EC2 Flashcards
EC2 instance
- virtual server
- AMI(OS) + instance size (CPU + RAM) + storage + security group + EC2 user Dat
- Used t2.micro for free tier up to 750 or month
- Instance, can be stopped, and and terminated
- Instance run = to pay not run = to no pay
The main capability of ec2:
→ renting virtual machines (EC2)
→ store data on virtual drive (EBS
→ distributing load lacrosse machines (ELB)
→ to scale service use auto scaling group (ASG)
EC2 sharing & configuration option
- Operating system to choose your virtual machine to run ( Macos, linux, windows
EC2 user data
- Possible to bootstrap instance using EC2 user data script
- script launched at the first start of an instance
- Bootstrapping: is launching command when machine starts
Script only run once, as instance first start
EC2 instance types
Different type of instance that are used for different use case
General purpose
- For workload for Web server and code repositories
- Balance between: compute, memory, networking.
- T2.micro is a general purpose EC2 instance
Compute Optimized
- Used for intensive task, high performance processors:
- Batch processing workloads
- Media transcode
- High performance web server
- High performance computing
- Scientific model & ML
- Gaming Servers
- Are C name c5, c4, etc
A company would like to deploy a high-performance computing (HPC) application on EC2. Which EC2 instance type should it choose?
Memory optimized
- fast performance for workloads for processing large data set in memory
Use case:
- High performance relational/non-relational database
- Distributed web scale caches stores
- In-memory database optimized for BI business intelligence
- Application that perform real time processing of big unstructured data
Are the R5, R5a, R4, etc
storage optimized
- Used for storing intensive task for high, sequential read and write access to large data set on local storage
Use Case:
- High frequency online transaction processing (OLTP) systems
- Relational and Nosql database
- Caches for in-memory database (ex: redis)
- Data warehousing application
- Distributed files system
- Start with I, D
security group
- act like a Firewall on EC2 instance
- Fundamental of network security
- Control how traffic is allowed into or out of your EC2 instance
- Only contain allow rules
- Which network security tool can you use to control traffic in and out of EC2 Instances?
They regulate:
- Access to ports
- Authorized IP range - IPV4 and IPV6
- Control of inbound network from other to the instance
- Control of outbound network from the instance to other
SSH
Start a terminal into our EC2 instance (port 22)
EC2 instance Role
Link to IAM roles
Purchasing Options:
on-demand, spot, Reserved (standard + convertible + schedule), Dedicated host, Dedicated instance
Spot Instances
Which EC2 Purchasing Option can provide the biggest discount, but is not suitable for critical jobs or databases?
shared responsibility Model
Aws:
- Infrastructure (global network security)
- Isolation on physical hosts
- Replacing faulty hardware if one of their server is failing
- Compliance validation
User :
- Security group role
- Operating system software and utilities patches and update (Under the Shared Responsibility Model, who is responsible for operating-system patches and updates on EC2 Instances?)
- Software and utilities installed on the Ec2 instance
- IAM roles assigned to Ec2 and IAM user access management
- Data security on your instance