Any owner of a large web project needs to choose a powerful, highly resourced cloud platform allowing the site to work at the proper level, without failures, crushes, and other problems of the same sort. Our team has huge experience in the web and mobile development area, and therefore we can safely give you our professional advice on such a difficult issue. And we recommend Amazon AWS services.
AWS software is a reliable and effective solution that meets all the requirements of the high-loaded portals needing scalability. But what are Amazon AWS services? And how does AWS work? In our article, we’ll answer these and many other questions. You’re going to learn AWS main benefits and figure out the best way to use Amazon technology to your advantage.
What is AWS technology?
Okay, what is an AWS server? What are its benefits? We’re ready to marshal the issue in order.
What does AWS mean?
First of all, let’s answer the simple question: what does AWS stand for?
AWS means Amazon Web Services. The company appeared back in 2006, and initially, investors doubted Jeff Bezos's decision (who is its CEO): after all, before that, Amazon was engaged in e-commerce and had no experience in cloud technologies. However, 10 years later (in 2016), Bezos proved his case: AWS had brought 12.2 billion dollars with a profit of 3.1 billion dollars in 2016.
So, we’re obviously talking of Amazon AWS global server which has gained great popularity and boasts excellent performance.
What is AWS used for?
The next key question is this one: what does AWS do? When and how should you take advantage of it?
The Amazon company sees its product as a “cloud computing service”. But, of course, AWS features aren't limited to the computational function. In addition, the following services are provided:
-
information repository including file hosting & distributed data storage;
-
security and protection system;
-
virtual server rental;
-
computing (yes, you can't get rid of computing either, because it is also one of the AWS web services);
-
artificial intelligence service;
-
statistics collection and data analysis;
-
Internet of Things platform.
And the above list is by no means complete, the company is constantly expanding its AWS cloud services to please users with new amazing features.
Who is AWS aimed at?
As we've already said, AWS managed services are primarily focused on highly loaded resources, which need a powerful cloud solution and substantial technical support.
The list of Amazon’s clients is truly impressive and includes such well-known names as the New York Times, Netflix, Nasdaq, Twitter, and many others. All of these companies decided that reinventing the wheel wouldn't be a good and profitable idea, and it’s much better to take advantage of a turnkey solution (i.e. AWS infrastructure). Acting in such a way, they can spend the time they've saved on scaling and developing their own business.
By the by, speaking of AWS cloud infrastructure…
AWS infrastructure
Discussing this issue, one cannot but mention AWS CloudFormation - a special tool providing a universal language solution that is good at describing and allocating all resources in the cloud. AWS CloudFormation itself is free, you only have to pay for access to the AWS tools needed to run applications and websites.
The infographics below illustrate how AWS CloudFormation works.
And now it’s time to discuss AWS benefits. We’re going to describe 10 of them.
#1. Flexible monitoring system
In order for the site to be clockwork, its owner must remain vigilant and carefully track various parameters characterizing its operation - in other words, he should constantly monitor his resource. The Amazon company offers an effective monitoring and alerting solution consisting of two main technologies - AWS CloudWatch and SNS.
Let's discuss them in order because they’re quite important for understanding AWS basics.
AWS Cloudwatch
AWS CloudWatch can only be used in an Amazon environment with Amazon EC2.
And before proceeding to the next point, we want to discuss Amazon EC2 at greater length because we’ll mention it more than once in our article.
Amazon EC2 means Amazon Elastic Compute Cloud, it's a part of the AWS cloud infrastructure offering computing web tools. Amazon EC2 helps you establish control of all computational processes without excessive expenditure of your own resources and provides an intuitive interface to work with. Speaking of AWS EC2 cost, we might say that Amazon provides a free trial version, after which the user should choose a convenient payment option (among 4 ways to pay).
So, going back to AWS CloudWatch: the technology provides statistics and creates charts describing the workload level of cloud services. Amazon EC2 needs such data to perform various kinds of computational processes (we'll describe them below).
Suppose, you've deployed an information infrastructure in the AWS cloud management system, and you have servers, processes, and services you'd like to monitor (that is, to monitor the important parameters of their work). This is the very problem AWS CloudWatch can easily solve.
