1
00:00:00,150 --> 00:00:01,920
‫So, this is to me one of the most

2
00:00:01,920 --> 00:00:04,920
‫revolutionary services that AWS has to offer

3
00:00:04,920 --> 00:00:07,110
‫and I think it is currently underutilized.

4
00:00:07,110 --> 00:00:10,650
‫It's called AWS X-Ray and the exam is really

5
00:00:10,650 --> 00:00:12,480
‫we want you to know about X-Ray.

6
00:00:12,480 --> 00:00:13,740
‫I think this is why they ask two questions

7
00:00:13,740 --> 00:00:15,030
‫because they want people to use it,

8
00:00:15,030 --> 00:00:17,550
‫and I honestly think people should use X-Ray.

9
00:00:17,550 --> 00:00:19,200
‫So, when you do debugging production

10
00:00:19,200 --> 00:00:22,166
‫and I have debugged applications in production in the past,

11
00:00:22,166 --> 00:00:24,480
‫the good old way, what I call the good old way

12
00:00:24,480 --> 00:00:27,180
‫is test locally, add log statements everywhere

13
00:00:27,180 --> 00:00:28,500
‫and redeploying production

14
00:00:28,500 --> 00:00:30,016
‫and from the logs try to figure out

15
00:00:30,016 --> 00:00:32,550
‫what is breaking, what is happening.

16
00:00:32,550 --> 00:00:33,990
‫It's really painful.

17
00:00:33,990 --> 00:00:35,340
‫It's not best practices.

18
00:00:35,340 --> 00:00:36,840
‫Obviously, there are better ways of doing things.

19
00:00:36,840 --> 00:00:40,696
‫I'm just oversimplifying things here, but you get the idea.

20
00:00:40,696 --> 00:00:42,870
‫Debugging production is not fun.

21
00:00:42,870 --> 00:00:44,310
‫And then, if you log stuff,

22
00:00:44,310 --> 00:00:45,870
‫if you have different applications,

23
00:00:45,870 --> 00:00:48,273
‫if you log from different applications to CloudWatch

24
00:00:48,273 --> 00:00:50,190
‫then you know they all have different formats

25
00:00:50,190 --> 00:00:52,140
‫and it's really hard to centralize insights.

26
00:00:52,140 --> 00:00:54,540
‫And navigating CloudWatch logs is gonna be hard.

27
00:00:54,540 --> 00:00:56,760
‫And analytics on top of it, it's going to be hard.

28
00:00:56,760 --> 00:01:00,270
‫So, if you have a monolith, just one huge application

29
00:01:00,270 --> 00:01:02,411
‫doing everything is sort of easy to debug,

30
00:01:02,411 --> 00:01:04,230
‫but if you have distributed services

31
00:01:04,230 --> 00:01:07,530
‫you're running a hundred microservices in your LS accounts,

32
00:01:07,530 --> 00:01:08,760
‫it becomes a nightmare.

33
00:01:08,760 --> 00:01:11,460
‫It's really, really hard to debug what's happening

34
00:01:11,460 --> 00:01:13,260
‫because they all talk to each other, right?

35
00:01:13,260 --> 00:01:16,180
‫So, there's no common view of your entire architecture,

36
00:01:16,180 --> 00:01:18,690
‫your entire service map, et cetera.

37
00:01:18,690 --> 00:01:21,690
‫So, here comes AWS X-Ray.

38
00:01:21,690 --> 00:01:24,600
‫So, X-ray is going to give you a visual analysis

39
00:01:24,600 --> 00:01:25,830
‫of your application.

40
00:01:25,830 --> 00:01:28,290
‫So, this is what we're going to do in the hands-on.

41
00:01:28,290 --> 00:01:31,230
‫We'll see that basically as a client doing a request

42
00:01:31,230 --> 00:01:34,350
‫to our application we will see how many

43
00:01:34,350 --> 00:01:36,750
‫of these requests fail or don't fail.

44
00:01:36,750 --> 00:01:39,660
‫And then, from the application we'll see what it does.

45
00:01:39,660 --> 00:01:43,410
‫So, it will call other IPs, it will call SNS

46
00:01:43,410 --> 00:01:45,930
‫it will call a DynamoDB Table.

