Search

Test Drive Your First Istio Deployment using Play with Kubernetes Platform- Cloud Computing

As a full stack Developer, if you have been spending a lot of time in developing apps recently, you already understand a whole new set of challenges related to Microservice architecture. Although there has been a shift from bloated monolithic apps to compact, focused Microservices for faster implementation and improved resiliency but the fact is  developers have to really worry about the challenges in integrating these services in distributed systems which includes accountability for service discovery, load balancing, registration, fault tolerance, monitoring, routing, compliance, and security.Let us understand the challenges faced by the developers and operators with the Microservice Architecture in details. Consider a 1st Generation simple Service Mesh scenario. As shown below, Service (A) communicates to Service (B). Instead of communicating directly, the request gets routed via Nginx. The Nginx finds a route in Consul (A service discovery tool) and automatically retries to form the connection on HTTP 502’s happen.                                                                    Figure: 1.0 – 1st Gen Service Mesh                                                      Figure:1.1 – Cascading Failure demonstrated with the increase in the number of servicesBut, with the advent of microservices architecture, the number is growing ever since. Below are the  listed challenges encountered by both developers as well as operations team:How to make these growing microservices communicate with each other?Enabling the load balancing architectures over these microservices.Providing role-based routing for the microservices.How to implement outgoing traffic on these microservices and test canary deployment?Managing complexity around these growing pieces of microservices.Implementation of fine-grained control for traffic behavior with rich-routing rules.Challenges in implementing Traffic encryption, service-to-service authentication, and strong identity assertions.In a nutshell, although you could enable service discovery and retry logic into application or networking middleware, the fact is that service discovery becomes tricky to make it right.Enter Istio’s Service Mesh“Service Mesh” is one of the hottest buzzwords of 2018. As the name suggests, it’s a configurable infrastructure layer for a microservices app. It lays out the network of microservices that make up applications and enables interactions between them. It makes communication between service instances flexible, reliable, and fast. The mesh provides service discovery, load balancing, encryption, authentication and authorization, support for the circuit breaker pattern, and other capabilities.Istio is completely an open source service mesh that layers transparently onto existing distributed applications. Istio v1.0 got announced last month and is ready for production. It is written completely in Go Language and its a fully grown platform which provides APIs that let it integrate into any logging platform, or telemetry or policy system. This project adds a very tiny overhead to your system. It is being hosted on GitHub. Istio’s diverse feature set lets you successfully, and efficiently, run a distributed microservice architecture, and provides a uniform way to secure, connect, and monitor microservices.Figure-1.2: Istio’s CapabilityThe Istio project adds a very tiny overhead to your system. It is being hosted on GitHub. Last month, Istio 1.0 release went public and ready for production environment.What benefits does Istio bring?Istio lets you connect, secure, control, and observe services.It helps to reduce the complexity of service deployments and eases the strain on your development teams.It provides developers and DevOps fine-grained visibility and control over traffic without requiring any changes to application code.It provides CIOs with the necessary tools needed to help enforce security and compliance requirements across the enterprise.It provides behavioral insights & operational control over the service mesh as a whole.Istio makes it easy to create a network of deployed services with automatic Load Balancing for HTTP, gRPC, Web Socket & TCP Traffic.It provides fine-grained control of traffic behavior with rich routing rules, retries, failovers, and fault injection.It enables a pluggable policy layer and configuration API supporting access controls, rate limits and quotas.Istio provides automatic metrics, logs, and traces for all traffic within a cluster, including cluster ingress and egress.It provides secure service-to-service communication in a cluster with strong identity-based authentication and authorization.If you want to deep-dive into Istio architecture, I highly recommend the official Istio website.It’s Demo Time !!!Under this blog post, I will showcase how Istio can be setup on Play with Kubernetes (PWK) Platform for a free of cost. In case you’re new, Play with Kubernetes rightly aka PWK is a labs site provided by Docker. It is a playground which allows users to run K8s clusters in a matter of seconds. It gives the experience of having a free CentOS LinuxVirtual Machine in the browser. Under the hood Docker-in-Docker (DinD) is used to give the effect of multiple VMs/PCs.Open  to access Kubernetes Playground.Click on the Login button to authenticate with Docker Hub or GitHub ID.Once you start the session, you will have your own lab environment.Adding First Kubernetes NodeClick on “Add New Instance” on the left to build your first Kubernetes Cluster node. It automatically names it as “node1”. Each instance has Docker Community Edition (CE) and Kubeadm already pre-installed. This node will be treated as the master node for our cluster.Bootstrapping the Master NodeYou can bootstrap the Kubernetes cluster by initializing the master (node1) node with the below script. Copy this script content into bootstrap.sh file and make it executable using “chmod +x bootstrap.sh” command.When you execute this script, as part of initialization, the kubeadm write several configuration files needed, setup RBAC and deployed Kubernetes control plane components (like kube-apiserver, kube-dns, kube-proxy, etcd, etc.). Control plane components are deployed as Docker containers.Copy the above kubeadm join token command and save it for the next step. This command will be used to join other nodes to your cluster.Adding Worker NodesClick on “Add New Node” to add a new worker node.Checking the Cluster StatusVerifying the running PodsInstalling Istio 1.0.0Istio is deployed in a separate Kubernetes namespace istio-system. We will verify it later. As of now, you can copy the below content in a file called install_istio.sh and save it. You can make it executable and run it to install Istio and related tools.You should be able to see screen flooding with the below output.As shown above, it will enable the Prometheus, ServiceGraph, Jaeger, Grafana, and Zipkin by default.Please note – While executing this script, it might end up with the below error message –unable to recognize "install/kubernetes/istio-demo.yaml": no matches for admissionregistration.k8s.io/, Kind=MutatingWebhookConfigurationThe error message is expected.As soon as the command gets executed completely, you should be able to see a long list of ports which gets displayed at the top center of the page.Verifying the ServicesExposing the ServicesTo expose Prometheus, Grafana & Servicegraph services, you will need to delete the existing services and then use NodePort instead of ClusterIP so as to access the service using the port displayed on the top of the instance page. (as shown below)You should be able to access Grafana page by clicking on “30004” port and Prometheus page by clicking on “30003”.You can check Prometheus metrics by selecting the necessary option as shown below:Under Grafana Page, you can add “Data Source” for Prometheus and ensure that the dashboard is up and running:Congratulations! You have installed Istio on Kubernetes cluster. Below listed services have been installed on K8s playground:Istio Controllers and related RBAC rulesIstio Custom Resource DefinitionsPrometheus and Grafana for MonitoringJeager for Distributed TracingIstio Sidecar Injector (we'll take a look next section)Installing IstioctlIstioctl is configuration command line utility of Istio. It helps to create, list, modify and delete configuration resources in the Istio system.Deploying the Sample BookInfo ApplicationNow Istio is installed and verified, you can deploy one of the sample applications provided with the installation- BookInfo. This is a simple mock bookstore application made up of four services that provide a web product page, book details, reviews (with several versions of the review service), and ratings - all managed using Istio.Deploying BookInfo ServicesDefining the Ingress Gateway:Verifying BookInfo ApplicationAccessing it via Web URLYou should now be able the BookInfo Sample as shown below:Hope, this Istio deployment Kubernetes tutorial helped you to successfully install Istio on Kubernetes. In the future blog post, I will deep dive into Istio Internal Architecture, traffic management, policies & telemetry in detail.We hoped this article helped you get familiar with the concept. If you want to know more about it and get certified, you can try the AWS certification course offered by KnowledgeHut.
Rated 4.5/5 based on 1 customer reviews

