April 22, 2015 - David Sokolik
Amazon AWS Basics
Introduction to Amazon AWS: The Amazon AWS Basics
Everyone are talking about cloud, many companies are looking for DevOPS or SysOPS personal and those are hard to find.
In this post I’ll talk about the basics of AWS terminology in the hopes of easing the transition into the AWS world a little more comfortable.
AWS Region and Availability Zones:
Amazon is divided into two segments:
This is the general physical location area where your AWS resources will be located for example: North Virginia, Oregon (USA), Ireland or Frankfurt (Europe) or even Singapore and Sydney (Asia) are available.
You can have multiple resources in multiple regions now some features of AWS are not region specific but many are, so it is very important when looking into AWS to choose the right region for your needs.
Keep in mind that there are pricing differences between regions.
2) Availability Zone:
Availability zone or AZ for short are the physical locations within a region for example:
In region Oregon there are three (3) AZ’s. Think of AZ’s as actual data centers which are located within a region so in our example within the state of Oregon there are three (3) data centers across the state.
To learn more visit: Regions and Availability Zones
EC2 are the AWS virtual machines running general operating systems which you can connect to and manage as if they were machines running in your local infrastructure.
Now connecting to them is a bit more trickier than a regular machine but the general concept is the same. these are machines running some sort of OS (Windows/Linux) and they can come pre-installed with services such as Microsoft SQL, Microsoft IIS etc.
In the early days of AWS you could create EC2 instances (VM’s) but they would each run as a separate entity and in order to create connectivity between the two you would need to open “Firewall” ports and create network connectivity over the internet even if they both were located in the same region or even in the same AZ.
VPC is basically your own network infrastructure with private subnets running in that region. Yes VPC’s are region specific and you can have the same VPC setup in multiple regions.
Now since the VPC is region based meaning you create your subnet let say for example: 184.108.40.206/16 (it must by between /16 or /28 subnet) Learn more about subnets and CIDR
Now the subnet which in this example is Class B gives us a usable range of: 220.127.116.11 – 18.104.22.168, the VPC allows our EC2 instances to see and communicate with our other instances within that region without going over the internet all the communication is internal.
S3 is amazon’s public elastic storage, it’s a little hard at first to understand what it is, So I will try to do my best to assist you with the basic understanding.
S3 is true “Unlimited” storage, you cannot pre-configure sizes or pre-purchase storage, its pay-as-you-go with limitless possibility and almost the most redundant and safe options available in the world today!
Amazon guarantee’s eleven (11) 9’s of durability that means 99.999999999% of data access safety with 99.99% of accessibility which basically means even if there is a failure somewhere you might a brief loss of connectivity and might not be able to access the data but it will all be there once that connectivity issue is resolved.
But unlike general storage the S3 storage cannot be directly accessed via your EC2 instance, meaning it will not appear as a local drive (D:, E: in windows or an mount point in linux) access to the S3 bucket (storage) is accessible via code only so you can store stuff and retrieve stuff if you use some sort of software either the aws public tools (code bases API calls), pre-paid or write your own.
S3 is by default web accessible meaning you will be given a unique URL and you can upload data to S3 and be able to access it via your web browser. By default all permission access from the web is denied so you will have to assign permissions to access the files as needed.
Glacier is basically amazon’s cheap and super slow version of S3, it is designed for archiving purposes and is not intended to be used in anyway as a production / active location to store data.
Storing data on glacier is crazy cheap how cheap well currently it’s $0.01 per Gigabyte
But with Glacier you also have access costs meaning you can upload and store for long periods of time on the super cheap but if you require the files you will have to pay to retrieve them and it will be a slow process.
Uploading the data originally also costs money.
RDS is amazon’s databases services RDS stands for Relational Database Service why? Because of the databases we know are defined with the old world perspective that values in tables must be connected in some way. for example:
|ID||Best Known For||Estimate Wealth|
|2005||Windows Operating System||$82 billion|
|1005||The I revolution: iPod, iPhone and iPad||$8.3 billion|
Now usually the ID column in each database would be constrained in some way. which is why those databases are called Relational as they impose some sort of a relation between tables.
Now while you have the option to lunch an EC2 instance and run your database on it. Amazon is offering you a database engine that they mange on your behalf, they maintain it they upgrade it they do all the dirty work and you just pay for the usage.
Learn more about RDS
Route 53 is amazon’s public DNS management service. The advantages of route 53 is that they offer very low TTL values and firm connection with our AWS services such as ELB’s (Elastic Load Balancer) as well as other non standard DNS features such as Weighted DNS , GEO DNS and Health Checks
Learn more about Route 53
Identity & Access Management or IAM for short is amazon’s security section, here you can grant access to various aspects of AWS for example.
You have a main account (the one with the credit card # attached) and from there you grant access to your users so they can run their own EC2 instances or RDS instance but you pay for it.
You can limit access to S3 files and folders as well as actions for example: you generate the keys and limit only get (download) access to a certain file or list (view) access to a certain directory.
To learn more about IAM visit: AWS IAM Product Details