본문 바로가기
반응형

[AWS]/Highly Available, Scalable, AWS Stack35

35. Intro: Deployment Welcome to module 7 and in this module you want to talk about deployment services and specifically elastic beanstalk. So this service is it is one of many services in AWS in this space deployment provisioning configuration management space. So these are services such as OpsWorks which is a configuration management type of service using Chef. So you can use your chef cookbooks and recipes and dep.. 2022. 2. 1.
34. [활용] Configure & verify app ## Signedurl PHP APP 설정 1) Cloudfront PrivateKey --> EC2 인스턴스에 설정 : 우분투 홈폴더 vi cf-private-key.pem 2) PHP APP 경로 지정 (3곳 변경) : Signedurl_image.php In this video let's configure the private key and the key pair ID that we created in the previous video. So remember we're talking about signed URLs here right and to use signed URLs right the application the PHP application that we have has to has to c.. 2022. 1. 31.
33. [활용] Restrict viewer access ## Signed URL 설정 방법 (일반 URL 작동, Cloudfront URL 작동 안함) 1) Cloudfront 에서 2가지 작업 필요 - Enable viewer restrictions (yes) - Setup Trusted signer (Self) 2) 내보안 자격증명 이동 - Create Cloudfront key pair 생성 (APP 사용 예정) So in this video let's see how do restrict viewer access. Right. And essentially what we're trying to do is turn on or enable signed URLs. Right. So after we are done with this configuration re.. 2022. 1. 31.
32. [활용] Restrict S3 access ## S3 접근 제한 방법 1) Cloudfront 에서 편집 - OAI 생성 -> S3 버킷정책 업데이트 (Cloudfront URL -> S3 이미지 액세스 허용) 2) 적용 약 20분 소요 3) S3 버킷 Permission 에서 생성 정책 확인 4) 객체에서 Public Access 권한 삭제 So in this video let's take a look at how to restrict access to the S3 bucket. Right. And what we want to do is we want to stop anybody from accessing the image directly from S3. Because we are using cloudfront and. And there's n.. 2022. 1. 31.
31. Intro: Private content ## 개인 콘텐츠 설정 방법 - 인증된 사용자만 사용 가능하도록 서명된URL 사용, 승인된 사용자만 접근 가능 - 서명된 경우만 응답하도록 CloudFront 구성 ## 콘텐츠에 액세스 할 수 있는 유일한 방법은 - S3 정책 생성으로, CloudFront에만 접속할 수 있게 허용 (OAI 허용) : S3 다이렉트 접근 불가 - Signed URL 사용 - s3_image.php (s3 접근불가) - cloudfront_image.php (s3 접근불가) - Signedurl_image.php (s3 접근가능) Welcome to module 6 in this module we're going to talk about private content. Right. So so far in this course.. 2022. 1. 25.
30. [활용] Configure and verify app ## RDS 와 읽기전용 복제본은 사용자 계정과 암호가 동일함 ## APP 엔드포인트 수정 1) /var/www/html/rds_rr.php 2) /var/www/html/memcached.php 3) /var/www/html/cloudfront_image.php All right so in the final video in this module let's configure the application. And in the in the application we have to set up the three elements right that we have created. So one is the memcache cluster. The other one is the read replica that we h.. 2022. 1. 25.
29. [활용] Setup CloudFront distribution ## CloudFront 활용 - APP 에서 CloudFront 를 통해서 이미지 가져오기 구성 1) 오리진 도메인 이름 선택 -> S3 URL 2) Price Class -> 원하는 지역 선택 3) 나머지는 기본값, 생성시 약 20분 소요 let's see how to set up the cloud front distribution this is remember a content distribution network. So basically we will distribute content faster to users around the world using the edge locations the network of edge locations that that AWS has right. And the.. 2022. 1. 25.
28. [활용] Create Memcached cluster ## Memcached 생성 ## 서브넷 그룹 생성과 보안그룹 설정 ## Memcached 엔드포인트 생성 ## EC2 에서 텔넷 접속테스트 성공 - set / get 명령어 테스트 All right so in this video let's see how to set up a memcached cluster. This is of course in the ElasitCache service right but ElastiCache has two options Redis and Memcached and. And we'll be setting up the memcached cluster and then using this throughout the course right. So what we need to do.. 2022. 1. 25.
27. [활용] Create RDS read replica ## DB 인스턴스 식별자에 -rr 을 접미사에 추가할 것. ex) phpapp-rds-rr (RDS DNS 엔드포인트에 자동 포함됨) OK in this video let's see how to set up the read replica. This is the RDS read replica. So this is let's say your primary RDS instance and what you can do is you can create a read Replica something like this and there'll be replication. We don't have to do anything once we create the replica the replication will be done.. 2022. 1. 24.
