EC2 Flashcards by Host Mom

___ is a web service that provides resizeable compute capacity in the cloud. It reduces the time required to obtain and boot new server instances to minutes, allowing you to quickly scale capacity, both up and down, as your computiing requirements change.

ec2

How well did you know this?

Not at all

Perfectly

____ allows you to pay a fixed rate by the hour ( oor by the secnod) with no committment

on demand

How well did you know this?

Not at all

Perfectly

provides you with a capacity reservationo, and offer a significant discount on the hourly charge for an instance. Contract Terms are 1 year or 3 yeaar terms.

reserved

How well did you know this?

Not at all

Perfectly

enables you to bid whatever price you want for instance capacity, providing for even greater savings if your apps have flexible start and end times.

spot

How well did you know this?

Not at all

Perfectly

physical ec2 servers dedicated for your use. they can help you reduce costs by allowing you to use your existing server-bound software licenses.

dedicated hosts

How well did you know this?

Not at all

Perfectly

users that want the low cost and flexibility of ec2 without any up fronot payment or long term contract will use_____

on demand

How well did you know this?

Not at all

Perfectly

apps with short term, spiky, or unpredictble workloads thata cannot be interrupted should use ___ ec2

on demand

How well did you know this?

Not at all

Perfectly

apps being developed or tested on ec2 for the first time should use _____ instances

on demand

How well did you know this?

Not at all

Perfectly

apps with steady state or predictable usage should use thiss type of instance:

reserved

How well did you know this?

Not at all

Perfectly

apps that require reserved capacity should use this type of instance

reserved

How well did you know this?

Not at all

Perfectly

users able to make upfront payments to reduce their total computing costs even further should use this type of instance

reserved

How well did you know this?

Not at all

Perfectly

These instnaces offer up to 75% off on demand instances. The more you pay uip front nd the longer the contract, the greater the discount.

standrd reserved instances

How well did you know this?

Not at all

Perfectly

These instances offer up to 54% off on demand capability to change the attributes of the RI as long as the exchaange results in the creation of Reserved Instances of equal or greater value

convertible reserved instances

How well did you know this?

Not at all

Perfectly

these instances are availble to launch within the time windows you reserve. This option allows you to match your capcaity reservtion to a predictable recurring schedule that only requires a fraction of a day, a week, or a month.

scheduled reserved instances

How well did you know this?

Not at all

Perfectly

apps that have flexible start and end times uses this type of instance

spot pricing

How well did you know this?

Not at all

Perfectly

apps that are only feasible at very low compute pricess use this type of intsanace

spot pricing

How well did you know this?

Not at all

Perfectly

uesrs with urgent computing needs for larage amounts of additional capacity

spot pricing

How well did you know this?

Not at all

Perfectly

this type of intsance is uesful for regulatory requirementss thaat maay not support multi-tenant virtualization.

dedicated hosts

How well did you know this?

Not at all

Perfectly

thiss type of intanace is great for licensing which does not support multi-tenacy or cloud deployments.

dedicated hosts

How well did you know this?

Not at all

Perfectly

this type of instance can be purchased on demand

dedicated hosts

How well did you know this?

Not at all

Perfectly

Termination protection is turned ___ by default.

off

How well did you know this?

Not at all

Perfectly

on an ebs backed instance, the default action is for the root ebs volume to be ____ when teh instance i terminated.

deleted

How well did you know this?

Not at all

Perfectly

EBS Root volumes of your default AMIs ___ be encrypted. You ___ also uses a third party tool (such as bit locker) to encrypt the root volume, or this can be done when creating AMIs in teh AWS console or using the API.

can

How well did you know this?

Not at all

Perfectly

All ___ traffic is blocked by default

inbound

How well did you know this?

