global infrastructure

Question 1

What IS Global Infrastructure?

Answer 1

Global Infrastructure is globally distributed hardware and data centers.

Question 2

Global Infrastructure: Building Blocks

Answer 2

1. Regions (25)
2. Availability Zones (81)
3. Direct Connection Locations (108)
4. Points of Presence (275+)
5. Local Zones (11)
6. Wavelength Zones (17)

Question 3

Regions: basic def

Answer 3

Regions are geographically distinct locations consisting of one or more Availability Zones.

Question 4

Every region is independent from other regions in terms of these 3 things:

Answer 4

• Location
• Power
• Water Supply

Question 5

Most important region (and why)

Answer 5

US-East 1 (North Virginia)

• New services available here first.
• All billing appears here.

Question 6

Regions: basic characteristics

Answer 6

• Each region generally has 3 AZs. Some new users could be limited to 2
• Cost varies by region
• Not all services available in all regions

Question 7

4 factors to consider when choosing a region

Answer 7

• What is the regulatory compliance associated with this region.
• What services are available in that region?
• Cost?
• Distance to end users.

Question 8

How is a service associated with a Region?

Answer 8

AWS Management Console is scoped by a specific Region.

This implicitly determines where an AWS service is launched.

By contrast, Azure and GCP ask you to explicitly specify a region when launching a service.

Question 9

Regional vs Global services

Answer 9

Some AWS services operate across regions. For these services, the selected Region will be Global.

EG: Amazon S3, CloudFront, Rout53, IAM

Question 10

Availability Zones: Defn.

Answer 10

An Availability Zone (AZ) is a physical location made up of one or more datacenters.

Question 11

How is High Availability achieved?

Answer 11

Run workloads in at least 3 AZs. This is why Amazon tries to have at least 3 AZ/Region.

Question 12

How are AZs designated?

Answer 12

a, b, (eg us-east-1a)

Question 13

Subnet need info

Answer 13

subnets are related to AZs. Need more details about that. Perhaps

Question 14

Fault Tolerance: What is a Fault Domain

Answer 14

A fault domain is the section of a network that is vulnerable to damage if a system fails. Anything outside the Fault Domain would NOT be effected by the system failing.

Question 15

Fault Tolerance: What is a Fault Level

Answer 15

A fault level is a collection of fault domains. EG us-east-1 (Region) is a fault level made up of 2 fault domains (us-east-1a and us-east-1b).

Question 16

Fault Tolerance: Examples of Fault Domains

Answer 16

• Each AZ is designed as an independent failure domain.
• specific servers in a rack
• entire rack in a datacenter
• entire room in a datacenter
• entire datacenter building

Question 17

Fault Tolerance: Best strategy for High Availability

Answer 17

Partition your application across multiple AZs. AZs are isolated from concurrent failure with respect to:

• power outages
• lightning
• tornadoes
• floods
• earthquakes

Question 18

Backbone of AWS is nickname for 2 things:

Answer 18

The AWS Global Network

EC2

Question 19

AWS Global Network: conceptulaized as

Answer 19

A private expressway.

Question 20

AWS Global Network: _________ can act as on/off ramps for AWS Global Network.

Answer 20

Edge Locations

Question 21

AWS Global Infrastructure: What uses Edge Locations as on-ramps? (i.e. to reach from one Region into another)

Answer 21

• AWS Global Accelerator
• AWS S3 Transfer Allecelation
  *

Question 22

AWS Global Infrastructure: What uses Edge Locations as off-ramps

Answer 22

Amazon CloudFront (CDN) to provide Edge storage and compute near end user.

Question 23

AWS Global Infrastructure: Role of VPC Endpoints

Answer 23

Ensure my resources stay within the AWS Network (off the public internet).

Question 24

Points of Presence (PoP): def, examples

Answer 24

Pop is an intermediate location between an AWS Region and the end user.

Could be a datacenter or collection of hardware.

