amazon web services - computer engineering · pdf fileamazon web services ... auto scaling,...

Amazon Web Services

Università degli Studi di Roma “Tor Vergata” Dipartimento di Ingegneria Civile e Ingegneria Informatica

Corso di Sistemi Distribuiti e Cloud Computing A.A. 2016/17

Valeria Cardellini

Amazon Web Services •  A broad set of services that provides developers with

global compute, storage, database, and more advanced services, such as analytics, application and deployment services, messaging

Valeria Cardellini - SDCC 2016/17

1

•  Mostly popular for IaaS services and primarily for its elastic compute service EC2

•  A market leader •  See 2016 Magic Quadrant

for Cloud Infrastructure as a Service by Gartner

•  See AWS analyst reports

Which services (partial list) •  Compute

–  Elastic Compute Cloud (EC2) + Auto Scaling, Elastic Load Balancing

–  EC2 Container Service –  Elastic Beanstalk –  Lambda –  Lightsail

•  Storage –  Simple Storage Service (S3) –  Glacier –  Elastic File System (EFS)

•  Database –  DynamoDB –  Relational Database Service (RDS) –  ElastiCache

•  Management Tools –  CloudWatch

2 Valeria Cardellini - SDCC 2016/17

•  Networking & Content Delivery -  Virtual Private Cloud (VPC) -  Route 53 -  CloudFront

•  Analytics -  Elastic MapReduce (EMR) -  Kinesis -  Data Pipeline -  Elasticsearch Service

•  Artificial Intelligence -  Machine Learning

•  Messaging –  Simple Queue Service (SQS) –  Simple Notification Service (SNS)

•  Application Services –  Elastic Transcoder

•  Security, Identity & Compliance –  Identity and Access Management (IAM)

In red the services we’ll see

Full list of services from the dashboard


3

AWS global infrastructure •  AWS Regions aws.amazon.com/about-aws/globalinfrastructure/

–  Geographically dispersed (16 geographic regions) –  Current regions: US East (Northern Virginia, Ohio), US West

(Oregon, Northern California), EU (Ireland, Frankfurt, London), Canada (Central), Asia Pacific (Singapore, Sydney, Tokyo, Seoul, Mumbai), South America (Sao Paulo), China (Beijing)

–  Special AWS GovCloud region for US government agencies and customers (security issues!)

•  Some services are global, i.e., do not require AWS region selection –  E.g., S3 is a global service

•  Some services are not supported in all the regions –  See

aws.amazon.com/about-aws/global-infrastructure/regional-product-services/


4

Elastic Compute Cloud (EC2) •  Provides resizable compute capacity in the cloud

–  Allows to increase/decrease capacity (start/stop instances) within seconds

–  Multiple server instances can be launched simultaneously

•  Instances can be configured for memory, number of vCPUs, and storage by choosing T-shirt sizes

•  Pricing: pay-per-use on hourly basis •  Guarantees complete control over instances

–  Root SSH access, GUI, command line tools, APIs

•  Offers advanced services –  Elastic Block Store (EBS) –  Elastic Load Balancer (ELB) –  CloudWatch + AutoScaling –  Elastic IP


EC2 instances: types


6

•  Computing power of EC2 instances expressed as number of core and EC2 Compute Units (ECU) -  1 ECU = equivalent CPU capacity of a 1.0-1.2 GHz 2007

Opteron or 2007 Xeon processor -  See aws.amazon.com/ec2/pricing/ for pricing

•  EC2 instance types aws.amazon.com/ec2/instance-types/ –  General-purpose (t2, m4, m3)

•  Various “T-shirt sizes”: nano, micro, small, medium, large, xlarge, 2xlarge

•  Micro instances: very low-cost instance option (included at no charge in AWS Free tier), providing a small amount of CPU resources (good choice for SDCC project development!)