Test Drive Your First Istio Deployment using Play with Kubernetes Platform- Cloud Computing

2K
Test Drive Your First Istio Deployment using Play with Kubernetes Platform- Cloud Computing

As a full stack Developer, if you have been spending a lot of time in developing apps recently, you already understand a whole new set of challenges related to Microservice architecture. Although there has been a shift from bloated monolithic apps to compact, focused Microservices for faster implementation and improved resiliency but the fact is  developers have to really worry about the challenges in integrating these services in distributed systems which includes accountability for service discovery, load balancing, registration, fault tolerance, monitoring, routing, compliance, and security.

Let us understand the challenges faced by the developers and operators with the Microservice Architecture in details. Consider a 1st Generation simple Service Mesh scenario. As shown below, Service (A) communicates to Service (B). Instead of communicating directly, the request gets routed via Nginx. The Nginx finds a route in Consul (A service discovery tool) and automatically retries to form the connection on HTTP 502’s happen.
                                                                    Figure: 1.0 – 1st Gen Service Mesh
Cascading Failure demonstrated with the increase in the number of services                                                      Figure:1.1 – Cascading Failure demonstrated with the increase in the number of services

But, with the advent of microservices architecture, the number is growing ever since. Below are the  listed challenges encountered by both developers as well as operations team:

  • How to make these growing microservices communicate with each other?
  • Enabling the load balancing architectures over these microservices.
  • Providing role-based routing for the microservices.
  • How to implement outgoing traffic on these microservices and test canary deployment?
  • Managing complexity around these growing pieces of microservices.
  • Implementation of fine-grained control for traffic behavior with rich-routing rules.
  • Challenges in implementing Traffic encryption, service-to-service authentication, and strong identity assertions.

In a nutshell, although you could enable service discovery and retry logic into application or networking middleware, the fact is that service discovery becomes tricky to make it right.

Enter Istio’s Service Mesh

“Service Mesh” is one of the hottest buzzwords of 2018. As the name suggests, it’s a configurable infrastructure layer for a microservices app. It lays out the network of microservices that make up applications and enables interactions between them. It makes communication between service instances flexible, reliable, and fast. The mesh provides service discovery, load balancing, encryption, authentication and authorization, support for the circuit breaker pattern, and other capabilities.

Istio is completely an open source service mesh that layers transparently onto existing distributed applications. Istio v1.0 got announced last month and is ready for production. It is written completely in Go Language and its a fully grown platform which provides APIs that let it integrate into any logging platform, or telemetry or policy system. This project adds a very tiny overhead to your system. It is being hosted on GitHub. Istio’s diverse feature set lets you successfully, and efficiently, run a distributed microservice architecture, and provides a uniform way to secure, connect, and monitor microservices.
Istio’s Capability

Figure-1.2: Istio’s Capability

The Istio project adds a very tiny overhead to your system. It is being hosted on GitHub. Last month, Istio 1.0 release went public and ready for production environment.

What benefits does Istio bring?

  • Istio lets you connect, secure, control, and observe services.
  • It helps to reduce the complexity of service deployments and eases the strain on your development teams.
  • It provides developers and DevOps fine-grained visibility and control over traffic without requiring any changes to application code.
  • It provides CIOs with the necessary tools needed to help enforce security and compliance requirements across the enterprise.
  • It provides behavioral insights & operational control over the service mesh as a whole.
  • Istio makes it easy to create a network of deployed services with automatic Load Balancing for HTTP, gRPC, Web Socket & TCP Traffic.
  • It provides fine-grained control of traffic behavior with rich routing rules, retries, failovers, and fault injection.
  • It enables a pluggable policy layer and configuration API supporting access controls, rate limits and quotas.
  • Istio provides automatic metrics, logs, and traces for all traffic within a cluster, including cluster ingress and egress.
  • It provides secure service-to-service communication in a cluster with strong identity-based authentication and authorization.

If you want to deep-dive into Istio architecture, I highly recommend the official Istio website.
benefits does Istio bringIt’s Demo Time !!!

Under this blog post, I will showcase how Istio can be setup on Play with Kubernetes (PWK) Platform for a free of cost. In case you’re new, Play with Kubernetes rightly aka PWK is a labs site provided by Docker. It is a playground which allows users to run K8s clusters in a matter of seconds. It gives the experience of having a free CentOS Linux
Virtual Machine in the browser. Under the hood Docker-in-Docker (DinD) is used to give the effect of multiple VMs/PCs.

Open  to access
 Kubernetes Playground.
Click on the Login button to authenticate with Docker Hub or GitHub ID.
Once you start the session, you will have your own lab environment.

