If you are anything like us, you cannot wait to get started and launch an application in the cloud. But, before we dive in and start launching servers, let’s take a step back and look at the big picture. Amazon Web Services (AWS) is a global platform with data centers around the globe. A little time spent on the architecture will help you understand why, and not just what, we are doing with AWS.
In this chapter, we will discuss the AWS global infrastructure, including regions and availability zones, and how to use them to design a robust application in the cloud. We will also introduce all of the services we are going to discuss throughout the book. Before we do, let’s begin by defining cloud computing.
What Is Cloud Computing?
It seems that every company has a different definition of cloud computing. Amazon describes cloud computing as “the on-demand delivery of IT resources via the Internet with pay-as-you-go pricing” ( http://aws.amazon.com/what-is-cloud-computing/ ).
Cloud computing is about leasing servers and storage from a provider like Amazon. But, it’s also about so much more. The cloud offers information technology workers significant cost savings and unimaginable agility. Tasks that traditionally took weeks of work, costing thousands of dollars, can be completed in minutes for fractions of a penny.
In addition, cloud computing offers inconceivable scalability. With a single line of code, you can provision thousands of servers. Most important, you pay only for what you need and give the equipment back when you’re done. Furthermore, because you are paying by the hour, running one server for a thousand hours costs the same amount as running a thousand servers for 1 hour. This is unthinkable in a traditional data center.
Finally, cloud computing is often used in concert with automation. When we combine scalability with automation, we have the ability to build an application that responds to load. In Chapter 8, we will build a self-healing web application that automatically reconfigures itself in response to changes in load. That’s what cloud computing is all about.
Regions
AWS is organized into multiple regions around the globe. Each region is designed to be independent of the others. This isolation allows us to design highly available applications that span the globe and ensure low-latency response times to our users.
All of the examples in this book were completed in Northern Virginia (us-east-1), but you can use the region closest to you. In fact this is the whole idea. By selecting a region closest to your users, you can deliver the best experience by minimizing latency.
Imagine you run an e-commerce site for a US-based clothing company. Most of your users are also in the United States, but recently you have had a small following in Australia. These users are complaining about the web site. They say it is slow and transactions often time out. Before the cloud, you would have to build another data center in Australia.
But using AWS, you can launch a few servers in Amazon’s data center. Remember that you are only paying for what you use, so if you only need three or four servers in Australia, that’s all you pay for. And it might cost just $1–2 an hour. This is one of the advantages of cloud computing.
Even more important, it may turn out that we are wrong. Maybe the users in Australia were just an anomaly. Within a month, all of the Australian users have moved on. We simply shut down the site in Australia and immediately stop paying. Cloud computing allows us to “fail fast,” which lets the company try new things that would have been too expensive in the past.
Another reason you may want to use multiple regions is data privacy. Many companies are required to store data in a specific region. The European Union requires that data about its citizens be stored in Europe. In this case, the Ireland region (eu-west-1) would be a great choice.
As of this writing, there are 20 regions in production with 12 more planned. Two of these regions, GovCloud East and GovCloud West, are specifically designed to store data for the US government. If you are doing work for the US government, GovCloud may be an option for you.
Regions allow you to deliver your application from the location closest to your users and build redundant applications served from multiple regions. While this is great, Amazon also offers another layer of redundancy called availability zones.
Availability Zones
Each region is further organized into two or more availability zones (AZs) . You can think of each AZ as a separate data center. The AZs within a region are isolated from failures but connected with high-speed, low-latency links.
Each AZ has separate power, cooling, and Internet access. In addition, their locations are chosen so they are never in the same flood plain and so on. This allows you to architect highly available applications that span multiple data centers.
Availability zones
Regions and availability zones allow you to build a highly available, low-latency application that you could never dream of building in your own data center. Only a handful of companies around the globe have the resources to match this functionality in their own data centers. Before we wrap up, let’s look quickly at the services available.
Services
AWS reference architecture
Let’s spend a minute discussing these options.
Management
AWS Management Console – The console is the web GUI for configuring AWS. You can configure almost anything using the console, but this is a book on PowerShell. In the early chapters, I will show you how to get started using the console, but once we get comfortable, we will be using PowerShell almost exclusively.
Identity and Access Management (IAM) – IAM allows you to control access to your account. You can create users and groups and write policies to control access to resources. (We will discuss IAM briefly in Chapter 2 and in detail in Chapter 9.)