Not at all

Perfectly

SG All ____ traffic is allowed

outbound

Changes to security groups take effect \_\_\_\_\_ eventually immediately within 1 minute

immediately

you an have ____ number of ec2 instances within a security group

any

you can have ____ security groups attached to ec2 instances.

multiple

security groups are \_\_\_\_

stateful

if you create a(n) ___ rule allowing traffic\_\_\_, that traffic is automatically allowed ___ again.

in, in ,out

You cannot block specific IP addresses using security group, instead use ___ \_\_\_ ___ \_\_\_

network access control lists

in SG you can specifically ___ rules, but not ___ rules

allow, deny

\_\_\_ ___ \_\_\_ provides persistent block storage volumes for use with ec2 instanaces in aws cloud. each\_\_\_ volume is automatically replicated within its AZ to protect you from component failure, offering HA and durability.

elastic block store

name the 5 types of ebs storage

general purpoes (SSD) provisioned IOPS (SSD) throughput optimised hard disk drive cold hard disk drive magnetic

this type of ebs volume balances price and performance for a wide variety of transactional workloads

general purpose ssd

this type of ebs volume is the highest performance SSD volume designed for mission criticaal apps

provisionoed iops ssd

this type of ebs volume is low cost hdd volume designed for frequently aaccessed, throughput intensive workloads

throughput optimized hdd

this type of ebs volume is designed for less frequently accessed workloads

cold hdd

thiss type of ebs volume is a previous generation hdd

magnetic

this ebs use case = most work loads

general purpose ssd

this ebs use case = databases

provisioned iops ssd

this ebs use case = big data and data warehouses

throughput optimized hdd

this ebs use case = file servers

cold hdd

this ebs use case = workloads where data is infrequently accessed

ebs maagnetic

ebs api name for generaal purpose ssd

gp2

ebs api name for provisioned iops ssd

io1

ebs api name for throughput optimized hdd

st1

ebs api name for cold hdd

sc1

ebs api name for ebs maagnetic

standard

general purpose ssd max iops / volume

16,000

provisionied iops ssd max iops / volume

64,000

throughput optimized ssd max iops / volume

500

cold hdd max iops / volume

250

ebs mgnetic max iops / volume

40-200

general purpose ssd volume size

1GiB - 16 TiB

provisioned iops ssd volume size

4GiB-16 TiB

throughput optimized hdd volume size

500GiB - 16TiB

Cold HDD volume size

500GiB- 16 TiB

EBS Magnetic volume size

1 GiB- 1 TiB

volumes exist on \_\_\_. THink of ___ as a virtual hard disk.

EBS

\_\_\_\_\_ exist on S3. Think of ___ as a photograph of the disk.

snapshots

\_\_\_ are a point in time ocpies of volumes

snapshots

Snapshots are ____ - this means that only the blocks that have changed since your last snapshot are moved to S3.

incremental

if this is your first snapshot, it may take some time to create T or F

To create a snapshot for EBS volumes that serve as root devices, you should ___ the isntances before taking the snapshot

stop

you cannot take a snap while the instance is running T or F

F You can!

You cannot create AMIs from snapshots

False you can!

you cannot change EBS volume sizes on the fly, including changing the size and storage type.

False, you can!

volumes will never be in the same AZ as the EC2 instance T or F

false, they will always be in same AZ

To move an ec2 volume from one region to another, take a snapshot of it, create an AMI from the snapshot and then copy the ami from one region to the other. then use the copied AMI to launch the new EC2 instance in the new region. T or F

You can select AMIs based on : pick 5: region OS architecture (32 bit or 4 bit) launch permissions storage for the root device (instance store (ephemeral storage) (ebs backed volumes)) color

region OS architecture (32 bit or 4 bit) launch permissions storage for the root device (instance store (ephemeral storage) (ebs backed volumes))

All AMIs are categorized as either backed by EBS or backed by __ \_\_\_

instance store

For EBS volumes: the root device for an instance launched from the AMIs is an EBS volume created from an EBS snapshot T or F

True

FOr Instance store volumes: the root device for an instance launched from the ami is an instance store volume created from a template stored in s3. t or f

instance store volumes are sometimes called ____ \_\_\_\_

ephemeral storage

\_\_\_ \_\_\_volumes cannot be stopped. If the underling host fails, you WILL lose your data.

instance store

\_\_\_backed instances can be stopped. YOu will NOT lose the data on this instance if it is stopped.

