Accend Networks San Francisco Bay Area Full Service IT Consulting Company

Categories
Blogs

CREATING EBS VOLUME FROM SNAPSHOTS AND TRANSFER OF SNAPSHOTS BETWEEN REGIONS.

Creating EBS Volume From Snapshots And Transfer Of Snapshots Between Regions.

Embarking on a cloud-driven journey requires not only innovation but also the ability to seamlessly manage and transfer data across diverse landscapes. Today, we explore a pivotal aspect of this journey — the art of creating EBS volumes from snapshots and orchestrating the seamless transfer of snapshots between AWS regions.

To back up the data in your EBS volumes, Amazon has developed EBS snapshots. This disaster recovery solution works by copying your EBS volumes at specific points in time. Should disaster strike, you can restore your data from the latest snapshot.

How Do AWS EBS Snapshots Work?

EBS snapshots work as an incremental storage system that captures and stores each moment-in-time snapshot of your EBS volume. All snapshots are stored in Amazon Simple Storage Service (S3). The next time a snapshot is taken, only data that was not included in the previous snapshot will be stored.

EBS snapshots can thus be used to track how your EBS volumes have changed over time, whether a new volume was created or an old volume modified.

The advantages of Using EBS Snapshots

The main advantages of using AWS’ EBS snapshots are:

  • Comprehensive backup— having a solid system for backing up your data is critical. EBS snapshots allow you to restore your data to any point in time when a snapshot was taken and enables you to delete old snapshots without worrying about data loss for valid data.
  • Reliability of Amazon S3— when you are backing up your data with a third party, you want to make sure you are in good hands. Amazon’s S3 is an industry-leading cloud storage service. The infrastructure is reliable and it is generally cost-effective.
  • Time savings— because EBS snapshots are an incremental back-up system, backing up will be a fairly quick process. Once all your block-level data is saved to your S3, only changes on the block level will be recorded. This is much quicker than a full back-up.
  • Cost-efficiency— storage costs money and costs can balloon as your company grows. The incremental nature of snapshots eliminates redundancy in your backups, which can help reduce your storage costs. Likewise, they take up much less storage space and are thus cheaper than the heavier EBS volumes they capture.

An EBS Snapshot is nothing more than a backup of an EBS Volume. It can’t be attached to an instance, the user can’t read any data from it, and it’s not possible to utilize it for anything but creating other EBS Snapshots or EBS Volumes. Therefore, the key step in this equation is creating an EBS Volume from an EBS Snapshot. This is what we’re going to cover in this blog.

Prerequisites

A basic knowledge of EBS Volumes. You can follow our previous post on EBS volumes.

Select an EBS Snapshot and create a Volume

From the EC2 Dashboard, click on “Snapshots.” From the list of EBS Snapshots, choose the desired snapshot, click on

From the top menu, click on “Actions.” then click Create volume from snapshot.

You will be brought to a new page to confirm the parameters of the new volume.

Confirm EBS Volume Parameters & Confirm Deployment

Note that during the volume creation process, you’ll encounter the same parameters we’ve covered in the main EBS — Elastic Block blog. If you’re uncertain about any of them, make sure to refer to that page.

From the Settings, confirm the “Snapshot ID.”

From the Settings, select the “Volume type.”

From the Settings, input the “Size.”

2.4 — From the Settings, select the “IOPS.”

Note: depending on the “Volume type,” this option may not be available, as shown in the example.

Remember our snapshot was encrypted with the default encryption, so our volume from the snapshot will be automatically encrypted.

From the Settings, click on “Create Volume.”

You’ll receive a confirmation that a volume has been created. If you navigate to the EBS > Volumes tab, you’ll notice that you now have a volume that is tagged with the ID of the snapshot we’ve just utilized.

Conclusion on Creating an EBS Volume from an EBS Snapshot

The snapshot can’t be utilized by any application or service. To attach the data/storage to an EC2 instance, it must be in the form of an EBS Volume. In this article, we’ve taken a snapshot and walked through the steps of creating an EBS Volume from it.

Remember we have created this EBS volume in the same availability zone, but on the same note we would create this EBS volume from the snapshot in a different availability zone, this is very simple, under availability zone you would simply select the availability zone where you would want to create the snapshot.

COPYING SNAPSHOT TO A DIFFERENT AWS REGION.

