Scenario - creating a highly available campaign site for loungebeer.com
The course is part of these learning paths
In this group of live videos, we tackle a practical scenario to help you learn real-world cloud consulting skills.
This is a unique and engaging live video format where we join the Cloud Academy AWS, Azure, and Google Cloud Platform teams in a real-time work situation. The team listen to a customer brief, discuss and define technical requirements and then evaluate which of the public cloud platforms could best deliver on the customer requirements.
From this course, you will learn how cloud professionals go about solving real-world business problems with cloud solutions.
With this course, you will learn how cloud professionals tackle and solve a business problem with each of the three public cloud platforms. This course is highly recommended for anyone interested in learning how to become a cloud architect, specialist or consultant!
Learning how to use your cloud skills in real-world situations is an important skill for a cloud professional. Real life projects require you to be able to evaluate requirements, define priorities and use your knowledge of cloud services to come up with recommendations and designs that can best meet customers' requirements. As a cloud professional you often have to think on your feet, process information quickly and be able to demonstrate design ideas quickly and efficiently.
In this course, we work through a customer scenario that will help you learn how to approach and solve a business problems with a cloud solution. The scenario requires us to build a highly available campaign site for an online competition run by loungebeer.com - a "craft" beer launching a new product in to the market at the US Superbowl event.
In these interactive discussions we join the team as they evaluate the business requirements, define the project constraints, and agree the scope and deliverables for the solution. We then work through the technical requirements we will use to evaluate how each of the three cloud platforms - Google Cloud Platform, AWS and Microsoft Azure - could be used to meet the technical requirements.
We follow each of the platform teams as they define solution architectures for Google Cloud Platform, AWS and Microsoft Azure. We then regroup to run a feature and price comparison before the team builds a proof of concept for our solution design.
This group of lectures will prepare you for thinking and reacting quickly, prioritzing requirements, discussing design ideas and coming up with cloud design solutions.
02/2018 - DynamoDB now supports encryption at rest so that would potentially influence our choice of database in thie scenario
For planning tools see
For more information on White Listing see
- [Andrew] Guy, what are you thinking from GCP? Do you think there's a alternative for GCP?
- Yeah, I think there's a pretty good one with GCP. I think App Engine is the way to go.
- Tell us more.
- I considered, yeah ... I did consider cloud functions. So, it'd be similar to what Ben did, but it's still in beta. So, I figured that's not a good idea. But, App Engine has been around for a long time. It's quite mature and it makes it really easy to deploy on websites. And, as far as the database goes, Cloud Data Store is a NoSQL database that would work quite well, I think.
- [Andrew] Encryption at rest?
- [Guy] Encryption at rest, yep. The great thing about GCP is that everything is encrypted. There's encryption at rest in all their services. Everything in flight is encrypted. Like, you just never have to worry about it. Unless, you want your own key management system or something. So, there's that. Cloud Data Store is also very tightly coupled with App Engine. They were almost sort of designed together. And, so I figured there probably wasn't a need to put any kind of a queuing service in between the two of them. I think it can handle the load. That makes it a very simple design. Other than that, as far as availability goes, it automatically scales and it scales very quickly. No pre-warming is required for Google's load balancing.
- That's a plus.
- Yeah, App Engine basically, I think it does that by default.
- Okay, okay.
- Yeah, it's sort of designed to do that. So, there are some other benefits from that too. There's the fact that, you know one of the things with security and trying to prevent denial of service attack, Google has thing called their Front End that sits in front of their load balancer and it automatically takes care of attacks from layer four and down. SYN floods and things like that.
- [Andrew] I love the simplicity that we've got coming through here. Like, we need to keep this simple and efficient. Any other thoughts on design, Guy? Got any other ideas?
- [Guy] Well, one more thing, while we're still on the denial of service. If necessary, there's also a way to configure it to black list particular IP addresses or networks or that sort ...
- [Andrew] Can we do that dynamically? Because, the risk we have is we've got, potentially, a 30 minute window where we will definitely get a lot of activity and if for some reason, someone finds out about this and does some sort of denial of service attack on the site, at that particular time, we need to have some automation to ensure that the site rolls over while we black list any of those addresses. So, is that something that we could bake in there?
- Well, it uses a YAML file to configure that. So, I don't know that it's really quick.
- [Andrew] Yeah, I guess. Potentially, manual. Hmm.
- [Guy] Update the YAML file and update the service. It probably wouldn't take too long, but it's not going to be a lightning fast resolution, I would imagine.
- [Andrew] What were your thoughts on outputs? Like, the key requirement is to have consistent collection of data, right? We need to make sure that we do not lose any data. That every entry is recorded. That the entry is information is encrypted and secure because some of it is personal. Not highly personal, but personal enough for the client to require from us that it's encrypted at rest. So, it sounds like we have that covered. Any ideas on multi-regions?
- With App Engine, you do specify the region it's going to be in and it spreads it across zones, of course, to make it H-A, but it can't be multi-regional. You could deploy it in another region later on if you needed to move it or something like that. As far as the front end goes, you guys both mentioned CDN and you could do something like that with App Engine as well. You can use Cloud Storage as the front end for the static assets on the website and Cloud Storage is kind of its own CDN. It just takes care of that for you. You actually don't even need to use Google's official product, which is Cloud CDN, for that. Cloud Storage is multi-regional.
- [Andrew] Okay.
About the Author
Head of Content
Andrew is an AWS certified professional who is passionate about helping others learn how to use and gain benefit from AWS technologies. Andrew has worked for AWS and for AWS technology partners Ooyala and Adobe. His favorite Amazon leadership principle is "Customer Obsession" as everything AWS starts with the customer. Passions around work are cycling and surfing, and having a laugh about the lessons learnt trying to launch two daughters and a few start ups.