AWS CloudWatch tasks:
-
AWS Cloudwatch alarm, in other words - monitoring and notification of responsible employees. Let's say you have a server running internal processes which generate various kinds of load on the server's subsystems: the processor, memory consumption, disk usage. etc. You may use AWS Cloudwatch features so that your system administrator or project manager is notified when memory consumption rises to a certain level (70% or whatever). Having such data, you're able to figure out the nature of the load and analyze the ways to reduce it.
-
Responding to a change in AWS Cloudwatch metrics. First of all, it’s meant to initiate the process of increasing the reliability of the server by performing autoscaling of production capacity. Imagine that the load on your website has suddenly been increased, which led to server capacity constraints (it means the server is no longer able to ensure your resource's smooth operation). And in this case, CloudWatch initiates the autoscaling process. But we'll talk about these autoscaling AWS features later and in more detail.
As we’ve said earlier, AWS Cloudwatch works in conjunction with the SNS service.
SNS
SNS means the Amazon Simple Notification Service and offers a clear way to organize internal corporate and mobile messaging in a complex network. The program is focused on sending messages “en masse” (namely, in large quantities) - anywhere and with SMS & email support.
If this isn’t enough, it offers paid subscriptions with greater possibilities. The service itself is designed to work perfectly well with other AWS tools.
AWS CloudWatch + SNS
So AWS CloudWatch determines what action needs to be taken, while SNS selects the optimal channel for notification.
The main channels to receive notifications SNS can work with include email, push messages, SMS, and web hooks. And by the way, using web hooks allows integrating with any other notification service, such as a phone call or something of the sort.
#2. Speeding up Content Delivery
Among various AWS cloud services is the one aimed at increasing the speed of content delivery.
Let’s discuss it!
Content Delivery Network, or CDN, allows speeding up content delivery from a web server (AWS web server in our case) to the end-user. This is done through territorial separation of content between numerous servers in different parts of the world. Thus, the client from, say, South Africa, will be getting content from the server closest to him (namely, from the one located in South Africa too, not in Frankfurt or California).
In addition, such a solution allows increasing the reliability of content delivery, in particular, during the period of Distributed Denial of Service (DDoS) attacks on a web resource.
Read more about CDN and how to use it in our article.
In the case of Amazon, the CDN is implemented through the CloudFront tool which seamlessly integrates with other AWS web services and supports 2 types of distribution:
-
Download, focused on static content (images, js, CSS).
-
Streaming, aimed at broadcasting audio/video content. The main difference is the possibility to stop playback, i.e. press pause, rewind back. You can also insert ads in certain places of the broadcasting process.
#3. Convenient mail and mailing lists
Of course, the resource cannot do without a reliable mail system, and AWS managed services have solved the problem just perfectly. In fact, it’s important to consider 2 points in such respect.
Promotional Email Campaign / Bulk Emailing
Amazon offers a convenient email campaign service named SES.
AWS SES (Simple Email Service) is aimed at sending mass or regular emails without the need to set up your own mail server and without fear of being included in the blacklist of senders.
AWS SES Objectives:
-
e-commerce services (updating the order status, notification of delivery, confirmation of purchases);
-
marketing services. SES can also be used to promote a product or service, distribute advertisements, newsletters, and other advertising campaign initiatives.
Why is SES so good?
In practice, the use of this AWS management service allows you to minimize the fuss with the settings of your personal mail server, especially when you want to organize mass mailing. The fact is that effective mass mailing requires compliance with the following parameters:
-
the sender's domain (say, @agilie.com) must have a set of special DNS records;
-
the mail server sending letters on behalf of the mentioned domain should be properly configured;
-
server’s IP must have a high reputation.
SES provides the above-mentioned conditions necessary to ensure that letters resembling spam (and advertising letters clearly resemble it) freely pass through global and corporate spam filters on the recipient side. Thus, SES significantly increases the chance of letter delivery and raises the 'open rate messages' indicator.
SES can also be configured to receive mail at terms convenient to you. In particular, you may define a recipient (or group of recipients) and specify what Amazon SES should do when getting his (or their) email.
