SAP-C02 Amazon AWS Certified Solutions Architect Professional – New Domain 5 – Continuous Improvement for Existing Solutions part 2
- Understanding Infrastructure as Code ( IAC )
Hey everyone, and welcome back to the Knowledge Portal video series. Now in today’s lecture, we will be speaking about infrastructure as code. Now, this specific approach of building infrastructure has gained a huge popularity among today’s market. And a lot of organizations are now migrating to infrastructure as a codebased approach. So let’s get go ahead and understand this. So, coming back to the basics, there are two ways in which you can actually build your infrastructure. One is by manually creating the infrastructure. So you manually create a server, everything will be manual and second will be through automation. So when I talk about manual, let’s just see on how it works. Let’s assume there needs to be an easy to instance.
So you got a requirement from a developer which says that an EC two instance is required. So what you do, you go to AWS or whatever cloud provider, you do everything manual. Like you select the operating system. Once you select the operating system, you select the resources like it needs a two GB Ram or a four GB Ram. Once you select the resource, you select in which VPC, what are the firewall settings, and everything will be a manual approach. So tomorrow, again, if a developer needs one more instance, again you log into the cloud provider console, you do everything manually. So that is the manual approach. Definitely. That manual approach is repetitive and it takes a lot of time. And second is through automation.
So what happens in automation is like you write a simple script which launches an easy to instance. So whenever developer requests you for an easy to instance, you just run the script and the EC to instance will be created for you. So this specific approach of automation is a very sturdy approach and this is something which must be implemented, I would say, in most of the organization. So let’s understand this with the example of a single service. So in many of the organizations, the environment is segregated. Like you have a development environment, you have a staging as well as you have a production. So anything new or any new service that comes up, the infrastructure has to be first built in the development environment.
So you will need some EC two instances you will need a MySQL database, you will need a S three bucket. And there will be some kind of a pipeline that has to be created. Now, in a traditional way, you will be doing everything manual. So in development environment, you launch everything manual. And once the development environment seems to be working, the developer will ask you to do the same or replicate the same setup in staging. So what you do, you go to the staging account, you again create an entire infrastructure which would be a similar application in the staging environment. Now, once the testing and everything is done in staging, again, the developer and the QA team will ask you to move everything to production. And now what you’ll do, you move the entire environment.
Again you will launch instances, you’ll create a MySQL database, s three bucket, everything manual and this is just for a single service. So you will understand the efforts that will be needed by a DevOps or by a solutions architect guy to launch this infrastructure for a single service. But when you talk about big organization, they actually have like 500 to 600 services and doing things manually actually does not suffice. So you cannot scale this approach. And specifically for a lazy people like me, doing things manually is out of reach. So in order to solve this, what you have is you have an infrastructure as a code. So what you do, you write a template which will launch an infrastructure for you. And from that template, what you do is you launch a development environment.
So the entire template of creating EC, two instances, databases, s three bucket is written over here and you launch this template in the development environment and everything will be created for you. Now, after a week or two, once the developer will tell to replicate this environment in staging, you don’t really have to worry because you have the template, you go ahead and launch the template and the same infrastructure will be created. Similarly, after a month, if the QA team asks you to deploy it in production, again, you don’t have to worry, you can directly launch it from the template. So only efforts that you will be needing is in the initial time when you have to create a template, you have to write a code and after that you don’t really have to worry about it.
So this is called as the infrastructure as code. I’ll show you a demo so that it will become much more clear to you. So let me open up my item. So, I have a simple infrastructure as code based template, which I have written based on TerraForm. So what this basically does, it creates an EC to instance based on a specific AMI. This is the Amazon Linux AMI. Then you have a T two micro instance and you have a security group. So if you look into the security group, there are two ports which are present over here. One is for inbound and one is for outbound. So in inbound it is allowing port 22 on this specific IP and outbound it is allowing all the ports for zero, zero, zero. Perfect. So we have written a sample template and this template is based on AWS and it will be launched in the EU with Hyphen one region.
Perfect. So this is something that we really wanted. So let’s do one thing, let’s go ahead and deploy the template. So let’s go to TerraForm. And let me just quickly verify if everything seems to be proper, and it is. So I have actually copied the entire template in the EC two instance and what we’ll do is we have a region. Let me show you. I have a region, Ireland, and there are no instances which are created over here. So we will be creating our first EC two instance with the help of infrastructure as a code. Perfect. So since I have my working code ready, what I’ll do is I’ll run a TerraForm plan. So this template is based on TerraForm which is again a great infrastructure as code platform. So what it is showing is it is actually showing you what exactly will be created in your AWS account.
