EC2

Question 1

T or F

Termination Protection is enabled by default.

Answer 1

False. You must enable it.

Question 2

T or F

On an EBS-backed instance, the default action is for the root EBS volume to be deleted when the instance is terminated.

Answer 2

True.

Question 3

T or F

EBS Root Volumes of your DEFAULT AMI’s CAN be encrypted.

Answer 3

True.

You can also use a third party tool (such as bit locker, etc.) to encrypt the root volume, or this can be done whnen creating AMI’s (lab to follow) in the AWS console or using the API.

Question 4

Security Groups are…

Answer 4

Stateful. Meaning that if and inbound rule is created an outbound rule is automatically created.

Question 5

What is EBS?

Answer 5

Elastic Block Storage.

EBS provides persistent block storage volumes for use with Amazon EC2 instances in the AWS Cloud.

Each Amazon EBS Volume is automatically replicated within it’s Availability Zone to protect you from component failure, offering high availability and durability.

Question 6

What are the 5 types of EBS Storage;

Answer 6

• General Purpose (SSD)
• Provisioned IOPS (SSD)
• Throughput Optimized Hard Disk Drive
• Cold Hard Disk Drive
• Magnetic

Question 7

Compare EBS Types

Answer 7

Question 8

Ephemeral Storage

Answer 8

Storage that only exists while the EC2 instance is running. A reboot will wipe everything off.

Question 9

Instance Store Volumes are sometimes called…

Answer 9

Ephemeral

Question 10

True/False: Instance store volumes cannot be stopped.

Answer 10

True

Question 11

Elastic Network Adapter (ENA) supports network speeds of up to…

Answer 11

100 Gbps for supported instance types.

Question 12

Virtual Function (VF) interface supports network speeds of up to…

Answer 12

10 Gbps for supported instance type…usually older.

Question 13

What is an Elastic Fabric Adapter?

Answer 13

Elastic Fabric Adapter (EFA) is a network device that you can attach to your Amazon EC2 instance to accelerate High Performance Computing (HPC) and machine learning applications.

Question 14

When to use ENI?

Answer 14

For basic networking. Perhaps you need a separate management network to your production network or a separate logging network and you need to do this at low cost. In this scenario use multiple ENIs for each network.

Question 15

When to use Enhanced Network something like ENA?

Answer 15

When you need speeds between 10 Gbps and 100 Gbps. Anywhere you need reliable, high throughput.

Question 16

When to use an Elastic Fabric Adapter

Answer 16

when you need to accelerate High Performance Computing (HPC) and machine learning application of if you need to do an OS by-pass. If you see a scenario question mentioning HPC or ML and asking what network adapter you want, choose EFA.

Question 17

What is a spot instance?

Answer 17

It’s the same concept as a spot trade but can also be persistent.

Question 18

What are spot fleets?

Answer 18

Spot fleets are a collection of Spot Instances and, optionally, On-Demand Instances.

Question 18

What are spot fleets?

Answer 18

Spot fleets are a collection of Spot Instances and, optionally, On-Demand Instances.

Question 18

What are spot fleets?

Answer 18

Spot fleets are a collection of Spot Instances and, optionally, On-Demand Instances.

Question 19

Spot Fleet Strategies: capacityOptimized

Answer 19

The Spot Instances come form the pool with optimal capacity for the number of instances launching.

Question 20

Spot Fleet Strategies: diversified

Answer 20

The Spot Instances are distributed across all pools.

Question 21

Spot Fleet Strategies: lowestPrice

Answer 21

The Spot Instances come from the pool with the lowest price. This the the default strategy.

Question 22

Spot Fleet Strategies: InstancePoolsToUseCount

Answer 22

The Spot Instances are distributed across the number of Spot Instance pools you specify. This parameter is valid only when used in combination with lowestPrice.

Question 23

Spot instances save up __% of the cost of On-Demand Instances.

Answer 23

90

Question 24

You can block Spot Instances from terminating by using…

Answer 24

Spot block.

Question 25

Spot Instances are useful for any type of computing where you don’t need…

Answer 25

persistent storage.

Question 26

EC2 Hibernate preserves the in-memory RAM…

Answer 26

on persistent storage, but Instance RAM must be less than 150 GB.

Question 27

CloudWatch vs CloudTrail

Answer 27

CloudWatch is about performance monitoring. CloudTrail is about auditing. (API calls within the AWS platform.)