Adding First Kubernetes Node

Click on “Add New Instance” on the left to build your first Kubernetes Cluster node. It automatically names it as “node1”. Each instance has Docker Community Edition (CE) and Kubeadm already pre-installed. This node will be treated as the master node for our cluster.
Bootstrapping the Master Node

You can bootstrap the Kubernetes cluster by initializing the master (node1) node with the below script. Copy this script content into bootstrap.sh file and make it executable using “chmod +x bootstrap.sh” command.
Bootstrapping the Master NodeWhen you execute this script, as part of initialization, the kubeadm write several configuration files needed, setup RBAC and deployed Kubernetes control plane components (like kube-apiserver, kube-dns, kube-proxy, etcd, etc.). Control plane components are deployed as Docker containers.
Copy the above kubeadm join token command and save it for the next step. This command will be used to join other nodes to your cluster.

Adding Worker Nodes
Click on “Add New Node” to add a new worker node.
Adding Worker NodesChecking the Cluster Status

Checking the Cluster Status

Verifying the running Pods
Verifying the running PodsInstalling Istio 1.0.0

Istio is deployed in a separate Kubernetes namespace istio-system. We will verify it later. As of now, you can copy the below content in a file called install_istio.sh and save it. You can make it executable and run it to install Istio and related tools.
Installing Istio 1.0.0You should be able to see screen flooding with the below output.

As shown above, it will enable the Prometheus, ServiceGraph, Jaeger, Grafana, and Zipkin by default.

Please note – While executing this script, it might end up with the below error message –

unable to recognize "install/kubernetes/istio-demo.yaml": no matches for admissionregistration.k8s.io/, Kind=MutatingWebhookConfiguration

The error message is expected.

As soon as the command gets executed completely, you should be able to see a long list of ports which gets displayed at the top center of the page.
Verifying the Services
Verifying the ServicesExposing the Services

To expose Prometheus, Grafana & Servicegraph services, you will need to delete the existing services and then use NodePort instead of ClusterIP so as to access the service using the port displayed on the top of the instance page. (as shown below)
Exposing the ServicesYou should be able to access Grafana page by clicking on “30004” port and Prometheus page by clicking on “30003”.
You can check Prometheus metrics by selecting the necessary option as shown below:
Under Grafana Page, you can add “Data Source” for Prometheus and ensure that the dashboard is up and running:
Congratulations! You have installed Istio on Kubernetes cluster. Below listed services have been installed on K8s playground:

  • Istio Controllers and related RBAC rules
  • Istio Custom Resource Definitions
  • Prometheus and Grafana for Monitoring
  • Jeager for Distributed Tracing
  • Istio Sidecar Injector (we'll take a look next section)


Installing Istioctl

Istioctl is configuration command line utility of Istio. It helps to create, list, modify and delete configuration resources in the Istio system.
Deploying the Sample BookInfo Application

Now Istio is installed and verified, you can deploy one of the sample applications provided with the installation- BookInfo. This is a simple mock bookstore application made up of four services that provide a web product page, book details, reviews (with several versions of the review service), and ratings - all managed using Istio.

Deploying BookInfo Services
Defining the Ingress Gateway:

Verifying BookInfo Application

Accessing it via Web URL
Accessing it via Web URLYou should now be able the BookInfo Sample as shown below:

Hope, this Istio deployment Kubernetes tutorial helped you to successfully install Istio on Kubernetes. In the future blog post, I will deep dive into Istio Internal Architecture, traffic management, policies & telemetry in detail.

We hoped this article helped you get familiar with the concept. If you want to know more about it and get certified, you can try the AWS certification course offered by KnowledgeHut.

Ajeet Singh

Ajeet Singh Raina

Blog Author

Ajeet Singh Raina is a Docker Captain & {code} Catalysts by DellEMC. He is currently working as Technical Lead Engineer in Enterprise Solution Group @ Dell R&D. He has over 10+ years of solid understanding of a diverse range of IT infrastructure, systems management, systems integration and quality assurance.  He is a frequent blogger at www.collabnix.com and have 150+ blogs contributed on new upcoming Docker releases and features. His personal blog attracts roughly thousands of visitors and tons of page-views every month. His areas of interest includes Docker on Swarm Mode, IoTs, and Legacy Applications & Cloud. 

Join the Discussion

Your email address will not be published. Required fields are marked *

1 comments

Mohan Pawar 02 Sep 2018

Amazing guide... Thank you.

