Thanks to visit codestin.com
Credit goes to www.slideshare.net

Uploaded byikbalpro1995
PPTX, PDF0 views

Amazon DocumentDB Best Practices (with MongoDB).pptx

Architecture & Design Best Practices Use Multiple Availability Zones (AZs) Always deploy clusters across at least two AZs. Ensures high availability and automatic failover. Choose the Right Instance Size Match instance class (memory, vCPU) with workload. Start with db.r6g or db.t3.medium (for dev/test), scale to db.r6g.2xlarge+ for production. Cluster Topology Use a primary instance for writes. Add replica instances (up to 15) for: Read scaling High availability Faster failover Storage Considerations DocumentDB storage auto-scales up to 128 TiB per cluster. No manual sharding required.

Download to read offline
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Best Practices for Amazon DocumentDB
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Agenda • Cluster Sizing • Connecting • Scaling • Cross Region Replication • Monitoring • Indexing • Cost Optimization • Security
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Amazon DocumentDB (with MongoDB compatibility) Fully managed and scalable document database service that supports MongoDB workloads Scalable Fully managed MongoDB API compatible
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. AWS Region Amazon DocumentDB (with MongoDB compatibility) Compute 2-96 cores 4-768 GB RAM Storag e Instance (replica) Reads Instance (primary ) Reads Writes Instance (replica) Reads Backup AZ 1 AZ 2 AZ 3 Amazon S3 Distributed storage volume
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Amazon DocumentDB Cluster Sizing
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Number of instances determines availability target Availability Target Total Instances Replicas Availability Zones Recovery Time 99% 1 0 1 8-10min 99.9% 2 1 2 <30sec 99.99% 3 2 3 <30sec 99.99% 4 3 3 <30sec Best Practice: Use at least 2 replicas in different AZs for production deployments Cluster Sizing: Availability
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Instance Size = Processing Power + Cache Class vCPU Memory (GiB) Estimated Cache Size (~2/3 of RAM) t4g.medium 2 4 ~2.5GB r6g.large 2 16 ~10.5GB r6g.xlarge 4 32 ~21GB r6g.2xlarge 8 64 ~42.5GB r6g.4xlarge 16 128 ~85GB r6g.8xlarge 32 256 ~171GB r6g.12xlarge 48 384 ~256GB r6g.16xlarge 64 512 ~341GB r5.24xlarge 96 768 ~512GB Best Practice: Ensure indices and working set fit in cache Cluster Sizing: Instance Performance
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Recover to any time from 5 minutes ago until the Backup Retention Period Best practice: set retention based on your Recovery Point Objective Cluster Sizing: Backups
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Connecting to Amazon DocumentDB
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Connecting: Endpoints Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (primary ) Reads Writes Instance Endpoint Instance (replica) Reads Instance Endpoint Instance (replica) Reads Instance Endpoint
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Connecting: Endpoints Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (primary ) Reads Writes Instance Endpoint Instance (replica) Reads Instance Endpoint Instance (replica) Reads Instance Endpoint Cluster Endpoint
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Connecting: Endpoints Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (primary ) Reads Writes Instance Endpoint Instance (replica) Reads Instance Endpoint Instance (replica) Reads Instance Endpoint Cluster Endpoint Reader Endpoint
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Connecting: Endpoints Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (primary ) Reads Writes Instance Endpoint Instance (replica) Reads Instance Endpoint Instance (replica) Reads Instance Endpoint Cluster Endpoint Reader Endpoint
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Connecting: Endpoints Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (primary ) Reads Writes Instance (replica) Reads Instance (replica) Reads "members":[ { "_id":1, "stateStr":"PRIMARY", ... }, { "_id": 2, "stateStr":"SECONDARY", ... }, { "_id":3, "stateStr":"SECONDARY", ... } ] Application
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Best practice: Use cluster endpoint and connect as a replica set Connecting: Replica Set Emulation
© 2023, Amazon Web Services, Inc. or its Affiliates. Connecting: Failover Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (replica) Reads Instance (primary ) Reads Writes Instance (replica) Reads
© 2023, Amazon Web Services, Inc. or its Affiliates. Connecting: Failover Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (replica) Reads Instance (primary ) Reads Writes Instance (replica) Reads Primary fails
© 2023, Amazon Web Services, Inc. or its Affiliates. Connecting: Failover Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (replica) Reads Replica promoted to new primary Instance (primary ) Reads Writes
© 2023, Amazon Web Services, Inc. or its Affiliates. Connecting: Failover Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (replica) Reads ~8-10 mins Instance (replica) Reads New replica instance created Automatic return to full strength Instance (primary ) Reads Writes
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Instance (Primary) Distributed storage volume AZ1 AZ2 AZ3 Reads Instance (Replica) Instance (Replica) Reads Writes Reads Containers Up to 30000 Up to 30000 Up to 30000 Connection Limits
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Instance (Primary) Distributed storage volume AZ1 AZ2 AZ3 Reads Instance (Replica) Instance (Replica) Reads Writes Reads Containers Up to 4560 Up to 4560 Up to 4560 Cursor Limits
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Scaling Amazon DocumentDB
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Scaling: Read Consistency Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (primary ) Reads Writes Instance (replica) Reads Primary reads are read-after-write consistent
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Scaling: Read Consistency Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (primary ) Reads Writes Instance (replica) Reads Typically ~10-100ms Primary reads are read-after-write consistent Replica reads are eventually consistent
