EC2 Flashcards
1
Q
different types of EC2 instances (7)
What are the 4 most important?
A
General Purpose, Compute Optimized, Memory Optimized, Storage Optimized, Accelerated Computing, Instance Feature, Measuring Instance Performance
2
Q
What are the (3) parts of the AWS EC2 instance type naming convention:
m5:large
A
Instance class, generation, size within the instance class
3
Q
EC2 Instance Type Great for a diversity of workloads such as web servers or code repositories
A
General Purpose
4
Q
General Purpose EC2 Instance Type are great at balancing between ____________ (3)
A
Compute, Memory, Networking
5
Q
EC2 Instance Type Great for compute-intensive tasks that require high performance processors
A
Compute Optimized
6
Q
Which EC2 Instance Type would use the following:
Batch processing workloads, Media transcoding, High performance web servers, High performance computing (HPC), Scientific modeling & machine learning, Dedicated gaming servers
A
Compute Optimized EC2 Instance Type
7
Q
EC2 Instance Type - Fast performance for workloads that process large data sets in memory
A
Memory Optimized
8
Q
Which EC2 Instance Type would use the following:
High performance, relational/non-relational databases, Distributed web scale cache stores, In-memory databases optimized for BI (business intelligence), Applications performing real-time processing of big unstructured data
A
Memory Optimized
9
Q
EC2 Instance Type Great for storage-intensive tasks that require high, sequential read and write access to large data sets on local storage
A
Storage Optimized
10
Q
Can Security Groups be attached to multiple instances
A
Yes
11
Q
Security Groups are locked down to a ____________
A
region/VPC combination
12
Q
For EC2, where does the Security Group live?
A
Outside of the EC2 (if traffic is blocked the EC2 instance won’t see it)
13
Q
What is a good security group practice for SSH access?
A
to maintain a separate security group of SSH access
14
Q
What is it if your application is not accessible (timeout)
A
it is a security group issue
15
Q
What error is given if you have an application error or the EC2 is not launched?
A
connection refused
16
Q
In EC2 security groups, All inbound traffic is _____________ by default
A
Blocked
17
Q
EC2 security groups - All outbound traffic is ____________ by default
A
authorised
18
Q
SSH (Secure Shell) - log into a Linux instance (Port)
A
22
19
Q
FTP (File Transfer Protocol) – upload files into a file share (Port)
A
21
20
Q
SFTP (Secure File Transfer Protocol) – upload files using SSH (Port)
A
22
21
Q
HTTP – access unsecured websites (Port)
A
80
22
Q
HTTPS – access secured websites (Port)
A
443
23
Q
General Purpose EC2 Instance Type are great at balancing between ____________ (3)
A
Compute
Memory
Networking
24
Q
EC2 Instances Purchasing Options (7)
A
On-Demand Instances
Reserved
Savings Plans
Spot Instances
Dedicated Hosts
Dedicated Instances
Capacity Reservations
25
EC2 Instances Purchasing Options - short workload, predictable pricing, pay by second
On-Demand Instances
26
EC2 Instances Purchasing Options - (1 & 3 years)
* long workloads
* long workloads with flexible instances
Reserved
27
EC2 Instances Purchasing Options - (1 & 3 years) –commitment to an amount of usage, long workload
Savings Plans
28
EC2 Instances Purchasing Options - short workloads, cheap, can lose instances (less reliable)
Spot Instances
29
EC2 Instances Purchasing Options - book an entire physical server, control instance placement
Dedicated Hosts
30
EC2 Instances Purchasing Options - no other customers will share your hardware
Dedicated Instances
31
EC2 Instances Purchasing Options
32
* Pay for what you use:
* Linux or Windows - billing per second, after the first minute
* All other operating systems - billing per hour
* Has the highest cost but no upfront payment
* No long-term commitment
* Recommended for short-term and un-interrupted workloads, where you can't predict how the application will behave
EC2 On Demand
33
* Up to 72% discount compared to On-demand
* You reserve a specific instance attributes (Instance Type, Region,Tenancy, OS) * Reservation Period – 1 year (+discount) or 3 years (+++discount)
