AWS Fundamentals – Part II Flashcards

1
Q

What is Scalability?

A
  • Scalability means that an application / system can handle greater loads by adapting.
  • There are two kinds of scalability:
    • Vertical Scalability
    • Horizontal Scalability (= elasticity)
  • Scalability is linked but different to High Availability
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is Vertical Scalability?

A
  • Increasing the size of the instance
  • Vertical scalability is very common for non distributed systems, such as a database.
  • RDS, ElastiCache are services that can scale vertically.
  • There’s usually a limit to how much you can vertically scale (hardware limit)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is Horizontal Scalability?

A
  • Horizontal Scalability means increasing the number of instances / systems for your application
  • Horizontal scaling implies distributed systems.
  • This is very common for web applications modern applications
  • It’s easy to horizontally scale thanks the cloud offerings such as Amazon EC2
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is High Availability?

A
  • High Availability usually goes hand in hand with horizontal scaling
  • High availability means running your application / system in at least 2 data centers (AZ)
  • The goal of high availability is to survive a data center loss
  • The high availability can be passive (for RDS Multi AZ for example)
  • The high availability can be active (for horizontal scaling)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Vertical Scaling for EC2 instance

A

Vertical Scaling: Increase instance size (= scale up / down)
• From: t2.nano - 0.5G of RAM, 1 vCPU
• To: u-12tb1.metal – 12.3 TB of RAM, 448 vCPUs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Horizontal Scaling for EC2 instance

A

Horizontal Scaling: Increase number of instances (= scale out / in)
• Auto Scaling Group
• Load Balancer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

High Availability for EC2 instance:

A

High Availability: Run instances for the same application across multi AZ
Auto Scaling Group multi AZ
Load Balancer multi AZ

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is Load balancer?

A

Load Balances are servers that forward traffic to multiple servers (e.g., EC2 instances) downstream

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Why use a load balancer?

A
  • Spread load across multiple downstream instances
  • Expose a single point of access (DNS) to your application
  • Seamlessly handle failures of downstream instances
  • Do regular health checks to your instances
  • Provide SSL termination (HTTPS) for your websites
  • Enforce stickiness with cookies
  • High availability across zones
  • Separate traffic: publicf rom private
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is ELB and why yo use it?

A
  • Elastic Load Balancer is a managed load balancer
    • AWS guarantees that it will be working
    • AWS takes care of upgrades, maintenance, high availability
    • AWS provides only a few configuration knobs
  • It costs less to setup your own load balancer but it will be a lot more effort on your end
  • It is integrated with many AWS offerings / services
    • EC2, EC2 Auto Scaling Groups, Amazon ECS
    • AWS Certificate Manager (ACM), CloudWatch
    • Route 53, AWS WAF, AWS Global Accelerator
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are Health Checks?

A
  • Health Checks are crucial for Load Balancers
  • They enable the load balancer to know if instances: forwards traffic to. Are available to reply to requests
  • The health check is done on a port and a route (/health is common)
  • If the response is not 200 (OK), then the instance is unhealthy
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

4 types of load balancer on AWS:

A
  1. Classic Load Balancer (v1 - old generation) – 2009 – CLB
    • HTTP, HTTPS, TCP, SSL (secure TCP)
  2. Application Load Balancer (v2 - new generation) – 2016 – ALB
    • HTTP, HTTPS, WebSocket
  3. Network Load Balancer (v2 - new generation) – 2017 – NLB
    • TCP, TLS (secure TCP), UDP
  4. Gateway Load Balancer – 2020 – GWLB
    • Operates at layer 3 (Network layer) – IP Protocol
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is CLB?

A
  • Supports TCP (Layer 4), HTTP & HTTPS (Layer 7)
  • Health checks are TCP or HTTP based
  • Fixed hostname XXX.region.elb.amazonaws.com
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is ALB?

A
  • Application load balancers is Layer 7 (HTTP)
  • Load balancing to multiple HTTP applications across machines (target groups)
  • Load balancing to multiple applications on the same machine (ex: containers)
  • Support for HTTP/2 and WebSocket
  • Support redirects (from HTTP to HTTPS for example)
  • Routing tables to different target groups
  • ALB are a great fit for micro services & container-based application (example: Docker & Amazon ECS)
  • Has a port mapping feature to redirect to a dynamic port in ECS
  • In comparison, we’d need multiple Classic Load Balancer per application
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are the ALB target groups?

A
  • EC2 instances (can be managed by an Auto Scaling Group) – HTTP
  • ECS tasks (managed by ECS itself) – HTTP
  • Lambda functions – HTTP request is translated into a JSON event
  • IP Addresses – must be private IPs
  • ALB can route to multiple target groups
  • Health checks are at the target group level
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is NLB? What it allow?

A

Network load balancers (Layer 4) allow to:
• Forward TCP & UDP traffic to your instances
• Handle millions of request per seconds
• Less latency ~100 ms (vs 400 ms for ALB)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

How many static IP’s does the NLB has?

A

NLB has one static IP per AZ, and supports assigning Elastic IP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

When we will use NLB?

A

NLB are used for extreme performance, TCP or UDP traffic

19
Q

Is the NLB free?

A

Not included in the AWS free tier

20
Q

What is GWLB?