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Scaling: Read Preference Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (primary ) Writes Instance (replica) Reads Instance (replica) Reads Application Read Preference: secondaryPreferre d
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Scaling: Read Preference Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (primary ) Writes Instance (replica) Instance (replica) Reads Application Read Preference: secondaryPreferre d
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Scaling: Read Preference Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (replica) Instance (replica) Application Read Preference: secondaryPreferre d Instance (primary ) Reads Writes
© 2023, Amazon Web Services, Inc. or its Affiliates. Scaling: Read Traffic Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (primary ) Reads Writes Instance (replica) Reads Instance (replica) Reads Application
© 2023, Amazon Web Services, Inc. or its Affiliates. Scaling: Read Traffic Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (primary ) Reads Writes Instance (replica) Reads Instance (replica) Reads Application Instance (replica) Reads Up to 15 read replicas
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Scaling: Dynamic Read Preference Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (primary ) Reads Writes Instance (replica) Reads Instance (replica) Reads Application Override on each call (readPreference: primary) Default read preference (readPreference: secondaryPreferred)
© 2023, Amazon Web Services, Inc. or its Affiliates. Scaling: Asymmetric Workloads Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (primary ) Reads Writes db.r6g.large Instance (replica) Reads db.r6g.large Instance (replica) Reads db.r6g.large
© 2023, Amazon Web Services, Inc. or its Affiliates. Scaling: Asymmetric Workloads Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (primary ) Reads Writes db.r6g.large Instance (replica) Reads db.r6g.large Instance (replica) Reads db.r6g.large Instance (replica) Reads db.r6g.12xlarge Instance Endpoint
© 2023, Amazon Web Services, Inc. or its Affiliates. Scaling: Write Traffic Distributed storage volume AZ 1 AZ 2 AZ 3 Reads Writes Primary db.r6g.large Reads Replica db.r6g.large Reads Replica db.r6g.large
© 2023, Amazon Web Services, Inc. or its Affiliates. Scaling: Write Traffic Distributed storage volume AZ 1 AZ 2 AZ 3 Reads Writes Primary db.r6g.large Reads Replica db.r6g.large Reads Replica db.r6g.large Reads Replica db.r6g.4xlarge Reads Replica db.r6g.4xlarge Reads Replica db.r6g.4xlarge
© 2023, Amazon Web Services, Inc. or its Affiliates. Scaling: Write Traffic Distributed storage volume AZ 1 AZ 2 AZ 3 Reads Writes Replica db.r6g.large Reads Replica db.r6g.large Reads Replica db.r6g.large Reads Primary db.r6g.4xlarge Reads Replica db.r6g.4xlarge Reads Replica db.r6g.4xlarge Writes
© 2023, Amazon Web Services, Inc. or its Affiliates. Scaling: Write Traffic Distributed storage volume AZ 1 AZ 2 AZ 3 Reads Primary db.r6g.4xlarge Reads Replica db.r6g.4xlarge Reads Replica db.r6g.4xlarge Writes
© 2023, Amazon Web Services, Inc. or its Affiliates. Compute Storage Scaling: Storage and I/O Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (replica) Reads Instance (primary ) Reads Writes Instance (replica) Reads
© 2023, Amazon Web Services, Inc. or its Affiliates. Compute Storage Scaling: Storage and I/O Distributed storage volume Grows automatically from 10 GiB - 128 TiB AZ 1 AZ 2 AZ 3 Instance (replica) Reads Instance (primary ) Reads Writes Instance (replica) Reads
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Cross Region Replication with Amazon DocumentDB
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. App 1 db.foo.findOne( ) {“x”:1} Global replication: Up to 5 secondary regions Low replica lag: Typically < 1 sec Fast recovery: Typically < 1 min downtime Compatibility: Version 4.0 and later Global reader instances: Up to 90 db.foo.insertOne({“x”:1} ) Reads Reads Writes Reads Replicatio n Service (primary region) Ohio Reads Reads Replicatio n Service (secondary region) Oregon Reads Reads Replicatio n Service (secondary region) Tokyo App 2 Global Clusters
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Global Clusters – Setup & Operations • Use same cluster parameter group setting on primary and secondaries • Use same sized instance on secondary cluster(s) • Externalize application endpoints • Failover  Stop Application from writing to primary  Identify secondary to promote based on latency for end users  Remove and promote identified secondary to primary  Point application to new primary (standalone)  Delete old primary and other secondaries • Automate failover process
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Monitoring Amazon DocumentDB
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. • Create billing alarms • 50% spend • 75% spend •Cost Allocation Tags Monitoring: Billing
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. BufferCacheHitRatio IndexBufferCacheHitRatio DatabaseConnections DatabaseCursors FreeableMemory CPUUtilization Monitoring: Instance Metrics
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. DBClusterReplicaLagMaximum DatabaseCursorsTimedOut VolumeWriteIOPs VolumeReadIOPs Opscounters Monitoring: Cluster Metrics
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Auditing DDL events Auth events Role Grants Create alarms Profiling Slow queries Monitoring: Auditing and Profiling
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Review historical system activity by measuring database load • Average Active Sessions • Wait States • Operation level granularity Complementary to profiling Monitoring: Performance Insights
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Indexing Amazon DocumentDB
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. • Indexes come with a cost • Constrain indexes to those necessary for common queries • 5 per collection max rule of thumb • 1% selectivity goal rs0:PRIMARY> db.collName.getIndexes() [ { "v":2, "key":{ "_id":1 }, "name":"_id_", "ns":"tournament.results" }, { "v":2, "key":{ "user_id":1 }, "name":"user_id_1", "ns":"tournament.results" } ] Indexing
