EC2

Question 1

EC2 Pricing

Answer 1

• On Demand - pay by the hour or second
• Reserved - 1-3 years, up to 72% discount on hourly charge
• Spot - purchase unused capacity, up to 90% discount, prices fluctuate w/ supply and demand
• Dedicated - a physical EC2 server, dedicated for your use. The most expensive option.

Question 2

On Demand Benefits

Answer 2

1) Flexible - low cost + no upfront payment/commitment
2) For Short Term, spiky or unpredictable workloads
3) For testing the water, apps being developed or tested for the first time

Question 3

Reserved Instances Benefits

Answer 3

1) For predictable usage
2) Specific capacity requirements
3) Pay up front (helps reduce computing costs)
4) Commit to 1 or 3 years
5) Super flexible (can also use with Lambda and Fargate)
6) Can be shared across accounts with in an Organization

Question 4

Types of Reserved Instances

Answer 4

• Standard RI: up to 72% off the On Demand price
• Convertible RI: up to 54% off the On Demand price with option to change to a different RI of equatl or greater value
• Scheduled RI: match your capacity needs to a predictable, recurring schedule that only needs a fraction of a day, week or month

Question 5

At what level do Reserved Instance operate?

Answer 5

at the regional level

Question 6

Spot Instances Benefits

Answer 6

1) Flexible - apps that have flexible start and end times
2) Cost sensitive - apps that are only feasible at low compute prices
3) Urgent Capacity - users with urgent need for large amounts of compute (Image rendering, genomic sequencing, algorithmic trading engines)

Question 7

Dedicated Hosts

Answer 7

• for compliance needs where you need dedicated hardware
• for licensing restrictions
• can be On Demand - reserved hourly
• can be Reserved - purchased as a reservation for up to 70% of the on-demand price

Question 8

How can you figure out what your hypothetical infrastructure might cost?

Answer 8

AWS Pricing Calculator

Question 9

AWS CLI Exam Tips

Answer 9

AWS Command Line Interface

• Principle of Least Privilege
• use IAM groups
• Secret Access Key - you only see it once, better save it
• don’t share key pairs
• supported on Linux, Windows, MacOS, and EC2

Question 10

IAM Roles

Answer 10

• an identity that has specific permissions

Question 11

Ways IAM Roles are similar to a user

Answer 11

• both are created in IAM
• permission policies determine what it can/cannot do
• IAM policies are global

Question 12

Ways IAM Roles are different from a user

Answer 12

• not uniquely identified with a person
• intended to be assumed by anyone who needs it
• temporary - when you assume a role it provides you temporary security credentials for your role session

Question 13

Who can assume roles?

Answer 13

• people
• AWS architecture
• other system-level accounts
• other AWS accounts (for cross-account access)

Question 14

Example of using an IAM role

Answer 14

1) Create IAM role
2) Create EC2 instance
3) Create S3 bucket
4) Access S3 from the EC2 instance

Question 15

IAM Roles Exam Tips

Answer 15

• Roles are the preferred option from a security standpoint
• always choose roles over hard-coding credentials
• provide access without using access key IDs and secret access keys
• made up of policies, changes take effect immediately
• you can attach and detach roles without having to stop the EC2 instance

Question 16

Bootstrap Scripts

Answer 16

• a script that runs when the instance first starts up
• has root permissions
• adds to the time it takes to boot the instance
• allows you to automate the installation of your applications

Question 17

Example of a Bootstrap Script

Answer 17

• automatically install apache webserver
• when originally configuring your instance, there is a ‘user data’ box at the bottom where you can paste your startup script

Question 18

Security Group Exam Tips

Answer 18

1) Changes to security groups take effect immediately
2) you can have any number of EC2 instances within a security group
3) you can have multiple security groups attached to an EC2 instance
4) all inbound traffic is blocked by default
5) all outbound traffic is allowed.

Question 19

EC2 Metadata

Answer 19

Data about your EC2 Instances

• private IP address
• public IP address
• hostname
• security groups, etc.

Question 20

How do you retrieve Metadata?

