Learn how to implement a highly available and reliable application architecture using the patterns and best practices recommended by AWS. In this course, Architecting for Reliability on AWS, you will first explore the key concepts and core services of AWS. Next, you will follow along step-by-step to implement a real-world application that is built with the reliability principles defined within the AWS Well Architected Framework. Finally, you will learn how to further increase the reliability of an application architecture on AWS by implementing multi-region solutions. By the end of this course, you will have a variety of AWS architecture skills for the real world.
Course Overview Hey everyone. This is Mike Pfeiffer, and welcome to Architecting for Reliability on AWS. In this course, we'll work together to implement a highly available and reliable application architecture using the patterns and best practices recommended by AWS. To get started, we'll take a look at key concepts and course services when it comes to working on AWS, and you'll learn how to set up foundational services like identity and access management, how to enable and review audit logs, and how to set up alarms and notifications. Next, we'll move onto learning some of the common architectural patterns used every day by real-world AWS solution architects to build reliable systems and to implement fault tolerance into an application architecture running on AWS. Throughout the rest of the course, we'll work step by step to build up an application architecture across multiple Availability Zones within an AWS Region, and you'll learn how to properly design and deploy a virtual private cloud environment consisting of redundant database instances along with autoscaling groups that power a load-balanced web application. We'll also discuss how to further increase the reliability of an application architecture on AWS by implementing multi-region solutions for disaster recovery in global scale. So whether you're looking to pick up AWS architecture skills for the real world, or you're just preparing for AWS's certification, you're definitely in the right place, and I look forward to working with you as we explore how to architect reliable applications on the AWS cloud platform.
Key Concepts and Core Services Before we jump into the AWS Console and start setting everything up to support our highly available application and our reference architecture, we first need to take a look at some key concepts and core services. So in this module, we're really going to look at how do we set up our account the right way, and how do we leverage some of these core services to make sure we're doing things right? So we're going to start things off by taking a look at the Identity and Access Management service, the IAM service. This is a core security service in the AWS platform, so we'll set this up and make sure that we're following security best practices. From there we'll take a look at audit logging with a service called CloudTrail. This will give us the ability to see anything that's changed inside of our AWS account regardless of who it was or where it was inside the global infrastructure. From there we'll take a look at how we can configure alerts with a service called CloudWatch. CloudWatch is a native monitoring service within the AWS platform, and we can use it alert us when things go wrong, so we'll see how to set that up. We'll talk about the important concept of protecting from distributed denial-of-service attacks using a service called AWS Shield. We'll see how to implement change management with a service called AWS Config. This'll help us ensure that our systems are compliant with the desired configuration that we've set up. And then finally, we'll talk about managing service limits. There are some soft limits, as well as hard limits, and I'll show you how you can manage those inside your AWS account. So that's the game plan for this module. Let's go ahead and jump into the first video, and we'll start talking about the IAM service.
Architecting for Availability and Fault Tolerance Before we start building a bunch of infrastructure to support our reference architecture, we first need to understand some of the architectural patterns and practices when it comes to architecting for availability and fault tolerance, so that's what this module is all about. So in this module, we're going to start off by talking about the AWS global infrastructure. We'll focus on Regions and Availability Zones. Those are core architectural components that we need to have a good understanding of when it comes to building a reliable and fault- tolerant application architecture. Once we're clear on what Availability Zones are and how we use them, we'll take a look at how we launch EC2 instances, which are just virtual machines, into an Availability Zone. So how do we explicitly launch a virtual machine into a specific Availability Zone within a Region? From there, we'll take a look at some high-level concepts and patterns when it comes to eliminating single points of failure. We'll discuss the difference between horizontal and vertical scaling. We'll talk a little bit about architecting with services instead of servers. And at the end of the module, we'll talk about a design pattern called loose coupling that we can use to build resilient and reliable application architectures in the cloud.
