Saturday, 25 February 2023

CloudWatch And CloudTrail

 
AWS CloudWatch collects monitoring and operational data in metrics, logs, and events, which it then visualizes using automated dashboards to provide a unified view of your AWS applications, resources, and services. CloudWatch can collect monitoring and operational data in both AWS and on-premises environments.

What is the difference between CloudWatch and CloudTrail?

  • CloudWatch is a tool provided by Amazon Web Services that monitors and reports on the performance of various AWS resources and services.
  • CloudTrail, on the other hand, is a log of all actions in your AWS environment since it was first launched.

    AWS CloudWatch

    AWS CloudWatch is a monitoring service. That means it allows you to monitor the performance of your AWS resources and applications.

    Where would you use AWS CloudWatch?

    • To analyze logs - CloudWatch is useful in exploring and analyzing logs. Why would you do that? By analyzing your logs, you might find issues that can be addressed to improve the performance of your applications. Besides that, when a resource/application fails, you can determine what happened and why by looking at the logs.
    • To monitor your applications - For instance, you could monitor EC2 metrics such as CPU utilization, memory used, status check, network throughput, and more. It gives you insights about your application so you can act accordingly. For example, if you notice an EC2 instance is nearing capacity you can add another one to avoid degraded performance or downtime.
    • To optimize your resources - With CloudWatch, you can specify what happens when a specific threshold is met or not. For example, terminate an EC2 instance if a condition is met. Or create additional instances to support more traffic.

    Moreover, AWS CloudWatch is made up of multiple monitoring tools such as:

    • Events - You can trigger an action based on an event. For instance, we could create an event that sends an email to the administrator when a resource fails. You specify how and when to trigger an action. Then you define what action to trigger. Thus, CloudWatch events are very useful.
    • Alarms - With alarms, you need to define a threshold, a condition, and what to trigger. The most popular scenario is an alarm for billing. That is, trigger an alarm if the estimated charges are greater than the threshold set.
    • Logs - CloudWatch logs allow you to store the log files for various sources such as EC2 instances, CloudTrail, and many more. You can then use these logs to detect issues, find leaks, patterns, and so on.

    Finally, AWS CloudWatch is an excellent service that you can use to monitor the performance and metrics of your resources and applications that run in AWS. It helps you to improve and scale your applications. It also enables you to stay within a budget, and thus not having unwanted costs. Consider CloudWatch as a person that watches your applications to make sure they work correctly, and at the best prices.

    AWS CloudTrail

    Consider AWS CloudTrail as a detective that watches over your AWS account and environment. It provides information on:

    • What action was taken
    • Who performed it
    • When the action was taken
    • Where the action was taken

    For instance, let’s say your S3 bucket was deleted by mistake. You can use AWS CloudTrail to see who deleted the bucket, when, and where (e.g. API Call or from the AWS Management console).

    Thus, the primary use case for AWS CloudTrail is to monitor the activity in your AWS environment. Additionally, CloudTrail is compliance support due to providing a history of activity in your AWS environment. So it’s easy to ensure your business is adhering to regulatory standards and internal policies.

    The difference between AWS CloudWatch and CloudTrail

    AWS CloudWatch monitors your AWS resources and applications, whereas CloudTrail monitors the activity in your AWS environment. For instance, with CloudWatch, you can scale your applications, whereas, with CloudTrail, you can see who did what to your applications.you might find issues. They are not mutually exclusive, and you can set CloudTrail to send events to a CloudWatch log, for instance.

