Domain 2: Design Resilient Architectures Flashcards
A company has an Auto Scaling group of EC2 instances hosting their retail sales application. Any significant downtime for this application can result in large losses of profit. Therefore, the architecture also includes an Application Load Balancer and an RDS database in a Multi-AZ deployment. What will happen to preserve high availability if the primary database fails?
Route 53 points the CNAME to the secondary database instance.
The Elastic IP address for the primary database is moved to the secondary database.
A Lambda function kicks off a CloudFormation template to deploy a backup database.
The CNAME is switched from the primary db instance to the secondary.
The Elastic IP address for the primary database is moved to the secondary database.
This is another technique that is valid in certain situations, but it is not used by RDS during failover.
Selected
The CNAME is switched from the primary db instance to the secondary.
Amazon RDS Multi-AZ deployments provide enhanced availability and durability for RDS database (DB) instances, making them a natural fit for production database workloads. When you provision a Multi-AZ DB Instance, Amazon RDS automatically creates a primary DB Instance and synchronously replicates the data to a standby instance in a different Availability Zone (AZ). Each AZ runs on its own physically distinct, independent infrastructure, and is engineered to be highly reliable. In case of an infrastructure failure, Amazon RDS performs an automatic failover to the standby (or to a read replica in the case of Amazon Aurora), so that you can resume database operations as soon as the failover is complete. Since the endpoint for your DB Instance remains the same after a failover, your application can resume database operation without the need for manual administrative intervention.
Failover is automatically handled by Amazon RDS so that you can resume database operations as quickly as possible without administrative intervention. When failing over, Amazon RDS simply flips the canonical name record (CNAME) for your DB instance to point at the standby, which is in turn promoted to become the new primary.
https://aws.amazon.com/rds/features/multi-az/ https://aws.amazon.com/rds/faqs/
A company has an Auto Scaling group of EC2 instances hosting their retail sales application. Any significant downtime for this application can result in large losses of profit. Therefore, the architecture also includes an Application Load Balancer and an RDS database in a Multi-AZ deployment. The company has a very aggressive Recovery Time Objective (RTO) in case of disaster. How long will a failover of an RDS database typically complete?
Within an hour
Under 10 minutes
Almost instantly
One to two minutes.
Almost instantly
The failover will take a minute or two.
Selected
One to two minutes.
Failover is automatically handled by Amazon RDS so that you can resume database operations as quickly as possible without administrative intervention. When failing over, Amazon RDS simply flips the canonical name record (CNAME) for your DB instance to point at the standby, which is in turn promoted to become the new primary. We encourage you to follow best practices and implement database connection retry at the application layer.
Failovers, as defined by the interval between the detection of the failure on the primary and the resumption of transactions on the standby, typically complete within one to two minutes. Failover time can also be affected by whether large uncommitted transactions must be recovered; the use of adequately large instance types is recommended with Multi-AZ for best results. AWS also recommends the use of Provisioned IOPS with Multi-AZ instances for fast, predictable, and consistent throughput performance.
https://aws.amazon.com/rds/faqs/
A finance company is planning on launching an analytics database on EC2 using MongoDB. The database will have high-throughput workloads performing small, random I/O operations. They have asked you as a solutions architect to select the most resilient and suitable EBS volume for this task.
What should you choose?
Cold HDD (sc1)
Provisioned IOPS SSD (io2)
General Purpose SSD (gp2)
Throughput Optimized HDD (st1)
Provisioned IOPS SSD (io2)
This will give you the most throughput of any EBS volume.
Throughput Optimized HDD (st1)
This would not give you the IOPS required. This is a low-cost HDD designed for frequently accessed, throughput-intensive workloads.
Selected
You are building an automated bot to reply to customer messages on your website. The website is expected to receive several thousands of messages per second. It is imperative that none of the messages are lost, no duplicates are produced, and they are processed in EMR in the exact order of their arrival. What is the best way to achieve this?
Set up a standard SQS queue to process the messages.
Create an Amazon Kinesis Data Stream to handle the messages.
Create an SNS topic to handle the messages.
Create a Simple Workflow Queue to handle the messages.
Create an Amazon Kinesis Data Stream to handle the messages.
This is the better option due to the number of messages being processed.
Create a Simple Workflow Queue to handle the messages.
Simple Workflow would not guarantee FIFO and that no messages were lost or processed twice.
