Amazon Relational Database Service (Amazon RDS)
- service to simplify the setup, operations, and scaling of a relational database on AWS.
- Thus, spend more time focusing on application and schema
- RDS offload common tasks as
- backups
- patching
- scaling
- replication
- streamline installation of database software and provisioning of infrastructure capacity.
- can launch many popular SQL database engines
- simplifies maintenance by automating common administrative tasks on a recurring basis
- easily replicate data to increase availability, improve durability
- exposes database endpoint to which client software can connect and execute SQL.
- does not provide shell access to Database (DB) Instances,
- restricts access to certain system procedures and tables requiring advanced privileges.
- use same tools to query, analyze, modify, and administer the database.
Database (DB) Instances
- is an isolated database environment deployed in private network segments in the cloud.
- RDS provides API to create and manage one or more DB Instances.
- each DB Instance runs and manages a popular commercial or open source database engine
- RDS supports the database engines as
- MySQL
- PostgreSQL
- MariaDB
- Oracle
- SQL Server
- Amazon Aurora
- launch a new DB Instance by
- calling the CreateDBInstance API
- by using the AWS Management Console.
- existing DB Instances can be altered or resized using the ModifyDBInstance API.
- Database Instance can contain multiple different databases
- create and manage within DB Instance by executing SQL commands with RDS endpoint
- existing databases can be migrated to RDS
RDS Benefits
- RDS increases database operational reliability by applying consistent deployment and operational model.
- High consistency level is achieved by limiting types of changes that can be made to RDS.
- It simplify common tasks in operating a relational database.
RDS Database Engines
MySQL:
- most popular open source databases.
- RDS for MySQL supports MySQL 5.7, 5.6, 5.5 and 5.1.
- engine runs open source Community Edition with InnoDB as the default and recommended database storage engine.
- Amazon RDS for MySQL can connect using MySQL Workbench or SQL Workbench/J.
- Amazon RDS for MySQL supports Multi-AZ deployments for high availability and read replicas for horizontal scaling.
PostgreSQL
- most widely used open source database engine
- Has rich set of features and advanced functionality.
- RDS supports DB Instances supports several versions and multiple releases of PostgreSQL – 9.5.x, 9.4.x, and 9.3.x.
- RDS PostgreSQL uses tools like pgAdmin and JDBC/ODBC drivers.
- RDS PostgreSQL also supports Multi-AZ deployment for high availability and read replicas for horizontal scaling.
MariaDB
- It is another popular open source database engine
- built by the creators of MySQL
- It has enterprise tools and functionality.
- AWS supports MariaDB version 10.0.17
- RDS fully supports the XtraDB storage engine for MariaDB DB Instances
- RDS also support for Multi-AZ deployment and read replicas.
Oracle
- popular commercial relational databases
- used in enterprise
- RDS supports Oracle 11g and Oracle 12c.
- RDS supports access to schemas on a DB Instance using Oracle SQL Plus.
Microsoft SQL Server
- popular commercial relational database
- used in enterprise
- DBAs in RDS can connect to their SQL Server DB Instance in the cloud
- Supports native tools like SQL Server Management Studio.
- RDS support SQL Server 2008 R2, SQL Server 2012, and SQL Server 2014.
Licensing
- RDS Oracle and Microsoft SQL Server are commercial software products
- Need appropriate licenses to operate in cloud.
- AWS provides two licensing models
- License Included – license held by AWS and included in the Amazon RDS instance price. For Oracle, only Standard Edition One provided
- Bring Your Own License (BYOL) – User has to provide license. For Oracle appropriate Oracle Database license for DB Instance class and Oracle Database edition is needed.
Amazon Aurora
- It offers enterprise-grade commercial database technology
- offers simplicity and cost effectiveness of an open source database.
- It is fully managed service,
- It is MySQLcompatible out of the box
- It can deliver up to five times the performance of MySQL without requiring changes
- Aurora DB cluster consists of two different types of instances as
- Primary Instance – main instance, supporting read and write workloads. Each Amazon Aurora DB cluster has one primary instance.
- Aurora – Replica
- secondary instance supporting only read operations. Each DB cluster can have up to 15 Amazon Aurora Replicas.
- multiple Aurora Replicas, can distribute the read workload among various instances, increasing performance.
- Can also locate Aurora Replicas in multiple Availability Zones to increase database availability.
RDS Storage Options
- RDS is developed using Amazon EBS
- Hence, can select storage option based on performance and cost requirements.
- Based on database engine and workload, can scale up to 4 to 6TB in provisioned storage and up to 30,000 IOPS.
- RDS supports three storage types namely – Magnetic, General Purpose (Solid State Drive [SSD]), and Provisioned IOPS (SSD).
