Amazon AWS Certified SysOps Administrator Associate – Databases for SysOps Part 8
15. Aurora for SysOps
Okay, so one last quick bit of information regarding Aura for your sysps exam. So you can associate a priority tier between zero and 15 on each read Replica and this is helped in case you want to control the failover priority. So RDS will promote a read Replica with the highest priority, so the lowest tier. And if two Replicas have the same priority, then Aura will promote the largest in size. And if they have the same priority and the same size, then it will promote a Replica at randomly. And one last thing, you can migrate an RDS MySQL Snapshot to an Aura MySQL cluster, which is a way for RDS to help you move up to Aurora to use this new service. The other thing is around Cloud Watch metrics for Aurora.
So you have a metric called the Aura Replica Lag, which is the amount of lag when Replicating updates from the primary instance. So if you have a look at this diagram as you write data into your Aura cluster, it’s going to be replicated and so there could be a lag associated with that. And so the Aura Replica Lag maximum is the maximum amount of lag across all database instances in the cluster and the minimum is the minimum of lag across all database instances in the cluster. Now, if your Replica Lag is high, that means that the users will have a different experience based on the Replica from which they get the data from because of this eventual consistency.
That means that, for example, a user, if it writes data and adds an item into a cart and then refreshes the cart, maybe the cart will miss the item, which is not a great experience, but this is due to the eventual consistency. So another type of metric to look at is database connections, which is the current number number of connections to database instance and the insert latency, which is the average duration of insert operations. So that’s it for Aurora. I hope you liked it and I will see you in the next lecture.
16. [SAA/DVA] ElastiCache Overview
Let’s talk about Amazon ElastiCache. So the same way you get RDS to have managed relational databases, ElastiCache is going to help you get Manage Redis or Memcache D, which are cache technologies. So what are caches? Well, they are inmemory databases with really high performance and low latency. And what the cache will help you with is to help reduce the load off of databases for read intensive workloads. The idea is that the common queries are going to be cache and therefore your database will not be queried every time. Just your cache can be used to retrieve the results of these queries. What this also helps you do is make your application stateless by putting the state of your application into Amazon Elastic cage.
And because we have the same benefits for RDS, adams will take the same maintenance of the operating system, the patching, the optimization, the setup, configuration, monitoring, failure, recovery and backups. Now, if you use Amazon cache, just so you know that it will require you to do some heavy application code changes for your application. This is not something you just enable and off you go. You have a cache. You need to change your application to query the cache before or after querying the database. And we’ll see the strategies in a minute. So now let’s talk about the architecture for using ElastiCache. And there could be many, but I’m just giving you an example. So let’s say we have Amazon Elastic cache, an RDS database, and your application.
The application will query ElastiCache to see if the query has already been made. And if this has already been made and it is stored in Elastic cache, then it’s called a cache hit. And then it just gets the answer straight from Elastic cache. And we were saving a trip to the database to do the query. Now, in case of a cache miss, then we need to fetch the data from the database. We’re going to read it from the database. And then for other application or other instances where the same query will be made, we can write the data back into the cache, such as the same query next time will result in a cache hit.
The idea is that it will help relieve load from your RDS database. And because you’re storing data in the cache, there must be a cache invalidation strategy to make sure that only the most current data is used in there. And this is the whole difficulty around using Caching technologies. Another architecture is around storing the user session to make your application stateless. So the idea is that your user will do a login into any kind of your applications and then the application will write the session data into Amazon Elastic cage. Now, if your user is redirected to another instance of your application, then your application can retrieve the session cage, the session directly from the Amazon SDK and therefore your user is still logged in and it doesn’t need to log in one more time. And so the idea is that now you made your application stateless by writing the session data of your user into Amazon ElastiCache. Now, something that can come up in the exam is for you to understand the difference between Redis and Mem cache D at a high level.
So Redis is a technology that allows you to do multiaz with Oto fell over, and the rereplicas used are used to scale the reads and also have High Availability. So this looks a little bit like RDS. There is also data durability thanks to persistence, and you have backup and restore features. So this looks a lot like RDS, whereas Memcache D is using multi node for partitioning of data, so called Sharding. There is no High Availability, there is no replication happening, it’s not a persistent cache, there is no backup and restore. And this is a multi threaded architecture.
So we have multiple instances altogether working in Memcache D with some Sharding. So the idea here that you need to remember is that Redis really is here for High Availability, backup, redeploy cache, this kind of stuff. Whereas Memcache is a pure cache that’s distributed where you can afford to lose your data. There’s no High Availability and there’s no backup and resource. So these are the main differences that you’re going to have between the two technology. So that’s it. I hope you liked it and I’ll see you in the next lecture.
17. [SAA/DVA] ElastiCache Hands On
So let’s try creating an Elastic Cage cluster. So we’ll go to the Elastic Cage service and then we’ll click on Get Started now, so we have two options for the cluster engine. We can either choose redis or Memcache D. So if you have redis, this is what we know. It offers multiaz with autofellover and enhance robustness. And we can even enable cluster mode if we wanted to, to have even more robust nest and scalability. So because it’s redis and it has persistence, we can use it as a database cache and message broker. Whereas if you choose Memcache D, then it’s a high-performance distributed memory object caching system. And this is really intended to serve as a pure cache, while redis can also be used as a database. So for the sake of this exercise, we’ll go ahead and just create a redis cluster engine.
