-
-
Save AWScommunity/33ab6119dcdeffa149f245f3257fd889 to your computer and use it in GitHub Desktop.
| R E A D . T H I S : gist ma image rakhna 1. paila image pc ma save gara. 2. bottomest gist ma gayera footbar ko image icon ma click garera foto upload gara. 3. tyo link copypaste chaheko gist ma gara. JustDoThisWay navaye img nakhulne etc hunxa | |
| blog ma vane just tyo image select direct jspaint batai garee cutpaste gara |
Chapter6- Solution Architecture Design Patterns
111 samma vyaxu bbek, yo githuba lai ni vscode jasto dark gara
REMOVE ALL MERN etc screens ,and I DONT EVEN NEED saurav's docker compose methods, IDIOT cant u understand THIS SERVERLESS is BULLDOZER whie sauravs was shit tractor. FULLLLLLLLLL FOCUUUUUUUUS on serverless but before that, certifiction before that JOB from dhananjay or kumar or leapforg, if so, cert also not needed
115 bata herea
cloud soln archi SAA - CO2 quiz solving screenshots, put this way so as to not steal FOCUS from main meats above.
https://user-images.githubusercontent.com/11883023/184070149-17cad737-a8be-4f99-b4f8-569f5b99c8a4.png
https://user-images.githubusercontent.com/11883023/184070191-691e28c7-830a-473e-9e8c-cb9714ae3777.png
https://user-images.githubusercontent.com/109033173/187847252-1f3b7709-04bb-4a34-9c3e-271a6b92553e.png
When launching EC2 instance with instance type that supports instance storage, what use case best for instance storage?
- Instance storage is faster than EBS vol. so, install root of operating sys on this vol to speed up server performance.
- USe instance storage to serve temp files that require low I/O latency.
- USe instance storage to handle files uploaded by your users. Since its more secure than EBS vol, you can isolate any malicious fies from infecting your server. (X)
When creating new EC2 instance, we can access it from public internet BY auto-assigning to it new public IP address.
HINT is: A security group with no outbound rules will also block that resources from reaching out to other AWS service endpoints.
New CIO joins your company and implements a new company policy that all EC2 instances must have encryption at rest. What is the quickest and easiest way to apply this policy to your existing EC2 instances?
In the AWS console, click on the EC2 instances, click actions and click encrypt EBS voulmes.
Create a snapshot of the EC2 volume. Then create a copy of that volume, checking the box to enable encryption. Create an AMI of the copied snapshot and then redeploy the EC2 instance using the encrypted AMI. Delete the old EC2 instance. (Ans)
aws schematics ma
orange colors belong to compute tools like we see in ec2 or even to ecs or fargate.
so, 'baijani' color belong to service type or say, services like watching inspecting ur aws environments like how guard watches who comes goes in your offics building like that.. . cloudtrail cloudwatch belongs in here.
dark blue color belongs to automation tools like we see in code commit code build- devops rel.
PORT NOs. to remember while managing Access.Control.List. Its one specifics is Network.ACL ie ACL:
so what exactly is port no? Well, port nos are:
in an incoming message/packet, the IP address is used to identify the destination computer/node, whereas the port number further specifies the destination application/program in that computer. Similarly, all outgoing network packets contain application port numbers in the packet header to enable the receiver to distinguish the specific application. ((Now here Idk yet if port no. should be same for particular application like HTTPs whether its outgoing or incoming, I think shouldbe same) )
Port numbers are mainly used in TCP and UDP based networks, with an available range of 65,535 for assigning port numbers. Although an application can change its port number, some commonly used Internet/network services are allocated with global port numbers such as Port Number 80 for HTTP, 23 for Telnet and 25 for SMTP, port 22 for Bastion Host, which is for SSHing into instances on priv subnet.
del it if IT is in s3 white note anyway:
athena is like taxi u hire to get to while redshift is superfast car expensive rate when it comes to jobs like running sql query etc etc on your s3 db
colab
DOONT del here coz its hyperlinked in blog
from transformers import AutoTokenizer, TFAutoModel
tokenizer = AutoTokenizer.from_pretrained("google-bert/bert-base-uncased")
model = TFAutoModel.from_pretrained("google-bert/bert-base-uncased")
inputs = tokenizer ("Hello world!", return_tensors="tf")
outputs = model (**inputs)
The tokenizer is responsible for all preprocessing the pretrained model expects and can be called directly on a single string (as in the above examples) or a list. It will output a dictionary that you can use in downstream code or simply directly pass to your model using the ** argument unpacking operator.
CtrlF "Principles of Solution Architecture Design" Chapter 4 upto pg99; chap4 totally covered
Predictive Scaling is predicting when future traffic will likely be more based on historical data. AWS has features to it. Simply speaking, weekend time, or thanksgiving time etc etc will have more traffic whereas Reactive scaling is about designing Db suitably on sudden inc on traffic load & so accordingly have right-type-db-for-its-purpose as NoSQLtoStoreUserSessions&ReviewComments-RDBMSforTransaction-CACHINGbyEnginesLikeRedisToStoreFrequentQueries-DNScacheForQuickWebsiteLookup-BrowserCacheOnUser'sSystemToLoadFrequentlyRequestedPages at first hand, for eg. Determine web pages, which are read-only and can be cached. Which user queries need just to read that data, rather than write or update anything in the database? OR At the server fleet level, you need to use a load balancer in order to distribute traffic, and you need to use auto-scaling to increase or shrink several servers in
order to apply horizontal scaling.