Suggested Blogs

Business Transformation through Enterprise Cloud Computing

The Cloud Best Practices Network is an industry solutions groups and best practices catalogue of how-to information for Cloud Computing. While we cover all aspects of the technology our primary goal is to explain the enabling relationship between this new IT trend and business transformation, where our materials include: Core Competencies – The mix of new skills and technologies required to successfully implement new Cloud-based IT applications. Reference Documents – The core articles that define what Cloud Computing is and what the best practices are for implementation, predominately referring to the NIST schedule of information. Case studies – Best practices derived from analysis of pioneer adopters, such as the State of Michigan and their ‘MiCloud‘ framework . Read this article ‘Make MiCloud Your Cloud‘ as an introduction to the Cloud & business transformation capability. e-Guides – These package up collections of best practice resources directed towards a particular topic or industry. For example our GovCloud.info site specializes in Cloud Computing for the public sector. White papers – Educational documents from vendors and other experts, such as the IT Value mapping paper from VMware. Core competencies The mix of new skills and technologies required to successfully implement new Cloud-based IT applications, and also the new capabilities that these platforms make possible: Virtualization Cloud Identity and Security – Cloud Privacy Cloud 2.0 Cloud Configuration Management Cloud Migration Management DevOps Cloud BCP ITaaS Procurement Cloud Identity and Security Cloud Identity and Security best practices (CloudIDSec) provides a comprehensive framework for ensuring the safe and compliant use of Cloud systems. This is achieved through combining a focus on the core references for Cloud Security, the Cloud Security Alliance, with those of Cloud Identity best practices: IDaaS – Identity Management 2.0 Federated Identity Ecosystems Cloud Privacy A common critcal focus area for Cloud computing is data privacy, particularly with regards to the international aspects of Cloud hosting. Cloud Privacy refers to the combination of technologies and legal frameworks to ensure privacy of personal information held in Cloud systems, and a ‘Cloud Privacy-by-Design’ process can then be used to identify the local legislated privacy requirements of information. Tools for designing these types of privacy controls have been developed by global privacy experts, such as Ann Cavoukian, the current Privacy Commissioner for Ontario, who provides tools to design and build these federated privacy systems. The Privacy by Design Cloud Computing Architecture (26-page PDF) document provides a base reference for how to combine traditional PIAs (Privacy Impact Assessments) with Cloud Computing. As this Privacy Framework presentation then explains these regulatory mechanisms that Kantara enables can then provide the foundations for securing the information in a manner that encompasses all the legacy, privacy and technical requirements needed to ensure it is suitable for e-Government scenarios. This then enables it to achieve compliance with the Cloud Privacy recommendations put forward by global privacy experts, such as Ann Cavoukian, the current Privacy Commissioner for Ontario, who stipulates a range of ‘Cloud Privacy By Design‘ best practices Cloud 2.0 Cloud is as much a business model as it is a technology, and this model is best described through the term ‘Cloud 2.0′. As the saying goes a picture tells a thousand words, and as described by this one Cloud 2.0 represents the intersection between social media, Cloud computing and Crowdsourcing. The Social Cloud In short it marries the emergent new online world of Twitter, Linkedin et al, and the technologies that are powering them, with the traditional, back-end world of mainframe systems, mini-computers and all other shapes and sizes of legacy data-centre. “Socializing” these applications means moving them ‘into the Cloud’, in the sense of connecting them into this social data world, as much as it does means virtualizing the application to run on new hardware. This a simple but really powerful mix, that can act as a catalyst for an exciting new level of business process capability. It can provide a platform for modernizing business processes in a significant and highly innovative manner, a breath of fresh air that many government agency programs are crying out for. Government agencies operate many older technology platforms for many of their services, making it difficult to amend them for new ways of working and in particular connecting them to the web for self-service options. Crowdsourcing Social media encourages better collaboration between users and information, and tools for open data and back-end legacy integrations can pull the transactional systems informtion needed to make this functional and valuable. Crowdsourcing is: a distributed problem-solving and production process that involves outsourcing tasks to a network of people, also known as the crowd. Although not a component of the technologies of Cloud Computing, Crowdsourcing is a fundamental concept inherent to the success of the Cloud 2.0 model. The commercial success of migration to Cloud Computing will be amplified when there is a strong focus on the new Web 2.0 type business models that the technology is ideal for enabling. Case study – Peer to Patent One such example is the Whitehouse project the Peer to the Patent portal, a headline example of Open Government, led by one its keynote experts Beth Noveck. This project illustrates the huge potential for business transformation that Cloud 2.0 offers. It’s not just about migrating data-center apps into a Cloud provider, connecting an existing IT system to a web interface or just publishing Open Data reporting data online, but rather utilizing the nature of the web to entirely re-invent the core process itself. It’s about moving the process into the Cloud. In this 40 page Harvard white paper Beth describes how the US Patent Office was building up a huge backlog of over one million patent applications due to a ‘closed’ approach where only staff from the USPTO could review, contribute and decide upon applications. To address this bottleneck she migrated the process to an online, Open version where contributors from across multiple organizations could help move an application through the process via open participation web site features. Peer to Patent is a headline example of the power of Open Government, because it demonstrates its about far more than simply publishing reporting information online in an open manner, so that they public can inspect data like procurement spending numbers. Rather it’s about changing the core decision-making processes entirely, reinventing how Government itself works from the inside out, reinventing it from a centralized hierarchical monolith to an agile, distributed peer to peer network. In essence it transforms the process from ‘closed’ to ‘open’, in terms of who and how others can participate, utilizing the best practice of ‘Open Innovation‘ to break the gridlock that had occured due the constraints caused by private, traditional ways of working. Open Grantmaking – Sharing Cloud Best Practices Beth has subsequently advised further on how these principles can be applied in general across Government. For example in this article on her own blog she describes ‘Open Grantmaking‘ – How the Peer To Patent crowdsourcing model might be applied to the workflows for government grant applications. She touches on what is the important factor about these new models, their ability to accelerate continual improvement within organizations through repeatedly sharing and refining best practices: “In practice, this means that if a community college wins a grant to create a videogame to teach how to install solar panels, everyone will have the benefit of that knowledge. They will be able to play the game for free. In addition, anyone can translate it into Spanish or Russian or use it as the basis to create a new game to teach how to do a home energy retrofit.” Beth describes how Open Grantmaking might be utilized to improve community investing in another blog, describing how OG would enable more transparency and related improvements. Cloud 2.0 As the underlying technology Cloud 2.0 caters for both the hosting of the software and also the social media 2.0 features that enable the cross-enterprise collaboration that Beth describes. Cloud Configuration Management CCM is the best practice for change and configuration management within Cloud environments, illustrated through vendors such as Evolven. Problem Statement One of the key goals and perceived benefits of Cloud computing is a simplified IT environment, a reduction of complexity through virtualizing applications into a single overall environment. However complexity actually increases.  Virtual Machines (VMs) encapsulate application and infrastructure configurations, they package up a combination of applications and their settings, obscuring this data from traditional configuration management tools. Furthermore the ease of self-service creation of VMs results in their widespread proliferation, and so actually the adoption of Cloud technologies creates a need for a new, extra dimension of systems management. This is called CCM, and incorporates: Release & Incident Management The increased complexity therefore increases the difficulties in trouble-shooting technical problems, and thus requires an updated set of tools and also updates to best practices like the use of ITIL procedures. ‘Release into Production’ is a particularly sensitive process within software teams, as major upgrades and patches are transitioned from test to live environments. Any number of configuration-related errors could cause the move to fail, and so CCM software delivers the core competency of being better able to respond quicker to identify and resolve these issues, reducing the MTTR significantly. DevOps DevOps is a set of principles, methods and practices for communication, collaboration and integration between software development and IT operations. Through the implementation of a shared Lean adoption program and QMS (Quality Management System) the two groups can better work together to minimize downtimes while improving the speed and quality of software development. It’s therefore directly linked to Business Agility. The higher the value of speed and quality = a faster ability to react to market changes, deploy new products and processes and in general adapt the organization, achieved through increasing the frequency of ‘Release Events’: It’s therefore directly linked to Business Agility. The higher the value of speed and quality = a faster ability to react to market changes, deploy new products and processes and in general adapt the organization, achieved through increasing the frequency of ‘Release Events’: ITaaS Procurement The fundamental shift that Cloud Computing represents is illustrated in one key implementation area:   Procurement. Moving to Cloud services means changing from a financial model for technology where you buy your own hardware and software, and pay for it up front, to an approach where instead you access it as a rental, utility service where you “PAYG – Pay As You Go”. To encompass all the different ‘as a Service’ models this is known at an overall level as ‘ITaaS’ – IT as a Service. Any type of IT can be virtualized and delivered via this Service model. Towards the end, I hope that you have gained a clear understanding of How Business Transforms Through Enterprise Cloud Computing. If this article has helped you clear your fundamentals and if you wish to learn more about Cloud computing by getting certified, then you can undertake the AWS certification course offered by KnowledgeHut.
Rated 4.0/5 based on 20 customer reviews
Business Transformation through Enterprise Cloud C...

