Amazon Web Services is an online platform that provides users with virtual compute, storage, infrastructure, and services that contain functionality out of the box.
Instead of buying a physical server and installing it locally, you rent virtual resources online.
The largest corporations rely on AWS for serving workloads including mobile and web applications, game development, and information processing and storage. If AWS were to shut down, it would have an impact on many Internet users. Popular sites and services would cease to function as they make extensive use of the power of AWS.
AWS has a 32% market share of all cloud platforms. In second place is Microsoft Azure, and in third is Google.
Using the AWS platform, Coursera can handle about 500 TB of traffic every month. Netflix became the best-known first AWS user among large corporations in 2009 and now has over 100,000 Server Instances on AWS
There is a long list of successful examples of using AWS capabilities. But before moving on to a detailed analysis of these services, let’s look at the main ways of interacting with the platform.
How to manage the AWS platform
Amazon Web Services is accessed and managed through the AWS Console, a site where resources can be managed through a browser. This is one way to interact, but there are others:
- SDK is a way to programmatically interact with the platform. SDKs are implemented for such popular programming languages as C ++, Go, Java, JS, .NET, PHP, Python, Ruby. If there is no official SDK for the language you are coding in, there is probably a community-supported library. Alternatively, you can write your SDK, which will be a kind of wrapper around the provided HTTP interface.
- AWS CLI is a command-line utility that is useful for automating processes. It is also suitable for those who are more comfortable using the command line, rather than the graphical interface.
Top AWS Benefits
Doesn’t require large investments
If you want to launch your startup and create a messenger, you will need:
- servers that will carry out communication;
- a server with a database that will store the message history,
- file storage servers so that users can share images.
All this can cost a lot of money. At the same time, you will not have any guarantees that the business will become successful, and you will not lose what you have invested.
Once you buy and pay for a physical server, you probably won’t be using it at full capacity 24/7. If you use a cloud platform, then your virtual machine will be able to share the physical “hardware” with the virtual machines of other users. This ensures its lower cost.
In the case of AWS, you can rent only those resources and capacities that you need right now and pay for them by the hour or by the number of requests completed.
If you notice that something is going wrong, you can simply turn off all the servers and resources that were involved. Thus, you do not run the risk of losing huge investments.
Provides the largest infrastructure of any cloud provider
Today, the AWS infrastructure consists of 25 regions, each with multiple availability zones. This is one or more data centers.
AWS offers a variety of cloud services that can be used in combinations to suit your business and organizational needs
Basic Amazon Services
AWS offers a wide variety of services. These are services for performing various calculations, file storage and databases, virtual networks, services for machine learning and AI, container orchestration, media services. Below I will describe the most basic, in my opinion, that are useful for web developers.
IAM (Identity Access Management)
IAM (Identity Access Management) is a service essential for teamwork on AWS. It allows you to create and manage user access levels.
When you sign up with AWS, an account is created. Within this account, you can form various resources. To ensure that your team members also have access to these resources, you create users and distribute them among yourself.
For example, you can combine them into separate groups – administrators, testers, developers. Next, you can create policies that will define access and permissions within your account. For example, you can create a policy that allows you to read and modify all resources and submit that policy to a group of administrators. Or you can allow all resources to be read, but prevent them from changing and assign this policy to a group of testers.
Another entity that you can create is roles. You create users for people and roles for services. For example, you have a web server, which means that you can create a role for it with policies that allow access to the database. This will open up access to the database, but other services will not have it.
S3 (Simple Storage Service)
S3 (Simple Storage Service) is an object storage service that offers automatic scalability.
S3 stores copies of data across different physical devices to ensure high availability and reliability. S3 provides an HTTP interface to access and manipulate data.
This is exactly the service that we would use if we created our version of Dropbox or Google Drive. Also, for example, it can be used to store static site files. S3 provides limitless storage that expands automatically. You don’t have to worry about the available file size. You can store files up to five terabytes in size.
There are also different storage classes. For example, if you have a file and are not often accessed, you can put it in the infrequent access storage class and will pay significantly fewer storage fees. The additional charge in this case depends on the number of requests made. You can see the current prices at the link.
Files can be archived using the S3 glacier service. For example, if by law you need to store data for at least three years, this service is just what you need. It will reduce payment costs. But there is a downside – getting access to the data can take several hours.
S3 provides a versioning function. How it works: After modifying files, you can always revert to previous versions and restore them. Lifecycle management allows you to designate such a file, which after creation will go into the archive, and after two years it will be completely deleted. S3 supports multi-factor authentication to delete files. This means that you can configure the storage so that the user can delete files only after passing the multifactor confirmation.