BTW!
-
To work with SES, you must have access to the DNS records of the domain, on behalf of which the mail should be sent;
-
You may connect any mail software which works with the SMTP protocol to SES (so almost any mail program).
SES integrates with various AWS solutions such as Amazon WorkMail.
AWS WorkMail
Amazon WorkMail is an email web interface similar to Gmail in terms of functionality. It is one of the AWS services in really high demand. Amazon WorkMail helps send and receive mail without the need for complicated mail server settings. A user only needs to have an acquired domain name and access to manage its DNS records.
WorkMail is a typical mail service with the possibility to set up rules for sorting mail and connecting an email client. Its main AWS features include:
-
the ability to work both in the webmail version and through email clients which support the IMAP protocol (Microsoft Outlook, Apple Mail, Mozilla Thunderbird, etc.).
-
good mailbox volume. The maximum mailbox size per user is 50GB. The maximum letter size (outgoing or incoming) is 25 MB.
-
convenient domain registration. By default, WorkMail registers a domain like "%customdomain%.awsapps.com". However, you may use your own domain either: but, as we said, you need to be able to manage the domain's DNS records to implement this feature.
-
Microsoft Active Directory accounts support, which is convenient for Microsoft infrastructure users.
-
data encryption using standard SSL (during the processing of mail requests). The web application also uses SSL.
-
scanning all incoming and outgoing emails for spam, malware, and viruses. It helps protect customers from receiving unsolicited email.
#4. Unlimited AWS Cloud Storage
Unlimited AWS cloud storage is, too, the undoubted benefit of the Amazon system.
So, the company Amazon has developed an excellent solution to the problem of storing files - AWS S3, a cloud-based file object storage (in addition to block storage). It allows storing any number of files on the Amazon disk space. By the by, AWS S3 can be accessed from any server, even if it isn’t deployed in an AWS infrastructure.
The way to use AWS S3:
-
traditional AWS cloud storage. AWS S3 acts as reliable and safe data storage from which files can be extracted at any time you need.
-
backups. AWS S3, again, acts as data storage, which can be quickly extracted by the server (talking of data needing saving, we mean the content and database of a site). Using AWS S3 as disk space for backups in conjunction with AWS EC2 gives data storage reliability.
-
Glacier storage, a special type of long-term (and affordable) file storage. Its peculiarity is that the cost of a gigabyte of storage is much lower than its cost in ordinary AWS S3 storage. Unfortunately, the user has to sacrifice speed and wait a few tens of minutes to extract files.
In general, S3 currently has 4 data storage classes:
-
Amazon S3 Standard (the general-goal storage of the most popular (ie, requested) data);
-
Amazon S3 One Zone-Infrequent Access (storage of the long-term data which is not so popular and requested);
-
Amazon S3 Standard-Infrequent Access (another useful file storage type);
-
Amazon S3 Glacier (remember the available version of long-term data storage?).
#5. Automatic scaling of infrastructure
We've already mentioned it in the 1st paragraph of our article and promised to supplement our short description with new details. And the time has come to fulfill our promise.
It's about AWS Autoscaling in conjunction with Load Balancing, which is the automatic scaling of the AWS server/service infrastructure and the efficient load distribution.
How does it work?
AWS autoscaling allows adapting the performance of servers and resources hosted on Amazon to a dynamically changing load. Providing that the load exceeds a predetermined threshold value, scaling is automatically performed which leads to creating an additional server or another resource with similar settings and data.
On the other hand, Load Balancing ensures that the load is being evenly distributed between existing servers. When the load is again reduced, the extra servers and resources are automatically deleted, and only the necessary minimum remains to guarantee the normal operation of the service. The behavior of AWS Autoscaling and Load Balancing can be configured manually at any time, based on needs.
As you remember, the system works in conjunction with AWS CloudWatch which monitors the set parameters and responds according to the configured algorithm.
An example of AWS Autoscaling & Load Balancing working
The simplest example of how these AWS components work together is a website hosted on an AWS EC2 or AWS LightSail server. At some point, the activity of site users may increase, with the result that the server load will also be increased.