    Remember:

    • CloudWatch monitors performance, whereas CloudTrail monitors actions in your AWS environment.
    S.No.AWS CloudwatchAWS Cloudtrail
    1.It is mainly concerned with happenings on AWS resources.It is mainly concerned with what is done on AWS and by whom.
    2.It is a monitoring service for AWS resources and applications.It records API activity in the AWS account.
    3.Using Cloudwatch you can track metrics and monitor log files. You can also set alarm for various events.CloudTrail provides greater visibility into user activity by tracking AWS console actions including who made the call, from which IP address and when.
    4.It specifically records the application logs.It provides information about what occurred in your AWS account.
    5.It delivers metric data in 1 minute period for detailed monitoring and 5 minute periods for basic monitoring.It delivers an event within 15 minutes of the API call.
    6.It stores data in its own dashboard in the form of metrics and logs.It can centralize all the logs across regions and even across many accounts and store them on S3 bucket.
    7.It offers free basic monitoring resources by default, such as EC2 instances, RDS, etc.It is enabled by default when AWS account is created and start working from then.
    8.AWS CloudWatch focuses on the health of aws resources.AWS CloudTrail focuses on the activities performed inside the aws environment.
    9.It provides offers to collect, analyze and monitor applications health.It provides Auditing services for AWS accounts.
    10.In CloudWatch, Logs are saved in Particular group.In CloudTrail, Logs are saved in S3 Bucket.
    11.AWS CloudWatch is available in free and premium pricing models.AWS CloudTrail is free. If you want to put up a single trail to deliver a single copy of management events.
    12.Companies using CloudWatch are Airbnb and 9GAG.Companies using CloudTrail are Netflix and Slack.
Posted by at No comments:

Elastic Load Balancer in AWS

 In simplest terms, cloud computing means storing and accessing the data and programs on remote servers that are hosted on the internet instead of the computer’s hard drive or local server. It is also referred to as Internet-based computing.

Features of cloud 

  • No up-front investment
  • Lowering operating cost
  • Highly scalable and efficient
  • Easy access
  • Reducing business risks and maintenance expenses

Advantages of Elastic Load Balancer

  • ELB automatically distributes incoming application traffic across multiple targets, such as EC2 instances, containers, and IP addresses, to achieve high availability.
  • It can automatically scale to handle changes in traffic demand, allowing you to maintain consistent application performance.
  • It can monitor the health of its registered targets and route traffic only to the healthy targets.
  • It evenly distributes traffic across all availability zones in a region, improving fault tolerance.

Disadvantages of Elastic Load Balancer

  • ELB can add latency to your application, as traffic must pass through the load balancer before being routed to your targets.
  • It has limited customization options, so you may need to use additional tools and services to fully meet your application’s requirements.
  •  It can introduce additional complexity to your application architecture, requiring you to manage and maintain additional resources.
  • It can increase your overall AWS costs, especially if you have high traffic volumes or require multiple load balancers.

Amazon Web Services

Amazon Web Services is a subsidiary of Amazon.com that provides on-demand cloud computing platforms for individuals, companies, and governments, on a paid subscription basis , pay-as-you-go principle. Amazon Web Services offers a highly reliable, scalable, low-cost infrastructure platform in the cloud.

Elastic load balancer

Elastic load balancer is a service provided by Amazon in which the incoming traffic is efficiently automatically distributed across a group of backend servers in a manner that increases speed and performance. It helps to improve scalability of your application and secures your applications. Load Balancer allows you to configure health checks for the registered targets. In case any of registered target fails the health check, the load balancer will not route traffic to that unhealthy target. Thereby ensuring your application is highly available and fault tolerant.

Load balancer acting as single point of routing traffic

Types of load balancer

A. Classic Load Balancer: It is the traditional form of load balancer which was used initially. It distributes the traffic among the instances and is not intelligent enough to support host-based routing or path-based routing. It ends up reducing efficiency and performance in certain situations. It is operated on connection level as well as request level. Classic  Load Balancer is in between the transport layer (TCP/SSL) or the application layer (HTTP/HTTPS .

B. Application Load Balancer: This type of Load Balancer is used when decisions are to be made related to  HTTP and HTTPS traffic routing. It supports path-based routing and host-based routing. This load balancer works at the Application layer of the OSI Model. The load balancer also supports dynamic host port mapping.

C. Network Load Balancer: This type of load balancer works at the transport layer(TCP/SSL) of the OSI model. It’s capable of handling millions of requests per second.  It is mainly used for load balancing TCP traffic.

D. Gateway Load Balancer: Gateway Load Balancers provides you the facility to deploy, scale, and manage virtual appliances like firewall. Gateway Load Balancers combines a transparent network gateway and then distributes the traffic.

