lassedesignen - Fotolia
For modern developers, being able to design and deploy applications to the cloud is an essential skill. However, not all developers have the necessary cloud experience.
The typical application deployment process is different in the cloud than it is on premises. Also, applications often need to be designed in different ways when they run in the cloud, due to the differences between on-premises IT resources and cloud-based services.
If you haven't worked with AWS before, you'll need to learn about certain concepts and services before you move on to designing and deploying an application.
Follow this AWS developer tutorial for beginners to learn Amazon cloud basics and to see what a simple application deployment process typically looks like on AWS.
Key AWS concepts for developers
The AWS cloud is a complex ecosystem of different tools and services. Developers who want to get started with application development and deployment on AWS don't need to master every aspect of the platform, but they should be familiar with the following core concepts.
AWS supports virtually every programming language. No matter which language you code in, you will likely be able to deploy your application on its cloud -- if you host it in a virtual machine, at least.
However, if you choose to deploy your application with certain services, such as AWS Lambda or AWS Elastic Beanstalk, some languages may not be supported. Still, even in these cases, AWS supports the most popular languages, including Python, Ruby, Java and PHP.
APIs are integral to cloud-based applications; they are the glue that bind together the various services and applications.
Most cloud services feature a cloud API that enables your applications to interact with that service. For example, if you want to move data into or out of an Amazon Simple Storage Service (S3) storage bucket, you'd typically do so with the S3 API. There are other ways to interact with S3, but for an application, the API is the go-to element. You can use APIs for other AWS application development tasks, such as to assign an IP address or create a snapshot of an Amazon Elastic Compute Cloud (EC2) virtual machine.
Most cloud-based applications interface with the network using a cloud load balancer. Load balancers accept incoming traffic from the internet and forward it to internal applications or individual services running within your cloud environment. They also route outbound traffic to its destination.
Load balancers are not strictly required -- it's possible to deploy an application to the cloud without one -- but for security and performance reasons, a load balancer helps separate your application from the internet.
Additionally, you can optionally configure a VPN, such as AWS VPN, which connects your cloud-based resources to a private network. In addition to a VPN, you can use Amazon VPC, a virtual network that you define, to make it easier to connect private resources together within a cloud environment.
AWS charges to move data over the network outside its cloud. It also typically charges for data movement from one AWS Region to another. Regions are distinct geographic areas around the world that encompass data centers and smaller locations that can host AWS environments. The more data you move, the higher your AWS costs will be. Incoming data typically does not incur charges.
In one respect, monitoring cloud-based applications is easier than monitoring on-premises ones. Most cloud services automatically generate events and metrics data to track application performance. On premises, you either generate performance metrics from within the application itself or measure performance based on infrastructure-level metrics like network traffic patterns, CPU and memory usage.
However, cloud application monitoring varies depending on the types of data each cloud service exposes, and the way that data is made available. Monitoring a storage service requires a different approach than monitoring a VM or container service.
AWS offers basic tools, such as AWS CloudWatch, to help monitor applications, but they're typically not sufficient for heavy-duty monitoring needs. Most teams will rely on third-party monitoring tools to augment -- if not replace -- AWS native offerings. Third-party solutions like Splunk or New Relic provide deeper monitoring functionality.
Cloud security is a complex topic, but it can be summed up with a few broad fundamentals.
The first is authentication. AWS offers different identity services to configure which users or applications can access specific resources in the cloud. However, AWS Identity and Access Management (IAM), which is a foundational element of AWS security, isn't always set to restrict access by default. Never make assumptions about the security of your applications or cloud resources; you need to take active steps to lock them down.
Second is encryption. Most data you store in the cloud is not encrypted by default. You need to secure cloud storage buckets, databases and networks on your own.
The third key concept is security monitoring. AWS provides some tools, like AWS CloudTrail, that can help with basic cloud security monitoring needs. But these tools on their own are not comprehensive cloud security platforms. You'll most likely want to take advantage of external tools.
Palo Alto Prisma Cloud and Dome9 Arc are examples of security and compliance monitoring platforms that go deeper than AWS' native tools. They offer more extensive policy files for identifying security issues within AWS configurations, and they offer visualization and analytics features that AWS' own tools do not.
Finally, developers should familiarize themselves with the AWS shared responsibility model, which defines which security aspects AWS manages, and which are the responsibility of its customers.
Essential AWS services and tools developers need to know
AWS offers more than 200 cloud services. Developers don't need to be an expert on every single one, but familiarity with the following Amazon cloud services is essential:
- Amazon Elastic Compute Cloud (EC2). As AWS' standard compute service, you can select from dozens of different virtual machine configurations -- including Linux and Windows -- each with different virtual hardware resources assigned to them. After selecting the instances, you can launch them and host applications in them.
