AWS Network Requirements
To use the AWS (Amazon Web Services) services, you need a network connection. In some cases, you need more than one. You not only need an Internet connection for the AWS user interface, but the services may require dedicated connections as well and these connections can become part of your business network. Because of this close relationship, creating the network configuration carefully is essential.
Otherwise, you may find that the AWS network connection conflicts with the configuration used for your business (a problem that occurs more often than you might think).
Interestingly enough, when you host certain services, such as DynamoDB, locally, you may not need to spend much time considering the network requirements. The reason is that you’re hosting the service locally, and the AWS hardware doesn’t come into play. However, the local hosting scenario is for development purposes in most cases, so eventually you need to create a network connection to the online services.
The amount of configuration required depends on the services you use, how you use them, how you host them, and where your own business services come into play. The most important thing to consider is the need to plan carefully before you perform any setups.
Designing for connectivity
Many of the services that you use with AWS require some sort of connectivity solution when you host them in the cloud. A common way to create the required connectivity is to use Amazon Virtual Private Cloud (AmazonVPC). For example, you can make AmazonVPC part of the EC2 setup. You use AmazonVPC to create the connection to your EC2 configuration. you do need connectivity to access some of the services that Amazon offers.
Another method of creating the connection is to rely on Direct Connect. In this case, you create a direct connection between AWS services and your network. This means that you can access the AWS services as just another resource on your network, and the services actually become invisible to end users. This implementation relies on the 802.1q VLAN standard to make the required connection. (Check out this 802.1a VLAN tutorial.) When configured correctly, you can create a private IP interface for local network resources and a separate public IP interface for AWS services.
Amazon offerings are just the tip of the connectivity iceberg. For example, you could rely on a third-party vendor, such as AT&T, to help you make the connection. The AT&T NetBond service lets you connect your Virtual Private Network (VPN) to multiple cloud providers, so you can use a single connection to address all your connectivity needs. In this case, instead of just connecting to AWS using its service, you can connect with the following cloud services using a single connection, which makes managing the connections infinitely easier (assuming that you use more than one cloud provider).
- Amazon Web Services
- Blue Jeans Network
- Cisco WebEx
- CSC Agility Platform
- HP Helion
- IBM Managed Cloud Service
- IBM SoftLayer
- Microsoft Azure and Office 365
- Sungard Availability Services
- VMware vCloud Air
The third-party options may seem complex and initially cost quite a bit more than the Amazon offerings, but they have distinct advantages as well. For example, according to InformationWeek, the AT&T NetBond service lets larger organizations use Multi-Protocol Label Switching (MPLS), which the organization may have already installed.
However, the big advantage is that this approach lets the organization skip the public Internet in favor of a private connection that can significantly improve network performance. For example, using a private connection can reduce network latency (the time it takes for a packet of data to get from one designated point to another) by 50 percent. After this kind of solution is in place, a larger organization can save as much as 60 percent on its monthly bill, so the savings eventually pay back the larger initial investment.
Balancing cloud and internal needs
The connectivity solution you choose must reflect a balance between cloud and internal needs. You don’t necessarily want to move right into a Direct Connect solution when your only goal is to experiment with AWS to determine whether it can meet certain organizational goals. Likewise, a third-party solution, such as AT&T NetBond, is the better solution when you’ve already made a commitment to AWS but also plan to support a number of other cloud provider solutions. Choosing the right level of connectivity is essential to ensuring that you get the best performance at the right price, but with the least layout of initial capital.
To help you keep costs low and reduce the potential for serious problems with your own network, the exercises in the book assume that you’re using the AmazonVPC solution. It presents the smallest investment and lowest risk. However, these features come at the cost of convenience, speed, and potentially cost.
Specifying a subnet
It’s important to consider precisely how you plan to configure the service before you choose network settings. Using the default AWS subnet may cause conflicts with the local network when you host the service locally. However, choosing the wrong subnet can create conflicts as well. Make certain that you choose a subnet that actually works with your local networking setup.
The Amazon offerings usually provide more than one scenario for creating a subnet. For example, when using AmazonVPC, you have options. For example, Scenario 1: VPC with a Single Public Subnet works best for a single-tier, public-facing web application. You can also use it for development purposes.
Each of the scenarios provides you with helpful information about the subnet configuration that includes a diagram similar to the one shown here. Using the information found with each scenario helps you make a better decision about which configuration to use and decide how to configure it to meet your specific needs (potentially avoiding those conflicts that will cause problems later).