AWS EC2 Flashcards
EBS - SSD - IOPs
- GP2 16000 IOPS
- IO1 - 64K IOPS
EC2 Hibernation
- preserves in memory RAM on EBS
- Must be less than 150gb
- Can’t hibernate > 60 days
- On-demand and Reserved
- Windows, Linux AMI, Umbunto
If you delete an ASG, what happens to the instances?
The instances will be terminated and the ASG will be deleted.
EC2 ASGs can span AZs and Regions - true or false?
False… ASGs only span AZs not regions.
How would you ensure only traffic to EC2 instance from an ELB
configure the security group of the ec2 instances to allow only traffic from the ELB
Can you change instance size while running
Yes. Simple button push
Two methods for accessing meta data of ec2 instances
169.254.169.254/latest/meta-data
Metadata Query Tool
An elastic IP Address is public or private?
Public
Easy way to move a private network between two ec2 instances (primary and standby) in failure of the primary?
Use an ENI. Move on failure.
How does cross zone load balancing work with 1 instance in az1 and 4 instances in az2
All get 20%
How does load balancing work with 1 instance in az1 and 4 instances in az2 without cross zone balancing
50% in az1. And 50% in az2 split across 4 instances
Ec2 auto scaling picks the highest capacity policy if two events trigger at the same time. True or false
True
You can use an internet gateway ID as the custom source for a security group rule?
False
A recovered instance is identical to the original. Including Id. IPs. And metadata
True
Allows elb to complete inflight requests?
Connection draining
True or false, an ebs volume can be used normally while a snapshot is in progress?
True
Load balancer is not sending data to an instance, Why?
Instance has failed the elb health check
Can you Create a cloud watch alarm to reboot instances
True
Cold Attach
Instance is being launched
Hot attach
Instance is running
Warm attach
Instance is stopped
ASGs are only scaling out a portion of the instances …why?
VCPU based limits
You can change the security group when the instance is in a running or stopped state?
True
Default Configuration of the default NACL is
Allow
Default Configuration of a custom NACL is
Deny
Can you change a default security group
Yes
Can you delete the default security group
No
How do you allow a group of developers the ability to assume a role that allows access to aws services?
Create a policy that allows certain permissions needed by the devs
Create a role using the policy just created
Create a policy that allows that role to be assumed
Attach the policy to the IAM group for devs
Can an IAM group assume a role
No
Assuming a role gives you permanent access
False. Roles grant temp access
What aws resources can assume a role
A role can be assumed by a human user or a machine principal, such as an Amazon Elastic Computer Cloud (Amazon EC2) instance or an AWS Lambda function
Auto scaling cooldown
Wait time scaling takes before takings action…. 5mins default
Allows a spot instance to run uninterrupted for 1 to 6 hours
Spot block
Default security group settings
Allow inbound from all within same group
Allow all outbound
What are the rules of a new security group?
Inbound Deny
Outbound Allow All
What interfaces get DNS Hostnames using the default VPC?
Both Public and Private get Hostnames
What interfaces get DNS Hostnames using the non-default VPC?
Private gets a DNS Hostname
Public does not get a DNS Hostname
You can only attach an instance store to an EC2 instance at launch?
True.
Do all instance types support encryption?
No… all families do, but not all types within those families.
How can you optimize the EBS volumes attached to your EC2 instance?
Use EBS Optimized Instances
Adding an ASG to an ELB… what health checks should be enabled on the ASG?
- EC2 which is by default
- ELB - so that the ASG knows the ELB has marked the instance as unhealthy
Used to execute scripts from the console on all target EC2 instances
RUN Command
How to use a new AMI in a Launch Configuration
- Create a New Launch Config using the new AMI
- Update the ASG to use the new Launch Config
Placement group that enables workloads to achieve the low-latency network performance necessary for tightly-coupled node-to-node communication that is typical of HPC applications.
Cluster
Placement group where instances do not share the underlying hardware with groups of instances….This strategy is typically used by large distributed and replicated workloads, such as Hadoop, Cassandra, and Kafka.
Partition
Placement group that places a small group of instances across distinct underlying hardware to reduce correlated failures.
Spread
Do gp2 ebs volumes support multi-attach
No. Multi-Attach is supported exclusively on Provisioned IOPS SSD volumes.
Does hibernating an ec2 instance preserved an instance store volume or save the data
No
During rebalancing, asg launches new before termination of old?
True
Asg terminates unhealthy instances before launching new
True
You have an asg across 3azs… what is the min capacity to be highly available?
2
Used to customize dynamic ec2 configuration options
User data
EC2 instance in an Auto Scaling group is having some issues that are causing it to launch new instances based on the dynamic scaling policy. How to troubleshoot and stop the current scaling…
Suspend the scaling processes responsible for launching new instances
Place the EC2 instance that is experiencing issues into the Standby state
you can suspend a scaling process… no need to disable
The following are a few reasons why an instance might immediately terminate:
– You’ve reached your EBS volume limit.
– An EBS snapshot is corrupt.
– The root EBS volume is encrypted and you do not have permissions
– The instance store-backed AMI that you used to launch the instance is missing a required part (an image.part.xx file).
Using IP addresses as targets allows load balancing any application hosted in AWS or on-premises using IP addresses
true
The logical ID is used to reference the resource in parts of the template for CloudFormation.
true
Lambda runtimes
Java C# Go Ruby Power shell Node is
Can instance volumes be used at boot volumes
Yes
Asg rebalancing launches new before terminating
True. Unlike unhealthy
Need DB with no write downtime?
Aurora multi master
Reasons asg might not terminate instances
In impaired stas
Health grace period not expired
Failed elb check
Asg de-registration delay can do what?
Delay the scaling in event allows the target to complete work
Can you use a launch configuration with multiple instance types?
No. Use a launch template?
When to use Enhanced networking
High throughput. 10gbs to 100gbs
Can you hibernate an ec2 with instance store and keep the data
No. You will lose the data
Status check failed_instance
Problems that require your attention…. Vs. “…_system” that require amz attention