PowerShell API – PowerShell gives you full control over all services. You can do things in PowerShell that you cannot do in the AWS Management Console. AWS supports many scripting languages, but this book will focus on PowerShell.
Systems Manager – Systems Manager allows you to manage your fleet of Windows and Linux servers. This includes patching, inventory management, maintenance windows, and much more. Chapters 15, 16, and 17 cover Systems Manager.
Storage
Elastic Block Storage (EBS) – EBS is a storage area network we use to create disks for our instances. EBS is a network-based solution similar to iSCSI. You can create volumes from 1GB to 1TB. You can also manage IO operations per second (IOPS). We will use EBS throughout the book, and focus on it in Chapter 4.
Simple Storage Service (S3) – S3 is highly durable object storage in the cloud. You can use S3 to store an unlimited number of files up to 5GB each. S3 uses HTTP/HTTPS to read and write objects. Most important, you get 99.999999999% durability. (We will focus on S3 in Chapter 11.)
Amazon Glacier – Glacier is a low-cost, cold-storage solution. Glacier offers the same high durability as S3 for about 1/10 the cost, but stores data offline and requires advanced notice to access your data. This is a great alternative to tape backup. (We will discuss Glacier in Chapter 11.)
Network
Virtual Private Cloud (VPC) – VPC allows us to create a private network to isolate your instances from those of other AWS tenants. You can create a custom network topology and control network security. (We will use VPC throughout the book, but focus on it in Chapter 5.)
Elastic Load Balancer (ELB) – ELB is a managed load balancing solution. You can balance traffic between multiple servers across availability zones. You can create public ELBs on the Internet or use a private ELB to balance traffic between layers of a multitier application. (We will discuss ELB in Chapter 8.)
Route 53 – Route 53 is Amazon’s managed DNS solution. If you use Route 53, you can balance traffic between multiple regions, and AWS will determine which region is closest to the user and route them automatically. (We will discuss Route 53 briefly in Chapter 8.)
Compute
Elastic Compute Cloud (EC2) – EC2 is Amazon’s virtual server service. This is how we launch servers, called instances, in the cloud. EC2 offers thousands of images and hardware configurations for every imaginable use case. This is the focus of the book, and we will use EC2 throughout.
WorkSpaces and AppStream – WorkSpaces is a fully managed virtual desktop infrastructure (VDI) service. It allows you to manage Windows 7 and Windows 10 desktops at scale. AppStream allows you to stream Windows application into a browser. Both are covered in Chapter 13.
Lambda – Lambda is serverless computing or functions as a service (FaaS). It allows you to run code in response to events using many languages including PowerShell and .Net. Lambda is covered in Chapter 18.
Monitoring
CloudWatch – CloudWatch is used to monitor the environment. CloudWatch allows you to create custom alarms and defines what actions to take when an issue arises. For example, you might raise an alarm when CPU utilization is above 80% for an extended period of time. (We will use CloudWatch to monitor instances in Chapter 8.)
Auto Scaling – Auto Scaling, combined with CloudWatch, allows you to automatically respond to changing conditions. In Chapter 8 we will create an application that automatically launches new instances when the application is under high load.
Simple Notification Service (SNS) – SNS is Amazon’s notification system. CloudWatch can publish messages to SNS whenever an alarm occurs. You can use SNS to subscribe to events using e-mail, SMS text messages, and many other options.
Misc.
Relational Database Service (RDS) – RDS is Amazon’s managed database service. RDS supports MySQL, Oracle, PostgreSQL, and Microsoft SQL Server. You can install any of these on an EC2 instance, but with RDS, Amazon manages the administration for you. (We will do a deep dive on RDS in Chapter 10.)
Directory Service – Directory Service makes it easy to manage Active Directory in the cloud. Directory Service is used by many services including EC2, RDS, WorkSpaces, and WorkDocs. We cover Directory Service in Chapter 12.
WorkDocs – WorkDocs is a service for secure collaboration in the cloud. You can use WorkDocs to store and manage documents. WorkDocs is covered in Chapter 14.
Summary
As you can see, Amazon offers everything you need to create a world-class application in the cloud. Regions and availability zones give you access to resources across the globe and allow you to build a highly available, low-latency application. In addition, Amazon offers numerous services that can be used in concert to create a robust application.
In the next chapter, we will create an account and configure our PowerShell environment. With this in place, we can begin using all the services we just discussed. What are we waiting for? Let’s get going.