47
00:01:45,930 --> 00:01:49,320
‫And so, as you can see, we'll be able to trace exactly,

48
00:01:49,320 --> 00:01:53,430
‫visually what happens when we talk to our EC2 instance.

49
00:01:53,430 --> 00:01:55,200
‫And so, you know from this graph

50
00:01:55,200 --> 00:01:56,910
‫if I ask you where do you think

51
00:01:56,910 --> 00:02:00,270
‫that little orange or yellow error comes from?

52
00:02:00,270 --> 00:02:01,740
‫Well, is it coming from this?

53
00:02:01,740 --> 00:02:02,940
‫No, is it coming from SNS?

54
00:02:02,940 --> 00:02:06,030
‫No, it is coming from my DynamoDB Table.

55
00:02:06,030 --> 00:02:07,290
‫You can see it visually.

56
00:02:07,290 --> 00:02:09,420
‫And so, that's the whole power of tracing.

57
00:02:09,420 --> 00:02:12,330
‫Obviously, you can do more, but you start getting the idea.

58
00:02:12,330 --> 00:02:15,060
‫In terms of X-ray advantages, there's many.

59
00:02:15,060 --> 00:02:16,350
‫You can troubleshoot the performance

60
00:02:16,350 --> 00:02:19,350
‫of your application and identify bottlenecks.

61
00:02:19,350 --> 00:02:20,577
‫You can understand the dependencies

62
00:02:20,577 --> 00:02:22,410
‫in your microservice architecture

63
00:02:22,410 --> 00:02:24,180
‫because you can visually see what is happening

64
00:02:24,180 --> 00:02:28,950
‫and how all your microservices interact with one another.

65
00:02:28,950 --> 00:02:32,460
‫We can pinpoint then which service is giving us issues.

66
00:02:32,460 --> 00:02:35,490
‫We can understand how each request is behaving

67
00:02:35,490 --> 00:02:38,430
‫and then find errors and exception based on the request.

68
00:02:38,430 --> 00:02:40,540
‫We can answer questions such as, are we meeting time SLA

69
00:02:40,540 --> 00:02:44,580
‫in terms of latency or time to process a request?

70
00:02:44,580 --> 00:02:46,560
‫And we can understand which service

71
00:02:46,560 --> 00:02:48,780
‫really slows down, throttles us.

72
00:02:48,780 --> 00:02:51,300
‫Finally, we can know which users are impacted

73
00:02:51,300 --> 00:02:53,970
‫by our errors if we wanted to.

74
00:02:53,970 --> 00:02:56,220
‫So, X-ray has a lot of compatibility.

75
00:02:56,220 --> 00:02:58,915
‫It's compatible with AWS Lambda, Beanstalk,

76
00:02:58,915 --> 00:03:03,090
‫ECS, ELBs, API gateway, and EC2 instances

77
00:03:03,090 --> 00:03:04,950
‫or any application server really,

78
00:03:04,950 --> 00:03:07,050
‫even something you have on premise.

79
00:03:07,050 --> 00:03:11,160
‫So, they really made X-Ray try to be as wide as possible

80
00:03:11,160 --> 00:03:14,190
‫and as applicable as to any application they can.

81
00:03:14,190 --> 00:03:15,870
‫So, X-Ray, how does it work?

82
00:03:15,870 --> 00:03:18,000
‫Well, it leverages something called tracing.

83
00:03:18,000 --> 00:03:20,340
‫And tracing is an end to a way

84
00:03:20,340 --> 00:03:22,710
‫to basically follow a request.

85
00:03:22,710 --> 00:03:25,020
‫So, when I make a request to, for example,

86
00:03:25,020 --> 00:03:27,750
‫my application server, each component that will deal

87
00:03:27,750 --> 00:03:29,730
‫with a request that could be my database,

88
00:03:29,730 --> 00:03:32,010
‫that could be my gateway, my load balancer,

89
00:03:32,010 --> 00:03:33,330
‫my application server.

90
00:03:33,330 --> 00:03:35,430
‫Each component dealing with that request

91
00:03:35,430 --> 00:03:38,820
‫will add its own trace, and so, the trace will be made

92
00:03:38,820 --> 00:03:42,360
‫of segments and segments can be made of sub segments.

