Better, Faster, Stronger web apps with Amazon Web Services

moneygascityInternet and Web Development

Dec 8, 2013 (3 years and 8 months ago)

63 views

Simone Brunozzi ( @simon )
Senior Technology Evangelist, Amazon Web Services
Better, Faster, Stronger web apps
with Amazon Web Services
“Knowledge starts
from great questions.”
(from the previous presentation)
“Knowledge starts
from great questions.”
grows
grows
with inspiring answers”
with inspiring answers”
BETTER
CloudSearch
Going Global
AWS Support
AWS Data Pipeline
Elastic Load Balancer
FASTER
CloudFront
DynamoDB
ElastiCache
Elastic Beanstalk
STRONGER
Security
IAM
VPC
Securing Apache/NGINX
Durability
BETTER
FASTER
STRONGER
CloudFront
DynamoDB
Security
IAM
CloudSearch
VPC
Going Global
ElastiCache
Securing Apache/NGINX
AWS Support
AWS Data Pipeline
Durability
Elastic Beanstalk
Elastic Load Balancer
BETTER
FASTER
STRONGER
AWS Data Pipeline
Process/Move data
To/From AWS or on-premise sources
Scheduled intervals
(Video)
BETTER
FASTER
STRONGER
AWS Support
One-on-one, fast response
support channel
Always available
Experienced
support engineers
x
y
Four Different plans
9
AWS Support: a Swiss knife
9
Reactive
troubleshooting
with AWS
Help to get started
availability
Recommendations
on security, costs, and
Discuss architecture
and best practices
annual AWS feature
releases
Integrate the 150+
3rd party software
Configuration help
for a growing list of
AWS Support: a Swiss knife
AWS Support plans
Free
10
Basic
49 $ / month
Developer
(Min: 100 $)
% of your AWS
monthly bill:
10%: 0-10k
7%: 10k-80k
5%: 80k-250k
3%: 250k+
Business
(Min: 15,000 $)
% of your AWS
monthly bill:
10%: 0-150k
7%: 150k-500k
5%: 500k-1M
3%: 1M+
Enterprise
What do you get? (1)
11
Basic
Developer
Business
Enterprise
YES
Customer Service 24/7/365
YES
YES
YES
YES
Support forums
YES
YES
YES
YES
Documentation, guides
YES
YES
YES
health checks
Access to Technical support
E
P/C/E
P/C/E/TAM
-
Named contacts
1
5
Unlimited
-
Response time
12 hours
1 hour
15 minutes
-
Architecture support
Building blocks
Guidance
App Architecture
-
Best practice guidance
YES
YES
YES
-
Client side diagnostic tools
YES
YES
YES
What do you get? (2)
12
Business
Enterprise
Identity Access Management (IAM)
YES
YES
Direct routing to Senior Support Engineers
YES
YES
Third party Software Support (beta)
YES
YES
AWS Trusted Advisor (beta)
YES
YES
Infrastructure Event Management
contact us
YES
Direct Access to TAM (Technical Account Manager)
-
YES
White-Glove Case Routing
-
YES
Management Business Reviews
-
YES
AWS Trusted Advisor
AWS Trusted Advisor
in action
15
(Video)
BETTER
FASTER
STRONGER
AWS CloudSearch
A fully-managed search service in the cloud
Easy to integrate fast and scalable search functionality
BETTER
FASTER
STRONGER
AWS CloudSearch
A fully-managed search service in the cloud
Easy to integrate fast and scalable search functionality

Faceted search

Field weighting

Stemming, Synonyms, Stop Words

Autoscaling

Index distribution / partition / replication
(Video)
BETTER
FASTER
STRONGER
Going global: AWS Regions
http://aws.amazon.com/about-aws/globalinfrastructure
(as of Jan 10th, 2013)
Regions (8)
GovCloud Regions (1)
BETTER
FASTER
STRONGER
Availability Zones
http://aws.amazon.com/about-aws/globalinfrastructure
(as of Jan 10th, 2013)
Availability Zones (23)
BETTER
FASTER
STRONGER
CloudFront / Route 53
http://aws.amazon.com/about-aws/globalinfrastructure
(as of Jan 10th, 2013)
Edge Locations (39)
Dallas  (2)
St.Louis
Miami
Jacksonville
Los  Angeles  (2)
Palo  Alto
Sea>le
Ashburn  (2)
Newark
New  York  (3)
Dublin
London  (2)
Amsterdam  (2)
Stockholm
Frankfurt  (2)
Paris  (2)
Singapore  (2)
Hong  Kong  (2)
Tokyo  (2)
Sao  Paulo
South  Bend
San  Jose
Osaka
Milan
Sydney
Madrid
BETTER
FASTER
STRONGER
AWS Support
http://aws.amazon.com/about-aws/globalinfrastructure
(as of Jan 10th, 2013)
Customer Service & Technical Support
Remote TAMs (Technical Account Manager)
BETTER
FASTER
STRONGER
Elastic Load Balancer
Automatically balances traffic across EC2 instances
Protocols: HTTP, HTTPS, TCP, SSL, or Custom
One or multiple Availability Zones
Automatic health checks
BETTER
FASTER
STRONGER
CloudFront
DynamoDB
Security
IAM
CloudSearch
VPC
Going Global
ElastiCache
Securing Apache/NGINX
AWS Support
AWS Data Pipeline
Durability
Elastic Beanstalk
Elastic Load Balancer
BETTER
FASTER
STRONGER
Amazon ElastiCache
Database
Web
Server
BETTER
FASTER
STRONGER
Amazon ElastiCache
Cache
Database
Web
Server
BETTER
FASTER
STRONGER
Amazon ElastiCache