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. • Verify indexes fit in memory • Monitor IndexBufferCacheHitRatio rs0:PRIMARY> db.collName.stats() { "ns":"tournament.results", "count":39549, "size":7000173, "avgObjSize":177.303, "storageSize":8609792, "capped":false, "nindexes":2, "totalIndexSize":5472256, "indexSizes":{ "_id_":2760704, "user_id_1":2711552 }, "ok":1 } Indexing: Caching
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Drop unused indexes where possible rs0:PRIMARY> db.collName.aggregate([{$indexStats:{}}]).pretty() { "name":"user_id_1", "key":{ "user_id":1 }, "host":"docdb2019.us-east-2.docdb.amazonaws.com:27017", "accesses":{ "ops":NumberLong(0), "since":ISODate("2020-01-15T06:57:38Z") } } Indexing: Unused Indexes
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Optimizing Costs in Amazon DocumentDB
© 2023, Amazon Web Services, Inc. or its Affiliates. Compute Storage Cost Optimization: Pricing Distributed storage volume Amazon S3 Instance (replica) Reads Instance (primary ) Reads Writes Instance (replica) Reads
© 2023, Amazon Web Services, Inc. or its Affiliates. Compute Storage Cost Optimization: Pricing Distributed storage volume Amazon S3 Instance (replica) Reads Instance (primary ) Reads Writes Instance (replica) Reads Instances: Size/hr * count (db.t4g.medium $0.075/hr) 1
© 2023, Amazon Web Services, Inc. or its Affiliates. Compute Storage Cost Optimization: Pricing Distributed storage volume Amazon S3 Instance (replica) Reads Instance (primary ) Reads Writes Instance (replica) Reads Instances: Size/hr * count (db.t4g.medium $0.075/hr) 1 IOPS: Count ($0.20/million) 2
© 2023, Amazon Web Services, Inc. or its Affiliates. Compute Storage Cost Optimization: Pricing Distributed storage volume Amazon S3 Instance (replica) Reads Instance (primary ) Reads Writes Instance (replica) Reads Storage: GiB/month ($0.10/GiB) 3 Instances: Size/hr * count (db.t4g.medium $0.075/hr) 1 IOPS: Count ($0.20/million) 2
© 2023, Amazon Web Services, Inc. or its Affiliates. Compute Storage Cost Optimization: Pricing Distributed storage volume Amazon S3 Backup: GiB/month (100% Free! $0.021/GiB) 4 Instance (replica) Reads Instance (primary ) Reads Writes Instance (replica) Reads Storage: GiB/month ($0.10/GiB) 3 Instances: Size/hr * count (db.t4g.medium $0.075/hr) 1 IOPS: Count ($0.20/million) 2
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Class vCPU Memory (GiB) Estimated Cache Size t4g.medium 2 4 ~2.5GB r6g.large 2 16 ~10.5GB r6g.xlarge 4 32 ~21GB r6g.2xlarge 8 64 ~42.5GB r6g.4xlarge 16 128 ~85GB r6g.8xlarge r6g.12xlarge r6g.16xlarge 48 384 ~256GB r5.24xlarge 96 768 ~512GB Availability Target Total Instance s Replicas Availability Zones Recovery Time 99% 1 0 1 8-10min 99.9% 2 1 2 <30sec 99.99% 3 2 3 <30sec 99.99% 4 3 3 <30sec Cost Optimization: Cluster Sizing
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. • Stops for up to 7 days; cluster then restarts automatically • While Stopped: • No instance costs • Storage costs continue • Backup costs do not increase Cost Optimization: Start/Stop Cluster
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Cost Optimization: I/O • Choose appropriate instance size  Working set and indices should fit in cache  Monitor metrics to ensure cache is appropriately sized – BufferCacheHitRatio and IndexBufferCacheHitRatio – Should be >90% • Special Case: TTL workloads  TTL indices incur I/O to drop the data  Instead use a collection per day – Query all collections for the data of interest – Drop entire collection when the data “expires” No I/O cost to drop a collection
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Cost Optimization: Storage and Backup • Store only what you need  Identify unused indices  Identify unneeded data – Unneeded fields in documents – Unneeded documents • Only keep necessary backups  Pay attention to snapshots – Remove ones you no longer need  Assess your recovery point objective – Adjust your backup retention period appropriately
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Securing Amazon DocumentDB
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Security group B VPC Security group A Application DocumentDB Cluster Security group B: • Inbound (min): TCP (27017) Security group A: • Outbound (min): TCP (27017) Security Groups
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Role Scope Role Name Description Actions Database read Read any collection in a DB collStats, dbStats, find, listCollections, … Database readWrite Read and write any collection in a DB createCollection,, createIndex, insert, remove, update, … Cluster readAnyDatabase Read any collection in any DB listChangeStreams, listDatabases, [actions in read] Cluster readWriteAnyDatabase Read or write any collection in any DB listChangeStreams, listDatabases, [actions in readWrite] Cluster clusterMonitor Read access for monitoring tools listSessions, serverStatus, top, dbStats, … RBAC – Built-in Roles
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. RBAC – User Defined Roles • Roles determine operation an user can perform on DB resources • User-defined roles provides flexibility to customize RBAC roles based on organization needs • Allows to create users with fine grain access control a.k.a least privilege access • Create roles to restrict access to specific operations / API • Create roles to restrict access to specific collections • Allows adding built in role or access to operations, to an existing user defined role
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Auditing and Profiling • Auditing  All authentication events (success and failure)  All permission grant operations  Monitoring and Alerts via CloudWatch • Cluster Deleting Protection  Enabled / disabled in cluster configuration
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. • Use TLS in-transit • KMS-backed at-rest encryption Encryption
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. AWS Secrets Manager Amazon DocumentDB Application Lambda Rotation Function Retrieve credentials Login with credentials Update credentials Trigger update Integration with AWS Secrets Manager
© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. https://aws.amazon.com/documentdb/ Thank you!

