Scribd
Upload
20 views

Aws SRM

Uploaded by

crocoder88
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
20 views

Aws SRM

Uploaded by

crocoder88
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 36

Amazon Web Services Online Internship Program

19th June - 14st August, 2023


Batch 2
___________________________________________________________________________

19/06/23 - Agenda
-------------------------------------------------------------------------------------------------

What is Cloud Computing?

What is AWS?

Advantages of CC

Fundamentals of AWS

Cloud based Platforms

Provides All Services Storing Service Only

AWS I cloud
Azure Samsung cloud
Google Mi cloud
IBM Cloud Vivo cloud
Alibaba

Computing - All the operations and tasks by a computer like Storing, Transferring the files,
Access/Retrieving, Animate/Graphic designing, Gaming, Database, Coding etc

What is Cloud Computing(CC)?


- Running and accessing all the operations from anywhere and at anytime

AWS is one of the Cloud Computing Service Provider

- Definition given by Amazon → On demand delivery of IT resources and applications


via the internet with pay as you go pricing

In AWS - services will charge hourly based

Amazon - e-commerce
AWS - Cloud Computing

Jeff Bezos founder of Amazon in 1994


2 Employees - Chris Pinkman & Benjamin Black proposed theory of AWS as a platform
for CC in 2003 and launched officially in 2006

The 1st service was SQS Simple Queue Service in 2004 as a beta version to deliver the
messages in a queuing system.

AWS Certifications:

1. Foundational
a. Cloud Practitioner
2. Associate Level
a. Developer
b. Solutions Architect
c. SysOps Admin
3. Professional Level
a. DevOps Engineer
b. Solutions Architect
4. Speciality
a. Machine Learning
b. Big Data
c. Security
d. Alexa Skill Builder
e. Advanced Networking

4th Industrial Revolution - The Fourth Industrial Revolution represents a fundamental


change in the way we live, work and relate to one another.

The production environment is run with minimal human intervention using new industrial
manufacturing technologies, such as IoT, robotics, and additive manufacturing.
Trending Software Jobs in 4.0

Cloud Computing IoT


Automation Gaming
Web Development Robotics
Artificial Intelligence Data Science

Server - virtual platform to do our operations and provides response for client side request

database - to store user data from application

file system/storage - storing object type of files(.mp3, .mp4, .jpg, .png, .php, .sql)

Network - networking and content delivery i.e., transfer files from source to destination

Requirements for a startup business(25 lakhs)

On-Premises (Local) Virtual


1. Server 24x7 Whenever we
wants
2. IT infrastructure Need No need
3. Real Estate - area Need No need
4. Database - virtual 24x7 Whenever we
wants
5. Employees Need Need
6. Promotion Need Need
7. Networking Cost Expensive Moderate Cost
8. Electric Bills Cost Expensive Moderate Cost
9. Global Deployment Hard to build Easy deployment

For Ex: By taking Virtual Servers, we can add/install 100 with in minutes whereas it is
difficult to add a server and it takes week days to create environment and cost expensive

------------------------------------------------------------------------------------------------------
20/06/23 → Cloud Service & Implementation types and Global Infrastructure
------------------------------------------------------------------------------------------------------

Cloud Service Models:

IAAS - Used for IT Administrators - More Controllability


Example:
In General Terms - New Built House (We have to equip all the sources like Cement Bricks
Sand Iron)
Software Application - Servers, Databases etc

PAAS - Used for Software Developers - Medium Controllability


Example:
In General Terms - Flat with Interior things like we have to organize them in our own way
Software Application - Coding, Debugging, Testing, Developing, Updating etc

SAAS - Used for End Users - Less Controllability


Example:
In General Terms - Hereditary Assets like we are getting from our fathers and doing nothing
just enjoying the output results
Software Application - Like Gmail, FB, Twitter, Insta etc all the applications availables for
users to use for themselves

Cloud Implementation Types:

Public Cloud - Applications made available for public


Private Cloud - Solely operated by an individual/organization
Hybrid Cloud - Combination of Private and Public

------------------------------------------------------------------------------------------------------
21/06/23 → Global Infrastructure
------------------------------------------------------------------------------------------------------

AWS Global Cloud Infrastructure is the most secure, extensive, and reliable cloud
platform offering over 200 fully featured services from data centers globally.

Regions - 31 (World Wide)


Availability Zones - 99 (Each Region has min. 2 to max. 6 AZs)
Edge Locations - Nearby Datacenters for users to access AWS Functionalities

US North Virginia (us-east-1) has 6 AZ (us-east-1a to us-east-1f) and is the main region
where all the AWS functionalities work. And the first region that Amazon established for all
their works.

Regions & Availability Zones

Region - which is a physical location around the world where we cluster data centers.
27 Regions are in Public Cloud and 4 are in Private Cloud

North America → 5 regions (Pub)


2 regions (Priv) → US West Govt, US East Govt
South America → 1 Region (Pub)
Europe → 8 Regions (Pub)
Mid East → 2 Regions(Pub)
Africa → 1 Region (Pub)
Asia Pacific → 8 Regions (Pub)
2 Regions (Priv)
Aus & NewZealand → 2 Regions (Pub)

5 more upcoming AWS Regions in Canada, Israel, Malaysia, New Zealand, and Thailand.

