AWS Integrated Services

Question 1

Application Load Balancer

Answer 1

A type of load balancer that registers targets instead of instances

Question 2

Application Load Balancer features:

Answer 2

• Additional supported request protocols
• Enhanced metrics and access logs
• More target health checks
• Ability to enable additional routing mechanisms for requests using path-based or host-based routing; as well as AWS web application firewall integration
• Allows you to route different requests to the same instance, but differ the path based on the port

Question 3

Path-based routing

Answer 3

A type of routing that allows to create rules that forward requests to different target groups

Question 4

Application Load Balancer key terms:

Answer 4

• Listener
• Target
• Target groups

Question 5

Listener

Answer 5

• A process within the Application Load Balancer that checks for connection requests
• The rules you define determine how the load balancer routes requests to the targets in one or more target groups
• When configuring these, you create rules to direct how the requests received by the load balancer will be routed to backend targets

Question 6

Target

Answer 6

Within the Application Load Balancer, it’s a destination for traffic based on the established listener rules

Question 7

Target groups

Answer 7

• Within the Application Load Balancer, it’s a group that routes requests to one or more registered targets
• A target can be registered with multiple groups while health checks can be configured on a per group basis
• You create these groups to register targets to the load balancer and configure health checks that the load balancer will use for targets

Question 8

Host-based routing

Answer 8

A type of routing that provides the ability to have multiple domains supported by the same load balancer and route requests to target groups based on the requested domain

Question 9

Application Load Balancer enhanced features:

Answer 9

• Supported protocols (HTTP, HTTPS, etc.)
• CloudWatch metrics (additional load balance metrics)
• Access logs (Ability to see connection details)
• Health checks (Insight into target and application health)

Question 10

Application Load Balancer added features:

Answer 10

• Path and host-based routing
• Deletion protection & request tracing – used to track HTTP requests from client to target
• Dynamic ports

Question 11

Auto Scaling

Answer 11

• Helps ensure you have the correct number of Amazon EC2 instances available to handle the load of your application
• It’s critical to monitor the performance of your workload using Amazon CloudWatch – even though by itself, EC2 instances will not be added or removed

Question 12

Auto Scaling helps to answer which two critical questions?

Answer 12

• Scalability

- Automation

Question 13

Scalabilty

Answer 13

How to ensure you workload has enough EC2 resources to meet fluctuating performance requirements

Question 14

Automation

Answer 14

How to automate EC2 resource provisioning to occur on-demand

Question 15

“Scaling Out”

Answer 15

When you add more instances

Question 16

“Scaling In”

Answer 16

When you terminate instances

Question 17

Three components for Auto Scaling:

Answer 17

• Launch Configuration
• Auto Scaling Group
• Auto Scaling Policy

Question 18

Launch Configuration

Answer 18

• Within auto scaling, it’s defining what will be launched

- Examples — AMI, Instance type, security groups, roles, etc.

Question 19

Auto Scaling Group

Answer 19

• Defining where the deployment takes place and boundaries for the deployment
• Examples — defining which VPC deploys instances, which load balancer to interact with, specifying boundaries for a group, etc.

Question 20

Auto Scaling Policy

Answer 20

• Defining when to launch or terminate EC2 instances
• Best practice is to create at least one policy for scaling out and another for scaling in
• Common configuration — creating CloudWatch alarms based on performance information from EC2 instances or a load balancer

Question 21

CloudWatch alarm for Auto Scaling

Answer 21

• 1st part of alarm is a condition (CPU utilization) with a specific threshold (% of usage)
• 2nd part of alarm is the action to perform after the alarm has been triggered – action could be adding/removing instances

Question 22

Amazon Route 53

Answer 22

• It’s a Domain Name System (DNS) designed to provide businesses and developers with a reliable and highly scalable way to route end-users to internet applications — think of this system as an “address book”
• Translates website names like www.example.com into numeric IP addresses that computers use to connect with one another
• To provide DNS translation for your domain name, you can either manage your own DNS or employ a managed DNS, like this service

Question 23

How does Amazon Route 53 work?

