Well Architected Framework WP - Operational Excellence

Question 1

Operational Excellence

Answer 1

practices and procedures for managing production workloads

how planned changes are executed and responses to unexpected events

change execution and responses should be automated. All processes should be documented, tested, reviews

Question 2

Design Principles (PAMRAL)

Answer 2

Perform operations with code

Annotated documentation

Make frequent, small reversible changes

Refine operations procedures frequently

Anticipate Failure

Learn from all operational failures

Question 3

Definition of Operational Excellence (POE)

Answer 3

Prepare

Operate

Evolve

Question 4

Preparation for Operational Excellence

Answer 4

To prepare consider:
operational priorities
design for operations
operational readiness

======

use checklists to ensure workloads are ready for production

Workloads should have runbooks and playbooks

runbook - operations guidnace

playbook - for responding to unexpected events

Question 5

Preparation best practices

Answer 5

In AWS use Cloudformation to ensure environments have all required resources and configuration is based on tested best practices

Use Autoscaling

Use AWS Config to make rules for automatically tracking and responding to changes

Use tagging

Question 6

Preparation questions

Answer 6

what best practices are you using

how are you doing configuration management

Keep documentation current

Question 7

Operational Excellence - Operations

Answer 7

operations should be standardized and managemable

Focus on automation, small frequent changes, QA testing

Use logs and metrics

Setup pipelines for continuous integration and deployment

Should be able to revert changes

Question 8

Operations - questions

Answer 8

How are you evolving your workload while minimizing impact of change

how do you monitor workload

Question 9

Operational Excellence - Responses

Answer 9

responses should be automated

for alerting, mitigation, remediation, rollback and recovery

responses should follow a predefined playbook

in AWS you can use SNS for some of this

Question 10

responses questions

Answer 10

how do you respond to unplanned events

how is escalation managed when responding to unplanned events

Question 11

Key AWS Services for defining priorities

Answer 11

AWS Config inventories your AWS resources and configurations

Service Catalog creates stand set of service offerings

Use autoscaling, SQS to increase automation

Question 12

Key AWS Services for Operations

Answer 12

Codecommit
Code Deploy
Code Pipeline to manage code changes
Cloud Trail to audit

Question 13

Key AWS Services for Responses

Answer 13

Cloudwatch alarms for setting thresholds for alerting, notification

Cloudwatch events for triggering notifications and automated responses

Question 14

Key AWS Services for defining priorities / preparation

Answer 14

AWS Support, including support center. Business and Enterprise Support customers get access to additional checks and reviews

AWS Cloud compliance for regulatory, compliance requirements

AWS Trusted Advisor for optimizations

Question 15

Key AWS Services for designing for operations

Answer 15

Cloudwatch to monitor resources and applications
CloudFormation to create version-controlled templates for your infrastructure
DeveloperTools to enable safe, rapid delivery of software
AWS X-Ray to trace user requests through entire application for analysis, debugging

Question 16

Design for Operations - Key Points

Answer 16

View entire workload as code, define and update as code.

Align engineering practices for defect reduction, rapid fixes. Use logging for visibility into architecture

Question 17

Key AWS Services for operational readiness

Answer 17

AWS Lambda to enable operational procedures as code that can be triggered by events

AWS Config to track changes to CloudFormation Stacks

EC2 Systems Manager to automate management tasks on EC2 instances

Question 18

2 Considerations for Operational Success

Answer 18

Understanding operational health

responding to events

Question 19

Operate - Understanding Operational Health

Answer 19

To understand Operational Health, use metrics to implement dashboards

Send log data to CloudWatch Logs, define baseline metrics

Send CloudWatch Logs to Elasticsarch and use Kibana

Question 20

AWS Service health and personal health dashboards

Answer 20

In the AWS Shared Responsibility Model, these provide portions of monitoring to you for alerting and premeditation guidance when AWS experiences events

Question 21

Key AWS Services for understanding Operational Health

Answer 21

CloudWatch - metrics, dashboards
CloudWatch Logs - monitor, store logs from various sources
ElasticSearch (ES) - use for log analytics, monitoring
Personal Health Dashboard - alerts, remediation when AWS experiences issues
Service Health Dashboard - shows realtime AWS service availability

Question 22

Operate - Responding to Events

Answer 22

Anticipate planned and unplanned operational events

AWS lets you script responses and trigger their execution via code

Automate execution of runbook and playbook actions

Question 23

Ways to automatically respond to events

Answer 23

create CloudWatch rules to trigger responses through CloudWatch Targets like Lambda functions, SNS Topics, ECS Tasks

CloudWatch alarms that perform actions using EC2 actions, AutoScaling actions or sending SNS notifications to SNS topic

Use SNS to invoke Lambda

Question 24

Key AWS Service for responding to events

Answer 24

AWS Lambda to define operational procedures as code that can be triggered

also:
CloudWatch - collect logs, metrics, enables triggered execution of events
CloudWatch Events - deliver realtime stream of events that can be matched to rules
SNS - lets you invoke Lambda
AutoScaling
EC2 Systems Manager - automate management tasks on EC2 instances

Question 25

Evolve

Answer 25

Continuously improve over time

implement small, frequent changes

Learn from experience

Share learnings

Question 26

Evolve - what to do with aggregated logs in AWS?

Answer 26

create detailed history of all your operational activities, workloads and infrastructure to analyze operations over time

Question 27

Evolve - how to use CloudTrail?

Answer 27

track API activity to know what’s happening across your accounts

Track AWS developer tools activities with CloudTrail and CloudWatch

These add detailed activity history of deployments and outcomes to CloudWatch Logs data

Question 28

Evolve - why ingest CloudWatch Logs data into ElasticSearch?

Answer 28

to use built in support for Kibana to create visualizations and perform analysis

Question 29

Evolve - why export CloudWatch data to S3?

Answer 29

To analyze it with Amazon Athena and use Quicksight to perform analysis, create visualizations

Question 30

Key AWS Services for Evolving

Answer 30

ElasticSearch to analyze log data and gain insights

also:
Amazon Quicksight - BA service for visualization, analysis
Amazon Athena - serverless interactive query service to analyze data in S3
S3 - collect and archive logs
CloudWatch - collect logs and metrics, create dashboards

Question 31

Evolve - ways to share learnings

Answer 31

Use IAM to give access to resources across accounts

Use AWS CodeCommit to share applications, procedures, libararies, documentation

Share compute standards by giving access to AMIs

Share CloudFormation templates

Authorize lambda functions across accounts

Question 32

Key AWS Services for sharing learnings

Answer 32

IAM

also:
SNS - notify subscribers when resources are published
CodeCommit - version controlled repository for operations as code
Lambda
CloudFormation - standardized templates
AMI’s