More Related Content

PPTX
Amazon DocumentDB - Monitoring, Auditing, and Alarms ID Template.pptx
byikbalpro1995
 
PDF
AWS reInvent 2023 recaps from Chicago AWS user group
byAWS Chicago
 
PPTX
Building low latency apps with a serverless architecture and in-memory data I...
byAWS Germany
 
PDF
AWS DevDay Berlin 2019 - Going Global With Serverless
byDarko Mesaroš
 
PPTX
Basic ppt on cloud computing on amazon web
byRahulBhole12
 
PPTX
AWS DevDay Vienna - Resiliency and availability design patterns for the cloud
byCobus Bernard
 
PPTX
AWS DevDay Cologne - Resiliency and availability design patterns for the cloud
byCobus Bernard
 
PPTX
DevConf 2020: Resiliency and availability design patterns for the cloud
byCobus Bernard
 
Amazon DocumentDB - Monitoring, Auditing, and Alarms ID Template.pptx
byikbalpro1995
 
AWS reInvent 2023 recaps from Chicago AWS user group
byAWS Chicago
 
Building low latency apps with a serverless architecture and in-memory data I...
byAWS Germany
 
AWS DevDay Berlin 2019 - Going Global With Serverless
byDarko Mesaroš
 
Basic ppt on cloud computing on amazon web
byRahulBhole12
 
AWS DevDay Vienna - Resiliency and availability design patterns for the cloud
byCobus Bernard
 
AWS DevDay Cologne - Resiliency and availability design patterns for the cloud
byCobus Bernard
 
DevConf 2020: Resiliency and availability design patterns for the cloud
byCobus Bernard
 

Similar to Amazon DocumentDB Best Practices (with MongoDB).pptx

PPTX
CloudOverviewAWS.pptx
byssuser73fa361
 
PDF
Amazon Web Services (AWS) : Fundamentals
byHitesh Mohapatra
 
PPTX
Scaling your Application with AWS Relational Databases I AWS Dev Day 2018
byAWS Germany
 
PDF
Building a Bigdata Architecture on AWS
byArun Sirimalla
 
PPTX
Simplifying Microsoft Architectures with AWS Services
byAWS Summits
 
PDF
[db tech showcase Tokyo 2018] #dbts2018 #C32 『Deep Dive on the Amazon Aurora ...
byInsight Technology, Inc.
 
PDF
The iot academy_awstraining_part1_aws_introduction
byThe IOT Academy
 
PDF
【AWS】Amazon DocumentDB (with MongoDB compatibility).pdf
byblackangel52
 
PDF
AWS PPT.pdfcustom work done by the team fit t
byManishYadav243888
 
PPTX
AWS DevDay Berlin - Resiliency and availability design patterns for the cloud
byCobus Bernard
 
PDF
AWSomeDayOnline Q322_2. Introduction to AWS Services Compute, Storage, Databa...
bySwamiSparthsarathi
 
PPTX
Cloud Service.pptx
bySibinBharathi
 
PDF
Introduction to AWS Services: Compute, Storage,_Databases
bydaffapunk92
 
PDF
Big Data Architecture and Design Patterns
byJohn Yeung
 
PDF
"Resiliency and Availability Design Patterns for the Cloud", Sebastien Storma...
byProvectus
 
PPTX
Rocking mongo db on the cloud
byMongoDB
 
PDF
AWS re:Invent Recap
byAllen-Michael (AM) Grobelny
 
PDF
2021_1006-DAT_Slide-Deck.pdf
byRais Charipov
 
PPTX
Aws storage options
byAntoni Tzavelas
 
PPTX
Migrating enterprise workloads to AWS
byTom Laszewski
 
CloudOverviewAWS.pptx
byssuser73fa361
 
Amazon Web Services (AWS) : Fundamentals
byHitesh Mohapatra
 
Scaling your Application with AWS Relational Databases I AWS Dev Day 2018
byAWS Germany
 
Building a Bigdata Architecture on AWS
byArun Sirimalla
 
Simplifying Microsoft Architectures with AWS Services
byAWS Summits
 
[db tech showcase Tokyo 2018] #dbts2018 #C32 『Deep Dive on the Amazon Aurora ...
byInsight Technology, Inc.
 