The Cloud Best Practices Network is an industry ... Read More

How to Pass the AWS Cloud Practitioner Exam?

Are you planning to appear for the AWS Cloud Practitioner Certification in 2019? Looking for some guidance in the right direction? Well, your search ends here. Here is a complete and comprehensive guide of all the things you can expect from the AWS exams and how to best prepare for them!What is the Need for Cloud Computing: Cloud Computing is one of the biggest industries in Information Technology. It has ventured into several sectors and industries over the globe changing the way we commute, communicate and conduct business. Cloud Computing is allowing businesses and clients transact better and incorporate innovative ideas in an effective way and on a massive scale. Plus, the fact that there is no need for up-front investment, only makes things better for small scale enterprises.  What is Amazon Web Services: Amazon Web Services (AWS) is the global leader in cloud computing. AWS offers over 100 patented services and other additional courses through the Marketplace that can be accessed by people from all across the world. AWS is a credible and reliable cloud computing platform that has abusiness in digital areas such as Silicon Valley, Seattle, and New York. AWS Certified Cloud Practitioner Certification- An OverviewAWS Cloud Practitioner Certification is one of the basic platforms that offers Cloud Certifications including those like AWS, Azure, and Google Cloud. CloudPractitioner Certification is accessible to anyone who is interested in a career in technology and IT. AWS Cloud Practitioner Certification is meant for Systems Engineers, Network Engineers, Developers, Sales, Marketing, and IT leaders. Here is the list of AWS certified roles that you can apply for with the AWS Cloud Practitioner Certification: AWS Certified Solution Architect Associate  AWS Certified Solution Architect Professional AWS Certified Developer Associate AWS Certified SysOps Administrator Associate AWS Certified DevOps Professional AWS Certified Networking Specialist AWS Certified Security Specialist AWS Certified Bigdata Specialist. Eligibility Criteria for AWS Cloud Practitioner Certification:Here are some of the basic criteria need to be satisfied to be able to take AWS Certified Cloud Practitioner Certification exam: Minimum ½ year practice of AWS cloud concepts in either of these sectors- purchasing, financial, sales, technical, managerial, etc. Understanding of IT services and their application in AWS Cloud platform. Exam Pattern for AWS Cloud Practitioner Certification: There are two basic types of questions that you’ll find in the AWS Certified Cloud Practitioner Certification Exam- objective and subjective. The multiple-choice questions have 4 options, out of which candidates have to select the right one. The other kind is called the multiple-response question where candidates have to think of all possible responses of a question. Beginner level candidates generally opt for the AWS distractor options as they’re easier and have no negative marking for selecting a wrong answer. You will be given 90 minutes to finish the exam. Also, the exam is available in English, Korean, Japanese, and Simplified Chinese at a price of 100 USD. For more information regarding the exam, download the exam guide CLF-C01. What are the ObjectivesAWS Cloud Practitioner Certification Exam: AWS CCP is an exam that aims at testing the candidates practical and theoretical understanding of cloud computing. Acing this exam would make you a certified cloud based developer or analyst. This certification exam evaluates candidate’s knowledge to: Explain the chief characteristics of operating and deploying in the AWS Cloud Identify the key sources of technical help or documentation Define common security model, security and compliance concepts Clarify the elementary principles of AWS Cloud Architecture Elucidate AWS cloud standards Describe the account management, billing, and pricing Explain AWS cloud and its basic infrastructure AWS Certified Cloud Practitioner Certification Subject Areas The curriculum for AWS Certified Cloud Practitioner Certification exam has been categorized into four subject areas, such as: S.No.DomainsWeightage1Cloud Concepts28%2Security24%3Technology36%4Billing & Pricing12%1. Cloud Concepts A basic knowledge of Cloud Computing Concepts is mandatory if candidates want to clear the AWS exam. There are generally broad questions asked from this section and includes topics like Fault Tolerance, High Availability, Scalability, and Elasticity. 2. Security Security is another topic that is essential for AWS applicants. This includes various questions related to culpable management, compliance, and security. Below are some of the topics that you may find in your exam: IAM- Managing users, Password policies, and MFA DDoS Protection Cloud Logs Shared Security Model 3. Technology Technology is the most significant field of AWS Certified Cloud Practitioner certification exam. You should be familiar with the main AWS services if you want to be proficient in this section. Some of the AWS services that you must know include Route 53, Lambda, S3, ELB, SNS, RDS and EC2.  4. Billing & Pricing As AWS Certified Cloud Practitioner certification exam focuses on the commercial application of AWS, Billing & Pricing becomes an integral topic for applicants. You must have a basic understanding of  knowledge of general account information, AWS support, billing processes and how services are billed, cost calculation, taxation and more.  How to Prepare for AWS Certified Cloud Practitioner Certification: As we all know that training for any certification course is no piece of cake. Candidates need to put in considerable time and effort in the right direction to get a decent score. Here is how one can prepare for the exams;  Start with AWS Training Lessons Here are three AWS Training courses that will help you to pass this certification. AWS Cloud Practitioner Essentials: This course caters to candidates who want to get a complete understanding of AWS Cloud. This course comprises of cloud concepts, AWS amenities, pricing, architecture, security, and support. AWS Technical Essentials: This course enlightens you about AWS services, goods, and some commonplace solutions. It makes you more competent in analysing AWS services so that you will be able to resolve IT issues.  