Sunday, September 2, 2018

AWS cloud


  • AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. With CloudTrail, you can log, continuously monitor, and retain account activity related to actions across your AWS infrastructure

https://aws.amazon.com/cloudtrail/


  • AWS specific tactics to automate your infrastructure

http://dumay.info/pdf/S3/5.pdf


  • Virtual Private Cloud (VPC)


A VPC is a set of contained subnets with a common Classless Inter-Domain Routing (CIDR) block (up to a /16 netmask) running in a single geographic area (Region) across multiple data centers (Availability Zones). A VPC is like a virtual data center, except that it’s physically spread out across Availability Zones. VPCs have network connectivity within the Region in which they are created. You can use Internet connectivity, virtual private network (VPN) connectivity, and VPC peering to connect VPCs to other networks
https://aws.amazon.com/blogs/apn/amazon-vpc-for-on-premises-network-engineers-part-one/


  • Scenario 2: Extend On-Premises AD DS Installation to the AWS Cloud

This scenario is for users who want to use their existing installation of AD DS and extend their on-premises network to the VPC, when a new deployment of AD DS is not an option
https://docs.aws.amazon.com/quickstart/latest/active-directory-ds/scenario-2.html


  • AWS CloudFormation provides a common language for you to describe and provision all the infrastructure resources in your cloud environment. CloudFormation allows you to use a simple text file to model and provision, in an automated and secure manner, all the resources needed for your applications across all regions and accounts

https://aws.amazon.com/cloudformation/


  • This Quick Start automates the deployment of a Puppet master and Puppet agents from scratch, using AWS CloudFormation templates.  
https://aws.amazon.com/about-aws/whats-new/2016/03/puppet-on-the-aws-cloud-quick-start-reference-deployment/


  • The configuration for this scenario includes a virtual private cloud (VPC) with a public subnet and a private subnet. We recommend this scenario if you want to run a public-facing web application, while maintaining back-end servers that aren't publicly accessible

 A common example is a multi-tier website, with the web servers in a public subnet and the database servers in a private subnet. You can set up security and routing so that the web servers can communicate with the database servers.
 The instances in the public subnet can send outbound traffic directly to the Internet, whereas the instances in the private subnet can't.
https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Scenario2.html

  • This topic explains how to use the AWS Management Console to upload one or more files or entire folders to an Amazon S3 bucket.

Before you can upload files and folders to an Amazon S3 bucket, you need write permissions for the bucket.
When you upload a file to Amazon S3, it is stored as an S3 object. Objects consist of the file data and metadata that describes the object. You can have an unlimited number of objects in a bucket.
You can upload files by dragging and dropping or by pointing and clicking. To upload folders, you must drag and drop them. Drag and drop functionality is supported only for the Chrome and Firefox browsers.
https://docs.aws.amazon.com/AmazonS3/latest/user-guide/upload-objects.html


  • Running Kubernetes on AWS EC2

To create a Kubernetes cluster on AWS, you will need an Access Key ID and a Secret Access Key from AWS
conjure-up is an open-source installer for Kubernetes that creates Kubernetes clusters with native AWS integrations on Ubuntu
https://kubernetes.io/docs/setup/turnkey/aws/


There are two main ways to use Kubernetes on AWS, run it yourself on Amazon EC2 virtual machine instances, or use the Amazon EKS service

https://aws.amazon.com/kubernetes/

Amazon Elastic Container Service (Amazon ECS) is a highly scalable, high-performance container orchestration service that supports Docker containers and allows you to easily run and scale containerized applications on AWS.
Amazon ECS eliminates the need for you to install and operate your own container orchestration software, manage and scale a cluster of virtual machines, or schedule containers on those virtual machines.
https://aws.amazon.com/ecs/

  •  as explained in the Kubernetes documentation either using conjure-up, Kubernetes Operations (kops), CoreOS Tectonic or kube-aws. Out of those options I found kops extremely easier to use and its nicely designed for customizing the installation, executing upgrades and managing the Kubernetes clusters over time. In this article I will explain how to use Kubernetes Operations tool to install a Kubernetes Cluster on AWS in few minutes.

 https://medium.com/containermind/how-to-create-a-kubernetes-cluster-on-aws-in-few-minutes-89dda10354f4


  • Amazon Kinesis makes it easy to collect, process, and analyze real-time, streaming data so you can get timely insights and react quickly to new information.

https://aws.amazon.com/kinesis/?nc1=f_ls