Cloud Concepts and Technology Flashcards
Name the 6 advantages of cloud computing
- Trade capitalist expense for variant expense- you pay for what you need.
- Benefit from massive economies of scale
- Stop guessing about capacity
- Increase speed and capacity
- Stop spending money running and managing data centers
- Go global in minutes (deploy web apps all around the world)
What are the 3 types of cloud computing?
- IAAS- Infastrucutre as a service- EC2
- PAAS- Platform as a service- Elastic Beanstalk
- SAAS- Software as a service- Gmail
What are the 3 types of cloud computing deployments?
- Public cloud- e.g. Azure, AWS
- Hybrid cloud- e.g. Hybrid cloud
- Private cloud- e.g. VMware
What is a region?
A region is a physical location in the world that consists of 2 or more AZs
What is a AZ?
Availability zone- One or more discrete data centers, each with redundant power, networking, and connectivity housed in separate facilities.
What is an edge location?
End points for AWS which are used for caching content. Typically consists of CloudFront- AWS’s content delivery network (CDN)
What the3 factors you must considered when deciding which region to use?
- Data sovereignty
- Latency to end users
- AWS services you need- May not be available in every region
What are the different support packages?
- Basic- Free
- Developer- $29/Month
- Business- $100/Month
- Enterprise- $15,000/Month
Which support packages offers a TAM?
Enterprise
What is a TAM?
TAM- Technical Account Manager
Dedicated AWS expert
What is a Billing alert/alarm?
An alert when a defined level of spending has been reached
What is IAM?
IAM= Identity Access Management
It is GLOBAL. When you create a user of group it is GLOBAL
Name the 3 ways you can access the AWS platform
- Via the console
- Programmatically (via command line)
- Using a Software Development Kit (SDK)
What is your root account? (3 points)
- The email you used to create your account.
Root always has full admin access. - You should never give out root credentials away to anyone. Instead you should create a user for each individual within your organisation.
- You should always secure your root account with an MFA
What is a group?
A group is a place to store your users. Your users will inherit all permissions that that group has. e.g. devs, sysop, admin….
How do you set permissions in a group?
To set permissions in a group you attach a policy to that group.
What is a policy?
A policy is in the JavaScript Object Notation (JSON) format containing key-value pairs.
What is S3? (5 points)
- S3 is object based storage.
- Files can be from 0 to 5TB
- Unlimited storage
- Files are stored in buckets
- The S3 name space is GLOBALLY unique
What is the format of a S3 bucket URL?
What can you not store on S3?
OS or programs.. It must be flat files e.g. images, videos e.t.c.
What HTTP code will be received when an upload to S3 is successful?
200
How are objects stored in S3?
Key- (name of object)
Value- (Data made up of a sequence of bytes)
What is the consistency model of S3? (2 points)
- S3 has read after write for puts of new objects
2. S3 has eventual consistency for overwrite PUTS and DELETES (can take a while to propagate)
Can you have S3 buckets in specific regions ?
Yes
What is S3 cross replication?
Automatic replication contents of one bucket across 2 regions
What is S3 TA?
Transfer Acceleration
Objects are transferred around the world using amazons backbone network using dedicated cables.
User upload > edge location > AWS network cables > S3 bucket
What are the 6 types of S3 storage classes
- S3 standard- 99.99% avail 99.^11 durability, Multi facility
- S3- IA Infrequently accessed- IA, but required instantly- costs high for retrieval
- S3- one zone IA- Loss cost for IA data, not multi AZ
- S3- Intelligent tiering- ML based- auto moving data to optimize cost
- S3 Glacier- Low cost storage, retrieval mins to hours
- S3 Deep archive- Lowest cost where retrieval time of 12 hours is acceptable- lowest cost available
Can S3 be used to host a website?
Yes, S3 can host a static website, this will scale to meet the demand of requests e.g. movie release website
What is CloudFront?
CloudFront is AWS’s CDN- content delivery network. CloudFront caches content at Edge locations. This improves the access speed for customers.
What is an origin (CloudFront)?
An origin is any file that the CDN will distribute. This can be an S3 bucket, an EC2 instance, ELB e.t.c
What is a distribution (CloudFront)?
The name given to the CDN and consists of a collection of edge locations
What are web and RTMP distributions used for?
Website and media streaming
Are edge locations read only?
No, you can PUT object to edge locations
How long are objects cached at edge locations?
They are cached for the TTL (Time To Live). This is always in seconds.
What is EC2?
EC2 Elastic Compute Cloud
A web service that provides resizable compute capacity in the cloud (i.e. VMs).
What is the main advantage of using EC2 over physical servers? (2 points)
Reduces the time required to obtain and boot new server instances to minutes.