–  Compute optimized (c4, c3) •  medium, large, xlarge, 2xlarge, 4xlarge, 8xlarge (up to 36 vCPUs)

–  Memory optimized (x1, r4, r3) •  xlarge, 2xlarge, 4xlarge, 8xlarge (up to 1,952 GiB)

–  Storage optimized (i3) •  xlarge, 2xlarge, 4xlarge, 8xlarge, 16xlarge (up to 8 x 1.9 TB SSD)

–  GPU instances (NVIDIA GPUs) (p2, g2) •  xlarge, 8xlarge, 16xlarge (up to 16 GPUs)

EC2 instances: pricing •  On-demand instances

–  Billing per-hour with no long-term commitments –  Read carefully the pricing:

•  “Pricing is per instance-hour consumed for each instance, from the time an instance is launched until it is terminated or stopped. Each partial instance-hour consumed will be billed as a full hour”

•  Reserved instances –  One-time payment to reserve an instance for 1 or 3 years –  Significant discount on hourly usage charge (up to 75%)

•  Spot instances –  Enable users to bid for unused EC2 capacity –  Spot price fluctuates in real-time according to supply and

demand –  Run whenever the user bid exceeds the current spot price –  Can be interrupted by Amazon –  Allow to lower computing costs for time-flexible, interruption-

tolerant tasks


EC2 instances: pricing •  Spot instances (continue)

–  Pricing history can be examined before bidding –  New opportunities for business: companies such as CloudCheckr

and Flux7 (VyScale) offer new services for the spot instance market to optimize costs paid by AWS EC2 users


Amazon Machine Images

•  Amazon Machine Images (AMIs) are templates from which it is possible to create a virtual machine –  Contain a software configuration, including an operating

system –  Specified when launching an instance (first step)

•  Created from scratch or bundled from existing EC2 instances

•  Once created, stored in S3 and identified by a unique identifier –  Personal use –  Available to other users


9

EC2 locations •  Amazon EC2 is hosted in multiple locations world-wide

(AWS Regions) •  Each region is completely independent

•  Each region consists of one or more availability zones •  Availability Zones (AZ)

–  Distinct locations in the same region engineered to be insulated from failures in other availability zones

–  AZs in a region are connected through low-latency links –  Used to protect applications from failure of a single location


EC2 interface •  AWS management console

•  Command Line Interface (CLI)

•  API tools

•  Third-party libraries –  E.g., boto: AWS SDK for Python (not only EC2) ec2.create_instances(ImageId='<ami-image-id>', MinCount=1, MaxCount=5)!

•  Third-party management frameworks


11

Elastic Block Store (EBS) •  Provides persistent block-level storage volumes for EC2

instances –  Off-instance storage that persists independently from the life of an

EC2 instance –  EBS volumes from 1 GB to 1 TB

•  EBS volume is automatically replicated within its AZ to avoid data loss

•  EBS volume can be adapted as the needs of the applications change (capacity, performance, size)

•  EBS volume can be used at instance’s boot partition or attached to running instance –  EBS volumes attached only to instances in the same AZ –  1 EBS volume attached to 1 instance at time (1-to-1), but N EBS

volumes attached to a single instance (N-to-1)

•  Can create point-in-time snapshots of volumes stored to S3 12 Valeria Cardellini - SDCC 2016/17

CloudWatch

•  Provides monitoring for AWS resources (e.g., EC2 instances, DynamoDB tables) and applications running on AWS

•  Used to collect and track metrics •  CloudWatch alarms send notifications or automatically

make changes to monitored resources based on user-defined rules


•  Useful also for cost monitoring –  E.g., to stop under-

used instances

CloudWatch concepts •  Metric

–  Time-ordered set of data points –  PutMetricData API allows users to create custom metrics

•  Statistics –  Metric data aggregated over specified periods of time –  Available statistics: min, max, sum, average, sample count –  Retrieved by GetMetricStatistics API

•  Period –  Length of time associated with a specific CloudWatch statistic –  Measured in seconds, ranges from 60 (one minute) to 1209600

(two weeks)

•  Alarm –  Watches a single metric over a specified time period –  Performs one or more actions based on the value of the metric

relative to a given threshold over a number of time periods


CloudWatch metrics

•  EC2 metrics –  CPU utilization: CPUUTilization!–  Disk usage: DiskReadOps/DiskWriteOps, DiskReadBytes/DiskWriteBytes

–  Data transfer: NetworkIn/NetworkOut!