Selected
A web application for a travel company is hosted in EC2. The EC2 instances consume messages from an SQS queue related to vacation bookings. After processing a booking, an SNS topic is triggered to automatically send an email notification to the operations team. Last night, the operations team received email notifications for 7 unique orders. Over the span of the next 3 hours, without any new bookings being made, they received a total of 28 notifications. What could be causing this behavior?
You have set up permissions incorrectly in SQS so that the web application does not have access to the SQS queue.
The web application has been set up with long polling so too many messages are being consumed.
The web application has been set up with short polling so not enough messages are being consumed.
The web application is not deleting the messages from the SQS queue after successfully processing them.
The web application is not deleting the messages from the SQS queue after successfully processing them.
When an EC2 instance consumes a message from an SQS queue but it doesn’t delete the message after processing, the message will reappear in the queue after the “visibility timeout” period expires. This mechanism ensures that messages are not lost if they aren’t processed successfully on the first attempt. In this scenario, it seems the web application processed the message, triggered the SNS notification, but didn’t delete the message from the queue. As a result, the same messages were processed multiple times, leading to the problem multiple notifications for the same bookings.
Selected
Your company is currently building out a second AWS region. Following best practices, they’ve been using CloudFormation to make the migration easier. They’ve run into a problem with the template though. Whenever the template is created in the new region, it’s still referencing the AMI in the old region. What is the best solution to automatically select the correct AMI when the template is deployed in the new region?
Create a Parameter section in the template. Whenever the template is run, fill in the correct AMI ID.
Update the AMI in the old region, as AMIs are universal.
Create a condition in the template to automatically select the correct AMI ID.
Create a mapping in the template. Define the unique AMI value per region.
Create a mapping in the template. Define the unique AMI value per region.
This is exactly what mappings are built for. By using mappings, you easily automate this issue away. Make sure to copy your AMI to the region before you try and run the template, though, as AMIs are region specific.
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/mappings-section-structure.html
Selected
You work for a large bank that stores customer financial information in an S3 bucket in US-east-1. Recently, there was an outage that took the entire region offline and you had many customer complaints. You need to prevent this from happening in the future. What should you consider?
Migrate the data to an EBS instance and store the EC2 instance behind an Auto Scaling group.
Enable a lifecycle policy to back the data up to Glacier.
Enable cross-Region Replication to US-West-1.
Migrate the S3 bucket to an RDS instance and turn on Multi-AZ.
Enable cross-Region Replication to US-West-1.
By enabling cross-Region replication, you protect yourself from regional outages.
Your company has recently converted to a hybrid cloud environment and will slowly be migrating to a fully AWS cloud environment. The AWS side is in need of some steps to prepare for disaster recovery. A disaster recovery plan needs to be drawn up and disaster recovery drills need to be performed for compliance reasons. The company wants to establish Recovery Time and Recovery Point Objectives. The RTO and RPO can be pretty relaxed. The main point is to have a plan in place, with as much cost savings as possible. Which AWS disaster recovery pattern will best meet these requirements?
Warm Standby
Backup and restore
Multi Site
Pilot Light
Backup and restore
This is the least expensive option and cost is the overriding factor.
A software company has created an application to capture service requests from users and also enhancement requests. The application is deployed on an Auto Scaling group of EC2 instances fronted by an Application Load Balancer. The Auto Scaling group has scaled to maximum capacity, but there are still requests being lost. The cost of these instances should remain the same. What step can the company take to ensure requests aren’t lost?
Use a Network Load Balancer instead for faster throughput.
Use larger instances in the Auto Scaling group.
Use spot instances to save money.
Use an SQS queue with the Auto Scaling group to capture all requests.
Use an SQS queue with the Auto Scaling group to capture all requests.
There are some scenarios where you might think about scaling in response to activity in an Amazon SQS queue. For example, suppose that you have a web app that lets users upload images and use them online. In this scenario, each image requires resizing and encoding before it can be published. The app runs on EC2 instances in an Auto Scaling group, and it’s configured to handle your typical upload rates. Unhealthy instances are terminated and replaced to maintain current instance levels at all times. The app places the raw bitmap data of the images in an SQS queue for processing. It processes the images and then publishes the processed images where they can be viewed by users. The architecture for this scenario works well if the number of image uploads doesn’t vary over time. But if the number of uploads changes over time, you might consider using dynamic scaling to scale the capacity of your Auto Scaling group.
https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-using-sqs-queue.html
Selected
You have an online booking system for vacations that uses EC2 instances on the frontend to poll an SQS queue. You noticed that some bookings have been processed twice, meaning that the customer has paid for their vacation twice. This is causing issues with customer service, and you need to fix it urgently. What can you do to stop this from happening again in the future? CHOOSE 2
Use an Amazon SQS FIFO queue instead.