The iot academy_awstraining_part1_aws_introduction
byThe IOT Academy
 
【AWS】Amazon DocumentDB (with MongoDB compatibility).pdf
byblackangel52
 
AWS PPT.pdfcustom work done by the team fit t
byManishYadav243888
 
AWS DevDay Berlin - Resiliency and availability design patterns for the cloud
byCobus Bernard
 
AWSomeDayOnline Q322_2. Introduction to AWS Services Compute, Storage, Databa...
bySwamiSparthsarathi
 
Cloud Service.pptx
bySibinBharathi
 
Introduction to AWS Services: Compute, Storage,_Databases
bydaffapunk92
 
Big Data Architecture and Design Patterns
byJohn Yeung
 
"Resiliency and Availability Design Patterns for the Cloud", Sebastien Storma...
byProvectus
 
Rocking mongo db on the cloud
byMongoDB
 
AWS re:Invent Recap
byAllen-Michael (AM) Grobelny
 
2021_1006-DAT_Slide-Deck.pdf
byRais Charipov
 
Aws storage options
byAntoni Tzavelas
 
Migrating enterprise workloads to AWS
byTom Laszewski
 

Recently uploaded

PPTX
Salesforce_Training for the____beginners
bysukumarmallam669
 
PDF
Digital Marketing Services Can Transform Your Brand
byAmrit Web
 
PDF
AI at scale Architecting Scalable, Deployable and Resilient Infrastructure
byAlluxio, Inc.
 
PPTX
Salesforce_5Day_Intro_Plan for the people
bysukumarmallam669
 
PDF
CRM Dashboard Team Whiteboard in Pink Black Tactile 3D Style.pdf
byijentech technology pvt.ltd
 
PPTX
App_managementApp_Management_Presentation.pptx
bysonupj8745
 
PDF
Interactive MultiTouch Videowall for Tourism Association Sexten
byeyefactive GmbH
 
PPTX
Presentation On C Programming OPERATOR
bypriyankaomm9658
 
PDF
The Major Benefits of DevOps Explained.pdf
byNexusLink Services India Pvt Ltd
 
PDF
Three Ireland Unveils Innovative Lifestyle Store Concept
byeyefactive GmbH
 
PDF
Know The Role Of AI In Redefining HR In 2025
byCitytech Software DMCC
 
PDF
Achieving Double-Digit Millisecond Offline Feature Stores with Alluxio
byAlluxio, Inc.
 
PDF
How MAssist Boosts Efficiency in the Chemical Fertilizer Industry.pdf
byMAssist CRM Software
 
PPTX
this presentation is helpful for students.
bytjahanjoy
 
PPTX
Salesforce and xero success the integration your business needs.pptx
byKandisaTechnologiesS
 
PDF
How Digital Transformation Boosts Building Materials Efficiency.pdf
byMAssist CRM Software
 
PPTX
A Vibe Coded Chatbot App - Answers questions about IPL 2025
byParag Ahire
 
PDF
lec01-intro.pdf 2 Graduate Computer Architecture
byarmandpelim
 
PDF
Modernize Finance Using Dynamics 365 Business Central
byNavision India
 
PDF
Transformation Co-Pilot_ Salesforce Development for Guided Enterprise Change.pdf
byWildnet Edge
 
Salesforce_Training for the____beginners
bysukumarmallam669
 
Digital Marketing Services Can Transform Your Brand
byAmrit Web
 
AI at scale Architecting Scalable, Deployable and Resilient Infrastructure
byAlluxio, Inc.
 
Salesforce_5Day_Intro_Plan for the people
bysukumarmallam669
 
CRM Dashboard Team Whiteboard in Pink Black Tactile 3D Style.pdf
byijentech technology pvt.ltd
 
App_managementApp_Management_Presentation.pptx
bysonupj8745
 
Interactive MultiTouch Videowall for Tourism Association Sexten
byeyefactive GmbH
 
Presentation On C Programming OPERATOR
bypriyankaomm9658
 
The Major Benefits of DevOps Explained.pdf
byNexusLink Services India Pvt Ltd
 
Three Ireland Unveils Innovative Lifestyle Store Concept
byeyefactive GmbH
 
Know The Role Of AI In Redefining HR In 2025
byCitytech Software DMCC
 
Achieving Double-Digit Millisecond Offline Feature Stores with Alluxio
byAlluxio, Inc.
 
How MAssist Boosts Efficiency in the Chemical Fertilizer Industry.pdf
byMAssist CRM Software
 
this presentation is helpful for students.
bytjahanjoy
 
Salesforce and xero success the integration your business needs.pptx
byKandisaTechnologiesS
 
How Digital Transformation Boosts Building Materials Efficiency.pdf
byMAssist CRM Software
 
A Vibe Coded Chatbot App - Answers questions about IPL 2025
byParag Ahire
 
lec01-intro.pdf 2 Graduate Computer Architecture
byarmandpelim
 
Modernize Finance Using Dynamics 365 Business Central
byNavision India
 
Transformation Co-Pilot_ Salesforce Development for Guided Enterprise Change.pdf
byWildnet Edge
 

