EC2

Question 1

How to move an EC2 volume from one region to another?

Answer 1

1. Take snapshot of volume
2. Create AMI from snapshot
3. Copy AMI to new region
4. Launch new EC2 instance in new region from copied AMI

Question 2

How to move an EC2 volume to a new AZ?

Answer 2

1. Take a snapshot of the volume
2. Create AMI from snapshot
3. Use the AMI to launch a new EC2 instance in the new AZ

Question 3

Encryption state of snapshots of encrypted volumes?

Answer 3

snapshots of encrypted volumes are encrypted automatically

Question 4

Encryption state of a volume restored from an encrypted snapshot

Answer 4

The restored volume is encrypted automatically

Question 5

Can you share snapshots?

Answer 5

Yes, but only if they are unencrypted

Question 6

How to encrypt an unencrypted root device volume?

Answer 6

1. Create snapshot of root device volume
2. Create copy of the snapshot and select the encrypt option
3. Create an AMI from the encrypted snapshot
4. Use the AMI to launch new encrypted instances

Question 7

Alternate name for instance store volumes

Answer 7

Ephemeral storage

Question 8

Instance store volumes vs. EBS backed instances

Answer 8

Instance store volumes will lose the data if the underlying host fails.
EBS backed instances can be stopped without data loss.

Both can be rebooted without losing data
Both will delete ROOT volumes on termination but EBS volumes have an option to keep the root device volume

Question 9

ENI - acronym

Answer 9

Elastic Network Interface

Question 10

ENI - definition/info

Answer 10

For basic networking; Can use multiple to create separate networks at low cost

Question 11

EN - acronym

Answer 11

Enhanced network

Question 12

EN - definition/info

Answer 12

For when you need reliable, high throughput.

Supports speeds between 10Gbps and 100Gbps

Question 13

EFA - acronym

Answer 13

Elastic Fabric Adaptor

Question 14

EFA - definition/info

Answer 14

For when you need to accelerate
High Performance Computing (HPC) OR
Machine Learning OR
If you need to do an OS by-pass

Question 15

EC2 Network adapters

Answer 15

ENI - elastic network interface
EN - enhanced network
EFA - elastic fabric adaptor

Question 16

Cloudwatch

Answer 16

Used to monitor performance

Can monitor most of AWS as well as apps running on AWS

Question 17

Cloudwatch default vs detailed monitoring (EC2)

Answer 17

Will monitor every 5 mintutes by default

Will monitor every minute when detailed monitoring is turned on

Question 18

CloudWatch vs CloudTrail

Answer 18

CloudWatch is about performance.

CloudTrail is about auditing; monitores API calls

Question 19

What can you create with CloudWatch

Answer 19

Dashboards
Alarms
Events
Logs - aggregate, monitor, and store logs

Question 20

EC2 Roles vs Access key + Secret access key

Answer 20

Roles are:
easier to manage
able to be assigned to an EC2 instance after it is created via the console & the command line
universal; able to be used in any region

Question 21

Bootstrap scipts

Answer 21

Run when an EC2 instance first boots

Can be a powerful way of automating software installs and updates

Question 22

Instance metadata

Answer 22

Information about an instance (like public/private IP)

curl http://169.254.169.254/latest/meta-data

Question 23

Instance user data

Answer 23

The bootstrap script passed to EC2 instance on boot

curl http://169.254.169.254/latest/user-data

Question 24

EFS - info

Answer 24

Supports NFSv4
Can support thousands of concurrent NFS connections
Data stored across multiple AZ’s within a region
Read after write consistency

Question 25

EFS - scenario

Answer 25

distributed, highly resilient storage for Linux instances and Linux-based apps

Question 26

FSx for Windows - scenario

Answer 26

centralised storeage for Windows based apps

Question 27

FSx for Lustre - scenario

Answer 27

high-speed, high capacity distributed storage
For apps that do high performance compute (HPC), financial modeling, etc
Can store data directly on S3

Question 28

EC2 storage mechanisms

Answer 28

EFS
FSx for Windwos
FSx for Lustre

Question 29

EC2 placement groups

Answer 29

Clustered placement group
Spread placement group
Partitioned

Only certain types of instances can be launched in a placement group

Question 30

Clustered placement group

Answer 30

low network latency / high network throughput
all instances on the same rack
recommended to use homogenous instances

Question 31

Spread placement group

Answer 31

individual critical EC2 instances

Each instance on a seperate rack

Question 32

Partitioned placement group

Answer 32

multiple EC2 instances
Each partition on a seperate rack than the other
HDFS, HBase, and Cassandra

Question 33

Placement group by availability zone capabilities

Answer 33

Clustered - cannot span multiple AZs

Spread & Partitioned - can spread multiple AZs

Question 34

Placement group name

Answer 34

must be unique

Question 35

placement group merging

Answer 35

not possible

Question 36

How to block malicious IP addresses

Answer 36

Using AWS WAF

Using Network ACLs

Question 37

SR-IOV

Answer 37

Single root I/O virtualization

provides higher I/O performance and lower CPU utilization compared to traditional virtual network interfaces

Question 38

When can you attach/replace an IAM role on an EC2 instance?

Answer 38

If no current role: Anytime

If current role: When the instance is in a running state

Question 39

EC2 hypervisors

Answer 39

Xen - modified version of Xen Hypervisor

Nitro - new in-house version rolled out in 2017

Question 40

EC2 nitro

Answer 40

latest gen EC2 instances that guarantee up to 64,000 IOPS