Amazon Web Services Networking
Home » Webinars » Cloud Computing and Networking » Amazon Web Services Networking
Last modified on 2020-04-20 (release notes)
37:27 AWS Concepts |
||
|
We'll start with high-level concepts:
|
||
| AWS Services and Components | 11:03 | 2019-05-25 |
| Regions and Availability Zones | 10:14 | 2019-05-25 |
| High Availability in AWS | 16:10 | 2019-05-25 |
New AWS Features |
||
| AWS Outposts | ||
Examples |
||
| VPC Scenarios and Examples | ||
28:29 Virtual Private Cloud (VPC) |
||
|
Virtual Private Cloud (VPC) service is the foundation of AWS networking. This section describes VPC concepts, subnets within VPCs, and VPC/subnet addressing. |
||
| Virtual Private Cloud | 10:43 | 2019-05-25 |
| VPC Subnets | 5:03 | 2019-05-25 |
| VPC and Subnet Addressing | 12:43 | 2019-05-25 |
New AWS Features |
||
| AWS VPC can be shared across AWS accounts | ||
| IP Multicast implemented in Transit Gateway | ||
Examples |
||
| User Guide: Working with VPCs | ||
| Testing IP Multicast in AWS by Thomas Edwards | ||
36:48 Interfaces and Addresses |
||
|
Subnets are useless without servers connected to them. In this section we'll focus on AWS implementation of VM network interfaces, network interface addressing, and supporting services like DNS and DHCP. The section also covers advanced concepts like public and private IP addresses, elastic IP addresses, and elastic network interfaces. |
||
| Network Interfaces | 7:45 | 2019-05-25 |
| Interface Addressing | 11:53 | 2019-05-25 |
| DNS and DHCP | 4:03 | 2019-05-25 |
| Sample Deployments | 13:07 | 2019-06-14 |
Examples |
||
| Working with IP Addresses | ||
| Working with IP Addresses for Your EC2 Instance | ||
| Working with Network Interfaces | ||
| Working with Elastic IP Addresses | ||
| Viewing DNS Hostnames for Your EC2 Instance | ||
| Working with DHCP Option Sets | ||
39:59 Network Security |
||
|
AWS offeres several layers of network security:
All these mechanisms (and the logging functionality available with flow logs) are described in this section. |
||
| Network Security | 11:19 | 2019-06-14 |
| Security Groups | 12:53 | 2019-06-14 |
| Network ACLs | 8:41 | 2019-06-14 |
| VPC Flow Logs | 2:45 | 2019-06-14 |
| Security Summary | 4:21 | 2019-06-14 |
Examples |
||
| Working with Security Groups | ||
| Working with Network ACLs | ||
| Example: Controlling Access to Instances in a Subnet | ||
| Working with Flow Logs | ||
23:07 Route Tables |
||
|
VPC Route Tables are almost like VRFs with a few significant differences:
This section describes the route tables and details of packet forwarding within VPC. |
||
| Route Tables Overview | 9:12 | 2019-06-14 |
| Working with Route Tables | 7:47 | 2019-06-14 |
| VPC Forwarding Behind the Scenes | 6:08 | 2019-06-14 |
New AWS Features |
||
| Ingress VPC Routing | ||
Examples |
||
| Working with Route Tables | ||
Useful Tools |
||
| Synchronize routes between main route table and custom route tables | ||
13:46 Internet Connectivity |
||
|
VPC Internet connectivity is usually provided through an Internet gateway. IPv6 hosts that don't provide services to outside clients can use egress-only gateway; similar IPv4 hosts can access Internet through NAT gateway or NAT instance. This section describes all three mechanisms, and the adjustments to route tables that have to be made to support them. |
||
| Internet Connectivity | 7:29 | 2019-12-11 |
| NAT Gateways and Instances | 6:17 | 2019-06-14 |
New AWS Features |
||
| Bring Your Own IP Addresses | ||
| Ingress VPC Routing | ||
Examples |
||
| Creating a VPC with an Internet Gateway | ||
| Working with Egress-Only Internet Gateways | ||
| Working with NAT Gateways | ||