So this seems to be proffered. And I’ll run TerraForm Apply. TerraForm Apply will go ahead and deploy everything that is written in the code to your cloud provider, in our case AWS. So if you’ll see over here, it is creating a security group first. And once the security group will be created, it will create an EC to instance and it will connect the security group to the EC to instance. So it might take a minute for this to be deployed. So you see, it is creating the EC to instance. Till that time, let me show you. There are various platforms which are available for developing infrastructure as a code. TerraForm is one of the very nice ones which I really like.
So this is something that we will be using extensively. And we actually have an entire codes coming up for the TerraForm. So stay tuned. Along with that, there are other platforms also available like AWS cloud formation which allows you to do similar things. Now, one of the difference between cloud formation and TerraForm is that cloud formation is vendor specific. Like it is only for AWS, you cannot use this for other cloud providers. However, TerraForm can be used for other cloud providers as well. And this is the reason why this is really great. Perfect. So now coming back, you will see our TerraForm template has completed and it says that there are two resources which are created. So let’s do one thing. Let me just refresh the EC to console.
And now you see our first EC, two instances created with the name IAC and it has a security group. Let me just open up the security group and in the inbound you will see we have one inbound rule which is created and in the outbound you have one outbound rule which is also created. So now if I want to create the same instance in some different region, the only thing that I have to do is I have to specify the region over here and then it will create the same easy to instance in a different region as well. So this is the very high level overview about infrastructure as a code. So let’s come back to our PowerPoint presentation. So there are various benefits of running infrastructure as a code.
One is the reusable code. So if you develop a three tire based architecture, you don’t really have to write the code again. Because in Internet there are a lot of people who have actually written the code related to three tire based architecture, based on TerraForm or based on cloud formation. So what you can do is you can just copy their code and you can launch your infrastructure based on that. You really have to write the entire code again. That is one very big advantage. Second advantage is that you can manage infrastructure via source control. So you can actually commit your code in git so you will have a proper source control. And second is? Third is you can enable collaboration. And if you have multiple solutions architect within your organization, everyone can collaborate and write a comprehensive infrastructure as a code. Any.
- Getting started with CloudFormation
Hey everyone, and welcome back to the Knowledge Portal video series. Now, in the earlier lecture we discussed the basic about infrastructure as code and we also looked into how we can create an infrastructure based on TerraForm. Now, in today’s lecture we’ll be speaking primarily about AWS Cloud formation because this is something that will come in exams. So AWS Cloud Formation is yet another platform where you can launch infrastructure based on code. So let’s go ahead and understand more about AWS Cloud Formation. So I have launched AWS cloud formation from the console. Now, the first thing that you need to do is you have to click on Create new Stack. So I’ll just click here and there are some templates which are available. Let me just select Lampstack template.
And one really nice thing that I really love about cloud formation is the designer.So if you just click over here, what cloud formation will do is it will show you the entire design in a nice UI way. So this is what is there. So you have a simple EC two instance here and there is a dependency link on the security group. So there will be a security group which will be created first. And after the security group is created, you have an EC Two instance which will be launched based on the security group. So if I just click here in here, you will automatically be directed to the security group template. So if I just click on the EC two, you will be directed over here. Now, there are a lot of other resource types that you can create from the designer itself. And the cloud formation will automatically create code for you.
So there are two template languages which are available. One is JSON and second is YAML. YAML is recently introduced and I would say much more awaited because writing things in JSON is a really big pain. Anyway, so let me just close this and let’s start again. I’ll select lampstack. I click on next. It will ask me for some default settings. I’ll say stack name would be KP Labs Demo. Let’s put a database password. DB user would be KP admin instance type. Let me put it at t two micro and key name. I have already created a key. So I’ll select KP Labs as a key name. We’ll go next. Click on next. It will show you the configuration that you had selected.And go ahead and click on Create.
So now what will happen is cloud formation will use the template and it will start to create a resource based on the template that has been written. So in the Events tab you will find on what exactly is happening. So you see the status is Create in progress. Now there are two important things that will be created. One will be the security group and second will be the EC to instance. So now you will see the security group. Initially it was created in progress. And once the security group got created, it had a tag of Create Complete. Once security group got created since it had a dependency. After the security group got created, then the EC two instance is getting launched. So this is how things are once these events get completed.