* Payment Options – No Upfront (+), Partial Upfront (++), All Upfront (+++) * Reserved Instance’s Scope – Regional or Zonal (reserve capacity in an AZ)
* Recommended for steady-state usage applications (think database)
* You can buy and sell in the Marketplace
* Convertible Reserved Instance
* Can change the EC2 instance type, instance family, OS, scope and
tenancy
* Up to 66% discount
EC2 Reserved Instances
34
* Get a discount based on long-term usage (up to 72% - same as RIs)
* Commit to a certain type of usage ($10/hour for 1 or 3 years)
* Usage beyond this pricing option is billed at the On-Demand price
* Locked to a specific instance family & AWS region (e.g., M5 in us-east-1)
* Flexible across:
* Instance Size (e.g., m5.xlarge, m5.2xlarge)
* OS (e.g., Linux, Windows)
* Tenancy (Host, Dedicated, Default)
EC2 Savings Plans
35
* Can get a discount of up to 90% compared to On-demand
* Instances that you can “lose” at any point of time if your max price is less than the current spot price
* The MOST cost-efficient instances in AWS
* Useful for workloads that are resilient to failure
* Batch jobs
* Data analysis
* Image processing
* Any distributed workloads
* Workloads with a flexible start and end time
* Not suitable for critical jobs or databases
EC2 Spot Instances
36
* A physical server with EC2 instance capacity fully dedicated to your use
* Allows you address compliance requirements and use your existing server- bound software licenses (per-socket, per-core, pe—VM software licenses)
* Purchasing Options:
* On-demand – pay per second for active Dedicated Host
* Reserved - 1 or 3 years (No Upfront,Partial Upfront,All Upfront)
* The most expensive option
* Useful for software that have complicated licensing model (BYOL – Bring Your
Own License)
* Or for companies that have strong regulatory or compliance needs
EC2 Dedicated Hosts
37
* Instances run on hardware that’s dedicated to you
* May share hardware with other instances in same account
* No control over instance placement (can move hardware after Stop / Start
EC2 Dedicated Instances
38
* Reserve On-Demand instances capacity in a specific AZ for any duration
* You always have access to EC2 capacity when you need it
* No time commitment (create/cancel anytime), no billing discounts
* Combine with Regional Reserved Instances and Savings Plans to benefit from billing discounts
* You’re charged at On-Demand rate whether you run instances or not
* Suitable for short-term, uninterrupted workloads that needs to be in a
specific AZ
EC2 Capacity Reservations
39
GO TO VIDEO 43 MIN 5:45
40
Control over the EC2 Instance placement strategy
Placement Groups
41
What are the 3 types of Placement Groups
Cluster
Spread
Partition
42
a Placement group that is a Low-latency group in a single Availability Zone
Cluster Placement Groups
43
Instances across underlying hardware (max 7 instances per group per AZ)
Spread Placement Group
44
Instances across many different partitions (which rely on different sets of racks) within an AZ. Scales to 100s of EC2 instances per group (Hadoop, Cassandra, Kafka)
Partition
45
Placement Group
* Pros: Great network (10 Gbps bandwidth between instances with Enhanced Networking enabled - recommended)
* Cons: If the rack fails, all instances fails at the same time
* Use case:
* Big Data job that needs to complete fast
* Application that needs extremely low latency and high network throughput
Cluster Placement Group
46
Placement Group
* Pros:
* Can span across Availability Zones (AZ)
* Reduced risk is simultaneous failure
* EC2 Instances are on different physical hardware
* Cons:
* Limited to 7 instances per AZ per placement group
* Use case:
* Application that needs to maximize high availability
* Critical Applications where each instance must be isolated from failure from each other
Spread PLACEMENT GROUP
47
* Up to 7 partitions per AZ
* Can span across multiple AZs in the
* Up to 100s of EC2 instances
* The instances in a partition do not share racks with the instances in the other partitions
* A partition failure can affect many EC2 but won’t affect other partitions
* EC2 instances get access to the partition information as metadata
* Use cases: HDFS, HBase, Cassandra, Kafka
Partition Placements Groups
48
What does ENI stand for?
