AWS System Administration

Foreword
Preface
Audience
Conventions Used in This Book
Using Code Examples
O’Reilly Safari
How to Contact Us
Acknowledgments

1. Setting Up AWS Tools
Getting Started
Preparing Your Tools
Installing the AWS Command Line Interface
Parsing JSON Output with jq
Legacy AWS Command-Line Tools
Managing Your Costs

2. First Steps with EC2 and CloudFormation
What Is an Instance?
Instance Types
Processing Power
Storage
Networking
Launching Instances
Launching from the Management Console
Launching with Command-Line Tools
Launching from Your Own Programs and Scripts
Introducing CloudFormation
Working with CloudFormation Stacks
Creating the Stack
Updating the Stack
Looking Before You Leap
Deleting the Stack
Which Method Should I Use?
Amazon Machine Images
Building Your Own AMI
Deregistering AMIs
Pets vs. Cattle

3. Access Management and Security Groups
The AWS Security Model
Account security checklist
Multi-factor authentication
Identity and Access Management
Amazon Resource Names
IAM Policies
IAM Users and Groups
IAM Roles
Using IAM Roles from Other AWS Accounts
Using IAM in CloudFormation Stacks
Security Groups
Protecting Instances with SSH Whitelists
Virtual Private Networks and Security Groups
A Security State of Mind

4. Configuration Management
Why Use Configuration Management?
OpsWorks
Choosing a Configuration Management Package
Puppet on AWS
A Quick Introduction to Puppet
Puppet and CloudFormation
User Data and Tags
Executing Tasks with Fabric
Master-less Puppet
Building AMIs with Packer
Automate All the Things

5. An Example Application Stack
Overview of Application Components
The Web Application
Database and Caching
Background Task Processing
Installing the Web Application
Preparing Puppet and CloudFormation
Puppet Files
CloudFormation Files
Creating an RDS Database
RDS: Updating Puppet and CloudFormation
Creating an ElastiCache Node
ElastiCache: Updating Puppet and CloudFormation
Installing Celery with Simple Queueing Service
Celery: Updating Puppet and CloudFormation
Building the AMIs
Creating the Stack with CloudFormation
Application Factory

6. Auto Scaling and Elastic Load Balancing
What Is Auto Scaling?
Static Auto Scaling Groups
Notifications of Scaling Activities
Scaling Policies
Scaling on CloudWatch Metrics
Elastic Load Balancing
Elastic Load Balancer and Auto Scaling Groups
ELB Health Checks
Managing Outages
Mastering Scale

7. Deployment Strategies
Instance-Based Deployments
Executing Code on Running Instances with Fabric
Updating Instances at Launch Time
AMI-Based Deployments
Deploying AMIs with CloudFormation
Deploying AMIs with the EC2 API
Webscale Thinking
Application immutability
Takeaways

8. Building Reusable Components
The Importance of Being Reusable
Role-Based AMIs
Mapping Instances to Roles
Patterns for Configuration Management Tools
Modular CloudFormation Stacks

9. Log Management
Central Logging
Logstash Configuration
Logging to S3
AWS Service Logs
S3 Lifecycle Management

10. DNS with Route 53
Why Use Route 53?
Failure is an Option: Service Failover with Route 53
Ramping Up Traffic
Surviving ELB and Application Outages with Route 53
Takeaways

11. Monitoring
Why Are You Monitoring?
CloudWatch
CloudWatch Basics
Auto Scaling and Custom Metrics
Old Tools, New Tricks

12. Backups
Backing Up Static Files from EC2 Instances to S3
Rolling Backups with S3 and Glacier
PostgreSQL and Other Databases
pg_dump
Snapshots and Continuous Archiving
Off-Site Backups

Index