AWS Architecting for the Cloud - matt tavis

Matt Tavis Solutions Architect mtavis@amazon.com

10
20
ct
O
lin
Architectural
er
tB
Design Patterns in
en
Ev

Cloud Computing
S
AW

Cloud Best Practices Whitepaper
Prescriptive guidance to Cloud Architects

10
20
ct
O
Just Search for “Cloud Best

lin
Practices” to find the link

er
tB
http://media.amazonwebservices.co
en
m/AWS_Cloud_Best_Practices.pdf
Ev
S
AW

The “Living and Evolving” Cloud
AWS services and basic terminology

10
Most Applications Need:

20
1. Compute

ct
2. Storage

O
3. Messaging
4. Payment

lin
5. Distribution

er
6. Scale
7. Analytics
tB
en
Ev
S
AW

The “Living and Evolving” Cloud
“At Amazon, Every Day is a Launch Day”

10
» Amazon EC2 with Windows Server

20
2008,
» AWS Multi-Factor Authentication Spot Instances,
» Virtual Private Cloud Boot from Amazon EBS
» Reserved Instances in EU Region » Lower Reserved Instance Pricing

ct
» Amazon CloudFront Streaming
» Elastic MapReduce » Amazon VPC enters Unlimited Beta
» SQS in EU Region

O
» AWS Region in Northern California
» International Support for AWS
Import/Export

lin
» Amazon RDS
» New SimpleDB Features » High-Memory Instances
» FPS General Availability » AWS Security Center » Lower EC2 Pricing » Amazon SNS

er
tB
en
» Amazon EC2 with Windows » Amazon Elastic MapReduce » Amazon CloudFront
» Amazon EC2 in EU Region in Europe Private Content
» AWS Toolkit for Eclipse » SAS70 Type II Audit
Ev

» Amazon EC2 Reserved » AWS SDK for .NET
Instances
» AWS Import/Export » Amazon EC2 Reserved Instances
» EBS Shared Snapshots
with Windows, Extra Large High
S

» New CloudFront Feature » SimpleDB in EU Region
» Lower pricing tiers for Memory Instances
» Monitoring, Auto Scaling & » Monitoring, Auto Scaling &
AW

Amazon CloudFront » Amazon S3 Versioning Feature
Elastic Load Balancing Elastic Load Balancing in EU
» AWS Management Console » Consolidated Billing for AWS
» Lower pricing for Outbound Data
Transfer

Scalability
Build Scalable Architecture on AWS

10
20
A scalable architecture is critical to take advantage of a scalable
infrastructure

ct
O
lin
Characteristics of Truly Scalable Service

er
tB Increasing resources results in a proportional increase in
performance
en
A scalable service is capable of handling heterogeneity
Ev

A scalable service is operationally efficient
S

A scalable service is resilient
AW

A scalable service becomes more cost effective when it
grows

Cloud Architecture Lessons
using Amazon Web Services

10
20
ct
O
lin
er
1. Design for failure and nothing fails
2.
3. tB
Loose coupling sets you free
Implement “Elasticity”
en
4. Build Security in every layer
Ev

5. Don't fear constraints
6. Think Parallel
S

7. Leverage different storage options
AW

1. Design for Failure
and nothing will really fail

10
20
ct
O
lin
er
tB
"Everything fails, all the time"
Werner Vogels, CTO Amazon.com
en
Ev

Avoid single points of failure
S

Assume everything fails, and design backwards
AW

Goal: Applications should continue to function even if the
underlying physical hardware fails or is removed or replaced.

2. Loose coupling sets you free
The looser they're coupled, the bigger they scale

10
20
Independent components

ct
Design everything as a Black Box

O
De-coupling for Hybrid models

lin
Load-balance clusters

er
Use Amazon SQS as BufferstB
en
Tight Coupling Controller A Controller B Controller C
Ev

Q Q Q
S

Loose Coupling
AW

using Queues Controller A Controller B Controller C

3. Implement Elasticity
Elasticity is fundamental property of the Cloud

10
20
Don’t assume health or fixed location of components

ct
Use designs that are resilient to reboot and re-launch

O
Bootstrap your instances: Instances on boot will ask a
question “Who am I & what is my role?”

lin
Enable dynamic configuration

er
tB
en
Ev
S
AW

Use Auto-scaling (Free)
Use Elastic Load Balancing on multiple layers
Use configurations in SimpleDB to bootstrap instance

Design with Security in mind

10
20
ct
With cloud, you lose a little bit of

O
physical control but not your
ownership

lin
er
tB
Create distinct Security Groups for each Amazon EC2 cluster
Use group-based rules for controlling access between layers
en
Restrict external access to specific IP ranges
Ev

Encrypt data “at-rest” in Amazon S3
Encrypt data “in-transit” (SSL)
S

Consider encrypted file systems in EC2 for sensitive data
AW

Rotate your AWS Credentials, Pass in as arguments encrypted
Use MultiFactor Authentication

Design with Security in mind

10
20
ct
O
lin
er
“Web” Security Group:
TCP 80 0.0.0.0/0

tB TCP 443 0.0.0.0/0
TCP 22 “App”
en
“App” Security Group:
Ev

TCP 8080 “Web”
TCP 22 172.154.0.0/16
TCP 22 “App”
S
AW

“DB” Security Group:
TCP 3306 “App”
TCP 3306 163.128.25.32/32
TCP 22 “App”

