazonaws.com. This is the naming convention that has less
restriction in terms of allowed characters, since all the characters that are allowed for a path
component can be used.
Subdomain form: http://bucketname.s3.amazon.com/. Alternatively, it is also possible to reference a
bucket as a subdomain of s3.amazonaws.com. To express a bucket name in this form, the name
has to do all of the following:
• Be between 3 and 63 characters long
• Contain only letters, numbers, periods, and dashes
• Start with a letter or a number
• Contain at least one letter
• Have no fragments between periods that start with a dash or end with a dash or that are empty strings
It is the one to be preferred since it works more effectively for all the geographical locations serving
resources stored in S3.
Virtual hosting form: http://bucket-name.com/. Amazon also allows referencing of its resources with
custom URLs. This is accomplished by entering a CNAME record into the DNS that points to the
subdomain form of the bucket URI.
b) Buckets:
A bucket is a container of objects. Buckets are top- level elements of the S3 storage architecture and do not
support nesting. That is, it is not possible to create “subbuckets” or other kinds of physical divisions.
A bucket is located in a specific geographic location. Users can select the location at which to create
buckets, which by default are created in Amazon’s U.S. datacenters. Once a bucket is created, all the
objects that belong to the bucket will be stored in the same availability zone of the bucket. Users create a
bucket by sending a PUT request to http://s3.amazonaws.com/ with the name of the bucket and, if they
want to specify the availability zone, additional information about the preferred location. The content of a
bucket can be listed by sending a GET request specifying the name of the bucket. Once created, the bucket
cannot be renamed or relocated. If it is necessary to do so, the bucket needs to be deleted and recreated.
The deletion of a bucket is performed by a DELETE request, which can be successful if and only if the
bucket is empty.

Shreetha Bhat Assistant Professor, School of CSA, RUPage 16

Unit – 4: Cloud Applications and AWS Cloud Platform

c) Objects and Metadata :

Objects constitute the content elements stored in S3. Users either store files or push to the S3 text stream
representing the object’s content. An object is identified by a name that needs to be unique within the
bucket in which the content is stored. The name cannot be longer than 1,024 bytes when encoded in UTF-
8, and it allows almost any character.
Users create an object via a PUT request that specifies the name of the object together with the bucket
name, its contents, and additional properties. The maximum size of an object is 5 GB. Once an object is
created, it cannot be modified, renamed, or moved into another bucket. It is possible to retrieve an object
via a GET request; deleting an object is performed via a DELETE request.
Objects can be tagged with metadata, which are passed as properties of the PUT request.
d) Access Control and Security :
Amazon S3 allows controlling the access to buckets and objects by means of Access Control Policies
(ACPs). An ACP is a set of grant permissions that are attached to a resource expressed by means of an
XML configuration file. A policy allows defining up to 100 access rules, each of them granting one of the
available permissions to a grantee. Currently, five different permissions can be used:
i. READ: allows the grantee to retrieve an object and its metadata and to list the content of a bucket as
well as getting its metadata.
ii. WRITE : allows the grantee to add an object to a bucket as well as modify and remove it
iii. READ_ACP: allows the grantee to read the ACP of a resource
iv. WRITE_ACP : allows the grantee to modify the ACP of a resource
v. FULL_CONTROL : grants all of the preceding permissions
e) Advanced Features :
S3 offers other additional features that can be helpful. These features are server access logging and
integration with the BitTorrent file-sharing network.
Server access logging allows bucket owners to obtain detailed information about the request made for the
bucket and all the objects it contains. By default, this feature is turned off; it can be activated by issuing a
PUT request to the bucket URI followed by ?logging The request should include an XML file specifying
the target bucket in which to save the logging files and the file name prefix. A GET request to the same
URI allows the user to retrieve the existing logging con- figuration for the bucket.
The second feature of interest is represented by the capability of exposing S3 objects to the BitTorrent
network, thus allowing files stored in S3 to be downloaded using the BitTorrent protocol. This is done by
appending ?torrent to the URI of the S3 object

2.2 Amazon Elastic Block Store (EBS)

The Amazon Elastic Block Store (EBS) allows AWS users to provide EC2 instances with persistent
storage in the form of volumes that can be mounted at instance startup. They accommodate up to 1 TB of
space and are accessed through a block device interface, thus allowing users to format them according to
the needs of the instance they are connected to (raw storage, file system, or other). EBS volumes can be

Shreetha Bhat Assistant Professor, School of CSA, RUPage 17

Unit – 4: Cloud Applications and AWS Cloud Platform

cloned, used as boot partitions, and constitute durable storage since they rely on S3 and it is possible to
take incremental snapshots of their content. EBS volumes normally reside within the same availability
zone of the EC2 instances that will use them to maximize the I/O performance. It is also possible to
connect volumes located in different availability zones. Once mounted as volumes, their content is lazily
loaded in the background and according to the request made by the operating system. This reduces the
number of I/O requests that go to the network. The expense related to a volume comprises the cost
generated by the amount of storage occupied in S3 and by the number of I/O requests performed against
the volume. Currently, Amazon charges $0.10/GB/month of allocated storage and $0.10 per 1 million
requests made to the volume.

