Search icon Close icon
Search icon CANCEL
Subscription
0
Cart icon
Cart
Close icon
You have no products in your basket yet
Save more on your purchases!
Savings automatically calculated. No voucher code required
Arrow left icon
All Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletters
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
AWS for System Administrators

You're reading from  AWS for System Administrators

Product type Book
Published in Feb 2021
Publisher Packt
ISBN-13 9781800201538
Pages 388 pages
Edition 1st Edition
Languages
Concepts
Author (1):
Prashant Lakhera Prashant Lakhera
Profile icon Prashant Lakhera
LinkedIn
Prashant Lakhera (lakhera2015 on Twitter) is an X-RHCA (Red Hat Certified Architect) and a seasoned Linux and open source specialist with over 15 years of enterprise open source experience. Having a positive impact on the world is important to him, which is why he shares his knowledge with others through his website, blog posts, and YouTube channel, which also helps him to dig deep into topics and build on his expertise.
Read more
See other products by Prashant Lakhera
Toc

Table of Contents (18) Chapters close

Preface 1. Section 1: AWS Services and Tools
2. Chapter 1: Setting Up the AWS Environment 3. Chapter 2: Protecting Your AWS Account Using IAM 4. Section 2: Building the Infrastructure
5. Chapter 3: Creating a Data Center in the Cloud Using VPC 6. Chapter 4: Scalable Compute Capacity in the Cloud via EC2 7. Section 3: Adding Scalability and Elasticity to the Infrastructure
8. Chapter 5: Increasing an Application's Fault Tolerance with Elastic Load Balancing 9. Chapter 6: Increasing Application Performance Using AWS Auto Scaling 10. Chapter 7: Creating a Relational Database in the Cloud using AWS Relational Database Service (RDS) 11. Section 4: The Monitoring, Metrics, and Backup Layers
12. Chapter 8: Monitoring AWS Services Using CloudWatch and SNS 13. Chapter 9: Centralizing Logs for Analysis 14. Chapter 10: Centralizing Cloud Backup Solution 15. Chapter 11: AWS Disaster Recovery Solutions 16. Chapter 12: AWS Tips and Tricks 17. Other Books You May Enjoy

Introducing CloudFormation

If you are looking for a tool that will automate your entire AWS infrastructure deployment, then CloudFormation is the right solution. It gives you the ability to create resource templates to define the AWS resource you need to create. You can version-control these templates, and using these templates replicate your infrastructure quickly and in a repeatable manner, as illustrated in the following screenshot:

Figure 1.7 – How CloudFormation works

Figure 1.7 – How CloudFormation works

For example, we can instruct the CloudFormation template to do the following:

  • Create a security group.
  • Create an EC2 machine using this security group.

CloudFormation creates this for us, in exactly the right order and with the exact configuration that we provide.

Here are some advantages of using CloudFormation:

  • We can version-control the CloudFormation code using Git (GitHub, GitLab, Bitbucket...).
  • You can code your infrastructure using JSON or YAML.
  • Before pushing the change, someone in the team can review the code.
  • CloudFormation works as Infrastructure as Code (IaC); that is, no resources are created manually.
  • CloudFormation is free of charge.
  • It automatically creates a diagram for your template.
  • It involves declarative programming, which means we define the end goal, and CloudFormation will figure out how to achieve that goal.

    Important note

    For CloudFormation, we don't need to install any separate tool. The AWS CLI is sufficient in order to create the stack from the command line, and we can also create it with the help of the AWS console.

Writing your first CloudFormation template

Let's start with a basic CloudFormation stack template that simply launches an EC2 instance. A CloudFormation stack is a group of AWS resources. To create an AWS resource, we can create, update, or delete the stack.

To create a stack, we need the following:

  • AWSTemplateFormatVersion section (optional): AWS only allows you to use 2010-09-09 as a template version (only valid value). The version of the template defines what this template is capable of.
  • Description (optional): If you want to define your template or add a comment, you can add that in a description section.
  • Resources (required): This is the mandatory section of the CloudFormation template, where you define the resource you want to create—for example, for an Amazon EC2 instance (AWS::EC2::Instance) or an Amazon S3 bucket (AWS::S3::Bucket).
  • Amazon Machine Image (AMI): This is an operating system image used to run EC2 instances. For this example, I am using the ami-0bc06212a56393ee1 CentOS 7 image.

