Lec 08: Cloud Operations

AWS Well-Architected Framework

Cloud Operation

Cloud Operation

• 클라우드 환경에서 IT 자원을 효율적으로 관리하고 운영하기 위한 일련의 활동
• With AWS, customers can enable provision and operate their environment for both business agility and governance control

Benefits of AWS Cloud Operations

• Innovation
• Scale
• Simplicity
• Cost savings

 

AWS Well-Architected Framework

Well-Architected (WA) Framework

• AWS에서 제공하는 클라우드 아키텍처 디자인에 관한 모범 사례 및 가이드라인을 담고 있는 프레임워크
• A guide that's designed to help build the most secure, high-performing, resilient, efficient, and cost-effective infrastructure.
• Provides a set of foundational questions and best practices.

WA Framework Pillars

1. Operational excellence
   • Focus on running & monitoring systems and continually improving processes
   • Automating changes, responding to events, defining standardsto manage daily operation
2. Security
   • Focus on protecting information and systems
   • Confidentiality and integrity of data, managing user permissions, establishing controls to detect security events
3. Reliability
   • Focus on workloads performing their intended functions and how to recover quickly from failure to meet demands.
   • Distributed system design, recovery planning, adapting to changing requirements
4. Performance efficiency
   • Focus on structured and streamlined allocation of IT and computing resources
   • Selecting resource types and sizes, monitoring performance, mainttaining efficiency
5. Cost optimization
   • Focus on avoiding unnecessary costs
   • Understanding spending and controlling fund allocation, selecting resourcees of the right type, scaling to meet business needs without overspending
6. Sustainability
   • Focus on minimizing the environmental impacts of running cloud workloads
   • A shared responsibility model for sustainability, maximizing utilization to minimize required resources and reduce downstreame impacts

 

AWS Well-Architected Tool

AWS Well-Architected Tool

• Trusted framework used to evaluate your cloud architectured and implement designs that will scale over time.
• It helps throughout the product lifecycle.
  • Defining the workload, Conducting architectural reviews, Providing recommendation
• Available in the AWS Management Console

AWS Well-Architected Lenses

• Well-Architected Framework를 더 세분화해서 다양한 업계 및 기술 영역에 대한 최적화된 가이드 제공
• you can create and share custom lenses

---

AWS Cost Management

AWS Payment Models

AWS Payment Models

• Pay for the individual services that you need for as long as you use them with no long-term contracts.
• Pay-as-you-go model: 사용한 만큼만 비용 지불
  • easily adapt to changing business needds without overcommitting budgets and improve your responsiveness to changes
  • you can adapt depending on need and not on forecasts, which reduce the risk of overprovisioning or missing capacity
• Save when you commit
  • flexible price model that provides significant savings
  • sign up for Saving Plans for 1 or 3-year term
• Pay less by using more
  • get volume-based discounts
  • as your AWS usage needs increase, you benefit from the economies of scale

AWS Free Tier

• AWS offers a free usage tier for up to 1 year

 

Total Cost of Ownership (TCO)

Total Cost of Ownership (TCO)

• Financial metric that is used to estimate and compare direct and indirect costs of a product or a service.

TCO Tools

• It's challenging to come up with an accurate TCO model that represents the true cost of running your application.
• AWS Pricing Calculator
  • Estimate the cost of AWS products and services
  • Plan your AWS costs and usage or price out setting up a new set of instances and services
   

• AWS Migration Evaluator
  • Create data-driven business cases for planning and migration
  • AWS로의 마이그레이션에 대한 데이터 기반 비즈니스 사례를 구축하는 데 필요한 인사이트를 제공
  • Complimentary service

 

AWS Cost Management Tools

AWS Cost Maagement Tools

• AWS Billing Console
  • Resources to manage your ongoing payments and payment methods
  • 실제 결제 및 지불과 관련된 작업
• AWS Cost Management Console
  • Features for budgeting and forecasting costs and methods for you to optimize your pricing to reduce your AWS bill
  • 비용을 예상하고 최적화하는 것과 관련된 작업

AWS Cost Explorer

• AWS Billing and Cost Management console includes the Cost Explorer page.
• Visualize, understand, and manage your AWS costs and usage over time.

 

 

AWS Budgets

• Improve planning and cost control with flexible budgeting and forecasting.
• You can choose to receive regular reports allowing you to quickly monitor.