Amazon DocumentDB Best Practices (with MongoDB).pptx

  • 1.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Best Practices for Amazon DocumentDB
  • 2.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Agenda • Cluster Sizing • Connecting • Scaling • Cross Region Replication • Monitoring • Indexing • Cost Optimization • Security
  • 3.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Amazon DocumentDB (with MongoDB compatibility) Fully managed and scalable document database service that supports MongoDB workloads Scalable Fully managed MongoDB API compatible
  • 4.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. AWS Region Amazon DocumentDB (with MongoDB compatibility) Compute 2-96 cores 4-768 GB RAM Storag e Instance (replica) Reads Instance (primary ) Reads Writes Instance (replica) Reads Backup AZ 1 AZ 2 AZ 3 Amazon S3 Distributed storage volume
  • 5.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Amazon DocumentDB Cluster Sizing
  • 6.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Number of instances determines availability target Availability Target Total Instances Replicas Availability Zones Recovery Time 99% 1 0 1 8-10min 99.9% 2 1 2 <30sec 99.99% 3 2 3 <30sec 99.99% 4 3 3 <30sec Best Practice: Use at least 2 replicas in different AZs for production deployments Cluster Sizing: Availability
  • 7.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Instance Size = Processing Power + Cache Class vCPU Memory (GiB) Estimated Cache Size (~2/3 of RAM) t4g.medium 2 4 ~2.5GB r6g.large 2 16 ~10.5GB r6g.xlarge 4 32 ~21GB r6g.2xlarge 8 64 ~42.5GB r6g.4xlarge 16 128 ~85GB r6g.8xlarge 32 256 ~171GB r6g.12xlarge 48 384 ~256GB r6g.16xlarge 64 512 ~341GB r5.24xlarge 96 768 ~512GB Best Practice: Ensure indices and working set fit in cache Cluster Sizing: Instance Performance
  • 8.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Recover to any time from 5 minutes ago until the Backup Retention Period Best practice: set retention based on your Recovery Point Objective Cluster Sizing: Backups
  • 9.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Connecting to Amazon DocumentDB
  • 10.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Connecting: Endpoints Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (primary ) Reads Writes Instance Endpoint Instance (replica) Reads Instance Endpoint Instance (replica) Reads Instance Endpoint
  • 11.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Connecting: Endpoints Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (primary ) Reads Writes Instance Endpoint Instance (replica) Reads Instance Endpoint Instance (replica) Reads Instance Endpoint Cluster Endpoint
  • 12.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Connecting: Endpoints Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (primary ) Reads Writes Instance Endpoint Instance (replica) Reads Instance Endpoint Instance (replica) Reads Instance Endpoint Cluster Endpoint Reader Endpoint
  • 13.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Connecting: Endpoints Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (primary ) Reads Writes Instance Endpoint Instance (replica) Reads Instance Endpoint Instance (replica) Reads Instance Endpoint Cluster Endpoint Reader Endpoint
  • 14.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Connecting: Endpoints Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (primary ) Reads Writes Instance (replica) Reads Instance (replica) Reads "members":[ { "_id":1, "stateStr":"PRIMARY", ... }, { "_id": 2, "stateStr":"SECONDARY", ... }, { "_id":3, "stateStr":"SECONDARY", ... } ] Application
  • 15.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Best practice: Use cluster endpoint and connect as a replica set Connecting: Replica Set Emulation
  • 16.
    © 2023, AmazonWeb Services, Inc. or its Affiliates. Connecting: Failover Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (replica) Reads Instance (primary ) Reads Writes Instance (replica) Reads
  • 17.
    © 2023, AmazonWeb Services, Inc. or its Affiliates. Connecting: Failover Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (replica) Reads Instance (primary ) Reads Writes Instance (replica) Reads Primary fails
  • 18.
    © 2023, AmazonWeb Services, Inc. or its Affiliates. Connecting: Failover Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (replica) Reads Replica promoted to new primary Instance (primary ) Reads Writes
  • 19.
    © 2023, AmazonWeb Services, Inc. or its Affiliates. Connecting: Failover Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (replica) Reads ~8-10 mins Instance (replica) Reads New replica instance created Automatic return to full strength Instance (primary ) Reads Writes
  • 20.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Instance (Primary) Distributed storage volume AZ1 AZ2 AZ3 Reads Instance (Replica) Instance (Replica) Reads Writes Reads Containers Up to 30000 Up to 30000 Up to 30000 Connection Limits
  • 21.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Instance (Primary) Distributed storage volume AZ1 AZ2 AZ3 Reads Instance (Replica) Instance (Replica) Reads Writes Reads Containers Up to 4560 Up to 4560 Up to 4560 Cursor Limits
  • 22.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Scaling Amazon DocumentDB
  • 23.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Scaling: Read Consistency Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (primary ) Reads Writes Instance (replica) Reads Primary reads are read-after-write consistent
  • 24.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Scaling: Read Consistency Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (primary ) Reads Writes Instance (replica) Reads Typically ~10-100ms Primary reads are read-after-write consistent Replica reads are eventually consistent
  • 25.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Scaling: Read Preference Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (primary ) Writes Instance (replica) Reads Instance (replica) Reads Application Read Preference: secondaryPreferre d
  • 26.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Scaling: Read Preference Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (primary ) Writes Instance (replica) Instance (replica) Reads Application Read Preference: secondaryPreferre d
