Scribd
Upload
56 views

Training AWS - Module 2 - Computing in AWS

The document provides information about an AWS training course including the schedule, modules, and content covered each day. It details the topics that will be covered in module 2 on computing in AWS such as instance types, creating and managing instances, security, troubleshooting, and pricing.

Uploaded by

Nhật Minh Trần
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
56 views

Training AWS - Module 2 - Computing in AWS

The document provides information about an AWS training course including the schedule, modules, and content covered each day. It details the topics that will be covered in module 2 on computing in AWS such as instance types, creating and managing instances, security, troubleshooting, and pricing.

Uploaded by

Nhật Minh Trần
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 37

Training Course

Amazon Web Service

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 1


Course Schedule

Day Presentations Lab


Day 1 System Operations on AWS
Day 2 Computing on AWS X
Day 3 Networking on AWS X
Day 4 Storage and Archiving in the Cloud X
Day 5 Monitoring in the Cloud X
Day 6 Managing Resource Consumption in the Cloud X

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 2


Module 2:

Computing in AWS

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 3


Module 2: Computing in AWS

 Goal: Understand how to deploy instances and maintain


instance health
 Creating instances
 Type of instance
 Instance security
 Pricing
 Troubleshooting

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 4


Module 2: Computing in AWS

 Architecture of Cloud Computing


 Amazon EC2 instances run as virtual machines on host computers located
in each Availability Zone
 Each Amazone EC2 instance receives a particular number of virtual CPUs
and an amount of RAM
 Instance Store is physically attached to the host computer and provides
temporary block-level storage for use with an instance, data in the instance
store does not persist

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 5


Module 2: Computing in AWS

 Architecture of Cloud Computing

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 6


Module 2: Computing in AWS

 Instance Types

 Instance types differ in CPU, memory, storage, and network capacity


 Instances are described by family (T2, M3, etc,..) and size (small,
medium, large, xlarge, 2xlarge, etc,…)
 Eeach instance type family is optimized for a specific type of workload
 Monitor CPU usage of instances to determine whether you are using the
right instance type

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 7


Module 2: Computing in AWS

 Instance Types

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 8


Module 2: Computing in AWS

Creating Instances in AWS

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 9


Module 2: Computing in AWS

Create An Instance

• Instance
• AMI
• Storage
• Network placement
and addressing

• User data
• Key pairs
• Security groups

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 10


Module 2: Computing in AWS

Create An Instance
 Internet Protocol

• Private IPs
• Public IPs
• Elastic IPs

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 11


Module 2: Computing in AWS

Create An Instance
 Amazon Elastic Block Store (EBS)

• Network-attached disk storage


• Types of EBS volumes
 General Purpose (SSD)
 Provisioned IOPS (SSD)
 Magnetic options
• Data persist when instance is stopped
• Data persist when instance is terminated, provided the DeleteOnTermination
attribute is false

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 12


Module 2: Computing in AWS

Create An Instance
 Instance Store (Ephemeral)

• Instance store volumes are directly attached to a host computer


• Instance Store SSD volumes have fast disk access suitable for swap files, caches,
buffers, and highly replicated data
• Instance store volume contents are lost when an instance is stopped or
terminated
• Instance store volumes can offer up to 100,000 IOPS for some instance types

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 13


Module 2: Computing in AWS

Create An Instance
 User Data
• User data scripts supplied to initialize instances automatically
 Linux script
 Window batch or PowerShell scripts
• User data scripts can install any software package
 Web server
 Database server
 Configuration management tools
• User data scripts are executed by
 Cloud-init on Linux
 EC2 config service on Window
• User data scripts run once per instance-id default

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 14


Module 2: Computing in AWS

Create An Instance
 User Data

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 15


Module 2: Computing in AWS

Create An Instance
 User Data

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 16


Module 2: Computing in AWS

Create An Instance
 Meta Data

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 17


Module 2: Computing in AWS

Create An Instance
 Security Groups

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 18


Module 2: Computing in AWS

Create An Instance
 Security Groups

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 19


Module 2: Computing in AWS

Create An Instance
 Key Pairs

Remote Access
 Linux – Use SSH to log into an instance since password-only authentication is
disabled on Linux by default
 Windows – Use RDP to log in to instances using an encrypted random password
that can only be decrypted using a private secret access key
Public key cryptographic keys
 Only the Public Access key ID needs to be uploaded to server (in
~/.ssh/authorized_keys on Linux)
 Private secret access keys can be generated locally and must be saved when
created

