AWS Solution Architecture Patterns

Similar documents
Designing Fault-Tolerant Applications

Design Patterns for the Cloud. MCSN - N. Tonellotto - Distributed Enabling Platforms 68

Introduction to Cloud Computing

Fault-Tolerant Computer System Design ECE 695/CS 590. Putting it All Together

Amazon Web Services (AWS) Solutions Architect Intermediate Level Course Content

Principal Solutions Architect. Architecting in the Cloud

AWS_SOA-C00 Exam. Volume: 758 Questions

Amazon Web Services Training. Training Topics:

ARCHITECTING WEB APPLICATIONS FOR THE CLOUD: DESIGN PRINCIPLES AND PRACTICAL GUIDANCE FOR AWS

Amazon Web Services (AWS) Training Course Content

AWS Well Architected Framework

8/3/17. Encryption and Decryption centralized Single point of contact First line of defense. Bishop

Hosting DesktopNow in Amazon Web Services. Ivanti DesktopNow powered by AppSense

Cloud Computing /AWS Course Content

PracticeDump. Free Practice Dumps - Unlimited Free Access of practice exam

Document Sub Title. Yotpo. Technical Overview 07/18/ Yotpo

CogniFit Technical Security Details

Oracle WebLogic Server 12c on AWS. December 2018

SECURITY ON AWS 8/3/17. AWS Security Standards MORE. By Max Ellsberry

CIT 668: System Architecture. Amazon Web Services

NGF0502 AWS Student Slides

How can you implement this through a script that a scheduling daemon runs daily on the application servers?

DISTRIBUTED SYSTEMS [COMP9243] Lecture 8a: Cloud Computing WHAT IS CLOUD COMPUTING? 2. Slide 3. Slide 1. Why is it called Cloud?

Training on Amazon AWS Cloud Computing. Course Content

Introduction to Amazon Web Services. Jeff Barr Senior AWS /

PrepAwayExam. High-efficient Exam Materials are the best high pass-rate Exam Dumps

Amazon Virtual Private Cloud. Getting Started Guide

BERLIN. 2015, Amazon Web Services, Inc. or its affiliates. All rights reserved

Amazon Web Services. Block 402, 4 th Floor, Saptagiri Towers, Above Pantaloons, Begumpet Main Road, Hyderabad Telangana India

Enroll Now to Take online Course Contact: Demo video By Chandra sir

Understanding Perimeter Security

SAA-C01. AWS Solutions Architect Associate. Exam Summary Syllabus Questions

What is Cloud Computing? What are the Private and Public Clouds? What are IaaS, PaaS, and SaaS? What is the Amazon Web Services (AWS)?

LINUX, WINDOWS(MCSE),

AWS Administration. Suggested Pre-requisites Basic IT Knowledge

Automating Elasticity. March 2018

AWS Agility + Splunk Visibility = Cloud Success. Splunk App for AWS Demo. Laura Ripans, AWS Alliance Manager

Cloud Computing. Amazon Web Services (AWS)

EXAM - AWS-Solution-Architect- Associate. AWS Certified Solutions Architect - Associate. Buy Full Product

Puppet on the AWS Cloud

High School Technology Services myhsts.org Certification Courses

WHITEPAPER AMAZON ELB: Your Master Key to a Secure, Cost-Efficient and Scalable Cloud.

Question: 1 Which three methods can you use to manage Oracle Cloud Infrastructure services? (Choose three.)

Building a Modular and Scalable Virtual Network Architecture with Amazon VPC

Containers and the Evolution of Computing

ArcGIS 10.3 Server on Amazon Web Services

Security & Compliance in the AWS Cloud. Amazon Web Services

How to host and manage enterprise customers on AWS: TOYOTA, Nippon Television, UNIQLO use cases

Large Scale Computing Infrastructures

Cloud Analytics and Business Intelligence on AWS

#AWSSummit. Démarrer sur AWS. L élasticité et les outils de gestions

To benefit from this tutorial, you should have the desire to understand how Amazon Web Services can help you scale your cloud computing services.

HPE Digital Learner AWS Certified SysOps Administrator (Intermediate) Content Pack

Security & Compliance in the AWS Cloud. Vijay Rangarajan Senior Cloud Architect, ASEAN Amazon Web

Deploying and Operating Cloud Native.NET apps

Architecting Microsoft Azure Solutions (proposed exam 535)

Cloud Essentials for Architects using OpenStack

AWS Setup Guidelines

Cloud Security Strategy - Adapt to Changes with Security Automation -

Oracle 1Z Oracle Cloud Solutions Infrastructure Architect Associate.

