Compute & Load Balancing

Question 1

EC2 R Instance Types

Answer 1

Applications that need a lot of RAM (e.g in memory cache)

Question 2

EC2 C Instance Types

Answer 2

Applications that need good CPU (e.g databases or compute)

Question 3

EC2 M Instance Types

Answer 3

Applications that are balanced (e.g general or web apps)

Question 4

EC2 I Instance Types

Answer 4

Applications that need good local I/O (e.g databases)

Question 5

EC2 G Instance Types

Answer 5

Applcations that need a GPU (e.g video rendering or machine learning)

Question 6

EC2 T2/T3 Instance Types

Answer 6

Burstable instances

Question 7

EC2 Cluster Placement Strategy

Answer 7

Clusters instances into a low latency group in a single AZ
* Pro: Low latency
* Con: If the rack fails, all instances fail

Question 8

EC2 Spread Placement Strategy

Answer 8

Spreads instances across underlying hardware
* Pro: span across AZs, reduce risk of simultaneous failure
* Con: Limited to 7 instances per group per AZ

Question 9

EC2 Partition Placement Strategy

Answer 9

Spreads instances across logical partitions such that groups of instances in one partition do not share the underlying hardware with groups in different partitions

Question 10

How to move instances between placement groups

Answer 10

1. Stop the instance
2. Use the CLI to modify the placement
3. Start the instance

Question 11

EC2 Instance Launch Type

Answer 11

• On demand: short workload, predictable pricing, reliable
• Spot: short workload, cheap, can lose instances
• Reserved: minimum 1 year
• Dedicated: no other customers will share hardware
• Dedicated host: book an entire physical server and control instance placement

Question 12

EC2 Graviton

Answer 12

Family of processors designed to deliver the best price performance for your cloud workloads

Question 13

EC2 Enhanced Networking

Answer 13

Higher bandwidth, higher pps, lower latency
* Elastic Network Adapter (ENA) up to 100 Gbps
* Legacy: Intel 82599 VF

Question 14

Elastic Fabric Adapter

Answer 14

Improved Elastic Network Adapter, only works for Linux. Great for inter node communication, tightly coupled workloads.

Question 15

Auto Scaling Groups

Dynamic Scaling Policies

Answer 15

1. Target tracking scaling: Increase and decrease the capacity based on a CloudWatch metric and a target value
2. Simple step scaling: Increase and decrease capacity based on a set of scaling adjustments
3. Scheduled actions

Question 16

Auto Scaling Groups

Predictive Scaling

Answer 16

Continously forecast load and schedule scaling ahead

Question 17

EC2 Spot Instances discount

Answer 17

Up to 90% compared to On-Demand

Question 18

Spot Fleets

Answer 18

Set of Spot Instances and On-Demand Instances.

• Define launch pools (instance type, OS, AZ)
• Can have multiple pools to choose from

Question 19

Strategies to allocate Spot Instance

Answer 19

• lowestPrice
• diversified distributed across all pools
• capacityOptimized
• priceCapacityOptimized (recommended) pools with highest capacity, then select the lowest price

Question 20

ECS - ALB Integration

Answer 20

Dynamic Port Mapping so multiple instances of the same task can be deployed on the same EC2 instance

Note: host and awsvpc networking do not support Dynamic Port Mapping

Question 21

ECS networking

Answer 21

• none: don’t have external connectivity and port mappings can’t be specified
• bridge: uses Docker’s built-in virtual network
• host: maps container ports directly to the ENI of the instance that hosts the task. A port on a host can’t be used by multiple tasks.
• awsvpc: the task is allocated an elastic network interface (default for Fargate)

Question 22

Fargate Spot Instances

Answer 22

Specify minimum number of regular tasks that should run at all times and then add tasks on Fargate Spot to improve service performance in a cost-efficient way.

Question 23

ECR Image Scanning

Answer 23

• Manual scan or scan on push
• Basic scanning (common CVE)
• Enhanced scanning: Leverages Inspector

Question 24

Data Volumes EKS

Answer 24

Specify StorageClass manifest, leverages a Container Storage Interface compliant.
Support with EBS, EFS, and FSx.

Question 25

AWS App Runner

Answer 25

Fully managed service that builds and deploy web applications and APIs

Question 26

ECS Anywhere

Answer 26

Run containers on customer managed infrastructure. Install ECS Container Agent and SSM Agent, deploy with EXTERNAL launch type.

Question 27

EKS Distro

Answer 27

Kubernetes distribution mantained by AWS

Question 28

EKS Anywhere

Answer 28

Create and operate Kubernetes clusters outside AWS. Reduce support costs and avoid maintaining 3rd party tools

Question 29

EKS Connector

Answer 29

Connect an EKS Anywhere cluster to AWS.

• Fully connected & Partially Disconnected to levarage the EKS console

Question 30

Lambda & Code Deploy

Answer 30

CodeDeploy can help automate traffic shift for Lambda aliases.

• Linear: grow traffic every N minutes
• Canary: try x% then 100%
• AllAtOnce

Question 31

Lambda Logging, Monitoring and Tracing

Answer 31

• CloudWatch
• X-Ray: run a deamon and should use AWS SDK in code

Question 32

Lambda Aynchronous vs Synchronous Invocation

Answer 32

• Synchronous: Error handling must happen client side
• Asynchronous: Lambda attepts to retry on 3 errors. The processing must be idempotent

Question 33

Protocols supported by load balancers

Answer 33

• Classic Load Balancer: HTTP, HTTPS, TCP, SSL
• Application Load Balancer: HTTP HTTPS, WebSocket
• Network Load Balancer: TCP, TLS, UDP
• Gateway Load Balancer: IP

Question 34

Difference in certificates between LB and ALB

Answer 34

LB supports only one SSL certificate, it can have many Subject Alternate Name (SAN). ALB supports Server Name Indication (SNI), which allows to present multiple certificates.