EBS

YOu can reboot both EBS and instance store volumes and not lose data. T or F

by default, both ___ volumes will be deleted on termination. However, with EBS volumes, you can tell AWS to keep the ___ device

root root

ENi =

elastic network interface

what is an elastic network interface

essentially a virtual network card

EN =

enhanced networking

\_\_\_ ____ uses single root IO virtualization (SR-IOV) to provide high performance networking capabilities on supported instance types.

enhanced networking

\_\_\_ ___ \_\_\_ a network device that you can attach to your EC2 instance to accelerate HIGH Performance COmputing and machine learning applications.

elastic fabric adapter

These are the specs of what? a primary private IPv4 address from the IPV4 address range of your VPC one or more secondary private IPv4 addresses from teh IPv4 address range of our VPC One elastic ip address (ipv4) per private ipv4 address one public ipv4 address one or more ipv6 addresses one or more security groups a MAC address a source/destination check falg a description

ENI

scenarios for network interfaces: create a management network use network and security appliances in your VPC create dual-homed instances with workloads/roles on distinct subnets create a low budget, high-availbility solution. T or F

\_\_\_ ____ uses single root IO virtualization (SR-IOV) to provide high performance networking capabilities on supported instance typoes. SR-IOV is a method of device virtualization that provides higher IO performance and lower CPU utilization when compared to traditional virtualized network interfaces.

enhanced networking

\_\_\_ ____ provides higher bandwidth, high packer per second(PPS) performance, and consistently lower inter-instance latencies. There is no additional charge for using ___ \_\_\_

enhanced networking

use __ \_\_\_ where you want good network performance

enhanced networking

\_\_\_ ___ \_\_\_ supports network speeds of up to 100 GBPs for supported instance types.

elastic network adapter

INtel 82599 ___ \_\_\_ interface, which supports network speeds of up to 10GBps for supported insance types. THis is typically used on older instances.

virtual function (VF)

in scenario questions choose ena over VF if given the option

seriously. choose ENA

a __ \_\_\_ ___ is a network device that you can attach to your EC2 instance to accelerate HIGH performance computing (HPC) and machine learning

elastic fabric adapter

EFA provides ___ and more consistent latency and ___ throughput than the TCP transport traditionally used in cloud based HPC systems

lower, higher

\_\_\_\_\_\_\_ enabled HPC and machine learning apps to bypass the OS kernel and to communicate directly with the EFA device. It makes it a lot faster with a lot lower latency. Not supported with WIndows currently, only Linux

OS-bypass

Match each: ENI, Enahanced Network, Elastic Fabric Adaptor for when you need to accelerate High performance computing and machine learning apps or if you need to do an OS by pass. if you see a scenario questiuon mentioning HPC or ML and asking what network adapter you want, choose this. \_\_\_\_\_\_ For basic networking. perhaps you need a separate management network to your production network or a separate logging network and you need to do this at a low cost. in this scnario use multiple ___ for each network. \_\_\_\_\_\_ For when you need speeds between 10GBps and 100GBps. anywhere you need reliable high throughput

Elastic Fabric Adapter for when you need to accelerate High performance computing and machine learning apps or if you need to do an OS by pass. if you see a scenario questiuon mentioning HPC or ML and asking what network adapter you want, choose this. ENI: **For basic networking. perhaps you need a separate management network to your production network or a separate logging network and you need to do this at a low cost. in this scnario use multiple ___ for each network.** Enhanced Network: For when you need speeds between 10GBps and 100GBps. anywhere you need reliable high throughput

T or F snapshots of encypted volumes are encrypted automatically

volumes restored from encrypted snapshots are NOT encrypted automatically T or F

False they are encrypted automatically

you can share snapshots, but only if they are unencyrpted t or f

these snapshots cna be shared with other AWS accounts or even made public T or F

you cna now encrypt root device volumes uppon creation of the ec2 instance

old encryption method of unencrypted root volume: create snapshot of root device volume create a copy of snapshot and select the encrypt option create an AMI from teh encrypted snapshot use that AMI to launch new encrypted instances

