## 11. AWS Part I

### What is Cloud Computing?

Cloud Computing consists of accessing virtualised resources over the network (e.g. a website online). 

AWS, Azure, Google Cloud are some of the big names in the Public Cloud Computing environment.

**Cloud Computing for AWS**:

"Cloud Computing is the on-demand delivery of IT resources over the internet with pay-as-you-go pricing. Instead of buying, owning, and maintaining physical data centers and servers, you can access technology services, such as computing power, storage, and databases, on an as-needed basis from a cloud provider like Amazon Web Services (AWS)"

*Benefits:*

* Agility: You can deploy technology services in a matter of minutes, and get from idea to implementation several orders of magnitude faster than before.

* Elasticity: You provision the amount of resources that you actually need. You can scale these resources up or down to instantly grow and shrink capacity as your business needs change.

* Cost savings: The cloud allows you to trade capital expenses (such as data centers and physical servers) for variable expenses, and only pay for IT as you consume it.

* Deploy globally in minutes: You can deploy your application in multiple physical locations with just a few clicks. 

*Types of cloud computing:*

* **Infrastructure as a Service (IaaS)**: Provides access to networking features, computers (virtual or on dedicated hardware), and data storage space. Similar to existing IT services. EC2 services of AWS are an example of IaaS.

* **Platform as a Service (PaaS)**: Removes the need for managing underlying infrastructure (usually hardware and operating systems), and allows to focus on the deployment and management of applications. AWS RDS services for Oracle Data Bases, for example.

* **Software as a Service (SaaS)**: Provides a complete product that is run and managed by the service provider. You don't have to think about maintaining the service or the underlying infrastructure but about how to use that particular service.

### AWS Free Tier

**AWS Regions and Zones:**

AWS has presence in so many regions, within which there are multiple zones:

* Region -> Country

* Zone -> Multiple (clustered) Data Centers

"The AWS Cloud spans 102 Availability Zones within 32 geographic regions around the world, with announced plans for 12 more Availability Zones and 4 more AWS Regions in Canada, Malaysia, New Zealand, and Thailand." October, 2023

-> https://aws.amazon.com/about-aws/global-infrastructure/

**AWS Global Infrastructure:**

* High availability through multiple Availability Zones

* Improving continuity with replication between Regions

* Meeting compliance and data residency requirements

* Geographic expansion 

**Availability Zones:**

![](https://docs.aws.amazon.com/images/whitepapers/latest/get-started-documentdb/images/regions-and-zones.png)

* When you launch a VM (instance), you can select an Availability Zone or let AWS choose for you.

* When designing your apps, you can distribute your instances across multiple Availability Zones, so in case one instance fails, an instance in another Availability Zone handles requests.

### Using AWS Platform

Connect to the AWS platform using your root account and check the available services. 

AWS has so many services, but we will focus on **sysops and devops** services and some **developer** services:

**Compute**:

* *EC2*: Virtual Servers in the cloud

* *Elastic Beanstalk*: Run and manage Web Apps

**Storage**:

* *S3*: Scalable Storage in the cloud

* *EFS*: Managed File Storage for EC2

* *S3 Glacier*: Archive Storage in the cloud

**Database**:

* *RDS*: Managed Relational Database Service

* *ElastiCache*: In-memory cache

**Networking & Content Delivery**:

* *VPC*: Isolated Cloud Resources

* *CloudFront*: Global Content Delivery Network

* *Route 53*: Scalable DNS and Domain Name Registration

**Developer Tools**:

* *CodeCommit*: Store code in private Gir repositories

* *CodeArtifact*: Secure, scalable and cost-effective artifact management for software development

* *CodeBuild*: Build and test code

* *CodeDeploy*: Automate code deployments

* *CodePipeline*: Release software using Continuous Delivery

**Management & Governance**:

* *CloudWatch*: Monitor resources and applications


### EC2 Services

**Features**:

* EC2 provides web services API for provisioning, managing and deprovisioning virtual servers inside Amazon cloud.

