Global Infrastructure

• A global application is an application deployed in multiple geographies

  • Geographies in AWS could mean Regions and / or Edge Locations

• Benefits:

  • Decreased latency
    • Latency is time taken for a network packet to reach a server (Ex. takes time for a packet from Asia to reach the US)
    • Deploy applications closer to your users to decrease latency, improving experience
  • Disaster recovery
    • If an AWS region goes down (earthquake, storms, power outage, politics, etc.), you can failover to another region to maintain application runtime
    • A disaster recovery plan is important to increase the availability of your application
  • Attack protection
    • Distributed global infrastructure is harder to attack

• Global AWS Infrastructure

  • Regions: For deploying applications and infrastructure
  • Availability Zones: Made of multiple data centres
  • Edge Locations (Points of Presence): For content delivery as close as posible to users
  • More information at https://infrastructure.aws/

• Global applications in AWS

  • Global DNS: Route 53
    • Good for routing users to the closest deployment with least latency
    • Good for disaster recovery strategies
  • Global Content Delivery Network (CDN): CloudFront
    • Replicate part of your application to AWS Edge Locations to decrease latency
    • Cache common requests, improves user experience and decreases latency
  • S3 Transfer Acceleration
    • Accelerate global uploads & downloads into Amazon S3
  • AWS Global Accelerator
    • Improve global application availability and performance using the AWS global network

Route 53

• Route 53 is a managed DNS (Domain Name System)

• A DNS is a collection of rules and records which help clients understand how to reach a server through URLs

• Most common records in AWS:

  • www.google.com --> 12.34.56.78 == A record (IPv4)
  • www.google.com --> 2001:0db8:85a3:0000:0000:8a2e:0370:7334 == AAAA IPv6
  • search.google.com --> www.google.com == CNAME: hostname to hostname
  • example.com --> AWS resource == Alias (ex. ELB, CloudFront, S3, RDS, etc.)

• Routing Policies

  • Simple Routing Policy
    • Web browser enter DNS and perform a query, gets and IP address
    • No health checks
  • Weighted Routing Policy
    • Distribute traffic across multiple EC2 instances, assign weights to instances representing weight to distribute
    • Can use health checks
  • Latency Routing Policy
    • Dynamically redirect the user to connect to a closer server based off their location, reducing latency
  • Failover Routing Policy
    • DNS performs health check on a primary instance, if it fails then it will use a failover instance
    • A form of disastery recovery

CloudFront

• CloudFront is a CDN (Content Delivery Network)

• Improves read performance since content is cached at different edge locations

• Users around the world will have a better experience

• As of the course being published, there are 216 points of presence globally (edge locations)

• Content being distributed globally enables DDoS protection, integration with Shield and AWS Web Application Firewall

• Origins of CloudFront

  • S3 bucket
    • For distributing files and caching them at the edge
    • Enhanced security with CloudFront Origin Access Control (OAC)
    • OAC is replacing Origin Access Identity (OAI)
    • CloudFront can be used as an ingress (to upload files to S3)
  • Custom Origin (HTTP)
    • Application Load Balancer
    • EC2 instance
    • S3 website (must enable the bucket as a static S3 website)
    • Any HTTP backend as desired

• CloudFront vs S3 Cross Region Replication

  • CloudFront
    • Global edge network
    • Files are cached for a TTL for maybe a day
    • Great for static content that must be available everywhere
  • S3 Cross Region Replication
    • Must be setup for each region you want replication to happen
    • Files are updated in near real-time
    • Read-only
    • Great for dynamic content that needs to be available at low latency in few regions

• S3 Transfer Acceleration

  • Increase transfer speed by transferring a file to an AWS edge location which forwards the data to the S3 bucket in the target region

AWS Global Accelerator

• Global Accelerator is a network service for improving global application availability and performance using the AWS global network

• Leverages the AWS internal network to optimise the route to your application (up to 60% improvement)

• 2 Anycast IP are created for your application and traffic is sent through edge locations

• The edge locations send the traffic to your application

• AWS Global Accelerator vs CloudFront

  • Both use AWS global network and its edge locations around the world
  • Both integrate with AWS Shield for DDoS protection
  • CloudFront - Content Delivery Network
    • Improves performance for your cacheable content (ex. images and videos)
    • Content is served at the edge
  • Global Accelerator
    • No caching, proxying packets at the edge to applications running in one or more AWS regions
    • Improves performance for a wide range of applications over TCP or UDP
    • Good for HTTP use cases requiring static IP addresses or deterministic, fast regional failover

AWS Outposts

• AWS Outposts are "server racks", offering the same AWS infrastructure, services, APIs and tools to build your own applications on-premises similar to the cloud
• A hybrid cloud consists of on-premises infrastructure alongside a cloud infrastructure
  • Two ways of dealing with IT systems:
    • One for the AWS cloud (using AWS console, CLI and APIs)
    • One for their on-premises infrastructure
• AWS will setup and manage Outposts Racks within your on-premises infrastructure and you can start leveraging AWS services on-premises
• You are responsible for the Outposts Rack physical security
• Benefits:
  • Low latency access to on-premises systems
  • Local data processing
  • Data residency
  • Easier migration from on-premises to the cloud
  • Fully managed service
  • Some services that work on Outposts:
    • EC2, EBS, S3, EKS, ECS, RDS, EMR

AWS Wavelength

• Wavelength Zones are infrastructure deployments embedded within the telecommunications providers' data centres at the edge of 5G networks
• Brings AWS services to the edge of 5G networks
  • Ex. EC2, EBS, VPC, etc.
• Ultra-low latency applications through 5G networks
• Traffic doesn't leave the Communication Service Provider's (CSP) network
• High-bandwidth and secure connection to the parent AWS Region
• No additional charges or service agreements
• Use cases:
  • Smart Cities
  • ML-assisted diagnostics
  • Connected vehicles
  • Interactive Live Video Streams
  • AR/VR
  • Real-time gaming

AWS Local Zones

AWS Local Zones is a type of infrastructure deployment that places selected AWS services closer to end users to run latency-sensitive applications

• Services include AWS compute, storage, database and some other ones
• Extend your VPC to more locations ("Extension of an AWS Region")
• Compatible with EC2, RDS, ECS, EBS, ElastiCache, Direct Connect, etc.
• Ex. AWS Region: N. Virginia (us-east-1) and AWS Local Zones: Boston, Chicago, Dallas, Houston, Miami, ...

Global Applications Architecture

• Single Region, Single AZ
  • Low availability, high global latency, easy to setup
• Single Region, Multi AZ
  • High availability, high global latency, not as easy to setup
• Multi Region, Active-Passive
  • Active-Passive: Two regions, each having one or multiple AZ. In one region, EC2 instances / application are active (read / write) and the ones in the other region are passive (read-only)
  • High global write latency, low global read latency, medium setup difficulty
• Multi Region, Active-Active
  • Similar to above, but both regions have active instances (read / write)
  • Low global read and write latency, difficult to setup