Module2: Introduction to Cloud Architecting Flashcards
Role of the cloud architect
Apply best practice for a cloud service aiming at meeting technical and business needs through the application of the AWS well architected framework
Cloud Architect mindset
Backward: From the business need to the architecture
Year of Commercial appearance of AWS
2006
First AWS services
Amazon Simple Queue Services (SQS)
Simple Storage Services (S3)
Amazon Elastic Cloud Compute (EC2)
Cloud architecting lifecycle
Plan: Set technical strategies with business leads
Analyse solution to business need
Research: Investigate cloud services and workload requirement
Review existing architectures
Design prototype solutions
Build: Design the roadmap with milestones work streams and owner
Manage adoption and migration
6 Pillars of the AWS well architected framework
- Operational Excellence
- Security
- Reliability
- Performance Efficiency
- Cost optimisation
- Sustainability
The operational Excellence pillar
- Run and Monitor systems that deliver business value
- Continually improve supporting processes and procedures
- View the entire workload as code
The security pillar
*Strong identity foundation (who has a key)
*Traceability (who opened a door)
*Security at all layers (Not because you enter the building that you can go into the safe)
*Risk assessment and mitigation strategies (if fire where are extinguishers, exit routes)
The Reliability pillar
*Recover quickly
*Dynamically meet demande
*Mitigate disruptions
The Performance efficiency pillar
*Choose and maintain efficient resources
*Democratize advanced technologies
*Employ mechanical Sympathy (use a tool with the knowledge of how it operates best)
The cost optimization pillar
*Measure efficiency
*Elimiate uneeded expense
*Adopt the right consumption model
*Consider using managed services
The sustainability pillar
*Establish sustainability goals
*Maximize utilisation
*Choose efficient hardware and software
*Reduce downstream impact
The AWS WA Tool
Review your workload and compare to best practices.
Delivers action plan
Provide a step by step guidance
consistent process to review and measure the architecture
Accessible in the management console
What is a trade off?
what you prioritoze depending on your need. But what you gain on one side, you may loose in the other:
Cost vs performance
Consistency and durability vs latency
…
Base your trade on empirical data and testing
What are anti patterns?
Bad solution design
Where should we be scalable ?
At every layer (everywhere)
How to be scalable?
Amazon CloudWatch can detect the load on the server CPU. A certain load for a certain period can trigger the increase or decrease of capacity through an alarm.
The alarm will trigger EC2 Auto Scaling.
Should go both ways (Up and down)
What is being elastic
Capacity to adjust resources up and downward to the workload
Best practice 1 :
Scalability
How are scalability and automation linked
With automation, you save time in being reactive to the workload
Best practice 2:
Automation
How to automate
CloudWatch => EC2 auto scaling => Automatic alarms => Log and tracking
Best Practice 3:
Use IaC
What’s IaC
infrastructure as Code: Provision your infrastructure as code (programmatically) instead of doing it manually.
Deploy duplicate, reduce config error, propagate changes…
Common use of IAC
Build test and deploy applications
Best practice 4:
Treat ressources as disposable.
Automate, test, stop, replace, update.
Don’t get attached. Ressources are kleenex. Good hygiene is to replace,
Best practice 5:
Loosely coupled components
What does loosely coupled components mean
Don’t make your infrastructure too rigid by tighing components togethers. Use tool like Elastic Load balancing to dynamically engage ressources, handle failures and scale components.
Two solutions to decouple components?
*Load balancer
*Message queues
Best practice 6:
Design services not servers
Design services not servers: meaning?
EC2 let’s you design your server.
But!! Don’t rely only on that.
Use Container or serverless solutions when appropriate.
Message queues to communicate
Web assets can be stored off server (S3)
Authentification can be handled by aws.
Services supporting best practice 6:
Lambda functions
SQS messaging
DynamoDB (no sql database)
ELB (Loa balancer)
SES (Simple email)
Cognito (Identification)
Best practice 7:
Choose the right database
How to choose the right database?
Read and write neeeds
Storage requirements
Object size and nature
Durability requirements
Latency requirements
# of users
nature of queries
strength of integrity control
Best practice 8:
Avoid single points of failure
How to think to avod single points of failure?