Memcached-compliant

Different cache node types

Monitoring statistics

Dynamic scaling

Automatic failure detection / recovery

Automatic software patching
BETTER
FASTER
STRONGER
Amazon DynamoDB

NoSQL key-value store

Provisioned throughput (automated scaling)

Fully distributed

Fault tolerant
BETTER
FASTER
STRONGER
AWS Elastic Beanstalk
BETTER
FASTER
STRONGER
AWS Elastic Beanstalk
PHP
Python
Ruby
.NET
Java
Passenger
IIS
Tomcat
Apache
Visual Studio
Eclipse
Git
BETTER
FASTER
STRONGER
AWS Elastic Beanstalk
Passenger
IIS
Tomcat
Apache
BETTER
FASTER
STRONGER
AWS Elastic Beanstalk
Passenger
IIS
Tomcat
Apache
web/app
server
BETTER
FASTER
STRONGER
AWS Elastic Beanstalk
web/app
server
BETTER
FASTER
STRONGER
AWS Elastic Beanstalk
DB
Master
server
web/app
web/app
server
Elastic Load Balancer
IP
Standby
DB
server
web/app
BETTER
FASTER
STRONGER

Easy deploy / rollback

Monitoring metrics (CloudWatch)

Receive SNS notifications (health, add/remove servers)

Access server log files

Quickly restart the entire stack

Custom application server settings
AWS Elastic Beanstalk
BETTER
FASTER
STRONGER
CloudFront
What’s new?

New Edge locations

Support for cookies

Price classes (exclude edge locations based on cost)

New access log fields

Front End Optimization (compression, rendering, etc)

Dynamic content from EC2 (query / cache parameters)
BETTER
FASTER
STRONGER
CloudFront
DynamoDB
Security
IAM
CloudSearch
VPC
Going Global
ElastiCache
Securing Apache/NGINX
AWS Support
AWS Data Pipeline
Durability
Elastic Beanstalk
Elastic Load Balancer
BETTER
FASTER
STRONGER
Durability
EC2 internal storage: ephemeral.
EBS: redundant.
S3: designed for high durability.
Glacier, compared to S3: delayed retrieval, lower price.
RDS: backups to Amazon S3.
DynamoDB: use AWS Data Pipeline to backup to S3.
EBS: snapshots to S3.
BETTER
FASTER
STRONGER
Amazon Virtual Private Cloud (VPC)
Launch a private section of the AWS Cloud, with user-
defined network topology and security/routing rules.
Start using VPC today - No excuses.
(Video)
BETTER
FASTER
STRONGER
Security
[ Shared Responsibility Model ]
BETTER
FASTER
STRONGER
Security
BETTER
FASTER
STRONGER
Security
BETTER
FASTER
STRONGER
Security
Security Groups
Credentials
Encryption
Your apps
BETTER
FASTER
STRONGER
Securing Apache/NGINX

ModSecurity (currently 2.7)

Proper security guides (e.g. RHEL 6.0 Security Guide)

Remove unnecessary modules / services / daemons

SSH using a Bastion Host

Patch / Update

Hide version

Use “smart” access (e.g. strong passwords / certificates)

Run it within VPC!
BETTER
FASTER
STRONGER
IAM
Control access to AWS services and resources for your users,
with users/roles/permissions.

Separate Master Account from everything else

Cross-account API access

Temporary security credentials (remember?)

Multi-Factor Authentication (MFA)
(Video)
http://aws.amazon.com/
http://aws.amazon.com/
awspodcast
Simone Brunozzi ( @simon )
Senior Technology Evangelist, Amazon Web Services
Simone Brunozzi ( @simon )
Senior Technology Evangelist, Amazon Web Services
Better, Faster, Stronger web apps
with Amazon Web Services
Thank you!