    To find out the AMI ID for the CentOS 7 image, run the following command (the last column of the query returns the AMI ID—for example: ami-0bc06212a56393ee1):

    aws ec2 describe-images --owners aws-marketplace --filters Name=product-code,Values=aw0evgkw8e5c1q413zgy5pjce --query 'Images[*].[CreationDate,Name,ImageId]' --filters "Name=name,Values=CentOS Linux 7*" --region us-west-2 --output table | sort -r
|  2020-03-09T21:54:48.000Z|  CentOS Linux 7 x86_64 HVM EBS ENA 2002_01-b7ee8a69-ee97-4a49-9e68-afaee216db2e-ami-0042af67f8e4dcc20.4  |  ami-0bc06212a56393ee1  |
|  2019-01-30T23:43:37.000Z|  CentOS Linux 7 x86_64 HVM EBS ENA 1901_01-b7ee8a69-ee97-4a49-9e68-afaee216db2e-ami-05713873c6794f575.4  |  ami-01ed306a12b7d1c96  |
|  2018-06-13T15:58:14.000Z|  CentOS Linux 7 x86_64 HVM EBS ENA 1805_01-b7ee8a69-ee97-4a49-9e68-afaee216db2e-ami-77ec9308.4           |  ami-3ecc8f46           |
|  2018-05-17T09:30:44.000Z|  CentOS Linux 7 x86_64 HVM EBS ENA 1804_2-b7ee8a69-ee97-4a49-9e68-afaee216db2e-ami-55a2322a.4 |  ami-5490ed2c           |
|  2018-04-04T00:11:39.000Z|  CentOS Linux 7 x86_64 HVM EBS ENA 1803_01-b7ee8a69-ee97-4a49-9e68-afaee216db2e-ami-8274d6ff.4           |  ami-0ebdd976           |
|  2017-12-05T14:49:18.000Z|  CentOS Linux 7 x86_64 HVM EBS 1708_11.01-b7ee8a69-ee97-4a49-9e68-afaee216db2e-ami-95096eef.4 |  ami-b63ae0ce           |
|                                                        DescribeImages                                           |
-----------------------------------------------------------------------------------------------------------------------------------------------------------------
+--------------------------+----------------------------------------------------------------------------------------------------------+-------------------------+
+--------------------------+----------------------------------------------------------------------------------------------------------+-------------------------+
  • Instance type: The type of EC2 instance to run, as every instance type provides different capabilities (CPU, memory, input/output (I/O)). For this example, I am using t2.micro (one virtual CPU; 1 GB memory).

The CloudFormation template will look like this. Save the following code as ec2-instance.yml or download the file from https://github.com/PacktPublishing/AWS-for-System-Administrators/blob/master/Chapter1/cloudformation/ec2-instance.yml:

{
  "AWSTemplateFormatVersion" : "2010-09-09",
  "Description" : "Simple Stack to launch an EC2 instance.",
  "Resources" : {
    "Ec2Instance" : {
      "Type" : "AWS::EC2::Instance",
      "Properties" : {
        "InstanceType": "t2.micro",
        "ImageId" : "ami-0bc06212a56393ee1"
      }
    }
  }
}

Now, we have created our first CloudFormation template. In the next section, we will create our first stack using this template.

Creating a CloudFormation stack using the AWS console

To create a stack on the AWS CloudFormation console, follow these steps:

  1. Go to the AWS console and search for CloudFormation (https://us-west-2.console.aws.amazon.com/cloudformation/home?region=us-west-2#/).
  2. In the CloudFormation screen, click on Create stack, as illustrated in the following screenshot:
    Figure 1.8 – CloudFormation stack creation wizard

    Figure 1.8 – CloudFormation stack creation wizard

  3. Click on Upload a template file and upload the earlier-mentioned CloudFormation template, then click Next.
  4. Provide a Stack name and click Next, as illustrated in the following screenshot:
    Figure 1.9 – Specify stack name

    Figure 1.9 – Specify stack name

  5. Keep the rest of the parameters as default and click the Create stack button at the bottom of the page, as illustrated in the following screenshot:
    Figure 1.10 – Create stack

    Figure 1.10 – Create stack

  6. Monitor the progress of stack creation by clicking on the Events tab, as illustrated in the following screenshot:
    Figure 1.11 – CloudFormation Events

    Figure 1.11 – CloudFormation Events

    Once the stack creation is completed, the CREATE_COMPLETE event is displayed, as shown in the following screenshot:

