Chapter 7
AWS Global Infrastructure
WHAT'S IN THIS CHAPTER
- Introduction to the AWS global infrastructure
- A tour of the AWS management console
In the previous chapter, you got an overview of the cloud services offered by Amazon, with emphasis on services for machine learning applications. In this chapter you will learn about the AWS global infrastructure. AWS physical infrastructure consists of a system of geographical regions, Availability Zones, and content distribution edge locations. Not all AWS services are available in every region.
Regions and Availability Zones
An AWS region is a physical location in the world from which cloud-based services are offered. Amazon ensures that you get to choose the region in which your data is physically located, making it easy for you to meet regional regulatory requirements.
An AWS region is divided into multiple Availability Zones (AZs) (see Figure 7.1).
FIGURE 7.1 Multiple Availability Zones in a single region
An Availability Zone consists of one or more data centers, housed in separate facilities, each with redundant power, networking, and connectivity. These data centers are connected to each other with private fiber-optic networking and enable you to build and operate scalable and fault-tolerant applications that are not possible from a single data center.
Availability Zones let you architect applications that automatically fail over between the AZs in a region without interruption. As of this writing, nineteen regions are spread throughout the world. Additionally, Amazon has announced that it is planning new regions in Bahrain, SAR China, and Sweden. You can find a complete list of regions and Availability Zones at https://aws.amazon.com/about-aws/global-infrastructure/.
Table 7.1 lists the current AWS regions and AZs within each region.
TABLE 7.1: AWS Regions and Availability Zones
| REGION | AVAILABILITY ZONES | COMMENTS |
| U.S. West (Oregon) | 3 | Launched in 2011. |
| U.S. West (Northern California) | 3 | Launched in 2009. |
| U.S. East (Northern Virginia) | 6 | Launched in 2006. |
| U.S. East (Ohio) | 3 | Launched in 2016. |
| AWS GovCloud | 3 | Launched in 2011. Only accessible to U.S. government employees. |
| Canada (Central) | 2 | Launched in 2016. |
| EU (Ireland) | 3 | Launched in 2007. |
| EU (Frankfurt) | 3 | Launched in 2014. |
| EU (London) | 3 | Launched in 2016. |
| EU (Paris) | 3 | Launched in 2017. |
| Asia Pacific (Singapore) | 2 | Launched in 2010. |
| Asia Pacific (Tokyo) | 4 | Launched in 2011. |
| Asia Pacific (Osaka) | 1 | Launched in 2018. |
| Asia Pacific (Sydney) | 3 | Launched in 2012. |
| Asia Pacific (Seoul) | 2 | Launched in 2016. |
| Asia Pacific (Mumbai) | 2 | Launched in 2016. |
| China (Beijing) | 2 | Launched in 2014 in partnership with Beijing Sinnet Technology Co., Ltd. (“Sinnet”), the service operator and provider for AWS China (Beijing) Region. |
| China (Ningxia) | 3 | Launched in 2014 in partnership with Ningxia Western Cloud Data Technology Co., Ltd. (“NWCD”), the service operator and provider for AWS China (Ningxia) Region. |
| South America (São Paulo) | 3 | Launched in 2011. |
| Canada | 2 | Launched in 2016 |
- NOTE Not all cloud-based services are available in every region. To get a comprehensive list of services available in each region, visit
https://aws.amazon.com/about-aws/global-infrastructure/regional-product-services/.
When you start out using AWS, you will most likely base all your cloud-based applications in a single region. The default region applied to new AWS account sign-ups from the UK and the United States is U.S. East (Northern Virginia).
At some point in the future, you may want to base some of your cloud services in different regions to serve customers there more quickly. Cross-region replication is not automatically applied and usually involves additional effort and costs.
Edge Locations
An edge location is a content-distribution end point for CloudFront. Amazon CloudFront is a secure content delivery service that integrates with Amazon's S3 and allows caching of frequently used media files closer to the point of consumption. More than 50 edge locations are found around the world. You can get a complete list of edge locations at https://aws.amazon.com/about-aws/global-infrastructure/.
To understand how edge locations work, let's assume you have a video file in an S3 bucket in the Asia Pacific (Tokyo) region that your users want to access. This video file has a URL that your users can employ to download the video.
Every time a user decides to download your video, no matter where he is, he needs to connect across the Internet to a data center in Tokyo. This can involve significant delays depending on how far your users are from the data center (see Figure 7.2).
FIGURE 7.2 Geographically distant users accessing a video file from Tokyo
You can place copies of this video file in S3 buckets in additional AWS regions like Beijing and Singapore to mitigate the problem to an extent.
If you decided to use CloudFront to distribute this video file, give your users a new CloudFront URL for the video, not the original S3 URL. The first user who accesses your video still ends up connecting to a data center in Tokyo. When CloudFront receives the first request, it automatically caches this video at an edge location, closer to the user, for subsequent access. If another user in the same geographical area as the first user were to request the same file, CloudFront would use the cached copy from the edge location, resulting in significantly lower latency for the second user (see Figure 7.3).
