aws ec2 init setup
Contents
the 5 pillars of aws weel-architected framework Identity and access management Elastic Load Balancer (ELB)
ASW ec2 init setup
Managing User Accounts on Your Linux Instance
1 | [ec2-user@ip-172-31-17-193 ~]$ sudo -i |
ssh to aws without key pairs
1 | vim /etc/ssh/sshd_config |
set root login
1 | vi /root/.ssh/authorized_keys |
the 5 pillars of aws weel-architected framework
- Operationa Excellence
Design Principles:
- Perform operations as code
- Annotate documentation
- Make frequent, small, reversible changes
- Refine operations procedures frequently
- Anticipate failure
- Learn from all operation failures
Best practices:
Operations teams need to understand their business and customer needs so they can support business outcomes.
Ops creates and uses procedures to repond to operational events, and validates their effectiveness to support
business needs. Ops also collects metrics that are used to measure the achievement of desired business outcomes.
- Security
Design Principles:
- Implement a strong identity foundation
- Enable traceability
- Apply security at all layers
- Automate security best practices
- Protect data in transfit and at rest
- Prepare for security events
The AWS Shared Responsibility Model enables organizations to achieve
security and compliance goals.
- Reliability
Design Principles:
- Test recovery procedures
- Automatically recover from failure
- Gtop guessing capacity
- Manage change in automation
- Performance efficiency
Design principles:
- Democratize advanced technologies
- Go global in minutes
- Use serverless architectures
- Experiment more often
- Mechanical sympathy
- Cost optimization
- Adopt a consumption model
- Measure overall efficiency
- Stop spending monty on data center operations
- Analyze and attribute expenditure
- Use managed services to reduce cost of ownership
Identity and access management
IAM overview
AWS API
Access ID + secret key
CLI, SDKs and Management console call API.
Users
- Are created and exist within IAM service
- Login to management console
- Can have long-term access keys
Elastic Load Balancer (ELB)
Spread traffic algorithmically
- Application Load Balancers
- Application Layer
- HTTP/HTTP traffic
- Two appealing features
- Dynamic host port mapping
- Docker containers listening on the same port
- Set hostPort to 0
- Host picks ports in ephemeral port range
- Path-based routing
- Classic Load Balancers