•  Elastic Load Balancing metrics –  Latency!–  RequestCount: number of completed requests!–  HealthyHostCount/UnHealthyHostCount: number of

healthy/unhealthy instances in each Availability Zone!–  Count of HTTP response codes (2xx, 3xx, 4xx, 5xx) generated

by Load Balancer or back-end instances


CloudWatch interface •  Command line interface •  Libraries

–  Java, .NET, Python, Ruby, Node.js, …

•  CloudWatch API •  Amazon CloudWatch console (also for Android and IoS)


CloudWatch Alarms & Auto Scaling •  An alarm watches a single metric over a time period and performs

one or more actions based on the value of the metric relative to a given threshold over a number of time periods

•  Possible states: OK, ALARM, INSUFFICIENT_DATA!•  When an alarm changes its state, an action is invoked

–  Auto Scaling policy

Example Threshold = 3

minimum breach = 3 periods


Auto Scaling •  Auto Scaling allows to automatically scale EC2 capacity

up or down based on user-defined policies, health status checks, and schedules, e.g., –  Dynamically based on conditions specified by user (e.g.,

increasing CPU utilization of the Amazon EC2 instance) –  Predictably according to a schedule defined by user (e.g.,

every Friday at 13:00:00). •  Enabled by Amazon CloudWatch

–  Uses CloudWatch alarms

•  Included with EC2 –  No additional fee


Auto Scaling policies

•  Auto Scaling policy defines actions to take when an alarm state changes

•  For every monitored event, 2 policies to be defined: –  Scale-in policy –  Scale-out policy

•  Example: –  Scale-out: to add new Amazon EC2 instances in increments of 3

instances to the Auto Scaling Group when the average CPU utilization of the Amazon EC2 fleet goes above 70%

–  Scale-in: to remove Amazon EC2 instances in the same increments when CPU Utilization falls below 10%


Auto Scaling policies (2) •  A policy can be created or updated using PutScalingPolicy API with parameters (some): –  AdjustmentType: possible values are ChangeInCapacity, ExactCapacity, PercentChangeInCapacity!

–  Cooldown: amount of time after a scaling activity completes and before the next scaling activity can start

–  ScalingAdjustment: the amount of instances by which to scale (positive or negative)

!

"ScaleUpPolicy" : {! "Type" : "AWS::AutoScaling::ScalingPolicy",! "Properties" : {! "AdjustmentType" : "ChangeInCapacity",! "AutoScalingGroupName" : { "Ref" : "asGroup" },! "Cooldown" : "1",! "ScalingAdjustment" : "1"! }!}!


Elastic Load Balancing (ELB)

•  Automatically distributes incoming traffic across multiple EC2 instances


ELB features •  Detects unhealthy instances within a pool and

automatically reroutes traffic to healthy instances •  Enabled across multiple availability zones within a region

–  Not between availability zones in different regions! •  Uses a least loaded balancing policy •  Supports sticky sessions

–  Load balancer generated HTTP cookies –  Application-generated HTTP cookies

•  Supports HTTPS •  Enables the client to define an application health check

for the instances through the following parameters: –  Threshold, Interval, Target, Timeout,

UnhealthyThreshold!

•  Provides APIs to add/remove instances –  RegisterInstancesWithLoadBalancer!–  DeregisterInstancesWithLoadBalancer! 22


EC2 and related services problems •  General problems

–  No real-time billing –  Performance level of a single VM may be variable and there is

very little guarantees regarding the performance of seemingly identical virtual machine instance; e.g., see Resource Provisioning of Web Applications in Heterogeneous Clouds

–  Load balancing policy cannot be customized

•  CloudWatch problems –  Metric variation over a time interval is missing –  Request count considers only the requests processed by the

load balancer (system throughput behind the ELB)


EC2 Container service •  Provides container management service for Docker

containers •  Allows the user to run applications (containerized

microservices) on a managed cluster of EC2 instances •  API to launch and stop Docker-enabled applications,

query the cluster state, and access many features (security groups, ELB, EBS volumes, and IAM roles)

•  Integrated with Application Load Balancer –  Application-layer load balancing option ELB –  Allows you to define routing rules based on content across

multiple services or containers running on EC2 instances

•  No additional charge: the user pays for AWS resources (e.g. EC2 instances or EBS volumes) that creates to store and run the application


24

AWS Lambda

•  Provides compute service that automatically runs the code without requiring the user to provision or manage servers –  Code for virtually any type of application or backend service