EBS Volumes are created inside of a specific AZ. It isn’t possible to move an EBS Volume from one AZ to another directly. An EBS Snapshot will create a backup of an EBS Volume at the time of inception.

An EBS Snapshot can be used to create an EBS Volume in a different Availability Zone.

EBS Snapshot in One Availability Zone

Initial State

we’re looking at the EBS Snapshots page in the US-east-1 region — we can clearly see that we have EBS Snapshot in this region.

When we come to the Ohio region, Us-eat-2 we can see we have no snapshots there.

Creating a Copy of an EBS Snapshot into a Different Availability Zone

Select an EBS Snapshot & Copy

From the list of EBS Snapshots, choose the desired snapshot, I will choose the snapshot I just created. click on it.

From the top menu, click on “Actions.”

From the drop-down menu, click on “Copy snapshot.”

You will be brought to a new page to confirm the parameters of the new snapshot.

Configure Snapshot & Confirm Copy

From the Settings, choose the desired Availability Zone, for this tutorial, we’re using us-east-2.

On the bottom of the page, click on “Copy snapshot.”

You’ll receive a confirmation that a snapshot has been created. If you navigate to the target region (In this case us-east-2) you’ll see that there’s a new entry with the snapshot

Conclusion on Copying EBS Snapshots between Availability Zones

In this blog, we’ve covered why you might want to copy an EBS Snapshot from one Availability Zone to another. We’ve also covered the exact steps to take and showcased a move from us-east-1 to us-east-2.

Pull down and stay tuned for more.

If you have any questions concerning this article or have an AWS project that requires our assistance, please reach out to us by leaving a comment below or email us at. [email protected]

Thank you!

Categories
Blogs

Deployment of SDDC using VMware Cloud on AWS Services

Deployment of SDDC using VMware Cloud on AWS Services

VMware Cloud on AWS brings VMware’s enterprise-class Software-Defined Data Center (SDDC) software to the AWS Cloud and enables customers to run production applications across VMware vSphere-based private, public, and hybrid cloud environments with optimized access to AWS.

Benefits of VMware Cloud on AWS

Often enterprises are given a binary choice between private and public cloud as their deployment options. In these cases, many enterprises have a hybrid environment where two different teams manage two separate hosting platforms. VMware Cloud on AWS offers a hybrid platform where IT organizations have access to both public and private while retaining the ability to shift workloads seamlessly between them. Being able to live migrate and extend into a virtual machine without having to reconfigure an application provides a much more flexible environment.

VMware Cloud on AWS allows access to the range of AWS services as an extension of an existing VMware solution. IT organizations can rent a VMware SDDC using some of the latest technologies with the flexibility of the pay-as-you-go model. Companies can quickly add capacity to a new project or move workloads hosted on dedicated hardware to the cloud.

Prerequisites and Limitations for VMWare Cloud on AWS

The following are some prerequisites that you will need to consider before deploying VMware Cloud on AWS:

MyVMware Account: This profile will need to be completely filled out before you can even start your initial deployment.

AWS Account: This account needs to have administrative privileges for some of the reasons in deployment.

Activation Link: This link will be sent to the email address correlated with your MyVMware profile.

VMC on AWS offers many capabilities that have some limitations at maximum and minimum levels, and these limits are considered hard limits (can’t be changed) unless otherwise indicated.

The Architecture of VMware Cloud on AWS

VMware Cloud on AWS is based on VMware software stack such as vSphere, vCenter, vSAN, NSX-T, designed to run on AWS bare-metal dedicated infrastructure. It enables businesses to manage VMware-based resources and tools on AWS with seamless integration with other Amazon services such as Amazon EC2, Amazon S3, Amazon Redshift, Amazon Direct Connect, Amazon RDS, and Amazon DynamoDB.

VMware Cloud on AWS allows you to create vSphere data centers on Amazon Web Services. These vSphere data centers include vCenter Server for managing your data center, vSAN for storage, and VMware NSX for networking. Using Hybrid Linked Mode, you can connect an on-premises data center to your cloud SDDC and manage both from a single vSphere Client interface. With your connected AWS account, you can access AWS services such as EC2 and S3 from virtual machines in your SDDC.

Organizations that adopt VMware Cloud on AWS will see these benefits:

· A broad set of AWS services and infrastructure elasticity for VMware SDDC environments.

· Flexibility to strategically choose where to run applications based on business needs.

· Proven capabilities of VMware SDDC software and AWS Cloud to deliver customer value.