Assume everything fails. Then design backwards
How to avoid single point of failure?
Duplicate when needed to min. downtime depending on your SLAs.
Common practice is to have a secondary database server provisionned with an image of the primary at regular intervals. If the primary goes offline then secondary takes over
Best practice 9:
Optimize for cost
How to optimize for cost
WHAT METRICS SHOULD I MONITOR
RIGHT SIZING
TURN OFF
HOW FREQUENT DO I NEED THIS RESSOURCE
CAN I REPLACE WITH MANAGED SERVICES
Best practice 10:
Use caching
What is caching
technique where upon first request, data is temporarily stored closer to the user, and reused for the subsequent request. Allows to make dat available more quickly
What does caching rely on?
Cloud Front and edge location
Benefits of caching
Quicker (Low latency) but also cheaper because not pulled from S3 anymore when cached.
Best practice 11:
Secure the entire infrastructure
How to secure the entire infrastructure?
Use managed ressources
Log
Isolate
Encrypt at rest and in transit
Granular access control
MFA
Automate deployments to keep security consistent
Key takeaways: Best practices for building solutions on AWS
As you design solutions, evaluate trade-offs and base your decisions on empirical data
Follow these best practices when building solutions on AWS:
Implement scalability
.Automate your environment.
Treat resources as disposable
.Use loosely-coupled components.
Design services, not servers.
Choose the right database solution
.Avoid single points of failure.Optimize for cost
.*Use caching.
*Secure your entire infrastructure
Regions
32
AZ
102
Data centers
200
What geographical feature for low latency ?
PoPs (Point of presence)
Regional Edge Caches
=> Edgel locations
Why choose a spcific region
Regulation and conformity to laws applicable to org
Why choose a specific Availability Zone
To keep close to user and reduce latency
Why choose multiple AZ
To mitigate risks
AWS Gov CLoud
Restricted access for sensitive data requires special authorization
Are regions isolated
YES
Several AZ in region can one fail without impacting the others?
Yes. Built for failure independance. Located low risk site with power supply.
Plan for disaster and distribute accross AZ
Local Zones
Exist close to areas wher no region exists to lower latency
Define Operational Excellence in the context of the Well-Architected Framework.
The ability to run and monitor systems to deliver business value and continually improve processes and procedures.
Explain Reliability in the AWS Well-Architected Framework.
The ability of a system to recover from failures and meet customer demands.
What are Well-Architected Tool’s main functions?
To assess workloads against the Well-Architected Framework and provide recommendations.
What is the importance of “failover” in Reliability?
Ensuring that applications can automatically switch to a backup system in case of failure.
How does AWS CloudTrail contribute to security?
By logging and monitoring account activity to track changes and detect anomalies.
Define “decoupling” in system architecture.
Designing systems so that components are independent, reducing the impact of failures.
What is the significance of Auto Scaling in Performance Efficiency?
Automatically adjusts resources to maintain performance and minimize costs.
What is Amazon CloudFront?
Content Delivery Network (CDN) that speeds up the distribution of static and dynamic web content.
How many Availability Zones are typically found in an AWS Region?
A) At least one
B) Two or more
C) Five
B
Which AWS service helps monitor resource utilization?
A) CloudWatch
B) CloudFormation
C) IAM
A
What is the primary function of AWS Auto Scaling?
A) Load balancing
B) Cost allocation
C) Dynamic resource adjustment
C
What is the main purpose of Edge Locations?
A) Hosting databases
B) Providing low-latency content delivery
C) Managing User identitites
B
What does AWS Config help with?
A) Performance metrics
B) Tracking resource compliance and changes
C) User management
B
What is a common strategy for improving Reliability?
A) Reducing redundancy
B) Implementing failover solutions
C) Increasing costs
B
In the context of the Well-Architected Framework, what is “decoupling”?
A) Combining services for efficiency
B) Isolating components to improve resilience
C) Reducing costs by eliminating services
B
Which service is used to create a secure network infrastructure?
A) VPC
B) S3
C) EC2
A
