aws summit benelux 2013 - getting started with aws
TRANSCRIPT
![Page 1: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/1.jpg)
Getting Started with AWS
Martin Elwin
![Page 2: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/2.jpg)
Launching an
instance
![Page 3: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/3.jpg)
Region
Regions
![Page 4: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/4.jpg)
Regions Region
US-WEST (N.
California) EU-WEST (Ireland)
ASIA PAC
(Tokyo)
ASIA PAC
(Singapore)
US-WEST (Oregon)
SOUTH AMERICA (Sao
Paulo)
US-EAST (Virginia)
GOV CLOUD
ASIA PAC
(Sydney)
![Page 5: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/5.jpg)
Wizard
Launch Wizard
![Page 6: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/6.jpg)
Choose
operating
system
Launch Wizard
![Page 7: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/7.jpg)
Launch!
Launch
![Page 8: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/8.jpg)
Launch Confirmation
![Page 9: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/9.jpg)
Instance
DNS name
Public Address
![Page 10: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/10.jpg)
Instance
DNS name
SSH
![Page 11: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/11.jpg)
SSH
![Page 12: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/12.jpg)
EC2
![Page 13: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/13.jpg)
Compute
Vertical Scaling
From $0.02/hr Elastic Compute Cloud (EC2) Basic unit of compute capacity
Range of CPU, memory & local disk options
18 Instance types available, from micro to cluster compute
Feature Details
Flexible Run Windows or Linux distributions
Scalable Wide range of instance types from micro to cluster compute
Machine Images Configurations can be saved as machine images (AMIs) from which new instances can be created
Full control Full root or administrator rights
Secure Full firewall control via Security Groups
Monitoring Publishes metrics to Cloud Watch
Inexpensive On-demand, Reserved and Spot instance types
VM Import/Export Import and export VM images to transfer configurations in and out of EC2
![Page 14: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/14.jpg)
256
128
64
32
16
8
4
2
1
1 2 4 8 16 32 64 128 256
EC2 instance types
High I/O 4XL 60.5 GB 35 EC2 Compute Units 16 virtual cores 2*1024 GB SSD-based local instance storage
Me
mo
ry (
GB
)
Small 1.7 GB, 1 EC2 Compute Unit 1 virtual core
Micro 613 MB Up to 2 ECUs (for short bursts)
Large 7.5 GB 4 EC2 Compute Units 2 virtual cores
Hi-Mem XL 17.1 GB 6.5 EC2 Compute Units 2 virtual cores
Hi-Mem 2XL 34.2 GB 13 EC2 Compute Units 4 virtual cores
Hi-Mem 4XL 68.4 GB 26 EC2 Compute Units 8 virtual cores
High-CPU Med 1.7 GB 5 EC2 Compute Units 2 virtual cores
High-CPU XL 7 GB 20 EC2 Compute Units 8 virtual cores
Medium 3.7 GB, 2 EC2 Compute Units 1 virtual core
M3 XL 15 GB 13 EC2 Compute Units 4 virtual cores EBS storage only
M3 2XL 30 GB 26 EC2 Compute Units 8 virtual cores EBS storage only
Extra Large 15 GB 8 EC2 Compute Units 4 virtual cores
Cluster GPU 4XL 22 GB 33.5 EC2 Compute Units, 2 x NVIDIA Tesla “Fermi” M2050 GPUs
Cluster Compute 4XL 23 GB 33.5 EC2 Compute Units
Cluster Compute 8XL 60.5 GB 88 EC2 Compute Units
High Storage 8XL 117 GB 35 EC2 Compute Units, 24 * 2 TB ephemeral drives 10 GB Ethernet
Hi-Mem Cluster Compute 8XL 244 GB 88 EC2 Compute Units 16 virtual cores 240 GB SSD
EC2 Compute Units
![Page 15: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/15.jpg)
EC2 instance types
EC2 Compute Units
Me
mo
ry (
GB
) Special Storage
Light Spiky
![Page 16: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/16.jpg)
AMI
Amazon Machine Image
Instance
Running or Stopped machine
AZ Availability Zone
S3
EBS EBS EBS EBS EBS EBS
EBS Snapshots
S3 Buckets
Region
EC2 terminology
![Page 17: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/17.jpg)
More details!