26. Intro: Scalability - data layer Welcome to Module five. In this module we will look at scalability once again but for the data layer right and by data layer we mean the RDS instance that we have where we have our my sql database like this one here. And we also mean the S3 bucket which has our images. OK. So the database and the image store are both data layers. And we need to consider scalability options for both. Let's start .. 2022. 1. 24.
25. [활용] Setup auto-scaling group ## 세션관리가 필요한 Auto Scaling 그룹 만들기 !! ( ASG 사용하면 ALB Sticky Session 이용안하고, DynamoDB 이용해야함) 1) Launch Configuration 생성 (Auto Scaling 항목 아래에 있음) - 기존 AMI 이용 - 기존 IAM Role 이용 2) ASG 그룹 생성 (위의 LC를 이용함) 3) ASG 그룹에서 ALB의 TG그룹을 연동 4) TG그룹에서 인스턴스 확인 가능 5) ALB DNS로 접속 테스트 6) 세션정보를 DynamoDB (중앙저장소) 관리 성공 OK so in this video let's set up our auto scaling group right. And we need to go through a series of ste.. 2022. 1. 24.
24. [활용] Create IAM role "Custom Policy 생성 getitem putitem updateitem Add - ARN " OK in the video let's set up the IAM role and this role will help our PHP application talk to the dynamodb table because dynamodb is an. AWS service and for the application to connect to the DynamoDB service and to access the tables and actions in that service the application needs permissions right. And the way to grant those permissions .. 2022. 1. 24.
23. [활용] Create sessions table in DynamoDB "이 값 이름은 PHP 애플리케이션에 하드코딩되어 있으므로 이 값도 동일하게 호출해야 합니다. 테이블 이름이 세션으로 설정되어 있는지 확인하고 기본 키를 ID로 설정하십시오." "기본적으로 DynamoDB 서비스에서 세션 테이블을 생성했습니다. 그리고 다음 비디오 세트에서 PHP 애플리케이션에서 테이블을 사용하는 방법을 살펴보겠습니다." OK in this video let us see how to create a session table. Right. This will be a table that our application will use to manage sessions centrally and we want to centralize sessions and so we create a session .. 2022. 1. 23.
22. Intro: Scalability - app layer ## 우리는 지난 시간에 로드밸런서 고정 세션을 사용합니다. 그리고 이것은 고정된 수의 서버에 적합합니다. ## 하지만 오토 스케일링을 사용하여 새로운 애플리케이션을 디자인하거나 애플리케이션을 다시 엔지니어링할 기회가 있다면, 세션을 처리하는 가장 좋은 방법은 이미지를 중앙 집중화하는 것처럼 세션을 중앙 집중화하는 것입니다. --> DynamoDB 및 IAM 역할을 활용 Welcome to Module four now in this module, we want to add scalability to our application, right? And we look at the application layer in this module and in the next one, we look at the scal.. 2022. 1. 23.
21. Configure sticky sessions 로드 밸런서는 쿠키를 사용하여 자체 쿠키를 사용하여 단순히 고정되도록 만드는 것임을 기억하십시오. 응용 프로그램 세션에 대해 아무것도 모릅니다. 여기에서 두 가지 다른 일이 일어나고 있으며 동기화해야 함을 이해하십시오. "로드 밸런서 세션 고정"과 "고유한 애플리케이션 세션 고정" In this video let's set up sticky sessions right. And let us start by understanding what the problem is. Right. And the problem is that when the user goes to the load balancer. Right and the load balancer will send this user to one server i.. 2022. 1. 23.
20. Setup load balancer This video let's see how to create a load balancer so the way we do this is will run through the launch sequence of the load balancer and there are a few things we'll have to configure. First we have to make sure that we use the application load balancer which is good for things like http and https load balancing. OK. Next we'll have to make sure that the load balancer comes up in the default VP.. 2022. 1. 23.
19. Configure & verify application OK in this video that's the how to configure the application. With the URL of the S3 image right. So this is the URL of the S3 image and also the endpoint the DNS endpoint of the RDS instance that we have. Right. And we need to configure these in our PHP application so that so that the application can talk to RDS and it can also use the image from S3. It can also use the image from S3. So the UR.. 2022. 1. 20.
18. Centralize images in S3 OK so in this video let us see how to create a bucket. Right. This is the S3 bucket and here we want to upload an image the image that we have in our application. The AWS icon image. And then we also need to make the image public so that we can access it because remember S3 has a security layer. Right. And by default all content is private, the access is denied. So we need do we need to make thi.. 2022. 1. 19.
