AWS Web Application 3-Tier Architecture 손양원 ([email protected]) Sr. Technical Trainer.
-
Upload
alicia-underwood -
Category
Documents
-
view
399 -
download
3
Transcript of AWS Web Application 3-Tier Architecture 손양원 ([email protected]) Sr. Technical Trainer.
![Page 2: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/2.jpg)
Region : 11
Edge : 53
AWS( 아마존 웹 서비스 ) 소개
리전과 엣지
![Page 3: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/3.jpg)
AWS( 아마존 웹 서비스 ) 소개
가용영역 (Availability Zone)
![Page 4: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/4.jpg)
계정
리전
![Page 5: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/5.jpg)
Architecture
3-Tier Web Application
![Page 6: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/6.jpg)
목차
1. Amazon Virtual Private Cloud (VPC)
2. Amazon Elastic Compute Cloud (EC2)
3. Elastic Load Balancing (ELB)
4. Auto Scaling
5. Amazon Elastic Block Store (EBS)
6. Amazon Simple Storage Service (S3)
7. Amazon Relational Database Service (RDS)
8. Amazon CloudFront
![Page 7: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/7.jpg)
Amazon VPC
네트워킹
VPC : 격리형 클라우드 리소스
개인화된 격리 영역
가상의 네트워크 환경
IP 어드레스 범위 선택
서브넷 , NACL 및 라우팅 테이블 설정
네트워크 게이트웨이 구성
![Page 8: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/8.jpg)
네트워킹
VPC
![Page 9: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/9.jpg)
네트워킹
Network ACL
![Page 10: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/10.jpg)
네트워킹
보안 그룹 (Security Group)
![Page 11: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/11.jpg)
Availability Zone A
Public Subnet 1
Availability Zone B
Public Subnet 4
10.0.0.0/24 NAT
Availability Zone B
Public Subnet 2 Public Subnet 3
172.31.0.0/16
172.31.0.0/20 172.31.16.0/20 172.31.32.0/20
Private Subnet 1
10.0.1.0/24
10.0.0.0/16
![Page 12: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/12.jpg)
네트워킹
VPC Peering
Public Subnet
Private Subnet
VPC1
Bastion
Public Subnet
Private Subnet
VPC2
NAT
WAS
![Page 13: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/13.jpg)
Amazon EC2
컴퓨팅
EC2 : 클라우드의 가상 서버
용량 조절이 가능한 가상 서버
컴퓨팅 리소스에 대한 완전한 제어
새로운 인스턴스 획득에 필요한 시간 수분
![Page 14: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/14.jpg)
컴퓨팅
EC2
![Page 15: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/15.jpg)
컴퓨팅
EC2
![Page 16: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/16.jpg)
컴퓨팅
EC2
![Page 17: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/17.jpg)
컴퓨팅
EC2
![Page 18: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/18.jpg)
Elastic LoadBalancing
컴퓨팅
ELB : EC2 로드 분산 서비스
고가용성
Health check 기능 지원
EC2 인스턴스에 대한 라우팅과 부하 분산
보안 그룹 및 SSL Termination
고정 세션
![Page 19: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/19.jpg)
Amazon Auto Scaling
컴퓨팅
AutoScaling : EC2 용량을 자동으로 스케일
탄력적 용량
쉬운 사용법
비용 절감
지리적 분산
예약 작업
![Page 20: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/20.jpg)
컴퓨팅
AutoScaling
Auto Scaling Groups
Auto Scaling Policy
Launch Configurations
• AMI
• Instance Type
• User data
• Add Storage
• Security Group
• Network (VPC, Subnet)
• Load Balancing
• Min,Max
• Cooldown
• Condition
• Action
• Wait time
• Notification
![Page 21: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/21.jpg)
Amazon EBS
스토리지
EBS : EC2 블록 스토리지 볼륨
인스턴스에 장착하여 사용
스냅샷은 Amazon S3 에 저장됨
AZ 내에서 복제 : 99.999% 내구성
![Page 22: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/22.jpg)
스토리지
EBS
![Page 23: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/23.jpg)
스토리지
EBS
![Page 24: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/24.jpg)
스토리지
EBS
![Page 25: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/25.jpg)
실습
Region
Elastic Load Balancer
Availability Zone-1
Auto Scaling group
WebApp
WebAPP∙ ∙ ∙
Availability Zone-2
Auto Scaling group
WebApp
WebAPP∙ ∙ ∙
![Page 26: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/26.jpg)
Amazon S3
스토리지
S3 : AWS 에서 관리하는 대용량 스토리지
인터넷을 통한 엑세스 (HTTP, HTTPS)
대용량
확장성 , 안정성 , 내구성
![Page 27: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/27.jpg)
스토리지
S3
![Page 28: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/28.jpg)
스토리지
S3
