Managing RTO and RPO for AWS Disaster Recovery
AWS CloudFormation Operations
The course is part of this learning path
This section of the SysOps Administrator - Associate learning path introduces you to automation and optimization services relevant to the SOA-C02 exam. We will understand the service options available and learn how to apply these designs and solutions to meet specific design scenarios relevant to the exam.
- Understand how to decouple architecture using Amazon Simple Notification Service and the Simple Queue Service
- Learn how AWS CloudFormation can be used to optimize and speed up your deployments using infrastructure as Code (IaC)
Hello and welcome to this lecture. I'm going to provide you with a demonstration on, how to create a CloudFormation Stack using one of the AWS pre-configured templates.
Okay so I've just logged into my AWS Management Console, and we need to go to Cloud Formation. So you can simply type it in here, and it'll find the service, and now when you open Cloud Formation you will see a screen, that looks similar to the following, and we have a number of options here, we can create a stack. We can create a stack step, design the template or, create a template from your existing resources, and this is where Cloud Former comes into play. So what we want to do for this demonstration is, I just want to create a stack very quickly just to show you some of the pages that it goes through and some of the options that are available to you as well.
So I'm going to click on Create new stack. On the first stage of configuration, we have to go through is we select a template. Now, this describes the stack that you want to create and it's essentially the group of resources, that you want to manage. So we can either design our own template, using Cloud Formation Designer where we can add our resources in a graphical format, then the template what we built from that configuration, or we can choose a template. Now we can either select a sample template here, or we can upload a template to S3, and then specify that URL for our template. For this demonstration, I'm just going to select the sample template created by AWS. And that's just deploy a single instance WordPress blog. Now you can just take a look at this template in the designer view. So if I just click on that, it'll take us to the designer page. And then this is essentially what it's going to create, as a visual representation. Now I won't dive into this too much, I just wanted to show you that this is the designer view, and you can you can select different elements to show, what Cloud Formations going to create to each resource, so we have a security group here, we have a network interface and availability zone, for the instance and over here we also have another security group, with preconfigured details, and database security options etc. So that's what the designer looks like. Anyway let's get back to our template.
So once we've selected our sample template, we can click on next. And now we need to specify additional details, we need to give it a name. Just going to call this demo. Now because this template installs WordPress, we need to give it a database name, we'll just leave that as the default. And we'll need to give the WordPress database, admin account and password. Also password for the MySQL route. You need to create a username for the admin account. Now here we can select the EC2 instance type, that's going to be launched as a part of our deployment. You have the option to change the size of that as you see fit. But for this demonstration I'm just going to keep it as a t2 small.
Now here we can select a key, and this is the EC2 key pair to enable SSH access, to the instance when it's launched. And also we can specify the IP address range, that can SSH to this instance as well. For this demonstration, I'm just going to leave that as a default but when you're creating resources in your production environment, you should very specific on your SSH location for security reasons.
If I click on next. We now have a number of options that we can specify, we can set key-value pairs for our resources in the stack. For example a key of name and the value of, Cloud Formation Demo. Then we can specify permissions, and this section allows us to choose, an IAM role that will be used by Cloud Formation, to create our resources in the stack. Within a production environment, you'd probably have a service role created with explicit permissions, that allows Cloud Formation to provision specific resources. If I don't specify roll then Cloud Formation will, generate temporary permissions based on my own account. With rollback triggers, here we can see the rollback triggers enable you to have AWS Cloud Formation monitor the state of your application, during stack creation and updating. And to rollback that operation if the application breaches the threshold of any alarms that we've specified. This monitoring time here is specified in minutes and can be up to 3 hours and this simply specifies the amount of time that Cloud Formation should continue monitoring the stack deployment and updates, once all resources have been deployed. To see if any of the thresholds are reached within the triggers. So for example, if I set that to 180 then Amazon Cloud Formation will continue monitoring my deployment for up to three hours. Making sure that none of the thresholds of the triggers, that I have configured here are breached. If we look at the advanced section. We can set up some notification options on the progress of the stack. And we can set up an SNS topic here if we want to, or select an existing topic. I'm going to select no notification there. We have termination protection here, if that's enabled then it just prevents the stack from being deleted. I'm going to click that as disabled. The rollback on failure will essentially roll back the deployment if the stack fails. And a stack policy here. Now essentially what a stack policy does, is it prevents existing resources from being affected by the Cloud Formation stack. So you might want to protect them and prevent any updates happening to certain resources and you can do that via this stack policy.
Click on next, we can now review the configuration that we've set. Topic gives us the template URL that we selected, the description of what that template carries out, and this basically indicates that we're going to create an EC2 instance, with WordPress installed and a local MySQL database for storage. It gives us the details that we set. The stack name. The database passwords, etc. And any additional options. Once we're happy with all of those details, we simply click on create, and we can see that the stack is in progress.
We can see here the status, it's great in progress. And we can see a number of events during the creation down here. If we take a look at the resources tab here, we can see the different resources that are being created. So this, EC2 security group has been created, this one's in progress. Now I've just refreshed the screen, and we can see that now the status is complete. And we can see the security groups and the EC2 instance was completed and also the stack as well. Now if we go across to EC2 we should see our instance. And here it is, the Cloud Formation demo which is what we named it. And if we look at the description down here, we can also see the security group that was also created by Cloud Formation as well. And that's it, so that's how you can use Cloud Formation, to create a simple stack, to deploy resources within your environment, without having to write and create your own template itself.
That now brings me to the end of this quick demonstration. Coming up next I'll be reviewing a summary of the key points throughout this course.
Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data center and network infrastructure design, to cloud architecture and implementation.
To date, Stuart has created 150+ courses relating to Cloud reaching over 180,000 students, mostly within the AWS category and with a heavy focus on security and compliance.
Stuart is a member of the AWS Community Builders Program for his contributions towards AWS.
He is AWS certified and accredited in addition to being a published author covering topics across the AWS landscape.
In January 2016 Stuart was awarded ‘Expert of the Year Award 2015’ from Experts Exchange for his knowledge share within cloud services to the community.
Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.