Cloud computing and AWS

What I learned from AWS Certified Solutions Architect Associate All-in-One Exam Guide, Second Edition (Exam SAA-C02), 2nd Edition

(Images from this article are from this book. Please let me know if I had infringed on the copyright.)

cloud computing types

On demand — just like you can switch on a light on demand to use the electricity, you can provision resources on demand

accessible from the internet — you can provision resource anywhere in the globe. You can also connect to cloud computing provider directly bypassing the public internet.

Pay-as-you-go — you only pay for what you use. For example, if you use a ec2 for hours, you will only be charged for usage of 2 hours.

With cloud computing, you don’t need to purchase hardware yourself. It is hard to guess the right amount of hardware to purchase. You may overprovision or under-provision hardwares. Sometimes, you just need more hardware for a certain period of time, such as during black friday sells, when you have a lot of traffic. Using cloud helps you avoid guessing about the capacity.

Procurement sometime could take months. By using cloud, you gain agility.

It makes experimentation easier. If you purchase hardware yourself, when you need to experiment with a new project, you will need to ask for approval for purchase of new hardware; after 3 months, you find the project does not make sense, then the hardware is wasted. Or you may want to experiment with a different project requires different hardware. Each time you have to ask for approval and could be left of unused hardware. Clouding computing solves this problem.

Massive economic of scale. Since hundreds of thousands of customers are aggregated into the cloud, you get to pay low prices, just like Costco that sell in bulk results in prices 10% to 15% chapter than other places.

AWS saves you from managing a data center and what comes with it, such as space, staff, power, security.

Takes advantage of innovation. Customers benefits from new features and innovation AWS is constantly making.

Ease of hosting at a different part of country or globe, for disaster recovery or for business expansion. If you set up a data center yourself, it would take about 3 to 6 months.

modes

Iaas: Infrastructure as a Service. It is like your own data center in the cloud, you have complete control over compute, storage, networking etc.

PaaS: Platform as Service. AWS manages the infrastructure for you so you don’t need to worry about patching, upgrading etc.

Saas: Software as Service. Instead of installing software on your computer, you just use software hosted in the cloud. Like Salesforce.

With IaaS, you need to manage from database to applications. With PaaS, you just need to deploy applications. I think Heroku is like that.

cloud computing deployment mode

All-in cloud. Host everything in cloud, no own data centers. Including migrating existing applications to the cloud.

Hybrid. Some organization already made huge investment in data centers and it is not easy to migrate every legacy application to the cloud. They can create a roadmap to migrate to cloud and deploy new application the cloud.

Private cloud. Instead of giving a whole server to a project, this is using virtualization to partition servers to “computing node” and assign that to projects.

History of AWS

Amazon realized it could offer its excess capability to developers and other businesses, that how it started at 2006.

AWS infrastructure

A region is a cluster of data centers. A region could contain several availability zones (AZ).

A AZ could contain one or several data centers.

A AZ is insulated from failures in another AZ. They’re located such that it is unlikely a natural disaster could take down two or more AZ at the same time. AZs are connected via high speed, low latency fiber optic cables. The latency is less than 1 digit. You can replicate data between AZ to take advantage of high speed and failover to another AZ in case one AZ is down.

A local zone is to complete a region. It is located near the user. A local zone does not have all services offered in a region. A local zone is connected to a region via high speed private network.

Edge location. Closer to end users, present in most major cities. Serve CloudFront and Route 53. Mainly used as CDN.

Regional edge cache. Sites between main servers and edge locations. Store cache for edge locations.

Security

AWS handles the physical security of the data center. Customer handles the application security for applications in the cloud.

As the image shows customer is responsible for networking encryption, such https I think.

AWS is secure for HIPAA and PCI data. AWS earned many certifications including these two.