Amazon Elastic Compute Cloud (Amazon EC2)

The Korean-American Scientists and Engineers Association (KESA) is hosting a National Math Competition for 4-11th graders. There is expected to be a total of 2,000 students participating in this competition. With COVID-19 affecting everything, the organization is seeking the services of Amazon Web Services (AWS) to offer the math competition in a virtual/online format. In order to execute this online there will be a number of services that will need to be offered, such as: compute services, networking and content delivery, storage services, as well as security services.

We will break these down into subtopics, emphasizing options and which options would be best for this online competition. Further, we will then break down the pricing model for each aspect of this and discuss total pricing as well as pricing for each component.

Compute Service

Amazon Elastic Compute Cloud (Amazon EC2) takes away any need to run servers on-premises. This takes away all expenses of purchasing, running and maintaining any of the hardware (which can be an expensive undertaking). Amazon EC2 provides virtual machines where you can host the same kinds of applications that you might run on a traditional on-premises server. It provides secure, resizable compute capacity in the cloud.

You have full administrative control over the Windows or Linux operating system that runs on the instance. You can launch any number of instances of any size into any Availability Zones anywhere in the world in a matter of minutes. With this competition being a national competition, this would be beneficial because launching multiple instances to different availability zones would help to lower latency and will provide stability in case of outages.

When launching the instance, there are a few options to go through to create the instance – Amazon Machine Image (AMI), instance type, network settings, IAM role, User data, storage options, tags, security groups and key pair.

For the competition, I would suggest a Windows option for AMI, based on the fact that Windows is more widely understood, though it can be either. Further, for instance type, we would want to choose a type that gives enough memory, processing power and gives us the necessary networking performance. An instance that would be suggested would be a general-purpose instance, such as T3 instances. T3 instances provide burstable performance general purpose instances that provide a baseline level of CPU performance with the ability to burst above the baseline.

AWS also enables you to attach an AWS Identity and Access Management (IAM) role to an EC2 instance. The IAM role grants permission to make application programming interface (API) requests to the applications that run on the EC2 instance. This is a free feature and would be beneficial.

User data script can also be specified at launch of the instance. This can be an automatic completion of installations, which could be create a script to automatically update the site with the top scorers of the exam after the exam as well.

Another beneficial aspect is the security group. This is a set of firewall rules that control traffic to the instance. We could set control to only allow participants of the competition to access.

Storage

Because of the COVID-19 outbreak, the math exam will be held online. Different from face-to-face exam, online exam requires much more support than the original exam. For example, we need a reliable cloud platform to hold the exam. Also, all the information about the exam will be stored online, instead of stored in paper form. The organization is planning to use the AWS S3 storage to store exam data. For example, exam question blanks, exam reviews, exam records, or any other data which related to the exam activities.

This is the first time for the organization to held online math exam, so the organization has no experience about choosing the cloud storage services. There are about 2,000 students to attend the exam for now. But expecting to have more students in future. In order to optimize the cost, we will analyze the difference between storage classes and choose the most suitable storage plan for the online math exam. Firstly, the frequency of the exam is not decided yet. For example, it could be held once a year or once per month.

Secondly, we have not decided yet about how long does the online competition will be existing. For example, we are not sure that whether the competition will return to face-to-face format or not after the social distancing restriction.

Thirdly, the size of the competition is not predictable at the moment. For example, online competition is different from face-to-face competition. It is much more flexible. It is easier to hold an online competition for 10,000 students at the same time than holding a face-to-face competition. Thus, the size of the exam might be greatly expanded after the first online competition if we saw the success.

The Amazon S3 storage has several different classes for us to choose. They are listed below:

Amazon S3 Standard: Designed for high availability, high durability and performance for frequently access data. S3 Standard is appropriate for a variety of use cases because it provides low latency and high throughput. Such as data analysis or content distribution.

Amazon S3 Intelligent-tiering: Different from S3 Standard, S3 Intelligent-tiering is designed for data which is accessed less frequently but requires rapid access when needed. It is better for data with unknown storage access patterns.

Amazon S3 Standard-infrequent Access: S3 Standard-infrequent access is similar to S3 standard. It provides high durability, throughput and low latency to the data access. But it has low per gigabyte storage price and per gigabyte retrieval fee. But S3 standard-infrequent access is designed for long-term storage and backups. It is a data storage plan for disaster recovery files.

Amazon S3 one zone-infrequent Access: Similar to S3 Intelligent-tiering, S3 one zone-infrequent access provides rapid access to the data, and it is designed for infrequent access data. But all of the data are stored in a single availability zone. It is good for customers who wants low cost and infrequently access data.

Amazon S3 Glacier: A secure, durable and low-cost storage for data archiving. S3 Glacier provides data retrieval options that range from minutes to hours.

Amazon S3 Glacier Deep Archive: lowest cost storage class. It is designed for data which might be accessed once or twice a year. It is good for companies or organizations who needs to retain their data for a long period of time.

Overall, we decided to choose the Amazon S3 Intelligent-tiering as the storage plan for the online math competition. Because S3 intelligent-tiering is designed for data sets with unknown storage access patterns (which meet our requirements about unpredicted competition frequency). It also has low latency and high throughput as the same as S3 Standard class to ensure the reliability of the competition.

Security

Cloud Computing is form of distributed computing in which a specific application may run on different linked computers simultaneously. Cloud computing has provided with various extraordinary facilities like doing complex calculations with ease, mass storage, ubiquitous computing, low storage cost, ease of access etc. To use this facility the easiest and known security provided for access in our organization seems to be static passwords. But the cracking of these passwords is easy as users don’t use complicated passwords, or don’t change their passwords on and off, or may use same password to access multiple services. National Conference on Recent Trends in Computer Science and Information Technology (NIST) defined cloud computing as a model for enabling convenient, on-demand network access to a shared pool of computing resources which can be rapidly provisioned and released with minimal management efforts or service provider interaction. NIST as a part of their efforts related to standardization for cloud interoperability have developed use cases for cloud computing. These use cases are divided into cloud management, cloud interoperability and cloud security.

Here since we are concentrating on interoperability among cloud servers and user related issues for our non-profit organization, we would consider the interoperability use cases which are as follows:

User Authentication

Workload Migration

Data Migration

Workload Management

The use case for user authentication corresponds to a user or program that needs to be identified in the cloud environment. It is important to differentiate between two types of users of cloud environments i.e. end users, students, and cloud-resource users, software engineers, instructors, etc. End users are users of applications deployed on cloud resources. Because these users register and identify with the application and not with the infrastructure resources, they are usually not aware that the application is running on cloud resources. Cloud-resource users are typically administrators of the cloud resources. These users can also set permissions for the resources based on roles, access lists, IP addresses, domains. The second type of user is of greater interest from an interoperability perspective.

  1. REFERENCES

AWS (2018). Overview of Amazon Web Services: AWS White Paper.

AWS (2020). AWS Well-Architected Framework.

AWS (2020). How AWS Pricing Works: AWS Pricing Overview.

KSEA. (n.d.). Retrieved February 01, 2021, from https://ksea.org/us/about-us/#vision-mission

Piper, B. & Clinto, D. (2019). AWS Certified Cloud Practioner Study Guide. Sybex.

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html
https://link.springer.com/chapter/10.1007/978-3-642-20998-7_42
https://ieeexplore.ieee.org/document/6732775

Sample Solution

ACED ESSAYS