EC2 Flashcards
What is a role?
An entity designed to be assumed. It provides temporary access using temp credentials
What do roles enable in an account?
They enable cross account access
Are roles regional?
No they are global
Why would you want to use roles in EC2?
Avoids hard coding credentials
Can you attach/detach roles on a running EC2 instance?
Yes you can
What are Security Groups?
Virtual Firewalls
By default what settings does a Security Group have?
Everything inbound by default is blocked. All outbound traffic is allowed
What are bootstrap scripts?
Scripts that run on instance first startup
What permissions do bootstrap scripts have?
Has root access
Why use bootstrap scripts?
Enables automation of installing applications in EC2
How many instances can be in a Security Group?
Unlimited
How many Security Groups can an instance attach?
5
What is EC2 metadata?
Data about ec2 instance such as ip addresses, hostname, SG’s
What is the url for EC2 metadata?
169.254.169.254/latest/meta-data
What is EC2 user-data?
The bootstrap scripts
Can you access metadata via userdata?
Yes
What are the 3 types of network adapters for ec2?
- ENI - elastic network interface
- EN - enhanced networking
- EFA - elastic fabric adapter
What are use cases for ENI?
everyday networking, dual homed instances, interact with VPC or different networks
What are use cases for EN?
High performance I/O, high bandwidth, lower latency, single root virtualization. 10-100Gbps
What are the 2 types of EN? Which should you always choose?
- ENA - elastic network adapter
- VFI - virtual function
always choose ENA
What are use cases for EFA?
HPC, machine learning, OS bypass
What are the 3 types of placement groups?
- Clustered
- Partitioned
- Spread
What is Clustered Placement group?
Instances are grouped together into the same AZ
Why use Clustered placement group?
Low latency, network throughput, HPC
What is Partitioned Placement group?
Multiple Instances are partitioned where partitions are on different racks/hardware
What is Spread Placement group?
Individual Instances are placed on their own distinct hardware
Why use a Spread Placement group?
Keep small # critical instances separate from another
Why use a Partitioned Placement group?
Isolate impact of power/network failures. For distributed systems like HDFS, Cassandra
What Placement group can span multiple Az’s and what can’t?
Clustered cannot span multiple AZ’s
Partitioned and Spread can span
Can you merge placement groups?
No you can’t merge
Can you remove/add existing instances into a placement group? The instance has to be in what state?
Yes, but the instance must be stopped
When should you use EC2 dedicated hosting?
When you need dedicated physical hardware due to compliance or licensing
When should you not use spot instances?
- Critical workloads
- Databases
- Persistent workloads
What are some use cases for spot instances?
- CI/CD
- containerized workloads
- high performance computing
- Big data analytics
How much can you save with spot instances?
up to 90% savings
How do spot instances work?
You set a max spot price, and spot instances will be provisioned if it is below this price
What is a Spot Block?
Stops spot instances from being terminated if the price goes above your max spot price. Can be set for 1-6 hours.
What is a spot request? What are the 2 types?
Defines the spot price max, # instances you want, launch template, valid time range, request type.
- Onetime spot request
- Persistent Spot request (keeps provisioning instances until request is met if open/price)
What do you need to do to terminate instances in a persistent spot request?
You need to cancel the spot request first to prevent it from reprovisioning instances, then terminate instances
