SlideShare a Scribd company logo

SESSION8_AWS how to deploy the resources and services

Download as PPTX, PDF
S
Saravanan68713

The document details various AWS services including Virtual Private Cloud (VPC) setup with public and private subnets, and configuring Apache on CentOS. It also covers AWS Route 53 for DNS management, Lambda functions integration with API Gateway, application and network load balancer characteristics, and traffic management strategies. Key concepts like CIDR notation, NACL, and security groups are discussed to facilitate better understanding of AWS architecture and services.

Design
1 of 24
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
AWS SERVICES BY PRAVEEN SINGAMPALLI SATURDAY JULY 30th @ 4 PM DO FOLLOW ME ON INSTAGRAM/ TWITTER/ TELEGRAM SINGAM4DEVOPS
VPC
• Public subnets • Include a routing table entry to an Internet gateway to support • inbound/outbound access to the public Internet. • Private subnets • Do not have a routing table entry to an Internet gateway and are not directly accessible from the public Internet. • Typically use a "jump box" (NAT/proxy/bastion host) to support restricted, outbound-only public Internet access. SUBNETS
CIDR SETUP • When you create your VPC, you specify its set of IP addresses with CIDR notation • Classless Inter-Domain Routing (CIDR) notation is a simplified way to show a specific range of IP addresses • Example: 10.0.0.0/16 = all IPs from 10.0.0.0 to 10.0.255.255 • 255.255.0.0=11111111 11111111 00000000 00000000 255.255.254.0 = 11111111 11111111 11111110 00000000 • 16 bits that can have a maximum value of 1111111111111111 =65,535 We are fixing the place value /8 means one value /16 means two places
/16 ALL YOU HAVE TO KNOW ABOUT • The 16 in the CIDR notation example represents how many of those bits are "locked down" and cannot change. The unlocked bits can change between 1 and 0, allowing the full range of possible values.
Directing Traffic Between VPC Resources
Security Layer of AWS NACL SECURITY GROUP
Network Address Translation services • Enable instances in the private subnet to initiate outbound traffic to the Internet or other AWS services.
CentOS 7/8 Install Apache server • yum install httpd • systemctl start httpd • systemctl status httpd • systemctl restart httpd Configure Apache server The next step is to add and update the VirtualHost for a new domain in Apache. Each domain needs its own configuration file. The configuration files use the .conf extension, and need to be saved in the /etc/httpd/conf.d/ directory. 1) Create a file at /etc/httpd/conf.d/yourdomain.com.conf and add the following lines to it. 2) # vi /etc/httpd/conf/httpd.conf <virtualhost *:80=""> ServerAdmin root@yourdomain.com ServerName yourdomain.com DocumentRoot /var/www/html/yourdomain.com/ ErrorLog /var/log/httpd/yourdomain.com/error.log CustomLog /var/log/httpd/yourdomain.com/access.log combined </virtualhost> Create a directory for the website and then create index.html file for the website. # mkdir /var/www/html/yourdomain.com Now add some content to index.html. # vi /var/www/html/yourdomain.com/index.html service httpd restart Open any browser and enter the website URL. http://yourdomain.com
AWS PROJECT SETUP WITH E2E The destination for the route is 0.0.0.0/0 , which represents all IPv4 addresses. The target is the internet gateway that's attached to your VPC Destination => IP address/CIDR range . Target => Where you want to send the traffic for the specified destination (e.g. if the destination is my local subnet, mention target as "local") The Internet gateway is one of the targets (e.g. routing traffic to the internet). Other options for the target would be NAT Gateway Virtual Private Gateway VPC endpoint VPC peering connection etc. depending on your architecture LOCAL  SUBNET DESTINATION  VPC, NAT Gateway, Virtual PrivatE Gateway, VPC endpoint RT1 -> VPC HIT  ROUTE TO PUBLIC SUBNET
AWS API GATEWAY Amazon API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. APIs act as the "front door" for applications to access data, business logic, or functionality from your backend services. API Gateway, helps us to create RESTful APIs and WebSocket APIs that enable real-time two-way communication applications.