Re-think architectural constraints

10
20
More RAM? Distribute load across machines
Shared distributed cache

ct
O
Better IOPS on my database?
Multiple read-only / sharding / DB

lin
clustering

er
tB
Your hardware failed or messed up config?
Hardware Config
does not match?
en
simply throw it away and switch to new Implement Elasticity
Ev

hardware with no additional cost
S

Performance
AW

Caching at different levels (Page, Render, DB)

6. Think Parallel
Serial and Sequential is now history

10
20
ct
O
lin
er
Experiment different architectures in parallel
Multi-treading and Concurrent requests to cloud services
tB
Run parallel MapReduce Jobs
en
Use Elastic Load Balancing to distribute load across multiple servers
Decompose a Job into its simplest form
Ev
S
AW

7. Leverage many storage options
One size DOES NOT fit all

10
20
ct
O
lin
er
Amazon S3: large static objects
Amazon CloudFront: content distribution
Amazon tB
SimpleDB: simple data indexing/querying
en
Amazon EC2 local disc drive : transient data
Amazon EBS: persistent storage for any RDBMS + Snapshots on S3
Ev

Amazon RDS: RDBMS service - Automated and Managed MySQL
S
AW

Which storage option to use when?

10
20
Amazon S3 + Amazon EC2 Amazon EBS Amazon Amazon RDS
CF Ephemeral SimpleDB

ct
Store

O
Ideal for Storing Large Storing non- Off-instance Querying light- Storing and
write-once, persistent persistent weight attribute querying

lin
read-many transient storage for any data structured
types of updates kind of data, Relational and
objects, Static referential

er
Content Data
Distribution
Ideal examples Media files,
audio, video,
images,
tBConfig Data,
scratch files,
TempDB
Clusters, boot
data, Log or
data of
Querying,
Mapping,
tagging, click-
Complex
transactional
systems,
en
Backups, commercial stream logs, inventory
archives, RDBMS like metadata, management
Ev

versioning Oracle, DB2 shared-state and order
management, fulfillment
indexing systems
Not Querying, Storing Relational (joins)
S

recommended Searching Database logs query
AW

for or backups,
customer data
Not Database, File Sensitive data Content OLTP, DW cube Simple
recommended Systems Distribution rollups lookups
examples

10
20
Applying Cloud

ct
O
Architecture Lessons

lin
er
tB
Moving a Web Architecture to the Cloud
en
Ev
S
AW

Exterior Firewall Hardware MyWebSite.com
or Software Solution to open
standard Ports (80, 443)

10
Web Load Balancer
Hardware or Software solution
to distribute traffic over web LB

20
servers

Web Tier
Fleet of machines handling
Web Server Web Server

ct
HTTP requests.
Backend Firewall Limits

O
access to application tier from
web tier

lin
LB
App Load Balancer
Hardware or Software solution to

er
spread traffic over app servers

tB
App Server Tier
Fleet of machines handling App Server App Server App server Backups on
Application specific workloads Tapes Periodic
Caching server machines can backups stored on
en
be implemented at this layer Tapes usually
managed by 3rd
party at their site
Ev

Data Tier
Database Server machines with
MySQL MySQL
master and local running
separately, Network storage for Master (Slave)
Static objects
S

Tapes
AW

A Classic Web Architecture

MyWebSite.com
DNS

ELB: Web Tier LB

10
Design for failure and

20
Auto-scaling group : Web Tier Auto-scaling group : Web Tier

Web Server Web Server Web Server Web Server

ct
nothing fails

O
SLB SLB

lin
er
App Server App Server App Server App Server Cloud
Tomcat Tomcat
Front

tB
Auto-scaling group : App Tier Auto-scaling group : App Tier
en
RDS RDS RDS Amazon
Ev

Master Slave Slave S3

Availability Zone #1 Availability Zone 2
S

Availability Zone #n
AW

A Scalable Web Architecture on AWS

MyWebSite.com
DNS

ELB: Web Tier LB

10
Loose coupling sets you

20


ct
O
SLB SLB
free

lin
er
Tomcat Tomcat
Front

tB
en
RDS RDS RDS Amazon
Ev


S

AW


MyWebSite.com
DNS

ELB: Web Tier LB

10
Implement elasticity

20


ct
O
SLB SLB

lin
er
Tomcat Tomcat
Front

tB
en
RDS RDS RDS Amazon
Ev


S

AW


MyWebSite.com
DNS

ELB: Web Tier LB

10
Build Security in every

20


ct
O
SLB SLB
layer

lin
er
Tomcat Tomcat
Front

tB
en
RDS RDS RDS Amazon
Ev


S

AW


MyWebSite.com
DNS

ELB: Web Tier LB

10
Leverage many storage

20


ct
O
options

SLB SLB

lin
er
Tomcat Tomcat
Front

tB
en
RDS RDS RDS Amazon
Ev


S

AW


Cloud Architecture Lessons
Best Practices

10
20
ct
O
lin
1. Design for failure and nothing fails

er
2. Loose coupling sets you free
3.
4.
Implement Elasticity
tB
Build Security in every layer
en
Ev

6. Think Parallel
S
AW

10
20
ct
O
lin
er
http://aws.amazon.com
tB
en
Ev
S
AW

AWS Architecting for the Cloud - matt tavis

Recomendados

Recomendados

Mais conteúdo relacionado

Mais procurados

Mais procurados (20)

Destaque

Destaque (20)

Semelhante a AWS Architecting for the Cloud - matt tavis

Semelhante a AWS Architecting for the Cloud - matt tavis (20)

Mais de Amazon Web Services

Mais de Amazon Web Services (20)

Último

Último (20)

AWS Architecting for the Cloud - matt tavis