Notes on: Linux Academy: AWS CSAA: 15) Application & Messaging Services

Just a place to put some notes on the “AWS Certified Solutions Architect - Associate (New!)” course from https://linuxacademy.com

Application Services

Image: Architecture: AWS Account & Services Layer (Application Services)

SNS (Simple Notification Service)

Image: Architecture: Simple Notification Service

SNS Essentials:

- SNS coordinates and manages the sending and delivery of messages to specific endpoints
- We are able to use SNS to receive notifications when events occur in our AWS Environment
- SNS is integrated into many AWS services, so it is very easy to setup notifications based on events that occur in those services
- With CloudWatch and SNS, a full-environment monitoring solution can be created that notifies administrators of alerts, capacity issues, downtime, changes in the environment, and more!
- The service can also be used for publishing IOS/Android app notifications, and creating automation based off notifications

SNS Components:

- Topic:
+ The group of subscriptions that you send a message to

- Subscription:
+ An endpoint that a message is sent
+ Available endpoints include:
-- HTTP
-- HTTPS
-- Email
-- Email-JSON
-- SQS
-- Application, Mobile APP notifications (IOS/Android/Amazon/Microsoft)
-- Lambda
-- SMS (cellular text message)

- Publisher:
+ The “entity” that triggers the sending of a message
+ Examples include:
-- Human
-- S3 Event
-- Cloudwatch Alarm

Image: SNS Dashboard Common Actions

SNS Publisher:

- The “entity” that triggers the sending of a message
- Examples include:
-- Human
-- S3 Event
-- Cloudwatch Alarm

SNS Topic:

- The group of subscriptions that you send a message to

SNS Subscriber:

- An endpoint that a message is sent to
- Available endpoints include:
-- HTTP
-- HTTPS
-- Email
-- Email-JSON
-- SQS
-- Application, Mobile APP notifications (IOS/Android/Amazon/Microsoft)
-- Lambda
-- SMS (cellular text message)

SQS (Simple Queue Service)

Image: Architecture: Simple Queue Service

SQS Essentials:

- SQS provides the ability to have hosted/highly available queues that can be used for messages being sent between servers
- This allows for the creation of distributed/decoupled application components
- SQS is used to create decoupled application environments
- Messages between servers are retrieved through polling

Two types of polling:
- Long Polling (1-20 seconds):
-- Allows the SQS service to wait until a message is available in a queue before sending a response, and will return all messages from all SQS services
-- Long polling reduces API requests (over using short polling)
- Short Polling:
-- SQS samples a subset of servers and returns messages from just those servers
-- Will not return all possible messages in a poll
-- Increases API requests (over long polling), which increases costs

Other important SQS facts:
- Each message can contain up to 256KB of text (in any format)
- Amazon SQS guarantees delivery of each message at least once BUT DOES NOT guarantee the order (best effort) in which they are delivered to the queue
- It does not guarantee first-in-first-out order
- SQS is also highly available and redundant

SQS Workflow:
- Generally a “worker” instance will “poll” a queue to retrieve waiting messages for processing
- Auto Scaling can be applied based off of queue size so that if a component of your application has an increase in demand, the number of work instances can increase

Decoupled Architecture:

- Tightly Coupled System:
-- A system architecture of components that are not just linked together but are also dependent on each other
-- If one component fails all components fail

- Loosely Coupled/Decoupled Systems:
-- Multiple components that can process information without being connected
-- Components are not connected - if one fails the rest of the system can continue processing (fault tolerant/highly available)

- AWS Services that are used for distributed/decoupled system architectures:
-- SWF (Simple Work Flow Service)
-- SQS (Simple Queue Service)

Image: Tightly Coupled System / Loosely Coupled System

SQS Message:

- A set of instructions that will be relayed to the “worker” instances via the SNS Queue
- Can be up to 256KB of text (in any format)
- Each message is guaranteed to be delivered at least once:
-- Order is not guaranteed
-- Duplicates can occur

SQS Queue:

- A queue stores messages (for up to 14 days) that can be retrieved through “polling”
- Queues allow components of your application to work independently of each other (decoupled environments)

SWF (Simple Workflow Service)

Image: Architecture: Simple Workflow

Simple Workflow Essentials:

- SWF is a fully-managed “work flow” service provided by AWS
- A SWF workflow allows an architect/developer to implement distributed, asynchronous applications as a work flow
- A workflow coordinates and manages the execution of activities that can be run asynchronously across multiple computing devices
- SWF has consistent execution
- Guarantees the order in which tasks are executed
- There are no duplicate tasks
- The SWF service is primarily an API which an application can integrate its work flow service into. This allows the service to be used by non-AWS services, such as an on-premise data center
- A workflow execution can last up to 1 year

