EC2 Flashcards
EC2 stands for
Elastic Compute Cloud
EC2
quickly scale capacity up or down as your computing requirements change through. EC2’s are essentially virtual machines
4 EC2 pricing models
- On demand 2. Reserved 3. Spot 4. Dedicated hosts
EC2 Spot pricing
like the stock market for Amazon extra capacity
EC2 Dedicated Host
physical EC2 server dedicated to your use
IOPS acronym
Input Output per second
T or F: If you create an inbound rule for a port type and range, it is automatically allowed for outbound as well
T
With security groups everything is ___________ by default
blocked
T or F: You can multiple security groups attached to one EC2 instance
T
Elastic Block Store (EBS)
virtual hard disk in the cloud. Persistent block storage volumes for use with Amazon EC2 instances
5 types of EBS
- General Purpose 2. Provisioned IOPS (SSD) 3. Throughput Optimized Hard Disk Drive 4. Cold Hard Disk Drive 5. Magnetic
General Purpose EBS
for most workloads. max 16k IOPS
Provisioned IOPS EBS
for databases. Max IOPS 64k
Throughput Optimized Hard Disk Drive EBS
for big data and data warehouses. Max IOPS 500
Cold Hard Disk Drive EBS
for file servers. Max IOPS 250
Magnetic EBS
for infrequently accessed data. 40-200 IOPS
T or F: You can move EBS volumes to AZ’s other than the one your EC2 instance is in
T
Snapshots exist where?
S3
Snapshots
Point in time copies of volumes
Instance store (ephemeral storage)
root device for an instance launched from the AMI is an instance store volume created from a template stored in S3. Cannot be stopped.
Elastic Network Interface (ENI)
virtual network card for EC2. Gives basic networking. Gives you private and public IP addresses
Enhanced Networking
uses Single root I/O virtualization (SR-IOV) to provide HPC capabilities. Need speeds 10-100 GBps
Elastic Fabric Adapter (EFA)
network device you can attach to your EC2 to accelerate HPC and ML apps. Can use OS bypass if you’re running Linux
Root Device Volume
Hard disk that has your OS on it
Can you share snapshots?
Only if they are unencrypted
How do you encrypt a root device volume if you don’t do it at creation?
create snapshot of unencrypted volume, create copy of snapshot and select encrypt option, create ami from encrypted snapshot, and use that ami to launch new encrypted instances
Spot Instances
take advantage of unused EC2 capacity at 90% discount. Like spot pricing in the stock market. Use this with flexible apps, not critical apps.
Spot Fleet
Collection of spot and on demand instances. Attempts to launch number of instances to meet demand in your price restraints.
Spot Fleet strategies
- capacity optimized 2. diversified 3. lowest price 4. InstancePoolstoUseCount - spot instances distributed across number of spot instance pools you specify. Must use in combination with lowest price
Spot Block
block spot instances from terminating
Ec2 Hibernate
OS told to hibernate and saves contents from instance memory (RAM) to your EBS root volume. RAM contents reloaded when you restart.
T or F: root device volume must be encrypted to use hibernation
T
AWS CloudTrail
increase visibility into user and resource activity by recording AWS management console actions and API calls. Audit log to track who is making changes and updates
Boot Strap Scripts
automate processes upon creation of objects
Elastic File System (EFS)
file storage service for EC2 instances. Storage capacity scales up and down on demand.
FSx for Windows File Servver
native MS windows file system to easily move windows based apps that require file storage to AWS
FSx for Lustre
file system optimized for compute intensive workloads
3 types of EC2 placement groups
- Clustered Placement Groups 2. Spread Placement Groups 3. Partitioned
Clustered Placement Group
grouping of instances within single AZ. For apps that need low latency and high network throughput
Spread Placement Group
group of instances that are each place don distinct underlying hardware. For small number of critical instances that should be kept separate from each other for redundancy
Partitioned Placement Group
each partition in placement group has its own set of racks. Each rack has own network and power source. Isolates impact of hardware failure.
HPC stands for…
High Performance Compute
Enhanced networking
uses single root I/O virtualization (SR-IOV) to provide high performance networking capabilities on supported instance types.
Elastic Network Adapter (ENA)
type of enhanced networking. Supports network speeds up to 100GBps
OS Bypass
enables HPC and ML apps to bypass OS kernel and communicate directly with EFA device
AWS Batch
runs hundreds of thousands batch computing jobs. allows you to run single job that spans multiple EC2 instances
AWS Parallel Cluster
deploy and manage HPC clusters on AWS
WAF stands for…
Web Application Firewall
AWS WAF
web app firewall that lets you monitor HTTP and HTTPS requests that are fwded to Amazon CloudFront, an app load balancer, or API gateway
3 different behaviors AWS WAF allows
- allow all requests except ones you specify 2. block all requests except ones you specify 3. count requests that match properties you specify.