Create a lambda function • To create a Python function • Open the Lambda console. • Choose Create function. • Configure the following settings: • Name – REST_Demo. • Runtime – Python 3.9. • Role – Choose an existing role. • Existing role – lambda-role. • Choose Create function. • To configure a test event, choose Test. • For Event name, enter . • Choose Save changes. test • To invoke the function, choose Test.
Lambda with API GATEWAY TRIGGER
Deploy Python Lambda functions with .zip file archives • Deployment package with dependencies 1) mkdir my-sourcecode-function 2) cd my-sourcecode-function 3) vim lambda_function.py 4) pip install --target ./package requests 5) cd package zip -r ../my-deployment-package.zip . 6) cd .. zip -g my-deployment-package.zip lambda_function.py CODE TO MAKE ZIP aws lambda update-function-code --function-name REST_Demo --zip- file fileb://my-deployment- package.zip
AWS ROUTE 53 AWS Route 53 connects requests to the infrastructure running in AWS. These requests include AWS ELB, Amazon EC2 instances, or Amazon S3 buckets. AWS Route 53 can be easily used to configure DNS health checks, continuously monitor your applications’ ability to recover from failures, and control application recovery with Route 53 Application Recovery Controller. AWS Route 53 traffic flow helps to manage traffic globally via a wide variety of routing types including latency-based routing, geo DNS, weighted round- robin, and geo proximity 1) latency-based routing - user latency can be reduced by serving requests from the region where network latency is the lowest 2) geo DNS - Geolocation routing can be used to send traffic to resources based on the geographical location of users 3) weighted round-robin - Two regions servers are there then we can divide the traffic based on percentage [East 30% and West 70%]
Log analysis with Amazon Elasticsearch Service and Kibana
S3 Glacier Data Flow
Steps to move Data from S3 bucket to Glacier
SESSION8_AWS how to deploy the resources and services
Application Load Balancer An Application Load Balancer (ALB) only works at layer 7 (HTTP). It has a wide range of routing rules for incoming requests based on host name, path, query string parameter, HTTP method, HTTP headers, source IP, or port number. ** ELB only allows routing based on port number. ALB can route requests to many ports on a single target. Plus, ALB can route requests to Lambda functions. ALB further supports Server Name Indication (SNI), which allows it to serve many domain names. There is a limit, however, to the number of certificates you can attach to an ALB, namely 25 certificates plus the default certificate. ALBs are typically used for web applications. If you have a microservices architecture, ALB can be used as an internal load balancer in front of EC2 instances or Docker containers that implement a given service.
Network Load Balancer •A Network Load Balancer (NLB) works at layer 4 only and can handle both TCP and UDP, as well as TCP connections encrypted with TLS. •It has a very high performance • It uses static IP addresses and can be assigned Elastic IPs—not possible with ALB and ELB. •NLBs would be used for anything that ALBs don’t cover. A typical use case would be a near real-time data streaming service (video, stock quotes, etc.) Another typical case is that you would need to use an NLB if your application uses non-HTTP protocols.
Comparison of AWS LB’s The decryption/encryption of TLS traffic is done at LB end rather then the application servers, which helps you optimize the performance of your backend application servers while keeping your workloads secure. Layer 4 load balancing operates at the intermediate transport layer, which is responsible for delivering messages regardless of the content. Layer 4 load balancers simply forward network packets to and from the upstream server without bothering to inspect what’s in them. Layer 7 load balancing operates at the high-level application layer, which is responsible for the actual content of the message. Layer 7 load balancers route network traffic in a more complex manner, usually applicable to TCP-based traffic like HTTP. Unlike Layer 4, a Layer 7 load balancer terminates the network traffic and reads the message within. It makes a decision based on the content of the message. After which, it makes a new TCP connection to the selected upstream server and writes the request to the server.
Application Load balancer Dashboard
DO FOLLOW ME ON INSTAGRAM/ TWITTER/ TELEGRAM SINGAM4DEVOPS