* Ease in scaling up/down: e.g., scale RAM from 8Gb to 16Gb or viceversa

* Pay only for what you use

* Can be integrated into several other services, e.g. S3

**Pricing**:

1. On Demand: Pay per hour or seconds

2. Reserved: Reserve capacity (for 1 or 3 years) for discounts

3. Spot: Bid your price for unused EC2 capacity; but if someone outbids you, your EC2 instance will be gone.

4. Dedicated Hosts: Dedicate a complete physical server for you (very expensive)

**Components**:

To launch an EC2 instance, you need:

* Amazon Machine Image (AMI): provides the information required to launch an instance, which is a virtual server in the cloud (similar to Vagrant boxes)

* Instance type: when you launch an instance, the instance type that you specify determines the hardware of the host computer used for your instance: size of the instance, computing resources: CPU, RAM, network, etc.

* Amazon Elastic Block Store (EBS): provides a flexible, cost effective and easy-to-use data storage options for your instances (virtual hard disks on which you can store your OS)

* Tags: simple label consisting of a customer-defined key and an optional value that can make it easier to manage, search for and filter resources

* Security Group: a security group acts as a virtual firewall that controls the traffic for one or more instances

* Key-pairs: EC2 uses public-key cryptography to encrypt and decrypt login information.

#### Steps to create an EC2 instance

1. Login to your AWS Console

2. Select the region: usually North Virginia (us-east1) since it is less costly

3. Search for the EC2 service

4. Click on Instances (in the left part) and the Launch Instances button

5. Give name and tags and select the Amazon Machine Image (AMI): browse for the OS you prefer, be careful with free-tier alternatives as they may charge you after some time.

6. Check the instance type: select t2.micro since it is included in the free tier version. Some documentation on the instance types: https://aws.amazon.com/ec2/instance-types/

7. Set a key pair login using "Create new key pair", give a name and keep in RSA and .pem formats

8. In Network settings, create a new security group by editing the current settings: change the name of the security group and the description. Also, in security group rule 1, change Source type for "My IP". Additional, in advanced settings, go to "User data" and add the provisioning for the instance:

```
#!/bin/bash

sudo yum install httpd -y
sudo systemctl start httpd
sudo systemctl enable httpd
mkdir /tmp/test1
```

9. Click on Launch Instance

10. Check the status of the instance (Instance state and Status check). If you select the instance, you can check its public and private IP addresses. Also, you can connect to it by clicking on Connect.

11. In the Connect to instance page, select the "SSH client" tab and follow the steps. Use the key (.pem file) downloaded when setting the key pair login (`web-dev-key.pem`), the user (`ec2-user`) and the public DNS name (`ec2-50-17-123-122.compute-1.amazonaws.com`):

`ssh -i "web-dev-key.pem" ec2-user@ec2-50-17-123-122.compute-1.amazonaws.com`

12. Open Git Bash and go to the directory where the .pem file is dowloaded or stored. Then, copy and paste the complete command as shown in step 11. You should be able to connect to the instance.

#### Accessing the `httpd` service

* Provisioning was included in the creation of the instance, so the `httpd` service should be running. Check it by running the command `systemctl status httpd`

* Check connection through port 80 is related to httpd: `ss -tunlp | grep 80`

* You can try and connect through the public IP address to see if the connection is given. The problem is that the initial security rule for the instance only allowed connections through port 20.

* Go to the security tab in your instance and click the security group. Go to Inbound Rules and modify them by clicking on Edit Inbound Rules.

* Add a new rule to allow connections through port 80:

    Type: Custom TCP; Port range: 80; Source: My IP/Anywhere IPv4/Anywhere IPv6

* Save changes and try to connect again.

#### Terminate an instance

In the section "Instances", select the instance and click on Instance state button. Select "Terminate instance".