Examples:

• Edge Locations
• Regional Edge Caches

Question 25

Points of Presence (PoP): 2 levels of cacheing:

Answer 25

CLOSEST: Edge Location: Datacenter that holds cache of popular data to speed delivery to end user.
INTERMEDIATE: Regional Edge Location: Holds much larger cache of less-popular files.

Question 26

PoP: Tier 1 Network def

Answer 26

A network that can reach every other network on the internet without purchasing IP transit or paying for peering. TODO, what does THAT mean?

AWS AZs are all redundantly connected to multiple tier-1 transit providers.

Question 27

What AWS Services use PoP to speed content delivery or upload?

Answer 27

Amazon Cloudfront is a Content Delivery Network (CDN) service. I point to CloudFront, and it figures out which Edge Location to use to speed data xfer.

Amazon S3 Transfer Acceleration. I generate a special URL that can be used by end users to upload files to a nearby Edge Location. From there it can move fast within the AWS Network to reach S3.

AWS Global Accelerator. can find optimal path from end user to my web-servers. Deployed within Edge Locations. User traffic goes to the Edge Location, not all the way to my web server. Boosts my web server performance without duplicating the web server in different regions.

Question 28

AWS Direct Connect: What is it? What are the 2 connection options?

Answer 28

A (very fast) dedicated connection between my local infrastructure (my own VMs) and AWS.

1. Lower bandwidth (50MBps to 500MBps)
2. Higher bandwidth (1GBps to 10GBps)

Question 29

AWS Direct Connect: Good for, not so good for

Answer 29

Helps reduce network costs

Helps increase bandwidth

Provides consistent network experience

NOT necessarily secure (would require AWS VPNs for that).

Question 30

AWS Direct Connection Location: defn

Answer 30

Direct Connect Locations are trusted partnered datacenters that you can establish a dedicated high speed low-latency connection from your on-prem to AWS.
EG: The Allied Data Centers 250 Front Street in Toronto.

Question 31

AWS Local Zones: defn, example name, use

Answer 31

Datacenters located very close to densely populated area to provide single-digit millisecond low latency performance (eg 7ms) for that area.

EG: us-west-2-lax-1a in Los Angeles.

Only specific AWS Services are available on Local Zones.

Question 32

AWS Local Zones: How to access

Answer 32

Local Zones look like an AZ, but you have to opt in to use it.

Question 33

AWS Local Zones: Purpose

Answer 33

Support highly-demanding applications sensitive to latencies:

• Media and Entertainment
• Electronic Design Automation (semiconductor design)
• Ad-Tech (automated advertising campaigns)
• Machine Learning

Question 34

AWS Wavelength Zones: Def, how to use

Answer 34

Edge-computing on 5G Networks.

Apps have ultra-low latency being as close as possible to users.

How to use:

1. create a subnet tied to a Wavelength Zone
2. Launch VMs to edge of the targeted 5G Network

Question 35

AWS Global Infrastructure: What is Data Residency?

Answer 35

The physical or geographical location where an organization or cloud resource resides.

Question 36

AWS Global Infrastructure: What are Compliance Boundaries?

Answer 36

A regulatory compliance (legal requirement) by a government or organization that describes where data and resources are allowed to reside.

Controls are put in place to insure data stays in Canada (eg).

Question 37

AWS Global Infrastructure: What is Data Sovereignty?

Answer 37

The jurisdictional control or legal authority that can be asserted over data because its physical location is within jurisdictional boundaries.

Question 38

AWS Global Infrastructure: How can we meet data location requirements?

Answer 38

1. AWS Outposts: Physical rack of servers. Expensive!
2. AWS Config: Policy as Code service. I create rules. I get alert or possible auto-remediation if policy is broken.
3. IAM Policies: Can be written to deny access to regions via Service Control Policy (SCP).

Question 39

AWS for Government: GovCloud: What is FedRAMP

Answer 39

Federal Risk and Authorization Management Program. A US government-wide program that provides a standardized approach for security and authorization.

Question 40

AWS for Government: What is GovCloud

Answer 40

AWS GovCloud Regions where FedRAMP workloads can be run.

Can be used to host sensitive controlled unclassified information.