AWS Specific Topics - My Notes!

Hi Friends,

Hope you all are doing great! I like to say I am also doing great in all situation and love not to give up so easily ?? This week, we are facing lots of unexpected issues and right now I am not in a position to share it with you guys. But surely, keep reading my articles, I will definitely post the issue with solution soon.

Today, I thought to share some of notes regarding AWS best practices. These notes I had created long back for one of client ask regarding best practices with respect to high availability & scalability.

What tools we should use for AWS cloud monitoring?

They were looking for some native tools and were new to AWS. I recommended below-

AWS native monitoring tools:

1.??????CloudTrail is a service that collects event logs that record actions taken by users, roles and services

2.??????VPC Flow Logs - capture information about IP traffic that goes through network interfaces within VPCs. It captures the VPC flow logs that provides additional log data to support the network monitoring. Both Cloud Trail and VPC Flow Logs can publish their log data to CloudWatch.

3.??????CloudWatch - central monitoring service. It collects metrics and logs from AWS services. Note that AWS services only send metrics to CloudWatch when we are using these services. Not every AWS service is capable of sending metrics to CloudWatch.

4.??????CloudWatch agent - collect additional metric and log data from AWS hosted and/or on-prem servers, we can install the CloudWatch agent in those servers. The agent, CloudTrail, VPC Flow Logs and enabled AWS native services all send their log and metric data to CloudWatch. It makes the CloudWatch the central repository for metrics and logs, which enables the subsequent views and actions.

5.??????X-Ray- separate service traces user requests as they travel through the entire application. It doesn’t forward trace data to CloudWatch. But AWS has now integrated X-Ray with CloudWatch so that users can view logs, metrics and traces in one place.

What are the high-level best practices to achieve High-availability, load balancing & scalability?

Here, they wanted very high-level points, below are some high-level notes-

High Availability & Load Balancing:

ü?Avoid single points of failure.

ü?Always place (at least) one of each component (load balancers, app servers, databases) in at least two AZs.

ü?Maintain sufficient capacity to absorb AZ / cloud failures.

ü?Reserved Instances – guarantee capacity is available in a separate region/cloud.

ü?Replicate data across AZs and backup or replicate across clouds/regions for failover.

ü?Setup monitoring, alerts and operations to identify and automate problem resolution or failover process.

ü?Design stateless applications for resilience to reboot / relaunch.

Scalability:

ü?App-Tier Auto Scaling Group with associated Elastic Load Balancer

Ensure app-tier Auto Scaling Group has an associated Elastic Load Balancer.

ü?Auto Scaling Group Cooldown Period

Ensure Amazon Auto Scaling Groups are utilizing cooldown periods.

ü?Auto Scaling Group Health Check

Ensure AWS Auto Scaling Group is using the appropriate health check configuration to determine the health status of its instances.

ü?Auto Scaling Group Notifications

Ensure AWS ASG Notifications feature is enabled within your Auto Scaling Groups settings.

ü?Auto Scaling Group Referencing Missing ELB

Ensure Amazon Auto Scaling Groups are utilizing active Elastic Load Balancers.?

ü?Check for Auto Scaling Groups with integrated Elastic Load Balancers

Ensure that each AWS Auto Scaling Group has an associated Elastic Load Balancer.

ü?CloudWatch Logs Agent for App-Tier Auto Scaling Group In Use

Ensure an agent for AWS CloudWatch Logs is installed within Auto Scaling Group for app tier.

ü?CloudWatch Logs Agent for Web-Tier Auto Scaling Group In Use

Ensure an agent for AWS CloudWatch Logs is installed within Auto Scaling Group for web tier.

ü?Empty Auto Scaling Group

Identify and remove empty AWS Auto Scaling Groups (ASGs).

ü?IAM Roles for App-Tier ASG Launch Configurations

Ensure Auto Scaling Group launch configuration for app tier is configured to use a customer created app-tier IAM role.

ü?IAM Roles for Web-Tier ASG Launch Configurations

Ensure Auto Scaling Group launch configuration for web tier is configured to use a customer created web-tier IAM role.

ü?Launch Configuration Referencing Missing AMI

Ensure AWS Launch Configurations are utilizing active Amazon Machine Images.

ü?Launch Configuration Referencing Missing Security Groups

Ensure AWS Launch Configurations are utilizing active Security Groups.

ü?Multi-AZ Auto Scaling Groups

Ensure AWS Auto Scaling Groups utilize multiple Availability Zones to improve environment reliability.

ü?Same Availability Zones In ASG And ELB

Ensure AWS Availability Zones used for Auto Scaling Groups and for their Elastic Load Balancers are the same.

ü?Suspended Auto Scaling Groups

Ensure there are no Amazon Auto Scaling Groups with suspended processes.

ü?Unused Launch Configuration

Identify and remove unused AWS Auto Scaling Launch Configuration templates.

ü?Use Approved AMIs for App-Tier ASG Launch Configurations

Ensure Auto Scaling Group launch configuration for app tier is configured to use an approved Amazon Machine Image.

ü?Use Approved AMIs for Web-Tier ASG Launch Configurations

Ensure Auto Scaling Group launch configuration for web tier is configured to use an approved Amazon Machine Image.

ü?Web-Tier Auto Scaling Group associated ELB

Ensure web-tier Auto Scaling Group has an associated Elastic Load Balancer.

What are the pre-requisite for successful cloud operations?

The most critical pre-requisites for any successful cloud operations is that the “Cloud Enablement Engine” (CEE) should be aligned to the primary business objectives and outcomes. This ensures that the success of the cloud adoption will be measured in terms of business benefits from the outset and set the foundation for the operating model and prioritization of tasks.

Cloud Enablement Engine (CEE). This is a branch of Technology and Business resources with a focus on leading the organization on its cloud adoption journey that maps to the most important needs of the business

Six steps that companies should follow to build out a successful CEE.

1.??????Work backwards from the customer.

2.??????Re-envision the world as products.

3.??????Organize teams around products.

4.??????Bring the work to the team.

5.??????Reduce risk through iteration.

6.??????Own your entire lifecycle.

Conclusion:

Hope this article helps those who are very new to AWS and wants something readymade points on the above topics. I agree, this is very high-level, you need to definitely refer to the latest AWS documentation for these topics.

Keep sharing during your learning journey that might help many.

I want to apologize to all, those who approached me this week with some, or the other queries and I was not able to respond back. Will get back to you soon.

Enjoy learning and sharing ??

Thank You All ??