In India, there are 2 Regions:


1. Mumbai with 3 AZs
2. Hyderabad with 3AZs

Edge Locations: Hyderabad(4), Kolkata, Bangalore(3), Mumbai(2), Delhi(5) and Chennai(2)

----------------------------------------------------------------------------------------------------
22/06/2023 - Launching Instances
----------------------------------------------------------------------------------------------------

To do practical session, use https://www.awsacademy.com/vforcesite/LMS_Login and


then sign in to AWS Academy

EC2 - ECC - Elastic Compute Cloud

Server also called as Instances

Types of Instances
On-demand
Reserved
Spot Instances

Steps to Launch Instance_____________________

Step 1 → Name and Tags - To identify the instance for further uses
Name to identify → Demoserver
Step 2 → Choose an AMI nothing but an Operating system for our Instance
Amazon Linux 2 AMI/Ubuntu 20.04 LTS
Step 3 → Choose Instance types - like Family, Size, vCPUs, Network performance, EBS
Store
T2.micro, 1vCPU, 1GiB Memory
Step 4 → Configure Instance details - like How many instances to launch, and in which
network
Network : Default VPC/Customized VPC
Subnet : No Preference
Step 5 → Add Storage - like adding root volumes and Elastic Block store Volumes
Root volume of 8 GB extend upto 30GB
Step 6 → Key Pair - Create a New Key pair with RSA encrypted mode and download either
pem and ppk files
Step 7 → Security groups - Acts like a firewall and keeps guards on inbound and outbound
rules
SSH Custom 22
All Traffic/(HTTP/HTTPS) Anywhere 80/443
Step 8 → Review - Review all the details and Launch

1st Method:
—-------------
1. After launching Instance, Select that instance and click on Connect
2. Select EC2 Instance Connect and Connect with your instance with command prompt

2nd Method:
—--------------
Download the pem file and Convert that file using 3rd party software application putty

Download from Alternative Binary files


Puttygen.exe - To convert pem file to ppk
Run → Load → Select .pem file → Open → Ok → Save Private key → give a name
with .ppk extension → Save
Putty.exe - To communicate with the instance
Run → Paste Public IPV4 address of EC2 instance → SSH → Auth → Browse .ppk
file

pem → privacy enhanced mail (used to connect with windows to windows and linux to
linux)
ppk → putty private key (used to communicate with windows to other OS)

Launching instances using Ubuntu and Linux copy Public IPV4 IP Address and connect
with putty

Commands for communicating with Server

To connect with NGINX Web Server


login as: ec2-user
sudo su
yum update -y
yum install nginx -y (or) sudo amazon-linux-extras install nginx1 -y
service nginx start
chkconfig nginx on

To connect with HTTPD Web Server


login as: ec2-user
sudo su
yum update -y
yum install httpd -y
service httpd start
chkconfig httpd on

To connect with RHEL server


login as: ec2-user
sudo su
sudo yum install httpd -y
service httpd start
chkconfig httpd on

To host an application
Check the current directory → pwd
Changing the directory to parent folder → cd ..
Changing the directory to new folder → cd <folder name>
cd /usr/share/nginx/html → For NGINX and cd /var/www/html → For HTTPD

To use Editors
nano newfile.html
Write the content
exit → ctrl x
save → y press enter

vi newfile.html
change to insert mode → i
write the content
to save & exit → esc :wq

--------------------------------------------------------------------------------
23/06/2023 - Windows & Volumes
--------------------------------------------------------------------------------

Windows Instance and adding up the volumes using Elastic Block Store

Steps to Launch Instance_____________________

Step 1 → Name and Tags - To identify the instance for further uses
Name to identify → Windows server
Step 2 → Choose an AMI nothing but an Operating system for our Instance
Microsoft Windows Base 2022 AMI
Step 3 → Choose Instance types - like Family, Size, vCPUs, Network performance, EBS
Store
T2.micro, 1vCPU, 1GiB Memory
Step 4 → Configure Instance details - like How many instances to launch, and in which
network
Network : Default VPC/Customized VPC
Subnet : Select 1 Availability Zone
Step 5 → Add Storage - like adding root volumes and Elastic Block store Volumes
Root volume of 30GB allocated of SSD
Step 6 → Key Pair - Create a New Key pair with RSA encrypted mode and download either
pem and ppk files
Step 7 → Security groups - Acts like a firewall and keeps guards on inbound and outbound
rules
RDP Custom 3389
All Traffic/(HTTP/HTTPS) Anywhere 80/443
Step 8 → Review - Review all the details and Launch

By using Linux/Ubuntu, we can communicate through putty terminal or EC2 Instance


Connect as they are CLI based OS whereas Windows has GUI

So we have to download Remote Desktop File to communicate

Now click on Connect → RDP Client → Download RDP File → Get Password →
Browse pem file → Open with notepad → Copy and Paste the content → Decrypt
Password → Copy Password

Open Remote Desktop File and add volumes into your server
EC2 Console → Volumes → Create Volume in the same AZ → Attach to Windows
Instance

Open Remote Desktop File


Windows+R → to get run prompt
Type diskmgmt.msc
Right Click on offline → make online
Right click on not initialized → make initialized
Right click on unallocated → allocate the specific size
And now allocate your volume to specified disk

Here we are using SSD storage for Elastic Block Store(EBS) because it is having high
performance when compared to HDD. If HDD processes 500MB/s, SSD processes
7000MB/s because it has no moving mechanical parts and stores the data in integrated
circuits whereas HDD stores the data magnetically.

--------------------------------------------------------------------------------
24/06/2023 - AMIs & Snapshots
--------------------------------------------------------------------------------
Snapshots used for getting backup/template

Launching an instance using Ubuntu

Images → AMI

Public Images → Source = Amazon, Platform = Ubuntu, Select Ubuntu 1.21.1 AMI

Click on Launch Instance using AMI and repeat the steps of Launching Instances and run
the commands

Ubuntu
—---------
sudo su
apt-get update
apt-get install apache2 -y
cd /var/www/html
nano index.html

Create your own AMI

Select Instance → Actions → Create Image → Image and Templates → Create image
Image Name
Image Description
Create
Image → Snapshot → AMI → OS Template

Again launch an Instance using My AMIs by taking Private Images → AMI name = Image
Name that you have given and repeat the steps.

-----------------------------------------------------------------------------------
26/06/2023 - IP Configurations and introduction to VPC
-----------------------------------------------------------------------------------
Network → Interconnection of two or more devices or node

Networking → Establishing the communication between inter connected devices

Internet → Massive networks of networks

Types of networks
1. Local Area Network (LAN) → within 1KM
2. Metropolitan Area Network (MAN) → <100KM
3. Wide Area Network (WAN) → >100KM

Establishing the Single Network connection

3 requirements:
1. NIC card
2. Media
a. Guided Media (Wired)
i. Co-axial Cables
ii. Twisted Pair Cables
1. STP → Shielded Twisted Pair Cables
2. UTP → Unshielded Twisted Pair Cables → Electrical Signals
iii. Optical Fiber Cables → Light Signals

b. Unguided Media (Wireless)


i. Microwaves
ii. Radio Waves → Frequency
iii. Infrared Waves

3. Networking Devices
a. Hub → Non Intelligent Device
b. Switch → Intelligent Device → Based on MAC Address
c. Router → Based on IP Address
d. Bridge - 4 topologies
Internet Protocol(IP)

1. IPV4 - 32 bit (0-255)


4 octets - 4*8 bits Ex: 192.168.3.5

2. IPV6 - 128 bit


8 octets - 8*16 Ex:2001:0000:AB01:1001:0000:B10A:0001

Public IPs - unique

Classes - 5
A: 0.0.0.0 - 126.255.255.255 → 0 to 126
127 is loopback ip address
B: 128.0.0.0 - 191.255.255.255 → 128 to 191
C: 192.0.0.0 - 223.255.255.255 → 192 to 223
D: 224.0.0.0 - 239.255.255.255 → 224 to 239 → Multicasting Purpose
E: 240.0.0.0 - 255.255.255.255 → 240 to 255 → Research & Development

Private IPs
A: 10.0.0.0/8 - 10.255.255.255
B: 172.16.0.0/16 - 172.31.255.255
C: 192.168.0.0/24 - 192.168.255.255

-----------------------------------------------------------------------------------
27/06/2023 - IP Configurations
-----------------------------------------------------------------------------------
Subnet Mask:
- A subnet mask is a 32-bit number created by setting host bits to all 0s and setting
network bits to all 1s.
- It is used to identify network address of an IP address by performing a bitwise AND
operation on the netmask

We can identify No. of Network Address & Host Address

A: 255.0.0.0 → N.H.H.H - 1.67 Cr ips


11111111.00000000.00000000.00000000

How many IP addresses are in Class A range?


10.0.0.0 - 10.255.255.255
A: 255*255*255 = 1.67crores

B: 255.255.0.0 → N.N.H.H - 65025 ips


C: 255.255.255.0 → N.N.N.H - 255 ips
Identifying No. of Host/IP Addresses

Class A: 255.0.0.0 → N.H.H.H → 32-8=24 → 2^(24) - 2


===> 1,67,77,214 (Network Address + Broadcast Address)
Class B: 255.255.0.0 → N.N.H.H → 32-16=16 → 2^(16) - 2
===> 65,534
Class C: 255.255.255.0 → N.N.N.H → 32-24=8 → 2^(8) - 2
===> 254

Identifying No. of Network Addresses


To create network addresses it will do bitwise AND operation

Class A: 255.0.0.0/8 → N.H.H.H → 32-24=8 → 2^(8) - 1


===> 255 (Network Address + Broadcast Address)

Ex: 255.0.0.0/8 → Class A


255.128.0.0/9
255.192.0.0/10
255.224.0.0/11
255.240.0.0/12
255.248.0.0/13
255.252.0.0/14
255.254.0.0/15 → Up to this IP, we have 1N 3H
255.255.0.0/16 → Class B

Class B: 255.255.0.0/16 → N.N.H.H → 32-16=16 → 2^(16) - 2


===> 65,534
Class C: 255.255.255.0/24 → N.N.N.H → 32-8=24 → 2^(24) - 3
===>1,67,77,213

Priority Bits for Class A (0 to 126) ⇒ 0

128 64 32 16 8 4 2 1
_____________________________________________
0 0 0 0 0 0 0 0 -0
0 0 0 0 1 0 1 0 - 10
0 0 1 0 0 0 0 0 - 32
0 0 0 0 0 1 0 1 -5

Priority Bits for Class B (128 to 191) ⇒ 1,0

128 64 32 16 8 4 2 1
_____________________________________________
1 0 0 0 0 0 0 0 - 128
1 0 0 1 0 1 1 0 - 150
1 0 1 0 1 1 1 1 - 175
1 0 1 1 1 1 1 1 - 191

Priority Bits for Class C (192 to 223) ⇒ 1,1,0

128 64 32 16 8 4 2 1
_____________________________________________
1 1 0 0 0 0 0 0 - 192
1 1 0 0 1 1 0 1 - 205
1 1 0 1 1 1 0 0 - 220
1 1 0 1 1 1 1 1 - 223