![Page 29: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/29.jpg)
스토리지
S3
![Page 30: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/30.jpg)
스토리지
S3
![Page 31: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/31.jpg)
스토리지
EBS vs S3
![Page 32: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/32.jpg)
스토리지
S3 : TYPE
99.999999999%0.0330/GB
99.99%0.0240/GB
99.999999999%0.0114/GB
S3 Standard
ReducedRedundancy
Storage(RRS)
Glacier
ReducedRedundancy
Storage(RRS)
99.999999999%0.0190/GB
![Page 33: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/33.jpg)
Amazon RDS
데이타베이스
RDS : 관계형 데이터베이스 서비스
비용 효율적이고 용량 조절 가능
데이터베이스 관리 업무 대행
MySQL, PostgresSQL, Oracle, SQL Server
NEW
![Page 34: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/34.jpg)
데이타베이스
RDS
![Page 35: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/35.jpg)
데이타베이스
RDS
RDS
자동백업Instance 접근불가
Multi-AZ
Read-Replica
보안그룹
용량 : 최대 6T
![Page 36: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/36.jpg)
CloudFront
기타 주요 서비스
CloudFront : 글로벌 컨텐츠 전송 네트워크
컨텐츠를 캐싱하여 전송 속도 향상
커스텀 SSL 지원
동적 컨텐츠
Signed URL, Signed Cookie
Invalidation
![Page 37: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/37.jpg)
기타 주요 서비스 - CloudFront
SSL termination
AmazonCloudFront IAM
Upload SSL certifi-cate
∙ HTTPS Only∙ Custom SSL certificate
User
S3 Bucket HTTP
HTTPS
EC2
Origin
https://ssl.mydomain.com
Ref.
![Page 38: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/38.jpg)
기타 주요 서비스 - CloudFront
gzip compression
AmazonCloudFront
S3 Bucket
EC2
Origin
Accept-Encoding: gzip
Content-Encoding: gzip
Header forwarding
Decompression
Compression
Viewer
![Page 39: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/39.jpg)
기타 주요 서비스 - CloudFront
Error response
AmazonCloudFront
S3 Bucket
EC2
Origin
Custom Error Response
403: Forbidden
404: Not Found
200: OK
404: Not Found
Viewer
HTTP Error Code TTL Path Response Code
403: Forbidden 300 /login.php 200: OK
404: Not Found 300 /404.html 404: Not Found
![Page 40: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/40.jpg)
기타 주요 서비스 - CloudFront
Signed URL
AmazonCloudFront
S3 Bucket
EC2
Origin
Plan URL
∙ Restrict Bucket Access : Yes∙ Restrict Viewer Access : Yes∙ Trusted Signers : Ac-counts
Auth. System
∙ Distribution ID∙ Signer Key
∙ Expire∙ Signature∙ Key-Pair-Id
Signed URL
Signed URL
Viewer
![Page 41: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/41.jpg)
기타 주요 서비스 - CloudFront
Signed Cookies
AmazonCloudFront
S3 Bucket
EC2
Origin
Plan URL
Auth. System
∙ Distribution ID∙ Signer Key
Set-Cookie:∙ CloudFront-Policy∙ CloudFront-Signa-ture∙ CloudFront-Key-Pair-Id
Signed Cookies
Signed Cookies
Viewer
∙ Restrict Bucket Access : Yes∙ Restrict Viewer Access : Yes∙ Trusted Signers : Ac-counts
![Page 42: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/42.jpg)
기타 주요 서비스 - CloudFront
Data Upload
AmazonCloudFront
S3 Bucket
EC2
Origin
Put Method
Viewer
∙ Origin Access Identity∙ Allowed HTTP Methods
S3:PutObject Al-low
Write Object
![Page 43: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/43.jpg)
기타 주요 서비스 - CloudFront
Cross Origin Resource Sharing
AmazonCloudFront
S3 Bucket
EC2
Origin
www.mydomain1.com
Viewer
Forward Headers : Whitelist∙ Origin
CORSConfigura-tion
www.mydomain2.com
![Page 44: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/44.jpg)
Amazon Route 53
네트워킹
Route53 : 글로벌 DNS
확장성 , 가용성 , 안정성
weighted, Latency, Geolocation 기반 라우팅
Health Check
Private DNS
SLA 100%
![Page 45: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/45.jpg)
네트워킹
Route53
![Page 46: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/46.jpg)
실습
Region
Route 53(Hosted Zone)
S3
Elastic Load Balancer
Availability Zone-1
Auto Scaling group
WebApp
WebAPP∙ ∙ ∙
Availability Zone-2
Auto Scaling group
WebApp
WebAPP∙ ∙ ∙
CloudFront
![Page 47: AWS Web Application 3-Tier Architecture 손양원 (arang@gsneotek.co.kr) Sr. Technical Trainer.](https://reader033.fdocuments.net/reader033/viewer/2022061317/5697c02f1a28abf838cda602/html5/thumbnails/47.jpg)
손양원 ([email protected])
www.wisen.co.kr
Copyright 2013 GS Neotek All rights reserved.ⓒ
감사합니다blog.gsclip.com