AWS Cloud Fundamentals

AWS Compute
 A Day in the Life of a Cloud Consultant

As a newly-appointed junior cloud architect at ABC Corp, you've been tasked to

guide the company's transition to cloud solutions. The leadership needs:

• A secure and scalable cloud-based computing service

• A solution for batch computing on AWS
• A service that supports auto-scaling and efficient web server management
• A strategy for smoothly distributing web traffic across multiple targets
• Hassle-free management of the underlying infrastructure
• An option for using Kubernetes on AWS without having to manage the control
plane or nodes
 A Day in the Life of a Cloud Consultant

Moreover, ABC Corp aims to:

• Focus on application development without server management

• Use serverless compute services that react to specific events and
autonomously manage compute resources
• Have a simple solution for deploying and scaling web applications and
services across various platforms and servers

This lesson will help you understand crucial concepts to design a solution fitting
these needs and provide added features.
 Learning Objectives

By the end of this lesson, you will be able to:

Analyze the concept of AWS compute service

Assess elastic compute cloud (EC2) and its instance life cycle

Explore the various AWS Container services

Assess all the features of AWS Lambda

AWS Compute Service
 AWS Batch

A service that allows you to run batch computing workloads on Amazon Web Services (AWS)

This service may instantly provision resources in response to jobs, thus removing capacity
limitations, lowering compute costs, and delivering results promptly.
 AWS Auto Scaling Group

A logical grouping of Amazon EC2 instances used for automatic scaling and management

It also enables you to use Amazon EC2 Auto Scaling features such as health check
replacements and scaling policies.
Load Balancing
 What Is Load Balancing?

Load balancing refers to the distribution of incoming network traffic across multiple backend
servers efficiently.
 Types of Load Balancing

Application Load Balancer

● Supports direct routing

● Makes routing decisions at the application layer (HTTP or
HTTPS)
● Supports dynamic host port mapping
 Types of Load Balancing

Network Load Balancer

● At the transport layer (TCP or SSL), a Network Load Balancer

makes routing decisions.
● It is capable of processing millions of queries per second.
● When the load balancer receives a connection, it uses a flow
hash routing algorithm to choose a target.
 Types of Load Balancing

Classic Load Balancer

A Classic Load Balancer makes routing decisions at either the

transport layer (TCP or SSL) or the application layer (HTTP or
HTTPS).
 Types of Load Balancing

Gateway Load Balancer

Network appliances such as firewalls, prevention systems, and

deep packet inspection systems can all be deployed, scaled,
and managed using Gateway Load Balancers.
Elastic Load Balancing

• Spreads your incoming traffic among many targets

automatically
• Can scale to most workloads on its own
• Keeps track of the health of its registered targets and only
sends traffic to those who are in good shape
Assisted Practice

Elastic Load Balancer Duration: 15 Min.

Problem Statement:

You have been assigned a task to demonstrate the creation of an Elastic Load Balancer in the AWS
Management Console.
Assisted Practice: Guidelines

Steps to be followed:

1. Log in to the AWS Management Console

2. Create an Elastic Load Balancer
Elastic Compute Cloud (EC2)
Elastic Compute Cloud (EC2)

• Amazon EC2 is a web service interface that allows scalability

in the Amazon Web Services cloud.
• It is built to give developers complete control over web
scalability and computational resources.

• These instances can be deployed in one or more geographic

locations, and availability zones can be specified during
instance launch.
 EC2 Instance Types

They provide users with flexibility, offering various computing, memory, and storage specifications.

AWS categorizes the EC2 instances as follows:

EC2 Instance Type: General Purpose

• EC2 General purpose instance is a good

choice if users are new to AWS.

• As this type offers a wide balance of

computing power, memory, and storage, it is
suitable for most AWS workloads.
EC2 Instance Type: Compute Optimized

• The compute optimized instances are ideal for

compute-intensive tasks.

• It provides excellent performance at a low

cost, making it suitable for web servers and
scientific modeling.
EC2 Instance Type: Storage Optimized

• The storage optimized instances are useful for

delivering a high number of low latency and
random I/O operations each second (IOPS).

• They are suitable for apps with high transaction

and low-latency workloads, such as in-memory
DBs, data warehousing, and data analytics.
EC2 Instance Type: Memory Optimized

• The memory optimized instances are useful

for memory-intensive workloads that require
processing large datasets at a fast speed.

• Examples include Big Data analytics or apps

running on Hadoop or Apache Spark.
EC2 Instance Type: Accelerated Computing

• Accelerated computing instances use

additional hardware accelerators like
graphics processing units (GPUs) and
field-programmable gate arrays (FPGAs).

• It enables higher throughput in

compute-intensive applications with more
parallelism.
 Amazon Machine Images

An Amazon machine image (AMI) is a special type of virtual appliance for creating a virtual
machine within the Amazon EC2.

• It is the fundamental deployment unit for

EC2 services.