Posted by at No comments:

What does an AMI include?

 An AMI includes the following things

  • A template for the root volume for the instance
  • Launch permissions decide which AWS accounts can avail the AMI to launch instances
  • A block device mapping that determines the volumes to attach to the instance when it is launched
Posted by at No comments:

Auto Scaling And fleet management in Auto Scaling

 

 What is Amazon EC2 Auto Scaling?

This AWS service automatically adds or removes EC2 instances as per the changing demands in workloads. Also, this service detects the unhealthy EC2 instances in the cloud infrastructure and replaces them with new instances, consequently. In this service, scaling is achieved in dynamic scaling and Predictive scaling. They can be used separately as well as together to manage the workloads. 

 What is fleet management in Amazon EC2 Auto Scaling?

Amazon EC2 auto-scaling service continuously monitors the health of Amazon EC2 instances and other applications. When EC2 auto-scaling identifies unhealthy instances, it automatically replaces the unhealthy EC2 instances with new EC2 instances. Also, this service ensures the seamless running of applications and balances EC2 instances across the zones in the cloud.

Posted by at No comments:

Top product categories of AWS

 The top product categories of AWS are:

  1. Compute
  2. Storage
  3. Database
  4. Networking and Content Delivery
  5. Analytics
  6. Machine Learning
  7. Security
  8. Identity
  9. Compliance
Posted by at No comments:

What is DNS?

 Let me make it very simple for you all.

Imagine that there’s no naming system for us. We all are identified to each other by our ‘Date of Birth’. How many people’s identification (DOB) will you be able to remember? Not much, right?

Now, let’s come to the reality. We all have a unique name to get recognized. These unique words (name) are way simpler to deal with than the combination of date, month and year (DOB), isn’t it? And this is how we communicate easily and conveniently.

This is the exact concept used in DNS (Domain Name System).

Every websites on internet are hosted in a public IP address - Wikipedia, which is a 32-bit long unique number used for the identification of each networking devices.

Similar, to the above stated example, it would be very difficult for human beings to memorize these public IP addresses while accessing the websites. So, DNS came into existence to make it convenient for us to access websites by the domain names rather than the public IP address

Thus, whenever we type an URL (domain name) in our browser, in the back end, it gets mapped into the respective public IP address and that’s how we are able to access the same website. This is all done by DNS.

Wondering how to find out the public IP address of a website?
Just open the command prompt of your PC by typing ‘cmd’ in search area. In the prompt, type ‘nslookup <website domain>’, you will be provided with name and address of the website you search for.
Or you can use various websites like Mxtoolbox (https://mxtoolbox.com/).

The Domain Name System (DNS) is the complete database of the Internet. Humans access information online through domain denominations. Any web browsers run with IP addresses. The role of DNS is to translate domain names to IP addresses.

Each contrivance connected to the Internet has a unique IP address which other machines use to find the contrivance. DNS servers eliminate the desideratum for humans to memorize IP addresses such as 192.168.1.1.

The process of DNS resolution involves converting a hostname into a computer-cordial IP address (such as 192.168.1.1). An IP address is given to each contrivance on the Internet, and that address is indispensable to find the congruous Internet contrivance - like a street address is utilized to find a particular home. When a utilizer wants to load a webpage, a translation must occur between what utilizer types into their web browser (Example Domain) and the machine-amicable address indispensable to locate the Example Domain webpage.

Posted by at No comments:

Sunday, 5 February 2023

Why am I being charged for Amazon EC2 when all my instances were terminated?

 I've terminated all my Amazon Elastic Compute Cloud (Amazon EC2) instances, but the Billing and Cost Management console still shows that I'm being charged for EC2.

Resolution

Check the following common causes:

You incurred the charges earlier in the billing cycle

If you ran an EC2 instance at the beginning of the month but you stopped or terminated it later, then your bill will include charges for the time that the instance was running.