Building Apps in the Cloud to reduce costs up to 90%

25 Best Practice Tips for architecting Amazon VPC

Microservices Architekturen aufbauen, aber wie?

Getting Started with AWS Security

Towards a Real- time Processing Pipeline: Running Apache Flink on AWS

Security: Michael South Americas Regional Leader, Public Sector Security & Compliance Business Acceleration

CPET 581 Cloud Computing: Technologies and Enterprise IT Strategies

Hackproof Your Cloud Responding to 2016 Threats

ARCHITECTURAL DESIGN ON AWS: 3 COMMONLY MISSED BEST PRACTICES

Microservices on AWS. Matthias Jung, Solutions Architect AWS

Designing MQ deployments for the cloud generation

Certificate of Registration

Splunk & AWS. Gain real-time insights from your data at scale. Ray Zhu Product Manager, AWS Elias Haddad Product Manager, Splunk

AWS Reference Architecture - CloudGen Firewall Auto Scaling Cluster

The Orion Papers. AWS Solutions Architect (Associate) Exam Course Manual. Enter

How to Configure Route 53 for F-Series Firewalls in AWS

Magento Commerce Architecture and Security Model Last updated: Aug 2017

AWS Solutions Architect Associate (SAA-C01) Sample Exam Questions

Overview of AWS Security - Database Services

Amazon Aurora Deep Dive

CLOUD AND AWS TECHNICAL ESSENTIALS PLUS

Building Web-Scale Applications with AWS

Microsoft Azure for AWS Experts

Lassoing the Clouds: Best Practices on AWS. Brian DeShong May 26, 2017

Building a Microservices Platform, Patterns and Best Practices

Cloud Computing Patterns & Best Practices. Ezhil Arasan Babaraj Director of R&D Labs CSS Corp, India

Security Aspekts on Services for Serverless Architectures. Bertram Dorn EMEA Specialized Solutions Architect Security and Compliance

Introduction to Amazon Cloud & EC2 Overview

AWS Solution Architect Associate

Securing Microservices Containerized Security in AWS

AWS Interview Questions and Answers

Migrating Existing Applications to AWS. Matt Tavis Principal Solutions Architect

Reactive Microservices Architecture on AWS

Elastic Load Balance. User Guide. Issue 01 Date HUAWEI TECHNOLOGIES CO., LTD.

Windows Azure Services - At Different Levels

Lassoing the Clouds: Best Practices on AWS. Brian DeShong May 26, 2017

CPM. Quick Start Guide V2.4.0

AWS Lambda: Event-driven Code in the Cloud

lab Highly Available and Fault Tolerant Architecture for Web Applications inside a VPC V1.01 AWS Certified Solutions Architect Associate lab title

Cloudera s Enterprise Data Hub on the Amazon Web Services Cloud: Quick Start Reference Deployment October 2014

Transcription:

AWS Solution Architecture Patterns Objectives Key objectives of this chapter AWS reference architecture catalog Overview of some AWS solution architecture patterns 1.1 AWS Architecture Center The AWS Architecture Center portal [http://aws.amazon.com/architecture/] offers a catalog of application architecture blueprints for solutions deployed in the AWS cloud The catalog comes with Architecture Datasheets and best practices that you can use as guides to implementing your solutions Based on your application's needs, you can select the most suitable reference architecture 1.2 List of Reference Architectures Some of the reference architecture blueprints offered by the architecture catalog are as follows: Fault tolerance and High Availability (HA) Web / Mobile-web Application Hosting Log Analysis Financial Services Grid Computing Time Series Processing

1.3 High Availability Solution Architecture Blueprint AWS uses the Elastic Load Balancing service to achieve fault tolerance and higher levels of application availability For best results, Elastic Load Balancing should be used to balance user traffic across instances started in multiple availability zones (AZ's); in example below AZ A & AZ B are used Notes: Availability zones (AZ's) in the AWS cloud can be seen as logically different data centers; they are hooked to separate power grids that help minimize effect of power disruption in one AZ on the overall availability of your applications. Your applications should be designed to minimize application state sharing between components running in different AZs. AWS Solution Architecture Patterns 2

