Diese Präsentation wurde erfolgreich gemeldet.
Die SlideShare-Präsentation wird heruntergeladen. ×

Aws meetup 2017-02-09-role-auto-scaling

Nächste SlideShare
Going Serverless
Going Serverless
Wird geladen in …3

Hier ansehen

1 von 105 Anzeige

Weitere Verwandte Inhalte

Diashows für Sie (20)

Ähnlich wie Aws meetup 2017-02-09-role-auto-scaling (20)


Aktuellste (20)

Aws meetup 2017-02-09-role-auto-scaling

  1. 1. AWS Meetup February 09, 2017 Michael Baker Yeung Siu
  2. 2. Introduction ●AWS access and security ●Autoscaling ●Why cloud computing! ●Demos ●Slides to be posted
  3. 3. Introduction ●Yeung Siu ○DevOps engineers ○AWS Associate Solution Architect certified ●Michael Baker ○Lead Software Engineer
  4. 4. AWS Credentials
  5. 5. Identity & Access Management IAM
  6. 6. Access Keys demo
  7. 7. IAM User Issue ●No Active Directory domain association. ●No Web Federation ○Google, Facebook, Amazon retail ●Quarterly credential rotation ○Application down time ●Hardcode in source control
  8. 8. Open Source AWS
  9. 9. Open Source AWS
  10. 10. Open Source AWS
  11. 11. AWS knows
  12. 12. Rise of the Bots 1. If AWS can find your keys then guess who else can? 2. AWS keys mining 3. Use your AWS account to do other mining
  13. 13. IAM Role
  14. 14. IAM Role Trust Relationships
  15. 15. EC2 IAM Role
  16. 16. Cloudberry
  17. 17. IAM Role demo
  18. 18. IAM Role ●No keys embedded into code. ●No need for credential rotation. ●Access to other AWS services. ●Allow secure external 3rd party access. ●Active Directory Federation. ●Web Identity Federation. ○Facebook, Google, Amazon retail ●Cross AWS account accesses ○Control multiple AWS accounts from one central AWS account with AD. ●Can only be associated at EC2 after creation. ○As of Feb. 09 AWS update its service to allow attaching role existing machine.  ○Doesn’t work outside of the AWS. ●Application Architecture implementation Important factors
  19. 19. AWS Access Control Recommendations ●Use AWS Role as much as you can. ●If not AWS Role then use AWS KMS. ●Recommendation to use HashiCorp Vault.
  20. 20. Questions?
  21. 21. AutoScaling ●AWS ●Azure
  22. 22. Motivation What do you get with one DevOps Engineer in a room?
  23. 23. Motivation What do you get with one DevOps Engineer in a room? Alone with a 2:00am pager saying a site is down.
  24. 24. Why Cloud Computing ●No hardware to purchase and refresh ●On demand model ●Easy to scale
  25. 25. Legacy Cloud “The first rule of any technology used in a business is that automation applied to an efficient operation will magnify the efficiency. The second is that automation applied to an inefficient operation will magnify the inefficiency. ” Bill Gates ●Do the same thing on a different platform ●Do you use your smartphone to just make phone calls?
  26. 26. AWS Principal “Build for failure”
  27. 27. AWS Vocabulary ●EC2 (Elastic Computing Instances) = Virtual Machines ●ELB (Elastic Load Balancer) = Load Balancer ●Lambda = Serverless compute ●RDS (Relational Database Service) = MySQL, Microsoft SQL server, Oracle, Aurora, Postgresql ●Route53 = DNS ●S3 (Simple Storage Service) = object storage ●SNS (Simple Notification Service) = Messaging ●More at https://www.expeditedssl.com/aws-in-plain-english
  28. 28. Traditional Application
  29. 29. Traditional Application
  30. 30. Traditional Application
  31. 31. Traditional Application
  32. 32. Traditional Application
  33. 33. Traditional Application
  34. 34. Traditional Application
  35. 35. Immutable, Stateless app
  36. 36. Immutable, Stateless app
  37. 37. Immutable, Stateless app
  38. 38. Immutable, Stateless app
  39. 39. Immutable, Stateless app AWS Terms
  40. 40. Immutable, Stateless app AWS Terms
  41. 41. Immutable, Stateless app AWS Terms