You terminated your instances, but you still have EC2 resources provisioned to your account

The Elastic Compute Cloud line item in your bill includes resources other than instances. EC2 instances are often used along with other EC2 resources, such as the following:

  • Elastic IP addresses
  • Amazon Elastic Block Store (Amazon EBS) volumes

Expand the Elastic Compute Cloud line item in the Bills page to see your EC2 usage by resource. Then, open the Amazon EC2 console and terminate or delete any resources that you don't need.

Stopped instances don't incur charges, but Elastic IP addresses or EBS volumes attached to those instances do.

To disassociate an Elastic IP address from an instance, see Disassociating an Elastic IP address.

For information on releasing an unattached Elastic IP address, see Releasing an Elastic IP address.

To detach an EBS volume from an instance, see Detaching an Amazon EBS volume from a Linux instance.

To delete an EBS volume that you no longer need, see Deleting an Amazon EBS volume.

To delete an EBS snapshot that you no longer need, see Deleting an Amazon EBS snapshot.

You terminated your instances in one Region, but you have instances running in another Region

To check whether you have active EC2 instances in other Regions, do the following:

  1. Open the Billing and Cost Management console.
  2. Choose Bills in the navigation pane.
  3. In the Bill details by service section, expand the Elastic Compute Cloud line item.
  4. Check if you have active EC2 instances in other Regions.

After confirming the Regions where EC2 resources are incurring charges, do the following:

  1. Open the Amazon EC2 console.
  2. In the navigation bar, select the respective Region from the Region Selector.
  3. Terminate or delete EC2 resources that you don't need.

New instances have launched on your account

Services such as Amazon EC2 Auto Scaling and AWS Elastic Beanstalk can launch instances automatically based on how you configured them. If you created Spot Instance requests or Spot Fleet requests, then Spot Instances are launched when a certain Spot bid price is met.

Check that service's documentation for more information on terminating these resources. If you're not sure which service or resource is launching instances on your account, then contact AWS Support for help.

You purchased a Reserved Instance

Reserved Instances are billed each month for each hour in a given month until the end of the Reserved Instance contract.

If you're no longer using an instance type, then modify any applicable Reserved Instances to sizes that suit your current use case. You can also sell your instance on the Amazon EC2 Reserved Instance Marketplace.

Posted by at No comments:

What are regions, zones and edge locations in Cloud computing?

 Cloud computing is the delivery of IT services over the internet.

Cloud service providers offer services such as:

  • Storage
  • Firewalls
  • Network
  • Servers
  • Databases
  • Developer tools
  • Security
  • Analytics, etc.

Cloud Service Providers help manage hardware resources. This management is done through data centers.

Data centers house the hardware, plus other critical software applications that help secure and manage our cloud services.

Data centers are physical facilities located at a particular place on earth. They are mostly owned by Cloud Service Providers such as Amazon (AWS), Google (Google Cloud), Microsoft (Microsoft Azure), IBM Cloud, Alibaba Cloud, etc.

Data Centers: Regions, Zones and Edges



Regions

Regions are geographic locations where the data centers owned by public cloud service providers’ reside.

A region could refer to places, e.g., Africa, Europe, the Middle East, Asia Pacific, the United States, China, etc. Regions could also be named by the Cloud Service Provider.

In any case, regions are considered a geographic location or an area on a map.

A region should have at least two availability zones.

Regions are important when using cloud services. It is important to use regions close to ones proximity. This reduces latency and cost. Choosing a region farther away from you would lead to high latency of service delivery and high cost.

Availability Zones (AZs)

An availability zone or AZ is an isolated location within a geographic region that serves as a physical data center. These locations are where data centers reside and services from Cloud Service Providers originate and operate.

Availability zones serve various purposes such as:

  • Compliance
  • Customer proximity
  • Decrease of latency
  • Resource protection, etc.

You can decide to replicate your services across multiple availability zones so as to derive the benefits listed above.

Edge locations

Edge locations involve placing computers, storage, database, and other select cloud services closer to end-users.

They are located in major cities around the world and they are specifically used by CDNs to distribute content to end-users to reduce latency.

Posted by at No comments:
Subscribe to: Posts (Atom)