1.4 Log Analysis Solution Architecture Blueprint Summary For processing large volume of log files, AWS offers Elastic MapReduce service (EMR) which is backed up by a hosted Hadoop framework The EMR service is integrated with the S3 service for data input / output Integration with RDS for storing data processing results is available Optionally, clients can opt for using Spot instances (EC2 instances at a reduced cost) that are made available when Amazon EC2 has some underutilized computing capacity 1.5 Scalable Web App Solution Architecture Blueprint Summary This pattern help with hosting scalable web applications with HA quality of service This blueprint offers a reliable, scalable solution architecture that is also cost efficient under variable web traffic Efficiency of the solution is achieved by using the Auto-scaling service that automatically adjusts the processing capacity up or down in correlation with the incoming traffic Fault tolerance is enabled by using Elastic Load Balancing that distributes incoming traffic for a cluster of EC2 instances deployed across two AZ's The DNS services are provided by Route53 Application data is stored in RDS deployed in Master-Slave mode using cross- AZ data replication AWS Solution Architecture Patterns 3

1.6 Simplified Web App Solution Architecture Blueprint 1.7 Architecting for AWS: Design for Failure - Take 1 To design your solutions for failure, use the following mechanisms: Design workflows and process that are interruption-tolerant and can resume on instance reboot Make your application's design stateless; state should be outsourced to a centralized persistence store, if needed Have an adequate backup and restore automation strategy in place AWS Solution Architecture Patterns 4

1.8 Architecting for AWS: Design for Failure - Take 2 Leverage AWS's multiple Availability Zones Use the Amazon CloudWatch service to monitor the health of your application You can also use a number of available open source monitoring tools Monitor the following system metrics of your applications: CPU, memory, Disk I/O, Network I/O Utilize the Auto scaling group to maintain a fixed number of healthy EC2 instances 1.9 Go with SOA and Asynchronous Communication Patterns The SOA design principles help you build loosely coupled components of your solutions that are more fault-tolerant and scale better One way to achieve service decoupling is to go asynchronous in component interactions You implement asynchronous communication patterns using messaging queues Messaging queues also help absorb (buffer) load spikes Amazon SQS offers a simple yet powerful message queuing system infrastructure AWS Solution Architecture Patterns 5

1.10 Secure Your Applications Every EC2 instance can be protected by one or more simple firewall-like rules (referred to as security groups) for incoming network traffic The above rule permits TCP traffic for SSH; public access from the Internet is allowed You can narrow down source IP address ranges that can reach your EC2 instance using the CIDR notation If you run Microsoft Windows, you may want to open the Remote Desktop Protocol (RDP) port 3389 for system administration Note: In its default configuration, the RDP protocol is vulnerable to a man-in-the-middle attack; administrators must enable TLS to mitigate this risk AWS Solution Architecture Patterns 6

1.11 Securing your Web Application Example Source: Architecting for the Cloud: Best Practices by jvaria@amazon.com 1.12 Other Security Considerations On any IaaS platform, you can restrict inbound traffic by configuring software-based firewalls on your instances Linux can use netfilter and iptables Windows can use built-in firewall Basically, you need to adopt a "defense-in-depth" strategy which is about layering security from the outer layer (perimeter network) down to the inner layer (host firewall protection) AWS Solution Architecture Patterns 7

Review the Auditing Security Checklist for Use of AWS paper (AWS_Auditing_Security_Checklist.pdf) published by AWS 1.13 Operational Checklists for AWS The Operational Checklists for AWS document published by Amazon (AWS_Operational_Checklists.pdf) can help you with regard to: Evaluating your applications against a list of essential and recommended best practices Reviewing operational and architectural aspects of your cloud solutions 1.14 Excerpts from Operational Checklists "We use AWS Identity and Access Management (IAM) to provide userspecific, rather than shared credentials for making AWS infrastructure requests." "Before sharing our customized Amazon Machine Images with others, we removed all confidential or sensitive information including embedded public/private instance key pairs and reviewed all SSH authorized_keys files" AWS Solution Architecture Patterns 8

"Does the implemented AWS solution meet or exceed the application s high availability and resilience requirements?" "Does your organization have a configuration and change management strategy for its AWS resources?" 1.15 Summary The AWS Architecture Center portal offers a catalog of application architecture blueprints that you can use when building solutions for the AWS cloud You can choose the following reference architecture blueprints: Fault tolerance and High Availability (HA) Web / Mobile-web Application Hosting Log Analysis etc. You can secure your solutions in the AWS cloud by using security groups and by software-based firewalls AWS Solution Architecture Patterns 9

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback