Current Trends in

Software CLOUD

Engineering
COMPUTING

Keshawa Yaddehikandage
Elastic
Compute CLOUD
COMPUTING

Cloud
EC2 Basics
• EC2 is one of the most popular of AWS’ offering
• EC2 = Elastic Compute Cloud = Infrastructure as a Service
• It mainly consists in the capability of :
• Renting virtual machines (EC2)
• Storing data on virtual drives (EBS)
• Distributing load across machines (ELB)
• Scaling the services using an auto-scaling group (ASG)
• Knowing EC2 is fundamental to understand how the Cloud works
EC2 sizing & Configuration Options
• Operating System (OS): Linux, Windows or Mac OS
• How much compute power & cores (CPU)
• How much random-access memory (RAM)
• How much storage space:
• Network-attached (EBS & EFS)
• hardware (EC2 Instance Store)
• Network card: speed of the card, Public IP address
• Firewall rules: security group
• Bootstrap script (configure at first launch): EC2 User Data
EC2 User Data
• It is possible to bootstrap our instances using an EC2 User data script.
• bootstrapping means launching commands when a machine starts
• That script is only run once at the instance first start
• EC2 user data is used to automate boot tasks such as:
• Installing updates
• Installing software
• Downloading common files from the internet
• Anything you can think of
• The EC2 User Data Script runs with the root user
EC2 Instance Types - Overview
• You can use different types of EC2 instances that are
optimized for different use cases
• (https://aws.amazon.com/ec2/instance-types/)
• AWS has the following naming convention:
m5.2xlarge

• m: instance class
• 5: generation (AWS improves them over time)
• 2xlarge: size within the instance class
EC2 Instance Types – General Purpose
• Great for a diversity of workloads such as web servers or code
repositories
• Balance between:
• Compute
• Memory
• Networking
• For practice, please use t2.micro which is a General Purpose EC2
instance
EC2 Instance Types – Compute Optimized
• Great for compute-intensive tasks that require high performance
processors:
• Batch processing workloads
• Media transcoding
• High performance web servers
• High performance computing (HPC)
• Scientific modeling & machine learning
• Dedicated gaming servers
EC2 Instance Types – Memory Optimized
• Fast performance for workloads that process large data sets in
memory
• Use cases:
• High performance, relational/non-relational databases
• Distributed web scale cache stores
• In-memory databases optimized for BI (business intelligence)
• Applications performing real-time processing of big unstructured
data
EC2 Instance Types – Storage Optimized
• Great for storage-intensive tasks that require high, sequential
read and write access to large data sets on local storage
• Use cases:
• High frequency online transaction processing (OLTP) systems
• Relational & NoSQL databases
• Cache for in-memory databases (for example, Redis)
• Data warehousing applications
• Distributed file systems
EC2 Instance Types: example

T2.micro is part of the AWS free tier (up to 750 hours per month)
Introduction to Security Groups
• Security Groups are the fundamental of network security in AWS
• They control how traffic is allowed into or out of our EC2 Instances.
• Security groups only contain rules
• Security groups rules can reference by IP or by security group
Security Groups Cont.
• Security groups are acting as a “firewall” on EC2 instances
• They regulate:
• Access to Ports
• Authorized IP ranges – IPv4 and IPv6
• Control of inbound network (from other to the instance)
• Control of outbound network (from the instance to other
Security Groups Cont.
Security Groups Cont.
• Can be attached to multiple instances
• Locked down to a region / VPC combination
• Does live “outside” the EC2 – if traffic is blocked the EC2 instance won’t see it
• It’s good to maintain one separate security group for SSH access
• If your application is not accessible (time out), then it’s a security group issue
• If your application gives a “connection refused“ error, then it’s an application
error or it’s not launched
• All inbound traffic is blocked by default • All outbound traffic is authorized by
default
Classic Ports
• 22 = SSH (Secure Shell) - log into a Linux instance
• 21 = FTP (File Transfer Protocol) – upload files into a file share
• 22 = SFTP (Secure File Transfer Protocol) – upload files using SSH
• 80 = HTTP – access unsecured websites
• 443 = HTTPS – access secured websites
• 3389 = RDP (Remote Desktop Protocol) – log into a Windows
instance
EC2 Instances Purchasing Options
• On-Demand Instances: short workload, predictable pricing
• Reserved: (MINIMUM 1 year)
• Reserved Instances: long workloads
• Convertible Reserved Instances: long workloads with flexible instances
• Scheduled Reserved Instances: example – every Thursday between 3 and 6 pm
• Spot Instances: short workloads, cheap, can lose instances (less reliable)
• Dedicated Hosts: book an entire physical server, control instance placement
• Dedicated Instances: no other customers will share your hardware
EC2 On Demand
• Pay for what you use:
• Linux or Windows - billing per second, after the first minute
• All other operating systems - billing per hour
• Has the highest cost but no upfront payment
• No long-term commitment

• Recommended for short-term and un-interrupted workloads, where

you can't predict how the application will behave
EC2 Reserved Instances
• Up to 72% discount compared to On-demand
• Reservation period: 1 year = + discount | 3 years = +++ discount
• Purchasing options: no upfront | partial upfront = + | All upfront = ++ discount
• Reserve a specific instance type
• Recommended for steady-state usage applications (Like database)

• Convertible Reserved Instance

• can change the EC2 instance type
• Up to 66% discount
• Scheduled Reserved Instances
• launch within time window you reserve
• When you require a fraction of day / week / month
• Commitment for 1 year only
EC2 Spot Instances
• Can get a discount of up to 90% compared to On-demand
• Instances that you can “lose” at any point of time if your max price is less than the
current spot price
• The MOST cost-efficient instances in AWS
• Useful for workloads that are resilient to failure
• Batch jobs Data analysis
• Image processing
• Any distributed workloads
• Workloads with a flexible start and end time

• Not suitable for critical jobs or databases

EC2 Other Offerings
• An Amazon EC2 Dedicated Host is a physical server with EC2 instance
capacity fully dedicated to your use. Dedicated Hosts can help you
address compliance requirements and reduce costs by allowing you to
use your existing server-bound software licenses.
Which purchasing option is right for my
Org ?
• On demand: coming and staying in resort whenever we like, we pay
the full price

• Reserved: like planning ahead and if we plan to stay for a long time,
we may get a good discount.
• Spot instances: the hotel allows people to bid for the empty rooms
and the highest bidder keeps the rooms. You can get kicked out at any
time
• Dedicated Hosts: We book an entire building of the resort
EC2 Cont.
EC2 Cont.
EC2 Cont.
EC2 Section – Summary
• EC2 Instance: AMI (OS) + Instance Size (CPU + RAM) + Storage + security
groups + EC2 User Data
• Security Groups: Firewall attached to the EC2 instance
• EC2 User Data: Script launched at the first start of an instance
• SSH: start a terminal into our EC2 Instances (port 22)
• Purchasing Options: On-Demand, Spot, Reserved (Standard + Convertible +
Scheduled), Dedicated Host, Dedicated Instance
EC2 – Associate
• Networking has two sorts of IPs. IPv4 and IPv6:
• IPv4: 1.160.10.240
• IPv6: 3ffe:1900:4545:3:200:f8ff:fe21:67cf
Private vs Public IP (IPv4)
Fundamental Differences (priv and pub)
Public IP:
• Public IP means the machine can be identified on the internet (WWW)
• Must be unique across the whole web (not two machines can have the same public IP).
• Can be geo-located easily

Private IP:
• Private IP means the machine can only be identified on a private network only
• The IP must be unique across the private network
• BUT two different private networks (two companies) can have the same IPs.
• Machines connect to WWW using a NAT + internet gateway (a proxy)
• Only a specified range of IPs can be used as private IP
Elastic IPs
• When you stop and then start an EC2 instance, it can change its
public IP.
• If you need to have a fixed public IP for your instance, you need
an Elastic IP
• An Elastic IP is a public IPv4 IP you own as long as you don’t
delete it
• You can attach it to one instance at a time
AMI Overview
• AMI = Amazon Machine Image
• AMI are a customization of an EC2 instance
• You add your own software, configuration, operating system, monitoring…
• Faster boot / configuration time because all your software is pre-packaged
• AMI are built for a specific region (and can be copied across regions)
• You can launch EC2 instances from:
• A Public AMI: AWS provided
• Your own AMI: you make and maintain them yourself
• An AWS Marketplace AMI: an AMI someone else made (and potentially sells)
AMI Overview
AMI Process (from an EC2 instance)
• Start an EC2 instance and customize it
• Stop the instance (for data integrity)
• Build an AMI – this will also create EBS snapshots
• Launch instances from other AMIs
EC2 Instance Store
• EBS volumes are network drives with good but “limited” performance
• If you need a high-performance hardware disk, use EC2 Instance Store
• Better I/O performance
• EC2 Instance Store lose their storage if they’re stopped (ephemeral)
• Good for buffer / cache / scratch data / temporary content
• Risk of data loss if hardware fails
• Backups and Replication are your responsibility
EC2 Instance Storage Section
What’s an EBS Volume?
• An EBS (Elastic Block Store) Volume is a network drive you can attach to
your instances while they run
• It allows your instances to persist data, even after their termination
• They can only be mounted to one instance at a time (at the CCP level)
• They are bound to a specific availability zone
• Analogy: Think of them as a “network USB stick”
• Free tier: 30 GB of free EBS storage of type General Purpose (SSD) or
Magnetic per month
EBS Volume
• It’s a network drive (i.e. not a physical drive)
• It uses the network to communicate the instance, which means there might be a
bit of latency
• It can be detached from an EC2 instance and attached to another one quickly
• It’s locked to an Availability Zone (AZ)
• An EBS Volume in us-east-1a cannot be attached to us-east-1b
• To move a volume across, you first need to snapshot it
• Have a provisioned capacity (size in GBs, and IOPS)
• You get billed for all the provisioned capacity
• You can increase the capacity of the drive over time
EBS Volume - Example
EBS Snapshots
• Make a backup (snapshot) of your EBS volume at a point in time
• Not necessary to detach volume to do snapshot, but recommended
• Can copy snapshots across AZ or Region
EBS Volume Types
• EBS Volumes come in 6 types
• gp2 / gp3 (SSD): General purpose SSD volume that balances price and performance
for a wide variety of workloads
• io1 / io2 (SSD): Highest-performance SSD volume for mission-critical low-latency or
high-throughput workloads
• st1 (HDD): Low cost HDD volume designed for frequently accessed, throughput-
intensive workloads
• sc1 (HDD): Lowest cost HDD volume designed for less frequently accessed
workloads
• EBS Volumes are characterized in Size | Throughput | IOPS (I/O Ops Per Sec)
• Only gp2/gp3 and io1/io2 can be used as boot volumes
General Purpose SSD
• Cost effective storage, low-latency
• System boot volumes, Virtual desktops, Development and test environments

