ExamAlert 2 – High Availability and Resilience – SOA-C02 Study Guide

ExamAlert

Although many services support Secure Sockets Layer (SSL), you should avoid using SSL in your applications because it is not considered secure anymore due to a flaw in its design. When SSL is referenced in the documentation, this might also be used as a general placeholder for “in-transit encryption.” Most AWS services fully support Transport Layer Security (TLS) even when the term SSL is used. TLS is essentially an updated version of SSL and can easily be upgraded to, most of the time solely with the right software changes. Most modern applications support at least TLS 1.2 and higher and do not use SSL as the underlying security protocol.

The NLB is designed to deliver very high network throughput and very low latencies with the capability to serve tens of millions of responses per second. The NLB can also be operated with a static IP address, which enables integration with both high-performance microservices as well as legacy applications.

The GLB is designed to distribute traffic across third-party virtual appliances. The GLB can be used to seamlessly scale third-party virtual appliances and make third-party applications much more elastic.

The ELB service can deliver both single zone and multizone application high availability, but the load balancer service cannot be deployed across regions.

To make an application available across regions, you can utilize the Route 53 DNS service. The Route 53 service is a next-generation managed DNS cloud solution that enables you to manage DNS through the AWS API. Route 53 is the only AWS service that has a 100 percent SLA defined.

Route 53 provides much more than just the standard DNS request-response functionality. Within Route 53, you can register public domains, create public and private zones, and provide traffic-shaping functionalities through orchestrated DNS responses.

Route 53 can perform health checks of target IPs and CNAMEs as well as measure latency from the user to the target. The Route 53 service has the following routing policies that help you shape the traffic:

 Simple routing: Provides one response for each DNS request.

 Weighted routing: Provides responses based on the weight of the values for each record. This policy is useful for DR, testing, and deployment.

 Failover routing: Provides responses based on the health of two or more DNS targets.

 Latency-based routing: Measures the latency from the client to the DNS target and delivers the response with the lowest latency target.

Geolocation: Can force users from certain regions or countries into specific AWS regions. This policy is great for compliance and custom regional traffic shaping.

Geoproximity: Can route users from locations nearby to the closest region. This policy is independent of the country of region and merely depends on the distance to the region.

 Multivalue answer routing: Returns up to eight (validated and healthy) responses for each request.

Cram Quiz

Answer these questions. The answers follow the last question. If you cannot answer these questions correctly, consider reading this section again until you can.

1. Which of the following Route 53 routing approaches could you use to send customers from a country to a region within that country?

A. Geolocation

B. Geoproximity

C. Weighted routing

D. Static routing

2. Which of the following services can you use to make your application highly available within a region? (Choose all that apply.)

A. ELB Classic

B. NLB

C. ALB

D. Route 53

Cram Quiz Answers

1. Answer: A is correct. Geolocation can determine the country where the request originated and respond with the endpoint address that resides in the appropriate region within that country.

2. Answer: A, C, and D are correct. The NLB can balance traffic within only one availability zone. ALB and ELB Classic can both send traffic to multiple AZs. Route 53 can be used to balance traffic across two endpoints in two availability zones with weighted routing as well.