Answer 23

• First, a user opens a web browser and enters the domain name for a website (www.example.com)
• Then, that query is typically routed to an internet service provider’s DNS resolver

If that website’s DNS is handled by this service, the internet service provider’s DNS resolver forwards the request to the DNS hosted and managed by this service

• Then, this service’s server gathers the value associated with www.example.com - say 192.0.2.44 - and returns that IP address to the internet service provider’s DNS resolver, which gives the user the specified content

Question 24

Domain Name System (DNS) resolutions:

Answer 24

• Simple routing
• Geo-location
• Failover
• Weighted routing
• Latency-based
• Multi-value answer routing

Question 25

Geo-location

Answer 25

• It’s a DNS resolution that bases routing on where the user’s DNS request came from
• Allows you to serve traffic from resources designed for that location
• You could have multiple copies of your website deployed to different regions in different languages, making sure your users are routed to the appropriate copy of your website based on their location

Question 26

Failover

Answer 26

It’s a DNS resolution that routes traffic towards healthy resources and away from unhealthy resources

Question 27

Weighted routing

Answer 27

It’s a DNS resolution that let’s you associate multiple resources with a single domain name (example.com) or subdomain name (www.example.com) and choose what percentage of your traffic goes to each resource

Question 28

Latency-based

Answer 28

It’s a DNS resolution for if your application is hosted in multiple EC2 regions, you can improve performance for users by serving their requests from the EC2 region that provides the lowest latency

Question 29

Multi-value answer routing

Answer 29

• It’s a DNS resolution that allows you to configure Route 53 to multiple values; such as IP addresses for your web servers, in response to DNS queries
• Let’s you check the health of each resource
• It’s NOT a substitute for a load balancer, but the ability to return multiple health-checkable IP addresses is a way to use DNS to improve availability and load balancing

Question 30

Amazon Relational Database services (Amazon RDS)

Answer 30

• Managed service that sets up and operates a relational database in the cloud
• Your main focus becomes your data and optimizing your application; while this service manages the administrative tasks (challenges)
• Basic functionality is the same whether or not it’s running in an Amazon VPC
• Ability to configure your database instance for high availability with a multi-agency deployment
• Does not have any licensing constraints

Question 31

Amazon RDS challenges include:

Answer 31

• Server maintenance and energy footprint
• Software and OS install and patches
• Database backups and high availability
• Limits on scalability
• Data security

Question 32

Amazon RDS database instance

Answer 32

• An isolated database environment that can contain multiple user-created databases and can be accessed using the same tools and applications that you use with a standalone database instance
• Resources found in a database instance are determined by its instance class
• Instances and storage differ in performance characteristics and price
• The database instance is usually isolated in a private subnet and is only made directly accessible to indicated application instances

Question 33

What are the six databases that Amazon RDS supports?

Answer 33

• MySQL
• Amazon Aurora
• Microsoft Sequel Server
• PostgreSQL
• MariaDB
• Oracle

Question 34

Amazon RDS subnet

Answer 34

It’s associated with a single Availability Zone and selecting this chooses an Availability Zone or physical location for your database instance

Question 35

Amazon RDS multi-agency deployment

Answer 35

• When a database instance is configured, Amazon RDS automatically generates a standby copy of the database instance in another Availability Zone within the same VPC
• Transactions are synchronously replicated to the standby copy — which allows for enhanced availability during maintenance and failures/disruptions
• If the master database instance fails, then the standby database instance gets brought online and becomes the master database instance

Question 36

Amazon RDS read replicas

Answer 36

• Allow for you to scale out beyond the capacity constraints of a single database instance for read-heavy database workloads
• Can be promoted to master database instances, but requires manual action due to its asynchronous replication
• Ability to create them in different regions than the master database which can help with disaster recovery requirements or cutting down on latency

Question 37

Amazon RDS use cases:

Answer 37

• Web & mobile applications — high throughput, massive storage scalability, high availability
• E-commerce applications — low-cost database, data security, fully managed solution
• Mobile & online games — rapidly growing capacity, automatic scaling, database monitoring

