![]() ![]() With AWS VPN service, we can create IPsec Site-to-Site VPN tunnels from a VPC to an on-premises network over the public internet. AWS provides two categories of services - VPN (Virtual Private Network) and DX (AWS Direct Connect). Connect To On-Premises Systems with VPN or DXĮnterprises operate hybrid cloud environments to connect their on-premises resources to resources in the VPC. With a Security Group, we set up rules for incoming traffic (ingress) and outgoing traffic (egress).Īdditionally, we control traffic for an entire subnet using a network ACL (Access Control List). We control traffic to an EC2 instance using a Security Group (sometimes abbreviated SG). Protect Instance with Security Groups and Access Control Lists If we need fixed IPs, we reserve them using EIP (Elastic IP) addresses. Our instances get a different IP address every time we launch an instance. Our EC2 instances are launched within a subnet and are assigned IP addresses from the subnet’s pool of IP addresses. A VPC contains a certain range of IP addresses that we can bind to our resources.Ī VPC is divided into multiple subnets, each of them associated with a subset of the IP addresses available to the parent VPC. We do this by putting them into a secure private network called VPC (Virtual Private Cloud).Ī VPC is our logically isolated network with private and/or public subnets, route tables and network gateways within an AWS region. We will also need to protect these instances. Our EC2 instances need to communicate with each other to be useful. It scales automatically to handle the load of our application’s traffic and distributes load to our targets in a single AZ, or across multiple AZs, thereby making our applications highly available and fault-tolerant. But ELB comes as a fully managed service. We always have the option of deploying our own, custom load balancer on an EC2 instance. A load balancer is a region-level resource. ELB load balancers can distribute incoming traffic at the application layer (layer 7) or the transport layer (layer 4) across multiple targets, such as Amazon EC2 instances, containers, IP addresses, and Lambda functions. Distribute Traffic with ELBĮLB (Elastic Load Balancing) is the load balancing service of AWS. ![]() EBS volumes are automatically replicated in the same availability zone to achieve redundancy and high availability. An EBS volume is block-level storage used to store data that we want to persist beyond the lifetime of our EC2 instances.ĮBS volumes are attached and mounted as disks to our VM. Autoscaling will also take care of terminating instances when our servers are underutilized.Įach EC2 instance is backed by storage in the form of EBS (Elastic Block Storage) volumes. We can enable autoscaling to create additional instances when we exceed a certain threshold of capacity utilization. These range from nano instances, with one virtual CPU, to instance families of high-end configurations with a lot of processing power and memory. We also select an instance family to assign the number of CPUs and RAM for our VM. For example, we can use a machine image for Windows 2016 server with SQL Server or an RHEL Linux with Docker for creating our EC2 instance. We create the VM as an EC2 instance using a pre-built machine image from AWS (AMI - Amazon Machine Image) or a custom machine image.Ī machine image is similar to a pre-built template containing the operating system with some pre-configured applications installed over it. EC2 (Elastic Compute Cloud) is the service used to create and run VMs. Next, we create our VM (Virtual Machine) to run our applications. Each AZ is mapped to physical data centers located in that region, with redundant power, networking, and connectivity.ĪWS resources are bound either to a region, to an AZ, or are global. An AZ is a logical data center within a region. AWS Regions and AZs (Availability Zones) are essential entities of this global infrastructure.Īn AWS region is composed of multiple AZs. Where are our servers located? We may like to host our applications closer to the location of our customers.ĪWS data centers are located all across the globe. Whenever we think of cloud, one of the first decisions we make is where to run our applications. If you want to go deeper and learn how to deploy a Spring Boot application to the AWS cloud and how to connect it to cloud services like RDS, Cognito, and SQS, make sure to check out the book Stratospheric - From Zero to Production with Spring Boot and AWS! Choose a Region and Availability Zone This article gives only a first impression of what you can do with AWS. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |