How to be Well-Architected in the AWS Cloud?
If you clicked my article, that’s good, because you already know something about Well-Architected Framework either want to learn something about it.
We shall start with a brief introduction to what a Well-Architected Framework actually is? So, it was developed by Amazon Web Services to help design a secure, resilient and efficient application infrastructure. What you need to know that it’s based on 5 basic pillars, which are fundamental in assessing architecture and the right choice of tools and the design process. Then let me tell you what pillar is responsible for:
- operational excellence — in this passage, let us remember about the ability to run and monitor systems and continuously improve the support of processes and procedures,
- security — we pay attention to the effectiveness of the protection of information, systems and resources,
- reliability — we care for the system to be able to recover resources after disruptions in infrastructure or services,
- performance efficiency — the goal is to properly use AWS cloud resources,
- cost optimization — let’s avoid unnecessary costs.
And now it’s worth to mention that AWS also made a special partner program to get all the partners together who are “fluent” in implementing Well-Architected architectures for their clients. My team gained the AWS Well-Architected Advanced Partner status last year and since then we successfully carried many projects. A measurable benefit of cooperation with an authorized Partner is a possibility to get free AWS credits for cloud computing services, the implementation of which was or will be recommended during the Well-Architected process. Another advantage is that the close cooperation with APN Partner will surely make the process of cloud adoption easier and quicker. And the last benefit worth noticing is that the client gets is the experience and knowledge of AWS best practices that APN Partners have gained through years of working with the cloud.
Since I mentioned the Best Practices we should focus on the basis for implementing solutions based on the AWS cloud. A Well-Architected Framework itself is a set of prepared tips and practices to help in the implementation of tailored solutions to the needs of a customer. It allows viewing an existing or newly designed architecture. Then we have Well-Architected Lenses. Those are based on the framework but specially developed to the dedicated field. And now we have 6 of them:
- Financial Services Industry Lens
- Analytics Lens
- IoT Lens
- HPC Lens (High-Performance Computing)
- Machine Learning Lens
- Serverless Application Lens
The last two are in the field of my interest, so I will try to briefly introduce you to them.
SERVERLESS APPLICATION LENS
Let’s start with Serverless Application Lens since it’s closer to my heart because of Lambda of course :). So, in order to properly approach the designing process, we should set some goals we want to achieve either in building a new application or implementation of the improvements in the existing ones. That’s why we have the framework, but digging deeper into Lens we see that it has special layers we should take into account when architecting the app. Now, we will get to know with each layer in a few sentences:
- compute / computing layer — which is responsible for managing requests from external systems, controlling accesses and taking care of their correct authorization. In this layer, we use such services as AWS Lambda, Amazon API Gateway and AWS Step Functions.
- data layer — it manages permanent data storage from the system level and provides mechanisms to ensure the safe storage of information. Here we use Amazon S3, Amazon DynamoDB, Amazon Elasticsearch Service and AWS AppSync.
- streaming and messaging layer — its responsibilities are related to communication, so we can call it ‘communication’ layer. The messaging is responsible for communication between the various components of the environment. The streaming layer is responsible for managing real-time data analysis and processing. And to keep the communication in good shape we use Amazon SNS, Amazon Kinesis and Amazon Kinesis Data Firehose.
- user identity management layer — in this layer we take care of managing the identity, authentication and authorization of the interface for both external and internal clients. That’s why we use Amazon Cognito.
- edge layer — is responsible for presenting issues and communication with external clients. We use Amazon CloudFront, which provides a CDN that will securely store content and data from initial applications with delays and optimal transfer speeds.
- system deployment and monitoring layer— manages the system’s visibility by creating metrics and creating contextual awareness of how the system works and behaves over time. The deployment layer defines how workloads change during versioning in the management process. In this layer, we use Amazon CloudWatch, Amazon X-Ray and AWS SAM (Serverless Application Model), which is a supporting framework to Amazon CloudFormation.
Then we should focus on deployment approaches, which are perfectly illustrated in the chart below.
So it depends on which approach we will choose, the speed of the deployment and the final impact on the application. If you want to know how to use the Serverless Lens tool in practice go to this link, where my team prepared a step by step description.
MACHINE LEARNING LENS
And now, we can go to Machine Learning Lens. I hope that most of you know duplication of certain patterns and behaviours by machines can be beneficial for some organizations and sectors of the economy. Simply talking Machine Learning Lens is responsible for designing, building and implementing all the resources related to automation, neural networks and robotics.
The whitepaper consists of pillars, workloads design rules, questions regarding the assessment of existing or planned workloads and best practices. So we can say that every lens whitepaper is similarly built.
The ML framework in each pillar has a set of questions, mapped in the design principles and as a result containing a set of best practices for workloads in machine learning. Thanks to this, we can create an action plan with priorities. It also focuses on safety aspects. Workloads of machine learning in AWS should be secured using authentication and authorization controls that supervise who and what can access various machine learning artifacts.
What are the benefits of ML Lens implementation? By designing in accordance with the Well-Architected Framework, machine learning workloads can be built and implemented faster. Another plus is the reduction of technological risk (e.g. by automating deployment and the possibility of its evaluation during the design process). The use of best practices allows you to make more informed business decisions. Machine learning opens up unlimited possibilities for organizations related to automation, performance improvement or innovation. Machine Learning Lens has been specifically designed to support the design and implementation of workloads.
All in all, the Well-Architected Framework provides us with the set of prepared best practices, which globally helps us in designing and building either the architecture, application or the workloads. It also helps in being compliant with all the security requirements. Also as a client, we can gain the benefit of expert knowledge when we decide to work with APN Partner.