- Magnetic Storage:
- Also called standard storage.
- offers cost-effective storage for applications with light I/O requirements.
- General Purpose (SSD):
- also called as gp2.
- provide faster access than magnetic storage.
- can provide burst performance to meet spikes
- ideal for small- to medium-sized databases.
- Provisioned IOPS (SSD):
- designed for I/O-intensive workloads, sensitive to storage performance and consistency in random access I/O throughput.
RDS Backup
- RDS offers a consistent operational model for backup and recovery for all database engines
- RDS offers two mechanisms for database backup – Automated backups and Manual snapshots.
- Critical metric for backup, are
- RPO – maximum period of data loss, acceptable in failure or incident.
- RTO – maximum amount of downtime, permitted to recover from backup and resume processing.
- Automated Backups
- continuously tracks changes and backs up database.
- RDS creates a storage volume snapshot of DB Instance, backing up entire DB Instance and not individual databases.
- It can occur daily during a configurable 30-minute maintenance window called the backup window.
- backups are kept for a configurable number of days, called backup retention period.
- Can restore DB Instance to any specific time during this retention period, creating a new DB Instance.
- Manual DB Snapshots
- Can perform manual DB snapshots at any time.
- Database snapshot can be initiated and created as frequently as required.
- Then restore DB Instance to specific state in DB snapshot at any time.
- Database snapshots can also be created with RDS console or the CreateDBSnapshot action.
RDS Recovery
- RDS permits to recover database quickly with automated or manual DB snapshots.
- cannot restore
- from a DB snapshot to an existing DB Instance
- when a new DB Instance is created when restored.
- During DB Instance restore , only default DB parameter and security groups are associated with restored instance.
- After restore, associate any custom DB parameter or security groups used by instance from which restored.
- In automated backups, RDS combines daily backups performed during predefined maintenance window with transaction logs
High Availability with Multi-AZ
- It allows to create a database cluster across multiple Availability Zones.
- Used for RDBMS to run in highly available and fault-tolerant manner
- It reduce DB administrative task complexity
- It increase availability of database using replication.
- Can meet demanding RPO and RTO targets by using synchronous replication.
- Can place secondary copy of database in another AZ for disaster recovery.
- Its deployments are available for all RDS database engines.
- We can have primary instance in a AZ and secondary instance in another AZ
- Automatically replicate data from primary instance to secondary instance by synchronous replication.
- Every AZ runs on its own physically distinct, independent infrastructure
- Failover in event of
- Loss of availability in primary Availability Zone
- Loss of network connectivity to primary database
- Compute unit failure on primary database
- Storage failure on primary database
Scaling Up and Out
- scaling up (or vertically scaling) is by getting a larger machine permits to process more reads and writes.
- Scaling out (or horizontally scaling) is adding more machines
- RDS can scale compute and storage vertically and DB engines scale horizontally.
- Vertical Scalability or Scaling Up
- adding additional compute, memory, or storage resources to database
- to process more transactions, run more queries, and store more data.
- RDS makes it simple and can be scheduled to occur during next maintenance window
- to scale immediately use ModifyDBInstance action.
- to change amount of compute and memory, select a different DB Instance class of database.
- Horizontal Scalability with Sharding or Scaling Out
- RDBMS can scale vertically before reaching maximum instance size.
- Partitioning a large RDBMS into multiple instances or shards can handle more requests beyond capabilities of a single instance.
- Partitioning, or sharding, allows to scale horizontally to handle more users and requests but requires additional logic in application layer.
- Horizontal Scalability with Read Replicas or Scaling Out
- read replicas offload read transactions from primary database and increase overall number of transactions.
- RDS supports read replicas to scale out elastically
- some common scenarios
- Scale beyond capacity of a single DB Instance for read-heavy workloads.
- Handle read traffic while source DB Instance is unavailable.
- Offload reporting or data warehousing scenarios against a replica instead of primary DB Instance.
RDS Security
- securing RDS DB Instances needs a comprehensive plan
- Secure all layers commonly in database-driven systems – infrastructure resources, database, and network.
- Use IAM policies to limit which actions AWS administrators can perform.
- Deploy RDS DB Instances into a private subnet within Amazon VPC limiting network access to DB instance
- Restrict network access by ACLs and security groups and limit inbound traffic to source IP addresses.
- Create users and grant permissions to read and write to databases.
- Control DB access by database engine specific access control and user management mechanisms.
- protect confidentiality of data in transit and at rest with multiple encryption capabilities
- Security features differ slightly from one engine to another
- Use SSL to protect data in transit.
- Encryption at rest is possible for all engines using KMS or Transparent Data Encryption
- all logs, backups, and snapshots are encrypted for an encrypted RDS instance.
Are you an AWS Expert?Take a Quiz