17. Separate db tier OK so in this video let's launch our RDS instance this one. And once we launch this will connect to the instance from our EC2 instance using my sql client I'm using my sql client. So let's start with this launch and then once we verify the connectivity then we can configure this RDS instance in our application. In a later step in this module and then test out our application as well. OK. So the .. 2022. 1. 19.
16. Intro: Fault tolerance - multi-tier architecture Welcome to module 3, in this module we want to look at fault tolerance But for a multi-tier stack. Right. So in the previous module we looked at a single instance stack. Right. And this was a Essentially the PHP application with the mysql database in the same server. Right. And here we saw that although we have some options for recovering from different kinds of failures in in many of these opti.. 2022. 1. 19.
15. Recovery: Availability zone failure In this video let's see how to recover from an AZ failure. So the AZ availability is on has failed. Right. And this could be because of say a power supply problem or say the Internet connection into the availabilities on has failed or something like that. Right. And we're not able to access our services in this availability. So OK. And so we have to do something where we recover into a different.. 2022. 1. 19.
14. Recovery: Volume failure This video let's see how to recover from a volume failure. Right. And specifically we're talking about the data volume failure because this has are available data right we don't care so much about the root volume because the Rupali is already backed up in the AMI. Right. And the software doesn't change so much that the data is what changes very frequently and and the snapshotting that they do is.. 2022. 1. 19.
13. Recovery: Instance failure All right so in this video let's see how to recover from of instance failure. So. So here let's say are EC2 instance fails. But the obvious one to you especially the data was fine. Right. Also the easy availability zone is fine as well. So how do we recover in this scenario. So what we have to do is we have to create a replacement instance. Right. And this instance has to be in the same zone. Ri.. 2022. 1. 18.
12. Prep for recovery: Create AMI & EBS snapshot All right in this video let's see how to do the last two items in our list of checklist here. It's all for preparation as preparation for recovery. And these are create the AMI and also create the EBS snapshot. Right. So remember the purpose of the AMI is to help us create a replacement server so we can use this AMI and we can create a replacement for instance. And this could be in the same avai.. 2022. 1. 18.
11. Prep for recovery: Configure Elastic IP address All right in this video let's see how to configure the elastic IP address right so this one here and it's a very simple thing. It's a two step process. The first step is to allocate so we allocate which means we request AWS to issue an elastic IP address to our account. Right so this is always allocated to our account which means that we can attach this elastic IP address or associate the elasti.. 2022. 1. 18.
10. Prep for recovery: Configure MySQL to use data volume # SSH into your EC2 instance and run following commands: #Stop mysql: sudo systemctl stop mysql # Copy mysql db to /data, mount point of data vol, note that file permissions are also copied: sudo rsync -av /var/lib/mysql /data # Edit mysql config to change datadir, edit /etc/mysql/mysql.conf.d/mysqld.cnf: sudo vi /etc/mysql/mysql.conf.d/mysqld.cnf datadir=/data/mysql # change datadir to this # E.. 2022. 1. 18.
9. Prepare for recovery: Configure data volume # SSH into your server, after you have attached the data volume to the instance # Check if data volume exists, device with name xvdf should exist: lsblk # Install file system on data volume sudo mkfs -t ext4 /dev/xvdf # Create mount point: sudo mkdir /data # Mount the volume to the mount point: sudo mount /dev/xvdf /data # Add this line to /etc/fstab, so volume is mounted after reboot: sudo vi /.. 2022. 1. 18.
8. Install MySQL server on EC2 instance # Run following commands after you SSH into your server # install mysql-server package, you will need to enter a password, twice. Remember this password sudo apt-get install mysql-server # test mysql server installation mysql -u root -p # exit mysql mysql> exit # edit localdb.php page with mysql server user and password, user should be root and password will be what you setup in the installation.. 2022. 1. 18.
7. Intro: Fault tolerance - single instance architecture Welcome to module 2, in this module will look at fault tolerance for single instance architectures what we mean by single instance architecture is that you have the PHP application right. And then you have the mysql. server right also the Apache web server right. All in the same in the same instance. And and we want to look at how to recover from different types of failures. Right. And this arch.. 2022. 1. 17.
6. Create AMI https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/creating-an-ami-ebs.html Create an Amazon EBS-backed Linux AMI - Amazon Elastic Compute Cloud Create an Amazon EBS-backed Linux AMI To create an Amazon EBS-backed Linux AMI, start from an instance that you've launched from an existing Amazon EBS-backed Linux AMI. This can be an AMI you have obtained from the AWS Marketplace, an AMI you have cre.. 2022. 1. 17.
반응형