Chapter 2 Compute and Networking

Question 1

List instance families

Answer 1

1. general purpose (balance)
2. compute optimized (high cpu specs)
3. memory optimized (RAM, in memory DBs, etc)
4. storage optimized (large DBs with high I/O throughput)
5. accelerated computing (GPUs, FPGA)

Question 2

Can you change specs on an EC2 instance?

Answer 2

Yes, but you must stop the instance and reconfigure

Question 3

Can you increase the size of an EBS volume?

Answer 3

Yes, but you can’t decrease the size.

Question 4

What happens to EBS snapshots?

Answer 4

They are auto replicated across AZs

Question 5

What does AWS do for you automatically in terms of EBS?

Answer 5

It auto replicates the volume in the same AZ as your EC2 instance

Question 6

Are AMIs manages regionally or globally?

Answer 6

regionally

Question 7

Who is default user for Linux EC2 instances? For Windows?

Answer 7

Linux: ec2-user
Windows: Administrator

Question 8

For attached EBS volume, what happens when EC2 instance is terminated?

Answer 8

The EBS volume is deleted if it the root volume.

Other EBS volumes will persist. This can be changed by modifying the default behavior: ‘DeleteOnTermination’.

Question 9

What is the EC2 IMDS?

Answer 9

Instance Meta Data Service. Service running locally on EC2 instance (169.254.169.254) which exposes meta data about the instance (ipv4, hostname, security-groups, etc.)

Question 10

What is an instance profile?

Answer 10

Container for an IAM role. It is assigned to one or more instances (but individual instances can only pertain to one instance profile)

When instance profile is configured, EC2 service periodically refreshes instance’s role based credentials (via STS). The credentials are retrieved from the instance via the IMDS.

Question 11

What is a Cloudwatch based alternative to recover a failing instance?

Answer 11

CloudWatch Alarm can apply the recover instance action when instance is impaired

Question 12

How to supplement built in instance metrics?

Answer 12

Install CloudWatch agent on instance

Question 13

AWS Transit Gateway

Answer 13

Centrally manage connectivity b/t many VPCs and on prem environment(s)

Hub and spoke model.

Question 14

Virtual Private Gateway

Answer 14

Allows direct connection b/t VPC and corporate network via VPN or AWS Direct Connect

Precursor to AWS Transit Gateway?

Question 15

Does instance lose its private ipV4 address when it stops?

Answer 15

no

Question 16

Does instance lose its public ipV4 address when it stops?

Answer 16

yes

Question 17

What service allows more control over managing IP address-instance association?

Answer 17

Elastic IP

Question 18

What is ‘dual-stack’ mode?

Answer 18

A setting in VPC which allows both ipV4 and ipV6. resources can communicate with v4, v6, or both

Question 19

method by which network traffic exiting a subnet is routed

Answer 19

via a Route Table. Subnets associate by default with the ‘main routetable’

Question 20

constituent parts of a route are…

Answer 20

destination (ip address) and target (local, domain)

Question 21

what is mechanism by which an instance can communicate with another instance in a VPC

Answer 21

via a local route

Question 22

enumerate difference b/t security groups and NACLs

Answer 22

1. SG is for EC2 instances whereas NACL for VPC
2. SG stateful, NACL not (traffic flow not setup without inbound/outbound rules)
3. SG can only allow broad categories of traffic, NACLs can allow/deny specific types of traffic

Question 23

default Amazon NACL behavior

Answer 23

allow all inbound and outbound traffic

Question 24

main difference b/t public and private VPC?

Answer 24

public VPC is connected to an internet gateway

Question 25

What is NAT in context of AWS?

Answer 25

Allow instances in private subnet to make outbound connections without exposing those instances to inbound connections. Achieved via NAT gateway. All instances share same public IP address.

Question 26

how to monitor VPC traffic?

Answer 26

via VPC Flow Logs which can be streamed to CloudWatch logs or stored as log files in S3

Question 27

how to automatically run script on instance at launch?

Answer 27

user data which come in 2 flavors:

1. shell script
2. cloud-init directives

Question 28

Public vs Private subnet

Answer 28

Public: route table entry forwards to internet gateway

Private: route table entry to NAT gateway or NAT instance

Question 29

What happens to an attached EBS volume when the EC2 instance is stopped?

Answer 29

The data in the volume is persisted.

Question 30

What are lifecycle events that can occur for an instance in a ‘running’ state?

Answer 30

Start, stop, reboot