Question 35

ALB Target Groups

Answer 35

• EC2 instances
• ECS tasks
• Lambda functions (HTTP request is translated into a JSON event)
• IP addresses (must be private)

Question 36

Use cae for NLB

Answer 36

Extreme performance. Less latency (100ms vs 400ms for ALB).
* EC2 instances
* IP addresses
* ALB

Question 37

Use case ALB as target group for NLB

Answer 37

When you need to have an static IP address

Question 38

NLB

Zonal DNS Name

Answer 38

Use to determine the IP address of an specific node to limit cross-zone traffic.

https://aws.amazon.com/es/blogs/networking-and-content-delivery/resolve-dns-names-of-network-load-balancer-nodes-to-limit-cross-zone-traffic/

Question 39

Cross zone load balancing

Answer 39

Each load balancer node distributes traffic across the registered targets in all enabled Availability Zones.

It costs for NLB and GLB, other balancers doesn’t generate charge.

https://docs.aws.amazon.com/elasticloadbalancing/latest/userguide/how-elastic-load-balancing-works.html#cross-zone-load-balancing

Question 40

Sticky Sessions in Load Balancers

Answer 40

The same client is always redirected to the same instance behind. It works for CLB and ALB.

Question 41

LB Request Routing Algorithm

Least Outstanding Requests

Answer 41

The next instance to receive the request is the one that has the lowest number of pending requests

(ALB and CLB)

Question 42

LB Request Routing Algorithm

Round Robin

Answer 42

Equally choose the targets from the target group.

(ALB and CLB)

Question 43

LB Request Routing Algorithm

Flow Hash

Answer 43

Selects a target based on the protocol, IP Address, port and TCP sequence number. Each connection is routed to a singe target for the life of the connection.

Works with NLB.

Question 44

API Gateway limits

Answer 44

• 29 seconds timeout to respond a request
• 10 MB max payload size

Question 45

API Gateway

WebSocket API

Answer 45

• Two way interactive communication between a users browser and a server
• Server can push information to the client
• This enables stateful applications

Question 46

AWS AppSync

Answer 46

Managed service of GraphQL. Makes easy to get the data they need, combining data from one or more sources.

Retrieves data in real-time with WebSocket or MQTT.

Question 47

AWS AppSync Authorization

Answer 47

Perform authorization on Cognito users bases on the groups they belong to.

Question 48

EC2 with Elastic IP

Answer 48

The Elastic IP Address is moved to an standby instance.
* Quick failover
* Helpful if the client resolves by static public IP address
* Doesn’t scale

Question 49

DNS based load balancing

Answer 49

Ability to use multiple instances
* Route53 TTL implies clients might not be able to access if their instance fails
* Adding an instance may not receive full traffic due tu DNS TTL

Question 50

AWS Outposts

Answer 50

Server racks within your on-premises infrastructure that offers AWS services (EC2, EBS,S3, EKS, ECS, RDS and EMR), APIs and tools.

Your are responsible of physical security.

Question 51

S3 on AWS Outposts

Answer 51

Store and retrieve data locally, reducing data transfers to AWS regions. Storage class named S3 Outposts.

To access from AWS use S3 Access Point or syncrnonize with DataSync

Question 52

AWS WaveLength

Answer 52

Brings AWS services to the edge of 5G networks, with infrastructure embedded within the telecommunications providers. No additional charges.

It is connected to AWS Regions.

Question 53

AWS Local Zones

Answer 53

Extensions of an AWS Region to place AWS services closer to end users to run latency sensitive applications.

Question 54

Amazon CloudFront

Answer 54

Improves read performance because contents is cached at the edge. Expose external HTTPS

Question 55

Amazon CloudFront - Origins

Answer 55

1. S3 Buckets: For distributing and loading files. You can use Origin Acccess Control for security.
2. S3 configured as a website: Enable Static Webshite Hosting
3. MediaStore & MediaPackage: Deliver video on demand
4. Custom origin: HTTP endpoints

Question 56

CloudFront vs S3 Cross Region Replication

Answer 56

CloudFront
Great for static content that mus be available everywhere
S3 Cross Region Replication
Great for dynamic content that needs to be available at low-latency in few regions

Question 57

CloudFront Origin Groups

Answer 57

A primary and secondary origin to increase availability and do failover. Origins can be cross regions.

Question 58

CloudFront Geo Restrictions

Answer 58

Restrict which countries can access distribution

Question 59

CloudFront Pricess Classes

Answer 59

• Price class all: best performance
• Price class 200: most regions, but excludes the most expensive
• Price class 100: only the least expensive regions

Question 60

CloudFront Functions & Lambda Edge deployment

Answer 60

Lambda Edge Functions are deployed at Regional Edge Caches. While CloudFront Functions are deployed at Edge Locations.

Question 61

When to use Lambda Edge over CloudFront Functions

Answer 61

• Longer execution time (more than 1ms)
• Adjustable CPU or Memory
• Access to the request body or file system
• Network access
• Third party APIs calls
• Loading content based on User Agent

Question 62

CloudFront Functions use cases

Answer 62

1. Cache key normalization: Transform request attributes (headers, cookies, query strings, URL)
2. Header manipulation
3. URL rewrites or redirects
4. Request authentication & authorization

Question 63

ElastiCache Use Cases

Answer 63

• Database cache
• User Session Store

Question 64

ElastiCache

Redis vs Memcached

Answer 64

Redis:
* Multi AZ with auto-failover
* Read replicas
* Peristent

Memcached
* Multi node for partitioning data
* Non persistent
* Multi-threaded architecture