Example: 192.168.3.5

128 64 32 16 8 4 2 1
_____________________________________________
1 1 0 0 0 0 0 0 - 192
1 0 1 0 1 0 0 0 - 168
0 0 1 0 0 0 0 0 - 32
0 0 0 0 0 1 0 1 -5

Converting IP to binary format


192. 168. 32. 5
11000000. 10101000. 00100000. 00000101

Example: How to identify an IP address? 102.16.25.6


1. Which Version → IPV4
2. Which Class → A
3. Public/Private → Public
4. Identify subnet mask → 255.0.0.0
5. Identify No. of Networks and Hosts → 1N 3H
6. How many IP addresses in a particular class → 1.67
7. How many network bits we have → 8 bits

--------------------------------------------------------------------------------
28/06/2023 - Virtual Private Cloud
--------------------------------------------------------------------------------
Creating VPC (Virtual Private Cloud) → Isolated portion for AWS resources
By default as a student account, we can create 5 VPCs for a single region.

It is used to separate the networks established in the cloud and provides safety and security
for the resources deployed by us.

Class Private IP Range


A 10 N.H.H.H - /8
B 172.16 - 172.31 N.N.H.H - /16
C 192.168.0 - 192.168.255 N.N.N.H - /24

We can use any class of Private IPs for VPC

Your VPCs → Create VPC → 10.0.0.0/16

In VPC we can create 65000 IPs because here we are using /16 means the first 2 ports will act
as a Network address. So for the Subnets we are creating in that VPC the range starts from
3rd port i.e., 10.0.1 Because we cant change or modify the Network ports so we are going to
assign the IPs in host ports.

Subnets → Create Subnet → Assign Availability Zone → 10.0.1.0/24


→ Create Subnet → Assign Availability Zone → 10.0.2.0/24
Go to Actions and Edit DNS Hostnames → Enable

In subnets, we are using /24 means 255 Ips can generate. That means 255 instances can
launch in a Single subnetwork.

Internet Gateway → Attach to the created VPC for internet


→ Create Internet Gateway → Assign Name → Attach VPC

Route Table → Create Route table →


→ Edit Routes → 0.0.0.0/0 → Attach Internet Gateway
→ Subnet Associations → Attach 2 Subnets
--------------------------------------------------------------------------------
30/06/2023 - NAT Gateways & Elastic Ips
--------------------------------------------------------------------------------
NAT means Network Address Translator
Used to communicate with a private server by using Public server

Requirements:
1 VPC
1 Subnet - Internet Gateway - Public Subnet (you can directly communicate with
server)
1 Subnet - NAT Gateway - Private Subnet (with the help of 1st server will
communicate with 2nd server)

Create VPC (1) → NAT_VPC - 192.168.0.0/16


Subnets (2) → Pub_Subnet - 192.168.1.0/24
→ Pvt_Subnet - 192.168.2.0/24
Internet Gateway (1) → NAT_IGW attach to NAT_VPC
NAT Gateway (1) → Natgateway1 - Pvt_Subnet
Route Tables (2) → Pub_rt - NAT_VPC → Routes - IGW, Subnet - Pub_subnet
→ Pvt_rt - NAT_VPC → Routes - NATGateway, Subnet -Pvt_subnet

Launching 2 Instances using 2 subnets


Pub_Instance → Pub_subnet
Pvt_Instance → Pvt_subnet

If you want to connect Pvt_Instance directly by using putty, you cannot connect with your
server because of not having Internet Gateway that's why,
Open Pub_Instance putty and connect your Pub_Instance and then connect to Pvt_Instance
sudo su
ping 192.168.2.60 (Private ip of pvt_instance)
ctrl+z (to stop)
nano example.pem (copy the content of downloaded pem file and save it in nano
editor)
chmod 400 /home/ec2-user/example.pem (r-- --- ---)
ssh -i example.pem [email protected] (Private ip of pvt_instance)

There you can see, you can communicate with the private server using a public server.

chmod → to change permissions


a g o (admin groups and others)
7 7 7 - read, write and execute

1- 001 - X (execute)
2- 010 - W (write)
3- 011 - WX (write-execute)
4- 100 - R (read)
5- 101 - RX (read-execute)
6- 110 - RW (read-write)
7- 111 - RWX (read-write-execute)

Elastic IPs
IP Address is for routing and addressing

AWS Provides 5 Elastic IPs/Region - Free-Tier

EC2 Console → Elastic IPs → Allocate → Associate

--------------------------------------------------------------------------------
01/07/2023 - Load balancer & Target Groups
--------------------------------------------------------------------------------
Load Balancing - Equal sharing of traffic /load among the servers

1. Scalability 2. Availability

Scalability: To increase the resources and allow the incoming traffic based on the clients
request.

Example:
3 persons → 5 seater car (Feasible & Comfortable)
6 persons → 5 seater car (Makes more uncomfortable & Insufficient)

Types:
1. Vertical → We can enhance/increase the existing resources like Processor,
Memory, Storage,
Ex: t2.micro 1 vcpu 1GiB → t2. large 4 vcpu
i3 processor to i7 processor
4 GB ROM to 16 GB ROM
3 persons → 5 seater car
6 persons → 7 seater car

2. Horizontal → We can add the new resources with the same


specifications/configurations.
Ex: 1 Instance + 1 Instance with same configurations
3 persons → 5 seater car
6 persons → 5 Seater car + 5 Seater car (2 cars)

Availability: To make our resources more available for the users to access without
interruption.
Ex: Launching in different or multi Availability Zones to retrieve data without losing
while any calamities or damage occurs to data centers.
Lab: First create Instances with the same VPC and same Security Group and Same
Configurations in same/different Availability Zones.