    Figure 1.12 – CloudFormation Events completion

    Figure 1.12 – CloudFormation Events completion

  7. Verify the instance ID (Physical ID) under the Resources section, as illustrated in the following screenshot:
    Figure 1.13 – CloudFormation resource

    Figure 1.13 – CloudFormation resource

  8. The instance ID can also be verified via the EC2 console (https://console.aws.amazon.com/ec2/v2/home?region=us-west-2), as illustrated in the following screenshot:
Figure 1.14 – EC2 console

Figure 1.14 – EC2 console

Up to this point, you now understand how to create a CloudFormation stack using the AWS console. In the next part, you will see how to create it using the AWS CLI.

Creating a CloudFormation stack using the AWS CLI

In the previous example, you created the CloudFormation stack using the AWS console. We can perform the same steps with the help of the AWS CLI, to assist in automating the entire process, as follows:

  1. Validate the template to make sure there is no syntax error, as follows:
    aws cloudformation validate-template --template-body file://ec2-instance.yml
{
    "Parameters": [],
    "Description": "Simple Stack to launch an EC2 instance."
}
  2. Create the stack by specifying the template file and the necessary IAM capabilities, as follows:
    aws cloudformation create-stack --stack-name first-ec2-instance-creation --template-body file://ec2-instance.yml  --capabilities "CAPABILITY_IAM" "CAPABILITY_NAMED_IAM"
{
    "StackId": "arn:aws:cloudformation:us-west-2:XXXXXXXX:stack/first-ec2-instance-creation/cf6e6100-b3ed-11ea-b69a-0a233d312e0a"
}
  3. The command will wait, and the user will not get Command Prompt back until the stack creation is complete, as illustrated in the following code snippet:
    aws cloudformation wait stack-create-complete --stack-name first-ec2-instance-creation
aws cloudformation describe-stacks --stack-name first-ec2-instance-creation
  4. Execute the describe-stacks command, which will return the description of the created stack, as follows:
    aws cloudformation describe-stacks --stack-name first-ec2-instance-creation --query 'Stacks[].[StackName,StackStatus]' --output text
first-ec2-instance-creation     CREATE_COMPLETE
  5. To verify all the resources have been created successfully, we are going to use describe-stack-resources with aws cloudformation. From the output, we can verify the newly created instance ID (PhysicalResourceId": "i-0dfaad58d59b59717), as follows:
    aws cloudformation describe-stack-resources --stack-name first-ec2-instance-creation
{
    "StackResources": [
        {
            "StackName": "first-ec2-instance-creation",
            "StackId": "arn:aws:cloudformation:us-west-2:XXXXXX:stack/first-ec2-instance-creation/cf6e6100-b3ed-11ea-b69a-0a233d312e0a",
            "LogicalResourceId": "Ec2Instance",
            "PhysicalResourceId": "i-0dfaad58d59b59717",
            "ResourceType": "AWS::EC2::Instance",
            "Timestamp": "2020-06-21T18:34:51.773000+00:00",
            "ResourceStatus": "CREATE_COMPLETE",
            "DriftInformation": {
                "StackResourceDriftStatus": "NOT_CHECKED"
            }
        }
    ]
}
  6. Once you are done with your testing (as this will cost you), to clean up the CloudFormation stack, please pass delete-stack to the cloudformation command, as follows:
    aws cloudformation delete-stack --stack-name first-ec2-instance-creation

In this section, you have understood different CloudFormation components and how to create a stack using the CloudFormation template. In the next section, we will learn about another popular infrastructure automation tool Terraform.

arrow left Previous Section
Section 5 of 8
Next Section arrow right
You have been reading a chapter from
AWS for System Administrators
Published in: Feb 2021 Publisher: Packt ISBN-13: 9781800201538
© 2021 Packt Publishing Limited All Rights Reserved
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at €14.99/month. Cancel anytime

Authors (1)

Left arrow icon
Profile icon Prashant Lakhera
LinkedIn
Prashant Lakhera (lakhera2015 on Twitter) is an X-RHCA (Red Hat Certified Architect) and a seasoned Linux and open source specialist with over 15 years of enterprise open source experience. Having a positive impact on the world is important to him, which is why he shares his knowledge with others through his website, blog posts, and YouTube channel, which also helps him to dig deep into topics and build on his expertise.
Read more
See other products by Prashant Lakhera
Right arrow icon