AWS Business Essentials: AWS Business Essentials supports candidates who want to know about the advantages of cloud computing, plus monetary profits and cloud-based approaches to help people crack business goals. This course even advises you about safety and acquiescence concepts and helps you understand AWS cloud computing approach. Consult the AWS Certified Cloud Practitioner Certification Exam Guide People preparing for AWS Certified Cloud Practitioner Exam should definitely consult the AWS CCP guides available online and offline. These books offer a deeper understanding of the core areas that candidates need to focus on. Get Familiar with the Subject Areas When you are preparing for an exam, the subject area or topic is an important part that you should be concentrating on. Objectives of AWS CCP certification exam have already been discussed above, go through them carefully, and then start your training through the suggested study material for each topic area. Go through AWS Whitepapers Since we know that white papers are fashioned to instruct the listeners about a specific and precise methodology. AWS whitepapers are detailed reliable and cover the basic topics such as security, architecture, and economics. Here are some popular AWS whitepapers that will help you in the preparation of AWS Certified Cloud Practitioner certification exam Overview of AWS How AWS Pricing Works Maximizing Value with AWS AWS Security Best Practices An Overview of the AWS Cloud Adoption Framework The Business Value of AWS: Succeeding at Twenty-First Century Business Infrastructure Self-Study AWS Cloud Practitioner certification exam covers the rudimentary concepts and information regarding AWS Cloud. People who have the experience or expertise of working on AWS cloud platform, can easily pass the exam through self-study. We would recommend online courses for candidates who have trouble understanding the concepts and ideas of AWS cloud computing. Browse through the FAQs and blogs to get a better idea about how things work.  Take Free Cloud Practitioner Practice Test Taking practice tests for any certification exam is the best way to evaluate yourself for the exam and test your knowledge. If you want to accomplish good grades, you must opt for the free AWS Certified Cloud Practitioner practice exam. These tests are designed in a pattern that resembles the actual exam structure and contents.  Schedule the Exam and Get Certified Now that you are done with your preparation and feel confident enough, it is the right time to enrol for the exam. Candidates can choose any testing centre in their locality. A quick look at the AWS training website would give you a list of all the centres near you. Pick a centre and register yourself.  Best AWS Certified Cloud Practitioner Certification Books There are several books and notes that candidates can consult while preparing for AWS exams. AWS Exam Guide will give people a step by step guide in order to prepare for the tests. It is a well organised and comprehensive tool for first timers and professionals alike. We have enlisted some important books that will help you to prepare for the AWS certified cloud practitioner exam. Read all or few of these to clear your notions of AWS cloud and pass the certification exam with flying colours. So, here are the suggested AWS certified cloud practitioner books – AWS: The Beginners Guide to Amazon Web Services by Dennis Hutten AWS Basics: Beginner’s Guide by Gordon Wong Learning AWS by Aurobindo Sarkar and Amit Shah Amazon Web Services for Dummies by Bernard Golden Amazon Web Services in Action by Andreas Wittig and Michael Wittig AWS Automation Cookbook – Continuous Integration and Continuous Deployment using AWS Services by Nikit Swaraj Suggestions to Follow While Taking AWS Cloud PractitionerExam: Now that you have prepared for the exam, and registered for the same, it is time to face the music and actually appear for the exams. Don’t be nervous, you have done your best and are absolutely prepared for the tests. Take a deep breath, and follow these tips if you feel unsure or under confident about the papers;  Start the exam by answering the questions you are sure about. Tackle the simplest problems first. You can then have more time on your hands to think about the difficult questions. Also, don’t spend a lot of time on a single question Keep a watch with you and always check the time when you’re at the exam time. Keeping track of how much time you’ve spent is a great way to manage your answers better. This way you can even attempt all the questions Don’t panic, take a deep breath, and avoid rushing into the answers. Don’t try to complete the questions as fast as you can, try to be accurate as well. Although there is no negative marking, it would be better if you get maximum answers correct  The AWS exam lasts for 90 minutes, with enough practice, you can easily solve the papers in the stipulated time. Give mock exams and tests to practice your skills The objective questions are usually the easiest to answer, so do them first, next, pick the questions that have multiple right answers. It is not always the case that only one answer will only be the best answer. Think about all the possible ways in which the question can be answered, and pick the best-case scenario The AWS pattern does have sub questions and sub sections in a single large question. Not every question has the same weightage or answering requirement. Read through the marking scheme and instructions carefully before you answer Don’t rush with the question, read it carefully to understand exactly what is asked of you before you begin with your answer.  The Bottom Line  Preparing for AWS CCP exams are not a piece of cake, however, it is not as difficult as most people make it sound as well. What you need is the right balance of resources and training. Start with the basics and slowly work your way from there. You don’t need to ace the subjects in one go, take your time, be through with your preparation and we’re sure you will be able to crack the exams. Try out the AWS Cloud Practitioner Certification Training course of KnowledgeHut to prepare for the exam. Good luck! 
Rated 4.5/5 based on 12 customer reviews
7205
How to Pass the AWS Cloud Practitioner Exam?

Are you planning to appear for the AWS Cloud Pract... Read More

What Is the Recommended List of AWS Whitepapers?