Target Groups
Adding Resources that you want to undergo for Load Balancing
Create → Give Target Type → Instances
- Give name for Target Groups
- Listener → HTTP : 80
- VPC → Select same VPC of your instances
- Register your instances → Include as pending below → Register targets &
Create

Load balancer
Used to share the load equally in between the servers

Create → Select Application Load balancer


Give name
Network Mapping → Select same VPC of your instances → All Subnets
Select same Security Group of your instances along with default SG
Select the Target that you created
Create

After the Status changes from Provisioning to Active, you will get a DNS name that will be
used for further authentication.

That is the DNS Name which alters for the IPV4 address of Instances that you used as targets.
You will get either of the targets (Server1/Server2) based on the traffic/load coming to your
application and the clients will be accessed the application without interruption.

--------------------------------------------------------------------------------
03/06/2023 - Simple Storage Service (S3)
--------------------------------------------------------------------------------

Google → Google Drive/Photos as Storage Service


whereas AWS → S3

S3 (SSS) - Simple Storage Service - Object Type of File storage service

Storage Size of a Bucket → 0 Bytes - 5TB

You can create Individual Folders, upload files and folders from Local system to access them
and utilize them for other AWS Services

Storage Classes are of 3 Types:

Standard Storage - Frequently accessed data


Ex: College Attendance Notes Schedule Files
Standard Infrequent Access Storage
Ex: Marks Sports Cultural Programmes Files

Glacier - Long time archiving storage to analyzing purpose


Ex: Student Details, College Pass%, Faculty Salary Increment Files

Storage Classes:
1. Frequently Accessed Data
a. Standard Storage → Critical Data
b. Reduced Redundancy → Non Critical Data
2. Infrequently Accessed Data
a. Standard IA Storage → Multi Zone
b. One Zone IA → Single Zone Storing
3. Long Time Archiving
a. Glacier Deep Archive
b. Glacier Instant Retrieval
c. Glacier Flexible Retrieval

Bucket Creation → Name and Region → ACL Enabled → Create → Upload Files

To make them public, you have to give Public Access to everyone to access your data world
wide by unblocking the permissions.

Bucket Name → Permissions → Block Public Access → Edit → Off


Object Name → Select → Actions → Make public via ACL

Copy the URL → Paste → You can access

Versioning → Enable, In case of accidental deletion to restore the files


Current version
Previous version

Bucket Name → Properties → Versioning → Enable

Static Website Hosting - without using server you can host a static website using S3

First you have to upload the files of the web application that you want to host in your bucket
and make all the files as public accessible then go to
Bucket → Properties → Static Website hosting → Edit
Enable → Index Document → Index.html
Error Document → Error.html → Save Changes

Life Cycle Management → To change the storage classes automatically after the creation of
objects.

Bucket → Management → LifeCycle Rule → Create


Rule Name → My-rule
Scope → Entire Bucket
Transition → Standard to Standard IA after 30 days

Replication Management→ To copy or duplicate the files from one bucket to another

1. Cross Region Replication → From one region to another


Ex: North Virginia (Source Bucket) to Mumbai (Destination Bucket)
a. Same Account
b. Different Account
2. Same Region Replication →In the same region
Ex: North Virginia (Source Bucket) to North Virginia (Destination Bucket)
a. Same Account
b. Different Account

Create 2 buckets (Source Bucket & Destination Bucket) in different regions and Enable
versioning and upload files in Source Bucket
Open Source Bucket → Management → Replication Rule → Create
Rule Name → My-rule
Scope → Entire Bucket
Source → Source Bucket
Destination → Browse Destination Bucket
IAM → Create a new role → Create Rule

-----------------------------------------------------------------------------------------------
05/07/2023 - Dynamic Website hosting, Launch templates & Auto Scaling
-----------------------------------------------------------------------------------------------
Dynamic Web Page Deployment using WinSCP

Hosting a Dynamic Web page

Amazon Linux instance - deploying application using WinSCP

chmod → to change permissions


a g o (admin groups and others)
7 7 7 - read, write and execute

RWX\
000
1- 001 - X (execute)
2- 010 - W (write)
3- 011 - WX (write-execute)
4- 100 - R (read)
5- 101 - RX (read-execute)
6- 110 - RW (read-write)
7- 111 - RWX (read-write-execute)

To host a dynamic website

step1:
Launching an instance
step2:
Connecting with EC2 instance
step3:
Downloading WinSCP Version 6.1.1
(https://winscp.net/eng/download.php)
step4:
Setup the application WinSCP
step5:
Connecting WinSCp with ppk file
SFTP, IPV4 IP, ec2-user → Advanced → Browse ppk file → Login
step6:
cd /var/www/html (or) cd /usr/share/nginx/html in EC2 instance connect and as
well as in WinSCP change the folders
step7:
delete index.html (Due to not having required permissions, it will denied)
step8:
chmod 777 /var/www/html retry step7
step9:
Download css/html from free html templates into your local system
step10:
extract/unzip zip files of css/html
step11:
Move files from local server to virtual server path (/var/www/html or
/usr/share/nginx/html)
step12:
paste your public ip address in a new tab then you will get the dynamic web page in
your instance

Launching a Template using Existing Instance

Select your instance → Actions → Create Launch Template

Launch template name → My-template


Template version description → Give any description
Auto Scaling guidance → Enable (If you want to do Auto scaling)