Change the message size in SQS.
Alter the visibility timeout of SQS.
Replace SQS with Amazon Simple Workflow Service.
Use an Amazon SQS FIFO queue instead.
This is a technically viable solution.
Replace SQS with Amazon Simple Workflow Service.
This would be a technically viable solution.
You have a large amount of data stored in S3 that you need to access from on-premises servers using the NFS or SMB protocol. Additionally, you will want to authenticate access to these files through on-premises Microsoft Active Directory. What AWS service would you use?
AWS Storage Gateway - Tape Gateway
AWS Storage Gateway - File Gateway
AWS Storage Gateway - Volume Gateway
AWS Database Migration Service (DMS)
AWS Storage Gateway - File Gateway
File Gateway supports NFS and SMB protocol and can integrate with an on-premises Active Directory.
An online media company has created an application which provides analytical data to its clients. The application is hosted on EC2 instances in an Auto Scaling Group. You have been brought on as a consultant and add an Application Load Balancer to front the Auto Scaling Group and distribute the load between the instances. The VPC which houses this architecture is running IPv4 and IPv6. The last thing you need to do to complete the configuration is point the domain name to the Application Load Balancer. Using Route 53, which record type at the zone apex will you use to point the DNS name of the Application Load Balancer? CHOOSE 2
Alias with an A type record set.
Alias with an MX type record set.
Alias with an AAAA type record set.
Alias with a CNAME record set.
Alias with an A type record set.
Alias with a type “AAAA” record set and Alias with a type “A” record set are correct. To route domain traffic to an ELB load balancer, use Amazon Route 53 to create an alias record that points to your load balancer. An alias record is a Route 53 extension to DNS.
Selected
Alias with an AAAA type record set.
Alias with a type “AAAA” record set and Alias with a type “A” record set are correct. To route domain traffic to an ELB, use Amazon Route 53 to create an alias record that points to your load balancer.
Selected
You work for an automotive company that consists of a large EC2 instance and an RDS instance on the backend with Multi-AZ turned on. Unfortunately, your EC2 instance gets a virus and needs to be terminated. You were not conducting regular backups, so it will take a lot of work to bring this back online. Your boss has instructed you not to let this happen again. What architecture below would be the MOST resilient?
Three EC2 instances behind an Application Load Balancer and an Autoscaling Group in different Availability Zones.
Two EC2 instances behind an Application Load Balancer and an Autoscaling Group in different Availability Zones.
Two EC2 instances behind an Application Load Balancer and an Autoscaling Group in the same Availability Zone.
Three EC2 instances behind an Application Load Balancer and an Autoscaling Group in the same Availability Zone.
Three EC2 instances behind an Application Load Balancer and an Autoscaling Group in different Availability Zones.
Having three instances and using different Availability Zones is a the BEST example of being more resilient out of the options listed here.
Your organization is working on a blue/green deployment strategy for the most recent frontend application. They need to design a solution that allows them to control how much traffic is sent to the new version of the application and how much goes to the old one. If there’s a problem with the deployment, it needs to be able to switch back to the previous version at a moment’s notice. What service would you use to make sure these goals are met?
Using Systems Manager Automation documents, define the correct weight for each application endpoint.
Using Route 53, create a latency-based record set and allow it to control the traffic distribution.
Using Route 53, create a weighted record set to control the percentages of traffic to each endpoint.
Using EC2 instances, create 2 instances behind an ELB. Split the traffic evenly between the instances.
Using Route 53, create a weighted record set to control the percentages of traffic to each endpoint.
Weighted routing enables you to split traffic by percentage. If there’s an issue, you can quickly point the traffic back to the old version of the application.
https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resource-record-sets-values-weighted.html
You have a website running on an EC2 instance. The website is a static HTML site and does not require a database connection. The website goes viral and this takes the EC2 instance down. You need to ensure this does not happen again. What architecture below would give you the best resiliency?
Add another EC2 instance in the same availability zone and place the two EC2 instances behind an application load balancer.
Migrate the website to CloudFormation.
Increase the size of the EC2 instance so it can cope with the load.
Host the static website on S3.
Host the static website on S3.
This is the best answer in this scenario.