Let me just show you. I’ll click on EC two and now you see there is one instance which is running based on T two micro instance and it automatically has a security group as well. And the key name which was associated is Kplab. So all of these things is automatically created with help of cloud formation. So the entire stack is created, you see create Complete. Now let me show you. In the outputs column you will get the URL. So this is the URL of the EC two instance. And now if you click here you will be presented with the PHP page of the EC to instance. So this is the basic about what cloud formation is all about. Now, as a personal choice, I would really encourage you to go with TerraForm because it is never recommended to stick with vendor specific. TerraForm is really easy to learn.
As we have already seen that the template that you create with TerraForm, it is very very simple. So you specify the AMI ID, you specify the instance type and you specify the security group over here. So this is very very simple to type and to understand. However, when you talk about cloud formation, it really sometimes it becomes a big pain. So this is the template that got created. You see, this is the template for creation of simple security group and easy to instance based on lampstack. So again, it really depends on your choice. But from what I would encourage you, TerraForm is really the best as of now. So anyway, I would encourage you to try this out. Try both TerraForm, tryboat cloud formation, see which one suits for you. And with this we’ll conclude this lecture related to the first part of cloud formation. Thanks for watching.
- Understanding GetAtt function in CloudFormation
Hey everyone and welcome back to the Knowledge full video series. So in this lecture today we’ll be looking into the functions which are available in Cloud formation. So basically Cloud Formation provides several built in functions that helps us managing our stacks when we deploy them. So there are certain prebuilt functions which are present in Cloud formation which which we can use to achieve a lot of use cases. Now some of these functions are find in Map, you have Get at which basically means get attribute, you have get AZ you have base 64 you have joined and many others. So let’s look into one of them. So basically the function of get at basically returns a value of an attribute from a resource in a template.
So what do I mean by this? Now, whenever you create, let’s assume EC two instance. Every EC two instance has a DNS name which is associated with him. So let me give you an example. So I have an EC to instance over here and you have a DNS hostname which is present over here. So if we want like if we are deploying an EC to instance to Cloud formation template, we want that once the EC to instance is created the Cloud formation template should return as the DNS name so that we can directly open this up from the browser. Now, in order to achieve that we can use the function of get attribute. So this is a sample code where you have my ELB which is one of the resource and you have the DNS name.
So what this will do is once the ELB gets created then it will return the DNS name of the elastic load balancer which we can use directly. So let’s do one thing we will have an overview about function of join and function of get attribute in today’s lecture so that we can understand more about how these works. So let’s do one thing. Let’s go to Cloud formation and let’s create a sample stack. And I’ll be using a sample lamp stack which is available from the template I’ll click on next let’s give it a stack name. I’ll say KP labsample. Let’s give the database password. I’ll select instance type as t two micro so that it fits in our free tire. The key name is the one that is configured over here and I’ll click on next we’ll just leave it as it is and we’ll go ahead and click on Create.
So basically this go ahead and creates the EC to instance which has the sample lampstack which is up and running. So let’s do one thing, let’s wait for a while till the resource gets created. Let’s just check in our EC two and you see one EC two instance is creating. So currently status check is unable to describe. So this is because the instance is just starting. So now what would happen is whenever you create an instance or whenever you start an instance. You see this instance has a public DNS name which is associated with it. So basically what we ideally want is once the stack is created, the stack should return us this public DNS name so that we don’t really have to go to the easy to console and manually find the DNS name.
And this tag actually has a function of get attribute which would return as the public DNS name associated with the EC to instance. So let’s just wait for a while till the stack stack gets completed. Perfect. So the stack is now completed. So now if you go into the output section, you see the output section is basically giving us the value associated. So you see this is the PHP extensions of the EC to instance. Now if you want to see how exactly this came, this came because the template had the get attribute function which was created. So if you go into the template section, let’s go a bit down. So there should be a website URL.
You see there is a website URL and under the website URL there is a function of get attribute which basically will give the public DNS name associated with the web server instance resource. So this is the web server instance and this is the public DNS name associated with it. So cloud formation will take this DNS name and it will put over here. Along with that there is a function of join. So what function of join will do is it will take the Http and it will join it with the public DNS name. So in the value column, in the value column of the website URL you will get Http then the EC to hyphen 13 229. So if you just look into the output section you see http 13 229 big URL so this is what functions are all about. There are various other functions like find in map get attribute join base 64.