Amazon Web Services has become an integral part of the IT sector. These services form the building blocks of the applications deployed in the cloud. Because of the benefits these services offer, the professionals with expertise in the AWS are highly in demand. And what is the best way to prove your expertise other than getting AWS certifications? There are 11 certifications offered by AWS categorized according to their expertise level. AWS offers classroom and digital courses to help you prepare for these certification exams. Apart from this, AWS also recommends some whitepapers that can help you get a better grasp of the AWS concepts:1. AWS Certified Cloud Practitioner Certification ExamAWS Certified Cloud Practitioner Certification is the foundational level certification exam that will help you validate your skills and knowledge of the AWS cloud. Also, it is a prerequisite alternative for some of the AWS specialty exams. The following whitepapers are recommended for this course:Overview of Amazon Web Services – Covers all the cloud-based products offered by AWS for computing, storing, networking, analysis, databases, developing, managing, security, IoT, etc.Architecting for the Cloud – This whitepaper provides advice and guidance on architecture and how it is applied in cloud computing. You will be introduced to all the basic concepts required to design AWS solutions.How AWS Pricing works – In this whitepaper, you will learn about how AWS services are priced. It covers on-demand, reservation-based, pay-as-you-go payment model that provides the best ROI.2. AWS Certified Solutions Architect – AssociateAWS Solutions Architect certification exam validates your skills in designing distributed applications. This includes knowledge of building secure and reliable applications using the AWS platform, troubleshooting, disaster recovery, data security practices, deployment of hybrid systems, etc. To prepare for this certification exam, you must study the following AWS whitepaper:AWS Well-Architected – This whitepaper was created to help the cloud architects in building resilient, efficient, high-performing, and secure infrastructure for their system and applications. The framework provided by the AWS is based on the five pillars – Reliability, Operational Excellence, Performance Efficiency, and Cost Optimization. With this whitepaper, you will be able to learn how to use a consistent approach for evaluating architectures and implementing designs.3. AWS Certified Developer- AssociateAWS Developer certification is an associate-level certification is all about developing and maintaining applications using the AWS platform. This also covers other AWS services like storage, databases, workflow, notifications, and change management services. To ace this certification exam, you need to go through the following AWS whitepapers:AWS Security Best Practices – It is for professionals working on designing and configuring the infrastructure and applications deployed on the AWS platform. It includes the best practices used in defining the Information Security Management System (ISMS) for protecting your data and assets.Practicing Continuous Integration and Continuous Delivery on AWS – It covers the concepts and advantages of continuous integration and continuous delivery used as a part of the DevOps initiative.Implementing Microservices on AWS – This whitepaper includes how to use microservices for speeding up deployment cycles, improving scalability and maintainability, etc.Serverless Architecture with AWS Lambda – This whitepaper aims to give an overview of AWS lambda and the best practices used to build serverless applications on AWS.Optimizing Enterprise Economics with Serverless Architecture – This whitepaper is created to help the senior architects, Chief Technology Officers (CTOs), and Chief Information Officers (CIOs) get an understanding of the impact of serverless architecture on IT economics, team agility, and market.Running Containerized Microservices on AWS – It guides developers and architects on running containerized applications on the AWS platform. This includes security, lifecycle management, and architectural design patterns for containerized applications deployed on the AWS.Blue/Green Deployments on AWS – This whitepaper covers the Blue/Green deployment technique that shifts traffic between identical environments of application’s different versions to release application.4. AWS Certified SysOps Administrator -  AssociateCreated for system administrators,  AWS SysOps Administrator certification requires knowledge in operational as well as technical aspects of AWS. You must know how to deploy applications on the AWS platform, transfer data between data centers and the AWS, select the right AWS service, secure and manage the system. You can try the following whitepapers to get a better grasp of these concepts:Architecting for the Cloud – Made for developers and solutions architects, this whitepaper includes concepts on how to build solutions that can be deployed on the AWS platform. You will be learning about the benefits of attributes specific to cloud computing like infrastructure automation and elasticity.Amazon Web Services: Overview of Security Processes – This whitepaper covers the operational security and physical processes that are used for describing the server and network architecture of the AWS platform. You will be learning how to ensure the security of the data and application deployed on the AWS platform.Development and Test on Amazon Web Services – In this whitepaper, you will learn how AWS adds value to the different aspects of the software development cycle. For development, it will cover how to manage version control, project management tools, AWS environment, build process, and the best practices used on the AWS platform. For the test, it includes managing testing environment, running tests like fault tolerance testing, acceptance testing, load testing, etc. Studying this whitepaper will help you select the right scenario for your project. This whitepaper is meant for project managers, system architects, developers, and testers.Backup, Archive and Restore approaches on AWS – This whitepaper deals with solutions used for backing up your data on the cloud. There are discussions on the best practices used for protecting data on the AWS platform. You will learn about backing up, archiving, and restoring data. This whitepaper is meant for IT administrators, backup architects, and solutions architects that are working in the field of securing data in the IT environment.Amazon Virtual Private Cloud Connectivity Options – Created for Amazon VPC administrators, corporate network engineers, and architects, this whitepaper reviews the connectivity options available on the AWS. You will get an overview of all the options that can be used for facilitating network connectivity.5. AWS Certified Solutions Architect – ProfessionalFor  AWS Solutions Architect – Professional certification, a candidate must know best practices used for implementing AWS-based applications and cost-optimization. Also, they must have the skills required for migrating complex applications to the AWS platform and must be able to make architectural recommendations. Go through the following whitepapers to prepare for this certification exam:Encrypting Data at Rest – This whitepaper covers all the government or industry regulations, organizational policies involved in encryption at rest for protecting the data. You will learn about the different options that you can use for data encryption at rest available today.Web Application Hosting in the AWS Cloud – Meant for System architects and IT managers working to use the cloud for achieving scalability for meeting their computing needs, this whitepaper covers methods for achieving scalable and highly available web hosting. Migrating AWS resources to a new AWS Region - This whitepaper is created for customers of AWS who want to transfer their existing resources to a new region of AWS. It is not a definitive guide containing steps for the migrating process. However, it contains different methods and options that you can use for migrating different services to a new region.6. AWS Certified DevOps Engineer – ProfessionalThis certification demonstrates your skills of provisioning, managing, and operating applications on the AWS platform. It focuses on the fundamentals of using the DevOps movement required for automating processes and continuous delivery. You must know about implementing different methodologies used for automating the production operations. Here is a list of whitepapers