More Related Content

PDF
GOTO Stockholm - AWS Lambda - Logic in the cloud without a back-end
Ian Massingham
 
PDF
Čtvrtkon #64 - AWS Serverless - Michal Haták
Ctvrtkoncz
 
PDF
Building high performance microservices in finance with Apache Thrift
RX-M Enterprises LLC
 
PPT
Networking Java Socket Programming
Mousmi Pawar
 
PDF
Building a sdn solution for the deployment of web application stacks in docker
Jorge Juan Mendoza
 
PDF
Getting Started with AWS Lambda & Serverless Cloud
Ian Massingham
 
PPTX
AWS Atlanta meetup Build Tools - Code Commit, Code Build, Code Deploy
Adam Book
 
PDF
Real time web apps
Sepehr Rasouli
 
GOTO Stockholm - AWS Lambda - Logic in the cloud without a back-end
Ian Massingham
 
Čtvrtkon #64 - AWS Serverless - Michal Haták
Ctvrtkoncz
 
Building high performance microservices in finance with Apache Thrift
RX-M Enterprises LLC
 
Networking Java Socket Programming
Mousmi Pawar
 
Building a sdn solution for the deployment of web application stacks in docker
Jorge Juan Mendoza
 
Getting Started with AWS Lambda & Serverless Cloud
Ian Massingham
 
AWS Atlanta meetup Build Tools - Code Commit, Code Build, Code Deploy
Adam Book
 
Real time web apps
Sepehr Rasouli
 

Similar to SESSION8_AWS how to deploy the resources and services (20)

PPTX
Serverless solution architecture in AWS
Runcy Oommen
 
PDF
Webinar: Serverless Architectures with AWS Lambda and MongoDB Atlas
MongoDB
 
PPT
Intro to web services
Neil Ghosh
 
PDF
HTTP/2 Comes to Java: Servlet 4.0 and what it means for the Java/Jakarta EE e...
Edward Burns
 
PPTX
Azure Web App services
Alexey Bokov
 
PPTX
DRILETT_AWS_VPC_Presentation_2MB
David Rilett
 
PPTX
98 366 mva slides lesson 6
suddenven
 
PPTX
MVA slides lesson 6
Fabio Almeida- Oficina Eletrônica
 
PDF
IBM Think Session 8598 Domino and JavaScript Development MasterClass
Paul Withers
 
PPTX
Web-services-MD.pptx for web site designing
SwapnilAshtekar3
 
PDF
Service fabric and azure service fabric mesh
Mikkel Mørk Hegnhøj
 
PDF
How to Build a Big Data Application: Serverless Edition
ecobold
 
PDF
Aws-What You Need to Know_Simon Elisha
Helen Rogers
 
PPTX
Serverless design considerations for Cloud Native workloads
Tensult
 
PDF
How to Build a Big Data Application: Serverless Edition
Lecole Cole
 
PPTX
F5 Meetup presentation automation 2017
Guy Brown
 
PDF
10 Tips For Serverless Backends With NodeJS and AWS Lambda
Jim Lynch
 
PPT
Ch 22: Web Hosting and Internet Servers
webhostingguy
 
PPSX
Welcome to Web Services
Shivinder Kaur
 
PDF
Collector Web Services
publisyst
 
Serverless solution architecture in AWS
Runcy Oommen
 
Webinar: Serverless Architectures with AWS Lambda and MongoDB Atlas
MongoDB
 
Intro to web services
Neil Ghosh
 
HTTP/2 Comes to Java: Servlet 4.0 and what it means for the Java/Jakarta EE e...
Edward Burns
 
Azure Web App services
Alexey Bokov
 
DRILETT_AWS_VPC_Presentation_2MB
David Rilett
 
98 366 mva slides lesson 6
suddenven
 
MVA slides lesson 6
Fabio Almeida- Oficina Eletrônica
 
IBM Think Session 8598 Domino and JavaScript Development MasterClass
Paul Withers
 
