## System Operations

- Concerned with the deployment, administration, and monitoring of systems and network resource in an automatable and reusable manner.

- Allows the configuration and management of thousands of servers and devices in a repeatable way.
- Reduction in errors by replacing manual processes with autoamted ones
- Real-time visibility into states through monitoring

![image.png](attachment:image.png)

- **Build** - Create separate environments for development, test, and production.

- **Test** - Test backup and disaster recovery procedures.
- **Deploy** - Deploy applications and workloads into their runtime environment.
- **Monitor** - Monitor the health and performance of infrastructure resources.
- **Maintain** - Apply patches and upgrades in a consistent and regular manner.
- **Safeguard** - Apply and enforce security measures in all the infrastructure layers.

### SysOps in the Cloud

![image.png](attachment:image.png)

You can accomplish automation by creating scripts, programs, or templates, such as the following:
- Linux shell script
- Python or Ruby application
- C# application
- Template format, such as what is used in the [AWS CloudFormation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/GettingStarted.html. 
) service

## Creating a Troubleshooting Knowledge Base

![image.png](attachment:image.png)

![image-2.png](attachment:image-2.png)

### Knowledge Base Categories

![image.png](attachment:image.png)
![image-2.png](attachment:image-2.png)
![image-3.png](attachment:image-3.png)

![image.png](attachment:image.png)

### Columns

![image.png](attachment:image.png)
![image-2.png](attachment:image-2.png)

## AWS CLI

- Provides access to AWS services through command line.

- Can also be accessed via **Software Development Kits** (SDK) are packages that AWS provides. 
    - Provides access to AWS services by using popular programming languages, such as Python,Ruby,.NET, or Java.
    - The SDKs make it straightforward to use AWS in existing applications.
    - You can also use them to create applications to deploy and monitor complex systems entirely through code.

![image.png](attachment:image.png)

- `$export AWS_DEFAULT_OUTPUT="table"`
- `$export AWS_DEFAULT_OUTPUT="text"`

### Install AWS CLI

```bash
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install
aws --version # aws-cli/2.4.5 Python/3.8.8 Linux/4.14.133-113.105.amzn2.x86_64 botocore/2.4.5
```

### Command Line Format

```bash
aws ec2 stop-instances -–instance-ids i-1234567890abcdef0--output json
```

- `ec2` - Service

- `stop-instances` - Operation
- `--insance-ids i-1234567890abcdef0` - Parameters
- `--output json` - Options

### AWS CLI output (JSON)

![image.png](attachment:image.png)

### Query Option

- Limits fields displayed in the result

    ```bash
    aws ec2describe-instances--query 'Reservations[0].Instances[0]'
    ```

    ![image.png](attachment:image.png)

- Show the name of the state of the first instance

    ```bash
    aws ec2describe-instances--query 'Reservations[0].Instances[0].State.Name'
    ```

    ![image-2.png](attachment:image-2.png)

- Show the name of the state of all instances by using the wildcard (*)

    ```bash
    aws ec2describe-instances--query 'Reservations[*].Instances[*].State.Name'
    ```

### `--filter`

- Restrict the result set on the server side

    ```bash
    aws ec2 describe-instances \
    --query "Reservations[*].Instances[*].InstanceId" \
    --filter "Name=instance-type,Values=t2.micro,t2.small"
    ```

### `--dry-run`

- This option checks for required permissions without making a request.
- It also provides an error response if unauthorized.

    ```bash
    aws ec2 run-instances --image-id ami-1a2b3c4d --count 1 \
    --instance-type c5.large --key-name MyKeyPair --security-groups MySecurityGroup --dry-run
    ```

### Common AWS CLI Commands

![image.png](attachment:image.png)

## Activity: Install and Configure AWS CLI

![image.png](attachment:image.png)

![image-2.png](attachment:image-2.png)

![image.png](attachment:image.png)

![image-2.png](attachment:image-2.png)

![image.png](attachment:image.png)

## AWS Systems Manager

- Collection of capabilities that help you manage your cloud applications and infrastructures running in the AWS cloud.

![image.png](attachment:image.png)
![image-2.png](attachment:image-2.png)


### Document

- The **AWS Systems Manager Document** defines the actions that Systems manager performns on your managed instances.
![image.png](attachment:image.png)

### Automation

- Safely automate common and reprtitive IT operations and management tasks across AWS resources

![image.png](attachment:image.png)

Run the automation document. Depending on the actions requested in the document, Systems Manager will automatically perform certain steps, including the following:
- Launch an instance
- Take a **snapshot**
- Tag an instance
- Delete old images
- Terminate EC2 instances

### Run Command

- Provides an automated way to run predefined commands against EC2 instances.

    - Use predfined commands

    - Create your own
    - Choose instances or tags
    - Choose controls or schedules
    - Run a command immediately or on a specific schedule

    ![image.png](attachment:image.png)

### Session Manager

- Securely connect to instances without opening inbound ports or maintaining SSH keys
- Also helps you comply with corporate policies that require controlled access to instances, strict security practices, and auditable logs that contain instance access details.

- Similar to **jump servers** which are accessed publicly

![image-2.png](attachment:image-2.png)

### Patch Manager

- Deploy perating system and software patches automatically across large groups of EC2 instances or on-premises machines

![image.png](attachment:image.png)

### Maintenance Windows

- Schedule windows of time to run administrative and maintenance tasks across your instances

![image.png](attachment:image.png)

1. Create a maintenance window that specifies basic options, such as name, schedule, and duration.

2. Assign targets. These are the resources that the maintenance window tasks will update.
3. Assign tasks to be run on those targets. Types of tasks include the following: 
    - Commands run by Systems Manager Run Command
    - Systems Manager Automation workflows
    - AWS Step Functions workflows
    - AWS Lambda functions
4. Review the status of the tasks after the tasks are completed.


### State Manager

- Maintain consistent configuration of EC2 or on-premise instances

![image.png](attachment:image.png)

### Parameter Store

- Centralized store to manage configuration data or secrets

![image.png](attachment:image.png)

### Inventory

- Collects information about instances and the software that is installed on them

![image.png](attachment:image.png)

The Systems Manager Inventory capability can collect inventory information about EC2 instances and the software installed on them, such as the following:

- Application data

- Files
- Network configurations
- Windows services
- Server roles
- Updates
- System properties

## Administration and Development Tools

### Software Development Kits

- Accessing services programatically and write administrative scripts in different programming languages

- These SDKs also contain APIs for the languages that are listed. A developer or administrator can use both the SDKs and the APIs to incorporate the connectivity and functionality of the wide range of AWS services into their code without writing functions from scratch. 
- See also [this link](https://aws.amazon.com/developer/tools/).

### AWS CloudFormation

- Defines resources in a **template**

- Provides resources defined in a template as a single unit called a **stack**

- Key features include:
    - Preview how proposed changes to a stack will impact the existing environment.
    - Detect drift
    - Invoke *Lambda* functions

![image.png](attachment:image.png)

![image.png](attachment:image.png)

### AWS OpsWorks

- Automate how servers are configured, deployed, and managed

- Bsed on the **Chef** and **Puppet** popular open-source automation platforms.

- Available:
    - AWS OpsWorks Stacks
    - AWS OpsWOrks for Puppet Enterprise
    - AWS OpsWorks for Chef Automate

## Lab 169 - Using AWS Systems Manager

![image.png](attachment:image.png)