you need to study to ace  AWS DevOps Engineer – Professional certification:Microservices on AWS – In this whitepaper, you will learn how to use microservices as an organizational and architectural approach for development. All the characteristics of microservices are summarized in this whitepaper including the challenges faced while building microservices. You will also learn how you can leverage the AWS as a product team to overcome these challenges.Running Containerized Microservices on AWS – In this whitepaper, there are discussions about the best architectural practices used for adopting containers on AWS. You will learn about leveraging the Microservices’ principles of Martin Fowler and mapping them to real-life considerations and twelve-factor app pattern. With this whitepaper, you will be able to use the best software design patterns and practices to build microservices.Infrastructure as Code – This whitepaper covers the Infrastructure as Code, the best practice used for automating the provision of infrastructure services. It covers the advantages of using Infrastructure as Code and leveraging the AWS’s capabilities for supporting the DevOps initiatives. This practice acts as a catalyst to attain a velocity that is more responsive to customer’s needs.7. AWS Certified Big Data – SpecialtyAWS Big Data – Specialty certification is for professionals working in the field of data analysis with experience in designing and architecting big data solutions. You must have the skills in using the AWS tools for automating the process of data analysis, security practices, architectural practices, designing and maintaining big data, etc. Following is a list of whitepapers that will help you prepare for this certification exam:Streaming Data Solutions on AWS with Amazon Kinesis – This whitepaper is created for data analysts, data engineers, and big data developers who want to shift from batch to real-time analytics. It covers the analytics’ evolution and how AWS services like Amazon Kinesis Analytics, Amazon Kinesis Firehose, and Amazon Kinesis Streams can be used for implementing real-time applications.Big Data Analytics Options on AWS – It covers big data analytics services offered by the AWS cloud. Created for data scientists, architects, and developers, this whitepaper ends with scenarios showcasing the different analytics options in working.AWS Database Migration Service Best practices – This paper gives an overview of all the best practices used for AWS DMS. This service allows the organization to minimize their associated downtime while changing database engines and migrating the database workloads to the AWS platform.Migrating Applications to AWS – In this whitepaper, you will learn how to use AWS Data Migration Service and AWS Schema Conversion Tool for transferring the on-premise database to the Amazon Relational Database Service. It covers all the features and benefits of using these tools and a step-by-step guide for migrating the database to the Amazon RDS. There are discussions on data migration and schema processes irrespective of the target database.8. AWS Certified Advanced Networking -  SpecialtyTo ace  AWS Advanced Networking -  Specialty certification, you must know how to use the AWS platform for performing complex networking tasks using the hybrid IT networking architecture. You should know how to architect and implement network solutions using AWS services. Also, you must be an expert in implementing compliance, automating tasks, optimizing the network, troubleshooting, etc. The following list of whitepapers will help you prepare for this exam:AWS Best Practices for DDoS Resiliency – This whitepaper will help you improve the application's resiliency against the Distributed Denial of Service attacks. You will be learning about the attacks, the capabilities of AWS, DDoS-resilient reference architecture, and migration techniques. This paper is created for security engineers and IT decision-makers working in the field of security, networking, and AWS.An Introduction to High-Performance Computing on AWS – In this paper, you will cover the benefits of using HPC workloads for computing on AWS. You will learn about how cloud services are used by organizations for gaining access to the most advanced computing capabilities.Integrating AWS with Multiprotocol Label Switching - This whitepaper covers the best high-availability architectural practices used for integrating the Amazon Virtual Private Cloud to the Multiprotocol Label Switching network.9. AWS Certified Security – SpecialtyTo prepare for  AWS Security – Specialty certification, you must know the basics of security and the security services offered on the AWS platform like data encryption, identity, and access management, monitoring, incident response, logging, data protection, etc. Here is a list of whitepapers that will help you get a clear understanding of the above-mentioned concepts:AWS Key Management Service Best Practices – This whitepaper covers the usage of AWS KMS, the difference between different customer master keys, auditing the use of keys, ensuring least privilege using AWS KMS key policies, etc.AWS Security Best Practices – In this whitepaper, you will get an overview of topics like identifying, protecting, and categorizing assets of AWS and managing the AWS resources’ accessing details. You will also learn how you can secure data, application, operating system and the infrastructure.Security at Scale: Governance in AWS -  This whitepaper will help you learn how to use the resources of AWS to achieve high-level governance. You will go through the features and governance related to the services of AWS. Using the AWS platform for building your integrated environment is also covered in this whitepaper.Security at Scale: Logging in AWS – This whitepaper covers all the logging requirements of common compliance. You will also learn about all the features of AWS CloudTrail and how it satisfies the logging requirement.AWS Security Best Practices – This whitepaper provides an overview of security topics like identification, categorization, and protection of assets on AWS, management of access to AWS resources, and discussions on different ways used for securing data, operating system, application, and the overall infrastructure.Security at Scale: Governance in AWS -  This paper covers methods of achieving high-level governance using the AWS resources. With the help of this paper, you will be able to understand the features of security and governance incorporated in the AWS services and how you can build your integrated environment on the AWS platform.Security at Scale: Logging in AWS – With this whitepaper, you will get a complete overview of the requirements of common compliance in relation to logging. Apart from this, you will also learn about the different features of AWS CloudTrail and how it can be used for satisfying the logging requirements.10. AWS Certified Machine Learning – SpecialtyThis  AWS Machine Learning – Specialty certification is for professionals who know how to create, implement, and maintain Machine Learning solutions. The exam validates your skills to design secure, reliable, cost-optimized, and scalable solutions for machine learning problems. You should also know how to identify the right AWS service. The following whitepapers will help you ace this certification:Machine Learning Foundations – This paper will help create a foundation of Machine Learning and Artificial Intelligence and how technicians and researchers can use AWS services for deploying machine learning solutions.Managing Machine Learning Projects – This whitepaper covers the best practices used to manage machine learning projects. You will learn to manage and mitigate the risks involved in the deliverance of the complex machine learning systems. It is intended for software development engineers, data scientists, managers, and business stakeholders.Power Machine Learning at Scale – It includes the best practices used for the execution of machine learning workflows. You will learn about the recommended solutions, challenges, and end-to-end considerations as well as execution of parallelized modeling at scale thorough high-performance computing on AWS.These whitepapers will aid in expanding the knowledge of the AWS cloud. The technical content of these whitepapers including the guides, reference material, and reference architecture diagrams is written by the AWS community.
Rated 4.5/5 based on 34 customer reviews
10139
What Is the Recommended List of AWS Whitepapers?

Amazon Web Services has become an integral part of... Read More

Useful links