2.3 Amazon ElastiCache

Amazon ElastiCache works as an in-memory data store and cache to support the most demanding
applications requiring sub-millisecond response times. By utilizing an end-to-end optimized stack running
on customer dedicated nodes, Amazon ElastiCache provides secure, blazing fast performance .

ElastiCache nodes are priced according to the EC2 costing model, with a small price difference due to the
use of the caching service installed on such instances. It is possible to choose between different types of
instances; Table 9.3 provides an overview of the pricing options.

2.4 Structured Storage Solutions

Enterprise applications quite often rely on databases to store data in a structured form, index, and perform
analytics against it. Traditionally, RDBMS have been the common data back-end for a wide range of
applications, even though recently more scalable and lightweight solutions have been proposed. Amazon
provides applications with structured storage services in three different forms:

i. Preconfigured EC2 AMIs

ii. Amazon RDS

Shreetha Bhat Assistant Professor, School of CSA, RUPage 18

Unit – 4: Cloud Applications and AWS Cloud Platform

iii. Amazon SimpleDB

i. Preconfigured EC2 AMIs:

Preconfigured EC2 AMIs are predefined templates featuring an installation of a given database
management system. EC2 instances created from these AMIs can be completed with an EBS volume
for storage persistence. Available AMIs include installations of IBM DB2, Microsoft SQL Server,
MySQL, Oracle, PostgreSQL, Sybase, and Vertica. Instances are priced hourly according to the EC2
cost model. This solution poses most of the administrative burden on the EC2 user, who has to
configure, maintain, and manage the relational database, but offers the greatest variety of products to
choose from.

ii. Amazon RDS

RDS is relational database service that relies on the EC2 infrastructure and is managed by Amazon.
Developers do not have to worry about configuring the storage for high availability, designing failover
strategies, or keeping the servers up-to-date with patches. The service provides users with automatic
backups, snapshots, point-in-time recoveries, and facilities for implementing replications. The available
options and the relative pricing of the service during 2011_2012 are shown in Table 9.4.

iii. Amazon SimpleDB

Amazon SimpleDB is a lightweight, highly scalable, and flexible data storage solution for applica-
tions that do not require a fully relational model for their data. SimpleDB provides support for
semistructured data, the model for which is based on the concept of domains, items, and attributes.
With respect to the relational model, this model provides fewer constraints on the structure of data
entries, thus obtaining improved performance in querying large quantities of data.

2.5 Amazon CloudFront

Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data,
videos, applications, and APIs to customers globally with low latency, high transfer speeds, all within a
developer-friendly environment. CloudFront is integrated with AWS – both physical locations that are
directly connected to the AWS global infrastructure, as well as other AWS services.

Shreetha Bhat Assistant Professor, School of CSA, RUPage 19

 Unit – 4: Cloud Applications and AWS Cloud Platform

3. Communication Services
Amazon provides facilities to structure and facilitate the communication among existing applications and
services residing within the AWS infrastructure. These facilities can be organized into two major categories:
1. Virtual Networking
2. Messaging

3.1 Virtual Networking

Virtual Networking comprises a collection of services that allow AWS users to control the
connectivity to and between compute and storage services. Amazon Virtual Private Cloud (VPC)
and Amazon Direct Connect provide connectivity solutions in terms of infrastructure; Route 53
facilitates connectivity in terms of naming.

1.2 Messaging
Messaging services constitute the next step in connecting applications by leveraging AWS
capabilities. The three different types of messaging services offered are :
i. Amazon Simple Queue Service (SQS),
ii. Amazon Simple Notification Service(SNS), and
iii. Amazon Simple Email Service(SES).

Amazon Simple Queue Service (SQS):

Using the AWS console or directly the underlying Web service AWS, users can create an
unlimited number of message queues and configure them to control their access. Applications
can send messages to any queue they have access to. These messages are securely and
redundantly stored within the AWS infrastructure for a limited period of time, and they can be
accessed by other (authorized) applications. While a message is being read, it is kept locked to
avoid spurious processing from other applications. Such a lock will expire after a given period.

Amazon Simple Notification Service (SNS):

Amazon SNS allows applications to be notified when new content of interest is available. This
feature is accessible through a Web service whereby AWS users can create a topic, which other
applications can subscribe to. At any time, applications can publish content on a given topic and
subscribers can be automatically notified. The service provides subscribers with different
notification models (HTTP/HTTPS, email/email JSON, and SQS).

Amazon Simple Email Service(SES) :

Shreetha Bhat Assistant Professor, School of CSA, RUPage 20

Unit – 4: Cloud Applications and AWS Cloud Platform

Amazon SES provides AWS users with a scalable email service that leverages the AWS infra-
structure. Once users are signed up for the service, they have to provide an email that SES will
use to send emails on their behalf. To activate the service, SES will send an email to verify the
given address and provide the users with the necessary information for the activation.

Shreetha Bhat Assistant Professor, School of CSA, RUPage 21