· Seamless, fast, and bi-directional workload portability between private and public clouds.

When you deploy an SDDC on VMware Cloud on AWS, it’s created within an AWS account and VPC dedicated to your organization. The Management Gateway is an NSX Edge Security gateway that provides connectivity to the vCenter Server and NSX Manager running in the SDDC. The internet-facing IP address is assigned from a pool of AWS public IP addresses during SDDC creation. The Compute Gateway provides connectivity for VMs, and VMware Cloud on AWS creates a logical network to provide networking capability for these VMs. A connection to an AWS account is required, and you need to select a VPC and subnet within that account. You can only connect an SDDC to a single Amazon VPC, and an SDDC has a minimum of four hosts.

Steps before SDDC Deployment in VMware Cloud on AWS

Creating a New VPC

Choose the correct region to deploy your VMware Cloud on AWS SDDC.

Straight away in the search box type VPC, then select VPC under services.

once in the VPC dashboard, select VPC’s then click Create VPC.

Enter the VPC details such as Name tag, IPv4 CIDR block, Tenancy as Default, and click Create.

There we go, we have successfully created VPC, click close.

Creating a Private Subnet

You will now create a private subnet

Open the Amazon VPC console, and select Subnets.

Select Create Subnet.

In the Create Subnet dashboard, select the VPC to create the subnet then provide, a Name tag, select the desired Availability Zone, IPv4 CIDR block, and click on Create.

Repeat steps to create desired subnets for each remaining Availability Zone in the region and click Close.

Activate VMware Cloud on AWS Service

You can now activate your VMware Cloud on AWS service. When the purchase is processed, AWS sends a welcome email to the specified email address and starts the process using the following steps:

  • Select the Activate Service link after receiving the Welcome email from AWS.
  • Log in with MyVMware credentials.
  • Review the terms and conditions for the use of services, and select the check box to accept.
  • Select Next to complete the account activation process successfully, and you will be redirected to the VMware Cloud on AWS console.
  • Create an organization that is linked to the MyVMware account.
  • Enter the Organization Name and Address for logical distinction.
  • Select Create Organization to complete the process.

Identity and Access Management (IAM)

Assign privileged access to specific users to access the Cloud Services and SDDC console, SDDC, and NSX components. There are two types of Organization Roles; Organization Owner and Organization Member available.

The Organization Role with Organization Owner can add, modify, and remove users and access to VMware Cloud Services. The Organization Role with Organization Member can access Cloud Services but not add, remove, or modify users.

Deployment of SDDC on VMware Cloud on AWS

Sign in to Cloud Services Portal (CSP) to start the deployment of SDDC on VMC on AWS. Log in to the VMC Console.

Select VMware Cloud on AWS Service from the available services.

Select Create SDDC.

Enter the SDDC properties such as AWS Region, Deployment (either Single Host, Multi-Host, or Stretched Cluster), Host Type, SDDC Name, Number of Hosts, Host Capacity, and Total Capacity, and click Next.

Connect to a new AWS account, and click NEXT.

Select your previously configured VPC and subnet, and NEXT.

Enter the Management Subnet CIDR block for the SDDC, and click NEXT.

Click the two checkboxes to acknowledge to take responsibility for the costs, and click DEPLOY SDDC.

You’ll be charged when you click on DEPLOY SDDC and can’t pause or cancel the deployment process once it starts and will take some time to complete.

Your VMware-based is ready on AWS.

Stay tuned for more.

If you have any questions concerning this article or have an AWS project that requires our assistance, please reach out to us by leaving a comment below or email us at. [email protected]

Thank you!

Categories
Blogs

Unlocking the Power of AWS EBS Volumes: A Comprehensive Introduction

Unlocking the Power of AWS EBS Volumes: A Comprehensive Introduction.

EBS is a popular cloud-based storage service offered by Amazon Web Services (AWS).

EBS, called Elastic Block Store, is a block storage system used to store data. Designed for mission-critical systems, EBS provides easy scalability to petabytes of data.

What Is EBS?

Elastic Block Store (EBS) is a block storage service based in the AWS cloud. EBS stores huge amounts of data in blocks, which work like hard drives (called volumes). You can use it to store any type of data, including file systems, transactional data, NoSQL and relational databases, backup instances, containers, and applications.

EBS volumes are virtual disk drives that can be attached to Amazon EC2 instances, providing durable block-level storage.

What Is an EBS Volume?

