AWS Global Accelerator

-

 AWS Global Accelerator



AWS Global Accelerator - 
  • AWS Global Accelerator is service that improves availability and performance of application with local or global users
  • It provides a static IP addresses that act as fix entry point to appication end points in single or multiple AWS regions such as  ALB, NLB or EC2
  • Uses the AWS Global Network to optimize the path from users to application, improving the performance of TCP and UDP traffic
  • AWS GA continuously monitor the health of the application endpoints and will detect an unhealthy endpoint and redirect the traffic to healthy endpoint within 1min 

Benefits and Details of AWS GA - 
  • Uses Redundant (two) static anycast IP  addresses in different network zones
  • The redundant pair are globally advertised
  • Uses AWS Edge Location - addresses are announced from multiple edge location at the same time
  • Addresses are regional AWS resources or endpoints
  • AWS GAs IP addresses serve as the frontend interface of applications
  • Intelligent traffic distribution: Routes the connection to the closesst point of presense or application 
  • Targets can be EC2 instances or ELB
  • By using the static IP adresses, you don't need to make client-facing or update DNS records as you modify or replace endpoints
  • The addresses are assigned to your accerelator for long as long it exist, even if you disable the accerelator and it no longer accept request or routes the traffic
  • Does health checks for TCP only not UDP 
  • Can assign target weight within region to control routing 

Fault Tolerance - 
  • Has a fault isolating design that increases your availability of your application 
  • AWS GAs allocates two IPv4 static addresses that are serviced by independent network zones
  • Like AZ, these network zones are isolated units with their own set of physical infrastructure and services IP addresses from a unique IP subnet 
  • If one IP address from network zone get unavailable, due to network distruption, client application can retry using the healthy static IP address from the other isolated network zone 

Global Performnce Based Routing - 
  • AWS GA uses the vast, congestion-free AWS Global network to route TCP and UDP traffic to healthy application endpoints in the closest AWS region to user 
  • If there is an application failure, AWS GA provides instant failover to the next best endpoint 

Fine-grained Traffic Control - 
  • AWS GA gives you the option to dial up or dial down traffic to a specific AWS regions by using traffic dials 
  • the traffic dial lets your easily do performance testing or blue/green deployment testing for new releases across different AWS regions, for Ex- 
  • If an end points fails, AWS global accerelator signs user traffic to the other endpoints to maintain high availability
  • By default traffic dials are set to 100% across all endpoints groups so that AWS GA can select the best endpoints for application 

Countinuous Availability Monitoring - 
  • AWS GA continously monitors the health of application endpoints by using TCP, HTTP and HTTPS health checks
  • It instantly reacts to changes in the health or configuration of application endpoints and redirects user traffic to healthy endpoints that delivery the best performance and availability to end users 

Client Affinity - 
  • AWS GA enables you to build application that require maintaning state 
  • For stateful application where you need to consistently routes user to the  same endpoint, you can choose to direct all requests from a user to the same endpoint regardless of the port and protocol 

Distributed Denial of Service Resiliency At The Edge -   
  • By default, AWS GA is protected by AWS Shield standard, which minimize application downtime and latency from denial-of-service attacks by using always-on network flow monitoring and automated in-line mitigation 
  • You can also enable AWS Shield Advanced for automated resource-specific enhanced detection and mitigation, as well as 24*7 access to the AWS DDOS Response Team (DRT) for manual mitigation of sophisticated DDoS attacks

Comments

Post a Comment

Popular posts from this blog

AWS Instance Store

-
Image
 AWS Instance Store  AWS Instance Store -  Hardware storage directly attached to EC2 instance amd cannot be detached and attached to another instance  Highest IOPS for any available storage Ephemiral Storage (Loses data when instance is terminated, stopped or hibernated) Good to buffer/cache/scratch data/temporary content  AMI created from an instance does not its instance store volume preserved  You can specify the instance store volumes to an instance when you launch the instance. You can't attach instance store volumes to an instance after you’ve launched it. Raid -  Raid 0  Improve performance of a storage volume by distributing reads and write in a stripes across attached volumes  If you add a storage volume you get the straight addition of throughput and iops For high performance applications Raid 1   Improve data availability by mirroring in multiple volumes For critical applications
Read more

AWS Identity and Access Management

-
Image
  IAM Introduction to IAM -  AWS identity and management is a web service that helps you to securely control access to AWS resources You use IAM to control who is authenticated and authorized to use resources IAM allows you to create and manage AWS users and groups , and use permissions to allow or deny their access to AWS resources IAM is a fundamental part of AWS security, as it allows you to implement the principle of least privilege , ensuring that users and applications have only the permissions they need to perform their tasks IAM also provides features such as multi-factor authentication (MFA) , password policies, and access keys to enhance the security of your AWS environment Features of IAM -  IAM User  -   IAM allows you to create and manage users in your AWS account Each IAM user has a unique name and security credentials, which are used to authenticate and authorize their access to AWS resources IAM users have security credentials that are us...
Read more

Elastic Block Storage (EBS)

-
Image
 Elastic Block Storage (EBS) Elastic Block Storage (EBS) -  AWS Elastic Block Storage is a web service that provides block level storage volumes for use with amazon EC2 instances Amazon EBS volumes are highly available and reliable storage volumes that can be attached to any running instance and used like hard drive Amazon EBS allows you to create storage volumes and attach them to EC2 instances   It is used for various databses (both relational and non relational) as well as a wide range of application such as software testing and development  EBS provides a high performance option for many use cases it is directly attached to the instance Features of EBS  -  Amazon Elastic Block Storage  Region and availability zones are multiple physical location for your resources such as instances and EBS volumes Using security groups, you can specify the protocols, ports and source IP ranges that can reach your instances Elastic IP addresses are static IPv4 ...
Read more