Other recommended products

Related to this chapter
Left arrow icon
Learn CloudFormation
Learn CloudFormation
Read more
AWS CloudFormation is the best way to write, deploy and maintain your AWS infrastructure. It helps you create efficient solution architectures, all in one file. It supports most of the AWS Services, and is the safest way to make your AWS infrastructure evolve over time. With this book you will be able to use AWS CloudFormation effectively.
Read more
Jul 2018 7 hours 20 minutes
Practical AWS Networking
Practical AWS Networking
Read more
Amazon Web Services has dominated the public cloud market by a huge margin and continues to be the first choice for many organizations. Networking has been an area of focus for all the leading cloud service providers. AWS has a suite of network-related products which help in performing network related task on AWS.
Read more
Jan 2018 8 hours 36 minutes
Mastering AWS CloudFormation
Mastering AWS CloudFormation
Read more
AWS CloudFormation provisions your resources in a safe and repeatable manner, allowing you to build your infrastructure and applications without performing manual actions or writing custom scripts. This comprehensive guide will help readers to implement Infrastructure as a Code using AWS CloudFormation.
Read more
May 2020 10 hours 0 minutes
HashiCorp Infrastructure Automation Certification Guide
HashiCorp Infrastructure Automation Certification Guide
Read more
Terraform has recently gained in popularity, becoming one of the most widely adopted tools for infrastructure automation. If you're interested in a career in DevOps, this book will be your reference guide to gaining hands-on experience with Terraform from scratch.
Read more
Jul 2021 11 hours 40 minutes
AWS Networking Cookbook
AWS Networking Cookbook
Read more
With a lot of enterprises moving towards cloud, the need for advanced cloud networking has significantly increased. This book follows a recipe-based approach starting with basic topics to covering the pain points of cloud networking, and will teach you to perform complex networking tasks.
Read more
Aug 2017 12 hours 12 minutes
AWS Security Cookbook
AWS Security Cookbook
Read more
AWS Security Cookbook lists all the practical solutions to the common problems faced by individuals or organizations in securing their instances. Here readers will learn to troubleshoot security concerns and understand additional patterns and services for securing AWS infrastructure.
Read more
Feb 2020 14 hours 40 minutes
Hands-On Serverless Deep Learning with TensorFlow and AWS Lambda
Hands-On Serverless Deep Learning with TensorFlow and AWS Lambda
Read more
This book prepares you to use your own custom-trained models with AWS Lambda to achieve a simplified serverless computing approach without spending much time and money. By the end of this book, you will be able to implement a project that demonstrates the use of AWS Lambda for serving TensorFlow models
Read more
Jan 2019 4 hours 12 minutes
Amazon Fargate Quick Start Guide
Amazon Fargate Quick Start Guide
Read more
AWS Fargate allows you to run containers without having to manage servers or clusters. It lets you focus on designing and building your applications without managing the infrastructure. The book will explain what Fargate is and the benefits of using Fargate launch type. It will teach you about using Fargate with a load balancer, an ECS CLI, and CloudWatch logs.
Read more
Jul 2018 6 hours 20 minutes
Amazon Web Services Bootcamp
Amazon Web Services Bootcamp
Read more
AWS Bootcamp is designed to teach you how to build and manage AWS resources using different ways. This highly practical guide leverages the reliability, versatility, and flexible design of the AWS Cloud. It enables you to perform tasks such as hosting multi-tier websites, running large-scale applications, data storage and archival, and a lot more with ease.
Read more
Mar 2018 11 hours 16 minutes
Infrastructure Monitoring with Amazon CloudWatch
Infrastructure Monitoring with Amazon CloudWatch
Read more
Infrastructure Monitoring with Amazon CloudWatch makes it easy for anyone who is new to the cloud to understand the basic principles of monitoring. The book shows you how CloudWatch can and should be your go-to tool for monitoring and observability in AWS services such as EC2, ECS, EKS, ECR, and Kinesis.
Read more
Apr 2021 10 hours 28 minutes
Implementing Identity Management on AWS
Implementing Identity Management on AWS
Read more
This book will help you overcome the challenges faced when implementing identity and access management on AWS. You’ll be able to approach the topic from a use-case-driven practitioner’s perspective informed by real-world experience of solving challenges within some of the largest enterprise AWS environments in the world.
Read more
Oct 2021 16 hours 48 minutes
AWS Lambda Quick Start Guide
AWS Lambda Quick Start Guide
Read more
Amazon Lambda is the part of Amazon Web Services that lets you run your code without provisioning or managing servers. Amazon Lambda is a compute service that enables you to deploy applications and back-end services that operate with zero upfront cost and require no system administration.
Read more
Jun 2018 6 hours 8 minutes
Right arrow icon