CloudFront is essentially a Content Delivery Network – a system of servers around the world that caches static content.
The system directs a user who wants to receive static content to the nearest server, which will provide the data promptly. These servers are called edge locations. Their system exists independently of regions and availability zones. This is an additional layer of Amazon infrastructure. The system works not only for the fast delivery of files but also for receiving.
If you have an S3 bucket in Europe, and the user is trying to download a file from the United States, then thanks to the S3 Transfer Acceleration functionality, the system will direct it to the nearest edge location, which will allow the file to be downloaded to the platform faster, and then it is via a specialized Amazon private network with high availability. and low latency will hit the desired region.
EC2 (Elastic Computer Cloud)
EC2 (Elastic Computer Cloud) is a service that allows you to create virtual machines with different operating systems and install software on them.
It only takes a few minutes to create such a virtual machine. EC2 offers different types and configurations of servers. For example, sharpened for certain computing tasks with powerful processors. Or another option is servers for working with large amounts of data.
EC2 allows you to connect different virtual storages, for example, general-purpose, with increased bandwidth – depending on your needs. You can read more about this here.
EC2 allows you to create bootstrap scripts that will be used during the virtual machine creation phase. Using these scripts, you can make preliminary settings and install the necessary software. You can also take snapshots – snapshots of the state of a virtual machine at a specific time. On their basis, the desired image of the virtual machine is created, and then copies are made with the already installed software and settings.
EC2 offers different pricing models:
- OnDemand server – you pay for servers hourly and only when they are up.
- Spot server – the price can vary, but you set the bar above which you are not ready to pay. It can be useful, for example, for calculations, for which they don’t have to be performed continuously and at a strictly specified time, but at the same time, they are unprofitable at a price above a certain level.
- Dedicated server – allows you to install a virtual machine on the same physical hardware. This is useful if, for example, a license obliges you to use the software on a specific machine. It may also be the case that you purchased the software and registered it on a specific computer and then you will no longer be able to use the same license. New hardware requires a new license.
ELB (Elastic Load Balancer)
ELB (Elastic Load Balancer) is a service that allows you to adjust and distribute the load between existing servers.
Load Balancer knows how to periodically check servers for health. If a crash occurs and the server is not responding, the Elastic Load Balancer stops sending traffic to it and distributes it to the remaining servers.
Amazon offers several types of Load Balancer:
- Application – enables flexible routing based on HTTP parameters.
- Network – without advanced routing, it allows you to distribute traffic equally. Executes requests promptly, processing millions of requests per second.
- Classic – is an obsolete type of LB. For new systems, it is better to use Application LB or Network.
Auto Scaling is a service that allows you to create groups of servers and automatically manage their number.
Auto Scaling can support the minimum but required a number of instances. It allows manual scaling or custom scaling. For example, if the average load of the central processor exceeds 60%, then you need to add servers. Scheduled scalability is also available. Imagine: you have launched a promotion in your online store. You are sure that a huge influx of buyers will be on Sunday. This means that on this day it is necessary to scale twice.
Cloud Watch is a service for monitoring your resources on AWS.
This service allows you to monitor hundreds of different predefined metrics (for example, CPU, disk, network, and so on) and determine individual ones. Also, CloudWatch has the ability to collect and analyze logs of all your infrastructure, applications, and services in one place.
Based on the information collected, it is possible to define “alarms” for certain events. For example, create a rule like this: if the average processor load on your server does not fall below 80% for a certain time, CloudWatch will notify you by email or SMS to your phone. Or if you have a specific budget for using Amazon resources, you can also set an alarm to warn you that you have exceeded your limit.
RDS (Relational Database Service)
RDS (Relational Database Service) is a relational database service from Amazon that supports several engines: MySQL, MariaDB, PostgreSQL, Oracle, Microsoft SQL.
In the case of Amazon RDS, software administration is not your responsibility.
All the necessary software for the functioning of the database system is already installed, managed, and supported by the AWS platform. RDS provides Multi-Availability Zones functionality for disaster recovery. For example, create a copy of your database on a separate server in a different Availability Zone. This database will be constantly in sync with the master instance. When the primary server goes down, RDS will automatically switch all requests to a copy hosted in a different zone. In this case, the performance of the application will not be impaired.
There is also Read Replicas functionality, which allows you to create copies of the database to scale performance. Let’s say there is one instance that cannot handle the load. To solve this problem, you need to create one additional or more replicas, which can distribute the read load among themselves and increase performance.