It’s a Network drive attached to one EC2 instance at a time and works like a hard drive.
 An EBS Volume is a network drive (not a physical drive) you can attach to EC2 instances while they run.

This means to communicate between EC2 instance and EBS volume it will be using the network.

EBS volume because of their network drive, can be detached from one EC2 instance and attached to another one quickly.
 It allows EC2 instances to persist (continue to exist) data, even after the instance is terminated.
 EBS volumes can be mounted to one instance at a time (at the CCP level).
 EBS volumes are bound up/ linked/ tied to specific AZ’s. An EBS volume in us-east-1a cannot be attached to us-east-1b. But if we do a snapshot then we are able to move an EBS volume across different availability zones.

common use cases for EBS volumes:

Frequent updates — storage of data that needs frequent updates. For example: database applications, and instances’ system drives.

Throughput-intensive applications — that need to perform continuous disk scans.

EC2 instances — once you attach an EBS volume to an EC2 instance, the EBS volume serves the function of a physical hard drive.

Types of EBS Volumes

The performance and pricing of your EBS storage will be determined by the type of volumes you choose. Amazon EBS offers four types of volumes, which serve different functions.

Solid State Drives (SSD)-based volumes

General Purpose SSD (gp2) — the default EBS volume, configured to provide the highest possible performance for the lowest price. Recommended for low-latency interactive apps, and dev and test operations.

Provisioned IOPS SSD (io1) — configured to provide high performance for mission-critical applications. Ideal for NoSQL databases, I/O-intensive relational loads, and application workloads.

What is IOPS?

IOPS, which stands for Input/Output Operations Per Second, is a measure of the performance or speed of an EBS (Elastic Block Store) volume in Amazon Web Services (AWS). In simple terms, it represents how quickly data can be read from or written to the volume.

Think of IOPS as the number of tasks the EBS volume can handle simultaneously. The higher the IOPS, the more tasks it can handle at once, resulting in faster data transfers. It is particularly important for applications that require a lot of data access, such as databases or applications that deal with large amounts of data.

Hard Disk Drives (HDD)-based volumes

Throughput Optimized HDD (st1) — provides low-cost magnetic storage. Recommended for large, sequential workloads that define performance in throughput.

Cold HDD (sc1) — uses a burst model to adjust capacity, thus offering the cheapest magnetic storage. Ideal for cold large sequential workloads.

The Beginner’s Guide to Creating EBS Volumes Prerequisite: an AWS account.

If you don’t have an AWS account, you can follow the steps explained here.

How to Create a New (Empty) EBS Volume via the Amazon EC2 Console

Go to the Amazon EC2 console.

Locate the navigation bar, then select a Region. Region selection is critical. An EBS volume is restricted to its Availability Zone (AZ). That means you won’t be able to move the volume or attach it to an instance from another AZ. Additionally, each region is priced differently. So do this wisely, and choose in advance prior to initiating the volume.

In the console, type EC2 in the search box and select EC2 under services.

In the EC2 dashboard on the left side under Elastic block store, select volumes then click create volume.

Choose the volume type. If you know what you’re doing, and you know which volume you need, this is where you can choose the volume type of your choice. If you’re not sure what type you need, or if you’re just experimenting, go with the default option (which is set to gp2)

Under availability zone, select the dropdown and choose your availability zone, keep in mind that you can attach EBS volumes only to EC2 instances located in the same AZ. I will move with us-east-1a

EBS volumes are not encrypted automatically. If you want to do that, now is the time.

For EBS encryption, tick the box, for Encrypt this volume, then choose default CMK for EBS encryption. This type of encryption is offered at no additional cost.

For customized encryption, choose Encrypt this volume, then choose a different CMK from Master Key. Note that this is a paid service and you’ll be charged with additional costs.

Tag your volume. This is not a must, and you’ll be able to initiate your EBS volume without tagging it. We will leave this section as optional.

Choose Create Volume.

Success you now have a new empty EBS volume. You can now use it to store data or attach the volume to an EC2 instance.

 

Conclusion:

Amazon EBS volumes are a fundamental component of the AWS ecosystem, providing scalable and durable block storage for a wide range of applications. By understanding the features, use cases, and best practices associated with EBS volumes, users can make informed decisions to meet their specific storage needs in the AWS cloud environment.

Pull down and stay tuned for more.

If you have any questions concerning this article or have an AWS project that requires our assistance, please reach out to us by leaving a comment below or email us at. [email protected]

Thank you!

