Günther Gerlach

written by gunther gerlach-2009

This material covers the initial set up of an entire Cloud environment at Amazon Cloud infrastructure to run any web implementation solutions. This is the quickest answer that you may find out there, so let’s stat it!

We will cover all the steps to set up an entire environment in a cloud platform, from creating an user account at Amazon Web Services to creating and customizing Virtual machines (AMI), Virtual Storage Units, Virtual backups, Elastic IP’s, etc.

For all of you that don’t understand some of the acronyms used here, let’s just to look at them before to start:

 

Setting up an account with Amazon

First of all, we need to set up an account in Amazon Elastic Computing Cloud “EC2” to be able to create our virtual machines, drives, IP, etc.  During this process, we can choose among several Data center’s location (Availability Zone) to create our environment. This location is defined by where our customers are.

 

Creating virtual machines

Inside of EC2 you will find many predefined or custom Amazon Machine Images that you can use and latter run from inside this environment created in a specific zone (geography or data center location). Inside of an Availability Zone, we have can create as many virtual machines as we want from predefined or custom Amazon Machine Images, or AMIs. Just don’t forget that you need just one of each, latter you can execute as many instances as you want from each one. These instances are named “Instance of the AMI” and they are snapshot of machines that you can load and run inside of your cloud environment at an Availability Zone.

 

Creating virtual Storage units

So far we have created virtual machines that can be fired up at any time creating instances “snapshot” of our AMIs, but we haven’t created any hard drive or storage unit for these machines. Why we have to create an storage solution independently of our virtual machine?, well, the answer is simple, because Virtual machines are instances of AMIs and can be created or removed at any time based on demand, the data can’t be stored inside, other ways it will be lost along the instance at any given time. So, to resolve this problem, we just have to create a storage unit and then just attach it to our instance.

At Amazon we have more than option to create storage solutions for our Cloud environment. A quick description of them would be:

·   SimpleDB (SDB): it is a reasonable solution preferred for basic database delivery for specific service. This is a generalized storage solution only.

·   Elastic Block Store (EBS): This are very flexible solutions and is just like a hard drive that can be attached to any AMI. You can make an EBS from 1GB to 1TB and ‘install’ it on any of your virtual machine Instances

·   Relational Database Service (RDS): it is a robust database services beyond SDB. The choice of service is often dependent upon the needs of the solution

 

As I said, to keep your data intact even when an Instance dies, you can use any of the options available from Amazon Web services (AWS). Provably the most common one is the Elastic Block Store (EBS).

 

 

Setting up a Virtual Backup

One of the most critical point of discussion across the web in regards Cloud Computing is security in terms, security of our data (storage unit failure) and privacy. We have all our data or critical data stored in a virtual storage unit but ho we can protect it? This is so far the most important question… well, Amazon provide with a simple and smart solution named Simple Storage Solution (S3) to help us protecting our virtual storage units. So, to protect our data stored in our virtual EBS volume for any hard drives failure, we can just back this up into more stable storage solution.

S3 Backup allows you to have up to 100 directories of data, so you can easily back up your EBS volume(s) as often as you want it, and more important, you might want to back up a copy of your image (instance) after you customized an AMI to align with your requirements. This way, if your carefully customized Instance or EBS volume crashes for any reason, you can pull them out of your backup in S3 fairly quickly and get up and running again in minutes.

 

Note: So far we have created our virtual machines (AMI) and a virtual hard-drive attached to it where our data will be stored. We have also created a backup on S3 with all the necessary security to allow our engineers full access and a controlled access to our customers online.

 

What about security of our data?

What we want after setting this environment and loaded our data plus software in this virtual environment are two things: Allow our engineers to get full access to our infrastructure while keeping hacker away from our data and systems. For this, Amazon web Services (AWS) has two different concepts for security purposes:

·         A robust security system based in public/private key pairs and digital certificates to secure the log into any instance (AMI). This allows your engineers and developers to access your systems with proper rights.

·         Security group, to define how entities from the outside world (web browsers, remote desktops, ftp, email, etc.) can or cannot access your virtual machines (Instance).

 

How public IP work in a Cloud environment?

At this point we have created a whole infrastructure ready to be accessed by public users but, how this work? How can internet users find our virtual machines if they are running on demand and instances are created and die all the time? Well, basically Amazon Web Services (AWS) has a solution named Elastic IP (EIP). It is called elastic because it is a fixed public IP on the Internet. Basically it can be assigned to any of our Instances on the inside of AWS. So, if any Instance dies and we bring up a new Instance, we can move the EIP to this new Instance and minimize site interruptions.

This smart and simple solution help us to serve our website to the public, we will need to have a permanent public IP address that we can assign to our Instance.

 

Note: At this point, our infrastructure solution is up and running on our Instance, our data is saved on an EBS volume and, backed up on S3. Security by providing both, public and corporate access.

 

Flexible Scalability

At this point, most of us are running a platform to provide some kind of service or E-Commerce solution. We know very well what are we selling, we know our target market and all those details but, most of us have no idea where most of our customers will come from. They could group out of our geographical location, like Europe or China… It could be that our site is popular in a geographical region that is distant from the region in which we set up our system. As an example, we could have set up our website in USA, and getting most of the traffic from here during the day, but we are getting an amazing twist during the night (day in Europe) and having the same traffic or daily hits from Europe during that period of time. Performance of our site for our European visitors will not be as good as we would like and this will significantly impact our customer’s experience.

Thanks to Amazon elastic virtual infrastructure, we can move our site (AMI’s, virtual machines or instances) out of the USA region during the night “closer to these users” by using the Content Delivery Network, or CDN, making the delivery of your site much faster by replicating static content closer to where you have a high volume of users. In AWS, CDN services are delivered by Cloud-Front. This service takes your static content and replicates closer to where you have a high volume of users, thereby making the delivery of your site much faster.

 

 

Resources:

• Amazon Elastic Computing Cloud: http://aws.amazon.com/ec2/
• Amazon Web Services: http://aws.amazon.com/
• SimpleDB: http://aws.amazon.com/simpledb/
• Simple Storage Service (S3): http://aws.amazon.com/s3/
• CloudFront: http://aws.amazon.com/cloudfront/
• Relational Database Service: http://aws.amazon.com/rds/

 

Gunther Gerlach