Question 28

What can you do with CloudWatch

Answer 28

• Dashboards
• Alarms/Alerts
• Events
• Logs

Question 29

Tell me 4 things about IAM Roles

Answer 29

1. Roles are more secure than storing your access key and secret access key on individual EC2 instances.
2. Roles are easier to manage.
3. Roles can be assigned to an EC2 instance after it is created using both the console & command line.
4. Roles are universal – you can use them in any region.

Question 30

How to get metadata about your EC2?

Answer 30

curl http://169.254.169.254/latest/meta-data

curl http://169.254.169.254/latest/user-data

Question 31

What is Amazon FSx for Windows

Answer 31

It provides a fully managed native MS Windows file system so you can easily move your Windows-based application that require file storage to AWS. It is built on Windows Server.

Question 32

Tell me something about Amazon FSx Lustre

Answer 32

It is a fully managed file system that is optimized for compute-intensive workloads, such as high-performance computing, machine learning, media data processing workflows, and electronic design automation. I can process massive data sets at up to hundreds of gigabytes per second of throughput, millions of IOPS, and sub-millisecond latencies.

Question 33

What is a cluster placement group

Answer 33

A cluster placement group is a grouping of instances within a single Availability Zone. Placement groups are recommended for applications that need low network latency, high network throughput, or both.

Question 34

What is a spread placement group?

Answer 34

A group of instances that are each placed on distinct underlying hardware. Recommended for applications that have a small number of critical instances that should be kept separate from each other. THINK - individual instances.

Question 35

What is a Partitioned Placement Group

Answer 35

When using partition placement groups, Amazon EC2 divides each group into logical segments called partitions. Amazon EC2 ensures that each partition within a placement group has its own set of racks. Each rack has its own network and power source. No two partitions within a placement group share the same racks, allowing you to isolate the impact of hardware failure within your application. THINK - Multiple instances.

Question 36

What is enhanced networking?

Answer 36

• It uses single root I/O virtualization (SR-IOV) to provide high-performance networking capabilities on supported instance types.
• SR-IOV is a method of device virtualization that provides higher I/O performance and lower CPU utilization when compared to traditional virtualized network interfaces.
• Enhanced networking provides higher bandwidth, higher packet per second (PPS) performance, and consistently lower-inter-instance latencies. There is NO ADDITIONAL CHARGE for enhanced networking.
• Use this when you want good network performance.

Question 37

What is an Elastic Fabric Adapter?

Answer 37

• An Elastic Fabric Adapter (EFA) is a network device you can attach to your Amazon EC2 instance to accelerate HPC and machine learning applications.
• EFA provides lower, more consistent latency and higher throughput than the TCP transport traditionally used in cloud-based HPC systems.
• EFA can us OS-bypass, which enables HPC and machine learning applications to bypass the operating system kernel and communicate directly with the EFA device. It makes it a lot faster with much lower latency. It is not supported with Windows currently–only LInux.

Question 38

What are the storage services that allow us to achieve HPC on AWS

Answer 38

Instance-attached storage:

• EBS - Scale up to 64,000 IOPS with Provisioned IOPS (PIOPS)
• Instance Store: Scale to millions of IOPS; low latency

Network storage:

• Amazon S3:
• Amazon EFS: Scale IOPS based on total size, or use Provisioned IOPS
• Amazon FSx for Lustre: HPC-optimized distributed file system; millions of IOPS, which is also backed by S3.

Question 39

What are the orchestration and automation services that allow us to achieve HPC on AWS?

Answer 39

AWS Batch - Enables developers, scientists, and engineers to easily and efficiently run hundreds of thousands of batch computing jobs on AWS. AWS Batch supports multi-node parallel jobs, which allows you to run a single job that spans multiple EC2 instances. You can easily schedule jobs and launch EC2 instances according to your needs.

AWS Parallel Cluster - Open-source cluster management tool that makes it easy for you to deploy and manage HPC clusters on AWS. ParallelCluster uses simple text file to model and provision all the resources needed for your HPC applications in an automated and secure manner. Automate creation of VPC, subnet, cluster type, and instance types.

Question 40

What is AWS WAF (Web Application Firewall)

Answer 40

AWS WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to Amazon CloudFront, an Application Load Balancer or API Gateway.

AWS WAF also lets you control access to your content.

Question 41

At its most basic level, AWS WAF allows what 3 different behaviors:

Answer 41

1. Allow all requests except the ones you specify
2. Block all requests except the ones you specify
3. Count the requests that match the properties you specify