Yes

\_\_\_ ____ let you take advantage of unused EC2 cap[acity in the aws cloud. ____ \_\_\_ are avialble at up to a 90% discount compared to on-demand prices. YOu can use ___ \_\_\_ for various stateless, fault-tolerant, or flexible apps, such as big data, containerized workloads, CI/CD, web servers, high performance computing (HPC) and other test and dev workloads.

spot instances

The ___ spot price varies depending on region and capacity

hourly

if the spot price goes above your max, you have ___ minutes to choose whether to stop or terminate your instance.

To use spot instances, you must first decide on your max spot price. THe instance will be provisioned so long as the spot price is ___ your max spot price

below

Use a ___ \_\_\_ to stop your spot instances form being temrinated even if the spot price goes over your max spot price. You can set ___ \_\_\_\_ for between ___ \_\_\_ hours.

spot blocks spot blocks one to six

\_\_\_\_ ___ are useful for the following tasks: big data an analytics containerized workloads CI/CD and testing web servers image and media rendering high performance computing

spot instances

\_\_\_instances are not good for: persistent workloads critical jobs databases

spot

a ___ \_\_\_ is a collection of spot instances and optionally on demand instances

spot fleet

the spot fleet attempts to launch the number of spot instances and on demand instances to meet the target capacity you specified in the spot fleet request. the request for spot instances is fulfilled if there is available capacity and the max price you specified in the request ___ the current spot price. The spot fleet also attempts to maintain its target capacity fleet if your spot instances are interrupted.

exceeds

T or F spot fleets will trya nd match the target capacity with your price restraints

True

launch pools: setup different launch \_\_\_\_. define things like EC2 instance type, operating system, and AZ you can have ____ pools, and the fleet will choose the best way to implement depending on the strategy you define spot fleets will ___ launching instances once you reach your price threshold or capacity desire

pools multiple stop

lowestprice; InstancePoolsToUseCount; diversified; capacityOptimized match with descriptions: the spot instances come from the pool with optimal capacity for the number of instances launching \_\_\_ the spot instances are distributed across the pools \_\_\_ the spot instances come from the pool with lowest price. default \_\_\_ the spot instances are distributed across the number of spot instance pools you specify. this parameter is valid only when used in combination with lowest price.

capacityOptimized - the spot instances come from the pool with optimal capacity for the number of instances launching \_\_\_ diversified - spot instances are distributed across the pools \_\_\_ lowestprice - spot instances come from the pool with lowest price. default \_\_\_ InstancePoolsToUseCount - spot instances are distributed across the number of spot instance pools you specify. this parameter is valid only when used in combination with lowest price.

spot instances can save up to \_\_\_% of the cost of on demand instances.

spot instances are useful for anytype of computing where you don't need ___ storage

persistent

you can block spot instances from terminating by using ___ \_\_\_\_

spot block

a __ \_\_\_ is a collection of spot instances, and optionallyu on demand instances.

spot fleet

\_\_\_ saves the contents from the instance memory (RAM) to your ENS root volume. We persist the isntance's EBS root volume and anyattache EBS data volumes.

Hibernation

When you start your instance out of hibernation: teh EBS root volume root volume is restored to its previous state the ram contents are reloaded the processes that were previously running the instance are resumed. previously attached data volumes are reattached and the instance retains its instance ID

yes

ec2 hibernate is good for: long running processes services that take time to initialize

yes

to use hibernation the root volume must be encyrpted t or f

ec2 hibernate facts: preserves the in memory ram on persistent storage much faster to boot up because you dont need to reload the OS instance RAM must be less than 150GB instance families include c3, c4, c5, m3, m4, m5, r3, r4, and r5 available for windows, aws linux 2, ubuntu instances can't be hibernated for more than 60 days

yes

- EFS supports the network file system verison 4 (NFSv4) protocol - you only pay for the storage you use (no pre-provisioning required) - can scale up to the PB - can support thousands of concurrent NFS connections - data is stored across multiple AZs within a region - read after write consistency

yes

instance metadata is used to get information about an instance. what can you get?