![Page 18: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/18.jpg)
Sign up:
aws.amazon.com
1 2 3 4 5
Sign up
![Page 19: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/19.jpg)
1 2 3 4 5
Sign up
![Page 20: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/20.jpg)
1 2 3 4 5
Sign up
![Page 21: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/21.jpg)
1 2 3 4 5
Sign up
You will need
Credit card information – you won’t pay unless you use resources
A telephone – on which to receive an automated security call
![Page 22: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/22.jpg)
1 2 3 4 5
Sign up
You will need
Best practice
Setup billing alerts so you can be notified when levels of spend are reached
If you have existing accounts, consider using consolidated billing to bring them together under one payment
Credit card information – you won’t pay unless you use resources
A telephone – on which to receive an automated security call
![Page 23: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/23.jpg)
1 2 3 4 5
Sign up
750 hours of Amazon EC2 Linux/RedHat/Suse Micro Instance usage
750 hours of Amazon EC2 Microsoft Windows Server Micro Instance usage
750 hours of an Elastic Load Balancer
30 GB of Amazon Elastic Block Storage
5 GB of Amazon S3 standard storage
100 MB of storage, 5 units of write capacity, and 10 units of read capacity for Amazon DynamoDB*
25 Amazon SimpleDB Machine Hours and 1 GB of Storage
1,000 Amazon SWF workflow executions*
1,000,000 Requests of Amazon Simple Queue Service*
1,000,000 Requests, 100,000 HTTP and 1,000 email notifications for Amazon Simple Notification Service*
10 Amazon CloudWatch metrics, 10 alarms, and 1,000,000 API requests*
15 GB of bandwidth out aggregated across all AWS services
750 hours of Amazon RDS for SQL Server Micro DB Instance usage
20 GB of RDS database storage
10 million RDS I/Os
20 GB of backup storage for your automated RDS database backups and any user-initiated DB Snapshots
20 minutes of SD transcoding or 10 minutes of HD transcoding in Amazon Elastic Transcoder*
Free tier http://aws.amazon.com/free/
![Page 24: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/24.jpg)
1 2 3 4 5
Sign up
![Page 25: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/25.jpg)
1 2 3 4 5
Logging in to an
instance
Sign up Key pairs
![Page 26: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/26.jpg)
Public Key
Inserted by Amazon into each EC2 instance that
you launch
Private Key
Downloaded and stored by you
Standard SSH RSA Key pair
Public/Private Keys
Public key provided by AWS to EC2
instance for secure, personalized, initial,
non-generic access
Supports NIST and other security standards
for providing non-default user access
Instance key pairs
EC2
Instance
Comms secured with private key
1 2 3 4 5
Sign up Key pairs
![Page 27: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/27.jpg)
Public Key
Inserted by Amazon into each EC2 instance that
you launch
Private Key
Downloaded and stored by you
Instance key pairs
EC2
Instance
Comms secured with private key
Private keys are not
stored by AWS
Standard SSH RSA Key pair
Public/Private Keys
Public key provided by AWS to EC2
instance for secure, personalized, initial,
non-generic access
Supports NIST and other security standards
for providing non-default user access
1 2 3 4 5
Sign up Key pairs
![Page 28: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/28.jpg)
AWS generated keys
Import your own keys
Select your region
Create keys
Give them a name
Private key is generated and downloaded by your browser immediately
Create 1 key pair for all resources or as many as you like (e.g 1 per server type)
You supply only the public key to AWS
1 2 3 4 5
Sign up Key pairs
![Page 29: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/29.jpg)
ssh –I eu-west.pem
1. Linux Launch (First Boot) 1. Instance initialization scripts insert public
key into ~/.ssh/authorized_keys
2. User connects with SSH using their Private
Key
1 2 3 4 5
Sign up Key pairs
![Page 30: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/30.jpg)
ssh –I eu-west.pem
You can’t log into a Linux
instance without key
1 2 3 4 5
Sign up Key pairs
1. Linux Launch (First Boot) 1. Instance initialization scripts insert public
key into ~/.ssh/authorized_keys
2. User connects with SSH using their Private
Key
![Page 31: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/31.jpg)
ssh –I eu-west.pem
Don’t lose it
1 2 3 4 5
Sign up Key pairs
1. Linux Launch (First Boot) 1. Instance initialization scripts insert public
key into ~/.ssh/authorized_keys
2. User connects with SSH using their Private
Key
![Page 32: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/32.jpg)
1. Windows Launch (First Boot Sequence)
2. Instance initialization scripts:
a) Creates a random Administrator password
b) Encrypts random password with Public Key
c) Reports encrypted password to Windows System Log
3. User retrieves the encrypted password and decrypts it with their Private Key (using AWS Console or API Call)
1 2 3 4 5
Sign up Key pairs
![Page 33: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/33.jpg)
Choose key
pair when
launching
instance
1 2 3 4 5
Sign up Key pairs
![Page 34: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/34.jpg)
Keep secure
Do not share
Rotate Need to know
1 2 3 4 5
Sign up Key pairs
![Page 35: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/35.jpg)
1 2 3 4 5
Sign up Key pairs
![Page 36: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/36.jpg)
Allowing access
to the instance
1 2 3 4 5
Sign up Key pairs Access
![Page 37: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/37.jpg)
sudo yum -y install httpd
sudo chkconfig httpd on
sudo /etc/init.d/httpd start
Let’s install something
Install apache web server
Set it to run as a service
Start the web server
1 2 3 4 5
Sign up Key pairs Access
![Page 38: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/38.jpg)
Security groups
Security Group
EC2 Classic EC2 VPC (virtual private cloud)
Inbound only Inbound and outbound
TCP, UDP, ICMP only Any protocol
Assigned at launch Assigned at launch or when running
Modify anytime Modify anytime
instance
Port 80 (HTTP)
Port 22 (SSH)
Name Description Protocol Port range IP Address, range, or another security group
1 2 3 4 5
Sign up Key pairs Access
![Page 39: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/39.jpg)
Added port 80
to group
Security
groups
Open our security group
1 2 3 4 5
Sign up Key pairs Access
![Page 40: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/40.jpg)
Test it by hitting the public DNS name of
the instance
1 2 3 4 5
Sign up Key pairs Access
![Page 41: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/41.jpg)
1 2 3 4 5
Sign up Key pairs Access
![Page 42: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/42.jpg)
Reuse your
instance!