• Users can launch multiple instances from

a single AMI when they need them with
the same configuration.

• Users can use different AMIs to launch

instances when they need them with
different configurations.
Amazon Machine Images

An AMI includes the following:

• An Amazon EBS snapshot or a template for

the root volume of the instance

• The launch permissions that control which

AWS accounts can use the AMI to launch
instances

• A block device mapping that specifies the

volumes to attach to the instance when a
user launches them
 AMI Life Cycle

The following diagram summarizes the AMI life cycle:

Launch

Instance
Create Register

AMI #1
EBS snapshot Copy
or template
AMI #2
Deregister

Users can create and register an AMI for launching new instances; when users no longer
require an AMI, they can deregister it.
 Amazon Machine Images

AWS users can select an AMI based on the following characteristics:

Regions Operating systems Architecture

Storage for the root

Launch permissions
device
 AMI Launch Permissions

The owner of an AMI determines its availability by specifying launch permissions.

Launch permissions fall into the following categories:

Launch permissions Description

Public The owner grants launch permissions to all AWS accounts.

The owner grants launch permissions to specific AWS accounts,

Explicit
organizations, or organizational units (OUs).

Implicit The owner has implicit launch permissions for an AMI.

 AMI Storage for the Root Device

AWS categorizes AMIs as either Amazon EBS-backed or instance store-backed AMI.

 Security Groups

WWW

• A security group controls incoming and

outgoing traffic for EC2 instances by acting
Outbound as a virtual firewall.
traffic
• Inbound rules manage traffic entering the
Security groups instance, while outbound rules control
traffic leaving the instance.

Inbound • Users must specify a security group for a

traffic VPC when they launch an instance in that
VPC.

EC2 machine
 Security Group Rules

• Security groups allow all outbound traffic,

and Amazon EC2 blocks traffic on port 25
by default.

• Security group rules enable users to filter

traffic based on protocols and port
numbers.
Amazon EC2
• Users can add and remove rules at any
time. They can assign multiple security
Security group groups to an instance.
 Security Groups and Standard Ports

The security group has specific inbound rules for TCP and ICMP traffic and outbound rules that
allow all outbound IPv4 and IPv6 traffic.

Inbound rules

Protocol type Port number Source IP

TCP 22 (SSH) 203.0.113.1/32
TCP 80 (HTTP) 0.0.0.0/0
TCP 80 (HTTP) ::/0
ICMP All 0.0.0.0/0
Outbound rules

Protocol type Port number Destination IP

All All 0.0.0.0/0
All All ::/0
 Security Groups

• Users can create their custom security

group or use the AWS default security
group for the default VPC in each region.

• The instance is automatically associated

with the default security group for the VPC
if users do not specify a security group.

Default security Custom security

groups groups
 EC2 Instance Lifecycle

The following illustration represents the transitions between instance states:

Launch Start
AMI Pending

Reboot Stop
Rebooting Running Stopping Stopped
Stop-Hibernate

Shutting down

Terminated
Terminate
 EC2 Instance Connect

Amazon EC2 Instance Connect provides an easy and secure way to connect to Linux instances
using Secure Shell (SSH).
 EC2 Instance Connect

Users can utilize EC2 Instance Connect to connect to their instances through:

01 Amazon EC2 console

02 Amazon EC2 Instance Connect CLI

03 Secure Shell (SSH) client

Assisted Practice

EC2 Instance Duration: 20 Min.

Problem Statement:

You have been assigned a task to demonstrate the process of creating and connecting to an EC2
instance in AWS.
Assisted Practice: Guidelines

Steps to be followed:

1. Create and launch the EC2 instance

AWS Container Services
AWS Container Services

• AWS Container Services streamline management

infrastructure, whether on-premises or in the cloud,
allowing you to focus on innovation and your business
needs.
• Customers such as Samsung, Expedia, GoDaddy, and Snap
choose to run their Containers on AWS for security,
reliability, and scalability.
 AWS Container Services

AWS Container services help you to:

• Build secure microservices

• Move from idea to market faster
• Choose the correct compute and Container orchestrator for
your needs
• Integrate across AWS with high reliability
Elastic Container Service

• It is a highly scalable, fast Container management solution that

makes running, stopping, and managing Containers on a cluster
simple.
• A task definition defines your Containers, which you use to run
individual tasks or tasks within a service.
• A service is a cluster arrangement that allows you to perform and
manage a certain number of tasks at the same time.
Elastic Container Service

• Using simple API calls, Amazon ECS allows you to start and
stop your Container-based applications.
• You can get information about the state of your cluster from
a centralized service and use numerous other Amazon EC2
features.
Assisted Practice

Elastic Container Service Duration: 20 Min.