IP address

what does this command do? curl http://169.254.169.254/latest/meta-data

lists instance meta data

what does this command do? curl http://169.254.169.254/latest/user-data

gets instance user data

This service is a managed windows server that runs SMB based file services it is designed for windows and windows apps it supports AD users, access control lists, groups and security policies, along with distributed file system (DFS) namespaces and replication.

Windows FSx

FSx for ___ is a fully managed file system that is optimized for compute intensive workloads, sich as high perofrmance computing, machine learning, media data processing workflows, and electronic design automation (EDA)

Lustre

with FSx, you can launch and run a ____ fiule system that can process massive data sets at up to hundreds of GB per second of throughput, millions of IOPS, and sub-millisecond latencies.

lustre

FSx for Lustre can store data directly on S3

a cluster ___ \_\_\_\_ is a grouping of instances within a single AZ. ___ \_\_\_\_ are recommended for apps that need low network latency, high network throughput, or both. only certain isntances can be launched into a clustered __ \_\_\_

placement group

a ___ placement group is a gorup of instances that are each placed on distinct underlying hardware.

spread

\_\_\_\_ placement groups are recommended for apps that have a small number of critical instances that shouldbe kept seprate from each other.

spread

when using ____ placement groups, ec2 divides each group into logical segments. this uses multiple instances and isolates from hardware failure.

partition

Match the placement group: clustered, spread, partitioned multiple ec2 instances HDFS, HBase, and Cassandra Low Network Latency/ HIgh Network Throughput Individual Critical EC2 intances

partitioned - multiple ec2 instances HDFS, HBase, and Cassandra clustered - Low Network Latency/ HIgh Network Throughput spread - Individual Critical EC2 intances

a ___ placement group cannot span multiple Azs

clustered

\_\_\_ and ___ placement groups can span multiple AZs

spread and partitioned

The name you specify for a placement group must be ____ within your AWS account.

unique

only certain types of instances can be launched in a placement group (compute optimized, GPU, memory optimized, storage optimized)

yes

aws recommends _____ instances within clustered placement groups

homogenous

you can merge placement groups T or F

False, you cannot merge them

you can move an existing instance into a placement group. before you move the instance, the instance must be in the stopped state. you cna move or remove an instance using the cli or sdk, you can't do it via the console yet. t or f

true

\_\_\_ ___ \_\_\_ is a network device you can attach to hyour ec2 instance to accelerate HPC and machine learning apps.

elastic fabric adapter

aws ____ enables developers, scientists, and engineers to easily and efficiently run hundreds of thousands of batch computing jobs on aws.

batch

aws batch supports multi node ____ jobs, which allows you to run a single job that spans multiple ec2 instances

parallel

\_\_\_\_ is an open source cluster mgmt tool that makes it easy for you to deploy and manage HPC clusters on aws.

parallel cluster

\_\_\_\_ ____ uses a simple text file to model and provision all the resources needed for your HPC apps in an automated and secure manner.

parallel cluster

waf =

web application firewall

\_\_\_ lets you monitor the http and https requests that are forwarded to cloudfront, and app load balancer or API gateway. it also lets you control access to your content.

WAF

waf lives in what layer of OSI?

WAF allows 3 types of behavior 1. allow all requests except the ones you specify 2. block all requests except the ones you specify 3. count the requests that match the properties you specify

yes

WAF characteristics you can use to block traffic: ip addy country values in headers strings in requests length of requests presence of SQL code that is malicious presence of a script that is likely to be malicious

yes

Network ACLs block malicious IPs

yes

What are the 2 underlying Hypervisors for EC2?

Xen and Nitro

You cana only run a max of ___ instances per AZ in a spread placement group

Which AWS CLI command should I use to create a snapshot of an EBS volume?

aws ec2 create-snapshot