And leave all the other settings with default values and Create Launch Template

AutoScaling Groups
- Scaling up and scaling down instances automatically and undergoes scaling policy

Create an Auto scaling group

Auto Scaling group name → My-ASG-1


Launch template → Select created template → My-template
VPC → Default/Customized as per the existing instance
Availability Zones and subnets → Select all subnets under VPC
Instance type requirement → Default
Load balancing → Select any one (If you dont want to do, select no)
VPC Lattice integration options → No
Health checks → Enabled for 300 Sec
Additional settings → Leave as default
Group size → DC - 2, Min - 1, Max - 5
Scaling policies → No
Instance scale-in protection → Disable
Notification → No
Tages → Key - Name, Value - Provide a name for new
instances
Review and Create

Now go to the instances tab, and there you can see the new instances created under Auto
scaling group.

This Auto scaling and load balance are parallel services that means whenever a new instance
created load balance will share the traffic among the running instances if you attach Load
balancing while creating auto scaling groups

-----------------------------------------------------------------------------------------------
06/07/2023 - Relational Database Service (SQL)
-----------------------------------------------------------------------------------------------

Dynamodb - Non relational Database Service (NoSQL)

server - database - application

Database instance - 40/Region By Default


Database Replication → 3AZ * 2
Types: Cross Region replication
Same Region replication

For Amazon Linux AMI Server

Launch EC2 instance - Linux and download .pem file while using Key Pair into your local
system

Steps for Launching Database Instance


Choose a database creation method → Standard Create
Engine Option → MySQL
Engine Version → 8.0.32
Template → Free Tier
DB instance identifier → My-DB-1
Credential → Master username → srmuser (As ur wish)
Master password → 9876543210 (As ur wish)
DB instance class → t2/t3/t4
Storage → General purpose ssd gp2
Storage → 20GB
Autoscaling → Disable
Connectivity → Dont connect to EC2
Network → IPV4
VPC → Default VPC
Subnet Group → Default subnet group
Public Access → No
Security Group → Default
Availability Zone → No preference
Additional Configuration → 3306
Database Authentication → Password
Monitoring → Disable
database name → sample_db
Backup → Disable
Log exports → Diable
maintenance → Enable
Deletion protection → Disable
Create Database

After creating a database instance, you will get an endpoint, to make a connection with the
EC2 instance. Copy that Endpoint

Now open EC2 instance connect and run the commands

sudo su
yum update -y
yum install nginx -y
service nginx start
chkconfig nginx on

Now to make connection with database we have to install mysql packages for this most of the
linux servers using MariaDB instead of ORACLE

nano [pemfilename.pem] (Create a pem file in virtual server with the downloaded keyname)
ctrl +x (To exit)
y (To save)
ssh -i /home/ec2-user/[pemfilename.pem] ec2-user@[Copy EC2 instance DNS Name]

Ex: ssh -i /home/ec2-user/webkey.pem


[email protected]

sudo dnf update -y (Updating the system)


sudo dnf install mariadb105 (installing the mysql package)

mysql -u root (checking whether mysql installed or not)

Mysql→

for quit type “\q” or “exit”

username : srmuser (-u)


Hostname : RDS Endpoint (-h)
Password : 12345678 (-p)
dbname : sample_db
Port Number : 3306

mysql -u username -P 3306 -h copied end point in rds -p

It shows enter password: IT IS INVISIBLE type your password

Then You’ll Get into mysql root. Now you can run the commands to see your databases and
create the tables in your virtual server.

For Ubuntu AMI Server

Launch EC2 instance - Ubuntu from AMIs and download .ppk file

EC2 → AMI → Public Images → Source = Amazon, Platform = Ubuntu, Select any one
of the Ubuntu AMI and launch instance. Connect to the server and run commands.
sudo su
apt-get update
apt-get install apache2 -y
apt-get install mysql-server (install mysql packages)
apt-get install mysql-client
apt-get update
apt-get upgrade
mysql -u username -h copied end point in rds -p

SQL Queries

Task: Create your own database

create schema [databasename]; → To create new database

show databases;

use [your_dbname];

create table tablename (SNo varchar(10), Name varchar(30), Dept varchar(10), RollNo
varchar(30), Email varchar(20), phoneno varchar(12));

insert into dbname.tablename(SNo, Name, Dept, RollNo, Email, phoneno)values(“1”,


“Sumana”, “CSE”, “125368bhd”, “[email protected]”, “9876543210”);

Show tables;
Describe tablename;
select * from your dbname.tablename;

For more documentation use, https://docs.aws.amazon.com/rds/index.html

-----------------------------------------------------------------------------------------------
10/07/2023 - Cloud Watch & Simple Notification Service (SNS)
-----------------------------------------------------------------------------------------------
Management & Governance → Cloud Watch - for monitoring purpose

CloudWatch → Create Alarm


Select Metric → EC2 → Per-Instance Metrics → CPUUtilization of particular server

Conditions → Threshold type → Static


Whenever CPUUtilization is.. → greater than/equal to
Than → 50
Notifications → Create a new Topic
→ In Alarm State (Alarm triggering)
→ Topic Name
→ Endpoint (Email)

Actions → EC2 Action


→ In Alarm State (Alarm triggering)
→ Stop/Terminate/Reboot

Alarm Name and Description → Create Alarm

Status changes from Insufficient data to OK State

Open Gmail and confirm the subscription from AWS Notifications

Now Open EC2 instance connect to EC2 instance connect and apply some external stress by
installing the packages