 

 

AWS Billing Dashboards

• Spend summary: show you how much you spend last month, the estimated costs, forecast
• Monthly-to-Date Spend by Service: show proportion of costs
• With EC2: pay for only the compute time that you use
  • Each EC2 instance type
  • Amount of EBS storage space that has been provisioned
  • Length of time that ELB has been used
• With S3
  • the # of requests to add or copy objects into a bucket
  • the # of requests to retrieve objects from a bucket 
  • amount of storage space that was used

---

Managing AWS Resources

AWS Support Plans

Basic support is included

• 24/7 customer service, documentation, white paper, support forums
• AWS Trusted Advisor
• AWS Health Dashboard

4 differnet support plans

1. Developer: Experimenting or testing in AWS
2. Business: Minimum for production workloads
3. Enterprise On-Ramp: Production or business critical workloads
4. Enterprise: Business or mission critical workloads

AWS Support Benefits

• Move faster with AWS
• Automate management of your environment
• Focus on what matters
• Manage and mitigate risks
• Highly-trained engineers, large network of subject-matter experts

 

Quotas in AWS service

Quotas

• Maximum values for resources, actions, and items
• Each AWS service defines its quotas and establishes default values
• Quota limits might be overriden or increased on request

 

Tagging

Tagging

• You can assign metadata to your AWS resources in the form of tagging
• help you manage, identify, organize, search for and filter resources
• tag key - tag value: 대소문자 구분 O

Common Tagging Strategies

• Tags for resource organization
  • You can create groups of reosurces based on tag
• Tags for cost allocation
  • AWS Cost Explorer and detailed billing reports let you break down costs by tag
• Tags for automation
  • filter resources during automation activities
• Tags for access control
  • constrain IAM permissions based on specific tags

 

AWS Trusted Advisor

AWS Trusted Advisor

• Online tool that provides recommendations to help you follow AWS best practices.
• Scans your AWS infrastructure, compares it to AWS best practices in five categories, and provides recommended actions.

Benefits of AWS Trusted Advisor - Five checks

• Cost optimization
• Performance
• Security
• Fault tolerance
• Service quotas
  • Trusted Advisor will notify you after you reach more than 80 percent of a service quota.

Trusted Advisor's Five checks

• for Basic, Developer plans
  • Core security checks and checks for service quotas
• for Business, Enterprise On-Ramp plans
  • All checks including cost optimization, security, fault tolerance, performance, and service quotas
• for Enterprise plans
  • Trusted Advisor Priority provides prioritized and context-driven recommendations

 

AWS Health Dashboard

AWS Health Dashboard

• A single place to learn about the availability and operations of AWS services.

Feature of Health Dashboard

• A personalized view of service health
• Proactive notifications
• Detailed troubleshooting guidance
• Integration and automation
• fine-grained access control by using IAM
• aggregate health events across AWS Organizations

 

AWS Additional cloud operation services

AWS Cloud Watch

AWS CloudWatch

• Complete visibility into your cloud resources and applications
• collects and visualizes real-time logs, metrics, and event data in automated dashboards to streamline your infrastructure and application maintenance.

 

Use Cases

• Monitor application performance
  • Visualize performance data to understand and resolve the issue
• Perform root cause analysis
  • Analyze datas to speed up debugging and reduce overall time to resolution
• Optimize resources proactively
  • Automate resource planning and lower costs by setting actions to occur when thresholds are met
• Test website impacts
  • Fidn out exactly when your website is impacted

CloudWatch Integration with Other Services

• Amazon Simple Notification Service (SNS)
  • SNS coordinates and manages the delivery or sending of msgs to subscribing endpoints or clients.
  • with CloudWatch: send msgs when an alarm threshold has been reached
• Amazon EC2 Auto Scaling
  • enables you to automatically launch or terminate EC2 instances
  • with CloudWatch: scale your EC2 instances based on demand

 

AWS Cloud Trail

AWS CloudTrail

• Record user activity and API usage in AWS services.
• monitors and records account activity across your AWS infrastructure, giving you control over storage, analysis, and remediation actions.

 

Use Cases

• Protect organization from penalties using CloudTrail logs to prove compilance with regulations.
• Audit activity
  • easily generate audit reports
• Identify security incident
  • detect unauthorized access
• Troubleshoot operational issues
  • continuously monitor API usage to spot unusal activity and determine root cause

 

AWS Config

AWS Config

• Records and normalizes the changes into a consistent format to simplify change management.
• automatically evaluates the recorded configurations against the configurations that you specify.

 

Use Cases

• Streamline operational troubleshooting and change management
  • allows you to quickly troubleshoot operational issues
• Deploy a compliance-as-code framework
  • Codify your compliance requirements, automating the assessment of your resource configurations across your organization
• Continually audit security monitoring and analysis
  • Evaluate resource configurations for potential vulnerabilities

 

AWS EventBridge

AWS EventBridge

• Build event-driven applications at scale across AWS, existing sysstems, or SaaS applications.

 

AWS Organizations

AWS Organizations

• Centrally govern your environment as you grow and scale your workloads on AWS.
• Manage and organize your accounts under a single bill.
• Set central polices and configuration requirements.
• Create custom permissions or capabilities.