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 20


Module 2: Computing in AWS

Create An Instance
 IAM Roles

Use IAM Roles on EC2 instance


 Automatic propagation of access keys to instances
 Auto-rotation of access keys multiple times daily
 Use across multiple instances (e.g., Auto Scaling group)

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 21


Module 2: Computing in AWS

Create An Instance
 IAM Roles

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 22


Module 2: Computing in AWS

Create An Instance
 Access Keys

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 23


Module 2: Computing in AWS

Managing Instances in AWS

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 24


Module 2: Computing in AWS

An instance enters the Pending state when it is first started. As soon as it is started,
we will be charged for that instance’s first hour

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 25


Module 2: Computing in AWS

Scale: Vertical or Horizontal

• Vertical scaling:
• Scaling up/down
• Increase/decrease size of
the instance
• Horizontal scaling:
• Scaling out/in
• Increase/decrease
number of instances

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 26


Module 2: Computing in AWS

Securing Your AWS Instances

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 27


Module 2: Computing in AWS

EC2 Instance Security Summary

Should:
 Use IAM roles when launching instances
 Use least privilege access policies
 Guard and manage access/secret keys
 Keep security patches up to date
 Use a NAT and Bastion host or similar solutions

Shoud Not:
 Use root level access/secret keys
 Embed access/secret keys in code or commit to Git

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 28


Module 2: Computing in AWS

Troubleshooting AWS Instance Issues

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 29


Module 2: Computing in AWS

Troubleshooting Common EC2 Issues

 Can’t connect to the instance


 Check security groups
 Automated Windows Updates sometimes a culprit
 Instance is marked “Impaired” (fail status check)
 Reboot
 Get System Log command in console for additional troubleshooting
 (Windows) attaching a second Elastic Network Interface (ENI) may enable
connecting to the instance
 Log issue with AWS support

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 30


Module 2: Computing in AWS

Understanding EC2 Instance Pricing

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 31


Module 2: Computing in AWS

Mix of Pricing Type


On-Demand Instances Reserved Instances Spot Instances
Pay as you go for compute 1- or 3- year terms Bid on unused EC2 capacity
power Spot Price based on
Benefit: Choose zero/partial/full up- supply/demand, determined
On-demand availability front payment automatically, up to 90% off
on-demand price
Pay only for what you use, no Receive significant hourly Benefit: Cost/Large Scale,
up-front commitments or discount dynamic workload handling
long-term contracts Benetfit: Cost/Predictability
Helps ensure that compute Spot price below bid,
capacity is available when instances start
needed Spot price above bid,
instances terminate after a 2-
minute warning

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 32


Module 2: Computing in AWS

Knowledge Check 1

What disk device would be best for storing virtual memory paging/swap files?

 Boot volume
 Additional EBS data drive
 Instance store
 Amazon S3

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 33


Module 2: Computing in AWS

Knowledge Check 1

What disk device would be best for storing virtual memory paging/swap files?
 Boot volume
 Additional EBS data drive
 Instance store
 Amazon S3

Answer: Instance store. Instance storage is fast, temporary storage perfect for
storing temporary data such as memory paging and swap file data.

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 34


Module 2: Computing in AWS

Knowledge Check 2
You want to deploy a new version of your web application. How do you trigger the
user data to run again and update your app?

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 35


Module 2: Computing in AWS

Knowledge Check 2
You want to deploy a new version of your web application. How do you trigger the
user data to run again and update your app?

Answer: You don’t. Be default, user data is run once, when the instance first
boots.

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 36


Module 2: Computing in AWS

Lab1 / Some practice with an AWS Instance in this module:

 Create a new an Instance


 View status change
 Change instance type
 Creat an AMI from an instance
 Re-launch an new instance from AMI
 SSH to EC2 instance
 Set security group for instance

8/9/2023 09e-BM/DT/FSOFT - ©FPT SOFTWARE – Fresher Academy - Internal Use 37

You might also like