A

Gateway Load Balancer

  • Deploy, scale, and manage a fleet of 3rd party network virtual appliances in AWS
  • Example: Firewalls, Intrusion Detection and Prevention Systems, Deep Packet Inspection Systems, payload manipulation, …
21
Q

GWLB

A
  • Operates at Layer 3 (Network Layer) – IP Packets
  • Combines the following functions:
    Transparent Network Gateway – single entry/exit for all traffic
    Load Balancer – distributes traffic to your virtual appliances
  • Uses the GENEVE protocol on port 6081
22
Q

What to remember about IP in GWLB – Target Groups

A
23
Q

What is Sticky Sessions (Session Affinity)?

A

Its mean that the that the same client is always redirected to the same instance behind a load balancer

24
Q

What is the use case for sticky sessions?

A

Use case: make sure the user doesn’t lose his session data

25
Q

What can work with Sticky Sessions?

A

This works for Classic Load Balancers & Application Load Balancer

26
Q

How much time the “cookie” expiration date?

A

The “cookie” used for stickiness has an expiration date you control

27
Q

At Application-based Cookies What are the properties?

A

Application-based Cookies
• Custom cookie
• Generated by the target
• Can include any custom attributes required by the application
• Cookie name must be specified individually for each target group
• Don’t use AWSALB, AWSALBAPP, or AWSALBTG (reserved for use by the ELB)

28
Q

How generate the an Application cookie and what is the name of the cookie?

A

Application cookie
• Generated by the load balancer
• Cookie name is AWSALBAPP

29
Q

Duration-based Cookies - How generate them and what is the name?

A

Duration-based Cookies
• Cookie generated by the load balancer
• Cookie name is AWSALB for ALB, AWSELB for CLB

30
Q

Cross-Zone Load Balancing - how does it distributes?

A

With Cross Zone Load Balancing:

each load balancer instance distributes evenly across all registered instances in all AZ

31
Q

How does Cross-Zone Load Balancing works with: ALB, NLB, CLB?

A

Application Load Balancer
• Always on (can’t be disabled)
• No charges for inter AZ data
Network Load Balancer
• Disabled by default
• You pay charges ($) for inter AZ data if enabled
Classic Load Balancer
• Disabled by default
• No charges for inter AZ data if enabl

32
Q

What is SSL

A

SSL refers to Secure Sockets Layer, used to encrypt connections

33
Q

What is TLS

A

TLS refers to Transport Layer Security, which is a newer version

34
Q

What is SNI? what it come to solve?

who it works and doesn’t work with?

A

Server Name Indication

SNI solves the problem of loading multiple SSL certificates onto one web server

Only works for ALB & NLB (newer generation), CloudFront
• Does not work for CLB (older gen)

35
Q

How does ELB, ALB, NLB, works with SSL Certificates?

A

Classic Load Balancer (v1)
• Support only one SSL certificate
• Must use multiple CLB for multiple hostname with multiple SSL certificates

Application Load Balancer (v2)
• Supports multiple listeners with multiple SSL certificates
• Uses Server Name Indication (SNI) to make it work

Network Load Balancer (v2)
• Supports multiple listeners with multiple SSL certificates
• Uses Server Name Indication (SNI) to make it work

36
Q

What is Connection Draining?

A

Time to complete “in-flight requests” while the instance is de-registering or unhealthy

Stops sending new requests to the EC2 instance which is de-registering

37
Q

What is the Connection Draining Feature naming?

A

Feature naming
• Connection Draining – for CLB
• Deregistration Delay – for ALB & NLB

38
Q

Is Connection Draining can be disable?

A

Can be disabled (set value to 0)

39
Q

what is The goal of an ASG?

A

The goal of an Auto Scaling Group (ASG) is to:
Scale out (add EC2 instances) to match an increased load
Scale in (remove EC2 instances) to match a decreased load
• Ensure we have a minimum and a maximum number of EC2 instances running
Automatically register new instances to a load balancer
Re-create an EC2 instance in case a previous one is terminated (ex: if unhealthy)

40
Q

What is the cost ASG?

A

ASG are free (you only pay for the underlying EC2 instances)

41
Q

What are the ASG attributes?

A

A Launch Template (older “Launch Configurations” are deprecated)
• AMI + Instance Type
• EC2 User Data
• EBS Volumes
• Security Groups
• SSH Key Pair
• IAM Roles for your EC2 Instances
• Network + Subnets Information
• Load Balancer Information
Min Size / Max Size / Initial Capacity
Scaling Policies

42
Q

ASG –Four types of Dynamic Scaling Policies?

A
  • Target Tracking Scaling
    • Most simple and easy to set-up
    • Example: I want the average ASG CPU to stay at around 40%
  • Simple / Step Scaling
    • When a CloudWatch alarm is triggered (example CPU > 70%), then add 2 units
    • When a CloudWatch alarm is triggered (example CPU < 30%), then remove 1
  • Scheduled Actions
    • Anticipate a scaling based on known usage patterns
    • Example: increase the min capacity to 10 at 5 pm on Fridays
  • Predictive scaling
    • continuously forecast load and schedule scaling ahead
43
Q

What is the “cooldown period” after scaling with ASG?

What is the advice?

A

After a scaling activity happens, you are in the cooldown period (default 300 seconds)

During the cooldown period, the ASG will not launch or terminate additional instances (to allow for metrics to stabilize)

Advice: Use a ready-to-use AMI to reduce configuration time in order to be serving request fasters and reduce the cooldown period