•  Automatically scales the application by running code in response to each trigger

•  Used to build serverless applications composed of functions that are triggered by events and to automatically deploy them using AWS CodePipeline and AWS CodeBuild

•  Fine-grained billing: charged for every 100ms the code executes and the number of times the code is triggered


25

Elastic IP & Virtual Private Cloud

•  Elastic IP –  IP address is not associated with a particular instance but

with a user account –  The user controls an elastic IP address until she/he explicitly

releases it –  Allows to mask instance or availability zone failures by

quickly remapping the elastic IP address to another instance/load balancer

•  Virtual Private Cloud –  Enables enterprises to connect their existing infrastructure to

a set of isolated AWS compute resources via a Virtual Private Network (VPN) connection


DNS service: Route 53

•  Highly available and scalable DNS service –  Routing queries to infrastructure running in AWS and outside

AWS

•  Authoritative DNS server that answers DNS queries with low latency by using a global network of DNS servers –  Queries are routed to the nearest DNS server through IP

anycast –  Designed to automatically scale to handle very large query

volumes without any human intervention •  Routing to AWS resources

–  Latency-based routing: to the lowest-latency AWS endpoint available

–  Weighted Round Robin: probabilistic selection based on statically assigned weight


Storage: Simple Storage Service (S3) •  Distributed, eventually consistent, key value data store •  Main features

–  Insert, write, read, delete operations on objects up to 5 TB each •  Objects cannot be manipulated (renamed, modified, relocated)

–  Objects are stored into buckets and retrieved via a unique key •  Flat structure, with no hierarchy as in a file system (e.g., buckets cannot be

nested) •  The bucket region can be selected and related objects will not leave the region

–  Accessible through REST interface –  Access control policies, as well as encryption for both secure transit

and secure storage on disk –  Objects are redundantly stored across multiple facilities in an

Amazon S3 Region •  PUT and COPY operations synchronously store data across multiple facilities

before returning SUCCESS –  Data integrity regularly verified using checksum –  Reduced Redundancy Storage (RRS): storage option to reduce

costs by storing data at lower levels of redundancy 28 Valeria Cardellini - SDCC 2016/17

Databases: DynamoDB •  Fully managed NoSQL database service that provides

fast and predictable performance with seamless scalability

•  Consistency model –  Eventually consistent reads (default) –  Strongly consistent reads

•  Automatically spreads the table data and traffic over a sufficient number of servers to handle the request capacity specified by the customer and the amount of data stored, while maintaining consistent, fast performance

•  Data items stored on SSDs and automatically replicated across multiple availability zones in a region

•  Integration with Elastic MapReduce


Databases: RDS •  Relational DB (MySQL, Aurora, …) •  Automatic configuration, management (software

patching, backup) and monitoring •  For MySQL, possible to associate one or more read

replicas •  Read carefully the AWS pricing!

–  Data transfer cost between AWS regions and out from RDS to Internet

–  Remember that you always pay on per-hour basis even if you use the service only for 10 seconds!


ElastiCache •  Provides in-memory cache in the cloud to accelerate

applications that rely on slower disk-based storage and databases


31

•  Supports two open-source in-memory caching engines: –  Memcached: widely adopted

memory object caching system

–  Redis: popular open-source in-memory key-value store that supports data structures such as sorted sets and lists; ElastiCache supports master/slave replication and Multi-AZ

•  Cautions: consider trade-offs when caching query results (read/write ratio)

Content delivery: CloudFront •  Content delivery network on top of the Amazon distributed

storage infrastructure •  Delivers static, dynamic and streaming content using a

global network of edge replica servers •  Requests are routed to the closest edge replica through

DNS redirection •  Objects organized in distributions

–  A distribution identifies the origin server –  A distribution has a unique CloudFront.net domain name (e.g.

mydistribution.cloudfront.net)

•  An origin server is the location of the definitive version of an object –  This could be another ASW (S3 bucket, Amazon EC2 instance) or an

external origin server

•  With respect to other CDNs, pay-per-use pricing 32 Valeria Cardellini - SDCC 2016/17

Simple Queue Service (SQS)

•  Provides message queuing service that enables asynchronous message based communication between distributed components of an application

•  When a message is received, it becomes “locked” while being processed –  If the message processing fails, the lock will expire and the

message will be available again


Big Data: Elastic MapReduce (EMR) •  Hadoop implementation of MapReduce running on

Amazon EC2 •  Input and output: Amazon S3, DynamoDB •  Allows to implement data processing applications in

many languages including Java, Python, and R •  Also open-source frameworks in the Hadoop ecosystem

can be run on EMR –  Hive, Pig, HBase, Ganglia (monitoring), Impala (SQL query

engine) and Hue (Hadoop UI)

•  Also Spark and Flink •  Read carefully EMR pricing!