Web-services-MD.pptx for web site designing
SwapnilAshtekar3
 
Service fabric and azure service fabric mesh
Mikkel Mørk Hegnhøj
 
How to Build a Big Data Application: Serverless Edition
ecobold
 
Aws-What You Need to Know_Simon Elisha
Helen Rogers
 
Serverless design considerations for Cloud Native workloads
Tensult
 
How to Build a Big Data Application: Serverless Edition
Lecole Cole
 
F5 Meetup presentation automation 2017
Guy Brown
 
10 Tips For Serverless Backends With NodeJS and AWS Lambda
Jim Lynch
 
Ch 22: Web Hosting and Internet Servers
webhostingguy
 
Welcome to Web Services
Shivinder Kaur
 
Collector Web Services
publisyst
 
Ad

Recently uploaded (20)

PDF
SEVA- Fashion designing-Presentation.pdf
Maya243315
 
PPTX
Wisp Textiles: Where Comfort Meets Everyday Style
sportsenerlix
 
PPTX
Causes of Flooding by Slidesgo sdnl;asnjdl;asj.pptx
renrif6047
 
PDF
Africa 2025 - Prospects and Challenges first edition.pdf
wenogarden
 
PDF
Integrated-2D-and-3D-Animation-Bridging-Dimensions-for-Impactful-Storytelling...
nikitasaraf21isbms
 
PDF
Trusted Executive Protection Services in Ontario — Discreet & Professional.pdf
secureshields25
 
PPTX
Implications Existing phase plan and its feasibility.pptx
SamuelJohnson540488
 
DOCX
actividad 20% informatica microsoft project
fernandeznibesky
 
PPTX
AD Bungalow Case studies Sem 2.pptxvwewev
15MistryMitanshu
 
PPT
UNIT I- Yarn, types, explanation, process
SANGEETHA PRIYA B
 
PPTX
DOC-20250430-WA0014._20250714_235747_0000.pptx
gameon41
 
PPTX
BSCS lesson 3.pptxnbbjbb mnbkjbkbbkbbkjb
barkatbushra9
 
PPTX
Fundamental Principles of Visual Graphic Design.pptx
KevinCaratiquit2
 
PPTX
mahatma gandhi bus terminal in india Case Study.pptx
rubaiyaakhterinbox
 
PPTX
building Planning Overview for step wise design.pptx
SamuelJohnson540488
 
PDF
Phone away, tabs closed: No multitasking
NaziaNowrin2
 
PPTX
AC-Unit1.pptx CRYPTOGRAPHIC NNNNFOR ALL
prabujayant2022
 
PDF
High-frequency high-voltage transformer outline drawing
Tsuyoshi Horigome
 
PDF
Urban Design Final Project-Site Analysis
nicolebrog1
 
PPTX
Special finishes, classification and types, explanation
SANGEETHA PRIYA B
 
SEVA- Fashion designing-Presentation.pdf
Maya243315
 
Wisp Textiles: Where Comfort Meets Everyday Style
sportsenerlix
 
Causes of Flooding by Slidesgo sdnl;asnjdl;asj.pptx
renrif6047
 
Africa 2025 - Prospects and Challenges first edition.pdf
wenogarden
 
Integrated-2D-and-3D-Animation-Bridging-Dimensions-for-Impactful-Storytelling...
nikitasaraf21isbms
 
Trusted Executive Protection Services in Ontario — Discreet & Professional.pdf
secureshields25
 