Why Immutable Archi aka replaceable resources needed? Over time, this leads to different servers running in varied configurations, and troubleshooting them becomes a very tedious task. Sometimes, you have to keep running unnecessary resources when they are not needed, as you are not sure which server to shut down. The inability to replace servers makes it challenging to roll out and test any new updates in your server fleet. These problems can be solved by treating your server as a replaceable resource, which enables you to move more quickly to accommodate changes such as upgrading applications and underlying software. That is why, design applictions in immutable infrastructure.
Immutable Architecture: Immutable means, during application upgrades, you will not only replace software, but hardware too. Organizations make a significant capital investment in hardware and develop the practice of updating them with a new version of the application and
configuration.
To create replaceable servers, you need to make your application stateless and avoid the hardcoding of any server IP or database DNS name. Basically, you need to apply the idea of treating your infrastructure as software instead of hardware, and not apply updates to the
live system. You should always spin up new server instances from the golden machine image, which has all necessary security and software in place.
Creating immutable infrastructure becomes comfortable with the use of a virtual machine, where you can create a golden image of your virtual machine and deploy it with the new version, rather than trying to update an existing version. This deployment strategy is also
beneficial for troubleshooting, where you can dispose of the server that has an issue and spin up a new server from a golden image. You should take a backup of logs for root cause analysis before disposing of the server with issues. This approach also ensures consistency
across the environment, as you are using the same baseline server image to create all of your environment.
Think of Loose Coupling - Iknow it
The two most popular SOAs are based on Simple Object Access Protocol (SOAP) services and RESTful services.
In SOAP-based architecture, you format your message in XML and send it over the internet using the SOAP protocol, which builds on top of the HTTP.
In a RESTful architecture, you can format a message in XML, JSON, or plain text, and send it over a simple HTTP. However, RESTful architecture is comparatively more popular, as it is very lightweight and much more straightforward than SOAP.
Refer to Chapter : Solution architecture design patterns for more on this context.
Durability requirement: How should data be stored to prevent data corruption?
Data availability: Which data storage system should be available to deliver data?
Latency requirement: How fast should the data be available?
Data throughput: What is the data read and write need?
Data size: What is the data storage requirement?
Data load: How many concurrent users need to be supported?
Data integrity: How to maintain the accuracy and consistency of data?
Data queries: What will be the nature of the queries?
Adding Security Everywhere
Physical security of data center: All IT resources in data centers should be secure from unauthorized access.
Network security: The network should be secure to prevent any unauthorized server access.
Identity and Access Management (IAM): Only authenticated users should have access to the application, and they can do the activity as per their authorization.
Data security intransit: Data should be secure while traveling over the network or the internet.
Data security at rest: Data should be secure while stored in the database or any other storage.
Security monitoring: Any security incident should be captured, and the team alerted to act.
AUTOMATE WHEREVER POSSIBLE
Application testing: You need to test your application every time you make any changes to make sure that nothing breaks.
It's better to think about automating repeatable test cases to speed up deployment and product launch. Automate your testing at production scale and use rolling deployment techniques, such as canary testing {to apply rolling deployment with immutable infrastructure. It helps you to ensure that old-version production servers are replaced safely with new servers, without impacting the end users. In canary testing, you deploy your software update in a new server and route a small amount of traffic to it. If everything goes well, you will keep increasing traffic by adding more new servers, while disposing of the old servers. Canary deployment gives you a safe option to push your changes in the live production environment. If something goes wrong, only small numbers of users are impacted, and you have the option of immediate recovery by routing traffic back to the old servers. The solution architect needs to think ahead to use replaceable resources for deployment. They need to plan session management and avoid server dependency on hardcoded resources ahead of time. Always treat resources as replaceable and design your applications to support changes in hardware. The solution architect needs to set a standard to use various rolling deployment strategies, such as A/B testing or Blue/Green deployment. Treat your server like cattle, not like a pet; when this principle is applied to the replacement of problematic IT resources, quick recovery is ensured, and troubleshooting time reduced.} and A/B testing, to release changes.} and A/B testing, to release changes.
IT infrastructure: You can automate your infrastructure by using infrastructure as code scripting, for example, Ansible, Terraform, and Amazon CloudFormation. Automation of infrastructure allows environments to be created in minutes compared to days. Automation of infrastructure as code helps to avoid configuration errors and creates a replica of the environment.
Logging, monitoring, and alerting: Monitoring is a critical component, and you want to monitor everything every time. Also, based on monitoring, you may want to take automated action such as scaling up your system or alerting your team to act. You can monitor the vast system only by using automation. You need to automate all activity monitoring and logs in order to make sure that your
application is running smoothly, and that it is functioning as desired.
Deployment automation: Deployment is a repeatable task that is very time consuming and delays the last-minute launch in many real-time scenarios. Automating your deployment pipeline by applying CD CI helps you to be agile and iterate quickly on product features with a frequent launch. CD CI make small incremental changes to your application.
Security automation: While automating everything, don't forget to add automation for security. If someone is trying to hack your application, you want to know immediately and act quickly. You want to take preventive action by automating any incoming or outgoing traffic in your system boundary and alert any suspicious activity.