Elastic Network Interfaces
49
Logical component in a VPC that represents a virtual network card
Elastic Network Interfaces (ENI)
50
The ENI can have the following attributes (5)
* Primary private IPv4, one or more secondary IPv4
* One Elastic IP (IPv4) per private IPv4
* One Public IPv4
* One or more security groups
* A MAC address
51
You CAN create ENI independently and attach them on the fly (move them) on EC2 instances for failover
True
52
You can create ENI independently and attach them on the fly (move them) on EC2 instances for failover
TRUE
53
Are ENI's bound to a specific AZ
Yes
54
What does EBS stand for?
Elastic Block Store
55
A network drive you can attach to your instances while they run
EBS Volume
56
It allows your instances to persist data, even after their termination
EBS Volume
57
They can only be mounted to one EC2 instance at a time (at the CCP level)
EBS Volume
58
Are EBS volumes bound to a specific AZ?
YES
59
It can be detached from an EC2 instance and attached to another one quickly
EBS Volume
60
What type of drive is an EBS volume?
Network Drive (not physical drive)
61
How can you move an EBS volume across AZs?
You need to snapshot it
62
Can you increase the capacity of the EBS volume drive over time
YES
63
By default, the root EBS volume is _______?
Deleted (attribute enabled)
64
By default, any other attached EBS volume attached to the EC2 instance is ______?
NOT deleted (attribute disabled)
65
Make a backup of your EBS volume at a point in time
EBS Snapshot
66
Is It necessary to detach and EBS volume to do snapshot??
NO, But it is recommended
67
Can you copy snapshots across AZ or Region???
YES
68
* Move a Snapshot to an ”archive tier” that is 75% cheaper
* Takes within 24 to 72 hours for restoring the archive
EBS Snapshot Archive
69
* Setup rules to retain deleted snapshots so you can recover them after an accidental deletion
* Specify retention (from 1 day to 1 year)
Recycle Bin for EBS Snapshots
70
EBS Snapshots Features - Force full initialization of snapshot to have no latency on the first use ($$$)
Fast Snapshot Restore (FSR)
71
What does AMI stand for??
Amazon Machine Image
72
A customization of an EC2 instance
AMI
73
* You add your own software, configuration, operating system, monitoring...
* Faster boot / configuration time because all your software is pre-packaged
AMI (Amazon Machine Image)
74
Are AMI's built for a specific region?
YES
75
Can AMI's be copied across regions?
YES
76
Does an AMI create an EBS snapshot??
YES
77
What do you need to use if you need a high- performance hardware disk for your EC2 instance?
EC2 Instance Store
78
EC2 Instance Store - Backups and Replication are your responsibility
TRUE
79
EBS Volumes come in 6 types
gp2 / gp3 (SSD)
io1 / io2 (SSD)
st1 (HDD)
sc1 (HDD)
80
General purpose SSD volume that balances price and performance for a wide variety of workloads
gp2 / gp3 (SSD)
81
Highest-performance SSD volume for mission-critical low-latency or high-throughput workloads
io1 / io2 (SSD)
82
Low cost HDD volume designed for frequently accessed, throughput- intensive workloads
st1 (HDD):
83
Lowest cost HDD volume designed for less frequently accessed workloads
sc1 (HDD)
84
3 characteristics of EBS Volumes
Size
Throughput
IOPS (I/O Per second)
85
Which 2 EBS Volumes can be used as boot volumes?