  • 27.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Scaling: Read Preference Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (replica) Instance (replica) Application Read Preference: secondaryPreferre d Instance (primary ) Reads Writes
  • 28.
    © 2023, AmazonWeb Services, Inc. or its Affiliates. Scaling: Read Traffic Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (primary ) Reads Writes Instance (replica) Reads Instance (replica) Reads Application
  • 29.
    © 2023, AmazonWeb Services, Inc. or its Affiliates. Scaling: Read Traffic Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (primary ) Reads Writes Instance (replica) Reads Instance (replica) Reads Application Instance (replica) Reads Up to 15 read replicas
  • 30.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Scaling: Dynamic Read Preference Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (primary ) Reads Writes Instance (replica) Reads Instance (replica) Reads Application Override on each call (readPreference: primary) Default read preference (readPreference: secondaryPreferred)
  • 31.
    © 2023, AmazonWeb Services, Inc. or its Affiliates. Scaling: Asymmetric Workloads Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (primary ) Reads Writes db.r6g.large Instance (replica) Reads db.r6g.large Instance (replica) Reads db.r6g.large
  • 32.
    © 2023, AmazonWeb Services, Inc. or its Affiliates. Scaling: Asymmetric Workloads Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (primary ) Reads Writes db.r6g.large Instance (replica) Reads db.r6g.large Instance (replica) Reads db.r6g.large Instance (replica) Reads db.r6g.12xlarge Instance Endpoint
  • 33.
    © 2023, AmazonWeb Services, Inc. or its Affiliates. Scaling: Write Traffic Distributed storage volume AZ 1 AZ 2 AZ 3 Reads Writes Primary db.r6g.large Reads Replica db.r6g.large Reads Replica db.r6g.large
  • 34.
    © 2023, AmazonWeb Services, Inc. or its Affiliates. Scaling: Write Traffic Distributed storage volume AZ 1 AZ 2 AZ 3 Reads Writes Primary db.r6g.large Reads Replica db.r6g.large Reads Replica db.r6g.large Reads Replica db.r6g.4xlarge Reads Replica db.r6g.4xlarge Reads Replica db.r6g.4xlarge
  • 35.
    © 2023, AmazonWeb Services, Inc. or its Affiliates. Scaling: Write Traffic Distributed storage volume AZ 1 AZ 2 AZ 3 Reads Writes Replica db.r6g.large Reads Replica db.r6g.large Reads Replica db.r6g.large Reads Primary db.r6g.4xlarge Reads Replica db.r6g.4xlarge Reads Replica db.r6g.4xlarge Writes
  • 36.
    © 2023, AmazonWeb Services, Inc. or its Affiliates. Scaling: Write Traffic Distributed storage volume AZ 1 AZ 2 AZ 3 Reads Primary db.r6g.4xlarge Reads Replica db.r6g.4xlarge Reads Replica db.r6g.4xlarge Writes
  • 37.
    © 2023, AmazonWeb Services, Inc. or its Affiliates. Compute Storage Scaling: Storage and I/O Distributed storage volume AZ 1 AZ 2 AZ 3 Instance (replica) Reads Instance (primary ) Reads Writes Instance (replica) Reads
  • 38.
    © 2023, AmazonWeb Services, Inc. or its Affiliates. Compute Storage Scaling: Storage and I/O Distributed storage volume Grows automatically from 10 GiB - 128 TiB AZ 1 AZ 2 AZ 3 Instance (replica) Reads Instance (primary ) Reads Writes Instance (replica) Reads
  • 39.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Cross Region Replication with Amazon DocumentDB
  • 40.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. App 1 db.foo.findOne( ) {“x”:1} Global replication: Up to 5 secondary regions Low replica lag: Typically < 1 sec Fast recovery: Typically < 1 min downtime Compatibility: Version 4.0 and later Global reader instances: Up to 90 db.foo.insertOne({“x”:1} ) Reads Reads Writes Reads Replicatio n Service (primary region) Ohio Reads Reads Replicatio n Service (secondary region) Oregon Reads Reads Replicatio n Service (secondary region) Tokyo App 2 Global Clusters
  • 41.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Global Clusters – Setup & Operations • Use same cluster parameter group setting on primary and secondaries • Use same sized instance on secondary cluster(s) • Externalize application endpoints • Failover  Stop Application from writing to primary  Identify secondary to promote based on latency for end users  Remove and promote identified secondary to primary  Point application to new primary (standalone)  Delete old primary and other secondaries • Automate failover process
  • 42.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Monitoring Amazon DocumentDB
  • 43.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. • Create billing alarms • 50% spend • 75% spend •Cost Allocation Tags Monitoring: Billing
  • 44.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. BufferCacheHitRatio IndexBufferCacheHitRatio DatabaseConnections DatabaseCursors FreeableMemory CPUUtilization Monitoring: Instance Metrics
  • 45.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. DBClusterReplicaLagMaximum DatabaseCursorsTimedOut VolumeWriteIOPs VolumeReadIOPs Opscounters Monitoring: Cluster Metrics
  • 46.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Auditing DDL events Auth events Role Grants Create alarms Profiling Slow queries Monitoring: Auditing and Profiling
  • 47.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Review historical system activity by measuring database load • Average Active Sessions • Wait States • Operation level granularity Complementary to profiling Monitoring: Performance Insights
  • 48.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Indexing Amazon DocumentDB
  • 49.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. • Indexes come with a cost • Constrain indexes to those necessary for common queries • 5 per collection max rule of thumb • 1% selectivity goal rs0:PRIMARY> db.collName.getIndexes() [ { "v":2, "key":{ "_id":1 }, "name":"_id_", "ns":"tournament.results" }, { "v":2, "key":{ "user_id":1 }, "name":"user_id_1", "ns":"tournament.results" } ] Indexing