1 2 3 4 5
Sign up Key pairs Access Image
![Page 43: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/43.jpg)
Makes a snapshot of the instance
Creates an image that is private to you
Saves time in deployments and system setup
1 2 3 4 5
Sign up Key pairs Image Access
![Page 44: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/44.jpg)
Create
image
1 2 3 4 5
Sign up Key pairs Image Access
![Page 45: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/45.jpg)
Name it
and
create
1 2 3 4 5
Sign up Key pairs Image Access
![Page 46: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/46.jpg)
Your
AMI
1 2 3 4 5
Sign up Key pairs Image Access
![Page 47: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/47.jpg)
…and
launch a
new
instance
from the
AMI
1 2 3 4 5
Sign up Key pairs Image Access
![Page 48: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/48.jpg)
1 2 3 4 5
Sign up Key pairs Image Access
![Page 49: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/49.jpg)
Who can start
an instance?
1 2 3 4 5
Sign up IAM users Key pairs Image Access
![Page 50: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/50.jpg)
Identity and Access Management:
Securely control access to AWS services and resources for your
users
1 2 3 4 5
Sign up IAM users Key pairs Image Access
![Page 51: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/51.jpg)
Account owner
Access to all subscribed services Access to billing reports Access to console, REST and SOAP APIs
IAM users/groups
Access to specific services Access to console and/or REST APIs and/or SOAP APIs
1 2 3 4 5
Sign up IAM users Key pairs Image Access
![Page 52: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/52.jpg)
Account owner
Access to all subscribed services Access to billing reports Access to console, REST and SOAP APIs
IAM users/groups
Access to specific services Access to console and/or REST APIs and/or SOAP APIs
Master user
account – owns
payment method
Regular users
1 2 3 4 5
Sign up IAM users Key pairs Image Access
![Page 53: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/53.jpg)
Account
Administrators Developers Applications
Bob
Kevin
Tomcat
Jim Brad
Mark
Susan
Reporting
Console
1 2 3 4 5
Sign up IAM users Key pairs Image Access
![Page 54: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/54.jpg)
Account
Administrators Developers Applications
Bob
Kevin
Tomcat
Jim Brad
Mark
Susan
Reporting
Console
Multi-factor authentication
Groups
1 2 3 4 5
Sign up IAM users Key pairs Image Access
![Page 55: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/55.jpg)
AWS system entitlements
Roles Account
Administrators Developers Applications
Bob
Kevin
Tomcat
Jim Brad
Mark
Susan
Reporting
Console
1 2 3 4 5
Sign up IAM users Key pairs Image Access
![Page 56: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/56.jpg)
{
"Statement": [
{
"Effect": "Allow",
"Action": [
"elasticbeanstalk:*",
"ec2:*",
"elasticloadbalancing:*",
"autoscaling:*",
"cloudwatch:*",
"s3:*",
"sns:*"
],
"Resource": "*"
}
]
}
Policy driven Declarative definition of
rights for groups
Policies control access to
AWS APIs
1 2 3 4 5
Sign up IAM users Key pairs Image Access
![Page 57: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/57.jpg)
1 2 3 4 5
Sign up IAM users Key pairs Image Access
![Page 58: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/58.jpg)
Next Steps
Elastic Load Balancing Create highly scalable applications
Distribute load across EC2 instances in multiple
availability zones
Auto Scaling Automatic re-sizing of compute clusters
based upon demand
Relational Database Service Database-as-a-Service
No need to install or manage database instances
Scalable and fault tolerant configurations
![Page 59: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/59.jpg)
Next Steps
![Page 60: AWS Summit Benelux 2013 - Getting Started with AWS](https://reader033.vdocument.in/reader033/viewer/2022060115/557ab0abd8b42a6f378b5054/html5/thumbnails/60.jpg)
aws.amazon.com
get started with the free tier