Personalised recommendations for you

Based on your interests and search pattern
Left arrow icon
Designing and Implementing Microsoft Azure Networking Solutions
Designing and Implementing Microsoft Azure Networking Solutions
Read more
Designing and Implementing Microsoft Azure Networking Solutions Exam Ref AZ-700 is an all-encompassing guide to the AZ-700 exam and contains all the information you need to succeed in the world of virtual networking with Azure. With this book, you will be fully prepared for the exam and the world of cloud networking.
Read more
Aug 2023 17 hours 28 minutes
Microsoft 365 Security, Compliance, and Identity Administration
Microsoft 365 Security, Compliance, and Identity Administration
Read more
The Microsoft 365 Security, Compliance, and Identity Administration is a comprehensive guide that helps you employ Microsoft 365's robust suite of features and empowers you to optimize your administrative tasks.
Read more
Aug 2023 21 hours 0 minutes
Zero Trust Overview and Playbook Introduction
Zero Trust Overview and Playbook Introduction
Read more
Get started on Zero Trust with this step-by-step playbook and learn everything you need to know for a successful Zero Trust journey with tailored guidance for every role, covering strategy, operations, architecture, implementation, and measuring success. This book will become an indispensable reference for everyone in your organization.
Read more
Oct 2023 8 hours 0 minutes
The Self-Taught Cloud Computing Engineer
The Self-Taught Cloud Computing Engineer
Read more
This self-study book helps you master multiple clouds, including AWS, Azure, and GCP, and serves as a roadmap to becoming a certified cloud computing expert. The book will guide you to develop a professional cloud career by helping you build a broad cloud knowledge base, developing hands-on cloud computing skills, and getting cloud certified.
Read more
Sep 2023 15 hours 44 minutes
Technology Operating Models for Cloud and Edge
Technology Operating Models for Cloud and Edge
Read more
This book will help you build and create ownership of a technology operating model, as well as connect your leadership with engineering and operations, keeping your internal and external customers in mind. It provides practical tips on why, where, and how to make the cloud and edge platform paradigm sing for you, your team, and your organization.
Read more
Aug 2023 7 hours 36 minutes
Azure Architecture Explained
Azure Architecture Explained
Read more
Azure is the preferred platform to build mission-critical and secure apps. This book provides comprehensive coverage of essential Azure products, services, and solutions vital for every solution architect's success. Elevate your knowledge and master the critical components of Azure to excel in your role with Azure Architecture Explained.
Read more
Sep 2023 14 hours 52 minutes
Pentesting Active Directory and Windows-based Infrastructure
Pentesting Active Directory and Windows-based Infrastructure
Read more
This practical guide helps you explore the pentesting of Microsoft infrastructure in detail, and enhances your offensive skillset by showing you the different ways to perform security assessment. This book will help blue teamers and IT engineers get up to speed with possible security issues they may encounter in their Windows environments.
Read more
Nov 2023 12 hours 0 minutes
Practical Ansible
Practical Ansible
Read more
In Practical Ansible, you'll work with the latest release of Ansible and learn to solve complex issues quickly with the help of task-oriented scenarios. You'll start by installing and configuring Ansible to automate monotonous and repetitive IT tasks and get to grips with concepts such as playbooks, inventories, plugins, collections, and network modules.
Read more
Sep 2023 14 hours 0 minutes
Windows 11 for Enterprise Administrators
Windows 11 for Enterprise Administrators
Read more
Microsoft’s launch of Windows 11 is a step toward satisfying the enterprise administrator’s needs for better management and enhanced user experience customization. This book provides the enterprise administrator with the knowledge needed to fully utilize the advanced feature set of Windows 11 Enterprise.
Read more
Oct 2023 9 hours 32 minutes
The Linux DevOps Handbook
The Linux DevOps Handbook
Read more
This book is for software and IT professionals seeking knowledge on Linux systems and DevOps practices. This book will provide you with guidance and tools to learn and gain proficiency in managing Linux-based infrastructures and knowledge of DevOps.
Read more
Nov 2023 14 hours 16 minutes
Right arrow icon