  • 50.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. • Verify indexes fit in memory • Monitor IndexBufferCacheHitRatio rs0:PRIMARY> db.collName.stats() { "ns":"tournament.results", "count":39549, "size":7000173, "avgObjSize":177.303, "storageSize":8609792, "capped":false, "nindexes":2, "totalIndexSize":5472256, "indexSizes":{ "_id_":2760704, "user_id_1":2711552 }, "ok":1 } Indexing: Caching
  • 51.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Drop unused indexes where possible rs0:PRIMARY> db.collName.aggregate([{$indexStats:{}}]).pretty() { "name":"user_id_1", "key":{ "user_id":1 }, "host":"docdb2019.us-east-2.docdb.amazonaws.com:27017", "accesses":{ "ops":NumberLong(0), "since":ISODate("2020-01-15T06:57:38Z") } } Indexing: Unused Indexes
  • 52.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Optimizing Costs in Amazon DocumentDB
  • 53.
    © 2023, AmazonWeb Services, Inc. or its Affiliates. Compute Storage Cost Optimization: Pricing Distributed storage volume Amazon S3 Instance (replica) Reads Instance (primary ) Reads Writes Instance (replica) Reads
  • 54.
    © 2023, AmazonWeb Services, Inc. or its Affiliates. Compute Storage Cost Optimization: Pricing Distributed storage volume Amazon S3 Instance (replica) Reads Instance (primary ) Reads Writes Instance (replica) Reads Instances: Size/hr * count (db.t4g.medium $0.075/hr) 1
  • 55.
    © 2023, AmazonWeb Services, Inc. or its Affiliates. Compute Storage Cost Optimization: Pricing Distributed storage volume Amazon S3 Instance (replica) Reads Instance (primary ) Reads Writes Instance (replica) Reads Instances: Size/hr * count (db.t4g.medium $0.075/hr) 1 IOPS: Count ($0.20/million) 2
  • 56.
    © 2023, AmazonWeb Services, Inc. or its Affiliates. Compute Storage Cost Optimization: Pricing Distributed storage volume Amazon S3 Instance (replica) Reads Instance (primary ) Reads Writes Instance (replica) Reads Storage: GiB/month ($0.10/GiB) 3 Instances: Size/hr * count (db.t4g.medium $0.075/hr) 1 IOPS: Count ($0.20/million) 2
  • 57.
    © 2023, AmazonWeb Services, Inc. or its Affiliates. Compute Storage Cost Optimization: Pricing Distributed storage volume Amazon S3 Backup: GiB/month (100% Free! $0.021/GiB) 4 Instance (replica) Reads Instance (primary ) Reads Writes Instance (replica) Reads Storage: GiB/month ($0.10/GiB) 3 Instances: Size/hr * count (db.t4g.medium $0.075/hr) 1 IOPS: Count ($0.20/million) 2
  • 58.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Class vCPU Memory (GiB) Estimated Cache Size t4g.medium 2 4 ~2.5GB r6g.large 2 16 ~10.5GB r6g.xlarge 4 32 ~21GB r6g.2xlarge 8 64 ~42.5GB r6g.4xlarge 16 128 ~85GB r6g.8xlarge r6g.12xlarge r6g.16xlarge 48 384 ~256GB r5.24xlarge 96 768 ~512GB Availability Target Total Instance s Replicas Availability Zones Recovery Time 99% 1 0 1 8-10min 99.9% 2 1 2 <30sec 99.99% 3 2 3 <30sec 99.99% 4 3 3 <30sec Cost Optimization: Cluster Sizing
  • 59.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. • Stops for up to 7 days; cluster then restarts automatically • While Stopped: • No instance costs • Storage costs continue • Backup costs do not increase Cost Optimization: Start/Stop Cluster
  • 60.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Cost Optimization: I/O • Choose appropriate instance size  Working set and indices should fit in cache  Monitor metrics to ensure cache is appropriately sized – BufferCacheHitRatio and IndexBufferCacheHitRatio – Should be >90% • Special Case: TTL workloads  TTL indices incur I/O to drop the data  Instead use a collection per day – Query all collections for the data of interest – Drop entire collection when the data “expires” No I/O cost to drop a collection
  • 61.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Cost Optimization: Storage and Backup • Store only what you need  Identify unused indices  Identify unneeded data – Unneeded fields in documents – Unneeded documents • Only keep necessary backups  Pay attention to snapshots – Remove ones you no longer need  Assess your recovery point objective – Adjust your backup retention period appropriately
  • 62.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Securing Amazon DocumentDB
  • 63.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Security group B VPC Security group A Application DocumentDB Cluster Security group B: • Inbound (min): TCP (27017) Security group A: • Outbound (min): TCP (27017) Security Groups
  • 64.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Role Scope Role Name Description Actions Database read Read any collection in a DB collStats, dbStats, find, listCollections, … Database readWrite Read and write any collection in a DB createCollection,, createIndex, insert, remove, update, … Cluster readAnyDatabase Read any collection in any DB listChangeStreams, listDatabases, [actions in read] Cluster readWriteAnyDatabase Read or write any collection in any DB listChangeStreams, listDatabases, [actions in readWrite] Cluster clusterMonitor Read access for monitoring tools listSessions, serverStatus, top, dbStats, … RBAC – Built-in Roles
  • 65.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. RBAC – User Defined Roles • Roles determine operation an user can perform on DB resources • User-defined roles provides flexibility to customize RBAC roles based on organization needs • Allows to create users with fine grain access control a.k.a least privilege access • Create roles to restrict access to specific operations / API • Create roles to restrict access to specific collections • Allows adding built in role or access to operations, to an existing user defined role
  • 66.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Auditing and Profiling • Auditing  All authentication events (success and failure)  All permission grant operations  Monitoring and Alerts via CloudWatch • Cluster Deleting Protection  Enabled / disabled in cluster configuration
  • 67.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. • Use TLS in-transit • KMS-backed at-rest encryption Encryption
  • 68.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. AWS Secrets Manager Amazon DocumentDB Application Lambda Rotation Function Retrieve credentials Login with credentials Update credentials Trigger update Integration with AWS Secrets Manager
  • 69.
    © 2023, AmazonWeb Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. https://aws.amazon.com/documentdb/ Thank you!