Provisioned IOPS (PIOPS) SSD

• Critical business applications with sustained IOPS performance
• Applications that need more than 16,000 IOPS
EFS – Elastic File System
• Managed NFS (network file system) that can be mounted on many EC2
• EFS works with EC2 instances in multi-AZ
• Highly available, scalable, expensive (3x gp2), pay per use
EBS vs EFS – Elastic Block Storage
EBS volumes
• Can be attached to only one instance at a time
• locked at the Availability Zone (AZ) level
• Gp2: IO increases if the disk size increases
• io1: can increase IO independently
• Migrate an EBS volume across AZ
• Take a snapshot
• Restore the snapshot to another AZ
• EBS backups use IO and you shouldn’t run them while your application is handling a lot of traffic
• Root EBS Volumes of instances get terminated by default if the EC2 instance gets terminated. (you
can disable that)
EBS vs EFS – Elastic File System
• Mounting 100s of instances across AZ
• EFS share website files (WordPress)
• Only for Linux Instances (POSIX)
• EFS has a higher price point than EBS
• Can leverage EFS-IA for cost savings
• Remember: EFS vs EBS vs Instance Store
S3 Storage CLOUD
COMPUTING
Section introduction
• Amazon S3 is one of the main building blocks of AWS

• It’s advertised as ”infinitely scaling” storage

• It’s widely popular and deserves its own section

• Many websites use Amazon S3 as a backbone

• Many AWS services uses Amazon S3 as an integration as well

• We’ll have a step-by-step approach to S3

Amazon S3 Overview - Buckets
• Amazon S3 allows people to store objects (files) in “buckets” (directories)
• Buckets must have a globally unique name
• Buckets are defined at the region level
• Naming convention
• No uppercase
• No underscore
• 3-63 characters long
• Not an IP
• Must start with lowercase letter or number
Amazon S3 Overview - Objects
• Objects (files) have a Key
• The key is the FULL path:
• s3://my-bucket/my_file.txt
• s3://my-bucket/my_folder1/another_folder/my_file.txt
• The key is composed of prefix + object name
• s3://my-bucket/my_folder1/another_folder/my_file.txt
• There’s no concept of “directories” within buckets
• Just keys with very long names that contain slashes (“/”)
Amazon S3 -Versioning
• You can version your files in Amazon S3
• It is enabled at the bucket level
• Same key overwrite will increment the “version”: 1, 2, 3….
• It is best practice to version your buckets
• Protect against unintended deletes (ability to restore a version)
• Easy roll back to previous version
• Notes:
• Any file that is not versioned prior to enabling versioning will have version “null”
• Suspending versioning does not delete the previous versions
S3 Storage Classes
• Amazon S3 Standard - General Purpose
• Amazon S3 Standard-Infrequent Access (IA)
• Amazon S3 One Zone-Infrequent Access
• Amazon S3 Intelligent Tiering
• Amazon Glacier
• Amazon Glacier Deep Archive
• Amazon S3 Reduced Redundancy Storage (deprecated - omitted)