1:07:56 External Connectivity |
||
|
This section describes other external connectivity options available in AWS VPC - IPsec VPN connections, router-to-router VLAN connections (Direct Connect), inter-VPC peering, and Transit Gateways. |
||
| VPN Connectivity | 19:55 | 2019-06-17 |
| Direct Connect | 20:30 | 2019-06-14 |
| VPC Peering | 9:43 | 2019-06-14 |
| Transit Gateway | 17:48 | 2019-06-14 |
More Information |
||
| Building a Scalable and Secure Multi-VPC Network Infrastructure | ||
| AWS Transit Gateway and Multi-VPC Design Options for Hybrid Cloud Architecture | ||
New AWS Features |
||
| AWS Site-to-Site VPN supports IKEv2 | ||
| Multi-account support for Direct Connect gateway | ||
| AWS Private Link supports VPC peering | ||
| AWS Transit Gateway supports Direct Connect | ||
| Inter-region VPC peering with Transit Gateways | ||
| AWS Transit Gateway Network Manager | ||
| VPN connections using AWS Global Accelerator | ||
Useful Tools |
||
| peerd: AWS VPC Peering Connection management tool | ||
Examples |
||
| Site-to-Site VPN Single and Multiple Connection Examples | ||
| VPC Peering Scenarios | ||
| Working with VPC Peering Connections | ||
| Getting Started with AWS Direct Connect | ||
| Working with Transit Gateways | ||
54:39 Load Balancing |
||
|
AWS provides a variety of load balancing mechanisms, from local L4 load balancing (Network Load Balancing) and HTTP load balancing to global load balancing with DNS and anycast IP addresses. |
||
| Elastic Load Balancing | 11:46 | 2019-06-14 |
| Network Load Balancer | 10:10 | 2019-06-14 |
| Application Load Balancer | 6:33 | 2019-06-14 |
| Route 53 and CloudFront | 15:42 | 2019-06-14 |
| Global Accelerator | 10:28 | 2019-06-14 |
New AWS Features |
||
| Network Load Balancer supports cross-zone load balancing | ||
| Application Load Balancer supports advanced request routing | ||
| CloudFront supports origin failover | ||
Sample Solutions |
||
| Building a high available Anycast service using AWS Global Accelerator | ||
Examples |
||
| Create an Application Load Balancer | ||
| Create a Network Load Balancer | ||
| Getting Started with Global Accelerator | ||
1:57:43 Automating AWS Deployments |
||
|
AWS API has numerous idiosyncrasies: it's a strict Create/Read/Update/Delete API, you need multiple API calls to create an object, objects can be referenced by IDs, but not by names... This section explains the peculiarities of AWS API, and describes how to use bash scripts, Ansible playbooks, CloudFormation templates, and Terraform configuration files to create, update, or delete anything from a single AWS object to a full-blown application stack. |
||
| AWS Automation Principles | 18:03 | 2020-04-13 |
| Creating and Updating a Single Object | 19:21 | 2020-04-13 |
| Example: Create a Single Object with Multiple Automation Tools | 11:55 | 2020-04-13 |
| Creating an Object Hierarchy | 18:26 | 2020-04-13 |
| Using Ansible AWS Modules | 11:29 | 2020-04-13 |
| Example: Use Automation Tools to Create an Object Hierarchy | 14:37 | 2020-04-13 |
| Example: Full Infrastructure Stack Deployment with Ansible | 23:52 | 2020-04-13 |
Source Code for Automation Examples |
||
| Bash scripts | ||
| Ansible playbooks | ||
| CloudFormation templates | ||
| Terraform configuration files | ||
More Information |
||
|
This section contains links to interesting third-party blog posts, articles or presentations. |
||
| Understanding Data Transfer in AWS | ||
5:56 Summary |
||
| Summary | 5:56 | 2019-06-14 |
Slide Decks |
||
| Amazon Web Services Networking | 30M | 2019-12-11 |
| Automating AWS Deployments | 12M | 2020-01-12 |
Cloud Computing and Networking