Amazon Aurora is a PostgreSQL and MySQL compatible managed relational database engine that offers automatic scaling. Amazon claims performance is five times that of MySQL and three times that of PostgreSQL.
Thanks to automatic scaling, you do not have to constantly monitor the amount of space remaining. For high availability and persistence, by default, all of your data is stored in six copies of two in three availability zones. If there are “fires” in any of the data centers, Aurora will continue its work anyway.
Aurora Serverless additionally offers automatic scaling of instance capacity. For example, depending on the current load, the database server might use one vCPU or eight. The automatic start/stop functionality allows you to stop the server if, for example, no requests are received for five minutes.
DynamoDB is Amazon’s premier NoSQL solution. DynamoDB can automatically scale to enormous sizes without sacrificing performance.
Copies of data are stored in three physically different locations for high availability out of the box. It is important to understand that despite the speed and simple scalability, NoSQL will not give you the language power, query power, and data structure rigor of a relational database. You might not want to use DynamoDB as your primary database for finance or health applications.
Route53 is a DNS service that allows you to register a domain name and bind it to different targets within the AWS infrastructure.
For example, EC2 instance, Load Balancer, or any other IP outside of Amazon. Route53 offers different types of routing.
Route53 routing types:
- emergency – if any of the targets does not respond, Route53 stops sending traffic;
- by the amount of delay – the service redirects traffic to the target that responds to the user the fastest;
- by geographic location – Route53 selects a target that is geographically closer to the user.
- For more information on all types of routing, please follow the link.
Cognito is an authorization and authentication service.
Supports modern standards OAuth 2.0, OpenID Connect, SAML 2.0 and offers registration functionality, multifactor authentication via email / SMS, a ready-made user interface, the ability to integrate with third-party providers (Facebook, Google, etc.) and Microsoft Active Directory.
SQS (Simple Queue Service)
SQS (Simple Queue Service) is a queue messaging service.
Allows providing elasticity and loose coupling between the components (services) of the system. RabbitMQ is a popular open-source analog of SQS.
SQS offers two types of queues:
- Standart – a faster and more scalable option, but the order of message delivery is not guaranteed;
- FIFO (first in-first out) – guarantees the order of messages, but its rate is limited to 3000 messages per second.
SNS (Simple Notification Service)
SNS (Simple Notification Service) is a service for sending messages that works according to the publisher-subscriber model.
Suppose you have a publisher who posts a message to an SNS topic. SNS broadcasts a message to multiple topic subscribers. Subscribers can be a SQL queue, e-mail, push notifications in a mobile application (you can read more about this here).
I will give an example of using SNS. Let’s say a new user is registered in the system. We are posting this action to SNS. The service sends a message to the user with a text stating that the registration was successful. At the same time, the message is sent to the SQS queue, from where the data is consumed, processed, and sent to the storage for further analysis. Also, in parallel, the message goes to another SQS queue, the handler of which, based on the information provided, will try to get additional data about the user from a third-party service.
Lambda is a service that allows you to execute specific code as a result of events without worrying about setting up and maintaining the infrastructure. In this case, the developer is abstracted from such a concept as a server and can concentrate more on the implementation of his business tasks.
A developer writes code, uploads it to AWS, and a Lambda function is created from it. It then defines a trigger (event) that will fire the created function. The code should contain the main handler function (entry point), which, as arguments, will receive details about the event that triggered the execution of the function.
Lambda supports various runtimes: Node.js, Python, Ruby, Java, Go, NET. Custom runtime allows you to customize your runtime and use any other programming language.
AWS API Gateway
AWS API Gateway – This lets you define HTTP RESTfull APIs or WebSocket interfaces for other AWS resources.
You can define HTTP endpoints or WebSocket routes to different backends like AWS Lambda, SQS, or DynamoDB.
API Gateway is a managed service that requires no infrastructure configuration or maintenance. In doing so, it provides scalability and resiliency. Logging, throttling requests, and caching are also supported out of the box. At the API Gateway level, authorization can be defined based on the integration with the aforementioned AWS Cognito. And based on API Gateway and Lambda, create a Serverless Application.
The bottom line is that Lambda can load not only a simple function but also a full-fledged web application. In this case, API Gateway will act as a proxy, redirecting requests to your application’s pipeline.
CloudFormation is a service for automating infrastructure deployment.
You describe the resources that make up your system in a YML or JSON file. On its basis, you can recreate copies of the system. CloudFormation is convenient in that the entire system is managed as a whole. You can delete all system resources, update or recreate a copy with almost one command.
Leave a Reply