→ sudo su
→ sudo apt-get install stress (or) yum install stress
→ stress --cpu 50 --timeout 300

To see the statistics of the stress that you have applied open a new connect and run the
commands

→ sudo su
→ top

Simple Notification Service (SNS)

To get notifications related AWS Services, we will use SNS service through
Email/Text Message

Notifications → Topic → To send notifications bulk numbers


Subscription → To send notifications individually

—-----------------------------------------------
11/07/2023 - VPC Peering
--------------------------------------------------
VPC Peering

A VPC peering connection is a networking connection between two VPCs that


enables you to route traffic between them using private IPv4 addresses or IPv6 addresses.
Instances in either VPC can communicate with each other as if they are within the same
network. VPCs can be in different Regions also known as an Inter-Region VPC peering
connection

VPC Peering → Used to communicate from one network to another

Requirements:

Step1: 2 VPCs
VPC1 → 10.0.0.0/16
VPC2 → 172.16.0.0/16
Step2: 2 Subnets
Subnet1 → VPC1 → 10.0.1.0/24
Subnet2 → VPC2 → 172.16.1.0/24

Step3: 2 Internet Gateways


IGW1 → VPC1
IGW2 → VPC2

Step4: 2 Route Tables


RT1 → VPC1
Routes → 0.0.0.0/0 & IGW1, Subnets → Subnet1
RT2 → VPC2
Routes →0.0.0.0/0 & IGW2, Subnets → Subnet2

Step5: 2 Instances
Server1 → Linux → VPC1 → SSH, HTTP/HTTPs, ICMP
Server2 → Ubuntu → VPC2 → SSH, HTTP/HTTPs, ICMP

Step6: Connect with 2 Putty terminals


Linux Ubuntu
Login as: ec2-user Login as: ubuntu
Sudo su sudo su
Ping [Public IP of Server2] ping [Public IP of Server1] (its working)
Ping [Private IP of Server2] ping [Private IP of Server1] (it's not
work)

Step7: Peering Connection


Name → VPC1toVPC2 (or) My-Peer-1
Requester VPC → VPC1
Accepter VPC → VPC2
Click on Create
Actions → Accept
Step8: Add Routes
RT1 → Routes → IP of VPC2(172.16.0.0/16) & Peering Connection
RT2 → Routes → IP of VPC1(10.0.0.0/16) & Peering Connection

Now the ping command is working for private IPs in both EC2 instances.So that
peering/communication is established b/w VPC1 to VPC2

—-------------------------------------------------------------
12/07/2023 - VPC Peering in Different Account
----------------------------------------------------------------
Requirements:
2 VPCs
2 Subnets
2 Internet Gateways
2 Route Tables
2 Instances
1 Peering Connection → Should be accepted by Accepter

Step1: Create VPC and other resources in different accounts

Your Account Another Account


VPC → 10.0.0.0/16 VPC → 172.16.0.0/16
Subnet → 10.0.1.0/24 Subnet → 172.16.1.0/24
Internet Gateway Internet Gateway
Route Table → Subnet, IGW Route Table → Subnet, IGW
Launch Windows → RDP, All Traffic Launch Windows → RDP, All Traffic

Instead of this you can go to VPC Dashboard → Select VPC and more option. It will
automatically create a VPC with all resources with default IPV4 CIDR Addresses for
Subnets.

Step2: Peering Connection


Name → VPC1toVPC2 (or) My-Peer-1
Requester VPC → VPC in your account
Accepter VPC → VPC in another account
Click on Create
Peering Connection will automatically be created in another account as well. Now ask the
accepter to accept the request.
Actions → Accept

Step3: Add Routes


RT → Routes → IP of VPC2(172.16.0.0/16) & Peering Connection
RT → Routes → IP of VPC1(10.0.0.0/16) & Peering Connection

Now open remote desktop connection in your laptop/system, Use Run Prompt
(Windows+r) and run mstsc and make connection with your requester server in the first
account by using Windows Public IP address

Username: Administrator
Password: Decrypted by pem file

It will connect successfully. Now if you want to make communication with a second server
the above process should be run in your virtual server by using Private IP of the acceptor
account server.

—-------------------------------------------------------------
13/07/2023 - Route 53
----------------------------------------------------------------
Route 53 - A Domain Name System

To see the IP address of particular website/application use the command ping

Ex: ping www.gmail.com

Assigning a domain name for Public IP Address


18.234.215.162 → www.sampleapp.tk

Freenom.com - Purchase a free domain name


Domain Error Rectify in Freenom → https://www.youtube.com/watch?v=3Uopc4AFjOY

Step1: Instance Launching


Launch an instance and host a static/dynamic web application using EC2 instance
connect/WinSCP

Step2: Go for Route53


Step1: DNS Management → Create Hosted Zone
Domain name → practicalapp.tk
Type → Public Hosted Zone
Create
Step2: Crete Record
Name → www
Type → A
Value → Paste Public Ip Address of instance (Ex: 65.8.55.34)
TTL → 60
Routing → Simple → Create

Step3: Create another record set for alternative


Step1: Crete Record
Name → org
Type → CNAME
Value → Previous record name (Ex: www.sampleapp.tk)
TTL → 60
Routing → Simple → Create
For Load Balancing DNS Name
Step1: Crete Record
Name → www
Type → CNAME
Value → Paste DNS name of load balancer
(Ex:My-lb-64563-useast-1-awsamazon.com)
TTL → 60
Routing → Simple → Create

Step4: Copy Name Servers (NS Record), open freenom website and Paste it in Freenom
Domain management
Copy Public IP and Paste it in freenom Glue Registers

Step5: Open a new tab and try to access your domain name
—-------------------------------------------------------------
14/07/2023 - CloudFront
----------------------------------------------------------------

CloudFront → known as Content Delivery Network (CDN) which delivers the data
Geographically by using proxy servers and data centers located in the nearby locations for the
users to access the applications that are hosted in AWS services with low latency and high
transfer speeds.