- Amazon Simple Storage Service (S3). The AWS object storage service stores any type of data in an unstructured way, then access that data as needed.
- Amazon Relational Database Service (RDS). Amazon RDS can create and manage databases using a variety of database engines, including but not limited to MySQL, Microsoft SQL and PostgreSQL.
- Amazon Elastic Load Balancing (ELB). Amazon ELB provides access to several types of load balancers. Each load balancer type caters to a different set of use cases. If you're new to AWS and are deploying standard web applications, you'll most likely choose the Application Load Balancer (ALB) option on ELB.
- Amazon Elastic Kubernetes Service (EKS). This managed Kubernetes service is one way to set up a Kubernetes cluster and deploy container-based applications. AWS offers other container services, such as Amazon Elastic Container Service (ECS), AWS Fargate and self-managed Kubernetes clusters using EC2 instances. However, EKS is simplest for developers who are already familiar with Kubernetes, while ECS may be an overall easier option if you are new to containers in general.
- Amazon CloudWatch. CloudWatch is the basic monitoring tool for AWS services. It provides a quick look at the health and status of AWS services, but its insufficient on its own for advanced monitoring needs.
- AWS Lambda. Developers use this serverless computing platform to host applications as serverless functions rather than in containers or virtual machines.
- AWS Auto Scaling. With this service, you define rules about how your applications scale by increasing the number of application instances or resource allocations assigned to applications. AWS Auto Scaling manages applications automatically based on the parameters you set.
Additionally, AWS offers a range of tools that developers can use to interact with and build cloud applications on the platform. A few key tools to know for those getting started on AWS include the following:
- Web Console. The web-based interface for administering AWS resources.
- AWS Command Line Interface (AWS CLI). Also called aws-cli, this CLI enables you to manage resources from a command shell.
- AWS Cloud9. This integrated development environment (IDE) enables developers to build applications and, if they wish, integrate them with other AWS services for easy deployment.
- AWS CloudFormation. This native infrastructure as code (IaC) tool automates the setup of cloud environments using configuration files.
- Software Development Kit (SDK). AWS provides a variety of SDKs to simplify development and deployment of applications written in various languages and frameworks.
How to design an app for AWS
Given the array of services available on AWS, developers can design applications differently for the platform than they would on premises.
For example, instead of running an application as a monolith, you could break it into microservices and host each microservice in a container. You can also run services inside serverless functions, which may offer better cost and performance outcomes than standard containers.
Deploying your application in the cloud also simplifies the process of designing your app to scale. You can use services like AWS Auto Scaling to increase the capacity of your applications automatically in response to changes in demand.
Automatic scaling is more difficult to achieve on premises. It requires additional design steps to accommodate the addition of more servers and load sharing. It also requires reserve capacity for resilience against spikes in demand.
How to deploy an app on AWS
There are a variety of ways to deploy an application on AWS. The right approach will depend on which type of application you deploy, which cloud services you use to deploy it and how much control you want to have over how it runs.
AWS deployment with Elastic Beanstalk
If you're a beginner developer getting started with AWS, one of the simplest ways to deploy an app is to use Elastic Beanstalk. This AWS PaaS tool automates most of the configuration and setup required to deploy a basic web application in the AWS cloud.
Follow these steps to deploy an AWS application with Beanstalk:
- Create a new application in Beanstalk. This doesn't mean writing the actual application code -- you should do that separately, outside of Beanstalk -- but rather creating a new application instance for Beanstalk to manage.
- Select the configuration for your application. Beanstalk offers preconfigured environments for hosting applications written in most of the popular languages for web programming.
- Upload your application as a Zip file to Beanstalk.
- Configure the environment, networking and access options for your application. For simple apps, the defaults usually suffice, but you'll want to understand the security and performance implications of these settings when working with production apps.
- Click launch to deploy the application.
Once launched, the application is available at the URL that you set when configuring it in Elastic Beanstalk. The app is hosted in an EC2 instance, which Beanstalk sets up automatically based on the configuration options chosen during the application deployment process.
Other AWS deployment options
For other types of applications, there are a number of different AWS deployment approaches to choose from. This is not a comprehensive list, but for developers getting started, these are the most common approaches.
- Set up an EC2 instance manually, then load and configure the application in it.
- Deploy application code into serverless functions in AWS Lambda.
- Set up a Kubernetes cluster on EKS, then deploy containerized applications in it.