But I invite you to explore the options from cached it. So we’ll say, okay, this is my first redis and my first redis instance. The engine version compatibility, I’ll just use the latest one. The port is the standard port for redis. So 6379. The parameter group is the one I’ll choose by default and the note type, because I don’t want to overpay, I’m not going to choose a cache or four x large. I’m going to go into T two and choose a T two micro which is within the free tier. I’ll click on Save and for number of replicas. Right now I don’t want anything else to zero, otherwise I’m going to pay more money.
So as you can see, if I had two, there was more options. There will be a multiaz with auto failover option. Or even if I have it as one, I should have that setting. Here we go. It’s still here. But if as soon as that I have it as zero, you can see that I’m losing the multi AZ. So let’s have it as zero and I lose the multiaz setting. So one I have it and zero I lose the multiaz. So we’ll keep it at zero because we want things to be free. But there you go. If there is a replica, obviously you can have multiaz. Then you need to create a subnet group. So I’ll create one and I’ll call it my subnet group, my first subnet group and my first subnet group. I’ll choose my VPC ID and I’ll select one of these subnets. Maybe EUs 38. I don’t have any preferred Availability zone. I’ll scroll down a security group. I can have a default one. Do we want encryption at rest using Kms? And do we want encryption in transit? And if we do select encryption in transit, then we can enable Redis off.
And with redis off, I’m able to set a token so I can set whatever I want. And this token will be necessary for my applications to connect to redis in order to work with redis. But if I disable encryption in transit. I have no options for redis off. Finally, do we want to import it into the cluster? No. Do we want backups? Absolutely. So we’ll say, yes, we want backups, and we want one day of retention. And this is a redis only feature. We don’t get backups with Memcache D and a Maintenance Windsor for anything. That’s fine. We won’t specify it. And I click on Create, and there we go.
Our Elastic Cache redis cluster, or it’s one instance, so it’s not really a cluster, but it’s one instance anyway is being created, and to use it I’m sorry, I can’t really demonstrate that to you. This is more an application specific concern. You need to download the redis driver and start interacting with your redis cache. But as far as we’re concerned, from an Exempt standpoint, we’ve seen how to create a redis cache. We’ve seen all the configuration options, and now the cache is just creating, but I don’t need it. So what I’ll do is just when this is done, I will remember to delete it. And so now I’m able to click on Actions and then delete my redis cluster. Once it’s been created, I can create a final backup. I’ll just say no, and I am done. All right, that’s it for this lecture. I will see you in the next lecture.
Interesting posts
The Growing Demand for IT Certifications in the Fintech Industry
The fintech industry is experiencing an unprecedented boom, driven by the relentless pace of technological innovation and the increasing integration of financial services with digital platforms. As the lines between finance and technology blur, the need for highly skilled professionals who can navigate both worlds is greater than ever. One of the most effective ways… Read More »
CompTIA Security+ vs. CEH: Entry-Level Cybersecurity Certifications Compared
In today’s digital world, cybersecurity is no longer just a technical concern; it’s a critical business priority. With cyber threats evolving rapidly, organizations of all sizes are seeking skilled professionals to protect their digital assets. For those looking to break into the cybersecurity field, earning a certification is a great way to validate your skills… Read More »
The Evolving Role of ITIL: What’s New in ITIL 4 Managing Professional Transition Exam?
If you’ve been in the IT service management (ITSM) world for a while, you’ve probably heard of ITIL – the framework that’s been guiding IT professionals in delivering high-quality services for decades. The Information Technology Infrastructure Library (ITIL) has evolved significantly over the years, and its latest iteration, ITIL 4, marks a substantial shift in… Read More »
SASE and Zero Trust: How New Security Architectures are Shaping Cisco’s CyberOps Certification
As cybersecurity threats become increasingly sophisticated and pervasive, traditional security models are proving inadequate for today’s complex digital environments. To address these challenges, modern security frameworks such as SASE (Secure Access Service Edge) and Zero Trust are revolutionizing how organizations protect their networks and data. Recognizing the shift towards these advanced security architectures, Cisco has… Read More »
CompTIA’s CASP+ (CAS-004) Gets Tougher: What’s New in Advanced Security Practitioner Certification?
The cybersecurity landscape is constantly evolving, and with it, the certifications that validate the expertise of security professionals must adapt to address new challenges and technologies. CompTIA’s CASP+ (CompTIA Advanced Security Practitioner) certification has long been a hallmark of advanced knowledge in cybersecurity, distinguishing those who are capable of designing, implementing, and managing enterprise-level security… Read More »
Azure DevOps Engineer Expert Certification: What’s Changed in the New AZ-400 Exam Blueprint?
The cloud landscape is evolving at a breakneck pace, and with it, the certifications that validate an IT professional’s skills. One such certification is the Microsoft Certified: DevOps Engineer Expert, which is validated through the AZ-400 exam. This exam has undergone significant changes to reflect the latest trends, tools, and methodologies in the DevOps world.… Read More »