gp2/gp3 and io1/io2
86
* Cost effective storage, low-latency
* System boot volumes,Virtual desktops, Development and test environments
* 1 GiB - 16TiB
General Purpose SSD
87
* Baseline of 3,000 IOPS and throughput of 125 MiB/s
* Can increase IOPS up to 16,000 and throughput up to 1000 MiB/s independently
gp3
88
* Small ______ volumes can burst IOPS to 3,000
* Size of the volume and IOPS are linked, max IOPS is 16,000
* 3 IOPS per GB, means at 5,334 GB we are at the max IOPS
gp2
89
* Critical business applications with sustained IOPS performance
* Or applications that need more than 16,000 IOPS
* Great for databases workloads (sensitive to storage perf and consistency)
Provisioned IOPS (PIOPS) SSD
90
* (4 GiB - 16 TiB)
* Max PIOPS: 64,000 for Nitro EC2 instances & 32,000 for other
* Can increase PIOPS independently from storage size
io1/io2
91
________ have more durability and more IOPS per GiB
io2
92
Whats the $ cost for the io2 to have more durability and more IOPS per GiB than the io1??
None, it's the same price
93
* (4 GiB – 64 TiB)
* Sub-millisecond latency
* Max PIOPS: 256,000 with an IOPS:GiB ratio of 1,000:1
io2 Block Express
94
Which EBS volume types Supports EBS Multi-attach
Provisioned IOPS (PIOPS) SSD
95
* Cannot be a boot volume
* 125 GiB to 16TiB
Hard Disk Drives (HDD)
96
* Big Data, Data Warehouses, Log Processing
* Max throughput 500 MiB/s – max IOPS 500
Throughput Optimized HDD (st1)
97
* For data that is infrequently accessed
* Scenarios where lowest cost is important
* Max throughput 250 MiB/s – max IOPS 250
Cold HDD (sc1):
98
* Attach the same EBS volume to multiple EC2 instances in the same AZ
* Each instance has full read & write permissions to the high-performance volume
EBS Multi-Attach – io1/io2 family
99
How many EC2 Instances can you connected to a EBS Multi- Attach?
16
100
What type of files system must you use with a EBS Multi-Attach?
Cluster-Aware
101
When you create an encrypted EBS volume, you get the following:
* Data at rest is encrypted inside the volume
* All the data in flight moving between the instance and the volume is encrypted
* All snapshots are encrypted
* All volumes created from the snapshot
102
EBS Encryption has a minimal impact on ____?
latency
103
EBS Encryption leverages keys from ______?
KMS (AES-256)
104
Copying an _____ snapshot allows _______?
unencrypted, encryption
105
Snapshots of encrypted EBS volumes are _______?
encrypted
106
What are the 4 steps to encrypting and unencrypted EBS volume?
* Create an EBS snapshot of the volume
* Encrypt the EBS snapshot ( using copy )
* Create new ebs volume from the snapshot ( the volume will also be encrypted )
* Now you can attach the encrypted volume to the original instance
107
What does EFS stand for?
Elastic File System
108
* Managed NFS (network file system) that can be mounted on many EC2
* Works with EC2 instances in multi-AZ
* Highly available, scalable, expensive (3x gp2), pay per use
EFS
109
What are these use cases for??
EFS
110
EFS uses which kind of protocol?
NFSv4.1
111
How do you control the access of EFS?
Security Groups
112
EFS is only compatible with which type of AMI?
Linux
113
What type of Encryption does EFS use at rest?
KMS
114
READ SLIDE 111 and 112
115
What are the 3 ways to Instantiate EC2's quickly
Golden AMI
Bootstrap Using User Data
Hybrid: mix Golden AMI and User Data (Elastic Beanstalk)
116
Instantiate EC2's quickly ... Install your applications, OS dependencies etc.. beforehand and launch your EC2 instance
Golden AMI
117
Instantiate EC2's quickly ... For dynamic configuration
Bootstrap Using User Data
118
Instantiate EC2's quickly .. mix Golden AMI and User Data (Elastic Beanstalk)
Hybrid
119