Architecting Reliable Virtual Networks In this module, we're going to take a look at Architecting Reliable Virtual Networks in the AWS Cloud. So we'll kick things off by taking a look at the virtual private cloud, the VPC service, and we'll talk about what we're actually going to build to support our application architecture throughout the rest of this course. We'll see how we create custom VPCs with public and private subnets, how the routing works, how we make sure the instances can get out to the internet, and things like that. We'll also take a look at how we actually add subnets to an existing VPC. So we'll first create a custom VPC, and then we'll see how to add additional public and private subnets to an existing VPC. We'll take a look at how we can get outbound internet access from our VPC using NAT Gateways. And then we'll take a look at implementing a load balancer in a VPC so we can access our web application over the internet. At the end of the module, we'll take a look at hybrid networking with Amazon VPC, and this is essential for those hybrid cloud scenarios which many enterprises will deploy going forward. So that's the game plan for this module. Let's jump over to our virtual private cloud overview, and we'll talk about what we're going to build.
Architecting a Multi-tier Application In this module, we're going to take a look at some of the patterns and practices when it comes to architecting a multi-tier application on AWS, and we're going to start to build out the reference architecture for our application. So we're going to kick things off by configuring the security groups for the app and data tiers of our application. So the app tier is going to be comprised of servers running WordPress. Those are going to be web servers. And then the data tier is going to be a set of RDS database instances. Once we have the security group implementation set up, we'll go ahead and build the data tier with the Amazon RDS service, so we'll have a master/slave type of set up across two different Availability Zones for high availability. From there, we'll set up shared storage using the Amazon Elastic File System, or the EFS service, so we can have shared storage between our EC2 instances. We'll build up some WordPress servers running on EC2 instances, and we'll set those up behind our existing load balancer, the application load balancer that we built in the last module, and we'll test that out. I'll also show you how to register a domain and set up DNS with the Amazon Route 53 service. This is going to be an optional step for you, but I'll show you how it works. And this is something that you might do in a production environment. And then finally, I'll show you how to set up an SSL certificate, a managed SSL certificate, from AWS that's free that we can attach to the elastic load balancer. So we have a lot of work to do in this module. Let's go ahead and get started.
Minimizing Risk with Deployment Automation Up to this point, we've done a lot of things manually, but in this module, we're going to take a look at minimizing risk with deployment automation. So to get things started, we're going to take a look at automating deployment with auto scaling groups. This gives us the ability to elastically scale out and scale back in based on resource utilization for the application that we're building. So with auto scaling groups, we can scale based on a schedule, we can scale manually, but we're going to take a look specifically at how we build out the policies to scale based on something like the CPU utilization on our servers. We'll take a look at how auto scaling groups give us the ability to automatically self heal servers that become unhealthy, that have issues, where the application breaks. We'll validate that our highly available architecture can sustain an Availability Zone outage. Then we'll talk a little bit about how we can do complete automation from an infrastructure perspective using declarative templates in the CloudFormation service. And then we'll see some common automated deployment patterns that are used in the real world to release application updates and to deploy multiple versions of your infrastructure and your application. So we've got a lot of cool stuff to take a look at in this module. Let's go ahead and get started.
Architecting Multi-region Solutions In this module, we're going to take a look at how we can add even more reliability to our application by utilizing another Region or multiple Regions in the AWS Cloud platform. So throughout this module, we're going to take a look at a variety of different architectures that make use of multiple Regions. One of those architectures is a pilot light architecture that we can manually failover to in the event of an issue. We've also got a warm standby architecture that we'll take a look at. And in addition to that, we'll talk about the active-active multi- region architecture scenario. And as we move through the final clips in this course, we'll take a look at working with the Route 53 service, which is an essential service when you're working with multiple regions in AWS. So we'll see how to create health checks in Route 53, and then we'll see how to create and test failover record sets, which is one of the routing policies that we've got in Route 53. So we've got some really cool stuff to take a look at in this module. Let's go ahead and get started.