Implications Existing phase plan and its feasibility.pptx
SamuelJohnson540488
 
actividad 20% informatica microsoft project
fernandeznibesky
 
AD Bungalow Case studies Sem 2.pptxvwewev
15MistryMitanshu
 
UNIT I- Yarn, types, explanation, process
SANGEETHA PRIYA B
 
DOC-20250430-WA0014._20250714_235747_0000.pptx
gameon41
 
BSCS lesson 3.pptxnbbjbb mnbkjbkbbkbbkjb
barkatbushra9
 
Fundamental Principles of Visual Graphic Design.pptx
KevinCaratiquit2
 
mahatma gandhi bus terminal in india Case Study.pptx
rubaiyaakhterinbox
 
building Planning Overview for step wise design.pptx
SamuelJohnson540488
 
Phone away, tabs closed: No multitasking
NaziaNowrin2
 
AC-Unit1.pptx CRYPTOGRAPHIC NNNNFOR ALL
prabujayant2022
 
High-frequency high-voltage transformer outline drawing
Tsuyoshi Horigome
 
Urban Design Final Project-Site Analysis
nicolebrog1
 
Special finishes, classification and types, explanation
SANGEETHA PRIYA B
 
Ad

SESSION8_AWS how to deploy the resources and services

  • 1. AWS SERVICES BY PRAVEEN SINGAMPALLI SATURDAY JULY 30th @ 4 PM DO FOLLOW ME ON INSTAGRAM/ TWITTER/ TELEGRAM SINGAM4DEVOPS
  • 2. VPC
  • 3. • Public subnets • Include a routing table entry to an Internet gateway to support • inbound/outbound access to the public Internet. • Private subnets • Do not have a routing table entry to an Internet gateway and are not directly accessible from the public Internet. • Typically use a "jump box" (NAT/proxy/bastion host) to support restricted, outbound-only public Internet access. SUBNETS
  • 4. CIDR SETUP • When you create your VPC, you specify its set of IP addresses with CIDR notation • Classless Inter-Domain Routing (CIDR) notation is a simplified way to show a specific range of IP addresses • Example: 10.0.0.0/16 = all IPs from 10.0.0.0 to 10.0.255.255 • 255.255.0.0=11111111 11111111 00000000 00000000 255.255.254.0 = 11111111 11111111 11111110 00000000 • 16 bits that can have a maximum value of 1111111111111111 =65,535 We are fixing the place value /8 means one value /16 means two places
  • 5. /16 ALL YOU HAVE TO KNOW ABOUT • The 16 in the CIDR notation example represents how many of those bits are "locked down" and cannot change. The unlocked bits can change between 1 and 0, allowing the full range of possible values.
  • 7. Security Layer of AWS NACL SECURITY GROUP
  • 8. Network Address Translation services • Enable instances in the private subnet to initiate outbound traffic to the Internet or other AWS services.
  • 9. CentOS 7/8 Install Apache server • yum install httpd • systemctl start httpd • systemctl status httpd • systemctl restart httpd Configure Apache server The next step is to add and update the VirtualHost for a new domain in Apache. Each domain needs its own configuration file. The configuration files use the .conf extension, and need to be saved in the /etc/httpd/conf.d/ directory. 1) Create a file at /etc/httpd/conf.d/yourdomain.com.conf and add the following lines to it. 2) # vi /etc/httpd/conf/httpd.conf <virtualhost *:80=""> ServerAdmin [email protected] ServerName yourdomain.com DocumentRoot /var/www/html/yourdomain.com/ ErrorLog /var/log/httpd/yourdomain.com/error.log CustomLog /var/log/httpd/yourdomain.com/access.log combined </virtualhost> Create a directory for the website and then create index.html file for the website. # mkdir /var/www/html/yourdomain.com Now add some content to index.html. # vi /var/www/html/yourdomain.com/index.html service httpd restart Open any browser and enter the website URL. http://yourdomain.com
  • 10. AWS PROJECT SETUP WITH E2E The destination for the route is 0.0.0.0/0 , which represents all IPv4 addresses. The target is the internet gateway that's attached to your VPC Destination => IP address/CIDR range . Target => Where you want to send the traffic for the specified destination (e.g. if the destination is my local subnet, mention target as "local") The Internet gateway is one of the targets (e.g. routing traffic to the internet). Other options for the target would be NAT Gateway Virtual Private Gateway VPC endpoint VPC peering connection etc. depending on your architecture LOCAL  SUBNET DESTINATION  VPC, NAT Gateway, Virtual PrivatE Gateway, VPC endpoint RT1 -> VPC HIT  ROUTE TO PUBLIC SUBNET
  • 11. AWS API GATEWAY Amazon API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. APIs act as the "front door" for applications to access data, business logic, or functionality from your backend services. API Gateway, helps us to create RESTful APIs and WebSocket APIs that enable real-time two-way communication applications.