In the case of an ordinary server, the increased load is able to cause server unavailability and web resource inoperability. If we're talking about the work of “AWS Autoscaling + Load Balancing”, the problem with the increased load will be automatically resolved without the intervention of a system administrator or DevOps. Their help won't be required, since a mirror server will be created, and the traffic between the two servers will be evenly distributed. Consequently, the site will continue to work in a normal mode.
#6. DNS Records Management
First of all, we'd like to explain that DNS resource records reflect the accordance of the name with the service information in the Domain Name System. Say, the accordance between the name and the IP address, name, host data or location, etc.
In Amazon, DNS records are being managed through AWS route 53. The main advantage of the technology discussed is the possibility to implement the process without leaving the AWS console. It would come in handy when working with hosting or if you want to make settings in the domain resource records in a matter of minutes.
AWS Route 53 provides 3 tools at once:
-
domain name registration service. It would be helpful if the user wants to buy a domain, such as bestcompany.com;
-
DNS records control panel which allows editing the resource records related to the domain you own;
-
DNS name server.
We'll explain the principle of AWS route 53 operations by the example of our own site. So, we have a domain (agilie.com) and a hosting server with a particular IP address (78.46.57.131). This is where our web server and all site content are located. And, of course, we want to make sure that the user, by typing "agilie.com" in the address bar, sees our content which we've placed on the 78.46.57.131 server.
To make it true, we need to add a corresponding record in the DNS control panel, which links the domain name (agilie.com) with the IP address of our hosting (78.46.57.131). Such a record is called A record.
Access to the DNS control panel is provided by the domain registrar. In addition, we have a choice and are allowed to delegate responsibility to the AWS management system. This is about AWS route 53, of course.
In order to spread the information about the new A record to all DNS servers, Route 53 works as a standard DNS. In other words, our data goes to the upstream DNS servers according to the unified hierarchy of domain name servers of the worldwide DNS system.
Of course, AWS route 53 allows us to operate with other resource records either; we mean such records as AAAA, CNAME, NAPTR, SOA, CAA, MX, TXT, etc.
And one more nice bonus: you may delegate to the Route 53 service the management of DNS records of any domain which has not been purchased through Amazon.
#7. Docker image storage
Docker is open-source software, the principle of which is easiest to compare with shipping containers.
Agree, the appearance of containers allowed people to carry out joint transportation of incompatible, it would seem, products: bricks and glass, chemicals and food, and much more. The same applies to the IT area. When you develop an application or website, you need to provide the code along with all its components, such as libraries, servers, databases, etc. And you may find yourself in a situation where the app (or web resource) is running on your computer but fails to work on a user's device. That's when dockers come to the rescue.
The fact is they help us divide the OS kernel into different docker containers working as separate processes. The approach isn't the only one but it's the most popular and sought after.
Now let's go back to AWS cloud services. The Amazon platform solves the problem of storing Docker images through AWS ECR technology. But what is this technology aimed at?
AWS ECR (Elastic Container Registry) makes it possible to store Docker containers' images in a single place which is always at hand and can be reached anywhere in the world via the Internet. AWS ECR is actually the equivalent of the Docker registry, which is accessed by the login details of the AWS Console.
IAM integration (IAM means Identity and Access Management) ensures control over each repository at the level of access to resources. Such a registry is convenient for administrators and developers who implement DevOps methodologies and Docker technologies in their projects.
A couple of AWS ECR features:
-
Storing the image in AWS ECR can be done with a simple docker push command;
-
Removing the image from the Registry should be implemented via the docker pull command;
-
Authentication is done through the standard docker login command;
-
AWS ECR successfully integrates with the AWS ECS service, which makes it possible to use the Docker image registry in conjunction with the containerization service running on EC2.
#8. Access to data from anywhere in the world
To provide secure access to information from anywhere in the world, as well as to protect data from unauthorized use, Amazon takes advantage of the OpenVPN program which cooperates well with AWS EC2.