93
00:03:42,360 --> 00:03:45,180
‫And the idea is that we can also add annotations

94
00:03:45,180 --> 00:03:48,690
‫to traces to provide extra information around what happened.

95
00:03:48,690 --> 00:03:50,760
‫So, when all these things are together,

96
00:03:50,760 --> 00:03:52,711
‫you have the ability to trace every request

97
00:03:52,711 --> 00:03:54,270
‫or a simple request.

98
00:03:54,270 --> 00:03:56,180
‫So, you say I only want to get a percentage

99
00:03:56,180 --> 00:04:00,274
‫of the total request or maybe five requests per minutes.

100
00:04:00,274 --> 00:04:03,765
‫In terms of security, there is IAM authorization

101
00:04:03,765 --> 00:04:07,620
‫and you can use KMS for encryption at rest.

102
00:04:07,620 --> 00:04:08,970
‫So, once you get all these traces,

103
00:04:08,970 --> 00:04:11,820
‫basically, X-Ray provides its magic

104
00:04:11,820 --> 00:04:14,820
‫and provide this nice little graph that I showed you before.

105
00:04:14,820 --> 00:04:16,620
‫Now, how do you enable X-Ray?

106
00:04:16,620 --> 00:04:17,550
‫Well, you have two ways

107
00:04:17,550 --> 00:04:19,680
‫and I think this is what the exam will ask you about.

108
00:04:19,680 --> 00:04:21,570
‫So, you need to be very careful here.

109
00:04:21,570 --> 00:04:25,440
‫Your code can be Java, Python, Go, Node.js and .Net

110
00:04:25,440 --> 00:04:28,020
‫and it must import the AWS SDK.

111
00:04:28,020 --> 00:04:29,790
‫You need very little code modification,

112
00:04:29,790 --> 00:04:32,130
‫but you still need to do some code modification.

113
00:04:32,130 --> 00:04:34,170
‫And then, the application SDK,

114
00:04:34,170 --> 00:04:36,150
‫the X-Ray SDK, will then capture the calls

115
00:04:36,150 --> 00:04:39,204
‫to the AWS services, the HTTP and HTTPS request

116
00:04:39,204 --> 00:04:42,960
‫and the database calls for MySQL, PostgreSQL and DynamoDB.

117
00:04:42,960 --> 00:04:45,630
‫It can also capture queue calls and so on.

118
00:04:45,630 --> 00:04:46,830
‫Now, the second thing we have to do

119
00:04:46,830 --> 00:04:50,610
‫once we've modified our code is to install the X-Ray daemon

120
00:04:50,610 --> 00:04:53,550
‫or to enable the X-Ray AWS integration.

121
00:04:53,550 --> 00:04:56,700
‫So, if we run on a machine, on-premise server

122
00:04:56,700 --> 00:04:59,880
‫or EC2 instance, we need to install the daemon.

123
00:04:59,880 --> 00:05:02,010
‫And the daemon is basically a little program that works

124
00:05:02,010 --> 00:05:04,710
‫as a low level UDP packet interceptor.

125
00:05:04,710 --> 00:05:07,140
‫It can be running on Linux, Windows, and Mac.

126
00:05:07,140 --> 00:05:09,450
‫And so, you have to install it on your machine.

127
00:05:09,450 --> 00:05:12,150
‫If you use AWS Lambda or other services

128
00:05:12,150 --> 00:05:14,220
‫that already have integration with X-Ray

129
00:05:14,220 --> 00:05:15,780
‫then they will run the daemon for you

130
00:05:15,780 --> 00:05:17,550
‫and you don't have to worry about it.

131
00:05:17,550 --> 00:05:20,550
‫Now, each application also must have the IAM rights

132
00:05:20,550 --> 00:05:22,500
‫to write data to X-Ray.

133
00:05:22,500 --> 00:05:26,640
‫So, a very common question is, hey, my X-Ray application

134
00:05:26,640 --> 00:05:28,260
‫works on my computer when I test locally,

135
00:05:28,260 --> 00:05:30,540
‫but doesn't work on my EC2 machine, why?

