Choosing storage service is critical when designing a cloud architecture. Read on to learn about the characteristics, limitations, typical use cases, and a decision tree for the following options to store data on AWS: Instance Store, EBS, EFS, FSx, and S3.
In this episode, Michael invited a guest: [Philipp Garbe](https://twitter.com/pgarbe). Philipp is an AWS Container Hero, Working in the Cloud, and we hope you enjoy his Bavarian accent as much as the knowledge he shares with us.
In this episode, Michael compares the available messaging options on AWS.
The goal of messaging is to decouple the producers of messages from consumers. The messaging pattern allows us to process the messages asynchronously. This has several advantages. You can roll out a new version of consumers of messages while the producers can continue to send new messages at full speed. You can also scale the consumers independently from the producers. You get some kind of buffer in your system that can absorb spikes without overloading it.
AWS offers different types of API gateways as a managed service. This review takes a closer look at the new service API Gateway HTTP APIs announced in December 2019 and generally since available in March 2020. The cloud provider promises that HTTP APIs are faster and cheaper than it's predecessor. We will look at hard technical facts instead of flowery marketing promises.
There are countless reasons why your website is not working as your users expect. From a technical point of view, you can monitor your load balancers, your web servers, and your database. But what if that external script that you embed is breaking your site? Expired TLS certificate? Something wrong with DNS? How can you test that your website works for real users?
In this episode, we introduce CloudWatch Synthetics as a solution to monitor your website from a user perspective.
Containers are a powerful tool to streamline your development and deployment process. However, a container cluster - no matter if you are using ECS (Elastic Container Service), EKS (Elastic Kubernetes Service), or self-managed Kubernetes - increases complexity. You are not only managing virtual machines anymore, but you are also operating containers on top of those virtual machines. Luckily, AWS offers a few approaches to minimize the effort of providing the computing capacity for your container cluster.
- ECS with Cluster Auto Scaling
- ECS with DIY Auto Scaling based on CloudWatch Events and Metrics
- ECS on Fargate
- EKS with Cluster Autoscaler and Managed Node Group
- EKS on Fargate
The most reliable way to automate creating, updating, and deleting your cloud resources is to describe the target state of your infrastructure and use a tool to apply it to the current state of your infrastructure. AWS CloudFormation and Terraform are the most valuable tools to implement Infrastructure as Code on AWS.
But what are the differences between both tools?
Using multiple AWS accounts to isolate workloads has been a best practice, not only since AWS introduced consolidated billing in 2010. AWS made a huge step by introducing AWS Organizations in 2017 and has added more and more features on top of the formerly boundary of an AWS account. In my opinion, we have passed the sweet spot between centralism and isolated accounts. The possibilities powered by AWS Organizations ruin the concept of isolated accounts with limited blast radius.
I recommend, to manage no more than 50 AWS accounts per AWS organization. Use multiple AWS organizations instead. Also, think twice before using SCP or Trusted Organization Access, both features make centralism permanent. I haven't seen a thriving, innovative, and centralized IT organization so far. Correct me if I'm wrong.
Amazon CloudWatch improved significantly over the years. It's time to look at its monitoring capabilities again. CloudWatch is an excellent starting point to implement enhanced monitoring on AWS. In this episode, Michael demonstrates what you can do with CloudWatch metrics and alarms. Metrics provide a time-series database for telemetry (e.g., CPU utilization of an EC2 instance). Alarms watch a metric and trigger actions if a threshold is reached.
AWS offers shiny and powerful networking services. However, you should know about the pitfalls when designing advanced networking architectures for AWS. I will share some pitfalls that came to my attention when consulting clients to get the most out of AWS.
You will learn how to answer the following questions: VPC Peering or Transit Gateway NAT Gateway or Public Subnet? VPC Endpoints or NAT Gateway? CloudFront or Akamai, Cloudflare, Fastly ...? Route 53 Resolver or Public Hosted Zone?