Welcome!

Java Authors: Jerry Melnick, Liz McMillan, Esmeralda Swartz, Elizabeth White, Tim Hinds

Related Topics: Cloud Expo, Java, SOA & WOA, Virtualization

Cloud Expo: Blog Post

AWS - Amazon Web Services - for Newbies

Amazon Web Services high level introduction

This blog post is a summary of AWS (Amazon WebServices and is gleaned from Jeff Barr's webcast, here: http://youtu.be/CaJCmoGIW24).

I will simply explain each box in the above picture, at a high level, and explore further in future blog posts as I delve further into AWS.

(AWS is an abbreviation for Amazon Web Services)

Amazon Global Physical Infrastructure
AZ
- Amazon zone - When you create an Amazon instance, you can select a region for your instance - USA, Eerope, AsiaPacific, Government/Federal. Separated zones - provided to allow for separate datacenters, power cooling and high availability.

Compute
Amazon EC2
- This is AWS' elastic compute cloud, the virtual hardware that makes up a customer's virtual datacenter that they store in the Amazon cloud. It is on-demand compute power that can scale up and down as needed; add/remove VMs as needed. Virtual hardware such as: virtual servers, Storage Attached Network, Firewalls and load balancers. Essentially the infrastructure. EC2 is AWS's IaaS run on XEN.

Instance - AMI  - Amazon Machine Instance. An Amazon Virtual Machine on the XEN platform. AMI template from which VM is created and comes with a base Operating system: Windows, Linux, FreeBSD or openSolaris which can then be customized with additional software.

There are three payment models to pay for an AWS instance:

  • on-demand - You pay list prices, for clock hour of services ued
  • reserved instance - Pay up front for 1-3 years.; a lower hourly rate
  • spot pricing - You bid to pay a certain price at a certain hour. then AWS establishes price for hour of compute time; re-evaluate market based on demand. This is often used in financial apps and biotech.

Instances are secured as follows:

  • Security Groups - firewall, assign rules to a group, those rules only apply to systems in that group. VM belong to many groups. F/W on VM and network. Performance implication? only incoming not outgoing rule sets.
  • keypair - used for linux SSH access or to decrypt the Windows Administrator password.
  • inbound firewall All traffic is blocked by default until you create a rule to allow the traffic.

Storage
S3
- Simple Storage Service. This is AWS's  object storage. Cloud based storage that is durable and can scale to high amounts of data. AWS's primary storage accessible through console, API, erd party tools. You place files as needed, no need to pre-allocate storage, it will scale as needed and has a sophisticated access control mechanism.

Elastic Block Storage - Block level storage, essentially a virtual hard-drive on which you can store files, a database. You can create snapshots of an EBS and perform backup, recovery or replication to/from different environments, eg: test to production.

Network
Amazon VPC -  Virtual Private Cloud.
You can create isolated part of AWS and get full control of nnetworks, subnets, encrypted VPN gateways, Internet gateways. Often used by Enterprise and government customers customers.

LB - This allows you to load balance traffic across multiple EC2 instances to provide fault tolerance.

Route 53 - This is AWS's DNS, domain name service. It allows you to manage the DNS entries for your web applications.

Database
Amazon RDS - Relational Database System.
You can get an instance of MYSQL or Oracle 11g. AWS performs the automated backup, scaling, patches and provides multiple redundant copies of the database.

Amazon SimpleDB - A simple database. You store data pairs in this redundant database that does not require schema updates. SmipleDB is not a relational database. It is good for heavy read applications, not transactions nor data requiring complex relationships.

Parallel processing
EMR - Elastic Map Reduce -
This allows you to perform Hadoop style large scale parallel processing of data without the setup or configuration of Hadoop clusters. Examples are indexing, data mining, log file analysis, data warehousing, bio-informatics analysis and machine learning.

Payments
Dev Pay -
Allows businesses to do online billing and account management, that make it easy for business to sell applications built on AWS. Customers can pay for your application using their existing Amazon accounts.

FPS - Flexible Payment Service - Allows customers to pay for goods purchased on your application hosted on AWs, using the customer's existing Amazon payments system.

Content Delivery
Cloudfront -
AWS's CDN Content Delivery Network - You can deliver static or dynamic content worldwide with as low a latency as possible. AWS moves content from S3 to localized servers. You get a URL from cloud front.

Workforce
Mechanical Turk
- This allows developers to tap into the international market of low-cost labor to perform repetitive "HITs" or Human Intelligence Tasks and then integrate the results of those tasks into their applications. For example: transcribing audio, identifying objects in video/photo or researching data details.

Messaging
SNS
- Simple Notification Service, Allows you to publish/subscribe per topic basis. this allows developers to publish messages from an application and immediately send them to subscribers (over HTTP,email, SMS). Subscribers don't need to poll/check for new messages.

SQS - Simple Queue Service - Allows you to buffer work on a queue; a hosted queue for storing messages as they travel between computers.  Developers can move data between applications/computers.

Email
SES
- Simple Email Service - AWS's bulk and transactional email sending service.

Authentication/Authorization
IAM
- Identity Access Management - Allows you to create individual user accounts with fine grained permissions and also access your corporate Directory stored outside of AWS.

MFA -MultiFactor Authentication - Users who authenticate using MFA, first enter a password, then a code from their MFA device. Something you know plus something you have.

Monitoring
Cloudwatch
- monitoring metric data from Load Balancers etc

Deployment and Automation
Elastic Beanstalk  -
You upload an application and AWS creates runtime environment, takes care of databases, load balancers upgrades.

Cloud Formation - Provides templates for AWS infrastructure, security groups, design architecture and make copies on a repeatable basis.

Libraries and SDKs
Allows you to write code to use services using .Net, JAVA, Python

Web interface
The web based AWS management console

Tools
Toolkit for Eclipse to build applications hosted on AWS.

Command line Interface
Use existing build tools, launch instances, create storage buckets, allows you to use make files and build scripts.

More Stories By Jonathan Gershater

Jonathan Gershater has lived and worked in Silicon Valley since 1996, primarily doing system and sales engineering specializing in: Web Applications, Identity and Security. At Red Hat, he provides Technical Marketing for Virtualization and Cloud. Prior to joining Red Hat, Jonathan worked at 3Com, Entrust (by acquisition) two startups, Sun Microsystems and Trend Micro.

(The views expressed in this blog are entirely mine and do not represent my employer - Jonathan).