Categories
Blogs

A Comprehensive Guide to Creating and Managing Security Groups for Your Amazon EC2 Instances

A Comprehensive Guide to Creating and Managing Security Groups for Your Amazon EC2 Instances

Security-group-for-amazon

Introduction:

In the ever-evolving landscape of cloud computing, Amazon Elastic Compute Cloud (EC2) has emerged as a cornerstone for hosting web applications, running virtual servers, and managing various workloads in a scalable and cost-effective manner. As EC2 instances play a pivotal role in your AWS infrastructure, it’s essential to ensure that they are not only readily available but also well-protected from unauthorized access. This is where Amazon EC2 Security Groups come into the picture. In this comprehensive guide, we will provide you with a step-by-step approach to creating and managing security groups effectively.

Understanding Amazon EC2 Security Groups

Security Groups in AWS are essentially virtual firewalls that allow you to define inbound and outbound traffic rules for your EC2 instances. With security groups, you can establish fine-grained control over your EC2 instances’ network traffic, ensuring they are protected and compliant with your organization’s security policies

Let’s dive into the process of creating your first security group for an EC2 instance:

In the previous article on creating a new EC2 instance, we created our EC2 instance using the launch wizard security group that opened port 22 and source was from anywhere from the internet.

We will now configure the security group for our EC2 instance.

We will modify our SSH security group and only limit the source traffic to my IP address.

Again, we will open port 80 for HTTP and source is going to come from anywhere from the internet. we will also open port 443 for HTTPS and the source of this web traffic is also going to come from anywhere from the internet.

We will then go to our EC2 instance already launched and add these security group.

Log in to your AWS Management Console

Navigate to the EC2 Dashboard.

In the EC2 dashboard on the left side of the navigation pane under Network and security select security groups. Then click create security group

amazon-ec2
create-security-group

In the security group dashboard, give your security group a name, call it SSH security Group.

Use the same name as the description.

Under VPC, select your VPC click in the search box and select the default VPC.

Scroll down.

Under inbound rule click add rule.

Under type select the drop down and look for SSH, then select it. Under source select the drop down and select my IP, this will select the IP address of your local machine.

inbound-rules-info

Scroll down and click create security group.

create-security-group-tag

We have successfully created the SSH security group, and limited the source of traffic to our IP address. This is always a security best practice. This means that its only my IP address that can SSH into my EC2 instance through port 22.

shh-security-group

if you look at inbound rules tab under type, its SSH and under protocol is TCP, port range is 22 and source we can see my IP address 196.216.90.16/32

Next we will proceed and create our Web traffic security group, so click create security group a gain.

Under basic details, give your security group a name, call it web traffic security group. Under description I will give it a description. Type in allow HTTP and HTTPS traffic from the internet. Under VPC, select the default one.

Scroll down, under inbound rule, click add rule.

add-rules

Under type, select the drop down look for HTTP then select it. Under destination, click the drop and select anywhere for IPv4 addresses.

This will open port 80 for HTTP traffic if you look under port range, you will see the value 80.

Click add rule again then under source select the drop down and look for HTTPS then select it. Under destination, click the drop and select anywhere for IPV4 addresses.

Again, this will open port 443 for HTTPS traffic if you look under port range, you will see the value 443.

http-rules-info

Scroll down and click create security group.

create-security-group-tag

There we go; we have successfully created the web traffic security group and opened port 80 for HTTP and port 443 for HTTPS and our destination is anywhere in the internet.

web-traffic-security-group

If you look under inbound rules tab, we can see our IP version is IPv4, type is HTTPS and HTTP and port range is 80 and 443.

Next, we will now associate our security groups we’ve created to our EC2 instance.

Select your instance, click action drop down button, select security tab then click change security groups.

In the change security group tab, under associated security groups, click remove launch wizard security group.

Click add security group then click the search box for add security group, select the two security groups we’ve just created. The SSH and the web traffic security groups then click save.

associated-security-groups-add

We have successfully changed the security group settings for our EC2 instance.

security-groups-changed-successfully-1

Click instance ID, then navigate to the security tab, you will see the three security groups, one on port 22, port 80 and port 443.

instances-demo
instances-demo

This brings us to the end of this blog. Thanks for your time.

Pull everything down to avoid surprise bills.

Please leave us a comment or any questions if you have concerning this article below. Thank you!