Question 38

Amazon RDS benefits:

Answer 38

• Supports the most demanding database applications
• Ability to scale your databases compute and storage resources with no downtime
• Runs on the same highly reliable infrastructure used by other Amazon web services

Question 39

AWS Lambda

Answer 39

• Compute service that lets you run code without provisioning or managing services
• Executes code only when needed and scales automatically to thousands of requests per second
• How does it work? — No servers to manage, continuous scaling, and sub-second metering
• Runs code on a highly available compute infrastructure, which provides all administration including — server & OS maintenance, capacity provisioning, Auto Scaling, code monitoring, and logging
• Can be used for event-driven computing

Question 40

AWS Lambda benefits:

Answer 40

• Only pay for the compute you use — it’s ideal for variable and intermittent workloads
• Ability to run code for any application or backend service with zero administration

Question 41

AWS Elastic Beanstalk

Answer 41

• Helps with quickly getting applications into the cloud along with having the whole environments ready so people can begin developing systems
• Provides you with all application services, HTTP services, OS, language interpreter, and host
• Only thing needed is to create your code, deploy it, prepare it to the needs of your service, and then use the application as needed

Question 42

AWS Elastic Beanstalk benefits:

Answer 42

• It’s a Platform-as-a-service (PaaS) — having the ability to put your code over the system since the whole infrastructure and platform are already created
• Allows for quick deployment of applications
• Reduces management complexity
• Keeps control in your hands — ability to choose instance types, databases, Auto Scaling adjustments, etc.
• Supports a large range of platforms (Packer Builder, Single Container, Multi-container, etc.)

Question 43

Amazon Simple Notification Service (Amazon SNS)

Answer 43

• Helps with microservices being able to talk with one another and needing to be decoupled
• Helps with sending emails to administrators about events occurring within your architecture
• Allows for pub/sub messaging for systems like AWS Lambda, HTTP/S and Amazon SQS

Question 44

Amazon SNS characteristics:

Answer 44

• Flexible, fully managed, pub/sub messaging, and mobile communications service
• Coordinates delivery of messages to subscribing endpoints and clients
• Easy to setup, operate, and send reliable communications
• Ability to scale and decouple microservices, distributed systems, and serverless applications

Question 45

Amazon CloudWatch

Answer 45

A monitoring service that allows you to monitor your AWS resources and the applications you run on them in real-time

Question 46

Amazon CloudWatch features:

Answer 46

• Collecting and tracking metrics like CPU utilization, data transfer, disk input/output, etc.
• Monitor services for cloud resources and applications
• Ability to set alarms on any of your metrics so you’ll send notifications or take other automated actions — one of the core features is the ability to automatically react to changes

Question 47

Amazon CloudWatch architecture includes:

Answer 47

• Metrics — CPU utilization and status checks
• Alarms — Can send out an email or SMS notification; also has the ability to trigger Auto Scaling events
• Available statistics

Question 48

Amazon CloudWatch use cases:

Answer 48

• Respond to your state changes in your AWS resources
• Automatically invoke an AWS Lambda function to update DNS entries when an event notifies that an Amazon EC2 instance enters the running state
• Direct specific API records from CloudTrail to a Kinesis stream for detailed analysis of potential security or availability risks
• Take a snapshot of an Amazon EBS volume on a schedule
• Log S3 object level operations using CloudWatch events

Question 49

Amazon CloudWatch components:

Answer 49

• Metrics
• Alarms
• Events
• Logs
• Dashboards

Question 50

Amazon CloudWatch metrics

Answer 50

• A component of AWS CloudWatch that encompasses the data about the performance of your system
• Represents a time ordered set of data points that are going to be published by CloudWatch
• Can publish your own data for an additional fee
• By default, several services provide free metrics for resources such as EC2 instances, EBS volumes, and RDS DB instances