Components of SWF
- Workflow: A sequence of steps required to perform a specific task
-- A workflow is also commonly referred to as a decider
- Activities: A single step (or unit of work) in the workflow
- Tasks: What interacts with the “workers” that are part of a workflow
-- Activity task - Tells the worker to perform a function
-- Decision task - Tells the decider the state of the work flow execution, which allows the decider to determine the next activity to be performed
- Worker: Responsible for receiving a task and taking action on it
-- Can be any type of component such as an EC2 instance, or even a person

API Gateway

Image: Architecture: API Gateway

API Gateway Essentials:

- API Gateway is a fully-managed service that allows you to create and manage your own APIs for you application
- API Gateway acts as a “front door” for your application, allowing access to data/logic/functionality from your back-end services

API Gateway Main Features:

- Build RESTful APIs with:
-- Resources
-- Methods (i.e. GET, POST, PUT)
-- Settings
- Deploy APIs to a “Stage” (different envs: i.e. dev, beta, production)
-- Each stage can have its own throttling, caching metering and logging
- Create a new API version by cloning an existing one
-- You can create and work on multiple versions of an API (API version control)
- Roll back to previous API deployments
-- A history of API deployments are kept
- Custom domain names
-- Custom domain names can point to an API or Stage
- Create and manage API keys for access AND meter usage of the API keys through Amazon CloudWatch logs
- Set throttling rules based on the number of request per second (for each HTTP method)
-- Request over the limit throttled (HTTP 429 response)
- Security using Signature v.4 to sign an authorize API calls
-- Temporary credentials generated through Amazon Cognito and Security Token Service (STS)

Benefits of API Gateway:

- Ability to cache API responses
- DDos protection via CloudFront
- SDK generation for IOS, Android, and JavaScript
- Supports Swagger (a very popular framework of API dev tools)
- Request/response data transformation (i.e. JSON IN to XML OUT)

API Gateway Caching:

- API Gateway will cache API responses so that duplicate API request do not have to hit your back-end
-- This reduces load on your back-end AND
-- Speeds up calls to your back-end
- You can configure a cache key and Time to Live (TTL) of the API response
- Caching can be setup on a per API or per stage basis

API Gateway: CloudFront

- API Gateway benefits from using CloudFront infrastructure:
-- Built in Distributed Denial of Service (DDoS) attack protection and mitigation
-- All CloudFront Edge Locations become entry points for your API into your back-end
- Summary: Benefits are reduced latency and improved projection

API Gateway: CloudWatch

- CloudWatch can be used to monitor API Gateway activity and usage
- Monitoring can be done on the API or Stage level
- Throttling rules are monitored by CloudWatch
- Monitoring metrics include such statistics as:
-- Caching
-- Latency
-- Detected errors
- Method-level metrics can be monitored
- You can create CloudWatch alarms based on these metrics

Quiz: Application Services Quiz

Q: An SQS Message is?
A: A set of instructions stored in an SQS queue that can be up to 256KB in size
E: An SQS message can be up to 256KB in size of text (in any format) and is used to relay instructions from one instance to another (via an SQS queue).

Q: How can you create different versions of an API using API Gateway and also create a full development lifecycle? (2 answers)
A1: Create a new API version by cloning an existing one
A2: Deploy APIs to stages: dev, beta, production
E: You can create lifecycle stages (dev, beta, production) for which to deploy APIs. Each stage can have it's own throttling, caching metering, and logging. You can also create a new API version by cloning an existing one. In addition, you can roll back to previous versions of an API.

Q: If your application's architecture is currently tightly coupled, what AWS service should you use to decouple the application?
A: SQS (Simple Queue Service) and, to a lesser extent, SWF (Simple Workflow) can be used to decouple application components.

Q: What are some of the essential elements of API Gateway?
A1: API Gateway is a fully managed service that allows you to create and manage your own APIs for your application
A2: API Gateway acts as a "front door" for your application.
E: API Gateway is a fully managed service that allows you to create and manage your own APIs for your application. API Gateway acts as a "front door" for your application, allowing access to data/logic/functionality from your back-end services.

Q: What best describes decoupled architecture?
A: A system architecture of multiple components that can process information without being connected.
E: A loosely coupled (or decoupled) system is one that has multiple components but can work independently of each other. So if one fails, the other components can continue to work.

Q: How long can an SWF workflow execution last?
A: 1 year

Q: What service should you choose if you want to send notifications via text message to a system administrator?
A: SNS
E: SNS (Simple Notification Service) is the AWS service that provides the ability to send notifications to various endpoints, with SMS (test messages) being one of them.

Q: What are some of the benefits of using API Gateway? (2 answers)
A1: Ability to cache API responses
A2: DDoS protection via CloudFront
E: Benefits of API Gateway include:
- Ability to cache API responses
- DDoS protection via CloudFront
- SDK generation for IOS, Android, and Javascript
- Supports Swagger (a framework of API dev tools)
- Request/response data transformation

T: SNS can be used to send push notifications to Android and iOS mobile devices.

Q: What is the purpose of an SWF decision task?
A: It tells the decider the state of the work flow execution.
E: A decision task is used to communicate (back to the decider) that a given task has been completed.

Comments