Global Infrastructure → AWS Regions → 31


Availability Zones → 99
Edge Locations → 400+

In India, we have 6 edge locations → Bangalore, Chennai, Kolkata, New Delhi, Mumbai,
Hyderabad

Hosting the applications → In EC2 instances/S3 buckets in single region

Single region → North Virginia → Low Availability, High Latency (Backdraws)

By using Edge Locations, CloudFront service gives you high availability of applications by
sending data to nearby datacenters.

Ex: Visakhapatnam →Hyderabad → Mumbai → North Virginia

Requirements:

S3 Bucket → Create bucket


Objects → Upload the web application files
Permissions → Unblock public access & edited bucket policy
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "PublicReadGetObject",
"Effect": "Allow",
"Principal": "*",
"Action": [
"s3:GetObject"
],
"Resource": [
"arn:aws:s3:::Bucket-Name/*" (give your bucket name)
]
}
]
}

Properties → Enable Static website hosting and copy the URL


(Ex: http://my-bucket-5566.s3-website-us-east-1.amazonaws.com/)

Now open CloudFront and create a distribution

Origin domain → Copied URL from S3


Protocol → HTTP only
Viewer protocol policy → Redirect HTTP to HTTPS
Web Application Firewall (WAF) → Do not enable
Default root object → index.html
All the other values set default and Create

Now for deploying it will take time as your application will be stored in all edge locations.

Now copy the Distribution Domain Name and search it in the URL, the application that you
hosted in S3 will be redirected through CloudFront service

-------------------------------------------
15/07/2023 - Elastic File System
-------------------------------------------
Elastic File System → File Storage Service

1. Server Level Storage → Elastic Block Store (Volumes)


2. Server Less Storage → S3, Glacier, DynamoDB
3. File Level Storage → EFS → NFS

You can mount a file system into your virtual instance and share it with other instances in the
same network

Step1: Launching an Instance (Linux/Ubuntu/RHEL/SUSE)


Step1: Choose AMI
Step2: t2.micro
Step3: VPC
Step4: Storage
Step5: Key Pair
Step6: Security Group(EFS-SG) →
SSH(Custom)
All Traffic (Anywhere)
NFS (Anywhere)
Step7: Review & Launch

Step2: Create a file system


Click on Customized
Step1: File system settings
Name → My-EFS
Storage Class → Standard
Automatic backups → Disable
Lifecycle management → Default
Encryption → Enable
Throughput mode → Bursting
Performance mode → General purpose
Step2: Network Access
Virtual Private Cloud (VPC) → VPC (Same taken for Instance)
Mount targets → All Subnets (SG→ EFS-SG)
Step3: Optional
Step4: Review & Create

Step3: Connect your instance and mount the file system

For RHEL:
sudo su
sudo yum update -y
df -h (To see the history of disk folders)
sudo yum -y install git
sudo yum -y install rpm-build
git clone https://github.com/aws/efs-utils
cd /home/ec2-user/efs-utils
sudo make rpm
sudo yum -y install ./build/amazon-efs-utils*rpm
cd ..
mkdir srm (To create a new folder)
sudo mount -t -o tls fs-0d357ae5763bbf6e7:/ srm (Give the folder that you created)
(EFS → Attach → Mount via DNS → Copy)
df -h
cd efs (To change the directory)
Ls (To see the files)
touch fi f2 f3 (To create new individual files)

For Linux:
sudo su
sudo yum update -y
df -h
sudo yum install amazon-efs-utils -y
mkdir srm (to create a folder)
sudo mount -t -o tls fs:245235:/ srm (EFS → Attach → Mount via DNS → Copy)
df -h (to see the history)
cd efs (to change a directory)
ls (to see the list of files)
touch f1 f2 f3 (to create files)

Step4: Launch another instance and connect and run all the previous commands (up to mount
command) and see whether the files are shared or not

sudo su
yum update -y
df -h
yum install amazon-efs-utils -y
mkdir apssdc (to create a folder)
sudo mount -t -o tls fs-0d357ae5763bbf6e7:/ apssdc
df -h (to see the history)
cd apssdc
ls

------------------------------------
Stop/Terminate the Services
-------------------------------------

Compute
EC2 - Instances → Instance State → Terminate

Elastic IPs → Disassociate → Release the address

KeyPairs → Delete

AMIs → De-Register

Snapshots → Delete (Image → AMI template)

Launch templates → Delete template

Load balancers → Delete Target groups → Delete

Security Group → Apart from Default Security Group → Delete

Volumes → Delete

Auto Scaling groups → Delete

Storage

S3 → Open Bucket → Empty Bucket → Delete Bucket

EFS → Delete

Networking & Content Delivery

NAT Gateway → Delete

Peering → Delete

VPC → Delete (Apart Default VPC) → Subnets, Route Tables, Internet Gateway, Security
groups will automatically delete

Route53 → Delete Record → Delete Hosted Zone

CloudFront → Disable → Delete

Database

RDS → Delete

You might also like