–  You have to pay for: EMR + EC2 (at least medium size) + input/output (S3, DynamoDB)

–  Enable auto-terminate to create a transient cluster

34 Va

leria

Car

delli

ni -

SD

CC

201

6/17

Big Data: Kinesis •  Cloud-based service for real-time data processing

over large, distributed data streams –  Manages the infrastructure, storage, networking, and

configuration needed for data stream processing, including data replication across three facilities in an AWS Region


35

•  Input: events and log data from sources such as servers, desktops, mobile devices, sensors

•  Output: emits aggregated data to other AWS services: S3, EMR and Lambda

Data Pipeline

•  A web service to reliably process and move data between different AWS compute and storage services, as well as on-premise data sources, at specified intervals


36

Elastic Beanstalk •  Allows to deploy and manage applications leveraging AWS services

(EC2, S3, ELB, Auto Scaling, ElastiCache, SQS) but without the need to manage the corresponding services

•  Supports multiple application environments: Docker, Python, PHP, Node.js, .NET, Ruby, and Java

•  Features –  Allows to simply and quickly create and manage applications through

the console


–  When the developer creates the application environment, Elastic Beanstalk provisions the resources required to run it

–  Allows the developer to customize and configure the environment

–  Environment monitoring •  Pricing: no additional charge for Elastic

Beanstalk, the user pays only for the underlying AWS resources that the application consumes


Example: Web application on AWS

How to obtain your AWS grant •  Apply to the AWS Educate program

–  See instructions in the specific email and follow them! –  Two main portals:

•  www.awseducate.com/SiteLogin Learning and training material

•  console.aws.amazon.com/console/home Console for AWS cloud services

•  Redeem the credit code before using AWS! •  Be careful: when your credit expires, your credit card

will be charged •  Check the list of AWS services that are included in

the grant •  How to increase your grant

–  GitHub Student Developer Pack


39

AWS Free Tier

•  In addition to your grant •  AWS Free Tier includes:

–  Services with a free tier available for 12 months following your AWS sign-up date

–  Additional service offers that do not automatically expire at the end of your 12 month AWS Free Tier term

See aws.amazon.com/free/


40

Monitoring AWS usage and costs

•  Various methods, including: –  Check the pricing of each service (also AWS Price List API) –  Use CloudWatch to monitor charges with alerts and

notifications •  Create a BillingAlarm

–  Use Cost Explorer from the AWS dashboard

See Monitoring AWS usage and costs


41

Avoiding unexpected charges •  Check the pricing of each service before using it!

-  aws.amazon.com/pricing/services/ -  E.g., db.r3.8xlarge for RDS: $4.64 per hour (or fraction of

hour) -  Some services have linked costs, because services can be

launched by other services (e.g., EMR and EC2) -  Consider also data transfer pricing (e.g., S3)

•  Stop or terminate unused EC2 instances –  Stop: you can start the instance again later, but you might be

charged for storage –  Terminate: you permanently delete the instance

•  Deregister unused AMIs •  Release unused elastic IP addresses

See Avoiding Unexpected Charges Valeria Cardellini - SDCC 2016/17

42

Avoiding unexpected charges (2)

•  Do not put your secret access keys on GitHub!

•  Protect your access keys –  Do not have an access key for your root account

See Best Practices for Managing AWS Access Keys


43

Some useful links

•  AWS Documentation aws.amazon.com/documentation/

•  AWS Articles & Tutorials aws.amazon.com/articles

•  AWS Instructional Videos and Labs aws.amazon.com/training/intro_series/

•  AWS Educate site www.awseducate.com/microsite


44

amazon web services - computer engineering · pdf fileamazon web services ... auto scaling,...

Documents