David Clinton (80) [Avatar] Offline
You'll remember that chapter 21 ended with the lab exercise to end all lab exercises, designed to force you to pull together everything you've learned throughout the book. Here's the original task:
You've been hired by Big Corp. to move most of their IT resources online. Your job, should you decide to accept, isn't to create the infrastructure, but to explain exactly _how_ you would do it (i.e., what tools will you use) and how much per month it will likely cost. Assume that, each month, the application will transfer about 500GB of data out to the internet, and 50GB of data in.

Specific needs:

* Highly available virtual servers running a web application 24 hours a day for a global audience. The application service includes the streaming of a large and growing number of videos.
* A MySQL database to support the web application.
* There's a second (separate) MySQL database for the HR department that must remain on-site for regulatory compliance. However, both remote employees and processes on the application server will need to securely access the database. The database will also need to be regularly and securely backed up to the cloud.
* Frequent and complete backups of all data.
* Security infrastructure meeting or exceeding current best practices.
* DNS management of the company domain.

Here's how I'd approach the problem.
WARNING: spoilers ahead!

One c3.xlarge EC2 instance in each of two availability zones in the us-east-1 region. I'm experimenting with c3.xlarge because of the video streaming. Depending on how the CPU responds to the demands, I could always drop down to t2.xlarge or move up to g2-xlarge later. The instances would sit behind an Elastic Load Balancer and would be auto scaled (although my cost estimates assume only those two instances running). Even though the c3 type is an experiment, I costed them as one year, no-upfront reserved instances.

1. Data for the web application will be provided by a replicated RDS MySQL instance on a db.m3.medium db instance.
2. The locally hosted MySQL database will be accessed via a Virtual Private Gateway and backed up through Storage Gateway.

Video hosting:
All videos will be hosted from S3.
The EC2 infrastructure will be replicated within CloudFormation as a "cold standby" solution. That way, should both/all instances running in the live availability zones fail, the CloudFormation template will be triggered to automatically (and pretty much instantly) recreate them. The original Elastic IP addresses will be assigned to the new instances. As a direct result, the load balancer will immediately begin directing traffic to the replacements.

DNS management will be handled by Route 53.
All incoming traffic will be filtered through both a VPC-level ACL and availability zone security group rules. Admin and team users who need access to company resources will be assigned to groups given the most appropriate permissions.

Public-facing networking:
The web application and videos will be provided through a CloudFront global distribution.

Alarms and monitoring through CloudWatch.

According to my estimate, Big Corp's total monthly cost for AWS resources will come to $611.45. You should be able to see a saved calculated estimate here:

Now it's your turn. How do you think it should be done and how much would your version cost?
David Clinton (80) [Avatar] Offline