AWS Reliability Pillar (March 2018)

Question 1

Reliability Pillar description

Answer 1

The ability of a system to recover from disruptions, dynamical scale and mitigate disruptions

Question 2

Service Availability Definition

Answer 2

Percentage of time an application is operating normally

Availability = Normal Operations Time / Total Time

Question 3

Availability with hard dependencies

Answer 3

Many systems are dependent on other systems, where a downstream interruption interrupts the upstream system

Question 4

Calculating availability with redundant components

Answer 4

When system uses independent, redundant components (ie AZ’s) the theoretical availability rate is 100% - (product of component failure rates)

Question 5

Calculating dependency availability

Answer 5

Estimate by determining MTBF and MTTR (mean time to recover)

Availability = MTBF / (MTBF + MTTR)

Question 6

Describe costs of high availability

Answer 6

innovation suffers because of need to move slowly

more testing and validation

software and services are more expensive

Question 7

First Step of planning network topology -

Planning IP addressing

Answer 7

Allow IP address space for > 1 VPC per region

Consider cross-account connections (connecting multiple VPCs in the organization)

Within a VPC allow space for multiple subnets that span multiple AZ’s

leave unused CIDR block space in a VPC

Question 8

Second step of planning network topology -

Ensure resiliency of connectivity

Answer 8

How will you provide resiliency from failures

how will you handle misconfigurations that cause outages\

how will you handle unexpected increases in traffic

how will you handle DoS attacks

Question 9

Where is connectivity to a VPC governed?

Answer 9

In route table entries

These all function through the route table:

internet gateay
NAT gateway
virtual private gateway
VPC peering

Question 10

Key services for Network Topology

Answer 10

VPC

also:
Direct Connect
EC2 - run VPN appliances
Route 53 - DNS integrated with ELB helps defend from DoS
ELB - balances across AZ’s, Layer 7 routing, integrates with WAF and auto-scaling
AWS Shield - automatic protection against DDoS
AWS Shield Advanced - protects ELB, CloudFront and Route53 Zones

Question 11

Questions to ask when planning for reliability (how many nines do you really need)?

Answer 11

Note that 5 9’s is typically too expensive to be feasible but possible.

What problems are you trying to solve

what specific aspects of the app require specific levels of availability

what amount of cumulative downtime dan this workload realistically accumulate in a year

In essence, what’s the real impact of the system being unavailable?

Question 12

What’s the goal of decomposing an application into its parts and evaluating reliability requirements for each?

Answer 12

To find the ones that truly require high reliability - to minimize the expense in making things HA that don’t need it

Question 13

Define “Data Plane” and “Control Plane”

Answer 13

Data Plane delivers real time service
ie EC2 instances, RDS databases,

Control Plane configures the environment
ie launching new instances, add/change table metadata

Question 14

Do data planes typically have higher availability requirements than control planes?

Answer 14

Yes

Question 15

5 most common ways to improve availability

Answer 15

fault isolation zones

redundant components

micro-service architecture

recovery oriented computing

distributed systems best practices