Problem Statement:

You have been assigned a task to create an Amazon Elastic Container Service (ECS) cluster.
Assisted Practice: Guidelines

Steps to be followed:

1. Create an Elastic Container Service

Elastic Kubernetes Service

• Amazon EKS is a managed service that makes running

Kubernetes on Amazon Web Services (AWS) easier.
• Organizations can use EKS to run Kubernetes without having
to deploy and manage a Kubernetes control plane or worker
nodes.
• EKS is a managed Containers-as-a-service (CaaS) that makes
deploying Kubernetes on AWS simple.
Amazon Fargate

• AWS Fargate is a technology that allows you to execute

Containers without managing servers or clusters of Amazon
EC2 instances using Amazon ECS.
• Fargate eliminates the need to provision, configure, or scale
virtual machine clusters to execute Containers.
• This also eliminates the need to select server kinds,
schedule cluster scaling, or optimize cluster packing.
 Amazon Elastic Container Registry

Amazon ECR is a container image registry service that is managed by Amazon.

Customers may push, pull, and manage images using the traditional Docker CLI
or their preferred client.
Amazon Elastic Container Registry

• Serves as a safe, scalable, and dependable registry for

Docker and Open Container Initiative (OCI) images
• Uses IAM to support private repositories with
resource-based permissions
• Has service endpoints in each authorized region
AWS Lambda
 Introduction to Serverless Architecture

Serverless is a cloud-based code execution approach in which cloud providers handle servers
and compute resource management rather than the developers.

Virtual machines or physical servers are not used because vendors automatically deploy
them in the cloud.
Introduction to Serverless Architecture

• It enables you to launch apps only when they're needed, and

you don't have to pay for servers when it's not in use.
• It is a method of developing cloud-based apps without worrying
about the infrastructure.
• Routine activities like security patches, capacity management,
load balancing, and scalability are no longer required.
 Examples of Serverless Architecture

AWS Lambda, AWS Fargate, AWS EventBridge, and AWS Aurora serverless are some well-known
examples of serverless services offered by AWS.

AWS Fargate AWS Lambda AWS EventBridge AWS Aurora

 Serverless

It is a cloud-native development methodology that enables developers to create and execute

apps without having to worry about managing servers.

Servers are still used in serverless, but they are separated from the app development process.
 AWS Lambda

A serverless computing technology that allows you to run your code without having to worry
about procuring or managing servers

It allows you to execute your application or backend service with zero administration.
Features of AWS Lambda

● AWS Lambda scales the infrastructure with ease and requires

no additional configuration. It decreases the amount of
operating work required.

● All roles and security policies are defined using AWS IAM.

● It provides fault tolerance for both the code and the function
operating services.
Elastic Beanstalk
 Elastic Beanstalk

AWS Elastic Beanstalk is a computing solution that allows developers to easily deploy and
maintain applications on the AWS cloud.

Upload your code, and Elastic Beanstalk will take care of the rest, including capacity
provisioning, load balancing, auto-scaling, and application health monitoring.
Features of Elastic Beanstalk

• Elastic Beanstalk dynamically scales your application up and

down based on your application's individual needs using easily
customizable Auto Scaling settings.
• You have complete control over the AWS resources that are
most suited for your application, such as Amazon EC2 instance
type and processor type.
Amazon Lightsail
 Amazon Lightsail

It is a service that offers virtual private offerings and services with a range of templates to pick from.

Also known as a virtual machine or a virtual private server, it's essentially a server or
computing machine that can't be seen physically.
 Amazon Lightsail

● Makes it simple and quick to set up virtual private servers

● Provides pre-configured templates for Linux distributions,
bare-bones operating systems, Wordpress, and other platforms
● Was developed on Amazon servers and is extremely
dependable and available
Amazon Workspaces
 Amazon Workspaces

It is a secure Desktop-as-a-Service (DaaS) solution that is administered by Amazon.

You may use it to swiftly offer Windows or Linux desktops and scale to provide thousands of
workstations to workers around the world in just a few minutes.
Amazon Workspaces

• It simplifies your desktop delivery strategy by reducing

cost, complexity of managing hardware inventories, OS
versions and patches, and Virtual Desktop Infrastructure.
• Users get a fast, responsive desktop of their preference,
which they can use from any compatible device,
anywhere, at any time.
 Key Takeaways

AWS Batch is a service that allows you to run batch computing

workloads on Amazon Web Services (AWS).

Elastic Load Balancing (ELB) spreads incoming traffic among many

targets automatically.

AWS Container services make managing infrastructure easier,

allowing to focus on innovation

AWS Lambda is a serverless computing technology that runs the

code without having to worry about procuring or managing servers.
 Create a Classic Load Balancer

Duration: 30 Minutes.
Project Agenda: To create a classic load balancer through the AWS
management console
Description:
You have been given a project to create a load balancer to use EC2-Classic or
a VPC. Users will build a load balancer that accepts public HTTP traffic and
routes it to the EC2 instances.
Perform the following:
1. Select a load balancer type
2. Define the load balancer
3. Assign security groups to the load balancer in a VPC
4. Register EC2 instances with the load balancer
5. Create and verify the load balancer
Thank you