Allows you to scale capacity up and down- when computing requirements change.
What are the 4 pricing models for EC2?
- On demand- pay as you go
- Reserved instances- Provides you with defined capacity, get a significant discount on hours charge, contract terms 1 or 3 years
- Spot- Enables you to bid what price you want to pay. Greater savings for compute where you have flex start and stop times
- Dedicated hosts- Physical servers- useful for server bound licensing or regulatory issues
What are the 11 classes of EC2 instances? (FIGHTDRMCPX)
- F- for FPGA
- I- for IOPS
- G - Graphics
- H- High disc throughput
- T- Cheap genera purpose (micro)
- D- For density
- R- For RAM
- M- Main choice for general purpose apps
- C- for compute
- X- Extreme memory
- Z- Extreme memory and CPU
What is EBS?
Elastic Block Storage- Virtual discs in the cloud
What are the 2 main types of EBS?
SSD- a) GP2- General storage b) IO1- Provisioned IOPS SSD
Magnetic- a) ST1 - Throughput optimized, b) SC1- cold HDD
What do you need to connect to an EC2 instance?
Private key
Name 4 common ports
Linux = SSH (port 22) Microsoft = RDP (port 3389) HTTP = port 80 HTTPS = port 443
What traffic will the following IP addresses allow:
- 0.0.0.0/0
- X.X.X.X/32
- all traffic
2. Only traffic from X.X.X.X IP address
What is a security group?
Virtual firewalls in the cloud. You can open ports to allow traffic
What should you always design for?
Failure! Always spread EC2 instances across AZs in a given region
What is an IAM user?
IAM user is an entity that you create in AWS. Represents a person who uses IAM to interact with AWS. When creating a user you grant it permission by making it a member of a group that has an appropriate policy attached.
What is a IAM group?
A collection of IAM users. Allows you to specify permissions easily.
What is an IAM role?
Very similar to a user, in that it has an identity and permission policies attached. But its DOES NOT have any credentials (password or access keys) associated with it. Instead of being uniquely associated with one person. A role is intended to be assumable by anyone who needs it. i.e. temporary permissions for a specific task.
Why use a role over a user?
Much more secure than using access key and secret keys and are easier to manage.
Are users and roles GLOBAL?
Yes
Name 3 types of load balancers
- Application load balancers- layer 7- intelligent
- Network balancer- Extreme performance- static IP
- Classic load balancers
What is RDS?
Relational Database Service
How many engines are included in RDS?
6- Microsoft SQL, MySQL, PostgreSQL, Oracle, ,Aurora and MariaDB
What is DynamoDB
NoSQL database
What is Redshift used for? (3 points)
Business inteligence or data warehousing
OLAP- Online analytics processing
Querying large data
what is Elasticache?
Service used to cache frequently used queries to improve performance of existing databases:
a) Memcache
b) Redis
Name a graph database
Amazon Neptune
What are the 2 key features of RDS?
Multi AZs- Disaster recovery
Read replicas- For performance
What is autoscaling?
The process of automatically provisioning multiple EC2 instances behind a load balancer depending on demand
What is DNS?
Domain Name System
Like a phonebook –> process computer use to resolve domain names to IP addresses
What is Route53? and what do you use it for?
Route53- Global, can be used to direct traffic and to register domain names.
What is Elastic Beanstalk?
Upload code > automatically handles details of capacity provisioning, load balancing and scaling
What is CloudFormation? (2 points)
A service to model and set up AWS resources
Create JSON templates to define environment.
Are Elastic Beanstalk and CloudFormation free?
Yes, but the resources they provision are not!
What is the difference between Elastic Beanstalk and CloudFormation?
Elastic beanstalk is not programmable where as CloudFormation is!
Also EB is limited in what it can provision
Name 5 GLOBAL services
- IAM
- Route53
- CloudFront
- SNS- simple notification service
- SES- Simple email service
Name 6 AWS services that can be used on premise…
- Snowball
- Snowball edge
- Storage gateway
- CodeDeploy
- Ops works
- IOT Greengrass- allows devices to use lambda functions
Which 2 on premise services can be used for deployment?
- CodeDeploy- Automates configuration of servers
2. Opswords- Allows you to configure servers on premise automatically
What is AWS storage gateway?
A hybrid storage service that gives you on premise access to cloud storage.
What is CloudWatch?
A service to monitor performance of your AWS environment as well as your apps that run on AWS. CloudWatch with EC2 will monitor events every 5 mins by default. You can create cloud watch alarms.
What is Amazons System Manager?
A service to manage fleets of EC2 instances. Install a piece of software on each EC2 instance and you can run commands on batches of EC2 instances. This service integrates with CloudWatch to give you a dashboard of the entire estate.