FIGURE 7.3 Edge locations can be used to cache frequently used content
Using CloudFront with S3 involves additional costs and setup, but if your application requires your user to download large files frequently, CloudFront can result in a significantly improved experience for your users.
Accessing AWS
In this section you learn about the different means by which you (or your application) can connect to AWS. An individual or application can connect to AWS in four ways:
- Using the AWS management console
- Using the command-line interface
- Using platform-specific developer SDKs
- Using RESTful web services
Beneath its surface and true to its name, AWS is a collection of RESTful web services. You can access every service AWS offers via a RESTful web service. The management console, command-line interface, and platform-specific SDKs build upon the underlying RESTful web service API. The manner in which you choose to access AWS depends on your job function.
If you are managing or administering services, you are likely to prefer the management console's web-based, user-friendly interface. If you are a DevOps person who frequently executes scripts, you are likely to prefer the command-line interface. And if you are an app developer, you are likely to use an SDK specific to your platform if one is available.
As of this writing, developer SDKs are available for the following platforms:
- Python
- Ruby
- C++
- iOS
- Android
- Java
- .NET
- Node.js
- PHP
- Go
You can get an up-to-date list of platform-specific developer SDKs along with installation instructions and SDK documentation at https://aws.amazon.com/tools/. The lessons in this book primarily utilize the AWS management console and occasionally the AWS SDK for Python.
The AWS Management Console
The AWS management console is a web-based application that permits you to manage your AWS account and configure cloud-based services. Log in to the AWS management console at https://aws.amazon.com.
Click the Sign in to The Console link located at the upper-right corner of the website (see Figure 7.4). You are asked to provide your AWS account username and password.
FIGURE 7.4 AWS home page
The landing page of the management console provides quick links to configuration pages for various AWS services, as well as links to training videos (see Figure 7.5). The look and feel of the landing page is constantly updated; therefore, the appearance of the landing page may differ from the screenshots.
FIGURE 7.5 AWS management console home page
The menu bar at the top of the management console offers several useful options (see Figure 7.6). This navigation menu does not change when you move to different pages within the management console.
FIGURE 7.6 AWS management console menu bar
HOME MENU
The leftmost icon in the menu bar is the home icon. This menu item can be used to access the home screen of the management console from any page.
SERVICES MENU
The Services menu (see Figure 7.7) contains links to all AWS services and can be used to quickly jump to the relevant subsection within the management console for any service.
FIGURE 7.7 Accessing the Services menu in the AWS management console
RESOURCE GROUPS MENU
The Resource Groups menu allows you to access a subset of your own AWS resources (such as EC2 instances, load balancers, and databases) that have been tagged. A new AWS account has no resource groups configured; in such a case, the Resource Groups menu resembles Figure 7.8.
FIGURE 7.8 Resource Groups menu
Let's assume that you have created a Java-based application called CustomerAPI and are using a number of EC2 instances to support the application in the AWS EU (London) region. If all the EC2 instances that support the application have been assigned a tag called Name with value CustomerAPI, you could then create a resource group to logically group all the EC2 instances and view all these grouped resources on one screen (see Figure 7.9).
FIGURE 7.9 Creating a resource group
Existing resource groups can be accessed by clicking the Saved Groups menu item under the Resource Groups menu (see Figure 7.10).
FIGURE 7.10 Tagged resources are visible in the Resource Groups menu.
Clicking the CustomerAPI-Infrastructure resource group takes you a screen where you can see all AWS resources that are included in the group (see Figure 7.11).
FIGURE 7.11 Resources in the CustomerAPI-Infrastructure resource group
Resource groups provide a convenient means to access resources quickly. Membership of a resource in a resource group is based on the value assigned to a few tags, the type of the resource, and the region in which it resides. Membership of a resource in a resource group does not mean individual resources automatically belong to a virtual network, have restricted IP addresses, or are assigned security permissions.
ACCOUNT MENU
You can use the Account menu to configure account settings, access contact information and billing reports, and update security credentials. Unlike other menus discussed so far, the Account menu appears with the name used when creating the AWS account and not the name Account (see Figure 7.12).
FIGURE 7.12 Account menu
REGIONS MENU
With the Regions menu, you can select the AWS region to which the management console is attached. By default, the management console is set to use the U.S. East (Northern Virginia) region, and any resources you allocate will be built there. To change regions, simply click the menu and select a different region (see Figure 7.13).
FIGURE 7.13 Regions menu
SUPPORT MENU
The Support menu is the rightmost option in the menu bar. You can use the options under this menu to contact AWS customer support and access documentation.
Summary
- Amazon uses a system of geographical regions to provide cloud-based services to end users. Not all AWS services are available in every region.
- An AWS region is a physical location in the world from which cloud-based services are offered.
- A region is divided into multiple Availability Zones. An Availability Zone consists of one or more data centers.
- An edge location is a content-distribution end point for CloudFront. Amazon CloudFront is a secure content delivery service that integrates with Amazon's S3 and allows caching of frequently used media files closer to the point of consumption.
- You can access AWS services using the AWS management console, the command-line interface, platform-specific developer SDKs, and a set of RESTful web services.