136
00:05:30,540 --> 00:05:32,610
‫Well, the answer is probably because on your machine

137
00:05:32,610 --> 00:05:33,930
‫you're running the X-Ray daemon,

138
00:05:33,930 --> 00:05:35,940
‫but when you deploy to your EC2 instance,

139
00:05:35,940 --> 00:05:37,590
‫it's not running the X-Ray daemon,

140
00:05:37,590 --> 00:05:39,559
‫and therefore, X-Ray doesn't see your calls.

141
00:05:39,559 --> 00:05:41,880
‫Now, to make it really crystal clear

142
00:05:41,880 --> 00:05:44,340
‫here is an EC2 instance and you need to have

143
00:05:44,340 --> 00:05:45,900
‫your application code on top of it.

144
00:05:45,900 --> 00:05:48,090
‫And so, your code again needs to be modified

145
00:05:48,090 --> 00:05:51,810
‫to import the AWS X-Ray SDK, and then it will send

146
00:05:51,810 --> 00:05:54,750
‫its traces to the X-Ray daemon running the machine.

147
00:05:54,750 --> 00:05:57,150
‫So, as you can see, you also need to run the X-Ray daemon

148
00:05:57,150 --> 00:05:59,070
‫and that X-Ray daemon will send a batch

149
00:05:59,070 --> 00:06:02,160
‫every one second to AWS X-Ray.

150
00:06:02,160 --> 00:06:03,990
‫So, X-Ray does some magic.

151
00:06:03,990 --> 00:06:06,150
‫And so, to update this graph, how does that work?

152
00:06:06,150 --> 00:06:07,980
‫X-Ray will collect all the data

153
00:06:07,980 --> 00:06:10,320
‫from all the different services sending traces,

154
00:06:10,320 --> 00:06:12,840
‫and then, the service map will be computed magically

155
00:06:12,840 --> 00:06:14,850
‫from all the segments and the traces.

156
00:06:14,850 --> 00:06:16,230
‫And so, that's a really cool thing.

157
00:06:16,230 --> 00:06:18,720
‫X-ray is graphical, so even non-technical people

158
00:06:18,720 --> 00:06:21,000
‫can help troubleshoot.

159
00:06:21,000 --> 00:06:22,710
‫Talking about trouble shooting,

160
00:06:22,710 --> 00:06:24,270
‫what if X-Ray is not working on EC2?

161
00:06:24,270 --> 00:06:26,640
‫As I said, you need to ensure that the IAM role

162
00:06:26,640 --> 00:06:28,860
‫has the proper permission and you need to ensure

163
00:06:28,860 --> 00:06:32,400
‫that the EC2 instance is indeed running the X-Ray Daemon.

164
00:06:32,400 --> 00:06:34,230
‫If you want to run it on Lambda,

165
00:06:34,230 --> 00:06:35,063
‫it's a little bit different.

166
00:06:35,063 --> 00:06:37,020
‫For it, you need to ensure that the Lambda

167
00:06:37,020 --> 00:06:39,510
‫has an IAM execution role with proper policy.

168
00:06:39,510 --> 00:06:41,040
‫And I know we haven't seen what Lambda is,

169
00:06:41,040 --> 00:06:42,380
‫but it's just a question you may get.

170
00:06:42,380 --> 00:06:45,900
‫So, you need to make sure that Lambda has a proper IAM role

171
00:06:45,900 --> 00:06:47,970
‫that's expected and then you need to ensure

172
00:06:47,970 --> 00:06:50,010
‫that the X-Ray code is imported.

173
00:06:50,010 --> 00:06:53,040
‫And finally, that you have activated the active

174
00:06:53,040 --> 00:06:56,190
‫tracing Lambda option on X-Ray,

175
00:06:56,190 --> 00:06:58,980
‫but we'll see this in the Lambda section as well.

176
00:06:58,980 --> 00:07:01,500
‫So, that's it for the overview of X-Ray, a little taster.

177
00:07:01,500 --> 00:07:02,940
‫In the next lecture, we're just going to run

178
00:07:02,940 --> 00:07:05,070
‫the several apps on X-Ray to get a better feeling

179
00:07:05,070 --> 00:07:05,940
‫of how it works.

180
00:07:05,940 --> 00:07:07,540
‫So, see you in the next lecture.