Answer 20

with a curl call

Question 21

User Data vs MetaData Exam tips

Answer 21

User data is bootstrap scripts

• meta data is data about your EC2 instances
• you can use bootstrap scripts to access metadata

Question 22

3 Types of virtual networking cards for EC2

Answer 22

1) ENI
2) EN
3) EFA

Question 23

ENI

Answer 23

Elastic Networking Interface

• for basic day-to-day networking
• the default network card for EC2 instances
• private IPv4 addresses
• public IPv4 addresses
• many IPv6 addresses
• MAC addresses
• 1 or more security groups

Question 24

EN

Answer 24

Enhanced Networking

- uses single root I/O virtualization (SR-IOV) to provide higher performance

Question 25

EFA

Answer 25

Elastic Fabric Adapter

• accelerates High Performance Computing (HPC) and machine learning applications
• a network device you can attach to your EC2 instance to accelerate HPC computing and machine learning
• provides lower and more consistent latency and higher throughput than TCP transport
• can use OS-bypass to be faster and lower latency**
• bypass the OS Kernel and communicate with the EFA device
• not supported on Windows

Question 26

ENI use cases

Answer 26

• Create a management network
• use network and security appliances in your VPC
• create dual-homed instances with workloads/roles on distinct subnets
• create a low-budget, high-availability solution

Question 27

EN use cases

Answer 27

• for high performance networking between 10GBPS and 100 GBPS
• provides higher bandwidth
• higher packet per second performance
• consistently lower inter-instance latencies

Question 28

Two types of EN

Answer 28

1) ENA - Elastic Network Adapter - supports speeds up to 100 GBPS for supported instance types
2) Intel 82599 Virtual Function Interface (older, don’t choose on exam)

Question 29

ENI Exam Scenarios

Answer 29

• for basic networking
• if you need a separate management network from your production network, or a separate logging network
• need to do it at low cost
  Solution: Use multiple ENIs for each network

Question 30

EN Exam Scenarios

Answer 30

• for when you need speeds between 10 - 100 GBPS

- when you need reliable high throughput

Question 31

EFA Exam Scenarios

Answer 31

• for HPC and machine learning

- for OS bypass

Question 32

3 types of EC2 Placement Groups

Answer 32

1) Cluster Placement Groups
2) Spread Placement Groups
3) Partition Placement Groups

Question 33

Cluster Placement Groups

Answer 33

• instances grouped within a single AZ

- Recommended for: applications that need low latency, high network throughput, or both*

Question 34

Spread Placement Groups

Answer 34

• used for individual or critical instances*
• can span AZs
• each instance is on distinct physical hardware
• recommended for: applications that have a small # of critical instances that should be kept separate

Question 35

Partition Placement Groups

Answer 35

• for multiple instances
• each partition placement group has its own set of racks with distinct network and power
• used for : HDFS (Hadoop), H Base (big data db), Cassandra (fast NoSQL), multiple EC2 instances
• can span multiple AZs*

Question 36

What types of instances can be launched in a placement group?*

Answer 36

• Compute optimized
• GPU
• Memory optimized
• Storage optimized

Question 37

What does AWS recommend within Cluster Placement Groups

Answer 37

homogeneous instances (all same kind)

Question 38

Can you merge Placement Groups?

Answer 38

No

Question 39

Can you move an instance into an existing Placement Group?

Answer 39

Yes, but instance must be in a stopped state. Can be done via the CLI or SDK, but not the Console yet.

Question 40

Maximum Spot Price

Answer 40

A price you specify that determines whether your Spot Instance will be provisioned

Question 41

How many minutes do you have to accept or terminate if your instance goes above the maximum spot price?

Answer 41

2 minutes

Question 42

Spot Block*

Answer 42

• for workloads that absolutely cannot be terminated
• keeps your spot instance from being terminated if price goes above your max
• can be set for 1 to 6 hours

Question 43

How can you compare different AZs and time of day to find the best Spot Instance?

Answer 43

Spot Instance Pricing History

Question 44

Spot Instance Use Cases

Answer 44

• big data
• HPC
• containerized workloads
• CI/CD and testing
• image/media rendering/encoding

Question 45

What are Spot Instances NOT recommended for?

Answer 45

• persistent workloads
• critical jobs
• databases

Question 46

How to terminate a one time spot instance?

Answer 46

instance is terminated when it is done, or when the max spot price threshold is hit

Question 47

How to terminate recurring spot instances?

Answer 47

1) go in and cancel your request
2) then go in and terminate your instance
* * must do this is the right order, otherwise you’ll end up in an endless loop of it re-creating your instance

Question 48

Spot Fleets*

Answer 48

• a collection of spot instances (and optionally, On Demand instances)
• attempts to launch the number of spot and on-demand instances to meet your target capacity while honoring your maximum spot price
• attempts to maintain target capacity fleet if your instances are interrupted.

Question 49

Spot Fleet Strategy - Capacity Optimized

Answer 49

spot instances come from the pool with optimal capacity for the number of instances launching

Question 50

Spot Fleet Strategy - Lowest Price

Answer 50

spot instances come from the pool with the lowest price (default strategy)

Question 51

Spot Fleet Stratey - Diversified

Answer 51

Spot instances are distributed across all pools

Question 52

Spot Fleet Strategy - Instance Pools to Use Count

Answer 52

Spot instances are distributed across the # of pools you specify. Only valid when used with the lowest price.