  42. 42. Immutable, Stateless app AWS Terms
  43. 43. AWS Regions
  44. 44. AWS Region vs Availability Zones (AZs)
  45. 45. AWS Region vs Availability Zones (AZs)
  46. 46. Autoscaling Details
  47. 47. Autoscale Scale Policies
  48. 48. Autoscale Notification
  49. 49. Autoscale Instances
  50. 50. Autoscaling Activity History
  51. 51. Autoscaling Load Testing ●Bee with Machine ○https://github.com/newsapps/beeswithmachineguns ●Siege ○https://github.com/JoeDog/siege ●GOAD ○https://goad.io/
  52. 52. Bee With Machine Guns
  53. 53. Bee With Machine Guns
  54. 54. Bee With Machine Guns
  55. 55. Bee With Machine Guns
  56. 56. Bee With Machine Guns
  57. 57. Bee With Machine Guns
  58. 58. Bee With Machine Guns
  59. 59. Bee With Machine Guns
  60. 60. Bee Hive
  61. 61. Bee With Machine Guns ●Lambda Demo Serveless style
  62. 62. Demo
  63. 63. What happened? CloudWatch Metrics
  64. 64. Autoscaling ●Take an instance out of the autoscaling group ●Works with Microsoft Windows Servers ○Even Windows 2008 R2 with IIS ●Bootstrap script ●Event driven ○Network ○Disk I/O ●Schedule driven Things you can do
  65. 65. Autoscaling ●Treat servers as lives stocks and not pets. ○Servers are commodity and should be short lived. ●High Availability. ○Outage vs lower performance. ●Handle peak traffic. ●Cost ○One big server cost vs little servers. ●AWS Reserved instances and Spot instances cost savings. Benefits
  66. 66. Autoscaling ●On Demand instance ○$0.12 per hour ●Reserved instances ○One year = $0.008 per hour ~ 33% savings ○Three year = $0.005 per hour ~ %58 savings ●Spot instances ○User puts a price and wait for market to match it ○Good message queue or worker nodes ○Can be $0.0031 per Hour Cost Saving T2.micro
  67. 67. Autoscaling ●Autoscale configuration ○2 minimum ○6 maximum ●Purchase 2 reserved instances for the 2 minimum. ●Place bids for 2 spot instances. ●Use on demand instances for the last 2. Cost Saving scenario
  68. 68. Autoscaling ●Websites ○REST APIs ●RabbitMQ (AMQP) message queue ●MySQL cluster ○Master/slave ●Autoscale of One Use Cases
  69. 69. Autoscaling ●Application Performance Monitoring ○DataDog ○NewRelic ○SolarWind ○splunk ●Monitoring ○AlertLogic ●Logging ○ElasticSearch ○AWS X-ray ○CloudWatch Automation Requirements
  70. 70. Autoscaling ●AWS Cloudformation ○JSON ○YAML ●HashiCorp Terraform Deployment
  71. 71. Autoscaling 1.Create a new base Amazon Machine Image (AMI) ○Use HashiCorp Packer.io 2.Update Autoscaling configuration to the new AMI 3.Turn off existing EC2 instances one by one OS Patch
  72. 72. Autoscaling Evolution
  73. 73. Autoscaling ●Elastic Beanstalk Evolution
  74. 74. How To Start With AWS ●CloudGuru ○Udemy $10 course ●Monthly AWS webinars ○https://aws.amazon.com/about-aws/events/monthlywebinarseries/ ●AWS Associate Solution Architect Certification study guide ○Get AWS certification ●AWS Professional Partner Service ●Daily AWS updates/releases https://aws.amazon.com/new/ ●Go to AWS re:invent ●Drawing done at https://cloudcraft.co/
  75. 75. Related Materials ●Life without SSH ○YouTube ○Slides ●Coding Apps In Cloud to Reduce Costs up to 90% ○YouTube ○Slides
  76. 76. Links ●Getting Started: https://aws.amazon.com/getting-started ●General Reference: http://docs.aws.amazon.com/general/latest/gr ●Global Infrastructure: https://aws.amazon.com/about-aws/global-infrastructure/ ●FAQs: https://aws.amazon.com/faqs ●Documentation: https://aws.amazon.com/documentation/ ●Architecture: https://aws.amazon.com/architecture ●Whitepapers: https://aws.amazon.com/whitepapers ●Security: https://aws.amazon.com/security ●Blog: https://aws.amazon.com/blogs ●SlideShare: http://www.slideshare.net/AmazonWebServices ●Github: https://github.com/aws and https://github.com/awslabs
  77. 77. Happy Ever “Appter”