| certifications | cloud - Steve Schwettman
Simple and Practical Uses for AWS and EC2 for Sysadmins
Every systems administrator needs to think about transitioning at least some systems to the cloud eventually. The reasons are many. Perhaps, the command has trickled down from the C-Suite. Or maybe you're in the process of retiring outdated hardware or software, and the cloud is beginning to look like a viable replacement.
Moving systems to the AWS cloud doesn't have to be an apocalyptic event. It's probably better for most of us to approach systems on an individual basis, considering how the cloud may help us to deliver and administer that solution more effectively.
But where do we begin? We should focus on solutions that keep our users, our supervisors, and ourselves happy. This means utilizing AWS to reduce costs while improving functionality and reducing the administrative workload.
A note about terminology. The AWS cloud has its own nomenclature which probably works against it more than Amazon realizes. This often-cryptic terminology is one of the first barriers that AWS newbies must overcome. As we delve into the best AWS services to get started with, we'll use italics to define AWS-specific terms as we go.
Free Yourself from Hardware Hassles
Purchasing hardware is expensive. A new state of the art server will be outdated in a few short years. So, when it's time to retire hardware, it's worthwhile to consider transitioning those services to an AWS EC2 instance instead. An Elastic Compute Cloud (EC2) instance is the same concept as a Virtual Private Server (VPS).
To launch your own EC2 server, you just need to select an appropriate AMI from the console to build a server with the OS and base software that you need, then log in and configure it as needed. Amazon Machine Images (AMIs) are a collection of prebuilt servers that you can choose based on your individual needs. You can also create your own AMI so that you can bring up multiple servers with your custom configuration.
What makes EC2 really cool, though, is that when your server reaches the limits of its power or capacity, it can be scaled from the console. CPU, memory, and storage can all be upgraded by stopping the instance, choosing the appropriate new specifications, and restarting. This means those long nights and weekends performing data center migrations are over.
In addition to manual scaling, EC2 instances can be auto-scaled based on load. For more dynamic services that see frequent spikes in utilization, this is the best way to get the most server bang for your buck.
Utilize the AWS Cloud for Web Site Hosting
EC2 instances are perfect for building a LAMP or WISA stack. By taking advantage of Amazon's global network infrastructure, network performance and availability far exceed anything you can build locally. A self-managed EC2 instance can be better tailored to your specs compared to using a web host or colocation. Updates can be rolled out according to your schedule, security is more robust, and EC2 can be cheaper than other server options.
Setting up a cloud-based web server is extremely simple. You can choose an AMI image with your preferred web and database servers already installed, or start with the barebones Amazon Linux 2 or Windows Server 2019 Base. After selecting the appropriate AMI from the console, you configure your security keys, launch the instance, and log in to the terminal. You can transfer files using an FTP client, set up your web server and database as needed, and you're good to go.
Go Serverless with AWS Lambda
Believe it or not, with a bit of planning it's possible to go completely serverless for many applications. The two AWS services that enable this are Lambda and S3.
AWS Lambda is a place to store and call code without the need to build a server. Lambda supports many programming languages, allowing functions that are repetitive in nature to execute in a serverless environment. Lambdas can be created to operate application backends for mobile device apps, web sites, email processing functions, or scheduled tasks such as computations on a database. Because all Amazon services use a monitoring and data logging system called CloudWatch, Lambda can connect to Cloudwatch logs for complex log file analysis and business intelligence.
The Simple Storage Service (S3) is another service that can enable serverless functionality. S3 is a file storage service that doesn't require any provisioning of block storage (hard drive) space. Not only can this cut costs for data storage items like backups and data lakes, it also provides static hosting for objects like web pages, photos, and music files.
Using these two serverless technologies, it's possible to operate even complex dynamic web applications without the need to administer a server. S3 serves the static content while Lambdas generate dynamic pages.
Let AWS Deal with Spammers
Moving to a managed email service is the best way to tackle the spam headache. Managed email services are able to utilize heuristics that are only possible due to their large number of mail accounts. They can identify and stop spam without any involvement from you or your users.
Avoid the temptation to build your own mail server using an EC2 instance. The administrative workload of maintaining and securing an email server is unnecessarily high. AWS offers two managed email services that handle all of the complexities for you, providing a better experience for your users than you could accomplish on your own.
Amazon Workmail is AWS's primary mail service, creating Exchange-like accounts that can be accessed through native Outlook support, a web interface, or POP/IMAP. WorkMail can integrate with your Active Directory, and even acts as a Mobile Device Manager for pushing policies to your user's devices.
For those organizations who need to send bulk or transactional mail, SES (Simple Email Service) is Amazon's service for sending automated email. SES can integrate with software and databases to send transactional emails, such as receipts and confirmations. It can also process large mailing lists to send promotional or other bulk messages. SES also has the ability to receive email programmatically, scanning for content with a Lambda function or delivering mail to an S3 bucket.
Move Backups and Data Archives to the AWS Cloud
Both online and offline backups are a simple matter with AWS, whether backing up data on local servers, user workstations, or remote servers. To back up an EC2 server, the console contains a "Create Image" function that briefly stops your server, creates an AMI, and restarts the server. Depending on the size of the server, this process can take less than a minute.
Backups of other servers or workstations can be performed in either an online fashion using S3, or using a more cost-effective offline-styled system called Glacier. Glacier is a low-cost data backup system with a slow retrieval rate. This is the best backup option for data that will likely not need to be accessed except in case of emergency. A glacier client can be installed on just about any system, allowing you to specify what folders/files to archive and set a schedule.
Replace Virtual Machines with AWS LightSail
With AWS, globally accessible development or test environments can be brought online in a minute. Lightsail is Amazon's sandboxing environment where virtual private servers can be brought online quickly and with very few configuration hoops to jump through. Think of Lightsail as a greatly simplified version of EC2. Services can be brought up for testing without relying on the limitations of your local workstation or server.
If cost is a major factor in launching your test environment, you can use EC2 Spot Instances instead. Spot Instances use a bidding process to utilize spare server capacity at ultra-low costs.
AWS Provides Desktop as a Service
Today, there are several methods of creating a virtual desktop environment for your users. The advantages to VDI are many:
- Admins can rapidly spin up a controlled environment for work outside the office, for instance if there's a sudden pandemic. Ideally, this environment can be accessed from any client such as a remote PC, Mac, mobile device, or even within a web browser.
- You can keep outdated hardware on users' desks longer as it simply becomes a terminal.
- Technical support becomes easier as a tech can connect to the VDI session and troubleshoot user problems without the complications involved in using a remote support client.
- Security and compliance are greatly improved as no data is stored outside the server.
The problem with conventional VDI is the heavy administrative burden. The VDI server, firewall, and network all have their own administrative challenges to overcome. Most of us don't have time to take on these additional challenges, especially if we have to bring up VDI at a moment's notice.
Using AWS, it's possible to implement a much faster and simpler solution that can be online in a day rather than months. Amazon Workspaces is a cloud-based Desktop Service (DaaS) that enables the advantages of VDI without the implementation or administration hassles.
It can be difficult to decide where to get started with AWS, especially if our systems are currently running smoothly. After all, we don't want to tear up everything and create new problems. However, when we reach limitations with our current infrastructure, AWS just might provide the capacity and capabilities we need while still managing to cut costs and reduce our administrative burden.