We think it'd be in handy to tell more about several topologies, which Amazon AWS technology helps to bring to life:
-
Site-to-site topology. Imagine that a company has several offices divided geographically (located in different parts of the country, region, it doesn't matter). Understandably, such an organization would want to integrate these locations into a single corporate-wide network and connect local networks together. That's what site-to-site topology is aimed at! A VPN connection is established between office routers, it is in a permanent connection state and doesn’t require actions from the end-user. OpenVPN can be deployed on the router itself, or inside the local network.
-
Remote Access VPN topology. In this case, we're talking about providing an employee of the company with remote access to an information resource (be it a corporate website, database, etc.) from anywhere in the world. At the same time, the resources remain hidden with VPN which provides protection against unauthorized access. The requested site can be located both inside the office LAN and in the cloud system. Access to the resource becomes possible only after a VPN connection is established directly from the client device. Remote Access VPN helps to connect different users to the network. It can be convenient in cases where the company has many employees who need to get remote access to a corporate resource.
Whichever topology is chosen, data exchange takes place through an encrypted tunnel in any case. Access to the VPN server is restricted through Amazon AWS security groups reinforced by software firewall rules. Information encryption takes place using VPN over IPSec technology.
#9. Hosting a gaming server
The gaming industry is actively developing, trying to meet the demands of exacting users who crave to get more and more complex multilevel games. However, such games require a special approach, in particular, they need high-top technical and software support. And Amazon AWS web server offers resource owners such support, a very powerful tool named AWS Gamelift.
AWS Gamelift allows using Amazon’s automatically scalable production capacity to host game servers and multiplayer. To take advantage of this AWS technology, you must have the installation files of the multiplayer platform of the game you're planning to host. In fact, a set consisting of AWS EC2 and game installation files is being used.
AWS Gamelift features:
-
tools helping to analyze performance and adjust scalability of a load-oriented infrastructure;
-
cost optimization with EC2 Spot Instances;
-
the possibility of organizing game slots that correspond to player sessions;
-
automatic scaling of the number of servers;
-
ensuring the lowest delay in transferring packets from the server to the player and back;
-
built-in protection against common DDoS attacks at the network and transport layers.
Amazon offers clients to personally verify the effectiveness of the above AWS features. Amazon GameLift can be quickly tested using the built-in game sample included in the Amazon Lumberyard download package. In fact, the sample is an example of a multiplayer game project called MultiplayerSample, with which you may test and evaluate the service.
#10. Ready-made virtual servers
VPS (Virtual Private Server), as well as VDS (Virtual Dedicated Server), provides a user with a virtual server of a very special type. VDS and VPS emulate the work of a real physical server. Moreover, a few individual virtual servers run on a single physical server.
A virtual dedicated server is needed to ensure additional security or when using non-standard technologies. Such solutions are also needed by highly visited and loaded resources.
Amazon AWS tools include a great solution, AWS Lightsail, a fixed-price, preconfigured server provisioning service.
Amazon offers 2 types of ready-made virtual servers: 1) OS + pre-installed software; 2) net operating system.
Also, the Amazon AWS management platform provides independent solutions aimed at different server operating systems (take a look at the picture below to get a clue of what we mean!).
There are also ready-made AWS solutions with various pre-installed software, such as:
-
Windows SQL Server 2016 Express;
-
popular CMS WordPress, Joomla, Drupal, Magento;
-
software focused on other goals: Gitlab, LAMP, LEMP, Redmine, Node.js
-
Plesk Hosting Control Panel on Ubuntu.
Access to servers is possible both in the classical way (via SSH or RDP client), and with the help of AWS new services provided only for Ligtsail servers, namely, through the server console in a web browser. Just as in the case of AWS EC2, it is possible to change a variety of server parameters and monitor the main server subsystems displayed in a separate tab.
Summary
Now you know how to use AWS properly. Of course, Amazon isn't the only cloud platform solution but we've done our best to prove its effectiveness and reliability.
In addition, knowing that users often google such a question as “AWS, what's new?”, Amazon employees are working on constant improvements to their AWS software.
So, by choosing Amazon AWS services, you also choose a secure, multifunctional, intuitive cloud platform, which evolves in accordance with the necessities of the times.