  • 12. Create a lambda function • To create a Python function • Open the Lambda console. • Choose Create function. • Configure the following settings: • Name – REST_Demo. • Runtime – Python 3.9. • Role – Choose an existing role. • Existing role – lambda-role. • Choose Create function. • To configure a test event, choose Test. • For Event name, enter . • Choose Save changes. test • To invoke the function, choose Test.
  • 13. Lambda with API GATEWAY TRIGGER
  • 14. Deploy Python Lambda functions with .zip file archives • Deployment package with dependencies 1) mkdir my-sourcecode-function 2) cd my-sourcecode-function 3) vim lambda_function.py 4) pip install --target ./package requests 5) cd package zip -r ../my-deployment-package.zip . 6) cd .. zip -g my-deployment-package.zip lambda_function.py CODE TO MAKE ZIP aws lambda update-function-code --function-name REST_Demo --zip- file fileb://my-deployment- package.zip
  • 15. AWS ROUTE 53 AWS Route 53 connects requests to the infrastructure running in AWS. These requests include AWS ELB, Amazon EC2 instances, or Amazon S3 buckets. AWS Route 53 can be easily used to configure DNS health checks, continuously monitor your applications’ ability to recover from failures, and control application recovery with Route 53 Application Recovery Controller. AWS Route 53 traffic flow helps to manage traffic globally via a wide variety of routing types including latency-based routing, geo DNS, weighted round- robin, and geo proximity 1) latency-based routing - user latency can be reduced by serving requests from the region where network latency is the lowest 2) geo DNS - Geolocation routing can be used to send traffic to resources based on the geographical location of users 3) weighted round-robin - Two regions servers are there then we can divide the traffic based on percentage [East 30% and West 70%]
  • 16. Log analysis with Amazon Elasticsearch Service and Kibana
  • 18. Steps to move Data from S3 bucket to Glacier
  • 20. Application Load Balancer An Application Load Balancer (ALB) only works at layer 7 (HTTP). It has a wide range of routing rules for incoming requests based on host name, path, query string parameter, HTTP method, HTTP headers, source IP, or port number. ** ELB only allows routing based on port number. ALB can route requests to many ports on a single target. Plus, ALB can route requests to Lambda functions. ALB further supports Server Name Indication (SNI), which allows it to serve many domain names. There is a limit, however, to the number of certificates you can attach to an ALB, namely 25 certificates plus the default certificate. ALBs are typically used for web applications. If you have a microservices architecture, ALB can be used as an internal load balancer in front of EC2 instances or Docker containers that implement a given service.
  • 21. Network Load Balancer •A Network Load Balancer (NLB) works at layer 4 only and can handle both TCP and UDP, as well as TCP connections encrypted with TLS. •It has a very high performance • It uses static IP addresses and can be assigned Elastic IPs—not possible with ALB and ELB. •NLBs would be used for anything that ALBs don’t cover. A typical use case would be a near real-time data streaming service (video, stock quotes, etc.) Another typical case is that you would need to use an NLB if your application uses non-HTTP protocols.
  • 22. Comparison of AWS LB’s The decryption/encryption of TLS traffic is done at LB end rather then the application servers, which helps you optimize the performance of your backend application servers while keeping your workloads secure. Layer 4 load balancing operates at the intermediate transport layer, which is responsible for delivering messages regardless of the content. Layer 4 load balancers simply forward network packets to and from the upstream server without bothering to inspect what’s in them. Layer 7 load balancing operates at the high-level application layer, which is responsible for the actual content of the message. Layer 7 load balancers route network traffic in a more complex manner, usually applicable to TCP-based traffic like HTTP. Unlike Layer 4, a Layer 7 load balancer terminates the network traffic and reads the message within. It makes a decision based on the content of the message. After which, it makes a new TCP connection to the selected upstream server and writes the request to the server.
  • 24. DO FOLLOW ME ON INSTAGRAM/ TWITTER/ TELEGRAM SINGAM4DEVOPS