Question 51

Amazon CloudWatch alarms

Answer 51

• A component of Amazon CloudWatch that watches a single metric
• Can perform one of more actions based on the value of the metric
• Actions include EC2 action (start, stop, reboot, etc.) and Auto Scaling action (adding more instances, notification sent via SMS, etc.)
• Invokes actions for sustained state change only

Question 52

Amazon CloudWatch events

Answer 52

• A component of Amazon CloudWatch that is a near real-time stream of system events that describe changes within your AWS resources
• Uses simple rules to match events and route them to one or more target functions or streams
• Aware of operational changes as they occur and responds to such changes while taking corrective action as necessary
• Ability to schedule automated actions that self-trigger at certain times using Cron or rate expressions

Question 53

Amazon CloudWatch logs

Answer 53

• A component of Amazon CloudWatch that monitors and troubleshoots systems and applications using existing log files
• Features include the ability to monitor logs from EC2 instances and CloudTrail events in real time
• Includes an installable agent for Ubuntu, Amazon Linux and Windows at no additional charge
• Ability to do data processing

Question 54

Amazon CloudWatch dashboards

Answer 54

• A component of Amazon CloudWatch that allows you to create customizable home pages in the console to monitor your resources in a single-pane of glass
• Ability to create customized views of the metrics and alarms for your AWS resources
• Can create these by either using the console, the AWS CLI, or by using the API

Question 55

Amazon CloudFront

Answer 55

• A fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds; while all within a developer-friendly environment
• Uses a global network of 80+ locations and more than 10+ regional edge caches for content delivery
• Ability to leverage multiple locations around the world to deliver your content with lower latency

Question 56

Content Delivery Network (CDN)

Answer 56

• A network that allows you to save money due to its lower rates on data transfer
• Integrated in all AWS services such as Web Application Firewall, Certificate Manager, S3, etc.

Question 57

How to create a CDN:

Answer 57

• First, click ‘Create Distribution’ on the AWS Management Console
• Second, choose what type of delivery network you’d like to create (RTMP or Web) — RTMP is for video streaming while Web is for other usual content delivery
• Third, you must specify at least one origin and one behavior

Question 58

CDN uses cases:

Answer 58

• Static Asset Caching
• Live and On-Demand Video Streaming
• Security and DDoS Protection
• API Acceleration
• Software Distribution

Question 59

Amazon CloudFormation

Answer 59

• A service that simplifies the task of repeatedly and predictably creating groups of related resources that power your applications
• All about automatic resource provisioning
• It calls upon API’s to tell the service what to do
• Fully managed service — so there’s no infrastructure to support
• It can create, update, and delete resources and sets known as ‘stacks’
• Organizations rely on this service to build out template libraries

Question 60

Big picture process of Amazon CloudFormation

Answer 60

This service reads your template file, constructs the resources listed there, and the output of this process is your environment (or stack)

Question 61

Amazon CloudFormation stacks

Answer 61

• Resources generated by a template and also a unit of deployment
• When you delete one of these, all the resources in this environment are deleted
• Most organizations modularize these by creating separate templates for networking, security, and applications

Question 62

Amazon CloudFormation templates

Answer 62

• Instructions on resources to provision
• These can create a single resource stack or a stack with hundreds of resources
• They’re text files written in either JSON or YAML format
• An example of infrastructure as a code — meaning you control your infrastructure through software code
• Added benefit is if you provision your environment using these, they become a form of documentation for your environment

Question 63

Amazon CloudFormation template files

Answer 63

• Same information you would specify if you built stacks manually through the console
• Uses specific formatting constructs, but resource and property information stays the same
• Added benefit is you don’t have to list resources in the exact order of creation — the DependsOn attribute controls the order CloudFormation creates resources so you can build a sequence of events
• Ability to add parameters and conditions to use these repeatedly to create different but similar stacks

Question 64

Two critical requirements for running Amazon CloudFormation:

Answer 64

• Templates — if these have an error, CloudFormation stops processing and rolls back any objects already created from the template
• Permissions — Whoever is having the template processed must have permissions to the services referenced in the template